Removing Bunkerweb.

Wazuh tweaks.
2025-01-30 17:45:54 -05:00 · 2025-01-30 15:35:15 -05:00 · 2025-01-30 15:33:51 -05:00 · 2025-01-30 15:33:22 -05:00 · 2025-01-30 15:31:25 -05:00 · 2025-01-30 15:09:35 -05:00
2 changed files with 45 additions and 100 deletions
@@ -95,7 +95,7 @@
 | netbird-coturn | coturn/coturn:latest |
 | netbox | lscr.io/linuxserver/netbox:latest |
 | netbox-db | postgres:17-alpine |
-| nextcloud | lscr.io/linuxserver/nextcloud:latest |
+| nextcloud | nextcloud/all-in-one:latest |
 | ollama | ollama/ollama |
 | ombi | lscr.io/linuxserver/ombi:latest |
 | paperless-ngx | ghcr.io/paperless-ngx/paperless-ngx:latest |
@@ -10,6 +10,8 @@ networks:
    name: compose_bitmagnet
  default:
    name: compose_default
+  nextcloud-aio:
+    external: true
 services:
  actual_server:
    container_name: actualbudget
@@ -520,63 +522,6 @@ services:
    networks:
      default: null
    restart: unless-stopped
-  bunkerweb:
-    container_name: bunkerweb
-    environment:
-      API_WHITELIST_IP: 172.18.0.0/16 192.168.1.0/24
-      REAL_IP_FROM: 172.18.0.0/16
-      REAL_IP_HEADER: X-Forwarded-For
-      REVERSE_PROXY_HOST: http://swag:80
-      SERVER_NAME: bunker.trez.wtf
-      USE_REAL_IP: yes
-      USE_REVERSE_PROXY: yes
-    expose:
-      - 8080
-      - 8443
-    image: bunkerity/bunkerweb:latest
-    labels:
-      bunkerweb.INSTANCE: yes
-    restart: unless-stopped
-  bunkerweb-scheduler:
-    container_name: bunkerweb-scheduler
-    depends_on:
-      - bunkerweb
-      - docker-socket-proxy
-    environment:
-      DOCKER_HOST: tcp://dockerproxy:2375
-    image: bunkerity/bunkerweb-scheduler:latest
-    restart: unless-stopped
-    volumes:
-      - bunkerweb-data:/data
-  bunkerweb-ui:
-    container_name: bunkerweb-ui
-    depends_on:
-      bunkerweb:
-        condition: service_started
-        required: true
-        restart: true
-      docker-socket-proxy:
-        condition: service_started
-        required: true
-    environment:
-      DOCKER_HOST: tcp://dockerproxy:2375
-    expose:
-      - 7000
-    image: bunkerity/bunkerweb-ui:latest
-    labels:
-      homepage.group: Privacy/Security
-      homepage.name: Bunker Web
-      homepage.href: https://bunker.${MY_TLD}
-      homepage.icon: bunkerweb.svg
-      homepage.description: Next-gen WAF
-      swag: enable
-      swag_port: 7000
-      swag_url: bunker.${MY_TLD}
-      swag.uptime-kuma.enabled: true
-      swag.uptime-kuma.monitor.url: https://bunker.${MY_TLD}
-    restart: unless-stopped
-    volumes:
-      - bunkerweb-data:/data
  castopod:
    container_name: castopod
    depends_on:
@@ -3253,7 +3198,6 @@ services:
      PGID: 1000
      PUID: 1000
      TZ: America/New_York
-      MYSQL_PASSWORD: ${NEXTCLOUD_MARIADB_PASSWORD}
    hostname: Rinoa
    image: linuxserver/mariadb
    networks:
@@ -3717,12 +3661,10 @@ services:
        type: volume
        volume: {}
  nextcloud:
-    container_name: nextcloud
+    container_name: nextcloud-aio-mastercontainer
    environment:
-      DOCKER_HOST: tcp://dockerproxy:2375
-      LOG_LEVEL: debug
      SKIP_DOMAIN_VALIDATION: false
-      APACHE_ADDITIONAL_NETWORK: 
+      APACHE_ADDITIONAL_NETWORK: compose_default
      APACHE_IP_BINDING: 0.0.0.0
      APACHE_PORT: 11000
    expose:
@@ -3736,7 +3678,8 @@ services:
      homepage.description: Private Cloud
      swag: enable
      swag_port: 11000
-      swag_proto: https
+      swag_proto: http
+      swag_address: nextcloud-aio-apache
      swag_url: cloud.${MY_TLD}
      swag.uptime-kuma.enabled: true
      swag.uptime-kuma.monitor.url: https://cloud.${MY_TLD}
@@ -3744,9 +3687,8 @@ services:
      - 56713:8080
    restart: unless-stopped
    volumes:
-      - /etc/localtime:/etc/localtime:ro
-      - ${DOCKER_VOLUME_CONFIG}/nextcloud/config:/config
-      - ${DOCKER_VOLUME_CONFIG}/nextcloud/data:/data
+      - /var/run/docker.sock:/var/run/docker.sock
+      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
  ollama:
    container_name: ollama
    image: ollama/ollama
@@ -4863,7 +4805,7 @@ services:
      homepage.group: Servarr Stack
      homepage.name: Sonashow
      homepage.href: https://sonashow.${MY_TLD}
-      homepage.icon: /icons/sonashow.png
+      homepage.icon: sh-sonashow.png
      homepage.description: TV show discovery based on library/tastes
      swag: enable
      swag_auth: authelia
@@ -5059,7 +5001,8 @@ services:
      homepage.widget.type: swagdashboard
      homepage.widget.url: http://swag:81
    networks:
-      default: null
+      - default
+      - nextcloud-aio
    ports:
      - mode: ingress
        protocol: tcp
@@ -6678,7 +6621,7 @@ services:
        source: /var/run/docker.sock
        target: /var/run/docker.sock
        type: bind
-  wazuh.agent:
+  wazuh-agent:
    container_name: wazuh.agent
    environment:
      JOIN_MANAGER_PROTOCOL: https
@@ -6691,17 +6634,17 @@ services:
      VIRUS_TOTAL_KEY: ${VIRUS_TOTAL_API_KEY}
      DOCKER_HOST: tcp://dockerproxy:2375
    hostname: wazuh.agent
-    image: opennix/wazuh-agent:latest
+    image: kennyopennix/wazuh-agent:latest
    networks:
      default: null
    restart: unless-stopped
-  wazuh.dashboard:
-    container_name: wazuh.dashboard
+  wazuh-dashboard:
+    container_name: wazuh-dashboard
    depends_on:
-      wazuh.indexer:
+      wazuh-indexer:
        condition: service_started
        required: true
-      wazuh.manager:
+      wazuh-manager:
        condition: service_started
        required: true
        restart: true
@@ -6713,7 +6656,7 @@ services:
      DASHBOARD_PASSWORD: ${WAZUH_KIBANA_PASSWORD}
      API_USERNAME: wazuh-wui
      API_PASSWORD: ${WAZUH_API_PASSWORD}
-    hostname: wazuh.dashboard
+    hostname: wazuh-dashboard
    image: wazuh/wazuh-dashboard:${WAZUH_VERSION}
    labels:
      swag: enable
@@ -6728,8 +6671,8 @@ services:
      homepage.icon: wazuh.svg
      homepage.description: OSS Security Platform for XDR/SIEM
    links:
-      - wazuh.indexer:wazuh.indexer
-      - wazuh.manager:wazuh.manager
+      - wazuh-indexer:wazuh-indexer
+      - wazuh-manager:wazuh-manager
    networks:
      default: null
    ports:
@@ -6739,27 +6682,27 @@ services:
        target: 5601
    restart: always
    volumes:
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/certs/wazuh.dashboard.pem
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/wazuh.dashboard.pem
        target: /usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
        type: bind
        bind:
          create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/certs/wazuh.dashboard-key.pem
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/wazuh.dashboard-key.pem
        target: /usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
        type: bind
        bind:
          create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/certs/root-ca.pem
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/root-ca.pem
        target: /usr/share/wazuh-dashboard/certs/root-ca.pem
        type: bind
        bind:
          create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/config/opensearch_dashboards.yml
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/opensearch_dashboards.yml
        target: /usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
        type: bind
        bind:
          create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/config/wazuh.yml
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/wazuh.yml
        target: /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
        type: bind
        bind:
@@ -6772,11 +6715,11 @@ services:
        target: /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
        type: volume
        volume: {}
-  wazuh.indexer:
-    container_name: wazuh.indexer
+  wazuh-indexer:
+    container_name: wazuh-indexer
    environment:
      OPENSEARCH_JAVA_OPTS: -Xms512m -Xmx512m
-    hostname: wazuh.indexer
+    hostname: wazuh-indexer
    image: wazuh/wazuh-indexer:${WAZUH_VERSION}
    networks:
      default: null
@@ -6798,43 +6741,43 @@ services:
        target: /var/lib/wazuh-indexer
        type: volume
        volume: {}
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/certs/root-ca.pem
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/root-ca.pem
        target: /usr/share/wazuh-indexer/certs/root-ca.pem
        type: bind
        bind:
          create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/certs/wazuh.indexer-key.pem
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/wazuh.indexer-key.pem
        target: /usr/share/wazuh-indexer/certs/wazuh.indexer.key
        type: bind
        bind:
          create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/certs/wazuh.indexer.pem
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/wazuh.indexer.pem
        target: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem
        type: bind
        bind:
          create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/certs/admin.pem
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/admin.pem
        target: /usr/share/wazuh-indexer/certs/admin.pem
        type: bind
        bind:
          create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/certs/admin-key.pem
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/admin-key.pem
        target: /usr/share/wazuh-indexer/certs/admin-key.pem
        type: bind
        bind:
          create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/config/wazuh.indexer.yml
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/wazuh.indexer.yml
        target: /usr/share/wazuh-indexer/opensearch.yml
        type: bind
        bind:
          create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/config/internal_users.yml
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/internal_users.yml
        target: /usr/share/wazuh-indexer/opensearch-security/internal_users.yml
        type: bind
        bind:
          create_host_path: true
-  wazuh.manager:
-    container_name: wazuh.manager
+  wazuh-manager:
+    container_name: wazuh-manager
    environment:
      INDEXER_URL: https://wazuh.indexer:9200
      INDEXER_USERNAME: admin
@@ -6845,7 +6788,7 @@ services:
      SSL_KEY: /etc/ssl/filebeat.key
      API_USERNAME: wazuh-wui
      API_PASSWORD: ${WAZUH_API_PASSWORD}
-    hostname: wazuh.manager
+    hostname: wazuh-manager
    image: wazuh/wazuh-manager:${WAZUH_VERSION}
    networks:
      default: null
@@ -6919,22 +6862,22 @@ services:
        target: /var/lib/filebeat
        type: volume
        volume: {}
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/manager/certs/root-ca.pem
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/root-ca.pem
        target: /etc/ssl/root-ca.pem
        type: bind
        bind:
          create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/manager/certs/wazuh.manager.pem
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/wazuh.manager.pem
        target: /etc/ssl/filebeat.pem
        type: bind
        bind:
          create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/manager/certs/wazuh.manager-key.pem
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/wazuh.manager-key.pem
        target: /etc/ssl/filebeat.key
        type: bind
        bind:
          create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/manager/config/wazuh_manager.conf
+      - source: ${DOCKER_VOLUME_CONFIG}/wazuh/manager/wazuh_manager.conf
        target: /wazuh-config-mount/etc/ossec.conf
        type: bind
        bind:
@@ -7522,6 +7465,8 @@ volumes:
    name: netbird-letsencrypt
  netbox-pg-db:
    name: netbox-pg-db
+  nextcloud_aio_mastercontainer:
+    name: nextcloud_aio_mastercontainer
  ollama:
    name: ollama
  paperless-ngx-data:
Author	SHA1	Message	Date
Trez.One	c5e8168e0a	Removing Bunkerweb. Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Check and Create PR (push) Has been cancelled Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Docker Compose & Ansible Lints (push) Has been cancelled Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Cloudflare DNS Setup (push) Has been cancelled Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Update README (push) Has been cancelled Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / PR Merge (push) Has been cancelled Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Deploy via Ansible & Docker Compose (push) Has been cancelled Details	2025-01-30 17:45:54 -05:00
Trez.One	defe1389a0	Wazuh tweaks.	2025-01-30 15:35:15 -05:00
Trez.One	d532b97ce9	Wazuh tweaks.	2025-01-30 15:33:51 -05:00
Trez.One	f492d6e9e5	Wazuh tweaks.	2025-01-30 15:33:22 -05:00
Trez.One	0e8f0ff26f	Wazuh tweaks.	2025-01-30 15:31:25 -05:00
Trez.One	a7e0d90ebd	Redeploying Wazuh.	2025-01-30 15:09:35 -05:00
Trez.One	a709999a6c	Redeploying Wazuh.	2025-01-30 15:05:04 -05:00
Trez.One	f468fb2357	Redeploying Wazuh.	2025-01-30 14:47:27 -05:00
Trez.One	da4969ee81	Redeploying Wazuh.	2025-01-30 14:46:32 -05:00
Trez.One	baa06d3b35	Redeploying Wazuh.	2025-01-30 14:38:32 -05:00
Trez.One	91f800b123	Changing image for Wazuh Agent container.	2025-01-30 14:00:01 -05:00
Trez.One	6d20e2f401	Switching back to http for Nextcloud.	2025-01-30 12:26:47 -05:00
Trez.One	945f79a37c	Switching back to https for Nextcloud.	2025-01-30 12:18:47 -05:00
Trez.One	18a3978152	Protocol change for Nextcloud proxy.	2025-01-30 12:13:48 -05:00
Trez.One	254fe484ad	Adding SWAG to nextcloud-aio network.	2025-01-30 10:30:35 -05:00
Trez.One	203b4c5f7a	Adding SWAG to nextcloud-aio network.	2025-01-30 10:30:05 -05:00
Trez.One	9e0db8635e	Adding SWAG to nextcloud-aio network.	2025-01-30 10:28:35 -05:00
Trez.One	0555325c38	Tweaking APACHE_ADDITIONAL_NETWORK for nc-apache container.	2025-01-30 09:31:22 -05:00
Trez.One	1635de854c	Adding additional network for nextcloud-aio-apache for reverse proxy.	2025-01-30 09:12:51 -05:00
Trez.One	bd1152273f	Adding swag_address for Nextcloud container.	2025-01-30 08:35:23 -05:00
Trez.One	3b6e5f62a5	Tweaks to Nextcloud.	2025-01-29 20:41:32 -05:00
Trez.One	bfb5d7ea38	Tweaks to Nextcloud.	2025-01-29 20:29:56 -05:00
Trez.One	cb7089e5a7	Tweaks to Nextcloud.	2025-01-29 20:04:25 -05:00
Trez.One	1dbadf70c8	Tweaks to Nextcloud.	2025-01-29 18:55:17 -05:00
Trez.One	8bdea248f3	Icon fix for Sonashow.	2025-01-29 15:29:54 -05:00
gitea-sonarqube-bot	8ba538dfb2	Auto Merge of PR 39 - nextcloud-aio-deployment Merged by Trez.One	2025-01-29 15:26:26 -05:00
Trez.One	0c8aecf737	chore: Update README	2025-01-29 20:24:29 +00:00