infra/docker-compose.yml

version: "3"

services:
  reverse_caddy:
    image: caddy:2-alpine
    ports:
      - "80:80"
      - "443:443"
      - "443:443/udp"
    configs:
      - source: caddy_config
        target: /etc/caddy/Caddyfile
    volumes:
      - reversecaddydata:/data
      - reversecaddyconfig:/config
    networks:
      - reverse
      - prometheus

  woodpecker_server:
    image: woodpeckerci/woodpecker-server:v2.4.1-alpine
    volumes:
      - woodpeckerdata:/var/lib/woodpecker/
    entrypoint: /bin/sh -c "export WOODPECKER_GITEA_CLIENT=$$(cat /run/secrets/woodpecker_gitea_client) && export WOODPECKER_GITEA_SECRET=$$(cat /run/secrets/woodpecker_gitea_secret) && export WOODPECKER_AGENT_SECRET=$$(cat /run/secrets/woodpecker_agent_secret) && /bin/woodpecker-server"
    environment:
      WOODPECKER_ADMIN: qpismont
      WOODPECKER_HOST: https://woodpecker.qpismont.fr
      WOODPECKER_GITEA: "true"
      WOODPECKER_GITEA_URL: https://gitea.qpismont.fr
    networks:
      - reverse
    secrets:
      - woodpecker_agent_secret
      - woodpecker_gitea_client
      - woodpecker_gitea_secret

  woodpecker_agent:
    image: woodpeckerci/woodpecker-agent:v2.4.1-alpine
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    entrypoint: /bin/sh -c "export WOODPECKER_AGENT_SECRET=$$(cat /run/secrets/woodpecker_agent_secret) && /bin/woodpecker-agent"
    environment:
      WOODPECKER_SERVER: woodpecker_server:9000
      WOODPECKER_MAX_WORKFLOWS: 1
      WOODPECKER_LIMIT_CPU_SET: 1
    networks:
      - reverse
    secrets:
      - woodpecker_agent_secret

  gitea:
    image: codeberg.org/forgejo/forgejo:1.21
    environment:
      - USER_UID=1000
      - USER_GID=1000
    restart: always
    volumes:
      - giteadata:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    networks:
      - reverse

  my_cv:
    image: gitea.qpismont.fr/qpismont/portfolio:1.0
    networks:
      - reverse

  wireguard_server:
    image: linuxserver/wireguard
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      PUID: 1000
      PGID: 1000
      TZ: Europe/Paris
      SERVEURURL: wireguard.qpismont.fr
      SERVERPORT: 51820
      PEERS: 1
      PEERDNS: auto
    volumes:
      - /home/user/wireguard-config:/config
      - /lib/modules:/lib/modules
    ports:
      - 51820:51820/udp
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    networks:
      - wireguard

  prometheus:
    image: prom/prometheus:v2.51.2
    configs:
      - source: prometheus_config
        target: /etc/prometheus/prometheus.yml
    networks:
      - wireguard
      - prometheus

  cadvisor:
    image: gcr.io/cadvisor/cadvisor:latest
    volumes:
      - /:/rootfs:ro
      - /var/run:/var/run:rw
      - /sys:/sys:ro
      - /var/lib/docker/:/var/lib/docker:ro
    networks:
      - prometheus

secrets:
  woodpecker_agent_secret:
    file: ./secrets/woodpecker_agent_secret
  woodpecker_gitea_secret:
    file: ./secrets/woodpecker_gitea_secret
  woodpecker_gitea_client:
    file: ./secrets/woodpecker_gitea_client

configs:
  caddy_config:
    file: ./Caddyfile
  prometheus_config:
    file: ./prometheus.yml

volumes:
  giteadata:
  letsencryptcerts:
  woodpeckerdata:
  reversecaddyconfig:
  reversecaddydata:
    external: true

networks:
  reverse:
  wireguard:
  prometheus:
first commit :) 2024-01-25 20:48:18 +01:00			`version: "3"`

			`services:`
			`reverse_caddy:`
			`image: caddy:2-alpine`
			`ports:`
			`- "80:80"`
			`- "443:443"`
			`- "443:443/udp"`
switch secret to config + update service + adding deploy script 2024-04-10 20:36:54 +02:00			`configs:`
			`- source: caddy_config`
			`target: /etc/caddy/Caddyfile`
first commit :) 2024-01-25 20:48:18 +01:00			`volumes:`
			`- reversecaddydata:/data`
			`- reversecaddyconfig:/config`
			`networks:`
			`- reverse`
			`- prometheus`

			`woodpecker_server:`
switch secret to config + update service + adding deploy script 2024-04-10 20:36:54 +02:00			`image: woodpeckerci/woodpecker-server:v2.4.1-alpine`
first commit :) 2024-01-25 20:48:18 +01:00			`volumes:`
			`- woodpeckerdata:/var/lib/woodpecker/`
			`entrypoint: /bin/sh -c "export WOODPECKER_GITEA_CLIENT=$$(cat /run/secrets/woodpecker_gitea_client) && export WOODPECKER_GITEA_SECRET=$$(cat /run/secrets/woodpecker_gitea_secret) && export WOODPECKER_AGENT_SECRET=$$(cat /run/secrets/woodpecker_agent_secret) && /bin/woodpecker-server"`
			`environment:`
			`WOODPECKER_ADMIN: qpismont`
			`WOODPECKER_HOST: https://woodpecker.qpismont.fr`
			`WOODPECKER_GITEA: "true"`
			`WOODPECKER_GITEA_URL: https://gitea.qpismont.fr`
			`networks:`
			`- reverse`
			`secrets:`
			`- woodpecker_agent_secret`
			`- woodpecker_gitea_client`
			`- woodpecker_gitea_secret`

			`woodpecker_agent:`
switch secret to config + update service + adding deploy script 2024-04-10 20:36:54 +02:00			`image: woodpeckerci/woodpecker-agent:v2.4.1-alpine`
first commit :) 2024-01-25 20:48:18 +01:00			`volumes:`
			`- /var/run/docker.sock:/var/run/docker.sock`
			`entrypoint: /bin/sh -c "export WOODPECKER_AGENT_SECRET=$$(cat /run/secrets/woodpecker_agent_secret) && /bin/woodpecker-agent"`
			`environment:`
			`WOODPECKER_SERVER: woodpecker_server:9000`
			`WOODPECKER_MAX_WORKFLOWS: 1`
			`WOODPECKER_LIMIT_CPU_SET: 1`
			`networks:`
			`- reverse`
			`secrets:`
			`- woodpecker_agent_secret`

			`gitea:`
			`image: codeberg.org/forgejo/forgejo:1.21`
			`environment:`
			`- USER_UID=1000`
			`- USER_GID=1000`
			`restart: always`
			`volumes:`
			`- giteadata:/data`
			`- /etc/timezone:/etc/timezone:ro`
			`- /etc/localtime:/etc/localtime:ro`
			`networks:`
			`- reverse`

			`my_cv:`
			`image: gitea.qpismont.fr/qpismont/portfolio:1.0`
			`networks:`
			`- reverse`

			`wireguard_server:`
			`image: linuxserver/wireguard`
			`cap_add:`
			`- NET_ADMIN`
			`- SYS_MODULE`
			`environment:`
			`PUID: 1000`
			`PGID: 1000`
			`TZ: Europe/Paris`
			`SERVEURURL: wireguard.qpismont.fr`
			`SERVERPORT: 51820`
			`PEERS: 1`
			`PEERDNS: auto`
			`volumes:`
			`- /home/user/wireguard-config:/config`
			`- /lib/modules:/lib/modules`
			`ports:`
			`- 51820:51820/udp`
			`sysctls:`
			`- net.ipv4.conf.all.src_valid_mark=1`
			`networks:`
			`- wireguard`

			`prometheus:`
switch secret to config + update service + adding deploy script 2024-04-10 20:36:54 +02:00			`image: prom/prometheus:v2.51.2`
			`configs:`
			`- source: prometheus_config`
			`target: /etc/prometheus/prometheus.yml`
first commit :) 2024-01-25 20:48:18 +01:00			`networks:`
			`- wireguard`
			`- prometheus`

			`cadvisor:`
			`image: gcr.io/cadvisor/cadvisor:latest`
			`volumes:`
			`- /:/rootfs:ro`
			`- /var/run:/var/run:rw`
			`- /sys:/sys:ro`
			`- /var/lib/docker/:/var/lib/docker:ro`
			`networks:`
			`- prometheus`

			`secrets:`
			`woodpecker_agent_secret:`
			`file: ./secrets/woodpecker_agent_secret`
			`woodpecker_gitea_secret:`
			`file: ./secrets/woodpecker_gitea_secret`
			`woodpecker_gitea_client:`
			`file: ./secrets/woodpecker_gitea_client`
switch secret to config + update service + adding deploy script 2024-04-10 20:36:54 +02:00
			`configs:`
first commit :) 2024-01-25 20:48:18 +01:00			`caddy_config:`
			`file: ./Caddyfile`
			`prometheus_config:`
			`file: ./prometheus.yml`

			`volumes:`
			`giteadata:`
			`letsencryptcerts:`
			`woodpeckerdata:`
			`reversecaddyconfig:`
			`reversecaddydata:`
			`external: true`

			`networks:`
			`reverse:`
			`wireguard:`
			`prometheus:`