From 0a8f73fc4632bca1d8c1cbfd4e88f43a9591a896 Mon Sep 17 00:00:00 2001 From: Andreas Knuth Date: Tue, 27 Feb 2024 16:36:47 -0600 Subject: [PATCH] initial dockerfiles --- .gitignore | 1 + caddy/Caddyfile | 16 +++++++++ caddy/docker-compose.yml | 25 +++++++++++++ gitea/docker-compose.yml | 43 ++++++++++++++++++++++ keycloak/.env | 28 +++++++++++++++ keycloak/docker-compose.yml | 49 ++++++++++++++++++++++++++ nginx_proxy_manager/docker-compose.yml | 46 ++++++++++++++++++++++++ 7 files changed, 208 insertions(+) create mode 100644 .gitignore create mode 100644 caddy/Caddyfile create mode 100644 caddy/docker-compose.yml create mode 100644 gitea/docker-compose.yml create mode 100644 keycloak/.env create mode 100644 keycloak/docker-compose.yml create mode 100644 nginx_proxy_manager/docker-compose.yml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..f23b948 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*.jar \ No newline at end of file diff --git a/caddy/Caddyfile b/caddy/Caddyfile new file mode 100644 index 0000000..05d24f1 --- /dev/null +++ b/caddy/Caddyfile @@ -0,0 +1,16 @@ +{ + acme_dns cloudflare q1P7J3uqS96FGj_iiX2mI8y1ulTaIFrTp8tyTXhG +} + +auth.bizmatch.net { + reverse_proxy bizmatch:8080 + tls { + dns cloudflare q1P7J3uqS96FGj_iiX2mI8y1ulTaIFrTp8tyTXhG + } +} +git.bizmatch.net { + reverse_proxy bizmatch:3000 + tls { + dns cloudflare q1P7J3uqS96FGj_iiX2mI8y1ulTaIFrTp8tyTXhG + } +} \ No newline at end of file diff --git a/caddy/docker-compose.yml b/caddy/docker-compose.yml new file mode 100644 index 0000000..d370240 --- /dev/null +++ b/caddy/docker-compose.yml @@ -0,0 +1,25 @@ +version: '3.7' +services: + caddy: + image: iarekylew00t/caddy-cloudflare:latest + restart: unless-stopped + ports: + # - "80:80" + - "443:443" + networks: + - bizmatch + volumes: + - $PWD/Caddyfile:/etc/caddy/Caddyfile + - caddy_data:/data + - caddy_config:/config + environment: + - CLOUDFLARE_API_TOKEN=q1P7J3uqS96FGj_iiX2mI8y1ulTaIFrTp8tyTXhG + +networks: + bizmatch: + external: true + +volumes: + caddy_data: + external: true + caddy_config: \ No newline at end of file diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml new file mode 100644 index 0000000..31f0eda --- /dev/null +++ b/gitea/docker-compose.yml @@ -0,0 +1,43 @@ +version: '3.1' + +services: + server: + image: gitea/gitea:latest + environment: + - USER_UID=1000 + - USER_GID=1000 + - DB_TYPE=postgres + - DB_HOST=db:5432 + - DB_NAME=gitea + - DB_USER=bizmatch + - DB_PASSWD=gitea + - GITEA__server__MINIMUM_KEY_SIZE_CHECK=false + restart: unless-stopped + networks: + - bizmatch + volumes: + - gitea-data:/data + - ./gitea/gitea-ssh:/data/git/.ssh + ports: + - "3000:3000" + - "2222:22" + + db: + image: postgres:alpine + environment: + - POSTGRES_USER=bizmatch + - POSTGRES_PASSWORD=gitea + - POSTGRES_DB=gitea + restart: unless-stopped + networks: + - bizmatch + volumes: + - gitea-db:/var/lib/postgresql/data + +networks: + bizmatch: + external: true + +volumes: + gitea-data: + gitea-db: \ No newline at end of file diff --git a/keycloak/.env b/keycloak/.env new file mode 100644 index 0000000..3bea215 --- /dev/null +++ b/keycloak/.env @@ -0,0 +1,28 @@ +DB_HOST=postgres +DB_PORT=5432 +DB_SCHEMA=public +POSTGRES_DB=keycloak +POSTGRES_USER=yb_keycloak +POSTGRES_PASSWORD=randomlongalphanumericpassword + +KEYCLOAK_CREATE_ADMIN_USER=true +KEYCLOAK_ADMIN_USER=keycloak-admin +KEYCLOAK_ADMIN_PASSWORD=randomlongalphanumericpassword +KEYCLOAK_MANAGEMENT_USER=keycloak-manager +KEYCLOAK_MANAGEMENT_PASSWORD=randomlongalphanumericpassword + +KEYCLOAK_DATABASE_HOST=${DB_HOST} +KEYCLOAK_DATABASE_PORT=${DB_PORT} +KEYCLOAK_DATABASE_NAME=${POSTGRES_DB} +KEYCLOAK_DATABASE_USER=${POSTGRES_USER} +KEYCLOAK_DATABASE_PASSWORD=${POSTGRES_PASSWORD} +KEYCLOAK_DATABASE_SCHEMA=${DB_SCHEMA} + +KEYCLOAK_PRODUCTION=true +KEYCLOAK_JDBC_PARAMS=sslmode=disable&connectTimeout=40000 +KEYCLOAK_EXTRA_ARGS="-Dkeycloak.profile.feature.scripts=enabled" + +KEYCLOAK_ENABLE_HTTPS=true +KEYCLOAK_HTTPS_USE_PEM=true +KEYCLOAK_HTTPS_CERTIFICATE_FILE=/opt/bitnami/keycloak/certs/fullchain.pem +KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE=/opt/bitnami/keycloak/certs/privkey.pem \ No newline at end of file diff --git a/keycloak/docker-compose.yml b/keycloak/docker-compose.yml new file mode 100644 index 0000000..d600873 --- /dev/null +++ b/keycloak/docker-compose.yml @@ -0,0 +1,49 @@ +version: '3.8' + +services: + + postgres: + image: postgres:15.5-alpine3.19 + volumes: + - ./postgres_data:/var/lib/postgresql/data + environment: + POSTGRES_DB: keycloak + POSTGRES_USER: keycloak + POSTGRES_PASSWORD: password + ports: + - "5432:5432" + networks: + - bizmatch + + auth: + image: quay.io/keycloak/keycloak:23.0.7 + ports: + - "8080:8080" + environment: + - KEYCLOAK_ADMIN=admin + - KEYCLOAK_ADMIN_PASSWORD=aiaiaia + - KC_HOSTNAME_ADMIN=auth.bizmatch.net + - KC_PROXY=edge + - KC_HOSTNAME=auth.bizmatch.net + - KC_METRICS_ENABLED=true + - KC_HEALTH_ENABLED=true + - KC_DB=postgres + - KC_DB_PASSWORD=password + - KC_DB_SCHEMA=public + - KC_DB_USERNAME=keycloak + - KC_DB_URL_HOST=postgres + - KC_DB_URL_DATABASE=keycloak + #- KC_LOG_LEVEL=ALL + depends_on: + - postgres + command: + - start + volumes: + - ./auth/import:/opt/keycloak/data/import + - ./keywind.jar:/opt/keycloak/providers/keywind.jar + networks: + - bizmatch + +networks: + bizmatch: + external: true \ No newline at end of file diff --git a/nginx_proxy_manager/docker-compose.yml b/nginx_proxy_manager/docker-compose.yml new file mode 100644 index 0000000..3fc1853 --- /dev/null +++ b/nginx_proxy_manager/docker-compose.yml @@ -0,0 +1,46 @@ +version: '3.8' +services: + app: + image: 'jc21/nginx-proxy-manager:latest' + restart: unless-stopped + ports: + # These ports are in format : + - '80:80' # Public HTTP Port + - '443:443' # Public HTTPS Port + - '81:81' # Admin Web Port + # Add any other Stream port you want to expose + # - '21:21' # FTP + environment: + # Mysql/Maria connection parameters: + DB_MYSQL_HOST: "db" + DB_MYSQL_PORT: 3306 + DB_MYSQL_USER: "bizmatch" + DB_MYSQL_PASSWORD: "$(WT0HW=^(" + DB_MYSQL_NAME: "nginx_proxy_manager" + # Uncomment this if IPv6 is not enabled on your host + # DISABLE_IPV6: 'true' + networks: + - bizmatch + volumes: + - ./data:/data + - ./letsencrypt:/etc/letsencrypt + depends_on: + - db + + db: + image: 'jc21/mariadb-aria:latest' + restart: unless-stopped + environment: + MYSQL_ROOT_PASSWORD: 'KG}gwweb' + MYSQL_DATABASE: 'nginx_proxy_manager' + MYSQL_USER: 'bizmatch' + MYSQL_PASSWORD: '$(WT0HW=^(' + MARIADB_AUTO_UPGRADE: '1' + volumes: + - ./mysql:/var/lib/mysql + networks: + - bizmatch + +networks: + bizmatch: + external: true \ No newline at end of file