jaydee/docker-compose
1
0
Fork 0
mirror of https://gitlab.sectorq.eu/home/docker-compose.git synced 2025-07-02 00:08:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

alias

Browse Source
This commit is contained in:
jaydee
2025-03-23 16:24:50 +01:00
parent 54149deda8
commit 49aaf5bb25
31 changed files with 1558 additions and 1721 deletions
Download Patch File Download Diff File Expand all files Collapse all files

212
authentik/docker-compose.yml
View File

@ -1,117 +1,113 @@
---
#PG_PASS 499NU6Ze5HcJK4IwSShO8oDbj3j0i0CalyEzfgEp
#AUTHENTIK_SECRET_KEY ZKkVCxj8kKj5ZklvzxKG2IgYQOftDoLPRjc57yomr1qzbKEQVZ
#AUTHENTIK_ERROR_REPORTING__ENABLED true
services: services:
postgresql:
image: ${DOCKER_REGISTRY:-docker.io/library/}postgres:16-alpine
restart: ${RESTART:-unless-stopped}
healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
start_period: 20s
interval: 30s
retries: 5
timeout: 5s
volumes:
- /share/docker_data/authentik/database:/var/lib/postgresql/data
environment:
POSTGRES_PASSWORD: ${PG_PASS:?database password required}
POSTGRES_USER: ${PG_USER:-authentik}
POSTGRES_DB: ${PG_DB:-authentik}
AUTHENTIK_SECRET_KEY: $AUTHENTIK_SECRET_KEY
TZ: Europe/Bratislava
labels:
wud.watch: false
redis:
image: ${DOCKER_REGISTRY:-docker.io/library/}redis:alpine
command: --save 60 1 --loglevel warning
restart: ${RESTART:-unless-stopped}
healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
start_period: 20s
interval: 30s
retries: 5
timeout: 3s
volumes:
- redis:/data
server:
image: ${DOCKER_REGISTRY:-}ghcr.io/goauthentik/server:${AUTHENTIK_TAG:-2024.6.1}
restart: ${RESTART:-unless-stopped}
command: server
environment:
AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
AUTHENTIK_SECRET_KEY: $AUTHENTIK_SECRET_KEY
TZ: Europe/Bratislava
volumes:
- /share/docker_data/authentik/media:/media
- /share/docker_data/authentik/custom-templates:/templates
- /var/run/docker.sock:/var/run/docker.sock
ports:
- "${COMPOSE_PORT_HTTP:-9003}:9000"
- "${COMPOSE_PORT_HTTPS:-9453}:9443"
depends_on:
- postgresql
- redis
labels:
- homepage.group=Utilities
- homepage.weight=10
- homepage.name=Authentik
- homepage.icon=authentik.png
- homepage.href=https://auth.sectorq.eu
- homepage.description=Authentification server
- homepage.server=my-docker
- homepage.container=authentik-server-1
- homepage.widget.type=authentik
- homepage.widget.url=https://auth.sectorq.eu
- homepage.widget.key=sVOwPPInTue7ZnvolmKG15hkE9gCyLcuAelLOQny6OIVn7JUilny9loPTG0v
worker:
image: ${DOCKER_REGISTRY:-}ghcr.io/goauthentik/server:${AUTHENTIK_TAG:-2024.6.1}
restart: ${RESTART:-unless-stopped}
command: worker
environment:
AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
AUTHENTIK_SECRET_KEY: $AUTHENTIK_SECRET_KEY
TZ: Europe/Bratislava
# `user: root` and the docker socket volume are optional.
# See more for the docker socket integration here:
# https://goauthentik.io/docs/outposts/integrations/docker
# Removing `user: root` also prevents the worker from fixing the permissions
# on the mounted folders, so when removing this make sure the folders have the correct UID/GID
# (1000:1000 by default)
user: root
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /share/docker_data/authentik/media:/media
- /share/docker_data/authentik/certs:/certs
- /share/docker_data/authentik/custom-templates:/templates
depends_on:
- postgresql
- redis
authentik_ldap: authentik_ldap:
image: ${DOCKER_REGISTRY:-}ghcr.io/goauthentik/ldap:${AUTHENTIK_TAG:-2024.6.1}
# Optionally specify which networks the container should be
# might be needed to reach the core authentik server
# networks:
# - foo
ports:
- 2389:3389
- 2636:6636
restart: ${RESTART:-unless-stopped}
environment: environment:
AUTHENTIK_HOST: https://auth.sectorq.eu AUTHENTIK_HOST: https://auth.sectorq.eu
AUTHENTIK_INSECURE: "false" AUTHENTIK_INSECURE: 'false'
AUTHENTIK_TOKEN: EfLokorVuj1woeO0p1he3mRJvVfGfvdKM8Bdew3DtDZZ3To6bVpFSDI7GOqY AUTHENTIK_TOKEN: EfLokorVuj1woeO0p1he3mRJvVfGfvdKM8Bdew3DtDZZ3To6bVpFSDI7GOqY
TZ: Europe/Bratislava TZ: Europe/Bratislava
image: ${DOCKER_REGISTRY:-}ghcr.io/goauthentik/ldap:${AUTHENTIK_TAG:-2024.6.1}
labels:
wud.watch.digest: true
ports:
- 2389:3389
- 2636:6636
restart: ${RESTART:-unless-stopped}
postgresql:
environment:
AUTHENTIK_SECRET_KEY: $AUTHENTIK_SECRET_KEY
POSTGRES_DB: ${PG_DB:-authentik}
POSTGRES_PASSWORD: ${PG_PASS:?database password required}
POSTGRES_USER: ${PG_USER:-authentik}
TZ: Europe/Bratislava
healthcheck:
interval: 30s
retries: 5
start_period: 20s
test:
- CMD-SHELL
- pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}
timeout: 5s
image: ${DOCKER_REGISTRY:-docker.io/library/}postgres:16-alpine
labels:
wud.watch: false
wud.watch.digest: true
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/authentik/database:/var/lib/postgresql/data
redis:
command: --save 60 1 --loglevel warning
healthcheck:
interval: 30s
retries: 5
start_period: 20s
test:
- CMD-SHELL
- redis-cli ping | grep PONG
timeout: 3s
image: ${DOCKER_REGISTRY:-docker.io/library/}redis:alpine
labels:
wud.watch.digest: true
restart: ${RESTART:-unless-stopped}
volumes:
- redis:/data
server:
command: server
depends_on:
- postgresql
- redis
environment:
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_SECRET_KEY: $AUTHENTIK_SECRET_KEY
TZ: Europe/Bratislava
image: ${DOCKER_REGISTRY:-}ghcr.io/goauthentik/server:${AUTHENTIK_TAG:-2024.6.1}
labels:
homepage.container: authentik-server-1
homepage.description: Authentification server
homepage.group: Utilities
homepage.href: https://auth.sectorq.eu
homepage.icon: authentik.png
homepage.name: Authentik
homepage.server: my-docker
homepage.weight: '10'
homepage.widget.key: sVOwPPInTue7ZnvolmKG15hkE9gCyLcuAelLOQny6OIVn7JUilny9loPTG0v
homepage.widget.type: authentik
homepage.widget.url: https://auth.sectorq.eu
wud.watch.digest: true
ports:
- ${COMPOSE_PORT_HTTP:-9003}:9000
- ${COMPOSE_PORT_HTTPS:-9453}:9443
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/authentik/media:/media
- /share/docker_data/authentik/custom-templates:/templates
- /var/run/docker.sock:/var/run/docker.sock
worker:
command: worker
depends_on:
- postgresql
- redis
environment:
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_SECRET_KEY: $AUTHENTIK_SECRET_KEY
TZ: Europe/Bratislava
image: ${DOCKER_REGISTRY:-}ghcr.io/goauthentik/server:${AUTHENTIK_TAG:-2024.6.1}
labels:
wud.watch.digest: true
restart: ${RESTART:-unless-stopped}
user: root
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /share/docker_data/authentik/media:/media
- /share/docker_data/authentik/certs:/certs
- /share/docker_data/authentik/custom-templates:/templates
volumes: volumes:
database: database:
driver: local driver: local

50
bitwarden/docker-compose.yml
View File

@ -1,32 +1,32 @@
version: '3'
services: services:
bitwarden: bitwarden:
image: ${DOCKER_REGISTRY:-}vaultwarden/server:latest
container_name: vaultwarden container_name: vaultwarden
restart: ${RESTART:-unless-stopped}
environment: environment:
- WEBSOCKET_ENABLED=true - WEBSOCKET_ENABLED=true
- SIGNUPS_ALLOWED=true - SIGNUPS_ALLOWED=true
- DOMAIN=https://pw.sectorq.eu - DOMAIN=https://pw.sectorq.eu
- SMTP_HOST=mail.sectorq.eu - SMTP_HOST=mail.sectorq.eu
- SMTP_FROM=jaydee@sectorq.eu - SMTP_FROM=jaydee@sectorq.eu
- SMTP_PORT=465 - SMTP_PORT=465
- SMTP_SSL=true - SMTP_SSL=true
- SMTP_USERNAME=jaydee@sectorq.eu - SMTP_USERNAME=jaydee@sectorq.eu
- SMTP_PASSWORD=$SMTP_PASSWORD - SMTP_PASSWORD=$SMTP_PASSWORD
- ADMIN_TOKEN=$ADMIN_PASSWORD - ADMIN_TOKEN=$ADMIN_PASSWORD
volumes: image: ${DOCKER_REGISTRY:-}vaultwarden/server:latest
- /share/docker_data/bitwarden/bw-data:/data
ports:
- 8181:80
labels: labels:
com.centurylinklabs.watchtower.enable: true com.centurylinklabs.watchtower.enable: true
homepage.group: Utilities
homepage.name: Bitwarden
homepage.weight: 1
homepage.icon: bitwarden.png
homepage.href: https://pw.sectorq.eu
homepage.description: "Password manager"
homepage.server: my-docker
homepage.container: vaultwarden homepage.container: vaultwarden
homepage.description: Password manager
homepage.group: Utilities
homepage.href: https://pw.sectorq.eu
homepage.icon: bitwarden.png
homepage.name: Bitwarden
homepage.server: my-docker
homepage.weight: 1
wud.watch.digest: true
ports:
- 8181:80
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/bitwarden/bw-data:/data
version: '3'

60
bookstack/docker-compose.yml
View File

@ -1,38 +1,36 @@
---
version: "2"
services: services:
app: app:
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/bookstack:latest
env_file:
- stack.env
volumes:
- /share/docker_data/bookstack/bookstack_app_data:/config
ports:
- 6875:80
restart: ${RESTART:-unless-stopped}
depends_on: depends_on:
- db - db
env_file:
- stack.env
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/bookstack:latest
labels: labels:
com.centurylinklabs.watchtower.enable: true com.centurylinklabs.watchtower.enable: true
homepage.group: Utilities
homepage.name: Bookstack
homepage.weight: 1
homepage.icon: bookstack.png
homepage.href: https://bookstack.sectorq.eu
homepage.description: Books
homepage.server: my-docker
homepage.container: bookstack-app-1 homepage.container: bookstack-app-1
# homepage.widget.type: ${APPNAME} homepage.description: Books
# homepage.widget.url: https://${APPNAME}.sectorq.eu homepage.group: Utilities
# homepage.widget.key: ddfc91b29920082636da70cc677aec74c88a7666 homepage.href: https://bookstack.sectorq.eu
# homepage.widget.version: 2 homepage.icon: bookstack.png
db: homepage.name: Bookstack
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/mariadb homepage.server: my-docker
environment: homepage.weight: 1
PUID: 0 wud.watch.digest: true
PGID: 0 ports:
env_file: - 6875:80
- stack.env
volumes:
- /share/docker_data/bookstack/bookstack_db_data:/config
restart: ${RESTART:-unless-stopped} restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/bookstack/bookstack_app_data:/config
db:
env_file:
- stack.env
environment:
PGID: 0
PUID: 0
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/mariadb
labels:
wud.watch.digest: true
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/bookstack/bookstack_db_data:/config
version: '2'

19
dockermon/docker-compose.yml
View File

@ -1,14 +1,13 @@
version: '2' services:
services:
docker_mon: docker_mon:
image: ${DOCKER_REGISTRY:-}philhawthorne/ha-dockermon:latest image: ${DOCKER_REGISTRY:-}philhawthorne/ha-dockermon:latest
# environment: labels:
# debug: true com.centurylinklabs.watchtower.enable: true
wud.watch.digest: true
ports:
- 8126:8126
restart: unless-stopped restart: unless-stopped
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
- /share/docker_data/dockermon/config:/config - /share/docker_data/dockermon/config:/config
ports: version: '2'
- 8126:8126
labels:
com.centurylinklabs.watchtower.enable: true

49
gitea/docker-compose.yml
View File

@ -1,37 +1,36 @@
---
networks: networks:
gitea: gitea:
external: false external: false
services: services:
server: server:
image: ${DOCKER_REGISTRY:-}gitea/gitea:latest
container_name: gitea container_name: gitea
environment: environment:
- USER_UID=1000 - USER_UID=1000
- USER_GID=1000 - USER_GID=1000
- ROOT_URL= https://gitea.sectorq.eu - ROOT_URL= https://gitea.sectorq.eu
restart: ${RESTART:-unless-stopped} image: ${DOCKER_REGISTRY:-}gitea/gitea:latest
networks:
- gitea
volumes:
- /share/docker_data/gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "222:22"
labels: labels:
com.centurylinklabs.watchtower.enable: true com.centurylinklabs.watchtower.enable: true
homepage.group: Utilities
homepage.name: Gitea
homepage.weight: 1
homepage.icon: ${APPNAME}.png
homepage.href: https://${APPNAME}.sectorq.eu
homepage.description: "Version control server"
homepage.server: my-docker
homepage.container: gitea homepage.container: gitea
homepage.description: Version control server
homepage.group: Utilities
homepage.href: https://${APPNAME}.sectorq.eu
homepage.icon: ${APPNAME}.png
homepage.name: Gitea
homepage.server: my-docker
homepage.weight: 1
homepage.widget.key: ${TOKEN}
homepage.widget.type: ${APPNAME} homepage.widget.type: ${APPNAME}
homepage.widget.url: https://${APPNAME}.sectorq.eu homepage.widget.url: https://${APPNAME}.sectorq.eu
homepage.widget.key: ${TOKEN} homepage.widget.version: 2
homepage.widget.version: 2 wud.watch.digest: true
networks:
- gitea
ports:
- 3000:3000
- '222:22'
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro

113
gitlab/docker-compose.yml
View File

@ -1,70 +1,53 @@
version: '3.6'
services: services:
web: web:
image: '${DOCKER_REGISTRY:-}gitlab/gitlab-ce:latest'
container_name: gitlab container_name: gitlab
restart: unless-stopped
network_mode: bridge
environment: environment:
TZ: "Europe/Bratislava" GITLAB_OMNIBUS_CONFIG: "external_url 'https://gitlab.sectorq.eu'\nnginx['listen_port']\
GITLAB_OMNIBUS_CONFIG: | \ = 80\nnginx['listen_https'] = false\nweb_server['username'] = 'git'\ngitlab_rails['time_zone']\
external_url 'https://gitlab.sectorq.eu' \ = 'Europe/Bratislava'\ngitlab_rails['omniauth_enabled'] = true\ngitlab_rails['omniauth_allow_single_sign_on']\
nginx['listen_port'] = 80 \ = ['saml']\ngitlab_rails['omniauth_sync_email_from_provider'] = 'saml'\n\
nginx['listen_https'] = false gitlab_rails['omniauth_sync_profile_from_provider'] = ['saml']\ngitlab_rails['omniauth_sync_profile_attributes']\
web_server['username'] = 'git' \ = ['email']\ngitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml'\n\
gitlab_rails['time_zone'] = 'Europe/Bratislava' gitlab_rails['omniauth_block_auto_created_users'] = false\ngitlab_rails['omniauth_auto_link_saml_user']\
gitlab_rails['omniauth_enabled'] = true \ = true\ngitlab_rails['omniauth_providers'] = [\n {\n name: 'saml',\n\
gitlab_rails['omniauth_allow_single_sign_on'] = ['saml'] \ args: {\n assertion_consumer_service_url: 'https://gitlab.sectorq.eu/users/auth/saml/callback',\n\
gitlab_rails['omniauth_sync_email_from_provider'] = 'saml' \ # Shown when navigating to certificates in authentik1\n idp_cert_fingerprint:\
gitlab_rails['omniauth_sync_profile_from_provider'] = ['saml'] \ 'f7:fd:49:03:b3:38:52:b3:23:f5:43:c4:8d:08:65:32:e0:5a:7b:0e',\n idp_sso_target_url:\
gitlab_rails['omniauth_sync_profile_attributes'] = ['email'] \ 'https://auth.sectorq.eu/application/saml/gitlab/sso/binding/redirect/',\n\
gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml' \ issuer: 'https://gitlab.sectorq.eu',\n name_identifier_format:\
gitlab_rails['omniauth_block_auto_created_users'] = false \ 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',\n attribute_statements:\
gitlab_rails['omniauth_auto_link_saml_user'] = true \ {\n email: ['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'],\n\
gitlab_rails['omniauth_providers'] = [ \ first_name: ['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name'],\n\
{ \ nickname: ['http://schemas.goauthentik.io/2021/02/saml/username']\n\
name: 'saml', \ }\n },\n label: 'authentik'\n }\n]\n"
args: { TZ: Europe/Bratislava
assertion_consumer_service_url: 'https://gitlab.sectorq.eu/users/auth/saml/callback', hostname: gitlab.sectorq.eu
# Shown when navigating to certificates in authentik1 image: ${DOCKER_REGISTRY:-}gitlab/gitlab-ce:latest
idp_cert_fingerprint: 'f7:fd:49:03:b3:38:52:b3:23:f5:43:c4:8d:08:65:32:e0:5a:7b:0e',
idp_sso_target_url: 'https://auth.sectorq.eu/application/saml/gitlab/sso/binding/redirect/',
issuer: 'https://gitlab.sectorq.eu',
name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
attribute_statements: {
email: ['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'],
first_name: ['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name'],
nickname: ['http://schemas.goauthentik.io/2021/02/saml/username']
}
},
label: 'authentik'
}
]
hostname: 'gitlab.sectorq.eu'
ports:
- '8780:80'
- '8743:443'
- '8722:22'
volumes:
- '/share/docker_data/gitlab/config:/etc/gitlab'
- '/share/docker_data/gitlab/logs:/var/log/gitlab'
- '/share/docker_data/gitlab/data:/var/opt/gitlab'
- '/etc/localtime:/etc/localtime:ro'
shm_size: '4gb'
labels: labels:
- com.centurylinklabs.watchtower.enable=true com.centurylinklabs.watchtower.enable: 'true'
- homepage.group=Infrastructure homepage.container: gitlab
- homepage.name=Gitlab homepage.description: Version control
- homepage.weight=1 homepage.group: Infrastructure
- homepage.icon=gitlab.png homepage.href: https://gitlab.sectorq.eu
- homepage.href=https://gitlab.sectorq.eu homepage.icon: gitlab.png
- homepage.description=Version control homepage.name: Gitlab
- homepage.server=my-docker homepage.server: my-docker
- homepage.container=gitlab homepage.weight: '1'
- homepage.widget.type=gitlab homepage.widget.key: glpat-BuMKcaDqeD-Wx3dW4TM9
- homepage.widget.url=https://gitlab.sectorq.eu homepage.widget.type: gitlab
- homepage.widget.key=glpat-BuMKcaDqeD-Wx3dW4TM9 homepage.widget.url: https://gitlab.sectorq.eu
- homepage.widget.user_id=2 homepage.widget.user_id: '2'
wud.watch.digest: true
network_mode: bridge
ports:
- 8780:80
- 8743:443
- '8722:22'
restart: unless-stopped
shm_size: 4gb
volumes:
- /share/docker_data/gitlab/config:/etc/gitlab
- /share/docker_data/gitlab/logs:/var/log/gitlab
- /share/docker_data/gitlab/data:/var/opt/gitlab
- /etc/localtime:/etc/localtime:ro
version: '3.6'

52
gotify/docker-compose.yml
View File

@ -1,43 +1,41 @@
--- networks:
net: null
services: services:
gotify: gotify:
container_name: gotify container_name: gotify
env_file:
- stack.env
hostname: gotify hostname: gotify
image: ${DOCKER_REGISTRY:-}gotify/server image: ${DOCKER_REGISTRY:-}gotify/server
labels:
wud.watch.digest: true
networks:
- net
ports:
- 8010:80
restart: unless-stopped restart: unless-stopped
security_opt: security_opt:
- no-new-privileges:true - no-new-privileges:true
networks:
- net
ports:
- "8010:80"
volumes: volumes:
- /share/docker_data/gotify/data:/app/data - /share/docker_data/gotify/data:/app/data
env_file:
- stack.env
igotify: igotify:
container_name: igotify container_name: igotify
env_file:
- stack.env
hostname: igotify hostname: igotify
image: ${DOCKER_REGISTRY:-}ghcr.io/androidseb25/igotify-notification-assist:latest image: ${DOCKER_REGISTRY:-}ghcr.io/androidseb25/igotify-notification-assist:latest
labels:
wud.watch.digest: true
networks:
- net
ports:
- 8681:8080
pull_policy: always
restart: unless-stopped restart: unless-stopped
security_opt: security_opt:
- no-new-privileges:true - no-new-privileges:true
pull_policy: always
networks:
- net
ports:
- "8681:8080"
volumes: volumes:
- /share/docker_data/igotify/data:/app/data - /share/docker_data/igotify/data:/app/data
env_file:
- stack.env
networks:
net:
volumes: volumes:
data: api-data: null
api-data: data: null

195
grafana/docker-compose.yml
View File

@ -1,114 +1,87 @@
---
name: grafana name: grafana
networks: networks:
loki: loki: null
services: services:
grafana: grafana:
ports: container_name: grafana
- 3007:3000 entrypoint:
container_name: grafana - sh
image: ${DOCKER_REGISTRY:-}grafana/grafana:latest - -euc
labels: - "mkdir -p /etc/grafana/provisioning/datasources\ncat <<EOF > /etc/grafana/provisioning/datasources/ds.yaml\n\
- com.centurylinklabs.watchtower.enable=true apiVersion: 1\ndatasources:\n- name: Loki\n type: loki\n access: proxy\n \
- homepage.group=Smarthome \ orgId: 1\n url: http://loki:3100\n basicAuth: false\n isDefault: true\n\
- homepage.name=Grafana \ version: 1\n editable: false\nEOF\n/run.sh\n"
- homepage.weight=1 environment:
- homepage.icon=grafana.png GF_AUTH_GENERIC_OAUTH_API_URL: https://auth.sectorq.eu/application/o/userinfo/
- homepage.href=https://g.sectorq.eu GF_AUTH_GENERIC_OAUTH_AUTH_URL: https://auth.sectorq.eu/application/o/authorize/
- homepage.description=Graphs GF_AUTH_GENERIC_OAUTH_CLIENT_ID: xc8AKsYOvHFmYnRjfnvt2YfgR5pg8Mlfc9YEqd3T
- homepage.server=my-docker GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: gb5ThPlyIUN2I8UPvIKAqQBoGFmTAb7tFxt5OiJQkAG6Ef2HDKksNOjWPJFfXiO22RuCnWuyzl6IMqPYO6QTa55EYfoN5N87enh5MOhTXjo2JTTnEL1eZhEI1Sw1vBO8
- homepage.container=grafana GF_AUTH_GENERIC_OAUTH_ENABLED: 'true'
# - homepage.widget.type=grafana GF_AUTH_GENERIC_OAUTH_NAME: authentik
# - homepage.widget.url=https://g.sectorq.eu GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: contains(groups, 'Grafana Admins')
# - homepage.widget.key=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9. && 'Admin' || contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer'
# environment: GF_AUTH_GENERIC_OAUTH_SCOPES: openid profile email
# - GF_AUTH_DISABLE_LOGIN_FORM=true GF_AUTH_GENERIC_OAUTH_TOKEN_URL: https://auth.sectorq.eu/application/o/token/
# - GF_AUTH_ANONYMOUS_ENABLED=true GF_AUTH_OAUTH_AUTO_LOGIN: 'true'
# - GF_AUTH_ANONYMOUS_ORG_ROLE=Admin GF_AUTH_SIGNOUT_REDIRECT_URL: https://auth.sectorq.eu/application/o/grafana/end-session/
# - GF_SECURITY_ALLOW_EMBEDDING=true GF_INSTALL_PLUGINS: https://storage.googleapis.com/integration-artifacts/alexanderzobnin-zabbix-app/4.5.7/main/163fabf651b776bf70adc08fa41bec4f52645374/alexanderzobnin-zabbix-app-4.5.7%2B163fabf6.linux_amd64.zip;alexanderzobnin-zabbix-app
restart: unless-stopped GF_LOG_FILTERS: rendering:debug
volumes: GF_RENDERING_CALLBACK_URL: http://grafana:3000/
- /share/docker_data/grafana/data:/var/lib/grafana GF_RENDERING_SERVER_URL: http://renderer:8092/render
- /share/docker_data/grafana/certs:/certs GF_SERVER_ROOT_URL: https://g.sectorq.eu/
user: "0:0" image: ${DOCKER_REGISTRY:-}grafana/grafana:latest
environment: labels:
GF_LOG_FILTERS: rendering:debug com.centurylinklabs.watchtower.enable: 'true'
GF_RENDERING_SERVER_URL: http://renderer:8092/render homepage.container: grafana
GF_RENDERING_CALLBACK_URL: http://grafana:3000/ homepage.description: Graphs
GF_AUTH_GENERIC_OAUTH_ENABLED: "true" homepage.group: Smarthome
GF_AUTH_GENERIC_OAUTH_NAME: "authentik" homepage.href: https://g.sectorq.eu
GF_AUTH_GENERIC_OAUTH_CLIENT_ID: "xc8AKsYOvHFmYnRjfnvt2YfgR5pg8Mlfc9YEqd3T" homepage.icon: grafana.png
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: "gb5ThPlyIUN2I8UPvIKAqQBoGFmTAb7tFxt5OiJQkAG6Ef2HDKksNOjWPJFfXiO22RuCnWuyzl6IMqPYO6QTa55EYfoN5N87enh5MOhTXjo2JTTnEL1eZhEI1Sw1vBO8" homepage.name: Grafana
GF_AUTH_GENERIC_OAUTH_SCOPES: "openid profile email" homepage.server: my-docker
GF_AUTH_GENERIC_OAUTH_AUTH_URL: "https://auth.sectorq.eu/application/o/authorize/" homepage.weight: '1'
GF_AUTH_GENERIC_OAUTH_TOKEN_URL: "https://auth.sectorq.eu/application/o/token/" wud.watch.digest: true
GF_AUTH_GENERIC_OAUTH_API_URL: "https://auth.sectorq.eu/application/o/userinfo/" networks:
GF_AUTH_SIGNOUT_REDIRECT_URL: "https://auth.sectorq.eu/application/o/grafana/end-session/" - loki
GF_SERVER_ROOT_URL: https://g.sectorq.eu/ ports:
# Optionally enable auto-login (bypasses Grafana login screen) - 3007:3000
GF_AUTH_OAUTH_AUTO_LOGIN: "true" restart: unless-stopped
# Optionally map user groups to Grafana roles user: 0:0
GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: "contains(groups, 'Grafana Admins') && 'Admin' || contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer'" volumes:
GF_INSTALL_PLUGINS: https://storage.googleapis.com/integration-artifacts/alexanderzobnin-zabbix-app/4.5.7/main/163fabf651b776bf70adc08fa41bec4f52645374/alexanderzobnin-zabbix-app-4.5.7%2B163fabf6.linux_amd64.zip;alexanderzobnin-zabbix-app - /share/docker_data/grafana/data:/var/lib/grafana
entrypoint: - /share/docker_data/grafana/certs:/certs
- sh loki:
- -euc command: -config.file=/etc/loki/local-config.yaml
- | image: ${DOCKER_REGISTRY:-}grafana/loki:latest
mkdir -p /etc/grafana/provisioning/datasources labels:
cat <<EOF > /etc/grafana/provisioning/datasources/ds.yaml wud.watch.digest: true
apiVersion: 1 networks:
datasources: - loki
- name: Loki ports:
type: loki - 3100:3100
access: proxy promtail:
orgId: 1 command: -config.file=/etc/promtail/config.yml
url: http://loki:3100 image: ${DOCKER_REGISTRY:-}grafana/promtail:latest
basicAuth: false labels:
isDefault: true wud.watch.digest: true
version: 1 networks:
editable: false - loki
EOF volumes:
/run.sh - /var/log:/var/log
networks: - /share/docker_data/grafana/promtail/config.yml:/etc/promtail/config.yml
- loki renderer:
image: ${DOCKER_REGISTRY:-}grafana/grafana-image-renderer:latest
labels:
loki: com.centurylinklabs.watchtower.enable: 'true'
image: ${DOCKER_REGISTRY:-}grafana/loki:latest homepage.container: music-assistant-server
ports: homepage.description: Music assistant
- "3100:3100" homepage.group: Smarthome
command: -config.file=/etc/loki/local-config.yaml homepage.href: http://192.168.77.101:8095
networks: homepage.icon: music-assistant.png
- loki homepage.name: Music Assistant
homepage.server: my-docker
promtail: homepage.weight: '1'
image: ${DOCKER_REGISTRY:-}grafana/promtail:latest wud.watch.digest: true
volumes: ports:
- /var/log:/var/log - 8092
- /share/docker_data/grafana/promtail/config.yml:/etc/promtail/config.yml restart: unless-stopped
command: -config.file=/etc/promtail/config.yml
networks:
- loki
renderer:
image: ${DOCKER_REGISTRY:-}grafana/grafana-image-renderer:latest
restart: unless-stopped
ports:
- 8092
labels:
- com.centurylinklabs.watchtower.enable=true
- homepage.group=Smarthome
- homepage.name=Music Assistant
- homepage.weight=1
- homepage.icon=music-assistant.png
- homepage.href=http://192.168.77.101:8095
- homepage.description=Music assistant
- homepage.server=my-docker
- homepage.container=music-assistant-server
# espresense:
# image: espresense/espresense-companion
# ports:
# - 8267:8267
# volumes:
# - ./data/espresense:/config/espresense

49
homepage/docker-compose.yml
View File

@ -1,29 +1,24 @@
---
services:
homepage:
image: ${DOCKER_REGISTRY:-}ghcr.io/gethomepage/homepage:latest
container_name: homepage
# environment:
# PUID: 1000
# PGID: 1000
ports:
- 3003:3000
volumes:
- /share/docker_data/homepage/config:/app/config # Make sure your local config directory exists
- /var/run/docker.sock:/var/run/docker.sock:ro # optional, for docker integrations
- /share/docker_data/homepage/images:/app/public/images
restart: unless-stopped
environment:
TZ: Europe/Bratislava
HOMEPAGE_ALLOWED_HOSTS: sectorq.eu,active.home.lan:3003
dns:
- 192.168.78.254
# network_mode: host
labels:
com.centurylinklabs.watchtower.enable: true
networks:
- pihole_pihole
networks: networks:
pihole_pihole: pihole_pihole:
external: true external: true
services:
homepage:
container_name: homepage
dns:
- 192.168.78.254
environment:
HOMEPAGE_ALLOWED_HOSTS: sectorq.eu,active.home.lan:3003
TZ: Europe/Bratislava
image: ${DOCKER_REGISTRY:-}ghcr.io/gethomepage/homepage:latest
labels:
com.centurylinklabs.watchtower.enable: true
wud.watch.digest: true
networks:
- pihole_pihole
ports:
- 3003:3000
restart: unless-stopped
volumes:
- /share/docker_data/homepage/config:/app/config
- /var/run/docker.sock:/var/run/docker.sock:ro
- /share/docker_data/homepage/images:/app/public/images

131
kestra/docker-compose.yml
View File

@ -1,81 +1,62 @@
volumes:
postgres-data:
driver: local
kestra-data:
driver: local
services: services:
postgres:
image: ${DOCKER_REGISTRY:-}postgres:16
volumes:
- /share/docker_data/kestra/postgres-data:/var/lib/postgresql/data
environment:
POSTGRES_DB: kestra
POSTGRES_USER: kestra
POSTGRES_PASSWORD: k3str4
healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
interval: 30s
timeout: 10s
retries: 10
restart: ${RESTART:-unless-stopped}
labels:
- wud.watch=false
kestra: kestra:
image: ${DOCKER_REGISTRY:-}kestra/kestra:latest
pull_policy: always
# Note that this is meant for development only. Refer to the documentation for production deployments of Kestra which runs without a root user.
user: "root"
command: server standalone --worker-thread=128 command: server standalone --worker-thread=128
volumes:
- /share/docker_data/kestra/kestra-data:/app/storage
- /var/run/docker.sock:/var/run/docker.sock
- /tmp/kestra-wd:/tmp/kestra-wd
restart: ${RESTART:-unless-stopped}
labels:
- wud.display.icon=mdi:evernote
- com.centurylinklabs.watchtower.enable=true
- homepage.group=Infrastructure
- homepage.name=Kestra
- homepage.weight=1
- homepage.icon=${APPNAME}.png
- homepage.href=https://${APPNAME}.sectorq.eu
- homepage.description=Automation
- homepage.server=my-docker
- homepage.container=kestra-kestra-1
# homepage.widget.type: ${APPNAME}
# homepage.widget.url: https://${APPNAME}.sectorq.eu
# homepage.widget.key: ddfc91b29920082636da70cc677aec74c88a7666
# homepage.widget.version: 2
environment:
KESTRA_CONFIGURATION: |
datasources:
postgres:
url: jdbc:postgresql://postgres:5432/kestra
driverClassName: org.postgresql.Driver
username: kestra
password: k3str4
kestra:
server:
basic-auth:
enabled: true
username: "jaydee@sectorq.eu" # it must be a valid email address
password: l4c1j4yd33Du5lo
repository:
type: postgres
storage:
type: local
local:
base-path: "/app/storage"
queue:
type: postgres
tasks:
tmp-dir:
path: /tmp/kestra-wd/tmp
url: http://localhost:8080/
ports:
- "8980:8080"
- "8981:8081"
depends_on: depends_on:
postgres: postgres:
condition: service_started condition: service_started
environment:
KESTRA_CONFIGURATION: "datasources:\n postgres:\n url: jdbc:postgresql://postgres:5432/kestra\n\
\ driverClassName: org.postgresql.Driver\n username: kestra\n password:\
\ k3str4\nkestra:\n server:\n basic-auth:\n enabled: true\n \
\ username: \"jaydee@sectorq.eu\" # it must be a valid email address\n \
\ password: l4c1j4yd33Du5lo\n repository:\n type: postgres\n storage:\n\
\ type: local\n local:\n base-path: \"/app/storage\"\n queue:\n\
\ type: postgres\n tasks:\n tmp-dir:\n path: /tmp/kestra-wd/tmp\n\
\ url: http://localhost:8080/\n"
image: ${DOCKER_REGISTRY:-}kestra/kestra:latest
labels:
com.centurylinklabs.watchtower.enable: 'true'
homepage.container: kestra-kestra-1
homepage.description: Automation
homepage.group: Infrastructure
homepage.href: https://${APPNAME}.sectorq.eu
homepage.icon: ${APPNAME}.png
homepage.name: Kestra
homepage.server: my-docker
homepage.weight: '1'
wud.display.icon: mdi:evernote
wud.watch.digest: true
ports:
- 8980:8080
- 8981:8081
pull_policy: always
restart: ${RESTART:-unless-stopped}
user: root
volumes:
- /share/docker_data/kestra/kestra-data:/app/storage
- /var/run/docker.sock:/var/run/docker.sock
- /tmp/kestra-wd:/tmp/kestra-wd
postgres:
environment:
POSTGRES_DB: kestra
POSTGRES_PASSWORD: k3str4
POSTGRES_USER: kestra
healthcheck:
interval: 30s
retries: 10
test:
- CMD-SHELL
- pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}
timeout: 10s
image: ${DOCKER_REGISTRY:-}postgres:16
labels:
wud.watch: 'false'
wud.watch.digest: true
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/kestra/postgres-data:/var/lib/postgresql/data
volumes:
kestra-data:
driver: local
postgres-data:
driver: local

471
mailu/docker-compose.yml
View File

@ -1,266 +1,225 @@
# This file is auto-generated by the Mailu configuration wizard.
# Please read the documentation before attempting any change.
# Generated for compose flavor
services:
# External dependencies
redis:
image: ${DOCKER_REGISTRY:-}redis:alpine
restart: unless-stopped
volumes:
- "/share/docker_data/mailu3/redis:/data"
depends_on:
- resolver
dns:
- 192.168.205.254
# Core services
front:
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-2024.06}
restart: ${RESTART:-unless-stopped}
env_file: stack.env
extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
file: logging.yml
#service: openvino # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
service: ${LOGGING:-syslog}
# logging:
# driver: loki
# options:
# loki-url: "http://192.168.77.101:3100/loki/api/v1/push"
ports:
- "0.0.0.0:8880:80"
- "0.0.0.0:8443:443"
- "0.0.0.0:25:25"
- "0.0.0.0:465:465"
- "0.0.0.0:587:587"
- "0.0.0.0:110:110"
- "0.0.0.0:995:995"
- "0.0.0.0:143:143"
- "0.0.0.0:993:993"
- "0.0.0.0:4190:4190"
networks:
- default
- webmail
- radicale
volumes:
- "/share/docker_data/mailu3/certs:/certs"
- "/share/docker_data/mailu3/overrides/nginx:/overrides:ro"
depends_on:
- resolver
dns:
- 192.168.205.254
resolver:
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}unbound:${MAILU_VERSION:-2024.06}
env_file: stack.env
# logging:
# driver: syslog
# options:
# tag: mailu-resolver
restart: ${RESTART:-unless-stopped}
networks:
default:
ipv4_address: 192.168.205.254
admin:
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-2024.06}
restart: ${RESTART:-unless-stopped}
env_file: stack.env
# logging:
# driver: syslog
# options:
# tag: mailu-admin
volumes:
- "/share/docker_data/mailu3/data:/data"
- "/share/docker_data/mailu3/dkim:/dkim"
depends_on:
- redis
- resolver
dns:
- 192.168.205.254
imap:
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-2024.06}
restart: ${RESTART:-unless-stopped}
env_file: stack.env
# logging:
# driver: syslog
# options:
# tag: mailu-imap
volumes:
- "/share/docker_data/mailu3/mail:/mail"
- "/share/docker_data/mailu3/overrides/dovecot:/overrides:ro"
networks:
- default
- fts_attachments
depends_on:
- front
- fts_attachments
- resolver
dns:
- 192.168.205.254
smtp:
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-2024.06}
restart: ${RESTART:-unless-stopped}
env_file: stack.env
# logging:
# driver: syslog
# options:
# tag: mailu-smtp
volumes:
- "/share/docker_data/mailu3/mailqueue:/queue"
- "/share/docker_data/mailu3/overrides/postfix:/overrides:ro"
depends_on:
- front
- resolver
dns:
- 192.168.205.254
oletools:
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}oletools:${MAILU_VERSION:-2024.06}
hostname: oletools
# logging:
# driver: syslog
# options:
# tag: mailu-oletools
restart: ${RESTART:-unless-stopped}
networks:
- oletools
depends_on:
- resolver
dns:
- 192.168.205.254
fts_attachments:
image: ${DOCKER_REGISTRY:-}apache/tika:2.9.2.1-full
hostname: tika
# logging:
# driver: syslog
# options:
# tag: mailu-tika
restart: ${RESTART:-unless-stopped}
networks:
- fts_attachments
depends_on:
- resolver
dns:
- 192.168.205.254
healthcheck:
test: ["CMD-SHELL", "wget -nv -t1 -O /dev/null http://127.0.0.1:9998/tika || exit 1"]
interval: 10s
timeout: 5s
retries: 3
start_period: 10s
antispam:
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-2024.06}
hostname: antispam
restart: ${RESTART:-unless-stopped}
env_file: stack.env
# logging:
# driver: syslog
# options:
# tag: mailu-antispam
networks:
- default
- oletools
- clamav
volumes:
- "/share/docker_data/mailu3/filter:/var/lib/rspamd"
- "/share/docker_data/mailu3/overrides/rspamd:/overrides:ro"
depends_on:
- front
- redis
- oletools
- antivirus
- resolver
dns:
- 192.168.205.254
# Optional services
antivirus:
image: ${DOCKER_REGISTRY:-}clamav/clamav-debian:1.2.0-6
restart: ${RESTART:-unless-stopped}
# logging:
# driver: syslog
# options:
# tag: mailu-antivirus
networks:
- clamav
volumes:
- "/share/docker_data/mailu3/filter/clamav:/var/lib/clamav"
healthcheck:
test: ["CMD-SHELL", "kill -0 `cat /tmp/clamd.pid` && kill -0 `cat /tmp/freshclam.pid`"]
interval: 10s
timeout: 5s
retries: 3
start_period: 10s
webdav:
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}radicale:${MAILU_VERSION:-2024.06}
restart: ${RESTART:-unless-stopped}
# logging:
# driver: syslog
# options:
# tag: mailu-webdav
volumes:
- "/share/docker_data/mailu3/dav:/data"
networks:
- radicale
fetchmail:
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}fetchmail:${MAILU_VERSION:-2024.06}
restart: ${RESTART:-unless-stopped}
env_file: stack.env
# logging:
# driver: syslog
# options:
# tag: mailu-fetchmail
volumes:
- "/share/docker_data/mailu3/data/fetchmail:/data"
depends_on:
- admin
- smtp
- imap
- resolver
dns:
- 192.168.205.254
# Webmail
webmail:
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}webmail:${MAILU_VERSION:-2024.06}
restart: ${RESTART:-unless-stopped}
env_file: stack.env
# logging:
# driver: syslog
# options:
# tag: mailu-webmail
volumes:
- "/share/docker_data/mailu3/webmail:/data"
- "/share/docker_data/mailu3/overrides/roundcube:/overrides:ro"
networks:
- webmail
depends_on:
- front
networks: networks:
clamav:
driver: bridge
default: default:
driver: bridge driver: bridge
ipam: ipam:
driver: default
config: config:
- subnet: 192.168.205.0/24 - subnet: 192.168.205.0/24
driver: default
fts_attachments:
driver: bridge
internal: true
oletools:
driver: bridge
internal: true
radicale: radicale:
driver: bridge driver: bridge
webmail: webmail:
driver: bridge driver: bridge
clamav: services:
driver: bridge admin:
oletools: depends_on:
driver: bridge - redis
internal: true - resolver
dns:
- 192.168.205.254
env_file: stack.env
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-2024.06}
labels:
wud.watch.digest: true
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/mailu3/data:/data
- /share/docker_data/mailu3/dkim:/dkim
antispam:
depends_on:
- front
- redis
- oletools
- antivirus
- resolver
dns:
- 192.168.205.254
env_file: stack.env
hostname: antispam
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-2024.06}
labels:
wud.watch.digest: true
networks:
- default
- oletools
- clamav
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/mailu3/filter:/var/lib/rspamd
- /share/docker_data/mailu3/overrides/rspamd:/overrides:ro
antivirus:
healthcheck:
interval: 10s
retries: 3
start_period: 10s
test:
- CMD-SHELL
- kill -0 `cat /tmp/clamd.pid` && kill -0 `cat /tmp/freshclam.pid`
timeout: 5s
image: ${DOCKER_REGISTRY:-}clamav/clamav-debian:1.2.0-6
labels:
wud.watch.digest: true
networks:
- clamav
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/mailu3/filter/clamav:/var/lib/clamav
fetchmail:
depends_on:
- admin
- smtp
- imap
- resolver
dns:
- 192.168.205.254
env_file: stack.env
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}fetchmail:${MAILU_VERSION:-2024.06}
labels:
wud.watch.digest: true
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/mailu3/data/fetchmail:/data
front:
depends_on:
- resolver
dns:
- 192.168.205.254
env_file: stack.env
extends:
file: logging.yml
service: ${LOGGING:-syslog}
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-2024.06}
labels:
wud.watch.digest: true
networks:
- default
- webmail
- radicale
ports:
- 0.0.0.0:8880:80
- 0.0.0.0:8443:443
- 0.0.0.0:25:25
- 0.0.0.0:465:465
- 0.0.0.0:587:587
- 0.0.0.0:110:110
- 0.0.0.0:995:995
- 0.0.0.0:143:143
- 0.0.0.0:993:993
- 0.0.0.0:4190:4190
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/mailu3/certs:/certs
- /share/docker_data/mailu3/overrides/nginx:/overrides:ro
fts_attachments: fts_attachments:
driver: bridge depends_on:
internal: true - resolver
dns:
- 192.168.205.254
healthcheck:
interval: 10s
retries: 3
start_period: 10s
test:
- CMD-SHELL
- wget -nv -t1 -O /dev/null http://127.0.0.1:9998/tika || exit 1
timeout: 5s
hostname: tika
image: ${DOCKER_REGISTRY:-}apache/tika:2.9.2.1-full
labels:
wud.watch.digest: true
networks:
- fts_attachments
restart: ${RESTART:-unless-stopped}
imap:
depends_on:
- front
- fts_attachments
- resolver
dns:
- 192.168.205.254
env_file: stack.env
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-2024.06}
labels:
wud.watch.digest: true
networks:
- default
- fts_attachments
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/mailu3/mail:/mail
- /share/docker_data/mailu3/overrides/dovecot:/overrides:ro
oletools:
depends_on:
- resolver
dns:
- 192.168.205.254
hostname: oletools
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}oletools:${MAILU_VERSION:-2024.06}
labels:
wud.watch.digest: true
networks:
- oletools
restart: ${RESTART:-unless-stopped}
redis:
depends_on:
- resolver
dns:
- 192.168.205.254
image: ${DOCKER_REGISTRY:-}redis:alpine
labels:
wud.watch.digest: true
restart: unless-stopped
volumes:
- /share/docker_data/mailu3/redis:/data
resolver:
env_file: stack.env
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}unbound:${MAILU_VERSION:-2024.06}
labels:
wud.watch.digest: true
networks:
default:
ipv4_address: 192.168.205.254
restart: ${RESTART:-unless-stopped}
smtp:
depends_on:
- front
- resolver
dns:
- 192.168.205.254
env_file: stack.env
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-2024.06}
labels:
wud.watch.digest: true
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/mailu3/mailqueue:/queue
- /share/docker_data/mailu3/overrides/postfix:/overrides:ro
webdav:
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}radicale:${MAILU_VERSION:-2024.06}
labels:
wud.watch.digest: true
networks:
- radicale
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/mailu3/dav:/data
webmail:
depends_on:
- front
env_file: stack.env
image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}webmail:${MAILU_VERSION:-2024.06}
labels:
wud.watch.digest: true
networks:
- webmail
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/mailu3/webmail:/data
- /share/docker_data/mailu3/overrides/roundcube:/overrides:ro

569
mediacenter/docker-compose.yml
View File

@ -1,303 +1,304 @@
--- networks:
duplicati:
driver: bridge
mediarr:
driver: bridge
services: services:
bazarr: bazarr:
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/bazarr:latest
container_name: bazarr container_name: bazarr
depends_on:
- sonarr
- radarr
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Bratislava
hostname: bazarr hostname: bazarr
environment: image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/bazarr:latest
- PUID=1000
- PGID=1000
- TZ=Europe/Bratislava
volumes:
- /share/docker_data/bazarr/config:/config
- /media/data/movies:/movies #optional
- /media/data/shows:/tv #optional
ports:
- 6767:6767
networks:
- mediarr
depends_on:
- sonarr
- radarr
labels: labels:
- wud.watch.digest=true com.centurylinklabs.watchtower.enable: 'true'
- com.centurylinklabs.watchtower.enable=true homepage.container: bazarr
- homepage.group=Media homepage.description: Subtitles
- homepage.name=bazarr homepage.group: Media
- homepage.weight=90 homepage.href: https://bazarr.sectorq.eu
- homepage.icon=bazarr.png homepage.icon: bazarr.png
- homepage.href=https://bazarr.sectorq.eu homepage.name: bazarr
- homepage.description=Subtitles homepage.server: my-docker
- homepage.server=my-docker homepage.weight: '90'
- homepage.container=bazarr homepage.widget.key: be4265d373929be3672ac813154baf6a
- homepage.widget.type=bazarr homepage.widget.type: bazarr
- homepage.widget.url=https://bazarr.sectorq.eu homepage.widget.url: https://bazarr.sectorq.eu
- homepage.widget.key=be4265d373929be3672ac813154baf6a wud.watch.digest: true
restart: ${RESTART:-unless-stopped} networks:
- mediarr
jellyseerr:
image: ${DOCKER_REGISTRY:-}fallenbagel/jellyseerr:latest
container_name: jellyseerr
hostname: jellyseerr
environment:
- LOG_LEVEL=debug
- TZ=Europe/Bratislava
ports: ports:
- 5055:5055 - 6767:6767
volumes:
- /share/docker_data/jellyseerr/config:/app/config
restart: ${RESTART:-unless-stopped} restart: ${RESTART:-unless-stopped}
labels: volumes:
- com.centurylinklabs.watchtower.enabl=true - /share/docker_data/bazarr/config:/config
- homepage.group=Media - /media/data/movies:/movies
- homepage.name=Jellyseerr - /media/data/shows:/tv
- homepage.weight=20 flaresolverr:
- homepage.icon=jellyseerr.png container_name: flaresolverr
- homepage.href=https://js.sectorq.eu
- homepage.description=Subtitles
- homepage.server=my-docker
- homepage.container=jellyseerr
- homepage.widget.type=jellyseerr
- homepage.widget.url=https://js.sectorq.eu
- homepage.widget.key=MTczMTY1NTk3ODUwOTY3NmJiOTM0LTY1MDctNGI2NS1hMmEyLTE3MjQ1MmI3OTI0Yg==
networks:
- mediarr
jackett:
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/jackett:latest
container_name: jackett
hostname: jackett
environment: environment:
- PUID=1000 - LOG_LEVEL=info
- PGID=1000 - TZ=Europe/Bratislava
- TZ=Europe/Bratislava hostname: flaresolverr
- AUTO_UPDATE=true #optional image: ${DOCKER_REGISTRY:-}ghcr.io/flaresolverr/flaresolverr:latest
- RUN_OPTS= #optional
volumes:
- /share/docker_data/jackett/config:/config
- /share/docker_data/jackett/downloads:/downloads
ports:
- 9117:9117
restart: ${RESTART:-unless-stopped}
depends_on:
- sonarr
- radarr
networks:
- mediarr
labels: labels:
- com.centurylinklabs.watchtower.enable=true com.centurylinklabs.watchtower.enable: true
- homepage.group=Media wud.watch.digest: true
- homepage.name=Jackett networks:
- homepage.weight=80 - mediarr
- homepage.icon=jackett.png
- homepage.href=https://jackett.sectorq.eu
- homepage.description=Subtitles
- homepage.server=my-docker
- homepage.container=jackett
- homepage.widget.type=jackett
- homepage.widget.url=https://jackett.sectorq.eu
- homepage.widget.password=l4c1j4yd33Du5lo
lidarr:
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/lidarr:latest
container_name: lidarr
hostname: lidarr
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Bratislava
volumes:
- /share/docker_data/lidarr/config:/config
- /media/data/music:/music #optional
- /media/data/downloads:/downloads #optional
ports: ports:
- 8686:8686 - 8191:8191
networks:
- mediarr
restart: ${RESTART:-unless-stopped} restart: ${RESTART:-unless-stopped}
labels:
- com.centurylinklabs.watchtower.enable=true
- homepage.group=Media
- homepage.name=Lidarr
- homepage.weight=60
- homepage.icon=lidarr.png
- homepage.href=https://lidarr.sectorq.eu
- homepage.description=Subtitles
- homepage.server=my-docker
- homepage.container=lidarr
- homepage.widget.type=lidarr
- homepage.widget.url=https://lidarr.sectorq.eu
- homepage.widget.key=a9d7379966bd467aa0ad226848575e03
jellyfin:
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/jellyfin:latest
container_name: jellyfin
hostname: jellyfin
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Bratislava
- JELLYFIN_PublishedServerUrl=https://jf.sectorq.eu #optional
volumes:
- /share/docker_data/jellyfin:/config
#- /media/nas/nas-media/Music:/data/music/nas
- /media/data/movies:/data/movies
- /media/data/music:/data/music
- /media/data/shows:/data/shows
# - /dev/dri/renderD128:
# - /dev/dri/card0:/dev/dri/card0
extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
file: hwaccel.yml
#service: openvino # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
service: ${HW_MODE:-cpu}
ports:
- 8096:8096
- 8920:8920 #optional
- 7359:7359/udp #optional
#- 1900:1900/udp #optional
restart: ${RESTART:-unless-stopped}
network_mode: "host"
labels:
- com.centurylinklabs.watchtower.enable=true
- homepage.group=Media
- homepage.name=Jellyfin
- homepage.weight=10
- homepage.icon=jellyfin.png
- homepage.href=https://jf.sectorq.eu
- homepage.description=Subtitles
- homepage.server=my-docker
- homepage.container=jellyfin
- homepage.widget.type=jellyfin
- homepage.widget.url=https://jf.sectorq.eu
- homepage.widget.key=0b0247d8030b46a0afe71be194311521
radarr:
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/radarr:latest
container_name: radarr
hostname: radarr
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Bratislava
volumes:
- /share/docker_data/radarr/config:/config
- /media/data/movies:/movies #optional
- /media/data/downloads:/downloads #optional
ports:
- 7878:7878
dns:
- 192.168.77.101
restart: ${RESTART:-unless-stopped}
networks:
- mediarr
labels:
- com.centurylinklabs.watchtower.enable=true
- wud.display.icon=mdi:radarr
- homepage.group=Media
- homepage.name=Radarr
- homepage.weight=20
- homepage.icon=radarr.png
- homepage.href=https://radarr.sectorq.eu
- homepage.description=Subtitles
- homepage.server=my-docker
- homepage.container=radarr
- homepage.widget.type=radarr
- homepage.widget.url=https://radarr.sectorq.eu
- homepage.widget.key=671f20f9518b4ab3a977cc00f95b0427
sonarr:
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/sonarr:latest
container_name: sonarr
hostname: sonarr
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Bratislava
volumes:
- /share/docker_data/sonarr/config:/config
- /media/data/shows:/tv #optional
- /media/data/downloads:/downloads #optional
ports:
- 8989:8989
restart: ${RESTART:-unless-stopped}
networks:
- mediarr
labels:
- com.centurylinklabs.watchtower.enable=true
- homepage.group=Media
- homepage.name=Sonarr
- homepage.weight=30
- homepage.icon=sonarr.png
- homepage.href=https://sonarr.sectorq.eu
- homepage.description=Subtitles
- homepage.server=my-docker
- homepage.container=sonarr
- homepage.widget.type=sonarr
- homepage.widget.url=https://sonarr.sectorq.eu
- homepage.widget.key=325b15a81c544ed2a1cd2bb16e95a129
qbittorrent:
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/qbittorrent:latest
container_name: qbittorrent
hostname: qbittorrent
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Bratislava
- WEBUI_PORT=8085
- FILE__PASSWORD=/run/secrets/mysecretpassword
volumes:
- /share/docker_data/qbittorrent/config:/config
- /media/data/downloads:/downloads
ports:
- 8085:8085
- 6881:6881
- 6881:6881/udp
restart: ${RESTART:-unless-stopped}
networks:
- mediarr
labels:
- com.centurylinklabs.watchtower.enable=true
- homepage.group=Utilities
- homepage.name=Qbittorrent
- homepage.weight=95
- homepage.icon=qbittorrent.png
- homepage.href=https://qbit.sectorq.eu
- homepage.description=Subtitles
- homepage.server=my-docker
- homepage.container=qbittorrent
- homepage.widget.type=qbittorrent
- homepage.widget.url=https://qbit.sectorq.eu
- homepage.widget.username=admin
- homepage.widget.password=l4c1j4yd33Du5lo
- homepage.widget.enableLeechProgress=true
homarr: homarr:
container_name: homarr container_name: homarr
hostname: homarr hostname: homarr
image: ${DOCKER_REGISTRY:-}ghcr.io/ajnart/homarr:latest image: ${DOCKER_REGISTRY:-}ghcr.io/ajnart/homarr:latest
labels:
com.centurylinklabs.watchtower.enable: true
wud.watch.digest: true
networks:
- mediarr
ports:
- 7575:7575
restart: ${RESTART:-unless-stopped} restart: ${RESTART:-unless-stopped}
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock # Optional, only if you want docker integration - /var/run/docker.sock:/var/run/docker.sock
- /share/docker_data/homarr/configs:/app/data/configs - /share/docker_data/homarr/configs:/app/data/configs
- /share/docker_data/homarr/icons:/app/public/icons - /share/docker_data/homarr/icons:/app/public/icons
- /share/docker_data/homarr/data:/data - /share/docker_data/homarr/data:/data
ports: jackett:
- '7575:7575' container_name: jackett
networks: depends_on:
- mediarr - sonarr
labels: - radarr
com.centurylinklabs.watchtower.enable: true
flaresolverr:
container_name: flaresolverr
hostname: flaresolverr
image: ${DOCKER_REGISTRY:-}ghcr.io/flaresolverr/flaresolverr:latest
ports:
- 8191:8191
environment: environment:
- LOG_LEVEL=info - PUID=1000
- TZ=Europe/Bratislava - PGID=1000
restart: ${RESTART:-unless-stopped} - TZ=Europe/Bratislava
networks: - AUTO_UPDATE=true
- mediarr - RUN_OPTS=
hostname: jackett
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/jackett:latest
labels: labels:
com.centurylinklabs.watchtower.enable: true com.centurylinklabs.watchtower.enable: 'true'
networks: homepage.container: jackett
mediarr: homepage.description: Subtitles
driver: bridge homepage.group: Media
duplicati: homepage.href: https://jackett.sectorq.eu
driver: bridge homepage.icon: jackett.png
homepage.name: Jackett
homepage.server: my-docker
homepage.weight: '80'
homepage.widget.password: l4c1j4yd33Du5lo
homepage.widget.type: jackett
homepage.widget.url: https://jackett.sectorq.eu
wud.watch.digest: true
networks:
- mediarr
ports:
- 9117:9117
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/jackett/config:/config
- /share/docker_data/jackett/downloads:/downloads
jellyfin:
container_name: jellyfin
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Bratislava
- JELLYFIN_PublishedServerUrl=https://jf.sectorq.eu
extends:
file: hwaccel.yml
service: ${HW_MODE:-cpu}
hostname: jellyfin
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/jellyfin:latest
labels:
com.centurylinklabs.watchtower.enable: 'true'
homepage.container: jellyfin
homepage.description: Subtitles
homepage.group: Media
homepage.href: https://jf.sectorq.eu
homepage.icon: jellyfin.png
homepage.name: Jellyfin
homepage.server: my-docker
homepage.weight: '10'
homepage.widget.key: 0b0247d8030b46a0afe71be194311521
homepage.widget.type: jellyfin
homepage.widget.url: https://jf.sectorq.eu
wud.watch.digest: true
network_mode: host
ports:
- 8096:8096
- 8920:8920
- 7359:7359/udp
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/jellyfin:/config
- /media/data/movies:/data/movies
- /media/data/music:/data/music
- /media/data/shows:/data/shows
jellyseerr:
container_name: jellyseerr
environment:
- LOG_LEVEL=debug
- TZ=Europe/Bratislava
hostname: jellyseerr
image: ${DOCKER_REGISTRY:-}fallenbagel/jellyseerr:latest
labels:
com.centurylinklabs.watchtower.enabl: 'true'
homepage.container: jellyseerr
homepage.description: Subtitles
homepage.group: Media
homepage.href: https://js.sectorq.eu
homepage.icon: jellyseerr.png
homepage.name: Jellyseerr
homepage.server: my-docker
homepage.weight: '20'
homepage.widget.key: MTczMTY1NTk3ODUwOTY3NmJiOTM0LTY1MDctNGI2NS1hMmEyLTE3MjQ1MmI3OTI0Yg
homepage.widget.type: jellyseerr
homepage.widget.url: https://js.sectorq.eu
wud.watch.digest: true
networks:
- mediarr
ports:
- 5055:5055
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/jellyseerr/config:/app/config
lidarr:
container_name: lidarr
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Bratislava
hostname: lidarr
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/lidarr:latest
labels:
com.centurylinklabs.watchtower.enable: 'true'
homepage.container: lidarr
homepage.description: Subtitles
homepage.group: Media
homepage.href: https://lidarr.sectorq.eu
homepage.icon: lidarr.png
homepage.name: Lidarr
homepage.server: my-docker
homepage.weight: '60'
homepage.widget.key: a9d7379966bd467aa0ad226848575e03
homepage.widget.type: lidarr
homepage.widget.url: https://lidarr.sectorq.eu
wud.watch.digest: true
networks:
- mediarr
ports:
- 8686:8686
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/lidarr/config:/config
- /media/data/music:/music
- /media/data/downloads:/downloads
qbittorrent:
container_name: qbittorrent
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Bratislava
- WEBUI_PORT=8085
- FILE__PASSWORD=/run/secrets/mysecretpassword
hostname: qbittorrent
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/qbittorrent:latest
labels:
com.centurylinklabs.watchtower.enable: 'true'
homepage.container: qbittorrent
homepage.description: Subtitles
homepage.group: Utilities
homepage.href: https://qbit.sectorq.eu
homepage.icon: qbittorrent.png
homepage.name: Qbittorrent
homepage.server: my-docker
homepage.weight: '95'
homepage.widget.enableLeechProgress: 'true'
homepage.widget.password: l4c1j4yd33Du5lo
homepage.widget.type: qbittorrent
homepage.widget.url: https://qbit.sectorq.eu
homepage.widget.username: admin
wud.watch.digest: true
networks:
- mediarr
ports:
- 8085:8085
- 6881:6881
- 6881:6881/udp
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/qbittorrent/config:/config
- /media/data/downloads:/downloads
radarr:
container_name: radarr
dns:
- 192.168.77.101
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Bratislava
hostname: radarr
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/radarr:latest
labels:
com.centurylinklabs.watchtower.enable: 'true'
homepage.container: radarr
homepage.description: Subtitles
homepage.group: Media
homepage.href: https://radarr.sectorq.eu
homepage.icon: radarr.png
homepage.name: Radarr
homepage.server: my-docker
homepage.weight: '20'
homepage.widget.key: 671f20f9518b4ab3a977cc00f95b0427
homepage.widget.type: radarr
homepage.widget.url: https://radarr.sectorq.eu
wud.display.icon: mdi:radarr
wud.watch.digest: true
networks:
- mediarr
ports:
- 7878:7878
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/radarr/config:/config
- /media/data/movies:/movies
- /media/data/downloads:/downloads
sonarr:
container_name: sonarr
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Bratislava
hostname: sonarr
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/sonarr:latest
labels:
com.centurylinklabs.watchtower.enable: 'true'
homepage.container: sonarr
homepage.description: Subtitles
homepage.group: Media
homepage.href: https://sonarr.sectorq.eu
homepage.icon: sonarr.png
homepage.name: Sonarr
homepage.server: my-docker
homepage.weight: '30'
homepage.widget.key: 325b15a81c544ed2a1cd2bb16e95a129
homepage.widget.type: sonarr
homepage.widget.url: https://sonarr.sectorq.eu
wud.watch.digest: true
networks:
- mediarr
ports:
- 8989:8989
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/sonarr/config:/config
- /media/data/shows:/tv
- /media/data/downloads:/downloads

17
mosquitto/docker-compose.yml
View File

@ -1,15 +1,14 @@
---
name: mosquitto name: mosquitto
services: services:
mosquitto: mosquitto:
image: ${DOCKER_REGISTRY:-}eclipse-mosquitto image: ${DOCKER_REGISTRY:-}eclipse-mosquitto
network_mode: host
volumes:
- /share/docker_data/mosquitto/conf:/mosquitto/config
- /share/docker_data/mosquitto/data:/mosquitto/data
- /share/docker_data/mosquitto/log:/mosquitto/log
labels: labels:
com.centurylinklabs.watchtower.enable: "true" com.centurylinklabs.watchtower.enable: 'true'
wud.watch.digest: true
mem_limit: 1g mem_limit: 1g
restart: ${RESTART:-unless-stopped} network_mode: host
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/mosquitto/conf:/mosquitto/config
- /share/docker_data/mosquitto/data:/mosquitto/data
- /share/docker_data/mosquitto/log:/mosquitto/log

55
motioneye/docker-compose.yml
View File

@ -1,36 +1,27 @@
---
services: services:
motioneye: motioneye:
image: ${DOCKER_REGISTRY:-}ghcr.io/motioneye-project/motioneye:edge
# init: true
ports:
- "8081:8081"
- "8765:8765"
dns:
- 192.168.77.101
privileged: true
environment:
- TZ=Europe/Bratislava
restart: unless-stopped
container_name: motioneye container_name: motioneye
# devices: dns:
# - /dev/bus/usb/001/005 - 192.168.77.101
volumes: environment:
- /share/docker_data/motioneye/etc_motioneye:/etc/motioneye - TZ=Europe/Bratislava
- /share/docker_data/motioneye/var_lib_motioneye:/var/lib/motioneye image: ${DOCKER_REGISTRY:-}ghcr.io/motioneye-project/motioneye:edge
# deploy:
# resources:
# limits:
# cpus: "4.0"
# memory: 4000M
labels: labels:
- com.centurylinklabs.watchtower.enable=true com.centurylinklabs.watchtower.enable: 'true'
- homepage.group=Media homepage.container: motioneye
- homepage.name=MotionEye homepage.description: Video manager
- homepage.weight=1 homepage.group: Media
- homepage.icon=/images/motioneye.webp homepage.href: http://m-server.home.lan:8765/
- homepage.href=http://m-server.home.lan:8765/ homepage.icon: /images/motioneye.webp
- homepage.description=Video manager homepage.name: MotionEye
- homepage.server=my-docker homepage.server: my-docker
- homepage.container=motioneye homepage.weight: '1'
wud.watch.digest: true
ports:
- 8081:8081
- 8765:8765
privileged: true
restart: unless-stopped
volumes:
- /share/docker_data/motioneye/etc_motioneye:/etc/motioneye
- /share/docker_data/motioneye/var_lib_motioneye:/var/lib/motioneye

103
nextcloud/docker-compose.yml
View File

@ -1,69 +1,72 @@
---
networks: networks:
nextcloud_network: nextcloud_network:
ipam: ipam:
driver: default
config: config:
- subnet: 192.168.80.0/28 - subnet: 192.168.80.0/28
driver: default
pihole_pihole: pihole_pihole:
external: true external: true
services: services:
db:
image: ${DOCKER_REGISTRY:-}yobasystems/alpine-mariadb:latest
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb-file-per-table=1 --skip-innodb-read-only-compressed
volumes:
- /share/docker_data/nextcloud/mariadb:/var/lib/mysql
- /etc/localtime:/etc/localtime
env_file:
- stack.env
networks:
- nextcloud_network
labels:
com.centurylinklabs.watchtower.enable: true
restart: ${RESTART:-unless-stopped}
app: app:
image: ${DOCKER_REGISTRY:-}nextcloud:latest
ports:
- 8134:80
links:
- db
volumes:
- /share/docker_data/nextcloud/app:/var/www/html
- /share/docker_data/nextcloud/app-hooks/pre-installation:/docker-entrypoint-hooks.d/pre-installation
- /share/docker_data/nextcloud/app-hooks/post-installation:/docker-entrypoint-hooks.d/post-installation
- /share/docker_data/nextcloud/app-hooks/pre-upgrade:/docker-entrypoint-hooks.d/pre-upgrade
- /share/docker_data/nextcloud/app-hooks/post-upgrade:/docker-entrypoint-hooks.d/post-upgrade
- /share/docker_data/nextcloud/app-hooks/before-starting:/docker-entrypoint-hooks.d/before-starting
env_file:
- stack.env
networks:
- nextcloud_network
- pihole_pihole
dns:
- 192.168.78.254
depends_on: depends_on:
- db - db
restart: ${RESTART:-unless-stopped} dns:
- 192.168.78.254
env_file:
- stack.env
image: ${DOCKER_REGISTRY:-}nextcloud:latest
labels: labels:
wud.watch.digest: true
com.centurylinklabs.watchtower.enable: true com.centurylinklabs.watchtower.enable: true
com.centurylinklabs.watchtower.lifecycle.post-update: "apt update;apt install -y smbclient;chown -R www-data:www-data /var/www/html" com.centurylinklabs.watchtower.lifecycle.post-update: apt update;apt install
homepage.group: Infrastructure -y smbclient;chown -R www-data:www-data /var/www/html
homepage.name: Nextcloud
homepage.icon: ${APPNAME}.png
homepage.href: https://nc.sectorq.eu
homepage.description: "Cloud server"
homepage.server: my-docker
homepage.container: nextcloud-app-1 homepage.container: nextcloud-app-1
homepage.description: Cloud server
homepage.group: Infrastructure
homepage.href: https://nc.sectorq.eu
homepage.icon: ${APPNAME}.png
homepage.name: Nextcloud
homepage.server: my-docker
homepage.widget.password: oGeiy-tTc8p-LJdt5-na3JF-dbWpY
homepage.widget.type: ${APPNAME} homepage.widget.type: ${APPNAME}
homepage.widget.url: https://nc.sectorq.eu homepage.widget.url: https://nc.sectorq.eu
homepage.widget.username: jaydee homepage.widget.username: jaydee
homepage.widget.password: oGeiy-tTc8p-LJdt5-na3JF-dbWpY wud.watch.digest: true
links:
- db
networks:
- nextcloud_network
- pihole_pihole
ports:
- 8134:80
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/nextcloud/app:/var/www/html
- /share/docker_data/nextcloud/app-hooks/pre-installation:/docker-entrypoint-hooks.d/pre-installation
- /share/docker_data/nextcloud/app-hooks/post-installation:/docker-entrypoint-hooks.d/post-installation
- /share/docker_data/nextcloud/app-hooks/pre-upgrade:/docker-entrypoint-hooks.d/pre-upgrade
- /share/docker_data/nextcloud/app-hooks/post-upgrade:/docker-entrypoint-hooks.d/post-upgrade
- /share/docker_data/nextcloud/app-hooks/before-starting:/docker-entrypoint-hooks.d/before-starting
db:
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb-file-per-table=1
--skip-innodb-read-only-compressed
env_file:
- stack.env
image: ${DOCKER_REGISTRY:-}yobasystems/alpine-mariadb:latest
labels:
com.centurylinklabs.watchtower.enable: true
wud.watch.digest: true
networks:
- nextcloud_network
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/nextcloud/mariadb:/var/lib/mysql
- /etc/localtime:/etc/localtime
redis: redis:
image: ${DOCKER_REGISTRY:-}redis:alpine image: ${DOCKER_REGISTRY:-}redis:alpine
volumes: labels:
- /share/docker_data/nextcloud/redis:/data wud.watch.digest: true
networks: networks:
- nextcloud_network - nextcloud_network
restart: ${RESTART:-unless-stopped} restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/nextcloud/redis:/data

87
nginx/docker-compose.yml
View File

@ -1,52 +1,39 @@
version: '3.8'
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
restart: unless-stopped
#network_mode: host
healthcheck:
test: ["CMD", "/usr/bin/check-health"]
interval: 10s
timeout: 3s
ports:
#These ports are in format <host-port>:<container-port>
- '8099:80' # Public HTTP Port
- '4439:443' # Public HTTPS Port
- '81:81' # Admin Web Port
# Add any other Stream port you want to expose
# - '21:21' # FTP
# Uncomment the next line if you uncomment anything in the section
# environment:
# Uncomment this if you want to change the location of
# the SQLite DB file within the container
# DB_SQLITE_FILE: "/data/database.sqlite"
# Uncomment this if IPv6 is not enabled on your host
# DISABLE_IPV6: 'true'
volumes:
- /share/docker_data/nginx/data:/data
- /share/docker_data/nginx/letsencrypt:/etc/letsencrypt
dns:
- 192.168.78.254
networks:
- pihole_pihole
labels:
- homepage.group=Infrastructure
- homepage.name=Nginx
- homepage.weight=25
- homepage.icon=nginx-proxy-manager.png
- homepage.href=http://active.home.lan:81
- homepage.description=Reverse Proxy
- homepage.server=my-docker
- homepage.container=nginx-app-1
- homepage.widget.type=npm
- homepage.widget.url=http://active.home.lan:81
- homepage.widget.username=monitoring@sectorq.eu
- homepage.widget.password=OdyAJvifHvDPMOyFdbiKak5S
#- homepage.widget.version=2
networks: networks:
pihole_pihole: pihole_pihole:
external: true external: true
services:
app:
dns:
- 192.168.78.254
healthcheck:
interval: 10s
test:
- CMD
- /usr/bin/check-health
timeout: 3s
image: jc21/nginx-proxy-manager:latest
labels:
homepage.container: nginx-app-1
homepage.description: Reverse Proxy
homepage.group: Infrastructure
homepage.href: http://active.home.lan:81
homepage.icon: nginx-proxy-manager.png
homepage.name: Nginx
homepage.server: my-docker
homepage.weight: '25'
homepage.widget.password: OdyAJvifHvDPMOyFdbiKak5S
homepage.widget.type: npm
homepage.widget.url: http://active.home.lan:81
homepage.widget.username: monitoring@sectorq.eu
wud.watch.digest: true
networks:
- pihole_pihole
ports:
- 8099:80
- 4439:443
- 81:81
restart: unless-stopped
volumes:
- /share/docker_data/nginx/data:/data
- /share/docker_data/nginx/letsencrypt:/etc/letsencrypt
version: '3.8'

28
node-red/docker-compose.yml
View File

@ -1,20 +1,20 @@
--- networks:
node-red-net: null
services: services:
node-red: node-red:
image: ${DOCKER_REGISTRY:-}nodered/node-red:latest
environment:
- TZ=Europe/Bratislava
ports:
- "1880:1880"
networks:
- node-red-net
dns: dns:
- 192.168.77.101 - 192.168.77.101
volumes: environment:
- /share/docker_data/node-red:/data - TZ=Europe/Bratislava
image: ${DOCKER_REGISTRY:-}nodered/node-red:latest
labels: labels:
- com.centurylinklabs.watchtower.enable=true com.centurylinklabs.watchtower.enable: 'true'
wud.watch.digest: true
mem_limit: 1g mem_limit: 1g
networks:
- node-red-net
ports:
- 1880:1880
restart: always restart: always
networks: volumes:
node-red-net: - /share/docker_data/node-red:/data

103
octoprint/docker-compose.yml
View File

@ -1,57 +1,52 @@
services: services:
octoprint1: octoprint1:
volumes: container_name: octoprint1
- /share/docker_data/octoprint1:/octoprint devices:
#- /dev:/dev - /dev/ttyUSB0:/dev/ttyUSB0
devices: environment:
- /dev/ttyUSB0:/dev/ttyUSB0 - ENABLE_MJPG_STREAMER=true
# - /dev/video0:/dev/video0 image: ${DOCKER_REGISTRY:-}octoprint/octoprint:latest
# - /dev/video1:/dev/video1 labels:
com.centurylinklabs.watchtower.enable: 'true'
environment: homepage.container: octoprint1
- ENABLE_MJPG_STREAMER=true homepage.description: 3D Printing
ports: homepage.group: Utilities
- 85:80 homepage.href: http://m-server.home.lan:85/
container_name: octoprint1 homepage.icon: octoprint.png
image: ${DOCKER_REGISTRY:-}octoprint/octoprint:latest homepage.name: Octoprint1
labels: homepage.server: my-docker
- com.centurylinklabs.watchtower.enable=true homepage.weight: '98'
- homepage.group=Utilities homepage.widget.fields: '["printer_state", "temp_tool", "temp_bed", "job_completion"]'
- homepage.name=Octoprint1 homepage.widget.key: 0_4C0qSJz_7QF-bkOblpHjeaMQv128hTXxEsHrkubuk
- homepage.weight=98 homepage.widget.type: octoprint
- homepage.icon=octoprint.png homepage.widget.url: http://m-server.home.lan:85/
- homepage.href=http://m-server.home.lan:85/ wud.watch.digest: true
- homepage.description=3D Printing ports:
- homepage.server=my-docker - 85:80
- homepage.container=octoprint1 volumes:
- homepage.widget.type=octoprint - /share/docker_data/octoprint1:/octoprint
- homepage.widget.url=http://m-server.home.lan:85/
- homepage.widget.key=0_4C0qSJz_7QF-bkOblpHjeaMQv128hTXxEsHrkubuk
- homepage.widget.fields=["printer_state", "temp_tool", "temp_bed", "job_completion"]
octoprint2: octoprint2:
volumes: container_name: octoprint2
- /share/docker_data/octoprint2:/octoprint environment:
- /dev:/dev - ENABLE_MJPG_STREAMER=true
# devices: image: ${DOCKER_REGISTRY:-}octoprint/octoprint:latest
# # - /dev/ttyACM0:/dev/ttyACM0 labels:
com.centurylinklabs.watchtower.enable: 'true'
environment: homepage.container: octoprint2
- ENABLE_MJPG_STREAMER=true homepage.description: 3D Printing
ports: homepage.group: Utilities
- 86:80 homepage.href: http://m-server.home.lan:86/
container_name: octoprint2 homepage.icon: octoprint.png
image: ${DOCKER_REGISTRY:-}octoprint/octoprint:latest homepage.name: Octoprint2
labels: homepage.server: my-docker
- com.centurylinklabs.watchtower.enable=true homepage.weight: '99'
- homepage.group=Utilities homepage.widget.fields: '["printer_state", "temp_tool", "temp_bed", "job_completion"]'
- homepage.name=Octoprint2 homepage.widget.key: 0_4C0qSJz_7QF-bkOblpHjeaMQv128hTXxEsHrkubuk
- homepage.weight=99 homepage.widget.type: octoprint
- homepage.icon=octoprint.png homepage.widget.url: http://m-server.home.lan:86/
- homepage.href=http://m-server.home.lan:86/ wud.watch.digest: true
- homepage.description=3D Printing ports:
- homepage.server=my-docker - 86:80
- homepage.container=octoprint2 volumes:
- homepage.widget.type=octoprint - /share/docker_data/octoprint2:/octoprint
- homepage.widget.url=http://m-server.home.lan:86/ - /dev:/dev
- homepage.widget.key=0_4C0qSJz_7QF-bkOblpHjeaMQv128hTXxEsHrkubuk
- homepage.widget.fields=["printer_state", "temp_tool", "temp_bed", "job_completion"]

45
openldap/docker-compose.yml
View File

@ -1,28 +1,25 @@
version: '2'
services: services:
openldap: openldap:
image: bitnami/openldap:latest
ports:
- '1389:1389'
- '1636:1636'
environment: environment:
- LDAP_SKIP_DEFAULT_TREE=yes - LDAP_SKIP_DEFAULT_TREE=yes
- LDAP_ROOT=dc=sectorq,dc=eu - LDAP_ROOT=dc=sectorq,dc=eu
- LDAP_ADMIN_USERNAME=admin - LDAP_ADMIN_USERNAME=admin
- LDAP_ADMIN_PASSWORD=$LDAP_ADMIN_PASSWORD - LDAP_ADMIN_PASSWORD=$LDAP_ADMIN_PASSWORD
- LDAP_USERS=test - LDAP_USERS=test
- LDAP_PASSWORDS=q - LDAP_PASSWORDS=q
- LDAP_GROUP=group - LDAP_GROUP=group
- LDAP_USER_DC=people - LDAP_USER_DC=people
#- LDAP_CUSTOM_LDIF_DIR=/ldifs - LDAP_CONFIG_ADMIN_ENABLED=yes
- LDAP_CONFIG_ADMIN_ENABLED=yes - LDAP_CONFIG_ADMIN_USERNAME=admin
- LDAP_CONFIG_ADMIN_USERNAME=admin - LDAP_CONFIG_ADMIN_PASSWORD=$LDAP_CONFIG_ADMIN_PASSWORD
- LDAP_CONFIG_ADMIN_PASSWORD=$LDAP_CONFIG_ADMIN_PASSWORD image: bitnami/openldap:latest
#- LDAP_CUSTOM_SCHEMA_FILE=/custom/00-custom.ldif labels:
#- LDAP_ENABLE_TLS wud.watch.digest: true
ports:
- 1389:1389
- 1636:1636
volumes: volumes:
- '/share/docker_data/openldap/data:/bitnami/openldap' - /share/docker_data/openldap/data:/bitnami/openldap
- '/share/docker_data/openldap/ldifs:/ldifs' - /share/docker_data/openldap/ldifs:/ldifs
- '/share/docker_data/openldap/custom:/custom' - /share/docker_data/openldap/custom:/custom
version: '2'

129
pihole/docker-compose.yml
View File

@ -1,80 +1,61 @@
--- networks:
services:
pihole: pihole:
container_name: pihole driver: bridge
image: pihole/pihole:latest ipam:
hostname: m-server config:
ports: - subnet: 192.168.78.0/24
# DNS Ports driver: default
- "53:53/tcp" services:
- "53:53/udp" orbital-sync:
# Default HTTP Port
- "9380:80/tcp"
# Default HTTPs Port. FTL will generate a self-signed certificate
- "9343:443/tcp"
# Uncomment the below if using Pi-hole as your DHCP Server
#- "67:67/udp"
environment: environment:
# Set the appropriate timezone for your location (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones), e.g: INTERVAL_MINUTES: 60
TZ: 'Europe/Bratislava' PRIMARY_HOST_BASE_URL: http://192.168.77.101:9380
# Set a password to access the web interface. Not setting one will result in a random password being assigned PRIMARY_HOST_PASSWORD: ${PASSWORD}
FTLCONF_webserver_api_password: ${PASSWORD} SECONDARY_HOSTS_1_BASE_URL: http://192.168.77.106:9380
FTLCONF_dns_upstreams: 8.8.8.8;8.8.4.4 SECONDARY_HOSTS_1_PASSWORD: ${PASSWORD}
FTLCONF_dns_listeningMode: all SECONDARY_HOSTS_1_PATH: /admin
# Volumes store your data between container upgrades SECONDARY_HOSTS_2_BASE_URL: http://192.168.77.238:9380
volumes: SECONDARY_HOSTS_2_PASSWORD: ${PASSWORD}
# For persisting Pi-hole's databases and common configuration file image: mattwebbio/orbital-sync:1
- '/share/docker_data/pihole/etc-pihole:/etc/pihole'
- '/share/docker_data/pihole/etc-dnsmasq.d:/etc/dnsmasq.d'
# Uncomment the below if you have custom dnsmasq config files that you want to persist. Not needed for most starting fresh with Pi-hole v6. If you're upgrading from v5 you and have used this directory before, you should keep it enabled for the first v6 container start to allow for a complete migration. It can be removed afterwards. Needs environment variable FTLCONF_misc_etc_dnsmasq_d: 'true'
#- './etc-dnsmasq.d:/etc/dnsmasq.d'
cap_add:
# See https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
# Required if you are using Pi-hole as your DHCP server, else not needed
- NET_ADMIN
# Required if you are using Pi-hole as your NTP client to be able to set the host's system time
- SYS_TIME
# Optional, if Pi-hole should get some more processing time
- SYS_NICE
restart: unless-stopped
#network_mode: host
labels: labels:
- com.centurylinklabs.watchtower.enable=true wud.watch.digest: true
- homepage.group=Infrastructure pihole:
- homepage.name=Pihole cap_add:
- homepage.weight=1 - NET_ADMIN
- homepage.icon=/images/pihole.png - SYS_TIME
- homepage.href=https://active.home.lan:9343/admin - SYS_NICE
- homepage.description=Add blocker container_name: pihole
- homepage.server=my-docker environment:
- homepage.container=pihole FTLCONF_dns_listeningMode: all
- homepage.widget.type=pihole FTLCONF_dns_upstreams: 8.8.8.8;8.8.4.4
- homepage.widget.url=https://active.home.lan:9343 FTLCONF_webserver_api_password: ${PASSWORD}
- homepage.widget.password=${PASSWORD} TZ: Europe/Bratislava
- homepage.widget.version=6 hostname: m-server
image: pihole/pihole:latest
labels:
com.centurylinklabs.watchtower.enable: 'true'
homepage.container: pihole
homepage.description: Add blocker
homepage.group: Infrastructure
homepage.href: https://active.home.lan:9343/admin
homepage.icon: /images/pihole.png
homepage.name: Pihole
homepage.server: my-docker
homepage.weight: '1'
homepage.widget.password: ${PASSWORD}
homepage.widget.type: pihole
homepage.widget.url: https://active.home.lan:9343
homepage.widget.version: '6'
wud.watch.digest: true
networks: networks:
pihole: pihole:
ipv4_address: 192.168.78.254 ipv4_address: 192.168.78.254
orbital-sync: ports:
image: mattwebbio/orbital-sync:1 - 53:53/tcp
environment: - 53:53/udp
PRIMARY_HOST_BASE_URL: 'http://192.168.77.101:9380' - 9380:80/tcp
PRIMARY_HOST_PASSWORD: ${PASSWORD} - 9343:443/tcp
#PRIMARY_HOST_PATH: /admin restart: unless-stopped
SECONDARY_HOSTS_1_BASE_URL: 'http://192.168.77.106:9380' volumes:
SECONDARY_HOSTS_1_PASSWORD: ${PASSWORD} - /share/docker_data/pihole/etc-pihole:/etc/pihole
SECONDARY_HOSTS_1_PATH: /admin - /share/docker_data/pihole/etc-dnsmasq.d:/etc/dnsmasq.d
SECONDARY_HOSTS_2_BASE_URL: 'http://192.168.77.238:9380'
SECONDARY_HOSTS_2_PASSWORD: ${PASSWORD}
# SECONDARY_HOSTS_3_BASE_URL: 'http://server:8080'
# SECONDARY_HOSTS_3_PASSWORD: 'your_password4'
# SECONDARY_HOSTS_3_PATH: '/apps/pi-hole'
INTERVAL_MINUTES: 60
networks:
pihole: # here we set the network name
driver: bridge
ipam:
driver: default
config:
- subnet: 192.168.78.0/24

51
portainer/docker-compose.yml
View File

@ -1,33 +1,32 @@
---
services: services:
portainer: portainer:
container_name: portainer container_name: portainer
image: portainer/portainer-ee:lts
ports:
- 9009:9000
volumes:
- /etc/localtime:/etc/localtime
- /share/docker_data/portainer/portainer-data/:/data
- /var/run/docker.sock:/var/run/docker.sock
restart: always
environment: environment:
- DOCKER_CONFIG=/data/docker_config/ - DOCKER_CONFIG=/data/docker_config/
image: portainer/portainer-ee:lts
labels:
com.centurylinklabs.watchtower.enable: 'true'
homepage.container: portainer
homepage.description: Docker container manager
homepage.group: Infrastructure
homepage.href: https://portainer.sectorq.eu
homepage.icon: portainer.png
homepage.name: Portainer
homepage.server: my-docker
homepage.weight: '10'
homepage.widget.env: '25'
homepage.widget.key: ptr_gfwpbP4AUDhZ4uoPmSfNUGqZq+gescoele8reP/l/GU
homepage.widget.type: portainer
homepage.widget.url: https://portainer.sectorq.eu
wud.watch.digest: true
logging: logging:
driver: loki driver: loki
options: options:
loki-url: "http://192.168.77.101:3100/loki/api/v1/push" loki-url: http://192.168.77.101:3100/loki/api/v1/push
ports:
labels: - 9009:9000
- com.centurylinklabs.watchtower.enable=true restart: always
- homepage.group=Infrastructure volumes:
- homepage.name=Portainer - /etc/localtime:/etc/localtime
- homepage.weight=10 - /share/docker_data/portainer/portainer-data/:/data
- homepage.icon=portainer.png - /var/run/docker.sock:/var/run/docker.sock
- homepage.href=https://portainer.sectorq.eu
- homepage.description=Docker container manager
- homepage.server=my-docker
- homepage.container=portainer
- homepage.widget.type=portainer
- homepage.widget.url=https://portainer.sectorq.eu
- homepage.widget.env=25
- homepage.widget.key=ptr_gfwpbP4AUDhZ4uoPmSfNUGqZq+gescoele8reP/l/GU=

22
rancher/docker-compose.yml
View File

@ -1,12 +1,14 @@
name: rancher name: rancher
services: services:
rancher: rancher:
restart: ${RESTART:-unless-stopped} command: --acme-domain rancher.sectorq.eu
ports: image: ${DOCKER_REGISTRY:-}rancher/rancher:latest
- 7080:80 labels:
- 7443:443 wud.watch.digest: true
privileged: true ports:
image: ${DOCKER_REGISTRY:-}rancher/rancher:latest - 7080:80
command: --acme-domain rancher.sectorq.eu - 7443:443
volumes: privileged: true
- /share/docker_data/rancher:/var/lib/rancher restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/rancher:/var/lib/rancher

44
registry/docker-compose.yml
View File

@ -1,25 +1,23 @@
name: registry name: registry
services: services:
registry: registry:
ports: container_name: registry
- 5000:5000 environment:
restart: always - REGISTRY_STORAGE_DELETE_ENABLED=true
container_name: registry - REGISTRY_AUTH=htpasswd
image: registry:2 - REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm
volumes: - REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd
- '/share/docker_data/registry/auth:/auth' image: registry:2
# - /share/docker_data/registry/certs:/certs labels:
- '/share/docker_registry/data:/var/lib/registry' wud.watch: false
environment: wud.watch.digest: true
- 'REGISTRY_STORAGE_DELETE_ENABLED=true' logging:
- 'REGISTRY_AUTH=htpasswd' driver: loki
- 'REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm' options:
- 'REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd' loki-url: http://192.168.77.101:3100/loki/api/v1/push
# - REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt ports:
# - REGISTRY_HTTP_TLS_KEY=/certs/domain.key - 5000:5000
logging: restart: always
driver: loki volumes:
options: - /share/docker_data/registry/auth:/auth
loki-url: "http://192.168.77.101:3100/loki/api/v1/push" - /share/docker_registry/data:/var/lib/registry
labels:
wud.watch: false

32
regsync/docker-compose.yml
View File

@ -1,17 +1,19 @@
name: regsync name: regsync
services: services:
regsync: regsync:
stdin_open: true command: -c /home/appuser/regsync.yml server
network_mode: host env_file:
logging: - stack.env
driver: loki image: ${DOCKER_REGISTRY:-}ghcr.io/regclient/regsync:latest
options: labels:
loki-url: "http://192.168.77.101:3100/loki/api/v1/push" wud.watch.digest: true
volumes: logging:
- /share/docker_data/regsync/regsync.yml:/home/appuser/regsync.yml driver: loki
- /etc/localtime:/etc/localtime options:
image: ${DOCKER_REGISTRY:-}ghcr.io/regclient/regsync:latest loki-url: http://192.168.77.101:3100/loki/api/v1/push
command: -c /home/appuser/regsync.yml server network_mode: host
env_file: restart: ${RESTART:-unless-stopped}
- stack.env stdin_open: true
restart: ${RESTART:-unless-stopped} volumes:
- /share/docker_data/regsync/regsync.yml:/home/appuser/regsync.yml
- /etc/localtime:/etc/localtime

28
semaphore/docker-compose.yml
View File

@ -1,20 +1,20 @@
--- networks:
node-red-net: null
services: services:
node-red: node-red:
image: ${DOCKER_REGISTRY:-}nodered/node-red:latest
environment:
- TZ=Europe/Bratislava
ports:
- "1880:1880"
networks:
- node-red-net
dns: dns:
- 192.168.77.101 - 192.168.77.101
volumes: environment:
- /share/docker_data/node-red:/data - TZ=Europe/Bratislava
image: ${DOCKER_REGISTRY:-}nodered/node-red:latest
labels: labels:
- com.centurylinklabs.watchtower.enable=true com.centurylinklabs.watchtower.enable: 'true'
wud.watch.digest: true
mem_limit: 1g mem_limit: 1g
networks:
- node-red-net
ports:
- 1880:1880
restart: always restart: always
networks: volumes:
node-red-net: - /share/docker_data/node-red:/data

16
uptime-kuma/docker-compose.yml
View File

@ -1,13 +1,13 @@
---
services: services:
uptime-kuma: uptime-kuma:
image: ${DOCKER_REGISTRY:-}louislam/uptime-kuma:2.0.0-beta.1
container_name: uptime-kuma container_name: uptime-kuma
restart: always image: ${DOCKER_REGISTRY:-}louislam/uptime-kuma:2.0.0-beta.1
ports:
- '3001:3001'
volumes:
- '/share/docker_data/uptime-kuma:/app/data'
- /var/run/docker.sock:/var/run/docker.sock
labels: labels:
com.centurylinklabs.watchtower.enable: true com.centurylinklabs.watchtower.enable: true
wud.watch.digest: true
ports:
- 3001:3001
restart: always
volumes:
- /share/docker_data/uptime-kuma:/app/data
- /var/run/docker.sock:/var/run/docker.sock

78
watchtower/docker-compose.yml
View File

@ -1,48 +1,48 @@
version: "3"
services: services:
watchtower: watchtower:
env_file: stack.env
image: ${DOCKER_REGISTRY:-}containrrr/watchtower:latest
command: --cleanup --label-enable --http-api-periodic-polls --http-api-metrics command: --cleanup --label-enable --http-api-periodic-polls --http-api-metrics
volumes: env_file: stack.env
- /var/run/docker.sock:/var/run/docker.sock
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
- /share/docker_data/watchtower/.docker/config.json:/config.json
environment: environment:
WATCHTOWER_NOTIFICATIONS: "email shoutrrr"
WATCHTOWER_NOTIFICATION_EMAIL_FROM: "sectorq77@gmail.com"
WATCHTOWER_NOTIFICATION_EMAIL_TO: "jaydee@sectorq.eu"
WATCHTOWER_NOTIFICATION_EMAIL_SERVER: "smtp.gmail.com"
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT: "465"
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER: "sectorq77"
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD: "uuhmmedfsjddmgbg"
WATCHTOWER_NOTIFICATION_EMAIL_DELAY: "2"
WATCHTOWER_NOTIFICATION_EMAIL_SUBJECTTAG: "NewUpdates"
WATCHTOWER_NOTIFICATIONS_HOSTNAME: "M-SERVER"
WATCHTOWER_LABEL_ENABLE: "true"
WATCHTOWER_NOTIFICATIONS_LEVEL: "debug"
WATCHTOWER_LIFECYCLE_HOOKS: "true"
WATCHTOWER_POLL_INTERVAL: 43200
WATCHTOWER_HTTP_API_TOKEN: l4c1j4yd33Du5lo WATCHTOWER_HTTP_API_TOKEN: l4c1j4yd33Du5lo
WATCHTOWER_LABEL_ENABLE: 'true'
WATCHTOWER_LIFECYCLE_HOOKS: 'true'
WATCHTOWER_NOTIFICATIONS: email shoutrrr
WATCHTOWER_NOTIFICATIONS_HOSTNAME: M-SERVER
WATCHTOWER_NOTIFICATIONS_LEVEL: debug
WATCHTOWER_NOTIFICATION_EMAIL_DELAY: '2'
WATCHTOWER_NOTIFICATION_EMAIL_FROM: sectorq77@gmail.com
WATCHTOWER_NOTIFICATION_EMAIL_SERVER: smtp.gmail.com
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD: uuhmmedfsjddmgbg
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT: '465'
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER: sectorq77
WATCHTOWER_NOTIFICATION_EMAIL_SUBJECTTAG: NewUpdates
WATCHTOWER_NOTIFICATION_EMAIL_TO: jaydee@sectorq.eu
WATCHTOWER_POLL_INTERVAL: 43200
image: ${DOCKER_REGISTRY:-}containrrr/watchtower:latest
labels: labels:
- com.centurylinklabs.watchtower.enable=true com.centurylinklabs.watchtower.enable: 'true'
- homepage.group=Infrastructure homepage.container: watchtower-watchtower-1
- homepage.name=Watchtower homepage.description: Docker container monitoring
- homepage.weight=100 homepage.group: Infrastructure
- homepage.icon=watchtower.png homepage.href: http://192.168.77.101:8094
- homepage.href=http://192.168.77.101:8094 homepage.icon: watchtower.png
- homepage.description=Docker container monitoring homepage.name: Watchtower
- homepage.server=my-docker homepage.server: my-docker
- homepage.container=watchtower-watchtower-1 homepage.weight: '100'
- homepage.widget.type=watchtower homepage.widget.key: l4c1j4yd33Du5lo
- homepage.widget.url=http://192.168.77.101:8094 homepage.widget.type: watchtower
- homepage.widget.key=l4c1j4yd33Du5lo homepage.widget.url: http://192.168.77.101:8094
ports: wud.watch.digest: true
- 8094:8080
restart: always
logging: logging:
driver: loki driver: loki
options: options:
loki-url: "http://192.168.77.101:3100/loki/api/v1/push" loki-url: http://192.168.77.101:3100/loki/api/v1/push
ports:
- 8094:8080
restart: always
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
- /share/docker_data/watchtower/.docker/config.json:/config.json
version: '3'

253
wazuh/docker-compose.yml
View File

@ -1,130 +1,133 @@
---
services: services:
wazuh.manager:
image: ${DOCKER_REGISTRY:-}wazuh/wazuh-manager:${VERSION:-4.10.1}
hostname: wazuh.manager
restart: always
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 655360
hard: 655360
dns:
- 192.168.77.101
ports:
- "1514:1514"
- "1515:1515"
- "514:514/udp"
- "55000:55000"
environment:
- INDEXER_URL=https://wazuh.indexer:9200
- INDEXER_USERNAME=admin
- INDEXER_PASSWORD=SecretPassword
- FILEBEAT_SSL_VERIFICATION_MODE=full
- SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem
- SSL_CERTIFICATE=/etc/ssl/filebeat.pem
- SSL_KEY=/etc/ssl/filebeat.key
- API_USERNAME=wazuh-wui
- API_PASSWORD=MyS3cr37P450r.*-
volumes:
- wazuh_api_configuration:/var/ossec/api/configuration
- wazuh_etc:/var/ossec/etc
- wazuh_logs:/var/ossec/logs
- wazuh_queue:/var/ossec/queue
- wazuh_var_multigroups:/var/ossec/var/multigroups
- wazuh_integrations:/var/ossec/integrations
- wazuh_active_response:/var/ossec/active-response/bin
- wazuh_agentless:/var/ossec/agentless
- wazuh_wodles:/var/ossec/wodles
- filebeat_etc:/etc/filebeat
- filebeat_var:/var/lib/filebeat
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca-manager.pem:/etc/ssl/root-ca.pem
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager.pem:/etc/ssl/filebeat.pem
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem:/etc/ssl/filebeat.key
- /share/docker_data/wazuh/config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
labels:
- com.centurylinklabs.watchtower.enable=true
- homepage.group=Utilities
- homepage.name=Wazuh
- homepage.weight=1
- homepage.icon=wazuh.png
- homepage.href=https://wazuh.sectorq.eu
- homepage.description=Security monitoring
- homepage.server=my-docker
- homepage.container=wazuh-wazuh.manager-1
wazuh.indexer:
image: ${DOCKER_REGISTRY:-}wazuh/wazuh-indexer:${VERSION:-4.10.1}
hostname: wazuh.indexer
restart: always
ports:
- "9200:9200"
environment:
- "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g"
dns:
- 192.168.77.101
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
volumes:
- wazuh-indexer-data:/var/lib/wazuh-indexer
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.key
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.pem
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem
- /share/docker_data/wazuh/config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
- /share/docker_data/wazuh/config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
- /share/docker_data/wazuh/config/wazuh_indexer/roles_mapping.yml:/usr/share/wazuh-indexer/opensearch-security/roles_mapping.yml
- /share/docker_data/wazuh/config/wazuh_indexer/config.yml:/usr/share/wazuh-indexer/opensearch-security/config.yml
- /share/docker_data/wazuh/config/wazuh_indexer/idp-metadata.xml:/usr/share/wazuh-indexer/opensearch-security/idp-metadata.xml
wazuh.dashboard: wazuh.dashboard:
image: ${DOCKER_REGISTRY:-}wazuh/wazuh-dashboard:${VERSION:-4.10.1}
hostname: wazuh.dashboard
restart: always
ports:
- 5601:5601
dns:
- 192.168.77.101
environment:
- INDEXER_USERNAME=admin
- INDEXER_PASSWORD=SecretPassword
- WAZUH_API_URL=https://wazuh.manager
- DASHBOARD_USERNAME=kibanaserver
- DASHBOARD_PASSWORD=kibanaserver
- API_USERNAME=wazuh-wui
- API_PASSWORD=MyS3cr37P450r.*-
volumes:
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
- /share/docker_data/wazuh/config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
- /share/docker_data/wazuh/config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
- wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config
- wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
depends_on: depends_on:
- wazuh.indexer - wazuh.indexer
dns:
- 192.168.77.101
environment:
- INDEXER_USERNAME=admin
- INDEXER_PASSWORD=SecretPassword
- WAZUH_API_URL=https://wazuh.manager
- DASHBOARD_USERNAME=kibanaserver
- DASHBOARD_PASSWORD=kibanaserver
- API_USERNAME=wazuh-wui
- API_PASSWORD=MyS3cr37P450r.*-
hostname: wazuh.dashboard
image: ${DOCKER_REGISTRY:-}wazuh/wazuh-dashboard:${VERSION:-4.10.1}
labels:
wud.watch.digest: true
links: links:
- wazuh.indexer:wazuh.indexer - wazuh.indexer:wazuh.indexer
- wazuh.manager:wazuh.manager - wazuh.manager:wazuh.manager
ports:
- 5601:5601
restart: always
volumes:
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
- /share/docker_data/wazuh/config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
- /share/docker_data/wazuh/config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
- wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config
- wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
wazuh.indexer:
dns:
- 192.168.77.101
environment:
- OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g
hostname: wazuh.indexer
image: ${DOCKER_REGISTRY:-}wazuh/wazuh-indexer:${VERSION:-4.10.1}
labels:
wud.watch.digest: true
ports:
- 9200:9200
restart: always
ulimits:
memlock:
hard: -1
soft: -1
nofile:
hard: 65536
soft: 65536
volumes:
- wazuh-indexer-data:/var/lib/wazuh-indexer
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.key
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.pem
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem
- /share/docker_data/wazuh/config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
- /share/docker_data/wazuh/config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
- /share/docker_data/wazuh/config/wazuh_indexer/roles_mapping.yml:/usr/share/wazuh-indexer/opensearch-security/roles_mapping.yml
- /share/docker_data/wazuh/config/wazuh_indexer/config.yml:/usr/share/wazuh-indexer/opensearch-security/config.yml
- /share/docker_data/wazuh/config/wazuh_indexer/idp-metadata.xml:/usr/share/wazuh-indexer/opensearch-security/idp-metadata.xml
wazuh.manager:
dns:
- 192.168.77.101
environment:
- INDEXER_URL=https://wazuh.indexer:9200
- INDEXER_USERNAME=admin
- INDEXER_PASSWORD=SecretPassword
- FILEBEAT_SSL_VERIFICATION_MODE=full
- SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem
- SSL_CERTIFICATE=/etc/ssl/filebeat.pem
- SSL_KEY=/etc/ssl/filebeat.key
- API_USERNAME=wazuh-wui
- API_PASSWORD=MyS3cr37P450r.*-
hostname: wazuh.manager
image: ${DOCKER_REGISTRY:-}wazuh/wazuh-manager:${VERSION:-4.10.1}
labels:
com.centurylinklabs.watchtower.enable: 'true'
homepage.container: wazuh-wazuh.manager-1
homepage.description: Security monitoring
homepage.group: Utilities
homepage.href: https://wazuh.sectorq.eu
homepage.icon: wazuh.png
homepage.name: Wazuh
homepage.server: my-docker
homepage.weight: '1'
wud.watch.digest: true
ports:
- 1514:1514
- 1515:1515
- 514:514/udp
- 55000:55000
restart: always
ulimits:
memlock:
hard: -1
soft: -1
nofile:
hard: 655360
soft: 655360
volumes:
- wazuh_api_configuration:/var/ossec/api/configuration
- wazuh_etc:/var/ossec/etc
- wazuh_logs:/var/ossec/logs
- wazuh_queue:/var/ossec/queue
- wazuh_var_multigroups:/var/ossec/var/multigroups
- wazuh_integrations:/var/ossec/integrations
- wazuh_active_response:/var/ossec/active-response/bin
- wazuh_agentless:/var/ossec/agentless
- wazuh_wodles:/var/ossec/wodles
- filebeat_etc:/etc/filebeat
- filebeat_var:/var/lib/filebeat
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca-manager.pem:/etc/ssl/root-ca.pem
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager.pem:/etc/ssl/filebeat.pem
- /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem:/etc/ssl/filebeat.key
- /share/docker_data/wazuh/config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
volumes: volumes:
wazuh_api_configuration: filebeat_etc: null
wazuh_etc: filebeat_var: null
wazuh_logs: wazuh-dashboard-config: null
wazuh_queue: wazuh-dashboard-custom: null
wazuh_var_multigroups: wazuh-indexer-data: null
wazuh_integrations: wazuh_active_response: null
wazuh_active_response: wazuh_agentless: null
wazuh_agentless: wazuh_api_configuration: null
wazuh_wodles: wazuh_etc: null
filebeat_etc: wazuh_integrations: null
filebeat_var: wazuh_logs: null
wazuh-indexer-data: wazuh_queue: null
wazuh-dashboard-config: wazuh_var_multigroups: null
wazuh-dashboard-custom: wazuh_wodles: null

40
webhub/docker-compose.yml
View File

@ -1,29 +1,29 @@
---
services: services:
heimdall: heimdall:
image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/heimdall:latest
container_name: heimdall container_name: heimdall
environment: environment:
- PUID=1000 - PUID=1000
- PGID=1000 - PGID=1000
- TZ=Europe/Bratislava - TZ=Europe/Bratislava
volumes: image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/heimdall:latest
- /share/docker_data/heimdall/config:/config
ports:
- 8084:80
- 4437:443
restart: ${RESTART:-unless-stopped}
labels: labels:
com.centurylinklabs.watchtower.enable: true com.centurylinklabs.watchtower.enable: true
web: wud.watch.digest: true
image: ${DOCKER_REGISTRY:-}nginx:latest ports:
- 8084:80
- 4437:443
restart: ${RESTART:-unless-stopped} restart: ${RESTART:-unless-stopped}
volumes: volumes:
- /share/docker_data/heimdall/config:/config
- /share/docker_data/webhub:/usr/share/nginx/html web:
ports:
- "48000:80"
environment: environment:
- NGINX_HOST=sectorq.eu - NGINX_HOST=sectorq.eu
- NGINX_PORT=80 - NGINX_PORT=80
image: ${DOCKER_REGISTRY:-}nginx:latest
labels:
wud.watch.digest: true
ports:
- 48000:80
restart: ${RESTART:-unless-stopped}
volumes:
- /share/docker_data/webhub:/usr/share/nginx/html

50
wud/docker-compose.yml
View File

@ -1,32 +1,32 @@
services: services:
whatsupdocker: whatsupdocker:
image: ${DOCKER_REGISTRY:-}getwud/wud
container_name: wud container_name: wud
env_file: env_file:
- stack.env - stack.env
volumes: image: ${DOCKER_REGISTRY:-}getwud/wud
- /var/run/docker.sock:/var/run/docker.sock labels:
- /share/docker_data/wud/data:/store com.centurylinklabs.watchtower.enable: 'true'
- /share/docker_data/wud/certs:/certs homepage.container: wud
ports: homepage.description: Docker container management
- 3008:3000 homepage.group: Infrastructure
restart: ${RESTART:-unless-stopped} homepage.href: https://wud.sectorq.eu
homepage.icon: /images/wud-logo.png
homepage.name: What's Up Docker
homepage.server: my-docker
homepage.weight: '1'
homepage.widget.password: l4c1j4yd33Du5lo
homepage.widget.type: whatsupdocker
homepage.widget.url: https://wud.sectorq.eu
homepage.widget.username: homepage
wud.watch.digest: true
logging: logging:
driver: loki driver: loki
options: options:
loki-url: "http://192.168.77.101:3100/loki/api/v1/push" loki-url: http://192.168.77.101:3100/loki/api/v1/push
labels: ports:
- wud.watch.digest=true - 3008:3000
- com.centurylinklabs.watchtower.enable=true restart: ${RESTART:-unless-stopped}
- homepage.group=Infrastructure volumes:
- homepage.name=What's Up Docker - /var/run/docker.sock:/var/run/docker.sock
- homepage.weight=1 - /share/docker_data/wud/data:/store
- homepage.icon=/images/wud-logo.png - /share/docker_data/wud/certs:/certs
- homepage.href=https://wud.sectorq.eu
- homepage.description=Docker container management
- homepage.server=my-docker
- homepage.container=wud
- homepage.widget.type=whatsupdocker
- homepage.widget.url=https://wud.sectorq.eu
- homepage.widget.username=homepage # optional
- homepage.widget.password=l4c1j4yd33Du5lo # optional

128
zabbix-server/docker-compose.yml
View File

@ -1,74 +1,72 @@
version: '3' networks:
zabbix:
driver: bridge
ipam:
config:
- subnet: 192.168.89.0/28
driver: default
services: services:
zabbix-server:
image: ${DOCKER_REGISTRY:-}zabbix/zabbix-server-pgsql:alpine-latest
ports:
- "10051:10051"
env_file:
- stack.env
depends_on:
- db-server
restart: unless-stopped
extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
file: logging.yml
#service: openvino # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
service: ${LOGGING:-syslog}
labels:
- com.centurylinklabs.watchtower.enable=true
- homepage.group=Utilities
- homepage.weight=90
- homepage.name=Zabbix Server
- homepage.icon=${APPNAME}.png
- homepage.href=https://${APPNAME}.sectorq.eu
- homepage.description=Monitoring server
- homepage.server=my-docker
- homepage.container=zabbix-server-zabbix-server-1
- homepage.widget.type=${APPNAME}
- homepage.widget.url=https://${APPNAME}.sectorq.eu
- homepage.widget.key=a5294f55cccb490cded051a6ccd45f15f3434f06f7c77de4b22abc8bf086534a
#- homepage.widget.version=2
# - homepage.widget.fields=["field1","field2"] # optional
networks:
zabbix:
ipv4_address: 192.168.89.2
zabbix-frontend:
image: ${DOCKER_REGISTRY:-}zabbix/zabbix-web-nginx-pgsql:alpine-latest
ports:
- "8051:8080"
- "4435:8443"
env_file:
- stack.env
depends_on:
- db-server
#volumes:
#- "./ui:/usr/share/zabbix"
volumes:
- /share/docker_data/zabbix-server/frontend/certs:/usr/share/zabbix/conf/certs
restart: unless-stopped
labels:
com.centurylinklabs.watchtower.enable: true
networks:
zabbix:
ipv4_address: 192.168.89.3
db-server: db-server:
image: ${DOCKER_REGISTRY:-}postgres:16-alpine
ports:
- 5432:5432
volumes:
- /share/docker_data/zabbix-server/postgres-data:/var/lib/postgresql/data
env_file: env_file:
- stack.env - stack.env
restart: unless-stopped image: ${DOCKER_REGISTRY:-}postgres:16-alpine
labels: labels:
com.centurylinklabs.watchtower.enable: true com.centurylinklabs.watchtower.enable: true
wud.watch: false wud.watch: false
wud.watch.digest: true
networks: networks:
zabbix: zabbix:
ipv4_address: 192.168.89.4 ipv4_address: 192.168.89.4
networks: ports:
zabbix: # here we set the network name - 5432:5432
driver: bridge restart: unless-stopped
ipam: volumes:
driver: default - /share/docker_data/zabbix-server/postgres-data:/var/lib/postgresql/data
config: zabbix-frontend:
- subnet: 192.168.89.0/28 depends_on:
- db-server
env_file:
- stack.env
image: ${DOCKER_REGISTRY:-}zabbix/zabbix-web-nginx-pgsql:alpine-latest
labels:
com.centurylinklabs.watchtower.enable: true
wud.watch.digest: true
networks:
zabbix:
ipv4_address: 192.168.89.3
ports:
- 8051:8080
- 4435:8443
restart: unless-stopped
volumes:
- /share/docker_data/zabbix-server/frontend/certs:/usr/share/zabbix/conf/certs
zabbix-server:
depends_on:
- db-server
env_file:
- stack.env
extends:
file: logging.yml
service: ${LOGGING:-syslog}
image: ${DOCKER_REGISTRY:-}zabbix/zabbix-server-pgsql:alpine-latest
labels:
com.centurylinklabs.watchtower.enable: 'true'
homepage.container: zabbix-server-zabbix-server-1
homepage.description: Monitoring server
homepage.group: Utilities
homepage.href: https://${APPNAME}.sectorq.eu
homepage.icon: ${APPNAME}.png
homepage.name: Zabbix Server
homepage.server: my-docker
homepage.weight: '90'
homepage.widget.key: a5294f55cccb490cded051a6ccd45f15f3434f06f7c77de4b22abc8bf086534a
homepage.widget.type: ${APPNAME}
homepage.widget.url: https://${APPNAME}.sectorq.eu
wud.watch.digest: true
networks:
zabbix:
ipv4_address: 192.168.89.2
ports:
- 10051:10051
restart: unless-stopped
version: '3'