-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathdocker-compose.yml
98 lines (93 loc) · 3.44 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
services:
nginx-letsencrypt:
image: nginx
container_name: nginx-letsencrypt
hostname: ${DOMAIN_NAME:?err}
volumes:
- './http-root:/var/lib/nginx/html/http-root:ro'
- './data/acme-webroot:/var/lib/nginx/html/acme:ro'
- './data/letsencrypt/etc:/etc/letsencrypt:ro'
- './preset/nginx.conf:/etc/nginx/nginx.conf:ro'
- './preset/conf.d:/etc/nginx/conf.d:ro'
labels:
com.datadoghq.ad.check_names: '["nginx"]'
com.datadoghq.ad.init_configs: '[{}]'
com.datadoghq.ad.instances: '[{"nginx_status_url": "http://%%host%%:81/nginx_status/"}]'
ports:
- '80:80'
- '443:443'
restart: ${RESTART:-unless-stopped}
profiles:
- letsencrypt
nginx-cloudflared:
image: nginx
container_name: nginx-cloudflared
hostname: ${DOMAIN_NAME:?err}
volumes:
- './http-root:/var/lib/nginx/html/http-root:ro'
- './preset/nginx.conf:/etc/nginx/nginx.conf:ro'
- './preset/conf.d-tunnels:/etc/nginx/conf.d:ro'
labels:
com.datadoghq.ad.check_names: '["nginx"]'
com.datadoghq.ad.init_configs: '[{}]'
com.datadoghq.ad.instances: '[{"nginx_status_url": "http://%%host%%:81/nginx_status/"}]'
restart: ${RESTART:-unless-stopped}
profiles:
- cloudflared
syncthing:
image: syncthing/syncthing:latest
container_name: syncthing
hostname: ${DOMAIN_NAME:?err}
environment:
- PUID=1000
- PGID=1000
volumes:
- './data/syncthing:/var/syncthing/config'
- "${WEBROOT:-./http-root/chaotic-aur}:/repo"
ports:
- '127.0.0.1:8384:8384'
- 22000:22000/tcp
- 22000:22000/udp
- 21027:21027/udp
restart: ${RESTART:-unless-stopped}
chaotic-management:
container_name: chaotic-management
restart: ${RESTART:-unless-stopped}
image: nginx
volumes:
- './data:/data'
entrypoint:
- /bin/sh
- -c
- |
trap exit TERM INT;
sleep 10;
while :; do
apikey="$$(grep -oPm 1 '(?<=\<apikey\>).*(?=\</apikey\>)' /data/syncthing/config.xml)"
curl -s --fail -X POST -H "X-API-Key: $$apikey" http://syncthing:8384/rest/db/revert?folder=jhcrt-m2dra || echo Failed to revert folder;
sed -i -r '/<device id="ZDHVMSP-EW4TMWX-DBH2W4P-HV5A6OY-BBEFABO-QTENANJ-RJ6GKNX-6KCG7QY"/! s|(^ *<device .*id="[^"]+".*skipIntroductionRemovals="false".*introducedBy=")(">)|\1ZDHVMSP-EW4TMWX-DBH2W4P-HV5A6OY-BBEFABO-QTENANJ-RJ6GKNX-6KCG7QY\2|' /data/syncthing/config.xml
sleep 1h &
wait $${!};
done;
certbot:
image: certbot/certbot:${LETSENCRYPT_TAG:-latest}
container_name: certbot
volumes:
- './data/acme-webroot:/srv/http/webroot'
- './data/letsencrypt/etc:/etc/letsencrypt'
- './data/letsencrypt/var:/var/lib/letsencrypt'
entrypoint: "/bin/sh -c 'trap exit TERM; sleep 10; while :; do certbot renew -w /srv/http/webroot/ --webroot; sleep 12h & wait $${!}; done;'"
restart: ${RESTART:-unless-stopped}
profiles:
- letsencrypt
cloudflared:
image: erisamoe/cloudflared:latest
container_name: cloudflared
command: --origincert /root/.cloudflared/cert.pem tunnel run --url http://nginx-cloudflared ${DOMAIN_NAME:?err}
volumes:
- './data/cloudflared/etc:/etc/cloudflared'
- './data/cloudflared/home:/root'
- './preset/passwd:/etc/passwd'
restart: ${RESTART:-unless-stopped}
profiles:
- cloudflared