skobkin
/
docker-stacks
1
1
Fork 0
Code Issues 45 Pull Requests 1 Releases Activity

Compare commits

base: skobkin:master
Branches Tags
skobkin:master
skobkin:feature_remark42
..
compare: skobkin:feature_remark42
Branches Tags
skobkin:master
skobkin:feature_remark42

4 Commits
master ... feature_re

Author SHA1 Message Date
Alexey Skobkin 461fa16d50 remark42. port binding fixed.
continuous-integration/drone/push Build is passing Details
continuous-integration/drone/pr Build is failing Details
2022-04-10 19:09:15 +03:00
Alexey Skobkin 8c1a95bdb1 remark42. Telegram configuration fix.
continuous-integration/drone/push Build is passing Details
2022-04-10 18:34:17 +03:00
Alexey Skobkin 69307ca7ac remark42. fix IMAGE env var.
continuous-integration/drone/push Build is passing Details
2022-04-10 17:58:35 +03:00
Alexey Skobkin f8a786c720
remark42. draft.
continuous-integration/drone/push Build is passing Details
2022-04-10 16:30:17 +03:00
84 changed files with 625 additions and 1130 deletions
Show Stats Expand all files Collapse all files

9
.drone.yml
View File

@ -1,15 +1,10 @@
kind: pipeline
type: docker
name: validate-pr
name: default
steps:
- name: validate
image: 'docker/compose:alpine-1.29.2'
image: 'docker/compose:1.29.2'
commands:
- for DIR in */ ; do if [[ $(expr match "$DIR" "_.*") != 0 ]] ; then echo "SKIPPING $DIR" && continue; fi && test -f $DIR/.env.dist && cp $DIR/.env.dist $DIR/.env ; done
- for DIR in */ ; do if [[ $(expr match "$DIR" "_.*") != 0 ]] ; then echo "SKIPPING $DIR" && continue; fi && echo $DIR && cd $DIR && docker-compose config && cd .. ; done
trigger:
event:
include:
- pull_request

88
README.md
View File

@ -32,49 +32,45 @@ You need to change your database configuration to be able to do that. Check
Not every stack is tested to fully work.
| App Name | Status | Image | Description | Links |
|-------------------------|-------------|----------------------------------------------|-------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| ARK Server | ✅ | `thmhoag/arkserver` | ARK: Survival Evolved game server with ArkManager. | [Website](http://playark.com), [Steam](https://store.steampowered.com/app/346110/ARK_Survival_Evolved/), [Image Github](https://github.com/thmhoag/arkserver), [ArkManager](https://github.com/arkmanager/ark-server-tools) |
| Drone | ✅ | `drone/drone` | Continuous integration platform. | [Website](https://www.drone.io), [Github](https://github.com/harness/drone), [Image](https://hub.docker.com/r/drone/drone) |
| Drone Docker Runner | ✅ | `drone/drone-runner-docker` | CI runner daemon for Docker. | [Website](https://www.drone.io), [Github](https://github.com/drone-runners/drone-runner-docker), [Image](https://hub.docker.com/r/drone/drone-runner-docker) |
| Duplicati | ✅ | `linuxserver/duplicati` | Backup solution with many storage backends. | [Website](https://www.duplicati.com), [Github](https://github.com/duplicati/duplicati) |
| Element-web | ✅ | `vectorim/element-web` | Web Matrix client. | [Website](https://element.io), [Github](https://github.com/vector-im/element-web/) |
| emby | ✅ | `emby/embyserver` | Media server with online transcoding support. | [Website](https://emby.media) |
| Firefly III | Not tested | `fireflyiii/core` | Bookkeeping software. | [Website](https://docs.firefly-iii.org), [Github](https://github.com/firefly-iii/firefly-iii) |
| Folding@Home | ✅ | `johnktims/folding-at-home` | Protein folding distributed computing platform. | [Website](https://foldingathome.org), [My guide](https://skobk.in/2020/06/folding-at-home-quick-start/) |
| Forgejo | ✅ | `codeberg.org/forgejo/forgejo` | Lightweight Git hosting platform. | [Website](https://forgejo.org), [Github](https://codeberg.org/forgejo/forgejo) |
| Gatus | ✅ | `twinproduction/gatus` | Advanced service(s) status page. | [Website](https://gatus.io), [Github](https://github.com/TwiN/gatus) |
| Home Assistant | ✅ | `ghcr.io/home-assistant/home-assistant` | Home automation suite. | [Website](https://www.home-assistant.io/), [Github](https://github.com/home-assistant) |
| Homer | ✅ | `b4bz/homer` | Server homepage generator. | [Github](https://github.com/bastienwirtz/homer), [Demo](https://homer-demo.netlify.app), [Configuration](https://github.com/bastienwirtz/homer/blob/main/docs/configuration.md) |
| I2PD | ✅ | `purplei2p/i2pd` | The Invisible Internet router. | [Website](https://i2pd.website), [Github](https://github.com/PurpleI2P/i2pd/), [I2P project](https://geti2p.net/) |
| InBucket | ✅ | `inbucket/inbucket` | Testing SMTP/POP3 mail server with web interface. | [Website](https://www.inbucket.org), [Github](https://github.com/inbucket/inbucket) |
| Killing Floor 2 server | ✅ Abandoned | `jeeaaasustest/killingfloor2-srv` | Killing Floor 2 game server. | |
| Lidarr | Not tested | `linuxserver/lidarr` | Music downloader and manager. | [Website](https://lidarr.audio), [Github](https://github.com/Lidarr/Lidarr), [Wiki](https://wiki.servarr.com/lidarr) |
| magnetico-web | ✅ | `skobkin/magnetico-web` | DHT indexer private web search front-end. | [Git](https://git.skobk.in/skobkin/magnetico-web), [Git mirror](https://gitlab.com/skobkin/magnetico-web) |
| magnetico-web-telegram | ✅ | `skobkin/magnetico-web-telegram-bot` | Magnetico Web Telegram bot. | [Bitbucket](https://bitbucket.org/skobkin/magnetico-web-telegram-bot/) |
| magneticod | ✅ | `boramalper/magneticod` | DHT indexing daemon. | [Website](https://www.boramalper.org/labs/magnetico/), [Github](https://github.com/boramalper/magnetico) |
| Matrix Telegram Bridge | ✅ | `dock.mau.dev/mautrix/telegram` | Telegram bridge for Matrix server | [Gitlab](https://mau.dev/mautrix/telegram/) |
| Metube | ✅ | `alexta69/metube` | Web GUI for yt-dlp. | [Github](https://github.com/alexta69/metube) |
| Murmur (Mumble server) | ✅ | `registry.gitlab.com/skobkin/docker-murmur` | Mumble VoIP server (custom build) | [Website](https://www.mumble.info), [Github](https://github.com/mumble-voip/mumble) |
| Ollama | ✅ | `ollama/ollama` | Toolkit for easily running LLM's locally. | [Website](https://ollama.com), [Github](https://github.com/ollama/ollama) |
| Open Streaming Platform | ✅ | `deamos/openstreamingplatform` | Live streaming platform. | [Website](https://openstreamingplatform.com), [Gitlab](https://gitlab.com/osp-group/flask-nginx-rtmp-manager) |
| OpenVPN | ✅ | `kylemanna/openvpn` | OpenVPN server with some management toolkit. | [Website](https://openvpn.net), [Image Github](https://www.github.com/kylemanna/docker-openvpn) |
| Owncast | ✅ | `gabekangas/owncast` | Live streaming platform with federation support. | [Website](https://owncast.online), [Github](https://github.com/owncast/owncast) |
| Portainer | ✅ | `portainer/portainer` | Docker Container management web UI. | [Website](https://www.portainer.io), [Github](https://github.com/portainer/portainer) |
| Proxy MTProto | ✅ | `mtproxy/mtproxy` | MTProto Telegram proxy. | [Website](https://telegram.org), [Github](https://github.com/TelegramMessenger/MTProxy) |
| Proxy Socks5 | ✅ | `serjs/go-socks5-proxy` | Simple SOCKS5 proxy. | [Github](https://github.com/serjs/socks5-server) |
| qBittorrent | ✅ | `linuxserver/qbittorrent` | qBittorrent (noX) | [Website](https://www.qbittorrent.org), [LinuxServer Fleet](https://fleet.linuxserver.io/image?name=linuxserver/qbittorrent) |
| Radarr | ✅ | `linuxserver/radarr` | Movie downloader and manager. | [Website](https://radarr.video), [Github](https://github.com/Radarr/Radarr), [Wiki](https://wiki.servarr.com/radarr) |
| Redis | ✅ | `redis` | Redis storage server. | [Website](https://redis.io), [Github](https://github.com/redis/redis-io) |
| Shadowsocks Client | ✅ | `ghcr.io/shadowsocks/sslocal-rust:latest` | Shadowsocks client (and SOCKS/HTTP/tunnel server). | [Website](https://shadowsocks.org), [Github](https://github.com/shadowsocks/shadowsocks-rust), [Configuration](https://github.com/shadowsocks/shadowsocks-rust#getting-started) |
| Shinobi | ✅ | `shinobisystems/shinobi` | Shinobi surveillance system | [Website](https://shinobi.video), [Github](https://github.com/ShinobiCCTV/Shinobi) |
| Sonarr | ✅ | `linuxserver/sonarr` | TV Shows, series and anime downloader and manager. | [Website](https://sonarr.tv), [Github](https://github.com/Sonarr/Sonarr), [Wiki](https://wiki.servarr.com/sonarr) |
| Speedtest | ✅ | `adolfintel/speedtest` | Libre speed test implementation. | [Website](https://librespeed.org), [Github](https://github.com/librespeed/speedtest) |
| Synapse | ✅ | `matrixdotorg/synapse` | Matrix reference server written in Python. | [Website](https://matrix.org/docs/projects/server/synapse), [Github](https://github.com/matrix-org/synapse), [Installation and configuration](https://matrix-org.github.io/synapse/latest/setup/installation.html) |
| Syncthing | ✅ | `linuxserver/syncthing` | P2P file synchronization daemon. | [Website](https://syncthing.net), [Github](https://github.com/syncthing/syncthing) |
| Telegram LLM Bot | ✅ | `skobkin/telegram-llm-bot` | Simple Telegram bot to interact with LLM running in Ollama | [Forgejo repository](https://git.skobk.in/skobkin/telegram-ollama-reply-bot) |
| Telegram RSS Bot | ✅ | `miroslavsckaya/tg-rss-bot` | Telegram RSS Bot by @Miroslavsckaya. | [Gitea](https://git.skobk.in/Miroslavsckaya/tg_rss_bot/), [Github Mirror](https://github.com/Miroslavsckaya/tg_rss_bot) |
| Tor OBFS4 Bridge | ✅ | `thetorproject/obfs4-bridge` | Tor OBFS4 Bridge for Tor blocking bypass. | [Website](https://community.torproject.org/relay/setup/bridge/), [Gitlab](https://gitlab.torproject.org/tpo/anti-censorship/docker-obfs4-bridge), [Manual](https://community.torproject.org/relay/setup/bridge/docker/) |
| Tor Privoxy | ✅ | `registry.gitlab.com/skobkin/torproxy-obfs4` | Tor image with integrated privoxy and OBFS4 bridge support. | [Original image Github](https://github.com/dperson/torproxy), [OBFS4 support image Gitlab](https://gitlab.com/skobkin/torproxy-obfs4) |
| Watchtower | ✅ | `containrrr/watchtower` | Docker container auto-update daemon. | [Website](https://containrrr.dev/watchtower/), [Github](https://github.com/containrrr/watchtower) |
| Webhook.site | | `webhooksite/webhook.site` | HTTP callback testing tool | [Website](https://webhook.site), [Github](https://github.com/webhooksite/webhook.site) |
| App Name | Status | Image | Description | Links |
|-------------------------|---------------|----------------------------------------------|----------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| ARK Server | ✅ | `thmhoag/arkserver` | ARK: Survival Evolved game server with ArkManager. | [Website](http://playark.com), [Steam](https://store.steampowered.com/app/346110/ARK_Survival_Evolved/), [Image Github](https://github.com/thmhoag/arkserver), [ArkManager](https://github.com/arkmanager/ark-server-tools) |
| Drone | ✅ | `drone/drone` | Continuous integration platform. | [Website](https://www.drone.io), [Github](https://github.com/harness/drone), [Image](https://hub.docker.com/r/drone/drone) |
| Drone Docker Runner | ✅ | `drone/drone-runner-docker` | CI runner daemon for Docker. | [Website](https://www.drone.io), [Github](https://github.com/drone-runners/drone-runner-docker), [Image](https://hub.docker.com/r/drone/drone-runner-docker) |
| Duplicati | ✅ | `linuxserver/duplicati` | Backup solution with many storage backends. | [Website](https://www.duplicati.com), [Github](https://github.com/duplicati/duplicati) |
| Element-web | ✅ | `vectorim/element-web` | Web Matrix client. | [Website](https://element.io), [Github](https://github.com/vector-im/element-web/) |
| emby | ✅ | `emby/embyserver` | Media server with online transcoding support. | [Website](https://emby.media) |
| Folding@Home | ✅ | `johnktims/folding-at-home` | Protein folding distributed computing platform. | [Website](https://foldingathome.org), [My guide](https://skobk.in/2020/06/folding-at-home-quick-start/) |
| Gatus | ✅ | `twinproduction/gatus` | Advanced service(s) status page. | [Website](https://gatus.io), [Github](https://github.com/TwiN/gatus) |
| Gitea | ✅ | `gitea/gitea` | Lightweight Git hosting platfom. | [Website](https://gitea.io/), [Github](https://github.com/go-gitea/gitea) |
| Homer | ✅ | `b4bz/homer` | Server homepage generator. | [Github](https://github.com/bastienwirtz/homer), [Demo](https://homer-demo.netlify.app), [Configuration](https://github.com/bastienwirtz/homer/blob/main/docs/configuration.md) |
| I2PD | ✅ | `purplei2p/i2pd` | The Invisible Internet router. | [Website](https://i2pd.website), [Github](https://github.com/PurpleI2P/i2pd/), [I2P project](https://geti2p.net/) |
| ~~JDownloader~~ | ✅ Abandoned | `jaymoulin/jdownloader` | Download manager with paid/ad file hosting support. | [Website](https://jdownloader.org) |
| ~~Joplin~~ | ✅ Abandoned | `joplin/server` | Markdown GTD / notes manager synchronization server. | [Website](https://joplinapp.org), [Github](https://github.com/laurent22/joplin) |
| Lidarr | Not tested | `linuxserver/lidarr` | Music downloader and manager. | [Website](https://lidarr.audio), [Github](https://github.com/Lidarr/Lidarr), [Wiki](https://wiki.servarr.com/lidarr) |
| magnetico-web-telegram | ✅ | `skobkin/magnetico-web-telegram-bot` | Magnetico Web Telegram bot. | [Bitbucket](https://bitbucket.org/skobkin/magnetico-web-telegram-bot/) |
| magneticod | ✅ | `boramalper/magneticod` | DHT indexing daemon. | [Website](https://www.boramalper.org/labs/magnetico/), [Github](https://github.com/boramalper/magnetico) |
| ~~magneticod-python~~ | ✅ Abandoned | `skobkin/magneticod-python` | DHT indexing daemon (legacy version) | [Website](https://www.boramalper.org/labs/magnetico/), [Github](https://github.com/boramalper/magnetico) |
| ~~mariadb-common~~ | ❌ Unfinished | `mariadb` | MariaDB database for common use. | [Website](https://mariadb.org) |
| Metube | ✅ | `alexta69/metube` | Web GUI for yt-dlp. | [Github](https://github.com/alexta69/metube) |
| Murmur | ✅ | `registry.gitlab.com/skobkin/docker-murmur` | Mumble VoIP server (custom build) | [Website](https://www.mumble.info), [Github](https://github.com/mumble-voip/mumble) |
| NextCloud | ❌ Unfinished | `nextcloud` | File management, synchronization, management and GTD platform. | [Website](https://nextcloud.com), [Github](https://github.com/nextcloud/server) |
| Open Streaming Platform | ✅ | `deamos/openstreamingplatform` | Live streaming platform. | [Website](https://openstreamingplatform.com), [Gitlab](https://gitlab.com/osp-group/flask-nginx-rtmp-manager) |
| OpenVPN | ✅ | `kylemanna/openvpn` | OpenVPN server with some management toolkit. | [Website](https://openvpn.net), [Image Github](https://www.github.com/kylemanna/docker-openvpn) |
| Owncast | ✅ | `gabekangas/owncast` | Live streaming platform with federation support. | [Website](https://owncast.online), [Github](https://github.com/owncast/owncast) |
| Portainer | ✅ | `portainer/portainer` | Docker Container management web UI. | [Website](https://www.portainer.io), [Github](https://github.com/portainer/portainer) |
| ~~Postgres Common~~ | ❌ Unfinished | `postgres` | PostgreSQL database for common use. | [Website](https://www.postgresql.org) |
| Proxy MTProto | ✅ | `mtproxy/mtproxy` | MTProto Telegram proxy. | [Website](https://telegram.org), [Github](https://github.com/TelegramMessenger/MTProxy) |
| Proxy Socks5 | ✅ | `serjs/go-socks5-proxy` | Simple SOCKS5 proxy. | [Github](https://github.com/serjs/socks5-server) |
| Radarr | ✅ | `linuxserver/radarr` | Movie downloader and manager. | [Website](https://radarr.video), [Github](https://github.com/Radarr/Radarr), [Wiki](https://wiki.servarr.com/radarr) |
| Redis | ✅ | `redis` | Redis storage server. | [Website](https://redis.io), [Github](https://github.com/redis/redis-io) |
| Remark42 | ❌ Unfinished | `umputun/remark42` | Privacy-oriented comment system. | [Website](https://remark42.com/), [Github](https://github.com/umputun/remark42), [Docs](https://remark42.com/docs/getting-started/installation/) |
| Sonarr | ✅ | `linuxserver/sonarr` | TV Shows, series and anime downloader and manager. | [Website](https://sonarr.tv), [Github](https://github.com/Sonarr/Sonarr), [Wiki](https://wiki.servarr.com/sonarr) |
| Speedtest | ✅ | `adolfintel/speedtest` | Libre speed test implementation. | [Website](https://librespeed.org), [Github](https://github.com/librespeed/speedtest) |
| Synapse | ✅ | `matrixdotorg/synapse` | Matrix reference server written in Python. | [Website](https://matrix.org/docs/projects/server/synapse), [Github](https://github.com/matrix-org/synapse), [Installation and configuration](https://matrix-org.github.io/synapse/latest/setup/installation.html) |
| Syncthing | ✅ | `linuxserver/syncthing` | P2P file synchronization daemon. | [Website](https://syncthing.net), [Github](https://github.com/syncthing/syncthing) |
| Tor OBFS4 Bridge | ✅ | `thetorproject/obfs4-bridge` | Tor OBFS4 Bridge for Tor blocking bypass. | [Website](https://community.torproject.org/relay/setup/bridge/), [Gitlab](https://gitlab.torproject.org/tpo/anti-censorship/docker-obfs4-bridge), [Manual](https://community.torproject.org/relay/setup/bridge/docker/) |
| Tor Privoxy | ✅ | `registry.gitlab.com/skobkin/torproxy-obfs4` | Tor image with integrated privoxy and OBFS4 bridge support. | [Original image Github](https://github.com/dperson/torproxy), [OBFS4 support image Gitlab](https://gitlab.com/skobkin/torproxy-obfs4) |
| Watchtower | ✅ | `containrrr/watchtower` | Docker container auto-update daemon. | [Website](https://containrrr.dev/watchtower/), [Github](https://github.com/containrrr/watchtower) |
| Wireguard | ❌ Unfinished | `cmulk/wireguard-docker` | WireGuard VPN. | [Website](https://www.wireguard.com), [Image Github](https://github.com/cmulk/wireguard-docker) |
| ~~Wordpress~~ | ❌ Unfinished | `wordpress` | Wordpress blogging platform. | [Webiste](https://wordpress.org), [SVN](https://build.trac.wordpress.org/browser) |

5
emby/.env.dist
View File

@ -11,9 +11,6 @@ HOST_MULTIMEDIA_DIR=/mnt/multimedia
# Leave as it is unless you really need something else
INT_MULTIMEDIA_DIR=/libraries
# Uncomment this for AMD GPU video acceleration
#VIDEO_ACCEL_DEVICE=/dev/dri/renderD128
WEBUI_BIND_ADDR=0.0.0.0
WEBUI_BIND_PORT=8096
WEBUI_INT_BIND_PORT=8096
@ -21,4 +18,4 @@ WEBUI_INT_BIND_PORT=8096
#WEBUI_INT_HTTPS_BIND_PORT=8920
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5
LOG_MAX_FILE=5

4
emby/docker-compose.yml
View File

@ -1,5 +1,5 @@
# https://hub.docker.com/r/emby/embyserver
version: '3.8'
version: '3.7'
services:
emby:
@ -8,8 +8,6 @@ services:
volumes:
- "${HOST_CONFIG_DIR:-./config}:/config"
- "${HOST_MULTIMEDIA_DIR}:${INT_MULTIMEDIA_DIR:-/libraries}"
devices:
- "${VIDEO_ACCEL_DEVICE:-/dev/null}:${VIDEO_ACCEL_DEVICE:-/dev/null}"
ports:
- "${WEBUI_BIND_ADDR:-127.0.0.1}:${WEBUI_BIND_PORT:-8096}:${WEBUI_INT_BIND_PORT:-8096}/tcp"
# Use reverse-proxy instead

315
firefly-iii/.env.dist
View File

@ -1,315 +0,0 @@
# see https://docs.firefly-iii.org/how-to/firefly-iii/installation/docker/
# see https://hub.docker.com/r/fireflyiii/core
IMAGE_TAG=latest
WEB_BIND_ADDR=127.0.0.1
WEB_BIND_PORT=8392
UPLOAD_DIR=./upload
DB_DIR=./db
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5
# Firefly
#
# Please make sure this URL matches the external URL of your Firefly III installation.
# It is used to validate specific requests and to generate URLs in emails.
#
APP_URL=http://localhost
# You can leave this on "local". If you change it to production most console commands will ask for extra confirmation.
# Never set it to "testing".
APP_ENV=production
# Set to true if you want to see debug information in error screens.
APP_DEBUG=false
# This should be your email address.
# If you use Docker or similar, you can set this variable from a file by using SITE_OWNER_FILE
# The variable is used in some errors shown to users who aren't admin.
SITE_OWNER=mail@example.com
# The encryption key for your sessions. Keep this very secure.
# Change it to a string of exactly 32 chars or use something like `php artisan key:generate` to generate it.
# If you use Docker or similar, you can set this variable from a file by using APP_KEY_FILE
#
# Avoid the "#" character in your APP_KEY, it may break things.
#
APP_KEY=SomeRandomStringOf32CharsExactly
# Firefly III will launch using this language (for new users and unauthenticated visitors)
# For a list of available languages: https://github.com/firefly-iii/firefly-iii/tree/main/resources/lang
#
# If text is still in English, remember that not everything may have been translated.
DEFAULT_LANGUAGE=en_US
# The locale defines how numbers are formatted.
# by default this value is the same as whatever the language is.
DEFAULT_LOCALE=equal
# Change this value to your preferred time zone.
# Example: Europe/Amsterdam
# For a list of supported time zones, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
TZ=Europe/Moscow
# TRUSTED_PROXIES is a useful variable when using Docker and/or a reverse proxy.
# Set it to ** and reverse proxies work just fine.
TRUSTED_PROXIES=**
# The log channel defines where your log entries go to.
# Several other options exist. You can use 'single' for one big fat error log (not recommended).
# Also available are 'syslog', 'errorlog' and 'stdout' which will log to the system itself.
# A rotating log option is 'daily', creates 5 files that (surprise) rotate.
# A cool option is 'papertrail' for cloud logging
# Default setting 'stack' will log to 'daily' and to 'stdout' at the same time.
LOG_CHANNEL=stack
# Log level. You can set this from least severe to most severe:
# debug, info, notice, warning, error, critical, alert, emergency
# If you set it to debug your logs will grow large, and fast. If you set it to emergency probably
# nothing will get logged, ever.
APP_LOG_LEVEL=notice
# Audit log level.
# The audit log is used to log notable Firefly III events on a separate channel.
# These log entries may contain sensitive financial information.
# The audit log is disabled by default.
#
# To enable it, set AUDIT_LOG_LEVEL to "info"
# To disable it, set AUDIT_LOG_LEVEL to "emergency"
AUDIT_LOG_LEVEL=emergency
#
# If you want, you can redirect the audit logs to another channel.
# Set 'audit_stdout', 'audit_syslog', 'audit_errorlog' to log to the system itself.
# Use audit_daily to log to a rotating file.
# Use audit_papertrail to log to papertrail.
#
# If you do this, the audit logs may be mixed with normal logs because the settings for these channels
# are often the same as the settings for the normal logs.
AUDIT_LOG_CHANNEL=
#
# Used when logging to papertrail:
# Also used when audit logs log to papertrail:
#
PAPERTRAIL_HOST=
PAPERTRAIL_PORT=
# Database credentials. Make sure the database exists. I recommend a dedicated user for Firefly III
# For other database types, please see the FAQ: https://docs.firefly-iii.org/references/faq/install/#i-want-to-use-sqlite
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
# Use "pgsql" for PostgreSQL
# Use "mysql" for MySQL and MariaDB.
# Use "sqlite" for SQLite.
DB_CONNECTION=mysql
DB_HOST=db
DB_PORT=3306
DB_DATABASE=firefly
DB_USERNAME=firefly
DB_PASSWORD=secret_firefly_password
# leave empty or omit when not using a socket connection
DB_SOCKET=
# MySQL supports SSL. You can configure it here.
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
MYSQL_USE_SSL=false
MYSQL_SSL_VERIFY_SERVER_CERT=true
# You need to set at least of these options
MYSQL_SSL_CAPATH=/etc/ssl/certs/
MYSQL_SSL_CA=
MYSQL_SSL_CERT=
MYSQL_SSL_KEY=
MYSQL_SSL_CIPHER=
# If you're looking for performance improvements, you could install memcached or redis
# Check https://raw.githubusercontent.com/firefly-iii/firefly-iii/main/.env.example for Redis example
CACHE_DRIVER=file
SESSION_DRIVER=file
# Cookie settings. Should not be necessary to change these.
# If you use Docker or similar, you can set COOKIE_DOMAIN_FILE to set
# the value from a file instead of from an environment variable
# Setting samesite to "strict" may give you trouble logging in.
COOKIE_PATH="/"
COOKIE_DOMAIN=
COOKIE_SECURE=false
COOKIE_SAMESITE=lax
# If you want Firefly III to email you, update these settings
# For instructions, see: https://docs.firefly-iii.org/how-to/firefly-iii/advanced/notifications/#email
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
#MAIL_MAILER=log
MAIL_MAILER=smtp
MAIL_HOST=smtp-relay.sendinblue.com
MAIL_PORT=587
MAIL_FROM=firefly@domain.tld
MAIL_USERNAME=username
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
#MAIL_SENDMAIL_COMMAND=
# Firefly III can send you the following messages.
SEND_ERROR_MESSAGE=true
# These messages contain (sensitive) transaction information:
#SEND_REPORT_JOURNALS=true
SEND_REPORT_JOURNALS=false
# Set this value to true if you want to set the location of certain things, like transactions.
# Since this involves an external service, it's optional and disabled by default.
ENABLE_EXTERNAL_MAP=false
#
# Enable or disable exchange rate conversion. This function isn't used yet by Firefly III
#
ENABLE_EXCHANGE_RATES=false
# Set this value to true if you want Firefly III to download currency exchange rates
# from the internet. These rates are hosted by the creator of Firefly III inside
# an Azure Storage Container.
# Not all currencies may be available. Rates may be wrong.
ENABLE_EXTERNAL_RATES=false
# The map will default to this location:
MAP_DEFAULT_LAT=51.983333
MAP_DEFAULT_LONG=5.916667
MAP_DEFAULT_ZOOM=6
#
# Some objects have room for an URL, like transactions and webhooks.
# By default, the following protocols are allowed:
# http, https, ftp, ftps, mailto
#
# To change this, set your preferred comma separated set below.
# Be sure to include http, https and other default ones if you need to.
#
VALID_URL_PROTOCOLS=
#
# Firefly III authentication settings
#
#
# Firefly III supports a few authentication methods:
# - 'web' (default, uses built in DB)
# - 'remote_user_guard' for Authelia etc
# Read more about these settings in the documentation.
# https://docs.firefly-iii.org/how-to/firefly-iii/advanced/authentication/
#
# LDAP is no longer supported :(
#
AUTHENTICATION_GUARD=web
#
# Remote user guard settings
#
AUTHENTICATION_GUARD_HEADER=REMOTE_USER
AUTHENTICATION_GUARD_EMAIL=
#
# Firefly III generates a basic keypair for your OAuth tokens.
# If you want, you can overrule the key with your own (secure) value.
# It's also possible to set PASSPORT_PUBLIC_KEY_FILE or PASSPORT_PRIVATE_KEY_FILE
# if you're using Docker secrets or similar solutions for secret management
#
PASSPORT_PRIVATE_KEY=
PASSPORT_PUBLIC_KEY=
#
# Extra authentication settings
#
CUSTOM_LOGOUT_URL=
# You can disable the X-Frame-Options header if it interferes with tools like
# Organizr. This is at your own risk. Applications running in frames run the risk
# of leaking information to their parent frame.
DISABLE_FRAME_HEADER=false
# You can disable the Content Security Policy header when you're using an ancient browser
# or any version of Microsoft Edge / Internet Explorer (which amounts to the same thing really)
# This leaves you with the risk of not being able to stop XSS bugs should they ever surface.
# This is at your own risk.
DISABLE_CSP_HEADER=false
# If you wish to track your own behavior over Firefly III, set valid analytics tracker information here.
# Nobody uses this except for me on the demo site. But hey, feel free to use this if you want to.
# Do not prepend the TRACKER_URL with http:// or https://
# The only tracker supported is Matomo.
# You can set the following variables from a file by appending them with _FILE:
TRACKER_SITE_ID=
TRACKER_URL=
#
# Firefly III supports webhooks. These are security sensitive and must be enabled manually first.
#
ALLOW_WEBHOOKS=false
#
# The static cron job token can be useful when you use Docker and wish to manage cron jobs.
# 1. Set this token to any 32-character value (this is important!).
# 2. Use this token in the cron URL instead of a user's command line token that you can find in /profile
#
# For more info: https://docs.firefly-iii.org/how-to/firefly-iii/advanced/cron/
#
# You can set this variable from a file by appending it with _FILE
#
STATIC_CRON_TOKEN=ChangeThisValueToSomeSecret
# You can fine tune the start-up of a Docker container by editing these environment variables.
# Use this at your own risk. Disabling certain checks and features may result in lots of inconsistent data.
# However if you know what you're doing you can significantly speed up container start times.
# Set each value to true to enable, or false to disable.
# Set this to true to build all locales supported by Firefly III.
# This may take quite some time (several minutes) and is generally not recommended.
# If you wish to change or alter the list of locales, start your Docker container with
# `docker run -v locale.gen:/etc/locale.gen -e DKR_BUILD_LOCALE=true`
# and make sure your preferred locales are in your own locale.gen.
DKR_BUILD_LOCALE=false
# Check if the SQLite database exists. Can be skipped if you're not using SQLite.
# Won't significantly speed up things.
DKR_CHECK_SQLITE=true
# Run database creation and migration commands. Disable this only if you're 100% sure the DB exists
# and is up to date.
DKR_RUN_MIGRATION=true
# Run database upgrade commands. Disable this only when you're 100% sure your DB is up-to-date
# with the latest fixes (outside of migrations!)
DKR_RUN_UPGRADE=true
# Verify database integrity. Includes all data checks and verifications.
# Disabling this makes Firefly III assume your DB is intact.
DKR_RUN_VERIFY=true
# Run database reporting commands. When disabled, Firefly III won't go over your data to report current state.
# Disabling this should have no impact on data integrity or safety but it won't warn you of possible issues.
DKR_RUN_REPORT=true
# Generate OAuth2 keys.
# When disabled, Firefly III won't attempt to generate OAuth2 Passport keys. This won't be an issue, IFF (if and only if)
# you had previously generated keys already and they're stored in your database for restoration.
DKR_RUN_PASSPORT_INSTALL=true
# Leave the following configuration vars as is.
# Unless you like to tinker and know what you're doing.
APP_NAME=FireflyIII
BROADCAST_DRIVER=log
QUEUE_DRIVER=sync
CACHE_PREFIX=firefly
PUSHER_KEY=
IPINFO_TOKEN=
PUSHER_SECRET=
PUSHER_ID=
DEMO_USERNAME=
DEMO_PASSWORD=
#
# The v2 layout is very experimental. If it breaks you get to keep both parts.
# Be wary of data loss.
#
FIREFLY_III_LAYOUT=v1

50
firefly-iii/docker-compose.yml
View File

@ -1,50 +0,0 @@
version: '3.8'
services:
app:
image: 'fireflyiii/core:${IMAGE_TAG:-latest}'
hostname: app
container_name: firefly_iii_core
restart: always
volumes:
- '${UPLOAD_DIR:-./upload}:/var/www/html/storage/upload'
env_file: .env
networks:
- firefly_iii
ports:
- '${WEB_BIND_ADDR:-127.0.0.1}:${WEB_BIND_PORT:-8392}:8080/tcp'
depends_on:
- db
db:
image: mariadb:lts
hostname: db
container_name: firefly_iii_db
restart: always
env_file: .env
environment:
MYSQL_RANDOM_ROOT_PASSWORD: 'yes'
MYSQL_USER: '${DB_USERNAME:-firefly}'
MYSQL_PASSWORD: '${DB_PASSWORD}'
MYSQL_DATABASE: '${DB_DATABASE:-firefly}'
networks:
- firefly_iii
volumes:
- '${DB_DIR:-./db}:/var/lib/mysql'
cron:
#
# To make this work, set STATIC_CRON_TOKEN in your .env file or as an environment variable and replace REPLACEME below
# The STATIC_CRON_TOKEN must be *exactly* 32 characters long
#
image: alpine
restart: always
container_name: firefly_iii_cron
env_file: .env
command: sh -c "echo \"0 3 * * * wget -qO- http://app:8080/api/v1/cron/${STATIC_CRON_TOKEN}\" | crontab - && crond -f -L /dev/stdout"
networks:
- firefly_iii
networks:
firefly_iii:
driver: bridge

23
firefly-iii/nginx/firefly.conf
View File

@ -1,23 +0,0 @@
server {
listen 443 ssl http2;
server_name ff.domain.tld;
access_log /var/log/nginx/ff.domain.tld.access;
error_log /var/log/nginx/ff.domain.tld.error;
charset utf-8;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:8392;
}
#include config/gzip.conf;
# SSL config
#include ssl/domain.tld.conf;
}

2
forgejo/data/.gitignore vendored
View File

@ -1,2 +0,0 @@
/*
!/.gitignore

21
forgejo/docker-compose.yml
View File

@ -1,21 +0,0 @@
version: '3.7'
services:
server:
image: "codeberg.org/forgejo/forgejo:${IMAGE_TAG:-1.21}"
container_name: forgejo
restart: unless-stopped
network_mode: host
ports:
- "${HTTP_BIND_ADDR:-127.0.0.1}:${EXT_HTTP_PORT:-3000}:3000"
- "${EXT_SSH_PORT:-222}:22"
volumes:
- "${HOST_DATA_DIR:-./data}:/data"
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- "FORGEJO__database__DB_TYPE=postgres"
- "FORGEJO__database__HOST=${DB_HOST:-db}:${DB_PORT:-5432}"
- "FORGEJO__database__NAME=${DB_NAME:-forgejo}"
- "FORGEJO__database__USER=${DB_USER:-forgejo}"
- "FORGEJO__database__PASSWD=${DB_PASSWD:-forgejo}"

40
forgejo/docker-compose_embedded_db.yml
View File

@ -1,40 +0,0 @@
version: '3.7'
networks:
forgejo:
external: false
services:
server:
image: "codeberg.org/forgejo/forgejo:${IMAGE_TAG:-1.21}"
container_name: forgejo
depends_on:
- db
restart: unless-stopped
networks:
- forgejo
ports:
- "${HTTP_BIND_ADDR:-127.0.0.1}:${EXT_HTTP_PORT:-3000}:3000"
- "${EXT_SSH_PORT:-222}:22"
volumes:
- "${HOST_DATA_DIR:-./data}:/data"
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- "FORGEJO__database__DB_TYPE=postgres"
- "FORGEJO__database__HOST=${DB_HOST:-db}:${DB_PORT:-5432}"
- "FORGEJO__database__NAME=${DB_NAME:-forgejo}"
- "FORGEJO__database__USER=${DB_USER:-forgejo}"
- "FORGEJO__database__PASSWD=${DB_PASSWD:-forgejo}"
db:
image: postgres:13
restart: unless-stopped
environment:
- "POSTGRES_USER=${DB_USER:-forgejo}"
- "POSTGRES_PASSWORD=${DB_PASSWD:-forgejo}"
- "POSTGRES_DB=${DB_NAME:-forgejo}"
networks:
- forgejo
volumes:
- "${HOST_PG_DATA_DIR:-./db}:/var/lib/postgresql/data"

10
forgejo/.env.dist → gitea/.env.dist
View File

@ -1,9 +1,7 @@
# see https://forgejo.org/docs/latest/admin/installation-docker/
# see https://docs.gitea.io/en-us/install-with-docker/
USER_UID=1000
USER_GID=1000
IMAGE_TAG=1.21
HOST_DATA_DIR=./data
HOST_PG_DATA_DIR=./db
HTTP_BIND_ADDR=127.0.0.1
@ -14,9 +12,9 @@ EXT_SSH_PORT=222
# Leave default for embedded database
DB_HOST=db
DB_PORT=5432
DB_NAME=forgejo
DB_USER=forgejo
DB_PASSWD=forgejo
DB_NAME=gitea
DB_USER=gitea
DB_PASSWD=gitea
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

0
firefly-iii/db/.gitignore → gitea/data/.gitignore vendored
View File

21
gitea/docker-compose.yml Normal file
View File

@ -0,0 +1,21 @@
version: '3.7'
services:
server:
image: gitea/gitea:latest
container_name: gitea
restart: unless-stopped
network_mode: host
ports:
- "${HTTP_BIND_ADDR:-127.0.0.1}:${EXT_HTTP_PORT:-3000}:3000"
- "${EXT_SSH_PORT:-222}:22"
volumes:
- "${HOST_DATA_DIR:-./data}:/data"
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GITEA__database__DB_TYPE=postgres
- "GITEA__database__HOST=${DB_HOST:-db}:${DB_PORT:-5432}"
- "GITEA__database__NAME=${DB_NAME:-gitea}"
- "GITEA__database__USER=${DB_USER:-gitea}"
- "GITEA__database__PASSWD=${DB_PASSWD:-gitea}"

40
gitea/docker-compose_embedded_db.yml Normal file
View File

@ -0,0 +1,40 @@
version: '3.7'
networks:
gitea:
external: false
services:
server:
image: gitea/gitea:latest
container_name: gitea
depends_on:
- db
restart: unless-stopped
networks:
- gitea
ports:
- "${HTTP_BIND_ADDR:-127.0.0.1}:${EXT_HTTP_PORT:-3000}:3000"
- "${EXT_SSH_PORT:-222}:22"
volumes:
- "${HOST_DATA_DIR:-./data}:/data"
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GITEA__database__DB_TYPE=postgres
- "GITEA__database__HOST=${DB_HOST:-db}:${DB_PORT:-5432}"
- "GITEA__database__NAME=${DB_NAME:-gitea}"
- "GITEA__database__USER=${DB_USER:-gitea}"
- "GITEA__database__PASSWD=${DB_PASSWD:-gitea}"
db:
image: postgres:13
restart: unless-stopped
environment:
- "POSTGRES_USER=${DB_USER:-gitea}"
- "POSTGRES_PASSWORD=${DB_PASSWD:-gitea}"
- "POSTGRES_DB=${DB_NAME:-gitea}"
networks:
- gitea
volumes:
- "${HOST_PG_DATA_DIR:-./db}:/var/lib/postgresql/data"

2
forgejo/nginx/gitea.conf → gitea/nginx/gitea.conf
View File

@ -20,4 +20,4 @@ server {
# SSL config
#include ssl/domain.tld.conf;
}
}

8
home-assistant/.env.dist
View File

@ -1,8 +0,0 @@
# see https://www.home-assistant.io/installation/linux#install-home-assistant-container
#IMAGE_TAG=stable
HOST_CONFIG_DIR=./config
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

17
home-assistant/README.md
View File

@ -1,17 +0,0 @@
# Home Assistant
## Using with reverse proxy (like Nginx)
If you're using Home Assistant with reverse proxy, you need to enable it and add trusted proxy address. Otherwise you
will get 400 (Bad Request) each time you try to open HA's web interface.
To achieve that edit `configuration.yaml` after it was generated at first launch and add missing options.
```yaml
# config/configuration.yaml
http:
use_x_forwarded_for: true
trusted_proxies:
- '127.0.0.1'
- '::1'
```

2
home-assistant/config/.gitignore vendored
View File

@ -1,2 +0,0 @@
/*
!/.gitignore

19
home-assistant/docker-compose.yml
View File

@ -1,19 +0,0 @@
# https://www.home-assistant.io/installation/linux#install-home-assistant-container
version: '3.8'
services:
homeassistant:
container_name: homeassistant
image: 'ghcr.io/home-assistant/home-assistant:${IMAGE_TAG:-stable}'
volumes:
- '${HOST_CONFIG_DIR:-./config}:/config'
- '/etc/localtime:/etc/localtime:ro'
restart: unless-stopped
privileged: true
network_mode: host
env_file: .env
logging:
driver: 'json-file'
options:
max-size: '${LOG_MAX_SIZE:-5m}'
max-file: '${LOG_MAX_FILE:-5}'

24
home-assistant/nginx/home-assistant.conf
View File

@ -1,24 +0,0 @@
server {
listen 80;
server_name ha.domain.tld;
#charset utf-8;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
#proxy_hide_header X-Powered-By; ## Hides nginx server version from bad guys.
proxy_set_header Range $http_range; ## Allows specific chunks of a file to be requested.
proxy_set_header If-Range $http_if_range; ## Allows specific chunks of a file to be requested.
#proxy_set_header X-Real-IP $http_CF_Connecting_IP; ## if you use cloudflare un-comment this line and comment out above line.
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_pass http://localhost:8123/;
}
}

26
inbucket/.env.dist
View File

@ -1,26 +0,0 @@
HOST_SMTP_ADDR=0.0.0.0
HOST_SMTP_PORT=2500
HOST_POP3_ADDR=0.0.0.0
HOST_POP3_PORT=1100
HOST_HTTP_ADDR=0.0.0.0
HOST_HTTP_PORT=8389
# https://github.com/inbucket/inbucket/blob/main/doc/config.md
INBUCKET_STORAGE_TYPE=memory
INBUCKET_STORAGE_RETENTIONPERIOD=24h
INBUCKET_STORAGE_MAILBOXMSGCAP=500
INBUCKET_WEB_MONITORVISIBLE=true
INBUCKET_WEB_MONITORHISTORY=30
INBUCKET_POP3_DOMAIN=inbucket
INBUCKET_SMTP_DOMAIN=inbucket
#INBUCKET_SMTP_ACCEPTDOMAINS=
#INBUCKET_SMTP_REJECTDOMAINS=
INBUCKET_SMTP_DEFAULTSTORE=true
#INBUCKET_SMTP_STOREDOMAINS=
#INBUCKET_SMTP_DISCARDDOMAINS=
# Use local or full addressing
INBUCKET_MAILBOXNAMING=local
# debug, info, warn, or error
INBUCKET_LOGLEVEL=warn

2
inbucket/data/.gitignore vendored
View File

@ -1,2 +0,0 @@
*
!.gitignore

15
inbucket/docker-compose.yml
View File

@ -1,15 +0,0 @@
version: '3.7'
services:
inbucket:
image: inbucket/inbucket:latest
container_name: inbucket
ports:
- "${HOST_HTTP_ADDR:-0.0.0.0}:${HOST_HTTP_PORT:-8389}:9000/tcp"
- "${HOST_SMTP_ADDR:-0.0.0.0}:${HOST_SMTP_PORT:-8389}:2500/tcp"
- "${HOST_POP3_ADDR:-0.0.0.0}:${HOST_POP3_PORT:-8389}:1100/tcp"
volumes:
# Not used by default, you need to configure storage parameters to store on disk.
- ./data:/data/
env_file: .env
restart: unless-stopped

16
jdownloader/.env.dist Normal file
View File

@ -0,0 +1,16 @@
# see # https://hub.docker.com/r/jaymoulin/jdownloader
HOST_USER=1000
HOST_GROUP=1000
CONFIG_PATH=./config/config
LOGS_PATH=./config/logs
DOWNLOADS_PATH=./data
MYJD_BIND_PORT=3129
MYJD_USER=xxx@yyy.tld
MYJD_PASSWORD=qwerty
MYJD_DEVICE_NAME=mydevice
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

2
jdownloader/config/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
/*
!/.gitignore

2
jdownloader/data/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
/*
!/.gitignore

27
jdownloader/docker-compose.yml Normal file
View File

@ -0,0 +1,27 @@
# https://hub.docker.com/r/jaymoulin/jdownloader
version: '3.7'
services:
jdownloader:
image: jaymoulin/jdownloader
container_name: jdownloader
restart: unless-stopped
user: "${HOST_USER}:${HOST_GROUP}"
volumes:
- "${CONFIG_PATH:-./config/config}:/opt/JDownloader/app/cfg"
- "${DOWNLOADS_PATH:-./data}:/opt/JDownloader/Downloads"
- "${LOGS_PATH:-./config/logs}:/opt/JDownloader/app/logs" #optional
- /etc/localtime:/etc/localtime:ro #optional
env_file: ".env"
#environment:
#MYJD_USER: email@email.com #optional (see [Identify](https://github.com/jaymoulin/docker-jdownloader#identify))
#MYJD_PASSWORD: bar #optional (see [Identify](https://github.com/jaymoulin/docker-jdownloader#identify))
#MYJD_DEVICE_NAME: "${MYJD_DEVICE_NAME}" #optional
#XDG_DOWNLOAD_DIR: /opt/JDownloader/Downloads #optional
ports:
- "${MYJD_BIND_PORT:-3129}:3129"
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

11
joplin/.env.dist Normal file
View File

@ -0,0 +1,11 @@
DB_CLIENT=pg
POSTGRES_PASSWORD=joplin
POSTGRES_DATABASE=joplin
POSTGRES_USER=joplin
POSTGRES_PORT=5432
#POSTGRES_HOST=db
APP_BASE_URL=https://domain.tld
APP_PORT=22300
EXTERNAL_PORT=8030

2
joplin/data/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
/*
!/.gitignore

22
joplin/docker-compose.yml Normal file
View File

@ -0,0 +1,22 @@
version: "3.7"
services:
db:
image: postgres:13
volumes:
- ./data/postgres:/var/lib/postgresql/data
expose:
- "5432"
restart: unless-stopped
env_file: .env
app:
image: joplin/server:latest
depends_on:
- db
ports:
- "127.0.0.1:${EXTERNAL_PORT:-8030}:22300"
env_file: .env
environment:
- POSTGRES_HOST=${POSTGRES_HOST:-db}
restart: unless-stopped
user: '${HOST_USER:-0}'

17
joplin/nginx/joplin.conf Normal file
View File

@ -0,0 +1,17 @@
server {
listen 443 ssl http2;
server_name joplin.domain.tld;
access_log /var/log/nginx/joplin.domain.tld.access;
error_log /var/log/nginx/joplin.domain.tld.error;
charset utf-8;
location / {
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8030;
}
# Wildcard certificate config
#include ssl/joplin.domain.tld.conf;
}

35
magnetico-web/.env.dist
View File

@ -1,35 +0,0 @@
# For up-to-date reference check: https://git.skobk.in/skobkin/magnetico-web/src/branch/master/.env
APP_SECRET=abcxyz
APP_DATABASE_URL=postgres://magnetico-web:password@host.docker.internal:5432/magnetico-web?application_name=magnetico_web
MAGNETICOD_DATABASE_URL=postgres://magneticod:password@host.docker.internal:5432/magneticod?application_name=magnetico_web
REDIS_DSN=redis://host.docker.internal:6379/0
# !!! USE 'REMOTE_ADDR' ONLY BEHIND REVERSE PROXY !!!
TRUSTED_PROXIES=127.0.0.1,REMOTE_ADDR
###> sentry/sentry-symfony ###
SENTRY_DSN=https://abcxyz@sentry.io/123456
###< sentry/sentry-symfony ###
###> symfony/mailer ###
MAILER_DSN=smtp://mail@domain.tld:password@smtp.domain.tld:587
MAILER_FROM=no-reply@domain.tld
###< symfony/mailer ###
###> excelwebzone/recaptcha-bundle ###
EWZ_RECAPTCHA_SITE_KEY=key
EWZ_RECAPTCHA_SECRET=secret
###< excelwebzone/recaptcha-bundle ###
# docker-compose
LOG_PATH=./logs
#HOST_USER=0
#HOST_USER=www-data
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

2
magnetico-web/.gitignore vendored
View File

@ -1,2 +0,0 @@
logs/*
!logs/.gitkeep

21
magnetico-web/docker-compose.yml
View File

@ -1,21 +0,0 @@
version: '3.7'
services:
magnetico-web:
image: skobkin/magnetico-web
container_name: magnetico-web
hostname: magnetico-web
extra_hosts:
- 'host.docker.internal:host-gateway'
ports:
- "127.0.0.1:${EXT_HTTP_PORT:-8080}:8080/tcp"
restart: unless-stopped
user: "${HOST_USER:-0}"
volumes:
- "${LOG_PATH:-./logs}:/app/var/log"
env_file: .env
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

6
magneticod-python/.env.dist Normal file
View File

@ -0,0 +1,6 @@
# see https://cloud.docker.com/repository/docker/skobkin/magneticod-python
MAGNETICO_PORT=64879
# docker-compose substitution
HOST_DB_PATH=/root/.local/share/magneticod
HOST_USER=0

17
magneticod-python/docker-compose.yml Normal file
View File

@ -0,0 +1,17 @@
version: '3.7'
services:
magneticod:
image: skobkin/magneticod-python:latest
container_name: magneticod-python
# Using host mode to be able to simply apply firewall rules to disable connection tracking
# https://github.com/boramalper/magnetico/blob/master/cmd/magneticod/README.md#setup
network_mode: "host"
ports:
- "${MAGNETICO_PORT}:${MAGNETICO_PORT}/udp"
env_file: .env
volumes:
- "${HOST_DB_PATH}:/data"
user: "${HOST_USER}"
restart: unless-stopped
command: "--node-addr 0.0.0.0:${MAGNETICO_PORT} --database-file /data/database.sqlite3"

4
magneticod/docker-compose.yml
View File

@ -6,9 +6,7 @@ services:
container_name: magneticod
# Using host mode to be able to simply apply firewall rules to disable connection tracking
# https://github.com/boramalper/magnetico/blob/master/cmd/magneticod/README.md#setup
#network_mode: "host"
extra_hosts:
- 'host.docker.internal:host-gateway'
network_mode: "host"
ports:
- "${MAGNETICO_PORT}:${MAGNETICO_PORT}/udp"
env_file: .env

2
mariadb-common/.env.dist Normal file
View File

@ -0,0 +1,2 @@
MYSQL_ROOT_PASSWORD=password
COMMON_DATABASE_NETWORK=database-net

23
mariadb-common/docker-compose.yml Normal file
View File

@ -0,0 +1,23 @@
version: '3.7'
services:
mariadb-common:
image: mariadb:10
container_name: mariadb-common
env_file: .env
networks:
- db-network
ports:
- "127.0.0.1:3306:3306/tcp"
volumes:
# Database files
- mariadb-data:/var/lib/mysql
restart: unless-stopped
volumes:
mariadb-data:
networks:
db-network:
name: "${COMMON_DATABASE_NETWORK:-database-network}"
external: true

16
nextcloud/.env.dist Normal file
View File

@ -0,0 +1,16 @@
PUID=1000
PGID=1000
TZ=Europe/Moscow
EXT_PORT=8443
# Volumes
# Database and configs
CONFIG_PATH=/path/to/config
# Location of user files
DATA_PATH=/path/to/data
# Logs
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

30
nextcloud/README.md Normal file
View File

@ -0,0 +1,30 @@
# Configuration
## Serve HTTP from the container
By default NextCloud internal Nginx config has redirects from internal 80 port
to 443 (HTTPS).
So if you want to reverse-proxy Nextcloud, you'll need to have a plain HTTP
connection to the Nextcloud.
Example of `/config/nginx/site-confs/default` changes:
```
#server {
# listen 80;
# listen [::]:80;
# server_name _;
# return 301 https://$host$request_uri;
#}
server {
#listen 443 ssl http2;
listen 80;
listen [::]:80;
#listen [::]:443 ssl http2;
server_name _;
#ssl_certificate /config/keys/cert.crt;
#ssl_certificate_key /config/keys/cert.key;
```
You'll have access to the Nextcloud Nginx config after first run of Nextcloud
container. Don't forget to configure `/config` bind mount.

21
nextcloud/docker-compose.yml Normal file
View File

@ -0,0 +1,21 @@
version: '3.7'
services:
nextcloud:
# https://hub.docker.com/r/linuxserver/nextcloud
image: linuxserver/nextcloud
container_name: nextcloud
#network_mode: "host"
ports:
# You need to modify /config/nginx/site-confs/default first to allow 80 port
- "127.0.0.1:${EXT_PORT}:80/tcp"
env_file: .env
volumes:
- "${CONFIG_PATH}:/config"
- "${DATA_PATH}:/data"
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

18
nextcloud/etc/nginx/sites-available/nextcloud.domain.tld.conf.dist Normal file
View File

@ -0,0 +1,18 @@
server {
listen 443 ssl http2;
server_name nextcloud.server.tld;
#access_log /var/log/nginx/nextcloud.server.tld.access;
error_log /var/log/nginx/nextcloud.server.tld.error;
charset utf-8;
location / {
proxy_pass http://127.0.0.1:8443;
}
#include config/gzip.conf;
# Wildcard certificate config
#include ssl/server.tld.conf;
}

21
ollama/.env.dist
View File

@ -1,21 +0,0 @@
# see https://hub.docker.com/r/ollama/ollama
#OLLAMA_IMAGE_TAG=rocm
#OLLAMA_IMAGE_TAG=0.1.28-rocm
OLLAMA_IMAGE_TAG=latest
UI_IMAGE_TAG=main
# Ollama
HOST_OLLAMA_DATA_DIR=./data/ollama
HTTP_OLLAMA_BIND_ADDR=127.0.0.1
HTTP_OLLAMA_BIND_PORT=11434
DEV_KFD=/dev/kfd
DEV_DRI=/dev/dri
# Open WebUI
HOST_UI_DATA_DIR=./data/open-webui
HTTP_UI_BIND_ADDR=127.0.0.1
HTTP_UI_BIND_PORT=8010
UI_SECRET_KEY=changeme
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

2
ollama/data/ollama/.gitignore vendored
View File

@ -1,2 +0,0 @@
/*
!/.gitignore

2
ollama/data/open-webui/.gitignore vendored
View File

@ -1,2 +0,0 @@
/*
!/.gitignore

38
ollama/docker-compose.yml
View File

@ -1,38 +0,0 @@
version: '3.9'
services:
webui:
image: "ghcr.io/open-webui/open-webui:${UI_IMAGE_TAG:-main}"
container_name: ollama-open-webui
volumes:
- "${HOST_UI_DATA_DIR:-./data/open-webui}:/app/backend/data"
depends_on:
- ollama
ports:
- "${HTTP_UI_BIND_ADDR:-127.0.0.1}:${HTTP_UI_BIND_PORT-3000}:8080"
environment:
- "OLLAMA_API_BASE_URL=http://ollama:11434/api"
- "OLLAMA_BASE_URL=http://ollama:11434"
- 'WEBUI_SECRET_KEY=${UI_SECRET_KEY:-changeme}'
#extra_hosts:
# - host.docker.internal:host-gateway
restart: unless-stopped
ollama:
image: "ollama/ollama:${OLLAMA_IMAGE_TAG:-latest}"
container_name: ollama
#user: "${HOST_USER:-1000}"
volumes:
- "${HOST_OLLAMA_DATA_DIR:-./data}:/root/.ollama"
ports:
- "${HTTP_OLLAMA_BIND_ADDR:-127.0.0.1}:${HTTP_OLLAMA_BIND_PORT:-11434}:11434/tcp"
devices:
- "${DEV_DRI:-/dev/dri}:${DEV_DRI:-/dev/dri}"
- "${DEV_KFD:-/dev/kfd}:${DEV_KFD:-/dev/kfd}"
env_file: .env
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

22
ollama/nginx/ollama-webui.conf
View File

@ -1,22 +0,0 @@
server {
listen 80;
server_name ai.domain.tld;
#charset utf-8;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
proxy_pass http://127.0.0.1:8010/;
}
}

2
postgres-common/.env.dist Normal file
View File

@ -0,0 +1,2 @@
POSTGRES_PASSWORD=password
COMMON_DATABASE_NETWORK=database-net

23
postgres-common/docker-compose.yml Normal file
View File

@ -0,0 +1,23 @@
version: '3.7'
services:
postgres-common:
image: postgres:12-alpine
container_name: postgres-common
env_file: .env
networks:
- db-network
ports:
- "127.0.0.1:5432:5432/tcp"
volumes:
# Database files
- postgres-data:/var/lib/postgresql/data
restart: unless-stopped
volumes:
postgres-data:
networks:
db-network:
name: "${COMMON_DATABASE_NETWORK:-database-network}"
external: true

6
redis/.env.dist
View File

@ -1,11 +1,7 @@
# https://hub.docker.com/_/redis
# Uncomment to use directory binding instead of docker volume (almost always not needed)
HOST_DATA_DIR=./data
# https://redis.io/docs/management/persistence/#snapshotting
PERSISTENCE_PERIOD_SEC=60
PERSISTENCE_MIN_OPS=1
LOG_LEVEL=warning
#DATA_PATH=/some/path
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

2
redis/data/.gitignore vendored
View File

@ -1,2 +0,0 @@
/*
!/.gitignore

9
redis/docker-compose.yml
View File

@ -1,13 +1,10 @@
version: '3.8'
version: '3.7'
services:
redis:
# https://hub.docker.com/_/redis
image: redis:alpine
container_name: redis
command: "redis-server --save ${PERSISTENCE_PERIOD_SEC:-60} ${PERSISTENCE_MIN_OPS:-1} --loglevel ${LOG_LEVEL:-warning}"
volumes:
- "${HOST_DATA_DIR:-./data}:/data"
ports:
- "127.0.0.1:6379:6379/tcp"
env_file: .env
@ -17,3 +14,7 @@ services:
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"
#volumes:
# redis_data:
# name: redis_data

76
remark42/.env.dist Normal file
View File

@ -0,0 +1,76 @@
# see https://hub.docker.com/r/umputun/remark42
IMAGE=umputun/remark42:latest
HOST_DATA_DIR=./data
WEBUI_BIND_ADDR=127.0.0.1
WEBUI_BIND_PORT=8388
# Remark42 settings
REMARK_URL=https://remark.domain.tld
SITE=site1,site2,site3
SECRET=AnyLongAndHardToGuessString
ADMIN_PASSWD=password
ADMIN_SHARED_ID=github_xxx,telegram_yyy
# Comment settings
LOW_SCORE=-5
CRITICAL_SCORE=-10
EDIT_TIME=5m
#RESTRICTED_NAMES=your-name
#EMOJI=false
#SIMPLE_VIEW=false
DEBUG=false
# Auth settings
# Anonymous
#AUTH_ANON=false
# Disqus
#AUTH_DISQUS_CID=xxx
#AUTH_DISQUS_CSEC=yyy
# Facebook
#AUTH_FACEBOOK_CID=xxx
#AUTH_FACEBOOK_CSEC=yyy
# Github
AUTH_GITHUB_CID=xxx
AUTH_GITHUB_CSEC=yyy
# Google
AUTH_GOOGLE_CID=xxx
AUTH_GOOGLE_CSEC=yyy
# Microsoft
#AUTH_MICROSOFT_CID=xxx
#AUTH_MICROSOFT_CSEC=yyy
# Patreon
#AUTH_PATREON_CID=xxx
#AUTH_PATREON_CSEC=yyy
# Telegram
#AUTH_TELEGRAM=false
#TELEGRAM_TOKEN=xxx:yyy
# Twitter
AUTH_TWITTER_CID=xxx
AUTH_TWITTER_CSEC=yyy
# Yandex
#AUTH_YANDEX_CID=xxx
#AUTH_YANDEX_CSEC=yyy
# Notifications
#NOTIFY_USERS=email
#NOTIFY_ADMINS=telegram
#NOTIFY_TELEGRAM_CHAN=xxx
#NOTIFY_EMAIL_FROM=xxx
#TELEGRAM_TOKEN=xxx
#SMTP_HOST=xxx
#SMTP_PORT=xxx
#SMTP_USERNAME=xxx
#SMTP_PASSWORD=xxx
#SMTP_TLS=xxx
# SSL
# Handled using reverse-proxy
SSL_TYPE=none
# Service settings
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

18
remark42/README.md Normal file
View File

@ -0,0 +1,18 @@
# Remark42
## Installation
Check [this documentation](https://remark42.com/docs/getting-started/installation/).
## Configuration
Check parameter list [here](https://remark42.com/docs/configuration/parameters/).
## Reverse Proxy configuration
- [Nginx](https://remark42.com/docs/manuals/nginx/)
- [Reproxy](https://remark42.com/docs/manuals/reproxy/)
## Migration from other platforms and backups
Check [this](https://remark42.com/docs/backup/migration/).

0
firefly-iii/upload/.gitignore → remark42/data/.gitignore vendored
View File

19
remark42/docker-compose.yml Normal file
View File

@ -0,0 +1,19 @@
# https://hub.docker.com/r/umputun/remark42
version: '3.7'
services:
remark:
image: '${IMAGE:-umputun/remark42:latest}'
container_name: 'remark42'
hostname: 'remark42'
restart: unless-stopped
ports:
- '${WEBUI_BIND_ADDR:-127.0.0.1}:${WEBUI_BIND_PORT:-8388}:8080'
env_file: .env
volumes:
- '${HOST_DATA_DIR:-./data}:/srv/var'
logging:
driver: 'json-file'
options:
max-size: '${LOG_MAX_SIZE:-5m}'
max-file: '${LOG_MAX_FILE:-5}'

4
shadowsocks-client/.env.dist
View File

@ -1,4 +0,0 @@
LOCAL_PORT=1050
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

3
shadowsocks-client/config/.gitignore vendored
View File

@ -1,3 +0,0 @@
*
!.gitignore
!config.json.dist

26
shadowsocks-client/config/config.json.dist
View File

@ -1,26 +0,0 @@
{
"servers": [
{
"address": "127.0.0.1",
"port": 8388,
"password": "hello-world",
"method": "aes-256-gcm",
"timeout": 7200
},
{
"address": "127.0.0.1",
"port": 8389,
"password": "hello-kitty",
"method": "chacha20-ietf-poly1305"
},
{
"disabled": true,
"address": "eg.disable.me",
"port": 8390,
"password": "hello-internet",
"method": "chacha20-ietf-poly1305"
}
],
"local_port": 1050,
"local_address": "0.0.0.0"
}

18
shadowsocks-client/docker-compose.yml
View File

@ -1,18 +0,0 @@
version: '3.7'
services:
sslocal:
# https://github.com/shadowsocks/shadowsocks-rust
image: ghcr.io/shadowsocks/sslocal-rust:latest
container_name: sslocal
ports:
- "${LOCAL_PORT:-1050}:${LOCAL_PORT:-1050}/tcp"
volumes:
- "./config/config.json:/etc/shadowsocks-rust/config.json:ro"
env_file: .env
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

12
synapse/.env.dist
View File

@ -27,17 +27,5 @@ SYNAPSE_REPORT_STATS=no
#UID=991
#GID=991
# Sliding sync settings
SS_PROXY_IMAGE_TAG=latest
SYNCV3_SERVER=https://skobk.in
SYNCV3_DB='user=matrix-ss dbname=matrix-ss sslmode=disable host=host.docker.internal password=database_password'
SYNCV3_SECRET=very_long_and_random_secret
SS_BIND_ADDR=0.0.0.0
SS_BIND_PORT=8889
SS_EXT_ADR=127.0.0.1
SS_EXT_PORT=8889
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

23
synapse/docker-compose.yml
View File

@ -29,29 +29,6 @@ services:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"
sliding-sync:
# https://github.com/matrix-org/sliding-sync
image: "ghcr.io/matrix-org/sliding-sync:${SS_PROXY_IMAGE_TAG:-latest}"
container_name: matrix-ss
depends_on:
- synapse
extra_hosts:
- 'host.docker.internal:host-gateway'
ports:
- "${SS_EXT_ADR:-127.0.0.1}:${SS_EXT_PORT:-8889}:${SS_BIND_PORT:-8889}"
environment:
# https://github.com/matrix-org/sliding-sync?tab=readme-ov-file#setup
- "SYNCV3_SERVER=${SYNCV3_SERVER}"
- "SYNCV3_DB=${SYNCV3_DB}"
- "SYNCV3_SECRET=${SYNCV3_SECRET}"
- "SYNCV3_BINDADDR=${SS_BIND_ADDR:-0.0.0.0}:${SS_BIND_PORT:-8889}"
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"
networks:
matrix:
external: true

74
synapse/nginx/site-and-matrix-example.conf
View File

@ -1,74 +0,0 @@
# HTTP with HTTPS redirect
server {
listen 80;
server_name www.domain.tld domain.tld;
return 301 https://domain.tld$request_uri;
}
# Main domain
server {
listen 443 ssl http2;
# Matrix server
# For the federation port
listen 8448 ssl default_server;
listen [::]:8448 ssl default_server;
server_name domain.tld;
access_log /var/log/nginx/domain.tld.access;
error_log /var/log/nginx/domain.tld.error;
# Certificate config
include ssl/domain.tld.conf;
# ========= Web-site section =========
# Site files directory
root /var/www/domain.tld/web;
charset utf-8;
include config/wordpress.conf;
#include config/static_max_cache.conf;
#include config/gzip.conf;
# ========= Matrix server section =========
# Sliding Sync Proxy
location ~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync) {
proxy_pass http://localhost:8889;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
}
# Synapse
# https://github.com/matrix-org/sliding-sync?tab=readme-ov-file#same-hostname
location ~ ^(\/_matrix|\/_synapse\/client) {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
# Nginx by default only allows file uploads up to 1M in size
# Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
client_max_body_size 50M;
proxy_pass http://localhost:8008;
}
# Matrix WKD
# Client
location /.well-known/matrix/client {
add_header Content-Type application/json;
return 200 '{"m.homeserver": {"base_url":"https://domain.tld/"}, "org.matrix.msc3575.proxy": {"url": "https://domain.tld"}}';
}
# Server
# https://matrix-org.github.io/synapse/latest/delegate.html#well-known-delegation
# https://spec.matrix.org/latest/server-server-api/#server-discovery
location /.well-known/matrix/server {
add_header Content-Type application/json;
return 200 '{"m.server": "domain.tld:8448"}';
}
}

8
telegram-llm-bot/.env.dist
View File

@ -1,8 +0,0 @@
# see https://hub.docker.com/r/skobkin/telegram-llm-bot
TELEGRAM_TOKEN=12345
OLLAMA_TOKEN=12345
OLLAMA_BASE_URL=http://host.docker.internal:11434
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

16
telegram-llm-bot/docker-compose.yml
View File

@ -1,16 +0,0 @@
# https://hub.docker.com/r/skobkin/telegram-llm-bot
version: '3.9'
services:
telegram-llm-bot:
image: "skobkin/telegram-llm-bot:${IMAGE_VERSION:-latest}"
container_name: telegram-llm-bot
extra_hosts:
- "host.docker.internal:host-gateway"
env_file: .env
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

12
tg-rss-bot/.env.dist
View File

@ -1,12 +0,0 @@
# https://hub.docker.com/r/miroslavsckaya/tg-rss-bot
#IMAGE_VERSION=latest
RSSBOT_DSN=postgres://username:password@hostname/database_name
RSSBOT_TG_TOKEN=1234567890:yourbotstoken
# https://github.com/mcuadros/ofelia#configuration
#SCHEDULER_UPDATE=1h
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

34
tg-rss-bot/docker-compose.yml
View File

@ -1,34 +0,0 @@
version: '3.7'
services:
app:
# https://hub.docker.com/r/miroslavsckaya/tg-rss-bot
image: 'miroslavsckaya/tg-rss-bot:${IMAGE_VERSION:-latest}'
env_file: .env
restart: unless-stopped
extra_hosts:
- 'host.docker.internal:host-gateway'
labels:
ofelia.enabled: "true"
ofelia.job-exec.update-feeds.schedule: "@every ${SCHEDULER_UPDATE:-1h}"
ofelia.job-exec.update-feeds.command: "python /bot/update.py"
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"
scheduler:
# https://hub.docker.com/r/mcuadros/ofelia
image: mcuadros/ofelia:latest
restart: unless-stopped
depends_on:
- app
command: daemon --docker
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

2
tor-obfs4-bridge/.env.dist
View File

@ -1,5 +1,3 @@
DATA_PATH=./data
# Set required variables
OR_PORT=443
PT_PORT=444

2
tor-obfs4-bridge/data/.gitignore vendored
View File

@ -1,2 +0,0 @@
/*
!/.gitignore

10
tor-obfs4-bridge/docker-compose.yml
View File

@ -19,8 +19,12 @@ services:
- NICKNAME=${NICKNAME:-DockerObfs4Bridge}
env_file: .env
volumes:
- "${DATA_PATH:-./data}:/var/lib/tor"
- data:/var/lib/tor
ports:
- "${OR_PORT}:${OR_PORT}/tcp"
- "${PT_PORT}:${PT_PORT}/tcp"
- ${OR_PORT}:${OR_PORT}
- ${PT_PORT}:${PT_PORT}
restart: unless-stopped
volumes:
data:
name: tor-obfs4-bridge-datadir-${OR_PORT}-${PT_PORT}

27
webhooksite/.env.dist
View File

@ -1,27 +0,0 @@
# see https://hub.docker.com/r/webhooksite/webhook.site
# see https://github.com/webhooksite/webhook.site/blob/master/docker-compose.yml
WEBUI_BIND_ADDR=127.0.0.1
WEBUI_BIND_PORT=8391
ECHO_BIND_ADDR=0.0.0.0
# Do not change unless you'll also change it in Nginx config
ECHO_BIND_PORT=6001
APP_ENV=prod
APP_DEBUG=false
APP_URL=http://domain.tld:80
APP_LOG=errorlog
DB_CONNECTION=sqlite
REDIS_HOST=redis
REDIS_PORT=6379
#REDIS_PASSWORD=null
BROADCAST_DRIVER=redis
CACHE_DRIVER=redis
QUEUE_DRIVER=redis
ECHO_HOST_MODE=path
REDIS_HOST_DATA_DIR=./data
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

2
webhooksite/data/.gitignore vendored
View File

@ -1,2 +0,0 @@
/*
!/.gitignore

48
webhooksite/docker-compose.yml
View File

@ -1,48 +0,0 @@
# https://hub.docker.com/r/webhooksite/webhook.site
version: '3.8'
services:
webhook:
image: "webhooksite/webhook.site"
container_name: webhook-site
command: "php artisan queue:work --daemon --tries=3 --timeout=10"
ports:
- "${WEBUI_BIND_ADDR}:${WEBUI_BIND_PORT}:80"
env_file: .env
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"
laravel-echo-server:
image: "webhooksite/laravel-echo-server"
depends_on:
- redis
ports:
- "${ECHO_BIND_ADDR:-127.0.0.1}:${ECHO_BIND_PORT:-6001}:${ECHO_BIND_PORT:-6001}"
environment:
- "LARAVEL_ECHO_SERVER_AUTH_HOST=http://webhook"
- "LARAVEL_ECHO_SERVER_HOST=${ECHO_BIND_ADDR:-0.0.0.0}"
- "LARAVEL_ECHO_SERVER_PORT=${ECHO_BIND_PORT:-6001}"
- "ECHO_REDIS_PORT=${REDIS_PORT:-6379}"
- "ECHO_REDIS_HOSTNAME=${REDIS_HOST:-redis}"
- "ECHO_PROTOCOL=http"
- "ECHO_ALLOW_CORS=true"
- "ECHO_ALLOW_ORIGIN=*"
- "ECHO_ALLOW_METHODS=*"
- "ECHO_ALLOW_HEADERS=*"
redis:
image: redis:alpine
command: "redis-server --save ${PERSISTENCE_PERIOD_SEC:-60} ${PERSISTENCE_MIN_OPS:-1} --loglevel ${LOG_LEVEL:-warning}"
volumes:
- "${REDIS_HOST_DATA_DIR:-./data}:/data"
env_file: .env
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"

28
webhooksite/nginx/webhook.conf
View File

@ -1,28 +0,0 @@
server {
listen 80;
server_name webhook.domain.tld;
#charset utf-8;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
proxy_pass http://127.0.0.1:8391/;
}
# https://docs.webhook.site/install.html#docker
location /socket.io {
proxy_pass http://127.0.0.1:6001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}

9
wireguard/.env.dist Normal file
View File

@ -0,0 +1,9 @@
# https://hub.docker.com/r/cmulk/wireguard-docker
PORT=5555
# Configuration directory where Wireguard configuration will be stored.
CONFIG_DIR=./config
LOG_MAX_SIZE=5m
LOG_MAX_FILE=5

2
wireguard/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
config/*
!config/.gitkeep

50
wireguard/README.md Normal file
View File

@ -0,0 +1,50 @@
# Wireguard VPN
![Wireguard Logo](https://www.wireguard.com/img/wireguard.svg)
## Basic configuration
### Create config files
```shell
cp examples/server/wg0.conf.dist config/wg0.conf
```
You can edit configuration according to your needs.
### Generate keys
Don't forget to set public and private keys for the server and client!
To get the keys you can use `genkeys` command:
```shell
docker-compose run wireguard genkeys
```
Output example:
```
Private Key: aAaAAaaaAAaa+AAaAaAaAA1aa/aaAA1aaaaAa1aaaA1=
Public Key: /11a1aAaA1a/AAa11AAaa1AAa/AaAA1a1aaa11/AaAa=
```
Not you can use these keys in your configuration file.
## Additional requirements
### Kernel module
You need to be sure that [Wireguard](https://www.wireguard.com/install/) kernel module is installed on the host system.
#### Ubuntu / Debian
For kernel versions [older than 5.6](https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.6-Released):
```shell
apt-get install -y --no-install-recommends wireguard-dkms
```
### See also
You can also check Docker image instructions [here](https://hub.docker.com/r/cmulk/wireguard-docker).

0
magnetico-web/logs/.gitkeep → wireguard/config/.gitkeep
View File

26
wireguard/docker-compose.yml Normal file
View File

@ -0,0 +1,26 @@
version: '3.7'
services:
wireguard:
# https://hub.docker.com/r/cmulk/wireguard-docker
image: cmulk/wireguard-docker:alpine
container_name: wireguard
volumes:
- "${CONFIG_DIR:-./config}:/etc/wireguard:ro"
networks:
- network
ports:
- "${PORT:-5555}:5555/udp"
env_file: .env
restart: unless-stopped
cap_add:
- NET_ADMIN
- SYS_MODULE
logging:
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-5m}"
max-file: "${LOG_MAX_FILE:-5}"
networks:
network:

10
wireguard/examples/client/wg0.conf.dist Normal file
View File

@ -0,0 +1,10 @@
[Interface]
Address = 192.168.20.2/24
PrivateKey = <client_private_key>
ListenPort = 0 #needed for some clients to accept the config
[Peer]
PublicKey = <server_public_key>
Endpoint = <server_public_ip>:5555
AllowedIPs = 0.0.0.0/0,::/0 #makes sure ALL traffic routed through VPN
PersistentKeepalive =

9
wireguard/examples/server/wg0.conf.dist Normal file
View File

@ -0,0 +1,9 @@
# https://github.com/cmulk/wireguard-docker#configuration
[Interface]
Address = 192.168.20.1/24
PrivateKey = <server_private_key>
ListenPort = 5555
[Peer]
PublicKey = <client_public_key>
AllowedIPs = 192.168.20.2

7
wordpress/.env.dist Normal file
View File

@ -0,0 +1,7 @@
FPM_EXT_PORT=9000
MYSQL_HOST=mariadb-common
MYSQL_USER=username
MYSQL_PASSWORD=password
MYSQL_DATABASE=database
THEMES_DIR=./themes
PLUGINS_DIR=./plugins

16
wordpress/docker-compose.yml Normal file
View File

@ -0,0 +1,16 @@
version: '3.7'
services:
wordpress:
image: 'wordpress:php7.3-fpm-alpine'
restart: unless-stopped
ports:
- '127.0.0.1:${FPM_EXT_PORT}:9000'
environment:
WORDPRESS_DB_HOST: '${MYSQL_HOST:-mariadb-common}'
WORDPRESS_DB_USER: '${MYSQL_USER}'
WORDPRESS_DB_PASSWORD: '${MYSQL_PASSWORD}'
WORDPRESS_DB_NAME: '${MYSQL_DATABASE}'
volumes:
- '${THEMES_DIR}:/var/www/html/wp-content/themes'
- '${PLUGINS_DIR}:/var/www/html/wp-content/plugins'