Add configuration files

2023-11-18 19:56:18 +00:00 · 2023-11-18 19:56:18 +00:00 · 81d1258916
parent b25869f084
commit 81d1258916
6 changed files with 272 additions and 0 deletions
--- a/gitea/docker-compose.yml
+++ b/gitea/docker-compose.yml
@ -0,0 +1,23 @@
+version: "3"
+
+networks:
+  gitea:
+    external: false
+
+services:
+  server:
+    image: gitea/gitea:latest
+    container_name: gitea
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+    restart: always
+    networks:
+      - gitea
+    volumes:
+      - ./gitea:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - "3000:3000"
+      - "222:22"
--- a/nginx/conf.d/drive.roysathome.net.conf
+++ b/nginx/conf.d/drive.roysathome.net.conf
@ -0,0 +1,29 @@
+server {
+	server_name drive.roysathome.net;
+
+	location / {
+		proxy_pass		http://localhost:8080;
+		proxy_set_header	Host drive.roysathome.net;
+		proxy_set_header	X-Forwarded-Proto https;
+	}
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/drive.roysathome.net/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/drive.roysathome.net/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    if ($host = drive.roysathome.net) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+	server_name drive.roysathome.net;
+
+	listen 80;
+    return 404; # managed by Certbot
+
+
+}
--- a/nginx/conf.d/git.roysathome.net.conf
+++ b/nginx/conf.d/git.roysathome.net.conf
@ -0,0 +1,31 @@
+server {
+	server_name 	git.roysathome.net;
+	location / {
+	    set $backend    	http://127.0.0.1:3000;
+		proxy_pass			$backend;
+		proxy_set_header 	Host git.roysathome.net; #$host;
+		proxy_set_header	X-Forwarded-Proto https;
+		#proxy_set_header 	X-Forwarded-For $proxy_add_x_forwarded_for;
+		#proxy_set_header	X-Forwarded-Host $server_name;
+	}
+
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/git.roysathome.net/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/git.roysathome.net/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    if ($host = git.roysathome.net) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+	server_name 	git.roysathome.net;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+}
--- a/nginx/conf.d/roysathome.net.conf
+++ b/nginx/conf.d/roysathome.net.conf
@ -0,0 +1,35 @@
+server {
+	server_name 	roysathome.net www.roysathome.net;
+	location / {
+		root /http;
+		index index.html;
+	}
+
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/roysathome.net/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/roysathome.net/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+
+}
+server {
+    if ($host = www.roysathome.net) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    if ($host = roysathome.net) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+	server_name 	roysathome.net www.roysathome.net;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+
+
+}
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@ -0,0 +1,83 @@
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+	worker_connections 768;
+	# multi_accept on;
+}
+
+http {
+
+	##
+	# Basic Settings
+	##
+
+	sendfile on;
+	tcp_nopush on;
+	types_hash_max_size 2048;
+	# server_tokens off;
+
+	# server_names_hash_bucket_size 64;
+	# server_name_in_redirect off;
+
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+
+	##
+	# SSL Settings
+	##
+
+	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
+	ssl_prefer_server_ciphers on;
+
+	##
+	# Logging Settings
+	##
+
+	access_log /var/log/nginx/access.log;
+	error_log /var/log/nginx/error.log;
+
+	##
+	# Gzip Settings
+	##
+
+	gzip on;
+
+	# gzip_vary on;
+	# gzip_proxied any;
+	# gzip_comp_level 6;
+	# gzip_buffers 16 8k;
+	# gzip_http_version 1.1;
+	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+	##
+	# Virtual Host Configs
+	##
+
+	include /etc/nginx/conf.d/*.conf;
+	#include /etc/nginx/sites-enabled/*;
+}
+
+
+#mail {
+#	# See sample authentication script at:
+#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
+#
+#	# auth_http localhost/auth.php;
+#	# pop3_capabilities "TOP" "USER";
+#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
+#
+#	server {
+#		listen     localhost:110;
+#		protocol   pop3;
+#		proxy      on;
+#	}
+#
+#	server {
+#		listen     localhost:143;
+#		protocol   imap;
+#		proxy      on;
+#	}
+#}
--- a/owncloud/docker-compose.yml
+++ b/owncloud/docker-compose.yml
@ -0,0 +1,71 @@
+version: "3"
+
+volumes:
+    files:
+        driver: local
+    mysql:
+        driver: local
+    redis:
+        driver: local
+
+services:
+    owncloud:
+        image: owncloud/server:${OWNCLOUD_VERSION}
+        container_name: owncloud_server
+        restart: always
+        ports:
+            - ${HTTP_PORT}:8080
+        depends_on:
+            - mariadb
+            - redis
+        environment:
+            - OWNCLOUD_DOMAIN=${OWNCLOUD_DOMAIN}
+            - OWNCLOUD_TRUSTED_DOMAINS=${OWNCLOUD_TRUSTED_DOMAINS}
+            - OWNCLOUD_DB_TYPE=mysql
+            - OWNCLOUD_DB_NAME=owncloud
+            - OWNCLOUD_DB_USERNAME=owncloud
+            - OWNCLOUD_DB_PASSWORD=owncloud
+            - OWNCLOUD_DB_HOST=mariadb
+            - OWNCLOUD_ADMIN_USERNAME=${ADMIN_USERNAME}
+            - OWNCLOUD_ADMIN_PASSWORD=${ADMIN_PASSWORD}
+            - OWNCLOUD_MYSQL_UTF8MB4=true
+            - OWNCLOUD_REDIS_ENABLED=true
+            - OWNCLOUD_REDIS_HOST=redis
+        healthcheck:
+            test: ["CMD", "/usr/bin/healthcheck"]
+            interval: 30s
+            timeout: 10s
+            retries: 5
+        volumes:
+            - files:/mnt/data
+    
+    mariadb:
+        image: mariadb:10.11
+        container_name: owncloud_mariadb
+        restart: always
+        environment:
+            - MYSQL_ROOT_PASSWORD=owncloud
+            - MYSQL_USER=owncloud
+            - MYSQL_PASSWORD=owncloud
+            - MYSQL_DATABASE=owncloud
+            - MARiADB_AUTO_UPGRADE=1
+        command: ["--max-allowed-packet=128M", "--innodb-log-file-size=64M"]
+        healthcheck:
+            test: ["CMD", "mysqladmin", "ping", "-u", "root", "--password=owncloud"]
+            interval: 10s
+            timeout: 5s
+            retries: 5
+        volumes:
+            - mysql:/var/lib/mysql
+    redis:
+        image: redis:6
+        container_name: owncloud_redis
+        restart: always
+        command: ["--databases", "1"]
+        healthcheck:
+            test: ["CMD", "redis-cli", "ping"]
+            interval: 10s
+            timeout: 5s
+            retries: 5
+        volumes:
+            - redis:/data