177 lines
4.4 KiB
Markdown
177 lines
4.4 KiB
Markdown
# Docker Services Repository
|
|
|
|
A comprehensive collection of self-hosted web services managed through Docker Compose submodules, designed for easy deployment and maintenance of a complete personal or organizational infrastructure.
|
|
|
|
## Overview
|
|
|
|
This repository serves as a centralized management system for multiple containerized services, each maintained as a git submodule with its own Docker Compose configuration. All services can be updated simultaneously using the included automation script.
|
|
|
|
## Services
|
|
|
|
### 🦊 Forgejo
|
|
A lightweight, self-hosted Git service providing repository hosting, issue tracking, and collaboration features.
|
|
|
|
**Location:** `./forgejo/`
|
|
|
|
**Key Features:**
|
|
- Git repository hosting
|
|
- Pull requests and code review
|
|
- Issue tracking and project management
|
|
|
|
### 💬 IM (XMPP Server)
|
|
An XMPP messaging server with Slidge gateway integration for WhatsApp connectivity.
|
|
|
|
**Location:** `./im/`
|
|
|
|
**Key Features:**
|
|
- Standards-based XMPP messaging
|
|
- WhatsApp bridge via Slidge
|
|
- End-to-end encryption support
|
|
- Multi-client compatibility
|
|
|
|
### 📧 Mail Server
|
|
A complete email service solution handling mail sending, receiving, and storage.
|
|
|
|
**Location:** `./mailserver/`
|
|
|
|
**Key Features:**
|
|
- SMTP/IMAP support
|
|
- Spam filtering
|
|
- Webmail interface
|
|
- Email authentication (SPF, DKIM, DMARC)
|
|
|
|
### ☁️ Nextcloud
|
|
A self-hosted cloud storage and collaboration platform.
|
|
|
|
**Location:** `./next/`
|
|
|
|
**Key Features:**
|
|
- File synchronization and sharing
|
|
- Calendar and contacts
|
|
- Online document editing
|
|
- Mobile and desktop client support
|
|
|
|
### 🔀 Reverse Proxy
|
|
An Nginx-based reverse proxy managing DNS routing and SSL termination for all services.
|
|
|
|
**Location:** `./reverse/`
|
|
|
|
**Key Features:**
|
|
- Centralized SSL/TLS management
|
|
- Domain-based routing
|
|
- HTTP to HTTPS redirection
|
|
|
|
## Getting Started
|
|
|
|
### Prerequisites
|
|
|
|
- Docker
|
|
- Docker Compose
|
|
- Git with submodule support
|
|
- Root or sudo access for binding to privileged ports
|
|
|
|
### Installation
|
|
|
|
1. Clone the repository with submodules:
|
|
```bash
|
|
git clone --recurse-submodules <repository-url>
|
|
cd <repository-name>
|
|
```
|
|
|
|
2. If you already cloned without submodules:
|
|
```bash
|
|
git submodule init
|
|
git submodule update
|
|
```
|
|
|
|
3. Configure each service by navigating to its directory and editing the respective `docker-compose.yml` and environment files.
|
|
|
|
4. Start all services:
|
|
```bash
|
|
./docker-update-all.sh
|
|
```
|
|
|
|
Or start individual services:
|
|
```bash
|
|
cd <service-directory>
|
|
./docker-update.sh
|
|
```
|
|
|
|
## Maintenance
|
|
|
|
### Updating All Services
|
|
|
|
The included update script handles pulling new images and restarting containers:
|
|
|
|
```bash
|
|
./docker-update-all.sh
|
|
```
|
|
|
|
### Updating Individual Services
|
|
|
|
Navigate to the service directory and update manually:
|
|
|
|
```bash
|
|
cd <service-directory>
|
|
./docker-update.sh
|
|
```
|
|
|
|
### Backing Up Data
|
|
|
|
Each service stores persistent data in Docker volumes. There's an included backup script in each:
|
|
|
|
```bash
|
|
# Stop services before backup
|
|
docker compose down
|
|
|
|
# Backup volumes
|
|
./backup.sh
|
|
|
|
# Restart services
|
|
docker compose up -d
|
|
```
|
|
|
|
### Viewing Logs
|
|
|
|
Check service logs for troubleshooting:
|
|
|
|
```bash
|
|
cd <service-directory>
|
|
docker compose logs -f
|
|
```
|
|
|
|
## Configuration
|
|
|
|
Each service maintains its own configuration within its submodule directory. Refer to the individual service's README or documentation for specific configuration options.
|
|
|
|
### Common Configuration Steps
|
|
|
|
1. Set up domain names in your DNS provider
|
|
2. Configure service-specific environment variables (see each service Readme for reference)
|
|
|
|
> [!INFO]
|
|
> One shot services could be run with the reverse proxy with `docker run --network=reverse_proxy-tier -e VIRTUAL_HOST=examp.le -e LETSENCRYPT_HOST=examp.le service_name`
|
|
|
|
## Network Architecture
|
|
|
|
All services communicate through Docker networks. The reverse proxy handles external traffic and routes requests to the appropriate service based on domain names.
|
|
|
|
```
|
|
Internet → Reverse Proxy (Nginx) → Individual Services
|
|
↓
|
|
SSL Termination
|
|
DNS Routing
|
|
```
|
|
|
|
## Security Considerations
|
|
|
|
- Keep all services updated regularly using `docker-update-all.sh`
|
|
- Use strong passwords and consider implementing 2FA where available
|
|
- Regularly backup all data volumes
|
|
- Monitor logs for suspicious activity
|
|
- Keep the reverse proxy's SSL certificates up to date (they should update automatically, but checking from time to time doesn't hurt)
|
|
|
|
## License
|
|
|
|
Please refer to individual service submodules for their respective licenses.
|
|
|