diff --git a/stacks/gitea.yml b/stacks/gitea.yml new file mode 100644 index 0000000..886a1db --- /dev/null +++ b/stacks/gitea.yml @@ -0,0 +1,66 @@ +version: '3' + +services: + app: + # Latest contains a development version + image: 'gitea/gitea:1.15.7' + + deploy: + mode: 'replicated' + replicas: 1 + placement: + constraints: + - 'node.labels.class==gitea' + labels: + - 'traefik.enable=true' + - 'traefik.http.routers.gitea.rule=Host(`git.rustybever.be`)' + - 'traefik.http.routers.gitea.tls=true' + - 'traefik.http.routers.gitea.tls.certresolver=letsEncrypt' + - 'traefik.http.services.gitea.loadbalancer.server.port=3000' + + environment: + - 'DB_TYPE=postgres' + - 'DB_HOST=db:5432' + - 'DB_NAME=gitea' + - 'DB_USER=gitea' + - 'DB_PASSWD=gitea' + - 'LFS_START_SERVER=true' + - 'DISABLE_REGISTRATION=true' + networks: + - 'default' + - 'public' + ports: + - '22:22' + volumes: + - 'data:/data' + - 'repos:/data/git/repositories' + - 'lfs:/data/git/lfs' + - '/etc/timezone:/etc/timezone:ro' + - '/etc/localtime:/etc/localtime:ro' + + db: + image: 'postgres:14.1-alpine' + + deploy: + mode: 'replicated' + replicas: 1 + placement: + constraints: + - 'node.labels.class==gitea' + + environment: + - 'POSTGRES_USER=gitea' + - 'POSTGRES_PASSWORD=gitea' + - 'POSTGRES_DB=gitea' + volumes: + - 'db-data:/var/lib/postgresql/data' + +networks: + public: + external: true + +volumes: + data: + db-data: + repos: + lfs: diff --git a/stacks/matrix.yml b/stacks/matrix.yml new file mode 100644 index 0000000..7bb7301 --- /dev/null +++ b/stacks/matrix.yml @@ -0,0 +1,153 @@ +# Conduit - Behind Traefik Reverse Proxy +version: '3.4' + +services: + # ====MATRIX SERVER===== + conduit: + image: 'matrixconduit/matrix-conduit:next' + + deploy: + mode: 'replicated' + replicas: 1 + placement: + constraints: + - 'node.labels.class==matrix' + labels: + - 'traefik.enable=true' + - 'traefik.http.routers.conduit.rule=Host(`matrix.rustybever.be`)' + - 'traefik.http.routers.conduit.tls=true' + - 'traefik.http.routers.conduit.tls.certresolver=letsEncrypt' + - 'traefik.http.services.conduit.loadbalancer.server.port=6167' + - 'traefik.http.routers.conduit.middlewares=cors-headers@docker' + - 'traefik.http.middlewares.cors-headers.headers.accessControlAllowOriginList=*' + - 'traefik.http.middlewares.cors-headers.headers.accessControlAllowHeaders=Origin, X-Requested-With, Content-Type, Accept, Authorization' + - 'traefik.http.middlewares.cors-headers.headers.accessControlAllowMethods=GET, POST, PUT, DELETE, OPTIONS' + + configs: + - source: conduit_v4 + target: '/srv/conduit/conduit.toml' + networks: + - 'default' + - 'public' + volumes: + - 'conduit:/srv/conduit/.local/share/conduit' + + + # =====FACEBOOK MESSENGER BRIDGE===== + facebook: + image: 'dock.mau.dev/mautrix/facebook:v0.3.2' + + deploy: + mode: 'replicated' + replicas: 1 + placement: + constraints: + - 'node.labels.class==matrix' + + networks: + - 'default' + - 'monitoring' + volumes: + - 'facebook:/data' + + facebook-db: + image: 'postgres:14.1-alpine' + + deploy: + mode: 'replicated' + replicas: 1 + placement: + constraints: + - 'node.labels.class==matrix' + + environment: + - 'POSTGRES_DB=matrix_fb' + - 'POSTGRES_USER=matrix_fb' + - 'POSTGRES_PASSWORD=matrix_fb' + volumes: + - 'facebook-db:/var/lib/postgresql/data' + + + # =====SIGNAL BRIDGE===== + signal: + image: 'chewingbever/mautrix-signal:latest' + + deploy: + mode: 'replicated' + replicas: 1 + placement: + constraints: + - 'node.labels.class==matrix' + + networks: + - 'default' + - 'monitoring' + volumes: + - 'signal:/data' + - 'signald:/signald' + + signald: + image: 'signald/signald:latest' + + deploy: + mode: 'replicated' + replicas: 1 + placement: + constraints: + - 'node.labels.class==matrix' + + volumes: + - 'signald:/signald' + + signal-db: + image: 'postgres:14.1-alpine' + + deploy: + mode: 'replicated' + replicas: 1 + placement: + constraints: + - 'node.labels.class==matrix' + + environment: + - 'POSTGRES_DB=matrix_signal' + - 'POSTGRES_USER=matrix_signal' + - 'POSTGRES_PASSWORD=matrix_signal' + volumes: + - 'signal-db:/var/lib/postgresql/data' + + # =====IRC BRIDGE===== + irc: + image: 'hif1/heisenbridge:1.7.1' + command: > + -c /data/config.yaml + http://conduit:6167 + + deploy: + mode: 'replicated' + replicas: 1 + placement: + constraints: + - 'node.labels.class==matrix' + + volumes: + - 'irc:/data' + +configs: + conduit_v4: + external: true + +networks: + public: + external: true + monitoring: + external: true + +volumes: + conduit: + facebook: + facebook-db: + signal: + signald: + signal-db: + irc: diff --git a/stacks/monitor.yml b/stacks/monitor.yml new file mode 100644 index 0000000..23b7990 --- /dev/null +++ b/stacks/monitor.yml @@ -0,0 +1,95 @@ +version: '3.4' + +services: + prometheus: + image: 'prom/prometheus:v2.31.1' + user: root + + deploy: + mode: 'replicated' + replicas: 1 + + placement: + constraints: + - 'node.labels.class == admin' + + configs: + - source: prometheus_v6 + target: /etc/prometheus/prometheus.yml + networks: + - 'default' + - 'monitoring' + volumes: + - 'prometheus:/prometheus' + - '/var/run/docker.sock:/var/run/docker.sock' + + cadvisor: + image: 'gcr.io/cadvisor/cadvisor:v0.38.8' + + deploy: + mode: 'global' + + networks: + - 'monitoring' + volumes: + - '/:/rootfs:ro' + - '/var/run:/var/run:ro' + - '/sys:/sys:ro' + - '/var/lib/docker:/var/lib/docker:ro' + - '/dev/disk:/dev/disk:ro' + - '/var/run/docker.sock:/var/run/docker.sock:ro' + + + grafana: + image: 'grafana/grafana:8.2.5' + + deploy: + mode: 'replicated' + replicas: 1 + placement: + constraints: + - 'node.labels.class == admin' + labels: + - 'traefik.enable=true' + - 'traefik.http.routers.grafana.rule=Host(`mon.rustybever.be`)' + - 'traefik.http.routers.grafana.tls=true' + - 'traefik.http.routers.grafana.tls.certresolver=letsEncrypt' + - 'traefik.http.services.grafana.loadbalancer.server.port=3000' + + networks: + - 'default' + - 'public' + volumes: + - 'grafana:/var/lib/grafana' + + node-exporter: + image: 'prom/node-exporter:v1.3.1' + command: + - '--path.procfs=/host/proc' + - '--path.rootfs=/rootfs' + - '--path.sysfs=/host/sys' + - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)' + + deploy: + mode: 'global' + + networks: + - 'monitoring' + volumes: + - '/proc:/host/proc:ro' + - '/sys:/host/sys:ro' + - '/:/rootfs:ro' + +configs: + prometheus_v6: + external: true + +networks: + public: + external: true + monitoring: + external: true + +volumes: + prometheus: + grafana: diff --git a/stacks/rusty-bever.yml b/stacks/rusty-bever.yml new file mode 100644 index 0000000..8fbb9ce --- /dev/null +++ b/stacks/rusty-bever.yml @@ -0,0 +1,24 @@ +version: '3.4' + +services: + web: + image: 'chewingbever/rb-web:0.1.0' + + deploy: + mode: 'global' + labels: + - 'traefik.enable=true' + - 'traefik.http.routers.rb-web.rule=Host(`rustybever.be`) || Host(`www.rustybever.be`)' + - 'traefik.http.routers.rb-web.tls=true' + - 'traefik.http.routers.rb-web.tls.certresolver=letsEncrypt' + - 'traefik.http.services.rb-web.loadbalancer.server.port=80' + + environment: + - 'MATRIX_SERVER=matrix.rustybever.be:443' + - 'MATRIX_CLIENT_SERVER=https://matrix.rustybever.be' + networks: + - 'public' + +networks: + public: + external: true