From 0faa44617873b833111bab4d039f293aca5cfa26 Mon Sep 17 00:00:00 2001
From: Faerbit <faerbit@posteo.net>
Date: Sat, 5 Mar 2022 20:28:31 +0100
Subject: [PATCH] Update test data

---
 docker-compose.yml | 139 ++++++++++++++++++++-------------------------
 1 file changed, 63 insertions(+), 76 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 421ce5f..fcbeda3 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,72 +1,83 @@
-version: '3'
-volumes:
-  certs:
-  html:
-  vhostd:
+version: '2.4'
 networks:
+  default:
   nextcloud:
   mariadb:
+  traefik:
 services:
-  nginx-proxy:
-    container_name: nginx-proxy
-    image: jwilder/nginx-proxy:alpine
+  traefik:
+    container_name: traefik
+    image: traefik:2.6
     restart: unless-stopped
     ports:
-      - 80:80
-      - 443:443
-    environment:
-      - HSTS=max-age=31536000; includeSubDomains; preload
+      - "[::]:80:80"
+      - "[::]:443:443"
     logging:
       driver: journald
+    command:
+      - "--log.level=INFO"
+      - "--providers.docker=true"
+      - "--providers.docker.exposedbydefault=false"
+      - "--providers.docker.endpoint=tcp://dockerproxy:2375"
+      - "--entrypoints.web.address=:80"
+      - "--entrypoints.web.http.redirections.entrypoint.to=websecure"
+      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
+      - "--entrypoints.websecure.address=:443"
+      - "--entrypoints.websecure.http.tls.options=mintls13@file"
+      - "--entrypoints.websecure.http.tls.certResolver=le"
+      - "--certificatesresolvers.le.acme.httpchallenge=true"
+      - "--certificatesresolvers.le.acme.httpchallenge.entrypoint=web"
+      - "--certificatesresolvers.le.acme.email=faerbit@posteo.net"
+      - "--certificatesresolvers.le.acme.storage=/certs/acme.json"
+      - "--providers.file.directory=/config/"
+      - "--providers.file.watch=true"
+    networks:
+      - default
+      - traefik
     volumes:
-      - certs:/etc/nginx/certs
-      - html:/usr/share/nginx/html
-      - vhostd:/etc/nginx/vhost.d
-      - /var/run/docker.sock:/tmp/docker.sock:ro
-            #- /docker/nextcloud/nginx-proxy.conf.hack:/etc/nginx/vhost.d/nc.faerb.it:ro
-      - /docker/nextcloud/nginx-proxy.conf:/etc/nginx/vhost.d/nc.faerb.it:ro
+      - /docker/traefik/certs:/certs
+      - /docker/traefik/config:/config
+    depends_on:
+      - dockerproxy
 
-  letsencrypt:
-    container_name: letsencrypt
-    image: jrcs/letsencrypt-nginx-proxy-companion
+  dockerproxy:
+    container_name: dockerproxy
+    build: /docker/dockerproxy
     restart: unless-stopped
-    environment:
-      - NGINX_PROXY_CONTAINER=nginx-proxy
     logging:
       driver: journald
+    environment:
+      - CONTAINERS=1
+    networks:
+      - traefik
     volumes:
-      - certs:/etc/nginx/certs
-      - html:/usr/share/nginx/html
-      - vhostd:/etc/nginx/vhost.d
       - /var/run/docker.sock:/var/run/docker.sock:ro
 
   nginx-page:
     container_name: nginx-page
     image: nginx:alpine
     restart: unless-stopped
-    environment:
-      - VIRTUAL_PROTO=http
-      - VIRTUAL_HOST=faerb.it
-      - LETSENCRYPT_HOST=faerb.it
-      - LETSENCRYPT_EMAIL=faerbit@posteo.net
     logging:
       driver: journald
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.page.rule=Host(`faerb.it`)"
+      - "traefik.http.routers.page.entrypoints=websecure"
+      - "traefik.http.routers.page.middlewares=security_headers@file,default_csp@file"
     volumes:
       - /docker/page:/usr/share/nginx/html:ro
-    networks:
-      - default
 
   nginx-nextcloud:
     container_name: nginx-nextcloud
     image: nginx:alpine
     restart: unless-stopped
-    environment:
-      - VIRTUAL_PROTO=http
-      - VIRTUAL_HOST=nc.faerb.it
-      - LETSENCRYPT_HOST=nc.faerb.it
-      - LETSENCRYPT_EMAIL=faerbit@posteo.net
     logging:
       driver: journald
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.nextcloud.rule=Host(`nc.faerb.it`)"
+      - "traefik.http.routers.nextcloud.entrypoints=websecure"
+      - "traefik.http.routers.nextcloud.middlewares=security_headers@file"
     volumes:
       - /docker/nextcloud/nginx.conf:/etc/nginx/nginx.conf:ro
       - /docker/nextcloud/html:/var/www/html:ro
@@ -78,7 +89,7 @@ services:
 
   nextcloud:
     container_name: nextcloud
-    image: library/nextcloud:21.0.1-fpm-alpine
+    image: library/nextcloud:23.0.2-fpm-alpine
     restart: unless-stopped
     env_file:
       - /docker/mariadb/mariadb.env
@@ -97,7 +108,7 @@ services:
 
   nc-cron:
     container_name: nc-cron
-    image: library/nextcloud:21.0.1-fpm-alpine
+    image: library/nextcloud:23.0.2-fpm-alpine
     restart: unless-stopped
     logging:
       driver: journald
@@ -113,10 +124,8 @@ services:
 
   mariadb:
     container_name: mariadb
-    image: mariadb:10.5
+    image: library/mariadb:10.8
     restart: unless-stopped
-    ports:
-      - 127.0.0.1:3306:3306
     env_file:
       - /docker/mariadb/mariadb.env
     logging:
@@ -129,7 +138,7 @@ services:
 
   redis:
     container_name: redis
-    image: library/redis:6-alpine
+    image: redis:6-alpine
     restart: unless-stopped
     logging:
       driver: journald
@@ -138,26 +147,28 @@ services:
 
   gitea:
     container_name: gitea
-    image: gitea/gitea:1.13
+    image: gitea/gitea:1.16
     restart: unless-stopped
     ports:
-      - 22:22
+      - "[::]:22:22"
     env_file:
       - /docker/mariadb/gitea.env
       - /docker/gitea/gitea.env
+    logging:
+      driver: journald
     environment:
-      - VIRTUAL_HOST=git.faerb.it
-      - VIRTUAL_PORT=3000
-      - LETSENCRYPT_HOST=git.faerb.it
-      - LETSENCRYPT_EMAIL=faerbit@posteo.net
       - SSH_DOMAIN=git.faerb.it
       - ROOT_URL=git.faerb.it
       - DB_TYPE=mysql
       - DB_HOST=mariadb:3306
       - RUN_MODE=prod
       - DISABLE_REGISTRATION=true
-    logging:
-      driver: journald
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.gitea.rule=Host(`git.faerb.it`)"
+      - "traefik.http.routers.gitea.entrypoints=websecure"
+      - "traefik.http.routers.gitea.middlewares=security_headers@file,gitea_csp@file"
+      - "traefik.http.services.gitea-http.loadbalancer.server.port=3000"
     volumes:
       - /docker/gitea/data:/data
     networks:
@@ -165,27 +176,3 @@ services:
       - mariadb
     depends_on:
       - mariadb
-
-  immoscrape:
-    container_name: immoscrape
-    image: registry.gitlab.com/faerbit/immoscrape:main
-    restart: unless-stopped
-    env_file:
-      - /docker/mariadb/immoscrape.env
-    environment:
-      - VIRTUAL_HOST=ims.faerb.it
-      - VIRTUAL_PROTO=uwsgi
-      - VIRTUAL_PORT=3000
-      - LETSENCRYPT_HOST=ims.faerb.it
-      - LETSENCRYPT_EMAIL=faerbit@posteo.net
-      - IMMOSCRAPE_TELEGRAM_SEND_CONFIG_PATH=/app/config/telegram-send.conf
-    logging:
-      driver: journald
-    volumes:
-      - /docker/immoscrape/telegram-send.conf:/app/config/telegram-send.conf
-      - /etc/localtime:/etc/localtime:ro
-    networks:
-      - default
-      - mariadb
-    depends_on:
-      - mariadb