From 4008ae35ff1dc616e31699c60c9d3d4da7efd438 Mon Sep 17 00:00:00 2001 From: akanealw Date: Wed, 17 May 2023 06:14:03 -0500 Subject: [PATCH] added config files and compose files --- .env | 26 ++++++++ README.md | 1 - admin/docker-compose.yml | 4 -- configuration.yml | 127 +++++++++++++++++++++++++++++++++++++++ docker-compose.yml | 111 ++++++++++++++++++++++++++++++++++ settings.json | 8 --- 6 files changed, 264 insertions(+), 13 deletions(-) delete mode 100644 README.md create mode 100644 configuration.yml delete mode 100644 settings.json diff --git a/.env b/.env index 87e4784..9d3263c 100755 --- a/.env +++ b/.env @@ -12,3 +12,29 @@ UMASK=000 TZ=America/Chicago ADMIN_USERNAME=akanealw ADMIN_PASSWORD=8ung1e1! + + +#KUTT +PORT=3000 +DEFAULT_DOMAIN=akanealw.com +SITE_NAME=Kutt +DISALLOW_REGISTRATION=true +DISALLOW_ANONYMOUS_LINKS=true +USER_LIMIT_PER_DAY=50 +CUSTOM_DOMAIN_USE_HTTPS=true +JWT_SECRET=%5qCnXx%My^W6tXQCSz4 +ADMIN_EMAILS=akanealw@gmail.com +MAIL_HOST=smtp.gmail.com +MAIL_PORT=587 +MAIL_SECURE=false +MAIL_requireTLS=true +MAIL_USER=akanealw@gmail.com +MAIL_FROM=akanealw@gmail.com +MAIL_PASSWORD=bzslssyiffjqgdwm + +#OWNCLOUD +OWNCLOUD_VERSION=10.11 +OWNCLOUD_DOMAIN=192.168.1.4:8092 +OWNCLOUD_TRUSTED_DOMAINS=192.168.1.4,owncloud.akanealw.com +ADMIN_USERNAME=akanealw +ADMIN_PASSWORD=pknFeqRqFc3RA5N6!rDL \ No newline at end of file diff --git a/README.md b/README.md deleted file mode 100644 index d0683af..0000000 --- a/README.md +++ /dev/null @@ -1 +0,0 @@ -proxyserver diff --git a/admin/docker-compose.yml b/admin/docker-compose.yml index f343247..606d7e0 100644 --- a/admin/docker-compose.yml +++ b/admin/docker-compose.yml @@ -3,7 +3,6 @@ version: '3' services: dozzle: container_name: dozzle - hostname: dozzle image: amir20/dozzle:latest environment: - DOZZLE_ADDR=:1234 @@ -17,10 +16,7 @@ services: portainer: container_name: portainer - hostname: portainer image: portainer/portainer-ce:latest - environment: - - AGENT_SECRET=$ADMIN_PASSWORD networks: - admin ports: diff --git a/configuration.yml b/configuration.yml new file mode 100644 index 0000000..91d6522 --- /dev/null +++ b/configuration.yml @@ -0,0 +1,127 @@ +theme: dark +jwt_secret: 9DGPzQy8SZQ7rV57V3DJnw + +#default_redirection_url: https://akanealw.com + +server: + host: 0.0.0.0 + port: 9091 + path: "" + read_buffer_size: 4096 + write_buffer_size: 4096 + enable_pprof: false + enable_expvars: false + disable_healthcheck: false + tls: + key: "" + certificate: "" + +ntp: + address: "0.debian.pool.ntp.org:123" + version: 3 + max_desync: 3s + disable_startup_check: true + disable_failure: true + +log: + level: info + +totp: + disable: false + issuer: akanealw.com + algorithm: sha1 + digits: 6 + period: 30 + skew: 1 + secret_size: 32 + +authentication_backend: + disable_reset_password: true + refresh_interval: 5m + file: + path: /config/users_database.yml + password: + algorithm: argon2id + iterations: 1 + salt_length: 16 + parallelism: 8 + memory: 64 + +access_control: + default_policy: deny + rules: + # bypass rule + - domain: + - auth.akanealw.com + - bitwarden.akanealw.com + - gitea.akanealw.com + - meshcentral.akanealw.com + - nextcloud.akanealw.com + - office.akanealw.com + - owncloud.akanealw.com + - overseerr.akanealw.com + - plex.akanealw.com + policy: bypass + + # two_factor rule + - domain: + - akanealw.com + - bazarr.akanealw.com + - codeserver.akanealw.com + - freshrss.akanealw.com + - jackett.akanealw.com + - jdownloader.akanealw.com + - kavita.akanealw.com + - lidarr.akanealw.com + - metube.akanealw.com + - monitorr.akanealw.com + - mstream.akanealw.com + - nzbhydra.akanealw.com + - organizr.akanealw.com + - portainer.akanealw.com + - prowlarr.akanealw.com + - qbittorrent.akanealw.com + - radarr.akanealw.com + - sabnzbd.akanealw.com + - spdf.akanealw.com + - sonarr.akanealw.com + - webnut.akanealw.com + - webtop.akanealw.com + - www.akanealw.com + policy: two_factor + +session: + name: authelia_session + domain: akanealw.com + same_site: lax + secret: 8r9y4d8mY7NfQtpCe2oU + expiration: 6h + inactivity: 5m + remember_me_duration: 1w + +regulation: + max_retries: 3 + find_time: 10m + ban_time: 12h + +storage: + local: + path: /config/db.sqlite3 + encryption_key: iiB7C8Bn4A2gAhzs2fWaggUug76PZ4LU + +notifier: + disable_startup_check: true + smtp: + username: akanealw@gmail.com + password: qlvmffuzpscltdgz + host: smtp.gmail.com + port: 587 + sender: akanealw@gmail.com + identifier: dockerserver + subject: "[Authelia] {title}" + startup_check_address: akanealw@gmail.com + disable_require_tls: false + disable_html_emails: false + tls: + skip_verify: false + minimum_version: TLS1.2 diff --git a/docker-compose.yml b/docker-compose.yml index 760b2e8..9d0d950 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,117 @@ version: '3' services: + authelia: + container_name: authelia + image: authelia/authelia + environment: + - TZ=${TZ} + ports: + - 9091:9091 + restart: always + volumes: + - ./appdata/authelia/config:/config + + bitwarden: + container_name: bitwarden + image: vaultwarden/server:latest + environment: + - TZ=${TZ} + - ADMIN_TOKEN=h/oRssGu83I1E1WQGiSchYMAJnM0JcDXmjeI/A3QgMCasn/IK9zZldH5FXim0rSi + - DATABASE_URL=data/db.sqlite3 + - DISABLE_ADMIN_TOKEN=false + - DOMAIN=https://bitwarden.akanealw.com + - ENABLE_DB_WAL=true + - INVITATIONS_ALLOWED=false + - SHOW_PASSWORD_HINT=false + - SIGNUPS_ALLOWED=false + - SIGNUPS_VERIFY=false + - SMTP_PORT=587 + - SMTP_SSL=true + ports: + - 8089:80/tcp + restart: always + volumes: + - ./appdata/vaultwarden:/data + - /etc/localtime:/etc/localtime:ro + + nginxproxymanager: + container_name: nginxproxymanager + image: jc21/nginx-proxy-manager:2.9.22 + environment: + - X_FRAME_OPTIONS=sameorigin + - DB_SQLITE_FILE=/data/database.sqlite + ports: + - 443:443/tcp + - 80:80/tcp + - 81:81/tcp + restart: always + volumes: + - ./appdata/nginxproxymanager/data:/data + - ./appdata/nginxproxymanager/letsencrypt:/etc/letsencrypt + - ./appdata/nginxproxymanager/snippets:/snippets:ro + - /etc/localtime:/etc/localtime:ro + + owncloud: + container_name: owncloud + image: owncloud/server:${OWNCLOUD_VERSION} + environment: + - OWNCLOUD_DOMAIN=${OWNCLOUD_DOMAIN} + - OWNCLOUD_TRUSTED_DOMAINS=${OWNCLOUD_TRUSTED_DOMAINS} + - OWNCLOUD_DB_TYPE=mysql + - OWNCLOUD_DB_NAME=owncloud + - OWNCLOUD_DB_USERNAME=owncloud + - OWNCLOUD_DB_PASSWORD=owncloud + - OWNCLOUD_DB_HOST=owncloud-mariadb + - OWNCLOUD_ADMIN_USERNAME=${ADMIN_USERNAME} + - OWNCLOUD_ADMIN_PASSWORD=${ADMIN_PASSWORD} + - OWNCLOUD_MYSQL_UTF8MB4=true + - OWNCLOUD_REDIS_ENABLED=true + - OWNCLOUD_REDIS_HOST=owncloud-redis + healthcheck: + test: ["CMD", "/usr/bin/healthcheck"] + interval: 30s + timeout: 10s + retries: 5 + depends_on: + - owncloud-mariadb + - owncloud-redis + ports: + - 8092:8080 + restart: unless-stopped + volumes: + - ./appdata/owncloud/files:/mnt/data + + owncloud-mariadb: + container_name: owncloud-mariadb + image: mariadb:10.6 + environment: + - MYSQL_ROOT_PASSWORD=owncloud + - MYSQL_USER=owncloud + - MYSQL_PASSWORD=owncloud + - MYSQL_DATABASE=owncloud + command: ["--max-allowed-packet=128M", "--innodb-log-file-size=64M"] + healthcheck: + test: ["CMD", "mysqladmin", "ping", "-u", "root", "--password=owncloud"] + interval: 10s + timeout: 5s + retries: 5 + restart: unless-stopped + volumes: + - ./appdata/owncloud-mariadb/mysql:/var/lib/mysql + + owncloud-redis: + image: redis:6 + container_name: owncloud-redis + command: ["--databases", "1"] + healthcheck: + test: ["CMD", "redis-cli", "ping"] + interval: 10s + timeout: 5s + retries: 5 + restart: unless-stopped + volumes: + - ./appdata/owncloud-redis:/data networks: default: diff --git a/settings.json b/settings.json deleted file mode 100644 index 6e84983..0000000 --- a/settings.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "port": 80, - "address": "", - "log": "stdout", - "database": "/filebrowser.db", - "root": "/srv", - "noauth": true -}