From db1b47e874d9a11da31c01a8ec71e2b9e44ec673 Mon Sep 17 00:00:00 2001 From: Alejandro Sarmiento Date: Sun, 3 Mar 2024 22:22:36 +0100 Subject: [PATCH] stacks 1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit zitadel aun esta en paƱales --- Nextcloud/.env | 6 +++++ Nextcloud/docker-compose.yml | 44 +++++++++++++++++++++++++++++++++ Vaultwarden/.env | 10 ++++++++ Vaultwarden/config.json | 43 ++++++++++++++++++++++++++++++++ Vaultwarden/docker-compose.yml | 21 ++++++++++++++++ Zitadel/.env | 16 ++++++++++++ Zitadel/docker-compose.yml | 45 ++++++++++++++++++++++++++++++++++ 7 files changed, 185 insertions(+) create mode 100644 Nextcloud/.env create mode 100644 Nextcloud/docker-compose.yml create mode 100644 Vaultwarden/.env create mode 100644 Vaultwarden/config.json create mode 100644 Vaultwarden/docker-compose.yml create mode 100644 Zitadel/.env create mode 100644 Zitadel/docker-compose.yml diff --git a/Nextcloud/.env b/Nextcloud/.env new file mode 100644 index 0000000..8b34e98 --- /dev/null +++ b/Nextcloud/.env @@ -0,0 +1,6 @@ +REDIS_HOST=redis +MYSQL_HOST=db +MYSQL_DATABASE=nextcloud +MYSQL_USER=nextcloud +MYSQL_PASSWORD=SuperSecretPassword2 +MYSQL_ROOT_PASSWORD=SuperSecretPassword diff --git a/Nextcloud/docker-compose.yml b/Nextcloud/docker-compose.yml new file mode 100644 index 0000000..797ac52 --- /dev/null +++ b/Nextcloud/docker-compose.yml @@ -0,0 +1,44 @@ +version: '3.8' + +services: + nc: + image: nextcloud:apache + restart: always + ports: + - 10080:80 + volumes: + - /Nextcloud/Data:/var/www/html + networks: + - redisnet + - dbnet + environment: + - REDIS_HOST=${REDIS_HOST} + - MYSQL_HOST=${MYSQL_HOST} + - MYSQL_DATABASE=${MYSQL_DATABASE} + - MYSQL_USER=${MYSQL_USER} + - MYSQL_PASSWORD=${MYSQL_PASSWORD} + redis: + image: redis:alpine + restart: always + networks: + - redisnet + expose: + - 6379 + db: + image: mariadb:10.5 + command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW + restart: always + volumes: + - /Nextcloud/Sql:/var/lib/mysql + networks: + - dbnet + environment: + - MYSQL_DATABASE=${MYSQL_DATABASE} + - MYSQL_USER=${MYSQL_USER} + - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} + - MYSQL_PASSWORD=${MYSQL_PASSWORD} + expose: + - 3306 +networks: + dbnet: + redisnet: \ No newline at end of file diff --git a/Vaultwarden/.env b/Vaultwarden/.env new file mode 100644 index 0000000..12494d1 --- /dev/null +++ b/Vaultwarden/.env @@ -0,0 +1,10 @@ +ADMIN_TOKEN=obXolzPdDYiyEOZh01hdEpn5IfNU+rilvEs4dK4XU/LEH4xTvWzEH9ayqbb64tlU #openssl rand -base64 48 +WEBSOCKET_ENABLED=true +SIGNUPS_ALLOWED=true ##change to false once create the admin account +SMTP_HOST=mail.domain.com +SMTP_FROM=vaultwarden@domain.com ##replace example.com with your domain +SMTP_PORT=587 +SMTP_SSL=true +SMTP_USERNAME=vaultwarden@domain.com ##sendinblue user +SMTP_PASSWORD=SuperSecretPassword ##sendinblue password +DOMAIN=https://vaultwarden.domain.com #replace example.com with your domain \ No newline at end of file diff --git a/Vaultwarden/config.json b/Vaultwarden/config.json new file mode 100644 index 0000000..c37f280 --- /dev/null +++ b/Vaultwarden/config.json @@ -0,0 +1,43 @@ +{ + "domain": "https://vaultwarden.domain.com", + "sends_allowed": true, + "disable_icon_download": false, + "signups_allowed": false, + "signups_verify": false, + "signups_verify_resend_time": 3600, + "signups_verify_resend_limit": 6, + "invitations_allowed": true, + "password_iterations": 100000, + "show_password_hint": false, + "admin_token": "obXolzPdDYiyEOZh01hdEpn5IfNU+rilvEs4dK4XU/LEH4xTvWzEH9ayqbb64tlU", + "invitation_org_name": "Vaultwarden", + "ip_header": "X-Real-IP", + "icon_cache_ttl": 2592000, + "icon_cache_negttl": 259200, + "icon_download_timeout": 10, + "icon_blacklist_non_global_ips": true, + "disable_2fa_remember": false, + "authenticator_disable_time_drift": false, + "require_device_email": false, + "reload_templates": false, + "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", + "disable_admin_token": false, + "_enable_yubico": true, + "_enable_duo": false, + "_enable_smtp": true, + "smtp_host": "mail.domain.com", + "smtp_ssl": false, + "smtp_explicit_tls": false, + "smtp_port": 587, + "smtp_from": "vaultwarden@domain.com", + "smtp_from_name": "Vaultwarden Password Manager", + "smtp_username": "vaultwarden@domain.com", + "smtp_password": "SuperSecretPassword", + "smtp_timeout": 15, + "smtp_accept_invalid_certs": false, + "smtp_accept_invalid_hostnames": false, + "_enable_email_2fa": true, + "email_token_size": 6, + "email_expiration_time": 600, + "email_attempts_limit": 3 + } \ No newline at end of file diff --git a/Vaultwarden/docker-compose.yml b/Vaultwarden/docker-compose.yml new file mode 100644 index 0000000..df8edb7 --- /dev/null +++ b/Vaultwarden/docker-compose.yml @@ -0,0 +1,21 @@ +version: "3" +services: + vaultwarden: + image: vaultwarden/server:latest + container_name: vaultwarden + restart: unless-stopped + ports: + - 8445:80 #map any custom port to use (replace 8445 not 80) + volumes: + - ./bitwarden:/data:rw + environment: + - ADMIN_TOKEN=${ADMIN_TOKEN} + - WEBSOCKET_ENABLED=true + - SIGNUPS_ALLOWED=false + - SMTP_HOST=${SMTP_HOST} + - SMTP_FROM=${SMTP_FROM} + - SMTP_PORT=${SMTP_PORT} + - SMTP_SSL=${SMTP_SSL} + - SMTP_USERNAME=${SMTP_USERNAME} + - SMTP_PASSWORD=${SMTP_PASSWORD} + - DOMAIN=${DOMAIN} \ No newline at end of file diff --git a/Zitadel/.env b/Zitadel/.env new file mode 100644 index 0000000..a565692 --- /dev/null +++ b/Zitadel/.env @@ -0,0 +1,16 @@ +# ZITADEL service configurations +MASTERKEY=RandomSecureMasterKey32Char1234 +ZITADEL_DATABASE_POSTGRES_HOST=db +ZITADEL_DATABASE_POSTGRES_PORT=5432 +ZITADEL_DATABASE_POSTGRES_DATABASE=zitadel +ZITADEL_DATABASE_POSTGRES_USER_USERNAME=zitadel +ZITADEL_DATABASE_POSTGRES_USER_PASSWORD=SecureUserPassword123! +ZITADEL_DATABASE_POSTGRES_USER_SSL_MODE=disable +ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME=postgres +ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD=SecureAdminPassword123! +ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE=disable +ZITADEL_EXTERNALSECURE=false + +# Postgres configurations +POSTGRES_USER=postgres +POSTGRES_PASSWORD=SecureDBPassword123! diff --git a/Zitadel/docker-compose.yml b/Zitadel/docker-compose.yml new file mode 100644 index 0000000..a754474 --- /dev/null +++ b/Zitadel/docker-compose.yml @@ -0,0 +1,45 @@ +version: '3.8' + +services: + zitadel: + restart: 'always' + networks: + - 'zitadel' + image: 'ghcr.io/zitadel/zitadel:latest' + command: 'start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled' + environment: + - 'ZITADEL_DATABASE_POSTGRES_HOST=db' + - 'ZITADEL_DATABASE_POSTGRES_PORT=5432' + - 'ZITADEL_DATABASE_POSTGRES_DATABASE=zitadel' + - 'ZITADEL_DATABASE_POSTGRES_USER_USERNAME=zitadel' + - 'ZITADEL_DATABASE_POSTGRES_USER_PASSWORD=zitadel' + - 'ZITADEL_DATABASE_POSTGRES_USER_SSL_MODE=disable' + - 'ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME=postgres' + - 'ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD=postgres' + - 'ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE=disable' + - 'ZITADEL_EXTERNALSECURE=false' + depends_on: + db: + condition: 'service_healthy' + ports: + - '8080:8080' + + db: + restart: 'always' + image: postgres:16-alpine + environment: + - POSTGRES_USER=postgres + - POSTGRES_PASSWORD=postgres + networks: + - 'zitadel' + healthcheck: + test: ["CMD-SHELL", "pg_isready", "-d", "db_prod"] + interval: '10s' + timeout: '30s' + retries: 5 + start_period: '20s' + ports: + - '5432:5432' + +networks: + zitadel: \ No newline at end of file