diff --git a/Makefile b/Makefile index e30fc43..f7ef2a2 100644 --- a/Makefile +++ b/Makefile @@ -15,14 +15,11 @@ #TORRENTS_SERVICES := qbittorrent transmission #SHARING_SERVICES := psitransfer picoshare privatebin projectsend jellyfin dufs syncthing GIT_SERVICES := forgejo forgejo-runner +# gitea gitea-runner ADMIN_SERVICES := yacht uptime-kuma openssh -# gitea #UTILS_SERVICES := it-tools stirlingpdf omni-tools #IA_SERVICES := open-webui -# gitea-runner -GAME_SERVICES := -#mc-server mc-backup -# 7daystodie_server 7daystodie_backup satisfactory_server satisfactory_backup +#GAME_SERVICES := mc-server mc-backup 7daystodie_server 7daystodie_backup satisfactory_server satisfactory_backup PROJECT_DIRECTORY := infrastructure DOCKER_PROFILES := main_infrastructure caddy homepage $(BLOG_SERVICES) $(SHARING_SERVICES) $(TORRENTS_SERVICES) $(ADMIN_SERVICES) $(UTILS_SERVICES) $(IA_SERVICES) $(GAME_SERVICES) $(GIT_SERVICES) diff --git a/README.md b/README.md index 3ef18dc..72e5322 100644 --- a/README.md +++ b/README.md @@ -45,9 +45,25 @@ The homepage is a dashboard with many widgets and services. - [Docker Compose](https://docs.docker.com/compose/install/) - [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) - [Web domain](https://www.ovh.com/world/domains/) (I use OVH) -- [Open port 80, 443, 22 and 2222 on your router](http://192.168.1.1/) +- [Open port 80, 443, 22, 2222 and 5555 on your router](http://192.168.1.1/) - For games server, you need to open these ports (7777, 25565, 26900, 26901, 26903) +List of ports used by the services in this infrastructure: + +| Port number | Service | Description | +| ----------- | ------------- | ----------------- | +| 80 | Caddy | HTTP traffic | +| 443 | Caddy | HTTPS traffic | +| 22 | Forgejo | Git/SSH access | +| 2222 | OpenSSH | Global SSH access | +| 5555 | Gitea | Git/SSH access | +| 7777 | Satisfactory | Game server port | +| 25565 | Minecraft | Game server port | +| 26900 | 7 Days to Die | Game server port | +| 26901 | 7 Days to Die | Game server port | +| 26903 | 7 Days to Die | Game server port | + + **To avoid get rate limit from letsencrypt (10 certificates per 3 hours), you need to disable some certificates in the caddyfiles and enable them 3h later...** ### Clone @@ -78,36 +94,36 @@ Check if all bensuperpc.* are replaced by your domain in [Caddyfile](caddy/servi And then, caddy will generate the certificate for you and renew it automatically :D -| Domain name | Type | Description | -| --- | --- | --- | -| [bensuperpc.org](https://bensuperpc.org) | Main | Redirect to [www.bensuperpc.org](https://www.bensuperpc.org) | -| [www.bensuperpc.org](https://www.bensuperpc.org) | Main | Homepage | -| [open-webui.bensuperpc.org](https://open-webui.bensuperpc.org) | Sub | For local chatGPT | -| [wordpress.bensuperpc.org](https://wordpress.bensuperpc.org) | Sub | Wordpress website | -| [uptimekuma.bensuperpc.org](https://uptimekuma.bensuperpc.org) | Sub | Uptime Kuma for monitoring | -| [qbittorrent.bensuperpc.org](https://qbittorrent.bensuperpc.org) | Sub | Torrent client/server | -| [transmission.bensuperpc.org](https://transmission.bensuperpc.org) | Sub | Torrent client/server | -| [gitea.bensuperpc.org](https://gitea.bensuperpc.org) | Sub | Gitea for git | -| [forgejo.bensuperpc.org](https://forgejo.bensuperpc.org/) | Sub | Fork of Gitea for git | -| [git.bensuperpc.org](https://git.bensuperpc.org) | Sub | Fork of Gitea for git | -| [link.bensuperpc.org](https://link.bensuperpc.org) | Sub | For link shortener | -| [jellyfin.bensuperpc.org](https://jellyfin.bensuperpc.org) | Sub | Jellyfin for media server | -| [syncthing.bensuperpc.org](https://syncthing.bensuperpc.org) | Sub | SyncThing for file synchronization | -| [psitransfer.bensuperpc.org](https://psitransfer.bensuperpc.org) | Sub | PsiTransfer for file sharing | -| [it-tools.bensuperpc.org](https://it-tools.bensuperpc.org) | Sub | Tools for IT | -| [omni-tools.bensuperpc.org](https://omni-tools.bensuperpc.org) | Sub | Tools for IT | -| [privatebin.bensuperpc.org](https://privatebin.bensuperpc.org) | Sub | Pastebin | -| [yacht.bensuperpc.org](https://yacht.bensuperpc.org) | Sub | Web interface for managing docker containers | -| [projectsend.bensuperpc.org](https://projectsend.bensuperpc.org) | Sub | ProjectSend for file sharing | -| [picoshare.bensuperpc.org](https://picoshare.bensuperpc.org) | Sub | Picoshare for file sharing | -| [dufs.bensuperpc.org](https://dufs.bensuperpc.org) | Sub | Dufs for file sharing | -| [public.bensuperpc.org](https://public.bensuperpc.org) | Sub | Caddy for file sharing | -| [memos.bensuperpc.org](https://memos.bensuperpc.org) | Sub | Caddy for file sharing | -| [stirlingpdf.bensuperpc.org](https://stirlingpdf.bensuperpc.org) | Sub | Stirling PDF tools | -| bensuperpc.com | Main | Redirect to [www.bensuperpc.org](https://www.bensuperpc.org) | -| bensuperpc.fr | Main | Redirect to [www.bensuperpc.org](https://www.bensuperpc.org) | -| bensuperpc.net | Main | Redirect to [www.bensuperpc.org](https://www.bensuperpc.org) | -| bensuperpc.ovh | Main | Redirect to [www.bensuperpc.org](https://www.bensuperpc.org) | +| Domain name | Type | Description | +| ------------------------------------------------------------------ | ---- | ------------------------------------------------------------ | +| [bensuperpc.org](https://bensuperpc.org) | Main | Redirect to [www.bensuperpc.org](https://www.bensuperpc.org) | +| [www.bensuperpc.org](https://www.bensuperpc.org) | Main | Homepage | +| [open-webui.bensuperpc.org](https://open-webui.bensuperpc.org) | Sub | For local chatGPT | +| [wordpress.bensuperpc.org](https://wordpress.bensuperpc.org) | Sub | Wordpress website | +| [uptimekuma.bensuperpc.org](https://uptimekuma.bensuperpc.org) | Sub | Uptime Kuma for monitoring | +| [qbittorrent.bensuperpc.org](https://qbittorrent.bensuperpc.org) | Sub | Torrent client/server | +| [transmission.bensuperpc.org](https://transmission.bensuperpc.org) | Sub | Torrent client/server | +| [gitea.bensuperpc.org](https://gitea.bensuperpc.org) | Sub | Gitea for git | +| [forgejo.bensuperpc.org](https://forgejo.bensuperpc.org/) | Sub | Fork of Gitea for git | +| [git.bensuperpc.org](https://git.bensuperpc.org) | Sub | Fork of Gitea for git | +| [link.bensuperpc.org](https://link.bensuperpc.org) | Sub | For link shortener | +| [jellyfin.bensuperpc.org](https://jellyfin.bensuperpc.org) | Sub | Jellyfin for media server | +| [syncthing.bensuperpc.org](https://syncthing.bensuperpc.org) | Sub | SyncThing for file synchronization | +| [psitransfer.bensuperpc.org](https://psitransfer.bensuperpc.org) | Sub | PsiTransfer for file sharing | +| [it-tools.bensuperpc.org](https://it-tools.bensuperpc.org) | Sub | Tools for IT | +| [omni-tools.bensuperpc.org](https://omni-tools.bensuperpc.org) | Sub | Tools for IT | +| [privatebin.bensuperpc.org](https://privatebin.bensuperpc.org) | Sub | Pastebin | +| [yacht.bensuperpc.org](https://yacht.bensuperpc.org) | Sub | Web interface for managing docker containers | +| [projectsend.bensuperpc.org](https://projectsend.bensuperpc.org) | Sub | ProjectSend for file sharing | +| [picoshare.bensuperpc.org](https://picoshare.bensuperpc.org) | Sub | Picoshare for file sharing | +| [dufs.bensuperpc.org](https://dufs.bensuperpc.org) | Sub | Dufs for file sharing | +| [public.bensuperpc.org](https://public.bensuperpc.org) | Sub | Caddy for file sharing | +| [memos.bensuperpc.org](https://memos.bensuperpc.org) | Sub | Caddy for file sharing | +| [stirlingpdf.bensuperpc.org](https://stirlingpdf.bensuperpc.org) | Sub | Stirling PDF tools | +| bensuperpc.com | Main | Redirect to [www.bensuperpc.org](https://www.bensuperpc.org) | +| bensuperpc.fr | Main | Redirect to [www.bensuperpc.org](https://www.bensuperpc.org) | +| bensuperpc.net | Main | Redirect to [www.bensuperpc.org](https://www.bensuperpc.org) | +| bensuperpc.ovh | Main | Redirect to [www.bensuperpc.org](https://www.bensuperpc.org) | ### Configure the infrastructure @@ -325,10 +341,10 @@ main This infrastructure uses docker volumes to store data, all configuration/data for each service are not shared between services for security and maintenance reasons, but **public_data** and **private_data** are shared between all services to store your data. -| Volume name | Description | -| --- | --- | -| public_data | Public data reachable on internet via [dufs.bensuperpc.org](https://dufs.bensuperpc.org), can be disabled. | -| private_data | Private data | +| Volume name | Description | +| ------------ | ---------------------------------------------------------------------------------------------------------- | +| public_data | Public data reachable on internet via [dufs.bensuperpc.org](https://dufs.bensuperpc.org), can be disabled. | +| private_data | Private data | ### SSH access diff --git a/infrastructure/services/caddy/config/bensuperpc.org/Caddyfile b/infrastructure/services/caddy/config/bensuperpc.org/Caddyfile index 6e64154..5d00f8a 100644 --- a/infrastructure/services/caddy/config/bensuperpc.org/Caddyfile +++ b/infrastructure/services/caddy/config/bensuperpc.org/Caddyfile @@ -95,7 +95,7 @@ git.{$MAIN_DOMAIN} { } forgejo.{$MAIN_DOMAIN} { - reverse_proxy forgejo:3000 + redir https://git.{$MAIN_DOMAIN}{uri} permanent } jellyfin.{$MAIN_DOMAIN} { diff --git a/infrastructure/services/forgejo/env/forgejo.env b/infrastructure/services/forgejo/env/forgejo.env index e6be73a..723178e 100644 --- a/infrastructure/services/forgejo/env/forgejo.env +++ b/infrastructure/services/forgejo/env/forgejo.env @@ -7,18 +7,18 @@ FORGEJO__database__USER=bensuperpc FORGEJO__database__PASSWD=K7s5yoHknnEd7vsZoxb8I3dK9mjToF1j FORGEJO__APP_NAME=The Homelab Git FORGEJO__APP_SLOGAN=Personal Code, Mirrors, and More -FORGEJO__server__DOMAIN=forgejo.bensuperpc.org -FORGEJO__server__SSH_DOMAIN=forgejo.bensuperpc.org +FORGEJO__server__DOMAIN=git.bensuperpc.org +FORGEJO__server__SSH_DOMAIN=git.bensuperpc.org FORGEJO__server__HTTP_PORT=3000 FORGEJO__server__SSH_LISTEN_PORT=22 FORGEJO__server__SSH_PORT=22 -FORGEJO__server__ROOT_URL=https://forgejo.bensuperpc.org +FORGEJO__server__ROOT_URL=https://git.bensuperpc.org FORGEJO__security__SECRET_KEY=ykcZt23an1E4lFHWvrCKdAyt16WAiK9c #FORGEJO__security__INTERNAL_TOKEN= #FORGEJO__security__INSTALL_LOCK=true FORGEJO__security__MIN_PASSWORD_LENGTH=8 FORGEJO__actions__ENABLED=true -FORGEJO__actions__DEFAULT_ACTIONS_URL="https://forgejo.bensuperpc.org" +FORGEJO__actions__DEFAULT_ACTIONS_URL="https://git.bensuperpc.org" #FORGEJO__log__LEVEL: "debug" FORGEJO__repository__ENABLE_PUSH_CREATE_USER=true FORGEJO__repository__DEFAULT_PUSH_CREATE_PRIVATE=false