Prepared all containers for final rollout
This commit is contained in:
parent
7a553128b1
commit
381a1126e2
@ -21,10 +21,10 @@ services:
|
|||||||
- USER_GID=1000
|
- USER_GID=1000
|
||||||
- USER=git
|
- USER=git
|
||||||
- RUN_MODE=prod
|
- RUN_MODE=prod
|
||||||
- DOMAIN=test.luke-else.co.uk
|
- DOMAIN=git.luke-else.co.uk
|
||||||
- SSH_DOMAIN=test.luke-else.co.uk
|
- SSH_DOMAIN=git.luke-else.co.uk
|
||||||
- HTTP_PORT=3000
|
- HTTP_PORT=3000
|
||||||
- ROOT_URL=https://test.luke-else.co.uk
|
- ROOT_URL=https://git.luke-else.co.uk
|
||||||
- SSH_PORT=222
|
- SSH_PORT=222
|
||||||
- SSH_LISTEN_PORT=22
|
- SSH_LISTEN_PORT=22
|
||||||
- DB_TYPE=sqlite3
|
- DB_TYPE=sqlite3
|
||||||
@ -32,7 +32,7 @@ services:
|
|||||||
## Expose Gitea Through Trefik ##
|
## Expose Gitea Through Trefik ##
|
||||||
- "traefik.enable=true" # <== Enable traefik to proxy this container
|
- "traefik.enable=true" # <== Enable traefik to proxy this container
|
||||||
- "traefik.http.services.gitea.loadbalancer.server.port=3000"
|
- "traefik.http.services.gitea.loadbalancer.server.port=3000"
|
||||||
- "traefik.http.routers.gitea.rule=Host(`test.luke-else.co.uk`) || Host(`www.test.luke-else.co.uk`)"
|
- "traefik.http.routers.gitea.rule=Host(`git.luke-else.co.uk`) || Host(`www.git.luke-else.co.uk`)"
|
||||||
- "traefik.http.routers.gitea.entrypoints=websecure"
|
- "traefik.http.routers.gitea.entrypoints=websecure"
|
||||||
- "traefik.http.routers.gitea.tls.certresolver=myresolver"
|
- "traefik.http.routers.gitea.tls.certresolver=myresolver"
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
@ -1,51 +0,0 @@
|
|||||||
version: '3.8'
|
|
||||||
|
|
||||||
services:
|
|
||||||
|
|
||||||
nextcloud:
|
|
||||||
image: nextcloud
|
|
||||||
container_name: nextcloud
|
|
||||||
links:
|
|
||||||
- db
|
|
||||||
volumes:
|
|
||||||
- ./nextcloud:/var/www/html
|
|
||||||
networks:
|
|
||||||
- proxy
|
|
||||||
- nextcloud
|
|
||||||
depends_on:
|
|
||||||
- db
|
|
||||||
- traefik
|
|
||||||
environment:
|
|
||||||
- MYSQL_USER=nextcloud
|
|
||||||
- MYSQL_PASSWORD=
|
|
||||||
- MYSQL_DATABASE=nextcloud
|
|
||||||
- MYSQL_HOST=db
|
|
||||||
labels:
|
|
||||||
## Expose Nextcloud Through Trefik ##
|
|
||||||
- "traefik.enable=true" # <== Enable traefik to proxy this container
|
|
||||||
- "traefik.http.services.nextcloud.loadbalancer.server.port=80"
|
|
||||||
- "traefik.http.routers.nextcloud.rule=Host(`nextcloud.luke-else.co.uk`) || Host(`www.nextcloud.luke-else.co.uk`)"
|
|
||||||
- "traefik.http.routers.nextcloud.entrypoints=websecure"
|
|
||||||
- "traefik.http.routers.nextcloud.tls.certresolver=myresolver"
|
|
||||||
restart: unless-stopped
|
|
||||||
|
|
||||||
db:
|
|
||||||
image: mariadb
|
|
||||||
container_name: nextclouddb
|
|
||||||
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
|
|
||||||
volumes:
|
|
||||||
- ./db:/var/lib/mysql
|
|
||||||
networks:
|
|
||||||
- nextcloud
|
|
||||||
environment:
|
|
||||||
- MYSQL_ROOT_PASSWORD=
|
|
||||||
- MYSQL_USER=nextcloud
|
|
||||||
- MYSQL_PASSWORD=
|
|
||||||
- MYSQL_DATABASE=nextcloud
|
|
||||||
restart: unless-stopped
|
|
||||||
|
|
||||||
networks:
|
|
||||||
proxy:
|
|
||||||
external: true
|
|
||||||
nextcloud:
|
|
||||||
name: nextcloud
|
|
@ -5,7 +5,6 @@ services:
|
|||||||
container_name: "traefik"
|
container_name: "traefik"
|
||||||
command:
|
command:
|
||||||
- "--api.dashboard=true"
|
- "--api.dashboard=true"
|
||||||
- "--log.level=DEBUG"
|
|
||||||
- "--providers.docker=true"
|
- "--providers.docker=true"
|
||||||
- "--providers.docker.exposedbydefault=false"
|
- "--providers.docker.exposedbydefault=false"
|
||||||
- "--entrypoints.web.address=:80"
|
- "--entrypoints.web.address=:80"
|
||||||
@ -23,8 +22,7 @@ services:
|
|||||||
- proxy
|
- proxy
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.log"
|
- "traefik.http.routers.traefik.rule=Host(`traefik.luke-else.co.uk`) || Host('www.traefik.luke-else.co.uk')"
|
||||||
- "traefik.http.routers.traefik.rule=Host(`traefik.luke-else.co.uk`)"
|
|
||||||
- "traefik.http.routers.traefik.entrypoints=websecure"
|
- "traefik.http.routers.traefik.entrypoints=websecure"
|
||||||
- "traefik.http.routers.traefik.service=api@internal"
|
- "traefik.http.routers.traefik.service=api@internal"
|
||||||
- "traefik.http.routers.traefik.tls.certresolver=myresolver"
|
- "traefik.http.routers.traefik.tls.certresolver=myresolver"
|
||||||
|
@ -4,10 +4,14 @@ services:
|
|||||||
|
|
||||||
#Websites luke-else.co.uk (8000) snexo.co.uk (8001)
|
#Websites luke-else.co.uk (8000) snexo.co.uk (8001)
|
||||||
luke-else.co.uk:
|
luke-else.co.uk:
|
||||||
image: "php:apache"
|
image: "nginx:latest"
|
||||||
container_name: luke-else.co.uk
|
container_name: luke-else.co.uk
|
||||||
volumes:
|
volumes:
|
||||||
- ./luke-else.co.uk/:/var/www/html
|
- ./luke-else.co.uk/:/usr/share/nginx/html
|
||||||
|
networks:
|
||||||
|
- proxy
|
||||||
|
depends_on:
|
||||||
|
- traefik
|
||||||
labels:
|
labels:
|
||||||
## Expose luke-else Through Trefik ##
|
## Expose luke-else Through Trefik ##
|
||||||
- "traefik.enable=true" # <== Enable traefik to proxy this container
|
- "traefik.enable=true" # <== Enable traefik to proxy this container
|
||||||
@ -22,6 +26,10 @@ services:
|
|||||||
container_name: snexo.co.uk
|
container_name: snexo.co.uk
|
||||||
volumes:
|
volumes:
|
||||||
- ./snexo.co.uk/:/var/www/html
|
- ./snexo.co.uk/:/var/www/html
|
||||||
|
networks:
|
||||||
|
- proxy
|
||||||
|
depends_on:
|
||||||
|
- traefik
|
||||||
labels:
|
labels:
|
||||||
## Expose Snexo Through Trefik ##
|
## Expose Snexo Through Trefik ##
|
||||||
- "traefik.enable=true" # <== Enable traefik to proxy this container
|
- "traefik.enable=true" # <== Enable traefik to proxy this container
|
||||||
@ -32,5 +40,5 @@ services:
|
|||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
frontend:
|
proxy:
|
||||||
external: true
|
external: true
|
@ -2,10 +2,6 @@
|
|||||||
|
|
||||||
cd ./Websites/
|
cd ./Websites/
|
||||||
docker-compose down
|
docker-compose down
|
||||||
cd ..
|
|
||||||
|
|
||||||
cd ./NextCloud/
|
|
||||||
docker-compose down
|
|
||||||
cd ..
|
cd ..
|
||||||
|
|
||||||
cd ./Development/Gitea/
|
cd ./Development/Gitea/
|
||||||
|
@ -6,10 +6,6 @@ cd ..
|
|||||||
|
|
||||||
cd ./Websites/
|
cd ./Websites/
|
||||||
docker-compose up -d
|
docker-compose up -d
|
||||||
cd ..
|
|
||||||
|
|
||||||
cd ./NextCloud/
|
|
||||||
docker-compose up -d
|
|
||||||
cd ..
|
cd ..
|
||||||
|
|
||||||
cd ./Development/Gitea/
|
cd ./Development/Gitea/
|
||||||
|
31
todo.md
Normal file
31
todo.md
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
# ToDo Items
|
||||||
|
|
||||||
|
## General
|
||||||
|
- UFW should be setup to keep VPS secure and only allow for:
|
||||||
|
- https
|
||||||
|
- http
|
||||||
|
- ssh
|
||||||
|
- ftp
|
||||||
|
- 27017
|
||||||
|
- 3306
|
||||||
|
|
||||||
|
|
||||||
|
## Traefik
|
||||||
|
- Setup htaccess -> ``` echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g ```
|
||||||
|
- Ensure email address is correct
|
||||||
|
|
||||||
|
## Gitea
|
||||||
|
- Ensure that ports are assigned correctly for the system
|
||||||
|
|
||||||
|
## Websites
|
||||||
|
- Ensure website files are copied over
|
||||||
|
- Ensure that ports are assigned correctly for the system
|
||||||
|
|
||||||
|
## Bitwarden
|
||||||
|
- Ensure that all data is fully encrypted during transfer.
|
||||||
|
- Ensure that ports are assigned correctly for the system
|
||||||
|
|
||||||
|
## Database
|
||||||
|
- Ensure that mysql root password, user and default database are updated.
|
||||||
|
- Ensure that mongo root password, and user are updated.
|
||||||
|
- Ensure database ports are correctly assigned and do not have to pass through traefik.
|
Loading…
Reference in New Issue
Block a user