mwinter/unboundedpress
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
112 commits 4 branches 0 tags 313 MiB
Dockerfile 100%
Find a file
Michael Winter 8b244adac3 Update portfolio submodule
2026-02-27 22:31:48 +01:00
nginx chore: Update Collabora config, add static IP, CSP scoped to /cloud, update remote URLs 2026-02-27 09:16:37 +01:00
portfolio@95b3f4ab59 Update portfolio submodule 2026-02-27 22:31:48 +01:00
.env_template fixed bug pointing to wrong mongodb after refactor and adding template config files 2023-04-12 20:50:30 +02:00
.gitignore Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00
.gitmodules chore: Update Collabora config, add static IP, CSP scoped to /cloud, update remote URLs 2026-02-27 09:16:37 +01:00
AGENTS.md Deployment-ready: All services configured 2026-02-23 20:24:09 +01:00
docker-compose.yml chore: Update Collabora config, add static IP, CSP scoped to /cloud, update remote URLs 2026-02-27 09:16:37 +01:00
LICENSE initial commit of completely upgraded stack 2023-04-09 17:01:07 +02:00
README.md chore: Update Collabora config, add static IP, CSP scoped to /cloud, update remote URLs 2026-02-27 09:16:37 +01:00

README.md

Unboundedpress

Self-hosted web infrastructure using Docker Compose.

Overview

  • portfolio: ⚠️ MOST IMPORTANT - Main Nuxt 3 website containing a majority of my life's work (replaced old Express.js portfolio)
  • Nextcloud: File storage and document editing
  • Forgejo: Code repository (migrated from Gitea)
  • Collabora: Online document editor (integrated with Nextcloud)
  • nginx-proxy: Reverse proxy with automatic HTTPS (Let's Encrypt)
  • Redis: Caching for Nextcloud

Prerequisites

  • Docker & Docker Compose installed
  • Ports 80 and 443 available
  • Domain DNS pointing to server

Quick Start

# 1. Clone repository
git clone <repo-url>
cd unboundedpress_dev

# 2. Create .env file
cp .env_template .env
# Edit .env with your values

# 3. Start services
docker compose up -d

# 4. Verify
docker compose ps

Environment Variables (.env)

Variable Description Example
DOMAIN Your domain unboundedpress.org
USER Admin username mwinter
PASSWORD Admin password ************
EMAIL Email for SSL certificates admin@example.com

Services

Service URL Description
portfolio https://{domain}/ Main website
Nextcloud https://{domain}/cloud/ File storage & documents
Forgejo https://{domain}/code/ Git repositories
Collabora https://{domain}/collab/ Document editing (integrated with Nextcloud)

Production Deployment

Step 1: Update Environment

Edit .env:

DOMAIN=unboundedpress.org
# Comment out or remove: HTTPS_METHOD=noredirect

Step 2: Update Nextcloud Collabora URLs

# Internal URL (Nextcloud uses to talk to Collabora)
docker exec nextcloud php occ config:app:set richdocuments wopi_url --value="http://collabora:9980"

# External URL (browser uses to open Collabora)
docker exec nextcloud php occ config:app:set richdocuments public_wopi_url --value="https://unboundedpress.org/collab"

# Callback URL (Collabora uses to connect back to Nextcloud)
docker exec nextcloud php occ config:app:set richdocuments wopi_callback_url --value="https://unboundedpress.org/cloud"

Step 3: Restart Services

docker compose restart

Step 4: Verify SSL

SSL certificates are automatically issued by acme-companion. Check status:

docker logs nginx-proxy-acme

Local Development

HTTPS Setup (mkcert)

For local development with HTTPS, use mkcert to create locally-trusted certificates:

# Install mkcert (Arch Linux)
sudo pacman -S mkcert

# Install local CA
mkcert -install

# Create certificates
cd nginx/certs
mkcert -key-file key.pem -cert-file cert.pem "localdev.unboundedpress.org" "*.localdev.unboundedpress.org"

# Rename to default certificate
mv cert.pem default.crt
mv key.pem default.key

# Restart proxy
docker compose restart nginx-proxy

Access Local Services

After setup, access at:

Maintenance

Bot Blocker Updates

The nginx-ultimate-bad-bot-blocker updates automatically via cron (monthly on the 1st at 3 AM).

Manual update:

docker exec nginx-proxy update-ngxblocker

Backup Nextcloud

# Database backup
docker exec mysql-nextcloud mysqldump -u root -p${PASSWORD} nextcloud > backup_nextcloud_db_$(date +%Y%m%d).sql

# Files backup (run on host)
tar -czf nextcloud_backup_$(date +%Y%m%d).tar.gz nextcloud/html/data/

Backup Forgejo

# Database backup
docker exec mysql-forgejo mysqldump -u root -p${PASSWORD} forgejo > backup_forgejo_db_$(date +%Y%m%d).sql

# Files backup (run on host)
tar -czf forgejo_backup_$(date +%Y%m%d).tar.gz forgejo/

Update Images

# Pull latest images
docker compose pull

# Restart services with new images
docker compose up -d

View Logs

# All services
docker compose logs -f

# Specific service
docker compose logs -f nginx-proxy
docker compose logs -f nextcloud
docker compose logs -f forgejo

Directory Structure

⚠️ Important: The portfolio/ directory contains the majority of my life's work. Ensure backups are current before making any changes.

.
.
├── docker-compose.yml          # Main compose file
├── .env                        # Environment variables (not in repo)
├── .env_template               # Template for .env
├── nginx/
│   ├── Dockerfile              # nginx-proxy build with bot blocker
│   ├── certs/                 # SSL certificates
│   ├── conf.d/                # nginx configuration
│   ├── vhost.d/               # Virtual host configs
│   ├── bots.d/                # Bot blocker rules
│   └── crontab               # Cron for bot blocker updates
├── portfolio/
│   ├── Dockerfile             # Multi-stage production build
│   └── ...
├── nextcloud/
│   ├── html/                  # Nextcloud data
│   └── mysql/                 # Nextcloud database
├── forgejo/
│   └── ...                    # Forgejo data
└── redis/
    └── ...                    # Redis data

Troubleshooting

Nextcloud Login Issues

If login redirects back to login page:

  1. Clear browser cookies
  2. Check trusted_domains in config
  3. Ensure HTTPS is properly configured
# Check trusted domains
docker exec nextcloud occ config:system:get trusted_domains

# Add domain if needed
docker exec nextcloud occ config:system:set trusted_domains 4 --value="unboundedpress.org"

Collabora Not Opening Documents

  1. Verify public_wopi_url is set correctly:
docker exec nextcloud occ config:app:get richdocuments public_wopi_url
  1. Check nginx config for /collab/ routing:
docker exec nginx-proxy cat /etc/nginx/vhost.d/unboundedpress.org | grep -A 5 "location /collab"
  1. Check Collabora logs:
docker logs collabora

SSL Certificate Issues

  1. Check acme-companion logs:
docker logs nginx-proxy-acme
  1. Verify ports 80/443 are open:
sudo ufw status
# or
sudo iptables -L -n
  1. Check certificate files exist:
ls -la nginx/certs/

Container Won't Start

  1. Check logs for errors:
docker compose logs [service-name]

  1. Verify .env file exists and has correct values

  2. Check port conflicts:

sudo netstat -tlnp | grep ':80\|:443'

Architecture

Internet
   │
   ▼
nginx-proxy (port 80/443)
   │
   ├── portfolio ─────► :5000
   │
   ├── nextcloud ──────────► :80 → /cloud/
   │   ├── mysql-nextcloud
   │   └── redis
   │
   ├── forgejo ────────────► :4000 → /code/
   │   └── mysql-forgejo
   │
   └── collabora ──────────► :9980 → /collab/

Credits