add:vaultwardeb, improve other services

jenkins/docker-compose/jenkins/docker-compose.yaml

@@ -0,0 +1,11 @@
+services:
+  jenkins:
+    image: jenkins/jenkins:lts
+    ports:
+      - "8080:8080"
+    volumes:
+      - jenkins_home:/var/jenkins_home
+  ssh-agent:
+    image: jenkins/ssh-agent
+volumes:
+  jenkins_home:

keycloak/docker-compose/keycloak/.env

@@ -1,8 +1 @@
-KEYCLOAK_REALM=magnolia
+KC_HOSTNAME=keycloak.rschneider.hu
-KEYCLOAK_CLIENT_ID_AUTHOR=author.ucsintranet
-KEYCLOAK_CLIENT_ID_PUBLIC=ucsintranet
-KEYCLOAK_AUTH_URL=http://keycloak.ucsintranet.at:5070/
-KEYCLOAK_SSL_REQUIRED=external
-KEYCLOAK_CREDENTIALS_SECRET_AUTHOR=jS60AKrWTE9j38FPzs5nu3tpkWCQ1rs4
-KEYCLOAK_CREDENTIALS_SECRET_PUBLIC=XSeCqIY5Uw9km6FBoFG75vav61sUIGz7
-KC_HOSTNAME=keycloak.ucsintranet.at

keycloak/docker-compose/keycloak/docker-compose.yaml

@@ -5,7 +5,6 @@ services:
     image: quay.io/keycloak/keycloak:24.0.4
     volumes:
       - ./services/keycloak/themes:/opt/keycloak/themes
-#      - ./services/keycloak/data/import:/opt/keycloak/data/import
     environment:
       KC_DB: mariadb
       KC_DB_URL: jdbc:mariadb://keycloak-db:3306/keycloak
@@ -20,14 +19,14 @@ services:
       KC_METRICS_ENABLED: "true"
       KC_HEALTH_ENABLED: "true"
       KEYCLOAK_ADMIN: "admin"
-      KEYCLOAK_ADMIN_PASSWORD: "admin"
+      KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
 
 #    command: start-dev --import-realm
     #    command: start-dev
     depends_on:
       - keycloak-db
     ports:
-      - 4103:8080
+      - 4107:8080
     networks:
       - keycloak-network
 

ldap/docker-compose/ldap/docker-compose.yaml

@@ -15,15 +15,15 @@ services:
         - LDAP_ORGANISATION=rschneider
         - LDAP_DOMAIN=rschneider.hu
         - LDAP_ADMIN_USERNAME=admin
-        - LDAP_ADMIN_PASSWORD=admin_pass
+        - LDAP_ADMIN_PASSWORD=${LDAP_ADMIN_PASSWORD}
-        - LDAP_CONFIG_PASSWORD=config_pass
+        - LDAP_CONFIG_PASSWORD=${LDAP_CONFIG_PASSWORD}
         - "LDAP_BASE_DN=dc=rschneider,dc=hu"
 #        - LDAP_TLS_CRT_FILENAME=server.crt
 #        - LDAP_TLS_KEY_FILENAME=server.key
 #        - LDAP_TLS_CA_CRT_FILENAME=alibnr.com.ca.crt
         - LDAP_READONLY_USER=true
         - LDAP_READONLY_USER_USERNAME=user-ro
-        - LDAP_READONLY_USER_PASSWORD=ro_pass
+        - LDAP_READONLY_USER_PASSWORD=${LDAP_RO_PASSWORD}
     networks:
       - openldap
 

nexus/docker-compose/docker-compose.yaml

@@ -6,7 +6,8 @@ services:
     volumes:
       - "nexus-data:/sonatype-work"
     ports:
-      - "8081:8081"
+      - "4108:8081"
-      - "8085:8085"
+      - "4109:8085"
+      - "4110:8085"
 volumes:
   nexus-data: {}

readme.md

@@ -5,11 +5,16 @@
 router redirects port range 4100-4200 to the infra server
 
 | port | service     | description     |
-|------|----------|----------------|
+|------|-------------|-----------------|
 | 4100 | gitea       | web             |
 | 4101 | gitea       | ssh             |
 | 4102 | xwiki       | web             |
 | 4103 | keycloak    | web             |
-| 4104 | ldap     | web            |
+| 4104 | ldap        | web /phpldap    |
 | 4105 | ldap        | ldap/slapd      |
 | 4106 | ldap        | ldap/slapd/ssl  |
+| 4107 | keycloak    | keycloak web    |
+| 4108 | nexus       | admin web       |
+| 4109 | nexus       | admin web       |
+| 4110 | nexus       | docker registry |
+| 4111 | vaultwarden | web             |

vaultwarden/docker-compose/vaultwarden/docker-compose.yaml

@@ -0,0 +1,12 @@
+services:
+  vaultwarden:
+    image: vaultwarden/server:latest
+    container_name: vaultwarden
+    restart: always
+    environment:
+      # DOMAIN: "https://vaultwarden.example.com"  # required when using a reverse proxy; your domain; vaultwarden needs to know it's https to work properly with attachments
+      SIGNUPS_ALLOWED: "true" # Deactivate this with "false" after you have created your account so that no strangers can register
+    volumes:
+      - ./vw-data:/data # the path before the : can be changed
+    ports:
+      - 4111:80 # you can replace the 11001 with your preferred port