jusemon/composes
2
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initial commit

Browse source
This commit is contained in:
Juan Sebastián Montoya 2024-07-03 01:21:10 -05:00
commit b1e63725e8
7 changed files with 479 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
.secrets
volumes

319
README.md Normal file
View file

@ -0,0 +1,319 @@
# Composes for Home Server
## Composes Setup
### First Steps
- First, let's create a network to connect all our containers
```bash
docker network create default-network
```
- Then, create a folder named composes in the user's home folder
```bash
mkdir ~/composes
cd ~/composes
```
- From here, all the next yaml files should be created inside the composes folder
### Setting up secrets
- If we would like to save the composes files in a git repository, we should'nt be writting secrets directly in our yaml files, so we will need to write the secrets somewhere else:
```
mkdir .secrets
```
- Now we could create secret files, example:
```
echo "my super secret password" > .secrets/SECRET_1
```
## MariaDB/MySQL Container
### Setting up yaml
- Create `db.yml` inside composes with the following content, don't forget to change `DB_USER` by your own default user:
```yaml
name: db
secrets:
MYSQL_ROOT_PASSWORD:
file: .secrets/MYSQL_ROOT_PASSWORD
MYSQL_USER_PASSWORD:
file: .secrets/MYSQL_USER_PASSWORD
services:
adminer:
image: adminer
restart: always
ports:
- 8080:8080
environment:
ADMINER_DEFAULT_SERVER: db-mariadb-1
mariadb:
image: mariadb
restart: always
secrets:
- MYSQL_ROOT_PASSWORD
- MYSQL_USER_PASSWORD
environment:
MARIADB_USER: DB_USER
MARIADB_ROOT_PASSWORD_FILE: /run/secrets/MYSQL_ROOT_PASSWORD
MARIADB_PASSWORD_FILE: /run/secrets/MYSQL_USER_PASSWORD
networks:
default:
external: true
name: default-network
```
- As we could see, this yaml file uses two secrets `MYSQL_USER_PASSWORD` and `MYSQL_ROOT_PASSWORD`, both should be defined inside our `.secrets` folder:
```bash
echo "This is an example, please change" > .secrets/MYSQL_USER_PASSWORD
echo "This is an example, please change" > .secrets/MYSQL_ROOT_PASSWORD
```
### Starting MariaDB
- Let's start the containers:
```bash
docker compose -f db.yml up -d
```
- Creating an alias for easier mariadb commands
```bash
echo "alias mariadb=\"docker exec -it db-mariadb-1 mariadb\"" >> ~/.bash_aliases
source ~/.bashrc
```
- We should now be able to enter our database using mariadb cli or with a frontend in the browser at http://HOSTNAME:8080
### Adding users
- We can connect to mariadb now using:
```bash
mariadb -p
# Your .secrets/MYSQL_ROOT_PASSWORD
```
- Inside, we could run mariadb operations, an example to add an user should be as follows:
```sql
CREATE USER 'username'@'%' IDENTIFIED BY 'password';
CREATE DATABASE dbname;
GRANT ALL PRIVILEGES ON dbname.* TO 'username'@'%';
FLUSH PRIVILEGES;
```
## Nginx Proxy Manager Container
### Setting up yaml
- Create `npm.yml` inside composes with the following content:
```yaml
name: npm
secrets:
MYSQL_NPM_PASSWORD:
file: .secrets/MYSQL_NPM_PASSWORD
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
restart: unless-stopped
ports:
- '80:80'
- '81:81'
- '443:443'
# Any port we would like to expose from other services, example 3306 for mariadb/mysql remote access
volumes:
- ./volumes/nginx-proxy-manager/data:/data
- ./volumes/nginx-proxy-manager/letsencrypt:/etc/letsencrypt
environment:
DB_MYSQL_HOST: "db-mariadb-1"
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: "npm"
DB_MYSQL_PASSWORD__FILE: /run/secrets/MYSQL_NPM_PASSWORD
DB_MYSQL_NAME: "npm"
secrets:
- MYSQL_NPM_PASSWORD
networks:
default:
external: true
name: default-network
```
- As we could see, this yaml file uses the secret `MYSQL_NPM_PASSWORD`, it be defined inside our `.secrets` folder:
```bash
echo "This is an example, please change" > .secrets/MYSQL_NPM_PASSWORD
```
### Database setup
- Enter to mariadb and run the following, remember to replace the password with the one in `.secrets/MYSQL_NPM_PASSWORD`:
```sql
CREATE USER 'npm'@'%' IDENTIFIED BY 'password';
CREATE DATABASE npm;
GRANT ALL PRIVILEGES ON npm.* TO 'npm'@'%';
FLUSH PRIVILEGES;
```
### Run it
- Let's start the container:
```bash
docker compose -f npm.yml up -d
```
### Next steps
- The default admin, we can access through http://HOSTNAME:3001
```
Email: admin@example.com
Password: changeme
```
- From here, if you have a domain, you could use it with the public ip from the OCI VPS and use it in this app to expose your services/web apps to the world
## Forgejo Container (git repository)
### Setting up yaml
- Create `forgejo.yml` inside composes with the following content:
```yaml
name: forgejo
secrets:
MYSQL_FORGEJO_PASSWORD:
file: .secrets/MYSQL_FORGEJO_PASSWORD
MAILER_FORGEJO_PASSWORD:
file: .secrets/MAILER_FORGEJO_PASSWORD
services:
app:
image: codeberg.org/forgejo/forgejo:7
environment:
- USER_UID=1000
- USER_GID=1000
- FORGEJO__server__DOMAIN=git.example.com
- FORGEJO__server__SSH_DOMAIN=git.example.com
- FORGEJO__server__SSH_PORT=22
- FORGEJO__server__SSH_LISTEN_PORT=2222
- FORGEJO__database__DB_TYPE=mysql
- FORGEJO__database__HOST=db-mariadb-1:3306
- FORGEJO__database__NAME=forgejo
- FORGEJO__database__USER=forgejo
- FORGEJO__database__PASSWD__FILE=/run/secrets/MYSQL_FORGEJO_PASSWORD
- FORGEJO__mailer__ENABLED=true
- FORGEJO__mailer__FROM=forgejo@example.com
- FORGEJO__mailer__PROTOCOL=smtps
- FORGEJO__mailer__SMTP_ADDR=mail.example.com
- FORGEJO__mailer__SMTP_PORT=587
- FORGEJO__mailer__USER=forgejo@example.com
- FORGEJO__mailer__PASSWD__FILE=/run/secrets/MAILER_FORGEJO_PASSWORD
secrets:
- MYSQL_FORGEJO_PASSWORD
- MAILER_FORGEJO_PASSWORD
restart: always
volumes:
- ./volumes/forgejo:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- '3001:3000'
- '222:22'
networks:
default:
name: default-network
external: true
```
- This yaml file uses two secrets `MAILER_FORGEJO_PASSWORD` and `MAILER_FORGEJO_PASSWORD`, both should be defined inside our `.secrets` folder:
```bash
echo "This is an example, please change" > .secrets/MYSQL_USER_PASSWORD
echo "This is an example, please change" > .secrets/MAILER_FORGEJO_PASSWORD
```
- Beware that `FORGEJO__database`, `FORGEJO__mailer` envs and corresponding secrets are optional for this service, we added them for a more complete setup.
- Please fill `FORGEJO__mailer` envs with your corresponding email provider
- You need to open the port 2222 to use ssh options running `./Oracle_Installer.sh` in your OCI instance
- You also need to add a stream to port 2222 in npm
- Additionaly, you need to add the custom ssh port to your clients .ssh/config (see [issue](https://stackoverflow.com/questions/5767850/git-on-custom-ssh-port))
### Database setup (Optional, must do it if FORGEJO__database added)
- Enter to mariadb and run the following, remember to reemplace the password:
```sql
CREATE USER 'forgejo'@'%' IDENTIFIED BY 'password';
CREATE DATABASE forgejo;
GRANT ALL PRIVILEGES ON forgejo.* TO 'forgejo'@'%';
FLUSH PRIVILEGES;
```
### Run it
- Run the following commands:
```bash
cd ~/composes
docker compose -f forgejo.yml up -d
```
### Next steps
- The app could be accesed at http://HOSTNAME:3001
- Before procced with login users we should use https, so npm installation is advised
- The first created user will be the admin
## Nextcloud Container (google drive-like replacement)
### Setting up yaml
- Create `nextcloud.yml`
```yml
name: nextcloud
services:
app:
image: nextcloud/all-in-one:latest
init: true
restart: always
container_name: nextcloud-aio-mastercontainer
volumes:
- nextcloud_aio_mastercontainer:/mnt/docker-aio-config
- /var/run/docker.sock:/var/run/docker.sock:ro
ports:
- 8081:8080
environment:
- APACHE_PORT=11000
- APACHE_IP_BINDING=0.0.0.0
- BORG_RETENTION_POLICY=--keep-within=3d --keep-weekly=2 --keep-monthly=3
- NEXTCLOUD_STARTUP_APPS=twofactor_totp tasks notes
networks:
- nextcloud-aio
volumes:
nextcloud_aio_mastercontainer:
name: nextcloud_aio_mastercontainer
networks:
nextcloud-aio:
name: nextcloud-aio
```
- Update `npm.yml` to include `nextcloud-aio` network:
```yml
# Ommiting lines
services:
app:
# Ommiting lines
networks:
- default
- nextcloud-aio
networks:
default:
external: true
name: default-network
nextcloud-aio:
external: true
name: nextcloud-aio
```
### Run it
- Run the following commands:
```bash
cd ~/composes
docker compose -f nextcloud.yml up -d
docker compose -f npm.yml up -d
```
- See the [docs](https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md) for further integration with nginx proxy manager

31
db.yml Normal file
View file

@ -0,0 +1,31 @@
name: db
secrets:
MYSQL_ROOT_PASSWORD:
file: .secrets/MYSQL_ROOT_PASSWORD
MYSQL_USER_PASSWORD:
file: .secrets/MYSQL_USER_PASSWORD
services:
adminer:
image: adminer
restart: always
ports:
- 8080:8080
environment:
ADMINER_DEFAULT_SERVER: db-mariadb-1
mariadb:
image: mariadb
restart: always
secrets:
- MYSQL_ROOT_PASSWORD
- MYSQL_USER_PASSWORD
environment:
MARIADB_USER: jusemon
MARIADB_ROOT_PASSWORD_FILE: /run/secrets/MYSQL_ROOT_PASSWORD
MARIADB_PASSWORD_FILE: /run/secrets/MYSQL_USER_PASSWORD
networks:
default:
external: true
name: default-network

46
forgejo.yml Normal file
View file

@ -0,0 +1,46 @@
name: forgejo
secrets:
MYSQL_FORGEJO_PASSWORD:
file: .secrets/MYSQL_FORGEJO_PASSWORD
MAILER_FORGEJO_PASSWORD:
file: .secrets/MAILER_FORGEJO_PASSWORD
services:
app:
image: codeberg.org/forgejo/forgejo:7
environment:
- USER_UID=1000
- USER_GID=1000
- FORGEJO__server__DOMAIN=git.jusemon.com
- FORGEJO__server__SSH_DOMAIN=git.jusemon.com
- FORGEJO__server__SSH_PORT=22
- FORGEJO__server__SSH_LISTEN_PORT=2222
- FORGEJO__database__DB_TYPE=mysql
- FORGEJO__database__HOST=db-mariadb-1:3306
- FORGEJO__database__NAME=forgejo
- FORGEJO__database__USER=forgejo
- FORGEJO__database__PASSWD__FILE=/run/secrets/MYSQL_FORGEJO_PASSWORD
- FORGEJO__mailer__ENABLED=true
- FORGEJO__mailer__FROM=juansmm@outlook.com
- FORGEJO__mailer__PROTOCOL=smtp+starttls
- FORGEJO__mailer__SMTP_ADDR=smtp.office365.com
- FORGEJO__mailer__SMTP_PORT=587
- FORGEJO__mailer__USER=juansmm@outlook.com
- FORGEJO__mailer__PASSWD__FILE=/run/secrets/MAILER_FORGEJO_PASSWORD
secrets:
- MYSQL_FORGEJO_PASSWORD
- MAILER_FORGEJO_PASSWORD
restart: always
volumes:
- ./volumes/forgejo:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- '3001:3000'
- '2222:22'
networks:
default:
name: default-network
external: true

17
homepage.yml Normal file
View file

@ -0,0 +1,17 @@
name: homepage
services:
app:
image: ghcr.io/gethomepage/homepage:latest
ports:
- 3000:3000
volumes:
- ./volumes/homepage/config:/app/config
- ./volumes/homepage/images:/app/public/images
- /var/run/docker.sock:/var/run/docker.sock:ro
restart: unless-stopped
networks:
default:
name: default-network
external: true

27
nextcloud.yml Normal file
View file

@ -0,0 +1,27 @@
name: nextcloud
services:
app:
image: nextcloud/all-in-one:latest
init: true
restart: always
container_name: nextcloud-aio-mastercontainer
volumes:
- nextcloud_aio_mastercontainer:/mnt/docker-aio-config
- /var/run/docker.sock:/var/run/docker.sock:ro
ports:
- 8081:8080
environment:
- APACHE_PORT=11000
- APACHE_IP_BINDING=0.0.0.0
- BORG_RETENTION_POLICY=--keep-within=3d --keep-weekly=2 --keep-monthly=3
- NEXTCLOUD_STARTUP_APPS=twofactor_totp tasks notes
networks:
- nextcloud-aio
volumes:
nextcloud_aio_mastercontainer:
name: nextcloud_aio_mastercontainer
networks:
nextcloud-aio:
name: nextcloud-aio

37
npm.yml Normal file
View file

@ -0,0 +1,37 @@
name: npm
secrets:
MYSQL_NPM_PASSWORD:
file: .secrets/MYSQL_NPM_PASSWORD
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
restart: unless-stopped
ports:
- '80:80'
- '81:81'
- '443:443'
- '3306:3306'
volumes:
- ./volumes/nginx-proxy-manager/data:/data
- ./volumes/nginx-proxy-manager/letsencrypt:/etc/letsencrypt
environment:
DB_MYSQL_HOST: "db-mariadb-1"
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: "npm"
DB_MYSQL_PASSWORD__FILE: /run/secrets/MYSQL_NPM_PASSWORD
DB_MYSQL_NAME: "npm"
secrets:
- MYSQL_NPM_PASSWORD
networks:
- default
- nextcloud-aio
networks:
default:
external: true
name: default-network
nextcloud-aio:
external: true
name: nextcloud-aio