From 8ddfa35f21c332821f0d03f59da70df60196fe11 Mon Sep 17 00:00:00 2001
From: admin <krokk50@gmail.com>
Date: Sat, 4 Apr 2026 17:32:42 +0000
Subject: [PATCH] =?UTF-8?q?envs/prod:=20=D0=B4=D0=BE=D0=B1=D0=B0=D0=B2?=
 =?UTF-8?q?=D0=BB=D0=B5=D0=BD=D1=8B=20compose=20=D1=84=D0=B0=D0=B9=D0=BB?=
 =?UTF-8?q?=D1=8B=20=D0=B8=20=D1=88=D0=B0=D0=B1=D0=BB=D0=BE=D0=BD=20.env?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 envs/prod/.env.example                 | 10 +++
 envs/prod/Caddyfile                    | 28 ++++++++
 envs/prod/docker-compose.caddy.yml     | 27 ++++++++
 envs/prod/docker-compose.gitea.yml     | 60 +++++++++++++++++
 envs/prod/docker-compose.remnawave.yml | 90 ++++++++++++++++++++++++++
 5 files changed, 215 insertions(+)
 create mode 100644 envs/prod/.env.example
 create mode 100644 envs/prod/Caddyfile
 create mode 100644 envs/prod/docker-compose.caddy.yml
 create mode 100644 envs/prod/docker-compose.gitea.yml
 create mode 100644 envs/prod/docker-compose.remnawave.yml

diff --git a/envs/prod/.env.example b/envs/prod/.env.example
new file mode 100644
index 0000000..0038a96
--- /dev/null
+++ b/envs/prod/.env.example
@@ -0,0 +1,10 @@
+# remnawave
+APP_PORT=3000
+METRICS_PORT=3001
+POSTGRES_USER=
+POSTGRES_PASSWORD=
+POSTGRES_DB=
+# добавь остальные ключи из своего .env
+
+# gitea
+GITEA_DB_PASSWORD=
diff --git a/envs/prod/Caddyfile b/envs/prod/Caddyfile
new file mode 100644
index 0000000..30db71a
--- /dev/null
+++ b/envs/prod/Caddyfile
@@ -0,0 +1,28 @@
+{
+    email krokk50@gmail.com
+}
+
+zonadobra.luntik.org {
+    reverse_proxy remnawave:3000
+
+    handle /remnawave-webhook {
+        reverse_proxy hooks.luntik.org:8080 {
+            header_up Host {host}
+            header_up X-Real-IP {remote_host}
+            header_up X-Forwarded-For {remote_host}
+            header_up X-Forwarded-Proto {scheme}
+            transport http {
+                read_timeout 120s
+                write_timeout 120s
+            }
+        }
+    }
+}
+
+sub.leamvpn.com {
+    reverse_proxy remnawave-subscription-page:3010
+}
+
+git.luntik.org {
+    reverse_proxy gitea:3002
+}
diff --git a/envs/prod/docker-compose.caddy.yml b/envs/prod/docker-compose.caddy.yml
new file mode 100644
index 0000000..00eb69c
--- /dev/null
+++ b/envs/prod/docker-compose.caddy.yml
@@ -0,0 +1,27 @@
+services:
+  remnawave-caddy:
+    image: caddy:2-alpine
+    container_name: remnawave-caddy
+    hostname: remnawave-caddy
+    restart: always
+    ports:
+      - "0.0.0.0:443:443"
+      - "0.0.0.0:80:80"
+    volumes:
+      - ./Caddyfile:/etc/caddy/Caddyfile:ro
+      - caddy-data:/data
+      - caddy-config:/config
+    networks:
+      - remnawave-network
+
+networks:
+  remnawave-network:
+    name: remnawave-network
+    driver: bridge
+    external: true
+
+volumes:
+  caddy-data:
+    name: caddy-data
+  caddy-config:
+    name: caddy-config
diff --git a/envs/prod/docker-compose.gitea.yml b/envs/prod/docker-compose.gitea.yml
new file mode 100644
index 0000000..ce71d2b
--- /dev/null
+++ b/envs/prod/docker-compose.gitea.yml
@@ -0,0 +1,60 @@
+services:
+  gitea:
+    image: gitea/gitea:latest
+    container_name: gitea
+    hostname: gitea
+    restart: unless-stopped
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+      - GITEA__database__DB_TYPE=postgres
+      - GITEA__database__HOST=gitea-db:5432
+      - GITEA__database__NAME=gitea
+      - GITEA__database__USER=gitea
+      - GITEA__database__PASSWD=${GITEA_DB_PASSWORD}
+      - GITEA__server__DOMAIN=git.luntik.org
+      - GITEA__server__ROOT_URL=https://git.luntik.org
+      - GITEA__server__HTTP_PORT=3002
+      - GITEA__server__SSH_DOMAIN=git.luntik.org
+      - GITEA__server__SSH_PORT=2222
+      - GITEA__server__SSH_LISTEN_PORT=22
+      - GITEA__service__DISABLE_REGISTRATION=true
+    volumes:
+      - ./data:/data
+    ports:
+      - "127.0.0.1:3002:3002"
+      - "0.0.0.0:2222:22"
+    depends_on:
+      gitea-db:
+        condition: service_healthy
+    networks:
+      - gitea-network
+      - remnawave-network
+
+  gitea-db:
+    image: postgres:17-alpine
+    container_name: gitea-db
+    hostname: gitea-db
+    restart: unless-stopped
+    environment:
+      - POSTGRES_USER=gitea
+      - POSTGRES_PASSWORD=${GITEA_DB_PASSWORD}
+      - POSTGRES_DB=gitea
+    volumes:
+      - ./db:/var/lib/postgresql/data
+    healthcheck:
+      test: ['CMD-SHELL', 'pg_isready -U gitea -d gitea']
+      interval: 3s
+      timeout: 10s
+      retries: 3
+    networks:
+      - gitea-network
+
+networks:
+  gitea-network:
+    driver: bridge
+  remnawave-network:
+    name: remnawave-network
+    driver: bridge
+    external: true
+
diff --git a/envs/prod/docker-compose.remnawave.yml b/envs/prod/docker-compose.remnawave.yml
new file mode 100644
index 0000000..1a21dc7
--- /dev/null
+++ b/envs/prod/docker-compose.remnawave.yml
@@ -0,0 +1,90 @@
+x-common: &common
+  ulimits:
+    nofile:
+      soft: 1048576
+      hard: 1048576
+  restart: always
+  networks:
+    - remnawave-network
+
+x-logging: &logging
+  logging:
+    driver: json-file
+    options:
+      max-size: 100m
+      max-file: 5
+
+x-env: &env
+  env_file: .env
+
+services:
+  remnawave:
+    image: remnawave/backend:2
+    volumes:
+      - ./notifications-config.yml:/var/lib/remnawave/configs/notifications/notifications-config.yml:ro
+    container_name: remnawave
+    hostname: remnawave
+    <<: [*common, *logging, *env]
+    ports:
+      - 127.0.0.1:3000:${APP_PORT:-3000}
+      - 127.0.0.1:3001:${METRICS_PORT:-3001}
+    healthcheck:
+      test: ['CMD-SHELL', 'curl -f http://localhost:${METRICS_PORT:-3001}/health']
+      interval: 30s
+      timeout: 5s
+      retries: 3
+      start_period: 30s
+    depends_on:
+      remnawave-db:
+        condition: service_healthy
+      remnawave-redis:
+        condition: service_healthy
+
+  remnawave-db:
+    image: postgres:17.6
+    container_name: remnawave-db
+    hostname: remnawave-db
+    <<: [*common, *logging, *env]
+    environment:
+      - POSTGRES_USER=${POSTGRES_USER}
+      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
+      - POSTGRES_DB=${POSTGRES_DB}
+      - TZ=UTC
+    ports:
+      - 127.0.0.1:6767:5432
+    volumes:
+      - remnawave-db-data:/var/lib/postgresql/data
+    healthcheck:
+      test: ['CMD-SHELL', 'pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}']
+      interval: 3s
+      timeout: 10s
+      retries: 3
+
+  remnawave-redis:
+    image: valkey/valkey:8.1-alpine
+    container_name: remnawave-redis
+    hostname: remnawave-redis
+    <<: [*common, *logging]
+    command: >
+      valkey-server
+      --save ""
+      --appendonly no
+      --maxmemory-policy noeviction
+      --loglevel warning
+    healthcheck:
+      test: ['CMD', 'valkey-cli', 'ping']
+      interval: 3s
+      timeout: 3s
+      retries: 3
+
+networks:
+  remnawave-network:
+    name: remnawave-network
+    driver: bridge
+    external: false
+
+volumes:
+  remnawave-db-data:
+    name: remnawave-db-data
+    driver: local
+    external: false