add config for kimai server

2020-09-05 14:48:23 +02:00 · 2020-09-05 14:48:23 +02:00 · b3a6f2413d
parent 3f0cb55a4e
commit b3a6f2413d
4 changed files with 126 additions and 0 deletions
--- a/haproxy/config/haproxy.cfg
+++ b/haproxy/config/haproxy.cfg
@ -31,6 +31,7 @@ frontend http
        redirect scheme https code 301 if { hdr(host) -i wallabag.2li.ch } !{ ssl_fc }
        redirect scheme https code 301 if { hdr(host) -i webmail.2li.ch } !{ ssl_fc }
        redirect scheme https code 301 if { hdr(host) -i rss-bridge.2li.ch } !{ ssl_fc }
+        redirect scheme https code 301 if { hdr(host) -i time.2li.ch } !{ ssl_fc }

 backend http_mail_server
        mode http
@ -60,6 +61,7 @@ frontend https
        use_backend wallabag_server if { req_ssl_sni -i wallabag.2li.ch }
        use_backend webmail_server if { req_ssl_sni -i webmail.2li.ch }
        use_backend rss-bridge_server if { req_ssl_sni -i rss-bridge.2li.ch }
+        use_backend kimai_server if { req_ssl_sni -i time.2li.ch }
        use_backend bookstack_server if { req_ssl_sni -i www.2li.ch }
        use_backend bookstack_server if { req_ssl_sni -i 2li.ch }

@ -102,3 +104,6 @@ backend webmail_server
 backend rss-bridge_server
       mode tcp
       server server1 10.7.89.111:443 check
+backend kimai_server
+       mode tcp
+       server server1 10.7.89.107:443 check
--- a/kimai/.env
+++ b/kimai/.env
@ -0,0 +1,4 @@
+MYSQL_PASSWORD=password
+ADMINPASS=password
+ADMINMAIL=admin@example.com
+APP_DOMAIN=time.2li.ch
--- a/kimai/docker-compose.yml
+++ b/kimai/docker-compose.yml
@ -0,0 +1,69 @@
+version: "3.5"
+services:
+  traefik:
+    image: "traefik:v2.2"
+    ports:
+      - "443:443"
+    volumes:
+      - "./traefik.yaml:/etc/traefik/traefik.yaml:ro"
+      - "./letsencrypt:/letsencrypt"
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+    restart: unless-stopped
+
+  sqldb:
+    image: mysql:5.7
+    environment:
+      - MYSQL_DATABASE=kimai
+      - MYSQL_USER=kimai
+      - MYSQL_PASSWORD
+      - MYSQL_RANDOM_ROOT_PASSWORD=yes
+    volumes:
+      - ./db_data:/var/lib/mysql
+    command: --default-storage-engine innodb
+    restart: unless-stopped
+    healthcheck:
+      test: mysqladmin -pchangemeplease ping -h localhost
+      interval: 20s
+      start_period: 10s
+      timeout: 10s
+      retries: 3
+
+  nginx:
+    image: nginx:alpine
+    volumes:
+      - ./nginx_site.conf:/etc/nginx/conf.d/default.conf:ro
+      - ./public:/opt/kimai/public:ro
+    restart: unless-stopped
+    depends_on:
+      - kimai
+    healthcheck:
+      test: wget --spider http://nginx/health || exit 1
+      interval: 20s
+      start_period: 10s
+      timeout: 10s
+      retries: 3
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.kimai.rule=Host(`${APP_DOMAIN}`)"
+      - "traefik.http.routers.kimai.entrypoints=websecure"
+      - "traefik.http.routers.kimai.tls.certresolver=myresolver"
+      - "traefik.http.services.kimai.loadbalancer.server.port=80"
+      - "traefik.http.routers.kimai.middlewares=default-headers@file"
+
+  kimai:
+    image: kimai/kimai2:fpm-alpine-1.8-prod
+    environment:
+      - APP_ENV=prod
+      - TRUSTED_HOSTS=localhost
+      - ADMINMAIL
+      - ADMINPASS
+    volumes:
+      - ./public:/opt/kimai/public
+      - ./kimai:/opt/kimai/var
+    restart: unless-stopped
+    healthcheck:
+      test: wget --spider http://nginx || exit 1
+      interval: 20s
+      start_period: 10s
+      timeout: 10s
+      retries: 3
--- a/kimai/nginx_site.conf
+++ b/kimai/nginx_site.conf
@ -0,0 +1,48 @@
+server {
+    listen 80;
+    index index.php;
+    server_name php-docker.local;
+    root /opt/kimai/public;
+
+    # cache static asset files
+    location ~* \.(ico|css|js|gif|jpe?g|png)(\?[0-9]+)?$ {
+            expires max;
+            log_not_found off;
+    }
+
+    # for health checks
+    location /health {
+        return 200 'alive';
+        add_header Content-Type text/plain;
+    }
+
+    location / {
+        # try to serve file directly, fallback to index.php
+        try_files $uri $uri/ /index.php$is_args$args;
+    }
+
+    location ~ ^/index\.php(/|$) {
+        fastcgi_pass kimai:9000;
+        fastcgi_split_path_info ^(.+\.php)(/.*)$;
+        include fastcgi_params;
+
+        # optionally set the value of the environment variables used in the application
+        # fastcgi_param APP_ENV prod;
+        # fastcgi_param APP_SECRET <app-secret-id>;
+        # fastcgi_param DATABASE_URL "mysql://db_user:db_pass@host:3306/db_name";
+
+        # When you are using symlinks to link the document root to the
+        # current version of your application, you should pass the real
+        # application path instead of the path to the symlink to PHP
+        # FPM.
+        # Otherwise, PHP's OPcache may not properly detect changes to
+        # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
+        # for more information).
+        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
+        fastcgi_param DOCUMENT_ROOT $realpath_root;
+        # Prevents URIs that include the front controller. This will 404:
+        # http://domain.tld/index.php/some-path
+        # Remove the internal directive to allow URIs like this
+        internal;
+    }
+}