stacks 1

zitadel aun esta en pañales

Nextcloud/.env

@@ -0,0 +1,6 @@
+REDIS_HOST=redis
+MYSQL_HOST=db
+MYSQL_DATABASE=nextcloud
+MYSQL_USER=nextcloud
+MYSQL_PASSWORD=SuperSecretPassword2
+MYSQL_ROOT_PASSWORD=SuperSecretPassword

Nextcloud/docker-compose.yml

@@ -0,0 +1,44 @@
+version: '3.8'
+
+services:
+  nc:
+    image: nextcloud:apache
+    restart: always
+    ports:
+      - 10080:80
+    volumes:
+      - /Nextcloud/Data:/var/www/html
+    networks:
+      - redisnet
+      - dbnet
+    environment:
+      - REDIS_HOST=${REDIS_HOST}
+      - MYSQL_HOST=${MYSQL_HOST}
+      - MYSQL_DATABASE=${MYSQL_DATABASE}
+      - MYSQL_USER=${MYSQL_USER}
+      - MYSQL_PASSWORD=${MYSQL_PASSWORD}
+  redis:
+    image: redis:alpine
+    restart: always
+    networks:
+      - redisnet
+    expose:
+      - 6379
+  db:
+    image: mariadb:10.5
+    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
+    restart: always
+    volumes:
+      - /Nextcloud/Sql:/var/lib/mysql
+    networks:
+      - dbnet
+    environment:
+      - MYSQL_DATABASE=${MYSQL_DATABASE}
+      - MYSQL_USER=${MYSQL_USER}
+      - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
+      - MYSQL_PASSWORD=${MYSQL_PASSWORD}
+    expose:
+      - 3306
+networks:
+  dbnet:
+  redisnet:

Vaultwarden/.env

@@ -0,0 +1,10 @@
+ADMIN_TOKEN=obXolzPdDYiyEOZh01hdEpn5IfNU+rilvEs4dK4XU/LEH4xTvWzEH9ayqbb64tlU #openssl rand -base64 48
+WEBSOCKET_ENABLED=true
+SIGNUPS_ALLOWED=true ##change to false once create the admin account
+SMTP_HOST=mail.domain.com
+SMTP_FROM=vaultwarden@domain.com ##replace example.com with your domain
+SMTP_PORT=587
+SMTP_SSL=true
+SMTP_USERNAME=vaultwarden@domain.com ##sendinblue user 
+SMTP_PASSWORD=SuperSecretPassword ##sendinblue password
+DOMAIN=https://vaultwarden.domain.com #replace example.com with your domain

Vaultwarden/config.json

@@ -0,0 +1,43 @@
+{
+    "domain": "https://vaultwarden.domain.com",
+    "sends_allowed": true,
+    "disable_icon_download": false,
+    "signups_allowed": false,
+    "signups_verify": false,
+    "signups_verify_resend_time": 3600,
+    "signups_verify_resend_limit": 6,
+    "invitations_allowed": true,
+    "password_iterations": 100000,
+    "show_password_hint": false,
+    "admin_token": "obXolzPdDYiyEOZh01hdEpn5IfNU+rilvEs4dK4XU/LEH4xTvWzEH9ayqbb64tlU",
+    "invitation_org_name": "Vaultwarden",
+    "ip_header": "X-Real-IP",
+    "icon_cache_ttl": 2592000,
+    "icon_cache_negttl": 259200,
+    "icon_download_timeout": 10,
+    "icon_blacklist_non_global_ips": true,
+    "disable_2fa_remember": false,
+    "authenticator_disable_time_drift": false,
+    "require_device_email": false,
+    "reload_templates": false,
+    "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
+    "disable_admin_token": false,
+    "_enable_yubico": true,
+    "_enable_duo": false,
+    "_enable_smtp": true,
+    "smtp_host": "mail.domain.com",
+    "smtp_ssl": false,
+    "smtp_explicit_tls": false,
+    "smtp_port": 587,
+    "smtp_from": "vaultwarden@domain.com",
+    "smtp_from_name": "Vaultwarden Password Manager",
+    "smtp_username": "vaultwarden@domain.com",
+    "smtp_password": "SuperSecretPassword",
+    "smtp_timeout": 15,
+    "smtp_accept_invalid_certs": false,
+    "smtp_accept_invalid_hostnames": false,
+    "_enable_email_2fa": true,
+    "email_token_size": 6,
+    "email_expiration_time": 600,
+    "email_attempts_limit": 3
+  }

Vaultwarden/docker-compose.yml

@@ -0,0 +1,21 @@
+version: "3"
+services:
+  vaultwarden:
+    image: vaultwarden/server:latest
+    container_name: vaultwarden
+    restart: unless-stopped
+    ports:
+     - 8445:80 #map any custom port to use (replace 8445 not 80)
+    volumes:
+     - ./bitwarden:/data:rw
+    environment:
+     - ADMIN_TOKEN=${ADMIN_TOKEN}
+     - WEBSOCKET_ENABLED=true
+     - SIGNUPS_ALLOWED=false
+     - SMTP_HOST=${SMTP_HOST}
+     - SMTP_FROM=${SMTP_FROM}
+     - SMTP_PORT=${SMTP_PORT}
+     - SMTP_SSL=${SMTP_SSL}
+     - SMTP_USERNAME=${SMTP_USERNAME}
+     - SMTP_PASSWORD=${SMTP_PASSWORD}
+     - DOMAIN=${DOMAIN}

Zitadel/.env

@@ -0,0 +1,16 @@
+# ZITADEL service configurations
+MASTERKEY=RandomSecureMasterKey32Char1234
+ZITADEL_DATABASE_POSTGRES_HOST=db
+ZITADEL_DATABASE_POSTGRES_PORT=5432
+ZITADEL_DATABASE_POSTGRES_DATABASE=zitadel
+ZITADEL_DATABASE_POSTGRES_USER_USERNAME=zitadel
+ZITADEL_DATABASE_POSTGRES_USER_PASSWORD=SecureUserPassword123!
+ZITADEL_DATABASE_POSTGRES_USER_SSL_MODE=disable
+ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME=postgres
+ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD=SecureAdminPassword123!
+ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE=disable
+ZITADEL_EXTERNALSECURE=false
+
+# Postgres configurations
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=SecureDBPassword123!

Zitadel/docker-compose.yml

@@ -0,0 +1,45 @@
+version: '3.8'
+
+services:
+  zitadel:
+    restart: 'always'
+    networks:
+      - 'zitadel'
+    image: 'ghcr.io/zitadel/zitadel:latest'
+    command: 'start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled'
+    environment:
+      - 'ZITADEL_DATABASE_POSTGRES_HOST=db'
+      - 'ZITADEL_DATABASE_POSTGRES_PORT=5432'
+      - 'ZITADEL_DATABASE_POSTGRES_DATABASE=zitadel'
+      - 'ZITADEL_DATABASE_POSTGRES_USER_USERNAME=zitadel'
+      - 'ZITADEL_DATABASE_POSTGRES_USER_PASSWORD=zitadel'
+      - 'ZITADEL_DATABASE_POSTGRES_USER_SSL_MODE=disable'
+      - 'ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME=postgres'
+      - 'ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD=postgres'
+      - 'ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE=disable'
+      - 'ZITADEL_EXTERNALSECURE=false'
+    depends_on:
+      db:
+        condition: 'service_healthy'
+    ports:
+      - '8080:8080'
+
+  db:
+    restart: 'always'
+    image: postgres:16-alpine
+    environment:
+      - POSTGRES_USER=postgres
+      - POSTGRES_PASSWORD=postgres
+    networks:
+      - 'zitadel'
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready", "-d", "db_prod"]
+      interval: '10s'
+      timeout: '30s'
+      retries: 5
+      start_period: '20s'
+    ports:
+      - '5432:5432'
+
+networks:
+  zitadel: