Composes for home server
Find a file
2024-10-03 23:25:20 -05:00
.gitignore Update readme 2024-09-10 19:06:16 -05:00
avatars.yml Added reflex and update node apis composes 2024-10-03 23:25:20 -05:00
botkeeping.yml Added reflex and update node apis composes 2024-10-03 23:25:20 -05:00
db.yml Update readme 2024-09-10 19:06:16 -05:00
forgejo.yml Update readme 2024-09-10 19:06:16 -05:00
homepage.yml Added botkeeping and avatars 2024-09-27 00:54:07 -05:00
nextcloud.yml Initial commit 2024-07-03 01:21:10 -05:00
npm.yml Update readme 2024-09-10 19:06:16 -05:00
README.md Added redis config 2024-09-10 19:06:30 -05:00
redis.yml Added redis config 2024-09-10 19:06:30 -05:00
reflex.yml Added reflex and update node apis composes 2024-10-03 23:25:20 -05:00

Composes for Home Server

Composes Setup

First Steps

  • First, let's create a network to connect all our containers

    docker network create default-network
    
  • Then, create a folder named composes in the user's home folder

    mkdir ~/composes
    cd ~/composes
    
  • From here, all the next yaml files should be created inside the composes folder

Setting up secrets

  • If we would like to save the composes files in a git repository, we should'nt be writting secrets directly in our yaml files, so we will need to write the secrets somewhere else:
    mkdir .secrets
    
  • Now we could create secret files, example:
    echo "my super secret password" > .secrets/SECRET_1
    

MariaDB/MySQL Container

Setting up yaml

  • Create db.yml inside composes with the following content, don't forget to change DB_USER by your own default user:

    name: db
    
    secrets:
      MYSQL_ROOT_PASSWORD:
        file: .secrets/MYSQL_ROOT_PASSWORD
      MYSQL_USER_PASSWORD:
        file: .secrets/MYSQL_USER_PASSWORD
    
    services:
      adminer:
        image: adminer
        restart: always
        ports:
          - 8082:8080
        environment:
          ADMINER_DEFAULT_SERVER: db-mariadb-1
      mariadb:
        image: mariadb
        restart: always
        secrets:
          - MYSQL_ROOT_PASSWORD
          - MYSQL_USER_PASSWORD
        environment:
          MARIADB_USER: DB_USER
          MARIADB_ROOT_PASSWORD_FILE: /run/secrets/MYSQL_ROOT_PASSWORD
          MARIADB_PASSWORD_FILE: /run/secrets/MYSQL_USER_PASSWORD
    
    networks:
      default:
        external: true
        name: default-network
    
  • As we could see, this yaml file uses two secrets MYSQL_USER_PASSWORD and MYSQL_ROOT_PASSWORD, both should be defined inside our .secrets folder:

    echo "This is an example, please change" > .secrets/MYSQL_USER_PASSWORD
    echo "This is an example, please change" > .secrets/MYSQL_ROOT_PASSWORD
    

Starting MariaDB

  • Let's start the containers:
    docker compose -f db.yml up -d
    
  • Creating an alias for easier mariadb commands
    echo "alias mariadb=\"docker exec -it db-mariadb-1 mariadb\"" >> ~/.bash_aliases
    source ~/.bashrc
    
  • We should now be able to enter our database using mariadb cli or with a frontend in the browser at http://HOSTNAME:8080

Adding users

  • We can connect to mariadb now using:
    mariadb -p
    # Your .secrets/MYSQL_ROOT_PASSWORD
    
  • Inside, we could run mariadb operations, an example to add an user should be as follows:
    CREATE USER 'username'@'%' IDENTIFIED BY 'password';
    CREATE DATABASE dbname;
    GRANT ALL PRIVILEGES ON dbname.* TO 'username'@'%';
    FLUSH PRIVILEGES;
    

Nginx Proxy Manager Container

Setting up yaml

  • Create npm.yml inside composes with the following content:

    name: npm
    
    secrets:
      MYSQL_NPM_PASSWORD:
        file: .secrets/MYSQL_NPM_PASSWORD
    
    services:
      app:
        image: "jc21/nginx-proxy-manager:latest"
        restart: unless-stopped
        ports:
          - "80:80"
          - "81:81"
          - "443:443"
          # Any port we would like to expose from other services, example 3306 for mariadb/mysql remote access
        volumes:
          - ./volumes/nginx-proxy-manager/data:/data
          - ./volumes/nginx-proxy-manager/letsencrypt:/etc/letsencrypt
        environment:
          DB_MYSQL_HOST: "db-mariadb-1"
          DB_MYSQL_PORT: 3306
          DB_MYSQL_USER: "npm"
          DB_MYSQL_PASSWORD__FILE: /run/secrets/MYSQL_NPM_PASSWORD
          DB_MYSQL_NAME: "npm"
        secrets:
          - MYSQL_NPM_PASSWORD
    
    networks:
      default:
        external: true
        name: default-network
    
  • As we could see, this yaml file uses the secret MYSQL_NPM_PASSWORD, it be defined inside our .secrets folder:

    echo "This is an example, please change" > .secrets/MYSQL_NPM_PASSWORD
    

Database setup

  • Enter to mariadb and run the following, remember to replace the password with the one in .secrets/MYSQL_NPM_PASSWORD:
CREATE USER 'npm'@'%' IDENTIFIED BY 'password';
CREATE DATABASE npm;
GRANT ALL PRIVILEGES ON npm.* TO 'npm'@'%';
FLUSH PRIVILEGES;

Run it

  • Let's start the container:
    docker compose -f npm.yml up -d
    

Next steps

  • The default admin, we can access through http://HOSTNAME:3001
    Email:    admin@example.com
    Password: changeme
    
  • From here, if you have a domain, you could use it with the public ip from the OCI VPS and use it in this app to expose your services/web apps to the world

Forgejo Container (git repository)

Setting up yaml

  • Create forgejo.yml inside composes with the following content:

    name: forgejo
    
    secrets:
      MYSQL_FORGEJO_PASSWORD:
        file: .secrets/MYSQL_FORGEJO_PASSWORD
      MAILER_FORGEJO_PASSWORD:
        file: .secrets/MAILER_FORGEJO_PASSWORD
    
    services:
      app:
        image: codeberg.org/forgejo/forgejo:7
        environment:
          - USER_UID=1000
          - USER_GID=1000
          - FORGEJO__server__DOMAIN=git.example.com
          - FORGEJO__server__SSH_DOMAIN=git.example.com
          - FORGEJO__server__SSH_PORT=2222
          - FORGEJO__server__SSH_LISTEN_PORT=2222
          - FORGEJO__database__DB_TYPE=mysql
          - FORGEJO__database__HOST=db-mariadb-1:3306
          - FORGEJO__database__NAME=forgejo
          - FORGEJO__database__USER=forgejo
          - FORGEJO__database__PASSWD__FILE=/run/secrets/MYSQL_FORGEJO_PASSWORD
          - FORGEJO__mailer__ENABLED=true
          - FORGEJO__mailer__FROM=forgejo@example.com
          - FORGEJO__mailer__PROTOCOL=smtps
          - FORGEJO__mailer__SMTP_ADDR=mail.example.com
          - FORGEJO__mailer__SMTP_PORT=587
          - FORGEJO__mailer__USER=forgejo@example.com
          - FORGEJO__mailer__PASSWD__FILE=/run/secrets/MAILER_FORGEJO_PASSWORD
          - FORGEJO__service__DISABLE_REGISTRATION=true
          - FORGEJO__admin__SEND_NOTIFICATION_EMAIL_ON_NEW_USER=true
        secrets:
          - MYSQL_FORGEJO_PASSWORD
          - MAILER_FORGEJO_PASSWORD
        restart: always
        volumes:
          - ./volumes/forgejo:/data
          - /etc/timezone:/etc/timezone:ro
          - /etc/localtime:/etc/localtime:ro
        ports:
          - "3001:3000"
          - "222:22"
    
    networks:
      default:
        name: default-network
        external: true
    
  • This yaml file uses two secrets MAILER_FORGEJO_PASSWORD and MAILER_FORGEJO_PASSWORD, both should be defined inside our .secrets folder:

    echo "This is an example, please change" > .secrets/MYSQL_USER_PASSWORD
    echo "This is an example, please change" > .secrets/MAILER_FORGEJO_PASSWORD
    
  • Beware that FORGEJO__database, FORGEJO__mailer envs and corresponding secrets are optional for this service, we added them for a more complete setup.

  • Please fill FORGEJO__mailer envs with your corresponding email provider

  • You need to open the port 2222 to use ssh options running ./Oracle_Installer.sh in your OCI instance

  • You also need to add a stream to port 2222 in npm

  • Optionally, you may want to add the custom ssh port to your clients .ssh/config (see issue)

Database setup (Optional, must do it if FORGEJO__database added)

  • Enter to mariadb and run the following, remember to reemplace the password:
    CREATE USER 'forgejo'@'%' IDENTIFIED BY 'password';
    CREATE DATABASE forgejo;
    GRANT ALL PRIVILEGES ON forgejo.* TO 'forgejo'@'%';
    FLUSH PRIVILEGES;
    

Run it

  • Run the following commands:
    cd ~/composes
    docker compose -f forgejo.yml up -d
    

Next steps

  • The app could be accesed at http://HOSTNAME:3001
  • Before procced with login users we should use https, so npm installation is advised
  • The first created user will be the admin

Nextcloud Container (google drive-like replacement)

Setting up yaml

  • Create nextcloud.yml

    name: nextcloud
    services:
      app:
        image: nextcloud/all-in-one:latest
        init: true
        restart: always
        container_name: nextcloud-aio-mastercontainer
        volumes:
          - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
          - /var/run/docker.sock:/var/run/docker.sock:ro
        ports:
          - 8081:8080
        environment:
          - APACHE_PORT=11000
          - APACHE_IP_BINDING=0.0.0.0
          - BORG_RETENTION_POLICY=--keep-within=3d --keep-weekly=2 --keep-monthly=3
          - NEXTCLOUD_STARTUP_APPS=twofactor_totp tasks notes
        networks:
          - nextcloud-aio
    
    volumes:
      nextcloud_aio_mastercontainer:
        name: nextcloud_aio_mastercontainer
    
    networks:
      nextcloud-aio:
        name: nextcloud-aio
    
  • Update npm.yml to include nextcloud-aio network:

    # Ommiting lines
    services:
      app:
        # Ommiting lines
        networks:
          - default
          - nextcloud-aio
    
    networks:
      default:
        external: true
        name: default-network
      nextcloud-aio:
        external: true
        name: nextcloud-aio
    

Run it

  • Run the following commands:
    cd ~/composes
    docker compose -f nextcloud.yml up -d
    docker compose -f npm.yml up -d
    
  • See the docs for further integration with nginx proxy manager