Doddophonique/compose-personal-stack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: Doddophonique:8a013093e3384c033c29ca02176667c505e286cb
Branches Tags
Doddophonique:master
Doddophonique:development
Doddophonique:caddy-revamp
..
compare: Doddophonique:1919071f08a5d025043f712fb4afec00d1cc23dd
Branches Tags
Doddophonique:development
Doddophonique:master
Doddophonique:caddy-revamp

No commits in common. "8a013093e3384c033c29ca02176667c505e286cb" and "1919071f08a5d025043f712fb4afec00d1cc23dd" have entirely different histories.
8a013093e3 ... 1919071f08

6 changed files with 34 additions and 144 deletions
Show Stats Expand all files Collapse all files

15
README.md
View File

@ -1,16 +1 @@
# Docker Compose Personal Stack
**DISCLAIMER**: this is still a *huge* work in progress.
### Goal
This repository aims to have a *small stack* of self hosted programs that are accessible through a single endpoint, the reverse proxy (Nginx) in the `rp` folder, that exposes whatever pieces of the stack you decide to have accessible from the outside, with or without using a domain.
### Why not Docker Swarm? Or k8s?
That's something else in the plans, but this was more an attempt to answer the question: "what if I have a single machine but I want some modularity, without having to think too much when I want to add something?". I could still use Swarm or k8s on a single machine, but I find this solution a bit more suitable.
### How do I use this?
~~Nice question.~~
The `rp` folder is the first piece of the puzzle. It creates the proxy, the letsencrypt companion and the `rp_reverse-proxy` network that containers exposed to the internet will have to access. Every service in the Compose files tries to have the least amount of networks necessary to operate.
### Conclusion (for now):
Although I still don't know if this approach has some major flaw(s), it has been reliable for many projects that I will add to this repository. Maybe someone else can find it useful for their projects, and if so I'm happy for you. I'll make sure to link as many references I followed as I can inside the individual Compose files.

24
UNLICENSE
View File

@ -1,24 +0,0 @@
This is free and unencumbered software released into the public domain.
Anyone is free to copy, modify, publish, use, compile, sell, or
distribute this software, either in source code form or as a compiled
binary, for any purpose, commercial or non-commercial, and by any
means.
In jurisdictions that recognize copyright laws, the author or authors
of this software dedicate any and all copyright interest in the
software to the public domain. We make this dedication for the benefit
of the public at large and to the detriment of our heirs and
successors. We intend this dedication to be an overt act of
relinquishment in perpetuity of all present and future rights to this
software under copyright law.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
OTHER DEALINGS IN THE SOFTWARE.
For more information, please refer to <http://unlicense.org/>

53
compose-template.yml
View File

@ -1,53 +0,0 @@
---
x-logging:
&default-logging
driver: syslog
options:
tag: "container_name/{{.Name}}"
labels: "q920"
syslog-facility: local7
x-opt-values:
&volume-opt
driver_opts: &options
type: "nfs"
o: "addr=${IP},rw"
services:
service-name:
image:
container_name:
depends_on:
hostname:
labels:
restart:
cap_add:
-
security_opt:
-
command:
-
environment:
X: ${X}
env_file:
-
ports:
- ""
volumes:
-
networks:
-
ulimits:
logging: *default-logging
volumes:
volume:
<<: *volume-opt
driver_opts:
<<: *options
device: ":/mnt/path"
networks:
network:
name: network_name
external: true

10
extension-fields.yml
View File

@ -1,15 +1,11 @@
# Extension fields for avoid repetitions inside compose files.
x-logging:
&default-logging
driver: syslog
driver: local
options:
# This requires two files in /etc/rsyslog.d
# https://www.loggly.com/use-cases/docker-syslog-logging-and-troubleshooting/
tag: "container_name/{{.Name}}"
labels: "${hostname}"
syslog-facility: # cron, local7, etc.
max-size: "1m"
max-file: "50"
# Can be removed if not needed
x-opt-values:
&volume-opt
driver_opts: &options

46
rp/docker-compose.yml
View File

@ -1,14 +1,10 @@
x-logging:
&default-logging
driver: syslog
driver: local
options:
# This requires two files in /etc/rsyslog.d
# https://www.loggly.com/use-cases/docker-syslog-logging-and-troubleshooting/
tag: "container_name/{{.Name}}"
labels: "${hostname}"
syslog-facility: # cron, local7, etc.
max-size: "1m"
max-file: "50"
# Can be removed if not needed
x-opt-values:
&volume-opt
driver_opts: &options
@ -59,20 +55,32 @@ networks:
volumes:
acme:
<<: *volume-opt
driver_opts:
<<: *options
device: ":/mnt/path/nginx-proxy/acme"
certs:
<<: *volume-opt
driver_opts:
<<: *options
device: ":/mnt/path/nginx-proxy/certs"
conf:
<<: *volume-opt
driver_opts:
<<: *options
device: ":/mnt/path/nginx-proxy/conf"
html:
<<: *volume-opt
driver_opts:
<<: *options
device: ":/mnt/path/nginx-proxy/html"
passwords:
<<: *volume-opt
driver_opts:
<<: *options
device: ":/mnt/path/nginx-proxy/passwords"
vhost:
# What if I want to use the x-opt-values:
# acme:
# <<: *volume-opt
# driver_opts:
# <<: *options
# device: ":/mnt/path/nginx-proxy/acme"
# o: "new_opts"
# type: "new_type"
#
# 'o' and 'type' can be redifined again or left at default
<<: *volume-opt
driver_opts:
<<: *options
device: ":/mnt/path/nginx-proxy/vhost"

30
vaultwarden/docker-compose.yml
View File

@ -1,14 +1,10 @@
x-logging:
&default-logging
driver: syslog
driver: local
options:
# This requires two files in /etc/rsyslog.d
# https://www.loggly.com/use-cases/docker-syslog-logging-and-troubleshooting/
tag: "container_name/{{.Name}}"
labels: "${hostname}"
syslog-facility: # cron, local7, etc.
max-size: "1m"
max-file: "50"
# Can be removed if not needed
x-opt-values:
&volume-opt
driver_opts: &options
@ -29,7 +25,6 @@ services:
DOMAIN: ${VDOMAIN} # Used by vaultwarden to set certain links
WEBSOCKET_ENABLED: "true"
SIGNUPS_ALLOWED: "false" # Change to true if it's the first time running
# Optional environment, but useful if you want some functions
SMTP_HOST: "${protonmail-container-name}"
SMTP_FROM: ${SFROM}
SMTP_FROM_NAME: ${SFROMNAME}
@ -44,29 +39,12 @@ services:
- vaultwarden
- protonmail
vaultwarden-backup:
image: bruceforce/vaultwarden-backup
container_name: vaultwarden-backup
restart: always
environment:
TIMESTAMP: "true"
UID: ${UID}
GID: ${GID}
BACKUP_DIR: ${BACKUP_DIR}
DELETE_AFTER: "30"
CRON_TIME: "0 2 * * *"
volumes:
- vw-data:/data
- backup:/backup
volumes:
vw-data:
# This stores the backup on a (possibly) remote server
backup:
<<: *volume-opt
driver_opts:
<<: *options
device: ":/mnt/path/vaultwarden/backup"
device: ":/mnt/path/vaultwarden/vw-data"
networks:
reverse-proxy: