Added swarm stack files

stacks/gitea.yml

@@ -0,0 +1,66 @@
+version: '3'
+
+services:
+    app:
+        # Latest contains a development version
+        image: 'gitea/gitea:1.15.7'
+        
+        deploy:
+          mode: 'replicated'
+          replicas: 1
+          placement:
+            constraints:
+              - 'node.labels.class==gitea'
+          labels:
+            - 'traefik.enable=true'
+            - 'traefik.http.routers.gitea.rule=Host(`git.rustybever.be`)'
+            - 'traefik.http.routers.gitea.tls=true'
+            - 'traefik.http.routers.gitea.tls.certresolver=letsEncrypt'
+            - 'traefik.http.services.gitea.loadbalancer.server.port=3000'
+                
+        environment:
+            - 'DB_TYPE=postgres'
+            - 'DB_HOST=db:5432'
+            - 'DB_NAME=gitea'
+            - 'DB_USER=gitea'
+            - 'DB_PASSWD=gitea'
+            - 'LFS_START_SERVER=true'
+            - 'DISABLE_REGISTRATION=true'
+        networks:
+            - 'default'
+            - 'public'
+        ports:
+            - '22:22'
+        volumes:
+            - 'data:/data'
+            - 'repos:/data/git/repositories'
+            - 'lfs:/data/git/lfs'
+            - '/etc/timezone:/etc/timezone:ro'
+            - '/etc/localtime:/etc/localtime:ro'
+
+    db:
+        image: 'postgres:14.1-alpine'
+        
+        deploy:
+          mode: 'replicated'
+          replicas: 1
+          placement:
+            constraints:
+              - 'node.labels.class==gitea'
+
+        environment:
+            - 'POSTGRES_USER=gitea'
+            - 'POSTGRES_PASSWORD=gitea'
+            - 'POSTGRES_DB=gitea'
+        volumes:
+            - 'db-data:/var/lib/postgresql/data'
+
+networks:
+    public:
+        external: true
+
+volumes:
+  data:
+  db-data:
+  repos:
+  lfs:

stacks/matrix.yml

@@ -0,0 +1,153 @@
+# Conduit - Behind Traefik Reverse Proxy
+version: '3.4'
+
+services:
+  # ====MATRIX SERVER=====
+  conduit:
+    image: 'matrixconduit/matrix-conduit:next'
+
+    deploy:
+      mode: 'replicated'
+      replicas: 1
+      placement:
+        constraints:
+          - 'node.labels.class==matrix'
+      labels:
+        - 'traefik.enable=true'
+        - 'traefik.http.routers.conduit.rule=Host(`matrix.rustybever.be`)'
+        - 'traefik.http.routers.conduit.tls=true'
+        - 'traefik.http.routers.conduit.tls.certresolver=letsEncrypt'
+        - 'traefik.http.services.conduit.loadbalancer.server.port=6167'
+        - 'traefik.http.routers.conduit.middlewares=cors-headers@docker'
+        - 'traefik.http.middlewares.cors-headers.headers.accessControlAllowOriginList=*'
+        - 'traefik.http.middlewares.cors-headers.headers.accessControlAllowHeaders=Origin, X-Requested-With, Content-Type, Accept, Authorization'
+        - 'traefik.http.middlewares.cors-headers.headers.accessControlAllowMethods=GET, POST, PUT, DELETE, OPTIONS'
+
+    configs:
+      - source: conduit_v4
+        target: '/srv/conduit/conduit.toml'
+    networks:
+      - 'default'
+      - 'public'
+    volumes:
+      - 'conduit:/srv/conduit/.local/share/conduit'
+
+
+  # =====FACEBOOK MESSENGER BRIDGE=====
+  facebook:
+    image: 'dock.mau.dev/mautrix/facebook:v0.3.2'
+
+    deploy:
+      mode: 'replicated'
+      replicas: 1
+      placement:
+        constraints:
+          - 'node.labels.class==matrix'
+
+    networks:
+      - 'default'
+      - 'monitoring'
+    volumes:
+      - 'facebook:/data'
+  
+  facebook-db:
+    image: 'postgres:14.1-alpine'
+    
+    deploy:
+      mode: 'replicated'
+      replicas: 1
+      placement:
+        constraints:
+          - 'node.labels.class==matrix'
+    
+    environment:
+      - 'POSTGRES_DB=matrix_fb'
+      - 'POSTGRES_USER=matrix_fb'
+      - 'POSTGRES_PASSWORD=matrix_fb'
+    volumes:
+      - 'facebook-db:/var/lib/postgresql/data'
+
+
+  # =====SIGNAL BRIDGE=====
+  signal:
+    image: 'chewingbever/mautrix-signal:latest'
+
+    deploy:
+      mode: 'replicated'
+      replicas: 1
+      placement:
+        constraints:
+          - 'node.labels.class==matrix'
+    
+    networks:
+      - 'default'
+      - 'monitoring'
+    volumes:
+      - 'signal:/data'
+      - 'signald:/signald'
+
+  signald:
+    image: 'signald/signald:latest'
+
+    deploy:
+      mode: 'replicated'
+      replicas: 1
+      placement:
+        constraints:
+          - 'node.labels.class==matrix'
+
+    volumes:
+      - 'signald:/signald'
+
+  signal-db:
+    image: 'postgres:14.1-alpine'
+    
+    deploy:
+      mode: 'replicated'
+      replicas: 1
+      placement:
+        constraints:
+          - 'node.labels.class==matrix'
+
+    environment:
+      - 'POSTGRES_DB=matrix_signal'
+      - 'POSTGRES_USER=matrix_signal'
+      - 'POSTGRES_PASSWORD=matrix_signal'
+    volumes:
+      - 'signal-db:/var/lib/postgresql/data'
+  
+  # =====IRC BRIDGE=====
+  irc:
+    image: 'hif1/heisenbridge:1.7.1'
+    command: >
+      -c /data/config.yaml
+      http://conduit:6167
+      
+    deploy:
+      mode: 'replicated'
+      replicas: 1
+      placement:
+        constraints:
+          - 'node.labels.class==matrix'
+
+    volumes:
+      - 'irc:/data'
+
+configs:
+  conduit_v4:
+    external: true
+
+networks:
+  public:
+    external: true
+  monitoring:
+    external: true
+
+volumes:
+  conduit:
+  facebook:
+  facebook-db:
+  signal:
+  signald:
+  signal-db:
+  irc:

stacks/monitor.yml

@@ -0,0 +1,95 @@
+version: '3.4'
+
+services:
+  prometheus:
+    image: 'prom/prometheus:v2.31.1'
+    user: root
+
+    deploy:
+      mode: 'replicated'
+      replicas: 1
+
+      placement:
+        constraints:
+          - 'node.labels.class == admin'
+    
+    configs:
+      - source: prometheus_v6
+        target: /etc/prometheus/prometheus.yml
+    networks:
+      - 'default'
+      - 'monitoring'
+    volumes:
+      - 'prometheus:/prometheus'
+      - '/var/run/docker.sock:/var/run/docker.sock'
+
+  cadvisor:
+    image: 'gcr.io/cadvisor/cadvisor:v0.38.8'
+
+    deploy:
+      mode: 'global'
+        
+    networks:
+      - 'monitoring'
+    volumes:
+      - '/:/rootfs:ro'
+      - '/var/run:/var/run:ro'
+      - '/sys:/sys:ro'
+      - '/var/lib/docker:/var/lib/docker:ro'
+      - '/dev/disk:/dev/disk:ro'
+      - '/var/run/docker.sock:/var/run/docker.sock:ro'
+
+
+  grafana:
+    image: 'grafana/grafana:8.2.5'
+
+    deploy:
+      mode: 'replicated'
+      replicas: 1
+      placement:
+        constraints:
+          - 'node.labels.class == admin'
+      labels:
+        - 'traefik.enable=true'
+        - 'traefik.http.routers.grafana.rule=Host(`mon.rustybever.be`)'
+        - 'traefik.http.routers.grafana.tls=true'
+        - 'traefik.http.routers.grafana.tls.certresolver=letsEncrypt'
+        - 'traefik.http.services.grafana.loadbalancer.server.port=3000'
+
+    networks:
+      - 'default'
+      - 'public'
+    volumes:
+      - 'grafana:/var/lib/grafana'
+
+  node-exporter:
+    image: 'prom/node-exporter:v1.3.1'
+    command:
+      - '--path.procfs=/host/proc'
+      - '--path.rootfs=/rootfs'
+      - '--path.sysfs=/host/sys'
+      - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)'
+
+    deploy:
+      mode: 'global'
+
+    networks:
+      - 'monitoring'
+    volumes:
+      - '/proc:/host/proc:ro'
+      - '/sys:/host/sys:ro'
+      - '/:/rootfs:ro'
+
+configs:
+  prometheus_v6:
+    external: true
+
+networks:
+  public:
+    external: true
+  monitoring:
+    external: true
+
+volumes:
+  prometheus:
+  grafana:

stacks/rusty-bever.yml

@@ -0,0 +1,24 @@
+version: '3.4'
+
+services:
+  web:
+    image: 'chewingbever/rb-web:0.1.0'
+    
+    deploy:
+      mode: 'global'
+      labels:
+        - 'traefik.enable=true'
+        - 'traefik.http.routers.rb-web.rule=Host(`rustybever.be`) || Host(`www.rustybever.be`)'
+        - 'traefik.http.routers.rb-web.tls=true'
+        - 'traefik.http.routers.rb-web.tls.certresolver=letsEncrypt'
+        - 'traefik.http.services.rb-web.loadbalancer.server.port=80'
+
+    environment:
+      - 'MATRIX_SERVER=matrix.rustybever.be:443'
+      - 'MATRIX_CLIENT_SERVER=https://matrix.rustybever.be'
+    networks:
+      - 'public'
+
+networks:
+  public:
+    external: true