132 lines
3.8 KiB
YAML
132 lines
3.8 KiB
YAML
name: servnest
|
|
services:
|
|
tor:
|
|
extends:
|
|
file: base.yaml
|
|
service: base
|
|
build:
|
|
dockerfile: tor.Containerfile
|
|
volumes:
|
|
- ./conf/torrc:/etc/tor/torrc:ro
|
|
- ./data/tor-config/:/srv/servnest/tor-config/:ro
|
|
- ./data/tor-keys/:/srv/servnest/tor-keys/:rw
|
|
- ./sock/tor-client/:/run/tor-client/:rw
|
|
- ./sock/tor-control/:/run/tor-control/:rw
|
|
- ./sock/nginx-onion/:/run/nginx-onion/:rw
|
|
- ./tmp/tor/:/var/lib/:rw
|
|
mem_limit: 128m
|
|
sftpgo:
|
|
extends:
|
|
file: base.yaml
|
|
service: base
|
|
build:
|
|
dockerfile: sftpgo.Containerfile
|
|
args:
|
|
SFTPGO: $SFTPGO
|
|
ports:
|
|
- "[::1]:42022:42022/tcp"
|
|
links:
|
|
- nginx:servnest.test
|
|
volumes:
|
|
- ./conf/sftpgo.toml:/etc/sftpgo/sftpgo.toml:ro
|
|
- ./data/ht/fs/:/srv/servnest/ht/fs/:rw
|
|
- ./logs/sftpgo/:/var/log/sftpgo/:rw
|
|
mem_limit: 256mb
|
|
knot:
|
|
extends:
|
|
file: base.yaml
|
|
service: base
|
|
build:
|
|
dockerfile: knot.Containerfile
|
|
ports:
|
|
- "[::1]:42053:42053/udp"
|
|
- "[::1]:42053:42053/tcp"
|
|
volumes:
|
|
- ./data/reg/:/srv/servnest/reg/:rw
|
|
- ./data/ns/:/srv/servnest/ns/:rw
|
|
- ./data/knot/:/var/lib/knot/:rw
|
|
- ./sock/knot/:/run/knot/:rw
|
|
apache:
|
|
extends:
|
|
file: base.yaml
|
|
service: base
|
|
build:
|
|
dockerfile: apache.Containerfile
|
|
volumes:
|
|
- ./conf/apache/:/etc/apache2/:ro
|
|
- ./conf/http-messages/:/srv/servnest/ht/http-messages/:ro
|
|
- ./data/ht/:/srv/servnest/ht/:ro
|
|
- ./logs/apache/:/var/log/apache2/:rw
|
|
php:
|
|
extends:
|
|
file: base.yaml
|
|
service: base
|
|
build:
|
|
dockerfile: php.Containerfile
|
|
group_add:
|
|
- knot
|
|
- tor
|
|
links:
|
|
- nginx:servnest.test
|
|
- nginx:ht.servnest.test
|
|
- sftpgo:sftp.servnest.test
|
|
volumes:
|
|
- ./core/:/srv/servnest/core/:ro
|
|
- ./core/db/:/srv/servnest/core/db/:rw
|
|
- ./conf/php.ini:/etc/php82/conf.d/servnest.ini:ro
|
|
- ./conf/php-fpm.conf:/etc/php83/php-fpm.d/servnest.conf:ro
|
|
- ./conf/sudoers:/etc/sudoers.d/servnest:ro
|
|
- ./conf/certbot.ini:/etc/letsencrypt/servnest.ini:ro
|
|
- ./conf/certbot-deploy-hook.sh:/root/certbot-deploy-hook.sh:ro
|
|
- ./data/reg/:/srv/servnest/reg/:rw
|
|
- ./data/ns/:/srv/servnest/ns/:rw
|
|
- ./data/ht/fs/:/srv/servnest/ht/fs/:rw
|
|
- ./data/ht/uri/:/srv/servnest/ht/uri/:rw
|
|
- ./data/tor-config/:/srv/servnest/tor-config/:rw
|
|
- ./data/tor-keys/:/srv/servnest/tor-keys/:rw
|
|
- ./data/certbot/:/etc/letsencrypt/:rw
|
|
- ./sock/php/:/run/php-fpm/:rw
|
|
- ./sock/tor-client/:/run/tor-client/:rw
|
|
- ./sock/tor-control/:/run/tor-control/:rw
|
|
- ./sock/knot/:/run/knot/:rw
|
|
- ./logs/php/:/var/log/php83/:rw
|
|
- ./logs/certbot/:/var/log/letsencrypt/:rw
|
|
- ./tmp/acme/:/srv/servnest/acme/:rw
|
|
- ./tmp/certbot/:/var/lib/letsencrypt/:rw
|
|
mem_limit: 256mb
|
|
# For sudo
|
|
security_opt:
|
|
- no-new-privileges:false
|
|
cap_add:
|
|
- SETUID
|
|
- SETGID
|
|
- CHOWN
|
|
cronie:
|
|
extends:
|
|
service: php
|
|
build:
|
|
dockerfile: cronie.Containerfile
|
|
volumes:
|
|
- ./conf/cronie:/etc/cron.d/servnest:ro
|
|
- ./logs/cronie/:/var/log/cronie/:rw
|
|
nginx:
|
|
extends:
|
|
file: base.yaml
|
|
service: base
|
|
build:
|
|
dockerfile: nginx.Containerfile
|
|
ports:
|
|
- "[::1]:42080:42080/tcp"
|
|
- "[::1]:42443:42443/tcp"
|
|
depends_on:
|
|
- apache
|
|
volumes:
|
|
- ./core/:/srv/servnest/core/:ro
|
|
- ./conf/nginx/:/etc/nginx/:ro
|
|
- ./data/certbot/live/:/etc/letsencrypt/live/:ro
|
|
- ./data/certbot/archive/:/etc/letsencrypt/archive/:ro
|
|
- ./sock/php/:/run/php-fpm/:rw
|
|
- ./sock/nginx-onion/:/run/nginx-onion/:rw
|
|
- ./logs/nginx/:/var/lib/nginx/logs/:rw
|
|
- ./tmp/nginx/:/var/lib/nginx/tmp/:rw
|
|
- ./tmp/acme/:/srv/servnest/acme/:ro
|