commit a2dc0c038bba25efb1b28d32e6e7bba58bce7e58
Author: qpismont <pismont.quentin@protonmail.com>
Date:   Thu Jan 25 20:48:18 2024 +0100

    first commit :)

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..0f18981
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+secrets/
\ No newline at end of file
diff --git a/Caddyfile b/Caddyfile
new file mode 100644
index 0000000..2c0ecd8
--- /dev/null
+++ b/Caddyfile
@@ -0,0 +1,22 @@
+{
+    servers {
+        metrics
+    }
+    admin :2019
+}
+
+qpismont.fr {
+	redir https://www.qpismont.fr 
+}
+
+www.qpismont.fr {
+	reverse_proxy my_cv:80 
+}
+
+gitea.qpismont.fr {
+	reverse_proxy gitea:3000
+}
+
+woodpecker.qpismont.fr {
+	reverse_proxy woodpecker_server:8000
+}
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..7d2208e
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,134 @@
+version: "3"
+
+services:
+  reverse_caddy:
+    image: caddy:2-alpine
+    ports:
+      - "80:80"
+      - "443:443"
+      - "443:443/udp"
+    command: caddy run --config /run/secrets/caddy_config --adapter caddyfile
+    volumes:
+      - reversecaddydata:/data
+      - reversecaddyconfig:/config
+    networks:
+      - reverse
+      - prometheus
+    secrets:
+      - caddy_config
+
+  woodpecker_server:
+    image: woodpeckerci/woodpecker-server:v2.2.2-alpine
+    volumes:
+      - woodpeckerdata:/var/lib/woodpecker/
+    entrypoint: /bin/sh -c "export WOODPECKER_GITEA_CLIENT=$$(cat /run/secrets/woodpecker_gitea_client) && export WOODPECKER_GITEA_SECRET=$$(cat /run/secrets/woodpecker_gitea_secret) && export WOODPECKER_AGENT_SECRET=$$(cat /run/secrets/woodpecker_agent_secret) && /bin/woodpecker-server"
+    environment:
+      WOODPECKER_ADMIN: qpismont
+      WOODPECKER_HOST: https://woodpecker.qpismont.fr
+      WOODPECKER_GITEA: "true"
+      WOODPECKER_GITEA_URL: https://gitea.qpismont.fr
+    networks:
+      - reverse
+    secrets:
+      - woodpecker_agent_secret
+      - woodpecker_gitea_client
+      - woodpecker_gitea_secret
+
+  woodpecker_agent:
+    image: woodpeckerci/woodpecker-agent:v2.2.2-alpine
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    entrypoint: /bin/sh -c "export WOODPECKER_AGENT_SECRET=$$(cat /run/secrets/woodpecker_agent_secret) && /bin/woodpecker-agent"
+    environment:
+      WOODPECKER_SERVER: woodpecker_server:9000
+      WOODPECKER_MAX_WORKFLOWS: 1
+      WOODPECKER_LIMIT_CPU_SET: 1
+    networks:
+      - reverse
+    secrets:
+      - woodpecker_agent_secret
+
+  gitea:
+    image: codeberg.org/forgejo/forgejo:1.21
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+    restart: always
+    volumes:
+      - giteadata:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    networks:
+      - reverse
+
+  my_cv:
+    image: gitea.qpismont.fr/qpismont/portfolio:1.0
+    networks:
+      - reverse
+
+  wireguard_server:
+    image: linuxserver/wireguard
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    environment:
+      PUID: 1000
+      PGID: 1000
+      TZ: Europe/Paris
+      SERVEURURL: wireguard.qpismont.fr
+      SERVERPORT: 51820
+      PEERS: 1
+      PEERDNS: auto
+    volumes:
+      - /home/user/wireguard-config:/config
+      - /lib/modules:/lib/modules
+    ports:
+      - 51820:51820/udp
+    sysctls:
+      - net.ipv4.conf.all.src_valid_mark=1
+    networks:
+      - wireguard
+
+  prometheus:
+    image: prom/prometheus:v2.49.1
+    command: --config.file=/run/secrets/prometheus_config --storage.tsdb.path=/prometheus --web.console.libraries=/usr/share/prometheus/console_libraries --web.console.templates=/usr/share/prometheus/consoles
+    networks:
+      - wireguard
+      - prometheus
+    secrets:
+      - prometheus_config
+
+  cadvisor:
+    image: gcr.io/cadvisor/cadvisor:latest
+    volumes:
+      - /:/rootfs:ro
+      - /var/run:/var/run:rw
+      - /sys:/sys:ro
+      - /var/lib/docker/:/var/lib/docker:ro
+    networks:
+      - prometheus
+
+secrets:
+  woodpecker_agent_secret:
+    file: ./secrets/woodpecker_agent_secret
+  woodpecker_gitea_secret:
+    file: ./secrets/woodpecker_gitea_secret
+  woodpecker_gitea_client:
+    file: ./secrets/woodpecker_gitea_client
+  caddy_config:
+    file: ./Caddyfile
+  prometheus_config:
+    file: ./prometheus.yml
+
+volumes:
+  giteadata:
+  letsencryptcerts:
+  woodpeckerdata:
+  reversecaddyconfig:
+  reversecaddydata:
+    external: true
+
+networks:
+  reverse:
+  wireguard:
+  prometheus:
diff --git a/prometheus.yml b/prometheus.yml
new file mode 100644
index 0000000..4220f5c
--- /dev/null
+++ b/prometheus.yml
@@ -0,0 +1,15 @@
+global:
+  scrape_interval: 10s
+scrape_configs:
+ - job_name: prometheus
+   static_configs:
+    - targets:
+      - prometheus:9090
+ - job_name: reverse_caddy
+   static_configs:
+    - targets:
+      - reverse_caddy:2019
+ - job_name: cadvisor
+   static_configs:
+    - targets:
+      - cadvisor:8080
\ No newline at end of file