Add OpenProject service

.gitignore

@@ -1,3 +1,2 @@
 server.crt
 server.key
-db.env

.gitmodules

@@ -0,0 +1,4 @@
+[submodule "openproject"]
+	path = openproject
+	url = https://github.com/opf/openproject-docker-compose.git
+	branch = stable/16

default.conf

@@ -1,7 +1,3 @@
-#
-# https://github.com/nextcloud/docker/blob/master/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf
-#
-
 # Set the `immutable` cache control options only for assets with a cache busting `v` argument
 map $arg_v $asset_immutable {
     "" "";
@@ -11,20 +7,41 @@ default ", immutable";
 resolver 127.0.0.11 valid=2s;
 upstream php-handler {
     zone backends 64k;
-    server cloud:9000 resolve;
+    server nextcloud:9000 resolve;
 }
 
 server {
     listen 80;
 
-    server_name tvcloud.fr;
+    server_name _;
 
     return 301 https://$host$request_uri;
 }
 
 server {
     listen 443 ssl;
-    server_name tvcloud.fr;
+    server_name openproject.tvcloud.fr;
+
+    ssl_certificate     /etc/ssl/crt/server.crt;
+    ssl_certificate_key /etc/ssl/crt/server.key;
+
+    location / {
+        proxy_pass_header                  Server;
+        proxy_set_header Host              $host;
+        proxy_redirect                     off;
+        proxy_set_header X-Forwarded-Host  $host:$server_port;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Real-IP         $remote_addr;
+        proxy_set_header X-Scheme          $scheme;
+
+        proxy_pass http://openproject:8080;
+    }
+}
+
+# https://github.com/nextcloud/docker/blob/master/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf
+server {
+    listen 443 ssl;
+    server_name nextcloud.tvcloud.fr;
 
     ssl_certificate     /etc/ssl/crt/server.crt;
     ssl_certificate_key /etc/ssl/crt/server.key;

docker-compose.yaml

@@ -1,51 +1,153 @@
 name: tvcloud
 
+networks:
+  nextcloud-frontend:
+  nextcloud-backend:
+  openproject-frontend:
+  openproject-backend:
+
+volumes:
+  nextcloud-db:
+  nextcloud:
+  openproject-db:
+  openproject:
+
+x-op-restart-policy: &restart_policy
+  restart: unless-stopped
+x-op-image: &image
+  image: openproject/openproject:16-slim
+x-op-app: &app
+  <<: [*image, *restart_policy]
+  environment:
+    OPENPROJECT_HTTPS: "true"
+    OPENPROJECT_HOST__NAME: "openproject.tvcloud.fr"
+    OPENPROJECT_HSTS: "true"
+    RAILS_CACHE_STORE: "memcache"
+    OPENPROJECT_CACHE__MEMCACHE__SERVER: "openproject-cache:11211"
+    DATABASE_URL: "postgres://postgres:pswd@openproject-db/openproject?pool=20&encoding=unicode&reconnect=true"
+    RAILS_MIN_THREADS: 4
+    RAILS_MAX_THREADS: 16
+    # set to true to enable the email receiving feature. See ./docker/cron for more options
+    IMAP_ENABLED: "false"
+  volumes:
+    - "openproject:/var/openproject/assets"
+
 services:
-  web:
+  proxy:
     build:
       dockerfile: ./nginx.Dockerfile
     networks:
-      - front-tier
+      - nextcloud-frontend
+      - openproject-frontend
     ports:
       - "80:80"
       - "443:443"
     volumes:
       - nextcloud:/var/www/html:ro
     depends_on:
-      - cloud
+      - nextcloud
 
-  cloud:
+  # NextCloud
+
+  nextcloud:
     image: nextcloud:31-fpm
     env_file:
-      - db.env
+      - nextcloud-db.env
     environment:
-      - MYSQL_HOST=db
+      - MYSQL_HOST=nextcloud-db
     networks:
-      - front-tier
-      - back-tier
+      - nextcloud-frontend
+      - nextcloud-backend
     volumes:
       - nextcloud:/var/www/html
     depends_on:
-      - db
+      - nextcloud-db
 
-  db:
+  nextcloud-db:
     image: mariadb:11-ubi
     command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
     env_file:
-      - db.env
+      - nextcloud-db.env
     environment:
       - MARIADB_ROOT_PASSWORD=pswd
       - MARIADB_AUTO_UPGRADE=1
       - MARIADB_DISABLE_UPGRADE_BACKUP=1
     networks:
-      - back-tier
+      - nextcloud-backend
     volumes:
-      - mariadb:/var/lib/mysql
+      - nextcloud-db:/var/lib/mysql
 
+  # OpenProject
+
+  openproject:
+    <<: *app
+    command: "./docker/prod/web"
     networks:
-  front-tier:
-  back-tier:
+      - openproject-frontend
+      - openproject-backend
+    depends_on:
+      - openproject-db
+      - openproject-cache
+      - openproject-seeder
+    labels:
+      - autoheal=true
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8080/health_checks/default"]
+      interval: 10s
+      timeout: 3s
+      retries: 3
+      start_period: 30s
 
+  openproject-db:
+    image: postgres:13
+    <<: *restart_policy
+    stop_grace_period: "3s"
     volumes:
-  mariadb:
-  nextcloud:
+      - "openproject-db:/var/lib/postgresql/data"
+    environment:
+      POSTGRES_PASSWORD: pswd
+      POSTGRES_DB: openproject
+    networks:
+      - openproject-backend
+
+  openproject-cache:
+    image: memcached
+    <<: *restart_policy
+    networks:
+      - openproject-backend
+
+  openproject-autoheal:
+    image: willfarrell/autoheal:1.2.0
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock"
+    environment:
+      AUTOHEAL_CONTAINER_LABEL: autoheal
+      AUTOHEAL_START_PERIOD: 600
+      AUTOHEAL_INTERVAL: 30
+
+  openproject-worker:
+    <<: *app
+    command: "./docker/prod/worker"
+    networks:
+      - openproject-backend
+    depends_on:
+      - openproject-db
+      - openproject-cache
+      - openproject-seeder
+
+  openproject-cron:
+    <<: *app
+    command: "./docker/prod/cron"
+    networks:
+      - openproject-backend
+    depends_on:
+      - openproject-db
+      - openproject-cache
+      - openproject-seeder
+
+  openproject-seeder:
+    <<: *app
+    command: "./docker/prod/seeder"
+    restart: on-failure
+    networks:
+      - openproject-backend

nextcloud-db.env

@@ -1,3 +1,3 @@
-MYSQL_PASSWORD="password"
+MYSQL_PASSWORD=pswd
 MYSQL_DATABASE=nextcloud
 MYSQL_USER=nextcloud

nextcloud-db.example.env

@@ -0,0 +1,3 @@
+MYSQL_PASSWORD=pswd
+MYSQL_DATABASE=nextcloud
+MYSQL_USER=nextcloud

readme.md

@@ -2,20 +2,33 @@
 
 This project is a personal cloud of services:
 - NextCloud
+- OpenProject
 
 # Setup
 
-1. Generate self-signed certificate.
+1. Generate a self-signed certificate.
 
 ```
 openssl genpkey -algorithm RSA -out server.key
 openssl req -new -x509 -key server.key -out server.crt -days 365
 ```
 
-2. Make a `db.env` file. See `db.example.env`.
+2. Make a `nextcloud-db.env` file. See `nextcloud-db.example.env`.
 
 3. Start the services.
 
 ```
 docker compose up -d
 ```
+
+# Update/install Joplin
+
+```
+wget -O - https://raw.githubusercontent.com/laurent22/joplin/dev/Joplin_install_and_update.sh | bash
+```
+
+You can then [synchronize it with NextCloud](https://joplinapp.org/help/apps/sync/nextcloud/).
+
+# Update/backup OpenProject
+
+[https://www.openproject.org/docs/installation-and-operations/installation/docker-compose/#upgrade](https://www.openproject.org/docs/installation-and-operations/installation/docker-compose/#upgrade)