diff --git a/admin_stack.yml b/admin_stack.yml new file mode 100644 index 0000000..1af24d5 --- /dev/null +++ b/admin_stack.yml @@ -0,0 +1,28 @@ +version: '3' + +services: + reverse_proxy_admin: + image: nginx + volumes: + - nginx_router:/etc/nginx/ + networks: + - dmz + deploy: + mode: replicated + replicas: 1 + labels: + - "traefik.frontend.rule=Host:admin.arnaud-pc.fr" + - "traefik.port=80" + - "traefik.docker.network=dmz" + - "traefik.passHostHeader=true" + - "traefik.backend.loadbalancer.swarm=true" + - "traefik.backend.loadbalancer.method=drr" + - "traefik.enable=true" + +networks: + dmz: + external: true + +volumes: + nginx_router: + driver: convoy diff --git a/gitea_stack.yml b/gitea_stack.yml new file mode 100644 index 0000000..d96a2ee --- /dev/null +++ b/gitea_stack.yml @@ -0,0 +1,56 @@ +version: '3' + +services: + web: + image: gitea/gitea:latest + depends_on: + - db + environment: + - TZ=Europe/Paris + - PUID=1000 + - PGID=1000 + - DB_TYPE=postgres + - DB_HOST=db:5432 + - DB_NAME=xxx + - DB_USER=xxx + - DB_PASSWD=xxx + volumes: + - gitea_data:/data + ports: + - "10022:22" + deploy: + labels: + - "traefik.port=3000" + - "traefik.frontend.rule=Host:git.cloud.arnaud-pc.fr" + - "traefik.docker.network=dmz" + - "traefik.passHostHeader=true" + - "traefik.backend.loadbalancer.swarm=true" + - "traefik.backend.loadbalancer.method=drr" + - "traefik.enable=true" + networks: + - dmz + - gitea + + db: + image: postgres:latest + environment: + - POSTGRES_USER=xxx + - POSTGRES_PASSWORD=xxx + - POSTGRES_DB=xxx + volumes: + - postgres_gitea_data:/var/lib/postgresql/data + networks: + - gitea + +networks: + gitea: + driver: overlay + dmz: + external: + name: dmz + +volumes: + gitea_data: + driver: convoy + postgres_gitea_data: + driver: convoy diff --git a/nextcloud_stack.yml b/nextcloud_stack.yml new file mode 100644 index 0000000..99c0d2a --- /dev/null +++ b/nextcloud_stack.yml @@ -0,0 +1,61 @@ +version: '3' + +services: + web: + image: nextcloud + depends_on: + - db + environment: + - POSTGRES_DB=xxx + - POSTGRES_USER=xxx + - POSTGRES_PASSWORD=xxx + - POSTGRES_HOST=db + volumes: + - /storage/:/data/ + - nextcloud_data:/var/www/html/data/ + - nextcloud_config:/var/www/html/config + networks: + - dmz + - nextcloud + deploy: + mode: replicated + replicas: 1 + placement: + constraints: [node.role == manager] + + labels: + - "traefik.frontend.rule=Host:nextcloud.cloud.arnaud-pc.fr,cloud.arnaud-pc.fr" + - "traefik.port=80" + - "traefik.docker.network=dmz" + - "traefik.passHostHeader=true" + - "traefik.backend.loadbalancer.swarm=true" + - "traefik.backend.loadbalancer.method=drr" + - "traefik.enable=true" + + db: + image: postgres:9.6 + environment: + - POSTGRES_USER=xxx + - POSTGRES_PASSWORD=xxx + - POSTGRES_DB=xxx + volumes: + - postgres_nextcloud_data:/var/lib/postgresql/data + networks: + - nextcloud + deploy: + mode: replicated + replicas: 1 + +networks: + dmz: + external: true + nextcloud: + driver: overlay + +volumes: + nextcloud_data: + driver: convoy + nextcloud_config: + driver: convoy + postgres_nextcloud_data: + driver: convoy diff --git a/portainer_stack.yml b/portainer_stack.yml new file mode 100644 index 0000000..928d172 --- /dev/null +++ b/portainer_stack.yml @@ -0,0 +1,49 @@ +version: '3.5' + +services: + agent: + image: portainer/agent + environment: + AGENT_CLUSTER_ADDR: tasks.agent + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - /var/lib/docker/volumes:/var/lib/docker/volumes + networks: + - agent_network + deploy: + mode: global + placement: + constraints: [node.platform.os == linux] + + portainer: + image: portainer/portainer + command: -H tcp://tasks.agent:9001 --tlsskipverify + volumes: + - portainer_data:/data + networks: + - dmz + - agent_network + deploy: + mode: replicated + replicas: 1 + placement: + constraints: [node.role == manager] + labels: + - "traefik.frontend.rule=Host:portainer.cloud.arnaud-pc.fr" + - "traefik.port=9000" + - "traefik.docker.network=dmz" + - "traefik.passHostHeader=true" + - "traefik.backend.loadbalancer.swarm=true" + - "traefik.backend.loadbalancer.method=drr" + - "traefik.enable=true" + +networks: + agent_network: + driver: overlay + attachable: true + dmz: + external: true + +volumes: + portainer_data: + driver: convoy diff --git a/traefik_stack.yml b/traefik_stack.yml new file mode 100644 index 0000000..2c18bb0 --- /dev/null +++ b/traefik_stack.yml @@ -0,0 +1,57 @@ +version: '3.5' +services: + traefik: + image: traefik + environment: + - OVH_ENDPOINT=ovh-eu + - OVH_APPLICATION_KEY=xxx + - OVH_APPLICATION_SECRET=xxx + - OVH_CONSUMER_KEY=xxx + ports: + - "80:80" + - "443:443" + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - traefik_conf:/etc/traefik + networks: + - traefik_network + command: > + --docker + --docker.swarmMode + --docker.domain=arnaud-pc.fr + --docker.watch + --api + --entryPoints='Name:http Address::80 Redirect.EntryPoint:https' + --entryPoints='Name:https Address::443 TLS' + --defaultentrypoints=http,https + --acme + --acme.storage=/etc/traefik/acme/acme.json + --acme.email=worldtocraft@gmail.com + --acme.entryPoint=https + --acme.onhostrule + --acme.dnschallenge + --acme.dnschallenge.provider=ovh + deploy: + mode: replicated + replicas: 1 + placement: + constraints: [node.role == manager] + labels: + - "traefik.frontend.auth.basic.usersFile=/etc/traefik/.htpasswd" + - "traefik.frontend.rule=Host:traefik.cloud.arnaud-pc.fr" + - "traefik.port=8080" + - "traefik.docker.network=dmz" + - "traefik.passHostHeader=true" + - "traefik.backend.loadbalancer.swarm=true" + - "traefik.backend.loadbalancer.method=drr" + - "traefik.enable=true" + +networks: + traefik_network: + name: dmz + driver: overlay + attachable: true + +volumes: + traefik_conf: + driver: convoy