p1 variables first pass
This commit is contained in:
admin
parent
7c5d0eb082
commit
fa781b5982
5 changed files with 58 additions and 56 deletions
|
|
@ -4,16 +4,17 @@ services:
|
||||||
container_name: forgejo
|
container_name: forgejo
|
||||||
restart: always
|
restart: always
|
||||||
environment:
|
environment:
|
||||||
- FORGEJO__database__DB_TYPE=mysql
|
- FORGEJO__database__DB_TYPE=${FJ_DB_TYPE}
|
||||||
- FORGEJO__database__HOST=172.16.201.208:3306
|
- FORGEJO__database__HOST=${FJ_DB_HOST}
|
||||||
- FORGEJO__database__NAME=forgejo
|
- FORGEJO__database__PORT=${FJ_DB_PORT}
|
||||||
- FORGEJO__database__USER=forgejo
|
- FORGEJO__database__NAME=${FJ_DB_NAME}
|
||||||
- FORGEJO__database__PASSWD=your_password
|
- FORGEJO__database__USER=${FJ_DB_USER}
|
||||||
- FORGEJO__storage__TYPE=minio
|
- FORGEJO__database__PASSWD=${FJ_DB_PASS}
|
||||||
- FORGEJO__storage__MINIO_ENDPOINT=172.16.201.208:9000
|
- FORGEJO__storage__TYPE=${FJ_STORE_TYPE}
|
||||||
- FORGEJO__storage__MINIO_ACCESS_KEY_ID=your_key
|
- FORGEJO__storage__MINIO_ENDPOINT=${FJ_STORE_ENDPOINT}
|
||||||
- FORGEJO__storage__MINIO_SECRET_ACCESS_KEY=your_secret
|
- FORGEJO__storage__MINIO_ACCESS_KEY_ID=${FJ_STORE_KEY}
|
||||||
- FORGEJO__storage__MINIO_BUCKET=forgejo
|
- FORGEJO__storage__MINIO_SECRET_ACCESS_KEY=${FJ_STORE_SECRET}
|
||||||
|
- FORGEJO__storage__MINIO_BUCKET=${FJ_STORE_BUCKET}
|
||||||
- FORGEJO__storage__MINIO_USE_SSL=false
|
- FORGEJO__storage__MINIO_USE_SSL=false
|
||||||
volumes:
|
volumes:
|
||||||
- /docker/core/forgejo/data:/data
|
- /docker/core/forgejo/data:/data
|
||||||
|
|
|
||||||
|
|
@ -1,15 +1,15 @@
|
||||||
services:
|
services:
|
||||||
guacd:
|
guacd:
|
||||||
image: guacamole/guacd:latest
|
image: guacamole/guacd:latest
|
||||||
container_name: guacd
|
container_name: ${GUACD_NAME}
|
||||||
restart: always
|
restart: always
|
||||||
cpus: 1.0
|
cpus: 1.0
|
||||||
mem_limit: "1024m"
|
mem_limit: "1024m"
|
||||||
mem_reservation: "256m"
|
mem_reservation: "256m"
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
networks:
|
networks:
|
||||||
- guac_internal
|
- ${GUAC_INT_NETWORK}
|
||||||
- guac_ssh
|
- ${GUAC_SSH_NETWORK}
|
||||||
|
|
||||||
guacamole:
|
guacamole:
|
||||||
image: guacamole/guacamole:latest
|
image: guacamole/guacamole:latest
|
||||||
|
|
@ -22,29 +22,29 @@ services:
|
||||||
mem_limit: "3072m" # 3 GB
|
mem_limit: "3072m" # 3 GB
|
||||||
mem_reservation: "1024m"
|
mem_reservation: "1024m"
|
||||||
environment:
|
environment:
|
||||||
- GUACD_HOSTNAME=guacd
|
- GUACD_HOSTNAME=${GUACD_NAME}
|
||||||
- MYSQL_HOSTNAME=172.16.201.208
|
- MYSQL_HOSTNAME=${GUAC_DB_HOST}
|
||||||
- MYSQL_PORT=3306
|
- MYSQL_PORT=${GUAC_DB_PORT}
|
||||||
- MYSQL_DATABASE=guacamole
|
- MYSQL_DATABASE=${GUAC_DB_NAME}
|
||||||
- MYSQL_USER=guac_user
|
- MYSQL_USER=${GUAC_DB_USER}
|
||||||
- MYSQL_PASSWORD=your_password
|
- MYSQL_PASSWORD=${GUAC_DB_PASS}
|
||||||
- MYSQL_SSL_MODE=disabled
|
- MYSQL_SSL_MODE=disabled
|
||||||
- CATALINA_OPTS="-Djava.security.egd=file:/dev/./urandom -Xms1g -Xmx2g"
|
- CATALINA_OPTS="-Djava.security.egd=file:/dev/./urandom -Xms1g -Xmx2g"
|
||||||
ports:
|
ports:
|
||||||
- "8080:8080"
|
- "8080:8080"
|
||||||
depends_on:
|
depends_on:
|
||||||
- guacd
|
- ${GUACD_NAME}
|
||||||
#networks:
|
#networks:
|
||||||
#- guac_internal
|
- ${GUAC_INT_NETWORK}
|
||||||
#- guac_external # Connects to Traefik
|
- ${GUAC_EXT_NETWORK}
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=false"
|
- "traefik.enable=${GUAC_TRAEFIK_ENABLED}"
|
||||||
- "traefik.http.routers.guac.rule=Host(`ssh.mapletree.email`)"
|
- "traefik.http.routers.guac.rule=Host(`${GUAC_TRAEFIK_HOSTNAME}.${TRAEFIK_DNS_SUFFIX}`)"
|
||||||
- "traefik.http.routers.guac.entrypoints=websecure"
|
- "traefik.http.routers.guac.entrypoints=${GUAC_TRAEFIK_ENTRYPOINT}"
|
||||||
- "traefik.http.routers.guac.tls=true"
|
- "traefik.http.routers.guac.tls=true"
|
||||||
- "traefik.http.services.guac.loadbalancer.server.port=8080"
|
- "traefik.http.services.guac.loadbalancer.server.port=${GUAC_TRAEFIK_PORT}"
|
||||||
- "traefik.http.routers.guac.tls.certresolver=myresolver"
|
- "traefik.http.routers.guac.tls.certresolver=${GUAC_TRAEFIK_RESOLVER}"
|
||||||
- "traefik.docker.network=guac_external"
|
- "traefik.docker.network=${GUAC_EXT_NETWORK}"
|
||||||
|
|
||||||
# Middleware 1: Redirect
|
# Middleware 1: Redirect
|
||||||
- "traefik.http.middlewares.guac-redirect.redirectregex.regex=^https://([^/]+)/?$$"
|
- "traefik.http.middlewares.guac-redirect.redirectregex.regex=^https://([^/]+)/?$$"
|
||||||
|
|
@ -60,9 +60,9 @@ services:
|
||||||
# Apply Both
|
# Apply Both
|
||||||
- "traefik.http.routers.guac.middlewares=guac-redirect,guac-buffer"
|
- "traefik.http.routers.guac.middlewares=guac-redirect,guac-buffer"
|
||||||
networks:
|
networks:
|
||||||
guac_internal:
|
${GUAC_INT_NETWORK}:
|
||||||
internal: true
|
internal: true
|
||||||
guac_external:
|
${GUAC_EXT_NETWORK}:
|
||||||
external: true
|
driver: bridge
|
||||||
guac_ssh:
|
${GUAC_SSH_NETWORK}:
|
||||||
external: true
|
external: true
|
||||||
|
|
@ -2,9 +2,10 @@
|
||||||
services:
|
services:
|
||||||
komodo-mongo:
|
komodo-mongo:
|
||||||
image: mongo:7.0
|
image: mongo:7.0
|
||||||
container_name: komodo-mongo
|
container_name: ${KOMODO_DB_HOSTNAME}
|
||||||
restart: always
|
restart: always
|
||||||
network_mode: host
|
networks:
|
||||||
|
- ${KOMODO_INT_NETWORK}
|
||||||
command: ["--replSet", "rs0", "--bind_ip_all", "--port", "27017"]
|
command: ["--replSet", "rs0", "--bind_ip_all", "--port", "27017"]
|
||||||
volumes:
|
volumes:
|
||||||
- /docker/management/mongodb:/data/db
|
- /docker/management/mongodb:/data/db
|
||||||
|
|
@ -29,18 +30,18 @@ services:
|
||||||
- /docker/management/komodo/repo-cache:/repo-cache
|
- /docker/management/komodo/repo-cache:/repo-cache
|
||||||
- /docker:/docker
|
- /docker:/docker
|
||||||
depends_on:
|
depends_on:
|
||||||
- komodo-mongo
|
- ${KOMODO_DB_HOSTNAME}
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
labels:
|
labels:
|
||||||
- "komodo.skip=true"
|
- "komodo.skip=true"
|
||||||
- KOMODO_DATABASE_URI=mongodb://172.16.201.206:27017,172.16.201.106:27017/komodo?replicaSet=rs0
|
- KOMODO_DATABASE_URI=mongodb://${KOMODO_DB_PRI}:27017,${KOMODO_DB_SEC}:27017/komodo?replicaSet=${KOMODO_DB_REPLICA}
|
||||||
- KOMODO_DATABASE_ADDRESS=
|
#- KOMODO_DATABASE_ADDRESS=
|
||||||
networks:
|
networks:
|
||||||
- komodo_external
|
- ${KOMODO_INT_NETWORK}
|
||||||
- management_internal
|
- ${KOMODO_EXT_NETWORK}
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
komodo_external:
|
${KOMODO_INT_NETWORK}:
|
||||||
external: true
|
external: true
|
||||||
management_internal:
|
${KOMODO_EXT_NETWORK}:
|
||||||
internal: true
|
driver: bridge
|
||||||
|
|
@ -7,12 +7,12 @@ services:
|
||||||
- "25:25"
|
- "25:25"
|
||||||
environment:
|
environment:
|
||||||
# 1. THE UPSTREAM SMARTHOST (Where mail goes)
|
# 1. THE UPSTREAM SMARTHOST (Where mail goes)
|
||||||
- RELAY_HOST=smtp-relay.brevo.com
|
- RELAY_HOST=${RELAY_HOST}
|
||||||
- RELAY_PORT=587
|
- RELAY_PORT=${RELAY_PORT}
|
||||||
|
|
||||||
# 2. INTERNAL SECURITY (Who can send)
|
# 2. INTERNAL SECURITY (Who can send)
|
||||||
# Allow your entire subnet (e.g., 192.168.1.0/24) to send without auth
|
# Allow your entire subnet (e.g., 192.168.1.0/24) to send without auth
|
||||||
- MYNETWORKS=172.16.201.0/24 10.19.19.0/24 192.168.19.0/24
|
- MYNETWORKS=${RELAY_NETWORKS}
|
||||||
|
|
||||||
# 3. IDENTIFICATION
|
# 3. IDENTIFICATION
|
||||||
# The hostname this relay announces itself as
|
# The hostname this relay announces itself as
|
||||||
|
|
|
||||||
|
|
@ -10,24 +10,24 @@ services:
|
||||||
ports:
|
ports:
|
||||||
- "3001:3000"
|
- "3001:3000"
|
||||||
networks:
|
networks:
|
||||||
- management_internal
|
- ${WUD_INT_NETWORK}
|
||||||
volumes:
|
volumes:
|
||||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||||
- /docker/management/wud/etc:/etc/wud
|
- /docker/management/wud/etc:/etc/wud
|
||||||
- /docker/management/wud/var:/var/lib/wud
|
- /docker/management/wud/var:/var/lib/wud
|
||||||
- /docker/management/wud-db:/var/lib/wud/db
|
- /docker/management/wud-db:/var/lib/wud/db
|
||||||
environment:
|
environment:
|
||||||
- WUD_AUTOUPDATE=false
|
|
||||||
- TZ=America/Edmonton
|
- TZ=America/Edmonton
|
||||||
- WUD_WATCHER_LOCAL_WATCHBYDEFAULT=true
|
|
||||||
- WUD_WATCHER_LOCAL_SOCKET=/var/run/docker.sock
|
- WUD_WATCHER_LOCAL_SOCKET=/var/run/docker.sock
|
||||||
- WUD_REGISTRIES_LSCR_ENABLED=true
|
- WUD_AUTOUPDATE=${WUD_AUTOUPDATE}
|
||||||
- WUD_REGISTRY_LSCR_USERNAME=jkilloran82
|
- WUD_WATCHER_LOCAL_WATCHBYDEFAULT=${WUD_WATCH}
|
||||||
|
- WUD_REGISTRIES_LSCR_ENABLED=${WUD_LSCR}
|
||||||
|
- WUD_REGISTRY_LSCR_USERNAME=${WUD_LSCR_USER}
|
||||||
- WUD_REGISTRY_LSCR_TOKEN=${GITHUB_PAT_TOKEN}
|
- WUD_REGISTRY_LSCR_TOKEN=${GITHUB_PAT_TOKEN}
|
||||||
- WUD_TRIGGER_SMTP_EMAIL_FROM=wud@mapletree.email
|
- WUD_TRIGGER_SMTP_EMAIL_FROM=${WUD_SMTP_FROM}
|
||||||
- WUD_TRIGGER_SMTP_EMAIL_TO=jkilloran@doppio.ca
|
- WUD_TRIGGER_SMTP_EMAIL_TO=${WUD_SMTP_TO}
|
||||||
- WUD_TRIGGER_SMTP_EMAIL_HOST=10.19.19.3
|
- WUD_TRIGGER_SMTP_EMAIL_HOST=${WUD_SMTP_HOST}
|
||||||
- WUD_TRIGGER_SMTP_EMAIL_PORT=25
|
- WUD_TRIGGER_SMTP_EMAIL_PORT=${WUD_SMTP_PORT}
|
||||||
- WUD_TRIGGER_SMTP_EMAIL_TLS_ENABLED=false
|
- WUD_TRIGGER_SMTP_EMAIL_TLS_ENABLED=${WUD_SMTP_TLS}
|
||||||
- WUD_TRIGGER_SMTP_EMAIL_TLS_VERIFY=false
|
- WUD_TRIGGER_SMTP_EMAIL_TLS_VERIFY=${WUD_SMTP_TLS_VER}
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue