Compare commits
108 Commits
matomo
...
0a99b3402c
| Author | SHA1 | Date | |
|---|---|---|---|
| 0a99b3402c | |||
| 6d5884343e | |||
| 8162c6a81a | |||
| b803eedf8c | |||
| 61680c6e6e | |||
| 353c1bd812 | |||
| c5d761d229 | |||
| 72621b893d | |||
| fe0d4d6224 | |||
| b5ea07c70a | |||
| 0b41480815 | |||
| 0e06b651e8 | |||
| d7206c92de | |||
| 06f1e2910f | |||
| 2667aa22dd | |||
| b7862e8fe5 | |||
| 980ced43c4 | |||
| 45c731e31e | |||
| 573cd5a462 | |||
| 47d0a7eaa2 | |||
| 692a26ddff | |||
| e2d0a53db4 | |||
| 53ebc3f591 | |||
| 982c1322bc | |||
| 0483e4325e | |||
| 745d69aade | |||
|
d5e61d35a5 | ||
| 8f5fcec3a9 | |||
|
|
0798bab099 | ||
| e8a022e7e3 | |||
|
|
c8c945ad64 | ||
| ba29719ed1 | |||
|
|
f598c06029 | ||
| de2a8eef46 | |||
|
|
6334a88085 | ||
| e3dcc0efd5 | |||
| 264688abf8 | |||
| 669866b44e | |||
| b54891ec38 | |||
| b3dce58f7b | |||
| 0198c030e9 | |||
| 2281c4337c | |||
| fd63036294 | |||
| 0af258dcae | |||
|
|
f78676d3ee | ||
| 4e32136c26 | |||
|
|
c68a73b55b | ||
| 4bf479d0e0 | |||
| 62334b2f85 | |||
|
|
250f015535 | ||
| c631f47ae1 | |||
|
|
ea59336efb | ||
| 747d158f58 | |||
|
|
347ff1d19b | ||
| c9ef1d34a1 | |||
|
|
ce43797716 | ||
| cae7eafbe0 | |||
|
|
6026bb7709 | ||
| 912fe146af | |||
|
|
01060abda6 | ||
| cfc0771bb5 | |||
|
|
add83cd745 | ||
| efcd3891ba | |||
|
|
d8414788ef | ||
| ec25f4b76f | |||
| 8da5cc41ed | |||
| 10337ac53c | |||
| ec4ae3a8b8 | |||
| 5b6ce7cfcd | |||
| 7498f63974 | |||
| 3a7e863d0c | |||
| 62a5159232 | |||
| 9d3175df69 | |||
|
|
7939150137 | ||
| db74e92291 | |||
|
|
8f1a45969d | ||
| c4248a6f97 | |||
| cfd8b5a2ce | |||
|
|
1cee679407 | ||
| 1f7e610297 | |||
| 1931adafa4 | |||
| 63246c442c | |||
| a60026a672 | |||
| 47ce108eb6 | |||
|
|
a295e42fc5 | ||
| 768bf9b71d | |||
|
|
8e1cb72245 | ||
| d951d0c8f5 | |||
| 30fd1db0a3 | |||
|
|
b8814b4391 | ||
| 361f9b7d69 | |||
|
|
903ba0283e | ||
| 7bc9788cd8 | |||
|
|
9cb520624f | ||
| 5d4d7ad7fb | |||
| 895623732f | |||
| 607e6c83c2 | |||
| 58e5685b4d | |||
| 0e1c155fbf | |||
|
|
cf44901c1d | ||
| 557d35b9bf | |||
|
|
af49fefe12 | ||
| 4f2ae331df | |||
|
|
dbe1cd0f0e | ||
| ec62e7a14c | |||
| 248f2fc174 | |||
| ca15dfeca1 | |||
|
|
fe99557d1b |
@@ -8,7 +8,6 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien
|
||||
|
||||
- [Directus](./directus) : Permet d'administrer une base de données
|
||||
- [HedgeDoc](./hedgedoc) : Prise de note en Markdown collaborative en temps réel
|
||||
- [Matomo](./matomo) : Logiciel libre et open source de mesure de statistiques web
|
||||
- [listmonk](./listmonk) : Gestionnaire de listes de diffusion et de newsletter
|
||||
- [Mobilizon](./mobilizon): Permet l'organisation d'évènements et de gestion de groupes
|
||||
- [Nextcloud](./nextcloud) : Site d'hébergement de fichiers et une plateforme de collaboration
|
||||
@@ -24,7 +23,6 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien
|
||||
- [GeoIP Update](./geoipupdate) : Permet de télécharger la base de données GeoIP2 permettant de localiser les IPs
|
||||
- [Gitea](./gitea) : Un service Git très simple à installer et à utiliser. Il est similaire à GitHub, Bitbucket ou Gitlab.
|
||||
- [Grafana](./grafana) : Un outil de supervision simple et élégant
|
||||
- [MariaDB](./mariadb) : MariaDB est un système de gestion de base de données, un fork communautaire de MySQL
|
||||
- [LLDAP](./lldap): Implémentation légère de LDAP pour l'authentification
|
||||
- [PostgreSQL](./postgres) : PostgreSQL est un système de gestion de base de données relationnelle et objet.
|
||||
- [Prometheus](./prometheus) : Un logiciel de surveillance informatique
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
clickhouse:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
directus:
|
||||
environment:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
directus:
|
||||
environment:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
name: ${TRAEFIK_NETWORK_NAME:-traefik}
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
directus:
|
||||
name: ${DIRECTUS_VOLUME_NAME:-directus}
|
||||
@@ -18,7 +20,6 @@ services:
|
||||
KEY: ${DIRECTUS_KEY:?err}
|
||||
SECRET: ${DIRECTUS_SECRET:?err}
|
||||
TELEMETRY: false
|
||||
ACCEPT_TERMS: ${DIRECTUS_ACCEPT_TERMS:-true}
|
||||
|
||||
ADMIN_EMAIL: ${DIRECTUS_ADMIN_EMAIL:?err}
|
||||
ADMIN_PASSWORD: ${DIRECTUS_ADMIN_PASSWORD:?err}
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
# https://docs.drone.io/runner/docker/configuration/dashboard/
|
||||
|
||||
services:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
drone-runner:
|
||||
ports:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
# https://docs.drone.io/runner/docker/configuration/logging/
|
||||
|
||||
services:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
name: ${TRAEFIK_NETWORK_NAME}
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
# https://docs.drone.io/runner/docker/installation/linux/
|
||||
|
||||
services:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
# https://docs.drone.io/server/cookie/
|
||||
|
||||
services:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
# https://docs.drone.io/server/provider/gitea/
|
||||
|
||||
services:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
# https://docs.drone.io/server/headers/
|
||||
|
||||
services:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
drone-server:
|
||||
ports:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
# https://docs.drone.io/server/logging/
|
||||
|
||||
services:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
# https://docs.drone.io/server/storage/database/
|
||||
# https://docs.drone.io/server/storage/encryption/
|
||||
|
||||
|
||||
@@ -1,9 +1,10 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
name: ${TRAEFIK_NETWORK_NAME}
|
||||
external: true
|
||||
|
||||
services:
|
||||
drone-server:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
# https://docs.drone.io/server/user/registration/
|
||||
|
||||
services:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
drone-server:
|
||||
name: ${DRONE_SERVER_VOLUME_NAME:-drone-server}
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
geoip:
|
||||
name: ${GEOIP_VOLUME_NAME:-geoip}
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
geoipupdate:
|
||||
name: ${GEOIPUPDATE_VOLUME_NAME:-geoipupdate}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
gitea:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
gitea:
|
||||
|
||||
@@ -1,12 +0,0 @@
|
||||
---
|
||||
|
||||
services:
|
||||
gitea:
|
||||
environment:
|
||||
- GITEA__database__DB_TYPE=postgres
|
||||
- GITEA__database__HOST=${POSTGRES_CONTAINER_NAME:-postgres}:5432
|
||||
- GITEA__database__NAME=${POSTGRES_DB}
|
||||
- GITEA__database__USER=${POSTGRES_USER}
|
||||
- GITEA__database__PASSWD=${POSTGRES_PASSWORD}
|
||||
depends_on:
|
||||
- postgres
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
gitea:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
gitea:
|
||||
@@ -7,11 +7,17 @@ volumes:
|
||||
services:
|
||||
gitea:
|
||||
container_name: ${GITEA_CONTAINER_NAME:-gitea}
|
||||
image: ${GITEA_IMAGE:-gitea/gitea:1.20.4}
|
||||
image: ${GITEA_IMAGE:-gitea/gitea:1.18.4}
|
||||
restart: always
|
||||
environment:
|
||||
- USER_UID=${GITEA_UID:-1000}
|
||||
- USER_GID=${GITEA_GID:-1000}
|
||||
# Database
|
||||
- GITEA__database__DB_TYPE=postgres
|
||||
- GITEA__database__HOST=${POSTGRES_CONTAINER_NAME:-postgres}:5432
|
||||
- GITEA__database__NAME=${POSTGRES_DB}
|
||||
- GITEA__database__USER=${POSTGRES_USER}
|
||||
- GITEA__database__PASSWD=${POSTGRES_PASSWORD}
|
||||
# Security
|
||||
# docker run -it --rm gitea/gitea:1 gitea generate secret SECRET_KEY
|
||||
- GITEA__security__SECRET_KEY=${GITEA_SECRET_KEY}
|
||||
@@ -21,3 +27,5 @@ services:
|
||||
- gitea:/data
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
depends_on:
|
||||
- postgres
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
grafana:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
grafana:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
grafana:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
grafana:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
hedgedoc:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
|
||||
@@ -8,7 +8,7 @@ COMPOSE_FILE=${SERVICES_DIR}/lldap/docker-compose.yml:${SERVICES_DIR}/lldap/dock
|
||||
#######
|
||||
# LLDAP
|
||||
|
||||
SERVICE_DOMAIN=lldap.cool.life
|
||||
LLDAP_DOMAIN=lldap.cool.life
|
||||
LLDAP_VOLUME_NAME=lldap_cool_life
|
||||
LLDAP_CONTAINER_NAME=lldap_cool_life
|
||||
LLDAP_IMAGE=nitnelave/lldap:v0.4.3
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
lldap:
|
||||
ports:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
lldap:
|
||||
environment:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
lldap:
|
||||
environment:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
name: ${TRAEFIK_NETWORK_NAME:-traefik}
|
||||
@@ -10,13 +12,13 @@ services:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=Host(`${SERVICE_DOMAIN:?err}`)
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=Host(`${LLDAP_DOMAIN:?err}`)
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
|
||||
# - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.tls.certResolver=letsencrypt
|
||||
- traefik.http.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.port=17170
|
||||
- traefik.http.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.scheme=http
|
||||
|
||||
# https://github.com/lldap/lldap/issues/247#issuecomment-1489962511
|
||||
# - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=HostSNI(`${SERVICE_DOMAIN:?err}`)
|
||||
# - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=HostSNI(`${LLDAP_DOMAIN:?err}`)
|
||||
# - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
|
||||
# - traefik.tcp.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.port=3890
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
lldap:
|
||||
name: ${LLDAP_VOLUME_NAME:-lldap}
|
||||
@@ -16,7 +18,7 @@ services:
|
||||
- LLDAP_VERBOSE=${LLDAP_VERBOSE:-false}
|
||||
|
||||
- LLDAP_JWT_SECRET=${LLDAP_JWT_SECRET:?err}
|
||||
- LLDAP_HTTP_URL=https://${SERVICE_DOMAIN:?err}
|
||||
- LLDAP_HTTP_URL=https://${LLDAP_DOMAIN:?err}
|
||||
|
||||
- LLDAP_LDAP_BASE_DN=${LLDAP_LDAP_BASE_DN:?err}
|
||||
- LLDAP_LDAP_USER_DN=${LLDAP_LDAP_USER_DN:?err}
|
||||
|
||||
@@ -1,8 +0,0 @@
|
||||
#MARIADB_CONTAINER_NAME=
|
||||
#MARIADB_VOLUME_NAME=
|
||||
#MARIADB_IMAGE=
|
||||
MARIADB_ROOT_PASSWORD=replace-me
|
||||
MARIADB_USER=user-example
|
||||
MARIADB_PASSWORD=password-example
|
||||
MARIADB_DATABASE=mariadb-database-name-example
|
||||
#MARIADB_COMMAND=
|
||||
@@ -1,28 +0,0 @@
|
||||
# MariaDB
|
||||
|
||||
> MariaDB est un système de gestion de base de données édité sous licence GPL. Il s'agit d'un fork communautaire de MySQL
|
||||
>
|
||||
> <cite>[Wikipédia][wikipedia]</cite>
|
||||
|
||||
## Configuration
|
||||
|
||||
Les variables contenu dans `.env` permettent de changer :
|
||||
|
||||
- `MARIADB_IMAGE` : la version
|
||||
- `MARIADB_ROOT_PASSWORD` : le mot de passe _root_
|
||||
- `MARIADB_USER` : le nom d'utilisateur
|
||||
- `MARIADB_PASSWORD` : le mot de passe
|
||||
- `MARIADB_DATABASE` : le nom de la base de données
|
||||
- `MARIADB_CONTAINER_NAME` (par defaut _mariadb_) : le nom du conteneur
|
||||
- `MARIADB_VOLUME_NAME` (par defaut _mariadb_) : le nom du volume
|
||||
|
||||
## Liens
|
||||
|
||||
- [Site Officiel][site]
|
||||
- [Code source][source]
|
||||
- [Docker Hub][dockerhub]
|
||||
|
||||
[wikipedia]: https://fr.wikipedia.org/wiki/MariaDB
|
||||
[site]: https://mariadb.org/
|
||||
[source]: https://github.com/MariaDB/server
|
||||
[dockerhub]: https://hub.docker.com/_/mariadb/
|
||||
@@ -1,23 +0,0 @@
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
mariadb:
|
||||
name: ${MARIADB_VOLUME_NAME:-mariadb}
|
||||
|
||||
services:
|
||||
mariadb:
|
||||
container_name: ${MARIADB_CONTAINER_NAME:-mariadb}
|
||||
image: ${MARIADB_IMAGE:-mariadb:10.7.1-focal}
|
||||
command: ${MARIADB_COMMAND}
|
||||
restart: always
|
||||
environment:
|
||||
MARIADB_ROOT_PASSWORD: ${MARIADB_ROOT_PASSWORD:?err}
|
||||
MARIADB_USER: ${MARIADB_USER:?err}
|
||||
MARIADB_PASSWORD: ${MARIADB_PASSWORD:?err}
|
||||
MARIADB_DATABASE: ${MARIADB_DATABASE:?err}
|
||||
PUID: ${MARIADB_PUID:-1000}
|
||||
PGID: ${MARIADB_PGID:-1000}
|
||||
volumes:
|
||||
- mariadb:/var/lib/mysql
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
31
matomo/.env
31
matomo/.env
@@ -1,31 +0,0 @@
|
||||
########
|
||||
# DOCKER
|
||||
|
||||
#DOCKER_CONTEXT=
|
||||
#DOCKER_HOST=
|
||||
SERVICES_DIR=..
|
||||
COMPOSE_FILE=${SERVICES_DIR}/matomo/docker-compose.yml:${SERVICES_DIR}/matomo/docker-compose.local.yml
|
||||
#COMPOSE_PROJECT_NAME=
|
||||
|
||||
## APP
|
||||
|
||||
MATOMO_DOMAIN=localhost
|
||||
#MATOMO_CONTAINER_NAME=matomo
|
||||
#MATOMO_VOLUME_NAME=matomo
|
||||
#MATOMO_IMAGE=matomo:4.1.1-apache
|
||||
|
||||
## MARIADB
|
||||
|
||||
#MARIADB_VOLUME_NAME=
|
||||
#MARIADB_CONTAINER_NAME=
|
||||
#MARIADB_IMAGE=
|
||||
MARIADB_USER=user-example
|
||||
MARIADB_ROOT_PASSWORD=password-example
|
||||
MARIADB_PASSWORD=password-example
|
||||
MARIADB_DB=matomo_dev
|
||||
|
||||
## TRAEFIK
|
||||
|
||||
#TRAEFIK_NETWORK_NAME=
|
||||
#TRAEFIK_ROUTER_NAME=
|
||||
#TRAEFIK_ENTRYPOINTS=
|
||||
@@ -1,15 +0,0 @@
|
||||
# Matomo
|
||||
|
||||
> Matomo est une plateforme d'analyse Web complète et open source.
|
||||
|
||||
## Liens
|
||||
|
||||
- [Site Officiel][site]
|
||||
- [Documentation][documentation]
|
||||
- [Code source][source]
|
||||
- [Docker Hub][dockerhub]
|
||||
|
||||
[site]: https://matomo.org/
|
||||
[source]: https://github.com/matomo-org/matomo
|
||||
[documentation]: https://matomo.org/faq/reports/tour-of-matomo-overview-of-the-reporting-interface/
|
||||
[dockerhub]: https://hub.docker.com/_/matomo/
|
||||
@@ -1,6 +0,0 @@
|
||||
---
|
||||
|
||||
services:
|
||||
matomo:
|
||||
ports:
|
||||
- ${LOCAL_PORT:-8080}:80
|
||||
@@ -1,14 +0,0 @@
|
||||
---
|
||||
|
||||
networks:
|
||||
default:
|
||||
name: ${TRAEFIK_NETWORK_NAME:-traefik}
|
||||
external: true
|
||||
|
||||
services:
|
||||
matomo:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-matomo}.rule=Host(`${MATOMO_DOMAIN:?err}`)
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-matomo}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
|
||||
@@ -1,48 +0,0 @@
|
||||
---
|
||||
|
||||
services:
|
||||
db:
|
||||
image: mariadb:lts
|
||||
container_name: ${MARIADB_CONTAINER_NAME:-mariadb}
|
||||
image: ${MARIADB_IMAGE:-mariadb:lts}
|
||||
command: --max-allowed-packet=64MB
|
||||
restart: always
|
||||
volumes:
|
||||
- db:/var/lib/mysql:Z
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
environment:
|
||||
- MARIADB_AUTO_UPGRADE=1
|
||||
- MARIADB_DATABASE=matomo
|
||||
- MARIADB_DISABLE_UPGRADE_BACKUP=1
|
||||
- MARIADB_INITDB_SKIP_TZINFO=1
|
||||
- MARIADB_PASSWORD=${MARIADB_PASSWORD:?err}
|
||||
- MARIADB_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD:?err}
|
||||
- MARIADB_USER=matomo
|
||||
|
||||
app:
|
||||
container_name: ${MATOMO_CONTAINER_NAME:-matomo}
|
||||
image: ${MATOMO_IMAGE:-matomo:4.1.1-apache}
|
||||
restart: always
|
||||
volumes:
|
||||
# - ./config:/var/www/html/config:z
|
||||
# - ./logs:/var/www/html/logs:z
|
||||
- matomo:/var/www/html:z
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
depends_on:
|
||||
- db
|
||||
environment:
|
||||
- MATOMO_DATABASE_ADAPTER=mysql
|
||||
- MATOMO_DATABASE_DBNAME=matomo
|
||||
- MATOMO_DATABASE_HOST=db
|
||||
- MATOMO_DATABASE_PASSWORD=${MARIADB_PASSWORD:?err}
|
||||
- MATOMO_DATABASE_TABLES_PREFIX=matomo_
|
||||
- MATOMO_DATABASE_USERNAME=matomo
|
||||
ports:
|
||||
- 8080:80
|
||||
|
||||
volumes:
|
||||
db:
|
||||
matomo:
|
||||
name: ${MATOMO_VOLUME_NAME:-matomo}
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
mobilizon:
|
||||
ports:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
name: ${TRAEFIK_NETWORK_NAME:-traefik}
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
mobilizon:
|
||||
name: ${MOBILIZON_VOLUME_NAME:-mobilizon}
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
nextcloud-fpm:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
nextcloud-web:
|
||||
|
||||
@@ -1,16 +0,0 @@
|
||||
---
|
||||
|
||||
services:
|
||||
nextcloud-fpm:
|
||||
depends_on:
|
||||
- postgres
|
||||
environment:
|
||||
&postgres-configuration
|
||||
POSTGRES_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} # Default name is same as ../postgres/docker-compose.yml:8
|
||||
POSTGRES_USER: ${POSTGRES_USER:?err}
|
||||
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?err}
|
||||
POSTGRES_DB: ${POSTGRES_DB:?err}
|
||||
|
||||
nextcloud-cron:
|
||||
environment:
|
||||
<<: *postgres-configuration
|
||||
@@ -1,13 +0,0 @@
|
||||
---
|
||||
|
||||
services:
|
||||
nextcloud-fpm:
|
||||
depends_on:
|
||||
- redis
|
||||
environment:
|
||||
&redis-configuration
|
||||
REDIS_HOST: ${REDIS_CONTAINER_NAME:-redis} # Default name is same as ../redis/docker-compose.yml:4
|
||||
|
||||
nextcloud-cron:
|
||||
environment:
|
||||
<<: *redis-configuration
|
||||
@@ -1,12 +1,12 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
nextcloud-fpm:
|
||||
environment:
|
||||
&smtp-configuration
|
||||
SMTP_HOST: ${SMTP_HOST:?err}
|
||||
SMTP_SECURE: ${SMTP_SECURE:-}
|
||||
SMTP_PORT: ${SMTP_PORT:-587}
|
||||
SMTP_SECURE: ${SMTP_SECURE:-ssl}
|
||||
SMTP_PORT: ${SMTP_PORT:-465}
|
||||
SMTP_AUTHTYPE: ${SMTP_AUTHTYPE:-LOGIN}
|
||||
SMTP_NAME: ${SMTP_NAME:?err}
|
||||
SMTP_PASSWORD: ${SMTP_PASSWORD:?err}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
nextcloud:
|
||||
@@ -9,6 +9,9 @@ services:
|
||||
container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm
|
||||
image: ${NEXTCLOUD_IMAGE:-nextcloud:25.0.2-fpm-alpine}
|
||||
restart: always
|
||||
depends_on:
|
||||
- postgres
|
||||
- redis
|
||||
volumes:
|
||||
- nextcloud:/var/www/html
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
@@ -20,6 +23,11 @@ services:
|
||||
NEXTCLOUD_ADMIN_PASSWORD: ${NEXTCLOUD_ADMIN_PASSWORD?err}
|
||||
OVERWRITEPROTOCOL: ${OVERWRITEPROTOCOL:-https}
|
||||
PHP_UPLOAD_LIMIT: ${PHP_UPLOAD_LIMIT:-512M}
|
||||
POSTGRES_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} # Default name is same as ../postgres/docker-compose.yml:8
|
||||
POSTGRES_USER: ${POSTGRES_USER:?err}
|
||||
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?err}
|
||||
POSTGRES_DB: ${POSTGRES_DB:?err}
|
||||
REDIS_HOST: ${REDIS_CONTAINER_NAME:-redis} # Default name is same as ../redis/docker-compose.yml:4
|
||||
PUID: ${NEXTCLOUD_PUID:-1000}
|
||||
PGID: ${NEXTCLOUD_PGID:-1000}
|
||||
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
FROM nginx:1.25.3-alpine
|
||||
FROM nginx:1.23.3-alpine
|
||||
|
||||
COPY nextcloud.conf.template /etc/nginx/templates/default.conf.template
|
||||
|
||||
@@ -2,32 +2,64 @@ upstream php-handler {
|
||||
server ${NEXTCLOUD_FPM_CONTAINER_NAME}:9000;
|
||||
}
|
||||
|
||||
# Set the `immutable` cache control options only for assets with a cache busting `v` argument
|
||||
map $arg_v $asset_immutable {
|
||||
"" "";
|
||||
default "immutable";
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
|
||||
# Path to the root of your installation
|
||||
root /var/www/html;
|
||||
|
||||
# Prevent nginx HTTP Server Detection
|
||||
server_tokens off;
|
||||
|
||||
# HSTS settings
|
||||
# Add headers to serve security related headers
|
||||
# Before enabling Strict-Transport-Security headers please read into this
|
||||
# topic first.
|
||||
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
|
||||
#
|
||||
# WARNING: Only add the preload option once you read about
|
||||
# the consequences in https://hstspreload.org/. This option
|
||||
# will add the domain to a hardcoded list that is shipped
|
||||
# in all major browsers and getting removed from this list
|
||||
# could take several months.
|
||||
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" always;
|
||||
add_header Referrer-Policy "no-referrer" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
add_header X-Download-Options "noopen" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
||||
add_header X-Robots-Tag "none" always;
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
|
||||
# set max upload size and increase upload timeout:
|
||||
# Remove X-Powered-By, which is an information leak
|
||||
fastcgi_hide_header X-Powered-By;
|
||||
|
||||
# Path to the root of your installation
|
||||
root /var/www/html;
|
||||
|
||||
location = /robots.txt {
|
||||
allow all;
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
# The following 2 rules are only needed for the user_webfinger app.
|
||||
# Uncomment it if you're planning to use this app.
|
||||
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
|
||||
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
|
||||
|
||||
# The following rule is only needed for the Social app.
|
||||
# Uncomment it if you're planning to use this app.
|
||||
#rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
|
||||
|
||||
location = /.well-known/carddav {
|
||||
return 301 $scheme://$host:$server_port/remote.php/dav;
|
||||
}
|
||||
|
||||
location = /.well-known/caldav {
|
||||
return 301 $scheme://$host:$server_port/remote.php/dav;
|
||||
}
|
||||
|
||||
# location /nginx_status {
|
||||
# stub_status;
|
||||
# allow 192.168.1.0/24; #only allow requests from local network
|
||||
# deny all; #deny all other hosts
|
||||
# }
|
||||
|
||||
# set max upload size
|
||||
client_max_body_size 10G;
|
||||
client_body_timeout 300s;
|
||||
fastcgi_buffers 64 4K;
|
||||
|
||||
# Enable gzip but do not remove ETag headers
|
||||
@@ -36,137 +68,78 @@ server {
|
||||
gzip_comp_level 4;
|
||||
gzip_min_length 256;
|
||||
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
|
||||
gzip_types application/atom+xml text/javascript application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
|
||||
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
|
||||
|
||||
# Pagespeed is not supported by Nextcloud, so if your server is built
|
||||
# with the `ngx_pagespeed` module, uncomment this line to disable it.
|
||||
# Uncomment if your server is build with the ngx_pagespeed module
|
||||
# This module is currently not supported.
|
||||
#pagespeed off;
|
||||
|
||||
# The settings allows you to optimize the HTTP2 bandwidth.
|
||||
# See https://blog.cloudflare.com/delivering-http-2-upload-speed-improvements/
|
||||
# for tuning hints
|
||||
client_body_buffer_size 512k;
|
||||
|
||||
# HTTP response headers borrowed from Nextcloud `.htaccess`
|
||||
add_header Referrer-Policy "no-referrer" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
add_header X-Download-Options "noopen" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
||||
add_header X-Robots-Tag "noindex, nofollow" always;
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
|
||||
# Remove X-Powered-By, which is an information leak
|
||||
fastcgi_hide_header X-Powered-By;
|
||||
|
||||
# Add .mjs as a file extension for javascript
|
||||
# Either include it in the default mime.types list
|
||||
# or include you can include that list explicitly and add the file extension
|
||||
# only for Nextcloud like below:
|
||||
include mime.types;
|
||||
types {
|
||||
text/javascript js mjs;
|
||||
location / {
|
||||
rewrite ^ /index.php;
|
||||
}
|
||||
|
||||
# Specify how to handle directories -- specifying `/index.php$request_uri`
|
||||
# here as the fallback means that Nginx always exhibits the desired behaviour
|
||||
# when a client requests a path that corresponds to a directory that exists
|
||||
# on the server. In particular, if that directory contains an index.php file,
|
||||
# that file is correctly served; if it doesn't, then the request is passed to
|
||||
# the front-end controller. This consistent behaviour means that we don't need
|
||||
# to specify custom rules for certain paths (e.g. images and other assets,
|
||||
# `/updater`, `/ocs-provider`), and thus
|
||||
# `try_files $uri $uri/ /index.php$request_uri`
|
||||
# always provides the desired behaviour.
|
||||
index index.php index.html /index.php$request_uri;
|
||||
|
||||
# Rule borrowed from `.htaccess` to handle Microsoft DAV clients
|
||||
location = / {
|
||||
if ( $http_user_agent ~ ^DavClnt ) {
|
||||
return 302 /remote.php/webdav/$is_args$args;
|
||||
}
|
||||
location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
|
||||
deny all;
|
||||
}
|
||||
location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location = /robots.txt {
|
||||
allow all;
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
# Make a regex exception for `/.well-known` so that clients can still
|
||||
# access it despite the existence of the regex rule
|
||||
# `location ~ /(\.|autotest|...)` which would otherwise handle requests
|
||||
# for `/.well-known`.
|
||||
location ^~ /.well-known {
|
||||
# The rules in this block are an adaptation of the rules
|
||||
# in `.htaccess` that concern `/.well-known`.
|
||||
|
||||
location = /.well-known/carddav { return 301 /remote.php/dav/; }
|
||||
location = /.well-known/caldav { return 301 /remote.php/dav/; }
|
||||
|
||||
location /.well-known/acme-challenge { try_files $uri $uri/ =404; }
|
||||
location /.well-known/pki-validation { try_files $uri $uri/ =404; }
|
||||
|
||||
# Let Nextcloud's API for `/.well-known` URIs handle all other
|
||||
# requests by passing them to the front-end controller.
|
||||
return 301 /index.php$request_uri;
|
||||
}
|
||||
|
||||
# Rules borrowed from `.htaccess` to hide certain paths from clients
|
||||
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
|
||||
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
|
||||
|
||||
# Ensure this block, which passes PHP files to the PHP process, is above the blocks
|
||||
# which handle static assets (as seen below). If this block is not declared first,
|
||||
# then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
|
||||
# to the URI, resulting in a HTTP 500 error response.
|
||||
location ~ \.php(?:$|/) {
|
||||
# Required for legacy support
|
||||
rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri;
|
||||
|
||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
|
||||
fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
|
||||
set $path_info $fastcgi_path_info;
|
||||
|
||||
try_files $fastcgi_script_name =404;
|
||||
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param PATH_INFO $path_info;
|
||||
fastcgi_param HTTPS on;
|
||||
# fastcgi_param HTTPS on;
|
||||
|
||||
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
|
||||
fastcgi_param front_controller_active true; # Enable pretty urls
|
||||
# Avoid sending the security headers twice
|
||||
fastcgi_param modHeadersAvailable true;
|
||||
|
||||
# Enable pretty urls
|
||||
fastcgi_param front_controller_active true;
|
||||
fastcgi_pass php-handler;
|
||||
|
||||
fastcgi_intercept_errors on;
|
||||
fastcgi_request_buffering off;
|
||||
|
||||
fastcgi_max_temp_file_size 0;
|
||||
}
|
||||
|
||||
# Serve static files
|
||||
location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ {
|
||||
location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
|
||||
try_files $uri/ =404;
|
||||
index index.php;
|
||||
}
|
||||
|
||||
# Adding the cache control header for js, css and map files
|
||||
# Make sure it is BELOW the PHP block
|
||||
location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
add_header Cache-Control "public, max-age=15778463, $asset_immutable";
|
||||
access_log off; # Optional: Don't log access to assets
|
||||
add_header Cache-Control "public, max-age=15778463";
|
||||
# Add headers to serve security related headers (It is intended to
|
||||
# have those duplicated to the ones above)
|
||||
# Before enabling Strict-Transport-Security headers please read into
|
||||
# this topic first.
|
||||
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
|
||||
#
|
||||
# WARNING: Only add the preload option once you read about
|
||||
# the consequences in https://hstspreload.org/. This option
|
||||
# will add the domain to a hardcoded list that is shipped
|
||||
# in all major browsers and getting removed from this list
|
||||
# could take several months.
|
||||
add_header Referrer-Policy "no-referrer" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
add_header X-Download-Options "noopen" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
||||
add_header X-Robots-Tag "none" always;
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
|
||||
location ~ \.wasm$ {
|
||||
default_type application/wasm;
|
||||
}
|
||||
# Optional: Don't log access to assets
|
||||
access_log off;
|
||||
}
|
||||
|
||||
location ~ \.woff2?$ {
|
||||
location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
expires 7d; # Cache-Control policy borrowed from `.htaccess`
|
||||
access_log off; # Optional: Don't log access to assets
|
||||
}
|
||||
|
||||
# Rule borrowed from `.htaccess`
|
||||
location /remote {
|
||||
return 301 /remote.php$request_uri;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php$request_uri;
|
||||
# Optional: Don't log access to other assets
|
||||
access_log off;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
clickhouse:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
plausible:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
plausible:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
plausible:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
plausible:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
plausible:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
postgres:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
name: ${TRAEFIK_NETWORK_NAME:-traefik}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
redis:
|
||||
|
||||
@@ -1,11 +0,0 @@
|
||||
---
|
||||
services:
|
||||
signaturepdf:
|
||||
labels:
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.tls.certResolver=letsencrypt
|
||||
# redirect HTTP to HTTPS
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}_http.rule=Host(`${SIGNATUREPDF_DOMAIN:?err}`)
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}_http.entrypoints=web
|
||||
- traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-signaturepdf}_redirect_https.redirectscheme.scheme=https
|
||||
- traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-signaturepdf}_redirect_https.redirectscheme.permanent=true
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}_http.middlewares=${TRAEFIK_ROUTER_NAME:-signaturepdf}_redirect_https
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
name: ${TRAEFIK_NETWORK_NAME:-traefik}
|
||||
@@ -11,4 +13,4 @@ services:
|
||||
- traefik.enable=true
|
||||
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.rule=Host(`${SIGNATUREPDF_DOMAIN:?err}`)
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.entrypoints=web
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
signaturepdf:
|
||||
name: ${SIGNATUREPDF_VOLUME_NAME:-signaturepdf}
|
||||
@@ -19,5 +21,3 @@ services:
|
||||
PDF_STORAGE_PATH: ${PDF_STORAGE_PATH}
|
||||
DISABLE_ORGANIZATION: ${DISABLE_ORGANIZATION}
|
||||
PDF_DEMO_LINK: ${PDF_DEMO_LINK}
|
||||
DEFAULT_LANGUAGE: ${DEFAULT_LANGUAGE:-fr_FR.UTF-8}
|
||||
PDF_STORAGE_ENCRYPTION: ${PDF_STORAGE_ENCRYPTION:-true}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
traefik:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
traefik:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
traefik:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
uptimekuma:
|
||||
ports:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
name: ${TRAEFIK_NETWORK_NAME:-traefik}
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
uptimekuma:
|
||||
name: ${UPTIMEKUMA_VOLUME_NAME:-uptimekuma}
|
||||
|
||||
@@ -9,7 +9,7 @@ COMPOSE_FILE=${SERVICES_DIR}/vaultwarden/docker-compose.yml
|
||||
|
||||
#VAULTWARDEN_IMAGE=
|
||||
#VAULTWARDEN_VOLUME_NAME=
|
||||
SERVICE_DOMAIN=vaultwarden.local
|
||||
VAULTWARDEN_DOMAIN=vaultwarden.local
|
||||
|
||||
#VAULTWARDEN_LOG_LEVEL=
|
||||
#VAULTWARDEN_SIGNUPS_ALLOWED=false
|
||||
|
||||
@@ -10,20 +10,6 @@ Toutes les variables de configuration du service sont disponibles à [cette adre
|
||||
|
||||
[Les clients de Bitwarden](https://bitwarden.com/#download) sont compatibles avec le serveur.
|
||||
|
||||
## Ajout des mails en Français
|
||||
|
||||
Il est possible de [traduire les mails](https://github.com/dani-garcia/vaultwarden/wiki/Translating-the-email-templates).
|
||||
|
||||
```
|
||||
. .env
|
||||
cd /var/lib/docker/volumes/${VAULTWARDEN_VOLUME_NAME}/_data/
|
||||
mkdir templates && cd templates
|
||||
wget https://github.com/YoanSimco/vaultwarden-lang-fr/archive/refs/heads/main.zip
|
||||
unzip main.zip
|
||||
mv vaultwarden-lang-fr/email .
|
||||
rm vaultwarden-lang-fr-main/ main.zip -rf
|
||||
```
|
||||
|
||||
## Liens
|
||||
|
||||
- [Documentation][documentation]
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
vaultwarden:
|
||||
depends_on:
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
vaultwarden:
|
||||
environment:
|
||||
|
||||
@@ -1,25 +0,0 @@
|
||||
---
|
||||
|
||||
services:
|
||||
vaultwarden:
|
||||
environment:
|
||||
SSO_ENABLED: ${SSO_ENABLED:-true}
|
||||
SSO_ONLY: ${SSO_ONLY:-true}
|
||||
SSO_SIGNUPS_MATCH_EMAIL: ${SSO_SIGNUPS_MATCH_EMAIL:-true}
|
||||
SSO_AUTHORITY: ${SSO_AUTHORITY}
|
||||
SSO_SCOPES: ${SSO_SCOPES:-email groups profile offline_access}
|
||||
SSO_AUTHORIZE_EXTRA_PARAMS: ${SSO_AUTHORIZE_EXTRA_PARAMS:-}
|
||||
SSO_PKCE: ${SSO_PKCE:-false}
|
||||
SSO_CLIENT_ID: ${SSO_CLIENT_ID}
|
||||
SSO_CLIENT_SECRET: ${SSO_CLIENT_SECRET}
|
||||
# SSO_MASTER_PASSWORD_POLICY: ${SSO_MASTER_PASSWORD_POLICY:-}
|
||||
SSO_AUTH_ONLY_NOT_SESSION: ${SSO_AUTH_ONLY_NOT_SESSION:-false}
|
||||
SSO_CLIENT_CACHE_EXPIRATION: ${SSO_CLIENT_CACHE_EXPIRATION:-0}
|
||||
SSO_DEBUG_TOKENS: ${SSO_DEBUG_TOKENS:-false}
|
||||
|
||||
SSO_FRONTEND: ${SSO_FRONTEND:-override}
|
||||
# SSO_EXPERIMENTAL_NO_MASTER_PWD: ${SSO_EXPERIMENTAL_NO_MASTER_PWD:-false}
|
||||
SSO_ROLES_ENABLED: ${SSO_ROLES_ENABLED:-false}
|
||||
SSO_ROLES_DEFAULT_TO_USER: ${SSO_ROLES_DEFAULT_TO_USER:-false}
|
||||
|
||||
SSO_ORGANIZATIONS_INVITE: ${SSO_ORGANIZATIONS_INVITE:-false}
|
||||
@@ -1,12 +0,0 @@
|
||||
---
|
||||
|
||||
services:
|
||||
vaultwarden:
|
||||
labels:
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.tls.certResolver=letsencrypt
|
||||
# redirect HTTP to HTTPS
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}_http.rule=Host(`${SERVICE_DOMAIN:?err}`)
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}_http.entrypoints=web
|
||||
- traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-vaultwarden}_redirect_https.redirectscheme.scheme=https
|
||||
- traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-vaultwarden}_redirect_https.redirectscheme.permanent=true
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}_http.middlewares=${TRAEFIK_ROUTER_NAME:-vaultwarden}_redirect_https
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
name: ${TRAEFIK_NETWORK_NAME:-traefik}
|
||||
@@ -10,5 +12,5 @@ services:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.rule=Host(`${SERVICE_DOMAIN:?err}`)
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.rule=Host(`${VAULTWARDEN_DOMAIN:?err}`)
|
||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
|
||||
@@ -1,26 +1,22 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
volumes:
|
||||
vaultwarden:
|
||||
name: ${VAULTWARDEN_VOLUME_NAME:-vaultwarden}
|
||||
|
||||
services:
|
||||
vaultwarden:
|
||||
image: ${VAULTWARDEN_IMAGE:-vaultwarden/server:1.34.1-alpine}
|
||||
image: ${VAULTWARDEN_IMAGE:-vaultwarden/server:1.27.0-alpine}
|
||||
container_name: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden}
|
||||
restart: always
|
||||
environment:
|
||||
ADMIN_TOKEN: ${VAULTWARDEN_ADMIN_TOKEN:?err}
|
||||
DOMAIN: https://${SERVICE_DOMAIN:?err}
|
||||
SENDS_ALLOWED: ${SENDS_ALLOWED:-true}
|
||||
TRASH_AUTO_DELETE_DAYS: ${TRASH_AUTO_DELETE_DAYS:-}
|
||||
DISABLE_ICON_DOWNLOAD: ${DISABLE_ICON_DOWNLOAD:-false}
|
||||
SIGNUPS_ALLOWED: ${VAULTWARDEN_SIGNUPS_ALLOWED:-true}
|
||||
SIGNUPS_VERIFY: ${SIGNUPS_VERIFY:-false}
|
||||
SIGNUPS_DOMAINS_WHITELIST: ${SIGNUPS_DOMAINS_WHITELIST:-}
|
||||
DOMAIN: https://${VAULTWARDEN_DOMAIN:?err}
|
||||
INVITATION_ORG_NAME: ${VAULTWARDEN_INVITATION_ORG_NAME:-Vaultwarden}
|
||||
LOG_LEVEL: ${VAULTWARDEN_LOG_LEVEL:-Info}
|
||||
ORG_GROUPS_ENABLED: ${VAULTWARDEN_ORG_GROUPS_ENABLED:-false}
|
||||
SIGNUPS_ALLOWED: ${VAULTWARDEN_SIGNUPS_ALLOWED:-true}
|
||||
volumes:
|
||||
- vaultwarden:/data
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
|
||||
@@ -1,9 +0,0 @@
|
||||
---
|
||||
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
vikunja_api:
|
||||
environment:
|
||||
VIKUNJA_LEGAL_IMPRINTURL: ${VIKUNJA_LEGAL_IMPRINTURL}
|
||||
VIKUNJA_LEGAL_PRIVACYURL: ${VIKUNJA_LEGAL_PRIVACYURL}
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
vikunja_api:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
# https://vikunja.io/docs/config-options/#metrics
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
# https://vikunja.io/docs/config-options/#redis
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
# https://vikunja.io/docs/config-options/#mailer
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
default:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
# https://vikunja.io/docs/config-options
|
||||
# https://vikunja.io/docs/full-docker-example/
|
||||
@@ -10,30 +10,13 @@ volumes:
|
||||
services:
|
||||
vikunja_api:
|
||||
container_name: ${VIKUNJA_CONTAINER_NAME:-vikunja}_api
|
||||
image: ${VIKUNJA_API_IMAGE:-vikunja/api:0.21.0}
|
||||
image: ${VIKUNJA_API_IMAGE:-vikunja/api:0.18.1}
|
||||
restart: always
|
||||
environment:
|
||||
VIKUNJA_DATABASE_PATH: ${VIKUNJA_DATABASE_PATH:-./vikunja.db}
|
||||
|
||||
VIKUNJA_DEFAULTSETTINGS_AVATAR_PROVIDER: ${VIKUNJA_DEFAULTSETTINGS_AVATAR_PROVIDER:-initials}
|
||||
VIKUNJA_DEFAULTSETTINGS_AVATAR_FILE_ID: ${VIKUNJA_DEFAULTSETTINGS_AVATAR_FILE_ID:-0}
|
||||
VIKUNJA_DEFAULTSETTINGS_EMAIL_REMINDERS_ENABLED: ${VIKUNJA_DEFAULTSETTINGS_EMAIL_REMINDERS_ENABLED:-false}
|
||||
VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_NAME: ${VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_NAME:-true}
|
||||
VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_EMAIL: ${VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_EMAIL:-true}
|
||||
VIKUNJA_DEFAULTSETTINGS_OVERDUE_TASKS_REMINDERS_ENABLED: ${VIKUNJA_DEFAULTSETTINGS_OVERDUE_TASKS_REMINDERS_ENABLED:-false}
|
||||
VIKUNJA_DEFAULTSETTINGS_OVERDUE_TASKS_REMINDERS_TIME: ${VIKUNJA_DEFAULTSETTINGS_OVERDUE_TASKS_REMINDERS_TIME:-9:00}
|
||||
VIKUNJA_DEFAULTSETTINGS_DEFAULT_PROJECT_ID: ${VIKUNJA_DEFAULTSETTINGS_DEFAULT_PROJECT_ID:-0}
|
||||
VIKUNJA_DEFAULTSETTINGS_WEEK_START: ${VIKUNJA_DEFAULTSETTINGS_WEEK_START:-1}
|
||||
VIKUNJA_DEFAULTSETTINGS_LANGUAGE: ${VIKUNJA_DEFAULTSETTINGS_LANGUAGE:-fr-FR}
|
||||
VIKUNJA_DEFAULTSETTINGS_TIMEZONE: ${VIKUNJA_DEFAULTSETTINGS_TIMEZONE:-Europe/Paris}
|
||||
|
||||
VIKUNJA_FILES_BASEPATH: ${VIKUNJA_FILES_BASEPATH:-./files}
|
||||
VIKUNJA_FILES_MAXSIZE: ${VIKUNJA_FILES_MAXSIZE:-20MB}
|
||||
|
||||
|
||||
VIKUNJA_SERVICE_JWTSECRET: ${VIKUNJA_SERVICE_JWTSECRET}
|
||||
VIKUNJA_SERVICE_JWTTTL: ${VIKUNJA_SERVICE_JWTTTL:-259200}
|
||||
VIKUNJA_SERVICE_JWTTTLLONG: ${VIKUNJA_SERVICE_JWTTTLLONG:-2592000}
|
||||
|
||||
VIKUNJA_SERVICE_FRONTENDURL: ${VIKUNJA_SERVICE_FRONTENDURL:?err}
|
||||
VIKUNJA_SERVICE_MAXITEMSPERPAGE: ${VIKUNJA_SERVICE_MAXITEMSPERPAGE:-50}
|
||||
VIKUNJA_SERVICE_ENABLECALDAV: ${VIKUNJA_SERVICE_ENABLECALDAV:-true}
|
||||
@@ -45,17 +28,18 @@ services:
|
||||
VIKUNJA_SERVICE_ENABLETOTP: ${VIKUNJA_SERVICE_ENABLETOTP:-true}
|
||||
VIKUNJA_SERVICE_ENABLEEMAILREMINDERS: ${VIKUNJA_SERVICE_ENABLEEMAILREMINDERS:-true}
|
||||
VIKUNJA_SERVICE_ENABLEUSERDELETION: ${VIKUNJA_SERVICE_ENABLEUSERDELETION:-true}
|
||||
VIKUNJA_SERVICE_ROOTPATH: ${VIKUNJA_SERVICE_ROOTPATH:-/app/vikunja/}
|
||||
|
||||
VIKUNJA_FILES_BASEPATH: ${VIKUNJA_FILES_BASEPATH:-./files}
|
||||
VIKUNJA_FILES_MAXSIZE: ${VIKUNJA_FILES_MAXSIZE:-20MB}
|
||||
PUID: ${VIKUNJA_PUID:-1000}
|
||||
PGID: ${VIKUNJA_PGID:-1000}
|
||||
volumes:
|
||||
- vikunja:${VIKUNJA_VOLUME_PATH:-/app/vikunja/files}
|
||||
- vikunja:/app/vikunja/files
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
vikunja_frontend:
|
||||
container_name: ${VIKUNJA_CONTAINER_NAME:-vikunja}_frontend
|
||||
image: ${VIKUNJA_FRONTEND_IMAGE:-vikunja/frontend:0.21.0}
|
||||
image: ${VIKUNJA_FRONTEND_IMAGE:-vikunja/frontend:0.18.2}
|
||||
restart: always
|
||||
depends_on:
|
||||
- vikunja_api
|
||||
|
||||
Reference in New Issue
Block a user