123 lines
2.9 KiB
YAML
123 lines
2.9 KiB
YAML
version: "3"
|
|
|
|
# This Docker cluster spins up the following containers:
|
|
#
|
|
# - My web blog for Kirsle.net (which is a custom Go program)
|
|
# - Redis as a cache for the blog to use.
|
|
# - Gitea, a self-hosted Git server.
|
|
# - PostgreSQL as the database for Gitea.
|
|
# - nginx, a reverse web proxy that makes all of these services available.
|
|
#
|
|
# The services are mounted at my test domains in nginx:
|
|
#
|
|
# - https://blog.kirsle.lh for the web blog
|
|
# - https://git.kirsle.lh for Gitea
|
|
#
|
|
# Exported ports:
|
|
# - 444 (nginx SSL port 443)
|
|
# - 22 (gitea-ssh)
|
|
|
|
# Define named networks to isolate the apps from each other. Each app will
|
|
# list the networks it needs to share with others.
|
|
networks:
|
|
default:
|
|
driver: bridge
|
|
gitea:
|
|
driver: bridge
|
|
nextcloud:
|
|
driver: bridge
|
|
|
|
# Named volumes to let the apps store their own data persistently on disk
|
|
# between reboots. They end up somewhere at /var/lib/docker/volumes on the
|
|
# host filesystem, useful for self-contained apps.
|
|
volumes:
|
|
gitea-db-data:
|
|
driver: local
|
|
gitea-data:
|
|
driver: local
|
|
nextcloud-db:
|
|
driver: local
|
|
nextcloud-data:
|
|
driver: local
|
|
|
|
services:
|
|
|
|
# nginx reverse proxy in front of all the apps
|
|
nginx:
|
|
image: nginx
|
|
restart: always
|
|
ports:
|
|
- "444:443" # SSL port, my router won't forward 443 inbound =(
|
|
volumes:
|
|
- "./nginx/sites-enabled:/etc/nginx/sites-enabled:z"
|
|
- "./nginx/nginx.conf:/etc/nginx/nginx.conf:z"
|
|
- "./nginx/ssl_params:/etc/nginx/ssl_params:z"
|
|
- "./nginx/dhparam.pem:/etc/nginx/dhparam.pem:z"
|
|
- "./ssl/snakeoil.key:/etc/nginx/certs/privkey.pem:z"
|
|
- "./ssl/snakeoil.pem:/etc/nginx/certs/fullchain.pem:z"
|
|
- "./nginx/default-www:/var/www/html:z"
|
|
networks:
|
|
- default
|
|
- gitea
|
|
links:
|
|
- gitea
|
|
- nextcloud
|
|
|
|
# Postgres DB for gitea.
|
|
gitea-postgres:
|
|
image: postgres:11.5
|
|
restart: always
|
|
environment:
|
|
- "POSTGRES_USER=gitea"
|
|
- "POSTGRES_PASSWORD=gitea"
|
|
- "POSTGRES_DB=gitea"
|
|
volumes:
|
|
- "gitea-db-data:/var/lib/postgresql/data"
|
|
networks:
|
|
- gitea
|
|
|
|
# Gitea git server.
|
|
gitea:
|
|
image: gitea/gitea:latest
|
|
hostname: gitea
|
|
restart: always
|
|
volumes:
|
|
- "gitea-data:/data"
|
|
expose:
|
|
- 3000
|
|
ports:
|
|
- "22:22"
|
|
networks:
|
|
- gitea
|
|
environment:
|
|
- DISABLE_REGISTRATION=true
|
|
depends_on:
|
|
- gitea-postgres
|
|
|
|
# MariaDB for Nextcloud.
|
|
nextcloud-db:
|
|
image: mariadb
|
|
networks:
|
|
- nextcloud
|
|
volumes:
|
|
- "nextcloud-db:/var/lib/mysql"
|
|
- /etc/localtime:/etc/localtime:ro
|
|
environment:
|
|
- MYSQL_ROOT_PASSWORD=ncrootpw
|
|
- MYSQL_PASSWORD=mysql
|
|
- MYSQL_DATABASE=nextcloud
|
|
- MYSQL_USER=nextcloud
|
|
restart: unless-stopped
|
|
|
|
# Nextcloud
|
|
nextcloud:
|
|
image: nextcloud:fpm
|
|
hostname: nextcloud
|
|
networks:
|
|
- nextcloud
|
|
depends_on:
|
|
- nextcloud-db
|
|
volumes:
|
|
- "nextcloud-data:/var/www/html"
|
|
restart: unless-stopped
|