feat(docker-compose): replace old docker-compose

config/docker-compose.yml

@@ -1,192 +0,0 @@
-volumes:
-  wireguard-volume:
-    name: wireguard-volume
-  grafana-volume:
-    name: grafana-volume
-  certs-volume:
-    name: certs-volume
-  acme-volume: # save certifcates
-    name: acme-volume
-
-services:
-  backup:
-    # --------------------------------
-    #     Auto backup through S3
-    # --------------------------------
-    image: offen/docker-volume-backup
-    container_name: backup-container
-    restart: unless-stopped
-    environment:
-      AWS_S3_BUCKET_NAME: ${AWS}
-      AWS_ENDPOINT: ${ENDPOINT}
-      AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID}
-      AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY}
-      BACKUP_CRON_EXPRESSION: "0 0 * * *"
-      BACKUP_RETENTION_DAYS: 3
-    volumes:
-      - wireguard-volume:/backup/wireguard:ro
-      - grafana-volume:/backup/grafana:ro
-      - certs-volume:/backup/certs:ro
-      - acme-volume:/backup/acme:ro
-
-  # --------------------------------
-  #     Auto update containers
-  # --------------------------------
-  watchtower:
-    image: containrrr/watchtower
-    container_name: watchtower
-    restart: unless-stopped
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-
-  # --------------------------------
-  #   ACME Companion for SSL certs
-  # --------------------------------
-  acme-companion:
-    image: nginxproxy/acme-companion
-    container_name: acme-companion
-    restart: unless-stopped
-    environment:
-      - DEFAULT_EMAIL=${EMAIL}
-      - NGINX_PROXY_CONTAINER=nginx-proxy
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-      - certs-volume:/etc/nginx/certs
-      - /etc/nginx/vhost.d
-      - ./default_html:/usr/share/nginx/html
-      - acme-volume:/etc/acme.sh
-    labels:
-      - "docker-volume-backup.stop-during-backup=true"
-    networks:
-      - proxy-network
-    depends_on:
-      - nginx-proxy
-
-  # --------------------------------
-  #          Reverse Proxy
-  # --------------------------------
-  nginx-proxy:
-    image: nginxproxy/nginx-proxy:alpine
-    container_name: nginx-proxy
-    restart: unless-stopped
-    ports:
-      - "80:80"
-      - "443:443"
-    volumes:
-      - /var/run/docker.sock:/tmp/docker.sock:ro
-      - certs-volume:/etc/nginx/certs
-      - ./vhost.d:/etc/nginx/vhost.d
-      - ./default_html:/usr/share/nginx/html
-    labels:
-      - "docker-volume-backup.stop-during-backup=true"
-    networks:
-      - proxy-network
-
-  # --------------------------------
-  #            Website
-  # --------------------------------
-  web:
-    build: ./guezoloic/website # using guezoloic website repo
-    container_name: guezoloic-web
-    restart: unless-stopped
-    environment:
-      - VIRTUAL_HOST=${HOSTNAME}, www.${HOSTNAME}
-      - LETSENCRYPT_HOST=${HOSTNAME}, www.${HOSTNAME}
-      - LETSENCRYPT_EMAIL=${EMAIL}
-    volumes:
-      - ./data:/usr/share/nginx/html/data
-    networks:
-      - proxy-network
-    depends_on:
-      - nginx-proxy
-
-  # --------------------------------
-  #         VPN Wireguard
-  # --------------------------------
-  wg-easy:
-    image: ghcr.io/wg-easy/wg-easy:15
-    container_name: wg-easy
-    restart: unless-stopped
-    cap_add:
-      - NET_ADMIN
-      - SYS_MODULE
-    sysctls:
-      - net.ipv4.ip_forward=1
-      - net.ipv4.conf.all.src_valid_mark=1
-      - net.ipv6.conf.all.disable_ipv6=0
-      - net.ipv6.conf.all.forwarding=1
-      - net.ipv6.conf.default.forwarding=1
-    environment:
-      - TZ=Europe/Paris
-      - VIRTUAL_HOST=vpn.${HOSTNAME}
-      - LETSENCRYPT_HOST=vpn.${HOSTNAME}
-      - LETSENCRYPT_EMAIL=${EMAIL}
-      - VIRTUAL_PORT=51821
-    networks:
-      - proxy-network
-      - vpn-network
-
-    volumes:
-      - wireguard-volume:/etc/wireguard
-      - /lib/modules:/lib/modules:ro
-    ports:
-      - "51820:51820/udp"
-    labels:
-      - "docker-volume-backup.stop-during-backup=true"
-    depends_on:
-      - nginx-proxy
-
-  # --------------------------------
-  #      Monitoring Prometheus
-  # --------------------------------
-  prometheus:
-    image: prom/prometheus:latest
-    container_name: prometheus
-    restart: unless-stopped
-    volumes:
-      - /etc/serverconfig/prometheus.yml:/etc/prometheus/prometheus.yml
-    networks:
-      - monitor-network
-
-  grafana:
-    image: grafana/grafana
-    container_name: grafana
-    restart: unless-stopped
-    environment:
-      - VIRTUAL_HOST=monitor.${HOSTNAME}
-      - LETSENCRYPT_HOST=monitor.${HOSTNAME}
-      - VIRTUAL_PORT=3000
-      - LETSENCRYPT_EMAIL=${EMAIL}
-    volumes:
-      - grafana-volume:/var/lib/grafana
-    networks:
-      - proxy-network
-      - monitor-network
-
-# synapse:
-#     image: matrixdotorg/synapse:latest
-#     container_name: synapse
-#     restart: unless-stopped
-#     networks:
-#       - network-container
-#     volumes:
-#       - ./data:/data
-#     environment:
-#       - SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
-#       - VIRTUAL_HOST=${HOSTNAME_SYNAPSE}
-#       - LETSENCRYPT_HOST=${HOSTNAME_SYNAPSE}
-#       - LETSENCRYPT_EMAIL=${EMAIL}
-#       - VIRTUAL_PORT=8008
-#     expose:
-#       - "8008"
-
-networks:
-  proxy-network:
-    name: proxy-network
-    external: false
-  monitor-network:
-    name: monitor-network
-    external: false
-  vpn-network:
-    name: vpn-network
-    external: false

config/vhost.d/docker-compose.yml

@@ -284,10 +284,14 @@ services:
       - LETSENCRYPT_HOST=git.${HOSTNAME}
       - LETSENCRYPT_EMAIL=${EMAIL}
       - VIRTUAL_PORT=3000
+      - DISABLE_REGISTRATION=true
       - GITEA__server__DOMAIN=git.${HOSTNAME}
       - GITEA__server__SSH_DOMAIN=git.${HOSTNAME}
       - GITEA__server__SSH_PORT=222
       - GITEA__server__ROOT_URL=https://git.${HOSTNAME}/
+      - GITEA__service__ALLOW_ONLY_EXTERNAL_REGISTRATION=false
+      - GITEA__service__DISABLE_REGISTRATION=true
+      - GITEA__service__SHOW_REGISTRATION_BUTTON=false
     restart: unless-stopped
     networks:
       - web-network

config/vhost.d/www.HOSTNAME.com

@@ -1 +0,0 @@
-return 301 https://HOSTNAME.com$request_uri;