reorganized the file and folder structure
This commit is contained in:
@@ -0,0 +1,22 @@
|
||||
version: "3.7"
|
||||
|
||||
services:
|
||||
cadvisor:
|
||||
user: "0:0"
|
||||
image: zcube/cadvisor:latest
|
||||
hostname: '{{.Node.ID}}'
|
||||
command: -logtostderr -docker_only -storage_driver=influxdb -storage_driver_db=cadvisor -storage_driver_host=influx:8086
|
||||
volumes:
|
||||
- /:/rootfs:ro
|
||||
- /var/run:/var/run:rw
|
||||
- /sys:/sys:ro
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
- /var/lib/docker/:/var/lib/docker:ro
|
||||
- /dev/disk/:/dev/disk:ro
|
||||
ports:
|
||||
- 8081:8080
|
||||
deploy:
|
||||
mode: global
|
||||
restart_policy:
|
||||
condition: on-failure
|
||||
|
||||
@@ -0,0 +1,29 @@
|
||||
version: "3"
|
||||
|
||||
|
||||
volumes:
|
||||
gitea_data:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/dockerstorage/gitea
|
||||
|
||||
gitea_repository:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=maurice,nfsvers=4
|
||||
device: :/git
|
||||
|
||||
services:
|
||||
server:
|
||||
image: gitea/gitea:1.18.1
|
||||
|
||||
volumes:
|
||||
- gitea_data:/data
|
||||
- gitea_repository:/data/git/repo
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
ports:
|
||||
- "3000:3000"
|
||||
- "222:22"
|
||||
|
||||
@@ -0,0 +1,114 @@
|
||||
version: '3'
|
||||
|
||||
volumes:
|
||||
alertmanager_config:
|
||||
driver: local
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,rw,nfsvers=4
|
||||
device: :/swarm/stacks/grafana/alertmanager_config
|
||||
prometheus_config:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/swarm/stacks/grafana/prometheus_config
|
||||
grafana_config:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/swarm/stacks/grafana/grafana_config
|
||||
|
||||
prometheus_data:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/swarm/stacks/grafana/prometheus_data
|
||||
|
||||
grafana_data:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/swarm/stacks/grafana/grafana_data
|
||||
|
||||
loki_data:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/swarm/stacks/grafana/loki_data
|
||||
|
||||
influxdb_data:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/swarm/stacks/grafana/influxdb_data
|
||||
|
||||
|
||||
services:
|
||||
# redis:
|
||||
#
|
||||
|
||||
loki:
|
||||
image: grafana/loki:2.6.1
|
||||
user: "0:0"
|
||||
volumes:
|
||||
- loki_data:/loki
|
||||
ports:
|
||||
- "3100:3100"
|
||||
command: -config.file=/etc/loki/local-config.yaml
|
||||
|
||||
promtail:
|
||||
image: grafana/promtail:2.6.1
|
||||
user: "0:0"
|
||||
volumes:
|
||||
- /var/log:/var/log
|
||||
command: -config.file=/etc/promtail/config.yml
|
||||
|
||||
influx:
|
||||
user: "0:0"
|
||||
image: influxdb
|
||||
volumes:
|
||||
- influxdb_data:/var/lib/influxdb
|
||||
|
||||
alertmanager:
|
||||
user: "0:0"
|
||||
hostname: alertmanager
|
||||
image: prom/alertmanager
|
||||
environment:
|
||||
- TZ=Europe/Berlin #change Time Zone if needed
|
||||
|
||||
volumes:
|
||||
- alertmanager_config:/etc/alertmanager
|
||||
command:
|
||||
- '--config.file=/etc/alertmanager/alertmanager.conf'
|
||||
ports:
|
||||
- 9093:9093
|
||||
|
||||
prometheus:
|
||||
user: "0:0"
|
||||
hostname: prometheus
|
||||
image: prom/prometheus
|
||||
environment:
|
||||
- TZ=Europe/Berlin #change Time Zone if needed
|
||||
volumes:
|
||||
- prometheus_config:/etc/prometheus
|
||||
- prometheus_data:/prometheus
|
||||
command:
|
||||
- '--config.file=/etc/prometheus/prometheus.yml'
|
||||
links:
|
||||
- alertmanager:alertmanager
|
||||
ports:
|
||||
- 9090:9090
|
||||
|
||||
grafana:
|
||||
user: "0:0"
|
||||
hostname: grafana
|
||||
image: grafana/grafana
|
||||
depends_on:
|
||||
- influx
|
||||
environment:
|
||||
- TZ=Europe/Amsterdam
|
||||
volumes:
|
||||
- grafana_config:/etc/grafana
|
||||
- grafana_data:/var/lib/grafana
|
||||
ports:
|
||||
- 3300:3000
|
||||
@@ -0,0 +1,34 @@
|
||||
# docker-compose.yaml
|
||||
version: '3.8'
|
||||
|
||||
volumes:
|
||||
jenkins_home:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/swarm/stacks/jenkins/home
|
||||
jenkins_certs:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/swarm/stacks/jenkins/certs
|
||||
|
||||
services:
|
||||
jenkins:
|
||||
image: docker:5000/jenkins-docker
|
||||
ports:
|
||||
- 8080:8080
|
||||
- 50000:50000
|
||||
environment:
|
||||
- DOCKER_CERT_PATH=/certs/client
|
||||
- DOCKER_TLS_VERIFY=1
|
||||
deploy:
|
||||
placement:
|
||||
constraints:
|
||||
- "node.labels.highperformance==YES"
|
||||
volumes:
|
||||
- jenkins_home:/var/jenkins_home
|
||||
- jenkins_certs:/certs/client
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
|
||||
|
||||
@@ -0,0 +1,80 @@
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
nchome:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/swarm/stacks/nextcloud/nchome
|
||||
ncconfig:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/swarm/stacks/nextcloud/ncconfig
|
||||
ncdata:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/nextcloud_data
|
||||
|
||||
ncredis:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/swarm/stacks/nextcloud/redis
|
||||
|
||||
ncdatabase:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/swarm/stacks/nextcloud/ncdatabase
|
||||
|
||||
pictures:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=maurice,nfsvers=4
|
||||
device: :/pictures
|
||||
|
||||
|
||||
services:
|
||||
nextcloud:
|
||||
image: nextcloud
|
||||
container_name: nextcloud
|
||||
environment:
|
||||
- PUID=1000 #change PUID if needed
|
||||
- PGID=100 #change PGID if needed
|
||||
- TZ=Europe/Berlin #change Time Zone if needed
|
||||
- REDIS_HOST=redis
|
||||
volumes:
|
||||
# - ncconfig:/var/www/html/config #/srv/dev-disk-by-label-disk1 needs to be adjusted
|
||||
- ncdata:/var/www/html/data #/srv/dev-disk-by-label-disk1 needs to be adjusted
|
||||
- nchome:/var/www/html #/srv/dev-disk-by-label-disk1 needs to be adjusted
|
||||
# NAS shares
|
||||
- pictures:/pictures
|
||||
#- /srv/dev-disk-by-uuid-f3ca381b-e85a-4348-8086-833317c5d96e/video:/video
|
||||
depends_on:
|
||||
- mariadb
|
||||
ports: # uncomment this and the next line if you want to bypass the proxy
|
||||
- 5443:443
|
||||
- 5080:80
|
||||
restart: unless-stopped
|
||||
|
||||
redis:
|
||||
image: redis:latest
|
||||
restart: always
|
||||
volumes:
|
||||
- ncredis:/var/lib/redis
|
||||
|
||||
mariadb:
|
||||
image: ghcr.io/linuxserver/mariadb
|
||||
container_name: nextclouddb
|
||||
environment:
|
||||
- PUID=1000 #change PUID if needed
|
||||
- PGID=1000 #change PGID if needed
|
||||
- MARIADB_ROOT_PASSWORD="dbpassword"
|
||||
- MYSQL_ROOT_PASSWORD=mariadbpassword #change password
|
||||
- TZ=Europe/Berlin #Change Time Zone if needed
|
||||
volumes:
|
||||
- ncdatabase:/config #/srv/dev-disk-by-label-disk1 needs to be adjusted
|
||||
restart: unless-stopped
|
||||
|
||||
@@ -0,0 +1,19 @@
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
node-exporter:
|
||||
image: prom/node-exporter:latest
|
||||
deploy:
|
||||
mode: global
|
||||
volumes:
|
||||
- /proc:/host/proc:ro
|
||||
- /sys:/host/sys:ro
|
||||
- /:/rootfs:ro
|
||||
command:
|
||||
- '--path.procfs=/host/proc'
|
||||
- '--path.rootfs=/rootfs'
|
||||
- '--path.sysfs=/host/sys'
|
||||
- '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)'
|
||||
ports:
|
||||
- "9100:9100"
|
||||
|
||||
@@ -0,0 +1,40 @@
|
||||
version: "3"
|
||||
|
||||
volumes:
|
||||
data:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/dockerstorage/proxymanager/data
|
||||
|
||||
letsencrypt:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/dockerstorage/proxymanager/letsencrypt
|
||||
|
||||
|
||||
services:
|
||||
app:
|
||||
image: 'jc21/nginx-proxy-manager:latest'
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
# These ports are in format <host-port>:<container-port>
|
||||
- '80:80' # Public HTTP Port
|
||||
- '443:443' # Public HTTPS Port
|
||||
- '81:81' # Admin Web Port
|
||||
# Add any other Stream port you want to expose
|
||||
# - '21:21' # FTP
|
||||
|
||||
# Uncomment the next line if you uncomment anything in the section
|
||||
# environment:
|
||||
# Uncomment this if you want to change the location of
|
||||
# the SQLite DB file within the container
|
||||
# DB_SQLITE_FILE: "/data/database.sqlite"
|
||||
|
||||
# Uncomment this if IPv6 is not enabled on your host
|
||||
# DISABLE_IPV6: 'true'
|
||||
|
||||
volumes:
|
||||
- data:/data
|
||||
- letsencrypt:/etc/letsencrypt
|
||||
@@ -0,0 +1,42 @@
|
||||
version: '3'
|
||||
|
||||
volumes:
|
||||
registrystorage:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/dockerstorage/registry
|
||||
registryauth:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/dockerstorage/registry/auth
|
||||
|
||||
|
||||
|
||||
services:
|
||||
registry:
|
||||
image: registry:2
|
||||
volumes:
|
||||
- registryauth:/auth
|
||||
- registrystorage:/var/lib/registry
|
||||
environment:
|
||||
- REGISTRY_AUTH=htpasswd
|
||||
- REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm
|
||||
- REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd
|
||||
- VIRTUAL_HOST=registry.vbchaos.nl
|
||||
- VIRTUAL_PORT=5000
|
||||
- VIRTUAL_PROTO=http
|
||||
ports:
|
||||
- '5000:5000'
|
||||
|
||||
registrybrowser:
|
||||
image: klausmeyer/docker-registry-browser
|
||||
ports:
|
||||
- 8082:8080
|
||||
environment:
|
||||
- 'DOCKER_REGISTRY_URL=http://maurice:5000'
|
||||
# - 'DOCKER_REGISTRY_URL=https://registry.vbchaos.nl'
|
||||
- 'PUBLIC_REGISTRY_URL=registry.vbchaos.nl'
|
||||
- 'NO_SSL_VERIFICATION=true'
|
||||
- 'ENABLE_DELETE_IMAGES=true'
|
||||
@@ -0,0 +1,36 @@
|
||||
version: '3'
|
||||
|
||||
volumes:
|
||||
nginx_conf:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/swarm/stacks/reverseproxy/nginx
|
||||
certbot_conf:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/swarm/stacks/reverseproxy/certbot_conf
|
||||
certificates:
|
||||
external: true
|
||||
|
||||
|
||||
|
||||
services:
|
||||
nginx:
|
||||
image: nginx:1.15-alpine
|
||||
command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
|
||||
ports:
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
volumes:
|
||||
- nginx_conf:/etc/nginx/conf.d
|
||||
- certbot_conf:/etc/letsencrypt
|
||||
- ./data/certbot/www:/var/www/certbot
|
||||
certbot:
|
||||
image: certbot/certbot:arm64v8-v1.32.2
|
||||
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
|
||||
volumes:
|
||||
- certbot_conf:/etc/letsencrypt
|
||||
# - certificates:/etc/letsencrypt/live
|
||||
- ./data/certbot/www:/var/www/certbot
|
||||
Executable
+83
@@ -0,0 +1,83 @@
|
||||
#!/bin/bash
|
||||
|
||||
if ! [ -x "$(command -v docker-compose)" ]; then
|
||||
echo 'Error: docker-compose is not installed.' >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
domains=(vbchaos.ddns.net)
|
||||
rsa_key_size=4096
|
||||
data_path="./certbot_data"
|
||||
email="matthias.mitscherlich@gmail.com" # Adding a valid address is strongly recommended
|
||||
staging=0 # Set to 1 if you're testing your setup to avoid hitting request limits
|
||||
|
||||
if [ -d "$data_path" ]; then
|
||||
read -p "Existing data found for $domains. Continue and replace existing certificate? (y/N) " decision
|
||||
if [ "$decision" != "Y" ] && [ "$decision" != "y" ]; then
|
||||
exit
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
if [ ! -e "$data_path/conf/options-ssl-nginx.conf" ] || [ ! -e "$data_path/conf/ssl-dhparams.pem" ]; then
|
||||
echo "### Downloading recommended TLS parameters ..."
|
||||
mkdir -p "$data_path/conf"
|
||||
curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf > "$data_path/conf/options-ssl-nginx.conf"
|
||||
curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot/certbot/ssl-dhparams.pem > "$data_path/conf/ssl-dhparams.pem"
|
||||
echo
|
||||
fi
|
||||
|
||||
echo "### Creating dummy certificate for $domains ..."
|
||||
path="/etc/letsencrypt/live/$domains"
|
||||
mkdir -p "$data_path/conf/live/$domains"
|
||||
docker-compose run --rm --entrypoint "\
|
||||
openssl req -x509 -nodes -newkey rsa:$rsa_key_size -days 1\
|
||||
-keyout '$path/privkey.pem' \
|
||||
-out '$path/fullchain.pem' \
|
||||
-subj '/CN=localhost'" certbot
|
||||
echo
|
||||
|
||||
|
||||
echo "### Starting nginx ..."
|
||||
docker-compose up --force-recreate -d nginx
|
||||
echo
|
||||
|
||||
|
||||
|
||||
echo "### Deleting dummy certificate for $domains ..."
|
||||
docker-compose run --rm --entrypoint "\
|
||||
rm -Rf /etc/letsencrypt/live/$domains && \
|
||||
rm -Rf /etc/letsencrypt/archive/$domains && \
|
||||
rm -Rf /etc/letsencrypt/renewal/$domains.conf" certbot
|
||||
echo
|
||||
|
||||
# exit 1
|
||||
|
||||
echo "### Requesting Let's Encrypt certificate for $domains ..."
|
||||
#Join $domains to -d args
|
||||
domain_args=""
|
||||
for domain in "${domains[@]}"; do
|
||||
domain_args="$domain_args -d $domain"
|
||||
done
|
||||
|
||||
# Select appropriate email arg
|
||||
case "$email" in
|
||||
"") email_arg="--register-unsafely-without-email" ;;
|
||||
*) email_arg="--email $email" ;;
|
||||
esac
|
||||
|
||||
# Enable staging mode if needed
|
||||
if [ $staging != "0" ]; then staging_arg="--staging"; fi
|
||||
|
||||
docker-compose run --rm --entrypoint "\
|
||||
certbot certonly --webroot -w /var/www/certbot \
|
||||
$staging_arg \
|
||||
$email_arg \
|
||||
$domain_args \
|
||||
--rsa-key-size $rsa_key_size \
|
||||
--agree-tos \
|
||||
--force-renewal" certbot
|
||||
echo
|
||||
|
||||
echo "### Reloading nginx ..."
|
||||
docker-compose exec nginx nginx -s reload
|
||||
@@ -0,0 +1,17 @@
|
||||
version: '3'
|
||||
|
||||
|
||||
services:
|
||||
|
||||
tado-exporter:
|
||||
user: "1000:1000"
|
||||
image: registry.vbchaos.nl/tado-exporter:arm64
|
||||
hostname: tado-exporter
|
||||
|
||||
environment:
|
||||
EXPORTER_USERNAME: matthias.mitscherlich@gmail.com
|
||||
EXPORTER_PASSWORD: 14Mai1984
|
||||
|
||||
ports:
|
||||
- "9898:9898"
|
||||
|
||||
Reference in New Issue
Block a user