build

kopia/docker-compose.yml

@@ -0,0 +1,33 @@
+version: '3.7'
+services:
+    kopia:
+        image: kopia/kopia:latest
+        hostname: Hostname
+        container_name: Kopia
+        restart: unless-stopped
+        ports:
+            - 51515:51515
+        # Setup the server that provides the web gui
+        command:
+            - server
+            - start
+            - --disable-csrf-token-checks
+            - --insecure
+            - --address=0.0.0.0:51515
+            - --server-username=jaydee
+            - --server-password=l4c1j4yd33Du5lo
+        environment:
+            # Set repository password
+            KOPIA_PASSWORD: "l4c1j4yd33Du5lo"
+            USER: "jaydee"
+        volumes:
+            # Mount local folders needed by kopia
+            - /share/docker_data/kopia/config/dir:/app/config
+            - /share/docker_data/kopia/cache/dir:/app/cache
+            - /share/docker_data/kopia/logs/dir:/app/logs
+            # Mount local folders to snapshot
+            - /var/lib/docker/volumes:/data:ro
+            # Mount repository location
+            - /media/nas/data/docker_data/kopia/repository:/repository
+            # Mount path for browsing mounted snapshots
+            - /share/docker_data/kopia/tmp/dir:/tmp:shared

ollama/docker-compose.yml

@@ -9,11 +9,29 @@ services:
     volumes:
       - models:/root/.ollama
     environment:
-      - HSA_OVERRIDE_GFX_VERSION=11.0.0
+      - HSA_OVERRIDE_GFX_VERSION=10.3.0
     ports:
       - "11434:11434"
     dns:
       - "8.8.8.8"
-      
+  openwebui:
+    image: ghcr.io/open-webui/open-webui:main
+    ports:
+      - "3004:8080"
+    volumes:
+      - open-webui:/app/backend/data
+    environment:
+      - OAUTH_CLIENT_ID=00064iMSupbqgHwpL7f0k27BpKZ6JUDcdKOYFtRM
+      - OAUTH_CLIENT_SECRET=A8Hlk2kKjfU1WTIOxKejOrPxpji9hmg5kVEMXF03Z4ptokEkBComXrBfxkQbDUHMzbp1W5y3uulIxZ2K1VlRcQC7x28yMnYryHmUatcACFHNAKKJuN6HHnZXQSZsi0se
+      - OAUTH_PROVIDER_NAME=authentik
+      - OPENID_PROVIDER_URL=https://auth.sectorq.eu/application/o/openwebui/.well-known/openid-configuration
+      - OPENID_REDIRECT_URI=https://openwebui.sectorq.eu/oauth/oidc/callback
+      - WEBUI_URL=https://openwebui.sectorq.eu
+      # Allows auto-creation of new users using OAuth. Must be paired with ENABLE_LOGIN_FORM=false.
+      - ENABLE_OAUTH_SIGNUP=true
+      # Disables user/password login form. Required when ENABLE_OAUTH_SIGNUP=true.
+      - ENABLE_LOGIN_FORM=false
+      - OAUTH_MERGE_ACCOUNTS_BY_EMAIL=true
 volumes:
+  open-webui:
   models:

searxng/docker-compose.yml

@@ -0,0 +1,10 @@
+services:
+  app:
+    image: searxng/searxng:latest
+    ports:
+      - "8688:8080"
+    volumes:
+      - searxng:/etc/searxng:rw
+    restart: unless-stopped
+volumes:
+  searxng:

wazuh/.env

@@ -1,2 +0,0 @@
-VERSION=4.11.0
-DOCKER_REGISTRY=r.sectorq.eu/library/

wazuh/docker-compose.yml

@@ -1,136 +1,114 @@
+# Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
 services:
-  wazuh.dashboard:
-    depends_on:
-    - wazuh.indexer
-    dns:
-    - 192.168.77.101
-    environment:
-    - INDEXER_USERNAME=admin
-    - INDEXER_PASSWORD=SecretPassword
-    - WAZUH_API_URL=https://wazuh.manager
-    - DASHBOARD_USERNAME=kibanaserver
-    - DASHBOARD_PASSWORD=kibanaserver
-    - API_USERNAME=wazuh-wui
-    - API_PASSWORD=MyS3cr37P450r.*-
-    hostname: wazuh.dashboard
-    image: ${DOCKER_REGISTRY:-}wazuh/wazuh-dashboard:${VERSION:-4.10.1}
-    labels:
-      wud.watch: 'true'
-      wud.watch.digest: 'true'
-    links:
-    - wazuh.indexer:wazuh.indexer
-    - wazuh.manager:wazuh.manager
-    ports:
-    - 5601:5601
-    restart: always
-    volumes:
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
-    - /share/docker_data/wazuh/config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
-    - /share/docker_data/wazuh/config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
-    - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config
-    - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
-  wazuh.indexer:
-    dns:
-    - 192.168.77.101
-    environment:
-    - OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g
-    hostname: wazuh.indexer
-    image: ${DOCKER_REGISTRY:-}wazuh/wazuh-indexer:${VERSION:-4.10.1}
-    labels:
-      wud.watch: 'true'
-      wud.watch.digest: 'true'
-    ports:
-    - 9200:9200
-    restart: always
-    ulimits:
-      memlock:
-        hard: -1
-        soft: -1
-      nofile:
-        hard: 65536
-        soft: 65536
-    volumes:
-    - wazuh-indexer-data:/var/lib/wazuh-indexer
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.key
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.pem
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem
-    - /share/docker_data/wazuh/config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
-    - /share/docker_data/wazuh/config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
-    - /share/docker_data/wazuh/config/wazuh_indexer/roles_mapping.yml:/usr/share/wazuh-indexer/opensearch-security/roles_mapping.yml
-    - /share/docker_data/wazuh/config/wazuh_indexer/config.yml:/usr/share/wazuh-indexer/opensearch-security/config.yml
-    - /share/docker_data/wazuh/config/wazuh_indexer/idp-metadata.xml:/usr/share/wazuh-indexer/opensearch-security/idp-metadata.xml
   wazuh.manager:
-    dns:
+    image: wazuh/wazuh-manager:4.14.0
-    - 192.168.77.101
-    environment:
-    - INDEXER_URL=https://wazuh.indexer:9200
-    - INDEXER_USERNAME=admin
-    - INDEXER_PASSWORD=SecretPassword
-    - FILEBEAT_SSL_VERIFICATION_MODE=full
-    - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem
-    - SSL_CERTIFICATE=/etc/ssl/filebeat.pem
-    - SSL_KEY=/etc/ssl/filebeat.key
-    - API_USERNAME=wazuh-wui
-    - API_PASSWORD=MyS3cr37P450r.*-
     hostname: wazuh.manager
-    image: ${DOCKER_REGISTRY:-}wazuh/wazuh-manager:${VERSION:-4.10.1}
-    labels:
-      com.centurylinklabs.watchtower.enable: 'true'
-      homepage.container: wazuh-wazuh.manager-1
-      homepage.description: Security monitoring
-      homepage.group: Utilities
-      homepage.href: https://wazuh.sectorq.eu
-      homepage.icon: wazuh.png
-      homepage.name: Wazuh
-      homepage.server: my-docker
-      homepage.weight: '1'
-      wud.watch: 'true'
-      wud.watch.digest: 'true'
-    ports:
-    - 1514:1514
-    - 1515:1515
-    - 514:514/udp
-    - 55000:55000
     restart: always
     ulimits:
       memlock:
-        hard: -1
         soft: -1
+        hard: -1
       nofile:
-        hard: 655360
         soft: 655360
+        hard: 655360
+    ports:
+      - "1514:1514"
+      - "1515:1515"
+      - "514:514/udp"
+      - "55000:55000"
+    environment:
+      - INDEXER_URL=https://wazuh.indexer:9200
+      - INDEXER_USERNAME=admin
+      - INDEXER_PASSWORD=SecretPassword
+      - FILEBEAT_SSL_VERIFICATION_MODE=full
+      - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem
+      - SSL_CERTIFICATE=/etc/ssl/filebeat.pem
+      - SSL_KEY=/etc/ssl/filebeat.key
+      - API_USERNAME=wazuh-wui
+      - API_PASSWORD=MyS3cr37P450r.*-
     volumes:
-    - wazuh_api_configuration:/var/ossec/api/configuration
+      - wazuh_api_configuration:/var/ossec/api/configuration
-    - wazuh_etc:/var/ossec/etc
+      - wazuh_etc:/var/ossec/etc
-    - wazuh_logs:/var/ossec/logs
+      - wazuh_logs:/var/ossec/logs
-    - wazuh_queue:/var/ossec/queue
+      - wazuh_queue:/var/ossec/queue
-    - wazuh_var_multigroups:/var/ossec/var/multigroups
+      - wazuh_var_multigroups:/var/ossec/var/multigroups
-    - wazuh_integrations:/var/ossec/integrations
+      - wazuh_integrations:/var/ossec/integrations
-    - wazuh_active_response:/var/ossec/active-response/bin
+      - wazuh_active_response:/var/ossec/active-response/bin
-    - wazuh_agentless:/var/ossec/agentless
+      - wazuh_agentless:/var/ossec/agentless
-    - wazuh_wodles:/var/ossec/wodles
+      - wazuh_wodles:/var/ossec/wodles
-    - filebeat_etc:/etc/filebeat
+      - filebeat_etc:/etc/filebeat
-    - filebeat_var:/var/lib/filebeat
+      - filebeat_var:/var/lib/filebeat
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca-manager.pem:/etc/ssl/root-ca.pem
+      - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca-manager.pem:/etc/ssl/root-ca.pem
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager.pem:/etc/ssl/filebeat.pem
+      - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager.pem:/etc/ssl/filebeat.pem
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem:/etc/ssl/filebeat.key
+      - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem:/etc/ssl/filebeat.key
-    - /share/docker_data/wazuh/config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
+      - /share/docker_data/wazuh/config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
+
+  wazuh.indexer:
+    image: wazuh/wazuh-indexer:4.14.0
+    hostname: wazuh.indexer
+    restart: always
+    ports:
+      - "9200:9200"
+    environment:
+      - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g"
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+      nofile:
+        soft: 65536
+        hard: 65536
+    volumes:
+      - wazuh-indexer-data:/var/lib/wazuh-indexer
+      - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem
+      - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.key
+      - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.pem
+      - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem
+      - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem
+      - /share/docker_data/wazuh/config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml
+      - /share/docker_data/wazuh/config/wazuh_indexer/wazuh_authentik_meta.xml:/etc/wazuh-indexer/opensearch-security/wazuh_authentik_meta.xml
+      - /share/docker_data/wazuh/config/wazuh_indexer/config.yml:/usr/share/wazuh-indexer/config/opensearch-security/config.yml
+
+  wazuh.dashboard:
+    image: wazuh/wazuh-dashboard:4.14.0
+    hostname: wazuh.dashboard
+    restart: always
+    ports:
+      - 5601:5601
+    environment:
+      - INDEXER_USERNAME=admin
+      - INDEXER_PASSWORD=SecretPassword
+      - WAZUH_API_URL=https://wazuh.manager
+      - DASHBOARD_USERNAME=kibanaserver
+      - DASHBOARD_PASSWORD=kibanaserver
+      - API_USERNAME=wazuh-wui
+      - API_PASSWORD=MyS3cr37P450r.*-
+    volumes:
+      - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
+      - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
+      - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
+      - /share/docker_data/wazuh/config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
+      - /share/docker_data/wazuh/config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
+      - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config
+      - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
+    depends_on:
+      - wazuh.indexer
+    links:
+      - wazuh.indexer:wazuh.indexer
+      - wazuh.manager:wazuh.manager
+
 volumes:
-  filebeat_etc: null
+  wazuh_api_configuration:
-  filebeat_var: null
+  wazuh_etc:
-  wazuh-dashboard-config: null
+  wazuh_logs:
-  wazuh-dashboard-custom: null
+  wazuh_queue:
-  wazuh-indexer-data: null
+  wazuh_var_multigroups:
-  wazuh_active_response: null
+  wazuh_integrations:
-  wazuh_agentless: null
+  wazuh_active_response:
-  wazuh_api_configuration: null
+  wazuh_agentless:
-  wazuh_etc: null
+  wazuh_wodles:
-  wazuh_integrations: null
+  filebeat_etc:
-  wazuh_logs: null
+  filebeat_var:
-  wazuh_queue: null
+  wazuh-indexer-data:
-  wazuh_var_multigroups: null
+  wazuh-dashboard-config:
-  wazuh_wodles: null
+  wazuh-dashboard-custom: