librewolf
/
bunkerized-nginx
mirror of https://github.com/bunkerity/bunkerized-nginx
4
0
Fork 1
Code Issues Projects Releases Wiki Activity

end examples refactoring

This commit is contained in:
bunkerity 2023-03-17 12:00:17 +01:00
parent 5845446b9f
commit a02218bc83
13 changed files with 139 additions and 154 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
examples/redmine/autoconf.yml
View File

@ -5,7 +5,7 @@ services:
image: redmine:5.0.4-alpine
restart: always
volumes:
- ./redmine-data:/usr/src/redmine/files
- redmine-data:/usr/src/redmine/files
networks:
bw-services:
aliases:
@ -21,7 +21,23 @@ services:
- bunkerweb.REVERSE_PROXY_URL=/
- bunkerweb.REVERSE_PROXY_HOST=http://myredmine:3000
# For the database, you can refer to the autoconf example including a database
mydb:
image: mysql
volumes:
- db-data:/var/lib/mysql
networks:
bw-services:
aliases:
- mydb
environment:
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
- MYSQL_DATABASE=redminedb
- MYSQL_USER=user
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match REDMINE_DB_PASSWORD)
volumes:
redmine-data:
db-data:
networks:
bw-services:

32
examples/redmine/docker-compose.yml
View File

@ -1,22 +1,11 @@
version: "3"
x-bunkerweb-env: &bunkerweb-env
DATABASE_URI: "mariadb+pymysql://${REDMINE_USER:-user}:${REDMINE_PASSWORD:-secret}@mydb:3306/${BUNKERWEB_DATABASE:-bunkerweb}"
services:
mybunker:
image: bunkerity/bunkerweb:1.5.0
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
- SERVER_NAME=www.example.com # replace with your domain
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
@ -39,27 +28,27 @@ services:
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
myredmine:
image: redmine:5.0.4-alpine
restart: always
volumes:
- ./redmine-data:/usr/src/redmine/files
- redmine-data:/usr/src/redmine/files
environment:
- REDMINE_DB_MYSQL=mydb
- REDMINE_DB_DATABASE=${REDMINE_DATABASE:-redminedb}
@ -69,18 +58,21 @@ services:
- bw-services
mydb:
image: mariadb:10.10
image: mysql
volumes:
- db-data:/var/lib/mysql
environment:
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
entrypoint: sh -c "echo 'DROP USER IF EXISTS \"${REDMINE_USER:-user}\"; CREATE USER \"${REDMINE_USER:-user}\"@\"%\"; CREATE DATABASE IF NOT EXISTS ${REDMINE_DATABASE:-redminedb}; CREATE DATABASE IF NOT EXISTS ${BUNKERWEB_DATABASE:-bunkerweb}; GRANT ALL PRIVILEGES ON ${REDMINE_DATABASE:-redminedb}.* TO \"${REDMINE_USER:-user}\"@\"%\" IDENTIFIED BY \"${REDMINE_PASSWORD:-secret}\"; GRANT ALL PRIVILEGES ON ${BUNKERWEB_DATABASE:-bunkerweb}.* TO \"${REDMINE_USER:-user}\"@\"%\" IDENTIFIED BY \"${REDMINE_PASSWORD:-secret}\"; FLUSH PRIVILEGES;' > /docker-entrypoint-initdb.d/init.sql; /usr/local/bin/docker-entrypoint.sh --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci"
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
- MYSQL_DATABASE=redminedb
- MYSQL_USER=user
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match REDMINE_DB_PASSWORD)
networks:
- bw-universe
- bw-services
volumes:
bw-data:
redmine-data:
db-data:
networks:
@ -90,4 +82,4 @@ networks:
config:
- subnet: 10.20.30.0/24
bw-services:
net-docker:
bw-docker:

22
examples/redmine/swarm.yml
View File

@ -5,7 +5,7 @@ services:
image: redmine
restart: always
volumes:
- redmine_data:/usr/src/redmine/files
- redmine-data:/usr/src/redmine/files
networks:
- bw-services
environment:
@ -23,7 +23,21 @@ services:
- bunkerweb.REVERSE_PROXY_URL=/
- bunkerweb.REVERSE_PROXY_HOST=http://myredmine:3000
# For the database, you can refer to the swarm example including a database
mydb:
image: mysql
volumes:
- db-data:/var/lib/mysql
networks:
- bw-services
environment:
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
- MYSQL_DATABASE=redminedb
- MYSQL_USER=user
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match REDMINE_DB_PASSWORD)
deploy:
placement:
constraints:
- "node.role==worker"
networks:
bw-services:
@ -31,5 +45,5 @@ networks:
name: bw-services
volumes:
redmine_data:
db_data:
redmine-data:
db-data:

28
examples/reverse-proxy-multisite/docker-compose.yml
View File

@ -6,14 +6,6 @@ services:
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
- MULTISITE=yes
- SERVER_NAME=app1.example.com app2.example.com # replace with your domains
@ -32,49 +24,47 @@ services:
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
networks:
- bw-universe
- net-app1
- net-app2
- bw-services
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.0
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
app1:
image: tutum/hello-world
networks:
- net-app1
- bw-services
app2:
image: tutum/hello-world
networks:
- net-app2
- bw-services
volumes:
bw-data:
networks:
bw-services:
bw-universe:
ipam:
driver: default
config:
- subnet: 10.20.30.0/24
net-docker:
net-app1:
net-app2:
bw-docker:

18
examples/reverse-proxy-singlesite/docker-compose.yml
View File

@ -6,14 +6,6 @@ services:
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
- SERVER_NAME=www.example.com # replace with your domain
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
@ -44,21 +36,21 @@ services:
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
app1:
image: tutum/hello-world
@ -80,4 +72,4 @@ networks:
config:
- subnet: 10.20.30.0/24
bw-services:
net-docker:
bw-docker:

18
examples/reverse-proxy-websocket/docker-compose.yml
View File

@ -6,14 +6,6 @@ services:
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
- SERVER_NAME=www.example.com # replace with your domain
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
@ -37,21 +29,21 @@ services:
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
myws:
image: ksdn117/web-socket-test
@ -68,4 +60,4 @@ networks:
config:
- subnet: 10.20.30.0/24
bw-services:
net-docker:
bw-docker:

18
examples/syslog/docker-compose.yml
View File

@ -12,14 +12,6 @@ services:
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
- SERVER_NAME=www.example.com # replace with your domain
- API_WHITELIST_IP=127.0.0.0/8 10.10.10.0/24
@ -45,21 +37,21 @@ services:
- mybunker
- mysyslog
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
networks:
- bw-services
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
mysyslog:
image: balabit/syslog-ng:3.38.1
@ -85,4 +77,4 @@ networks:
driver: default
config:
- subnet: 10.10.10.0/24
net-docker:
bw-docker:

18
examples/tomcat/docker-compose.yml
View File

@ -6,14 +6,6 @@ services:
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
- SERVER_NAME=www.example.com # replace with your domain
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
@ -35,21 +27,21 @@ services:
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
mytomcat:
image: tomcat:10.1.2
@ -68,4 +60,4 @@ networks:
config:
- subnet: 10.20.30.0/24
bw-services:
net-docker:
bw-docker:

18
examples/tor-hidden-service/docker-compose.yml
View File

@ -13,14 +13,6 @@ services:
mybunker:
image: bunkerity/bunkerweb:1.5.0
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
# disable common security measures based on IP
@ -46,21 +38,21 @@ services:
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
myapp:
image: tutum/hello-world
@ -77,4 +69,4 @@ networks:
config:
- subnet: 10.20.30.0/24
bw-services:
net-docker:
bw-docker:

24
examples/web-ui/docker-compose.yml
View File

@ -6,14 +6,6 @@ services:
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
- SERVER_NAME=www.example.com # replace with your domain
- MULTISITE=yes
@ -44,36 +36,36 @@ services:
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
bw-ui:
image: bunkerity/bunkerweb-ui:1.5.0
depends_on:
- docker-proxy
- bw-docker-proxy
environment:
- ABSOLUTE_URI=https://www.example.com/changeme/ # replace with another url
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
- ADMIN_USERNAME=admin
- ADMIN_PASSWORD=changeme # replace with a stronger password
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
volumes:
bw-data:
@ -86,4 +78,4 @@ networks:
config:
- subnet: 10.20.30.0/24
bw-services:
net-docker:
bw-docker:

21
examples/wordpress/autoconf.yml
View File

@ -4,7 +4,7 @@ services:
mywp:
image: wordpress:6.1.1-apache
volumes:
- ./wp-data:/var/www/html
- wp-data:/var/www/html
networks:
bw-services:
aliases:
@ -31,7 +31,24 @@ services:
t:none,\
setvar:tx.crs_exclusions_wordpress=1"
# For the database, you can refer to the autoconf integration example including a database
mydb:
image: mariadb
volumes:
- db-data:/var/lib/mysql
networks:
bw-services:
aliases:
- mydb
environment:
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
- MYSQL_DATABASE=wp
- MYSQL_USER=user
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match WORDPRESS_DB_PASSWORD)
volumes:
bw-data:
db-data:
networks:
bw-services:

34
examples/wordpress/docker-compose.yml
View File

@ -1,23 +1,12 @@
version: "3"
x-bunkerweb-env: &bunkerweb-env
DATABASE_URI: "mariadb+pymysql://${WORDPRESS_USER:-user}:${WORDPRESS_PASSWORD:-secret}@mydb:3306/${BUNKERWEB_DATABASE:-bunkerweb}"
services:
mybunker:
image: bunkerity/bunkerweb:1.5.0
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
volumes:
- bw-data:/data
environment:
<<: *bunkerweb-env
SERVER_NAME: "www.example.com" # replace with your domain
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
AUTO_LETS_ENCRYPT: "yes"
@ -40,27 +29,26 @@ services:
depends_on:
- mybunker
environment:
<<: *bunkerweb-env
DOCKER_HOST: "tcp://docker-proxy:2375"
DOCKER_HOST: "tcp://bw-docker-proxy:2375"
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
mywp:
image: wordpress:6.1.1-apache
volumes:
- ./wp-data:/var/www/html
- wp-data:/var/www/html
environment:
- WORDPRESS_DB_HOST=mydb
- WORDPRESS_DB_NAME=${WORDPRESS_DATABASE:-wp}
@ -71,18 +59,20 @@ services:
- bw-services
mydb:
image: mariadb:10.10
image: mariadb
volumes:
- db-data:/var/lib/mysql
environment:
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
entrypoint: sh -c "echo 'DROP USER IF EXISTS \"${WORDPRESS_USER:-user}\"; CREATE USER \"${WORDPRESS_USER:-user}\"@\"%\"; CREATE DATABASE IF NOT EXISTS ${WORDPRESS_DATABASE:-wp}; CREATE DATABASE IF NOT EXISTS ${BUNKERWEB_DATABASE:-bunkerweb}; GRANT ALL PRIVILEGES ON ${WORDPRESS_DATABASE:-wp}.* TO \"${WORDPRESS_USER:-user}\"@\"%\" IDENTIFIED BY \"${WORDPRESS_PASSWORD:-secret}\"; GRANT ALL PRIVILEGES ON ${BUNKERWEB_DATABASE:-bunkerweb}.* TO \"${WORDPRESS_USER:-user}\"@\"%\" IDENTIFIED BY \"${WORDPRESS_PASSWORD:-secret}\"; FLUSH PRIVILEGES;' > /docker-entrypoint-initdb.d/init.sql; /usr/local/bin/docker-entrypoint.sh --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci"
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
- MYSQL_DATABASE=wp
- MYSQL_USER=user
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match WORDPRESS_DB_PASSWORD)
networks:
- bw-universe
- bw-services
volumes:
bw-data:
wp-data:
db-data:
networks:
@ -92,4 +82,4 @@ networks:
config:
- subnet: 10.20.30.0/24
bw-services:
net-docker:
bw-docker:

22
examples/wordpress/swarm.yml
View File

@ -4,7 +4,7 @@ services:
mywp:
image: wordpress:5-apache
volumes:
- wp_data:/var/www/html
- wp-data:/var/www/html
networks:
- bw-services
environment:
@ -24,7 +24,21 @@ services:
- bunkerweb.REVERSE_PROXY_URL=/
- bunkerweb.REVERSE_PROXY_HOST=http://mywp
# For the database, you can refer to the swarm integration example including a database
mydb:
image: mariadb
volumes:
- db-data:/var/lib/mysql
networks:
- bw-services
environment:
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
- MYSQL_DATABASE=wp
- MYSQL_USER=user
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match WORDPRESS_DB_PASSWORD)
deploy:
placement:
constraints:
- "node.role==worker"
networks:
bw-services:
@ -32,5 +46,5 @@ networks:
name: bw-services
volumes:
wp_data:
db_data:
wp-data:
db-data: