ddp/docker-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

put rspamd web behind traefik, and hide it on local port. fixed up poor username/password combo for influxdb, added localtime to a few containers that did not have it, created a new web server that handles php covering my local needs to serve the landing page / images & mythweb

Browse Source
This commit is contained in:
Damien De Paoli
2024-01-23 16:54:30 +11:00
parent da3a2de62f
commit 291c2996b8
1 changed files with 43 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
docker-compose.yml
View File

@@ -224,9 +224,14 @@ services:
- "465:465"
- "587:587"
- "993:993"
- "11334:11334"
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.mail.rule=PathPrefix(`/rspamd/`)"
- "traefik.http.middlewares.stripprefix-mail.stripprefix.prefixes=/rspamd"
- "traefik.http.routers.mail.middlewares=stripprefix-mail@docker"
- "traefik.http.services.mail.loadbalancer.server.port=11334"
- "traefik.http.routers.mail.entrypoints=web"
depends_on:
- pihole
- openldap
@@ -445,6 +450,7 @@ services:
- /srv/docker/container/mosquitto:/mosquitto
- /srv/docker/container/mosquitto/data:/mosquitto/data
- /srv/docker/container/mosquitto/log:/mosquitto/log
- /etc/localtime:/etc/localtime:ro
labels:
- "com.centurylinklabs.watchtower.enable=true"
ports:
@@ -500,9 +506,8 @@ services:
- "8086:8086"
environment:
- DOCKER_INFLUXDB_INIT_MODE=setup
- DOCKER_INFLUXDB_INIT_USERNAME=telegraf_user
- DOCKER_INFLUXDB_INIT_PASSWORD=my-password
- DOCKER_INFLUXDB_INIT_ORG=mara
- DOCKER_INFLUXDB_INIT_USERNAME=telegraf
- DOCKER_INFLUXDB_INIT_BUCKET=telegraf
- DOCKER_INFLUXDB_INIT_RETENTION=2w
- DOCKER_INFLUXDB_INIT_ADMIN_TOKEN=3qBckkybwMWoyZ16dqVD9gufoYYLwKkX_i296J30wekVpwxuCQe8p
@@ -511,6 +516,7 @@ services:
volumes:
- /srv/docker/container/influxdb/data:/var/lib/influxdb2
- /srv/docker/container/influxdb/config:/etc/influxdb2
- /etc/localtime:/etc/localtime:ro
labels:
- "com.centurylinklabs.watchtower.enable=true"
restart: always
@@ -651,8 +657,8 @@ services:
ports:
- '5001:5000'
volumes:
- /etc/localtime:/etc/localtime:ro
- /home/ddp/src/pybook/:/pybook_mapped_volume
- /etc/localtime:/etc/localtime:ro
labels:
- "com.centurylinklabs.watchtower.enable=false"
@@ -760,24 +766,24 @@ services:
- "traefik.tcp.routers.tix-tcp.entrypoints=secureweb"
vaultwarden:
container_name: bitwarden
container_name: vaultwarden
restart: always
image: vaultwarden/server
depends_on:
- pihole
- openldap
volumes:
- /srv/docker/container/bitwarden_rs/data:/data
- /srv/docker/container/vaultwarden:/data
- /etc/localtime:/etc/localtime:ro
environment:
- "ORG_EVENTS_ENABLED=true"
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.bitwarden_rs.rule=Host(`bw.depaoli.id.au`)"
- "traefik.http.routers.bitwarden_rs.tls=true"
- "traefik.http.routers.bitwarden_rs.tls.options=tls12@file"
- "traefik.http.routers.bitwarden_rs.entrypoints=secureweb"
- "traefik.http.routers.vaultwarden.rule=Host(`bw.depaoli.id.au`)"
- "traefik.http.routers.vaultwarden.tls=true"
- "traefik.http.routers.vaultwarden.tls.options=tls12@file"
- "traefik.http.routers.vaultwarden.entrypoints=secureweb"
# auto-update docker images
watchtower:
@@ -933,8 +939,9 @@ services:
volumes:
- /srv/docker/container/kuma:/app/data
- /var/run/docker.sock:/var/run/docker.sock:ro
- /etc/localtime:/etc/localtime:ro
ports:
- 3001:3001 # <Host Port>:<Container Port>
- 3001:3001 # leave these in case mon.depaoli.id.au is inaccessible
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
@@ -980,6 +987,7 @@ services:
- /srv/docker/container/mythtv/db/data:/var/lib/mysql
- /srv/docker/container/mythtv/db/log:/var/log/mysql
- /srv/docker/container/mythtv/db/mythtv.cnf:/etc/mysql/conf.d/mythtv.cnf
- /etc/localtime:/etc/localtime:ro
# hacked entrypoint to 'add' to this container so it works as mara needs
myth:
@@ -999,12 +1007,17 @@ services:
DBNAME: mythconverg
# needs to be ip not container name as the host network_mode and DNS dont work together
# test this as mythdb and remove network_mode host when I can
DBSERVER: 192.168.0.2
DBSERVER: mythdb
LANG: en_US.UTF-8
LANGUAGE: en_US.UTF-8
LOCALHOSTNAME: mara
TZ: Australia/Melbourne
network_mode: host
# network_mode: host
ports:
- "6543:6543"
- "6544:6544"
- "6549:6549"
- "6744:6744"
entrypoint: >
/bin/bash -c "
/root/mara-init/fix_uids.sh
@@ -1046,6 +1059,7 @@ services:
- /srv/docker/config/secrets/wiki
volumes:
- /srv/docker/container/wiki:/config
- /etc/localtime:/etc/localtime:ro
restart: unless-stopped
depends_on:
- wikidb
@@ -1068,6 +1082,22 @@ services:
volumes:
- /srv/docker/container/wikidb/config:/config
- /srv/docker/container/wikidb/data:/var/lib/mysql
- /etc/localtime:/etc/localtime:ro
restart: unless-stopped
labels:
- "com.centurylinklabs.watchtower.enable=true"
web:
image: php:apache
container_name: web
volumes:
- /srv/docker/container/web/data:/var/www/html
- /srv/docker/container/web/mara-init:/root/mara-init
- /etc/localtime:/etc/localtime:ro
restart: unless-stopped
entrypoint: "/root/mara-init/entrypoint-wrapper.sh"
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.web.rule=Host(`mara.ddp.net`) && ( Path(`/`) || PathPrefix(`/images` ) || PathPrefix(`/mythweb`) )"
- "traefik.http.routers.web.entrypoints=web"