diff --git a/bookstack/db_password b/bookstack/.env/db_password similarity index 100% rename from bookstack/db_password rename to bookstack/.env/db_password diff --git a/bookstack/db_root_password b/bookstack/.env/db_root_password similarity index 100% rename from bookstack/db_root_password rename to bookstack/.env/db_root_password diff --git a/bookstack/docker-compose.yml b/bookstack/docker-compose.yml index 96697d7..09f3177 100644 --- a/bookstack/docker-compose.yml +++ b/bookstack/docker-compose.yml @@ -1,16 +1,15 @@ --- version: "2" services: - bookstack: + app: image: lscr.io/linuxserver/bookstack - container_name: bookstack secrets: - db_password environment: PUID: 1000 PGID: 1000 APP_URL: http://192.168.77.106:6875 - DB_HOST: bookstack_db + DB_HOST: db DB_PORT: 3306 DB_USER: bookstack DB_PASS: /run/secrets/db_password @@ -21,16 +20,15 @@ services: - 6875:80 restart: unless-stopped depends_on: - - bookstack_db - bookstack_db: + - db + db: image: lscr.io/linuxserver/mariadb - container_name: bookstack_db secrets: - db_password - db_root_password environment: - PUID: 1000 - PGID: 1000 + PUID: 0 + PGID: 0 MYSQL_ROOT_PASSWORD: /run/secrets/db_root_password TZ: Europe/London MYSQL_DATABASE: bookstackapp @@ -43,6 +41,6 @@ services: secrets: db_password: - file: "bookstack/db_password" + file: ".env/db_password" db_root_password: - file: "bookstack/db_root_password" \ No newline at end of file + file: ".env/db_root_password" \ No newline at end of file diff --git a/dockermon/docker-compose.yml b/dockermon/docker-compose.yml new file mode 100644 index 0000000..c6f42e2 --- /dev/null +++ b/dockermon/docker-compose.yml @@ -0,0 +1,12 @@ +version: '2' + +services: + docker_mon: + image: philhawthorne/ha-dockermon + + restart: always + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - /share/docker_data/dockermon/config:/config + ports: + - 8126:8126 \ No newline at end of file diff --git a/fail2ban/docker-compose.yaml b/fail2ban/docker-compose.yaml index 6858511..b0325dd 100644 --- a/fail2ban/docker-compose.yaml +++ b/fail2ban/docker-compose.yaml @@ -4,16 +4,20 @@ services: fail2ban: image: crazymax/fail2ban:latest container_name: fail2ban - network_mode: "host" + network_mode: host cap_add: - NET_ADMIN - NET_RAW volumes: - "/share/docker_data/fail2ban/data:/data" - "/var/log:/var/log" - - "/share/docker_data/nextcloud/data/nextcloud.log:/nextcloud.log:ro" + #- "/share/docker_data/nextcloud/data/nextcloud.log:/nextcloud.log:ro" + - type: bind + source: /share/docker_data/nextcloud/data/nextcloud.log + target: /nextcloud.log + read_only: true env_file: - - "fail2ban.env" + - /data/fail2ban.env restart: always labels: com.centurylinklabs.watchtower.enable: true \ No newline at end of file diff --git a/gitlab/docker-compose.yml b/gitlab/docker-compose.yml new file mode 100644 index 0000000..a457540 --- /dev/null +++ b/gitlab/docker-compose.yml @@ -0,0 +1,49 @@ +version: '3.6' + +services: + web: + image: 'gitlab/gitlab-ce:latest' + container_name: gitlab + restart: always + network_mode: bridge + environment: + GITLAB_OMNIBUS_CONFIG: | + external_url 'https://gitlab.sectorq.eu' + nginx['listen_port'] = 80 + nginx['listen_https'] = false + gitlab_rails['ldap_enabled'] = true + gitlab_rails['ldap_servers'] = { + 'main' => { + 'label' => 'LDAP', + 'host' => '192.168.77.106', + 'port' => 1389, + 'uid' => 'sAMAccountName', + 'base' => 'dc=sectorq,dc=eu' + 'bind_dn' => 'CN=admin,DC=sectorq,DC=eu', + 'password' => '$LDAP_ADMIN_PASSWORD', + 'encryption' => 'plain', + 'verify_certificates' => false, + 'timeout' => 10, + 'active_directory' => false, + 'user_filter' => '(memberOf=cn=gitlab,ou=group,dc=sectorq,dc=eu)', + 'base' => 'ou=people,dc=sectorq,dc=eu', + 'lowercase_usernames' => 'false', + 'retry_empty_result_with_codes' => [80], + 'allow_username_or_email_login' => false, + 'block_auto_created_users' => false + } + } + + hostname: 'gitlab.sectorq.eu' + ports: + - '8780:80' + - '8743:443' + - '8722:22' + volumes: + - '/share/docker_data/gitlab/config:/etc/gitlab' + - '/share/docker_data/gitlab/logs:/var/log/gitlab' + - '/share/docker_data/gitlab/data:/var/opt/gitlab' + + shm_size: '2gb' + labels: + com.centurylinklabs.watchtower.enable: true \ No newline at end of file diff --git a/nextcloud/.env/db_password b/nextcloud/.env/db_password new file mode 100644 index 0000000..2adc89a --- /dev/null +++ b/nextcloud/.env/db_password @@ -0,0 +1 @@ +l4c1j4yd33Du5lo \ No newline at end of file diff --git a/nextcloud/.env/db_root_password b/nextcloud/.env/db_root_password new file mode 100644 index 0000000..2adc89a --- /dev/null +++ b/nextcloud/.env/db_root_password @@ -0,0 +1 @@ +l4c1j4yd33Du5lo \ No newline at end of file diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index e36ce08..cb37858 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -14,8 +14,8 @@ services: volumes: - /share/docker_data/mariadb:/var/lib/mysql environment: - - MYSQL_ROOT_PASSWORD=l4c1j4yd33Du5lo - - MYSQL_PASSWORD=l4c1j4yd33Du5lo + - MYSQL_ROOT_PASSWORD='$DB_ROOT_PASSWORD' + - MYSQL_PASSWORD='$DB_PASSWORD' - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud networks: @@ -37,7 +37,7 @@ services: - /share/docker_data/nextcloud/app-hooks/post-upgrade:/docker-entrypoint-hooks.d/post-upgrade - /share/docker_data/nextcloud/app-hooks/before-starting:/docker-entrypoint-hooks.d/before-starting environment: - - MYSQL_PASSWORD=l4c1j4yd33Du5lo + - MYSQL_PASSWORD='$DB_ROOT_PASSWORD' - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_HOST=db @@ -49,13 +49,12 @@ services: restart: always labels: com.centurylinklabs.watchtower.enable: true + com.centurylinklabs.watchtower.lifecycle.post-update: "apt update;apt install -y smbclient;chown -R www-data:www-data /var/www/html" redis: image: redis:alpine - container_name: redis volumes: - /share/docker_data/redis:/data networks: - nextcloud_network - restart: always - \ No newline at end of file + restart: always \ No newline at end of file diff --git a/openldap/docker-compose.yml b/openldap/docker-compose.yml index 9ad5a72..e1b6ecf 100644 --- a/openldap/docker-compose.yml +++ b/openldap/docker-compose.yml @@ -3,14 +3,14 @@ version: '2' services: openldap: image: bitnami/openldap:latest - ports: - - '1389:1389' - - '1636:1636' + #ports: + # - '1389:1389' + # - '1636:1636' environment: - LDAP_SKIP_DEFAULT_TREE=yes - LDAP_ROOT=dc=sectorq,dc=eu - LDAP_ADMIN_USERNAME=admin - - LDAP_ADMIN_PASSWORD=l4c1j4yd33Du5lo + - LDAP_ADMIN_PASSWORD=$LDAP_ADMIN_PASSWORD - LDAP_USERS=test - LDAP_PASSWORDS=q - LDAP_GROUP=group @@ -18,12 +18,12 @@ services: #- LDAP_CUSTOM_LDIF_DIR=/ldifs - LDAP_CONFIG_ADMIN_ENABLED=yes - LDAP_CONFIG_ADMIN_USERNAME=admin - - LDAP_CONFIG_ADMIN_PASSWORD=l4c1j4yd33Du5lo + - LDAP_CONFIG_ADMIN_PASSWORD=$LDAP_CONFIG_ADMIN_PASSWORD #- LDAP_CUSTOM_SCHEMA_FILE=/custom/00-custom.ldif + #- LDAP_ENABLE_TLS volumes: - '/share/docker_data/openldap/data:/bitnami/openldap' - '/share/docker_data/openldap/ldifs:/ldifs' - - '/share/docker_data/openldap/custom2:/custom' + - '/share/docker_data/openldap/custom:/custom' - network_mode: bridge - + network_mode: host \ No newline at end of file diff --git a/semaphore/docker-compose.yml b/semaphore/docker-compose.yml index f4d841b..83f7eef 100644 --- a/semaphore/docker-compose.yml +++ b/semaphore/docker-compose.yml @@ -2,33 +2,37 @@ version: '2' services: - mysql: + db: ports: - 3306:3306 - image: mysql:5.6 - container_name: mysql - hostname: mysql + image: mysql:8.0 + volumes: + - /share/docker_data/semaphore/mysql/data:/var/lib/mysql environment: MYSQL_RANDOM_ROOT_PASSWORD: 'yes' MYSQL_DATABASE: semaphore_db MYSQL_USER: semaphore_user MYSQL_PASSWORD: StrongPassw0rd restart: always - semaphore: + app: ports: - 3002:3000 - image: ansiblesemaphore/semaphore:latest - container_name: semaphore + + #image: semaphoreui/semaphore:latest + image: sectorq/semaphore:latest + volumes: + - /etc/localtime:/etc/localtime:ro + - /share/docker_data/semaphore/app/requirements.txt:/etc/semaphore/requirements.txt environment: SEMAPHORE_DB_USER: semaphore_user SEMAPHORE_DB_PASS: StrongPassw0rd - SEMAPHORE_DB_HOST: mysql + SEMAPHORE_DB_HOST: db SEMAPHORE_DB_PORT: 3306 - SEMAPHORE_DB: semaphore_db + SEMAPHORE_DB: semaphore_db SEMAPHORE_PLAYBOOK_PATH: /tmp/semaphore/ - SEMAPHORE_ADMIN_PASSWORD: AdminPasswd + SEMAPHORE_ADMIN_PASSWORD: '$SEMAPHORE_ADMIN_PASSWORD' SEMAPHORE_ADMIN_NAME: administrator - SEMAPHORE_ADMIN_EMAIL: admin@sectorq.eu + SEMAPHORE_ADMIN_EMAIL: administrator@sectorq.eu SEMAPHORE_ADMIN: administrator SEMAPHORE_ACCESS_KEY_ENCRYPTION: MflCLIUF5bn6Lgkuwy4BoAdIFhoZ4Ief2oocXmuZSjs= SEMAPHORE_LDAP_ACTIVATED: 'yes' # if you wish to use ldap, set to: 'yes' @@ -36,10 +40,10 @@ services: SEMAPHORE_LDAP_PORT: '389' SEMAPHORE_LDAP_NEEDTLS: 'no' SEMAPHORE_LDAP_DN_BIND: 'cn=admin,dc=sectorq,dc=eu' - SEMAPHORE_LDAP_PASSWORD: 'l4c1j4yd33Du5lo' + SEMAPHORE_LDAP_PASSWORD: '$LDAP_ADMIN_PASSWORD' SEMAPHORE_LDAP_DN_SEARCH: 'dc=sectorq,dc=eu' SEMAPHORE_LDAP_SEARCH_FILTER: "(&(objectClass=inetOrgPerson)(uid=%s))" depends_on: - - mysql + - db restart: always \ No newline at end of file diff --git a/webhub/docker-compose.yml b/webhub/docker-compose.yml new file mode 100644 index 0000000..24d04cf --- /dev/null +++ b/webhub/docker-compose.yml @@ -0,0 +1,30 @@ +--- +version: "2.1" +services: + heimdall: + image: lscr.io/linuxserver/heimdall:latest + container_name: heimdall + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/Bratislava + volumes: + - /share/docker_data/heimdall/config:/config + + ports: + - 8084:80 + - 4437:443 + restart: always + labels: + com.centurylinklabs.watchtower.enable: true + web: + image: nginx:latest + restart: always + volumes: + + - /share/docker_data/webhub:/usr/share/nginx/html + ports: + - "48000:80" + environment: + - NGINX_HOST=sectorq.eu + - NGINX_PORT=80 \ No newline at end of file