diff --git a/docker_compose/cabernet/docker-compose.yaml b/docker_compose/cabernet/docker-compose.yaml new file mode 100644 index 0000000..1e3c0d0 --- /dev/null +++ b/docker_compose/cabernet/docker-compose.yaml @@ -0,0 +1,31 @@ +################################################################################ +# cabernetwork +# https://github.com/cabernetwork/cabernet/blob/master/docker-compose.yml +################################################################################ + +version: "3.8" +services: + cabernet: + image: ghcr.io/cabernetwork/cabernet:latest # Or a specific version + container_name: cabernet + ports: + - "6077:6077" # Web UI port + - "5004:5004" # Stream port + volumes: + - cabernet_data:/app/data # Persist configuration and data + - cabernet_plugins:/app/plugins_ext # Persist plugins + restart: unless-stopped + +volumes: + cabernet_data: + name: cabernet_data + driver_opts: + type: nfs + o: addr=truenas,nolock,soft,rw + device: :/mnt/store/vault/app/cabernet/cabernet_data + cabernet_plugins: + name: cabernet_plugins + driver_opts: + type: nfs + o: addr=truenas,nolock,soft,rw + device: :/mnt/store/vault/app/cabernet/cabernet_plugins diff --git a/docker_compose/cloudflare-ddns/docker-compose.yaml b/docker_compose/cloudflare-ddns/docker-compose.yaml new file mode 100644 index 0000000..8b949b0 --- /dev/null +++ b/docker_compose/cloudflare-ddns/docker-compose.yaml @@ -0,0 +1,10 @@ +# Cloudflare DDNS -- https://github.com/favonia/cloudflare-ddns +services: + cloudflare-ddns: + container_name: cloudflare-ddns + image: oznu/cloudflare-ddns:latest + environment: + - API_KEY=${API_KEY} + - ZONE=wompmacho.com + - PROXIED=true + restart: unless-stopped diff --git a/docker_compose/code-server/docker-compose.yaml b/docker_compose/code-server/docker-compose.yaml new file mode 100644 index 0000000..8770043 --- /dev/null +++ b/docker_compose/code-server/docker-compose.yaml @@ -0,0 +1,35 @@ +# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!# +# CODE SERVER IS RUNNING ON UBUNTU HOST +# we had issues with things functionoing right in the past +# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!# + + +# code-server -- https://hub.docker.com/r/linuxserver/code-server +services: + code-server: + image: lscr.io/linuxserver/code-server:latest + container_name: code-server + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/New_York + - PASSWORD=${PASSWORD} #optional + - SUDO_PASSWORD=${SUDO_PASSWORD} #optional + - PROXY_DOMAIN=dev.wompmacho.com #optional + - DEFAULT_WORKSPACE=/apps + volumes: + - /srv/code-server/config:/config # code-server expects /code-server as default dir? + - /srv:/apps + # docker socket + - /var/run/docker.sock:/var/run/docker.sock + # podman socket + #- /run/user/1000/podman/podman.sock:/var/run/docker.sock + ports: + - 8443:8443 + restart: unless-stopped + networks: + - frontend + +networks: + frontend: + external: true diff --git a/docker_compose/dozzel/docker-compose.yaml b/docker_compose/dozzel/docker-compose.yaml new file mode 100644 index 0000000..62542e0 --- /dev/null +++ b/docker_compose/dozzel/docker-compose.yaml @@ -0,0 +1,10 @@ +# dozzle - https://github.com/amir20/dozzle +services: + dozzle: + container_name: dozzle + image: ghcr.io/amir20/dozzle:latest + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + ports: + - 4343:8080 + restart: always \ No newline at end of file diff --git a/docker_compose/freshrss/docker-compose.yaml b/docker_compose/freshrss/docker-compose.yaml new file mode 100644 index 0000000..b5fd522 --- /dev/null +++ b/docker_compose/freshrss/docker-compose.yaml @@ -0,0 +1,23 @@ +# freshrss -- https://hub.docker.com/r/linuxserver/freshrss +--- +services: + freshrss: + image: lscr.io/linuxserver/freshrss:latest + container_name: freshrss + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/New_York + volumes: + - freshrss_nfs:/config + ports: + - 6464:80 + restart: unless-stopped + +volumes: + freshrss_nfs: + name: freshrss_nfs + driver_opts: + type: nfs + o: addr=truenas,nolock,soft,rw + device: :/mnt/store/vault/app/freshrss diff --git a/docker_compose/frigate/docker-compose.yaml b/docker_compose/frigate/docker-compose.yaml new file mode 100644 index 0000000..84fd11a --- /dev/null +++ b/docker_compose/frigate/docker-compose.yaml @@ -0,0 +1,26 @@ +# frigate -- https://docs.frigate.video/frigate/installation/ +--- +services: + frigate: + container_name: frigate + #privileged: true # this may not be necessary for all setups + stop_grace_period: 30s # allow enough time to shut down the various services + restart: unless-stopped + image: ghcr.io/blakeblackshear/frigate:stable + shm_size: "512mb" # update for your cameras based on calculation above + volumes: + - /etc/localtime:/etc/localtime:ro + - /srv/frigate/config:/config + - /srv/frigate/media:/media/frigate + - type: tmpfs # Optional: 1GB of memory, reduces SSD/SD Card wear + target: /tmp/cache + tmpfs: + size: 1000000000 + ports: + - "8971:8971" + - "5000:5000" # Internal unauthenticated access. Expose carefully. + - "8554:8554" # RTSP feeds + - "8555:8555/tcp" # WebRTC over tcp + - "8555:8555/udp" # WebRTC over udp + environment: + FRIGATE_RTSP_PASSWORD: '${FRIGATE_RTSP_PASSWORD}' \ No newline at end of file diff --git a/docker_compose/gitea/docker-compose.yaml b/docker_compose/gitea/docker-compose.yaml new file mode 100644 index 0000000..c226103 --- /dev/null +++ b/docker_compose/gitea/docker-compose.yaml @@ -0,0 +1,89 @@ +################################################################################ +# gitea -- https://docs.gitea.com/installation/install-with-docker +################################################################################ + +networks: + gitea_net: + driver: bridge + +services: +# --- Gitea --- + server: + image: docker.gitea.com/gitea:1.25.4 + container_name: gitea + environment: + - USER_UID=1000 + - USER_GID=1000 + - GITEA__database__DB_TYPE=postgres + - GITEA__database__HOST=db:5432 + - GITEA__database__NAME=gitea + - GITEA__database__USER=gitea + - GITEA__database__PASSWD=gitea + restart: always + networks: + - gitea_net + volumes: + - "${GITEA_HOME}/data:/data" + - "/etc/timezone:/etc/timezone:ro" + - "/etc/localtime:/etc/localtime:ro" + ports: + - "3001:3000" + - "222:22" + depends_on: + - db + +# --- Gitea postgres db --- + db: + image: docker.io/library/postgres:14 + restart: always + environment: + - POSTGRES_USER=gitea + - POSTGRES_PASSWORD=gitea + - POSTGRES_DB=gitea + networks: + - gitea_net + volumes: + - "${GITEA_HOME}/postgres:/var/lib/postgresql/data" + +# --- Gitea Actions Runner --- + runner: + image: gitea/act_runner:latest + container_name: gitea_runner + restart: always + environment: + - GITEA_INSTANCE_URL=https://git.wompmacho.com + - GITEA_RUNNER_REGISTRATION_TOKEN=${GITEA_RUNNER_TOKEN} + - GITEA_RUNNER_NAME=gitea-runner-01 + - CONFIG_FILE=/data/config.yaml + volumes: + - "${GITEA_HOME}/runner:/data" + - "/srv/www:/deploy" + - "/var/run/docker.sock:/var/run/docker.sock" + networks: + - gitea_net + depends_on: + - server + +# --- Nginx Web Server (Public) --- + docs-public: + image: nginx:alpine + container_name: docs-public + restart: always + ports: + - "9895:80" + volumes: + - "/srv/www/docs-public:/usr/share/nginx/html:ro" + networks: + - gitea_net + +# --- Nginx Web Server (Private) --- + docs-private: + image: nginx:alpine + container_name: docs-private + restart: always + ports: + - "9897:80" + volumes: + - "/srv/www/docs-private:/usr/share/nginx/html:ro" + networks: + - gitea_net diff --git a/docker_compose/gitlab/configuring_runner.md b/docker_compose/gitlab/configuring_runner.md new file mode 100644 index 0000000..8ba0c11 --- /dev/null +++ b/docker_compose/gitlab/configuring_runner.md @@ -0,0 +1,11 @@ +Need to set to http over https because local + +``` +docker exec -it gitlab-runner gitlab-runner register \ + --url "http://git.wompmacho.com/" \ + --registration-token "glrt-LCZEyPXJs96sb4VL9LrOvm86MQp0OjEKdToxCw.01.120rimamb" \ + --executor "docker" \ + --docker-image "alpine:latest" \ + --description "job-runner" \ + --docker-volumes /var/run/docker.sock:/var/run/docker.sock +``` \ No newline at end of file diff --git a/docker_compose/gitlab/docker-compose.yaml b/docker_compose/gitlab/docker-compose.yaml new file mode 100644 index 0000000..37423c1 --- /dev/null +++ b/docker_compose/gitlab/docker-compose.yaml @@ -0,0 +1,64 @@ +# gitlab/gitlab-ce:18.1.2-ce.0 - https://hub.docker.com/r/gitlab/gitlab-ce/tags + +services: + gitlab: + image: gitlab/gitlab-ce:latest + container_name: gitlab + hostname: "git.wompmacho.com" # This hostname is mostly for internal consistency + environment: + GITLAB_OMNIBUS_CONFIG: | + external_url 'https://git.wompmacho.com' + gitlab_rails['gitlab_shell_ssh_port'] = 4446 + letsencrypt['enable'] = false # Assuming your external Nginx handles Let's Encrypt + + puma['worker_processes'] = 2 # Reduce Puma worker processes + prometheus_monitoring['enable'] = false # Disable Prometheus monitoring + sidekiq['max_concurrency'] = 10 # Reduce Sidekiq concurrency + + # --- Settings for Nginx Reverse Proxy with SSL termination --- + nginx['listen_port'] = 80 # GitLab's internal Nginx listens on HTTP port 80 (inside the container) + nginx['listen_https'] = false # GitLab's internal Nginx should NOT listen for HTTPS + + # Tell GitLab that it's behind an HTTPS proxy + nginx['proxy_set_headers'] = { + "X-Forwarded-Proto" => "https", + "X-Forwarded-Ssl" => "on" + } + # Add your Nginx proxy's internal IP address to trusted proxies + # Replace 172.x.x.x/xx with the actual network range of your Docker bridge or external Nginx IP + gitlab_rails['trusted_proxies'] = ['172.17.0.0/16'] # Example: Docker default bridge network range + ports: + # Map container port 80 (HTTP) to your desired host port, e.g., 4444. + # Your external Nginx will then proxy to this host port (or directly to the container's IP:80 if on the same Docker network). + - "4444:80" + - "4446:22" # SSH port (usually handled directly, not proxied by Nginx for Git over SSH) + # Port 443 mapping is usually removed from GitLab's side if Nginx handles it, + # or used for internal communication if your Nginx connects to GitLab over HTTPS internally. + # For simplicity, if Nginx terminates SSL, GitLab listens HTTP. + # So, no need for 4445:443 mapping here. + volumes: + - "${GITLAB_HOME}/config:/etc/gitlab" + - "${GITLAB_HOME}/logs:/var/log/gitlab" + - "${GITLAB_HOME}/data:/var/opt/gitlab" + deploy: + resources: + limits: + memory: 8g + logging: + driver: "json-file" + options: + max-size: "512m" + max-file: "3" + shm_size: "4g" + env_file: + - path: ./.env + required: true + restart: unless-stopped + + gitlab-runner: + image: gitlab/gitlab-runner:latest + container_name: gitlab-runner + restart: unless-stopped + volumes: + - "${GITLAB_HOME}/gitlab-runner/config:/etc/gitlab-runner" + - /var/run/docker.sock:/var/run/docker.sock diff --git a/docker_compose/headscale/docker-compose.yaml b/docker_compose/headscale/docker-compose.yaml new file mode 100644 index 0000000..503f495 --- /dev/null +++ b/docker_compose/headscale/docker-compose.yaml @@ -0,0 +1,75 @@ +################################################################################ +# headscale - Orchistration server for tailnet clients +# https://blog.gurucomputing.com.au/Smart%20VPNS%20with%20Headscale/Setting%20up%20Headscale/ +# -- +# Tailscale for local exit node / home network +################################################################################ +services: + headscale: + container_name: headscale + image: headscale/headscale:latest + restart: unless-stopped + ports: + - 4545:8080 + - 9090:9090 + volumes: + - headscale_config_nfs:/etc/headscale + - headscale_data_nfs:/var/lib/headscale + - headscale_run_nfs:/var/run/headscale + command: serve + + headscale-ui: + container_name: headscale-ui + image: ghcr.io/gurucomputing/headscale-ui:latest + restart: unless-stopped + ports: + - 6262:8080 + + # tailscale: + # container_name: tailscale + # image: tailscale/tailscale:latest + # hostname: tailscale # Replace with a descriptive name for your device + # volumes: + # - tailscale-data:/var/lib/tailscale # Persist Tailscale data + # - /dev/net/tun:/dev/net/tun # Required for Tailscale to function + # cap_add: + # - NET_ADMIN # Required for Tailscale to manage network interfaces + # - SYS_MODULE # Required for Tailscale to load kernel modules if needed + # environment: + # # Set to 'true' to enable subnet routing (allowing other devices on your home network to be accessible) + # # You will need to approve the subnet routes in the Tailscale admin console after starting. + # # Also enables this device as an exit node. + # # IMPORTANT: Replace https://your-headscale-url.com with the actual URL of your Headscale instance. + # - TS_EXTRA_ARGS=--advertise-routes=10.0.0.0/24 --accept-dns=true + # --login-server=https://headscale.wompmacho.com + # - TS_AUTHKEY=e9f24a0815451a5b164cc17715ff457bf6447095dbbe7db4 # OPTIONAL: Use an auth key for unattended authentication + # # - TS_USERSPACE=true # Uncomment if you encounter issues with kernel module loading + # network_mode: host # Use host network mode for direct network access + # restart: unless-stopped + +volumes: + headscale_config_nfs: + name: headscale_config_nfs + driver_opts: + type: nfs + o: addr=truenas,nolock,soft,rw + device: :/mnt/store/vault/app/headscale/container-config + headscale_data_nfs: + name: headscale_data_nfs + driver_opts: + type: nfs + o: addr=truenas,nolock,soft,rw + device: :/mnt/store/vault/app/headscale/container-data + headscale_run_nfs: + name: headscale_run_nfs + driver_opts: + type: nfs + o: addr=truenas,nolock,soft,rw + device: :/mnt/store/vault/app/headscale/container-run + + # tailscale-data: + # name: tailscale-data + # driver_opts: + # type: nfs + # o: addr=truenas,nolock,soft,rw + # device: :/mnt/store/vault/app/tailscale diff --git a/docker_compose/homepage/docker-compose.yaml b/docker_compose/homepage/docker-compose.yaml new file mode 100644 index 0000000..e51f21f --- /dev/null +++ b/docker_compose/homepage/docker-compose.yaml @@ -0,0 +1,20 @@ +# homepage -- https://gethomepage.dev/ + +services: + homepage: + container_name: homepage + image: ghcr.io/gethomepage/homepage:latest + environment: + - PUID=1000 + - PGID=1000 + - HOMEPAGE_ALLOWED_HOSTS=* + env_file: + - .env + volumes: + - /srv/homepage/config:/app/config + - /srv/homepage/background:/app/public/images + - /var/run/docker.sock:/var/run/docker.sock:ro # docker socket + ports: + - 7676:3000 + restart: unless-stopped + diff --git a/docker_compose/immich/docker-compose.yaml b/docker_compose/immich/docker-compose.yaml new file mode 100644 index 0000000..19c98b0 --- /dev/null +++ b/docker_compose/immich/docker-compose.yaml @@ -0,0 +1,79 @@ +# immich - https://docs.immich.app/overview/quick-start/ +# disable-machine-learning - https://docs.immich.app/FAQ/#how-can-i-disable-machine-learning +name: immich + +services: + immich-server: + container_name: immich_server + image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} + # extends: + # file: hwaccel.transcoding.yml + # service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding + volumes: + # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file + - ${UPLOAD_LOCATION}:/data + - ${EXTERNAL_FILES}:/photos:ro + - /etc/localtime:/etc/localtime:ro + env_file: + - .env + ports: + - "2283:2283" + depends_on: + - redis + - database + restart: always + healthcheck: + disable: false + + # immich-machine-learning: + # container_name: immich_machine_learning + # # For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag. + # # Example tag: ${IMMICH_VERSION:-release}-cuda + # image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release} + # # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration + # # file: hwaccel.ml.yml + # # service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable + # volumes: + # - model-cache:/cache + # env_file: + # - .env + # restart: always + # healthcheck: + # disable: false + + redis: + container_name: immich_redis + image: docker.io/valkey/valkey:8@sha256:81db6d39e1bba3b3ff32bd3a1b19a6d69690f94a3954ec131277b9a26b95b3aa + healthcheck: + test: redis-cli ping || exit 1 + restart: always + + + database: + container_name: immich_postgres + image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:bcf63357191b76a916ae5eb93464d65c07511da41e3bf7a8416db519b40b1c23 + environment: + POSTGRES_PASSWORD: ${DB_PASSWORD} + POSTGRES_USER: ${DB_USERNAME} + POSTGRES_DB: ${DB_DATABASE_NAME} + POSTGRES_INITDB_ARGS: "--data-checksums" + DB_STORAGE_TYPE: 'HDD' + volumes: + # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file + - ${DB_DATA_LOCATION}:/var/lib/postgresql/data + shm_size: 128mb + restart: always + +volumes: + #model-cache: + + immich-library: + name: immich-library + driver_opts: + type: nfs + o: addr=truenas,nolock,soft,rw + device: :/mnt/store/vault/app/immich/library + +networks: + frontend: + external: true diff --git a/docker_compose/linkstacks/docker-compose.yaml b/docker_compose/linkstacks/docker-compose.yaml new file mode 100644 index 0000000..eeea11a --- /dev/null +++ b/docker_compose/linkstacks/docker-compose.yaml @@ -0,0 +1,23 @@ +# Linkstacks -- https://github.com/LinkStackOrg/linkstack-docker +services: + linkstack: + container_name: 'linkstack' + hostname: 'linkstack' + image: 'linkstackorg/linkstack:latest' + user: '0:0' + environment: + TZ: '${TIMEZONE}' + SERVER_ADMIN: '${SERVER_ADMIN_EMAIL}' + HTTP_SERVER_NAME: '${HTTP_SERVER_NAME_ADDRESS}' + HTTPS_SERVER_NAME: '${HTTPS_SERVER_NAME_ADDRESS}' + LOG_LEVEL: 'info' + PHP_MEMORY_LIMIT: '256M' + UPLOAD_MAX_FILESIZE: '8M' + volumes: + - 'linkstack_data:/htdocs' + ports: + - '8190:443' + restart: unless-stopped + +volumes: + linkstack_data: \ No newline at end of file diff --git a/docker_compose/matrix/docker-compose.yaml b/docker_compose/matrix/docker-compose.yaml new file mode 100644 index 0000000..9d526fe --- /dev/null +++ b/docker_compose/matrix/docker-compose.yaml @@ -0,0 +1,34 @@ +# Synapse: https://github.com/element-hq/synapse +# Matrix guide: https://element-hq.github.io/synapse/latest/setup/installation.html#installation-instructions +# Docker Image: https://hub.docker.com/r/avhost/docker-matrix +# Example: https://github.com/AVENTER-UG/docker-matrix/blob/master/Example.configs.md + +# # generate +# version: "3" +# services: +# docker-matrix: +# container_name: 'matrix' +# volumes: +# - /app/matrix/media:/media_store +# - /app/matrix/data:/data +# user: 0:0 # need perms to write files? +# environment: +# - SERVER_NAME=wompmacho.com +# - REPORT_STATS=no +# image: avhost/docker-matrix:v1.133 +# command: generate +# start +version: "3" +services: + docker-matrix: + container_name: "matrix" + user: 991:991 + ports: + - 8448:8448 + - 8008:8008 + - 3478:3478 + volumes: + - /app/matrix/media:/media_store + - /app/matrix/data:/data + image: avhost/docker-matrix:v1.133 + command: start diff --git a/docker_compose/mkdocs/docker-compose.yaml b/docker_compose/mkdocs/docker-compose.yaml new file mode 100644 index 0000000..7043000 --- /dev/null +++ b/docker_compose/mkdocs/docker-compose.yaml @@ -0,0 +1,68 @@ +# mkdocs -- https://squidfunk.github.io/mkdocs-material/ + +services: + public-mkdocs: + container_name: "public-mkdocs" + image: material2:latest + environment: + - PUID=1000 + - PGID=1000 + volumes: + - /srv/mkdocs/public:/docs + stdin_open: true + tty: true + ports: + - "9896:8000" + networks: + - frontend + labels: + # --- Basic Traefik Enabling --- + - "traefik.enable=true" # MANDATORY because exposedByDefault is false in your Traefik config + + # --- HTTP Router Configuration --- + # - "traefik.http.routers.mkdocs-http.rule=Host(`wiki.wompmacho.com`)" # <-- IMPORTANT: Change this to your domain! + # - "traefik.http.routers.mkdocs-http.entrypoints=web" # Use your 'web' entrypoint for HTTP (port 80) + + - "traefik.http.routers.mkdocs-https.tls=true" + - "traefik.http.routers.mkdocs-https.tls.certresolver=cloudflare" + + - "traefik.http.routers.mkdocs-https.entrypoints=websecure" + - "traefik.http.routers.mkdocs-https.rule=Host(`wiki.wompmacho.com`)" # <-- IMPORTANT: Change this to your domain! + + # This label tells Traefik to connect to port 8000 *inside* the MkDocs container. + - "traefik.http.services.mkdocs-service.loadbalancer.server.port=8000" + + restart: unless-stopped + + # private-mkdocs: + # container_name: 'private-mkdocs' + # restart: unless-stopped + # image: squidfunk/mkdocs-material + # environment: + # - PUID=1000 + # - PGID=1000 + # volumes: + # - private-mkdocs:/docs + # stdin_open: true + # tty: true + # ports: + # - "9897:8000" + +# volumes: +# public-mkdocs: +# name: public-mkdocs +# driver_opts: +# type: nfs +# o: addr=truenas,nolock,soft,rw +# device: :/mnt/store/vault/app/mkdocs/public + +# private-mkdocs: +# name: private-mkdocs +# driver_opts: +# type: nfs +# o: addr=truenas,nolock,soft,rw +# device: :/mnt/store/vault/app/mkdocs/private + +networks: + frontend: + external: true diff --git a/docker_compose/mkdocs/my_mkdocs.docker b/docker_compose/mkdocs/my_mkdocs.docker new file mode 100644 index 0000000..3b0a095 --- /dev/null +++ b/docker_compose/mkdocs/my_mkdocs.docker @@ -0,0 +1,7 @@ +FROM squidfunk/mkdocs-material +RUN pip install mkdocs-macros-plugin +RUN pip install mkdocs-glightbox +RUN pip install mkdocs-plugin-commonmark +RUN pip install mkdocs-include-dir-to-nav +RUN pip install mkdocs-git-revision-date-localized-plugin +RUN pip install mkdocs-include-markdown-plugin \ No newline at end of file diff --git a/docker_compose/nginx-proxy-manager/docker-compose.yaml b/docker_compose/nginx-proxy-manager/docker-compose.yaml new file mode 100644 index 0000000..8f2145c --- /dev/null +++ b/docker_compose/nginx-proxy-manager/docker-compose.yaml @@ -0,0 +1,26 @@ +# nginx-proxy-manager -- https://nginxproxymanager.com/setup/ +version: '3.8' +services: + app: + container_name: nginx-proxy-manager + image: 'docker.io/jc21/nginx-proxy-manager:latest' + restart: unless-stopped + ports: + # These ports are in format : + - '80:80' # Public HTTP Port + - '443:443' # Public HTTPS Port + - '81:81' # Admin Web Port + # Add any other Stream port you want to expose + # - '21:21' # FTP + + # Uncomment the next line if you uncomment anything in the section + #environment: + # Uncomment this if you want to change the location of + # the SQLite DB file within the container + # DB_SQLITE_FILE: "/data/database.sqlite" + + # Uncomment this if IPv6 is not enabled on your host + #DISABLE_IPV6: 'true' + volumes: + - /app/nginxproxy/data:/data + - /app/nginxproxy/letsencrypt:/etc/letsencrypt \ No newline at end of file diff --git a/docker_compose/open-webui/docker-compose.yaml b/docker_compose/open-webui/docker-compose.yaml new file mode 100644 index 0000000..c0975aa --- /dev/null +++ b/docker_compose/open-webui/docker-compose.yaml @@ -0,0 +1,9 @@ +# Open WebUI +# https://docs.openwebui.com/getting-started/quick-start/ +services: + openwebui: + image: ghcr.io/open-webui/open-webui:main + ports: + - "3000:8080" + volumes: + - /srv/open-webui:/app/backend/data diff --git a/docker_compose/owncast/docker-compose.yaml b/docker_compose/owncast/docker-compose.yaml new file mode 100644 index 0000000..2b83c63 --- /dev/null +++ b/docker_compose/owncast/docker-compose.yaml @@ -0,0 +1,23 @@ +# owncast -- https://owncast.online/quickstart/container/ +services: + owncast: + image: owncast/owncast:latest + container_name: owncast + ports: + - "3233:8080" + - "1935:1935" + environment: + - PUID=1000 + - PGID=1000 + volumes: + #- ./data:/app/data + - owncast-mnt:/app/data + restart: unless-stopped + +volumes: + owncast-mnt: + name: owncast-mnt + driver_opts: + type: nfs + o: addr=truenas,nolock,soft,rw + device: :/mnt/store/vault/app/owncast \ No newline at end of file diff --git a/docker_compose/portainer/docker-compose.yaml b/docker_compose/portainer/docker-compose.yaml new file mode 100644 index 0000000..0584c01 --- /dev/null +++ b/docker_compose/portainer/docker-compose.yaml @@ -0,0 +1,25 @@ +# Portainer + +services: + portainer: + container_name: portainer + ports: + - "8000:8000" # For HTTP API access (if needed directly) + - "9000:9000" # HTTP UI access (if needed directly) + - "9443:9443" # HTTPS UI access (if needed directly) + - "9001:9001" # Edge Agent port (if used directly) + volumes: + - "/var/run/docker.sock:/var/run/docker.sock" + - "/srv/portainer/data:/data" + image: portainer/portainer-ce:lts + environment: + - "TRUSTED_ORIGINS=portainer" # Set to your local domain + command: --tlsskipverify --base-url="https://portainer" # Portainer's command-line arguments + networks: + - frontend + restart: unless-stopped + +networks: + # Define the 'frontend' network as external, meaning it's created elsewhere (e.g., by Traefik's compose file). + frontend: + external: true diff --git a/docker_compose/qbittorrentvpn/docker-compose.yaml b/docker_compose/qbittorrentvpn/docker-compose.yaml new file mode 100644 index 0000000..017ebf9 --- /dev/null +++ b/docker_compose/qbittorrentvpn/docker-compose.yaml @@ -0,0 +1,42 @@ +######################################## +# qbittorrentvpn - https://hub.docker.com/r/dyonr/qbittorrentvpn +# Client with WebUI that connects to OpenVPN with iptables killswitch to +# prevent IP leakage when the tunnel goes down +######################################## + +services: + qbittorrentvpn: + container_name: torrent + privileged: true + image: dyonr/qbittorrentvpn + environment: + - VPN_ENABLED=true + - VPN_USERNAME=${VPN_USERNAME} + - VPN_PASSWORD=${VPN_PASSWORD} + - LAN_NETWORK=10.0.0.0/24 + - WEBUI_PORT_ENV=8080 + - INCOMING_PORT_ENV=8999 + - TZ=America/New_York + ports: + - 8181:8080 + - 8999:8999 + - 8999:8999/udp + volumes: + - /srv/qbittorrentvpn/config:/config + - /srv/qbittorrentvpn/theme:/theme + - downloads_nfs:/downloads + restart: unless-stopped + networks: + - frontend + +networks: + frontend: + external: true # Or define it if it's not external + +volumes: + downloads_nfs: + name: downloads_nfs + driver_opts: + type: nfs + o: addr=truenas,nolock,soft,rw + device: :/mnt/store/vault/MediaServer/downloads diff --git a/docker_compose/restarter/restart.sh b/docker_compose/restarter/restart.sh new file mode 100644 index 0000000..ef3a428 --- /dev/null +++ b/docker_compose/restarter/restart.sh @@ -0,0 +1,44 @@ +RESTARTED_TODAY=false # Flag to track if containers have been restarted today +while true; do + CURRENT_TIME=$(date +'%H:%M') + if [ "$CURRENT_TIME" = '04:00' ]; then + if [ "$RESTARTED_TODAY" = false ]; then + echo "$(date): It's 04:00. Initiating Docker container restart process..." + + CONTAINER_IDS=$(docker ps -q) + + if [ -z "$CONTAINER_IDS" ]; then + echo "$(date): No running Docker containers found to restart." + else + echo "$(date): Found containers: $CONTAINER_IDS" + for CONTAINER_ID in $CONTAINER_IDS; do + echo "$(date): Restarting container: ${CONTAINER_ID}" + docker restart "${CONTAINER_ID}" + # Check if the restart command was successful (optional, but good practice) + if [ $? -eq 0 ]; then + echo "$(date): Successfully restarted ${CONTAINER_ID}." + else + echo "$(date): Failed to restart ${CONTAINER_ID}. Continuing to next container." + fi + echo "$(date): Waiting 10 seconds before next container restart..." + sleep 10 + done + echo "$(date): All specified Docker containers have been processed for restart." + fi + RESTARTED_TODAY=true # Set the flag to true to prevent re-running until next day + echo "$(date): Restart cycle for today (04:00) completed." + else + echo "$(date): It's 04:00, but containers already restarted today. Skipping." + fi + else + # Reset the flag once the time passes 04:00, preparing for the next day's restart + if [ "$RESTARTED_TODAY" = true ]; then + echo "$(date): Time is no longer 04:00. Resetting restart flag for tomorrow." + RESTARTED_TODAY=false + fi + fi + + # Sleep for a shorter duration (e.g., 30 seconds) to ensure the 04:00 mark is caught reliably, + # but not so short as to consume excessive CPU. + sleep 30 +done \ No newline at end of file diff --git a/docker_compose/restarter/restarter.yaml b/docker_compose/restarter/restarter.yaml new file mode 100644 index 0000000..15e89d0 --- /dev/null +++ b/docker_compose/restarter/restarter.yaml @@ -0,0 +1,59 @@ +################################################################################ +# For restarts @4am +# https://stackoverflow.com/questions/69309747/schedule-daily-docker-container-restart-reset +############################################################################### + +version: "3.9" +services: + restart-er: + container_name: restart-er + image: docker:cli + restart: unless-stopped + volumes: ["/var/run/docker.sock:/var/run/docker.sock"] + entrypoint: ["/bin/sh","-c"] + command: + - | + RESTARTED_TODAY=false # Flag to track if containers have been restarted today + while true; do + CURRENT_TIME=$(date +'%H:%M') + if [ "$CURRENT_TIME" = '04:00' ]; then + if [ "$RESTARTED_TODAY" = false ]; then + echo "$(date): It's 04:00. Initiating Docker container restart process..." + + CONTAINER_IDS=$(docker ps -q) + + if [ -z "$CONTAINER_IDS" ]; then + echo "$(date): No running Docker containers found to restart." + else + echo "$(date): Found containers: $CONTAINER_IDS" + for CONTAINER_ID in $CONTAINER_IDS; do + echo "$(date): Restarting container: ${CONTAINER_ID}" + docker restart "${CONTAINER_ID}" + # Check if the restart command was successful (optional, but good practice) + if [ $? -eq 0 ]; then + echo "$(date): Successfully restarted ${CONTAINER_ID}." + else + echo "$(date): Failed to restart ${CONTAINER_ID}. Continuing to next container." + fi + echo "$(date): Waiting 10 seconds before next container restart..." + sleep 10 + done + echo "$(date): All specified Docker containers have been processed for restart." + fi + RESTARTED_TODAY=true # Set the flag to true to prevent re-running until next day + echo "$(date): Restart cycle for today (04:00) completed." + else + echo "$(date): It's 04:00, but containers already restarted today. Skipping." + fi + else + # Reset the flag once the time passes 04:00, preparing for the next day's restart + if [ "$RESTARTED_TODAY" = true ]; then + echo "$(date): Time is no longer 04:00. Resetting restart flag for tomorrow." + RESTARTED_TODAY=false + fi + fi + + # Sleep for a shorter duration (e.g., 30 seconds) to ensure the 04:00 mark is caught reliably, + # but not so short as to consume excessive CPU. + sleep 30 + done \ No newline at end of file diff --git a/docker_compose/tailscale/docker-compose.yaml b/docker_compose/tailscale/docker-compose.yaml new file mode 100644 index 0000000..abfbdbb --- /dev/null +++ b/docker_compose/tailscale/docker-compose.yaml @@ -0,0 +1,33 @@ +# Tailscale for local exit node / home network +--- +version: "3.8" +services: + tailscale: + container_name: tailscale + image: tailscale/tailscale:latest + hostname: tailscale # Replace with a descriptive name for your device + volumes: + - tailscale-data:/var/lib/tailscale # Persist Tailscale data + - /dev/net/tun:/dev/net/tun # Required for Tailscale to function + cap_add: + - NET_ADMIN # Required for Tailscale to manage network interfaces + - SYS_MODULE # Required for Tailscale to load kernel modules if needed + environment: + # Set to 'true' to enable subnet routing (allowing other devices on your home network to be accessible) + # You will need to approve the subnet routes in the Tailscale admin console after starting. + # Also enables this device as an exit node. + # IMPORTANT: Replace https://your-headscale-url.com with the actual URL of your Headscale instance. + - TS_EXTRA_ARGS=--advertise-routes=10.0.0.0/24 --advertise-exit-node + --login-server=https://headscale.wompmacho.com + - TS_AUTHKEY=e9f24a0815451a5b164cc17715ff457bf6447095dbbe7db4 # OPTIONAL: Use an auth key for unattended authentication + # - TS_USERSPACE=true # Uncomment if you encounter issues with kernel module loading + network_mode: host # Use host network mode for direct network access + restart: unless-stopped + +volumes: + tailscale-data: + name: tailscale-data + driver_opts: + type: nfs + o: addr=truenas,nolock,soft,rw + device: :/mnt/store/vault/app/tailscale diff --git a/docker_compose/teamspeak/docker-compose.yaml b/docker_compose/teamspeak/docker-compose.yaml new file mode 100644 index 0000000..a88a44f --- /dev/null +++ b/docker_compose/teamspeak/docker-compose.yaml @@ -0,0 +1,28 @@ +################################################################################ +# teamspeak +# https://hub.docker.com/_/teamspeak +############################################################################### + +services: + teamspeak: + image: teamspeak + restart: always + ports: + - 9987:9987/udp + - 10011:10011 + - 30033:30033 + environment: + TS3SERVER_DB_PLUGIN: ts3db_mariadb + TS3SERVER_DB_SQLCREATEPATH: create_mariadb + TS3SERVER_DB_HOST: db + TS3SERVER_DB_USER: root + TS3SERVER_DB_PASSWORD: example + TS3SERVER_DB_NAME: teamspeak + TS3SERVER_DB_WAITUNTILREADY: 30 + TS3SERVER_LICENSE: accept + db: + image: mariadb + restart: always + environment: + MYSQL_ROOT_PASSWORD: example + MYSQL_DATABASE: teamspeak diff --git a/docker_compose/traefik/docker-compose.yaml b/docker_compose/traefik/docker-compose.yaml new file mode 100644 index 0000000..b71d40d --- /dev/null +++ b/docker_compose/traefik/docker-compose.yaml @@ -0,0 +1,29 @@ +# traefik - https://doc.traefik.io/traefik/user-guides/docker-compose/basic-example/ + +services: + traefik: + image: "traefik:v3.4" + container_name: "traefik" + ports: + # http port + - 80:80 + # https port + - 443:443 + # web ui (insecure) + - 8080:8080 + environment: + - CF_DNS_API_TOKEN=${CF_DNS_API_TOKEN} + volumes: + # so that traefik can listen to docker events + - /var/run/docker.sock:/var/run/docker.sock:ro + - /srv/traefik/config/traefik.yaml:/etc/traefik/traefik.yaml:ro + - /srv/traefik/data/certs:/var/traefik/certs/:rw + networks: + - frontend + labels: + - "traefik.http.serversTransports.portainer-insecure-transport.insecureSkipVerify=true" + restart: unless-stopped + +networks: + frontend: + external: true diff --git a/docker_compose/uptime-kuma/docker-compose.yaml b/docker_compose/uptime-kuma/docker-compose.yaml new file mode 100644 index 0000000..71b4955 --- /dev/null +++ b/docker_compose/uptime-kuma/docker-compose.yaml @@ -0,0 +1,11 @@ +# uptime-kuma -- https://github.com/louislam/uptime-kuma +version: '3.3' +services: + uptime-kuma: + container_name: uptime-kuma + image: louislam/uptime-kuma:1 + volumes: + - /app/uptime-kuma/data:/app/data + ports: + - 3001:3001 # : + restart: unless-stopped \ No newline at end of file diff --git a/docker_compose/vaultwarden/docker-compose.yaml b/docker_compose/vaultwarden/docker-compose.yaml new file mode 100644 index 0000000..52cd24e --- /dev/null +++ b/docker_compose/vaultwarden/docker-compose.yaml @@ -0,0 +1,24 @@ +# vaultwarden -- https://github.com/dani-garcia/vaultwarden +--- +services: + vaultwarden: + image: vaultwarden/server:1.35.2 + container_name: vaultwarden + restart: unless-stopped + environment: + DOMAIN: "https://vaultwarden.wompmacho.com" + ROCKET_PORT: 80 + ROCKET_ENV: production + volumes: + - vaultwarden-mount:/data/ + ports: + - '9998:80' + - '9999:443' + +volumes: + vaultwarden-mount: + name: vaultwarden-mount + driver_opts: + type: nfs + o: addr=truenas,nolock,soft,rw + device: :/mnt/store/vault/app/vaultwarden \ No newline at end of file diff --git a/docker_compose/webtop/docker-compose.yaml b/docker_compose/webtop/docker-compose.yaml new file mode 100644 index 0000000..6025f17 --- /dev/null +++ b/docker_compose/webtop/docker-compose.yaml @@ -0,0 +1,31 @@ +# webtop -- https://docs.linuxserver.io/images/docker-webtop/#lossless-mode +--- +services: + webtop: + image: lscr.io/linuxserver/webtop:latest + container_name: webtop + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/New_York + - TITLE=Webtop #optional + dns: + - 10.0.0.11 + shm_size: "1gb" #optional + + volumes: + - /srv/webtop/config:/config + ports: + - 7978:3000 + - 7979:3001 + networks: + - frontend + labels: + - traefik.enable=true + - traefik.http.routers.nginx-http.rule=Host(`webtop.wompmacho.com`) + - traefik.http.routers.nginx-http.entrypoints=web + restart: unless-stopped + +networks: + frontend: + external: true diff --git a/docker_compose/wikijs/wikijs.yaml b/docker_compose/wikijs/wikijs.yaml new file mode 100644 index 0000000..a126493 --- /dev/null +++ b/docker_compose/wikijs/wikijs.yaml @@ -0,0 +1,23 @@ +# wikijs -- https://github.com/linuxserver/docker-wikijs +--- +version: "3.8" +services: + wikijs: + image: lscr.io/linuxserver/wikijs:latest + container_name: wikijs + environment: + - PUID=0 + - PGID=0 + - TZ=Etc/UTC + - DB_TYPE=sqlite #optional + - DB_HOST= #optional + - DB_PORT= #optional + - DB_NAME= #optional + - DB_USER= #optional + - DB_PASS= #optional + volumes: + - /app/wiki/config:/config + - /app/wiki/data:/data + ports: + - 3000:3000 + restart: unless-stopped \ No newline at end of file