2023-04-01

root/compose.sh

@@ -1 +1 @@
-docker compose -f ~/compose.yml up -d
+docker compose -f ./compose.yml up -d

root/compose.yml

@@ -3,31 +3,59 @@ version: "3"
 secrets:
   config_json_foundry:
     file: foundry_secrets.json
+  oauth_client_id:
+    file: ./secrets/OAUTH_CLIENT_ID
+  oauth_client_secret:
+    file: ./secrets/OAUTH_CLIENT_SECRET
 
 services:
+    yacht:
+      container_name: yacht
+      image: selfhostedpro/yacht
+      hostname: yacht
+      volumes:
+        - /var/run/docker.sock:/var/run/docker.sock
+        - ../home/yacht:/config
+      environment:
+          TZ: "America/Chicago"
+          UID: 33
+          GID: 33
+          DISABLE_AUTH: true
+      networks:
+        - internal
     nginx:
         container_name: nginx
         image: nginx
         hostname: nginx
         volumes:
           - type: bind
-            source: /home/html
+            source: ../home/html
             target: /var/www/html
           - type: bind
-            source: /home/nginx/conf.d
+            source: ../home/nginx/conf.d
             target: /etc/nginx/conf.d
             read_only: true
           - type: bind
-            source: /home/nginx/nginx.conf
+            source: ../home/nginx/nginx.conf
             target: /etc/nginx/nginx.conf
           - type: bind
-            source: /home/certbot/www
+            source: ../home/nginx/applications
+            target: /etc/nginx/applications
+          - type: bind
+            source: ../home/nginx/certs
+            target: /etc/nginx/certs
+          - type: bind
+            source: ../home/certbot/www
             target: /var/www/certbot
             read_only: true
           - type: bind
-            source: /home/certbot/conf
+            source: ../home/certbot/conf
             target: /etc/nginx/ssl
             read_only: true
+          - type: bind
+            source: ../home/dir2cast
+            target: /var/www/dir2cast
+            read_only: true
         environment:
           TZ: "America/Chicago"
           UID: 33
@@ -42,10 +70,10 @@ services:
       image: certbot/certbot:latest
       volumes:
         - type: bind
-          source: /home/certbot/www
+          source: ../home/certbot/www
           target: /var/www/certbot
         - type: bind
-          source: /home/certbot/conf
+          source: ../home/certbot/conf
           target: /etc/letsencrypt
     php:
         container_name: php
@@ -53,8 +81,11 @@ services:
         hostname: php
         volumes:
           - type: bind
-            source: /home/html
+            source: ../home/html
             target: /var/www/html
+          - type: bind
+            source: ../home/dir2cast
+            target: /var/www/dir2cast
         environment:
           TZ: "America/Chicago"
           UID: 33
@@ -67,16 +98,16 @@ services:
         hostname: filebrowser
         volumes:
           - type: bind
-            source: /home/filebrowser/srv
+            source: ../home/filebrowser/srv
             target: /srv
           - type: bind
-            source: /home/filebrowser/database.db
+            source: ../home/filebrowser/database.db
             target: /database.db
           - type: bind
-            source: /home/filebrowser/filebrowser.json
+            source: ../home/filebrowser/filebrowser.json
             target: /.filebrowser.json
           - type: bind
-            source: /home/foundry/Data
+            source: ../home/foundry/Data
             target: /home/foundry/Data
         environment:
           TZ: "America/Chicago"
@@ -91,31 +122,33 @@ services:
         init: true
         volumes:
           - type: bind
-            source: /home/foundry
+            source: ../home/foundry
             target: /data
         environment:
           TZ: "America/Chicago"
           FOUNDRY_ROUTE_PREFIX: "foundry"
           FOUNDRY_UID: 33
           FOUNDRY_GID: 33
+          FOUNDRY_PROXY_SSL: true
+          FOUNDRY_PROXY_PORT: 9090
         secrets:
           - source: config_json_foundry
             target: config.json
         networks:
           - internal
-    yacht:
-      container_name: yacht
-      image: selfhostedpro/yacht
-      hostname: yacht
-      ports:
-        - "8000:8000"
-      volumes:
-        - /var/run/docker.sock:/var/run/docker.sock
-        - /home/yacht:/config
-volumes:
-  yacht:
-    external: false
-    driver: local
+    vouch:
+        container_name: vouch
+        image: quay.io/vouch/vouch-proxy
+        environment:
+          TZ: "America/Chicago"
+          UID: 33
+          GID: 33
+        volumes:
+            - type: bind
+              source: ../home/vouch/config.yml
+              target: /config/config.yml
+        networks:
+          - internal 
 networks:
   internal:
     driver: bridge

root/create-localhost-certs.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+# https://gist.github.com/jonsamp/587b78b7698be7c7fd570164a586e6b7
+cd ../home/certbot/live/localhost
+					../home/certbot/conf/live/localhost
+openssl genrsa -out ../home/certbot/conf/live/localhost/localhost.key 2048
+openssl req -new -x509 -key ../home/certbot/conf/live/localhost/localhost.key -out ../home/certbot/conf/live/localhost/localhost.crt -days 3650 -subj /CN=localhost
+sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ../home/certbot/conf/live/localhost/localhost.crt
+
+echo "You're ready to use https on localhost 💅"

root/filebrowser_set_auth.sh

@@ -0,0 +1 @@
+docker compose run --rm filebrowser config set --auth.method=proxy --auth.header=X-Vouch-User

root/nginx-reload.sh

@@ -1 +1,3 @@
-docker exec -it nginx service nginx reload
+#!/bin/bash
+docker exec nginx nginx -t
+docker exec nginx service nginx reload