From f8134ea194f7dea0df437170ebe04efe566bbe72 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Fri, 21 Oct 2022 16:00:38 +0100 Subject: [PATCH 01/42] Temporary Traefik config - still has some leftover items from copied config. Additional changes requierd --- Traefik/docker-compose.yml | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 Traefik/docker-compose.yml diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml new file mode 100644 index 0000000..8fb5062 --- /dev/null +++ b/Traefik/docker-compose.yml @@ -0,0 +1,36 @@ +version: '3.8' + +services: + + #traefik (80, 443, 8080) + traefik: + image: 'traefik:latest' + container_name: traefik + ports: + # These ports are in format : + - '80:80' # Public HTTP Port + - '443:443' # Public HTTPS Port + - '8080:8080' # Dashboard Port + volumes: + - ./nginx/data:/data + - ./nginx/letsencrypt:/etc/letsencrypt + restart: unless-stopped + + networks: + - websites + - gitea + - databases + - bitwarden + - nextcloud + +networks: + websites: + name: websites_default + gitea: + name: gitea_default + databases: + name: database_default + bitwarden: + name: bitwarden_default + nextcloud: + name: nextcloud_default \ No newline at end of file From 94e6a63ea318ede4628051500337846720f739dd Mon Sep 17 00:00:00 2001 From: Luke Else Date: Fri, 28 Oct 2022 17:56:26 +0100 Subject: [PATCH 02/42] Moved gitea service into development folder - Jira addition to follow. Day1 - currently sat in traffic on the M20, only starting to starve slightly --- Development/Gitea/docker-compose.yml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 Development/Gitea/docker-compose.yml diff --git a/Development/Gitea/docker-compose.yml b/Development/Gitea/docker-compose.yml new file mode 100644 index 0000000..61681d9 --- /dev/null +++ b/Development/Gitea/docker-compose.yml @@ -0,0 +1,28 @@ +version: '3.8' + +services: + +#gitea (222) + gitea: + image: gitea/gitea:latest + container_name: gitea + environment: + - APP_NAME="gitea" + - USER_UID=1000 + - USER_GID=1000 + - USER=git + - RUN_MODE=prod + - DOMAIN=git.luke-else.co.uk + - SSH_DOMAIN=git.luke-else.co.uk + - HTTP_PORT=3000 + - ROOT_URL=https://git.luke-else.co.uk + - SSH_PORT=222 + - SSH_LISTEN_PORT=22 + - DB_TYPE=sqlite3 + ports: + - "222:22" + volumes: + - ./gitea:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + restart: unless-stopped \ No newline at end of file From a257b894e0577d3ac608b5ebdd9245c987359d40 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Fri, 28 Oct 2022 17:57:28 +0100 Subject: [PATCH 03/42] Created Jira + database container - Jira contains development netowkr yet to be implemented --- Development/Jira/docker-compose.yml | 50 +++++++++++++++++++++++++++++ Gitea/docker-compose.yml | 28 ---------------- 2 files changed, 50 insertions(+), 28 deletions(-) create mode 100644 Development/Jira/docker-compose.yml delete mode 100644 Gitea/docker-compose.yml diff --git a/Development/Jira/docker-compose.yml b/Development/Jira/docker-compose.yml new file mode 100644 index 0000000..8acaec4 --- /dev/null +++ b/Development/Jira/docker-compose.yml @@ -0,0 +1,50 @@ +version: '3.8' + +services: + +#Jira + Jira: + depends_on: + - 'postgresql' + image: atlassian/jira-software:latest + container_name: Jira + environment: + VIRTUAL_HOST: localhost + CATALINA_OPTS: '-Xms1024m -Xmx2048m -XX:+UseG1GC -Datlassian.plugins.enable.wait=300' + X_PROXY_NAME: jira.luke-else.co.uk + X_PROXY_PORT: 443 + X_PROXY_SCHEME: https + networks: + - Jira + - Development + ports: + - '8080:8080' + volumes: + - ./jira:/var/atlassian/jira + restart: unless-stopped + +#Postgres database + postgresql: + image: sameersbn/postgresql:latest + container_name: postgresql + environment: + - DEBUG=false + - DB_USER=jira + - DB_PASS=password + - DB_NAME=jiradb + - DB_EXTENSION=pg_trgm + volumes: + - ./postgresql:/var/lib/postgresql + networks: + - jira + restart: unless-stopped + +volumes: + jiradata: + external: false + postgresqldata_jira: + external: false + +networks: + jira: + driver: bridge \ No newline at end of file diff --git a/Gitea/docker-compose.yml b/Gitea/docker-compose.yml deleted file mode 100644 index 61681d9..0000000 --- a/Gitea/docker-compose.yml +++ /dev/null @@ -1,28 +0,0 @@ -version: '3.8' - -services: - -#gitea (222) - gitea: - image: gitea/gitea:latest - container_name: gitea - environment: - - APP_NAME="gitea" - - USER_UID=1000 - - USER_GID=1000 - - USER=git - - RUN_MODE=prod - - DOMAIN=git.luke-else.co.uk - - SSH_DOMAIN=git.luke-else.co.uk - - HTTP_PORT=3000 - - ROOT_URL=https://git.luke-else.co.uk - - SSH_PORT=222 - - SSH_LISTEN_PORT=22 - - DB_TYPE=sqlite3 - ports: - - "222:22" - volumes: - - ./gitea:/data - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - restart: unless-stopped \ No newline at end of file From 8a4c6f256cc08e9898b2048106e0f97d77b9f106 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Sat, 29 Oct 2022 11:29:02 +0100 Subject: [PATCH 04/42] updated networks on lead contianer - All child containers now need to inherit networks from this container --- Traefik/docker-compose.yml | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index 8fb5062..f7f9b74 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -17,20 +17,24 @@ services: restart: unless-stopped networks: - - websites - - gitea - - databases + - reverseproxy + - frontend + - development + - backend - bitwarden - - nextcloud + - services networks: + reverseproxy: + name: reverseproxy websites: - name: websites_default + name: frontend gitea: - name: gitea_default + name: development databases: - name: database_default + name: backend bitwarden: - name: bitwarden_default + name: bitwarden nextcloud: - name: nextcloud_default \ No newline at end of file + name: services + \ No newline at end of file From b9b9380606e7e6ff8c8701ccbee3a5f5fc18c9e6 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Sat, 29 Oct 2022 11:30:42 +0100 Subject: [PATCH 05/42] Changed reverseproxy network to traefik --- Traefik/docker-compose.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index f7f9b74..77550b0 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -17,7 +17,7 @@ services: restart: unless-stopped networks: - - reverseproxy + - traefik - frontend - development - backend @@ -25,8 +25,8 @@ services: - services networks: - reverseproxy: - name: reverseproxy + traefik: + name: traefik websites: name: frontend gitea: @@ -36,5 +36,4 @@ networks: bitwarden: name: bitwarden nextcloud: - name: services - \ No newline at end of file + name: services \ No newline at end of file From cfe86a01a277cade905336e78ff448399c0bb790 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 31 Oct 2022 21:39:29 +0000 Subject: [PATCH 06/42] All containers that are exposed via proxy are now on their own correct networks and depend on traefik --- Bitwarden/docker-compose.yml | 10 ++++++- Database/docker-compose.yml | 35 +++++++++++++++++------- Development/Gitea/docker-compose.yml | 22 ++++++++++----- Development/Jira/docker-compose.yml | 31 +++++++++++---------- NextCloud/docker-compose.yml | 41 +++++++++++++++++++--------- Traefik/docker-compose.yml | 4 +-- Websites/docker-compose.yml | 10 ++++++- 7 files changed, 105 insertions(+), 48 deletions(-) diff --git a/Bitwarden/docker-compose.yml b/Bitwarden/docker-compose.yml index bd25786..c800dea 100644 --- a/Bitwarden/docker-compose.yml +++ b/Bitwarden/docker-compose.yml @@ -8,4 +8,12 @@ services: container_name: vaultwarden volumes: - ./bitwarden/:/data/ - restart: unless-stopped \ No newline at end of file + networks: + - bitwarden + depends_on: + - traefik + restart: unless-stopped + +networks: + bitwarden: + external: true \ No newline at end of file diff --git a/Database/docker-compose.yml b/Database/docker-compose.yml index 688d1ef..248f881 100644 --- a/Database/docker-compose.yml +++ b/Database/docker-compose.yml @@ -6,33 +6,48 @@ services: mongodb: image: "mongo:latest" container_name: mongoDB + volumes: + - ./mongo/:/data/db + networks: + - backend + ports: + - "27017:27017" + depends_on: + - traefik environment: MONGO_INITDB_ROOT_USERNAME: root MONGO_INITDB_ROOT_PASSWORD: rootpassword - ports: - - "27017:27017" - volumes: - - ./mongo/:/data/db restart: unless-stopped #MySQL (3306) + phpMyAdmin () mysql: image: "mysql" container_name: MySQL + volumes: + - ./mysql/:/var/lib/mysql + networks: + - backend + ports: + - "3306:3306" + depends_on: + - traefik environment: MYSQL_ROOT_PASSWORD: rootpassword MYSQL_DATABASE: test_db - ports: - - "3306:3306" - volumes: - - ./mysql/:/var/lib/mysql restart: unless-stopped phpMyAdmin: image: "phpmyadmin/phpmyadmin:latest" container_name: phpMyAdmin + networks: + - backend + depends_on: + - mysql + - traefik environment: PMA_HOST: mysql restart: unless-stopped - depends_on: - - mysql \ No newline at end of file + +networks: + backend: + external: true \ No newline at end of file diff --git a/Development/Gitea/docker-compose.yml b/Development/Gitea/docker-compose.yml index 61681d9..888b416 100644 --- a/Development/Gitea/docker-compose.yml +++ b/Development/Gitea/docker-compose.yml @@ -6,6 +6,16 @@ services: gitea: image: gitea/gitea:latest container_name: gitea + volumes: + - ./gitea:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + networks: + - development + ports: + - "222:22" + depends_on: + - traefik environment: - APP_NAME="gitea" - USER_UID=1000 @@ -19,10 +29,8 @@ services: - SSH_PORT=222 - SSH_LISTEN_PORT=22 - DB_TYPE=sqlite3 - ports: - - "222:22" - volumes: - - ./gitea:/data - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - restart: unless-stopped \ No newline at end of file + restart: unless-stopped + +networks: + development: + external: true \ No newline at end of file diff --git a/Development/Jira/docker-compose.yml b/Development/Jira/docker-compose.yml index 8acaec4..dd19dac 100644 --- a/Development/Jira/docker-compose.yml +++ b/Development/Jira/docker-compose.yml @@ -4,39 +4,40 @@ services: #Jira Jira: - depends_on: - - 'postgresql' image: atlassian/jira-software:latest container_name: Jira + volumes: + - ./jira:/var/atlassian/jira + networks: + - jira + - development + ports: + - '8080:8080' + depends_on: + - postgresql + - traefik environment: VIRTUAL_HOST: localhost CATALINA_OPTS: '-Xms1024m -Xmx2048m -XX:+UseG1GC -Datlassian.plugins.enable.wait=300' X_PROXY_NAME: jira.luke-else.co.uk X_PROXY_PORT: 443 X_PROXY_SCHEME: https - networks: - - Jira - - Development - ports: - - '8080:8080' - volumes: - - ./jira:/var/atlassian/jira restart: unless-stopped #Postgres database postgresql: image: sameersbn/postgresql:latest container_name: postgresql + volumes: + - ./postgresql:/var/lib/postgresql + networks: + - jira environment: - DEBUG=false - DB_USER=jira - DB_PASS=password - DB_NAME=jiradb - DB_EXTENSION=pg_trgm - volumes: - - ./postgresql:/var/lib/postgresql - networks: - - jira restart: unless-stopped volumes: @@ -47,4 +48,6 @@ volumes: networks: jira: - driver: bridge \ No newline at end of file + name: jira + development: + external: true \ No newline at end of file diff --git a/NextCloud/docker-compose.yml b/NextCloud/docker-compose.yml index 771ffba..c2ce4a8 100644 --- a/NextCloud/docker-compose.yml +++ b/NextCloud/docker-compose.yml @@ -1,29 +1,44 @@ version: '3.8' services: + + nextcloud: + image: nextcloud + container_name: nextcloud + links: + - db + volumes: + - ./nextcloud:/var/www/html + networks: + - services + - nextcloud + depends_on: + - traefik + - db + environment: + - MYSQL_PASSWORD= + - MYSQL_DATABASE=nextcloud + - MYSQL_USER=nextcloud + - MYSQL_HOST=db + restart: unless-stopped + db: image: mariadb container_name: nextclouddb - restart: always command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW volumes: - ./db:/var/lib/mysql + networks: + - nextcloud environment: - MYSQL_ROOT_PASSWORD= - MYSQL_PASSWORD= - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud + restart: unless-stopped +networks: + services: + external: true nextcloud: - image: nextcloud - container_name: nextcloud - restart: always - links: - - db - volumes: - - ./nextcloud:/var/www/html - environment: - - MYSQL_PASSWORD= - - MYSQL_DATABASE=nextcloud - - MYSQL_USER=nextcloud - - MYSQL_HOST=db \ No newline at end of file + name: nextcloud diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index 77550b0..16c45f6 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -31,9 +31,9 @@ networks: name: frontend gitea: name: development - databases: + backend: name: backend bitwarden: name: bitwarden - nextcloud: + services: name: services \ No newline at end of file diff --git a/Websites/docker-compose.yml b/Websites/docker-compose.yml index 7ea3b3e..2dbfff6 100644 --- a/Websites/docker-compose.yml +++ b/Websites/docker-compose.yml @@ -8,6 +8,8 @@ services: container_name: luke-else.co.uk volumes: - ./luke-else.co.uk/:/var/www/html + depends_on: + - traefik restart: unless-stopped snexo.co.uk: @@ -15,4 +17,10 @@ services: container_name: snexo.co.uk volumes: - ./snexo.co.uk/:/var/www/html - restart: unless-stopped \ No newline at end of file + depends_on: + - traefik + restart: unless-stopped + +networks: + frontend: + external: true \ No newline at end of file From 3c41b74ffd04fbe0567ab9e8134ae18623639fbd Mon Sep 17 00:00:00 2001 From: Luke Else Date: Wed, 2 Nov 2022 18:52:48 +0000 Subject: [PATCH 07/42] Updated environment variable order on Nextcloud compose file --- NextCloud/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/NextCloud/docker-compose.yml b/NextCloud/docker-compose.yml index c2ce4a8..cd526e3 100644 --- a/NextCloud/docker-compose.yml +++ b/NextCloud/docker-compose.yml @@ -16,9 +16,9 @@ services: - traefik - db environment: + - MYSQL_USER=nextcloud - MYSQL_PASSWORD= - MYSQL_DATABASE=nextcloud - - MYSQL_USER=nextcloud - MYSQL_HOST=db restart: unless-stopped @@ -32,9 +32,9 @@ services: - nextcloud environment: - MYSQL_ROOT_PASSWORD= + - MYSQL_USER=nextcloud - MYSQL_PASSWORD= - MYSQL_DATABASE=nextcloud - - MYSQL_USER=nextcloud restart: unless-stopped networks: From df275b5e465945cefa97ab2543a61eb02856cbd2 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Wed, 2 Nov 2022 18:54:15 +0000 Subject: [PATCH 08/42] Removed nginx docker-compose file - Deprecated in favour of Traefik --- ReverseProxy/docker-compose.yml | 46 --------------------------------- 1 file changed, 46 deletions(-) delete mode 100644 ReverseProxy/docker-compose.yml diff --git a/ReverseProxy/docker-compose.yml b/ReverseProxy/docker-compose.yml deleted file mode 100644 index 3bbefe2..0000000 --- a/ReverseProxy/docker-compose.yml +++ /dev/null @@ -1,46 +0,0 @@ -version: '3.8' - -services: - - #nginx (80, 443, 8080) - nginx: - image: 'jc21/nginx-proxy-manager:latest' - container_name: nginx - ports: - # These ports are in format : - - '80:80' # Public HTTP Port - - '443:443' # Public HTTPS Port - - '8080:81' # Admin Web Port - # Add any other Stream port you want to expose - # - '21:21' # FTP - # Uncomment the next line if you uncomment anything in the section - # environment: - # Uncomment this if you want to change the location of - # the SQLite DB file within the container - # DB_SQLITE_FILE: "/data/database.sqlite" - - # Uncomment this if IPv6 is not enabled on your host - # DISABLE_IPV6: 'true' - volumes: - - ./nginx/data:/data - - ./nginx/letsencrypt:/etc/letsencrypt - restart: unless-stopped - - networks: - - websites - - gitea - - databases - - bitwarden - - nextcloud - -networks: - websites: - name: websites_default - gitea: - name: gitea_default - databases: - name: database_default - bitwarden: - name: bitwarden_default - nextcloud: - name: nextcloud_default \ No newline at end of file From 8c59c826e3f16d6b55188e3caa0852126288bc5e Mon Sep 17 00:00:00 2001 From: Luke Else Date: Wed, 2 Nov 2022 19:16:07 +0000 Subject: [PATCH 09/42] Updated Traefik container to expose api + doashboard, as well as setup entrypoints --- Traefik/docker-compose.yml | 44 ++++++++++++++++++++++++++++++-------- 1 file changed, 35 insertions(+), 9 deletions(-) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index 16c45f6..d7071d9 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -6,24 +6,50 @@ services: traefik: image: 'traefik:latest' container_name: traefik - ports: - # These ports are in format : - - '80:80' # Public HTTP Port - - '443:443' # Public HTTPS Port - - '8080:8080' # Dashboard Port volumes: - - ./nginx/data:/data - - ./nginx/letsencrypt:/etc/letsencrypt - restart: unless-stopped - + - ./letsencrypt:/letsencrypt + - /var/run/docker.sock:/var/run/docker.sock + - ./dynamic.yaml:/dynamic.yaml networks: + ## Traefik is sat on every network to allow exposure ## - traefik - frontend - development - backend - bitwarden - services + ports: + ## These ports are in format : ## + - '80:80' # Public HTTP Port + - '443:443' # Public HTTPS Port + - '8080:8080' # Dashboard Port + command: + ## General Settings ## + - --api.insecure=true + - --api.dashboard=true + - --api.debug=true + ## Log Settings ## + - --log.level=DEBUG # <== Setting the level of the logs from traefik + ## Provider Settings ## + - --providers.docker=true + - --providers.docker.exposedbydefault=false + - --providers.file.filename=/dynamic.yaml + ## Entrypoints Settings ## + - --entrypoints.http.address=:80 + - --entrypoints.https.address=:443 + ## Certificate Settings ## + - --certificatesresolvers.mytlschallenge.acme.tlschallenge=true + - --certificatesresolvers.mytlschallenge.acme.email=contact@luke-else.co.uk + - --certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json + labels: + ## Exposing API Dashboard Service ## + - "traefik.enable=true" + - "traefik.http.routers.api.rule=Host(traefik.luke-else.co.uk)" + - "traefik.http.routers.api.service=api@internal" + restart: unless-stopped + +## All Networks for child containers - All containers depend on this container being spun up ## networks: traefik: name: traefik From 86349c4b76c49fc5db235a8a8ba461baf08f21bc Mon Sep 17 00:00:00 2001 From: Luke Else Date: Thu, 3 Nov 2022 16:16:12 +0000 Subject: [PATCH 10/42] Updated Bitwarden docker file to have Traefik Labels --- Bitwarden/docker-compose.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/Bitwarden/docker-compose.yml b/Bitwarden/docker-compose.yml index c800dea..fc8454f 100644 --- a/Bitwarden/docker-compose.yml +++ b/Bitwarden/docker-compose.yml @@ -12,6 +12,16 @@ services: - bitwarden depends_on: - traefik + labels: + ## Expose Bitwarden Through Trefik ## + - "traefik.enable=true" # <== Enable traefik to proxy this container + - "traefik.http.routers.containername.rule=Host(`bitwarden.luke-else.co.uk`) || Host(`www.bitwarden.luke-else.co.uk`)" + - "traefik.http.routers.containername.entrypoints=http" + - "traefik.http.routers.containername.middlewares=redirect@file" + + - "traefik.http.routers.containername-secured.rule=Host(`bitwarden.luke-else.co.uk`) || Host(`www.bitwarden.luke-else.co.uk`)" + - "traefik.http.routers.containername-secured.entrypoints=https" + - "traefik.http.routers.containername-secured.tls.certresolver=mytlschallenge" restart: unless-stopped networks: From bd79b17c7fda7b3e267a7055264afdd4b0716916 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Thu, 3 Nov 2022 16:18:40 +0000 Subject: [PATCH 11/42] Updated Database docker file to have Traefik Labels --- Database/docker-compose.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/Database/docker-compose.yml b/Database/docker-compose.yml index 248f881..0da4cdf 100644 --- a/Database/docker-compose.yml +++ b/Database/docker-compose.yml @@ -46,6 +46,16 @@ services: - traefik environment: PMA_HOST: mysql + labels: + ## Expose phpMyAdmin Through Trefik ## + - "traefik.enable=true" # <== Enable traefik to proxy this container + - "traefik.http.routers.phpMyAdmin.rule=Host(`mysql.luke-else.co.uk`) || Host(`www.mysql.luke-else.co.uk`)" + - "traefik.http.routers.phpMyAdmin.entrypoints=http" + - "traefik.http.routers.phpMyAdmin.middlewares=redirect@file" + + - "traefik.http.routers.phpMyAdmin-secured.rule=Host(`mysql.luke-else.co.uk`) || Host(`www.mysql.luke-else.co.uk`)" + - "traefik.http.routers.phpMyAdmin-secured.entrypoints=https" + - "traefik.http.routers.phpMyAdmin-secured.tls.certresolver=mytlschallenge" restart: unless-stopped networks: From 566dd8c965af48d0c9ca6aede1dcf7e6940ccf44 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Thu, 3 Nov 2022 16:23:23 +0000 Subject: [PATCH 12/42] Updated Development container to use Traefik labels --- Bitwarden/docker-compose.yml | 12 ++++++------ Development/Gitea/docker-compose.yml | 10 ++++++++++ Development/Jira/docker-compose.yml | 10 ++++++++++ 3 files changed, 26 insertions(+), 6 deletions(-) diff --git a/Bitwarden/docker-compose.yml b/Bitwarden/docker-compose.yml index fc8454f..67222eb 100644 --- a/Bitwarden/docker-compose.yml +++ b/Bitwarden/docker-compose.yml @@ -15,13 +15,13 @@ services: labels: ## Expose Bitwarden Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container - - "traefik.http.routers.containername.rule=Host(`bitwarden.luke-else.co.uk`) || Host(`www.bitwarden.luke-else.co.uk`)" - - "traefik.http.routers.containername.entrypoints=http" - - "traefik.http.routers.containername.middlewares=redirect@file" + - "traefik.http.routers.bitwarden.rule=Host(`bitwarden.luke-else.co.uk`) || Host(`www.bitwarden.luke-else.co.uk`)" + - "traefik.http.routers.bitwarden.entrypoints=http" + - "traefik.http.routers.bitwarden.middlewares=redirect@file" - - "traefik.http.routers.containername-secured.rule=Host(`bitwarden.luke-else.co.uk`) || Host(`www.bitwarden.luke-else.co.uk`)" - - "traefik.http.routers.containername-secured.entrypoints=https" - - "traefik.http.routers.containername-secured.tls.certresolver=mytlschallenge" + - "traefik.http.routers.bitwarden-secured.rule=Host(`bitwarden.luke-else.co.uk`) || Host(`www.bitwarden.luke-else.co.uk`)" + - "traefik.http.routers.bitwarden-secured.entrypoints=https" + - "traefik.http.routers.bitwarden-secured.tls.certresolver=mytlschallenge" restart: unless-stopped networks: diff --git a/Development/Gitea/docker-compose.yml b/Development/Gitea/docker-compose.yml index 888b416..53db088 100644 --- a/Development/Gitea/docker-compose.yml +++ b/Development/Gitea/docker-compose.yml @@ -29,6 +29,16 @@ services: - SSH_PORT=222 - SSH_LISTEN_PORT=22 - DB_TYPE=sqlite3 + labels: + ## Expose Gitea Through Trefik ## + - "traefik.enable=true" # <== Enable traefik to proxy this container + - "traefik.http.routers.gitea.rule=Host(`git.luke-else.co.uk`) || Host(`www.git.luke-else.co.uk`)" + - "traefik.http.routers.gitea.entrypoints=http" + - "traefik.http.routers.gitea.middlewares=redirect@file" + + - "traefik.http.routers.gitea-secured.rule=Host(`git.luke-else.co.uk`) || Host(`www.git.luke-else.co.uk`)" + - "traefik.http.routers.gitea-secured.entrypoints=https" + - "traefik.http.routers.gitea-secured.tls.certresolver=mytlschallenge" restart: unless-stopped networks: diff --git a/Development/Jira/docker-compose.yml b/Development/Jira/docker-compose.yml index dd19dac..22175c2 100644 --- a/Development/Jira/docker-compose.yml +++ b/Development/Jira/docker-compose.yml @@ -22,6 +22,16 @@ services: X_PROXY_NAME: jira.luke-else.co.uk X_PROXY_PORT: 443 X_PROXY_SCHEME: https + labels: + ## Expose Jira Through Trefik ## + - "traefik.enable=true" # <== Enable traefik to proxy this container + - "traefik.http.routers.jira.rule=Host(`jira.luke-else.co.uk`) || Host(`www.jira.luke-else.co.uk`)" + - "traefik.http.routers.jira.entrypoints=http" + - "traefik.http.routers.jira.middlewares=redirect@file" + + - "traefik.http.routers.jira-secured.rule=Host(`jira.luke-else.co.uk`) || Host(`www.jira.luke-else.co.uk`)" + - "traefik.http.routers.jira-secured.entrypoints=https" + - "traefik.http.routers.jira-secured.tls.certresolver=mytlschallenge" restart: unless-stopped #Postgres database From 463b9dc1f7a697f1d75b2f4ebadb4a44b6211737 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Thu, 3 Nov 2022 16:26:54 +0000 Subject: [PATCH 13/42] Updated NextCloud container to use Traefik labels --- NextCloud/docker-compose.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/NextCloud/docker-compose.yml b/NextCloud/docker-compose.yml index cd526e3..e659bba 100644 --- a/NextCloud/docker-compose.yml +++ b/NextCloud/docker-compose.yml @@ -20,6 +20,16 @@ services: - MYSQL_PASSWORD= - MYSQL_DATABASE=nextcloud - MYSQL_HOST=db + labels: + ## Expose Nextcloud Through Trefik ## + - "traefik.enable=true" # <== Enable traefik to proxy this container + - "traefik.http.routers.nextcloud.rule=Host(`nextcloud.luke-else.co.uk`) || Host(`www.nextcloud.luke-else.co.uk`)" + - "traefik.http.routers.nextcloud.entrypoints=http" + - "traefik.http.routers.nextcloud.middlewares=redirect@file" + + - "traefik.http.routers.nextcloud-secured.rule=Host(`nextcloud.luke-else.co.uk`) || Host(`www.nextcloud.luke-else.co.uk`)" + - "traefik.http.routers.nextcloud-secured.entrypoints=https" + - "traefik.http.routers.nextcloud-secured.tls.certresolver=mytlschallenge" restart: unless-stopped db: From 661cebcec0c32fa115dac3cebd558f0b803ee9d8 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Thu, 3 Nov 2022 16:29:15 +0000 Subject: [PATCH 14/42] Updated websites containers to use Traefik labels --- Websites/docker-compose.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/Websites/docker-compose.yml b/Websites/docker-compose.yml index 2dbfff6..d302cc8 100644 --- a/Websites/docker-compose.yml +++ b/Websites/docker-compose.yml @@ -10,6 +10,16 @@ services: - ./luke-else.co.uk/:/var/www/html depends_on: - traefik + labels: + ## Expose luke-else Through Trefik ## + - "traefik.enable=true" # <== Enable traefik to proxy this container + - "traefik.http.routers.luke-else.rule=Host(`luke-else.co.uk`) || Host(`www.luke-else.co.uk`)" + - "traefik.http.routers.luke-else.entrypoints=http" + - "traefik.http.routers.luke-else.middlewares=redirect@file" + + - "traefik.http.routers.luke-else-secured.rule=Host(`luke-else.co.uk`) || Host(`www.luke-else.co.uk`)" + - "traefik.http.routers.luke-else-secured.entrypoints=https" + - "traefik.http.routers.luke-else-secured.tls.certresolver=mytlschallenge" restart: unless-stopped snexo.co.uk: @@ -19,6 +29,16 @@ services: - ./snexo.co.uk/:/var/www/html depends_on: - traefik + labels: + ## Expose Snexo Through Trefik ## + - "traefik.enable=true" # <== Enable traefik to proxy this container + - "traefik.http.routers.snexo.rule=Host(`snexo.luke-else.co.uk`) || Host(`www.snexo.luke-else.co.uk`)" + - "traefik.http.routers.snexo.entrypoints=http" + - "traefik.http.routers.snexo.middlewares=redirect@file" + + - "traefik.http.routers.snexo-secured.rule=Host(`snexo.luke-else.co.uk`) || Host(`www.snexo.luke-else.co.uk`)" + - "traefik.http.routers.snexo-secured.entrypoints=https" + - "traefik.http.routers.snexo-secured.tls.certresolver=mytlschallenge" restart: unless-stopped networks: From 448b5fb4363d19326d55c5138d3b3bd63e500129 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Thu, 3 Nov 2022 16:39:09 +0000 Subject: [PATCH 15/42] Created startup/shudown container script files --- spindown.sh | 1 + spinup.sh | 1 + 2 files changed, 2 insertions(+) create mode 100644 spindown.sh create mode 100644 spinup.sh diff --git a/spindown.sh b/spindown.sh new file mode 100644 index 0000000..c5a4d8e --- /dev/null +++ b/spindown.sh @@ -0,0 +1 @@ +#Script file for spinning down all docker-containers \ No newline at end of file diff --git a/spinup.sh b/spinup.sh new file mode 100644 index 0000000..f171037 --- /dev/null +++ b/spinup.sh @@ -0,0 +1 @@ +#Script file for spinning up all docker-containers \ No newline at end of file From 4b33c0e4069340b909ebbf54b7423faf3adfff9a Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 14 Nov 2022 20:59:37 +0000 Subject: [PATCH 16/42] Created 'Spin Up' and 'Spin Down' --- spindown.sh | 30 +++++++++++++++++++++++++++++- spinup.sh | 30 +++++++++++++++++++++++++++++- 2 files changed, 58 insertions(+), 2 deletions(-) diff --git a/spindown.sh b/spindown.sh index c5a4d8e..ae93e89 100644 --- a/spindown.sh +++ b/spindown.sh @@ -1 +1,29 @@ -#Script file for spinning down all docker-containers \ No newline at end of file +#Script file for spinning down all docker-containers + +cd ./Websites/ +docker-compose down +cd .. + +cd ./NextCloud/ +docker-compose down +cd .. + + cd ./Development/Gitea/ + docker-compose down + cd .. + + cd ./Jira/ + docker-compose down + cd ../.. + +cd ./Database/ +docker-compose down +cd .. + +cd ./Bitwarden/ +docker-compose down +cd .. + +cd ./Traefik/ +docker-compose down +cd .. \ No newline at end of file diff --git a/spinup.sh b/spinup.sh index f171037..e6da787 100644 --- a/spinup.sh +++ b/spinup.sh @@ -1 +1,29 @@ -#Script file for spinning up all docker-containers \ No newline at end of file +#Script file for spinning up all docker-containers + +cd ./Traefik/ +docker-compose up -d +cd .. + +cd ./Websites/ +docker-compose up -d +cd .. + +cd ./NextCloud/ +docker-compose up -d +cd .. + + cd ./Development/Gitea/ + docker-compose up -d + cd .. + + cd ./Jira/ + docker-compose up -d + cd ../.. + +cd ./Database/ +docker-compose up -d +cd .. + +cd ./Bitwarden/ +docker-compose up -d +cd .. \ No newline at end of file From d85fa37014d916ee90c4aa9acd71d57f7a9e618c Mon Sep 17 00:00:00 2001 From: Luke Else Date: Tue, 15 Nov 2022 22:01:44 +0100 Subject: [PATCH 17/42] Update Networks defined in Traefik Container --- Traefik/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index d7071d9..347a290 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -53,9 +53,9 @@ services: networks: traefik: name: traefik - websites: + frontend: name: frontend - gitea: + development: name: development backend: name: backend From fcef091eaed077d1bbd889f79f8456aecc26d4fc Mon Sep 17 00:00:00 2001 From: Luke Else Date: Tue, 15 Nov 2022 23:49:11 +0100 Subject: [PATCH 18/42] Update 'Traefik/docker-compose.yml' --- Traefik/docker-compose.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index 347a290..0eb520b 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -43,9 +43,9 @@ services: - --certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json labels: ## Exposing API Dashboard Service ## - - "traefik.enable=true" - - "traefik.http.routers.api.rule=Host(traefik.luke-else.co.uk)" - - "traefik.http.routers.api.service=api@internal" + - traefik.enable=true + - traefik.http.routers.api.rule=Host("traefik.luke-else.co.uk") + - traefik.http.routers.api.service=api@internal restart: unless-stopped From 5bfb645b730b9929ddd12aa74e5bfa5d964e1341 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Wed, 16 Nov 2022 14:28:03 +0000 Subject: [PATCH 19/42] Create DockerCompose for Jira #1 - Removed Jira --- Development/Jira/docker-compose.yml | 63 ----------------------------- 1 file changed, 63 deletions(-) delete mode 100644 Development/Jira/docker-compose.yml diff --git a/Development/Jira/docker-compose.yml b/Development/Jira/docker-compose.yml deleted file mode 100644 index 22175c2..0000000 --- a/Development/Jira/docker-compose.yml +++ /dev/null @@ -1,63 +0,0 @@ -version: '3.8' - -services: - -#Jira - Jira: - image: atlassian/jira-software:latest - container_name: Jira - volumes: - - ./jira:/var/atlassian/jira - networks: - - jira - - development - ports: - - '8080:8080' - depends_on: - - postgresql - - traefik - environment: - VIRTUAL_HOST: localhost - CATALINA_OPTS: '-Xms1024m -Xmx2048m -XX:+UseG1GC -Datlassian.plugins.enable.wait=300' - X_PROXY_NAME: jira.luke-else.co.uk - X_PROXY_PORT: 443 - X_PROXY_SCHEME: https - labels: - ## Expose Jira Through Trefik ## - - "traefik.enable=true" # <== Enable traefik to proxy this container - - "traefik.http.routers.jira.rule=Host(`jira.luke-else.co.uk`) || Host(`www.jira.luke-else.co.uk`)" - - "traefik.http.routers.jira.entrypoints=http" - - "traefik.http.routers.jira.middlewares=redirect@file" - - - "traefik.http.routers.jira-secured.rule=Host(`jira.luke-else.co.uk`) || Host(`www.jira.luke-else.co.uk`)" - - "traefik.http.routers.jira-secured.entrypoints=https" - - "traefik.http.routers.jira-secured.tls.certresolver=mytlschallenge" - restart: unless-stopped - -#Postgres database - postgresql: - image: sameersbn/postgresql:latest - container_name: postgresql - volumes: - - ./postgresql:/var/lib/postgresql - networks: - - jira - environment: - - DEBUG=false - - DB_USER=jira - - DB_PASS=password - - DB_NAME=jiradb - - DB_EXTENSION=pg_trgm - restart: unless-stopped - -volumes: - jiradata: - external: false - postgresqldata_jira: - external: false - -networks: - jira: - name: jira - development: - external: true \ No newline at end of file From 88b4133cf71a91d46c7007235a0f3f797de7cf00 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Wed, 16 Nov 2022 14:29:19 +0000 Subject: [PATCH 20/42] Removed Traefik Dependancy from each container --- Bitwarden/docker-compose.yml | 2 -- Database/docker-compose.yml | 2 -- Development/Gitea/docker-compose.yml | 2 -- NextCloud/docker-compose.yml | 1 - Websites/docker-compose.yml | 4 ---- 5 files changed, 11 deletions(-) diff --git a/Bitwarden/docker-compose.yml b/Bitwarden/docker-compose.yml index 67222eb..3ef0a22 100644 --- a/Bitwarden/docker-compose.yml +++ b/Bitwarden/docker-compose.yml @@ -10,8 +10,6 @@ services: - ./bitwarden/:/data/ networks: - bitwarden - depends_on: - - traefik labels: ## Expose Bitwarden Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container diff --git a/Database/docker-compose.yml b/Database/docker-compose.yml index 0da4cdf..30a2243 100644 --- a/Database/docker-compose.yml +++ b/Database/docker-compose.yml @@ -12,8 +12,6 @@ services: - backend ports: - "27017:27017" - depends_on: - - traefik environment: MONGO_INITDB_ROOT_USERNAME: root MONGO_INITDB_ROOT_PASSWORD: rootpassword diff --git a/Development/Gitea/docker-compose.yml b/Development/Gitea/docker-compose.yml index 53db088..8f7f5dc 100644 --- a/Development/Gitea/docker-compose.yml +++ b/Development/Gitea/docker-compose.yml @@ -14,8 +14,6 @@ services: - development ports: - "222:22" - depends_on: - - traefik environment: - APP_NAME="gitea" - USER_UID=1000 diff --git a/NextCloud/docker-compose.yml b/NextCloud/docker-compose.yml index e659bba..964d240 100644 --- a/NextCloud/docker-compose.yml +++ b/NextCloud/docker-compose.yml @@ -13,7 +13,6 @@ services: - services - nextcloud depends_on: - - traefik - db environment: - MYSQL_USER=nextcloud diff --git a/Websites/docker-compose.yml b/Websites/docker-compose.yml index d302cc8..8062b00 100644 --- a/Websites/docker-compose.yml +++ b/Websites/docker-compose.yml @@ -8,8 +8,6 @@ services: container_name: luke-else.co.uk volumes: - ./luke-else.co.uk/:/var/www/html - depends_on: - - traefik labels: ## Expose luke-else Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container @@ -27,8 +25,6 @@ services: container_name: snexo.co.uk volumes: - ./snexo.co.uk/:/var/www/html - depends_on: - - traefik labels: ## Expose Snexo Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container From d535a8656fde93286ffc0d4726e8f9f33a484389 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Fri, 18 Nov 2022 17:50:18 +0100 Subject: [PATCH 21/42] #1 - Removed Jira Lines from spinup script --- spinup.sh | 4 ---- 1 file changed, 4 deletions(-) diff --git a/spinup.sh b/spinup.sh index e6da787..d1761ed 100644 --- a/spinup.sh +++ b/spinup.sh @@ -14,10 +14,6 @@ cd .. cd ./Development/Gitea/ docker-compose up -d - cd .. - - cd ./Jira/ - docker-compose up -d cd ../.. cd ./Database/ From 86bb3d49d65dbb258ce1d5276ace7b19dff4504b Mon Sep 17 00:00:00 2001 From: Luke Else Date: Fri, 18 Nov 2022 17:50:48 +0100 Subject: [PATCH 22/42] #1 - Removed Jira Lined from spindown script --- spindown.sh | 4 ---- 1 file changed, 4 deletions(-) diff --git a/spindown.sh b/spindown.sh index ae93e89..7e26f28 100644 --- a/spindown.sh +++ b/spindown.sh @@ -10,10 +10,6 @@ cd .. cd ./Development/Gitea/ docker-compose down - cd .. - - cd ./Jira/ - docker-compose down cd ../.. cd ./Database/ From f66d90eef72455b6cfad381dbfe7cc1e634ebc45 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 18:47:49 +0100 Subject: [PATCH 23/42] Test to get traefik running --- Traefik/docker-compose.yml | 86 +++++++++++--------------------------- 1 file changed, 25 insertions(+), 61 deletions(-) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index 0eb520b..9cfd76f 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -1,65 +1,29 @@ -version: '3.8' - +version: "3.8" services: - - #traefik (80, 443, 8080) traefik: - image: 'traefik:latest' - container_name: traefik - volumes: - - ./letsencrypt:/letsencrypt - - /var/run/docker.sock:/var/run/docker.sock - - ./dynamic.yaml:/dynamic.yaml - networks: - ## Traefik is sat on every network to allow exposure ## - - traefik - - frontend - - development - - backend - - bitwarden - - services - ports: - ## These ports are in format : ## - - '80:80' # Public HTTP Port - - '443:443' # Public HTTPS Port - - '8080:8080' # Dashboard Port + image: "traefik:latest" + container_name: "traefik" command: - ## General Settings ## - - --api.insecure=true - - --api.dashboard=true - - --api.debug=true - ## Log Settings ## - - --log.level=DEBUG # <== Setting the level of the logs from traefik - ## Provider Settings ## - - --providers.docker=true - - --providers.docker.exposedbydefault=false - - --providers.file.filename=/dynamic.yaml - ## Entrypoints Settings ## - - --entrypoints.http.address=:80 - - --entrypoints.https.address=:443 - ## Certificate Settings ## - - --certificatesresolvers.mytlschallenge.acme.tlschallenge=true - - --certificatesresolvers.mytlschallenge.acme.email=contact@luke-else.co.uk - - --certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json + - "--api.dashboard=true" + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.web.address=:80" + - "--entrypoints.websecure.address=:443" + - "--certificatesresolvers.myresolver.acme.tlschallenge=true" + - "--certificatesresolvers.myresolver.acme.email=contact@luke-else.co.uk" + - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" + ports: + - "80:80" + - "443:443" + volumes: + - "./letsencrypt:/letsencrypt" + - "/var/run/docker.sock:/var/run/docker.sock:ro" labels: - ## Exposing API Dashboard Service ## - - traefik.enable=true - - traefik.http.routers.api.rule=Host("traefik.luke-else.co.uk") - - traefik.http.routers.api.service=api@internal - restart: unless-stopped - - -## All Networks for child containers - All containers depend on this container being spun up ## -networks: - traefik: - name: traefik - frontend: - name: frontend - development: - name: development - backend: - name: backend - bitwarden: - name: bitwarden - services: - name: services \ No newline at end of file + - "traefik.enable=true" + - "traefik.http.routers.traefik.rule=Host(`traefik.luke-else.co.uk`)" + - "traefik.http.routers.traefik.entrypoints=websecure" + - "traefik.http.routers.traefik.service=api@internal" + - "traefik.http.routers.traefik.tls.certresolver=myresolver" + # - "traefik.http.routers.traefik.middlewares=traefik-auth" + # - "traefik.http.middlewares.traefik-auth.basicauth.users=user:$$2y$$05$$6m8MvyzgJ4Kl7/3rL4X6VurX1huMas8a7oPB3xRfBjFbGCR8MUi7W" + restart: unless-stopped \ No newline at end of file From 85d6afd6b6674e1c7b12bc1771995a5ce2496f7b Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 18:55:47 +0100 Subject: [PATCH 24/42] Update gitea container for testing --- Development/Gitea/docker-compose.yml | 10 +++------- Traefik/docker-compose.yml | 2 +- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/Development/Gitea/docker-compose.yml b/Development/Gitea/docker-compose.yml index 8f7f5dc..f8022eb 100644 --- a/Development/Gitea/docker-compose.yml +++ b/Development/Gitea/docker-compose.yml @@ -30,13 +30,9 @@ services: labels: ## Expose Gitea Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container - - "traefik.http.routers.gitea.rule=Host(`git.luke-else.co.uk`) || Host(`www.git.luke-else.co.uk`)" - - "traefik.http.routers.gitea.entrypoints=http" - - "traefik.http.routers.gitea.middlewares=redirect@file" - - - "traefik.http.routers.gitea-secured.rule=Host(`git.luke-else.co.uk`) || Host(`www.git.luke-else.co.uk`)" - - "traefik.http.routers.gitea-secured.entrypoints=https" - - "traefik.http.routers.gitea-secured.tls.certresolver=mytlschallenge" + - "traefik.http.routers.gitea.rule=Host(`test.luke-else.co.uk`)" + - "traefik.http.routers.gitea.entrypoints=websecure" + - "traefik.http.routers.gitea.tls.certresolver=myresolver" restart: unless-stopped networks: diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index 9cfd76f..ad319c3 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -23,7 +23,7 @@ services: - "traefik.http.routers.traefik.rule=Host(`traefik.luke-else.co.uk`)" - "traefik.http.routers.traefik.entrypoints=websecure" - "traefik.http.routers.traefik.service=api@internal" - - "traefik.http.routers.traefik.tls.certresolver=myresolver" + - "traefik.http.routers.traefik.tls.certresolver=myresolver" # - "traefik.http.routers.traefik.middlewares=traefik-auth" # - "traefik.http.middlewares.traefik-auth.basicauth.users=user:$$2y$$05$$6m8MvyzgJ4Kl7/3rL4X6VurX1huMas8a7oPB3xRfBjFbGCR8MUi7W" restart: unless-stopped \ No newline at end of file From 740026dd37e85a5288ac9bca915db1995f3a0739 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 18:57:21 +0100 Subject: [PATCH 25/42] Removed network from test container --- Development/Gitea/docker-compose.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/Development/Gitea/docker-compose.yml b/Development/Gitea/docker-compose.yml index f8022eb..4a92e68 100644 --- a/Development/Gitea/docker-compose.yml +++ b/Development/Gitea/docker-compose.yml @@ -33,8 +33,4 @@ services: - "traefik.http.routers.gitea.rule=Host(`test.luke-else.co.uk`)" - "traefik.http.routers.gitea.entrypoints=websecure" - "traefik.http.routers.gitea.tls.certresolver=myresolver" - restart: unless-stopped - -networks: - development: - external: true \ No newline at end of file + restart: unless-stopped \ No newline at end of file From debad3648ac6376bbb69b7cb00fdcb589dc724d6 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 18:57:43 +0100 Subject: [PATCH 26/42] Removed network from test container --- Development/Gitea/docker-compose.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/Development/Gitea/docker-compose.yml b/Development/Gitea/docker-compose.yml index 4a92e68..930fbac 100644 --- a/Development/Gitea/docker-compose.yml +++ b/Development/Gitea/docker-compose.yml @@ -10,8 +10,6 @@ services: - ./gitea:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro - networks: - - development ports: - "222:22" environment: From 8e0b55d6dc1c2b12743a4d406a71fb75cbf35d06 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 18:59:50 +0100 Subject: [PATCH 27/42] Changed domain name in test container --- Development/Gitea/docker-compose.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Development/Gitea/docker-compose.yml b/Development/Gitea/docker-compose.yml index 930fbac..4113753 100644 --- a/Development/Gitea/docker-compose.yml +++ b/Development/Gitea/docker-compose.yml @@ -18,10 +18,10 @@ services: - USER_GID=1000 - USER=git - RUN_MODE=prod - - DOMAIN=git.luke-else.co.uk - - SSH_DOMAIN=git.luke-else.co.uk + - DOMAIN=test.luke-else.co.uk + - SSH_DOMAIN=test.luke-else.co.uk - HTTP_PORT=3000 - - ROOT_URL=https://git.luke-else.co.uk + - ROOT_URL=https://test.luke-else.co.uk - SSH_PORT=222 - SSH_LISTEN_PORT=22 - DB_TYPE=sqlite3 From d16e075814f573b32ef0d907dc0dcdb9074d7229 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 19:04:20 +0100 Subject: [PATCH 28/42] Added logging to traefik container --- Traefik/docker-compose.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index ad319c3..2e9ada2 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -5,6 +5,7 @@ services: container_name: "traefik" command: - "--api.dashboard=true" + - "--log.level=DEBUG" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" - "--entrypoints.web.address=:80" @@ -20,6 +21,7 @@ services: - "/var/run/docker.sock:/var/run/docker.sock:ro" labels: - "traefik.enable=true" + - "traefik.log" - "traefik.http.routers.traefik.rule=Host(`traefik.luke-else.co.uk`)" - "traefik.http.routers.traefik.entrypoints=websecure" - "traefik.http.routers.traefik.service=api@internal" From 48ef532b5569c922c55bcacffe57db938452a0df Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 19:07:14 +0100 Subject: [PATCH 29/42] Added gitea to traefik container --- Traefik/docker-compose.yml | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index 2e9ada2..1c5ba81 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -28,4 +28,40 @@ services: - "traefik.http.routers.traefik.tls.certresolver=myresolver" # - "traefik.http.routers.traefik.middlewares=traefik-auth" # - "traefik.http.middlewares.traefik-auth.basicauth.users=user:$$2y$$05$$6m8MvyzgJ4Kl7/3rL4X6VurX1huMas8a7oPB3xRfBjFbGCR8MUi7W" + restart: unless-stopped + + + + + + + #gitea (222) + gitea: + image: gitea/gitea:latest + container_name: gitea + volumes: + - ./gitea:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + ports: + - "222:22" + environment: + - APP_NAME="gitea" + - USER_UID=1000 + - USER_GID=1000 + - USER=git + - RUN_MODE=prod + - DOMAIN=test.luke-else.co.uk + - SSH_DOMAIN=test.luke-else.co.uk + - HTTP_PORT=3000 + - ROOT_URL=https://test.luke-else.co.uk + - SSH_PORT=222 + - SSH_LISTEN_PORT=22 + - DB_TYPE=sqlite3 + labels: + ## Expose Gitea Through Trefik ## + - "traefik.enable=true" # <== Enable traefik to proxy this container + - "traefik.http.routers.gitea.rule=Host(`test.luke-else.co.uk`)" + - "traefik.http.routers.gitea.entrypoints=websecure" + - "traefik.http.routers.gitea.tls.certresolver=myresolver" restart: unless-stopped \ No newline at end of file From 1879a80f7f9a1a06b158d9a7111f5033d710daad Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 19:09:21 +0100 Subject: [PATCH 30/42] Updated gitea port] --- Traefik/docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index 1c5ba81..d0f734b 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -45,6 +45,7 @@ services: - /etc/localtime:/etc/localtime:ro ports: - "222:22" + - "80:3000" environment: - APP_NAME="gitea" - USER_UID=1000 From 2277baea40196b0799f7312d174672658b695383 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 19:10:42 +0100 Subject: [PATCH 31/42] Updated gitea port] --- Traefik/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index d0f734b..cccaec2 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -45,7 +45,7 @@ services: - /etc/localtime:/etc/localtime:ro ports: - "222:22" - - "80:3000" + - "3000:3000" environment: - APP_NAME="gitea" - USER_UID=1000 From 800fabfe859da75b4a0b0b9ba7f437793f1fc2e0 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 19:11:59 +0100 Subject: [PATCH 32/42] Updated gitea port] --- Traefik/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index cccaec2..0db1a92 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -44,8 +44,8 @@ services: - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro ports: - - "222:22" - "3000:3000" + - "222:22" environment: - APP_NAME="gitea" - USER_UID=1000 From 025b45b6aa4da20946e31d4b64daf0d54e359ef6 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 19:14:41 +0100 Subject: [PATCH 33/42] Updated gitea port] --- Traefik/docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index 0db1a92..46732e9 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -62,6 +62,7 @@ services: labels: ## Expose Gitea Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container + - "traefik.http.routers.gitea.loadbalancer.server.port=3000" - "traefik.http.routers.gitea.rule=Host(`test.luke-else.co.uk`)" - "traefik.http.routers.gitea.entrypoints=websecure" - "traefik.http.routers.gitea.tls.certresolver=myresolver" From 75aa652d24e4d6c6c943a30b1c94faa587dc1372 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 19:18:54 +0100 Subject: [PATCH 34/42] Updated gitea port] --- Traefik/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index 46732e9..1271470 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -62,7 +62,7 @@ services: labels: ## Expose Gitea Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container - - "traefik.http.routers.gitea.loadbalancer.server.port=3000" + - "traefik.http.services.gitea.loadbalancer.server.port=3000" - "traefik.http.routers.gitea.rule=Host(`test.luke-else.co.uk`)" - "traefik.http.routers.gitea.entrypoints=websecure" - "traefik.http.routers.gitea.tls.certresolver=myresolver" From d74540d2a2b884a25bbc5fb1f8541efd0ce3958b Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 22:05:55 +0100 Subject: [PATCH 35/42] Update ports, should be the final change tonight --- Traefik/docker-compose.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index 1271470..0ae517b 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -44,7 +44,6 @@ services: - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro ports: - - "3000:3000" - "222:22" environment: - APP_NAME="gitea" From 537da28dc44f208d9ce44f78dafce23a69a00112 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 22:17:57 +0100 Subject: [PATCH 36/42] Updated traefik to use auth middleware --- Traefik/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index 0ae517b..cb3e57b 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -26,8 +26,8 @@ services: - "traefik.http.routers.traefik.entrypoints=websecure" - "traefik.http.routers.traefik.service=api@internal" - "traefik.http.routers.traefik.tls.certresolver=myresolver" - # - "traefik.http.routers.traefik.middlewares=traefik-auth" - # - "traefik.http.middlewares.traefik-auth.basicauth.users=user:$$2y$$05$$6m8MvyzgJ4Kl7/3rL4X6VurX1huMas8a7oPB3xRfBjFbGCR8MUi7W" + - "traefik.http.routers.traefik.middlewares=traefik-auth" + - "traefik.http.middlewares.traefik-auth.basicauth.users=user:a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" restart: unless-stopped From dfadd63ea5df22cae50fbfb46368c6fb5e937d68 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 22:22:15 +0100 Subject: [PATCH 37/42] Updated traefik to use auth middleware --- Traefik/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index cb3e57b..bc00c07 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -27,7 +27,7 @@ services: - "traefik.http.routers.traefik.service=api@internal" - "traefik.http.routers.traefik.tls.certresolver=myresolver" - "traefik.http.routers.traefik.middlewares=traefik-auth" - - "traefik.http.middlewares.traefik-auth.basicauth.users=user:a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" + - "traefik.http.middlewares.traefik-auth.basicauth.users=user:$$2y$$05$$s/vPphFtSO2fWJR7SYkEb.90UwPDRM3aOKqgOF/rme/3fUQ5tvpTS" restart: unless-stopped From 1ee167aad353190931caadc78e74a27acfa3f9ca Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 22:33:38 +0100 Subject: [PATCH 38/42] Moved to a new container... hopefully we have the same results --- Development/Gitea/docker-compose.yml | 12 ++++++--- Traefik/docker-compose.yml | 39 +++------------------------- 2 files changed, 12 insertions(+), 39 deletions(-) diff --git a/Development/Gitea/docker-compose.yml b/Development/Gitea/docker-compose.yml index 4113753..5c9e319 100644 --- a/Development/Gitea/docker-compose.yml +++ b/Development/Gitea/docker-compose.yml @@ -1,8 +1,7 @@ version: '3.8' services: - -#gitea (222) + #gitea (222) gitea: image: gitea/gitea:latest container_name: gitea @@ -10,6 +9,8 @@ services: - ./gitea:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro + networks: + - proxy ports: - "222:22" environment: @@ -28,7 +29,12 @@ services: labels: ## Expose Gitea Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container + - "traefik.http.services.gitea.loadbalancer.server.port=3000" - "traefik.http.routers.gitea.rule=Host(`test.luke-else.co.uk`)" - "traefik.http.routers.gitea.entrypoints=websecure" - "traefik.http.routers.gitea.tls.certresolver=myresolver" - restart: unless-stopped \ No newline at end of file + restart: unless-stopped + +networks: + proxy: + external: true \ No newline at end of file diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index bc00c07..9282fea 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -30,39 +30,6 @@ services: - "traefik.http.middlewares.traefik-auth.basicauth.users=user:$$2y$$05$$s/vPphFtSO2fWJR7SYkEb.90UwPDRM3aOKqgOF/rme/3fUQ5tvpTS" restart: unless-stopped - - - - - - #gitea (222) - gitea: - image: gitea/gitea:latest - container_name: gitea - volumes: - - ./gitea:/data - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - ports: - - "222:22" - environment: - - APP_NAME="gitea" - - USER_UID=1000 - - USER_GID=1000 - - USER=git - - RUN_MODE=prod - - DOMAIN=test.luke-else.co.uk - - SSH_DOMAIN=test.luke-else.co.uk - - HTTP_PORT=3000 - - ROOT_URL=https://test.luke-else.co.uk - - SSH_PORT=222 - - SSH_LISTEN_PORT=22 - - DB_TYPE=sqlite3 - labels: - ## Expose Gitea Through Trefik ## - - "traefik.enable=true" # <== Enable traefik to proxy this container - - "traefik.http.services.gitea.loadbalancer.server.port=3000" - - "traefik.http.routers.gitea.rule=Host(`test.luke-else.co.uk`)" - - "traefik.http.routers.gitea.entrypoints=websecure" - - "traefik.http.routers.gitea.tls.certresolver=myresolver" - restart: unless-stopped \ No newline at end of file +networks: + proxy: + name: proxy \ No newline at end of file From 97b4dc6a66eedaac283931494c49c1fa86646e93 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 22:39:34 +0100 Subject: [PATCH 39/42] Added traefik to proxt container iteslf --- Traefik/docker-compose.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index 9282fea..25ca043 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -19,6 +19,8 @@ services: volumes: - "./letsencrypt:/letsencrypt" - "/var/run/docker.sock:/var/run/docker.sock:ro" + networks: + - proxy labels: - "traefik.enable=true" - "traefik.log" From 7a553128b166ec1616e339edf13ef30277e67a31 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Mon, 7 Aug 2023 23:01:29 +0100 Subject: [PATCH 40/42] Updated all containers to bring inline with needed Traefik config --- Bitwarden/docker-compose.yml | 15 +++++++-------- Database/docker-compose.yml | 21 ++++++--------------- Development/Gitea/docker-compose.yml | 4 +++- NextCloud/docker-compose.yml | 14 ++++++-------- Websites/docker-compose.yml | 22 ++++++++-------------- 5 files changed, 30 insertions(+), 46 deletions(-) diff --git a/Bitwarden/docker-compose.yml b/Bitwarden/docker-compose.yml index 3ef0a22..94e9615 100644 --- a/Bitwarden/docker-compose.yml +++ b/Bitwarden/docker-compose.yml @@ -9,19 +9,18 @@ services: volumes: - ./bitwarden/:/data/ networks: - - bitwarden + - proxy + depends_on: + - traefik labels: ## Expose Bitwarden Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container + - "traefik.http.services.bitwarden.loadbalancer.server.port=80" - "traefik.http.routers.bitwarden.rule=Host(`bitwarden.luke-else.co.uk`) || Host(`www.bitwarden.luke-else.co.uk`)" - - "traefik.http.routers.bitwarden.entrypoints=http" - - "traefik.http.routers.bitwarden.middlewares=redirect@file" - - - "traefik.http.routers.bitwarden-secured.rule=Host(`bitwarden.luke-else.co.uk`) || Host(`www.bitwarden.luke-else.co.uk`)" - - "traefik.http.routers.bitwarden-secured.entrypoints=https" - - "traefik.http.routers.bitwarden-secured.tls.certresolver=mytlschallenge" + - "traefik.http.routers.bitwarden.entrypoints=websecure" + - "traefik.http.routers.bitwarden.tls.certresolver=myresolver" restart: unless-stopped networks: - bitwarden: + proxy: external: true \ No newline at end of file diff --git a/Database/docker-compose.yml b/Database/docker-compose.yml index 30a2243..3de768f 100644 --- a/Database/docker-compose.yml +++ b/Database/docker-compose.yml @@ -8,8 +8,6 @@ services: container_name: mongoDB volumes: - ./mongo/:/data/db - networks: - - backend ports: - "27017:27017" environment: @@ -23,12 +21,8 @@ services: container_name: MySQL volumes: - ./mysql/:/var/lib/mysql - networks: - - backend ports: - "3306:3306" - depends_on: - - traefik environment: MYSQL_ROOT_PASSWORD: rootpassword MYSQL_DATABASE: test_db @@ -38,7 +32,7 @@ services: image: "phpmyadmin/phpmyadmin:latest" container_name: phpMyAdmin networks: - - backend + - proxy depends_on: - mysql - traefik @@ -47,15 +41,12 @@ services: labels: ## Expose phpMyAdmin Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container - - "traefik.http.routers.phpMyAdmin.rule=Host(`mysql.luke-else.co.uk`) || Host(`www.mysql.luke-else.co.uk`)" - - "traefik.http.routers.phpMyAdmin.entrypoints=http" - - "traefik.http.routers.phpMyAdmin.middlewares=redirect@file" - - - "traefik.http.routers.phpMyAdmin-secured.rule=Host(`mysql.luke-else.co.uk`) || Host(`www.mysql.luke-else.co.uk`)" - - "traefik.http.routers.phpMyAdmin-secured.entrypoints=https" - - "traefik.http.routers.phpMyAdmin-secured.tls.certresolver=mytlschallenge" + - "traefik.http.services.phpmyadmin.loadbalancer.server.port=80" + - "traefik.http.routers.phpmyadmin.rule=Host(`mysql.luke-else.co.uk`) || Host(`www.mysql.luke-else.co.uk`)" + - "traefik.http.routers.phpmyadmin.entrypoints=websecure" + - "traefik.http.routers.phpmyadmin.tls.certresolver=myresolver" restart: unless-stopped networks: - backend: + proxy: external: true \ No newline at end of file diff --git a/Development/Gitea/docker-compose.yml b/Development/Gitea/docker-compose.yml index 5c9e319..915188e 100644 --- a/Development/Gitea/docker-compose.yml +++ b/Development/Gitea/docker-compose.yml @@ -11,6 +11,8 @@ services: - /etc/localtime:/etc/localtime:ro networks: - proxy + depends_on: + - traefik ports: - "222:22" environment: @@ -30,7 +32,7 @@ services: ## Expose Gitea Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container - "traefik.http.services.gitea.loadbalancer.server.port=3000" - - "traefik.http.routers.gitea.rule=Host(`test.luke-else.co.uk`)" + - "traefik.http.routers.gitea.rule=Host(`test.luke-else.co.uk`) || Host(`www.test.luke-else.co.uk`)" - "traefik.http.routers.gitea.entrypoints=websecure" - "traefik.http.routers.gitea.tls.certresolver=myresolver" restart: unless-stopped diff --git a/NextCloud/docker-compose.yml b/NextCloud/docker-compose.yml index 964d240..23c42ee 100644 --- a/NextCloud/docker-compose.yml +++ b/NextCloud/docker-compose.yml @@ -10,10 +10,11 @@ services: volumes: - ./nextcloud:/var/www/html networks: - - services + - proxy - nextcloud depends_on: - db + - traefik environment: - MYSQL_USER=nextcloud - MYSQL_PASSWORD= @@ -22,13 +23,10 @@ services: labels: ## Expose Nextcloud Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container + - "traefik.http.services.nextcloud.loadbalancer.server.port=80" - "traefik.http.routers.nextcloud.rule=Host(`nextcloud.luke-else.co.uk`) || Host(`www.nextcloud.luke-else.co.uk`)" - - "traefik.http.routers.nextcloud.entrypoints=http" - - "traefik.http.routers.nextcloud.middlewares=redirect@file" - - - "traefik.http.routers.nextcloud-secured.rule=Host(`nextcloud.luke-else.co.uk`) || Host(`www.nextcloud.luke-else.co.uk`)" - - "traefik.http.routers.nextcloud-secured.entrypoints=https" - - "traefik.http.routers.nextcloud-secured.tls.certresolver=mytlschallenge" + - "traefik.http.routers.nextcloud.entrypoints=websecure" + - "traefik.http.routers.nextcloud.tls.certresolver=myresolver" restart: unless-stopped db: @@ -47,7 +45,7 @@ services: restart: unless-stopped networks: - services: + proxy: external: true nextcloud: name: nextcloud diff --git a/Websites/docker-compose.yml b/Websites/docker-compose.yml index 8062b00..861d7b5 100644 --- a/Websites/docker-compose.yml +++ b/Websites/docker-compose.yml @@ -11,13 +11,10 @@ services: labels: ## Expose luke-else Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container - - "traefik.http.routers.luke-else.rule=Host(`luke-else.co.uk`) || Host(`www.luke-else.co.uk`)" - - "traefik.http.routers.luke-else.entrypoints=http" - - "traefik.http.routers.luke-else.middlewares=redirect@file" - - - "traefik.http.routers.luke-else-secured.rule=Host(`luke-else.co.uk`) || Host(`www.luke-else.co.uk`)" - - "traefik.http.routers.luke-else-secured.entrypoints=https" - - "traefik.http.routers.luke-else-secured.tls.certresolver=mytlschallenge" + - "traefik.http.services.personal.loadbalancer.server.port=80" + - "traefik.http.routers.personal.rule=Host(`luke-else.co.uk`) || Host(`www.luke-else.co.uk`)" + - "traefik.http.routers.personal.entrypoints=websecure" + - "traefik.http.routers.personal.tls.certresolver=myresolver" restart: unless-stopped snexo.co.uk: @@ -28,13 +25,10 @@ services: labels: ## Expose Snexo Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container - - "traefik.http.routers.snexo.rule=Host(`snexo.luke-else.co.uk`) || Host(`www.snexo.luke-else.co.uk`)" - - "traefik.http.routers.snexo.entrypoints=http" - - "traefik.http.routers.snexo.middlewares=redirect@file" - - - "traefik.http.routers.snexo-secured.rule=Host(`snexo.luke-else.co.uk`) || Host(`www.snexo.luke-else.co.uk`)" - - "traefik.http.routers.snexo-secured.entrypoints=https" - - "traefik.http.routers.snexo-secured.tls.certresolver=mytlschallenge" + - "traefik.http.services.snexo.loadbalancer.server.port=80" + - "traefik.http.routers.snexo.rule=Host(`snexo.co.uk`) || Host(`www.snexo.co.uk`)" + - "traefik.http.routers.snexo.entrypoints=websecure" + - "traefik.http.routers.snexo.tls.certresolver=myresolver" restart: unless-stopped networks: From 381a1126e27312c4b1ce44ee064c4edbd22195aa Mon Sep 17 00:00:00 2001 From: Luke Else Date: Tue, 8 Aug 2023 20:23:18 +0100 Subject: [PATCH 41/42] Prepared all containers for final rollout --- Development/Gitea/docker-compose.yml | 8 ++--- NextCloud/docker-compose.yml | 51 ---------------------------- Traefik/docker-compose.yml | 4 +-- Websites/docker-compose.yml | 14 ++++++-- spindown.sh | 4 --- spinup.sh | 4 --- todo.md | 31 +++++++++++++++++ 7 files changed, 47 insertions(+), 69 deletions(-) delete mode 100644 NextCloud/docker-compose.yml create mode 100644 todo.md diff --git a/Development/Gitea/docker-compose.yml b/Development/Gitea/docker-compose.yml index 915188e..b9fdea3 100644 --- a/Development/Gitea/docker-compose.yml +++ b/Development/Gitea/docker-compose.yml @@ -21,10 +21,10 @@ services: - USER_GID=1000 - USER=git - RUN_MODE=prod - - DOMAIN=test.luke-else.co.uk - - SSH_DOMAIN=test.luke-else.co.uk + - DOMAIN=git.luke-else.co.uk + - SSH_DOMAIN=git.luke-else.co.uk - HTTP_PORT=3000 - - ROOT_URL=https://test.luke-else.co.uk + - ROOT_URL=https://git.luke-else.co.uk - SSH_PORT=222 - SSH_LISTEN_PORT=22 - DB_TYPE=sqlite3 @@ -32,7 +32,7 @@ services: ## Expose Gitea Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container - "traefik.http.services.gitea.loadbalancer.server.port=3000" - - "traefik.http.routers.gitea.rule=Host(`test.luke-else.co.uk`) || Host(`www.test.luke-else.co.uk`)" + - "traefik.http.routers.gitea.rule=Host(`git.luke-else.co.uk`) || Host(`www.git.luke-else.co.uk`)" - "traefik.http.routers.gitea.entrypoints=websecure" - "traefik.http.routers.gitea.tls.certresolver=myresolver" restart: unless-stopped diff --git a/NextCloud/docker-compose.yml b/NextCloud/docker-compose.yml deleted file mode 100644 index 23c42ee..0000000 --- a/NextCloud/docker-compose.yml +++ /dev/null @@ -1,51 +0,0 @@ -version: '3.8' - -services: - - nextcloud: - image: nextcloud - container_name: nextcloud - links: - - db - volumes: - - ./nextcloud:/var/www/html - networks: - - proxy - - nextcloud - depends_on: - - db - - traefik - environment: - - MYSQL_USER=nextcloud - - MYSQL_PASSWORD= - - MYSQL_DATABASE=nextcloud - - MYSQL_HOST=db - labels: - ## Expose Nextcloud Through Trefik ## - - "traefik.enable=true" # <== Enable traefik to proxy this container - - "traefik.http.services.nextcloud.loadbalancer.server.port=80" - - "traefik.http.routers.nextcloud.rule=Host(`nextcloud.luke-else.co.uk`) || Host(`www.nextcloud.luke-else.co.uk`)" - - "traefik.http.routers.nextcloud.entrypoints=websecure" - - "traefik.http.routers.nextcloud.tls.certresolver=myresolver" - restart: unless-stopped - - db: - image: mariadb - container_name: nextclouddb - command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW - volumes: - - ./db:/var/lib/mysql - networks: - - nextcloud - environment: - - MYSQL_ROOT_PASSWORD= - - MYSQL_USER=nextcloud - - MYSQL_PASSWORD= - - MYSQL_DATABASE=nextcloud - restart: unless-stopped - -networks: - proxy: - external: true - nextcloud: - name: nextcloud diff --git a/Traefik/docker-compose.yml b/Traefik/docker-compose.yml index 25ca043..3c2f9df 100644 --- a/Traefik/docker-compose.yml +++ b/Traefik/docker-compose.yml @@ -5,7 +5,6 @@ services: container_name: "traefik" command: - "--api.dashboard=true" - - "--log.level=DEBUG" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" - "--entrypoints.web.address=:80" @@ -23,8 +22,7 @@ services: - proxy labels: - "traefik.enable=true" - - "traefik.log" - - "traefik.http.routers.traefik.rule=Host(`traefik.luke-else.co.uk`)" + - "traefik.http.routers.traefik.rule=Host(`traefik.luke-else.co.uk`) || Host('www.traefik.luke-else.co.uk')" - "traefik.http.routers.traefik.entrypoints=websecure" - "traefik.http.routers.traefik.service=api@internal" - "traefik.http.routers.traefik.tls.certresolver=myresolver" diff --git a/Websites/docker-compose.yml b/Websites/docker-compose.yml index 861d7b5..74ea8ce 100644 --- a/Websites/docker-compose.yml +++ b/Websites/docker-compose.yml @@ -4,10 +4,14 @@ services: #Websites luke-else.co.uk (8000) snexo.co.uk (8001) luke-else.co.uk: - image: "php:apache" + image: "nginx:latest" container_name: luke-else.co.uk volumes: - - ./luke-else.co.uk/:/var/www/html + - ./luke-else.co.uk/:/usr/share/nginx/html + networks: + - proxy + depends_on: + - traefik labels: ## Expose luke-else Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container @@ -22,6 +26,10 @@ services: container_name: snexo.co.uk volumes: - ./snexo.co.uk/:/var/www/html + networks: + - proxy + depends_on: + - traefik labels: ## Expose Snexo Through Trefik ## - "traefik.enable=true" # <== Enable traefik to proxy this container @@ -32,5 +40,5 @@ services: restart: unless-stopped networks: - frontend: + proxy: external: true \ No newline at end of file diff --git a/spindown.sh b/spindown.sh index 7e26f28..fe60bde 100644 --- a/spindown.sh +++ b/spindown.sh @@ -2,10 +2,6 @@ cd ./Websites/ docker-compose down -cd .. - -cd ./NextCloud/ -docker-compose down cd .. cd ./Development/Gitea/ diff --git a/spinup.sh b/spinup.sh index d1761ed..6943f04 100644 --- a/spinup.sh +++ b/spinup.sh @@ -6,10 +6,6 @@ cd .. cd ./Websites/ docker-compose up -d -cd .. - -cd ./NextCloud/ -docker-compose up -d cd .. cd ./Development/Gitea/ diff --git a/todo.md b/todo.md new file mode 100644 index 0000000..a8b9459 --- /dev/null +++ b/todo.md @@ -0,0 +1,31 @@ +# ToDo Items + +## General +- UFW should be setup to keep VPS secure and only allow for: + - https + - http + - ssh + - ftp + - 27017 + - 3306 + + +## Traefik +- Setup htaccess -> ``` echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g ``` +- Ensure email address is correct + +## Gitea +- Ensure that ports are assigned correctly for the system + +## Websites +- Ensure website files are copied over +- Ensure that ports are assigned correctly for the system + +## Bitwarden +- Ensure that all data is fully encrypted during transfer. +- Ensure that ports are assigned correctly for the system + +## Database +- Ensure that mysql root password, user and default database are updated. +- Ensure that mongo root password, and user are updated. +- Ensure database ports are correctly assigned and do not have to pass through traefik. From a8c8135f7754d87a554c884f1c0c2f4e62482503 Mon Sep 17 00:00:00 2001 From: Luke Else Date: Tue, 8 Aug 2023 20:31:25 +0100 Subject: [PATCH 42/42] Update Container documentation. --- todo.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/todo.md b/todo.md index a8b9459..d7eb9da 100644 --- a/todo.md +++ b/todo.md @@ -1,6 +1,7 @@ # ToDo Items ## General +- Setup non root user - UFW should be setup to keep VPS secure and only allow for: - https - http @@ -8,6 +9,9 @@ - ftp - 27017 - 3306 +- Install SSH keys +- Setup unattended upgrades +- Install docker, docker-compose and apache utils. ## Traefik