diff options
Diffstat (limited to 'templates/docker-compose.yaml.template')
| -rw-r--r-- | templates/docker-compose.yaml.template | 199 |
1 files changed, 199 insertions, 0 deletions
diff --git a/templates/docker-compose.yaml.template b/templates/docker-compose.yaml.template new file mode 100644 index 0000000..cebdfb3 --- /dev/null +++ b/templates/docker-compose.yaml.template @@ -0,0 +1,199 @@ +services: + + blog: + pull_policy: build + build: + context: ./docker/blog + dockerfile: Dockerfile + pull: true + tags: + - "crupest/blog:latest" + container_name: blog + volumes: + - "blog-public:/public" + restart: on-failure:3 + + nginx: + pull_policy: build + build: + context: ./docker/nginx + dockerfile: Dockerfile + pull: true + tags: + - "crupest/nginx:latest" + container_name: nginx + ports: + - "80:80" + - "443:443" + - "443:443/udp" + volumes: + - "./nginx-config:/etc/nginx/conf.d:ro" + - "./data/certbot/certs:/etc/letsencrypt:ro" + - "./data/certbot/webroot:/srv/acme:ro" + - "blog-public:/srv/www/blog:ro" + restart: on-failure:3 + + v2ray: + pull_policy: build + build: + context: ./docker/v2ray + dockerfile: Dockerfile + pull: true + tags: + - "crupest/v2ray:latest" + container_name: v2ray + command: [ "run", "-c", "/etc/v2fly/config.json" ] + volumes: + - "./v2ray-config.json:/etc/v2fly/config.json:ro" + restart: on-failure:3 + + auto-certbot: + pull_policy: build + depends_on: + - nginx + build: + context: ./docker/auto-certbot + dockerfile: Dockerfile + pull: true + args: + - CRUPEST_DOMAIN=$CRUPEST_DOMAIN + - CRUPEST_EMAIL=$CRUPEST_EMAIL + - CRUPEST_AUTO_CERTBOT_ADDITIONAL_PACKAGES=docker-cli + - CRUPEST_AUTO_CERTBOT_POST_HOOK=docker restart nginx + tags: + - "crupest/auto-certbot:latest" + container_name: auto-certbot + volumes: + - "./data/certbot/certs:/etc/letsencrypt" + - "./data/certbot/data:/var/lib/letsencrypt" + - "./data/certbot/webroot:/var/www/certbot" + # map docker socket to allow auto-certbot to restart nginx + - "/var/run/docker.sock:/var/run/docker.sock" + restart: on-failure:3 + + auto-backup: + pull_policy: build + build: + context: ./docker/auto-backup + dockerfile: Dockerfile + pull: true + args: + - CRUPEST_AUTO_BACKUP_COS_SECRET_ID=${CRUPEST_AUTO_BACKUP_COS_SECRET_ID} + - CRUPEST_AUTO_BACKUP_COS_SECRET_KEY=${CRUPEST_AUTO_BACKUP_COS_SECRET_KEY} + - CRUPEST_AUTO_BACKUP_COS_REGION=${CRUPEST_AUTO_BACKUP_COS_REGION} + - CRUPEST_AUTO_BACKUP_BUCKET_NAME=${CRUPEST_AUTO_BACKUP_BUCKET_NAME} + tags: + - "crupest/auto-backup:latest" + container_name: auto-backup + volumes: + - "./data:/data" + restart: on-failure:3 + + mailserver: + image: docker.io/mailserver/docker-mailserver:latest + pull_policy: always + container_name: mailserver + # If the FQDN for your mail-server is only two labels (eg: example.com), + # you can assign this entirely to `hostname` and remove `domainname`. + hostname: mail + domainname: $CRUPEST_DOMAIN + env_file: mailserver.env + # More information about the mail-server ports: + # https://docker-mailserver.github.io/docker-mailserver/edge/config/security/understanding-the-ports/ + # To avoid conflicts with yaml base-60 float, DO NOT remove the quotation marks. + ports: + - "25:25" # SMTP (explicit TLS => STARTTLS) + - "143:143" # IMAP4 (explicit TLS => STARTTLS) + - "465:465" # ESMTP (implicit TLS) + - "587:587" # ESMTP (explicit TLS => STARTTLS) + - "993:993" # IMAP4 (implicit TLS) + volumes: + - ./data/dms/mail-data/:/var/mail/ + - ./data/dms/mail-state/:/var/mail-state/ + - ./data/dms/mail-logs/:/var/log/mail/ + - ./data/dms/config/:/tmp/docker-mailserver/ + - ./data/certbot/certs:/etc/letsencrypt + - /etc/localtime:/etc/localtime:ro + restart: on-failure:3 + stop_grace_period: 1m + cap_add: + - NET_ADMIN + healthcheck: + test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1" + timeout: 3s + retries: 0 + + debian-dev: + pull_policy: build + build: + context: ./docker/debian-dev + dockerfile: Dockerfile + pull: true + args: + - USER=crupest + tags: + - "crupest/debian-dev:latest" + container_name: debian-dev + init: true + command: [ "/bootstrap/start/code-server.bash" ] + volumes: + - ./data/debian-dev:/data + - debian-dev-home:/home/crupest + restart: on-failure:3 + + forgejo: + image: code.forgejo.org/forgejo/forgejo:9 + pull_policy: always + container_name: forgejo + environment: + - USER_UID=1000 + - USER_GID=1000 + volumes: + - ./data/forgejo:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + restart: on-failure:3 + + roundcubemail: + image: roundcube/roundcubemail:latest + container_name: roundcubemail + volumes: + - ./data/secret/gnupg:/gnupg + - ./data/roundcube/www/html:/var/www/html + - ./data/roundcube/db:/var/roundcube/db + - ./data/roundcube/config:/var/roundcube/config + - roundcubemail-temp:/tmp/roundcube-temp + environment: + - ROUNDCUBEMAIL_DEFAULT_HOST=ssl://mail.crupest.life + - ROUNDCUBEMAIL_DEFAULT_PORT=993 + - ROUNDCUBEMAIL_SMTP_SERVER=ssl://mail.crupest.life + - ROUNDCUBEMAIL_SMTP_PORT=465 + - ROUNDCUBEMAIL_DB_TYPE=sqlite + - ROUNDCUBEMAIL_PLUGINS=archive,enigma,jqueryui,newmail_notifier,show_additional_headers,userinfo,zipdownload + restart: on-failure:3 + + 2fauth: + image: 2fauth/2fauth + container_name: 2fauth + volumes: + - ./data/2fauth:/2fauth + environment: + - APP_NAME=2FAuth-crupest + - APP_TIMEZONE=UTC + - SITE_OWNER=crupest@crupest.life + - APP_KEY=${CRUPEST_2FAUTH_APP_KEY} + - APP_URL=https://2fa.${CRUPEST_DOMAIN} + - MAIL_MAILER=smtp + - MAIL_HOST=mail.crupest.life + - MAIL_PORT=465 + - MAIL_USERNAME=${CRUPEST_2FAUTH_MAIL_USERNAME} + - MAIL_PASSWORD=${CRUPEST_2FAUTH_MAIL_PASSWORD} + - MAIL_ENCRYPTION=ssl + - MAIL_FROM_NAME=2FAuth-crupest + - MAIL_FROM_ADDRESS=${CRUPEST_2FAUTH_MAIL_USERNAME} + - TRUSTED_PROXIES=* + +volumes: + blog-public: + debian-dev-home: + roundcubemail-temp: |