Prepared all containers for final rollout

This commit is contained in:
Luke Else 2023-08-08 20:23:18 +01:00
parent 7a553128b1
commit 381a1126e2
7 changed files with 47 additions and 69 deletions

View File

@ -21,10 +21,10 @@ services:
- USER_GID=1000 - USER_GID=1000
- USER=git - USER=git
- RUN_MODE=prod - RUN_MODE=prod
- DOMAIN=test.luke-else.co.uk - DOMAIN=git.luke-else.co.uk
- SSH_DOMAIN=test.luke-else.co.uk - SSH_DOMAIN=git.luke-else.co.uk
- HTTP_PORT=3000 - HTTP_PORT=3000
- ROOT_URL=https://test.luke-else.co.uk - ROOT_URL=https://git.luke-else.co.uk
- SSH_PORT=222 - SSH_PORT=222
- SSH_LISTEN_PORT=22 - SSH_LISTEN_PORT=22
- DB_TYPE=sqlite3 - DB_TYPE=sqlite3
@ -32,7 +32,7 @@ services:
## Expose Gitea Through Trefik ## ## Expose Gitea Through Trefik ##
- "traefik.enable=true" # <== Enable traefik to proxy this container - "traefik.enable=true" # <== Enable traefik to proxy this container
- "traefik.http.services.gitea.loadbalancer.server.port=3000" - "traefik.http.services.gitea.loadbalancer.server.port=3000"
- "traefik.http.routers.gitea.rule=Host(`test.luke-else.co.uk`) || Host(`www.test.luke-else.co.uk`)" - "traefik.http.routers.gitea.rule=Host(`git.luke-else.co.uk`) || Host(`www.git.luke-else.co.uk`)"
- "traefik.http.routers.gitea.entrypoints=websecure" - "traefik.http.routers.gitea.entrypoints=websecure"
- "traefik.http.routers.gitea.tls.certresolver=myresolver" - "traefik.http.routers.gitea.tls.certresolver=myresolver"
restart: unless-stopped restart: unless-stopped

View File

@ -1,51 +0,0 @@
version: '3.8'
services:
nextcloud:
image: nextcloud
container_name: nextcloud
links:
- db
volumes:
- ./nextcloud:/var/www/html
networks:
- proxy
- nextcloud
depends_on:
- db
- traefik
environment:
- MYSQL_USER=nextcloud
- MYSQL_PASSWORD=
- MYSQL_DATABASE=nextcloud
- MYSQL_HOST=db
labels:
## Expose Nextcloud Through Trefik ##
- "traefik.enable=true" # <== Enable traefik to proxy this container
- "traefik.http.services.nextcloud.loadbalancer.server.port=80"
- "traefik.http.routers.nextcloud.rule=Host(`nextcloud.luke-else.co.uk`) || Host(`www.nextcloud.luke-else.co.uk`)"
- "traefik.http.routers.nextcloud.entrypoints=websecure"
- "traefik.http.routers.nextcloud.tls.certresolver=myresolver"
restart: unless-stopped
db:
image: mariadb
container_name: nextclouddb
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
volumes:
- ./db:/var/lib/mysql
networks:
- nextcloud
environment:
- MYSQL_ROOT_PASSWORD=
- MYSQL_USER=nextcloud
- MYSQL_PASSWORD=
- MYSQL_DATABASE=nextcloud
restart: unless-stopped
networks:
proxy:
external: true
nextcloud:
name: nextcloud

View File

@ -5,7 +5,6 @@ services:
container_name: "traefik" container_name: "traefik"
command: command:
- "--api.dashboard=true" - "--api.dashboard=true"
- "--log.level=DEBUG"
- "--providers.docker=true" - "--providers.docker=true"
- "--providers.docker.exposedbydefault=false" - "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80" - "--entrypoints.web.address=:80"
@ -23,8 +22,7 @@ services:
- proxy - proxy
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.log" - "traefik.http.routers.traefik.rule=Host(`traefik.luke-else.co.uk`) || Host('www.traefik.luke-else.co.uk')"
- "traefik.http.routers.traefik.rule=Host(`traefik.luke-else.co.uk`)"
- "traefik.http.routers.traefik.entrypoints=websecure" - "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.service=api@internal" - "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.tls.certresolver=myresolver" - "traefik.http.routers.traefik.tls.certresolver=myresolver"

View File

@ -4,10 +4,14 @@ services:
#Websites luke-else.co.uk (8000) snexo.co.uk (8001) #Websites luke-else.co.uk (8000) snexo.co.uk (8001)
luke-else.co.uk: luke-else.co.uk:
image: "php:apache" image: "nginx:latest"
container_name: luke-else.co.uk container_name: luke-else.co.uk
volumes: volumes:
- ./luke-else.co.uk/:/var/www/html - ./luke-else.co.uk/:/usr/share/nginx/html
networks:
- proxy
depends_on:
- traefik
labels: labels:
## Expose luke-else Through Trefik ## ## Expose luke-else Through Trefik ##
- "traefik.enable=true" # <== Enable traefik to proxy this container - "traefik.enable=true" # <== Enable traefik to proxy this container
@ -22,6 +26,10 @@ services:
container_name: snexo.co.uk container_name: snexo.co.uk
volumes: volumes:
- ./snexo.co.uk/:/var/www/html - ./snexo.co.uk/:/var/www/html
networks:
- proxy
depends_on:
- traefik
labels: labels:
## Expose Snexo Through Trefik ## ## Expose Snexo Through Trefik ##
- "traefik.enable=true" # <== Enable traefik to proxy this container - "traefik.enable=true" # <== Enable traefik to proxy this container
@ -32,5 +40,5 @@ services:
restart: unless-stopped restart: unless-stopped
networks: networks:
frontend: proxy:
external: true external: true

View File

@ -2,10 +2,6 @@
cd ./Websites/ cd ./Websites/
docker-compose down docker-compose down
cd ..
cd ./NextCloud/
docker-compose down
cd .. cd ..
cd ./Development/Gitea/ cd ./Development/Gitea/

View File

@ -6,10 +6,6 @@ cd ..
cd ./Websites/ cd ./Websites/
docker-compose up -d docker-compose up -d
cd ..
cd ./NextCloud/
docker-compose up -d
cd .. cd ..
cd ./Development/Gitea/ cd ./Development/Gitea/

31
todo.md Normal file
View File

@ -0,0 +1,31 @@
# ToDo Items
## General
- UFW should be setup to keep VPS secure and only allow for:
- https
- http
- ssh
- ftp
- 27017
- 3306
## Traefik
- Setup htaccess -> ``` echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g ```
- Ensure email address is correct
## Gitea
- Ensure that ports are assigned correctly for the system
## Websites
- Ensure website files are copied over
- Ensure that ports are assigned correctly for the system
## Bitwarden
- Ensure that all data is fully encrypted during transfer.
- Ensure that ports are assigned correctly for the system
## Database
- Ensure that mysql root password, user and default database are updated.
- Ensure that mongo root password, and user are updated.
- Ensure database ports are correctly assigned and do not have to pass through traefik.