dockerconfig/docker-compose.yaml

version: "3.8"

networks:
  internalnet:
    driver: bridge
    enable_ipv6: false

x-mail:
  &defaults
  restart: unless-stopped
  env_file: local.env
  networks:
    - internalnet

services:

  certbot:
    <<: *defaults
    image: certbot/dns-cloudflare
    container_name: certbot
    command: certonly --non-interactive --dns-cloudflare --dns-cloudflare-credentials /config/credentials.ini --agree-tos --email admin@${NGINX_HOST} -d ${NGINX_HOST} -d mail.${NGINX_HOST} -d inbox.${NGINX_HOST} -d lieuwe.${NGINX_HOST} -d nextcloud.${NGINX_HOST} -d git.${NGINX_HOST} --server https://acme-v02.api.letsencrypt.org/directory
    volumes:
      - certbot_state:/var/lib/letsencrypt:z
      - nginx_archive:/etc/letsencrypt/archive:z
      - nginx_certs:/etc/letsencrypt/live:z
      - ./config/nginx/credentials.ini:/config/credentials.ini:ro,z

  hugo-html:
    networks:
      - internalnet
    container_name: hugo-html
    build:
      context: ./config/hugo
      args:
        HUGO_BASE: lieuwe.${NGINX_HOST}
    volumes:
      - hugo_data:/public:z

  hugo-site:
    <<: *defaults
    container_name: hugo-site
    image: nginx:alpine
    environment:
      - VIRTUAL_PORT=6262
      - VIRTUAL_PROTO=http
      - VIRTUAL_HOST=lieuwe.${NGINX_HOST}
      - LETSENCRYPT_HOST=lieuwe.${NGINX_HOST}
    volumes:
      - hugo_data:/var/www/html:ro,z
      - ./config/hugo/configure:/etc/nginx/templates/default.conf.template:ro,z
    ports:
      - "6262:6262"

  pgsqlserver:
    <<: *defaults
    container_name: pgsqlserver
    image: postgres:15
    environment:
      - POSTGRES_MULTIPLE_DATABASES=gitea, roundcube, nextcloud
      - POSTGRES_PASSWORD=${SQL_PSWD}
    volumes:
      - sql_data:/var/lib/postgresql/data/:z
      - ./config/pg-init-scripts:/docker-entrypoint-initdb.d:ro,z
    ports:
      - "5432:5432"
    healthcheck:
      test: "pg_isready"
      timeout: 45s
      interval: 10s
      retries: 10

  nextcloud:
    <<: *defaults
    image: nextcloud:fpm
    container_name: nextcloud
    environment:
      - VIRTUAL_HOST=nextcloud.${NGINX_HOST}
      - VIRTUAL_PORT=9000
      - LETSENCRYPT_HOST=nextcloud.${NGINX_HOST}
      - POSTGRES_HOST=pgsqlserver
      - POSTGRES_PORT=5432
      - POSTGRES_DB=nextcloud
      - POSTGRES_USER=nextcloud
      - POSTGRES_PASSWORD=${SQL_PSWD}
      - NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.${NGINX_HOST}
      - NEXTCLOUD_ADMIN_USER=penny
      - NEXTCLOUD_ADMIN_PASSWORD=${SQL_PSWD}
      - SMTP_HOST=mailserver
      - SMTP_SECURE=tls
      - SMTP_NAME=admin@${NGINX_HOST}
      - SMTP_PASSWORD=${SQL_PSWD}
    depends_on:
      pgsqlserver:
        condition: service_healthy
    links:
      - pgsqlserver
    expose:
      - "9000"
    volumes:
      - nextcloud_data:/var/www/html:z
      - nextcloud_data:/var/www/nextcloud:z

  gitea:
    <<: *defaults
    container_name: gitea
    image: gitea/gitea
    environment:
      - VIRTUAL_HOST=git.${NGINX_HOST}
      - VIRTUAL_PORT=3000
      - LETSENCRYPT_HOST=git.${NGINX_HOST}
      - GITEA__mailer__PASSWD=${SQL_PSWD}
      - GITEA__server__DOMAIN=git.${NGINX_HOST}
      - GITEA__server__SSH_DOMAIN=git.${NGINX_HOST}
      - GITEA__server__ROOT_URL=https://git.${NGINX_HOST}/
      - GITEA__server__CERT_FILE=/etc/letsencrypt/live/git.${NGINX_HOST}.crt
      - GITEA__server__KEY_FILE=/etc/letsencrypt/live/git.${NGINX_HOST}.key
    volumes:
      - gitea_data:/data:z
      - nginx_archive:/etc/letsencrypt/archive:ro,z
      - nginx_certs:/etc/letsencrypt/live:ro,z
    expose:
      - "3000"
    ports:
      - "222:22"
    depends_on:
      pgsqlserver:
        condition: service_healthy
    links:
      - pgsqlserver

  roundcubemail:
    <<: *defaults
    image: roundcube/roundcubemail:latest-fpm
    container_name: roundcubemail
    environment:
      - VIRTUAL_HOST=inbox.${NGINX_HOST}
      - VIRTUAL_PORT=9000
      - LETSENCRYPT_HOST=inbox.${NGINX_HOST}
      - ROUNDCUBEMAIL_DB_HOST=pgsqlserver
      - ROUNDCUBEMAIL_DEFAULT_HOST=tls://${NGINX_HOST}
      - ROUNDCUBEMAIL_SMTP_SERVER=tls://${NGINX_HOST}
      - ROUNDCUBEMAIL_DB_PASSWORD=${SQL_PSWD}
    depends_on:
      pgsqlserver:
        condition: service_healthy
    links:
      - pgsqlserver
    expose:
      - "9000"
    volumes:
      - mail_html:/var/www/html:z
      - mail_html:/var/www/roundcube:z
      - ./config/mail/config.php:/var/roundcube/config/${NGINX_HOST}.php:ro,z

  mailserver:
    <<: *defaults
    image: mailserver/docker-mailserver:latest
    container_name: mailserver
    hostname: inbox
    domainname: ${NGINX_HOST}
    environment:
      - VIRTUAL_HOST=mail.${NGINX_HOST}
      - LETSENCRYPT_HOST=mail.${NGINX_HOST}
      - SSL_TYPE=manual
      - SSL_CERT_PATH=/etc/letsencrypt/live/mail.${NGINX_HOST}.crt
      - SSL_KEY_PATH=/etc/letsencrypt/live/mail.${NGINX_HOST}.key
      - POSTMASTER_ADDRESS=admin@${NGINX_HOST}
      - RELAY_PASSWORD=${SENDGRID_APIKEY}
    ports:
      - "25:25"
      - "143:143"
      - "587:587"
      - "993:993"
    volumes:
      - nginx_archive:/etc/letsencrypt/archive:ro,z
      - nginx_certs:/etc/letsencrypt/live:ro,z
      - mail_data:/var/mail/:z
      - mail_state:/var/mail-state/:z
      - mail_config:/tmp/docker-mailserver/:z
      - ./config/mail/postfix-policyd-spf.conf:/etc/postfix-policyd-spf-python/policyd-spf.conf:ro,z
    cap_add:
      - NET_ADMIN

  reverse-proxy:
    <<: *defaults
    image: nginxproxy/nginx-proxy:1.2.3
    container_name: nginx-proxy
    environment:
      - DEFAULT_EMAIL=admin@${NGINX_HOST}
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - nginx_html:/usr/share/nginx/html:z
      - nginx_conf:/etc/nginx/conf.d/:z
      - nginx_dhparam:/etc/nginx/dhparam:z
      - nginx_archive:/etc/nginx/archive/:ro,z
      - nginx_certs:/etc/nginx/certs/:z
      - nginx_vhost:/etc/nginx/vhost.d/:z
      - mail_html:/var/www/roundcube:z
      - nextcloud_data:/var/www/nextcloud:z
      - ./config/nginx/inbox_location:/etc/nginx/vhost.d/inbox.${NGINX_HOST}_location:ro,z
      - ./config/nginx/nextcloud_location:/etc/nginx/vhost.d/nextcloud.${NGINX_HOST}_location:ro,z
      - ./config/nginx/header_default:/etc/nginx/vhost.d/default:z
      - /var/run/docker.sock:/tmp/docker.sock:ro,z

volumes:
  certbot_state:
  nginx_archive:
  nginx_certs:
  gitea_data:
  hugo_data:
  nextcloud_data:
  nginx_dhparam:
  nginx_html:
  nginx_conf:
  nginx_vhost:
  mail_data:
  mail_config:
  mail_state:
  mail_html:
  sql_data:
serve static files using nginx 2022-11-18 11:05:32 +01:00			`version: "3.8"`

			`networks:`
			`internalnet:`
			`driver: bridge`
			`enable_ipv6: false`

working acme dns setup 2023-12-30 13:31:49 +01:00			`x-mail:`
			`&defaults`
minor patch before moving to cloudflare 2024-09-21 11:53:52 +02:00			`restart: unless-stopped`
serve static files using nginx 2022-11-18 11:05:32 +01:00			`env_file: local.env`
			`networks:`
			`- internalnet`
WIP 2022-10-29 12:07:29 +02:00
			`services:`
working acme dns setup 2023-12-30 13:31:49 +01:00
			`certbot:`
			`<<: *defaults`
try outdated api 2024-09-21 16:01:38 +02:00			`image: certbot/dns-cloudflare`
working acme dns setup 2023-12-30 13:31:49 +01:00			`container_name: certbot`
try outdated api 2024-09-21 16:01:38 +02:00			`command: certonly --non-interactive --dns-cloudflare --dns-cloudflare-credentials /config/credentials.ini --agree-tos --email admin@${NGINX_HOST} -d ${NGINX_HOST} -d mail.${NGINX_HOST} -d inbox.${NGINX_HOST} -d lieuwe.${NGINX_HOST} -d nextcloud.${NGINX_HOST} -d git.${NGINX_HOST} --server https://acme-v02.api.letsencrypt.org/directory`
working acme dns setup 2023-12-30 13:31:49 +01:00			`volumes:`
			`- certbot_state:/var/lib/letsencrypt:z`
			`- nginx_archive:/etc/letsencrypt/archive:z`
			`- nginx_certs:/etc/letsencrypt/live:z`
try outdated api 2024-09-21 16:01:38 +02:00			`- ./config/nginx/credentials.ini:/config/credentials.ini:ro,z`
working acme dns setup 2023-12-30 13:31:49 +01:00
Working setup v1 2022-11-19 14:44:58 +01:00			`hugo-html:`
working acme dns setup 2023-12-30 13:31:49 +01:00			`networks:`
Working autoconfig setup with SMTP relay 2022-11-20 13:53:21 +01:00			`- internalnet`
Working setup v1 2022-11-19 14:44:58 +01:00			`container_name: hugo-html`
			`build:`
			`context: ./config/hugo`
			`args:`
			`HUGO_BASE: lieuwe.${NGINX_HOST}`
			`volumes:`
			`- hugo_data:/public:z`
serve static files using nginx 2022-11-18 11:05:32 +01:00
			`hugo-site:`
			`<<: *defaults`
			`container_name: hugo-site`
use nginx 2022-11-13 17:58:23 +01:00			`image: nginx:alpine`
serve static files using nginx 2022-11-18 11:05:32 +01:00			`environment:`
			`- VIRTUAL_PORT=6262`
			`- VIRTUAL_PROTO=http`
Working setup v1 2022-11-19 14:44:58 +01:00			`- VIRTUAL_HOST=lieuwe.${NGINX_HOST}`
serve static files using nginx 2022-11-18 11:05:32 +01:00			`- LETSENCRYPT_HOST=lieuwe.${NGINX_HOST}`
use volumer 2022-11-13 12:36:43 +01:00			`volumes:`
Working setup v1 2022-11-19 14:44:58 +01:00			`- hugo_data:/var/www/html:ro,z`
serve static files using nginx 2022-11-18 11:05:32 +01:00			`- ./config/hugo/configure:/etc/nginx/templates/default.conf.template:ro,z`
Working setup v1 2022-11-19 14:44:58 +01:00			`ports:`
			`- "6262:6262"`
WIP adding hugo page 2022-11-14 16:02:40 +01:00
WIP mail stack 2022-11-06 10:41:10 +01:00			`pgsqlserver:`
update google dns 2022-11-05 10:45:43 +01:00			`<<: *defaults`
			`container_name: pgsqlserver`
WIP: gitea setup 2022-10-30 11:25:25 +01:00			`image: postgres:15`
WIP: progress build 2022-11-13 09:29:11 +01:00			`environment:`
Working setup v1 2022-11-19 14:44:58 +01:00			`- POSTGRES_MULTIPLE_DATABASES=gitea, roundcube, nextcloud`
Cleanup env and security tokens 2022-11-13 11:32:34 +01:00			`- POSTGRES_PASSWORD=${SQL_PSWD}`
WIP: gitea setup 2022-10-30 11:25:25 +01:00			`volumes:`
Working Draft 2022-11-12 16:54:48 +01:00			`- sql_data:/var/lib/postgresql/data/:z`
WIP adding hugo page 2022-11-14 16:02:40 +01:00			`- ./config/pg-init-scripts:/docker-entrypoint-initdb.d:ro,z`
Working setup v1 2022-11-19 14:44:58 +01:00			`ports:`
			`- "5432:5432"`
wip change acme html01 to dns01 2023-04-24 11:44:33 +02:00			`healthcheck:`
			`test: "pg_isready"`
			`timeout: 45s`
			`interval: 10s`
			`retries: 10`
Working setup v1 2022-11-19 14:44:58 +01:00
			`nextcloud:`
			`<<: *defaults`
			`image: nextcloud:fpm`
			`container_name: nextcloud`
			`environment:`
			`- VIRTUAL_HOST=nextcloud.${NGINX_HOST}`
			`- VIRTUAL_PORT=9000`
			`- LETSENCRYPT_HOST=nextcloud.${NGINX_HOST}`
			`- POSTGRES_HOST=pgsqlserver`
			`- POSTGRES_PORT=5432`
			`- POSTGRES_DB=nextcloud`
			`- POSTGRES_USER=nextcloud`
			`- POSTGRES_PASSWORD=${SQL_PSWD}`
			`- NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.${NGINX_HOST}`
			`- NEXTCLOUD_ADMIN_USER=penny`
			`- NEXTCLOUD_ADMIN_PASSWORD=${SQL_PSWD}`
			`- SMTP_HOST=mailserver`
			`- SMTP_SECURE=tls`
			`- SMTP_NAME=admin@${NGINX_HOST}`
			`- SMTP_PASSWORD=${SQL_PSWD}`
			`depends_on:`
wip change acme html01 to dns01 2023-04-24 11:44:33 +02:00			`pgsqlserver:`
			`condition: service_healthy`
Working setup v1 2022-11-19 14:44:58 +01:00			`links:`
			`- pgsqlserver`
Working Draft 2022-11-12 16:54:48 +01:00			`expose:`
Working setup v1 2022-11-19 14:44:58 +01:00			`- "9000"`
			`volumes:`
			`- nextcloud_data:/var/www/html:z`
			`- nextcloud_data:/var/www/nextcloud:z`
WIP: gitea setup 2022-10-30 11:25:25 +01:00
WIP: progress build 2022-11-13 09:29:11 +01:00			`gitea:`
			`<<: *defaults`
			`container_name: gitea`
			`image: gitea/gitea`
			`environment:`
Cleanup env and security tokens 2022-11-13 11:32:34 +01:00			`- VIRTUAL_HOST=git.${NGINX_HOST}`
WIP: progress build 2022-11-13 09:29:11 +01:00			`- VIRTUAL_PORT=3000`
Cleanup env and security tokens 2022-11-13 11:32:34 +01:00			`- LETSENCRYPT_HOST=git.${NGINX_HOST}`
Fix gitea ENV variables and config smtp. 2022-11-20 17:35:28 +01:00			`- GITEA__mailer__PASSWD=${SQL_PSWD}`
bugfix use ssl cert provided by acme-helper for mailserver. 2022-11-25 16:19:44 +01:00			`- GITEA__server__DOMAIN=git.${NGINX_HOST}`
			`- GITEA__server__SSH_DOMAIN=git.${NGINX_HOST}`
			`- GITEA__server__ROOT_URL=https://git.${NGINX_HOST}/`
			`- GITEA__server__CERT_FILE=/etc/letsencrypt/live/git.${NGINX_HOST}.crt`
			`- GITEA__server__KEY_FILE=/etc/letsencrypt/live/git.${NGINX_HOST}.key`
WIP: progress build 2022-11-13 09:29:11 +01:00			`volumes:`
			`- gitea_data:/data:z`
working acme dns setup 2023-12-30 13:31:49 +01:00			`- nginx_archive:/etc/letsencrypt/archive:ro,z`
Fix gitea ENV variables and config smtp. 2022-11-20 17:35:28 +01:00			`- nginx_certs:/etc/letsencrypt/live:ro,z`
WIP: progress build 2022-11-13 09:29:11 +01:00			`expose:`
			`- "3000"`
			`ports:`
			`- "222:22"`
			`depends_on:`
wip change acme html01 to dns01 2023-04-24 11:44:33 +02:00			`pgsqlserver:`
			`condition: service_healthy`
WIP: progress build 2022-11-13 09:29:11 +01:00			`links:`
			`- pgsqlserver`

update google dns 2022-11-05 10:45:43 +01:00			`roundcubemail:`
			`<<: *defaults`
			`image: roundcube/roundcubemail:latest-fpm`
WIP mail stack 2022-11-06 10:41:10 +01:00			`container_name: roundcubemail`
			`environment:`
Cleanup env and security tokens 2022-11-13 11:32:34 +01:00			`- VIRTUAL_HOST=inbox.${NGINX_HOST}`
WIP: progress build 2022-11-13 09:29:11 +01:00			`- VIRTUAL_PORT=9000`
Cleanup env and security tokens 2022-11-13 11:32:34 +01:00			`- LETSENCRYPT_HOST=inbox.${NGINX_HOST}`
			`- ROUNDCUBEMAIL_DB_HOST=pgsqlserver`
			`- ROUNDCUBEMAIL_DEFAULT_HOST=tls://${NGINX_HOST}`
			`- ROUNDCUBEMAIL_SMTP_SERVER=tls://${NGINX_HOST}`
			`- ROUNDCUBEMAIL_DB_PASSWORD=${SQL_PSWD}`
WIP: gitea setup 2022-10-30 11:25:25 +01:00			`depends_on:`
wip change acme html01 to dns01 2023-04-24 11:44:33 +02:00			`pgsqlserver:`
			`condition: service_healthy`
update google dns 2022-11-05 10:45:43 +01:00			`links:`
WIP mail stack 2022-11-06 10:41:10 +01:00			`- pgsqlserver`
serve static files using nginx 2022-11-18 11:05:32 +01:00			`expose:`
Working Draft 2022-11-12 16:54:48 +01:00			`- "9000"`
WIP: gitea setup 2022-10-30 11:25:25 +01:00			`volumes:`
WIP 2022-11-13 10:19:12 +01:00			`- mail_html:/var/www/html:z`
working state 2022-11-13 10:41:45 +01:00			`- mail_html:/var/www/roundcube:z`
Working setup v1 2022-11-19 14:44:58 +01:00			`- ./config/mail/config.php:/var/roundcube/config/${NGINX_HOST}.php:ro,z`
update google dns 2022-11-05 10:45:43 +01:00
			`mailserver:`
			`<<: *defaults`
WIP mail stack 2022-11-06 10:41:10 +01:00			`image: mailserver/docker-mailserver:latest`
update google dns 2022-11-05 10:45:43 +01:00			`container_name: mailserver`
WIP 2022-11-13 10:19:12 +01:00			`hostname: inbox`
Cleanup env and security tokens 2022-11-13 11:32:34 +01:00			`domainname: ${NGINX_HOST}`
			`environment:`
bugfix use ssl cert provided by acme-helper for mailserver. 2022-11-25 16:19:44 +01:00			`- VIRTUAL_HOST=mail.${NGINX_HOST}`
			`- LETSENCRYPT_HOST=mail.${NGINX_HOST}`
			`- SSL_TYPE=manual`
			`- SSL_CERT_PATH=/etc/letsencrypt/live/mail.${NGINX_HOST}.crt`
			`- SSL_KEY_PATH=/etc/letsencrypt/live/mail.${NGINX_HOST}.key`
Cleanup env and security tokens 2022-11-13 11:32:34 +01:00			`- POSTMASTER_ADDRESS=admin@${NGINX_HOST}`
Working autoconfig setup with SMTP relay 2022-11-20 13:53:21 +01:00			`- RELAY_PASSWORD=${SENDGRID_APIKEY}`
WIP: gitea setup 2022-10-30 11:25:25 +01:00			`ports:`
update google dns 2022-11-05 10:45:43 +01:00			`- "25:25"`
			`- "143:143"`
			`- "587:587"`
			`- "993:993"`
			`volumes:`
working acme dns setup 2023-12-30 13:31:49 +01:00			`- nginx_archive:/etc/letsencrypt/archive:ro,z`
Working setup v1 2022-11-19 14:44:58 +01:00			`- nginx_certs:/etc/letsencrypt/live:ro,z`
Working Draft 2022-11-12 16:54:48 +01:00			`- mail_data:/var/mail/:z`
			`- mail_state:/var/mail-state/:z`
			`- mail_config:/tmp/docker-mailserver/:z`
minor patch before moving to cloudflare 2024-09-21 11:53:52 +02:00			`- ./config/mail/postfix-policyd-spf.conf:/etc/postfix-policyd-spf-python/policyd-spf.conf:ro,z`
update google dns 2022-11-05 10:45:43 +01:00			`cap_add:`
			`- NET_ADMIN`

WIP: trying mailserver 2022-11-05 15:00:31 +01:00			`reverse-proxy:`
			`<<: *defaults`
wip change acme html01 to dns01 2023-04-24 11:44:33 +02:00			`image: nginxproxy/nginx-proxy:1.2.3`
WIP: trying mailserver 2022-11-05 15:00:31 +01:00			`container_name: nginx-proxy`
Cleanup env and security tokens 2022-11-13 11:32:34 +01:00			`environment:`
			`- DEFAULT_EMAIL=admin@${NGINX_HOST}`
WIP: trying mailserver 2022-11-05 15:00:31 +01:00			`ports:`
			`- "80:80"`
			`- "443:443"`
			`volumes:`
WIP adding hugo page 2022-11-14 16:02:40 +01:00			`- nginx_html:/usr/share/nginx/html:z`
			`- nginx_conf:/etc/nginx/conf.d/:z`
Working Draft 2022-11-12 16:54:48 +01:00			`- nginx_dhparam:/etc/nginx/dhparam:z`
working acme dns setup 2023-12-30 13:31:49 +01:00			`- nginx_archive:/etc/nginx/archive/:ro,z`
			`- nginx_certs:/etc/nginx/certs/:z`
Working Draft 2022-11-12 16:54:48 +01:00			`- nginx_vhost:/etc/nginx/vhost.d/:z`
working state 2022-11-13 10:41:45 +01:00			`- mail_html:/var/www/roundcube:z`
Working setup v1 2022-11-19 14:44:58 +01:00			`- nextcloud_data:/var/www/nextcloud:z`
WIP adding hugo page 2022-11-14 16:02:40 +01:00			`- ./config/nginx/inbox_location:/etc/nginx/vhost.d/inbox.${NGINX_HOST}_location:ro,z`
Working setup v1 2022-11-19 14:44:58 +01:00			`- ./config/nginx/nextcloud_location:/etc/nginx/vhost.d/nextcloud.${NGINX_HOST}_location:ro,z`
			`- ./config/nginx/header_default:/etc/nginx/vhost.d/default:z`
WIP adding hugo page 2022-11-14 16:02:40 +01:00			`- /var/run/docker.sock:/tmp/docker.sock:ro,z`
WIP: need to include SMTP relay 2022-11-19 18:55:06 +01:00
Working Draft 2022-11-12 16:54:48 +01:00			`volumes:`
working acme dns setup 2023-12-30 13:31:49 +01:00			`certbot_state:`
			`nginx_archive:`
			`nginx_certs:`
WIP: progress build 2022-11-13 09:29:11 +01:00			`gitea_data:`
Working setup v1 2022-11-19 14:44:58 +01:00			`hugo_data:`
			`nextcloud_data:`
Working Draft 2022-11-12 16:54:48 +01:00			`nginx_dhparam:`
			`nginx_html:`
			`nginx_conf:`
			`nginx_vhost:`
			`mail_data:`
			`mail_config:`
			`mail_state:`
WIP 2022-11-13 10:19:12 +01:00			`mail_html:`
WIP: progress build 2022-11-13 09:29:11 +01:00			`sql_data:`