Add services and cleanup volumes

authentik/.env

@@ -17,6 +17,3 @@ AUTHENTIK_POSTGRESQL__HOST=node002.serguzim.net
 AUTHENTIK_POSTGRESQL__USER=authentik
 AUTHENTIK_POSTGRESQL__NAME=authentik
 AUTHENTIK_POSTGRESQL__PASSWORD=
-
-GEOIPUPDATE_EDITION_IDS="GeoLite2-City"
-GEOIPUPDATE_FREQUENCY="8"

authentik/docker-compose.yml

@@ -8,7 +8,6 @@ services:
     volumes:
       - ./media:/media
       - ./custom-templates:/templates
-      - geoip:/geoip
     env_file:
       - .env
       - .secret.env
@@ -31,19 +30,6 @@ services:
       - ./certs:/certs
       - /var/run/docker.sock:/var/run/docker.sock
       - ./custom-templates:/templates
-      - geoip:/geoip
-    env_file:
-      - .env
-      - .secret.env
-    depends_on:
-      - redis
-    networks:
-      local-net:
-
-  geoipupdate:
-    image: "maxmindinc/geoipupdate:latest"
-    volumes:
-      - "geoip:/usr/share/GeoIP"
     env_file:
       - .env
       - .secret.env
@@ -58,9 +44,6 @@ services:
     networks:
       local-net:
 
-volumes:
-  geoip:
-
 networks:
   local-net:
   apps:

caddy/.gitignore

@@ -1 +1,2 @@
 /config/conf-hidden.d/
+/config/conf.d

caddy/Dockerfile

@@ -0,0 +1,8 @@
+FROM caddy:2-builder AS builder
+
+RUN xcaddy build \
+    --with github.com/caddy-dns/acmedns
+
+FROM caddy:2-alpine
+
+COPY --from=builder /usr/bin/caddy /usr/bin/caddy

caddy/config/conf.002.d/matrix.msrg.cc.conf

@@ -3,11 +3,14 @@ matrix.msrg.cc {
 
 	reverse_proxy /_matrix/* synapse:8008
 	reverse_proxy /_synapse/* synapse:8008
-
-	handle_path /admin/* {
-		rewrite * {path}
-		reverse_proxy synapse-admin:80
 }
+
+admin.matrix.msrg.cc {
+	import default
+
+	reverse_proxy /_matrix/* synapse:8008
+	reverse_proxy /_synapse/* synapse:8008
+	reverse_proxy synapse-admin:80
 }
 
 msrg.cc:8008,

caddy/docker-compose.yml

@@ -2,7 +2,9 @@ version: "3.7"
 
 services:
   app:
-    image: caddy:2-alpine
+    build:
+      context: .
+    image: caddy-custom:2-alpine
     restart: always
     ports:
       - "80:80"

gitea/.env

@@ -50,11 +50,11 @@ GITEA__metrics__ENABLED="true"
 GITEA__metrics__TOKEN=""
 
 GITEA__storage__STORAGE_TYPE="minio"
-GITEA__storage__MINIO_ENDPOINT="sos-de-fra-1.exo.io"
+GITEA__storage__MINIO_ENDPOINT="s3.serguzim.me"
 GITEA__storage__MINIO_ACCESS_KEY_ID=""
 GITEA__storage__MINIO_SECRET_ACCESS_KEY=""
-GITEA__storage__MINIO_BUCKET="git.serguzim.me"
+GITEA__storage__MINIO_BUCKET="git"
-GITEA__storage__MINIO_LOCATION="de-fra-1"
+GITEA__storage__MINIO_LOCATION="de-contabo-1"
 GITEA__storage__MINIO_USE_SSL="true"
 
 GITEA__OTHER__SHOW_FOOTER_BRANDING="true"

influxdb/docker-compose.yml

@@ -0,0 +1,20 @@
+version: '3'
+
+services:
+  influxdb:
+    image: influxdb:latest
+    volumes:
+      - ./influxdb.yml:/etc/influxdb2/config.yml
+      - data:/var/lib/influxdb2
+    restart: always
+    networks:
+      apps:
+        aliases:
+          - influxdb
+
+volumes:
+  data:
+
+networks:
+  apps:
+    external: true

influxdb/influxdb.yml

@@ -0,0 +1,55 @@
+assets-path: ""
+bolt-path: /var/lib/influxdb2/influxd.bolt
+e2e-testing: false
+engine-path: /var/lib/influxdb2/engine
+feature-flags: {}
+http-bind-address: :8086
+influxql-max-select-buckets: 0
+influxql-max-select-point: 0
+influxql-max-select-series: 0
+key-name: ""
+log-level: info
+nats-max-payload-bytes: 1048576
+nats-port: 4222
+no-tasks: false
+query-concurrency: 10
+query-initial-memory-bytes: 0
+query-max-memory-bytes: 0
+query-memory-bytes: 9223372036854775807
+query-queue-size: 10
+reporting-disabled: false
+secret-store: bolt
+session-length: 60
+session-renew-disabled: false
+storage-cache-max-memory-size: 1073741824
+storage-cache-snapshot-memory-size: 26214400
+storage-cache-snapshot-write-cold-duration: 10m0s
+storage-compact-full-write-cold-duration: 4h0m0s
+storage-compact-throughput-burst: 50331648
+storage-max-concurrent-compactions: 0
+storage-max-index-log-file-size: 1048576
+storage-retention-check-interval: 30m0s
+storage-series-file-max-concurrent-snapshot-compactions: 0
+storage-series-id-set-cache-size: 0
+storage-shard-precreator-advance-period: 30m0s
+storage-shard-precreator-check-interval: 10m0s
+storage-tsm-use-madv-willneed: false
+storage-validate-keys: false
+storage-wal-fsync-delay: 0s
+store: bolt
+testing-always-allow-setup: false
+tls-cert: ""
+tls-key: ""
+tls-min-version: "1.2"
+tls-strict-ciphers: false
+tracing-type: ""
+vault-addr: ""
+vault-cacert: ""
+vault-capath: ""
+vault-client-cert: ""
+vault-client-key: ""
+vault-client-timeout: 0s
+vault-max-retries: 0
+vault-skip-verify: false
+vault-tls-server-name: ""
+vault-token: ""

monitoring/docker-compose.yml

@@ -9,17 +9,12 @@ services:
     env_file:
       - .env
       - .secret.env
-    volumes:
-      - grafana-data:/var/lib/grafana/
     user: "104"
     networks:
       apps:
         aliases:
           - grafana
 
-volumes:
-  grafana-data:
-
 networks:
   apps:
     external: true

synapse/data/homeserver.yaml

@@ -70,5 +70,3 @@ email:
   #smtp_pass: ""
   require_transport_security: true
   notif_from: "Matrix <matrix@serguzim.me>"
-
-# vim:ft=yaml