micro
/
woodbine.nyc
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
woodbine.nyc/services
History
Jonathan Dahan 9e0e117aa0
Specify latest version of zitadel and docker-duplicity 		1 year ago
..
auth mess with ports 2 years ago
backup Try adding forward_auth with webdav 2 years ago
git Add gitea 1 year ago
mail Change naming scheme, try adding zitadel and roundcube and smtp 2 years ago
proxy Change naming scheme, try adding zitadel and roundcube and smtp 2 years ago
secrets paths 2 years ago
testing Change naming scheme, try adding zitadel and roundcube and smtp 2 years ago
web Fix format of caddyfile 1 year ago
auth.yaml Specify latest version of zitadel and docker-duplicity 1 year ago
backup.yaml Specify latest version of zitadel and docker-duplicity 1 year ago
git.yaml Remove obsolete version number in compose yaml 1 year ago
mail.yaml Remove obsolete version number in compose yaml 1 year ago
proxy.yaml Remove obsolete version number in compose yaml 1 year ago
readme.md point docs to zitadel 1 year ago
secrets.yaml Remove obsolete version number in compose yaml 1 year ago
web.yaml Remove obsolete version number in compose yaml 1 year ago

readme.md

Services

Each of these yaml files define a service to be run via docker/podman compose.

Any supporting files are in the corresponding folder.

Each service should be self-contained.

Required Services

Backup

we have a backup script that uses duplicity, this should be moved into a container, and set to run periodically

Caddy

caddy is the web server, and handles https certificates, and proxying to all the services.

Zitadel

zitadel lets you have a single username and password to sign on to all your services.

Optional Services

Web

Static web hosting, edit using webDAV. WebDAV is the easiest way for people to edit websites, without having to sync anything.

Adding a new service

There are three things to think about when adding a service:

  1. How to enable sign-on?

Look at https://www.authelia.com/integration/openid-connect/introduction/ for integration guides.

  1. How to expose as a subdomain?

Add a volume mount of your reverse proxy config to your compose file.

# in the services: part of your compose file
caddy:
  volumes:
    - ./some-service/Proxyfile:/etc/caddy.d/some-service

# Proxyfile looks something like
someservice.{$DOMAIN} {
  reverse_proxy someservice:4321
}
  1. How will this be backed up and restored?

For plain files, add the appropriate volume mount like so:

# in the services: part of your compose file
backup:
  volumes:
    - ../data/some-service:/mnt/backup/src/some-service:ro

This will be backed up according to the plan in the backup service

For postgres databases, we are figuring out the best way

  1. How do we manage secrets?

If your service requires secrets, you can use docker secrets, and have them generated on startup as follows:

# in the services: part of your compose file
some-service:
  depends_on:
    - secrets
    
secrets:
  volumes:
    - ../secrets/some-service/SECRET_TO_INITIALIZE_IF_EMPTY:/secrets/some-service/SECRET_TO_INITIALIZE_IF_EMPTY