mustard/fedora-server-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added seafile config.

Browse source
This commit is contained in:
mustard 2024-08-27 09:42:18 +02:00
parent 19d3d161a8
commit 570bfd4c29
4 changed files with 306 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

64
config/nginx/forgejo.conf Normal file
View file

@ -0,0 +1,64 @@
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /tmp/nginx.pid;
events
{
worker_connections 1024;
}
http
{
proxy_temp_path /tmp/proxy_temp;
client_body_temp_path /tmp/client_temp;
fastcgi_temp_path /tmp/fastcgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
scgi_temp_path /tmp/scgi_temp;
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
server
{
listen 8443 ssl;
listen [::]:8443 ssl;
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/key.pem;
server_name forgejoever.homelab0ne.xyz;
location /
{
proxy_pass http://forgejoever:3000;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
# Nginx by default only allows file uploads up to 1M in size
# Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
client_max_body_size 50M;
proxy_http_version 1.1;
}
}
}

65
config/nginx/seafile.conf Normal file
View file

@ -0,0 +1,65 @@
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /tmp/nginx.pid;
events
{
worker_connections 1024;
}
http
{
proxy_temp_path /tmp/proxy_temp;
client_body_temp_path /tmp/client_temp;
fastcgi_temp_path /tmp/fastcgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
scgi_temp_path /tmp/scgi_temp;
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
server
{
listen 8443 ssl;
listen [::]:8443 ssl;
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/key.pem;
server_name localhost seafile.homelab0ne.xyz;
location /
{
proxy_pass http://seafile:80;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_set_header Origin 'https://seafile.homelab0ne.xyz';
# Nginx by default only allows file uploads up to 1M in size
# Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
client_max_body_size 50M;
proxy_http_version 1.1;
}
}
}

103
docker-compose-forgejo.yaml Normal file
View file

@ -0,0 +1,103 @@
services:
forgejo:
image: codeberg.org/forgejo/forgejo:8-rootless
container_name: forgejo
secrets:
- forgejo_internal_token
- forgejo_root_password
- forgejo_secret_key
- lfs_jwt_secret
- oauth_jwt_secret
- postgres_user_password
env_file:
- ./.secrets/forgejo.env
- ./config/forgejo/forgejo.env
environment:
USER_UID: 1000
USER_GID: 1000
# FORGEJO__database__NAME: forgejodb
# FORGEJO__database__USER: forgejo
# FORGEJO__database__HOST: postgres:5432
# FORGEJO__database__PASSWD_FILE: /run/secrets/postgres_user_password
# FORGEJO__database__PASSWD: "${FORGEJO__database__PASSWD}"
# FORGEJO__server__LFS_JWT_SECRET: "${FORGEJO__server__LFS_JWT_SECRET}"
# FORGEJO__security__SECRET_KEY: "${FORGEJO__security__SECRET_KEY}"
# FORGEJO__security__INTERNAL_TOKEN: "${FORGEJO__security__INTERNAL_TOKEN}"
# FORGEJO__oauth2__JWT_SECRET: "${FORGEJO__oauth2__JWT_SECRET}"
ROOT_PASSWORD_FILE: /run/secrets/forgejo_root_password
restart: always
networks:
forgejo:
aliases:
- forgejoever
volumes:
- ./data/forgejo:/var/lib/gitea:Z
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "30022:30022"
depends_on:
- postgres
reverse-proxy:
image: ghcr.io/nginxinc/nginx-unprivileged:mainline-alpine-slim
container_name: reverse_proxy
restart: always
ports:
- "443:8443"
volumes:
- ./config/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./config/nginx/tls.conf:/etc/nginx/conf.d/tls.conf:ro
- ./data/certs:/etc/nginx/ssl:ro
networks:
- forgejo
- frontend
acme.sh:
command:
- daemon
container_name: acme.sh
env_file:
- ./.secrets/acme.env
# environment:
# DEDYN_TOKEN: "${DEDYN_TOKEN}"
image: 'ghcr.io/polarix-containers/acme.sh:latest'
restart: always
volumes:
- ./data/acme.sh:/acme.sh:Z
- ./data/certs:/certs:z
postgres:
container_name: postgres
image: cgr.dev/chainguard/postgres:latest
volumes:
- ./data/postgres:/var/lib/postgresql/data:Z
restart: unless-stopped
ports:
- 5432:5432
env_file:
- ./.secrets/acme.env
# environment:
# POSTGRES_USER: "forgejo"
# POSTGRES_DB: "forgejodb"
# POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
networks:
forgejo:
aliases:
- db
networks:
forgejo:
external: false
frontend:
driver: bridge
secrets:
forgejo_internal_token:
file: ./.secrets/forgejo_internal_token
forgejo_root_password:
file: ./.secrets/forgejo_root_password
forgejo_secret_key:
file: ./.secrets/forgejo_secret_key
lfs_jwt_secret:
file: ./.secrets/lfs_jwt_secret
oauth_jwt_secret:
file: ./.secrets/oauth_jwt_secret
postgres_user_password:
file: ./.secrets/postgres_user_password

74
docker-compose-seafile.yaml Normal file
View file

@ -0,0 +1,74 @@
services:
acme.sh:
command:
- daemon
container_name: acme.sh
env_file:
- ./.secrets/acme.sh.env
image: 'ghcr.io/polarix-containers/acme.sh:latest'
restart: always
volumes:
- ./data/acme.sh:/acme.sh:Z
- ./data/certs:/certs:z
reverse-proxy:
image: ghcr.io/nginxinc/nginx-unprivileged:mainline-alpine-slim
container_name: reverse_proxy
restart: always
ports:
- "443:8443"
volumes:
- ./config/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./config/nginx/tls.conf:/etc/nginx/conf.d/tls.conf:ro
- ./data/certs:/etc/nginx/ssl:ro
networks:
- frontend
depends_on:
- seafile
db:
restart: always
image: cgr.dev/chainguard/mariadb #mariadb:10.11
container_name: seafile-mysql
env_file:
- ./.secrets/seafile.env
environment:
- MYSQL_LOG_CONSOLE=true
- MARIADB_AUTO_UPGRADE=1
volumes:
- ./data/seafile-mysql/db:/var/lib/mysql
networks:
- seafile-net
memcached:
restart: always
image: memcached:latest ##:1.6.18
container_name: seafile-memcached
entrypoint: memcached -m 256
networks:
- seafile-net
seafile:
restart: always
image: seafileltd/seafile-mc:11.0-latest
container_name: seafile
volumes:
- ./data/seafile-data:/shared # Required, specifies the path to Seafile data persistent store.
env_file:
- ./.secrets/seafile.env
environment:
- DB_HOST=db
- TIME_ZONE=Etc/GMT+2 # Optional, default is UTC. Should be uncomment and set to your local time zone.
- SEAFILE_SERVER_HOSTNAME=seafile.homelab0ne.xyz # Specifies your host name if https is enabled.
- NON_ROOT=true
depends_on:
- db
- memcached
networks:
seafile-net:
frontend:
aliases:
- seafile
networks:
joplin:
external: false
frontend:
driver: bridge
seafile-net: