diff --git a/config/docker-compose.yml b/config/docker-compose.yml deleted file mode 100755 index 60b39c9..0000000 --- a/config/docker-compose.yml +++ /dev/null @@ -1,192 +0,0 @@ -volumes: - wireguard-volume: - name: wireguard-volume - grafana-volume: - name: grafana-volume - certs-volume: - name: certs-volume - acme-volume: # save certifcates - name: acme-volume - -services: - backup: - # -------------------------------- - # Auto backup through S3 - # -------------------------------- - image: offen/docker-volume-backup - container_name: backup-container - restart: unless-stopped - environment: - AWS_S3_BUCKET_NAME: ${AWS} - AWS_ENDPOINT: ${ENDPOINT} - AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID} - AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY} - BACKUP_CRON_EXPRESSION: "0 0 * * *" - BACKUP_RETENTION_DAYS: 3 - volumes: - - wireguard-volume:/backup/wireguard:ro - - grafana-volume:/backup/grafana:ro - - certs-volume:/backup/certs:ro - - acme-volume:/backup/acme:ro - - # -------------------------------- - # Auto update containers - # -------------------------------- - watchtower: - image: containrrr/watchtower - container_name: watchtower - restart: unless-stopped - volumes: - - /var/run/docker.sock:/var/run/docker.sock - - # -------------------------------- - # ACME Companion for SSL certs - # -------------------------------- - acme-companion: - image: nginxproxy/acme-companion - container_name: acme-companion - restart: unless-stopped - environment: - - DEFAULT_EMAIL=${EMAIL} - - NGINX_PROXY_CONTAINER=nginx-proxy - volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro - - certs-volume:/etc/nginx/certs - - /etc/nginx/vhost.d - - ./default_html:/usr/share/nginx/html - - acme-volume:/etc/acme.sh - labels: - - "docker-volume-backup.stop-during-backup=true" - networks: - - proxy-network - depends_on: - - nginx-proxy - - # -------------------------------- - # Reverse Proxy - # -------------------------------- - nginx-proxy: - image: nginxproxy/nginx-proxy:alpine - container_name: nginx-proxy - restart: unless-stopped - ports: - - "80:80" - - "443:443" - volumes: - - /var/run/docker.sock:/tmp/docker.sock:ro - - certs-volume:/etc/nginx/certs - - ./vhost.d:/etc/nginx/vhost.d - - ./default_html:/usr/share/nginx/html - labels: - - "docker-volume-backup.stop-during-backup=true" - networks: - - proxy-network - - # -------------------------------- - # Website - # -------------------------------- - web: - build: ./guezoloic/website # using guezoloic website repo - container_name: guezoloic-web - restart: unless-stopped - environment: - - VIRTUAL_HOST=${HOSTNAME}, www.${HOSTNAME} - - LETSENCRYPT_HOST=${HOSTNAME}, www.${HOSTNAME} - - LETSENCRYPT_EMAIL=${EMAIL} - volumes: - - ./data:/usr/share/nginx/html/data - networks: - - proxy-network - depends_on: - - nginx-proxy - - # -------------------------------- - # VPN Wireguard - # -------------------------------- - wg-easy: - image: ghcr.io/wg-easy/wg-easy:15 - container_name: wg-easy - restart: unless-stopped - cap_add: - - NET_ADMIN - - SYS_MODULE - sysctls: - - net.ipv4.ip_forward=1 - - net.ipv4.conf.all.src_valid_mark=1 - - net.ipv6.conf.all.disable_ipv6=0 - - net.ipv6.conf.all.forwarding=1 - - net.ipv6.conf.default.forwarding=1 - environment: - - TZ=Europe/Paris - - VIRTUAL_HOST=vpn.${HOSTNAME} - - LETSENCRYPT_HOST=vpn.${HOSTNAME} - - LETSENCRYPT_EMAIL=${EMAIL} - - VIRTUAL_PORT=51821 - networks: - - proxy-network - - vpn-network - - volumes: - - wireguard-volume:/etc/wireguard - - /lib/modules:/lib/modules:ro - ports: - - "51820:51820/udp" - labels: - - "docker-volume-backup.stop-during-backup=true" - depends_on: - - nginx-proxy - - # -------------------------------- - # Monitoring Prometheus - # -------------------------------- - prometheus: - image: prom/prometheus:latest - container_name: prometheus - restart: unless-stopped - volumes: - - /etc/serverconfig/prometheus.yml:/etc/prometheus/prometheus.yml - networks: - - monitor-network - - grafana: - image: grafana/grafana - container_name: grafana - restart: unless-stopped - environment: - - VIRTUAL_HOST=monitor.${HOSTNAME} - - LETSENCRYPT_HOST=monitor.${HOSTNAME} - - VIRTUAL_PORT=3000 - - LETSENCRYPT_EMAIL=${EMAIL} - volumes: - - grafana-volume:/var/lib/grafana - networks: - - proxy-network - - monitor-network - -# synapse: -# image: matrixdotorg/synapse:latest -# container_name: synapse -# restart: unless-stopped -# networks: -# - network-container -# volumes: -# - ./data:/data -# environment: -# - SYNAPSE_CONFIG_PATH=/data/homeserver.yaml -# - VIRTUAL_HOST=${HOSTNAME_SYNAPSE} -# - LETSENCRYPT_HOST=${HOSTNAME_SYNAPSE} -# - LETSENCRYPT_EMAIL=${EMAIL} -# - VIRTUAL_PORT=8008 -# expose: -# - "8008" - -networks: - proxy-network: - name: proxy-network - external: false - monitor-network: - name: monitor-network - external: false - vpn-network: - name: vpn-network - external: false diff --git a/docker-compose.yml b/config/vhost.d/docker-compose.yml similarity index 97% rename from docker-compose.yml rename to config/vhost.d/docker-compose.yml index 60b801b..7800fb5 100644 --- a/docker-compose.yml +++ b/config/vhost.d/docker-compose.yml @@ -284,10 +284,14 @@ services: - LETSENCRYPT_HOST=git.${HOSTNAME} - LETSENCRYPT_EMAIL=${EMAIL} - VIRTUAL_PORT=3000 + - DISABLE_REGISTRATION=true - GITEA__server__DOMAIN=git.${HOSTNAME} - GITEA__server__SSH_DOMAIN=git.${HOSTNAME} - GITEA__server__SSH_PORT=222 - GITEA__server__ROOT_URL=https://git.${HOSTNAME}/ + - GITEA__service__ALLOW_ONLY_EXTERNAL_REGISTRATION=false + - GITEA__service__DISABLE_REGISTRATION=true + - GITEA__service__SHOW_REGISTRATION_BUTTON=false restart: unless-stopped networks: - web-network diff --git a/config/vhost.d/www.HOSTNAME.com b/config/vhost.d/www.HOSTNAME.com deleted file mode 100644 index 9e9c3d2..0000000 --- a/config/vhost.d/www.HOSTNAME.com +++ /dev/null @@ -1 +0,0 @@ -return 301 https://HOSTNAME.com$request_uri;