Cleaned up some missing services by removing sensitive data into .env files

matrix-bots/compose.yml

@@ -0,0 +1,33 @@
+services:
+  matrix-registration-bot:
+    image: moanos/matrix-registration-bot:latest
+    environment:
+      LOGGING_LEVEL: DEBUG
+      BOT_SERVER: "https://nearfuture.industries"
+      BOT_USERNAME: "registration-bot"
+      BOT_PASSWORD: ${BOT_PW}
+      API_BASE_URL: 'https://synapse.nearfuture.industries'
+      API_TOKEN: ${API_TOK}
+    volumes:
+      - /home/fejy/docker/matrix-bots/matrix-registration-bot/:/data/
+
+
+  maubot:
+    image: dock.mau.dev/maubot/maubot
+    container_name: maubot
+    volumes:
+      - /home/fejy/docker/matrix-bots/maubot/:/data:z
+    ports:
+      - 29316:29316
+    networks:
+      - proxy
+    restart: unless-stopped
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.maubot.rule=Host(`maubot.nearfuture`)"
+      - "traefik.http.routers.maubot.entrypoints=web"
+
+networks:
+  proxy:
+    external: true
+

pirate-ship/compose.yml

@@ -116,7 +116,7 @@ services:
     user: 1029:1000
     environment:
       - DEBUG=1
-        #- mam_id=<Grab from security settings>
+        #- mam_id=${MAM_KEY}
       - interval=1
     volumes:
       - /home/fejy/docker/mam-api:/config

synapse/compose.yml

@@ -0,0 +1,94 @@
+# This compose file is compatible with Compose itself, it might need some
+# adjustments to run properly with stack.
+
+version: '3'
+
+services:
+
+  synapse:
+    build:
+      context: ../..
+      dockerfile: docker/Dockerfile
+    image: docker.io/matrixdotorg/synapse:latest
+    # Since synapse does not retry to connect to the database, restart upon
+    # failure
+    restart: unless-stopped
+    # See the readme for a full documentation of the environment settings
+    # NOTE: You must edit homeserver.yaml to use postgres, it defaults to sqlite
+    environment:
+      - SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
+    volumes:
+      # You may either store all the files in a local folder
+      - /home/fejy/docker/synapse:/data
+      # .. or you may split this between different storage points
+      # - ./files:/data
+      # - /path/to/ssd:/data/uploads
+      # - /path/to/large_hdd:/data/media
+    depends_on:
+      - db
+    networks:
+      - proxy
+
+    # In order to expose Synapse, remove one of the following, you might for
+    # instance expose the TLS port directly:
+    ports:
+      - 8448:8448/tcp
+    # ... or use a reverse proxy, here is an example for traefik:
+    labels:
+      # The following lines are valid for Traefik version 1.x:
+      #- traefik.enable=true
+      #- traefik.frontend.rule=Host:my.matrix.Host
+      #- traefik.port=8008
+      # Alternatively, for Traefik version 2.0:
+      - traefik.enable=true
+      - traefik.http.routers.http-synapse.entryPoints=web
+      - traefik.http.routers.http-synapse.rule=Host(`synapse.nearfuture.industries`)
+      - traefik.http.middlewares.https_redirect.redirectscheme.scheme=https
+      - traefik.http.middlewares.https_redirect.redirectscheme.permanent=true
+      - traefik.http.routers.http-synapse.middlewares=https_redirect
+      - traefik.http.routers.https-synapse.entryPoints=websecure
+      - traefik.http.routers.https-synapse.rule=Host(`synapse.nearfuture.industries`)
+      - traefik.http.routers.https-synapse.service=synapse
+      - traefik.http.routers.https-synapse.tls=true
+      - traefik.http.routers.https-synapse.tls.certresolver=myresolver
+      - traefik.http.services.synapse.loadbalancer.server.port=8008
+
+  db:
+    image: docker.io/postgres:12-alpine
+    # Change that password, of course!
+    environment:
+      - POSTGRES_USER=postgres
+      - POSTGRES_PASSWORD=${POSTGRES_PASS}
+      # ensure the database gets created correctly
+      # https://element-hq.github.io/synapse/latest/postgres.html#set-up-database
+      - POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
+    networks:
+      - proxy
+    volumes:
+      # You may store the database tables in a local folder..
+      - /home/fejy/docker/synapse-db/:/var/lib/postgresql/data
+      # .. or store them on some high performance storage for better results
+      # - /path/to/ssd/storage:/var/lib/postgresql/data
+      
+  nginx:
+    image: nginx:1.12-alpine
+    restart: unless-stopped
+    networks:
+      - proxy
+    labels:
+      - traefik.enable=true
+      - traefik.http.services.matrix.loadbalancer.server.port=80
+      - traefik.http.routers.matrix.rule=Host(`nearfuture.industries`)
+      - traefik.http.routers.matrix.entrypoints=websecure
+      - traefik.http.routers.matrix.service=matrix
+      - traefik.http.routers.matrix.tls=true
+      - traefik.http.routers.matrix.tls.certresolver=myresolver
+
+    volumes:
+      - ./nginx/matrix.conf:/etc/nginx/conf.d/matrix.conf
+      - ./nginx/www:/var/www/
+
+networks:
+  proxy:
+    external: true
+

synapse/nginx/matrix.conf

@@ -0,0 +1,17 @@
+server {
+  listen         80 default_server;
+  server_name    nearfuture.industries;
+
+ # Traefik -> nginx -> synapse
+ location /_matrix {
+    proxy_pass http://synapse:8008;
+    proxy_set_header X-Forwarded-For $remote_addr;
+    client_max_body_size 128m;
+  }
+
+  location /.well-known/matrix/ {
+    root /var/www/;
+    default_type application/json;
+    add_header Access-Control-Allow-Origin  *;
+  }
+}

synapse/nginx/www/.well-known/matrix/client

@@ -0,0 +1,6 @@
+{
+  "m.homeserver": {
+    "base_url": "https://nearfuture.industries"
+  }
+}
+

synapse/nginx/www/.well-known/matrix/server

@@ -0,0 +1,4 @@
+{
+  "m.server": "synapse.nearfuture.industries:443"
+}
+

traefik/compose.yml

@@ -8,6 +8,9 @@ services:
       #- "--providers.docker.exposedbydefault=false"
       #- "--entrypoints.web.address=:80"
     restart: unless-stopped
+    environment:
+      - NAMECHEAP_API_USER=${NAMECHEAP_USER}
+      - NAMECHEAP_API_KEY=${NAMECHEAP_KEY}
     ports:
       - "80:80"
       - "443:443"
@@ -16,6 +19,7 @@ services:
       - /var/run/docker.sock:/var/run/docker.sock
       - /home/fejy/docker/traefik:/etc/traefik
       - /home/fejy/docker/traefik-ssl:/ssl
+      - /home/fejy/docker/traefik-acme/acme.json:/acme.json
     networks:
       - proxy
     labels: