mirror of
https://github.com/bensuperpc/infrastructure.git
synced 2024-11-09 11:47:26 +01:00
Compare commits
2 Commits
aee30a0aaf
...
9110cfec89
| Author | SHA1 | Date | |
|---|---|---|---|
| 9110cfec89 | |||
| 817d09683b |
2
Makefile
2
Makefile
@ -13,7 +13,7 @@
|
||||
|
||||
DOCKER := docker
|
||||
|
||||
PROFILES := webserver wordpress adminer uptime-kuma portainer qbittorrent gitea jellyfin watchtower backup openssh
|
||||
PROFILES := webserver wordpress adminer uptime-kuma portainer qbittorrent gitea jellyfin watchtower backup syncthing openssh
|
||||
PROFILE_CMD := $(addprefix --profile ,$(PROFILES))
|
||||
|
||||
COMPOSE_FILES := $(shell find docker-compose*.yml | sed -e 's/^/--file /')
|
||||
|
||||
10
README.md
10
README.md
@ -70,10 +70,12 @@ And then, caddy will generate the certificate for you and renew it automatically
|
||||
| git.bensuperpc.org | Sub | Gitea for git |
|
||||
| link.bensuperpc.org | Sub | For link shortener |
|
||||
| jellyfin.bensuperpc.org | Sub | Jellyfin for media server |
|
||||
| syncthing.bensuperpc.org | Sub | SyncThing for file synchronization |
|
||||
| ssh.bensuperpc.org | Sub | Openssh for ssh |
|
||||
| bensuperpc.com | Main | Redirect to bensuperpc.org |
|
||||
| bensuperpc.fr | Sub | Redirect to bensuperpc.org |
|
||||
| bensuperpc.net | Sub | Redirect to bensuperpc.org |
|
||||
| bensuperpc.ovh | Sub | Redirect to bensuperpc.org |
|
||||
| bensuperpc.fr | Main | Redirect to bensuperpc.org |
|
||||
| bensuperpc.net | Main | Redirect to bensuperpc.org |
|
||||
| bensuperpc.ovh | Main | Redirect to bensuperpc.org |
|
||||
|
||||
### Configure the infrastructure
|
||||
|
||||
@ -163,6 +165,8 @@ You can find all services on the [docker-compose.yml](docker-compose.yml) file o
|
||||
| Torrent | Torrent server | [torrent.bensuperpc.org](https://torrent.bensuperpc.org) |
|
||||
| Gitea | Gitea for git | [git.bensuperpc.org](https://git.bensuperpc.org) |
|
||||
| Jellyfin | Jellyfin for media server | [jellyfin.bensuperpc.org](https://jellyfin.bensuperpc.org) |
|
||||
| SyncThing | SyncThing for file synchronization | [syncthing.bensuperpc.org](https://syncthing.bensuperpc.org) |
|
||||
| Openssh | Openssh for ssh | [ssh.bensuperpc.org](https://ssh.bensuperpc.org) |
|
||||
|
||||
## URL
|
||||
|
||||
|
||||
@ -29,6 +29,9 @@ www.bensuperpc.org {
|
||||
|
||||
# clickjacking protection
|
||||
X-Frame-Options DENY
|
||||
|
||||
# Disable powerful features we don't need
|
||||
Permissions-Policy "geolocation=(), camera=(), microphone=() interest-cohort=()"
|
||||
}
|
||||
}
|
||||
|
||||
@ -60,6 +63,12 @@ ssh.bensuperpc.org {
|
||||
reverse_proxy openssh:2222
|
||||
}
|
||||
|
||||
syncthing.bensuperpc.org {
|
||||
reverse_proxy syncthing:8384 {
|
||||
header_up Host {upstream_hostport}
|
||||
}
|
||||
}
|
||||
|
||||
link.bensuperpc.org {
|
||||
redir /rickroll https://www.youtube.com/watch?v=dQw4w9WgXcQ permanent
|
||||
redir /babyshark https://www.youtube.com/watch?v=XqZsoesa55w permanent
|
||||
|
||||
@ -17,7 +17,7 @@ services:
|
||||
- caddy_config:/backup/caddy_config:ro
|
||||
# - gitea_data:/backup/gitea_data:ro
|
||||
# - gitea_config:/backup/gitea_config:ro
|
||||
# - database:/backup/database:ro
|
||||
# - wordpress_db:/backup/wordpress_db:ro
|
||||
# - wordpress:/backup/wordpress:ro
|
||||
# - jellyfin_config:/backup/jellyfin_config:ro
|
||||
# - jellyfin_data:/backup/jellyfin_data:ro
|
||||
|
||||
@ -18,17 +18,26 @@ services:
|
||||
- ./caddy:/etc/caddy:ro
|
||||
networks:
|
||||
- infra-network
|
||||
env_file:
|
||||
- env/caddy.env
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
# cap_drop:
|
||||
# - ALL
|
||||
# cap_add:
|
||||
# - CHOWN
|
||||
# - FOWNER
|
||||
# - DAC_OVERRIDE
|
||||
# - SETGID
|
||||
# - SETUID
|
||||
# - NET_BIND_SERVICE
|
||||
# cap_drop:
|
||||
# - ALL
|
||||
# cap_add:
|
||||
# - CHOWN
|
||||
# - FOWNER
|
||||
# - DAC_OVERRIDE
|
||||
# - SETGID
|
||||
# - SETUID
|
||||
# - NET_BIND_SERVICE
|
||||
healthcheck:
|
||||
test: pidof caddy || exit 1
|
||||
interval: 120s
|
||||
timeout: 10s
|
||||
retries: 3
|
||||
|
||||
volumes:
|
||||
caddy_data:
|
||||
|
||||
25
docker-compose.syncthing.yml
Normal file
25
docker-compose.syncthing.yml
Normal file
@ -0,0 +1,25 @@
|
||||
version: '3.9'
|
||||
|
||||
services:
|
||||
# syncthing
|
||||
syncthing:
|
||||
image: linuxserver/syncthing:latest
|
||||
container_name: syncthing
|
||||
profiles:
|
||||
- syncthing
|
||||
restart: on-failure
|
||||
env_file:
|
||||
- env/syncthing.env
|
||||
volumes:
|
||||
- syncthing_config:/config
|
||||
- syncthing_data:/data1
|
||||
networks:
|
||||
- infra-network
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
|
||||
volumes:
|
||||
syncthing_config:
|
||||
name: syncthing_config
|
||||
syncthing_data:
|
||||
name: syncthing_data
|
||||
@ -32,7 +32,7 @@ services:
|
||||
- caddy
|
||||
restart: on-failure
|
||||
volumes:
|
||||
- database:/var/lib/mysql:rw
|
||||
- wordpress_db:/var/lib/mysql:rw
|
||||
env_file:
|
||||
- env/wordpress_db.env
|
||||
command: '--default-authentication-plugin=mysql_native_password'
|
||||
@ -42,7 +42,7 @@ services:
|
||||
- no-new-privileges:true
|
||||
|
||||
volumes:
|
||||
database:
|
||||
name: database
|
||||
wordpress_db:
|
||||
name: wordpress_db
|
||||
wordpress:
|
||||
name: wordpress
|
||||
0
env/caddy.env
vendored
Normal file
0
env/caddy.env
vendored
Normal file
2
env/syncthing.env
vendored
Normal file
2
env/syncthing.env
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
PUID=1000
|
||||
PGID=1000
|
||||
Loading…
Reference in New Issue
Block a user