BreizhHardware/docker-compose-collection
1
0
Fork 0
mirror of https://github.com/PAPAMICA/docker-compose-collection.git synced 2026-03-18 21:30:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add Keycloak + OpenVPN + HealthCheck

Browse Source
This commit is contained in:
PAPAMICA
2021-09-04 10:23:21 +02:00
parent d1898793db
commit 75cc2e4738
13 changed files with 335 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cachethq.yml
View File

@@ -25,6 +25,14 @@ services:
- POSTGRES_PASSWORD=$DB_PASSWORD
restart: always
#HealthCheck
healthcheck:
test: curl --fail http://localhost:8000 || exit 1
interval: 1m
timeout: 30s
retries: 3
# Facultatif
networks:
- proxy

5
filebrowser.yml
View File

@@ -23,6 +23,11 @@ services:
- $DATA_LOCATION/database.db:/database.db
# ports:
# - 8080:80
healthcheck:
test: wget -nv -t1 --spider 'http://localhost:80'
interval: 1m
timeout: 30s
retries: 3
networks:

6
grafana.yml
View File

@@ -27,6 +27,12 @@ services:
- GF_PLUGINS_ALLOW_LOADING_UNSIGNED_PLUGINS=alexanderzobnin-zabbix-datasource
# ports:
# - 3001:3000
healthcheck:
test: wget -nv -t1 --spider 'http://localhost:3000/'
interval: 1m
timeout: 30s
retries: 3
# Facultatif
networks:

7
hastebin.yml
View File

@@ -22,6 +22,13 @@ services:
# ports:
# - 8080:80
healthcheck:
test: wget -s 'http://localhost:7777'
interval: 1m
timeout: 30s
retries: 3
# Facultatif
networks:
- proxy

6
jirafeau.yml
View File

@@ -19,6 +19,12 @@ services:
- $DATA_LOCATION/cfg:/cfg
- $DATA_LOCATION/data:/data
- $DATA_LOCATION/media:/jirafeau/media
healthcheck:
test: wget -nv -t1 --spider 'http://localhost:80'
interval: 1m
timeout: 30s
retries: 3
networks:
- proxy
logging:

56
keycloak.yml Normal file
View File

@@ -0,0 +1,56 @@
# Docker-compose mis à disposition par Mickael "PAPAMICA" Asseline
# Date de mise à jour : 04/09/2021
# Variables d'environnement à déclarer :
# - SERVICE : nom du service (exemple : mariadb)
# - KC_USER : utilisteur admin
# - KC_PASSWORD : mot de passe de l'utilisateur admin
# - KC_DB_HOST : nom du conteneur du SGBD
# - KC_DATABASE : nom de la BDD
# - KC_DB_USER : nom utilisateur BDD
# - KC_DB_PASSWORD : mot de passe de la BDD
# - NDD : Nom de domaine de l'application (ex : auth.papamica.com)
# Fonctionne avec Portainer
version: "2"
services:
keycloak:
image: jboss/keycloak:latest
container_name: $SERVICE
restart: unless-stopped
environment:
KEYCLOAK_USER: $KC_USER
KEYCLOAK_PASSWORD: $KC_PASSWORD
PROXY_ADDRESS_FORWARDING: 'true'
DB_ADDR: $KC_DB_HOST
DB_DATABASE: $KC_DATABASE
DB_USER: $KC_DB_USER
DB_PASSWORD: $KC_DB_PASSWORD
healthcheck:
test: curl --fail http://localhost:8080/auth/realms/master
interval: 1m
timeout: 30s
retries: 3
logging:
driver: loki
options:
loki-url: "$URL_LOKI"
loki-external-labels: service={{.Name}}
labels:
- "traefik.enable=true"
- "traefik.http.routers.$SERVICE.entrypoints=http"
- "traefik.http.routers.$SERVICE.rule=Host(`$NDD`)"
- "traefik.http.middlewares.$SERVICE-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.$SERVICE.middlewares=$SERVICE-https-redirect"
- "traefik.http.routers.$SERVICE-secure.entrypoints=https"
- "traefik.http.routers.$SERVICE-secure.rule=Host(`$NDD`)"
- "traefik.http.routers.$SERVICE-secure.tls=true"
- "traefik.http.routers.$SERVICE-secure.tls.certresolver=http"
- "traefik.docker.network=proxy"
networks:
- proxy
networks:
proxy:
external:
name: proxy

55
openvpn.yml Normal file
View File

@@ -0,0 +1,55 @@
# Docker-compose mis à disposition par Mickael "PAPAMICA" Asseline
# Date de mise à jour : 04/09/2021
# Variables d'environnement à déclarer :
# - SERVICE : nom du service (exemple : pgadmin)
# - PUID : uid de l'utilisateur système (exemple : 1001)
# - GUID : gid du groupe système (exemple : 1001)
# - INTERFACE: nom de l'interface réseau
# - TZ : Timezone du service (exemple : Europe/Paris)
# - DATA_LOCATION : localisation des données (exemple /apps/"service")
# - NDD : nom de domaine de l'application (ex : vpn.papamica.com)
# Fonctionne avec Portainer
version: "2"
services:
openvpn-as:
image: linuxserver/openvpn-as:latest
container_name: $SERVICE
cap_add:
- NET_ADMIN
environment:
- PUID=$PUID
- PGID=$PGID
- TZ=$TZ
- INTERFACE=$INTERFACE
healthcheck:
test: curl --fail --insecure https://localhost:943 || exit 1
interval: 1m
timeout: 30s
retries: 3
logging:
driver: loki
options:
loki-url: "$URL_LOKI"
loki-external-labels: service={{.Name}}
volumes:
- $DATA_LOCATION:/config
ports:
- 9443:9443
- 1194:1194/udp
restart: unless-stopped
labels:
- "traefik.enable=true"
- "traefik.http.routers.$SERVICE.entrypoints=https"
- "traefik.http.routers.$SERVICE.rule=Host(`$NDD`)"
- "traefik.http.services.$SERVICE.loadbalancer.server.port=943"
- "traefik.http.services.$SERVICE.loadbalancer.server.scheme=https"
- "traefik.docker.network=proxy"
networks:
- proxy
networks:
proxy:
external:
name: proxy

7
projectsend.yml
View File

@@ -28,6 +28,13 @@ services:
- $DATA:/data
# ports:
# - 80:80
healthcheck:
test: curl --fail http://localhost:80 || exit 1
interval: 1m
timeout: 30s
retries: 3
# Facultatif
networks:

101
templates-portainer.json
View File

@@ -397,6 +397,107 @@
"label": "Url du service loki"
}]
},
{
"type": 3,
"title": "OpenVPN AS",
"description": "Serveur VPN",
"note": "<p>Site de l'application : <a href=\"https:\/\/openvpn.net\/\" target=\"_blank\" rel=\"noopener\">openvpn.net<\/a>",
"categories": [
"Sécurité",
"PAPAMICA"
],
"platform": "linux",
"logo": "https://gitlab.com/kallioli/docker-server-container/-/raw/master/img/openvpn_logo.png",
"repository": {
"url": "https://github.com/PAPAMICA/docker-compose-collection",
"stackfile": "openvpn.yml"
},
"env": [{
"name": "SERVICE",
"label": "Nom du service"
},
{
"name": "PUID",
"label": "Identifiant utilisateur openvpn"
},
{
"name": "PGID",
"label": "Identifiant du groupe openvpn"
},
{
"name": "TZ",
"label": "Timezone du service"
},
{
"name": "INTERFACE",
"label": "Nom de l'interface réseau"
},
{
"name": "DATA_LOCATION",
"label": "Localisation des données du service"
},
{
"name": "URL_LOKI",
"label": "Url du service loki"
},
{
"name": "NDD",
"label": "Nom de domaine"
}]
},
{
"type": 3,
"title": "Keycloak",
"description": "Serveur d'authentification SSO",
"note": "<p>Site de l'application : <a href=\"https:\/\/keycloak.org\/\" target=\"_blank\" rel=\"noopener\">keycloak.org<\/a>",
"categories": [
"Sécurité",
"PAPAMICA"
],
"platform": "linux",
"logo": "https://gitlab.com/kallioli/docker-server-container/-/raw/master/img/keycloak_logo.png",
"repository": {
"url": "https://github.com/PAPAMICA/docker-compose-collection",
"stackfile": "keycloak.yml"
},
"env": [{
"name": "SERVICE",
"label": "Nom du service"
},
{
"name": "KC_USER",
"label": "Nom de l'utilisateur administrateur"
},
{
"name": "KC_PASSWORD",
"label": "Mot de passe administrateur"
},
{
"name": "KC_DB_HOST",
"label": "Serveur SGBD"
},
{
"name": "KC_DATABASE",
"label": "Nom de la BDD"
},
{
"name": "KC_DB_USER",
"label": "Utilisateur de la BDD"
},
{
"name": "KC_DB_PASSWORD",
"label": "Mot de passe de la BDD"
},
{
"name": "URL_LOKI",
"label": "Url du service loki"
},
{
"name": "NDD",
"label": "Nom de domaine"
}]
},
{
"type": 3,

7
wikijs.yml
View File

@@ -45,6 +45,13 @@ services:
DB_PASS: $DB_PASSWORD
DB_NAME: wiki
restart: unless-stopped
healthcheck:
test: curl --fail http://localhost:3000 || exit 1
interval: 1m
timeout: 30s
retries: 3
# Facultatif
networks:
- proxy

6
zabbix-cachethq.yml
View File

@@ -19,6 +19,12 @@ services:
volumes:
- $DATA_LOCATION/config.yml:/config.yml
restart: always
healthcheck:
test: grep -qr "python" /proc/*/status || exit 1
interval: 1m
timeout: 30s
retries: 3
# Facultatif
networks:

59
zabbix-proxy.yml Normal file
View File

@@ -0,0 +1,59 @@
# Docker-compose provided by Mickael "PAPAMICA" Asseline
# Last update : 04/09/2021
# Environment variables to declare :
# - SERVICE : name of the service (example : zabbix-proxy)
# - HOSTNAME : name of zabbix proxy (example : zabbix-proxy)
# - ZABBIX_SERVER : FQDN of zabbix server (example : zabbic.domain.tld)
# - TLSPSKIDENTITY : ID of psk in zabbix server (example : PSK001)
# - TLSPSKFILE : PSK file (example : zabbix_agentd.psk)
# - URL_LOKI : loki service URL (example : http://ip:3100/loki/api/v1/push)
# - DATA_LOCATION : location of service configuration data (example /app/"service")
# - NETWORK_APP : application network name
# Work with Portainer
version: '2'
services:
zabbix-proxy:
image: zabbix/zabbix-proxy-sqlite3:ubuntu-5.4-latest
restart: unless-stopped
container_name: $SERVICE
environment:
ZBX_PROXYMODE: 0
ZBX_HOSTNAME: $PROXY_HOSTNAME
ZBX_SERVER_HOST: $ZABBIX_SERVER
ZBX_ENABLEREMOTECOMMANDS: 1
ZBX_STARTPOLLERS: 5
ZBX_IPMIPOLLERS: 1
ZBX_STARTPOLLERSUNREACHABLE: 1
ZBX_STARTTRAPPERS: 5
ZBX_STARTPINGERS: 1
ZBX_STARTDISCOVERERS: 1
ZBX_STARTHTTPPOLLERS: 1
ZBX_STARTVMWARECOLLECTORS: 10
ZBX_TLSCONNECT: psk
ZBX_TLSACCEPT: psk
ZBX_TLSPSKIDENTITY: $TLSPSKIDENTITY
ZBX_TLSPSKFILE: $TLSPSKFILE
ZBX_VMWAREFREQUENCY: 60
ZBX_VMWAREPERFFREQUENCY: 60
ZBX_VMWARECACHESIZE: 8M
ZBX_VMWARETIMEOUT: 10
healthcheck:
test: grep -qr "zabbix_proxy" /proc/*/status || exit 1
interval: 1m
timeout: 30s
retries: 3
logging:
driver: loki
options:
loki-url: "$URL_LOKI"
loki-external-labels: service={{.Name}}
volumes:
- $DATA_LOCATION/enc:/var/lib/zabbix/enc
ports:
- 10051:10051
networks:
- proxy
networks:
proxy:
external:
name: proxy

12
zabbix.yml
View File

@@ -58,6 +58,12 @@ services:
- 10051:10051
volumes: # Volumes for scripts and related files you can add
- $DATA_LOCATION/alertscripts:/usr/lib/zabbix/alertscripts
healthcheck:
test: grep -qr "zabbix_server" /proc/*/status || exit 1
interval: 1m
timeout: 30s
retries: 3
# Facultatif
networks:
@@ -85,6 +91,12 @@ services:
- zabbix-server
# ports: # Port where Zabbix UI is available
# - 8090:8080
healthcheck:
test: curl --fail http://localhost:8080 || exit 1
interval: 1m
timeout: 30s
retries: 3
# Facultatif
networks: