Compare commits

..

2 commits

Author SHA1 Message Date
Alexey Skobkin 02a3a7d8c1 Documentation regarding using the database running on the host machine. 2022-03-19 05:27:56 +03:00
Alexey Skobkin 1b6e67dba6 synapse-admin. Reconfiguring networks. 2022-03-19 05:27:56 +03:00
133 changed files with 499 additions and 2125 deletions

View file

@ -1,16 +0,0 @@
kind: pipeline
type: docker
name: validate-pr
steps:
- name: validate
image: 'dockette/docker:latest'
commands:
- for DIR in */ ; do if [[ $(expr match "$DIR" "_.*") != 0 ]] ; then echo "SKIPPING $DIR" && continue; fi && test -f $DIR/.env.dist && cp $DIR/.env.dist $DIR/.env ; done
- for DIR in */ ; do if [[ $(expr match "$DIR" "_.*") != 0 ]] ; then echo "SKIPPING $DIR" && continue; fi && echo $DIR && cd $DIR && docker compose config && cd .. ; done
trigger:
event:
include:
- pull_request

View file

@ -1,5 +1,5 @@
validate: validate:
image: 'docker/compose:1.29.2' image: 'docker/compose:1.29.2'
script: script:
- for DIR in */ ; do if [[ $(expr match "$DIR" "_.*") != 0 ]] ; then echo "SKIPPING $DIR" && continue; fi && test -f $DIR/.env.dist && cp $DIR/.env.dist $DIR/.env ; done - for DIR in */ ; do test -f $DIR/.env.dist && cp $DIR/.env.dist $DIR/.env ; done
- for DIR in */ ; do if [[ $(expr match "$DIR" "_.*") != 0 ]] ; then echo "SKIPPING $DIR" && continue; fi && echo $DIR && cd $DIR && docker-compose config && cd .. ; done - for DIR in */ ; do echo $DIR && cd $DIR && docker-compose config && cd .. ; done

View file

@ -1,5 +1,3 @@
[![Build Status](https://ci.skobk.in/api/badges/skobkin/docker-stacks/status.svg)](https://ci.skobk.in/skobkin/docker-stacks)
# Docker Compose config collection # Docker Compose config collection
## How to set up? ## How to set up?
@ -32,56 +30,42 @@ You need to change your database configuration to be able to do that. Check
Not every stack is tested to fully work. Not every stack is tested to fully work.
| App Name | Status | Image | Description | Links | | App Name | Status | Image | Description | Links |
|-------------------------|-------------|----------------------------------------------|-------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |-------------------------|--------------|----------------------------------------------|----------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| ARK Server | ✅ | `thmhoag/arkserver` | ARK: Survival Evolved game server with ArkManager. | [Website](http://playark.com), [Steam](https://store.steampowered.com/app/346110/ARK_Survival_Evolved/), [Image Github](https://github.com/thmhoag/arkserver), [ArkManager](https://github.com/arkmanager/ark-server-tools) | | ARK Server | ✅ | `thmhoag/arkserver` | ARK: Survival Evolved game server with ArkManager. | [Website](http://playark.com), [Steam](https://store.steampowered.com/app/346110/ARK_Survival_Evolved/), [Image Github](https://github.com/thmhoag/arkserver), [ArkManager](https://github.com/arkmanager/ark-server-tools) |
| Castopod | ✅ | `castopod/castopod` | Self-hosted federated podcasting platform | [Website](https://castopod.org), [Gitlab](https://code.castopod.org/adaures/castopod) | | Duplicati | ✅ | `linuxserver/duplicati` | Backup solution with many storage backends. | [Website](https://www.duplicati.com), [Github](https://github.com/duplicati/duplicati) |
| Cloudflared | ✅ | `cloudflare/cloudflared` | Cloudflare Tunnel client. | [Website](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/), [Github](https://github.com/cloudflare/cloudflared) | | Element-web | ✅ | `vectorim/element-web` | Web Matrix client. | [Website](https://element.io), [Github](https://github.com/vector-im/element-web/) |
| Drone | ✅ | `drone/drone` | Continuous integration platform. | [Website](https://www.drone.io), [Github](https://github.com/harness/drone), [Image](https://hub.docker.com/r/drone/drone) | | emby | ✅ | `emby/embyserver` | Media server with online transcoding support. | [Website](https://emby.media) |
| Drone Docker Runner | ✅ | `drone/drone-runner-docker` | CI runner daemon for Docker. | [Website](https://www.drone.io), [Github](https://github.com/drone-runners/drone-runner-docker), [Image](https://hub.docker.com/r/drone/drone-runner-docker) | | Folding@Home | ✅ | `johnktims/folding-at-home` | Protein folding distributed computing platform. | [Website](https://foldingathome.org), [My guide](https://skobk.in/2020/06/folding-at-home-quick-start/) |
| Duplicati | ✅ | `linuxserver/duplicati` | Backup solution with many storage backends. | [Website](https://www.duplicati.com), [Github](https://github.com/duplicati/duplicati) | | Gatus | ✅ | `twinproduction/gatus` | Advanced service(s) status page. | [Website](https://gatus.io), [Github](https://github.com/TwiN/gatus) |
| Element-web | ✅ | `vectorim/element-web` | Web Matrix client. | [Website](https://element.io), [Github](https://github.com/vector-im/element-web/) | | Gitea | ✅ | `gitea/gitea` | Lightweight Git hosting platfom. | [Website](https://gitea.io/), [Github](https://github.com/go-gitea/gitea) |
| emby | ✅ | `emby/embyserver` | Media server with online transcoding support. | [Website](https://emby.media) | | Homer | ✅ | `b4bz/homer` | Server homepage generator. | [Github](https://github.com/bastienwirtz/homer), [Demo](https://homer-demo.netlify.app), [Configuration](https://github.com/bastienwirtz/homer/blob/main/docs/configuration.md) |
| Firefly III | Not tested | `fireflyiii/core` | Bookkeeping software. | [Website](https://docs.firefly-iii.org), [Github](https://github.com/firefly-iii/firefly-iii) | | I2PD | ✅ | `purplei2p/i2pd` | The Invisible Internet router. | [Website](https://i2pd.website), [Github](https://github.com/PurpleI2P/i2pd/), [I2P project](https://geti2p.net/) |
| Folding@Home | ✅ | `johnktims/folding-at-home` | Protein folding distributed computing platform. | [Website](https://foldingathome.org), [My guide](https://skobk.in/2020/06/folding-at-home-quick-start/) | | ~~JDownloader~~ | ✅ Abandoned | `jaymoulin/jdownloader` | Download manager with paid/ad file hosting support. | [Website](https://jdownloader.org) |
| Forgejo | ✅ | `codeberg.org/forgejo/forgejo` | Lightweight Git hosting platform. | [Website](https://forgejo.org), [Github](https://codeberg.org/forgejo/forgejo) | | ~~Joplin~~ | ✅ Abandoned | `joplin/server` | Markdown GTD / notes manager synchronization server. | [Website](https://joplinapp.org), [Github](https://github.com/laurent22/joplin) |
| Gatus | ✅ | `twinproduction/gatus` | Advanced service(s) status page. | [Website](https://gatus.io), [Github](https://github.com/TwiN/gatus) | | Lidarr | Not tested | `linuxserver/lidarr` | Music downloader and manager. | [Website](https://lidarr.audio), [Github](https://github.com/Lidarr/Lidarr), [Wiki](https://wiki.servarr.com/lidarr) |
| HedgeDoc | ✅ | `lscr.io/linuxserver/hedgedoc` | Collaborative text editor. | [Website](https://hedgedoc.org), [Github](https://github.com/hedgedoc/hedgedoc) | | magnetico-web-telegram | ✅ | `skobkin/magnetico-web-telegram-bot` | Magnetico Web Telegram bot. | [Bitbucket](https://bitbucket.org/skobkin/magnetico-web-telegram-bot/) |
| Home Assistant | ✅ | `ghcr.io/home-assistant/home-assistant` | Home automation suite. | [Website](https://www.home-assistant.io/), [Github](https://github.com/home-assistant) | | magneticod | ✅ | `boramalper/magneticod` | DHT indexing daemon. | [Website](https://www.boramalper.org/labs/magnetico/), [Github](https://github.com/boramalper/magnetico) |
| Homer | ✅ | `b4bz/homer` | Server homepage generator. | [Github](https://github.com/bastienwirtz/homer), [Demo](https://homer-demo.netlify.app), [Configuration](https://github.com/bastienwirtz/homer/blob/main/docs/configuration.md) | | ~~magneticod-python~~ | ✅ Abandoned | `skobkin/magneticod-python` | DHT indexing daemon (legacy version) | [Website](https://www.boramalper.org/labs/magnetico/), [Github](https://github.com/boramalper/magnetico) |
| I2PD | ✅ | `purplei2p/i2pd` | The Invisible Internet router. | [Website](https://i2pd.website), [Github](https://github.com/PurpleI2P/i2pd/), [I2P project](https://geti2p.net/) | | ~~mariadb-common~~ | ❌ Unfinished | `mariadb` | MariaDB database for common use. | [Website](https://mariadb.org) |
| Immich | ✅ | `ghcr.io/immich-app/immich-server` | Self-hosted photo and video management solution. | [Website](https://immich.app), [Github](https://github.com/immich-app/immich) | | Metube | ✅ | `alexta69/metube` | Web GUI for yt-dlp. | [Github](https://github.com/alexta69/metube) |
| InBucket | ✅ | `inbucket/inbucket` | Testing SMTP/POP3 mail server with web interface. | [Website](https://www.inbucket.org), [Github](https://github.com/inbucket/inbucket) | | Murmur | ✅ | `registry.gitlab.com/skobkin/docker-murmur` | Mumble VoIP server (custom build) | [Website](https://www.mumble.info), [Github](https://github.com/mumble-voip/mumble) |
| Killing Floor 2 server | ✅ Abandoned | `jeeaaasustest/killingfloor2-srv` | Killing Floor 2 game server. | | | NextCloud | ❌ Unfinished | `nextcloud` | File management, synchronization, management and GTD platform. | [Website](https://nextcloud.com), [Github](https://github.com/nextcloud/server) |
| Lidarr | Not tested | `linuxserver/lidarr` | Music downloader and manager. | [Website](https://lidarr.audio), [Github](https://github.com/Lidarr/Lidarr), [Wiki](https://wiki.servarr.com/lidarr) | | Open Streaming Platform | ✅ | `deamos/openstreamingplatform` | Live streaming platform. | [Website](https://openstreamingplatform.com), [Gitlab](https://gitlab.com/osp-group/flask-nginx-rtmp-manager) |
| magnetico-web | ✅ | `skobkin/magnetico-web` | DHT indexer private web search front-end. | [Git](https://git.skobk.in/skobkin/magnetico-web), [Git mirror](https://gitlab.com/skobkin/magnetico-web) | | OpenVPN | ✅ | `kylemanna/openvpn` | OpenVPN server with some management toolkit. | [Website](https://openvpn.net), [Image Github](https://www.github.com/kylemanna/docker-openvpn) |
| magnetico-web-telegram | ✅ | `skobkin/magnetico-web-telegram-bot` | Magnetico Web Telegram bot. | [Bitbucket](https://bitbucket.org/skobkin/magnetico-web-telegram-bot/) | | Owncast | ✅ | `gabekangas/owncast` | Live streaming platform with federation support. | [Website](https://owncast.online), [Github](https://github.com/owncast/owncast) |
| magneticod | ✅ | `boramalper/magneticod` | DHT indexing daemon. | [Website](https://www.boramalper.org/labs/magnetico/), [Github](https://github.com/boramalper/magnetico) | | Portainer | ✅ | `portainer/portainer` | Docker Container management web UI. | [Website](https://www.portainer.io), [Github](https://github.com/portainer/portainer) |
| Matrix Telegram Bridge | ✅ | `dock.mau.dev/mautrix/telegram` | Telegram bridge for Matrix server | [Gitlab](https://mau.dev/mautrix/telegram/) | | ~~Postgres Common~~ | ❌ Unfinished | `postgres` | PostgreSQL database for common use. | [Website](https://www.postgresql.org) |
| Metube | ✅ | `alexta69/metube` | Web GUI for yt-dlp. | [Github](https://github.com/alexta69/metube) | | Proxy MTProto | ✅ | `mtproxy/mtproxy` | MTProto Telegram proxy. | [Website](https://telegram.org), [Github](https://github.com/TelegramMessenger/MTProxy) |
| Mosquitto | ✅ | `iegomez/mosquitto-go-auth` | Simple and fast MQTT server with Go Auth plugin. | [Plugin Github](https://github.com/iegomez/mosquitto-go-auth), [Mosquitto website](https://mosquitto.org) | | Proxy Socks5 | ✅ | `serjs/go-socks5-proxy` | Simple SOCKS5 proxy. | [Github](https://github.com/serjs/socks5-server) |
| Murmur (Mumble server) | ✅ | `registry.gitlab.com/skobkin/docker-murmur` | Mumble VoIP server (custom build) | [Website](https://www.mumble.info), [Github](https://github.com/mumble-voip/mumble) | | Radarr | ✅ | `linuxserver/radarr` | Movie downloader and manager. | [Website](https://radarr.video), [Github](https://github.com/Radarr/Radarr), [Wiki](https://wiki.servarr.com/radarr) |
| Ollama | ✅ | `ollama/ollama` | Toolkit for easily running LLM's locally. | [Website](https://ollama.com), [Github](https://github.com/ollama/ollama) | | Redis | ✅ | `redis` | Redis storage server. | [Website](https://redis.io), [Github](https://github.com/redis/redis-io) |
| Open Streaming Platform | ✅ | `deamos/openstreamingplatform` | Live streaming platform. | [Website](https://openstreamingplatform.com), [Gitlab](https://gitlab.com/osp-group/flask-nginx-rtmp-manager) | | Sonarr | ✅ | `linuxserver/sonarr` | TV Shows, series and anime downloader and manager. | [Website](https://sonarr.tv), [Github](https://github.com/Sonarr/Sonarr), [Wiki](https://wiki.servarr.com/sonarr) |
| OpenVPN | ✅ | `kylemanna/openvpn` | OpenVPN server with some management toolkit. | [Website](https://openvpn.net), [Image Github](https://www.github.com/kylemanna/docker-openvpn) | | Speedtest | ✅ | `adolfintel/speedtest` | Libre speed test implementation. | [Website](https://librespeed.org), [Github](https://github.com/librespeed/speedtest) |
| Owncast | ✅ | `gabekangas/owncast` | Live streaming platform with federation support. | [Website](https://owncast.online), [Github](https://github.com/owncast/owncast) | | Synapse | ✅ | `matrixdotorg/synapse` | Matrix reference server written in Python. | [Website](https://matrix.org/docs/projects/server/synapse), [Github](https://github.com/matrix-org/synapse), [Installation and configuration](https://matrix-org.github.io/synapse/latest/setup/installation.html) |
| Portainer | ✅ | `portainer/portainer` | Docker Container management web UI. | [Website](https://www.portainer.io), [Github](https://github.com/portainer/portainer) | | Syncthing | ✅ | `linuxserver/syncthing` | P2P file synchronization daemon. | [Website](https://syncthing.net), [Github](https://github.com/syncthing/syncthing) |
| Proxy MTProto | ✅ | `mtproxy/mtproxy` | MTProto Telegram proxy. | [Website](https://telegram.org), [Github](https://github.com/TelegramMessenger/MTProxy) | | Tor OBFS4 Bridge | ✅ | `thetorproject/obfs4-bridge` | Tor OBFS4 Bridge for Tor blocking bypass. | [Website](https://community.torproject.org/relay/setup/bridge/), [Gitlab](https://gitlab.torproject.org/tpo/anti-censorship/docker-obfs4-bridge), [Manual](https://community.torproject.org/relay/setup/bridge/docker/) |
| Proxy Socks5 | ✅ | `serjs/go-socks5-proxy` | Simple SOCKS5 proxy. | [Github](https://github.com/serjs/socks5-server) | | Tor Privoxy | ✅ | `registry.gitlab.com/skobkin/torproxy-obfs4` | Tor image with integrated privoxy and OBFS4 bridge support. | [Original image Github](https://github.com/dperson/torproxy), [OBFS4 support image Gitlab](https://gitlab.com/skobkin/torproxy-obfs4) |
| qBittorrent | ✅ | `linuxserver/qbittorrent` | qBittorrent (noX) | [Website](https://www.qbittorrent.org), [LinuxServer Fleet](https://fleet.linuxserver.io/image?name=linuxserver/qbittorrent) | | Watchtower | ✅ | `containrrr/watchtower` | Docker container auto-update daemon. | [Website](https://containrrr.dev/watchtower/), [Github](https://github.com/containrrr/watchtower) |
| Radarr | ✅ | `linuxserver/radarr` | Movie downloader and manager. | [Website](https://radarr.video), [Github](https://github.com/Radarr/Radarr), [Wiki](https://wiki.servarr.com/radarr) | | Wireguard | ❌ Unfinished | `cmulk/wireguard-docker` | WireGuard VPN. | [Website](https://www.wireguard.com), [Image Github](https://github.com/cmulk/wireguard-docker) |
| Redis | ✅ | `redis` | Redis storage server. | [Website](https://redis.io), [Github](https://github.com/redis/redis-io) | | ~~Wordpress~~ | ❌ Unfinished | `wordpress` | Wordpress blogging platform. | [Webiste](https://wordpress.org), [SVN](https://build.trac.wordpress.org/browser) |
| Shadowsocks Client | ✅ | `ghcr.io/shadowsocks/sslocal-rust:latest` | Shadowsocks client (and SOCKS/HTTP/tunnel server). | [Website](https://shadowsocks.org), [Github](https://github.com/shadowsocks/shadowsocks-rust), [Configuration](https://github.com/shadowsocks/shadowsocks-rust#getting-started) |
| Sish | ✅ | `antoniomika/sish` | Localhost tunneling solution over SSH | [Docs](https://docs.ssi.sh/getting-started), [Github](https://github.com/antoniomika/sish) |
| Shinobi | ✅ | `shinobisystems/shinobi` | Shinobi surveillance system | [Website](https://shinobi.video), [Github](https://github.com/ShinobiCCTV/Shinobi) |
| Sonarr | ✅ | `linuxserver/sonarr` | TV Shows, series and anime downloader and manager. | [Website](https://sonarr.tv), [Github](https://github.com/Sonarr/Sonarr), [Wiki](https://wiki.servarr.com/sonarr) |
| Speedtest | ✅ | `adolfintel/speedtest` | Libre speed test implementation. | [Website](https://librespeed.org), [Github](https://github.com/librespeed/speedtest) |
| Synapse | ✅ | `matrixdotorg/synapse` | Matrix reference server written in Python. | [Website](https://matrix.org/docs/projects/server/synapse), [Github](https://github.com/matrix-org/synapse), [Installation and configuration](https://matrix-org.github.io/synapse/latest/setup/installation.html) |
| Syncthing | ✅ | `linuxserver/syncthing` | P2P file synchronization daemon. | [Website](https://syncthing.net), [Github](https://github.com/syncthing/syncthing) |
| Telegram LLM Bot | ✅ | `skobkin/telegram-llm-bot` | Simple Telegram bot to interact with LLM running in Ollama | [Forgejo repository](https://git.skobk.in/skobkin/telegram-ollama-reply-bot) |
| Telegram RSS Bot | ✅ | `miroslavsckaya/tg-rss-bot` | Telegram RSS Bot by @Miroslavsckaya. | [Gitea](https://git.skobk.in/Miroslavsckaya/tg_rss_bot/), [Github Mirror](https://github.com/Miroslavsckaya/tg_rss_bot) |
| Tor OBFS4 Bridge | ✅ | `thetorproject/obfs4-bridge` | Tor OBFS4 Bridge for Tor blocking bypass. | [Website](https://community.torproject.org/relay/setup/bridge/), [Gitlab](https://gitlab.torproject.org/tpo/anti-censorship/docker-obfs4-bridge), [Manual](https://community.torproject.org/relay/setup/bridge/docker/) |
| Tor Privoxy | ✅ | `registry.gitlab.com/skobkin/torproxy-obfs4` | Tor image with integrated privoxy and OBFS4 bridge support. | [Original image Github](https://github.com/dperson/torproxy), [OBFS4 support image Gitlab](https://gitlab.com/skobkin/torproxy-obfs4) |
| Transmission | ✅ | `lscr.io/linuxserver/transmission` | Torrent client suitable for NAS. | [Github](https://github.com/linuxserver/docker-transmission), [LinuxServer Fleet](https://hub.docker.com/r/linuxserver/transmission) |
| Watchtower | ✅ | `containrrr/watchtower` | Docker container auto-update daemon. | [Website](https://containrrr.dev/watchtower/), [Github](https://github.com/containrrr/watchtower) |
| Webhook.site | | `webhooksite/webhook.site` | HTTP callback testing tool | [Website](https://webhook.site), [Github](https://github.com/webhooksite/webhook.site) |

View file

@ -6,21 +6,19 @@
### PostgreSQL ### PostgreSQL
You need to make PostgreSQL listen not only `localhost`, but also Docker's network interface. You need to make PostgreSQL listen not only `localhost`, but also Docker's network interface.
To do that you need to add host machine IP address in the Docker network (usually `172.17.0.1`) to the To do that you need to add host machine IP address in the Docker network (usually `172.17.0.1`) to the `postgresql.conf`:
`postgresql.conf` by changing `listen_addresses` parameter:
```ini ```ini
# Listen local interface and also Docker's network # Listen local interface and also Docker's network
listen_addresses = 'localhost,172.17.0.1' listen_addresses = 'localhost,172.17.0.1'
``` ```
Then you need to allow apps inside Docker containers to authenticate. That could be done by adding following line to the Then you need to allow apps inside Docker containers to authenticate. That could be done in the `pg_hba.conf`:
`pg_hba.conf`:
``` ```
# Docker network # Docker network
host all all 172.17.0.0/12 md5 host all all 172.17.0.0/12 md5
``` ```
Do not forget to restart your PostgreSQL server. For PostgreSQL 12 and `main` cluster it could be usually done like that: Do not forget to restart your PostgreSQL server. For PostgreSQL 12 it could be usually done like that:
```shell ```shell
systemctl restart postgresql@12-main.service systemctl restart postgresql@12-main.service

View file

@ -1,57 +0,0 @@
# see https://docs.castopod.org/main/en/getting-started/docker/
# see https://hub.docker.com/r/castopod/castopod
# see https://docs.castopod.org/main/en/getting-started/docker/#environment-variables
IMAGE_TAG=latest
# Ports
EXTERNAL_ADDRESS=127.0.0.1
EXTERNAL_PORT=8393
# Castopod Settings
CP_BASEURL=https://cp.domain.tld
#CP_MEDIA_BASEURL=https://cp.domain.tld
CP_ANALYTICS_SALT=changeme
#CP_CACHE_HANDLER=redis
#CP_REDIS_HOST=redis
CP_REDIS_PASSWORD=changeme
#CP_ADMIN_GATEWAY=custom-admin-path
#CP_AUTH_GATEWAY=custom-auth-path
#CP_ENABLE_2FA=true
CP_DATABASE_HOSTNAME=host.docker.internal
CP_DATABASE_NAME=castopod
CP_DATABASE_USERNAME=castopod
CP_DATABASE_PASSWORD=changeme
# Storage
MEDIA_PATH=./media
REDIS_DATA_PATH=./redis_data
# See https://docs.castopod.org/main/en/getting-started/install/#s3
#CP_MEDIA_FILE_MANAGER="s3"
#CP_MEDIA_S3_ENDPOINT="your_s3_host"
#CP_MEDIA_S3_KEY="your_s3_key"
#CP_MEDIA_S3_SECRET="your_s3_secret"
#CP_MEDIA_S3_REGION="your_s3_region"
##CP_MEDIA_S3_BUCKET="your_s3_bucket"
##CP_MEDIA_S3_PROTOCOL=
##CP_MEDIA_S3_PATH_STYLE_ENDPOINT=
##CP_MEDIA_S3_KEY_PREFIX=
#CP_MAX_BODY_SIZE=512M
# Mailing
#CP_EMAIL_FROM=your_email_address
#CP_EMAIL_SMTP_HOST=your_smtp_host
#CP_EMAIL_SMTP_USERNAME=your_smtp_user
#CP_EMAIL_SMTP_PASSWORD=your_smtp_password
##CP_EMAIL_SMTP_PORT=12345
##CP_EMAIL_SMTP_CRYPTO=tls
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

View file

@ -1,46 +0,0 @@
services:
castopod:
image: 'castopod/castopod:${IMAGE_TAG:-latest}'
container_name: 'castopod'
volumes:
- '${MEDIA_PATH:-./media}:/var/www/castopod/public/media'
environment:
MYSQL_DATABASE: '${CP_DATABASE_NAME:-castopod}'
MYSQL_USER: '${CP_DATABASE_USERNAME:-castopod}'
MYSQL_PASSWORD: '${CP_DATABASE_PASSWORD}'
CP_BASEURL: "${CP_BASEURL}"
CP_ANALYTICS_SALT: '${CP_ANALYTICS_SALT}'
CP_CACHE_HANDLER: '${CP_CACHE_HANDLER:-redis}'
CP_REDIS_HOST: '${CP_REDIS_HOST:-redis}'
CP_REDIS_PASSWORD: '${CP_REDIS_PASSWORD}'
env_file: '.env'
networks:
- castopod
extra_hosts:
- 'host.docker.internal:host-gateway'
ports:
- '${EXTERNAL_ADDRESS:-127.0.0.1}:${EXTERNAL_PORT:-8393}:8000'
restart: unless-stopped
logging:
driver: 'json-file'
options:
max-size: '${LOG_MAX_SIZE:-5m}'
max-file: '${LOG_MAX_FILE:-5}'
redis:
image: 'redis:7.2-alpine'
container_name: 'castopod-redis'
command: '--requirepass ${CP_REDIS_PASSWORD}'
volumes:
- '${REDIS_DATA_PATH:-./redis_data}:/data'
networks:
- castopod
restart: unless-stopped
logging:
driver: 'json-file'
options:
max-size: '${LOG_MAX_SIZE:-5m}'
max-file: '${LOG_MAX_FILE:-5}'
networks:
castopod:

View file

@ -1,2 +0,0 @@
/*
!/.gitignore

View file

@ -1,10 +0,0 @@
# see https://hub.docker.com/r/cloudflare/cloudflared
#IMAGE_VERSION=latest
TUNNEL_TOKEN=abcxyz
#NETWORK_MODE=host
# Service settings
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

View file

@ -1,19 +0,0 @@
# https://hub.docker.com/r/cloudflare/cloudflared
services:
cloudflared:
image: "cloudflare/cloudflared:${IMAGE_VERSION:-latest}"
container_name: cloudflared
command:
- 'tunnel'
- '-no-autoupdate'
- 'run'
- '-token'
- '${TUNNEL_TOKEN}'
network_mode: '${NETWORK_MODE:-host}'
env_file: .env
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

View file

@ -1,18 +0,0 @@
# see https://hub.docker.com/r/drone/drone-runner-docker
IMAGE_VERSION=1
WEBUI_BIND_ADDR=127.0.0.1
WEBUI_BIND_PORT=8387
# Drone settings
# https://docs.drone.io/runner/docker/installation/linux/
DRONE_RPC_PROTO=https
DRONE_RPC_HOST=drone.domain.tld
DRONE_RPC_SECRET=super-duper-secret
DRONE_RUNNER_CAPACITY=2
DRONE_RUNNER_NAME=runner-name
# Service settings
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

View file

@ -1,21 +0,0 @@
# https://hub.docker.com/r/drone/drone-runner-docker
version: '3.7'
services:
drone-runner:
image: "drone/drone-runner-docker:${IMAGE_VERSION:-1}"
container_name: drone-runner
volumes:
# Mounting Docker socket inside the container to control temporary Docker containers from runner.
- "/var/run/docker.sock:/var/run/docker.sock"
ports:
# Optional, used for dashboard:
# https://discourse.drone.io/t/drone-agent-port/5914/5
- "${WEBUI_BIND_ADDR:-127.0.0.1}:${WEBUI_BIND_PORT:-8387}:3000"
env_file: .env
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

View file

@ -1,19 +0,0 @@
server {
listen 80;
server_name drone-runner.domain.tld;
#charset utf-8;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_pass http://127.0.0.1:8387/;
}
}

View file

@ -1,30 +0,0 @@
# see https://hub.docker.com/r/drone/drone
IMAGE_VERSION=2
HOST_DATA_DIR=./data
WEBUI_BIND_ADDR=127.0.0.1
WEBUI_BIND_PORT=8386
# Drone settings
# https://docs.drone.io/server/reference/
DRONE_GITEA_SERVER=https://gitea.domain.tld
DRONE_GITEA_CLIENT_ID=xxx
DRONE_GITEA_CLIENT_SECRET=yyy
DRONE_RPC_SECRET=super-duper-secret
DRONE_SERVER_HOST=drone.domain.tld
DRONE_SERVER_PROTO=https
#DRONE_DATABASE_DRIVER=mysql
#DRONE_DATABASE_DRIVER=postgres
DRONE_DATABASE_DRIVER=sqlite3
#DRONE_DATABASE_DATASOURCE=root:password@tcp(1.2.3.4:3306)/drone?parseTime=true
#DRONE_DATABASE_DATASOURCE=postgres://root:password@1.2.3.4:5432/postgres?sslmode=disable
DRONE_DATABASE_DATASOURCE=/data/database.sqlite
# Optional string value. Configures the secret key used to encrypt secrets in the database.
# Encryption is disabled by default and must be configured before the system is first used.
#DRONE_DATABASE_SECRET=zzz
# Service settings
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

View file

@ -1,2 +0,0 @@
/*
!/.gitignore

View file

@ -1,22 +0,0 @@
# https://hub.docker.com/r/drone/drone
version: '3.7'
services:
drone:
image: "drone/drone:${IMAGE_VERSION:-2}"
container_name: drone
hostname: drone
extra_hosts:
# Not necessary, but allows to access to local database if chosen over SQLite.
- "host.docker.internal:host-gateway"
volumes:
- "${HOST_DATA_DIR:-./data}:/data"
ports:
- "${WEBUI_BIND_ADDR:-127.0.0.1}:${WEBUI_BIND_PORT:-8386}:80"
env_file: .env
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

View file

@ -1,19 +0,0 @@
server {
listen 80;
server_name drone.domain.tld;
#charset utf-8;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_pass http://127.0.0.1:8386/;
}
}

View file

@ -11,9 +11,6 @@ HOST_MULTIMEDIA_DIR=/mnt/multimedia
# Leave as it is unless you really need something else # Leave as it is unless you really need something else
INT_MULTIMEDIA_DIR=/libraries INT_MULTIMEDIA_DIR=/libraries
# Uncomment this for AMD GPU video acceleration
#VIDEO_ACCEL_DEVICE=/dev/dri/renderD128
WEBUI_BIND_ADDR=0.0.0.0 WEBUI_BIND_ADDR=0.0.0.0
WEBUI_BIND_PORT=8096 WEBUI_BIND_PORT=8096
WEBUI_INT_BIND_PORT=8096 WEBUI_INT_BIND_PORT=8096

View file

@ -1,5 +1,5 @@
# https://hub.docker.com/r/emby/embyserver # https://hub.docker.com/r/emby/embyserver
version: '3.8' version: '3.7'
services: services:
emby: emby:
@ -8,8 +8,6 @@ services:
volumes: volumes:
- "${HOST_CONFIG_DIR:-./config}:/config" - "${HOST_CONFIG_DIR:-./config}:/config"
- "${HOST_MULTIMEDIA_DIR}:${INT_MULTIMEDIA_DIR:-/libraries}" - "${HOST_MULTIMEDIA_DIR}:${INT_MULTIMEDIA_DIR:-/libraries}"
devices:
- "${VIDEO_ACCEL_DEVICE:-/dev/null}:${VIDEO_ACCEL_DEVICE:-/dev/null}"
ports: ports:
- "${WEBUI_BIND_ADDR:-127.0.0.1}:${WEBUI_BIND_PORT:-8096}:${WEBUI_INT_BIND_PORT:-8096}/tcp" - "${WEBUI_BIND_ADDR:-127.0.0.1}:${WEBUI_BIND_PORT:-8096}:${WEBUI_INT_BIND_PORT:-8096}/tcp"
# Use reverse-proxy instead # Use reverse-proxy instead

View file

@ -1,315 +0,0 @@
# see https://docs.firefly-iii.org/how-to/firefly-iii/installation/docker/
# see https://hub.docker.com/r/fireflyiii/core
IMAGE_TAG=latest
WEB_BIND_ADDR=127.0.0.1
WEB_BIND_PORT=8392
UPLOAD_DIR=./upload
DB_DIR=./db
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5
# Firefly
#
# Please make sure this URL matches the external URL of your Firefly III installation.
# It is used to validate specific requests and to generate URLs in emails.
#
APP_URL=http://localhost
# You can leave this on "local". If you change it to production most console commands will ask for extra confirmation.
# Never set it to "testing".
APP_ENV=production
# Set to true if you want to see debug information in error screens.
APP_DEBUG=false
# This should be your email address.
# If you use Docker or similar, you can set this variable from a file by using SITE_OWNER_FILE
# The variable is used in some errors shown to users who aren't admin.
SITE_OWNER=mail@example.com
# The encryption key for your sessions. Keep this very secure.
# Change it to a string of exactly 32 chars or use something like `php artisan key:generate` to generate it.
# If you use Docker or similar, you can set this variable from a file by using APP_KEY_FILE
#
# Avoid the "#" character in your APP_KEY, it may break things.
#
APP_KEY=SomeRandomStringOf32CharsExactly
# Firefly III will launch using this language (for new users and unauthenticated visitors)
# For a list of available languages: https://github.com/firefly-iii/firefly-iii/tree/main/resources/lang
#
# If text is still in English, remember that not everything may have been translated.
DEFAULT_LANGUAGE=en_US
# The locale defines how numbers are formatted.
# by default this value is the same as whatever the language is.
DEFAULT_LOCALE=equal
# Change this value to your preferred time zone.
# Example: Europe/Amsterdam
# For a list of supported time zones, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
TZ=Europe/Moscow
# TRUSTED_PROXIES is a useful variable when using Docker and/or a reverse proxy.
# Set it to ** and reverse proxies work just fine.
TRUSTED_PROXIES=**
# The log channel defines where your log entries go to.
# Several other options exist. You can use 'single' for one big fat error log (not recommended).
# Also available are 'syslog', 'errorlog' and 'stdout' which will log to the system itself.
# A rotating log option is 'daily', creates 5 files that (surprise) rotate.
# A cool option is 'papertrail' for cloud logging
# Default setting 'stack' will log to 'daily' and to 'stdout' at the same time.
LOG_CHANNEL=stack
# Log level. You can set this from least severe to most severe:
# debug, info, notice, warning, error, critical, alert, emergency
# If you set it to debug your logs will grow large, and fast. If you set it to emergency probably
# nothing will get logged, ever.
APP_LOG_LEVEL=notice
# Audit log level.
# The audit log is used to log notable Firefly III events on a separate channel.
# These log entries may contain sensitive financial information.
# The audit log is disabled by default.
#
# To enable it, set AUDIT_LOG_LEVEL to "info"
# To disable it, set AUDIT_LOG_LEVEL to "emergency"
AUDIT_LOG_LEVEL=emergency
#
# If you want, you can redirect the audit logs to another channel.
# Set 'audit_stdout', 'audit_syslog', 'audit_errorlog' to log to the system itself.
# Use audit_daily to log to a rotating file.
# Use audit_papertrail to log to papertrail.
#
# If you do this, the audit logs may be mixed with normal logs because the settings for these channels
# are often the same as the settings for the normal logs.
AUDIT_LOG_CHANNEL=
#
# Used when logging to papertrail:
# Also used when audit logs log to papertrail:
#
PAPERTRAIL_HOST=
PAPERTRAIL_PORT=
# Database credentials. Make sure the database exists. I recommend a dedicated user for Firefly III
# For other database types, please see the FAQ: https://docs.firefly-iii.org/references/faq/install/#i-want-to-use-sqlite
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
# Use "pgsql" for PostgreSQL
# Use "mysql" for MySQL and MariaDB.
# Use "sqlite" for SQLite.
DB_CONNECTION=mysql
DB_HOST=db
DB_PORT=3306
DB_DATABASE=firefly
DB_USERNAME=firefly
DB_PASSWORD=secret_firefly_password
# leave empty or omit when not using a socket connection
DB_SOCKET=
# MySQL supports SSL. You can configure it here.
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
MYSQL_USE_SSL=false
MYSQL_SSL_VERIFY_SERVER_CERT=true
# You need to set at least of these options
MYSQL_SSL_CAPATH=/etc/ssl/certs/
MYSQL_SSL_CA=
MYSQL_SSL_CERT=
MYSQL_SSL_KEY=
MYSQL_SSL_CIPHER=
# If you're looking for performance improvements, you could install memcached or redis
# Check https://raw.githubusercontent.com/firefly-iii/firefly-iii/main/.env.example for Redis example
CACHE_DRIVER=file
SESSION_DRIVER=file
# Cookie settings. Should not be necessary to change these.
# If you use Docker or similar, you can set COOKIE_DOMAIN_FILE to set
# the value from a file instead of from an environment variable
# Setting samesite to "strict" may give you trouble logging in.
COOKIE_PATH="/"
COOKIE_DOMAIN=
COOKIE_SECURE=false
COOKIE_SAMESITE=lax
# If you want Firefly III to email you, update these settings
# For instructions, see: https://docs.firefly-iii.org/how-to/firefly-iii/advanced/notifications/#email
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
#MAIL_MAILER=log
MAIL_MAILER=smtp
MAIL_HOST=smtp-relay.sendinblue.com
MAIL_PORT=587
MAIL_FROM=firefly@domain.tld
MAIL_USERNAME=username
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
#MAIL_SENDMAIL_COMMAND=
# Firefly III can send you the following messages.
SEND_ERROR_MESSAGE=true
# These messages contain (sensitive) transaction information:
#SEND_REPORT_JOURNALS=true
SEND_REPORT_JOURNALS=false
# Set this value to true if you want to set the location of certain things, like transactions.
# Since this involves an external service, it's optional and disabled by default.
ENABLE_EXTERNAL_MAP=false
#
# Enable or disable exchange rate conversion. This function isn't used yet by Firefly III
#
ENABLE_EXCHANGE_RATES=false
# Set this value to true if you want Firefly III to download currency exchange rates
# from the internet. These rates are hosted by the creator of Firefly III inside
# an Azure Storage Container.
# Not all currencies may be available. Rates may be wrong.
ENABLE_EXTERNAL_RATES=false
# The map will default to this location:
MAP_DEFAULT_LAT=51.983333
MAP_DEFAULT_LONG=5.916667
MAP_DEFAULT_ZOOM=6
#
# Some objects have room for an URL, like transactions and webhooks.
# By default, the following protocols are allowed:
# http, https, ftp, ftps, mailto
#
# To change this, set your preferred comma separated set below.
# Be sure to include http, https and other default ones if you need to.
#
VALID_URL_PROTOCOLS=
#
# Firefly III authentication settings
#
#
# Firefly III supports a few authentication methods:
# - 'web' (default, uses built in DB)
# - 'remote_user_guard' for Authelia etc
# Read more about these settings in the documentation.
# https://docs.firefly-iii.org/how-to/firefly-iii/advanced/authentication/
#
# LDAP is no longer supported :(
#
AUTHENTICATION_GUARD=web
#
# Remote user guard settings
#
AUTHENTICATION_GUARD_HEADER=REMOTE_USER
AUTHENTICATION_GUARD_EMAIL=
#
# Firefly III generates a basic keypair for your OAuth tokens.
# If you want, you can overrule the key with your own (secure) value.
# It's also possible to set PASSPORT_PUBLIC_KEY_FILE or PASSPORT_PRIVATE_KEY_FILE
# if you're using Docker secrets or similar solutions for secret management
#
PASSPORT_PRIVATE_KEY=
PASSPORT_PUBLIC_KEY=
#
# Extra authentication settings
#
CUSTOM_LOGOUT_URL=
# You can disable the X-Frame-Options header if it interferes with tools like
# Organizr. This is at your own risk. Applications running in frames run the risk
# of leaking information to their parent frame.
DISABLE_FRAME_HEADER=false
# You can disable the Content Security Policy header when you're using an ancient browser
# or any version of Microsoft Edge / Internet Explorer (which amounts to the same thing really)
# This leaves you with the risk of not being able to stop XSS bugs should they ever surface.
# This is at your own risk.
DISABLE_CSP_HEADER=false
# If you wish to track your own behavior over Firefly III, set valid analytics tracker information here.
# Nobody uses this except for me on the demo site. But hey, feel free to use this if you want to.
# Do not prepend the TRACKER_URL with http:// or https://
# The only tracker supported is Matomo.
# You can set the following variables from a file by appending them with _FILE:
TRACKER_SITE_ID=
TRACKER_URL=
#
# Firefly III supports webhooks. These are security sensitive and must be enabled manually first.
#
ALLOW_WEBHOOKS=false
#
# The static cron job token can be useful when you use Docker and wish to manage cron jobs.
# 1. Set this token to any 32-character value (this is important!).
# 2. Use this token in the cron URL instead of a user's command line token that you can find in /profile
#
# For more info: https://docs.firefly-iii.org/how-to/firefly-iii/advanced/cron/
#
# You can set this variable from a file by appending it with _FILE
#
STATIC_CRON_TOKEN=ChangeThisValueToSomeSecret
# You can fine tune the start-up of a Docker container by editing these environment variables.
# Use this at your own risk. Disabling certain checks and features may result in lots of inconsistent data.
# However if you know what you're doing you can significantly speed up container start times.
# Set each value to true to enable, or false to disable.
# Set this to true to build all locales supported by Firefly III.
# This may take quite some time (several minutes) and is generally not recommended.
# If you wish to change or alter the list of locales, start your Docker container with
# `docker run -v locale.gen:/etc/locale.gen -e DKR_BUILD_LOCALE=true`
# and make sure your preferred locales are in your own locale.gen.
DKR_BUILD_LOCALE=false
# Check if the SQLite database exists. Can be skipped if you're not using SQLite.
# Won't significantly speed up things.
DKR_CHECK_SQLITE=true
# Run database creation and migration commands. Disable this only if you're 100% sure the DB exists
# and is up to date.
DKR_RUN_MIGRATION=true
# Run database upgrade commands. Disable this only when you're 100% sure your DB is up-to-date
# with the latest fixes (outside of migrations!)
DKR_RUN_UPGRADE=true
# Verify database integrity. Includes all data checks and verifications.
# Disabling this makes Firefly III assume your DB is intact.
DKR_RUN_VERIFY=true
# Run database reporting commands. When disabled, Firefly III won't go over your data to report current state.
# Disabling this should have no impact on data integrity or safety but it won't warn you of possible issues.
DKR_RUN_REPORT=true
# Generate OAuth2 keys.
# When disabled, Firefly III won't attempt to generate OAuth2 Passport keys. This won't be an issue, IFF (if and only if)
# you had previously generated keys already and they're stored in your database for restoration.
DKR_RUN_PASSPORT_INSTALL=true
# Leave the following configuration vars as is.
# Unless you like to tinker and know what you're doing.
APP_NAME=FireflyIII
BROADCAST_DRIVER=log
QUEUE_DRIVER=sync
CACHE_PREFIX=firefly
PUSHER_KEY=
IPINFO_TOKEN=
PUSHER_SECRET=
PUSHER_ID=
DEMO_USERNAME=
DEMO_PASSWORD=
#
# The v2 layout is very experimental. If it breaks you get to keep both parts.
# Be wary of data loss.
#
FIREFLY_III_LAYOUT=v1

View file

@ -1,2 +0,0 @@
/*
!/.gitignore

View file

@ -1,50 +0,0 @@
version: '3.8'
services:
app:
image: 'fireflyiii/core:${IMAGE_TAG:-latest}'
hostname: app
container_name: firefly_iii_core
restart: always
volumes:
- '${UPLOAD_DIR:-./upload}:/var/www/html/storage/upload'
env_file: .env
networks:
- firefly_iii
ports:
- '${WEB_BIND_ADDR:-127.0.0.1}:${WEB_BIND_PORT:-8392}:8080/tcp'
depends_on:
- db
db:
image: mariadb:lts
hostname: db
container_name: firefly_iii_db
restart: always
env_file: .env
environment:
MYSQL_RANDOM_ROOT_PASSWORD: 'yes'
MYSQL_USER: '${DB_USERNAME:-firefly}'
MYSQL_PASSWORD: '${DB_PASSWORD}'
MYSQL_DATABASE: '${DB_DATABASE:-firefly}'
networks:
- firefly_iii
volumes:
- '${DB_DIR:-./db}:/var/lib/mysql'
cron:
#
# To make this work, set STATIC_CRON_TOKEN in your .env file or as an environment variable and replace REPLACEME below
# The STATIC_CRON_TOKEN must be *exactly* 32 characters long
#
image: alpine
restart: always
container_name: firefly_iii_cron
env_file: .env
command: sh -c "echo \"0 3 * * * wget -qO- http://app:8080/api/v1/cron/${STATIC_CRON_TOKEN}\" | crontab - && crond -f -L /dev/stdout"
networks:
- firefly_iii
networks:
firefly_iii:
driver: bridge

View file

@ -1,23 +0,0 @@
server {
listen 443 ssl http2;
server_name ff.domain.tld;
access_log /var/log/nginx/ff.domain.tld.access;
error_log /var/log/nginx/ff.domain.tld.error;
charset utf-8;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:8392;
}
#include config/gzip.conf;
# SSL config
#include ssl/domain.tld.conf;
}

View file

@ -1,2 +0,0 @@
/*
!/.gitignore

View file

@ -1,2 +0,0 @@
/*
!/.gitignore

View file

@ -1,21 +0,0 @@
version: '3.7'
services:
server:
image: "codeberg.org/forgejo/forgejo:${IMAGE_TAG:-1.21}"
container_name: forgejo
restart: unless-stopped
network_mode: host
ports:
- "${HTTP_BIND_ADDR:-127.0.0.1}:${EXT_HTTP_PORT:-3000}:3000"
- "${EXT_SSH_PORT:-222}:22"
volumes:
- "${HOST_DATA_DIR:-./data}:/data"
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- "FORGEJO__database__DB_TYPE=postgres"
- "FORGEJO__database__HOST=${DB_HOST:-db}:${DB_PORT:-5432}"
- "FORGEJO__database__NAME=${DB_NAME:-forgejo}"
- "FORGEJO__database__USER=${DB_USER:-forgejo}"
- "FORGEJO__database__PASSWD=${DB_PASSWD:-forgejo}"

View file

@ -1,9 +1,7 @@
# see https://forgejo.org/docs/latest/admin/installation-docker/ # see https://docs.gitea.io/en-us/install-with-docker/
USER_UID=1000 USER_UID=1000
USER_GID=1000 USER_GID=1000
IMAGE_TAG=1.21
HOST_DATA_DIR=./data HOST_DATA_DIR=./data
HOST_PG_DATA_DIR=./db HOST_PG_DATA_DIR=./db
HTTP_BIND_ADDR=127.0.0.1 HTTP_BIND_ADDR=127.0.0.1
@ -14,9 +12,9 @@ EXT_SSH_PORT=222
# Leave default for embedded database # Leave default for embedded database
DB_HOST=db DB_HOST=db
DB_PORT=5432 DB_PORT=5432
DB_NAME=forgejo DB_NAME=gitea
DB_USER=forgejo DB_USER=gitea
DB_PASSWD=forgejo DB_PASSWD=gitea
LOG_MAX_SIZE=5m LOG_MAX_SIZE=5m
LOG_MAX_FILE=5 LOG_MAX_FILE=5

21
gitea/docker-compose.yml Normal file
View file

@ -0,0 +1,21 @@
version: '3.7'
services:
server:
image: gitea/gitea:latest
container_name: gitea
restart: unless-stopped
network_mode: host
ports:
- "${HTTP_BIND_ADDR:-127.0.0.1}:${EXT_HTTP_PORT:-3000}:3000"
- "${EXT_SSH_PORT:-222}:22"
volumes:
- "${HOST_DATA_DIR:-./data}:/data"
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GITEA__database__DB_TYPE=postgres
- "GITEA__database__HOST=${DB_HOST:-db}:${DB_PORT:-5432}"
- "GITEA__database__NAME=${DB_NAME:-gitea}"
- "GITEA__database__USER=${DB_USER:-gitea}"
- "GITEA__database__PASSWD=${DB_PASSWD:-gitea}"

View file

@ -1,18 +1,18 @@
version: '3.7' version: '3.7'
networks: networks:
forgejo: gitea:
external: false external: false
services: services:
server: server:
image: "codeberg.org/forgejo/forgejo:${IMAGE_TAG:-1.21}" image: gitea/gitea:latest
container_name: forgejo container_name: gitea
depends_on: depends_on:
- db - db
restart: unless-stopped restart: unless-stopped
networks: networks:
- forgejo - gitea
ports: ports:
- "${HTTP_BIND_ADDR:-127.0.0.1}:${EXT_HTTP_PORT:-3000}:3000" - "${HTTP_BIND_ADDR:-127.0.0.1}:${EXT_HTTP_PORT:-3000}:3000"
- "${EXT_SSH_PORT:-222}:22" - "${EXT_SSH_PORT:-222}:22"
@ -21,20 +21,20 @@ services:
- /etc/timezone:/etc/timezone:ro - /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
environment: environment:
- "FORGEJO__database__DB_TYPE=postgres" - GITEA__database__DB_TYPE=postgres
- "FORGEJO__database__HOST=${DB_HOST:-db}:${DB_PORT:-5432}" - "GITEA__database__HOST=${DB_HOST:-db}:${DB_PORT:-5432}"
- "FORGEJO__database__NAME=${DB_NAME:-forgejo}" - "GITEA__database__NAME=${DB_NAME:-gitea}"
- "FORGEJO__database__USER=${DB_USER:-forgejo}" - "GITEA__database__USER=${DB_USER:-gitea}"
- "FORGEJO__database__PASSWD=${DB_PASSWD:-forgejo}" - "GITEA__database__PASSWD=${DB_PASSWD:-gitea}"
db: db:
image: postgres:13 image: postgres:13
restart: unless-stopped restart: unless-stopped
environment: environment:
- "POSTGRES_USER=${DB_USER:-forgejo}" - "POSTGRES_USER=${DB_USER:-gitea}"
- "POSTGRES_PASSWORD=${DB_PASSWD:-forgejo}" - "POSTGRES_PASSWORD=${DB_PASSWD:-gitea}"
- "POSTGRES_DB=${DB_NAME:-forgejo}" - "POSTGRES_DB=${DB_NAME:-gitea}"
networks: networks:
- forgejo - gitea
volumes: volumes:
- "${HOST_PG_DATA_DIR:-./db}:/var/lib/postgresql/data" - "${HOST_PG_DATA_DIR:-./db}:/var/lib/postgresql/data"

View file

@ -1,31 +0,0 @@
# https://hub.docker.com/r/linuxserver/hedgedoc
# https://docs.hedgedoc.org/configuration/
#IMAGE_TAG=latest
USER_ID=1000
GROUP_ID=1000
WEB_ADDRESS=127.0.0.1
WEB_PORT=8394
DOMAIN=hedgedoc.domain.tld
DIR_CONFIG=./config
DATABASE_HOST=host.docker.internal
DATABASE_PORT=3306
#DATABASE_NAME=hedgedoc
#DATABASE_USER=hedgedoc
DATABASE_PASS=*ChangeMe*
#DATABASE_DIALECT=postgres
TIMEZONE=Europe/Moscow
#CMD_ALLOW_GRAVATAR=false
# https://docs.hedgedoc.org/configuration/#login-methods
# Github Login
#CMD_GITHUB_CLIENTID=123
#CMD_GITHUB_CLIENTSECRET=456

View file

@ -1,2 +0,0 @@
/*
!/.gitignore

View file

@ -1,32 +0,0 @@
services:
hedgedoc:
image: 'lscr.io/linuxserver/hedgedoc:${IMAGE_TAG:-latest}'
container_name: 'hedgedoc'
env_file: '.env'
environment:
- 'PUID=${USER_ID:-1000}'
- 'PGID=${GROUP_ID:-1000}'
- 'TZ=${TIMEZONE:-Europe/Moscow}'
- 'DB_HOST=${DATABASE_HOST:-host.docker.internal}'
- 'DB_PORT=${DATABASE_PORT:-3306}'
- 'DB_USER=${DATABASE_USER:-hedgedoc}'
- 'DB_PASS=${DATABASE_PASS}'
- 'DB_NAME=${DATABASE_NAME:-hedgedoc}'
- 'CMD_DOMAIN=${DOMAIN}'
#- 'CMD_URL_ADDPORT=false' #optional
- 'CMD_PROTOCOL_USESSL=true' #optional
- 'CMD_PORT=${WEB_PORT:-8394}' #optional
- 'CMD_DB_DIALECT=${DATABASE_DIALECT:-mariadb}' #optional
- CMD_ALLOW_ORIGIN=['${DOMAIN}'] #optional
volumes:
- '${DIR_CONFIG:-./config}:/config'
extra_hosts:
- 'host.docker.internal:host-gateway'
ports:
- '${WEB_ADDRESS:-127.0.0.1}:${WEB_PORT:-8394}:${WEB_PORT:-8394}'
restart: unless-stopped
logging:
driver: 'json-file'
options:
max-size: '${LOG_MAX_SIZE:-5m}'
max-file: '${LOG_MAX_FILE:-5}'

View file

@ -1,44 +0,0 @@
upstream hedgedoc {
server 127.0.0.1:8394;
}
server {
listen 443 ssl http2;
server_name hedgedoc.domain.tld;
access_log /var/log/nginx/hedgedoc.domain.tld.access;
error_log /var/log/nginx/hedgedoc.domain.tld.error;
charset utf-8;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_pass http://hedgedoc;
}
location /socket.io/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_pass http://hedgedoc;
}
include config/gzip.conf;
# Wildcard certificate config
include ssl/domain.tld.conf;
}

View file

@ -1,8 +0,0 @@
# see https://www.home-assistant.io/installation/linux#install-home-assistant-container
#IMAGE_TAG=stable
HOST_CONFIG_DIR=./config
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

View file

@ -1,17 +0,0 @@
# Home Assistant
## Using with reverse proxy (like Nginx)
If you're using Home Assistant with reverse proxy, you need to enable it and add trusted proxy address. Otherwise you
will get 400 (Bad Request) each time you try to open HA's web interface.
To achieve that edit `configuration.yaml` after it was generated at first launch and add missing options.
```yaml
# config/configuration.yaml
http:
use_x_forwarded_for: true
trusted_proxies:
- '127.0.0.1'
- '::1'
```

View file

@ -1,2 +0,0 @@
/*
!/.gitignore

View file

@ -1,19 +0,0 @@
# https://www.home-assistant.io/installation/linux#install-home-assistant-container
version: '3.8'
services:
homeassistant:
container_name: homeassistant
image: 'ghcr.io/home-assistant/home-assistant:${IMAGE_TAG:-stable}'
volumes:
- '${HOST_CONFIG_DIR:-./config}:/config'
- '/etc/localtime:/etc/localtime:ro'
restart: unless-stopped
privileged: true
network_mode: host
env_file: .env
logging:
driver: 'json-file'
options:
max-size: '${LOG_MAX_SIZE:-5m}'
max-file: '${LOG_MAX_FILE:-5}'

View file

@ -1,24 +0,0 @@
server {
listen 80;
server_name ha.domain.tld;
#charset utf-8;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
#proxy_hide_header X-Powered-By; ## Hides nginx server version from bad guys.
proxy_set_header Range $http_range; ## Allows specific chunks of a file to be requested.
proxy_set_header If-Range $http_if_range; ## Allows specific chunks of a file to be requested.
#proxy_set_header X-Real-IP $http_CF_Connecting_IP; ## if you use cloudflare un-comment this line and comment out above line.
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_pass http://localhost:8123/;
}
}

View file

@ -1,38 +0,0 @@
# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables
BIND_ADDRESS=127.0.0.1
BIND_PORT=2283
# Available modes: shared, internal
# Shared allows to publish database ports on host which may be useful for a backup
# Internal mode leave the database inside the stack network
#DB_MODE=shared
#DB_EXTERNAL_ADDRESS=127.0.0.1
#DB_EXTERNAL_PORT=5430
# The location where your uploaded files are stored
UPLOAD_LOCATION=./library
MODEL_CACHE_LOCATION=./model-cache
# The location where your database files are stored
DB_DATA_LOCATION=./db
# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
# TZ=Etc/UTC
#HWACCEL_TRANSCODING=vaapi
#HWACCEL_ML=
# The Immich version to use. You can pin this to a specific version like "v1.71.0"
IMMICH_VERSION=release
# Connection secret for postgres. You should change it to a random password
# Please use only the characters `A-Za-z0-9`, without special characters or spaces
DB_PASSWORD=ChangeMe
# The values below this line do not need to be changed
###################################################################################
DB_USERNAME=immich
DB_DATABASE_NAME=immich
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

View file

@ -1,110 +0,0 @@
#
# WARNING: Make sure to use the docker-compose.yml of the current release:
#
# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
#
# The compose file on main may not be compatible with the latest release.
#
name: immich
services:
immich-server:
container_name: immich_server
image: 'ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}'
extends:
file: 'hwaccel.transcoding.yml'
service: '${HWACCEL_TRANSCODING:-cpu}' # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
volumes:
# Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
- '${UPLOAD_LOCATION:-./upload}:/usr/src/app/upload'
- '/etc/localtime:/etc/localtime:ro'
env_file:
- .env
ports:
- '${BIND_ADDRESS:-127.0.0.1}:${BIND_PORT:-2283}:2283'
depends_on:
- redis
- database
restart: unless-stopped
# healthcheck:
# disable: false
logging:
driver: 'json-file'
options:
max-size: '${LOG_MAX_SIZE:-5m}'
max-file: '${LOG_MAX_FILE:-5}'
immich-machine-learning:
container_name: immich_machine_learning
# For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag.
# Example tag: ${IMMICH_VERSION:-release}-cuda
image: 'ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}'
extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
file: 'hwaccel.ml.yml'
service: '${HWACCEL_ML:-cpu}' # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
volumes:
- '${MODEL_CACHE_LOCATION:-./model-cache}:/cache'
env_file:
- .env
restart: unless-stopped
# healthcheck:
# disable: false
logging:
driver: 'json-file'
options:
max-size: '${LOG_MAX_SIZE:-5m}'
max-file: '${LOG_MAX_FILE:-5}'
redis:
container_name: immich_redis
image: 'docker.io/redis:6.2-alpine@sha256:2ba50e1ac3a0ea17b736ce9db2b0a9f6f8b85d4c27d5f5accc6a416d8f42c6d5'
healthcheck:
test: redis-cli ping || exit 1
restart: unless-stopped
logging:
driver: 'json-file'
options:
max-size: '${LOG_MAX_SIZE:-5m}'
max-file: '${LOG_MAX_FILE:-5}'
database:
container_name: immich_postgres
image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
extends:
file: 'share_db.yaml'
service: '${DB_MODE:-internal}' # set to one of [shared, internal]
environment:
POSTGRES_PASSWORD: '${DB_PASSWORD}'
POSTGRES_USER: '${DB_USERNAME}'
POSTGRES_DB: '${DB_DATABASE_NAME}'
POSTGRES_INITDB_ARGS: '--data-checksums'
volumes:
- '${DB_DATA_LOCATION:-./db}:/var/lib/postgresql/data'
healthcheck:
test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
interval: 5m
#start_interval: 30s
start_period: 5m
command:
[
'postgres',
'-c',
'shared_preload_libraries=vectors.so',
'-c',
'search_path="$$user", public, vectors',
'-c',
'logging_collector=on',
'-c',
'max_wal_size=2GB',
'-c',
'shared_buffers=512MB',
'-c',
'wal_compression=on',
]
restart: unless-stopped
logging:
driver: 'json-file'
options:
max-size: '${LOG_MAX_SIZE:-5m}'
max-file: '${LOG_MAX_FILE:-5}'

View file

@ -1,43 +0,0 @@
# Configurations for hardware-accelerated machine learning
# If using Unraid or another platform that doesn't allow multiple Compose files,
# you can inline the config for a backend by copying its contents
# into the immich-machine-learning service in the docker-compose.yml file.
# See https://immich.app/docs/features/ml-hardware-acceleration for info on usage.
services:
armnn:
devices:
- /dev/mali0:/dev/mali0
volumes:
- /lib/firmware/mali_csffw.bin:/lib/firmware/mali_csffw.bin:ro # Mali firmware for your chipset (not always required depending on the driver)
- /usr/lib/libmali.so:/usr/lib/libmali.so:ro # Mali driver for your chipset (always required)
cpu: {}
cuda:
deploy:
resources:
reservations:
devices:
- driver: nvidia
count: 1
capabilities:
- gpu
openvino:
device_cgroup_rules:
- 'c 189:* rmw'
devices:
- /dev/dri:/dev/dri
volumes:
- /dev/bus/usb:/dev/bus/usb
openvino-wsl:
devices:
- /dev/dri:/dev/dri
- /dev/dxg:/dev/dxg
volumes:
- /dev/bus/usb:/dev/bus/usb
- /usr/lib/wsl:/usr/lib/wsl

View file

@ -1,54 +0,0 @@
# Configurations for hardware-accelerated transcoding
# If using Unraid or another platform that doesn't allow multiple Compose files,
# you can inline the config for a backend by copying its contents
# into the immich-microservices service in the docker-compose.yml file.
# See https://immich.app/docs/features/hardware-transcoding for more info on using hardware transcoding.
services:
cpu: {}
nvenc:
deploy:
resources:
reservations:
devices:
- driver: nvidia
count: 1
capabilities:
- gpu
- compute
- video
quicksync:
devices:
- /dev/dri:/dev/dri
rkmpp:
security_opt: # enables full access to /sys and /proc, still far better than privileged: true
- systempaths=unconfined
- apparmor=unconfined
group_add:
- video
devices:
- /dev/rga:/dev/rga
- /dev/dri:/dev/dri
- /dev/dma_heap:/dev/dma_heap
- /dev/mpp_service:/dev/mpp_service
#- /dev/mali0:/dev/mali0 # only required to enable OpenCL-accelerated HDR -> SDR tonemapping
volumes:
#- /etc/OpenCL:/etc/OpenCL:ro # only required to enable OpenCL-accelerated HDR -> SDR tonemapping
#- /usr/lib/aarch64-linux-gnu/libmali.so.1:/usr/lib/aarch64-linux-gnu/libmali.so.1:ro # only required to enable OpenCL-accelerated HDR -> SDR tonemapping
vaapi:
devices:
- /dev/dri:/dev/dri
vaapi-wsl: # use this for VAAPI if you're running Immich in WSL2
devices:
- /dev/dri:/dev/dri
volumes:
- /usr/lib/wsl:/usr/lib/wsl
environment:
- LIBVA_DRIVER_NAME=d3d12

View file

@ -1,2 +0,0 @@
/*
!/.gitignore

View file

@ -1,6 +0,0 @@
services:
internal: {}
shared:
ports:
- '${DB_EXTERNAL_ADDRESS:-127.0.0.1}:${DB_EXTERNAL_PORT:-5430}:5432'

View file

@ -1,2 +0,0 @@
/*
!/.gitignore

View file

@ -1,26 +0,0 @@
HOST_SMTP_ADDR=0.0.0.0
HOST_SMTP_PORT=2500
HOST_POP3_ADDR=0.0.0.0
HOST_POP3_PORT=1100
HOST_HTTP_ADDR=0.0.0.0
HOST_HTTP_PORT=8389
# https://github.com/inbucket/inbucket/blob/main/doc/config.md
INBUCKET_STORAGE_TYPE=memory
INBUCKET_STORAGE_RETENTIONPERIOD=24h
INBUCKET_STORAGE_MAILBOXMSGCAP=500
INBUCKET_WEB_MONITORVISIBLE=true
INBUCKET_WEB_MONITORHISTORY=30
INBUCKET_POP3_DOMAIN=inbucket
INBUCKET_SMTP_DOMAIN=inbucket
#INBUCKET_SMTP_ACCEPTDOMAINS=
#INBUCKET_SMTP_REJECTDOMAINS=
INBUCKET_SMTP_DEFAULTSTORE=true
#INBUCKET_SMTP_STOREDOMAINS=
#INBUCKET_SMTP_DISCARDDOMAINS=
# Use local or full addressing
INBUCKET_MAILBOXNAMING=local
# debug, info, warn, or error
INBUCKET_LOGLEVEL=warn

View file

@ -1,2 +0,0 @@
*
!.gitignore

View file

@ -1,15 +0,0 @@
version: '3.7'
services:
inbucket:
image: inbucket/inbucket:latest
container_name: inbucket
ports:
- "${HOST_HTTP_ADDR:-0.0.0.0}:${HOST_HTTP_PORT:-8389}:9000/tcp"
- "${HOST_SMTP_ADDR:-0.0.0.0}:${HOST_SMTP_PORT:-8389}:2500/tcp"
- "${HOST_POP3_ADDR:-0.0.0.0}:${HOST_POP3_PORT:-8389}:1100/tcp"
volumes:
# Not used by default, you need to configure storage parameters to store on disk.
- ./data:/data/
env_file: .env
restart: unless-stopped

16
jdownloader/.env.dist Normal file
View file

@ -0,0 +1,16 @@
# see # https://hub.docker.com/r/jaymoulin/jdownloader
HOST_USER=1000
HOST_GROUP=1000
CONFIG_PATH=./config/config
LOGS_PATH=./config/logs
DOWNLOADS_PATH=./data
MYJD_BIND_PORT=3129
MYJD_USER=xxx@yyy.tld
MYJD_PASSWORD=qwerty
MYJD_DEVICE_NAME=mydevice
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

2
jdownloader/config/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
/*
!/.gitignore

2
jdownloader/data/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
/*
!/.gitignore

View file

@ -0,0 +1,27 @@
# https://hub.docker.com/r/jaymoulin/jdownloader
version: '3.7'
services:
jdownloader:
image: jaymoulin/jdownloader
container_name: jdownloader
restart: unless-stopped
user: "${HOST_USER}:${HOST_GROUP}"
volumes:
- "${CONFIG_PATH:-./config/config}:/opt/JDownloader/app/cfg"
- "${DOWNLOADS_PATH:-./data}:/opt/JDownloader/Downloads"
- "${LOGS_PATH:-./config/logs}:/opt/JDownloader/app/logs" #optional
- /etc/localtime:/etc/localtime:ro #optional
env_file: ".env"
#environment:
#MYJD_USER: email@email.com #optional (see [Identify](https://github.com/jaymoulin/docker-jdownloader#identify))
#MYJD_PASSWORD: bar #optional (see [Identify](https://github.com/jaymoulin/docker-jdownloader#identify))
#MYJD_DEVICE_NAME: "${MYJD_DEVICE_NAME}" #optional
#XDG_DOWNLOAD_DIR: /opt/JDownloader/Downloads #optional
ports:
- "${MYJD_BIND_PORT:-3129}:3129"
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

11
joplin/.env.dist Normal file
View file

@ -0,0 +1,11 @@
DB_CLIENT=pg
POSTGRES_PASSWORD=joplin
POSTGRES_DATABASE=joplin
POSTGRES_USER=joplin
POSTGRES_PORT=5432
#POSTGRES_HOST=db
APP_BASE_URL=https://domain.tld
APP_PORT=22300
EXTERNAL_PORT=8030

2
joplin/data/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
/*
!/.gitignore

22
joplin/docker-compose.yml Normal file
View file

@ -0,0 +1,22 @@
version: "3.7"
services:
db:
image: postgres:13
volumes:
- ./data/postgres:/var/lib/postgresql/data
expose:
- "5432"
restart: unless-stopped
env_file: .env
app:
image: joplin/server:latest
depends_on:
- db
ports:
- "127.0.0.1:${EXTERNAL_PORT:-8030}:22300"
env_file: .env
environment:
- POSTGRES_HOST=${POSTGRES_HOST:-db}
restart: unless-stopped
user: '${HOST_USER:-0}'

17
joplin/nginx/joplin.conf Normal file
View file

@ -0,0 +1,17 @@
server {
listen 443 ssl http2;
server_name joplin.domain.tld;
access_log /var/log/nginx/joplin.domain.tld.access;
error_log /var/log/nginx/joplin.domain.tld.error;
charset utf-8;
location / {
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8030;
}
# Wildcard certificate config
#include ssl/joplin.domain.tld.conf;
}

View file

@ -1,35 +0,0 @@
# For up-to-date reference check: https://git.skobk.in/skobkin/magnetico-web/src/branch/master/.env
APP_SECRET=abcxyz
APP_DATABASE_URL=postgres://magnetico-web:password@host.docker.internal:5432/magnetico-web?application_name=magnetico_web
MAGNETICOD_DATABASE_URL=postgres://magneticod:password@host.docker.internal:5432/magneticod?application_name=magnetico_web
REDIS_DSN=redis://host.docker.internal:6379/0
# !!! USE 'REMOTE_ADDR' ONLY BEHIND REVERSE PROXY !!!
TRUSTED_PROXIES=127.0.0.1,REMOTE_ADDR
###> sentry/sentry-symfony ###
SENTRY_DSN=https://abcxyz@sentry.io/123456
###< sentry/sentry-symfony ###
###> symfony/mailer ###
MAILER_DSN=smtp://mail@domain.tld:password@smtp.domain.tld:587
MAILER_FROM=no-reply@domain.tld
###< symfony/mailer ###
###> excelwebzone/recaptcha-bundle ###
EWZ_RECAPTCHA_SITE_KEY=key
EWZ_RECAPTCHA_SECRET=secret
###< excelwebzone/recaptcha-bundle ###
# docker-compose
LOG_PATH=./logs
#HOST_USER=0
#HOST_USER=www-data
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

View file

@ -1,2 +0,0 @@
logs/*
!logs/.gitkeep

View file

@ -1,21 +0,0 @@
version: '3.7'
services:
magnetico-web:
image: skobkin/magnetico-web
container_name: magnetico-web
hostname: magnetico-web
extra_hosts:
- 'host.docker.internal:host-gateway'
ports:
- "127.0.0.1:${EXT_HTTP_PORT:-8080}:8080/tcp"
restart: unless-stopped
user: "${HOST_USER:-0}"
volumes:
- "${LOG_PATH:-./logs}:/app/var/log"
env_file: .env
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

View file

@ -0,0 +1,6 @@
# see https://cloud.docker.com/repository/docker/skobkin/magneticod-python
MAGNETICO_PORT=64879
# docker-compose substitution
HOST_DB_PATH=/root/.local/share/magneticod
HOST_USER=0

View file

@ -0,0 +1,17 @@
version: '3.7'
services:
magneticod:
image: skobkin/magneticod-python:latest
container_name: magneticod-python
# Using host mode to be able to simply apply firewall rules to disable connection tracking
# https://github.com/boramalper/magnetico/blob/master/cmd/magneticod/README.md#setup
network_mode: "host"
ports:
- "${MAGNETICO_PORT}:${MAGNETICO_PORT}/udp"
env_file: .env
volumes:
- "${HOST_DB_PATH}:/data"
user: "${HOST_USER}"
restart: unless-stopped
command: "--node-addr 0.0.0.0:${MAGNETICO_PORT} --database-file /data/database.sqlite3"

View file

@ -6,9 +6,7 @@ services:
container_name: magneticod container_name: magneticod
# Using host mode to be able to simply apply firewall rules to disable connection tracking # Using host mode to be able to simply apply firewall rules to disable connection tracking
# https://github.com/boramalper/magnetico/blob/master/cmd/magneticod/README.md#setup # https://github.com/boramalper/magnetico/blob/master/cmd/magneticod/README.md#setup
#network_mode: "host" network_mode: "host"
extra_hosts:
- 'host.docker.internal:host-gateway'
ports: ports:
- "${MAGNETICO_PORT}:${MAGNETICO_PORT}/udp" - "${MAGNETICO_PORT}:${MAGNETICO_PORT}/udp"
env_file: .env env_file: .env

2
mariadb-common/.env.dist Normal file
View file

@ -0,0 +1,2 @@
MYSQL_ROOT_PASSWORD=password
COMMON_DATABASE_NETWORK=database-net

View file

@ -0,0 +1,23 @@
version: '3.7'
services:
mariadb-common:
image: mariadb:10
container_name: mariadb-common
env_file: .env
networks:
- db-network
ports:
- "127.0.0.1:3306:3306/tcp"
volumes:
# Database files
- mariadb-data:/var/lib/mysql
restart: unless-stopped
volumes:
mariadb-data:
networks:
db-network:
name: "${COMMON_DATABASE_NETWORK:-database-network}"
external: true

View file

@ -1,12 +0,0 @@
# see https://mau.dev/mautrix/telegram/
IMAGE_VERSION=latest
HOST_USER=1337
HOST_GROUP=1337
# Do not modify unless you know what you're doing!
# It is used by 'synapse' stack.
#HOST_DATA_DIR=./data
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

View file

@ -1,16 +0,0 @@
# Telegram Bridge for Matrix
## Create internal network for Matrix services
You should've created this network while setting up [synapse](../synapse/README.md). But if you didn't, then do it
before trying to run this stack:
```shell
docker network create --internal matrix
```
## Bridge setup documentation
- https://docs.mau.fi/bridges/python/setup/docker.html?bridge=telegram
- https://docs.mau.fi/bridges/general/registering-appservices.html
- https://docs.mau.fi/bridges/python/telegram/relay-bot.html (optional)

View file

@ -1,2 +0,0 @@
/*
!/.gitignore

View file

@ -1,30 +0,0 @@
# https://mau.dev/mautrix/telegram/
version: '3.7'
services:
mautrix-telegram:
image: "dock.mau.dev/mautrix/telegram:${IMAGE_VERSION:-latest}"
container_name: mautrix-telegram
volumes:
# This volume is also used by 'synapse' stack.
# Do not change the path unless you know what you're doing.
- "${HOST_DATA_DIR:-./data}:/data"
env_file: .env
environment:
UID: "${HOST_USER:-1337}"
GID: "${HOST_GROUP:-1337}"
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- default
- matrix
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"
networks:
matrix:
external: true

View file

@ -1,16 +0,0 @@
# Image version for Mosquitto with Go auth plugin
IMAGE_VERSION=latest
# External address binding for Mosquitto ports
BIND_ADDR=127.0.0.1
BIND_PORT_MQTT=1883
BIND_PORT_WS=1884
# Paths for configuration and data persistence
CONFIG_DIR=./config
DATA_DIR=./data
LOG_DIR=./logs
# Logging options
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

View file

@ -1,27 +0,0 @@
# Usage
## Configuration
```shell
cp config/files/acls.dist config/files/acls
cp config/files/passwords.dist config/files/passwords
cp config/files/passwords.dist config/files/passwords
cp config/mosquitto.conf.dist config/mosquitto.conf
cp -r config/conf.d.dist config/conf.d
```
Edit configuration to suit your needs.
## Passwords
To generate password hashes, you can use `pw` tool located at the `/mosquitto/pw` inside the container.
```shell
docker compose exec mosquitto sh
/mosquitto/pw --help
/mosquitto/pw -p MyPasswordString
```
## ACL's
Refer to the [documentation](https://github.com/iegomez/mosquitto-go-auth?tab=readme-ov-file#acl-file).

View file

@ -1,3 +0,0 @@
mosquitto.conf
files/passwords
files/acls

View file

@ -1,19 +0,0 @@
# Path to the Go auth plugin shared object
auth_plugin /mosquitto/go-auth.so
# Configure the authentication backends (adjust as needed)
auth_opt_backends files
# Specify the paths for passwords and ACLs
# https://github.com/iegomez/mosquitto-go-auth?tab=readme-ov-file#files
# Hashes may be generated using the `/mosquitto/pw` utility
auth_opt_files_password_path /etc/mosquitto/files/passwords
auth_opt_files_acl_path /etc/mosquitto/files/acls
# Plugin-specific options (examples)
# https://github.com/iegomez/mosquitto-go-auth?tab=readme-ov-file#configuration
# auth_opt_postgres_host=db
# auth_opt_postgres_port=5432
# auth_opt_postgres_user=user
# auth_opt_postgres_password=password
# auth_opt_postgres_dbname=mqtt

View file

@ -1,12 +0,0 @@
user test1
topic write test/topic/1
topic read test/topic/2
user test2
topic read test/topic/+
user test3
topic read test/#
pattern read test/%u
pattern read test/%c

View file

@ -1,2 +0,0 @@
test1:PBKDF2$sha512$100000$2WQHK5rjNN+oOT+TZAsWAw==$TDf4Y6J+9BdnjucFQ0ZUWlTwzncTjOOeE00W4Qm8lfPQyPCZACCjgfdK353jdGFwJjAf6vPAYaba9+z4GWK7Gg==
test2:PBKDF2$sha512$100000$o513B9FfaKTL6xalU+UUwA==$mAUtjVg1aHkDpudOnLKUQs8ddGtKKyu+xi07tftd5umPKQKnJeXf1X7RpoL/Gj/ZRdpuBu5GWZ+NZ2rYyAsi1g==

View file

@ -1,18 +0,0 @@
# Mosquitto configuration
persistence true
persistence_location /data
#log_dest file /logs/mosquitto.log
# Default listener for unencrypted connections
listener 1883
allow_anonymous false
# Optional TLS listener
listener 1884
# Uncomment and configure the following for TLS
# cafile /etc/mosquitto/ca_certificates/ca.crt
# certfile /etc/mosquitto/certs/server.crt
# keyfile /etc/mosquitto/certs/server.key
# Include directory for additional configuration files
include_dir /etc/mosquitto/conf.d

View file

@ -1,2 +0,0 @@
/*
!/.gitignore

View file

@ -1,19 +0,0 @@
services:
mosquitto:
image: "iegomez/mosquitto-go-auth:${IMAGE_VERSION:-latest}"
container_name: mosquitto
hostname: mosquitto
volumes:
- "${CONFIG_DIR:-./config}:/etc/mosquitto"
- "${DATA_DIR:-./data}:/data"
- "${LOG_DIR:-./logs}:/logs"
ports:
- "${BIND_ADDR:-127.0.0.1}:${BIND_PORT_MQTT:-1883}:1883"
- "${BIND_ADDR:-127.0.0.1}:${BIND_PORT_WS:-1884}:1884"
env_file: .env
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

View file

@ -1,2 +0,0 @@
/*
!/.gitignore

View file

@ -1,7 +1,4 @@
# see https://cloud.docker.com/repository/docker/skobkin/murmur-official-static # see https://cloud.docker.com/repository/docker/skobkin/murmur-official-static
#IMAGE_TAG=latest
MURMUR_HOSTNAME=mumble.skobk.in MURMUR_HOSTNAME=mumble.skobk.in
LOG_MAX_SIZE=5m LOG_MAX_SIZE=5m

View file

@ -1,6 +1,8 @@
version: '3.7'
services: services:
murmur: murmur:
image: 'skobkin/murmur:${IMAGE_TAG:-latest}' image: registry.gitlab.com/skobkin/docker-murmur:latest
container_name: murmur container_name: murmur
ports: ports:
- "64738:64738/tcp" - "64738:64738/tcp"
@ -20,3 +22,4 @@ services:
options: options:
max-size: "${LOG_MAX_SIZE:-5m}" max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}" max-file: "${LOG_MAX_FILE:-5}"
# TODO: try to integrate with neilpang/acme.sh

16
nextcloud/.env.dist Normal file
View file

@ -0,0 +1,16 @@
PUID=1000
PGID=1000
TZ=Europe/Moscow
EXT_PORT=8443
# Volumes
# Database and configs
CONFIG_PATH=/path/to/config
# Location of user files
DATA_PATH=/path/to/data
# Logs
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

30
nextcloud/README.md Normal file
View file

@ -0,0 +1,30 @@
# Configuration
## Serve HTTP from the container
By default NextCloud internal Nginx config has redirects from internal 80 port
to 443 (HTTPS).
So if you want to reverse-proxy Nextcloud, you'll need to have a plain HTTP
connection to the Nextcloud.
Example of `/config/nginx/site-confs/default` changes:
```
#server {
# listen 80;
# listen [::]:80;
# server_name _;
# return 301 https://$host$request_uri;
#}
server {
#listen 443 ssl http2;
listen 80;
listen [::]:80;
#listen [::]:443 ssl http2;
server_name _;
#ssl_certificate /config/keys/cert.crt;
#ssl_certificate_key /config/keys/cert.key;
```
You'll have access to the Nextcloud Nginx config after first run of Nextcloud
container. Don't forget to configure `/config` bind mount.

View file

@ -0,0 +1,21 @@
version: '3.7'
services:
nextcloud:
# https://hub.docker.com/r/linuxserver/nextcloud
image: linuxserver/nextcloud
container_name: nextcloud
#network_mode: "host"
ports:
# You need to modify /config/nginx/site-confs/default first to allow 80 port
- "127.0.0.1:${EXT_PORT}:80/tcp"
env_file: .env
volumes:
- "${CONFIG_PATH}:/config"
- "${DATA_PATH}:/data"
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

View file

@ -0,0 +1,18 @@
server {
listen 443 ssl http2;
server_name nextcloud.server.tld;
#access_log /var/log/nginx/nextcloud.server.tld.access;
error_log /var/log/nginx/nextcloud.server.tld.error;
charset utf-8;
location / {
proxy_pass http://127.0.0.1:8443;
}
#include config/gzip.conf;
# Wildcard certificate config
#include ssl/server.tld.conf;
}

View file

@ -1,24 +0,0 @@
# see https://hub.docker.com/r/ollama/ollama
#OLLAMA_IMAGE_TAG=rocm
#OLLAMA_IMAGE_TAG=0.1.28-rocm
OLLAMA_IMAGE_TAG=latest
UI_IMAGE_TAG=main
# Ollama
HOST_OLLAMA_DATA_DIR=./data/ollama
HTTP_OLLAMA_BIND_ADDR=127.0.0.1
HTTP_OLLAMA_BIND_PORT=11434
DEV_KFD=/dev/kfd
DEV_DRI=/dev/dri
# The duration that models stay loaded in memory (default is "5m"
#OLLAMA_KEEP_ALIVE=5m
# Open WebUI
HOST_UI_DATA_DIR=./data/open-webui
HTTP_UI_BIND_ADDR=127.0.0.1
HTTP_UI_BIND_PORT=8010
UI_SECRET_KEY=changeme
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

View file

@ -1,2 +0,0 @@
/*
!/.gitignore

View file

@ -1,2 +0,0 @@
/*
!/.gitignore

View file

@ -1,38 +0,0 @@
version: '3.9'
services:
webui:
image: "ghcr.io/open-webui/open-webui:${UI_IMAGE_TAG:-main}"
container_name: ollama-open-webui
volumes:
- "${HOST_UI_DATA_DIR:-./data/open-webui}:/app/backend/data"
depends_on:
- ollama
ports:
- "${HTTP_UI_BIND_ADDR:-127.0.0.1}:${HTTP_UI_BIND_PORT-3000}:8080"
environment:
- "OLLAMA_API_BASE_URL=http://ollama:11434/api"
- "OLLAMA_BASE_URL=http://ollama:11434"
- 'WEBUI_SECRET_KEY=${UI_SECRET_KEY:-changeme}'
#extra_hosts:
# - host.docker.internal:host-gateway
restart: unless-stopped
ollama:
image: "ollama/ollama:${OLLAMA_IMAGE_TAG:-latest}"
container_name: ollama
#user: "${HOST_USER:-1000}"
volumes:
- "${HOST_OLLAMA_DATA_DIR:-./data}:/root/.ollama"
ports:
- "${HTTP_OLLAMA_BIND_ADDR:-127.0.0.1}:${HTTP_OLLAMA_BIND_PORT:-11434}:11434/tcp"
devices:
- "${DEV_DRI:-/dev/dri}:${DEV_DRI:-/dev/dri}"
- "${DEV_KFD:-/dev/kfd}:${DEV_KFD:-/dev/kfd}"
env_file: .env
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

View file

@ -1,22 +0,0 @@
server {
listen 80;
server_name ai.domain.tld;
#charset utf-8;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
proxy_pass http://127.0.0.1:8010/;
}
}

View file

@ -0,0 +1,2 @@
POSTGRES_PASSWORD=password
COMMON_DATABASE_NETWORK=database-net

View file

@ -0,0 +1,23 @@
version: '3.7'
services:
postgres-common:
image: postgres:12-alpine
container_name: postgres-common
env_file: .env
networks:
- db-network
ports:
- "127.0.0.1:5432:5432/tcp"
volumes:
# Database files
- postgres-data:/var/lib/postgresql/data
restart: unless-stopped
volumes:
postgres-data:
networks:
db-network:
name: "${COMMON_DATABASE_NETWORK:-database-network}"
external: true

View file

@ -1,11 +1,7 @@
# https://hub.docker.com/_/redis # https://hub.docker.com/_/redis
# Uncomment to use directory binding instead of docker volume (almost always not needed) # Uncomment to use directory binding instead of docker volume (almost always not needed)
HOST_DATA_DIR=./data #DATA_PATH=/some/path
# https://redis.io/docs/management/persistence/#snapshotting
PERSISTENCE_PERIOD_SEC=60
PERSISTENCE_MIN_OPS=1
LOG_LEVEL=warning
LOG_MAX_SIZE=5m LOG_MAX_SIZE=5m
LOG_MAX_FILE=5 LOG_MAX_FILE=5

View file

@ -1,2 +0,0 @@
/*
!/.gitignore

View file

@ -1,13 +1,10 @@
version: '3.8' version: '3.7'
services: services:
redis: redis:
# https://hub.docker.com/_/redis # https://hub.docker.com/_/redis
image: redis:alpine image: redis:alpine
container_name: redis container_name: redis
command: "redis-server --save ${PERSISTENCE_PERIOD_SEC:-60} ${PERSISTENCE_MIN_OPS:-1} --loglevel ${LOG_LEVEL:-warning}"
volumes:
- "${HOST_DATA_DIR:-./data}:/data"
ports: ports:
- "127.0.0.1:6379:6379/tcp" - "127.0.0.1:6379:6379/tcp"
env_file: .env env_file: .env
@ -17,3 +14,7 @@ services:
options: options:
max-size: "${LOG_MAX_SIZE:-5m}" max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}" max-file: "${LOG_MAX_FILE:-5}"
#volumes:
# redis_data:
# name: redis_data

View file

@ -1,4 +0,0 @@
LOCAL_PORT=1050
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

View file

@ -1,3 +0,0 @@
*
!.gitignore
!config.json.dist

View file

@ -1,26 +0,0 @@
{
"servers": [
{
"address": "127.0.0.1",
"port": 8388,
"password": "hello-world",
"method": "aes-256-gcm",
"timeout": 7200
},
{
"address": "127.0.0.1",
"port": 8389,
"password": "hello-kitty",
"method": "chacha20-ietf-poly1305"
},
{
"disabled": true,
"address": "eg.disable.me",
"port": 8390,
"password": "hello-internet",
"method": "chacha20-ietf-poly1305"
}
],
"local_port": 1050,
"local_address": "0.0.0.0"
}

View file

@ -1,18 +0,0 @@
version: '3.7'
services:
sslocal:
# https://github.com/shadowsocks/shadowsocks-rust
image: ghcr.io/shadowsocks/sslocal-rust:latest
container_name: sslocal
ports:
- "${LOCAL_PORT:-1050}:1050/tcp"
volumes:
- "./config/config.json:/etc/shadowsocks-rust/config.json:ro"
env_file: .env
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

View file

@ -1,16 +0,0 @@
# see https://hub.docker.com/r/antoniomika/sish
IMAGE_VERSION=latest
HTTP_BIND_ADDR=127.0.0.1
HTTP_BIND_PORT=8395
SSH_BIND_ADDR=0.0.0.0
SSH_BIND_PORT=2222
PUBKEYS_PATH=./pubkeys
BASE_DOMAIN=si.sh
# Service settings
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

Some files were not shown because too many files have changed in this diff Show more