- commit
- f24ebfb
- parent
- d5828a4
- author
- Antonio Mika
- date
- 2022-08-02 21:11:25 +0000 UTC
Added unified compose file and updated deployment method
11 files changed,
+350,
-56
+4,
-8
1@@ -2,14 +2,10 @@
2 *.swp
3 .env
4 .envrc
5+.env.prod
6 build/*
7 !build/.gitkeep
8-ssh_data/*
9-!ssh_data/.gitkeep
10-caddy_data/*
11-!caddy_data/.gitkeep
12-caddy_config/*
13-!caddy_config/.gitkeep
14-.env.prod
15 *.bak
16-Dockerfile*
17+data/*
18+!data/.gitkeep
19+Dockerfile
+45,
-17
1@@ -1,23 +1,51 @@
2-DATABASE_URL="postgresql://postgres:secret@localhost:5432/pico?sslmode=disable"
3-POSTGRES_PASSWORD="secret"
4+DATABASE_URL=postgresql://postgres:secret@localhost:5432/pico?sslmode=disable
5+POSTGRES_PASSWORD=secret
6+CF_API_TOKEN=secret
7
8-LISTS_SSH_PORT="2222"
9-LISTS_WEB_PORT="3000"
10-LISTS_DOMAIN="lists.test:3000"
11-LISTS_EMAIL="my@email.com"
12+LISTS_V4=
13+LISTS_V6=
14+LISTS_HTTP_V4=$LISTS_V4:80
15+LISTS_HTTP_V6=[$LISTS_V6]:80
16+LISTS_HTTPS_V4=$LISTS_V4:443
17+LISTS_HTTPS_V6=[$LISTS_V6]:443
18+LISTS_SSH_V4=$LISTS_V4:22
19+LISTS_SSH_V6=[$LISTS_V6]:22
20+LISTS_SSH_PORT=2222
21+LISTS_WEB_PORT=3000
22+LISTS_DOMAIN=lists.pico.sh:3000
23+LISTS_EMAIL=hello@pico.sh
24 LISTS_SUBDOMAINS=1
25-LISTS_PROTOCOL="http"
26+LISTS_CUSTOMDOMAINS=1
27+LISTS_PROTOCOL=http
28
29-PASTES_SSH_PORT="2222"
30-PASTES_WEB_PORT="3000"
31-PASTES_DOMAIN="pastes.test:3000"
32-PASTES_EMAIL="my@email.com"
33+PASTES_V4=
34+PASTES_V6=
35+PASTES_HTTP_V4=$PASTES_V4:80
36+PASTES_HTTP_V6=[$PASTES_V6]:80
37+PASTES_HTTPS_V4=$PASTES_V4:443
38+PASTES_HTTPS_V6=[$PASTES_V6]:443
39+PASTES_SSH_V4=$PASTES_V4:22
40+PASTES_SSH_V6=[$PASTES_V6]:22
41+PASTES_SSH_PORT=2222
42+PASTES_WEB_PORT=3000
43+PASTES_DOMAIN=pastes.pico.sh:3001
44+PASTES_EMAIL=hello@pico.sh
45 PASTES_SUBDOMAINS=1
46-PASTES_PROTOCOL="http"
47+PASTES_CUSTOMDOMAINS=1
48+PASTES_PROTOCOL=http
49
50-PROSE_SSH_PORT="2222"
51-PROSE_WEB_PORT="3000"
52-PROSE_DOMAIN="prose.test:3000"
53-PROSE_EMAIL="my@email.com"
54+PROSE_V4=
55+PROSE_V6=
56+PROSE_HTTP_V4=$PROSE_V4:80
57+PROSE_HTTP_V6=[$PROSE_V6]:80
58+PROSE_HTTPS_V4=$PROSE_V4:443
59+PROSE_HTTPS_V6=[$PROSE_V6]:443
60+PROSE_SSH_V4=$PROSE_V4:22
61+PROSE_SSH_V6=[$PROSE_V6]:22
62+PROSE_SSH_PORT=2222
63+PROSE_WEB_PORT=3000
64+PROSE_DOMAIN=prose.pico.sh:3002
65+PROSE_EMAIL=hello@pico.sh
66 PROSE_SUBDOMAINS=1
67-PROSE_PROTOCOL="http"
68+PROSE_CUSTOMDOMAINS=1
69+PROSE_PROTOCOL=http
+3,
-7
1@@ -2,13 +2,9 @@
2 *.swp
3 .env
4 .envrc
5+.env.prod
6 build/*
7 !build/.gitkeep
8-ssh_data/*
9-!ssh_data/.gitkeep
10-caddy_data/*
11-!caddy_data/.gitkeep
12-caddy_config/*
13-!caddy_config/.gitkeep
14-.env.prod
15 *.bak
16+data/*
17+!data/.gitkeep
M
Makefile
+2,
-2
1@@ -2,7 +2,7 @@ PGDATABASE?="pico"
2 PGHOST?="db"
3 PGUSER?="postgres"
4 PORT?="5432"
5-DB_CONTAINER?=pico-db-1
6+DB_CONTAINER?=pico-postgres-1
7 DOCKER_TAG?=$(shell git log --format="%H" -n 1)
8 DOCKER_PLATFORM?=linux/amd64,linux/arm64
9 DOCKER_BUILDX_BUILD?=docker buildx build --push --platform $(DOCKER_PLATFORM)
10@@ -17,7 +17,7 @@ bp-setup:
11 .PHONY: bp-setup
12
13 bp-caddy: bp-setup
14- $(DOCKER_BUILDX_BUILD) -t neurosnap/pico-caddy:$(DOCKER_TAG) -f Dockerfile.caddy .
15+ $(DOCKER_BUILDX_BUILD) -t neurosnap/pico-caddy:$(DOCKER_TAG) -f caddy/Dockerfile .
16 .PHONY: bp-caddy
17
18 bp-%: bp-setup
+0,
-0
R Caddyfile =>
caddy/Caddyfile
+25,
-16
1@@ -1,17 +1,17 @@
2 {
3- on_demand_tls {
4- ask http://web:3000/check
5- interval 1m
6- burst 10
7- }
8+ on_demand_tls {
9+ ask http://web:3000/check
10+ interval 1m
11+ burst 10
12+ }
13 }
14
15 *.{$APP_DOMAIN}, {$APP_DOMAIN} {
16- reverse_proxy web:3000
17- tls hello@{$APP_DOMAIN} {
18- dns cloudflare {$CF_API_TOKEN}
19- }
20- encode zstd gzip
21+ reverse_proxy web:3000
22+ tls {$APP_EMAIL} {
23+ dns cloudflare {$CF_API_TOKEN}
24+ }
25+ encode zstd gzip
26
27 header {
28 # disable FLoC tracking
29@@ -33,12 +33,21 @@
30
31 X-XSS-Protection "1; mode=block"
32 }
33+
34+ @caddymetrics {
35+ host {$APP_DOMAIN}
36+ path /_caddy/metrics
37+ }
38+
39+ metrics @caddymetrics {
40+ disable_openmetrics
41+ }
42 }
43
44 :443 {
45- reverse_proxy web:3000
46- tls hello@{$APP_DOMAIN} {
47- on_demand
48- }
49- encode zstd gzip
50-}
51+ reverse_proxy web:3000
52+ tls {$APP_EMAIL} {
53+ on_demand
54+ }
55+ encode zstd gzip
56+}
R Dockerfile.caddy =>
caddy/Dockerfile
+0,
-0
+0,
-0
+69,
-0
1@@ -0,0 +1,69 @@
2+version: "3.8"
3+services:
4+ postgres:
5+ env_file:
6+ - .env.example
7+ volumes:
8+ - ./data/postgres-data:/var/lib/postgresql/data
9+ ports:
10+ - "5432:5432"
11+ lists-web:
12+ build:
13+ args:
14+ APP: lists
15+ target: release-web
16+ env_file:
17+ - .env.example
18+ ports:
19+ - "3000:3000"
20+ lists-ssh:
21+ build:
22+ args:
23+ APP: lists
24+ target: release-ssh
25+ env_file:
26+ - .env.example
27+ volumes:
28+ - ./data/lists-ssh/data:/app/ssh_data
29+ ports:
30+ - "2220:2222"
31+ pastes-web:
32+ build:
33+ args:
34+ APP: pastes
35+ target: release-web
36+ env_file:
37+ - .env.example
38+ ports:
39+ - "3001:3000"
40+ pastes-ssh:
41+ build:
42+ args:
43+ APP: pastes
44+ target: release-ssh
45+ env_file:
46+ - .env.example
47+ volumes:
48+ - ./data/pastes-ssh/data:/app/ssh_data
49+ ports:
50+ - "2221:2222"
51+ prose-web:
52+ build:
53+ args:
54+ APP: prose
55+ target: release-web
56+ env_file:
57+ - .env.example
58+ ports:
59+ - "3002:3000"
60+ prose-ssh:
61+ build:
62+ args:
63+ APP: prose
64+ target: release-ssh
65+ env_file:
66+ - .env.example
67+ volumes:
68+ - ./data/prose-ssh/data:/app/ssh_data
69+ ports:
70+ - "2222:2222"
+155,
-0
1@@ -0,0 +1,155 @@
2+version: "3.8"
3+services:
4+ postgres:
5+ env_file:
6+ - .env.prod
7+ volumes:
8+ - ./data/postgres-data:/var/lib/postgresql/data
9+ ports:
10+ - "5432:5432"
11+ lists-caddy:
12+ image: neurosnap/pico-caddy:latest
13+ restart: always
14+ networks:
15+ - lists
16+ env_file:
17+ - .env.prod
18+ environment:
19+ APP_DOMAIN: ${LISTS_DOMAIN:-lists.sh}
20+ APP_EMAIL: ${LISTS_EMAIL:-hello@pico.sh}
21+ volumes:
22+ - ./caddy/Caddyfile:/etc/caddy/Caddyfile
23+ - ./data/lists-caddy/data:/data
24+ - ./data/lists-caddy/config:/config
25+ ports:
26+ - "${LISTS_HTTPS_V4:-443}:443"
27+ - "${LISTS_HTTP_V4:-80}:80"
28+ - "${LISTS_HTTPS_V6:-[::1]:443}:443"
29+ - "${LISTS_HTTP_V6:-[::1]:80}:80"
30+ profiles:
31+ - lists
32+ - caddy
33+ - all
34+ lists-web:
35+ networks:
36+ lists:
37+ aliases:
38+ - web
39+ env_file:
40+ - .env.prod
41+ lists-ssh:
42+ networks:
43+ lists:
44+ aliases:
45+ - ssh
46+ env_file:
47+ - .env.prod
48+ volumes:
49+ - ./data/lists-ssh/data:/app/ssh_data
50+ ports:
51+ - "${LISTS_SSH_V4:-22}:2222"
52+ - "${LISTS_SSH_V6:-[::1]:22}:2222"
53+ pastes-caddy:
54+ image: neurosnap/pico-caddy:latest
55+ restart: always
56+ networks:
57+ - pastes
58+ env_file:
59+ - .env.prod
60+ environment:
61+ APP_DOMAIN: ${PASTES_DOMAIN:-pastes.sh}
62+ APP_EMAIL: ${PASTES_EMAIL:-hello@pico.sh}
63+ volumes:
64+ - ./caddy/Caddyfile:/etc/caddy/Caddyfile
65+ - ./data/pastes-caddy/data:/data
66+ - ./data/pastes-caddy/config:/config
67+ ports:
68+ - "${PASTES_HTTPS_V4:-443}:443"
69+ - "${PASTES_HTTP_V4:-80}:80"
70+ - "${PASTES_HTTPS_V6:-[::1]:443}:443"
71+ - "${PASTES_HTTP_V6:-[::1]:80}:80"
72+ profiles:
73+ - pastes
74+ - caddy
75+ - all
76+ pastes-web:
77+ networks:
78+ pastes:
79+ aliases:
80+ - web
81+ env_file:
82+ - .env.prod
83+ pastes-ssh:
84+ networks:
85+ pastes:
86+ aliases:
87+ - ssh
88+ env_file:
89+ - .env.prod
90+ volumes:
91+ - ./data/pastes-ssh/data:/app/ssh_data
92+ ports:
93+ - "${PASTES_SSH_V4:-22}:2222"
94+ - "${PASTES_SSH_V6:-[::1]:22}:2222"
95+ prose-caddy:
96+ image: neurosnap/pico-caddy:latest
97+ restart: always
98+ networks:
99+ - prose
100+ env_file:
101+ - .env.prod
102+ environment:
103+ APP_DOMAIN: ${PROSE_DOMAIN:-prose.sh}
104+ APP_EMAIL: ${PROSE_EMAIL:-hello@pico.sh}
105+ volumes:
106+ - ./caddy/Caddyfile:/etc/caddy/Caddyfile
107+ - ./data/prose-caddy/data:/data
108+ - ./data/prose-caddy/config:/config
109+ ports:
110+ - "${PROSE_HTTPS_V4:-443}:443"
111+ - "${PROSE_HTTP_V4:-80}:80"
112+ - "${PROSE_HTTPS_V6:-[::1]:443}:443"
113+ - "${PROSE_HTTP_V6:-[::1]:80}:80"
114+ profiles:
115+ - prose
116+ - caddy
117+ - all
118+ prose-web:
119+ networks:
120+ prose:
121+ aliases:
122+ - web
123+ env_file:
124+ - .env.prod
125+ prose-ssh:
126+ networks:
127+ prose:
128+ aliases:
129+ - ssh
130+ env_file:
131+ - .env.prod
132+ volumes:
133+ - ./data/prose-ssh/data:/app/ssh_data
134+ ports:
135+ - "${PROSE_SSH_V4:-22}:2222"
136+ - "${PROSE_SSH_V6:-[::1]:22}:2222"
137+
138+networks:
139+ prose:
140+ driver_opts:
141+ com.docker.network.bridge.name: prose
142+ ipam:
143+ config:
144+ - subnet: 172.18.0.0/16
145+ pastes:
146+ driver_opts:
147+ com.docker.network.bridge.name: pastes
148+ ipam:
149+ config:
150+ - subnet: 172.19.0.0/16
151+ lists:
152+ driver_opts:
153+ com.docker.network.bridge.name: lists
154+ ipam:
155+ config:
156+ - subnet: 172.20.0.0/16
+47,
-6
1@@ -1,9 +1,50 @@
2-version: "3.4"
3+version: "3.8"
4 services:
5- db:
6+ postgres:
7 image: postgres
8 restart: always
9- ports:
10- - "5432:5432"
11- env_file:
12- - .env
13+ profiles:
14+ - db
15+ - all
16+ lists-web:
17+ image: neurosnap/lists-web:latest
18+ restart: always
19+ profiles:
20+ - lists
21+ - services
22+ - all
23+ lists-ssh:
24+ image: neurosnap/lists-ssh:latest
25+ restart: always
26+ profiles:
27+ - lists
28+ - services
29+ - all
30+ pastes-web:
31+ image: neurosnap/pastes-web:latest
32+ restart: always
33+ profiles:
34+ - pastes
35+ - services
36+ - all
37+ pastes-ssh:
38+ image: neurosnap/pastes-ssh:latest
39+ restart: always
40+ profiles:
41+ - pastes
42+ - services
43+ - all
44+ prose-web:
45+ image: neurosnap/prose-web:latest
46+ restart: always
47+ profiles:
48+ - prose
49+ - services
50+ - all
51+ prose-ssh:
52+ image: neurosnap/prose-ssh:latest
53+ restart: always
54+ profiles:
55+ - prose
56+ - services
57+ - all