initial dockerfiles

.gitignore

@@ -0,0 +1 @@
+*.jar

caddy/Caddyfile

@@ -0,0 +1,16 @@
+{
+    acme_dns cloudflare q1P7J3uqS96FGj_iiX2mI8y1ulTaIFrTp8tyTXhG
+}
+
+auth.bizmatch.net {
+    reverse_proxy bizmatch:8080
+    tls {
+        dns cloudflare q1P7J3uqS96FGj_iiX2mI8y1ulTaIFrTp8tyTXhG
+    }
+}
+git.bizmatch.net {
+    reverse_proxy bizmatch:3000
+    tls {
+        dns cloudflare q1P7J3uqS96FGj_iiX2mI8y1ulTaIFrTp8tyTXhG
+    }
+}

caddy/docker-compose.yml

@@ -0,0 +1,25 @@
+version: '3.7'
+services:
+  caddy:
+    image: iarekylew00t/caddy-cloudflare:latest
+    restart: unless-stopped
+    ports:
+      # - "80:80"
+      - "443:443"
+    networks:
+      - bizmatch
+    volumes:
+      - $PWD/Caddyfile:/etc/caddy/Caddyfile
+      - caddy_data:/data
+      - caddy_config:/config
+    environment:
+      - CLOUDFLARE_API_TOKEN=q1P7J3uqS96FGj_iiX2mI8y1ulTaIFrTp8tyTXhG
+
+networks:
+  bizmatch:
+    external: true
+
+volumes:
+  caddy_data:
+    external: true
+  caddy_config:

gitea/docker-compose.yml

@@ -0,0 +1,43 @@
+version: '3.1'
+
+services:
+  server:
+    image: gitea/gitea:latest
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+      - DB_TYPE=postgres
+      - DB_HOST=db:5432
+      - DB_NAME=gitea
+      - DB_USER=bizmatch
+      - DB_PASSWD=gitea
+      - GITEA__server__MINIMUM_KEY_SIZE_CHECK=false
+    restart: unless-stopped
+    networks:
+      - bizmatch
+    volumes:
+      - gitea-data:/data
+      - ./gitea/gitea-ssh:/data/git/.ssh
+    ports:
+      - "3000:3000"
+      - "2222:22"
+
+  db:
+    image: postgres:alpine
+    environment:
+      - POSTGRES_USER=bizmatch
+      - POSTGRES_PASSWORD=gitea
+      - POSTGRES_DB=gitea
+    restart: unless-stopped
+    networks:
+      - bizmatch
+    volumes:
+      - gitea-db:/var/lib/postgresql/data
+
+networks:
+  bizmatch:
+    external: true
+
+volumes:
+  gitea-data:
+  gitea-db:

keycloak/.env

@@ -0,0 +1,28 @@
+DB_HOST=postgres
+DB_PORT=5432
+DB_SCHEMA=public
+POSTGRES_DB=keycloak
+POSTGRES_USER=yb_keycloak
+POSTGRES_PASSWORD=randomlongalphanumericpassword
+
+KEYCLOAK_CREATE_ADMIN_USER=true
+KEYCLOAK_ADMIN_USER=keycloak-admin
+KEYCLOAK_ADMIN_PASSWORD=randomlongalphanumericpassword
+KEYCLOAK_MANAGEMENT_USER=keycloak-manager
+KEYCLOAK_MANAGEMENT_PASSWORD=randomlongalphanumericpassword
+
+KEYCLOAK_DATABASE_HOST=${DB_HOST}
+KEYCLOAK_DATABASE_PORT=${DB_PORT}
+KEYCLOAK_DATABASE_NAME=${POSTGRES_DB}
+KEYCLOAK_DATABASE_USER=${POSTGRES_USER}
+KEYCLOAK_DATABASE_PASSWORD=${POSTGRES_PASSWORD}
+KEYCLOAK_DATABASE_SCHEMA=${DB_SCHEMA}
+
+KEYCLOAK_PRODUCTION=true
+KEYCLOAK_JDBC_PARAMS=sslmode=disable&connectTimeout=40000
+KEYCLOAK_EXTRA_ARGS="-Dkeycloak.profile.feature.scripts=enabled"
+
+KEYCLOAK_ENABLE_HTTPS=true
+KEYCLOAK_HTTPS_USE_PEM=true
+KEYCLOAK_HTTPS_CERTIFICATE_FILE=/opt/bitnami/keycloak/certs/fullchain.pem
+KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE=/opt/bitnami/keycloak/certs/privkey.pem

keycloak/docker-compose.yml

@@ -0,0 +1,49 @@
+version: '3.8'
+
+services:
+
+  postgres:
+      image: postgres:15.5-alpine3.19
+      volumes:
+        - ./postgres_data:/var/lib/postgresql/data
+      environment:
+        POSTGRES_DB: keycloak
+        POSTGRES_USER: keycloak
+        POSTGRES_PASSWORD: password
+      ports:
+        - "5432:5432"
+      networks:
+        - bizmatch
+
+  auth:
+    image: quay.io/keycloak/keycloak:23.0.7
+    ports:
+      - "8080:8080"
+    environment:
+      - KEYCLOAK_ADMIN=admin
+      - KEYCLOAK_ADMIN_PASSWORD=aiaiaia
+      - KC_HOSTNAME_ADMIN=auth.bizmatch.net
+      - KC_PROXY=edge
+      - KC_HOSTNAME=auth.bizmatch.net
+      - KC_METRICS_ENABLED=true
+      - KC_HEALTH_ENABLED=true
+      - KC_DB=postgres
+      - KC_DB_PASSWORD=password
+      - KC_DB_SCHEMA=public
+      - KC_DB_USERNAME=keycloak
+      - KC_DB_URL_HOST=postgres
+      - KC_DB_URL_DATABASE=keycloak
+        #- KC_LOG_LEVEL=ALL
+    depends_on:
+      - postgres
+    command:
+      - start
+    volumes:
+      - ./auth/import:/opt/keycloak/data/import
+      - ./keywind.jar:/opt/keycloak/providers/keywind.jar
+    networks:
+      - bizmatch
+
+networks:
+  bizmatch:
+    external: true

nginx_proxy_manager/docker-compose.yml

@@ -0,0 +1,46 @@
+version: '3.8'
+services:
+  app:
+    image: 'jc21/nginx-proxy-manager:latest'
+    restart: unless-stopped
+    ports:
+      # These ports are in format <host-port>:<container-port>
+      - '80:80' # Public HTTP Port
+      - '443:443' # Public HTTPS Port
+      - '81:81' # Admin Web Port
+      # Add any other Stream port you want to expose
+      # - '21:21' # FTP
+    environment:
+      # Mysql/Maria connection parameters:
+      DB_MYSQL_HOST: "db"
+      DB_MYSQL_PORT: 3306
+      DB_MYSQL_USER: "bizmatch"
+      DB_MYSQL_PASSWORD: "$(WT0HW=^("
+      DB_MYSQL_NAME: "nginx_proxy_manager"
+      # Uncomment this if IPv6 is not enabled on your host
+      # DISABLE_IPV6: 'true'
+    networks:
+      - bizmatch      
+    volumes:
+      - ./data:/data
+      - ./letsencrypt:/etc/letsencrypt
+    depends_on:
+      - db
+
+  db:
+    image: 'jc21/mariadb-aria:latest'
+    restart: unless-stopped
+    environment:
+      MYSQL_ROOT_PASSWORD: 'KG}gwweb'
+      MYSQL_DATABASE: 'nginx_proxy_manager'
+      MYSQL_USER: 'bizmatch'
+      MYSQL_PASSWORD: '$(WT0HW=^('
+      MARIADB_AUTO_UPGRADE: '1'
+    volumes:
+      - ./mysql:/var/lib/mysql
+    networks:
+      - bizmatch      
+
+networks:
+  bizmatch:
+    external: true