#
# docker-compose localdomain services
# (C) Copyright 2023, John Ryland.
# All rights reserved.
#
# This file is intended to by run with
# docker-compose from the Jenkins Build
#
# ====================================
# Configuring outside access to server
# ====================================
# no-ip - signed up for dynamic-DNS entry for 'invertedlogic.ddns.net'
# iinet - port blocking disabled (allows 443 through)
# Router - virtual-server - forward port 443 to nuc (as 443)
# Router - blackhole ports 25, 80, 135, 139, 445 (send to null host on unused port)
# Router - configure dynamic-DNS to login to no-ip account to update the entry
# ---------
# Only outside access using https will be allowed through
# ---------
#
# Need to add to trusted-domains nextcloud.invertedlogic.ddns.net:
# sudo vi /media/Data/Containers/NextCloud/config/config.php
#
# Getting HTTPS certificates:
# sudo certbot certonly --nginx
# select all that apply
#
# ================================================================
# PORTS - Router | Host | Container | nginx | SSL | Tested
# ================================================================
# www - Y 443 - direct YES YES
# nextcloud - Y 8000 80 proxy YES YES
# jenkins - Y 8010
# pihole - Y 8020 80
# portainer - Y 8030 9000
# open-project - Y 8040 80 proxy NO
# cockpit - Y 8050 9092 proxy NO
# code-server - Y 8443 8443 YES
# minecraft - N 25565 25565
services:
cockpit-ws:
image: cockpit-ws:latest
container_name: cockpit-ws
hostname: cockpit.localdomain
restart: always
privileged: true
volumes:
# Authentication
- /etc/passwd:/etc/passwd:ro
- /etc/group:/etc/group:ro
- /etc/shadow:/etc/shadow:ro
# Docker access
- /var/run/docker.sock:/var/run/docker.sock
# Dummy home directories
- /media/Data/Containers/Cockpit/home:/home
ports:
- "8050:9092"
nextcloud:
image: nextcloud:latest
container_name: nextcloud
hostname: nextcloud.localdomain
restart: always
volumes:
- /media/Data/Containers/NextCloud:/var/www/html
ports:
- "8000:80"
pihole:
image: pihole/pihole:latest
container_name: pihole
hostname: pihole.localdomain
restart: always
environment:
TZ: 'Australia/Brisbane'
FTLCONF_webserver_api_password: 'killeres'
FTLCONF_dns_listeningMode: 'ALL'
volumes:
- /media/Data/Containers/PiHole:/etc/pihole
ports:
- "8020:80"
# - "9443:443"
# DNS:
#- "53:53/tcp"
#- "53:53/udp"
# Uncomment the line below if you are using Pi-hole as your NTP server
#- "123:123/udp"
portainer:
image: portainer/portainer-ce:latest
container_name: portainer-ce
hostname: portainer.localdomain
restart: always
volumes:
# Authentication
- /etc/passwd:/etc/passwd:ro
- /etc/group:/etc/group:ro
- /etc/shadow:/etc/shadow:ro
# Docker access
- /var/run/docker.sock:/var/run/docker.sock
# Data
- /media/Data/Containers/Portainer:/data
ports:
- "8030:9000"
open-project:
image: openproject/community:latest
container_name: open-project
restart: always
volumes:
- /media/Data/Containers/OpenProject/static:/var/openproject/assets
- /media/Data/Containers/OpenProject/pgdata:/var/openproject/pgdata
ports:
- "8040:80"
code-server:
image: lscr.io/linuxserver/code-server:latest
container_name: code-server
restart: always
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
- PASSWORD=password #optional
- HASHED_PASSWORD= #optional
- SUDO_PASSWORD=password #optional
- SUDO_PASSWORD_HASH= #optional
- PROXY_DOMAIN=code-server.localdomain #optional
- DEFAULT_WORKSPACE=/config/workspace #optional
volumes:
- /media/Data/Containers/CodeServer/config:/config
ports:
- "8060:8443"
minecraft:
image: itzg/minecraft-server
container_name: minecraft
restart: always
deploy:
resources:
limits:
memory: 1.5G
environment:
EULA: "TRUE"
VERSION: "latest"
TYPE: "VANILLA"
volumes:
- /media/Data/Containers/Minecraft:/data
ports:
- "25565:25565"
