Utopiah/docker-compose.yml Secret

## docker-compose.yml
version: "3.3"

services:
  webserver:
    # note that the order is currently unclear, namely that nginx is needed to validate certbot
    # but nginx also load some certificates. So it is currently manually bootstrapped.
    image: nginx:1.19
    ports:
      - "80:80"
      - "443:443"
      # - "444:444"
    volumes:
      - ./conf/nginx/:/etc/nginx/conf.d # can be refactored with an array?
      - ./conf/acme/:/var/www/html/ # certification validation
      - ./conf/letsencrypt/:/etc/letsencrypt/ # certificates to load via the configuration file
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    healthcheck:
      test: ["CMD", "curl", "-f", "http://pmwikis"]
      interval: 1m30s
      timeout: 10s
      retries: 3
    restart: always
  certificates:
    image: certbot/certbot
    volumes:
      - ./conf/letsencrypt/:/etc/letsencrypt/
      - ./conf/acme/:/var/www/html/ # certificate validation for the nginx webserver
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
    # manual test to add new cert
    # certbot certonly --webroot --agree-tos -m fabien-services@benetou.fr -n --dry-run -d migrationtest.benetou.fr -d migrationtest.iterative-explorations.com" -w /var/www/html --dry-run
    # healthcheck could be done with sucessful certbot renew
    restart: always
  pmwikis:
    image: pmwiki:latest # Debian running lighttpd, should be renamed accordingly
    volumes:
      - ./conf/lighttpd/:/etc/lighttpd/
      - ./conf/fpm-lighttpd.conf:/etc/lighttpd/conf-enabled/15-fastcgi-php.conf
      - /home/web:/home/web
      - /home/fabien/web/:/home/fabien/web/ # used by withsoftware.benetou.fr
      - /home/fabien/Prototypes/:/home/fabien/Prototypes/ # used by withsoftware.benetou.fr
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    restart: always
  php:
    image: phpfpm-graphviz:latest #php:7.3-fpm with graphviz for dot
    volumes:
      - ./conf/php/php.ini-production:/usr/local/etc/php/php.ini
      - ./conf/php/www.conf:/usr/local/etc/php-fpm.d/www.conf
      - /home/web:/home/web
      - /home/fabien/web/:/home/fabien/web/ # used by withsoftware.benetou.fr
      - /home/fabien/Prototypes/:/home/fabien/Prototypes/ # used by withsoftware.benetou.fr
      - ./data/phpdev/:/var/www/phpdev/
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    restart: always
  phantomjs:
    # working, e.g https://fabien.benetou.fr/Tools/Ffmpeg?action=serverrender
    image: debian-for-phantomjs:latest
    # completed with apt update && apt install -y cron nodejs npm to run cd /phantomjs/data/ && node . 2> logs &
    # build: ../debian-for-phantomjs/ # works but doesn't take updates into account when Dockerfile modified
    # healthcheck could be done on rendering a test page and getting a proper image file out
    volumes:
      - ./conf/phantomjs/bin/:/phantomjs/bin
      - /home/web/vatelier.net/MyDemo/newtooling/:/phantomjs/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do sleep 12h & wait $${!}; done;'"
    # should periodically run /phantomjs/data/get_last_20_textures.sh(takes <1min)
    # running cron for now to keep the web service going but should be cleaned up
  phpdev:
    image: pmwiki:latest # Debian running lighttpd
    volumes:
      - ./conf/php.ini:/etc/php/7.3/cgi/php.ini # display error on
        #  probably doesn't have any effect now that php is it's own container
      - ./conf/phpdev/:/etc/lighttpd/
      - ./data/phpdev/:/var/www/phpdev/
      - ./conf/fpm-lighttpd.conf:/etc/lighttpd/conf-enabled/15-fastcgi-php.conf
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
  coderepo:
    image:  gitea/gitea:latest
    volumes:
      - ./gitea:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    environment:
      - USER_UID=1000
      - USER_GID=1000
    ports:
      - "22:22"

networks:
  default:
    external:
      name: my_network
# by default all on the same network but unfortunately seems other are not e.g. PeerTube/Jitsi/etc thus to be added manually
# docker network connect my_network docker-jitsi-meet_web_1
# maybe others could be modified accordingly via their own docker-compose files.
	version: "3.3"

	services:
	webserver:
	# note that the order is currently unclear, namely that nginx is needed to validate certbot
	# but nginx also load some certificates. So it is currently manually bootstrapped.
	image: nginx:1.19
	ports:
	- "80:80"
	- "443:443"
	# - "444:444"
	volumes:
	- ./conf/nginx/:/etc/nginx/conf.d # can be refactored with an array?
	- ./conf/acme/:/var/www/html/ # certification validation
	- ./conf/letsencrypt/:/etc/letsencrypt/ # certificates to load via the configuration file
	- /etc/timezone:/etc/timezone:ro
	- /etc/localtime:/etc/localtime:ro
	healthcheck:
	test: ["CMD", "curl", "-f", "http://pmwikis"]
	interval: 1m30s
	timeout: 10s
	retries: 3
	restart: always
	certificates:
	image: certbot/certbot
	volumes:
	- ./conf/letsencrypt/:/etc/letsencrypt/
	- ./conf/acme/:/var/www/html/ # certificate validation for the nginx webserver
	- /etc/timezone:/etc/timezone:ro
	- /etc/localtime:/etc/localtime:ro
	entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
	# manual test to add new cert
	# certbot certonly --webroot --agree-tos -m fabien-services@benetou.fr -n --dry-run -d migrationtest.benetou.fr -d migrationtest.iterative-explorations.com" -w /var/www/html --dry-run
	# healthcheck could be done with sucessful certbot renew
	restart: always
	pmwikis:
	image: pmwiki:latest # Debian running lighttpd, should be renamed accordingly
	volumes:
	- ./conf/lighttpd/:/etc/lighttpd/
	- ./conf/fpm-lighttpd.conf:/etc/lighttpd/conf-enabled/15-fastcgi-php.conf
	- /home/web:/home/web
	- /home/fabien/web/:/home/fabien/web/ # used by withsoftware.benetou.fr
	- /home/fabien/Prototypes/:/home/fabien/Prototypes/ # used by withsoftware.benetou.fr
	- /etc/timezone:/etc/timezone:ro
	- /etc/localtime:/etc/localtime:ro
	restart: always
	php:
	image: phpfpm-graphviz:latest #php:7.3-fpm with graphviz for dot
	volumes:
	- ./conf/php/php.ini-production:/usr/local/etc/php/php.ini
	- ./conf/php/www.conf:/usr/local/etc/php-fpm.d/www.conf
	- /home/web:/home/web
	- /home/fabien/web/:/home/fabien/web/ # used by withsoftware.benetou.fr
	- /home/fabien/Prototypes/:/home/fabien/Prototypes/ # used by withsoftware.benetou.fr
	- ./data/phpdev/:/var/www/phpdev/
	- /etc/timezone:/etc/timezone:ro
	- /etc/localtime:/etc/localtime:ro
	restart: always
	phantomjs:
	# working, e.g https://fabien.benetou.fr/Tools/Ffmpeg?action=serverrender
	image: debian-for-phantomjs:latest
	# completed with apt update && apt install -y cron nodejs npm to run cd /phantomjs/data/ && node . 2> logs &
	# build: ../debian-for-phantomjs/ # works but doesn't take updates into account when Dockerfile modified
	# healthcheck could be done on rendering a test page and getting a proper image file out
	volumes:
	- ./conf/phantomjs/bin/:/phantomjs/bin
	- /home/web/vatelier.net/MyDemo/newtooling/:/phantomjs/data
	- /etc/timezone:/etc/timezone:ro
	- /etc/localtime:/etc/localtime:ro
	entrypoint: "/bin/sh -c 'trap exit TERM; while :; do sleep 12h & wait $${!}; done;'"
	# should periodically run /phantomjs/data/get_last_20_textures.sh(takes <1min)
	# running cron for now to keep the web service going but should be cleaned up
	phpdev:
	image: pmwiki:latest # Debian running lighttpd
	volumes:
	- ./conf/php.ini:/etc/php/7.3/cgi/php.ini # display error on
	# probably doesn't have any effect now that php is it's own container
	- ./conf/phpdev/:/etc/lighttpd/
	- ./data/phpdev/:/var/www/phpdev/
	- ./conf/fpm-lighttpd.conf:/etc/lighttpd/conf-enabled/15-fastcgi-php.conf
	- /etc/timezone:/etc/timezone:ro
	- /etc/localtime:/etc/localtime:ro
	coderepo:
	image: gitea/gitea:latest
	volumes:
	- ./gitea:/data
	- /etc/timezone:/etc/timezone:ro
	- /etc/localtime:/etc/localtime:ro
	environment:
	- USER_UID=1000
	- USER_GID=1000
	ports:
	- "22:22"

	networks:
	default:
	external:
	name: my_network
	# by default all on the same network but unfortunately seems other are not e.g. PeerTube/Jitsi/etc thus to be added manually
	# docker network connect my_network docker-jitsi-meet_web_1
	# maybe others could be modified accordingly via their own docker-compose files.