Jonathan Dahan
2 years ago
parent
710d9d5476
commit
87e9c7ff84
@ -0,0 +1,20 @@
|
||||
version: "3.7"
|
||||
|
||||
services:
|
||||
caddy:
|
||||
build: ./caddy
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
- "443:443/udp"
|
||||
volumes:
|
||||
- $PWD/Caddyfile:/etc/caddy/Caddyfile
|
||||
- $PWD/site:/srv
|
||||
- caddy_data:/data
|
||||
- caddy_config:/config
|
||||
|
||||
volumes:
|
||||
caddy_data:
|
||||
external: true
|
||||
caddy_config:
|
||||
@ -0,0 +1,8 @@
|
||||
FROM caddy:latest-builder AS builder
|
||||
|
||||
RUN xcaddy build \
|
||||
--with github.com/mholt/caddy-webdav
|
||||
|
||||
FROM caddy:latest
|
||||
|
||||
COPY --from=builder /usr/bin/caddy /usr/bin/caddy
|
||||
@ -1,4 +0,0 @@
|
||||
redo-ifchange xcaddy
|
||||
|
||||
./xcaddy build --output $3 \
|
||||
--with github.com/mholt/caddy-webdav
|
||||
@ -1,17 +0,0 @@
|
||||
ARCH=arm64
|
||||
OS=mac
|
||||
|
||||
# get the latest version
|
||||
curl --silent https://api.github.com/repos/caddyserver/xcaddy/releases/latest \
|
||||
| grep browser_download_url \
|
||||
| cut -d : -f 2,3 \
|
||||
| tr -d \" \
|
||||
| grep $ARCH \
|
||||
| grep $OS \
|
||||
> .latest_download
|
||||
|
||||
redo-ifchange .latest_download
|
||||
curl --location --silent $(cat .latest_download) \
|
||||
| tar xf - -O xcaddy > $3
|
||||
|
||||
chmod +x $3
|
||||
@ -0,0 +1,42 @@
|
||||
## Services
|
||||
|
||||
Each of these yaml files define a service to be run via docker/podman compose.
|
||||
|
||||
Any supporting files are in the corresponding folder.
|
||||
|
||||
Each service should be self-contained, and optional.
|
||||
|
||||
### Required Services
|
||||
|
||||
#### Backup
|
||||
|
||||
we have a backup script that uses duplicity, this should be moved into a container, and set to run periodically
|
||||
|
||||
#### Caddy
|
||||
|
||||
caddy is the web server, and handles https certificates, and proxying to all the services.
|
||||
|
||||
#### Zitadel
|
||||
|
||||
zitadel lets you have a single username and password to sign on to all your services.
|
||||
|
||||
### Optional Services
|
||||
|
||||
#### Web
|
||||
|
||||
Optional - static web hosting + webDAV. WebDAV is the easiest way for people to edit websites,
|
||||
without having to sync anything.
|
||||
|
||||
### Adding a new service
|
||||
|
||||
There are three things to think about when adding a service:
|
||||
|
||||
1. How to enable sign-in with zitadel?
|
||||
|
||||
Generally, zitadel has some cli commands that we have put in scripts in the zitadel folder.
|
||||
|
||||
2. How to expose as a subdomain in caddy?
|
||||
|
||||
You will want to make a Caddyfile, which will get mounted by the Caddy compose file.
|
||||
|
||||
|
||||
@ -0,0 +1 @@
|
||||
This is the web service - it hosts static files, and a webDAV server that can make it easy to edit
|
||||
@ -1,7 +0,0 @@
|
||||
DIRNAME="$(dirname $0)"
|
||||
cd "$DIRNAME"
|
||||
|
||||
redo-ifchange ../caddy/caddy
|
||||
touch $3
|
||||
|
||||
../caddy/caddy run
|
||||
@ -0,0 +1,36 @@
|
||||
version: '3.8'
|
||||
|
||||
services:
|
||||
zitadel:
|
||||
restart: 'always'
|
||||
networks:
|
||||
- 'zitadel'
|
||||
image: 'ghcr.io/zitadel/zitadel:latest'
|
||||
command: 'start-from-init --masterkey "6cd52ccbc4da912319f0fdc016d68575dd391bd932ebdc045c89b2dce9e90315" --tlsMode disabled'
|
||||
environment:
|
||||
- 'ZITADEL_DATABASE_COCKROACH_HOST=crdb'
|
||||
- 'ZITADEL_EXTERNALSECURE=false'
|
||||
depends_on:
|
||||
crdb:
|
||||
condition: 'service_healthy'
|
||||
ports:
|
||||
- '8123:8080'
|
||||
|
||||
crdb:
|
||||
restart: 'always'
|
||||
networks:
|
||||
- 'zitadel'
|
||||
image: 'cockroachdb/cockroach:v22.2.2'
|
||||
command: 'start-single-node --insecure'
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost:8080/health?ready=1"]
|
||||
interval: '10s'
|
||||
timeout: '30s'
|
||||
retries: 5
|
||||
start_period: '20s'
|
||||
ports:
|
||||
- '9090:8080'
|
||||
- '26257:26257'
|
||||
|
||||
networks:
|
||||
zitadel:
|
||||
Loading…
Reference in new issue