diff --git a/Readme.md b/Readme.md index 04c608e..eb125bd 100644 --- a/Readme.md +++ b/Readme.md @@ -1,3 +1,26 @@ # Docker-Compose Library A collection of docker-compose files for different open-source projects. +Disclaimer: most files are to be understood as "getting started" level. Make sure to think about security whenever you expose some service to the Internet! + +## Prerequisites + +To run these files you must install docker on your host. Detailed information on how to install docker on your operating system can be found [here](https://docs.docker.com/engine/install/). Additionally `docker-compose` is needed. See how to install it [here](https://docs.docker.com/compose/install/). + +## List of compose files +The following compose files can be found in this repository. +- bookstack | [docker-compose.yml](./bookstack/docker-compose.yml) | [Link to project](https://www.bookstackapp.com/) +- dashy | [docker-compose.yml](./bookstack/docker-compose.yml) | [Link to project](https://dashy.to/) +- gitea | [docker-compose.yml](./bookstack/docker-compose.yml) | [Link to project](https://about.gitea.com/) +- grafana | [docker-compose.yml](./bookstack/docker-compose.yml) | [Link to project](https://grafana.com/) +- gramps | [docker-compose.yml](./bookstack/docker-compose.yml) | [Link to project](https://gramps-project.org) +- jenkins | [docker-compose.yml](./bookstack/docker-compose.yml) | [Link to project](https://www.jenkins.io/) +- kanboard | [docker-compose.yml](./bookstack/docker-compose.yml) | [Link to project](https://kanboard.org/) +- keycloak | [docker-compose.yml](./bookstack/docker-compose.yml) | [Link to project](https://www.keycloak.org/) +- mediawiki | [docker-compose.yml](./bookstack/docker-compose.yml) | [Link to project](https://www.mediawiki.org) +- nextcloud | [docker-compose.yml](./bookstack/docker-compose.yml) | [Link to project](https://nextcloud.com/) +- offen | [docker-compose.yml](./bookstack/docker-compose.yml) | [Link to project](https://www.offen.dev/) + +## Reverse Proxy +Most docker-compose files are created with having a reverse-proxy infront of them to do SSL termination and subdomain binding. In each directory you will find a `nginx.conf` file for NGINX to use. Please note that this file is not including SSL certificates. To provide SSL automatically I recommend using [certbot](https://certbot.eff.org/) + diff --git a/bookstack/nginx.conf b/bookstack/nginx.conf new file mode 100644 index 0000000..d577be6 --- /dev/null +++ b/bookstack/nginx.conf @@ -0,0 +1,8 @@ +server { + server_name sudomain.your.domain; + location / { + proxy_pass http://127.0.0.1:6875; + } + + listen 80; +} diff --git a/dashy/docker-compose.yml b/dashy/docker-compose.yml index 3599cfb..f394ddf 100644 --- a/dashy/docker-compose.yml +++ b/dashy/docker-compose.yml @@ -8,7 +8,7 @@ services: volumes: - ./config.yml:/app/public/conf.yml ports: - - 80:80 + - 8000:80 environment: - NODE_ENV=production - UID=1000 diff --git a/dashy/nginx.conf b/dashy/nginx.conf new file mode 100644 index 0000000..4a91b9f --- /dev/null +++ b/dashy/nginx.conf @@ -0,0 +1,8 @@ +server { + server_name sudomain.your.domain; + location / { + proxy_pass http://127.0.0.1:8000; + } + + listen 80; +} diff --git a/gitea/nginx.conf b/gitea/nginx.conf new file mode 100644 index 0000000..f38d2cb --- /dev/null +++ b/gitea/nginx.conf @@ -0,0 +1,9 @@ +server { + server_name sudomain.your.domain; + client_max_body_size 15M; + location / { + proxy_pass http://127.0.0.1:3000; + } + + listen 80; +} diff --git a/grafana/nginx.conf b/grafana/nginx.conf new file mode 100644 index 0000000..47d2a93 --- /dev/null +++ b/grafana/nginx.conf @@ -0,0 +1,22 @@ +map $http_upgrade $connection_upgrade { + default upgrade; + '' close; +} + +server { + server_name sudomain.your.domain; + location / { + proxy_pass http://localhost:3000/; + } + + # Proxy Grafana Live WebSocket connections. + location /api/live { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header Host $http_host; + proxy_pass http://localhost:3002/; + } + + listen 80; +} diff --git a/gramps/nginx.conf b/gramps/nginx.conf new file mode 100644 index 0000000..23d3ee5 --- /dev/null +++ b/gramps/nginx.conf @@ -0,0 +1,9 @@ +server { + server_name sudomain.your.domain; + client_max_body_size 15M; + location / { + proxy_pass http://127.0.0.1:5000; + } + + listen 80; +} diff --git a/jenkins/nginx.conf b/jenkins/nginx.conf new file mode 100644 index 0000000..c6679ff --- /dev/null +++ b/jenkins/nginx.conf @@ -0,0 +1,8 @@ +server { + server_name sudomain.your.domain; + location / { + proxy_pass http://127.0.0.1:8080; + } + + listen 80; +} diff --git a/kanboard/docker-compose.yml b/kanboard/docker-compose.yml index de298d7..70b28b3 100644 --- a/kanboard/docker-compose.yml +++ b/kanboard/docker-compose.yml @@ -4,7 +4,7 @@ services: restart: always image: kanboard/kanboard:latest ports: - - "80:80" + - "8080:80" volumes: - ./data:/var/www/app/data - ./plugins:/var/www/app/plugins diff --git a/kanboard/nginx.conf b/kanboard/nginx.conf new file mode 100644 index 0000000..c6679ff --- /dev/null +++ b/kanboard/nginx.conf @@ -0,0 +1,8 @@ +server { + server_name sudomain.your.domain; + location / { + proxy_pass http://127.0.0.1:8080; + } + + listen 80; +} diff --git a/keycloak/nginx.conf b/keycloak/nginx.conf new file mode 100644 index 0000000..5851607 --- /dev/null +++ b/keycloak/nginx.conf @@ -0,0 +1,17 @@ +server { + server_name sudomain.your.domain; + client_max_body_size 15M; + +location / { + proxy_pass http://127.0.0.1:8080/; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $server_name; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Forwarded-Port $server_port; + proxy_set_header X-Forwarded-Proto $scheme; + } + + listen 80; +} diff --git a/mediawiki/docker-compose.yml b/mediawiki/docker-compose.yml index 5ed544b..ea41315 100644 --- a/mediawiki/docker-compose.yml +++ b/mediawiki/docker-compose.yml @@ -4,7 +4,7 @@ services: image: mediawiki restart: always ports: - - 80:80 + - 8080:80 links: - database volumes: diff --git a/mediawiki/nginx.conf b/mediawiki/nginx.conf new file mode 100644 index 0000000..c6679ff --- /dev/null +++ b/mediawiki/nginx.conf @@ -0,0 +1,8 @@ +server { + server_name sudomain.your.domain; + location / { + proxy_pass http://127.0.0.1:8080; + } + + listen 80; +} diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index ba4f0a8..e9c8aa9 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -5,7 +5,7 @@ services: image: nextcloud:production restart: always ports: - - 80:80 + - 8080:80 volumes: - /data:/data:rw - ./data:/var/www/html diff --git a/nextcloud/nginx.conf b/nextcloud/nginx.conf new file mode 100644 index 0000000..67faa7e --- /dev/null +++ b/nextcloud/nginx.conf @@ -0,0 +1,30 @@ +server { + server_name sudomain.your.domain; + + client_max_body_size 0; + # proxy_buffering off; + + location / { + proxy_pass http://localhost:8080/; # set this to the nextcloud port set in doccker-compose file + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + client_max_body_size 0; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; + + #access_log /var/log/nginx/nextcloud.access.log; + #error_log /var/log/nginx/nextcloud.error.log; + } + + location = /.well-known/carddav { + return 301 $scheme://$host/remote.php/dav; + } + + location = /.well-known/caldav { + return 301 $scheme://$host/remote.php/dav; + } + + listen 80; +} diff --git a/offen/nginx.conf b/offen/nginx.conf new file mode 100644 index 0000000..710a461 --- /dev/null +++ b/offen/nginx.conf @@ -0,0 +1,8 @@ +server { + server_name sudomain.your.domain; + location / { + proxy_pass http://127.0.0.1:8102; + } + + listen 80; +}