add override dir

2025-04-22 23:26:13 +02:00 · 2025-04-22 23:26:13 +02:00 · 1044a2143d
commit 1044a2143d
parent 4fd6bfddd6
10 changed files with 291 additions and 0 deletions
--- a/override/core.example.env
+++ b/override/core.example.env
@ -0,0 +1,21 @@
+# General
+DOMAIN=
+ADMINER_VERSION=
+MARIADB_VERSION=
+POSTGRES_VERSION=
+TRAEFIK_VERSION=
+
+# MariaDB
+MARIADB_ROOT_PASSWORD=
+MARIADB_USER=
+MARIADB_PASSWORD=
+
+# Postgres
+POSTGRES_PASSWORD=
+POSTGRES_USER=
+
+# Traefik
+TRAEFIK_USERNAME=
+TRAEFIK_PASSWORD=
+TRAEFIK_EMAIL=
+TRAEFIK_HASHED_PASSWORD=
--- a/override/drupal.example.env
+++ b/override/drupal.example.env
@ -0,0 +1,9 @@
+DOMAIN=
+DRUPAL_DB_HOST=postgres
+DRUPAL_DB_NAME=
+DRUPAL_DB_PASSWORD=
+DRUPAL_DB_PORT=
+DRUPAL_DB_USER=
+DRUPAL_VERSION=
+OS_VERSION=
+PHP_VERSION=
--- a/override/gitlab.example.env
+++ b/override/gitlab.example.env
@ -0,0 +1 @@
+GITLAB_DOMAIN=
--- a/override/hedgedoc.example.env
+++ b/override/hedgedoc.example.env
@ -0,0 +1,8 @@
+HEDGEDOC_DOMAIN=
+HEDGEDOC_DB_USER=
+HEDGEDOC_DB_PASSWORD=
+HEDGEDOC_DB_NAME=
+HEDGEDOC_DB_HOST=
+HEDGEDOC_DB_PORT=
+HEDGEDOC_USERNAME=
+HEDGEDOC_USER_PASSWORD=
--- a/override/mailcow.docker-compose.override.yml
+++ b/override/mailcow.docker-compose.override.yml
@ -0,0 +1,47 @@
+services:
+  nginx-mailcow:
+    networks:
+      traefik:
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.moo.rule=Host(`${MAILCOW_HOSTNAME}`)
+      - traefik.http.routers.moo.tls=true
+      - traefik.http.routers.moo.tls.certresolver=le
+      - traefik.http.routers.moo.entrypoints=websecure
+      - traefik.http.services.moo.loadbalancer.server.port=8080
+      - traefik.docker.network=traefik
+
+  certdumper:
+      image: ghcr.io/kereis/traefik-certs-dumper
+      command: --restart-containers ${COMPOSE_PROJECT_NAME}-postfix-mailcow-1,${COMPOSE_PROJECT_NAME}-nginx-mailcow-1,${COMPOSE_PROJECT_NAME}-dovecot-mailcow-1
+      network_mode: none
+      volumes:
+        # Binden Sie das Volume, das Traefiks `acme.json' Datei enthält, ein
+        - server-certificates:/traefik:ro
+        # SSL-Ordner von mailcow einhängen
+        - ./data/assets/ssl/:/output:rw
+        # Binden Sie den Docker Socket ein, damit traefik-certs-dumper die Container neu starten kann
+        - /var/run/docker.sock:/var/run/docker.sock:ro
+      restart: unless-stopped
+      environment:
+        # Ändern Sie dies nur, wenn Sie eine andere Domain für mailcows Web-Frontend verwenden als in der Standard-Konfiguration
+        - DOMAIN=${MAILCOW_HOSTNAME}
+
+  rspamd-mailcow:
+    environment:
+      - MASTER=${MASTER:-y}
+    labels:
+      ofelia.enabled: "true"
+      ofelia.job-exec.rspamd_dmarc_reporting_yesterday.schedule: "@every 24h"
+      ofelia.job-exec.rspamd_dmarc_reporting_yesterday.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/bin/rspamadm dmarc_report $(date --date yesterday '+%Y%m%d') > /var/lib/rspamd/dmarc_reports_last_log 2>&1 || exit 0\""
+  ofelia-mailcow:
+    depends_on:
+      - rspamd-mailcow
+
+networks:
+  traefik:
+    external: true
+
+volumes:
+  server-certificates:
+    external: true
--- a/override/nextcloud.example.env
+++ b/override/nextcloud.example.env
@ -0,0 +1,10 @@
+# Nextcloud
+NEXTCLOUD_DOMAIN=
+NEXTCLOUD_ADMIN_PASSWORD=
+NEXTCLOUD_ADMIN_USER=
+NEXTCLOUD_DB_HOST=
+NEXTCLOUD_DB_NAME=
+NEXTCLOUD_DB_PASSWORD=
+NEXTCLOUD_DB_USER=
+NEXTCLOUD_TRUSTED_DOMAINS=
+ONLYOFFICE_JWT_SECRET=
--- a/override/onlyoffice.docker-compose.override.yml
+++ b/override/onlyoffice.docker-compose.override.yml
@ -0,0 +1,50 @@
+services:
+  onlyoffice-documentserver:
+    build:
+      context: .
+    container_name: onlyoffice-documentserver
+    depends_on:
+      - onlyoffice-rabbitmq
+    environment:
+      - DB_TYPE=${ONLYOFFICE_DB_TYPE}
+      - DB_HOST=${ONLYOFFICE_DB_HOST}
+      - DB_PORT=${ONLYOFFICE_DB_PORT}
+      - DB_NAME=${ONLYOFFICE_DB_NAME}
+      - DB_USER=${ONLYOFFICE_DB_USER}
+      - DB_PWD=${ONLYOFFICE_DB_PASSWORD}
+      - AMQP_URI=amqp://guest:guest@onlyoffice-rabbitmq
+      # Uncomment strings below to enable the JSON Web Token validation.
+      - JWT_ENABLED=true
+      - JWT_SECRET=${ONLYOFFICE_JWT_SECRET}
+      - JWT_HEADER=Authorization
+      - JWT_IN_BODY=true
+    stdin_open: true
+    stop_grace_period: 60s
+    volumes:
+      - ./app/data:/var/www/onlyoffice/Data
+      - ./app/log:/var/log/onlyoffice
+      - ./app/cache:/var/lib/onlyoffice/documentserver/App_Data/cache/files
+      - ./app/files:/var/www/onlyoffice/documentserver-example/public/files
+      - ./app/fonts:/usr/share/fonts
+    networks:
+      - database
+      - nextcloud
+      - onlyoffice
+    restart: unless-stopped
+
+  onlyoffice-rabbitmq:
+    container_name: onlyoffice-rabbitmq
+    image: rabbitmq
+    restart: unless-stopped
+    expose:
+      - '5672'
+    networks:
+      - onlyoffice
+
+networks:
+  database:
+    external: true
+  nextcloud:
+    external: true
+  onlyoffice:
+    name: onlyoffice
--- a/override/onlyoffice.example.env
+++ b/override/onlyoffice.example.env
@ -0,0 +1,8 @@
+ONLYOFFICE_JWT_SECRET=
+ONLYOFFICE_DB_HOST=postgres
+ONLYOFFICE_DB_NAME=
+ONLYOFFICE_DB_PASSWORD=
+ONLYOFFICE_DB_PORT=5432
+ONLYOFFICE_DB_TYPE=postgres
+ONLYOFFICE_DB_USER=
+
--- a/override/openproject.docker-compose.override.yml
+++ b/override/openproject.docker-compose.override.yml
@ -0,0 +1,117 @@
+networks:
+  database:
+    external: true
+  frontend:
+  backend:
+  traefik:
+    external: true
+volumes:
+  opdata:
+
+x-op-restart-policy: &restart_policy
+  restart: unless-stopped
+x-op-image: &image
+  image: openproject/openproject:${OPENPROJECT_TAG:-15-slim}
+x-op-app: &app
+  <<: [*image, *restart_policy]
+  environment:
+    OPENPROJECT_HTTPS: "${OPENPROJECT_HTTPS:-true}"
+    OPENPROJECT_HOST__NAME: "${OPENPROJECT_HOST__NAME:-localhost:8080}"
+    OPENPROJECT_HSTS: "${OPENPROJECT_HSTS:-true}"
+    RAILS_CACHE_STORE: "memcache"
+    OPENPROJECT_CACHE__MEMCACHE__SERVER: "cache:11211"
+    OPENPROJECT_RAILS__RELATIVE__URL__ROOT: "${OPENPROJECT_RAILS__RELATIVE__URL__ROOT:-}"
+    DATABASE_URL: "postgres://${OPENPROJECT_DB_USER:-openproject}:${OPENPROJECT_DB_PASSWORD:-openproject}@postgres/openproject?pool=20&encoding=unicode&reconnect=true"
+    RAILS_MIN_THREADS: ${OPENPROJECT_RAILS_MIN_THREADS:-4}
+    RAILS_MAX_THREADS: ${OPENPROJECT_RAILS_MAX_THREADS:-16}
+    # set to true to enable the email receiving feature. See ./docker/cron for more options
+    IMAP_ENABLED: "${OPENPROJECT_IMAP_ENABLED:-false}"
+  volumes:
+    - "${OPENPROJECT_OPDATA:-opdata}:/var/openproject/assets"
+
+services:
+  cache:
+    image: memcached
+    networks:
+      - backend
+      - database
+    restart: unless-stopped
+
+  proxy:
+    build:
+      context: ./proxy
+      args:
+        APP_HOST: web
+    image: openproject/proxy
+    depends_on:
+      - web
+    labels:
+      - traefik.enable=true
+      - traefik.docker.network=traefik
+      - traefik.http.routers.openproject.entrypoints=web,websecure
+      - traefik.http.routers.openproject.middlewares=https-redirect
+      - traefik.http.routers.openproject.tls=true
+      - traefik.http.routers.openproject.tls.certresolver=le
+      - traefik.http.routers.openproject.rule=Host(`${OPENPROJECT_DOMAIN}`)
+      - traefik.http.services.openproject.loadbalancer.server.port=80
+    networks:
+      - traefik
+      - frontend
+    restart: unless-stopped
+
+  web:
+    <<: *app
+    command: "./docker/prod/web"
+    networks:
+      - database
+      - frontend
+      - backend
+    depends_on:
+      - cache
+      - seeder
+    labels:
+      - autoheal=true
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8080${OPENPROJECT_RAILS__RELATIVE__URL__ROOT:-}/health_checks/default"]
+      interval: 10s
+      timeout: 3s
+      retries: 3
+      start_period: 30s
+
+  autoheal:
+    image: willfarrell/autoheal:1.2.0
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock"
+    environment:
+      AUTOHEAL_CONTAINER_LABEL: autoheal
+      AUTOHEAL_START_PERIOD: 600
+      AUTOHEAL_INTERVAL: 30
+
+  worker:
+    <<: *app
+    command: "./docker/prod/worker"
+    networks:
+      - backend
+      - database
+    depends_on:
+      - cache
+      - seeder
+
+  cron:
+    <<: *app
+    command: "./docker/prod/cron"
+    networks:
+      - backend
+      - database
+    depends_on:
+      - cache
+      - seeder
+
+  seeder:
+    <<: *app
+    command: "./docker/prod/seeder"
+    restart: on-failure
+    networks:
+      - backend
+      - database
+
--- a/override/openproject.example.env
+++ b/override/openproject.example.env
@ -0,0 +1,20 @@
+##
+# All environment variables defined here will only apply if you pass them
+# to the OpenProject container in docker-compose.yml under x-op-app -> environment.
+# For the examples here this is already the case.
+#
+# Please refer to our documentation to see all possible variables:
+#   https://www.openproject.org/docs/installation-and-operations/configuration/environment/
+#
+OPENPROJECT_DOMAIN=
+OPENPROJECT_TAG=
+OPENPROJECT_HTTPS=
+OPENPROJECT_HOST__NAME=
+OPENPROJECT_PORT=
+OPENPROJECT_IMAP_ENABLED=
+OPENPROJECT_DB_USER=
+OPENPROJECT_DB_PASSWORD=
+OPENPROJECT_DB_NAME=
+OPENPROJECT_RAILS_MIN_THREADS=
+OPENPROJECT_RAILS_MAX_THREADS=
+OPENPROJECT_OPDATA=