version: "3" # This Docker cluster spins up the following containers: # # - My web blog for Kirsle.net (which is a custom Go program) # - Redis as a cache for the blog to use. # - Gitea, a self-hosted Git server. # - PostgreSQL as the database for Gitea. # - nginx, a reverse web proxy that makes all of these services available. # # The services are mounted at my test domains in nginx: # # - https://blog.kirsle.lh for the web blog # - https://git.kirsle.lh for Gitea # # Exported ports: # - 444 (nginx SSL port 443) # - 22 (gitea-ssh) # Define named networks to isolate the apps from each other. Each app will # list the networks it needs to share with others. networks: default: driver: bridge gitea: driver: bridge nextcloud: driver: bridge # Named volumes to let the apps store their own data persistently on disk # between reboots. They end up somewhere at /var/lib/docker/volumes on the # host filesystem, useful for self-contained apps. volumes: gitea-db-data: driver: local gitea-data: driver: local nextcloud-db: driver: local nextcloud-data: driver: local services: # nginx reverse proxy in front of all the apps nginx: image: nginx restart: always ports: - "444:443" # SSL port, my router won't forward 443 inbound =( volumes: - "./nginx/sites-enabled:/etc/nginx/sites-enabled:z" - "./nginx/nginx.conf:/etc/nginx/nginx.conf:z" - "./nginx/ssl_params:/etc/nginx/ssl_params:z" - "./nginx/dhparam.pem:/etc/nginx/dhparam.pem:z" - "./ssl/snakeoil.key:/etc/nginx/certs/privkey.pem:z" - "./ssl/snakeoil.pem:/etc/nginx/certs/fullchain.pem:z" - "./nginx/default-www:/var/www/html:z" networks: - default - gitea links: - gitea - nextcloud # Postgres DB for gitea. gitea-postgres: image: postgres:11.5 restart: always environment: - "POSTGRES_USER=gitea" - "POSTGRES_PASSWORD=gitea" - "POSTGRES_DB=gitea" volumes: - "gitea-db-data:/var/lib/postgresql/data" networks: - gitea # Gitea git server. gitea: image: gitea/gitea:latest hostname: gitea restart: always volumes: - "gitea-data:/data" expose: - 3000 ports: - "22:22" networks: - gitea environment: - DISABLE_REGISTRATION=true depends_on: - gitea-postgres # MariaDB for Nextcloud. nextcloud-db: image: mariadb networks: - nextcloud volumes: - "nextcloud-db:/var/lib/mysql" - /etc/localtime:/etc/localtime:ro environment: - MYSQL_ROOT_PASSWORD=ncrootpw - MYSQL_PASSWORD=mysql - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud restart: unless-stopped # Nextcloud nextcloud: image: nextcloud:fpm hostname: nextcloud networks: - nextcloud depends_on: - nextcloud-db volumes: - "nextcloud-data:/var/www/html" restart: unless-stopped