server

No description

Shell 100%

Find a file

faicel 73e2578f67 Add initial Docker Swarm stack configuration with services for Mattermost and Forgejo - Created `.gitignore` to exclude system files, temporary files, and sensitive data. - Added `README.md` for project documentation and deployment instructions. - Defined `apps.yml` for Mattermost and Forgejo services, including secrets and volumes. - Implemented initialization scripts for Mattermost and Forgejo databases. - Configured PostgreSQL and MinIO services in `data.yml`. - Set up Nginx as a reverse proxy with SSL for Mattermost and MinIO. - Included necessary configuration files and snippets for Nginx. - Added placeholder files in `secrets` and `certbot` directories to maintain structure. - Ensured proper permissions and security practices for sensitive data handling.		2026-02-27 13:21:06 +01:00
apps	Add initial Docker Swarm stack configuration with services for Mattermost and Forgejo	2026-02-27 13:21:06 +01:00
data	Add initial Docker Swarm stack configuration with services for Mattermost and Forgejo	2026-02-27 13:21:06 +01:00
infra	Add initial Docker Swarm stack configuration with services for Mattermost and Forgejo	2026-02-27 13:21:06 +01:00
secrets	Add initial Docker Swarm stack configuration with services for Mattermost and Forgejo	2026-02-27 13:21:06 +01:00
.gitignore	Add initial Docker Swarm stack configuration with services for Mattermost and Forgejo	2026-02-27 13:21:06 +01:00
README.md	Add initial Docker Swarm stack configuration with services for Mattermost and Forgejo	2026-02-27 13:21:06 +01:00

README.md

Docker Swarm Stack

This repository contains the configuration of a Docker Swarm stack for self‑hosted services (reverse proxy, certificates, etc.) in a Home / Small Office environment.

Goals

Centralize infrastructure configuration (services, volumes, secrets, networks).
Enable reproducible deployments on a Docker Swarm cluster.
Clearly separate responsibilities between infra, apps, data, and secrets.

Project structure

infra/: infrastructure services (for example nginx, certbot, network configuration, etc.).
apps/: application definitions and configuration (apps.yml files, init scripts).
data/: initialization files (SQL, scripts) and persistent configuration for services.
secrets/: text files containing secrets (passwords, keys, etc.).
These files are ignored by Git (see .gitignore) and must not be versioned.

Prerequisites

Docker installed (version compatible with Docker Swarm).
Access to one or more Swarm nodes with the paths mounted as defined in the *.yml files (for example /home/ubuntu/docker/swarm/...).
DNS configured to point to the reverse proxy (for example nginx + certbot).

Quick deployment (example)

Initialize the Swarm (if not already done):
```
docker swarm init
```

Create Docker secrets from local files (adapt names as needed):

docker secret create turn_secret secrets/turn_secret.txt
docker secret create postgres_password secrets/postgres_password.txt
# etc. for the other secret files…

Deploy the infra layer (reverse proxy, certificates, etc.) from infra/infra.yml:
```
docker stack deploy -c infra/infra.yml infra
```
Deploy other services / applications using apps/apps.yml and data/data.yml (commands to adapt to your organization, for example multiple stacks).

Testing and validation

This repository mainly contains infrastructure configuration.
To validate your changes:

Check YAML syntax (docker compose config, YAML linters, etc.).
Deploy to a test environment and verify that Swarm services start correctly (docker service ls, docker service logs …).

Security

Never commit real secrets into the Git repository.
Use files in secrets/ only as local sources to create docker secret.
Restrict read permissions on the secrets/ directory as much as possible.

More information

For more detailed documentation, examples, and operational notes, see the project wiki:
Server swarm wiki

README.md Unescape Escape