【docker】

1.记录常用docker配置

docker-compose/nginx/conf.d/fq.conf

@@ -0,0 +1,18 @@
+# fanqiang service
+server {
+  listen 443 ssl;
+  server_name fq.zhixinghe1.top;
+  
+  location / {
+    add_header Access-Control-Allow-Origin *;
+    proxy_redirect off;
+    proxy_pass http://localhost.com:19090;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+    #proxy_set_header Host $http_host;
+    proxy_set_header Host $host:$server_port;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+  }
+}

docker-compose/nginx/conf.d/fs.conf

@@ -0,0 +1,12 @@
+# file service
+server {
+  listen 443 ssl;
+  server_name fs.zhixinghe1.top;
+  
+  location / {
+    root /fs;
+    autoindex on;
+    autoindex_exact_size off;
+    autoindex_localtime on;
+  }
+}

docker-compose/nginx/conf.d/git.conf

@@ -0,0 +1,29 @@
+# git service
+
+server {
+  listen 443 ssl;
+  server_name git.zhixinghe1.top;
+  
+  gzip on;
+  
+  location / {
+    proxy_redirect off;
+    proxy_pass http://localhost.com:10880;
+
+    proxy_set_header  Host                $http_host;
+    proxy_set_header  X-Real-IP           $remote_addr;
+    proxy_set_header  X-Forwarded-Ssl     on;
+    proxy_set_header  X-Forwarded-For     $proxy_add_x_forwarded_for;
+    proxy_set_header  X-Forwarded-Proto   $scheme;
+    proxy_set_header  X-Frame-Options     SAMEORIGIN;
+
+    client_max_body_size        100m;
+    client_body_buffer_size     128k;
+
+    proxy_buffer_size           4k;
+    proxy_buffers               4 32k;
+    proxy_busy_buffers_size     64k;
+    proxy_temp_file_write_size  64k;
+    
+  }
+}

docker-compose/nginx/conf.d/rewrite443.conf

@@ -0,0 +1,7 @@
+# 将所有HTTP请求通过rewrite指令重定向到HTTPS。
+server {
+  listen       80 default_server;
+  listen       [::]:80 default_server;
+  server_name  _;
+  rewrite ^(.*)$ https://$host$1; 
+}

docker-compose/nginx/conf.d/www.conf

@@ -0,0 +1,17 @@
+# default service
+server {
+  listen 443 ssl;
+  server_name www.zhixinghe1.top;
+  
+  location / {
+	root /usr/share/nginx/html;
+	index index.html index.htm;
+  }
+  
+  location /.well-known {
+	alias /web/;
+	autoindex on;
+  }
+}
+	
+

docker-compose/nginx/docker-compose.yml

@@ -0,0 +1,19 @@
+version: "3"
+services:
+  service.nginx:
+    image: nginx:1.22.1
+    container_name: nginx
+    ports:
+      - 80:80
+      - 443:443
+    volumes:
+      - /home/zkpk/nginx/nginx.conf:/etc/nginx/nginx.conf
+      - /home/zkpk/nginx/conf.d:/etc/nginx/conf.d
+      - /etc/letsencrypt:/etc/letsencrypt
+      - /home/zkpk/nginx/fs:/fs
+      - /home/zkpk/nginx/web:/web
+    extra_hosts:
+      localhost.com: 172.17.0.1
+    stdin_open: true
+    tty: true
+    restart: always

docker-compose/nginx/nginx.conf

@@ -0,0 +1,37 @@
+user  nginx;
+worker_processes  auto;
+
+error_log  /var/log/nginx/error.log notice;
+pid        /var/run/nginx.pid;
+
+events {
+    worker_connections  1024;
+}
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+	
+	#全局SSL配置
+	ssl_session_timeout 5m;
+	ssl_prefer_server_ciphers on;
+	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+	ssl_certificate /etc/letsencrypt/live/zhixinghe1.top/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/zhixinghe1.top/privkey.pem;
+	ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
+
+    include /etc/nginx/conf.d/*.conf;
+}

docker-compose/ttrss/docker-compose.yml

@@ -0,0 +1,69 @@
+version: "3"
+services:
+  service.rss:
+    image: wangqiru/ttrss:latest
+    container_name: ttrss
+    ports:
+      - 181:80
+    environment:
+      - SELF_URL_PATH=https://rss.zhixinghe1.top # please change to your own domain
+      - DB_PASS=ttrss # use the same password defined in `database.postgres`
+      - PUID=1000
+      - PGID=1000
+    volumes:
+      - feed-icons:/var/www/feed-icons/
+    networks:
+      - public_access
+      - service_only
+      - database_only
+    stdin_open: true
+    tty: true
+    restart: always
+
+  service.mercury: # set Mercury Parser API endpoint to `service.mercury:3000` on TTRSS plugin setting page
+    image: wangqiru/mercury-parser-api:latest
+    container_name: mercury
+    networks:
+      - public_access
+      - service_only
+    restart: always
+
+  service.opencc: # set OpenCC API endpoint to `service.opencc:3000` on TTRSS plugin setting page
+    image: wangqiru/opencc-api-server:latest
+    container_name: opencc
+    environment:
+      - NODE_ENV=production
+    networks:
+      - service_only
+    restart: always
+
+  database.postgres:
+    image: postgres:13-alpine
+    container_name: postgres
+    environment:
+      - POSTGRES_PASSWORD=ttrss # feel free to change the password
+    volumes:
+      - /home/zkpk/ttrss/postgres/data/:/var/lib/postgresql/data # persist postgres data to ~/postgres/data/ on the host
+    networks:
+      - database_only
+    restart: always
+
+  # utility.watchtower:
+  #   container_name: watchtower
+  #   image: containrrr/watchtower:latest
+  #   volumes:
+  #     - /var/run/docker.sock:/var/run/docker.sock
+  #   environment:
+  #     - WATCHTOWER_CLEANUP=true
+  #     - WATCHTOWER_POLL_INTERVAL=86400
+  #   restart: always
+
+volumes:
+  feed-icons:
+
+networks:
+  public_access: # Provide the access for ttrss UI
+  service_only: # Provide the communication network between services only
+    internal: true
+  database_only: # Provide the communication between ttrss and database only
+    internal: true

docker-compose/v2ray/config.json

@@ -0,0 +1,29 @@
+{
+  "inbounds": [
+    {
+      "listen": "0.0.0.0",
+      "port": 19090,
+      "protocol": "vmess",
+      "settings": {
+        "clients": [
+          {
+            "id": "f39bdcd6-6fd8-4675-8716-d89dda4ca8f8",
+            "alterId": 0
+          }
+        ]
+      },
+      "streamSettings": {
+        "network": "ws",
+        "wsSettings": {
+          "path": "/"
+        }
+      }
+    }
+  ],
+  "outbounds": [
+    {
+      "protocol": "freedom",
+      "settings": {}
+    }
+  ]
+}

docker-compose/v2ray/docker-compose.yml

@@ -0,0 +1,14 @@
+version: "3"
+services:
+  service.rss:
+    image: teddysun/v2ray:latest
+    container_name: v2ray
+    ports:
+      - 19090:19090
+    volumes:
+      - /home/zkpk/v2ray/config.json:/etc/v2ray/config.json
+      - /home/zkpk/v2ray/log:/var/log/v2ray
+    stdin_open: true
+    tty: true
+    restart: always
+