diff --git a/.DS_Store b/.DS_Store new file mode 100644 index 0000000..40c00b7 Binary files /dev/null and b/.DS_Store differ diff --git a/Docker/.DS_Store b/Docker/.DS_Store new file mode 100644 index 0000000..d0e68ec Binary files /dev/null and b/Docker/.DS_Store differ diff --git a/Docker/NPM/docker-compose.yaml b/Docker/NPM/docker-compose.yaml new file mode 100644 index 0000000..c78c54a --- /dev/null +++ b/Docker/NPM/docker-compose.yaml @@ -0,0 +1,38 @@ +version: '3.8' +services: + app: + image: 'jc21/nginx-proxy-manager:latest' + restart: unless-stopped + ports: + # These ports are in format : + - '80:80' # Public HTTP Port + - '443:443' # Public HTTPS Port + - '81:81' # Admin Web Port + # Add any other Stream port you want to expose + # - '21:21' # FTP + environment: + # Mysql/Maria connection parameters: + DB_MYSQL_HOST: "db" + DB_MYSQL_PORT: 3306 + DB_MYSQL_USER: "npm" + DB_MYSQL_PASSWORD: "npm" + DB_MYSQL_NAME: "npm" + # Uncomment this if IPv6 is not enabled on your host + # DISABLE_IPV6: 'true' + volumes: + - ./data:/data + - ./letsencrypt:/etc/letsencrypt + depends_on: + - db + + db: + image: 'jc21/mariadb-aria:latest' + restart: unless-stopped + environment: + MYSQL_ROOT_PASSWORD: 'npm' + MYSQL_DATABASE: 'npm' + MYSQL_USER: 'npm' + MYSQL_PASSWORD: 'npm' + MARIADB_AUTO_UPGRADE: '1' + volumes: + - ./mysql:/var/lib/mysql \ No newline at end of file diff --git a/Docker/gitea/docker-compose.yaml b/Docker/gitea/docker-compose.yaml new file mode 100644 index 0000000..1314a9c --- /dev/null +++ b/Docker/gitea/docker-compose.yaml @@ -0,0 +1,51 @@ +version: "3" + +services: + traefik: + image: traefik:v2.9 + container_name: traefik + ports: + - "80:80" + - "443:443" + command: + - "--api.insecure=true" # Открытая панель управления Traefik, не рекомендуется для продакшена + - "--providers.docker=true" # Включаем динамическое определение маршрутов на основе Docker контейнеров + - "--entrypoints.web.address=:80" # HTTP (80 порт) + - "--entrypoints.websecure.address=:443" # HTTPS (443 порт) + - "--certificatesresolvers.myresolver.acme.httpchallenge=true" # Включаем HTTP challenge для Let's Encrypt + - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web" # Указываем HTTP endpoint для ACME + - "--certificatesresolvers.myresolver.acme.email=gba404@gmail.com" # Ваш email для регистрации с Let's Encrypt + - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" # Файл для хранения сертификатов + volumes: + - ./letsencrypt:/letsencrypt # Хранение сертификатов + - /var/run/docker.sock:/var/run/docker.sock:ro # Доступ к Docker сокету + + gitea: + image: gitea/gitea:latest + container_name: gitea + environment: + - USER_UID=1000 + - USER_GID=1000 + - DB_TYPE=mysql + - DB_HOST=db:3306 + - DB_NAME=gitea + - DB_USER=gitea + - DB_PASSWD=gitea_pass + - ROOT_URL=https://git.playgba.ru + labels: + - "traefik.enable=true" + - "traefik.http.routers.gitea.rule=Host(`git.playgba.ru`)" # Определение маршрута на основе домена + - "traefik.http.routers.gitea.entrypoints=websecure" # Используем HTTPS + - "traefik.http.routers.gitea.tls.certresolver=myresolver" # Указываем резолвер для получения сертификатов + - "traefik.http.services.gitea.loadbalancer.server.port=3000" # Порт, на который проксируется запрос + + db: + image: mysql:8.0 + container_name: gitea_db + environment: + - MYSQL_ROOT_PASSWORD=8148 + - MYSQL_DATABASE=gitea + - MYSQL_USER=gitea + - MYSQL_PASSWORD=1488 + volumes: + - ./mysql:/var/lib/mysql diff --git a/Docker/nextcloud/docker-compose.yaml b/Docker/nextcloud/docker-compose.yaml new file mode 100644 index 0000000..af31447 --- /dev/null +++ b/Docker/nextcloud/docker-compose.yaml @@ -0,0 +1,37 @@ +version: '3' + +services: + nextcloud: + image: nextcloud:latest + restart: always + ports: + - 8080:80 + volumes: + - ./nextcloud:/var/www/html + environment: + - POSTGRES_HOST=db + - POSTGRES_PASSWORD=8148 + - POSTGRES_USER=next + - POSTGRES_DB=nextcloud + depends_on: + - db + - redis + + db: + image: postgres:15 + restart: always + volumes: + - ./db:/var/lib/postgresql/data + environment: + - POSTGRES_DB=nextcloud + - POSTGRES_USER=next + - POSTGRES_PASSWORD=8148 + + redis: + image: redis:bookworm + restart: always + command: redis-server --requirepass 8148 + environment: + - REDIS_PASSWORD=8148 + volumes: + - ./redis:/data diff --git a/NPM.tf b/NPM.tf new file mode 100644 index 0000000..64c8abe --- /dev/null +++ b/NPM.tf @@ -0,0 +1,52 @@ +resource "proxmox_vm_qemu" "NPM" { + count = 1 + name = "NPM" + target_node = var.proxmox_host + clone = "ubuntu-2404-template" + agent = 1 + os_type = "cloud-init" + cores = 2 + sockets = 1 + cpu = "host" + vmid = 101 + vcpus = 1 + memory = 2048 + scsihw = "virtio-scsi-pci" + bootdisk = "scsi0" + full_clone = true + + # Основной диск + disk { + slot = "scsi0" + size = "10G" + type = "disk" + storage = "local-lvm" + iothread = true + backup = true + } + + # Диск для cloud-init + disk { + slot = "scsi1" + type = "cloudinit" + storage = "local-lvm" + } + + # Сетевой интерфейс + network { + model = "virtio" + bridge = "vmbr0" + } + + # Настройки сети для cloud-init + ipconfig0 = "ip=192.168.0.101/24,gw=192.168.0.1" + + ciuser = "root" + cipassword = "8148" + cicustom = "user=local:snippets/NPM.yml" + + # Игнорирование изменений после создания виртуальной машины + lifecycle { + ignore_changes = [network, disk, bootdisk] + } +} diff --git a/cloud-init/.DS_Store b/cloud-init/.DS_Store new file mode 100644 index 0000000..b85b782 Binary files /dev/null and b/cloud-init/.DS_Store differ diff --git a/cloud-init/NPM.yml b/cloud-init/NPM.yml new file mode 100644 index 0000000..40c253d --- /dev/null +++ b/cloud-init/NPM.yml @@ -0,0 +1,19 @@ +#cloud-config +users: + - name: root + ssh-authorized-keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDItH73+vTvxxgMlv8vzpRt59KeKykYGhMhOCt+uWxbsuhjPvXRQC6dCwuDLy8heiYFO8bklOiLxLtz3GBOtp4OcjVRkgS7L4+qUn8QkAaJPQeEUuKADrCpxxLz0rYsgLo9WvQ9HS/WS15wmMHbSufGjXjhApZ3VODMyrtdaDOoyKm+YMahxY577TkX3yIdv3+yENPhP+rNdcWxFKYvEzOz2XACvq81fxfcYLN5opPbz+UILnQSyxI+TxZtzq3icPQAsVXPmZGBbryiSk3e5tFhE7ORkw1I2QG4CBEPZx+gAhbO0p3sCcdpLF7z4HxaGzJKpy6V8JxZHmLJCgQeSsgaeP3OvTU/lgsWw6xphEpQqJmb9dMjtJMyV8I/PxrLPP9ikh5tcqlXENLXSc6V4BkI1NUJZhYm0sYPcWW2ZeYy6gGzYiSgu3wqzqf0yG9j8NnMtdyvBLMhNKasqfd0CRK+CQ3apMghC68X7JK7CDA/edjfl2MA/QJ2ZoYBBzyXd9vUJgMlyZaxXG9NIA7rU88OZTmS+43y1BRNlkXh231EjtH7h25n+nYxYInFtFWbbi1liORxVO622Y4YnCdTJFoyiFGsuzSaDYfjRMzSHOjnUlUVsqYHPIfH6h/ZH5vVrAMihnIhqJDbi1rLtZVx0GsmpXMAWAee2oi4rEcEynydMQ== gba404@gmail.com + lock_passwd: false + passwd: 8148 +hostname: NPM +package_update: true +package_upgrade: true +packages: + - curl + - docker.io + - docker-compose + - fish + - htop +runcmd: + - systemctl start docker + - systemctl enable docker diff --git a/cloud-init/gitea.yml b/cloud-init/gitea.yml new file mode 100644 index 0000000..2a5e7f7 --- /dev/null +++ b/cloud-init/gitea.yml @@ -0,0 +1,19 @@ +#cloud-config +users: + - name: root + ssh-authorized-keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDItH73+vTvxxgMlv8vzpRt59KeKykYGhMhOCt+uWxbsuhjPvXRQC6dCwuDLy8heiYFO8bklOiLxLtz3GBOtp4OcjVRkgS7L4+qUn8QkAaJPQeEUuKADrCpxxLz0rYsgLo9WvQ9HS/WS15wmMHbSufGjXjhApZ3VODMyrtdaDOoyKm+YMahxY577TkX3yIdv3+yENPhP+rNdcWxFKYvEzOz2XACvq81fxfcYLN5opPbz+UILnQSyxI+TxZtzq3icPQAsVXPmZGBbryiSk3e5tFhE7ORkw1I2QG4CBEPZx+gAhbO0p3sCcdpLF7z4HxaGzJKpy6V8JxZHmLJCgQeSsgaeP3OvTU/lgsWw6xphEpQqJmb9dMjtJMyV8I/PxrLPP9ikh5tcqlXENLXSc6V4BkI1NUJZhYm0sYPcWW2ZeYy6gGzYiSgu3wqzqf0yG9j8NnMtdyvBLMhNKasqfd0CRK+CQ3apMghC68X7JK7CDA/edjfl2MA/QJ2ZoYBBzyXd9vUJgMlyZaxXG9NIA7rU88OZTmS+43y1BRNlkXh231EjtH7h25n+nYxYInFtFWbbi1liORxVO622Y4YnCdTJFoyiFGsuzSaDYfjRMzSHOjnUlUVsqYHPIfH6h/ZH5vVrAMihnIhqJDbi1rLtZVx0GsmpXMAWAee2oi4rEcEynydMQ== gba404@gmail.com + lock_passwd: false + passwd: 8148 +hostname: gitea +package_update: true +package_upgrade: true +packages: + - curl + - docker.io + - docker-compose + - fish + - htop +runcmd: + - systemctl start docker + - systemctl enable docker diff --git a/cloud-init/next-cloud.yml b/cloud-init/next-cloud.yml new file mode 100644 index 0000000..4c75b6d --- /dev/null +++ b/cloud-init/next-cloud.yml @@ -0,0 +1,19 @@ +#cloud-config +users: + - name: root + ssh-authorized-keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDItH73+vTvxxgMlv8vzpRt59KeKykYGhMhOCt+uWxbsuhjPvXRQC6dCwuDLy8heiYFO8bklOiLxLtz3GBOtp4OcjVRkgS7L4+qUn8QkAaJPQeEUuKADrCpxxLz0rYsgLo9WvQ9HS/WS15wmMHbSufGjXjhApZ3VODMyrtdaDOoyKm+YMahxY577TkX3yIdv3+yENPhP+rNdcWxFKYvEzOz2XACvq81fxfcYLN5opPbz+UILnQSyxI+TxZtzq3icPQAsVXPmZGBbryiSk3e5tFhE7ORkw1I2QG4CBEPZx+gAhbO0p3sCcdpLF7z4HxaGzJKpy6V8JxZHmLJCgQeSsgaeP3OvTU/lgsWw6xphEpQqJmb9dMjtJMyV8I/PxrLPP9ikh5tcqlXENLXSc6V4BkI1NUJZhYm0sYPcWW2ZeYy6gGzYiSgu3wqzqf0yG9j8NnMtdyvBLMhNKasqfd0CRK+CQ3apMghC68X7JK7CDA/edjfl2MA/QJ2ZoYBBzyXd9vUJgMlyZaxXG9NIA7rU88OZTmS+43y1BRNlkXh231EjtH7h25n+nYxYInFtFWbbi1liORxVO622Y4YnCdTJFoyiFGsuzSaDYfjRMzSHOjnUlUVsqYHPIfH6h/ZH5vVrAMihnIhqJDbi1rLtZVx0GsmpXMAWAee2oi4rEcEynydMQ== gba404@gmail.com + lock_passwd: false + passwd: 8148 +hostname: next-cloud +package_update: true +package_upgrade: true +packages: + - curl + - docker.io + - docker-compose + - fish + - htop +runcmd: + - systemctl start docker + - systemctl enable docker diff --git a/cloud-init/planka.yml b/cloud-init/planka.yml new file mode 100644 index 0000000..f32107f --- /dev/null +++ b/cloud-init/planka.yml @@ -0,0 +1,84 @@ +#cloud-config +users: + - name: root + ssh-authorized-keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDItH73+vTvxxgMlv8vzpRt59KeKykYGhMhOCt+uWxbsuhjPvXRQC6dCwuDLy8heiYFO8bklOiLxLtz3GBOtp4OcjVRkgS7L4+qUn8QkAaJPQeEUuKADrCpxxLz0rYsgLo9WvQ9HS/WS15wmMHbSufGjXjhApZ3VODMyrtdaDOoyKm+YMahxY577TkX3yIdv3+yENPhP+rNdcWxFKYvEzOz2XACvq81fxfcYLN5opPbz+UILnQSyxI+TxZtzq3icPQAsVXPmZGBbryiSk3e5tFhE7ORkw1I2QG4CBEPZx+gAhbO0p3sCcdpLF7z4HxaGzJKpy6V8JxZHmLJCgQeSsgaeP3OvTU/lgsWw6xphEpQqJmb9dMjtJMyV8I/PxrLPP9ikh5tcqlXENLXSc6V4BkI1NUJZhYm0sYPcWW2ZeYy6gGzYiSgu3wqzqf0yG9j8NnMtdyvBLMhNKasqfd0CRK+CQ3apMghC68X7JK7CDA/edjfl2MA/QJ2ZoYBBzyXd9vUJgMlyZaxXG9NIA7rU88OZTmS+43y1BRNlkXh231EjtH7h25n+nYxYInFtFWbbi1liORxVO622Y4YnCdTJFoyiFGsuzSaDYfjRMzSHOjnUlUVsqYHPIfH6h/ZH5vVrAMihnIhqJDbi1rLtZVx0GsmpXMAWAee2oi4rEcEynydMQ== gba404@gmail.com + lock_passwd: false + passwd: $1$/bB7Q1vR$Nz4PtA52uDdF6.pc.haec/ +hostname: planka +package_update: true +package_upgrade: true +packages: + - curl + - docker.io + - docker-compose + - fish + - htop +write_files: + - path: /root/docker-compose.yaml + content: | + version: '3' + + services: + planka: + image: ghcr.io/plankanban/planka:latest + restart: on-failure + volumes: + - user-avatars:/app/public/user-avatars + - project-background-images:/app/public/project-background-images + - attachments:/app/private/attachments + ports: + - 3001:1337 + environment: + - BASE_URL=http://192.168.0.104:3001 + - DATABASE_URL=postgresql://postgres@postgres/planka + - SECRET_KEY=0aa5a62d38f7733356c6bcd22e570837d98898863c7f9275df279ae35b1dc968da9cd936de23de397e6051a288fa73d12c056a8b9da4da7d37f2d8fcfe8a00b7 + - DEFAULT_ADMIN_EMAIL=gba404@gmail.com + - DEFAULT_ADMIN_PASSWORD=8148 + - DEFAULT_ADMIN_NAME=Admin Admin + - DEFAULT_ADMIN_USERNAME=root + depends_on: + postgres: + condition: service_healthy + + postgres: + image: postgres:16-alpine + restart: on-failure + volumes: + - db-data:/var/lib/postgresql/data + environment: + - POSTGRES_DB=planka + - POSTGRES_HOST_AUTH_METHOD=trust + healthcheck: + test: ["CMD-SHELL", "pg_isready -U postgres -d planka"] + interval: 10s + timeout: 5s + retries: 5 + + volumes: + user-avatars: + project-background-images: + attachments: + db-data: + + - path: /etc/systemd/system/docker-compose.service + content: | + [Unit] + Description=Docker Compose Application Service + Requires=docker.service + After=docker.service + + [Service] + WorkingDirectory=/root + ExecStart=/usr/local/bin/docker-compose up -d + ExecStop=/usr/local/bin/docker-compose down + Restart=always + TimeoutStartSec=0 + + [Install] + WantedBy=multi-user.target + +runcmd: + - systemctl daemon-reload + - systemctl enable docker-compose.service + - systemctl start docker-compose.service diff --git a/gitea.tf b/gitea.tf new file mode 100644 index 0000000..188e6e0 --- /dev/null +++ b/gitea.tf @@ -0,0 +1,52 @@ +resource "proxmox_vm_qemu" "gitea" { + count = 1 + name = "gitea" + target_node = var.proxmox_host + clone = "ubuntu-2404-template" + agent = 1 + os_type = "cloud-init" + vmid = 103 + cores = 2 + sockets = 1 + cpu = "host" + vcpus = 1 + memory = 4096 + scsihw = "virtio-scsi-pci" + bootdisk = "scsi0" + full_clone = true + + # Основной диск + disk { + slot = "scsi0" + size = "20G" + type = "disk" + storage = "local-lvm" + iothread = true + } + + # Диск для cloud-init + disk { + slot = "scsi1" + type = "cloudinit" + storage = "local-lvm" + backup = true + } + + # Сетевой интерфейс + network { + model = "virtio" + bridge = "vmbr0" + } + + # Настройки сети для cloud-init + ipconfig0 = "ip=192.168.0.103/24,gw=192.168.0.1" + + ciuser = "root" + cipassword = "8148" + cicustom = "user=local:snippets/gitea.yml" + + # Игнорирование изменений после создания виртуальной машины + lifecycle { + ignore_changes = [network, disk, bootdisk] + } +} diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..c463f94 --- /dev/null +++ b/main.tf @@ -0,0 +1,16 @@ +terraform { + required_providers { + proxmox = { + source = "registry.local/telmate/proxmox" + version = "3.0.1-rc4" + } + } +} + +provider "proxmox" { + pm_api_url = var.api_url + pm_api_token_id = var.token_id + pm_api_token_secret = var.token_secret + pm_tls_insecure = true # Change to false if you have your + pm_parallel = 1 +} diff --git a/nextcloud.tf b/nextcloud.tf new file mode 100644 index 0000000..846b441 --- /dev/null +++ b/nextcloud.tf @@ -0,0 +1,52 @@ +resource "proxmox_vm_qemu" "next-cloud" { + count = 1 + name = "next-cloud" + target_node = var.proxmox_host + clone = "ubuntu-2404-template" + agent = 1 + os_type = "cloud-init" + vmid = 102 + cores = 2 + sockets = 1 + cpu = "host" + vcpus = 1 + memory = 4096 + scsihw = "virtio-scsi-pci" + bootdisk = "scsi0" + full_clone = true + + # Основной диск + disk { + slot = "scsi0" + size = "50G" + type = "disk" + storage = "local-lvm" + iothread = true + } + + # Диск для cloud-init + disk { + slot = "scsi1" + type = "cloudinit" + storage = "local-lvm" + backup = true + } + + # Сетевой интерфейс + network { + model = "virtio" + bridge = "vmbr0" + } + + # Настройки сети для cloud-init + ipconfig0 = "ip=192.168.0.102/24,gw=192.168.0.1" + + ciuser = "root" + cipassword = "8148" + cicustom = "user=local:snippets/next-cloud.yml" + + # Игнорирование изменений после создания виртуальной машины + lifecycle { + ignore_changes = [network, disk, bootdisk] + } +} diff --git a/planka.tf b/planka.tf new file mode 100644 index 0000000..fa3d50e --- /dev/null +++ b/planka.tf @@ -0,0 +1,52 @@ +resource "proxmox_vm_qemu" "planka" { + count = 1 + name = "planka" + target_node = var.proxmox_host + clone = "ubuntu-2404-template" + agent = 1 + os_type = "cloud-init" + vmid = 104 + cores = 2 + sockets = 1 + cpu = "host" + vcpus = 1 + memory = 4096 + scsihw = "virtio-scsi-pci" + bootdisk = "scsi0" + full_clone = true + + # Основной диск + disk { + slot = "scsi0" + size = "20G" + type = "disk" + storage = "local-lvm" + iothread = true + } + + # Диск для cloud-init + disk { + slot = "scsi1" + type = "cloudinit" + storage = "local-lvm" + backup = true + } + + # Сетевой интерфейс + network { + model = "virtio" + bridge = "vmbr0" + } + + # Настройки сети для cloud-init + ipconfig0 = "ip=192.168.0.104/24,gw=192.168.0.1" + + ciuser = "root" + cipassword = "8148" + cicustom = "user=local:snippets/planka.yml" + + # Игнорирование изменений после создания виртуальной машины + lifecycle { + ignore_changes = [network, disk, bootdisk] + } +} diff --git a/vars.tf b/vars.tf new file mode 100644 index 0000000..27f1cfd --- /dev/null +++ b/vars.tf @@ -0,0 +1,20 @@ +variable "ssh_key" { + default = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDItH73+vTvxxgMlv8vzpRt59KeKykYGhMhOCt+uWxbsuhjPvXRQC6dCwuDLy8heiYFO8bklOiLxLtz3GBOtp4OcjVRkgS7L4+qUn8QkAaJPQeEUuKADrCpxxLz0rYsgLo9WvQ9HS/WS15wmMHbSufGjXjhApZ3VODMyrtdaDOoyKm+YMahxY577TkX3yIdv3+yENPhP+rNdcWxFKYvEzOz2XACvq81fxfcYLN5opPbz+UILnQSyxI+TxZtzq3icPQAsVXPmZGBbryiSk3e5tFhE7ORkw1I2QG4CBEPZx+gAhbO0p3sCcdpLF7z4HxaGzJKpy6V8JxZHmLJCgQeSsgaeP3OvTU/lgsWw6xphEpQqJmb9dMjtJMyV8I/PxrLPP9ikh5tcqlXENLXSc6V4BkI1NUJZhYm0sYPcWW2ZeYy6gGzYiSgu3wqzqf0yG9j8NnMtdyvBLMhNKasqfd0CRK+CQ3apMghC68X7JK7CDA/edjfl2MA/QJ2ZoYBBzyXd9vUJgMlyZaxXG9NIA7rU88OZTmS+43y1BRNlkXh231EjtH7h25n+nYxYInFtFWbbi1liORxVO622Y4YnCdTJFoyiFGsuzSaDYfjRMzSHOjnUlUVsqYHPIfH6h/ZH5vVrAMihnIhqJDbi1rLtZVx0GsmpXMAWAee2oi4rEcEynydMQ== gba404@gmail.com" +} +variable "api_url" { + # The Proxmox Web UI address, with /api2/json added to it. + default = "https://192.168.0.100:8006/api2/json" +} +variable "proxmox_host" { + # The name of the Proxmox server listed under Datacenter + default = "pve" +} +variable "template_name" { + default = "ubuntu-2404-template" +} +variable "token_id" { + default = "root@pam!terraform" +} +variable "token_secret" { + default = "882ad9dc-6e4e-4d1d-87de-f4f48afc4b0d" # Enter your API Secret here +}