mwinter/unboundedpress
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
unboundedpress/README.md

302 lines
7.3 KiB
Markdown
Raw Normal View History

Deployment-ready: All services configured
2026-02-23 20:24:09 +01:00
# Unboundedpress
Self-hosted web infrastructure using Docker Compose.
## Overview
- **portfolio**: ⚠️ **MOST IMPORTANT** - Main Nuxt 3 website containing a majority of my life's work (replaced old Express.js portfolio)
- **Nextcloud**: File storage and document editing
- **Forgejo**: Code repository (migrated from Gitea)
- **Collabora**: Online document editor (integrated with Nextcloud)
- **nginx-proxy**: Reverse proxy with automatic HTTPS (Let's Encrypt)
- **Redis**: Caching for Nextcloud
## Prerequisites
- Docker & Docker Compose installed
- Ports 80 and 443 available
- Domain DNS pointing to server
## Quick Start
```bash
# 1. Clone repository
git clone <repo-url>
cd unboundedpress_dev
# 2. Create .env file
cp .env_template .env
# Edit .env with your values
# 3. Start services
docker compose up -d
# 4. Verify
docker compose ps
```
## Environment Variables (.env)
| Variable | Description | Example |
|----------|-------------|---------|
| DOMAIN | Your domain | unboundedpress.org |
| USER | Admin username | mwinter |
| PASSWORD | Admin password | ************ |
| EMAIL | Email for SSL certificates | admin@example.com |
## Services
| Service | URL | Description |
|---------|-----|-------------|
| portfolio | https://{domain}/ | Main website |
| Nextcloud | https://{domain}/cloud/ | File storage & documents |
| Forgejo | https://{domain}/code/ | Git repositories |
| Collabora | https://{domain}/collab/ | Document editing (integrated with Nextcloud) |
## Production Deployment
### Step 1: Update Environment
Edit `.env`:
```bash
DOMAIN=unboundedpress.org
# Comment out or remove: HTTPS_METHOD=noredirect
```
chore: Update Collabora config, add static IP, CSP scoped to /cloud, update remote URLs
2026-02-27 09:16:37 +01:00
### Step 2: Update Nextcloud Collabora URLs
Deployment-ready: All services configured
2026-02-23 20:24:09 +01:00
```bash
chore: Update Collabora config, add static IP, CSP scoped to /cloud, update remote URLs
2026-02-27 09:16:37 +01:00
# Internal URL (Nextcloud uses to talk to Collabora)
docker exec nextcloud php occ config:app:set richdocuments wopi_url --value="http://collabora:9980"
# External URL (browser uses to open Collabora)
docker exec nextcloud php occ config:app:set richdocuments public_wopi_url --value="https://unboundedpress.org/collab"
# Callback URL (Collabora uses to connect back to Nextcloud)
docker exec nextcloud php occ config:app:set richdocuments wopi_callback_url --value="https://unboundedpress.org/cloud"
Deployment-ready: All services configured
2026-02-23 20:24:09 +01:00
```
### Step 3: Restart Services
```bash
docker compose restart
```
### Step 4: Verify SSL
SSL certificates are automatically issued by acme-companion. Check status:
```bash
docker logs nginx-proxy-acme
```
## Local Development
### HTTPS Setup (mkcert)
For local development with HTTPS, use mkcert to create locally-trusted certificates:
```bash
# Install mkcert (Arch Linux)
sudo pacman -S mkcert
# Install local CA
mkcert -install
# Create certificates
cd nginx/certs
mkcert -key-file key.pem -cert-file cert.pem "localdev.unboundedpress.org" "*.localdev.unboundedpress.org"
# Rename to default certificate
mv cert.pem default.crt
mv key.pem default.key
# Restart proxy
docker compose restart nginx-proxy
```
### Access Local Services
After setup, access at:
- Main site: https://localdev.unboundedpress.org/
- Nextcloud: https://localdev.unboundedpress.org/cloud/
- Forgejo: https://localdev.unboundedpress.org/code/
## Maintenance
### Bot Blocker Updates
The nginx-ultimate-bad-bot-blocker updates automatically via cron (monthly on the 1st at 3 AM).
Manual update:
```bash
docker exec nginx-proxy update-ngxblocker
```
### Backup Nextcloud
```bash
# Database backup
docker exec mysql-nextcloud mysqldump -u root -p${PASSWORD} nextcloud > backup_nextcloud_db_$(date +%Y%m%d).sql
# Files backup (run on host)
tar -czf nextcloud_backup_$(date +%Y%m%d).tar.gz nextcloud/html/data/
```
### Backup Forgejo
```bash
# Database backup
docker exec mysql-forgejo mysqldump -u root -p${PASSWORD} forgejo > backup_forgejo_db_$(date +%Y%m%d).sql
# Files backup (run on host)
tar -czf forgejo_backup_$(date +%Y%m%d).tar.gz forgejo/
```
### Update Images
```bash
# Pull latest images
docker compose pull
# Restart services with new images
docker compose up -d
```
### View Logs
```bash
# All services
docker compose logs -f
# Specific service
docker compose logs -f nginx-proxy
docker compose logs -f nextcloud
docker compose logs -f forgejo
```
## Directory Structure
⚠️ **Important**: The `portfolio/` directory contains the majority of my life's work. Ensure backups are current before making any changes.
```
.
.
├── docker-compose.yml # Main compose file
├── .env # Environment variables (not in repo)
├── .env_template # Template for .env
├── nginx/
│ ├── Dockerfile # nginx-proxy build with bot blocker
│ ├── certs/ # SSL certificates
│ ├── conf.d/ # nginx configuration
│ ├── vhost.d/ # Virtual host configs
│ ├── bots.d/ # Bot blocker rules
│ └── crontab # Cron for bot blocker updates
├── portfolio/
│ ├── Dockerfile # Multi-stage production build
│ └── ...
├── nextcloud/
│ ├── html/ # Nextcloud data
│ └── mysql/ # Nextcloud database
├── forgejo/
│ └── ... # Forgejo data
└── redis/
└── ... # Redis data
```
## Troubleshooting
### Nextcloud Login Issues
If login redirects back to login page:
1. Clear browser cookies
2. Check trusted_domains in config
3. Ensure HTTPS is properly configured
```bash
# Check trusted domains
docker exec nextcloud occ config:system:get trusted_domains
# Add domain if needed
docker exec nextcloud occ config:system:set trusted_domains 4 --value="unboundedpress.org"
```
### Collabora Not Opening Documents
1. Verify public_wopi_url is set correctly:
```bash
docker exec nextcloud occ config:app:get richdocuments public_wopi_url
```
2. Check nginx config for /collab/ routing:
```bash
docker exec nginx-proxy cat /etc/nginx/vhost.d/unboundedpress.org | grep -A 5 "location /collab"
```
3. Check Collabora logs:
```bash
docker logs collabora
```
### SSL Certificate Issues
1. Check acme-companion logs:
```bash
docker logs nginx-proxy-acme
```
2. Verify ports 80/443 are open:
```bash
sudo ufw status
# or
sudo iptables -L -n
```
3. Check certificate files exist:
```bash
ls -la nginx/certs/
```
### Container Won't Start
1. Check logs for errors:
```bash
docker compose logs [service-name]
```
2. Verify .env file exists and has correct values
3. Check port conflicts:
```bash
sudo netstat -tlnp | grep ':80\|:443'
```
## Architecture
```
Internet
nginx-proxy (port 80/443)
├── portfolio ─────► :5000
├── nextcloud ──────────► :80 → /cloud/
│ ├── mysql-nextcloud
│ └── redis
├── forgejo ────────────► :4000 → /code/
│ └── mysql-forgejo
└── collabora ──────────► :9980 → /collab/
```
## Credits
- [nginx-proxy](https://github.com/nginx-proxy/nginx-proxy)
- [acme-companion](https://github.com/nginx-proxy/acme-companion)
- [nginx-ultimate-bad-bot-blocker](https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker)
- [Collabora](https://www.collaboraoffice.com/)
- [Forgejo](https://forgejo.org/)
- [Nextcloud](https://nextcloud.com/)
- [Redis](https://redis.io/)
Reference in a new issue Copy permalink