unboundedpress/docker-compose.yml

services:

  nginx-proxy:
    build: ./nginx
    container_name: nginx-proxy
    networks:
      default:
        ipv4_address: 172.18.0.5
    ports:
      - "80:80"
      - "443:443"
    restart: always
    #environment:
    #  - HTTPS_METHOD=noredirect
    volumes:
      - ./nginx/conf.d:/etc/nginx/conf.d
      - ./nginx/vhost.d:/etc/nginx/vhost.d
      - ./nginx/bots.d:/etc/nginx/bots.d
      - ./nginx/certs:/etc/nginx/certs:rw
      - nginx:/usr/share/nginx/html
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - ./nginx/crontab:/etc/crontabs/root:ro

  acme-companion:
    image: nginxproxy/acme-companion:2.6.2
    container_name: nginx-proxy-acme
    environment:
      - DEFAULT_EMAIL=${EMAIL}
      # Uncomment this for testing
      #- LETSENCRYPT_TEST=true
    volumes_from:
      - nginx-proxy
    volumes:
      - ./nginx/conf.d:/etc/nginx/conf.d
      - ./nginx/vhost.d:/etc/nginx/vhost.d
      - ./nginx/certs:/etc/nginx/certs:rw
      - nginx:/usr/share/nginx/html
      - acme:/etc/acme.sh
      - /var/run/docker.sock:/var/run/docker.sock:ro
    depends_on:
      - nginx-proxy
    restart: always

  portfolio:
    container_name: portfolio
    build: 
      context: ./portfolio
      args:
        - PASSWORD=${PASSWORD}
    volumes:
      - portfolio:/src/node_modules
      - ./portfolio/server/data:/src/server/data
    environment:
      - PASSWORD=${PASSWORD}
      - VIRTUAL_HOST=${DOMAIN},www.${DOMAIN}
      - VIRTUAL_PATH=/
      - VIRTUAL_PORT=5000
      - LETSENCRYPT_HOST=${DOMAIN},www.${DOMAIN},gitea.${DOMAIN}
      - LETSENCRYPT_EMAIL=${EMAIL}
    restart: always
    depends_on:
      nginx-proxy:
        condition: service_started


  forgejo:
    image: codeberg.org/forgejo/forgejo:7
    container_name: forgejo
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - FORGEJO__database__DB_TYPE=mysql
      - FORGEJO__database__HOST=mysql-forgejo
      - FORGEJO__database__NAME=forgejo
      - FORGEJO__database__USER=${USER}
      - FORGEJO__database__PASSWD=${PASSWORD}
      - FORGEJO__server__LANDING_PAGE=/${USER}
      - FORGEJO__attachment__MAX_SIZE=5000
      - FORGEJO__server__ROOT_URL=https://${DOMAIN}/code/
      - HTTP_PORT=4000
      - LFS_START_SERVER=true
      - DISABLE_REGISTRATION=true
      - RUN_MODE=prod
      - VIRTUAL_HOST=${DOMAIN},www.${DOMAIN},gitea.${DOMAIN} # this last one is for legacy support
      - VIRTUAL_PORT=4000
      - VIRTUAL_PATH=/code/
      - VIRTUAL_DEST=/
    restart: always
    volumes:
      - ./forgejo:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    depends_on:
      mysql-forgejo:
        condition: service_healthy

  mysql-forgejo:
    image: mariadb:10.11
    container_name: mysql-forgejo
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=${PASSWORD}
      - MYSQL_PASSWORD=${PASSWORD}
      - MYSQL_DATABASE=gitea
      - MYSQL_USER=${USER}
    volumes:
      - ./forgejo/mysql:/var/lib/mysql
    healthcheck:
      test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"]
      interval: 15s
      start_period: 20s

  nextcloud:
    image: nextcloud:31-apache
    container_name: nextcloud
    restart: always
    volumes:
      - ./nextcloud/html:/var/www/html
    environment:
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=${USER}
      - MYSQL_PASSWORD=${PASSWORD}
      - MYSQL_HOST=mysql-nextcloud
      - NEXTCLOUD_ADMIN_USER=${USER}
      - NEXTCLOUD_ADMIN_PASSWORD=${PASSWORD}
      - NEXTCLOUD_TRUSTED_DOMAINS=${DOMAIN} www.${DOMAIN}
      - NEXTCLOUD_EXTRA_APPS=calendar,richdocuments
      - APACHE_DISABLE_REWRITE_IP=1
      - TRUSTED_PROXIES=nginx-proxy
      - REDIS_HOST=redis
      - OVERWRITEHOST=${DOMAIN}
      - OVERWRITEWEBROOT=/cloud
      - OVERWRITEPROTOCOL=https
      - OVERWRITECLIURL=https://unboundedpress.org
      - VIRTUAL_HOST=${DOMAIN},www.${DOMAIN}
      - VIRTUAL_PATH=/cloud/
      - VIRTUAL_DEST=/
    extra_hosts:
      - "${DOMAIN}:172.18.0.5"
    depends_on:
      mysql-nextcloud:
        condition: service_healthy
      redis:
        condition: service_started

  collabora:
    image: collabora/code:latest
    container_name: collabora
    depends_on:
      nginx-proxy:
        condition: service_started
      nextcloud:
        condition: service_started
    cap_add:
     - MKNOD
    extra_hosts:
     - "${DOMAIN}:172.18.0.5"
    environment:
      - username=${USER}
      - password=${PASSWORD}
      - domain=${DOMAIN}
      - server_name=${DOMAIN}
      - aliasgroup1=https://${DOMAIN}:443
      - VIRTUAL_HOST=${DOMAIN},www.${DOMAIN}
      - VIRTUAL_PATH=/collab/
      - VIRTUAL_DEST=/
      # Extra parameters to Collabora, see also
      # https://www.collaboraoffice.com/code/nginx-reverse-proxy/:
      # SSL terminates at the proxy
      - extra_params=--o:ssl.enable=false --o:ssl.termination=true
      # NOTE: The file nginx/vhosts.d/unboundedpress.org handles
      #       routing for collabora on production only

  cron-nextcloud:
    image: nextcloud:31-apache
    container_name: cron-nextcloud
    restart: always
    volumes:
      - ./nextcloud/html:/var/www/html
    entrypoint: /cron.sh
    environment:
      - NEXTCLOUD_EXTRA_APPS=calendar,richdocuments
      - REDIS_HOST=redis
    depends_on:
      mysql-nextcloud:
        condition: service_healthy
      redis:
        condition: service_started

  mysql-nextcloud:
    image: mariadb:10.11
    container_name: mysql-nextcloud
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=${PASSWORD}
      - MYSQL_PASSWORD=${PASSWORD}
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=${USER}
    volumes:
      - ./nextcloud/mysql:/var/lib/mysql
    healthcheck:
      test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"]
      interval: 15s
      start_period: 20s

  redis:
    image: redis:alpine
    container_name: redis
    restart: always
    volumes:
      - ./redis:/data
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 30s
      timeout: 10s
      retries: 3

volumes:
  nginx:
  acme:
  portfolio:

networks:
  default:
    ipam:
      driver: default
      config:
        - subnet: 172.18.0.0/16
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`services:`

			`nginx-proxy:`
			`build: ./nginx`
			`container_name: nginx-proxy`
chore: Update Collabora config, add static IP, CSP scoped to /cloud, update remote URLs 2026-02-27 09:16:37 +01:00			`networks:`
			`default:`
			`ipv4_address: 172.18.0.5`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`ports:`
			`- "80:80"`
			`- "443:443"`
			`restart: always`
			`#environment:`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`# - HTTPS_METHOD=noredirect`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`volumes:`
			`- ./nginx/conf.d:/etc/nginx/conf.d`
			`- ./nginx/vhost.d:/etc/nginx/vhost.d`
			`- ./nginx/bots.d:/etc/nginx/bots.d`
			`- ./nginx/certs:/etc/nginx/certs:rw`
			`- nginx:/usr/share/nginx/html`
			`- /var/run/docker.sock:/tmp/docker.sock:ro`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`- ./nginx/crontab:/etc/crontabs/root:ro`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00
			`acme-companion:`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`image: nginxproxy/acme-companion:2.6.2`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`container_name: nginx-proxy-acme`
			`environment:`
			`- DEFAULT_EMAIL=${EMAIL}`
			`# Uncomment this for testing`
everything seems to be working with this configuration 2023-04-15 13:44:18 +02:00			`#- LETSENCRYPT_TEST=true`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`volumes_from:`
			`- nginx-proxy`
			`volumes:`
			`- ./nginx/conf.d:/etc/nginx/conf.d`
			`- ./nginx/vhost.d:/etc/nginx/vhost.d`
			`- ./nginx/certs:/etc/nginx/certs:rw`
			`- nginx:/usr/share/nginx/html`
			`- acme:/etc/acme.sh`
			`- /var/run/docker.sock:/var/run/docker.sock:ro`
			`depends_on:`
			`- nginx-proxy`
			`restart: always`

			`portfolio:`
			`container_name: portfolio`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`build:`
			`context: ./portfolio`
			`args:`
			`- PASSWORD=${PASSWORD}`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`volumes:`
			`- portfolio:/src/node_modules`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`- ./portfolio/server/data:/src/server/data`
several fixes and initial preparation for docker deployment with legacy support 2023-06-16 16:32:50 +02:00			`environment:`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`- PASSWORD=${PASSWORD}`
several fixes and initial preparation for docker deployment with legacy support 2023-06-16 16:32:50 +02:00			`- VIRTUAL_HOST=${DOMAIN},www.${DOMAIN}`
			`- VIRTUAL_PATH=/`
ready for launch with titles and routes 2023-06-28 11:44:41 +02:00			`- VIRTUAL_PORT=5000`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`- LETSENCRYPT_HOST=${DOMAIN},www.${DOMAIN},gitea.${DOMAIN}`
ready for launch with titles and routes 2023-06-28 11:44:41 +02:00			`- LETSENCRYPT_EMAIL=${EMAIL}`
several fixes and initial preparation for docker deployment with legacy support 2023-06-16 16:32:50 +02:00			`restart: always`
trying to make starting autimatically work 2023-08-28 19:27:17 +02:00			`depends_on:`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`nginx-proxy:`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`condition: service_started`


Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`forgejo:`
			`image: codeberg.org/forgejo/forgejo:7`
			`container_name: forgejo`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`environment:`
			`- USER_UID=1000`
			`- USER_GID=1000`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`- FORGEJO__database__DB_TYPE=mysql`
			`- FORGEJO__database__HOST=mysql-forgejo`
			`- FORGEJO__database__NAME=forgejo`
			`- FORGEJO__database__USER=${USER}`
			`- FORGEJO__database__PASSWD=${PASSWORD}`
			`- FORGEJO__server__LANDING_PAGE=/${USER}`
			`- FORGEJO__attachment__MAX_SIZE=5000`
			`- FORGEJO__server__ROOT_URL=https://${DOMAIN}/code/`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`- HTTP_PORT=4000`
			`- LFS_START_SERVER=true`
			`- DISABLE_REGISTRATION=true`
			`- RUN_MODE=prod`
everything seems to be working with this configuration 2023-04-15 13:44:18 +02:00			`- VIRTUAL_HOST=${DOMAIN},www.${DOMAIN},gitea.${DOMAIN} # this last one is for legacy support`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`- VIRTUAL_PORT=4000`
			`- VIRTUAL_PATH=/code/`
			`- VIRTUAL_DEST=/`
			`restart: always`
			`volumes:`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`- ./forgejo:/data`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`- /etc/timezone:/etc/timezone:ro`
			`- /etc/localtime:/etc/localtime:ro`
			`depends_on:`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`mysql-forgejo:`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`condition: service_healthy`

Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`mysql-forgejo:`
			`image: mariadb:10.11`
			`container_name: mysql-forgejo`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`restart: always`
			`environment:`
			`- MYSQL_ROOT_PASSWORD=${PASSWORD}`
			`- MYSQL_PASSWORD=${PASSWORD}`
			`- MYSQL_DATABASE=gitea`
			`- MYSQL_USER=${USER}`
			`volumes:`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`- ./forgejo/mysql:/var/lib/mysql`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`healthcheck:`
			`test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"]`
			`interval: 15s`
			`start_period: 20s`

			`nextcloud:`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`image: nextcloud:31-apache`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`container_name: nextcloud`
			`restart: always`
			`volumes:`
fixing restheart reverse proxy bug and final configs for migration 2023-04-14 12:59:48 +02:00			`- ./nextcloud/html:/var/www/html`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`environment:`
			`- MYSQL_DATABASE=nextcloud`
			`- MYSQL_USER=${USER}`
			`- MYSQL_PASSWORD=${PASSWORD}`
			`- MYSQL_HOST=mysql-nextcloud`
			`- NEXTCLOUD_ADMIN_USER=${USER}`
			`- NEXTCLOUD_ADMIN_PASSWORD=${PASSWORD}`
everything seems to be working with this configuration 2023-04-15 13:44:18 +02:00			`- NEXTCLOUD_TRUSTED_DOMAINS=${DOMAIN} www.${DOMAIN}`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`- NEXTCLOUD_EXTRA_APPS=calendar,richdocuments`
everything seems to be working with this configuration 2023-04-15 13:44:18 +02:00			`- APACHE_DISABLE_REWRITE_IP=1`
small tweaks from production. nc still broke 2023-04-15 03:44:08 +02:00			`- TRUSTED_PROXIES=nginx-proxy`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`- REDIS_HOST=redis`
everything seems to be working with this configuration 2023-04-15 13:44:18 +02:00			`- OVERWRITEHOST=${DOMAIN}`
			`- OVERWRITEWEBROOT=/cloud`
			`- OVERWRITEPROTOCOL=https`
trying collabora as a container 2023-06-03 11:39:21 +02:00			`- OVERWRITECLIURL=https://unboundedpress.org`
everything seems to be working with this configuration 2023-04-15 13:44:18 +02:00			`- VIRTUAL_HOST=${DOMAIN},www.${DOMAIN}`
			`- VIRTUAL_PATH=/cloud/`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`- VIRTUAL_DEST=/`
chore: Update Collabora config, add static IP, CSP scoped to /cloud, update remote URLs 2026-02-27 09:16:37 +01:00			`extra_hosts:`
			`- "${DOMAIN}:172.18.0.5"`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`depends_on:`
			`mysql-nextcloud:`
			`condition: service_healthy`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`redis:`
			`condition: service_started`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00
trying collabora as a container 2023-06-03 11:39:21 +02:00			`collabora:`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`image: collabora/code:latest`
trying collabora as a container 2023-06-03 11:39:21 +02:00			`container_name: collabora`
			`depends_on:`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`nginx-proxy:`
			`condition: service_started`
			`nextcloud:`
			`condition: service_started`
trying collabora as a container 2023-06-03 11:39:21 +02:00			`cap_add:`
			`- MKNOD`
chore: Update Collabora config, add static IP, CSP scoped to /cloud, update remote URLs 2026-02-27 09:16:37 +01:00			`extra_hosts:`
			`- "${DOMAIN}:172.18.0.5"`
trying collabora as a container 2023-06-03 11:39:21 +02:00			`environment:`
			`- username=${USER}`
			`- password=${PASSWORD}`
			`- domain=${DOMAIN}`
chore: Update Collabora config, add static IP, CSP scoped to /cloud, update remote URLs 2026-02-27 09:16:37 +01:00			`- server_name=${DOMAIN}`
			`- aliasgroup1=https://${DOMAIN}:443`
trying collabora as a container 2023-06-03 11:39:21 +02:00			`- VIRTUAL_HOST=${DOMAIN},www.${DOMAIN}`
			`- VIRTUAL_PATH=/collab/`
			`- VIRTUAL_DEST=/`
			`# Extra parameters to Collabora, see also`
			`# https://www.collaboraoffice.com/code/nginx-reverse-proxy/:`
			`# SSL terminates at the proxy`
			`- extra_params=--o:ssl.enable=false --o:ssl.termination=true`
production working container of collabora 2023-06-03 16:02:54 +02:00			`# NOTE: The file nginx/vhosts.d/unboundedpress.org handles`
			`# routing for collabora on production only`
trying collabora as a container 2023-06-03 11:39:21 +02:00
adding nc cron 2023-05-29 13:56:42 +02:00			`cron-nextcloud:`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`image: nextcloud:31-apache`
adding container name for nc cron 2023-05-29 14:07:42 +02:00			`container_name: cron-nextcloud`
adding nc cron 2023-05-29 13:56:42 +02:00			`restart: always`
			`volumes:`
			`- ./nextcloud/html:/var/www/html`
			`entrypoint: /cron.sh`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`environment:`
			`- NEXTCLOUD_EXTRA_APPS=calendar,richdocuments`
			`- REDIS_HOST=redis`
adding nc cron 2023-05-29 13:56:42 +02:00			`depends_on:`
			`mysql-nextcloud:`
			`condition: service_healthy`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`redis:`
			`condition: service_started`
adding nc cron 2023-05-29 13:56:42 +02:00
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`mysql-nextcloud:`
Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`image: mariadb:10.11`
initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`container_name: mysql-nextcloud`
			`command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW`
			`restart: always`
			`environment:`
			`- MYSQL_ROOT_PASSWORD=${PASSWORD}`
			`- MYSQL_PASSWORD=${PASSWORD}`
			`- MYSQL_DATABASE=nextcloud`
			`- MYSQL_USER=${USER}`
			`volumes:`
			`- ./nextcloud/mysql:/var/lib/mysql`
			`healthcheck:`
			`test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"]`
			`interval: 15s`
			`start_period: 20s`

Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00			`redis:`
			`image: redis:alpine`
			`container_name: redis`
			`restart: always`
			`volumes:`
			`- ./redis:/data`
			`healthcheck:`
			`test: ["CMD", "redis-cli", "ping"]`
			`interval: 30s`
			`timeout: 10s`
			`retries: 3`

initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00			`volumes:`
			`nginx:`
			`acme:`
			`portfolio:`
chore: Update Collabora config, add static IP, CSP scoped to /cloud, update remote URLs 2026-02-27 09:16:37 +01:00
			`networks:`
			`default:`
			`ipam:`
			`driver: default`
			`config:`
			`- subnet: 172.18.0.0/16`