Compare commits
1 commit
2c11caea0b
...
52dadf6070
| Author | SHA1 | Date | |
|---|---|---|---|
| 52dadf6070 |
22 changed files with 59 additions and 41 deletions
.woodpecker
cicd-worker-pub-mep/woodpecker-runner
compute-1-mep
forgejo
freshrss
haste
renovate
searx
traefik-kop
wallabag
wiki
compute-2-mep
gitlab
gnous_frontend
mastodon
traefik-kop
vaultwarden
woodpecker
internals
komodo
semaphore
traefik-kop
wikijs
woodpecker-worker
woodpecker
|
|
@ -20,7 +20,7 @@ steps:
|
|||
- rm -rf output.txt
|
||||
- apt-get update
|
||||
- apt-get install -y curl
|
||||
- curl -SL https://github.com/docker/compose/releases/download/v2.33.1/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose
|
||||
- curl -SL https://github.com/docker/compose/releases/download/v2.20.3/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose
|
||||
- chmod +x /usr/local/bin/docker-compose
|
||||
- bash .ci/lint_wrap.sh
|
||||
comment_2:
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ volumes:
|
|||
|
||||
services:
|
||||
agent:
|
||||
image: woodpeckerci/woodpecker-agent:next
|
||||
image: woodpeckerci/woodpecker-agent:latest
|
||||
container_name: woodpecker_agent
|
||||
environment:
|
||||
- WOODPECKER_SERVER=grpc.cicd.gnous.eu:443
|
||||
|
|
@ -16,8 +16,7 @@ services:
|
|||
- WOODPECKER_GRPC_SECURE=true
|
||||
- WOODPECKER_GRPC_VERIFY=true
|
||||
env_file:
|
||||
- path: .env
|
||||
required: false
|
||||
- .env
|
||||
restart: always
|
||||
volumes:
|
||||
- agent:/etc/woodpecker
|
||||
|
|
|
|||
|
|
@ -13,8 +13,7 @@ services:
|
|||
restart: always
|
||||
container_name: forgejo
|
||||
env_file:
|
||||
- path: .env
|
||||
required: false
|
||||
- .env
|
||||
environment:
|
||||
- USER_UID=1000
|
||||
- USER_GID=1000
|
||||
|
|
@ -71,6 +70,8 @@ services:
|
|||
# web server
|
||||
- "traefik.http.services.forgejo-service-gnous.loadbalancer.server.port=3001"
|
||||
- "traefik.http.routers.forgejognous.rule=(Host(`git.gnous.eu`) && !Path(`/metrics`))"
|
||||
- "traefik.http.routers.forgejognous.tls=true"
|
||||
- "traefik.http.routers.forgejognous.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.forgejognous.entrypoints=websecure"
|
||||
- "traefik.http.routers.forgejognous.service=forgejo-service-gnous"
|
||||
- "traefik.http.routers.forgejognous.middlewares=proxyHeader@file,proxyError@file"
|
||||
|
|
|
|||
|
|
@ -25,6 +25,8 @@ services:
|
|||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.freshrss.entryPoints=websecure"
|
||||
- "traefik.http.routers.freshrss.rule=Host(`rss.gnous.eu`)"
|
||||
- "traefik.http.routers.freshrss.tls=true"
|
||||
- "traefik.http.routers.freshrss.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.freshrss.middlewares=proxyHeader@file,proxyError@file"
|
||||
env_file:
|
||||
- path: .env
|
||||
|
|
|
|||
|
|
@ -18,6 +18,8 @@ services:
|
|||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.gnoushaste.entryPoints=websecure"
|
||||
- "traefik.http.routers.gnoushaste.rule=Host(`haste.gnous.eu`)"
|
||||
- "traefik.http.routers.gnoushaste.tls=true"
|
||||
- "traefik.http.routers.gnoushaste.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.gnoushaste.middlewares=proxyHeader@file,proxyError@file"
|
||||
env_file:
|
||||
- path: .env
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ networks:
|
|||
|
||||
services:
|
||||
renovate:
|
||||
image: ghcr.io/renovatebot/renovate:39.182.3-full
|
||||
image: ghcr.io/renovatebot/renovate:39.170.2-full
|
||||
restart: always
|
||||
environment:
|
||||
- LOG_LEVEL=info
|
||||
|
|
@ -14,5 +14,4 @@ services:
|
|||
- RENOVATE_GIT_AUTHOR=Renovate bot <renovate@gnous.eu>
|
||||
- RENOVATE_TOKEN=${RENOVATE_TOKEN}
|
||||
env_file:
|
||||
- path: .env
|
||||
required: false
|
||||
- .env
|
||||
|
|
|
|||
|
|
@ -35,6 +35,8 @@ services:
|
|||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.searx.entryPoints=websecure"
|
||||
- "traefik.http.routers.searx.rule=Host(`searx.gnous.eu`)"
|
||||
- "traefik.http.routers.searx.tls=true"
|
||||
- "traefik.http.routers.searx.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.searx.middlewares=proxyHeader@file,proxyError@file"
|
||||
redis:
|
||||
image: "redis:7.4-alpine"
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@ services:
|
|||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
env_file:
|
||||
- path: .env
|
||||
required: false
|
||||
- .env
|
||||
environment:
|
||||
- BIND_IP=10.100.2.2
|
||||
|
|
|
|||
|
|
@ -48,6 +48,8 @@ services:
|
|||
# web server
|
||||
- "traefik.http.services.wallabag-service-gnous.loadbalancer.server.port=3009"
|
||||
- "traefik.http.routers.wallabaggnous.rule=Host(`bag.gnous.eu`)"
|
||||
- "traefik.http.routers.wallabaggnous.tls=true"
|
||||
- "traefik.http.routers.wallabaggnous.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.wallabaggnous.entrypoints=websecure"
|
||||
- "traefik.http.routers.wallabaggnous.service=wallabag-service-gnous"
|
||||
- "traefik.http.routers.wallabaggnous.middlewares=proxyHeader@file,proxyError@file"
|
||||
|
|
|
|||
|
|
@ -12,5 +12,7 @@ services:
|
|||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.wiki.entryPoints=websecure"
|
||||
- "traefik.http.routers.wiki.rule=Host(`wiki.gnous.eu`)"
|
||||
- "traefik.http.routers.wiki.tls=true"
|
||||
- "traefik.http.routers.wiki.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.wiki.middlewares=proxyHeader@file,proxyError@file"
|
||||
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ volumes:
|
|||
|
||||
services:
|
||||
gitlab:
|
||||
image: gitlab/gitlab-ce:17.9.1-ce.0
|
||||
image: gitlab/gitlab-ce:17.9.0-ce.0
|
||||
container_name: gitlab
|
||||
restart: always
|
||||
hostname: "gitlab.gnous.eu"
|
||||
|
|
@ -48,12 +48,16 @@ services:
|
|||
# Web
|
||||
- "traefik.http.services.gitlab-gnous.loadbalancer.server.port=3005"
|
||||
- "traefik.http.routers.gitlabgnous.rule=Host(`gitlab.gnous.eu`)"
|
||||
- "traefik.http.routers.gitlabgnous.tls=true"
|
||||
- "traefik.http.routers.gitlabgnous.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.gitlabgnous.entrypoints=websecure"
|
||||
- "traefik.http.routers.gitlabgnous.service=gitlab-gnous"
|
||||
- "traefik.http.routers.gitlabgnous.middlewares=proxyHeader@file,proxyError@file"
|
||||
# Registry
|
||||
- "traefik.http.services.registry-gnous.loadbalancer.server.port=3006"
|
||||
- "traefik.http.routers.registrygnous.rule=Host(`pkg.gnous.eu`)"
|
||||
- "traefik.http.routers.registrygnous.tls=true"
|
||||
- "traefik.http.routers.registrygnous.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.registrygnous.entrypoints=websecure"
|
||||
- "traefik.http.routers.registrygnous.service=registry-gnous"
|
||||
- "traefik.http.routers.registrygnous.middlewares=proxyHeader@file,proxyError@file"
|
||||
|
|
@ -61,8 +65,4 @@ services:
|
|||
- "traefik.tcp.routers.gitlabssh.entrypoints=sshgitlab"
|
||||
- "traefik.tcp.routers.gitlabssh.rule=HostSNI(`*`)"
|
||||
- "traefik.tcp.routers.gitlabssh.service=gitlab-ssh"
|
||||
- "traefik.tcp.services.gitlab-ssh.loadbalancer.server.address=gitlab:3007"
|
||||
- "traefik.tcp.services.gitlab-ssh.loadbalancer.serversTransport=gitlabtransport"
|
||||
|
||||
# Define ServersTransport
|
||||
- "traefik.tcp.serversTransports.gitlabtransport.terminationDelay=0"
|
||||
- "traefik.tcp.services.gitlab-ssh.loadbalancer.server.port=3007"
|
||||
|
|
|
|||
|
|
@ -13,4 +13,6 @@ services:
|
|||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.gnousdoteu.entryPoints=websecure"
|
||||
- "traefik.http.routers.gnousdoteu.rule=Host(`gnous.eu`)"
|
||||
- "traefik.http.routers.gnousdoteu.tls=true"
|
||||
- "traefik.http.routers.gnousdoteu.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.gnousdoteu.middlewares=proxyHeader@file,proxyError@file"
|
||||
|
|
|
|||
|
|
@ -33,6 +33,8 @@ services:
|
|||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.mastodon-web.entrypoints=websecure"
|
||||
- "traefik.http.routers.mastodon-web.rule=Host(`toot.gnous.eu`)"
|
||||
- "traefik.http.routers.mastodon-web.tls=true"
|
||||
- "traefik.http.routers.mastodon-web.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.mastodon-web.middlewares=proxyHeader@file,proxyError@file"
|
||||
# Cron
|
||||
- "ofelia.enabled=true"
|
||||
|
|
@ -62,6 +64,9 @@ services:
|
|||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.mastodon-streaming.entrypoints=websecure"
|
||||
- "traefik.http.routers.mastodon-streaming.rule=(Host(`toot.gnous.eu`) && PathPrefix(`/api/v1/streaming`))"
|
||||
- "traefik.http.routers.mastodon-streaming.tls.certresolver=letsencrypt"
|
||||
- "traefik.http.routers.mastodon-streaming.tls=true"
|
||||
- "traefik.http.routers.mastodon-streaming.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.mastodon-streaming.middlewares=proxyHeader@file,proxyError@file"
|
||||
|
||||
sidekiq:
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@ services:
|
|||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
env_file:
|
||||
- path: .env
|
||||
required: false
|
||||
- .env
|
||||
environment:
|
||||
- BIND_IP=10.100.2.3
|
||||
|
|
|
|||
|
|
@ -24,6 +24,8 @@ services:
|
|||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.vaultwarden.entryPoints=websecure"
|
||||
- "traefik.http.routers.vaultwarden.rule=Host(`pass.gnous.eu`)"
|
||||
- "traefik.http.routers.vaultwarden.tls=true"
|
||||
- "traefik.http.routers.vaultwarden.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.vaultwarden.middlewares=proxyHeader@file,proxyError@file"
|
||||
restart: always
|
||||
volumes:
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ volumes:
|
|||
|
||||
services:
|
||||
server:
|
||||
image: woodpeckerci/woodpecker-server:v3.2.0
|
||||
image: woodpeckerci/woodpecker-server:v3.1.0
|
||||
container_name: woodpecker_server
|
||||
environment:
|
||||
- WOODPECKER_OPEN=true
|
||||
|
|
@ -40,6 +40,8 @@ services:
|
|||
# web server
|
||||
- "traefik.http.services.woodpecker-service-gnous.loadbalancer.server.port=4001"
|
||||
- "traefik.http.routers.woodpeckergnous.rule=Host(`cicd.gnous.eu`)"
|
||||
- "traefik.http.routers.woodpeckergnous.tls=true"
|
||||
- "traefik.http.routers.woodpeckergnous.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.woodpeckergnous.entrypoints=websecure"
|
||||
- "traefik.http.routers.woodpeckergnous.service=woodpecker-service-gnous"
|
||||
- "traefik.http.routers.woodpeckergnous.middlewares=proxyHeader@file,proxyError@file"
|
||||
|
|
@ -47,6 +49,8 @@ services:
|
|||
- "traefik.http.services.woodpecker-grpc-gnous.loadbalancer.server.port=4002"
|
||||
- "traefik.http.services.woodpecker-grpc-gnous.loadbalancer.server.scheme=h2c"
|
||||
- "traefik.http.routers.woodpecker-grpc-gnous.rule=Host(`grpc.cicd.gnous.eu`)"
|
||||
- "traefik.http.routers.woodpecker-grpc-gnous.tls=true"
|
||||
- "traefik.http.routers.woodpecker-grpc-gnous.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.woodpecker-grpc-gnous.entrypoints=websecure"
|
||||
- "traefik.http.routers.woodpecker-grpc-gnous.service=woodpecker-grpc-gnous"
|
||||
- "traefik.http.routers.woodpecker-grpc-gnous.middlewares=woodpecker-grpc-redirect@docker"
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ services:
|
|||
env_file:
|
||||
- path: ./core.env
|
||||
- path: ./.env
|
||||
required: false
|
||||
core:
|
||||
image: ghcr.io/mbecker20/komodo:${COMPOSE_KOMODO_IMAGE_TAG:-latest}
|
||||
restart: unless-stopped
|
||||
|
|
@ -33,7 +32,6 @@ services:
|
|||
env_file:
|
||||
- path: ./core.env
|
||||
- path: ./.env
|
||||
required: false
|
||||
environment:
|
||||
KOMODO_DATABASE_ADDRESS: mongo:27017
|
||||
KOMODO_DATABASE_USERNAME: ${DB_USERNAME}
|
||||
|
|
@ -45,6 +43,8 @@ services:
|
|||
- "traefik.http.routers.komodo.entryPoints=websecure"
|
||||
- "traefik.http.routers.komodo.rule=Host(`deploy.net.enpls.org`)"
|
||||
- "traefik.http.routers.komodo.tls=true"
|
||||
- "traefik.http.routers.komodo.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.komodo.middlewares=proxyHeader@file,proxyError@file"
|
||||
- "komodo.skip:"
|
||||
|
||||
periphery:
|
||||
|
|
@ -59,7 +59,6 @@ services:
|
|||
env_file:
|
||||
- path: ./core.env
|
||||
- path: ./.env
|
||||
required: false
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- /proc:/proc
|
||||
|
|
|
|||
|
|
@ -6,8 +6,7 @@ services:
|
|||
volumes:
|
||||
- db:/var/lib/postgresql/data
|
||||
env_file:
|
||||
- path: .env
|
||||
required: false
|
||||
- .env
|
||||
environment:
|
||||
POSTGRES_USER: semaphore
|
||||
POSTGRES_DB: semaphore
|
||||
|
|
@ -17,8 +16,7 @@ services:
|
|||
- 8085:3000
|
||||
image: semaphoreui/semaphore:v2.12.14
|
||||
env_file:
|
||||
- path: .env
|
||||
required: false
|
||||
- .env
|
||||
environment:
|
||||
SEMAPHORE_DB_USER: semaphore
|
||||
SEMAPHORE_DB_HOST: postgres
|
||||
|
|
@ -33,6 +31,8 @@ services:
|
|||
- "traefik.enable=true"
|
||||
- "traefik.http.services.semaphore-service.loadbalancer.server.port=8085"
|
||||
- "traefik.http.routers.semaphore.rule=Host(`semaphore.net.enpls.org`)"
|
||||
- "traefik.http.routers.semaphore.tls=true"
|
||||
- "traefik.http.routers.semaphore.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.semaphore.entrypoints=websecure"
|
||||
- "traefik.http.routers.semaphore.service=semaphore-service"
|
||||
- "traefik.http.routers.semaphore.middlewares=proxyHeader@file,proxyError@file"
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@ services:
|
|||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
env_file:
|
||||
- path: .env
|
||||
required: false
|
||||
- .env
|
||||
environment:
|
||||
- BIND_IP=10.100.2.5
|
||||
|
|
|
|||
|
|
@ -2,8 +2,7 @@ services:
|
|||
db:
|
||||
image: postgres:17
|
||||
env_file:
|
||||
- path: .env
|
||||
required: false
|
||||
- .env
|
||||
logging:
|
||||
driver: "none"
|
||||
restart: unless-stopped
|
||||
|
|
@ -19,8 +18,7 @@ services:
|
|||
DB_HOST: db
|
||||
DB_PORT: 5432
|
||||
env_file:
|
||||
- path: .env
|
||||
required: false
|
||||
- .env
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "8082:3000"
|
||||
|
|
@ -28,6 +26,8 @@ services:
|
|||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.wikijs.entryPoints=websecure"
|
||||
- "traefik.http.routers.wikijs.rule=Host(`doc.net.enpls.org`)"
|
||||
- "traefik.http.routers.wikijs.tls=true"
|
||||
- "traefik.http.routers.wikijs.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.wikijs.middlewares=proxyHeader@file,proxyError@file"
|
||||
|
||||
volumes:
|
||||
|
|
|
|||
|
|
@ -12,8 +12,7 @@ services:
|
|||
- WOODPECKER_GRPC_SECURE=true
|
||||
- WOODPECKER_GRPC_VERIFY=true
|
||||
env_file:
|
||||
- path: .env
|
||||
required: false
|
||||
- .env
|
||||
restart: always
|
||||
volumes:
|
||||
- agent:/etc/woodpecker
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ volumes:
|
|||
|
||||
services:
|
||||
server:
|
||||
image: woodpeckerci/woodpecker-server:v3.2.0
|
||||
image: woodpeckerci/woodpecker-server:v3.1.0
|
||||
container_name: woodpecker_server
|
||||
environment:
|
||||
- WOODPECKER_OPEN=false
|
||||
|
|
@ -24,10 +24,8 @@ services:
|
|||
- WOODPECKER_GITEA=true
|
||||
- WOODPECKER_GITEA_URL=https://git.gnous.eu
|
||||
- WOODPECKER_DATABASE_DRIVER=postgres
|
||||
- WOODPECKER_PLUGINS_PRIVILEGED=woodpeckerci/plugin-docker-buildx:5.2
|
||||
env_file:
|
||||
- path: .env
|
||||
required: false
|
||||
- .env
|
||||
restart: always
|
||||
networks:
|
||||
- woodpecker
|
||||
|
|
@ -41,6 +39,8 @@ services:
|
|||
# web server
|
||||
- "traefik.http.services.woodpecker-service.loadbalancer.server.port=8083"
|
||||
- "traefik.http.routers.woodpecker.rule=Host(`build.net.enpls.org`)"
|
||||
- "traefik.http.routers.woodpecker.tls=true"
|
||||
- "traefik.http.routers.woodpecker.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.woodpecker.entrypoints=websecure"
|
||||
- "traefik.http.routers.woodpecker.service=woodpecker-service"
|
||||
- "traefik.http.routers.woodpecker.middlewares=proxyHeader@file,proxyError@file"
|
||||
|
|
@ -48,6 +48,8 @@ services:
|
|||
- "traefik.http.services.woodpecker-grpc.loadbalancer.server.port=8084"
|
||||
- "traefik.http.services.woodpecker-grpc.loadbalancer.server.scheme=h2c"
|
||||
- "traefik.http.routers.woodpecker-grpc-secure.rule=Host(`grpc.build.net.enpls.org`)"
|
||||
- "traefik.http.routers.woodpecker-grpc-secure.tls=true"
|
||||
- "traefik.http.routers.woodpecker-grpc-secure.tls.certresolver=defaultacme"
|
||||
- "traefik.http.routers.woodpecker-grpc-secure.entrypoints=websecure"
|
||||
- "traefik.http.routers.woodpecker-grpc-secure.service=woodpecker-grpc"
|
||||
- "traefik.http.routers.woodpecker-grpc.middlewares=woodpecker-grpc-redirect@docker"
|
||||
|
|
@ -59,8 +61,7 @@ services:
|
|||
image: postgres:17-alpine
|
||||
restart: always
|
||||
env_file:
|
||||
- path: .env
|
||||
required: false
|
||||
- .env
|
||||
networks:
|
||||
- woodpecker
|
||||
volumes:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue