Cloud

docker-compose.yml

version: "3"

networks:
  web:
    external: true
  internal:
    external: false

services:
  traefik:
    image: traefik:latest
    container_name: traefik
    restart: always
    security_opt:
      - no-new-privileges:true    
    ports:
      - 80:80
      - 443:443
    networks:
      - web
    labels:
      - traefik.enable=true
      - traefik.http.middlewares.traefik-auth.basicauth.users=$TRAEFIK_BASIC_AUTH     
      - traefik.http.routers.traefik.middlewares=traefik-auth
      - traefik.http.routers.traefik.entrypoints=https
      - traefik.http.routers.traefik.rule=Host(`traefik-cloud.$DOMAIN`)
      - traefik.http.routers.traefik.tls=true
      - traefik.http.routers.traefik.tls.certresolver=http
      - traefik.http.routers.traefik.service=api@internal
      - traefik.http.services.traefik.loadbalancer.server.port=8080
        
    volumes:
      - /etc/localtime:/etc/localtime:ro     
      - /var/run/docker.sock:/var/run/docker.sock:ro      
      - $HOME/.config/traefik/traefik.yml:/traefik.yml:ro
      - $HOME/.config/traefik/acme.json:/acme.json

  gitea:
    depends_on: 
      - traefik
    image: gitea/gitea:latest
    security_opt:
      - no-new-privileges:true
    container_name: gitea
    environment:
      - USER_UID=1000
      - USER_GID=1000
    restart: always
    volumes:
      - ./.config/gitea:/data
    networks:
      - internal
      - web
    labels:
      - traefik.enable=true
      - traefik.http.routers.gitea.entrypoints=https
      - traefik.http.routers.gitea.rule=Host(`gitea.$DOMAIN`)
      - traefik.http.routers.gitea.tls=true
      - traefik.http.routers.gitea.tls.certresolver=http
      - traefik.http.routers.gitea.service=gitea
      - traefik.http.services.gitea.loadbalancer.server.port=3000
      - traefik.docker.network=web


  webdav:
    depends_on: 
      - traefik
    image: bytemark/webdav
    container_name: webdav
    restart: always
    environment:
      AUTH_TYPE: Basic
      USERNAME: $USER
      PASSWORD: $WEBDAV_PW
    volumes:
      - ./.config/webdav:/var/lib/dav
    networks:
      - internal
      - web
    labels:
      - traefik.enable=true
      - traefik.http.routers.webdav.entrypoints=http
      - traefik.http.routers.webdav.rule=Host(`webdav.$DOMAIN`)
      - traefik.http.middlewares.webdav-https-redirect.redirectscheme.scheme=https
      - traefik.http.routers.webdav.middlewares=webdav-https-redirect        
      - traefik.http.routers.webdav-secure.entrypoints=https
      - traefik.http.routers.webdav-secure.rule=Host(`webdav.$DOMAIN`)
      - traefik.http.routers.webdav-secure.tls=true
      - traefik.http.routers.webdav-secure.tls.certresolver=http
      - traefik.http.routers.webdav-secure.service=webdav
      - traefik.http.services.webdav.loadbalancer.server.port=80
      - traefik.docker.network=web

env.sample.sh

export ENV='home' | 'cloud'
export DOMAIN=rap-beauticians.com
export EMAIL=mr.bogus@bogus.com

# figure out ho to manage this with bw
export TRAEFIK_PW=traefpass
export WEBDAV_PW=webdavpass

export TRAEFIK_BASIC_AUTH=$(htpasswd -nb admin $TRAEFIK_PW)

mount-volume.md

parttion, format, mount ⚙️

Manually Format, Mount, and Partition Volumes

droplet commands

sudo apt -qy install parted

# Partition
sudo parted /dev/disk/by-id/scsi-0DO_Volume_cloud mklabel gpt
sudo parted -a opt /dev/disk/by-id/scsi-0DO_Volume_cloud mkpart primary ext4 0% 100%

# format
echo "y"  | sudo mkfs.ext4  /dev/disk/by-id/scsi-0DO_Volume_cloud

# mount
sudo mkdir -p /mnt/cloud
sudo sh -c  'echo "/dev/disk/by-id/scsi-0DO_Volume_cloud /mnt/cloud ext4 defaults,nofail,discard 0 2" >> /etc/fstab'
mount -a

check commands

sudo lsblk --fs /dev/disk/by-id/scsi-0DO_Volume_cloud

traefik.yml

api:
  dashboard: true

entryPoints:
  http:
    address: ":80"
  https:
    address: ":443"

providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false

certificatesResolvers:
  http:
    acme:
      email: $EMAIL
      storage: acme.json
      httpChallenge:
        entryPoint: http