From 2a84d5a71ea03851bc04862551d1ad7144d50af1 Mon Sep 17 00:00:00 2001 From: wompmacho Date: Mon, 30 Mar 2026 03:40:39 +0000 Subject: [PATCH] cleanup | add includes for docker-compose files --- .../code-server/docker-compose.yaml | 21 +--- docker_compose/frigate/docker-compose.yaml | 4 +- docker_compose/mkdocs/docker-compose.yaml | 48 +------ .../nginx-proxy-manager/docker-compose.yaml | 9 +- .../qbittorrentvpn/docker-compose.yaml | 4 +- docker_compose/sure/docker-compose.yaml | 117 ++++++++++++++++++ .../vaultwarden/docker-compose.yaml | 8 +- docker_compose/webtop/docker-compose.yaml | 8 +- 8 files changed, 135 insertions(+), 84 deletions(-) create mode 100644 docker_compose/sure/docker-compose.yaml diff --git a/docker_compose/code-server/docker-compose.yaml b/docker_compose/code-server/docker-compose.yaml index 8770043..0300ea1 100644 --- a/docker_compose/code-server/docker-compose.yaml +++ b/docker_compose/code-server/docker-compose.yaml @@ -1,9 +1,3 @@ -# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!# -# CODE SERVER IS RUNNING ON UBUNTU HOST -# we had issues with things functionoing right in the past -# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!# - - # code-server -- https://hub.docker.com/r/linuxserver/code-server services: code-server: @@ -13,17 +7,14 @@ services: - PUID=1000 - PGID=1000 - TZ=America/New_York - - PASSWORD=${PASSWORD} #optional - - SUDO_PASSWORD=${SUDO_PASSWORD} #optional - - PROXY_DOMAIN=dev.wompmacho.com #optional - - DEFAULT_WORKSPACE=/apps + - PASSWORD=${PASSWORD} + - SUDO_PASSWORD=${SUDO_PASSWORD} + - PROXY_DOMAIN=${PROXY_DOMAIN} + - DEFAULT_WORKSPACE=${DEFAULT_WORKSPACE} volumes: - - /srv/code-server/config:/config # code-server expects /code-server as default dir? + - ${CODESERVER_DATA}/config:/config # code-server expects /code-server as default dir? - /srv:/apps - # docker socket - - /var/run/docker.sock:/var/run/docker.sock - # podman socket - #- /run/user/1000/podman/podman.sock:/var/run/docker.sock + - /var/run/docker.sock:/var/run/docker.sock # docker socket ports: - 8443:8443 restart: unless-stopped diff --git a/docker_compose/frigate/docker-compose.yaml b/docker_compose/frigate/docker-compose.yaml index 84fd11a..015e717 100644 --- a/docker_compose/frigate/docker-compose.yaml +++ b/docker_compose/frigate/docker-compose.yaml @@ -10,8 +10,8 @@ services: shm_size: "512mb" # update for your cameras based on calculation above volumes: - /etc/localtime:/etc/localtime:ro - - /srv/frigate/config:/config - - /srv/frigate/media:/media/frigate + - ${FRIGATE_DATA}/config:/config + - ${FRIGATE_DATA}/media:/media/frigate - type: tmpfs # Optional: 1GB of memory, reduces SSD/SD Card wear target: /tmp/cache tmpfs: diff --git a/docker_compose/mkdocs/docker-compose.yaml b/docker_compose/mkdocs/docker-compose.yaml index 7043000..9b0b773 100644 --- a/docker_compose/mkdocs/docker-compose.yaml +++ b/docker_compose/mkdocs/docker-compose.yaml @@ -8,61 +8,15 @@ services: - PUID=1000 - PGID=1000 volumes: - - /srv/mkdocs/public:/docs + - ${MKDOCS_DATA}/public:/docs stdin_open: true tty: true ports: - "9896:8000" networks: - frontend - labels: - # --- Basic Traefik Enabling --- - - "traefik.enable=true" # MANDATORY because exposedByDefault is false in your Traefik config - - # --- HTTP Router Configuration --- - # - "traefik.http.routers.mkdocs-http.rule=Host(`wiki.wompmacho.com`)" # <-- IMPORTANT: Change this to your domain! - # - "traefik.http.routers.mkdocs-http.entrypoints=web" # Use your 'web' entrypoint for HTTP (port 80) - - - "traefik.http.routers.mkdocs-https.tls=true" - - "traefik.http.routers.mkdocs-https.tls.certresolver=cloudflare" - - - "traefik.http.routers.mkdocs-https.entrypoints=websecure" - - "traefik.http.routers.mkdocs-https.rule=Host(`wiki.wompmacho.com`)" # <-- IMPORTANT: Change this to your domain! - - # This label tells Traefik to connect to port 8000 *inside* the MkDocs container. - - "traefik.http.services.mkdocs-service.loadbalancer.server.port=8000" - restart: unless-stopped - # private-mkdocs: - # container_name: 'private-mkdocs' - # restart: unless-stopped - # image: squidfunk/mkdocs-material - # environment: - # - PUID=1000 - # - PGID=1000 - # volumes: - # - private-mkdocs:/docs - # stdin_open: true - # tty: true - # ports: - # - "9897:8000" - -# volumes: -# public-mkdocs: -# name: public-mkdocs -# driver_opts: -# type: nfs -# o: addr=truenas,nolock,soft,rw -# device: :/mnt/store/vault/app/mkdocs/public - -# private-mkdocs: -# name: private-mkdocs -# driver_opts: -# type: nfs -# o: addr=truenas,nolock,soft,rw -# device: :/mnt/store/vault/app/mkdocs/private - networks: frontend: external: true diff --git a/docker_compose/nginx-proxy-manager/docker-compose.yaml b/docker_compose/nginx-proxy-manager/docker-compose.yaml index 8f2145c..40d8841 100644 --- a/docker_compose/nginx-proxy-manager/docker-compose.yaml +++ b/docker_compose/nginx-proxy-manager/docker-compose.yaml @@ -1,5 +1,5 @@ # nginx-proxy-manager -- https://nginxproxymanager.com/setup/ -version: '3.8' +--- services: app: container_name: nginx-proxy-manager @@ -12,13 +12,6 @@ services: - '81:81' # Admin Web Port # Add any other Stream port you want to expose # - '21:21' # FTP - - # Uncomment the next line if you uncomment anything in the section - #environment: - # Uncomment this if you want to change the location of - # the SQLite DB file within the container - # DB_SQLITE_FILE: "/data/database.sqlite" - # Uncomment this if IPv6 is not enabled on your host #DISABLE_IPV6: 'true' volumes: diff --git a/docker_compose/qbittorrentvpn/docker-compose.yaml b/docker_compose/qbittorrentvpn/docker-compose.yaml index 017ebf9..fe47870 100644 --- a/docker_compose/qbittorrentvpn/docker-compose.yaml +++ b/docker_compose/qbittorrentvpn/docker-compose.yaml @@ -22,8 +22,8 @@ services: - 8999:8999 - 8999:8999/udp volumes: - - /srv/qbittorrentvpn/config:/config - - /srv/qbittorrentvpn/theme:/theme + - ${QBITTORRENT_DATA}/config:/config + - ${QBITTORRENT_DATA}/theme:/theme - downloads_nfs:/downloads restart: unless-stopped networks: diff --git a/docker_compose/sure/docker-compose.yaml b/docker_compose/sure/docker-compose.yaml new file mode 100644 index 0000000..5ac20f2 --- /dev/null +++ b/docker_compose/sure/docker-compose.yaml @@ -0,0 +1,117 @@ +# sure - https://github.com/we-promise/sure/blob/main/docs/hosting/docker.md + +x-db-env: &db_env + POSTGRES_USER: ${POSTGRES_USER:-sure_user} + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-sure_password} + POSTGRES_DB: ${POSTGRES_DB:-sure_production} + +x-rails-env: &rails_env + <<: *db_env + SECRET_KEY_BASE: ${SECRET_KEY_BASE:-a7523c3d0ae56415046ad8abae168d71074a79534a7062258f8d1d51ac2f76d3c3bc86d86b6b0b307df30d9a6a90a2066a3fa9e67c5e6f374dbd7dd4e0778e13} + SELF_HOSTED: "true" + RAILS_FORCE_SSL: "false" + RAILS_ASSUME_SSL: "false" + DB_HOST: db + DB_PORT: 5432 + REDIS_URL: redis://redis:6379/1 + # NOTE: enabling OpenAI will incur costs when you use AI-related features in the app (chat, rules). Make sure you have set appropriate spend limits on your account before adding this. + OPENAI_ACCESS_TOKEN: ${OPENAI_ACCESS_TOKEN} + + +services: + web: + image: ghcr.io/we-promise/sure:stable + volumes: + - ${SURE_DATA}/app-storage:/rails/storage + ports: + - ${PORT:-3000}:3000 + restart: unless-stopped + environment: + <<: *rails_env + depends_on: + db: + condition: service_healthy + redis: + condition: service_healthy + # dns: + # - 8.8.8.8 + # - 1.1.1.1 + networks: + - sure_net + + worker: + image: ghcr.io/we-promise/sure:stable + command: bundle exec sidekiq + volumes: + - ${SURE_DATA}/app-storage:/rails/storage + restart: unless-stopped + depends_on: + db: + condition: service_healthy + redis: + condition: service_healthy + # dns: + # - 8.8.8.8 + # - 1.1.1.1 + environment: + <<: *rails_env + networks: + - sure_net + + db: + image: postgres:16 + restart: unless-stopped + volumes: + - ${SURE_DATA}/postgres-data:/var/lib/postgresql/data + environment: + <<: *db_env + healthcheck: + test: [ "CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB" ] + interval: 5s + timeout: 5s + retries: 5 + networks: + - sure_net + + backup: + profiles: + - backup + image: prodrigestivill/postgres-backup-local + restart: unless-stopped + volumes: + - ${SURE_DATA}/backups:/backups # Change this path to your desired backup location on the host machine + environment: + - POSTGRES_HOST=db + - POSTGRES_DB=${POSTGRES_DB:-sure_production} + - POSTGRES_USER=${POSTGRES_USER:-sure_user} + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-sure_password} + - SCHEDULE=@daily # Runs once a day at midnight + - BACKUP_KEEP_DAYS=7 # Keeps the last 7 days of backups + - BACKUP_KEEP_WEEKS=4 # Keeps 4 weekly backups + - BACKUP_KEEP_MONTHS=6 # Keeps 6 monthly backups + depends_on: + - db + networks: + - sure_net + + redis: + image: redis:latest + restart: unless-stopped + volumes: + - ${SURE_DATA}/redis-data:/data + healthcheck: + test: [ "CMD", "redis-cli", "ping" ] + interval: 5s + timeout: 5s + retries: 5 + networks: + - sure_net + +# volumes: +# app-storage: +# postgres-data: +# redis-data: + +networks: + sure_net: + driver: bridge \ No newline at end of file diff --git a/docker_compose/vaultwarden/docker-compose.yaml b/docker_compose/vaultwarden/docker-compose.yaml index 52cd24e..e754b89 100644 --- a/docker_compose/vaultwarden/docker-compose.yaml +++ b/docker_compose/vaultwarden/docker-compose.yaml @@ -6,14 +6,14 @@ services: container_name: vaultwarden restart: unless-stopped environment: - DOMAIN: "https://vaultwarden.wompmacho.com" - ROCKET_PORT: 80 + DOMAIN: "${VAULT_DOMAIN}" + ROCKET_PORT: ${ROCKET_PORT} ROCKET_ENV: production volumes: - vaultwarden-mount:/data/ ports: - - '9998:80' - - '9999:443' + - 'LOCAL_PORT:80' + - 'SSL_PORT:443' volumes: vaultwarden-mount: diff --git a/docker_compose/webtop/docker-compose.yaml b/docker_compose/webtop/docker-compose.yaml index 6025f17..3fd265b 100644 --- a/docker_compose/webtop/docker-compose.yaml +++ b/docker_compose/webtop/docker-compose.yaml @@ -10,20 +10,16 @@ services: - TZ=America/New_York - TITLE=Webtop #optional dns: - - 10.0.0.11 + - ${PIHOLE_SERVER} shm_size: "1gb" #optional volumes: - - /srv/webtop/config:/config + - ${WEBTOP_DATA}config:/config ports: - 7978:3000 - 7979:3001 networks: - frontend - labels: - - traefik.enable=true - - traefik.http.routers.nginx-http.rule=Host(`webtop.wompmacho.com`) - - traefik.http.routers.nginx-http.entrypoints=web restart: unless-stopped networks: