nextcloud WIP
This commit is contained in:
parent
7c1bfbca57
commit
a87b027fed
|
@ -14,8 +14,7 @@ version: "3"
|
||||||
# - https://git.kirsle.lh for Gitea
|
# - https://git.kirsle.lh for Gitea
|
||||||
#
|
#
|
||||||
# Exported ports:
|
# Exported ports:
|
||||||
# - 80 (nginx)
|
# - 444 (nginx SSL port 443)
|
||||||
# - 443 (nginx)
|
|
||||||
# - 22 (gitea-ssh)
|
# - 22 (gitea-ssh)
|
||||||
|
|
||||||
# Define named networks to isolate the apps from each other. Each app will
|
# Define named networks to isolate the apps from each other. Each app will
|
||||||
|
@ -23,12 +22,10 @@ version: "3"
|
||||||
networks:
|
networks:
|
||||||
default:
|
default:
|
||||||
driver: bridge
|
driver: bridge
|
||||||
redis:
|
|
||||||
driver: bridge
|
|
||||||
blog:
|
|
||||||
driver: bridge
|
|
||||||
gitea:
|
gitea:
|
||||||
driver: bridge
|
driver: bridge
|
||||||
|
nextcloud:
|
||||||
|
driver: bridge
|
||||||
|
|
||||||
# Named volumes to let the apps store their own data persistently on disk
|
# Named volumes to let the apps store their own data persistently on disk
|
||||||
# between reboots. They end up somewhere at /var/lib/docker/volumes on the
|
# between reboots. They end up somewhere at /var/lib/docker/volumes on the
|
||||||
|
@ -38,7 +35,9 @@ volumes:
|
||||||
driver: local
|
driver: local
|
||||||
gitea-data:
|
gitea-data:
|
||||||
driver: local
|
driver: local
|
||||||
redis-data:
|
nextcloud-db:
|
||||||
|
driver: local
|
||||||
|
nextcloud-data:
|
||||||
driver: local
|
driver: local
|
||||||
|
|
||||||
services:
|
services:
|
||||||
|
@ -48,46 +47,25 @@ services:
|
||||||
image: nginx
|
image: nginx
|
||||||
restart: always
|
restart: always
|
||||||
ports:
|
ports:
|
||||||
- "80:80"
|
- "444:443" # SSL port, my router won't forward 443 inbound =(
|
||||||
- "443:443"
|
|
||||||
volumes:
|
volumes:
|
||||||
- "./nginx/sites-enabled:/etc/nginx/sites-enabled:z"
|
- "./nginx/sites-enabled:/etc/nginx/sites-enabled:z"
|
||||||
- "./nginx/nginx.conf:/etc/nginx/nginx.conf:z"
|
- "./nginx/nginx.conf:/etc/nginx/nginx.conf:z"
|
||||||
- "./nginx/ssl_params:/etc/nginx/ssl_params:z"
|
- "./nginx/ssl_params:/etc/nginx/ssl_params:z"
|
||||||
|
- "./nginx/dhparam.pem:/etc/nginx/dhparam.pem:z"
|
||||||
- "./ssl/snakeoil.key:/etc/nginx/certs/privkey.pem:z"
|
- "./ssl/snakeoil.key:/etc/nginx/certs/privkey.pem:z"
|
||||||
- "./ssl/snakeoil.pem:/etc/nginx/certs/fullchain.pem:z"
|
- "./ssl/snakeoil.pem:/etc/nginx/certs/fullchain.pem:z"
|
||||||
|
- "./nginx/default-www:/var/www/html:z"
|
||||||
networks:
|
networks:
|
||||||
- default
|
- default
|
||||||
- blog
|
|
||||||
- gitea
|
- gitea
|
||||||
|
links:
|
||||||
# shared Redis cache for various apps
|
- gitea
|
||||||
redis:
|
- nextcloud
|
||||||
image: redis
|
|
||||||
restart: always
|
|
||||||
expose:
|
|
||||||
- 6379
|
|
||||||
volumes:
|
|
||||||
- "redis-data:/data"
|
|
||||||
networks:
|
|
||||||
- redis
|
|
||||||
|
|
||||||
# My custom Go web blog for kirsle.net
|
|
||||||
# https://github.com/kirsle/blog/blob/master/Dockerfile
|
|
||||||
blog:
|
|
||||||
build: /home/kirsle/go/src/github.com/kirsle/blog
|
|
||||||
restart: always
|
|
||||||
expose:
|
|
||||||
- 80
|
|
||||||
volumes:
|
|
||||||
- "./www:/data/www:z"
|
|
||||||
networks:
|
|
||||||
- blog
|
|
||||||
- redis
|
|
||||||
|
|
||||||
# Postgres DB for gitea.
|
# Postgres DB for gitea.
|
||||||
gitea-postgres:
|
gitea-postgres:
|
||||||
image: postgres:10.5
|
image: postgres:11.5
|
||||||
restart: always
|
restart: always
|
||||||
environment:
|
environment:
|
||||||
- "POSTGRES_USER=gitea"
|
- "POSTGRES_USER=gitea"
|
||||||
|
@ -101,6 +79,7 @@ services:
|
||||||
# Gitea git server.
|
# Gitea git server.
|
||||||
gitea:
|
gitea:
|
||||||
image: gitea/gitea:latest
|
image: gitea/gitea:latest
|
||||||
|
hostname: gitea
|
||||||
restart: always
|
restart: always
|
||||||
volumes:
|
volumes:
|
||||||
- "gitea-data:/data"
|
- "gitea-data:/data"
|
||||||
|
@ -114,4 +93,30 @@ services:
|
||||||
- DISABLE_REGISTRATION=true
|
- DISABLE_REGISTRATION=true
|
||||||
depends_on:
|
depends_on:
|
||||||
- gitea-postgres
|
- gitea-postgres
|
||||||
- nginx
|
|
||||||
|
# MariaDB for Nextcloud.
|
||||||
|
nextcloud-db:
|
||||||
|
image: mariadb
|
||||||
|
networks:
|
||||||
|
- nextcloud
|
||||||
|
volumes:
|
||||||
|
- "nextcloud-db:/var/lib/mysql"
|
||||||
|
- /etc/localtime:/etc/localtime:ro
|
||||||
|
environment:
|
||||||
|
- MYSQL_ROOT_PASSWORD=ncrootpw
|
||||||
|
- MYSQL_PASSWORD=mysql
|
||||||
|
- MYSQL_DATABASE=nextcloud
|
||||||
|
- MYSQL_USER=nextcloud
|
||||||
|
restart: unless-stopped
|
||||||
|
|
||||||
|
# Nextcloud
|
||||||
|
nextcloud:
|
||||||
|
image: nextcloud:fpm
|
||||||
|
hostname: nextcloud
|
||||||
|
networks:
|
||||||
|
- nextcloud
|
||||||
|
depends_on:
|
||||||
|
- nextcloud-db
|
||||||
|
volumes:
|
||||||
|
- "nextcloud-data:/var/www/html"
|
||||||
|
restart: unless-stopped
|
||||||
|
|
9
nginx/default-www/index.html
Normal file
9
nginx/default-www/index.html
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title>ckir.net</title>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<h1>ckir.net</h1>
|
||||||
|
</body>
|
||||||
|
</html>
|
8
nginx/dhparam.pem
Normal file
8
nginx/dhparam.pem
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
-----BEGIN DH PARAMETERS-----
|
||||||
|
MIIBCAKCAQEA90S5Kj7Lh0cHAY7OQVd498FhpumbKudj6O7wkR4AthSm/NMM3s37
|
||||||
|
tfq3zNj/aoEXTkqx5IaiHwHSOgW+H3kJF9t5HqoGa76dWRnFXKZMNdXdVNll0Ajw
|
||||||
|
k2KAU2KtKusxFPIQmquuF/FClWfw961HRulhksNqOYzguIex29FS5UOQOlvs+Pc0
|
||||||
|
kb6TJ8MxNdMZx4W/0JYDvojAbZx64wn2Jlb5CxYhpTKtG4OYkr1F6DBBRpaDw6fM
|
||||||
|
JFSgdw6EjO4/ZxrcSHrcrXyKBk1sSBbHTXjTAgFMr0yi9wChrCqKhRDTfWOe1XtP
|
||||||
|
BtZFdtctJsu2MlEWNRgeYUdt9qhqn/ydqwIBAg==
|
||||||
|
-----END DH PARAMETERS-----
|
|
@ -1,3 +1,5 @@
|
||||||
|
# vim:ft=nginx
|
||||||
|
|
||||||
user www-data;
|
user www-data;
|
||||||
worker_processes auto;
|
worker_processes auto;
|
||||||
pid /run/nginx.pid;
|
pid /run/nginx.pid;
|
||||||
|
@ -67,17 +69,17 @@ http {
|
||||||
#mail {
|
#mail {
|
||||||
# # See sample authentication script at:
|
# # See sample authentication script at:
|
||||||
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
|
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
|
||||||
#
|
#
|
||||||
# # auth_http localhost/auth.php;
|
# # auth_http localhost/auth.php;
|
||||||
# # pop3_capabilities "TOP" "USER";
|
# # pop3_capabilities "TOP" "USER";
|
||||||
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
|
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
|
||||||
#
|
#
|
||||||
# server {
|
# server {
|
||||||
# listen localhost:110;
|
# listen localhost:110;
|
||||||
# protocol pop3;
|
# protocol pop3;
|
||||||
# proxy on;
|
# proxy on;
|
||||||
# }
|
# }
|
||||||
#
|
#
|
||||||
# server {
|
# server {
|
||||||
# listen localhost:143;
|
# listen localhost:143;
|
||||||
# protocol imap;
|
# protocol imap;
|
||||||
|
|
|
@ -1,18 +0,0 @@
|
||||||
server {
|
|
||||||
server_name blog.kirsle.lh;
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
listen 443 ssl;
|
|
||||||
listen [::]:443 ssl;
|
|
||||||
|
|
||||||
access_log /var/log/nginx/blog.access;
|
|
||||||
error_log /var/log/nginx/blog.error;
|
|
||||||
|
|
||||||
ssl_certificate /etc/nginx/certs/fullchain.pem;
|
|
||||||
ssl_certificate_key /etc/nginx/certs/privkey.pem;
|
|
||||||
include ssl_params;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
proxy_pass http://blog/;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -14,9 +14,6 @@
|
||||||
# Default server configuration
|
# Default server configuration
|
||||||
#
|
#
|
||||||
server {
|
server {
|
||||||
listen 80 default_server;
|
|
||||||
listen [::]:80 default_server;
|
|
||||||
|
|
||||||
# SSL configuration
|
# SSL configuration
|
||||||
#
|
#
|
||||||
listen 443 ssl default_server;
|
listen 443 ssl default_server;
|
||||||
|
|
|
@ -1,9 +1,9 @@
|
||||||
|
# vim:ft=nginx
|
||||||
|
|
||||||
server {
|
server {
|
||||||
server_name git.kirsle.lh;
|
server_name git.ckir.net git.caskir.com;
|
||||||
listen 80;
|
listen 443 ssl http2;
|
||||||
listen [::]:80;
|
listen [::]:443 ssl http2;
|
||||||
listen 443 ssl;
|
|
||||||
listen [::]:443 ssl;
|
|
||||||
|
|
||||||
access_log /var/log/nginx/gitea.access;
|
access_log /var/log/nginx/gitea.access;
|
||||||
error_log /var/log/nginx/gitea.error;
|
error_log /var/log/nginx/gitea.error;
|
||||||
|
|
18
nginx/sites-enabled/nextcloud
Normal file
18
nginx/sites-enabled/nextcloud
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
# vim:ft=nginx
|
||||||
|
|
||||||
|
server {
|
||||||
|
server_name cloud.ckir.net cloud.caskir.com;
|
||||||
|
listen 443 ssl http2;
|
||||||
|
listen [::]:443 ssl http2;
|
||||||
|
|
||||||
|
access_log /var/log/nginx/gitea.access;
|
||||||
|
error_log /var/log/nginx/gitea.error;
|
||||||
|
|
||||||
|
ssl_certificate /etc/nginx/certs/fullchain.pem;
|
||||||
|
ssl_certificate_key /etc/nginx/certs/privkey.pem;
|
||||||
|
include ssl_params;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass http://nextcloud:9000;
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user