commit 0eb061589f48d6a9c00abeaa71bf6efbb1b15a8f Author: spinach Date: Sun Feb 23 06:07:28 2025 -0500 base docker config with secrets 'extracted'. moving to local files and file system management to simplify backup process and 'build' diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..7afdd19 --- /dev/null +++ b/.gitignore @@ -0,0 +1,7 @@ +# blocks private configurations +priv/ +!priv/readme.md + +# blocks local docker volumes +volumes/ +!volumes/readme.md diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..98426b3 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "website"] + path = website + url = https://git.keegandeppe.com/kdeppe/website diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..e6e6509 --- /dev/null +++ b/Makefile @@ -0,0 +1,5 @@ +fetch: + git submodule update --init --recursive + +build: fetch + cd website; hugo diff --git a/caddy/Caddyfile b/caddy/Caddyfile new file mode 100644 index 0000000..b187df7 --- /dev/null +++ b/caddy/Caddyfile @@ -0,0 +1,17 @@ +keegandeppe.com { + root * /srv/keegan + file_server +} + +seafile.keegandeppe.com { + reverse_proxy seafile +} + +git.keegandeppe.com { + reverse_proxy gitea +} + +resume.noa.fish { + root * /static/fish + file_server +} diff --git a/config/env b/config/env new file mode 100644 index 0000000..01fd7ce --- /dev/null +++ b/config/env @@ -0,0 +1,9 @@ +SEAFILE_DB_HOST="mysql" +SEAFILE_DB_PASSWORD="" +TIME_ZONE="America/New_York" +SEAFILE_ADMIN_EMAIL="" +SEAFILE_ADMIN_PASSWORD="" +SEAFILE_SERVER_LETSENCRYPT="false" +SEAFILE_SERVER_HOSTNAME="" +FORCE_HTTPS_IN_CONF="true" +SEAFILE_NON_ROOT="true" diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..43e7969 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,95 @@ +services: + caddy: + image: caddy + restart: unless-stopped + ports: + - "80:80" + - "443:443" + - "443:443/udp" + networks: + auth + caddy + volumes: + - caddy/Caddyfile:/etc/caddy/Caddyfile + - ./website/public:/srv/keegan + - ./fish:/srv/fish + - caddy_data:/data + - caddy_config:/config + + gitea: + image: gitea/gitea + environment: + - USER_UID=1000 + - USER_GID=1000 + restart: always + networks: + - gitea + - caddy + volumes: + - gitea:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + # allows ssh pushing via locally stored keys + - /home/git/.ssh:/data/git/.ssh + ports: + - "127.0.0.1:2222:22" + + postgres: + image: postgresql:latest + env-file: "priv/env" + networks: + postgres: + + mariadb: + image: mariadb:10.11 + container_name: seafile-mysql + environment: + # - MYSQL_ROOT_PASSWORD=8RK5bG4u4Xbthp9Zr9kQ # Requested, set the root's password of MySQL service. + - MYSQL_ROOT_PASSWORD=${SEAFILE_DB_PASS} + - MYSQL_LOG_CONSOLE=true + volumes: + - /opt/seafile-mysql/db:/var/lib/mysql + networks: + - seafile-net + + memcached: + image: memcached:1.6.18 + container_name: seafile-memcached + entrypoint: memcached -m 256 + networks: + - seafile-net + + seafile: + image: seafileltd/seafile-mc:10.0-latest + container_name: seafile + volumes: + - /opt/seafile-mysql:/shared + env-file: "priv/env" + environment: + - DB_HOST=seafile-db + - DB_ROOT_PASSWD=${SEAFILE_DB_PASSWORD} + depends_on: + - db + - memcached + networks: + - seafile-net + - caddy + +volumes: + gitea: + caddy_data: + caddy_config: + + +networks: + gitea-net: + external: false + seafile-net: + external: false + caddy: + external: false + driver: bridge + auth: + external: true + postgres: + external: false diff --git a/fish/resume.pdf b/fish/resume.pdf new file mode 100644 index 0000000..20efcc2 Binary files /dev/null and b/fish/resume.pdf differ