feat: split conf for camp

2025-11-13 20:40:57 +01:00 · 2025-11-13 20:40:57 +01:00 · 70e5b04f8a
commit 70e5b04f8a
parent 4c76772132
6 changed files with 15 additions and 195 deletions
--- a/2026.camp.interhacker.space.yml
+++ b/2026.camp.interhacker.space.yml
@ -0,0 +1,13 @@
+services:
+  whoami:
+    image: camp 
+    networks:
+      - proxy 
+    labels:
+      caddy: 2026.camp.interhacker.space
+      caddy.reverse_proxy: "{{upstreams 80}}"
+
+networks:
+  proxy:
+    external: true
+
--- a/docker-compose.grist.yml
+++ b/docker-compose.grist.yml
@ -1,32 +0,0 @@
-services:
-  grist:
-    image: gristlabs/grist:1.7
-    restart: unless-stopped
-    volumes:
-      - ${GRIST_DATA:-grist}:/persist
-    environment:
-      - GRIST_SESSION_SECRET=${GRIST_SESSION_SECRET}
-      - GRIST_DEFAULT_EMAIL=${GRIST_DEFAULT_EMAIL:-admin@mail.com}
-      - GRIST_SANDBOX_FLAVOR=gvisor
-      - GRIST_SINGLE_ORG=camp
-      - GRIST_PAGE_TITLE_SUFFIX= - Camp Interhack
-      - APP_HOME_URL=https://${HOST}
-    depends_on:
-      - db
-    labels:
-      - traefik.enable=true
-      - traefik.http.routers.grist.entryPoints=https
-      - traefik.http.routers.grist.rule=Host(`${HOST}`)
-      - traefik.http.routers.grist.tls.certresolver=le-ssl
-      - traefik.http.services.grist.loadbalancer.server.port=8484
-      - traefik.docker.network=front
-    networks:
-      - default
-      - front
-
-volumes:
-  grist:
-
-networks:
-  front:
-    external: true
--- a/docker-compose.keycloak.yml
+++ b/docker-compose.keycloak.yml
@ -1,44 +0,0 @@
-services:
-  postgresql:
-    image: postgres:18.0
-    restart: unless-stopped
-    environment:
-      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
-      - POSTGRES_USER=${POSTGRES_USER:-keycloak}
-      - POSTGRES_DB=${POSTGRES_DB:-keycloak}
-    volumes:
-      - ${POSTGRES_DATA:-postgres_data}:/var/lib/postgresql/data
-
-  keycloak:
-    image: quay.io/keycloak/keycloak:26.4
-    restart: unless-stopped
-    depends_on:
-      - postgresql
-    command: start
-    environment:
-      - KC_DB=postgres
-      - KC_DB_URL=jdbc:postgresql://postgresql/${POSTGRES_DB:-keycloak}
-      - KC_DB_PASSWORD=${POSTGRES_PASSWORD}
-      - KC_DB_USERNAME=${POSTGRES_USER:-keycloak}
-      - KC_PROXY=edge
-      - KC_HOSTNAME_STRICT=false
-      - KEYCLOAK_ADMIN=${KEYCLOAK_ADMIN_USER:-admin}
-      - KEYCLOAK_ADMIN_PASSWORD=${KEYCLOAK_ADMIN_PASSWORD}
-    labels:
-      - traefik.enable=true
-      - traefik.http.routers.keycloak.entryPoints=https
-      - traefik.http.routers.keycloak.rule=Host(`${HOST}`)
-      - traefik.http.routers.keycloak.tls.certresolver=le-ssl
-      - traefik.http.services.keycloak.loadbalancer.server.port=8080
-      - traefik.docker.network=front
-    networks:
-      - default
-      - front
-
-volumes:
-  postgresql_data:
-    driver: local
-
-networks:
-  front:
-    external: true
--- a/docker-compose.leantime.yml
+++ b/docker-compose.leantime.yml
@ -1,83 +0,0 @@
-services:
-  mysql:
-    image: mysql:9.4
-    volumes:
-      - ${MYSQL_DATA_DIR:-db_data}:/var/lib/mysql
-    restart: unless-stopped
-    environment:
-      - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
-      - MYSQL_DATABASE=leantime
-      - MYSQL_USER=lean
-      - MYSQL_PASSWORD=${MYSQL_PASSWORD}
-    command: --character-set-server=UTF8MB4 --collation-server=UTF8MB4_unicode_ci
-    healthcheck:
-      test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
-      interval: 30s
-      timeout: 10s
-      retries: 3
-
-  leantime:
-    image: leantime/leantime:3.5.12
-    restart: unless-stopped
-    # security_opt:
-      # - no-new-privileges:true
-    # cap_add:
-      # - CAP_NET_BIND_SERVICE
-      # - CAP_CHOWN
-      # - CAP_SETGID
-      # - CAP_SETUID
-    environment:
-      - LEAN_DB_HOST=mysql
-      - LEAN_DB_DATABASE=leantime  
-      - LEAN_DB_USER=lean 
-      - LEAN_DB_PASSWORD=${MYSQL_PASSWORD}
-      - LEAN_SESSION_PASSWORD=${LEAN_SESSION_PASSWORD}
-      - LEAN_DEBUG=0
-      - LEAN_LANGUAGE=fr-FR
-      - LEAN_DEFAULT_TIMEZONE=Europe/Paris
-      - LEAN_DISABLE_LOGIN_FORM=true
-      - LEAN_OIDC_ENABLE=true
-      - LEAN_OIDC_PROVIDER_URL=${LEAN_OIDC_PROVIDER_URL}
-      - LEAN_OIDC_CLIENT_ID=${LEAN_OIDC_CLIENT_ID}
-      - LEAN_OIDC_CLIENT_SECRET=${LEAN_OIDC_CLIENT_SECRET}
-      - LEAN_OIDC_CREATE_USER=false
-      - LEAN_OIDC_DEFAULT_ROLE=20
-    volumes:
-      - ${LEAN_PUBLIC_USERFILES_DIR:-public_userfiles}:/var/www/html/public/userfiles     # Volume to store public files, logo etc
-      - ${LEAN_USERFILES_DIR:-userfiles}:/var/www/html/userfiles                          # Original volume name for compatibility
-      - ${LEAN_PLUGINS_DIR:-plugins}:/var/www/html/app/Plugins                            # Plugin storage
-      - ${LEAN_LOGS_DIR:-logs}:/var/www/html/storage/logs                                 # Log storage
-    depends_on:
-      mysql:
-        condition: service_healthy
-    labels:
-      - traefik.enable=true
-      - traefik.http.routers.leantime.entryPoints=https
-      - traefik.http.routers.leantime.rule=Host(`${HOST}`)
-      - traefik.http.routers.leantime.tls.certresolver=le-ssl
-      - traefik.http.services.leantime.loadbalancer.server.port=8080
-      - traefik.docker.network=front
-    networks:
-      - default
-      - front
-
-  # Add a helper container for volume permissions
-  # Run via docker compose --profile mysql_helper up -d
-  mysql_helper:
-    image: mysql:9.4
-    command: chown -R mysql:mysql /var/lib/mysql
-    volumes:
-      - ${MYSQL_DATA_DIR:-db_data}:/var/lib/mysql
-    user: root
-    profiles: [ "helper" ]
-
-volumes:
-  db_data:
-  userfiles:
-  public_userfiles:
-  plugins:
-  logs:
-
-networks:
-  front:
-    external: true
--- a/docker-compose.reverse-proxy.yml
+++ b/docker-compose.reverse-proxy.yml
@ -1,30 +0,0 @@
-services:
-  traefik:
-    image: traefik:v3.5
-    container_name: traefik
-    restart: always
-    ports:
-      - 80:80 # (HTTP)
-      - 443:443 # (HTTPS)
-    command:
-      - --providers.docker=true
-      - --providers.docker.exposedByDefault=false
-      - --certificatesresolvers.le-ssl.acme.email=${ACME_EMAIL}
-      - --certificatesresolvers.le-ssl.acme.storage=acme.json
-      - --certificatesresolvers.le-ssl.acme.httpchallenge.entrypoint=web
-      - --tls.options.default.minVersion=VersionTLS12
-      - --entrypoints.http.address=:80
-      - --entrypoints.http.http.redirections.entryPoint.to=https
-      - --entrypoints.http.http.redirections.entryPoint.scheme=https
-      - --entrypoints.https.address=:443
-      - --entrypoints.https.http.tls.certResolver=le-ssl
-    volumes:
-      - /etc/localtime:/etc/localtime:ro
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-    networks:
-      - default
-      - front
-
-networks:
-  front:
-    external: true
--- a/paheko.camp.interhacker.space.yml
+++ b/paheko.camp.interhacker.space.yml
@ -8,12 +8,8 @@ services:
      - ${PAHEKO_DATA}:/var/www/paheko/data
      - ${PAHEKO_PLUGINS}:/var/www/paheko/data/plugins
    labels:
-      - traefik.enable=true
-      - traefik.http.routers.paheko.entryPoints=https
-      - traefik.http.routers.paheko.rule=Host(`${HOST}`)
-      - traefik.http.routers.paheko.tls.certresolver=le-ssl
-      - traefik.http.services.paheko.loadbalancer.server.port=80
-      - traefik.docker.network=front
+      caddy: paheko.camp.interhacker.space 
+      caddy.reverse_proxy: "{{upstreams 80}}"
    networks:
      - front