diff --git a/compose/apps.yml b/compose/apps.yml index 24faae4..021251b 100644 --- a/compose/apps.yml +++ b/compose/apps.yml @@ -90,7 +90,7 @@ services: depends_on: - ghost-db environment: - url: https://ghost.furyhawk.lol + url: https://ghost.${DOMAINNAME} database__client: mysql database__connection__host: ghost-db database__connection__user: root @@ -183,7 +183,7 @@ services: volumes: - privatebin_data:/srv/data # data volume for pastes allows pastes # to persist after container stop or restart - - './config/conf.php:/srv/cfg/conf.php:ro' # second volume for custom configuration file + - "~/config/conf.php:/srv/cfg/conf.php:ro" # second volume for custom configuration file expose: - 8080 restart: unless-stopped diff --git a/compose/services.yml b/compose/services.yml index 92ff8d9..e4f4b7c 100644 --- a/compose/services.yml +++ b/compose/services.yml @@ -35,7 +35,7 @@ services: postgres: image: postgres - container_name: postgres + # container_name: postgres environment: POSTGRES_DB: ${POSTGRES_DB} POSTGRES_USER: ${POSTGRES_USER} @@ -63,10 +63,10 @@ services: - "traefik.enable=true" # - "traefik.tcp.middlewares.test-inflightconn.inflightconn.amount=10" - "traefik.tcp.routers.postgres.entrypoints=postgres-socket" - - "traefik.tcp.routers.postgres.rule=HostSNI(`*`)" + # - "traefik.tcp.routers.postgres.rule=HostSNI(`*`)" + - "traefik.tcp.routers.postgres.rule=HostSNIRegexp(`^.+\\.furyhawk\\.lol$`)" - "traefik.tcp.routers.postgres.tls=true" - "traefik.tcp.routers.postgres.tls.certresolver=letsencrypt" - # - "traefik.tcp.routers.postgres.rule=HostSNIRegexp(`^.+\\.furyhawk\\.lol$`)" # - "traefik.tcp.routers.postgres.middlewares=test-inflightconn" - "traefik.tcp.routers.postgres.service=postgres_service" - "traefik.tcp.services.postgres_service.loadbalancer.server.port=5432" @@ -110,7 +110,7 @@ services: MINIO_ROOT_USER: "${MINIO_ROOT_USER:-minioadmin}" MINIO_ROOT_PASSWORD: "${MINIO_ROOT_PASSWORD:-minioadmin}" MINIO_OPTS: "--console-address :9001" - MINIO_SERVER_URL: https://drive.furyhawk.lol + MINIO_SERVER_URL: https://minio.${DOMAINNAME} DOMAINNAME: ${DOMAINNAME} # user: "1000:1000" restart: unless-stopped @@ -145,19 +145,19 @@ services: neo4j_server: # Docker image to be used image: ${NEO4J_DOCKER_IMAGE:-neo4j:latest} - container_name: neo4j_server restart: unless-stopped # Environment variables environment: NEO4J_AUTH: neo4j/${NEO4J_PASSWORD:-12345678} NEO4J_dbms.default_listen_address: "0.0.0.0" - NEO4J_dbms.default_advertised_address: "neo4j.furyhawk.lol" + NEO4J_dbms.default_advertised_address: "neo4j.${DOMAINNAME}" NEO4J_dbms.connector.bolt.advertised_address: ":443" NEO4J_PLUGINS: '["apoc"]' NEO4J_dbms_security_procedures_unrestricted: "apoc.*" NEO4J_dbms_security_procedures_allowlist: "apoc.*" NEO4J_server_memory_pagecache_size: 512M NEO4J_server_memory_heap_max__size: 2G + DOMAINNAME: ${DOMAINNAME} user: "1000:1000" depends_on: - traefik @@ -170,6 +170,26 @@ services: - 7687 networks: - net + labels: + - "traefik.enable=true" + - "traefik.http.routers.neo4j-router.entrypoints=web-secure" + - "traefik.http.routers.neo4j-router.rule=Host(`neo4j.${DOMAINNAME}`) && PathPrefix(`/neo4j`)||PathPrefix(`/browser`)" + - "traefik.http.routers.neo4j-router.middlewares=csrf@file, neo4j_strip@file" + - "traefik.http.routers.neo4j-router.tls.certresolver=letsencrypt" + - "traefik.http.routers.neo4j-router.service=neo4j_browser" + - "traefik.http.services.neo4j_browser.loadbalancer.server.port=7474" + - "traefik.http.routers.neo4j-bolt-router.entrypoints=web-secure" + - "traefik.http.routers.neo4j-bolt-router.rule=Host(`neo4j.${DOMAINNAME}`)" + - "traefik.http.routers.neo4j-bolt-router.middlewares=csrf@file" + - "traefik.http.routers.neo4j-bolt-router.tls.certresolver=letsencrypt" + - "traefik.http.routers.neo4j-bolt-router.service=neo4j_bolt" + - "traefik.http.services.neo4j_bolt.loadbalancer.server.port=7687" + - "traefik.tcp.routers.neo4j-bolt-router.entrypoints=bolt-socket" + - "traefik.tcp.routers.neo4j-bolt-router.rule=HostSNIRegexp(`^.+\\.furyhawk\\.lol$`)" + - "traefik.tcp.routers.neo4j-bolt-router.tls=true" + - "traefik.tcp.routers.neo4j-bolt-router.tls.certresolver=letsencrypt" + - "traefik.tcp.routers.neo4j-bolt-router.service=neo4j_bolt" + - "traefik.tcp.services.neo4j_bolt.loadbalancer.server.port=7687" syncthing: image: syncthing/syncthing @@ -265,7 +285,7 @@ services: # tasks: # tmp-dir: # path: /tmp/kestra-wd/tmp - # url: http://kestra.furyhawk.lol/ + # url: http://kestra.${DOMAINNAME}/ # volumes: # - kestra_data:/app/storage # - /var/run/docker.sock:/var/run/docker.sock diff --git a/compose/traefik/traefik.yml b/compose/traefik/traefik.yml index dbacab8..1b35f6e 100644 --- a/compose/traefik/traefik.yml +++ b/compose/traefik/traefik.yml @@ -51,13 +51,13 @@ certificatesResolvers: tcp: routers: - neo4j-bolt-router: - entryPoints: - - bolt-socket - rule: "HostSNIRegexp(`^.+\\.furyhawk\\.lol$`)" - tls: - certResolver: letsencrypt - service: neo4j-bolt + # neo4j-bolt-router: + # entryPoints: + # - bolt-socket + # rule: "HostSNIRegexp(`^.+\\.furyhawk\\.lol$`)" + # tls: + # certResolver: letsencrypt + # service: neo4j-bolt emqx-web-socket-router: entryPoints: @@ -76,10 +76,10 @@ tcp: # passthrough: true services: - neo4j-bolt: - loadBalancer: - servers: - - address: "neo4j_server:7687" + # neo4j-bolt: + # loadBalancer: + # servers: + # - address: "neo4j_server:7687" emqx-web-socket-service: loadBalancer: servers: @@ -136,26 +136,15 @@ http: certResolver: letsencrypt service: plane_app - neo4j-router: - entryPoints: - - web-secure - rule: "Host(`neo4j.furyhawk.lol`) && PathPrefix(`/neo4j`)||PathPrefix(`/browser`)" - middlewares: - - csrf - - neo4j_strip - tls: - certResolver: letsencrypt - service: neo4j-browser - - graph-router: - entryPoints: - - web-secure - rule: "Host(`neo4j.furyhawk.lol`)" - middlewares: - - csrf - tls: - certResolver: letsencrypt - service: neo4j-bolt + # graph-router: + # entryPoints: + # - web-secure + # rule: "Host(`neo4j.furyhawk.lol`)" + # middlewares: + # - csrf + # tls: + # certResolver: letsencrypt + # service: neo4j-bolt mqtt-http-router: entryPoints: @@ -201,40 +190,6 @@ http: certResolver: letsencrypt service: mqttx-web - # info-router: - # entryPoints: - # - web-secure - # rule: "Host(`furyhawk.lol`) || Host(`www.furyhawk.lol`) || Host(`info.furyhawk.lol`) || Host(`124c41.furyhawk.lol`)" - # middlewares: - # - csrf - # - no-www - # tls: - # certResolver: letsencrypt - # service: site_server - - # resume-router: - # entryPoints: - # - web-secure - # rule: "Host(`resume.furyhawk.lol`)" - # # redirect to resume - # middlewares: - # - csrf - # - redirect-resume - # tls: - # certResolver: letsencrypt - # service: resume_server - - # blog-router: - # entryPoints: - # - web-secure - # rule: "Host(`blog.furyhawk.lol`)" - # # redirect to external blog - # middlewares: - # - redirect-blog - # tls: - # certResolver: letsencrypt - # service: blog - middlewares: auth: basicAuth: @@ -317,14 +272,10 @@ http: loadBalancer: servers: - url: http://LibreChat:3080 - neo4j-browser: - loadBalancer: - servers: - - url: http://neo4j_server:7474 - neo4j-bolt: - loadBalancer: - servers: - - url: http://neo4j_server:7687 + # neo4j-bolt: + # loadBalancer: + # servers: + # - url: http://neo4j_server:7687 plane_app: loadBalancer: servers: @@ -351,14 +302,6 @@ http: loadBalancer: servers: - url: http://mqttx_web:80 - # resume_server: - # loadBalancer: - # servers: - # - url: http://site_server:80 - # blog: - # loadBalancer: - # servers: - # - url: https://furyhawk.github.io/124c41/ providers: # https://docs.traefik.io/master/providers/file/ diff --git a/makefile b/makefile index 7f2e43e..c4d93df 100644 --- a/makefile +++ b/makefile @@ -3,10 +3,9 @@ # Variables # Commands -serve: down +serve: pull @echo "Serving the project..." - docker compose -f compose.yml up -d --build traefik - docker compose -f compose.yml up -d + docker compose -f compose.yml up -d --build --pull always down: pull @echo "Stopping the project..." docker compose -f compose.yml down --remove-orphans