diff options
| -rw-r--r-- | template/docker-compose.yaml.template | 306 | ||||
| -rw-r--r-- | template/nginx/server.json | 53 |
2 files changed, 170 insertions, 189 deletions
diff --git a/template/docker-compose.yaml.template b/template/docker-compose.yaml.template index 3408d7e..8b2f014 100644 --- a/template/docker-compose.yaml.template +++ b/template/docker-compose.yaml.template @@ -1,160 +1,146 @@ -services: - timeline: - image: crupest/timeline:latest - pull_policy: always - container_name: timeline - restart: on-failure:3 - environment: - - ASPNETCORE_FORWARDEDHEADERS_ENABLED=true - - TIMELINE_DisableAutoBackup=true - volumes: - - ./data/timeline:/root/timeline - - code-server: - pull_policy: build - build: - context: ./docker/code-server - dockerfile: Dockerfile - pull: true - tags: - - "crupest/code-server:latest" - container_name: code-server - restart: on-failure:3 - volumes: - - ./data/code-server:/data - - code-server-home:/root - - crupest-blog: - pull_policy: build - build: - context: ./docker/crupest-blog - dockerfile: Dockerfile - pull: true - tags: - - "crupest/crupest-blog:latest" - container_name: crupest-blog - restart: on-failure:3 - volumes: - - "blog-public:/public" - - nginx: - pull_policy: build - build: - context: ./docker/crupest-nginx - dockerfile: Dockerfile - pull: true - tags: - - "crupest/crupest-nginx:latest" - container_name: nginx - restart: on-failure:3 - ports: - - "80:80" - - "443:443" - - "443:443/udp" - volumes: - - "./nginx-config:/etc/nginx/conf.d:ro" - - "./data/certbot/certs:/etc/letsencrypt:ro" - - "./data/certbot/webroot:/srv/acme:ro" - - "blog-public:/srv/blog:ro" - - crupest-api: - pull_policy: build - build: - context: ./docker/crupest-api - dockerfile: Dockerfile - pull: true - tags: - - "crupest/crupest-api:latest" - container_name: crupest-api - volumes: - - "./crupest-api-config.json:/crupest-api-config.json:ro" - - v2ray: - image: v2fly/v2fly-core:latest - pull_policy: always - command: [ "run", "-c", "/etc/v2fly/config.json" ] - container_name: v2ray - restart: on-failure:3 - volumes: - - "./v2ray-config.json:/etc/v2fly/config.json:ro" - - auto-certbot: - pull_policy: build - depends_on: - - nginx - build: - context: ./docker/auto-certbot - dockerfile: Dockerfile - pull: true - args: - - CRUPEST_DOMAIN=$CRUPEST_DOMAIN - - CRUPEST_EMAIL=$CRUPEST_EMAIL - - CRUPEST_AUTO_CERTBOT_ADDITIONAL_PACKAGES=docker-cli - - CRUPEST_AUTO_CERTBOT_POST_HOOK=docker restart nginx - tags: - - "crupest/auto-certbot:latest" - container_name: auto-certbot - volumes: - - "./data/certbot/certs:/etc/letsencrypt" - - "./data/certbot/data:/var/lib/letsencrypt" - - "./data/certbot/webroot:/var/www/certbot" - # map docker socket to allow auto-certbot to restart nginx - - "/var/run/docker.sock:/var/run/docker.sock" - restart: on-failure:3 - - auto-backup: - pull_policy: build - build: - context: ./docker/auto-backup - dockerfile: Dockerfile - pull: true - args: - - CRUPEST_AUTO_BACKUP_COS_SECRET_ID=${CRUPEST_AUTO_BACKUP_COS_SECRET_ID} - - CRUPEST_AUTO_BACKUP_COS_SECRET_KEY=${CRUPEST_AUTO_BACKUP_COS_SECRET_KEY} - - CRUPEST_AUTO_BACKUP_COS_REGION=${CRUPEST_AUTO_BACKUP_COS_REGION} - - CRUPEST_AUTO_BACKUP_BUCKET_NAME=${CRUPEST_AUTO_BACKUP_BUCKET_NAME} - tags: - - "crupest/auto-backup:latest" - container_name: auto-backup - volumes: - - "./data:/data" - restart: on-failure:3 - - mailserver: - image: docker.io/mailserver/docker-mailserver:latest - pull_policy: always - container_name: mailserver - # If the FQDN for your mail-server is only two labels (eg: example.com), - # you can assign this entirely to `hostname` and remove `domainname`. - hostname: mail - domainname: $CRUPEST_DOMAIN - env_file: mailserver.env - # More information about the mail-server ports: - # https://docker-mailserver.github.io/docker-mailserver/edge/config/security/understanding-the-ports/ - # To avoid conflicts with yaml base-60 float, DO NOT remove the quotation marks. - ports: - - "25:25" # SMTP (explicit TLS => STARTTLS) - - "143:143" # IMAP4 (explicit TLS => STARTTLS) - - "465:465" # ESMTP (implicit TLS) - - "587:587" # ESMTP (explicit TLS => STARTTLS) - - "993:993" # IMAP4 (implicit TLS) - volumes: - - ./data/dms/mail-data/:/var/mail/ - - ./data/dms/mail-state/:/var/mail-state/ - - ./data/dms/mail-logs/:/var/log/mail/ - - ./data/dms/config/:/tmp/docker-mailserver/ - - ./data/certbot/certs:/etc/letsencrypt - - /etc/localtime:/etc/localtime:ro - restart: on-failure:3 - stop_grace_period: 1m - cap_add: - - NET_ADMIN - healthcheck: - test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1" - timeout: 3s - retries: 0 - - -volumes: - blog-public: - code-server-home: +services:
+ timeline:
+ image: crupest/timeline:latest
+ pull_policy: always
+ container_name: timeline
+ restart: on-failure:3
+ environment:
+ - ASPNETCORE_FORWARDEDHEADERS_ENABLED=true
+ - TIMELINE_DisableAutoBackup=true
+ volumes:
+ - ./data/timeline:/root/timeline
+
+ crupest-blog:
+ pull_policy: build
+ build:
+ context: ./docker/crupest-blog
+ dockerfile: Dockerfile
+ pull: true
+ tags:
+ - "crupest/crupest-blog:latest"
+ container_name: crupest-blog
+ restart: on-failure:3
+ volumes:
+ - "blog-public:/public"
+
+ nginx:
+ pull_policy: build
+ build:
+ context: ./docker/crupest-nginx
+ dockerfile: Dockerfile
+ pull: true
+ tags:
+ - "crupest/crupest-nginx:latest"
+ container_name: nginx
+ restart: on-failure:3
+ ports:
+ - "80:80"
+ - "443:443"
+ - "443:443/udp"
+ volumes:
+ - "./nginx-config:/etc/nginx/conf.d:ro"
+ - "./data/certbot/certs:/etc/letsencrypt:ro"
+ - "./data/certbot/webroot:/srv/acme:ro"
+ - "blog-public:/srv/blog:ro"
+
+ crupest-api:
+ pull_policy: build
+ build:
+ context: ./docker/crupest-api
+ dockerfile: Dockerfile
+ pull: true
+ tags:
+ - "crupest/crupest-api:latest"
+ container_name: crupest-api
+ volumes:
+ - "./crupest-api-config.json:/crupest-api-config.json:ro"
+
+ v2ray:
+ image: v2fly/v2fly-core:latest
+ pull_policy: always
+ command: [ "run", "-c", "/etc/v2fly/config.json" ]
+ container_name: v2ray
+ restart: on-failure:3
+ volumes:
+ - "./v2ray-config.json:/etc/v2fly/config.json:ro"
+
+ auto-certbot:
+ pull_policy: build
+ depends_on:
+ - nginx
+ build:
+ context: ./docker/auto-certbot
+ dockerfile: Dockerfile
+ pull: true
+ args:
+ - CRUPEST_DOMAIN=$CRUPEST_DOMAIN
+ - CRUPEST_EMAIL=$CRUPEST_EMAIL
+ - CRUPEST_AUTO_CERTBOT_ADDITIONAL_PACKAGES=docker-cli
+ - CRUPEST_AUTO_CERTBOT_POST_HOOK=docker restart nginx
+ tags:
+ - "crupest/auto-certbot:latest"
+ container_name: auto-certbot
+ volumes:
+ - "./data/certbot/certs:/etc/letsencrypt"
+ - "./data/certbot/data:/var/lib/letsencrypt"
+ - "./data/certbot/webroot:/var/www/certbot"
+ # map docker socket to allow auto-certbot to restart nginx
+ - "/var/run/docker.sock:/var/run/docker.sock"
+ restart: on-failure:3
+
+ auto-backup:
+ pull_policy: build
+ build:
+ context: ./docker/auto-backup
+ dockerfile: Dockerfile
+ pull: true
+ args:
+ - CRUPEST_AUTO_BACKUP_COS_SECRET_ID=${CRUPEST_AUTO_BACKUP_COS_SECRET_ID}
+ - CRUPEST_AUTO_BACKUP_COS_SECRET_KEY=${CRUPEST_AUTO_BACKUP_COS_SECRET_KEY}
+ - CRUPEST_AUTO_BACKUP_COS_REGION=${CRUPEST_AUTO_BACKUP_COS_REGION}
+ - CRUPEST_AUTO_BACKUP_BUCKET_NAME=${CRUPEST_AUTO_BACKUP_BUCKET_NAME}
+ tags:
+ - "crupest/auto-backup:latest"
+ container_name: auto-backup
+ volumes:
+ - "./data:/data"
+ restart: on-failure:3
+
+ mailserver:
+ image: docker.io/mailserver/docker-mailserver:latest
+ pull_policy: always
+ container_name: mailserver
+ # If the FQDN for your mail-server is only two labels (eg: example.com),
+ # you can assign this entirely to `hostname` and remove `domainname`.
+ hostname: mail
+ domainname: $CRUPEST_DOMAIN
+ env_file: mailserver.env
+ # More information about the mail-server ports:
+ # https://docker-mailserver.github.io/docker-mailserver/edge/config/security/understanding-the-ports/
+ # To avoid conflicts with yaml base-60 float, DO NOT remove the quotation marks.
+ ports:
+ - "25:25" # SMTP (explicit TLS => STARTTLS)
+ - "143:143" # IMAP4 (explicit TLS => STARTTLS)
+ - "465:465" # ESMTP (implicit TLS)
+ - "587:587" # ESMTP (explicit TLS => STARTTLS)
+ - "993:993" # IMAP4 (implicit TLS)
+ volumes:
+ - ./data/dms/mail-data/:/var/mail/
+ - ./data/dms/mail-state/:/var/mail-state/
+ - ./data/dms/mail-logs/:/var/log/mail/
+ - ./data/dms/config/:/tmp/docker-mailserver/
+ - ./data/certbot/certs:/etc/letsencrypt
+ - /etc/localtime:/etc/localtime:ro
+ restart: on-failure:3
+ stop_grace_period: 1m
+ cap_add:
+ - NET_ADMIN
+ healthcheck:
+ test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1"
+ timeout: 3s
+ retries: 0
+
+
+volumes:
+ blog-public:
+
diff --git a/template/nginx/server.json b/template/nginx/server.json index af48eb4..e810234 100644 --- a/template/nginx/server.json +++ b/template/nginx/server.json @@ -1,29 +1,24 @@ -{ - "$schema": "./server.schema.json", - "sites": [ - { - "type": "reverse-proxy", - "subdomain": "code", - "upstream": "code-server:8080" - }, - { - "type": "reverse-proxy", - "subdomain": "timeline", - "upstream": "timeline:5000" - }, - { - "type": "static-file", - "subdomain": "blog", - "root": "/srv/blog" - }, - { - "type": "redirect", - "subdomain": "github", - "url": "https://github.com/crupest" - }, - { - "type": "cert-only", - "subdomain": "mail" - } - ] -}
\ No newline at end of file +{
+ "$schema": "./server.schema.json",
+ "sites": [
+ {
+ "type": "reverse-proxy",
+ "subdomain": "timeline",
+ "upstream": "timeline:5000"
+ },
+ {
+ "type": "static-file",
+ "subdomain": "blog",
+ "root": "/srv/blog"
+ },
+ {
+ "type": "redirect",
+ "subdomain": "github",
+ "url": "https://github.com/crupest"
+ },
+ {
+ "type": "cert-only",
+ "subdomain": "mail"
+ }
+ ]
+}
|