sickprodigy/docker-home-server
1
0
Fork 0
Code Issues 14 Pull Requests Packages Projects Releases Wiki Activity

Move all service folders into docker-compose directory

Browse Source
This commit is contained in:
Aaron
2025-11-27 19:24:55 -05:00
parent 2f2dc52f74
commit fb0f74d72f
141 changed files with 0 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
docker-compose/adguard/docker-compose.yml Normal file
View File

@@ -0,0 +1,74 @@
# Version isn't needed for docker CLI since 2020
# All 2.x and 3.x features are supported
# V1 EOL June 2023
---
#version: "2.1" #needed if you want ipv6 supposedly
services:
adguardhome:
image: adguard/adguardhome
container_name: adguardhome
environment:
- PUID=1000
- PGID=1006
volumes:
#Old Locations
#- /docker-containers/adguard/conf:/opt/adguardhome/conf
#- /docker-containers/adguard/work:/opt/adguardhome/work
#- /docker-containers/swag-letsencrypt/keys/letsencrypt/fullchain.pem:/opt/adguardhome/certs/fullchain.pem:r
#- /docker-containers/swag-letsencrypt/keys/letsencrypt/privkey.pem:/opt/adguardhome/certs/privkey.pem:r
- /docker-containers/adguard/conf:/opt/adguardhome/conf
- /docker-containers/adguard/work:/opt/adguardhome/work
#- /docker-containers/swag-letsencrypt/keys/letsencrypt/fullchain.pem:/opt/adguardhome/certs/fullchain.pem:r # sometimes perm for file is root
- /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/fullchain.pem:/opt/adguardhome/certs/fullchain.pem:r
#- /docker-containers/swag-letsencrypt/keys/letsencrypt/privkey.pem:/opt/adguardhome/certs/privkey.pem:r
- /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/privkey.pem:/opt/adguardhome/certs/privkey.pem:r
ports:
# DNS
- 53:53
# # DHCP server
#- 67:67/udp
#- 68:68/tcp
#- 68:68/udp
- 8599:80/tcp # Dns over https through http
# # HTTPS/DNS-over-HTTPS
- 444:443/tcp
# # DNS-over-TLS
- 853:853/tcp
# # DNS-over-QUIC
- 784:784/udp
# # DNSCrypt
- 5443:5443/tcp
- 5443:5443/udp
# # WebUI
- 3000:3000/tcp
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
mcprodnet:
ipv4_address: 192.168.1.169
#ipv6_address: 2605:a601:a627:100:2::1 # ip changed
# ipv6_address: 2605:a601:9132:d100:2::1 # newer, private setup within your network is better though fe:etc
# ipv6_address: 2001:3200:3200::20 # disabled because google fiber is shit and always changing and no way to update here
homelab:
aliases:
- adguard # adding multiple aliases under certain network
- adg
networks: # specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one
mcprodnet:
#enable_ipv6: true
name: mcprodnet # We will name the network instead of letting docker do something random
# external: true # This option causes compose to join the above network instead of making a _default one
driver: macvlan # Making the above network macvlan
driver_opts: # driver options to use
parent: eno1 # usually eth0 or eth1 but not always, used enp3s0 and enp4s0, had to delete /var/lib/docker/network/files/local-kv.db because phantom network
ipam:
config:
- subnet: "192.168.1.0/24" #Basically copy router range
gateway: "192.168.1.1" #host will eventually route to router, or just go direct
# - subnet: "2605:a601:9132:d100:2::/80" # dual subnet ipv6, has to match router subnet unfortunately for external connections like samsung tv
# gateway: "2605:a601:9132:d100:2:ffff:ffff:ffff" #this needs to be router(ish)

38
docker-compose/airdcpp/docker-compose.yml Normal file
View File

@@ -0,0 +1,38 @@
services:
airdcpp:
image: gangefors/airdcpp-webclient
container_name: airdcpp
environment:
- PUID=1000
- PGID=1006
volumes:
- /docker-containers/airdcpp/config:/.airdcpp
- "/unsorted/airdcpp:/Downloads" #Shared Downloads folder
- "/Books:/Share/Books" #Shared Books folder
- "/games:/Share/Games" #Shared Games folder
- "/Music:/Share/Music" #Shared Music Folder
- "/Movies:/Share/Movies" #Shared Movies folder
- "/srv/samba/programs/Movies:/Share/Programs" #Shared Movies folder
- "/TvShows:/Share/TvShows" #Shared TvShows folder
- "/Videos:/Share/Videos" #Shared Videos folder
ports:
#- 80:5600
- 5602:5600
#- 443:5601
- 5603:5601
- 21248:21248
- 21248:21248/udp
- 21249:21249
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
homelab:
aliases:
- dcpp # adding multiple aliases under certain network
networks: # specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

44
docker-compose/amule/docker-compose.yml Normal file
View File

@@ -0,0 +1,44 @@
---
services:
amule:
image: ngosang/amule
container_name: amule
restart: unless-stopped
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
- GUI_PWD=ChangeMe123
- WEBUI_PWD=ChangeMe123
- MOD_AUTO_RESTART_ENABLED=true
- MOD_AUTO_RESTART_CRON=0 6 * * *
- MOD_AUTO_SHARE_ENABLED=true
- MOD_AUTO_SHARE_DIRECTORIES=/incoming;/shared/books;/shared/music
- MOD_FIX_KAD_GRAPH_ENABLED=true
- MOD_FIX_KAD_BOOTSTRAP_ENABLED=true
ports:
- "4711:4711" # web ui
- "4712:4712" # remote gui, webserver, cmd ...
- "4662:4662" # ed2k tcp
- "4665:4665/udp" # ed2k global search udp (tcp port +3)
- "4672:4672/udp" # ed2k udp
volumes:
- /docker-containers/amule/config:/home/amule/.aMule
- /unsorted/amule/downloaded:/incoming
- /unsorted/amule/temp:/temp
- /Books:/shared/books #Shared Books folder
- /Music:/shared/music #Shared Music folder
# - "/games:/Share/Games" #Shared Games folder
# - "/Movies:/Share/Movies" #Shared Movies folder
# - "/srv/samba/programs/Movies:/Share/Programs" #Shared Movies folder
# - "/TvShows:/Share/TvShows" #Shared TvShows folder
# - "/Videos:/Share/Videos" #Shared Videos folder
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

24
docker-compose/apprise/docker-compose.yml Normal file
View File

@@ -0,0 +1,24 @@
---
services:
apprise:
image: lscr.io/linuxserver/apprise-api:latest
container_name: apprise
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
- APPRISE_ATTACH_SIZE=0 #optional
volumes:
- /docker-containers/apprise/config:/config
- /docker-containers/apprise/attachments:/attachments #optional
ports:
- 8004:8000
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

36
docker-compose/aria2/docker-compose.yml Normal file
View File

@@ -0,0 +1,36 @@
---
services:
webui-aria2:
image: ndthuan/aria2-alpine
container_name: webui-aria2
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
volumes:
- /docker-containers/freshrss/config:/config
- /unsorted/aria2:/downloads
- /docker-containers/aria2:/home/aria/.aria2
ports:
- 6800:6800
- 9100:8080
restart: unless-stopped
stdin_open: true
tty: true
networks:
- homelab
httpd:
image: busybox
volumes:
- ./:/usr/html
ports:
- "80:80"
command: /bin/busybox httpd -f -p 80 -h /usr/html
networks:
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

27
docker-compose/audiobookshelf/docker-compose.yml Normal file
View File

@@ -0,0 +1,27 @@
version: "3.7"
services:
audiobookshelf:
container_name: audiobookshelf
image: ghcr.io/advplyr/audiobookshelf:latest #2.3.3
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
ports:
- 13378:80
volumes:
- /Books/audio_books:/audiobooks
- /Books/calibre:/calibre
- /Books/Educational:/books-educational
- /Music/Podcasts:/podcasts
- /docker-containers/audiobookshelf:/config
- /docker-containers/audiobookshelf/metadata:/metadata
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

25
docker-compose/authelia/docker-compose.yml Normal file
View File

@@ -0,0 +1,25 @@
---
version: "3.8"
services:
authelia:
container_name: authelia
image: docker.io/authelia/authelia:latest
restart: unless-stopped
networks:
homelab:
aliases: [auth]
expose:
- 9091
environment:
TZ: 'America/New_York'
AUTHELIA_JWT_SECRET_FILE: /secrets/JWT_SECRET
AUTHELIA_SESSION_SECRET_FILE: /secrets/SESSION_SECRET
AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: /secrets/STORAGE_PASSWORD
AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: /secrets/STORAGE_ENCRYPTION_KEY
volumes:
- /docker-containers/authelia/config:/config
- /docker-containers/authelia/secrets:/secrets
networks:
homelab:
external: true
name: homelab

25
docker-compose/bazarr/docker-compose.yml Normal file
View File

@@ -0,0 +1,25 @@
# version: "2.1" # Kind of old school and not needed with portainer
services:
# Subtitle software tv/movies
bazarr:
image: lscr.io/linuxserver/bazarr:latest
container_name: bazarr
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
volumes:
- /docker-containers/bazarr:/config
- /Movies/Main-Library:/movies #optional
- /TvShows:/tv #optional
ports:
- 6767:6767
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

33
docker-compose/beets/docker-compose.yml Normal file
View File

@@ -0,0 +1,33 @@
# Beets software for music library management.
# Metadata, Lyrics, CoverArt, and loads more able to do
---
version: "2.1"
services:
beets:
image: lscr.io/linuxserver/beets:nightly # think latest is 1.6.0 and nightly is newer?
container_name: beets
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
volumes:
- /docker-containers/beets:/config
- /Music/beetsplaylist:/bpg
- /Music/Testing:/music
# - /unsorted/beets:/music
- /unsorted/beets:/downloads
# seems like the easiest way to fix problems just install on each first run.. this fixed discogs but not wlg
# seems to be crashing about it tho
command: "/config/docker-compose-post-commands.sh"
ports:
- 8337:8337
# restart: unless-stopped # disabled to see if something shows
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

326
docker-compose/btcpayserver/docker-compose.yml Normal file
View File

@@ -0,0 +1,326 @@
version: "3"
# Run `docker-compose up dev` for bootstrapping your development environment
# Doing so will expose NBXplorer, Bitcoind RPC and postgres port to the host so that tests can Run,
# The Visual Studio launch setting `Docker-regtest` is configured to use this environment.
services:
tests:
build:
context: ..
dockerfile: BTCPayServer.Tests/Dockerfile
args:
CONFIGURATION_NAME: Release
environment:
TESTS_BTCRPCCONNECTION: server=http://bitcoind:43782;ceiwHEbqWI83:DwubwWsoo3
TESTS_BTCNBXPLORERURL: http://nbxplorer:32838/
TESTS_POSTGRES: User ID=postgres;Include Error Detail=true;Host=postgres;Port=5432;Database=btcpayserver
TESTS_EXPLORER_POSTGRES: User ID=postgres;Include Error Detail=true;Host=postgres;Port=5432;Database=nbxplorer
TESTS_HOSTNAME: tests
TESTS_RUN_EXTERNAL_INTEGRATION: ${TESTS_RUN_EXTERNAL_INTEGRATION:-"false"}
TESTS_AzureBlobStorageConnectionString: ${TESTS_AzureBlobStorageConnectionString:-none}
TEST_MERCHANTLIGHTNINGD: "type=clightning;server=unix://etc/merchant_lightningd_datadir/lightning-rpc"
TEST_CUSTOMERLIGHTNINGD: "type=clightning;server=unix://etc/customer_lightningd_datadir/lightning-rpc"
TEST_MERCHANTLND: "http://merchant_lnd:8080/"
TESTS_INCONTAINER: "true"
TESTS_SSHCONNECTION: "root@sshd:22"
TESTS_SSHPASSWORD: ""
TESTS_SSHKEYFILE: ""
TESTS_SOCKSENDPOINT: "tor:9050"
expose:
- "80"
depends_on:
- dev
- selenium
extra_hosts:
- "tests:127.0.0.1"
networks:
default:
custom:
ipv4_address: 172.23.0.18
volumes:
- "sshd_datadir:/root/.ssh"
- "customer_lightningd_datadir:/etc/customer_lightningd_datadir"
- "merchant_lightningd_datadir:/etc/merchant_lightningd_datadir"
# The dev container is not actually used, it is just handy to run `docker-compose up dev` to start all services
dev:
image: alpine:3.7
command: [ "/bin/sh", "-c", "trap : TERM INT; while :; do echo Ready to code and debug like a rockstar!!!; sleep 2073600; done & wait" ]
depends_on:
- nbxplorer
- postgres
- customer_lightningd
- merchant_lightningd
- customer_lnd
- merchant_lnd
- sshd
- tor
sshd:
build:
context: .
dockerfile: sshd.Dockerfile
ports:
- "21622:22"
expose:
- 22
volumes:
- "sshd_datadir:/root/.ssh"
devlnd:
image: btcpayserver/bitcoin:28.1
environment:
BITCOIN_NETWORK: regtest
BITCOIN_WALLETDIR: "/data/wallets"
BITCOIN_EXTRA_ARGS: |
deprecatedrpc=signrawtransaction
connect=bitcoind:39388
fallbackfee=0.0002
rpcallowip=0.0.0.0/0
depends_on:
- nbxplorer
- postgres
- customer_lnd
- merchant_lnd
selenium:
image: selenium/standalone-chrome:125.0
extra_hosts:
- "tests:172.23.0.18"
expose:
- "4444"
networks:
default:
custom:
nbxplorer:
image: nicolasdorier/nbxplorer:2.5.22
restart: unless-stopped
ports:
- "32838:32838"
expose:
- "32838"
environment:
NBXPLORER_NETWORK: regtest
NBXPLORER_CHAINS: "btc"
NBXPLORER_BTCRPCURL: http://bitcoind:43782/
NBXPLORER_BTCNODEENDPOINT: bitcoind:39388
NBXPLORER_BTCRPCUSER: ceiwHEbqWI83
NBXPLORER_BTCRPCPASSWORD: DwubwWsoo3
NBXPLORER_BIND: 0.0.0.0:32838
NBXPLORER_MINGAPSIZE: 5
NBXPLORER_MAXGAPSIZE: 10
NBXPLORER_VERBOSE: 1
NBXPLORER_POSTGRES: User ID=postgres;Include Error Detail=true;Host=postgres;Port=5432;Database=nbxplorer
NBXPLORER_EXPOSERPC: 1
NBXPLORER_NOAUTH: 1
depends_on:
- bitcoind
bitcoind:
restart: unless-stopped
image: btcpayserver/bitcoin:28.1
environment:
BITCOIN_NETWORK: regtest
BITCOIN_WALLETDIR: "/data/wallets"
BITCOIN_EXTRA_ARGS: |-
rpcuser=ceiwHEbqWI83
rpcpassword=DwubwWsoo3
rpcport=43782
rpcbind=0.0.0.0:43782
rpcallowip=0.0.0.0/0
port=39388
whitelist=0.0.0.0/0
zmqpubrawblock=tcp://0.0.0.0:28332
zmqpubrawtx=tcp://0.0.0.0:28333
deprecatedrpc=signrawtransaction
fallbackfee=0.0002
ports:
- "43782:43782"
- "39388:39388"
expose:
- "43782" # RPC
- "39388" # P2P
- "28332" # ZMQ
- "28333" # ZMQ
volumes:
- "bitcoin_datadir:/data"
customer_lightningd:
image: btcpayserver/lightning:v24.08.2
stop_signal: SIGKILL
restart: unless-stopped
environment:
EXPOSE_TCP: "true"
LIGHTNINGD_CHAIN: "btc"
LIGHTNINGD_NETWORK: "regtest"
LIGHTNINGD_OPT: |
developer
bitcoin-datadir=/etc/bitcoin
bitcoin-rpcconnect=bitcoind
announce-addr=customer_lightningd:9735
log-level=debug
funding-confirms=1
dev-fast-gossip
dev-bitcoind-poll=1
ports:
- "30992:9835" # api port
- "30892:9735" # server port
expose:
- "9735" # server port
- "9835" # api port
volumes:
- "bitcoin_datadir:/etc/bitcoin"
- "customer_lightningd_datadir:/root/.lightning"
depends_on:
- bitcoind
merchant_lightningd:
image: btcpayserver/lightning:v24.08.2
stop_signal: SIGKILL
restart: unless-stopped
environment:
EXPOSE_TCP: "true"
LIGHTNINGD_CHAIN: "btc"
LIGHTNINGD_NETWORK: "regtest"
LIGHTNINGD_OPT: |
developer
bitcoin-datadir=/etc/bitcoin
bitcoin-rpcconnect=bitcoind
announce-addr=merchant_lightningd:9735
funding-confirms=1
log-level=debug
dev-fast-gossip
dev-bitcoind-poll=1
ports:
- "30993:9835" # api port
- "30893:9735" # server port
expose:
- "9735" # server port
- "9835" # api port
volumes:
- "bitcoin_datadir:/etc/bitcoin"
- "merchant_lightningd_datadir:/root/.lightning"
depends_on:
- bitcoind
postgres:
image: postgres:13.13
environment:
POSTGRES_HOST_AUTH_METHOD: trust
ports:
- "39372:5432"
expose:
- "5432"
merchant_lnd:
image: btcpayserver/lnd:v0.18.5-beta
restart: unless-stopped
environment:
LND_CHAIN: "btc"
LND_ENVIRONMENT: "regtest"
LND_EXPLORERURL: "http://nbxplorer:32838/"
LND_REST_LISTEN_HOST: http://merchant_lnd:8080
LND_EXTRA_ARGS: |
restlisten=merchant_lnd:8080
rpclisten=127.0.0.1:10008
rpclisten=merchant_lnd:10009
bitcoin.node=bitcoind
bitcoind.rpchost=bitcoind:43782
bitcoind.rpcuser=ceiwHEbqWI83
bitcoind.rpcpass=DwubwWsoo3
bitcoind.zmqpubrawblock=tcp://bitcoind:28332
bitcoind.zmqpubrawtx=tcp://bitcoind:28333
externalip=merchant_lnd:9735
bitcoin.defaultchanconfs=1
no-macaroons=1
debuglevel=debug
trickledelay=1000
no-rest-tls=1
ports:
- "35531:8080"
- "53280:10009"
- "30894:9735"
expose:
- "8080"
- "9735"
- "10009"
volumes:
- "merchant_lnd_datadir:/data"
- "bitcoin_datadir:/deps/.bitcoin"
depends_on:
- bitcoind
customer_lnd:
image: btcpayserver/lnd:v0.18.5-beta
restart: unless-stopped
environment:
LND_CHAIN: "btc"
LND_ENVIRONMENT: "regtest"
LND_EXPLORERURL: "http://nbxplorer:32838/"
LND_REST_LISTEN_HOST: http://customer_lnd:8080
LND_EXTRA_ARGS: |
restlisten=customer_lnd:8080
rpclisten=127.0.0.1:10008
rpclisten=customer_lnd:10009
bitcoin.node=bitcoind
bitcoind.rpchost=bitcoind:43782
bitcoind.rpcuser=ceiwHEbqWI83
bitcoind.rpcpass=DwubwWsoo3
bitcoind.zmqpubrawblock=tcp://bitcoind:28332
bitcoind.zmqpubrawtx=tcp://bitcoind:28333
externalip=customer_lnd:9735
bitcoin.defaultchanconfs=1
no-macaroons=1
debuglevel=debug
trickledelay=1000
no-rest-tls=1
ports:
- "35532:8080"
- "30895:9735"
expose:
- "8080"
- "9735"
- "10009"
volumes:
- "customer_lnd_datadir:/root/.lnd"
- "bitcoin_datadir:/deps/.bitcoin"
depends_on:
- bitcoind
tor:
restart: unless-stopped
image: btcpayserver/tor:0.4.6.5
container_name: tor
environment:
TOR_PASSWORD: btcpayserver
ports:
- "9050:9050" # SOCKS
- "9051:9051" # Tor Control
volumes:
- "tor_datadir:/home/tor/.tor"
- "torrcdir:/usr/local/etc/tor"
- "tor_servicesdir:/var/lib/tor/hidden_services"
volumes:
sshd_datadir:
bitcoin_datadir:
elementsd_liquid_datadir:
customer_lightningd_datadir:
merchant_lightningd_datadir:
lightning_charge_datadir:
customer_lnd_datadir:
merchant_lnd_datadir:
tor_datadir:
torrcdir:
tor_servicesdir:
networks:
default:
driver: bridge
custom:
driver: bridge
ipam:
config:
- subnet: 172.23.0.0/16

18
docker-compose/calibre-web/docker-compose.yml Normal file
View File

@@ -0,0 +1,18 @@
---
version: "2.1"
services:
calibre-web:
image: lscr.io/linuxserver/calibre-web:latest
container_name: calibre-web
environment:
- PUID=1000
- PGID=1003
- TZ=America/New_York
- DOCKER_MODS=linuxserver/mods:universal-calibre #optional
- OAUTHLIB_RELAX_TOKEN_SCOPE=1 #optional
volumes:
- /docker-containers/calibre-web:/config
- /Books/calibre:/books
ports:
- 8083:8083
restart: unless-stopped

31
docker-compose/calibre/docker-compose.yml Normal file
View File

@@ -0,0 +1,31 @@
version: "2.1"
services:
calibre:
image: lscr.io/linuxserver/calibre:latest
container_name: calibre
security_opt:
- seccomp:unconfined #optional
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
#- PASSWORD= #optional
#- CLI_ARGS= #optional
volumes:
- /docker-containers/calibre:/config
- /Books:/books
- /unsorted:/downloads
- /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/fullchain.pem:/config/ssl/certs/fullchain.pem:r
- /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/privkey.pem:/config/ssl/certs/privkey.pem:r
ports:
- 8082:8080
- 8083:8083
restart: unless-stopped
networks:
homelab:
aliases:
- calibre-web # how to add multiple aliases
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab: # Sub-section, any network name or 'default' to edit default one created
external: true # This option causes compose to join the above network instead of making a _default one

16
docker-compose/chd-converter/docker-compose.yml Normal file
View File

@@ -0,0 +1,16 @@
---
version: "2.1"
services:
chd-converter:
image: marctv/chd-converter
container_name: chd-converter
volumes:
- /unsorted/jdownloader/chd-convert:/tmp/images/:rw
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

32
docker-compose/code-server/docker-compose.yml Normal file
View File

@@ -0,0 +1,32 @@
---
version: "2.1"
services:
code-server:
image: lscr.io/linuxserver/code-server:latest
container_name: code-server
environment:
- PUID=1000
- PGID=1006
- TZ=Etc/UTC
# - PASSWORD=ChangeMe123 #optional
# - HASHED_PASSWORD= #optional
# - SUDO_PASSWORD=ChangeMe123!@ #optional
# - SUDO_PASSWORD_HASH= #optional
- PROXY_DOMAIN=code-server.example.com #optional
- DEFAULT_WORKSPACE=/config/workspace #optional
volumes:
- /docker-containers/code-server/config:/config
- /Documents/prodigy:/media/prodigy
ports:
- 8443:8443
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
# name: homelab # Networks can also be given a custom name, not needed if existing
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

43
docker-compose/dashy/docker-compose.yml Normal file
View File

@@ -0,0 +1,43 @@
---
# Welcome to Dashy! To get started, run `docker compose up -d`
# You can configure your container here, by modifying this file
version: "3.8"
services:
dashy:
container_name: Dashy
# Pull latest image from DockerHub
image: lissy93/dashy
# To build from source, replace 'image: lissy93/dashy' with 'build: .'
# build: .
# You can also use an image with a different tag, or pull from a different registry, e.g:
# image: ghcr.io/lissy93/dashy or image: lissy93/dashy:3.0.0
# Pass in your config file below, by specifying the path on your host machine
# volumes:
# - /path/to/my-config.yml:/app/user-data/conf.yml
# - /path/to/item-icons:/app/user-data/item-icons/
# Set port that web service will be served on. Keep container port as 8080
ports:
- 4000:8080
# Set any environmental variables
environment:
- NODE_ENV=production
# Specify your user ID and group ID. You can find this by running `id -u` and `id -g`
# - UID=1000
# - GID=1000
# Specify restart policy
restart: unless-stopped
# Configure healthchecks
healthcheck:
test: ['CMD', 'node', '/app/services/healthcheck']
interval: 1m30s
timeout: 10s
retries: 3
start_period: 40s

13
docker-compose/ddclient/docker-compose.yml Normal file
View File

@@ -0,0 +1,13 @@
---
version: "2.1"
services:
ddclient:
image: lscr.io/linuxserver/ddclient:latest
container_name: ddclient
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
volumes:
- /docker-containers/ddclient:/config
restart: unless-stopped

27
docker-compose/deemix/docker-compose.yml Normal file
View File

@@ -0,0 +1,27 @@
---
version: "3.3"
services:
deemix:
image: registry.gitlab.com/bockiii/deemix-docker
container_name: Deemix
volumes:
- /unsorted/deemix:/downloads # it will remove empty folders from directories
- /docker-containers/deemix:/config
environment:
- PUID=1000
- PGID=1003
- UMASK_SET=022
- DEEMIX_SINGLE_USER=true
ports:
- 6595:6595
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
# name: homelab # Networks can also be given a custom name, not needed if existing
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

27
docker-compose/deluge/docker-compose.yml Normal file
View File

@@ -0,0 +1,27 @@
---
#version: "2.1" # Phased/outdated. Not needed if running portainer or newest version of compose
services:
deluge:
image: lscr.io/linuxserver/deluge:latest
container_name: deluge
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
- DELUGE_LOGLEVEL=error #optional
volumes:
- /docker-containers/deluge:/config
- /unsorted/deluge:/downloads
ports:
- 8112:8112
- 12881:12881
- 12881:12881/udp
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

28
docker-compose/dillinger/docker-compose.yml Normal file
View File

@@ -0,0 +1,28 @@
---
version: "2.1"
services:
dillinger:
image: lscr.io/linuxserver/dillinger:latest
container_name: dillinger
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
volumes:
- /docker-containers/dillinger:/config
- /Documents/prodigy/Text-Files:/mediadata
ports:
- 8281:8080
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
# some-additional-network:
# aliases:
# - simplename # This isn't allowed in portainer, must be called in the service.
homelab:
# name: homelab # Networks can also be given a custom name, not needed if existing
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

25
docker-compose/doublecommander/docker-compose.yml Normal file
View File

@@ -0,0 +1,25 @@
---
version: "2.1"
services:
doublecommander:
image: lscr.io/linuxserver/doublecommander:latest
container_name: doublecommander
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
volumes:
- /docker-containers/doublecommander:/config
- :/data
ports:
- 4000:3000
- 4001:3001
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

140
docker-compose/elasticsearch/docker-compose.yml Normal file
View File

@@ -0,0 +1,140 @@
# version: '2.2'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:8.18.2 # the one listed on website is sort of dated
container_name: elasticsearch
environment:
- "node.name=es01"
- "cluster.name=elasticsick"
- "discovery.type=single-node"
# - "ELASTIC_USERNAME=elastic" # default superuser, don't think you can specify here anymore
- "ELASTIC_PASSWORD=ChangeMe123!#@" # matching Elasticsearch password, user: elastic
- "bootstrap.memory_lock=true"
- "ES_JAVA_OPTS=-Xms4g -Xmx4g"
# - "xpack.security.enabled=true" # Set false when testing, true for production # uncommented this line to fix 'received plaintext http traffic on an https channel' # worked # kibanna loading now # Kibana cannot connect to the Elastic Package Registry, which provides Elastic Agent integrations. Ensure the proxy server (opens in a new tab or window) or your own registry(opens in a new tab or window) is configured correctly, or try again later.
# - "xpack.security.http.ssl.enabled=true" # was throwing error without it # enable ssl for http layer so kibana can connect securely
# - "xpack.security.enrollment.enabled=true" # must be true to generate toke for kibana.yml
# - "xpack.security.transport.ssl.enabled=true" # transport ssl when forwarding between nodes/servers
- "path.repo=/usr/share/elasticsearch/data/snapshot"
# - "xpack.security.http.ssl.key=/usr/share/elasticsearch/config/certs/privkey.pem" # shouldn't be needed within containers.. also needs disabled when other is not enabled
# - "xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/certs/fullchain.pem"
# - "xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/certs/privkey.pem"
# - "xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/certs/fullchain.pem"
volumes:
- /docker-containers/elasticsearch/data:/usr/share/elasticsearch/data
# - /docker-containers/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml
# - /docker-containers/elasticsearch/config:/usr/share/elasticsearch/config # if you mount the config directory you need the files present https://github.com/elastic/elasticsearch/tree/main/distribution/src/config
- /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/fullchain.pem:/usr/share/elasticsearch/config/certs/fullchain.pem:ro # Possibly not needed I hope, no encryption needed inbetween container network
- /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/chain.pem:/usr/share/elasticsearch/config/certs/chain.pem:ro #
- /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/privkey.pem:/usr/share/elasticsearch/config/certs/privkey.pem:ro
ports:
- 9200:9200
- 9300:9300 # for ssl transport # enabled for testing
restart: unless-stopped
networks: # Specify network for container
homelab:
aliases:
- es # adding multiple aliases under certain network
- elastic
- es01
kibana: # gui for elastic basically
image: docker.elastic.co/kibana/kibana:8.18.2
container_name: kibana
environment:
- SERVER_NAME=kibana
- SERVER_HOST=kibana # should technically work here so i don't have to mount config # ips and hostnames work
- SERVER_PORT=5601 # should technically work here so i don't have to mount config # define port so it doesnt choose random later
- SERVER_PUBLICBASEURL="https://kibana.example.com" # i don't reckon needed with reverse proxy, it handles the requests. Recommended for production env
# - server.publicBaseUrl # for nginx reverse proxy ig?
# - urlForwarding # maybe have to do with publicBaseURL, doesnt seem to effect ^
- ELASTICSEARCH_HOSTS="http://es:9200"
- ELASTICSEARCH_USERNAME=kibana_system # kibana_system if you set that password
- ELASTICSEARCH_PASSWORD="KibanaChangeMe123!#@Pass123!"
# - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=/usr/share/kibana/config/certs/fullchain.pem
volumes: # say you should create kibana.yml to configure
# - /docker-containers/elasticsearch/kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml # most things here can be added in env now
- /docker-containers/elasticsearch/kibana/logs:/var/logs/
- /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/fullchain.pem:/usr/share/kibana/config/certs/fullchain.pem:ro # Possibly not needed I hope
- /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/chain.pem:/usr/share/kibana/config/certs/chain.pem:ro #
- /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/privkey.pem:/usr/share/kibana/config/certs/privkey.pem:ro
# and in kibana.yml reference the CA or set REQUESTS_CA_BUNDLE env as needed # elasticsearch.ssl.certificateAuthorities: [ "/usr/share/kibana/config/certs/chain.pem" ]
ports:
- 5601:5601
restart: unless-stopped
networks:
- homelab
depends_on:
- elasticsearch
metricbeat:
container_name: metricbeat
depends_on:
- elasticsearch
- kibana
# elasticsearch:
# condition: service_healthy
# kibana:
# condition: service_healthy
image: docker.elastic.co/beats/metricbeat-oss:8.18.2
user: root # must have matching entries in passwd file apparently, so have to use root, root must also have access to config, so can't chown directory..
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
# For testing ssl stuff... didn't workout
- /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/fullchain.pem:/usr/share/metricbeat/certs/fullchain.pem:r
- /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/privkey.pem:/usr/share/metricbeat/certs/privkey.pem:r
# Personal Data locations
- /docker-containers/elasticsearch/metricbeat/data:/usr/share/metricbeat/data
- /docker-containers/elasticsearch/metricbeat/config/metricbeat.yml:/usr/share/metricbeat/metricbeat.yml:ro
- /docker-containers/elasticsearch/metricbeat/diskqueue:/usr/share/metricbeat/diskqueue
networks:
- homelab
# How to Tune Elastic Beats Performance: A Practical Example with Batch Size, Worker Count, and More
# https://www.elastic.co/blog/how-to-tune-elastic-beats-performance-a-practical-example-with-batch-size-worker-count-and-more?blade=tw&hulk=social
filebeat:
image: elastic/filebeat:8.18.2
# https://github.com/docker/swarmkit/issues/1951
container_name: filebeat
hostname: "es01-filebeat"
# Need to override user so we can access the log files, and docker.sock
user: root
volumes:
- /docker-containers/elasticsearch/filebeat/data:/usr/share/filebeat/data
- /var/run/docker.sock:/var/run/docker.sock
# This is needed for filebeat to load container log path as specified in filebeat.yml
- /var/lib/docker/containers/:/var/lib/docker/containers/:ro
# # This is needed for filebeat to load jenkins build log path as specified in filebeat.yml
# - /var/lib/docker/volumes/jenkins_home/_data/jobs/:/var/lib/docker/volumes/jenkins_home/_data/jobs/:ro
# This is needed for filebeat to load logs for system and auth modules
- /var/log/:/var/log/:ro
# This is needed for filebeat to load logs for auditd module. you might have to install audit system
# on ubuntu first (sudo apt-get install -y auditd audispd-plugins)
- /var/log/audit/:/var/log/audit/:ro
- /var/log/syslog:/var/log/syslog:ro
- /var/log/auth.log:/var/log/auth.log:ro
# Personal locations
- /docker-containers/elasticsearch/filebeat/filebeat.yml:/usr/share/filebeat/filebeat.yml:ro
- /docker-containers/elasticsearch/filebeat/diskqueue:/usr/share/filebeat/diskqueue
environment:
- ELASTICSEARCH_HOST="http://es:9200"
- KIBANA_HOST="http://kibana:5601"
- ELASTICSEARCH_USERNAME="elastic"
- ELASTICSEARCH_PASSWORD="ChangeMe123!#@"
# disable strict permission checks
command: ["filebeat", "-e", "--strict.perms=false"]
deploy:
mode: global
depends_on:
- elasticsearch
- kibana
networks:
- homelab
networks:
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly) also forces to join instead of creating one

25
docker-compose/filebrowser/docker-compose.yml Normal file
View File

@@ -0,0 +1,25 @@
---
version: "2.1"
services:
filebrowser:
image: filebrowser/filebrowser:s6
container_name: filebrowser
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
volumes:
- /docker-containers/filebrowser:/srv
- /docker-containers/filebrowser/filebrowser.db:/database/filebrowser.db
- /docker-containers/filebrowser/settings.json:/config/settings.json
ports:
- 8189:80
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

39
docker-compose/filedrop/docker-compose.yml Normal file
View File

@@ -0,0 +1,39 @@
services:
filedrop:
image: itsnoted/filedrop
environment:
- WS_HOST=0.0.0.0
- WS_APP_NAME=${APP_NAME}
- WS_ABUSE_EMAIL=${ABUSE_EMAIL}
- WS_USE_X_FORWARDED_FOR=${USE_X_FORWARDED_FOR}
- WS_REQUIRE_CRYPTO=1
- TURN_MODE=hmac
- TURN_SERVER=turn:(hostname)
- TURN_USERNAME=filedrop
- TURN_SECRET=${TURN_SECRET}
ports:
- '5000:5000'
networks:
- homelab
coturn:
image: coturn/coturn
command:
- --log-file=stdout
- --use-auth-secret
- --static-auth-secret=${TURN_SECRET}
- --no-multicast-peers
- --no-tls
- --no-dtls
- --no-software-attribute
- --fingerprint
- --no-cli
depends_on:
- filedrop
networks:
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

39
docker-compose/filegator/docker-compose.yml Normal file
View File

@@ -0,0 +1,39 @@
version: '2'
services:
filegator:
container_name: filegator
image: filegator/filegator
restart: always
ports:
- "8080:8080"
volumes:
# common mount points are listed here
# make sure filegator can read/write to the mounted volume
# mount local folder as a repository
# - ./files:/var/www/filegator/repository
- "/unsorted:/var/www/filegator/repository/Downloads" #Shared Downloads folder
- "/Books:/var/www/filegator/repository/Books" #Shared Books Folder
- "/games:/var/www/filegator/repository/Games" #Shared Games folder
- "/Music:/var/www/filegator/repository/Music" #Shared Music Folder
- "/Movies:/var/www/filegator/repository/Movies" #Shared Movies folder
- "/programs:/var/www/filegator/repository/Programs" #Shared Movies folder
- "/TvShows:/var/www/filegator/repository/TvShows" #Shared TvShows folder
- "/Videos:/var/www/filegator/repository/Videos" #Shared Videos folder
# locally stored users.json file
#- /docker-containers/filegator/config/users.json:/var/www/filegator/private/users.json
# load your own custom configuration file
#- /docker-containers/filegator/config/configuration.php:/var/www/filegator/configuration.php
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
homelab:
aliases:
- fileg # adding multiple aliases under certain network
networks: # specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

23
docker-compose/flaresolverr/docker-compose.yml Normal file
View File

@@ -0,0 +1,23 @@
---
version: "2.1"
services:
flaresolverr:
# DockerHub mirror flaresolverr/flaresolverr:latest
image: ghcr.io/flaresolverr/flaresolverr:latest
container_name: flaresolverr
environment:
- LOG_LEVEL=${LOG_LEVEL:-info}
- LOG_HTML=${LOG_HTML:-false}
- CAPTCHA_SOLVER=${CAPTCHA_SOLVER:-none}
- TZ=America/New_York
ports:
- "${PORT:-8191}:8191"
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

29
docker-compose/foundryvtt/docker-compose.yml Normal file
View File

@@ -0,0 +1,29 @@
---
services:
foundry:
image: felddy/foundryvtt:13
container_name: foundryvtt
hostname: foundry.example.com
volumes:
- type: bind
source: /docker-containers/foundryvtt/data
target: /data
environment:
- FOUNDRY_PASSWORD=ChangeMe123foundry
- FOUNDRY_USERNAME=yourusername
- FOUNDRY_ADMIN_KEY=ChangeMe123
ports:
- target: 30000
published: 30000
protocol: tcp
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
homelab:
aliases:
- foundry # adding multiple aliases under certain network
networks: # specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

22
docker-compose/freshrss/docker-compose.yml Normal file
View File

@@ -0,0 +1,22 @@
---
services:
freshrss:
image: lscr.io/linuxserver/freshrss:latest
container_name: freshrss
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
volumes:
- /docker-containers/freshrss/config:/config
ports:
- 8282:80
restart: unless-stopped
stdin_open: true
tty: true
networks:
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

32
docker-compose/gamevault/docker-compose.yml Normal file
View File

@@ -0,0 +1,32 @@
services:
gamevault-backend:
image: phalcode/gamevault-backend:latest
container_name: gamevault
restart: unless-stopped
environment:
PUID: 1000
PGID: 1006
DB_HOST: postgres
DB_USERNAME: yourusername
DB_PASSWORD: PostgresChangeMe123!
SERVER_ADMIN_USERNAME: yourusername
SERVER_MAX_DOWNLOAD_BANDWIDTH_IN_KBPS: 2500
volumes:
# Mount the folder where your games are
- /docker-containers/gamevault/config:/config
# Mount the folder where your games are
- /games/WindowsGames:/files
# Mount the folder where GameVault should store its media
- /docker-containers/gamevault/media:/media
# Mount the folder where GameVault should store its logs
- /docker-containers/gamevault/logs:/logs
ports:
- 8581:8080/tcp
networks:
homelab:
aliases:
- gv # how to add multiple aliases
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab: # Sub-section, any network name or 'default' to edit default one created
external: true # This option causes compose to join the above network instead of making a _default one

43
docker-compose/gameyfin/docker-compose.yml Normal file
View File

@@ -0,0 +1,43 @@
services:
gameyfin:
image: grimsi/gameyfin:2.0.0.beta3 # Replace with the latest version tag from Docker Hub
container_name: gameyfin
restart: unless-stopped
environment:
# Generate a new APP_KEY using the command `openssl rand -base64 32` or similar.
APP_KEY: YourEncryptedString
# (optional) Set the URL of your Gameyfin instance if you are using a reverse proxy.
APP_URL: https://gameyfin.example.com # Change this to your actual URL if needed
# (optional) Set the user and group ID to run Gameyfin with a specific user.
PUID: 1000 # Change this to your user ID if needed
PGID: 1006 # Change this to your group ID if needed
#old environment:
# - PUID=1000
# - PGID=1006
# - GAMEYFIN_USER=sick
# - GAMEYFIN_PASSWORD=gaming
# - GAMEYFIN_IGDB_API_CLIENT_ID=YourAPIClientID
# - GAMEYFIN_IGDB_API_CLIENT_SECRET=YourAPIClientSecret
# - GAMEYFIN_SOURCES=/opt/gameyfin-library/library-1,/opt/gameyfin-library/library-2,/opt/gameyfin-library/library-3
volumes:
- /docker-containers/gameyfin/db:/opt/gameyfin/db
- /docker-containers/gameyfin/data:/opt/gameyfin/data
- /docker-containers/gameyfin/logs:/opt/gameyfin/logs
- /games/WindowsGames:/opt/gameyfin-library/windows-games
- /games/WindowsGames/Call.of.Duty:/opt/gameyfin-library/cod
- "/games/WindowsGames/No.Man's.Sky+Updates:/opt/gameyfin-library/nomansky"
#- /docker-containers/gameyfin/configs:/opt/gameyfin-library/library-1-configs
# - <Path on your host to the 3rd source folder>:/opt/gameyfin-library/library-4
ports:
- "8385:8080"
networks:
homelab:
aliases:
- gamefin # how to add multiple aliases
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab: # Sub-section, any network name or 'default' to edit default one created
external: true # This option causes compose to join the above network instead of making a _default one

16
docker-compose/ghostfolio/.env Normal file
View File

@@ -0,0 +1,16 @@
COMPOSE_PROJECT_NAME=Prodigy-Ghostfolio
# CACHE
REDIS_HOST=redis
REDIS_PORT=6379
REDIS_PASSWORD=RedisChangeMe123!
# POSTGRES
POSTGRES_DB=ghostfolio-db
POSTGRES_USER=yourusername
POSTGRES_PASSWORD=PostgresChangeMe123!
# VARIOUS
ACCESS_TOKEN_SALT=yourRandomSaltValue
DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}?connect_timeout=300&sslmode=prefer
JWT_SECRET_KEY=openSSL-rand-hex-32byte

83
docker-compose/ghostfolio/docker-compose.yml Normal file
View File

@@ -0,0 +1,83 @@
name: ghostfolio
services:
ghostfolio:
image: docker.io/ghostfolio/ghostfolio:latest
container_name: ghostfolio
restart: unless-stopped
init: true
cap_drop:
- ALL
security_opt:
- no-new-privileges:true
env_file: # using portainer and this is how I pass env vars within portainer
- stack.env
ports:
- 3333:3333
depends_on:
# postgres:
# condition: service_healthy
redis:
condition: service_healthy
healthcheck:
test: ['CMD-SHELL', 'curl -f http://localhost:3333/api/v1/health']
interval: 10s
timeout: 5s
retries: 5
networks:
- homelab
- ghostfolio_net
# Running separate compose container, 1 postgres for all apps
# postgres:
# image: docker.io/library/postgres:15-alpine
# container_name: gf-postgres
# restart: unless-stopped
# cap_drop:
# - ALL
# cap_add:
# - CHOWN
# - DAC_READ_SEARCH
# - FOWNER
# - SETGID
# - SETUID
# security_opt:
# - no-new-privileges:true
# env_file:
# - ../.env
# healthcheck:
# test:
# ['CMD-SHELL', 'pg_isready -d "$${POSTGRES_DB}" -U $${POSTGRES_USER}']
# interval: 10s
# timeout: 5s
# retries: 5
# volumes:
# - postgres:/var/lib/postgresql/data
redis:
image: docker.io/library/redis:alpine
container_name: gf-redis
restart: unless-stopped
user: '999:1000'
cap_drop:
- ALL
security_opt:
- no-new-privileges:true
env_file:
- stack.env
command:
- /bin/sh
- -c
- redis-server --requirepass "$${REDIS_PASSWORD:?REDIS_PASSWORD variable is not set}"
healthcheck:
test:
['CMD-SHELL', 'redis-cli --pass "$${REDIS_PASSWORD}" ping | grep PONG']
interval: 10s
timeout: 5s
retries: 5
networks:
- ghostfolio_net
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab: # Sub-section, any network name or 'default' to edit default one created
external: true # This option causes compose to join the above network instead of making a _default one
ghostfolio_net:
external: false

25
docker-compose/gitea/docker-compose.yml Normal file
View File

@@ -0,0 +1,25 @@
version: "3"
services:
server:
image: gitea/gitea:1.25-nightly-rootless # Don't specify newest version, could be breaking changes in the future, apparently breaking changes with nightly...
container_name: gitea
environment:
- USER_UID=1000
- USER_GID=1006
restart: always
volumes:
- /docker-containers/gitea/data:/var/lib/gitea
- /docker-containers/gitea/config:/etc/gitea
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3999:3000" # Once setup for domain port access isn't there anymore locally outside of docker network
- "2096:2222"
networks: # Specify network for container
homelab:
aliases:
- giteassh # adding multiple aliases under certain network
- git
networks:
homelab:
external: true # This option causes compose to join the above network instead of making a _default one

20
docker-compose/glances/docker-compose.yml Normal file
View File

@@ -0,0 +1,20 @@
version: '3'
services:
monitoring:
image: nicolargo/glances:latest-full
pid: host
network_mode: host
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /run/user/1000/podman/podman.sock:/run/user/1000/podman/podman.sock
environment:
- "GLANCES_OPT=-w"
# For nvidia GPUs
deploy:
resources:
reservations:
devices:
- driver: nvidia
count: 1
capabilities: [gpu]

62
docker-compose/gluetun/docker-compose.yml Normal file
View File

@@ -0,0 +1,62 @@
version: "3"
services:
gluetun:
image: qmcgaw/gluetun
container_name: gluetun
# line above must be uncommented to allow external containers to connect.
# See https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-container-to-gluetun.md#external-container-to-gluetun
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
ports:
- 8888:8888/tcp # HTTP proxy
- 8388:8388/tcp # Shadowsocks
- 8388:8388/udp # Shadowsocks
# wireguard
- "51820:51820/udp"
- "51821:51821/tcp"
volumes:
- /docker-containers/gluetun:/gluetun
environment:
# HTTP proxy setup
- HTTPPROXY=on
- HTTPPROXY_USER=yourusername
- HTTPPROXY_PASSWORD=ChangeMe123
- HTTPPROXY_LOG=on
# Shadow Sock Setup
- SHADOWSOCKS=on
- SHADOWSOCKS_PASSWORD=ChangeMe123
- SHADOWSOCKS_CIPHER=chacha20-ietf-poly1305
- SHADOWSOCKS_LOG=on
# Firewall setup
- BLOCK_MALICIOUS=off
- BLOCK_SURVEILLANCE=off
- BLOCK_ADS=off
- DOT=off
- FIREWALL_OUTBOUND_SUBNETS=192.168.1.0/24,172.20.0.0/16
# See https://github.com/qdm12/gluetun-wiki/tree/main/setup#setup
- VPN_SERVICE_PROVIDER=nordvpn
- VPN_TYPE=wireguard
# OpenVPN:
# - OPENVPN_USER=abc
# - OPENVPN_PASSWORD=abc
# Wireguard:
- WIREGUARD_PRIVATE_KEY=WireguardPrivateKey
# - WIREGUARD_ADDRESSES=10.64.222.21/32
- SERVER_COUNTRIES="United States"
# Timezone for accurate log times
- TZ=America/New_York
# Server list updater
# See https://github.com/qdm12/gluetun-wiki/blob/main/setup/servers.md#update-the-vpn-servers-list
- UPDATER_PERIOD=24h
# networks: # Specify network for container
# - homelab
# networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
# homelab:
# external: true # This option causes compose to join the above network instead of making a _default one (supposedly)
# docker run --rm -v /docker-containers/gluetun:/gluetun qmcgaw/gluetun format-servers -nordvpn
# docker run --rm -v /docker-containers/gluetun:/gluetun qmcgaw/gluetun format-servers -hidemyass

25
docker-compose/gmod/docker-compose.yml Normal file
View File

@@ -0,0 +1,25 @@
version: '3'
services:
monitoring:
image: hackebein/garrysmod
volumes:
- ./server.cfg:/opt/steam/garrysmod/cfg/server.cfg
- ./overlay:/opt/overlay
ports:
- 27015:27015/tcp
- 27015:27015/udp
environment:
- AUTHKEY=...
- GAMEMODE=terrortown
- MAP=ttt_minecraft_b5
- WORKSHOP=843519054
- WORKSHOPDL=843519054
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # specify the network 2x. In service, and in this tag area
homelab:
external: true # join the above network instead of making a _default one

23
docker-compose/grafana/docker-compose.yml Normal file
View File

@@ -0,0 +1,23 @@
---
version: "2"
services:
grafana:
image: grafana/grafana-oss
container_name: grafana
volumes:
- /docker-containers/grafana/configs:/etc/grafana
- /docker-containers/grafana/logs:/var/log/grafana
- /docker-containers/grafana/lib:/var/lib/grafana
- /docker-containers/grafana/share:/usr/share/grafana
ports:
- 8409:3000
user: '1000'
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

12
docker-compose/grifter/docker-compose.yml Normal file
View File

@@ -0,0 +1,12 @@
version: '3.3'
services:
grifter:
image: 'grifter:latest'
container_name: grifter
volumes:
- '/docker-containers/grifter/grifter.toml:/opt/grifter/grifter.toml'
- '/docker-containers/grifter/cache:/opt/grifter/cache' # optional, but if you dont mount the cache as volume, it will be lost after the container is destroyed
- '/games/WindowsGames:/opt/grifter/library:ro' # Mount games as "read-only"
ports:
- '3909:39090'
restart: unless-stopped

24
docker-compose/headphones/docker-compose.yml Normal file
View File

@@ -0,0 +1,24 @@
version: "2.1"
services:
headphones:
image: lscr.io/linuxserver/headphones:latest
container_name: headphones
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
volumes:
- /docker-containers/headphones:/config
- /unsorted:/downloads
- /Music:/music
ports:
- 9581:8181
restart: unless-stopped
networks:
homelab:
aliases:
- headphone # adding multiple aliases under certain network
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

24
docker-compose/heimdall/docker-compose.yml Normal file
View File

@@ -0,0 +1,24 @@
---
version: "2.1"
services:
heimdall:
image: lscr.io/linuxserver/heimdall:latest
container_name: heimdall
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
volumes:
- /docker-containers/heimdall:/config
ports:
- 9112:80
#- 443:443
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

28
docker-compose/homarr/docker-compose.yml Normal file
View File

@@ -0,0 +1,28 @@
version: '3'
#---------------------------------------------------------------------#
# Homarr - A simple, yet powerful dashboard for your server. #
#---------------------------------------------------------------------#
services:
homarr:
container_name: homarr
image: ghcr.io/homarr-labs/homarr:latest
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /docker-containers/homarr/appdata:/appdata
# - /docker-containers/homarr/configs:/app/data/configs
# - /docker-containers/homarr/data:/data
# - /docker-containers/homarr/icons:/app/public/icons
environment:
- SECRET_ENCRYPTION_KEY=YourEncryptedString32Byte
ports:
- '7575:7575'
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

37
docker-compose/homeassistant/docker-compose.yml Normal file
View File

@@ -0,0 +1,37 @@
version: '2.1'
services:
homeassistant:
container_name: homeassistant
image: "ghcr.io/home-assistant/home-assistant:stable"
volumes:
- /docker-containers/homeassistant:/config
- /etc/localtime:/etc/localtime:ro
restart: unless-stopped
# depends_on:
# - mosquitto
privileged: true
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
networks: # Specify network for container
- homelab
mosquitto:
container_name: mosquitto
image: eclipse-mosquitto
restart: unless-stopped
ports:
- "1883:1883/tcp"
environment:
- TZ=American/New_York
volumes:
- /docker-containers/mosquitto-eclipse:/mosquitto/config
- /docker-containers/mosquitto-eclipse/data:/mosquitto/data
- /docker-containers/mosquitto-eclipse/log:/mosquitto/log
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one

13
docker-compose/homebridge/docker-compose.yml Normal file
View File

@@ -0,0 +1,13 @@
version: '2'
services:
homebridge:
image: oznu/homebridge:latest
restart: always
network_mode: host
volumes:
- /docker-containers/homebridge:/homebridge
logging:
driver: json-file
options:
max-size: "10mb"
max-file: "1"

22
docker-compose/immich/.env Normal file
View File

@@ -0,0 +1,22 @@
# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables
# The location where your uploaded files are stored
UPLOAD_LOCATION=/docker-containers/immich/upload
# The location where your database files are stored
DB_DATA_LOCATION=/docker-containers/immich/postgres_data
# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
TZ=America/New_York
# The Immich version to use. You can pin this to a specific version like "v1.71.0"
IMMICH_VERSION=release
# Connection secret for postgres. You should change it to a random password
# Please use only the characters `A-Za-z0-9`, without special characters or spaces
DB_PASSWORD=YourPassword
# The values below this line do not need to be changed
###################################################################################
DB_USERNAME=postgres
DB_DATABASE_NAME=immich

118
docker-compose/immich/docker-compose.yml Normal file
View File

@@ -0,0 +1,118 @@
version: "3.8"
#
# WARNING: Make sure to use the docker-compose.yml of the current release:
#
# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
#
# The compose file on main may not be compatible with the latest release.
#
name: immich
services:
immich-server:
container_name: immich_server
image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
# extends:
# file: hwaccel.transcoding.yml
# service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
volumes:
# Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
- ${UPLOAD_LOCATION}:/usr/src/app/upload
- /Documents/prodigy/Pictures:/mnt/media/prodigy/Pictures # external library location - optional
- /etc/localtime:/etc/localtime:ro
devices:
- /dev/dri/renderD128:/dev/dri/renderD128
env_file:
- stack.env
ports:
- '2283:2283'
depends_on:
- redis
- database
restart: always
healthcheck:
disable: false
networks: # Specify network for container
homelab:
aliases:
- immich # how to add multiple aliases
- immich-server
immich_net:
aliases:
- immich # how to add multiple aliases
- immich-server
immich-machine-learning:
container_name: immich_machine_learning
# For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag.
# Example tag: ${IMMICH_VERSION:-release}-cuda
image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
# extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
# file: hwaccel.ml.yml
# service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
volumes:
- model-cache:/cache
env_file:
- stack.env
restart: always
healthcheck:
disable: false
networks: # Specify network for container
- immich_net
redis:
container_name: immich_redis
image: docker.io/redis:6.2-alpine@sha256:eaba718fecd1196d88533de7ba49bf903ad33664a92debb24660a922ecd9cac8
healthcheck:
test: redis-cli ping || exit 1
restart: always
networks: # Specify network for container
- immich_net
database:
container_name: immich_postgres
image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
environment:
POSTGRES_PASSWORD: ${DB_PASSWORD}
POSTGRES_USER: ${DB_USERNAME}
POSTGRES_DB: ${DB_DATABASE_NAME}
POSTGRES_INITDB_ARGS: '--data-checksums'
volumes:
# Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
- ${DB_DATA_LOCATION}:/var/lib/postgresql/data
healthcheck:
test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
interval: 5m
start_interval: 30s
start_period: 5m
command:
[
'postgres',
'-c',
'shared_preload_libraries=vectors.so',
'-c',
'search_path="$$user", public, vectors',
'-c',
'logging_collector=on',
'-c',
'max_wal_size=2GB',
'-c',
'shared_buffers=512MB',
'-c',
'wal_compression=on',
]
restart: always
networks: # Specify network for container
- immich_net
volumes:
pgdata:
model-cache:
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)
immich_net:
external: false

27
docker-compose/iptv-org-epg/docker-compose.yml Normal file
View File

@@ -0,0 +1,27 @@
version: "2.1"
services:
# Download iptv-org epg data
iptv-org-epg:
image: iptv-org/epg
container_name: iptv-org-epg
environment:
- CRON_SCHEDULE="45 22,10 * * *"
- MAX_CONNECTIONS=10
# - GZIP=true
# - PROXY="socks5://127.0.0.1:1234"
- DAYS=14
- TIMEOUT=5
- DELAY=2
volumes:
- /docker-containers/iptv-org-epg/channels.xml:/epg/channels.xml
ports:
- 3000:3000
restart: unless-stopped
stdin_open: true
tty: true
networks:
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

17
docker-compose/it-tools/docker-compose.yml Normal file
View File

@@ -0,0 +1,17 @@
version: '3.9'
services:
it-tools:
image: 'corentinth/it-tools:latest'
ports:
- '8589:80'
restart: unless-stopped
container_name: it-tools
networks:
homelab:
aliases:
- ittools # adding multiple aliases under certain network
- webtools
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

26
docker-compose/jackett/docker-compose.yml Normal file
View File

@@ -0,0 +1,26 @@
version: "2.1"
services:
# Indexer for torrent sites
jackett:
image: lscr.io/linuxserver/jackett:latest
container_name: jackett
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
- AUTO_UPDATE=true #optional
#- RUN_OPTS=<run options here> #optional
volumes:
- /docker-containers/jackett:/config
- /unsorted/qbit/_watched:/downloads
ports:
- 9117:9117
restart: unless-stopped
stdin_open: true
tty: true
networks:
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

16
docker-compose/jdownloader/docker-compose.yml Normal file
View File

@@ -0,0 +1,16 @@
version: '3'
services:
jdownloader:
container_name: jdownloader
image: jlesage/jdownloader-2
ports:
- "5800:5800"
volumes:
- /docker-containers/jdownloader:/config:rw
- /unsorted/jdownloader:/output:rw
restart: unless-stopped
networks: # Specify network for container
- homelab
networks: # specify the network 2x. In service, and in this tag area
homelab:
external: true # join the above network instead of making a _default one

35
docker-compose/jellyfin/docker-compose.yml Normal file
View File

@@ -0,0 +1,35 @@
version: '3.5'
services:
jellyfin:
image: jellyfin/jellyfin
container_name: jellyfin
user: 1000:1006
volumes:
- /docker-containers/jellyfin/config:/config
- /docker-containers/jellyfin/cache:/cache
- /Movies:/media/movies:ro
- /TvShows:/media/tvshows:ro
- /Videos:/media/videos:ro
- /Music:/media/music:ro
- /Pictures:/media/pictures:ro
- /Books:/media/books:ro
devices:
- /dev/dri/renderD128:/dev/dri/renderD128
ports:
- 8096:8096/tcp
- 7359:7359/udp
restart: 'unless-stopped'
# Optional - alternative address used for autodiscovery
environment:
- JELLYFIN_PublishedServerUrl=https://jellyfin.example.com
# Optional - may be necessary for docker healthcheck to pass if running in host network mode
#extra_hosts:
# - "host.docker.internal:host-gateway"
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # specify the network 2x. In service, and in this tag area
homelab:
external: true # join the above network instead of making a _default one

41
docker-compose/joplin/docker-compose.yml Normal file
View File

@@ -0,0 +1,41 @@
version: '3'
services:
db:
image: postgres:15
volumes:
- /docker/joplindb:/var/lib/postgresql/data
ports:
- "5432:5432"
restart: unless-stopped
environment:
- POSTGRES_PASSWORD=postgres
- POSTGRES_USER=postgres
- POSTGRES_DB=joplin
app:
image: joplin/server:latest
depends_on:
- db
ports:
- "22300:22300"
restart: unless-stopped
environment:
- APP_PORT=22300
- APP_BASE_URL=https://websiteurl.com
- DB_CLIENT=pg
- POSTGRES_PASSWORD=postgres
- POSTGRES_DATABASE=joplin
- POSTGRES_USER=postgres
- POSTGRES_PORT=5432
- POSTGRES_HOST=db
- MAILER_ENABLED=1
- MAILER_HOST=smtp.gmail.com
- MAILER_PORT=465
- MAILER_SECURE=1
- MAILER_AUTH_USER=youremail@gmail.com
- MAILER_AUTH_PASSWORD=Y0urP@ssw0rd
- MAILER_NOREPLY_NAME=Joplin
- MAILER_NOREPLY_EMAIL=email@email.com
volumes:
joplindb:

17
docker-compose/jupyter/docker-compose.yml Normal file
View File

@@ -0,0 +1,17 @@
jupyter:
image: jupyter/datascience-notebook
environment:
- PASSWORD=${PASSWORD}
nginx:
image: nginx
links:
- jupyter
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./letsencrypt.crt:/data/cert.crt
- /letsencrypt.key:/data/key.key
ports:
- 80:80
- 443:443

4
docker-compose/karakeep/.env Normal file
View File

@@ -0,0 +1,4 @@
KARAKEEP_VERSION=release
NEXTAUTH_SECRET=YourEncryptedString
MEILI_MASTER_KEY=YourEncryptedString
NEXTAUTH_URL=http://localhost:3000

55
docker-compose/karakeep/docker-compose.yml Normal file
View File

@@ -0,0 +1,55 @@
services:
karakeep:
image: ghcr.io/karakeep-app/karakeep:${KARAKEEP_VERSION:-release}
container_name: karakeep
restart: unless-stopped
volumes:
- /docker-containers/karakeep/data:/data
ports:
- 3069:3000
env_file:
- stack.env
environment:
MEILI_ADDR: http://meilisearch:7700
BROWSER_WEB_URL: http://chrome:9222
OPENAI_API_KEY: YourAPIKEY
DATA_DIR: /data # DON'T CHANGE THIS
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
chrome:
image: gcr.io/zenika-hub/alpine-chrome:123
container_name: karakeep-chrome
restart: unless-stopped
command:
- --no-sandbox
- --disable-gpu
- --disable-dev-shm-usage
- --remote-debugging-address=0.0.0.0
- --remote-debugging-port=9222
- --hide-scrollbars
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
meilisearch:
image: getmeili/meilisearch:v1.13.3
container_name: karakeep-meilisearch
restart: unless-stopped
env_file:
- stack.env
environment:
MEILI_NO_ANALYTICS: "true"
volumes:
- /docker-containers/karakeep/meilisearch:/meili_data
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # specify the network 2x. In service, and in this tag area
homelab:
external: true # join the above network instead of making a _default one

31
docker-compose/kometa/docker-compose.yml Normal file
View File

@@ -0,0 +1,31 @@
version: "2.1"
services:
# Kometa / Plex Collections Manager | Formerly "Plex Meta Manager"
kometa:
image: kometateam/kometa:latest # meisnate12/plex-meta-manager:nightly rebranded as kometa # lscr.io/linuxserver/plex-meta-manager:latest
container_name: kometa
labels:
- "com.centurylinklabs.watchtower.enable=true"
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
- KOMETA_CONFIG=/config/config.yml #optional
- KOMETA_TIME=23:15 #optional
# - KOMETA_RUN=true #optional
# - KOMETA_TEST=False #optional
# - KOMETA_NO_MISSING=False #optional
volumes:
- /docker-containers/kometa:/config:rw
entrypoint:
- python3
- kometa.py
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

22
docker-compose/lancommander/docker-compose.yml Normal file
View File

@@ -0,0 +1,22 @@
services:
lancommander:
image: lancommander/lancommander:latest
container_name: lancommander
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
volumes:
- /docker-containers/lancommander/config:/app/config
- /games:/media/games
- /unsorted:/media/unsorted
ports:
- 1337:1337/tcp # Webinterface
- 35891:35891/udp # Beacon Broadcast
restart: unless-stopped
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

24
docker-compose/lazylibrarian/docker-compose.yml Normal file
View File

@@ -0,0 +1,24 @@
---
version: "2.1"
services:
lazylibrarian:
image: lscr.io/linuxserver/lazylibrarian:latest
container_name: lazylibrarian
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
#- DOCKER_MODS=linuxserver/calibre-web:calibre|linuxserver/mods:lazylibrarian-ffmpeg #optional
volumes:
- /docker-containers/lazylibrarian:/config
- /unsorted:/downloads
- /Books:/books #optional
ports:
- 5299:5299
restart: unless-stopped
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

15
docker-compose/libation/docker-compose.yml Normal file
View File

@@ -0,0 +1,15 @@
# libation - for editing drm audio files to normal
---
version: "2.1"
services:
libation:
image: rmcrackan/libation
container_name: libation
environment:
- SLEEP_TIME=10m # 10m or -1 for scan 1 and download stop
volumes:
- /docker-containers/libation/config:/config
- /Books/test:/data
- /unsorted/libation:/tmp
restart: always

30
docker-compose/lidarr/docker-compose.yml Normal file
View File

@@ -0,0 +1,30 @@
version: "2.1"
services:
lidarr:
image: lscr.io/linuxserver/lidarr:latest
container_name: lidarr
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
volumes:
- /docker-containers/lidarr:/config
- /Music/Music-Library:/music #optional
- /Videos/Music:/musicvideos
- /unsorted:/downloads #optional
- /docker-containers/lidarr/custom-services:/custom-services.d
- /docker-containers/lidarr/custom-cont-init:/custom-cont-init.d
ports:
- 8686:8686
logging:
driver: json-file
options:
max-size: "10mb"
max-file: "1"
restart: unless-stopped
networks:
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

639
docker-compose/mailcow/docker-compose.yml Normal file
View File

@@ -0,0 +1,639 @@
version: '2.1'
services:
unbound-mailcow:
image: mailcow/unbound:1.17
environment:
- TZ=${TZ}
volumes:
- ./data/hooks/unbound:/hooks:Z
- ./data/conf/unbound/unbound.conf:/etc/unbound/unbound.conf:ro,Z
restart: always
tty: true
networks:
mailcow-network:
ipv4_address: ${IPV4_NETWORK:-172.22.1}.254
aliases:
- unbound
mysql-mailcow:
image: mariadb:10.5
depends_on:
- unbound-mailcow
stop_grace_period: 45s
volumes:
- mysql-vol-1:/var/lib/mysql/
- mysql-socket-vol-1:/var/run/mysqld/
- ./data/conf/mysql/:/etc/mysql/conf.d/:ro,Z
environment:
- TZ=${TZ}
- MYSQL_ROOT_PASSWORD=${DBROOT}
- MYSQL_DATABASE=${DBNAME}
- MYSQL_USER=${DBUSER}
- MYSQL_PASSWORD=${DBPASS}
- MYSQL_INITDB_SKIP_TZINFO=1
restart: always
ports:
- "${SQL_PORT:-127.0.0.1:13306}:3306"
networks:
mailcow-network:
aliases:
- mysql
redis-mailcow:
image: redis:7-alpine
volumes:
- redis-vol-1:/data/
restart: always
ports:
- "${REDIS_PORT:-127.0.0.1:7654}:6379"
environment:
- TZ=${TZ}
sysctls:
- net.core.somaxconn=4096
networks:
mailcow-network:
ipv4_address: ${IPV4_NETWORK:-172.22.1}.249
aliases:
- redis
clamd-mailcow:
image: mailcow/clamd:1.60
restart: always
depends_on:
- unbound-mailcow
dns:
- ${IPV4_NETWORK:-172.22.1}.254
environment:
- TZ=${TZ}
- SKIP_CLAMD=${SKIP_CLAMD:-n}
volumes:
- ./data/conf/clamav/:/etc/clamav/:Z
- clamd-db-vol-1:/var/lib/clamav
networks:
mailcow-network:
aliases:
- clamd
rspamd-mailcow:
image: mailcow/rspamd:1.92
stop_grace_period: 30s
depends_on:
- dovecot-mailcow
environment:
- TZ=${TZ}
- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
- IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
volumes:
- ./data/hooks/rspamd:/hooks:Z
- ./data/conf/rspamd/custom/:/etc/rspamd/custom:z
- ./data/conf/rspamd/override.d/:/etc/rspamd/override.d:Z
- ./data/conf/rspamd/local.d/:/etc/rspamd/local.d:Z
- ./data/conf/rspamd/plugins.d/:/etc/rspamd/plugins.d:Z
- ./data/conf/rspamd/lua/:/etc/rspamd/lua/:ro,Z
- ./data/conf/rspamd/rspamd.conf.local:/etc/rspamd/rspamd.conf.local:Z
- ./data/conf/rspamd/rspamd.conf.override:/etc/rspamd/rspamd.conf.override:Z
- rspamd-vol-1:/var/lib/rspamd
restart: always
hostname: rspamd
dns:
- ${IPV4_NETWORK:-172.22.1}.254
networks:
mailcow-network:
aliases:
- rspamd
php-fpm-mailcow:
image: mailcow/phpfpm:1.82
command: "php-fpm -d date.timezone=${TZ} -d expose_php=0"
depends_on:
- redis-mailcow
volumes:
- ./data/hooks/phpfpm:/hooks:Z
- ./data/web:/web:z
- ./data/conf/rspamd/dynmaps:/dynmaps:ro,z
- ./data/conf/rspamd/custom/:/rspamd_custom_maps:z
- rspamd-vol-1:/var/lib/rspamd
- mysql-socket-vol-1:/var/run/mysqld/
- ./data/conf/sogo/:/etc/sogo/:z
- ./data/conf/rspamd/meta_exporter:/meta_exporter:ro,z
- ./data/conf/phpfpm/sogo-sso/:/etc/sogo-sso/:z
- ./data/conf/phpfpm/php-fpm.d/pools.conf:/usr/local/etc/php-fpm.d/z-pools.conf:Z
- ./data/conf/phpfpm/php-conf.d/opcache-recommended.ini:/usr/local/etc/php/conf.d/opcache-recommended.ini:Z
- ./data/conf/phpfpm/php-conf.d/upload.ini:/usr/local/etc/php/conf.d/upload.ini:Z
- ./data/conf/phpfpm/php-conf.d/other.ini:/usr/local/etc/php/conf.d/zzz-other.ini:Z
- ./data/conf/dovecot/global_sieve_before:/global_sieve/before:z
- ./data/conf/dovecot/global_sieve_after:/global_sieve/after:z
- ./data/assets/templates:/tpls:z
- ./data/conf/nginx/:/etc/nginx/conf.d/:z
dns:
- ${IPV4_NETWORK:-172.22.1}.254
environment:
- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
- LOG_LINES=${LOG_LINES:-9999}
- TZ=${TZ}
- DBNAME=${DBNAME}
- DBUSER=${DBUSER}
- DBPASS=${DBPASS}
- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
- MAILCOW_PASS_SCHEME=${MAILCOW_PASS_SCHEME:-BLF-CRYPT}
- IMAP_PORT=${IMAP_PORT:-143}
- IMAPS_PORT=${IMAPS_PORT:-993}
- POP_PORT=${POP_PORT:-110}
- POPS_PORT=${POPS_PORT:-995}
- SIEVE_PORT=${SIEVE_PORT:-4190}
- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
- IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
- SUBMISSION_PORT=${SUBMISSION_PORT:-587}
- SMTPS_PORT=${SMTPS_PORT:-465}
- SMTP_PORT=${SMTP_PORT:-25}
- API_KEY=${API_KEY:-invalid}
- API_KEY_READ_ONLY=${API_KEY_READ_ONLY:-invalid}
- API_ALLOW_FROM=${API_ALLOW_FROM:-invalid}
- COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
- SKIP_SOLR=${SKIP_SOLR:-y}
- SKIP_CLAMD=${SKIP_CLAMD:-n}
- SKIP_SOGO=${SKIP_SOGO:-n}
- ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
- MASTER=${MASTER:-y}
- DEV_MODE=${DEV_MODE:-n}
- DEMO_MODE=${DEMO_MODE:-n}
- WEBAUTHN_ONLY_TRUSTED_VENDORS=${WEBAUTHN_ONLY_TRUSTED_VENDORS:-n}
restart: always
networks:
mailcow-network:
aliases:
- phpfpm
sogo-mailcow:
image: mailcow/sogo:1.114
environment:
- DBNAME=${DBNAME}
- DBUSER=${DBUSER}
- DBPASS=${DBPASS}
- TZ=${TZ}
- LOG_LINES=${LOG_LINES:-9999}
- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
- MAILCOW_PASS_SCHEME=${MAILCOW_PASS_SCHEME:-BLF-CRYPT}
- ACL_ANYONE=${ACL_ANYONE:-disallow}
- ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
- SOGO_EXPIRE_SESSION=${SOGO_EXPIRE_SESSION:-480}
- SKIP_SOGO=${SKIP_SOGO:-n}
- MASTER=${MASTER:-y}
- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
dns:
- ${IPV4_NETWORK:-172.22.1}.254
volumes:
- ./data/hooks/sogo:/hooks:Z
- ./data/conf/sogo/:/etc/sogo/:z
- ./data/web/inc/init_db.inc.php:/init_db.inc.php:Z
- ./data/conf/sogo/custom-favicon.ico:/usr/lib/GNUstep/SOGo/WebServerResources/img/sogo.ico:z
- ./data/conf/sogo/custom-theme.js:/usr/lib/GNUstep/SOGo/WebServerResources/js/theme.js:z
- ./data/conf/sogo/custom-sogo.js:/usr/lib/GNUstep/SOGo/WebServerResources/js/custom-sogo.js:z
- mysql-socket-vol-1:/var/run/mysqld/
- sogo-web-vol-1:/sogo_web
- sogo-userdata-backup-vol-1:/sogo_backup
labels:
ofelia.enabled: "true"
ofelia.job-exec.sogo_sessions.schedule: "@every 1m"
ofelia.job-exec.sogo_sessions.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-tool expire-sessions $${SOGO_EXPIRE_SESSION} || exit 0\""
ofelia.job-exec.sogo_ealarms.schedule: "@every 1m"
ofelia.job-exec.sogo_ealarms.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-ealarms-notify -p /etc/sogo/sieve.creds || exit 0\""
ofelia.job-exec.sogo_eautoreply.schedule: "@every 5m"
ofelia.job-exec.sogo_eautoreply.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-tool update-autoreply -p /etc/sogo/sieve.creds || exit 0\""
ofelia.job-exec.sogo_backup.schedule: "@every 24h"
ofelia.job-exec.sogo_backup.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-tool backup /sogo_backup ALL || exit 0\""
restart: always
networks:
mailcow-network:
ipv4_address: ${IPV4_NETWORK:-172.22.1}.248
aliases:
- sogo
dovecot-mailcow:
image: mailcow/dovecot:1.22
depends_on:
- mysql-mailcow
dns:
- ${IPV4_NETWORK:-172.22.1}.254
cap_add:
- NET_BIND_SERVICE
volumes:
- ./data/hooks/dovecot:/hooks:Z
- ./data/conf/dovecot:/etc/dovecot:z
- ./data/assets/ssl:/etc/ssl/mail/:ro,z
- ./data/conf/sogo/:/etc/sogo/:z
- ./data/conf/phpfpm/sogo-sso/:/etc/phpfpm/:z
- vmail-vol-1:/var/vmail
- vmail-index-vol-1:/var/vmail_index
- crypt-vol-1:/mail_crypt/
- ./data/conf/rspamd/custom/:/etc/rspamd/custom:z
- ./data/assets/templates:/templates:z
- rspamd-vol-1:/var/lib/rspamd
- mysql-socket-vol-1:/var/run/mysqld/
environment:
- DOVECOT_MASTER_USER=${DOVECOT_MASTER_USER:-}
- DOVECOT_MASTER_PASS=${DOVECOT_MASTER_PASS:-}
- LOG_LINES=${LOG_LINES:-9999}
- DBNAME=${DBNAME}
- DBUSER=${DBUSER}
- DBPASS=${DBPASS}
- TZ=${TZ}
- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
- MAILCOW_PASS_SCHEME=${MAILCOW_PASS_SCHEME:-BLF-CRYPT}
- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
- ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
- MAILDIR_GC_TIME=${MAILDIR_GC_TIME:-7200}
- ACL_ANYONE=${ACL_ANYONE:-disallow}
- SKIP_SOLR=${SKIP_SOLR:-y}
- MAILDIR_SUB=${MAILDIR_SUB:-}
- MASTER=${MASTER:-y}
- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
- COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
ports:
- "${DOVEADM_PORT:-127.0.0.1:19991}:12345"
- "${IMAP_PORT:-143}:143"
- "${IMAPS_PORT:-993}:993"
- "${POP_PORT:-110}:110"
- "${POPS_PORT:-995}:995"
- "${SIEVE_PORT:-4190}:4190"
restart: always
tty: true
labels:
ofelia.enabled: "true"
ofelia.job-exec.dovecot_imapsync_runner.schedule: "@every 1m"
ofelia.job-exec.dovecot_imapsync_runner.no-overlap: "true"
ofelia.job-exec.dovecot_imapsync_runner.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu nobody /usr/local/bin/imapsync_runner.pl || exit 0\""
ofelia.job-exec.dovecot_trim_logs.schedule: "@every 1m"
ofelia.job-exec.dovecot_trim_logs.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu vmail /usr/local/bin/trim_logs.sh || exit 0\""
ofelia.job-exec.dovecot_quarantine.schedule: "@every 20m"
ofelia.job-exec.dovecot_quarantine.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu vmail /usr/local/bin/quarantine_notify.py || exit 0\""
ofelia.job-exec.dovecot_clean_q_aged.schedule: "@every 24h"
ofelia.job-exec.dovecot_clean_q_aged.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu vmail /usr/local/bin/clean_q_aged.sh || exit 0\""
ofelia.job-exec.dovecot_maildir_gc.schedule: "@every 30m"
ofelia.job-exec.dovecot_maildir_gc.command: "/bin/bash -c \"source /source_env.sh ; /usr/local/bin/gosu vmail /usr/local/bin/maildir_gc.sh\""
ofelia.job-exec.dovecot_sarules.schedule: "@every 24h"
ofelia.job-exec.dovecot_sarules.command: "/bin/bash -c \"/usr/local/bin/sa-rules.sh\""
ofelia.job-exec.dovecot_fts.schedule: "@every 24h"
ofelia.job-exec.dovecot_fts.command: "/usr/bin/curl http://solr:8983/solr/dovecot-fts/update?optimize=true"
ofelia.job-exec.dovecot_repl_health.schedule: "@every 5m"
ofelia.job-exec.dovecot_repl_health.command: "/bin/bash -c \"/usr/local/bin/gosu vmail /usr/local/bin/repl_health.sh\""
ulimits:
nproc: 65535
nofile:
soft: 20000
hard: 40000
networks:
mailcow-network:
ipv4_address: ${IPV4_NETWORK:-172.22.1}.250
aliases:
- dovecot
postfix-mailcow:
image: mailcow/postfix:1.68
depends_on:
- mysql-mailcow
volumes:
- ./data/hooks/postfix:/hooks:Z
- ./data/conf/postfix:/opt/postfix/conf:z
- ./data/assets/ssl:/etc/ssl/mail/:ro,z
- postfix-vol-1:/var/spool/postfix
- crypt-vol-1:/var/lib/zeyple
- rspamd-vol-1:/var/lib/rspamd
- mysql-socket-vol-1:/var/run/mysqld/
environment:
- LOG_LINES=${LOG_LINES:-9999}
- TZ=${TZ}
- DBNAME=${DBNAME}
- DBUSER=${DBUSER}
- DBPASS=${DBPASS}
- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
cap_add:
- NET_BIND_SERVICE
ports:
- "${SMTP_PORT:-25}:25"
- "${SMTPS_PORT:-465}:465"
- "${SUBMISSION_PORT:-587}:587"
restart: always
dns:
- ${IPV4_NETWORK:-172.22.1}.254
networks:
mailcow-network:
ipv4_address: ${IPV4_NETWORK:-172.22.1}.253
aliases:
- postfix
memcached-mailcow:
image: memcached:alpine
restart: always
environment:
- TZ=${TZ}
networks:
mailcow-network:
aliases:
- memcached
nginx-mailcow:
depends_on:
- sogo-mailcow
- php-fpm-mailcow
- redis-mailcow
image: nginx:mainline-alpine
dns:
- ${IPV4_NETWORK:-172.22.1}.254
command: /bin/sh -c "envsubst < /etc/nginx/conf.d/templates/listen_plain.template > /etc/nginx/conf.d/listen_plain.active &&
envsubst < /etc/nginx/conf.d/templates/listen_ssl.template > /etc/nginx/conf.d/listen_ssl.active &&
envsubst < /etc/nginx/conf.d/templates/sogo.template > /etc/nginx/conf.d/sogo.active &&
. /etc/nginx/conf.d/templates/server_name.template.sh > /etc/nginx/conf.d/server_name.active &&
. /etc/nginx/conf.d/templates/sites.template.sh > /etc/nginx/conf.d/sites.active &&
. /etc/nginx/conf.d/templates/sogo_eas.template.sh > /etc/nginx/conf.d/sogo_eas.active &&
nginx -qt &&
until ping phpfpm -c1 > /dev/null; do sleep 1; done &&
until ping sogo -c1 > /dev/null; do sleep 1; done &&
until ping redis -c1 > /dev/null; do sleep 1; done &&
until ping rspamd -c1 > /dev/null; do sleep 1; done &&
exec nginx -g 'daemon off;'"
environment:
- HTTPS_PORT=${HTTPS_PORT:-443}
- HTTP_PORT=${HTTP_PORT:-80}
- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
- TZ=${TZ}
- SKIP_SOGO=${SKIP_SOGO:-n}
- ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
- ADDITIONAL_SERVER_NAMES=${ADDITIONAL_SERVER_NAMES:-}
volumes:
- ./data/web:/web:ro,z
- ./data/conf/rspamd/dynmaps:/dynmaps:ro,z
- ./data/assets/ssl/:/etc/ssl/mail/:ro,z
- ./data/conf/nginx/:/etc/nginx/conf.d/:z
- ./data/conf/rspamd/meta_exporter:/meta_exporter:ro,z
- sogo-web-vol-1:/usr/lib/GNUstep/SOGo/
ports:
- "${HTTPS_BIND:-}:${HTTPS_PORT:-443}:${HTTPS_PORT:-443}"
- "${HTTP_BIND:-}:${HTTP_PORT:-80}:${HTTP_PORT:-80}"
restart: always
networks:
mailcow-network:
aliases:
- nginx
acme-mailcow:
depends_on:
- nginx-mailcow
image: mailcow/acme:1.84
dns:
- ${IPV4_NETWORK:-172.22.1}.254
environment:
- LOG_LINES=${LOG_LINES:-9999}
- ACME_CONTACT=${ACME_CONTACT:-}
- ADDITIONAL_SAN=${ADDITIONAL_SAN}
- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
- DBNAME=${DBNAME}
- DBUSER=${DBUSER}
- DBPASS=${DBPASS}
- SKIP_LETS_ENCRYPT=${SKIP_LETS_ENCRYPT:-n}
- COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
- DIRECTORY_URL=${DIRECTORY_URL:-}
- ENABLE_SSL_SNI=${ENABLE_SSL_SNI:-n}
- SKIP_IP_CHECK=${SKIP_IP_CHECK:-n}
- SKIP_HTTP_VERIFICATION=${SKIP_HTTP_VERIFICATION:-n}
- ONLY_MAILCOW_HOSTNAME=${ONLY_MAILCOW_HOSTNAME:-n}
- LE_STAGING=${LE_STAGING:-n}
- TZ=${TZ}
- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
- SNAT_TO_SOURCE=${SNAT_TO_SOURCE:-n}
- SNAT6_TO_SOURCE=${SNAT6_TO_SOURCE:-n}
volumes:
- ./data/web/.well-known/acme-challenge:/var/www/acme:z
- ./data/assets/ssl:/var/lib/acme/:z
- ./data/assets/ssl-example:/var/lib/ssl-example/:ro,Z
- mysql-socket-vol-1:/var/run/mysqld/
restart: always
networks:
mailcow-network:
aliases:
- acme
netfilter-mailcow:
image: mailcow/netfilter:1.50
stop_grace_period: 30s
depends_on:
- dovecot-mailcow
- postfix-mailcow
- sogo-mailcow
- php-fpm-mailcow
- redis-mailcow
restart: always
privileged: true
environment:
- TZ=${TZ}
- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
- IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
- SNAT_TO_SOURCE=${SNAT_TO_SOURCE:-n}
- SNAT6_TO_SOURCE=${SNAT6_TO_SOURCE:-n}
- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
network_mode: "host"
volumes:
- /lib/modules:/lib/modules:ro
watchdog-mailcow:
image: mailcow/watchdog:1.97
dns:
- ${IPV4_NETWORK:-172.22.1}.254
tmpfs:
- /tmp
volumes:
- rspamd-vol-1:/var/lib/rspamd
- mysql-socket-vol-1:/var/run/mysqld/
- postfix-vol-1:/var/spool/postfix
- ./data/assets/ssl:/etc/ssl/mail/:ro,z
restart: always
environment:
- IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
- LOG_LINES=${LOG_LINES:-9999}
- TZ=${TZ}
- DBNAME=${DBNAME}
- DBUSER=${DBUSER}
- DBPASS=${DBPASS}
- DBROOT=${DBROOT}
- USE_WATCHDOG=${USE_WATCHDOG:-n}
- WATCHDOG_NOTIFY_EMAIL=${WATCHDOG_NOTIFY_EMAIL:-}
- WATCHDOG_NOTIFY_BAN=${WATCHDOG_NOTIFY_BAN:-y}
- WATCHDOG_SUBJECT=${WATCHDOG_SUBJECT:-Watchdog ALERT}
- WATCHDOG_EXTERNAL_CHECKS=${WATCHDOG_EXTERNAL_CHECKS:-n}
- WATCHDOG_MYSQL_REPLICATION_CHECKS=${WATCHDOG_MYSQL_REPLICATION_CHECKS:-n}
- WATCHDOG_VERBOSE=${WATCHDOG_VERBOSE:-n}
- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
- COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
- IP_BY_DOCKER_API=${IP_BY_DOCKER_API:-0}
- CHECK_UNBOUND=${CHECK_UNBOUND:-1}
- SKIP_CLAMD=${SKIP_CLAMD:-n}
- SKIP_LETS_ENCRYPT=${SKIP_LETS_ENCRYPT:-n}
- SKIP_SOGO=${SKIP_SOGO:-n}
- HTTPS_PORT=${HTTPS_PORT:-443}
- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
- EXTERNAL_CHECKS_THRESHOLD=${EXTERNAL_CHECKS_THRESHOLD:-1}
- NGINX_THRESHOLD=${NGINX_THRESHOLD:-5}
- UNBOUND_THRESHOLD=${UNBOUND_THRESHOLD:-5}
- REDIS_THRESHOLD=${REDIS_THRESHOLD:-5}
- MYSQL_THRESHOLD=${MYSQL_THRESHOLD:-5}
- MYSQL_REPLICATION_THRESHOLD=${MYSQL_REPLICATION_THRESHOLD:-1}
- SOGO_THRESHOLD=${SOGO_THRESHOLD:-3}
- POSTFIX_THRESHOLD=${POSTFIX_THRESHOLD:-8}
- CLAMD_THRESHOLD=${CLAMD_THRESHOLD:-15}
- DOVECOT_THRESHOLD=${DOVECOT_THRESHOLD:-12}
- DOVECOT_REPL_THRESHOLD=${DOVECOT_REPL_THRESHOLD:-20}
- PHPFPM_THRESHOLD=${PHPFPM_THRESHOLD:-5}
- RATELIMIT_THRESHOLD=${RATELIMIT_THRESHOLD:-1}
- FAIL2BAN_THRESHOLD=${FAIL2BAN_THRESHOLD:-1}
- ACME_THRESHOLD=${ACME_THRESHOLD:-1}
- RSPAMD_THRESHOLD=${RSPAMD_THRESHOLD:-5}
- OLEFY_THRESHOLD=${OLEFY_THRESHOLD:-5}
- MAILQ_THRESHOLD=${MAILQ_THRESHOLD:-20}
- MAILQ_CRIT=${MAILQ_CRIT:-30}
networks:
mailcow-network:
aliases:
- watchdog
dockerapi-mailcow:
image: mailcow/dockerapi:2.01
security_opt:
- label=disable
restart: always
dns:
- ${IPV4_NETWORK:-172.22.1}.254
environment:
- DBROOT=${DBROOT}
- TZ=${TZ}
- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
mailcow-network:
aliases:
- dockerapi
solr-mailcow:
image: mailcow/solr:1.8.1
restart: always
volumes:
- solr-vol-1:/opt/solr/server/solr/dovecot-fts/data
ports:
- "${SOLR_PORT:-127.0.0.1:18983}:8983"
environment:
- TZ=${TZ}
- SOLR_HEAP=${SOLR_HEAP:-1024}
- SKIP_SOLR=${SKIP_SOLR:-y}
networks:
mailcow-network:
aliases:
- solr
olefy-mailcow:
image: mailcow/olefy:1.11
restart: always
environment:
- TZ=${TZ}
- OLEFY_BINDADDRESS=0.0.0.0
- OLEFY_BINDPORT=10055
- OLEFY_TMPDIR=/tmp
- OLEFY_PYTHON_PATH=/usr/bin/python3
- OLEFY_OLEVBA_PATH=/usr/bin/olevba
- OLEFY_LOGLVL=20
- OLEFY_MINLENGTH=500
- OLEFY_DEL_TMP=1
networks:
mailcow-network:
aliases:
- olefy
ofelia-mailcow:
image: mcuadros/ofelia:latest
restart: always
command: daemon --docker
environment:
- TZ=${TZ}
depends_on:
- sogo-mailcow
- dovecot-mailcow
labels:
ofelia.enabled: "true"
security_opt:
- label=disable
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
mailcow-network:
aliases:
- ofelia
ipv6nat-mailcow:
depends_on:
- unbound-mailcow
- mysql-mailcow
- redis-mailcow
- clamd-mailcow
- rspamd-mailcow
- php-fpm-mailcow
- sogo-mailcow
- dovecot-mailcow
- postfix-mailcow
- memcached-mailcow
- nginx-mailcow
- acme-mailcow
- netfilter-mailcow
- watchdog-mailcow
- dockerapi-mailcow
- solr-mailcow
environment:
- TZ=${TZ}
image: robbertkl/ipv6nat
security_opt:
- label=disable
restart: always
privileged: true
network_mode: "host"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /lib/modules:/lib/modules:ro
networks:
mailcow-network:
driver: bridge
driver_opts:
com.docker.network.bridge.name: br-mailcow
enable_ipv6: true
ipam:
driver: default
config:
- subnet: ${IPV4_NETWORK:-172.22.1}.0/24
- subnet: ${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
volumes:
vmail-vol-1:
vmail-index-vol-1:
mysql-vol-1:
mysql-socket-vol-1:
redis-vol-1:
rspamd-vol-1:
solr-vol-1:
postfix-vol-1:
crypt-vol-1:
sogo-web-vol-1:
sogo-userdata-backup-vol-1:
clamd-db-vol-1:

43
docker-compose/mailserver/docker-compose.yml Normal file
View File

@@ -0,0 +1,43 @@
services:
# Full example :
# https://github.com/hardware/mailserver/blob/master/docker-compose.sample.yml
rainloop:
image: hardware/rainloop
container_name: rainloop
volumes:
- /docker-containers/rainloop:/rainloop/data
depends_on:
- mailserver
mailserver:
image: docker.io/mailserver/docker-mailserver:latest
container_name: mailserver
# If the FQDN for your mail-server is only two labels (eg: example.com),
# you can assign this entirely to `hostname` and remove `domainname`.
hostname: mail
domainname: example.com
env_file: mailserver.env
# More information about the mail-server ports:
# https://docker-mailserver.github.io/docker-mailserver/edge/config/security/understanding-the-ports/
# To avoid conflicts with yaml base-60 float, DO NOT remove the quotation marks.
ports:
- "25:25" # SMTP (explicit TLS => STARTTLS)
- "143:143" # IMAP4 (explicit TLS => STARTTLS)
- "465:465" # ESMTP (implicit TLS)
- "587:587" # ESMTP (explicit TLS => STARTTLS)
- "993:993" # IMAP4 (implicit TLS)
volumes:
- /docker-containers/mailserver:/var/
# - ./docker-data/dms/mail-data/:/var/mail/
# - ./docker-data/dms/mail-state/:/var/mail-state/
# - ./docker-data/dms/mail-logs/:/var/log/mail/
# - ./docker-data/dms/config/:/tmp/docker-mailserver/
- /etc/localtime:/etc/localtime:ro
restart: always
stop_grace_period: 1m
cap_add:
- NET_ADMIN
healthcheck:
test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1"
timeout: 3s
retries: 0

30
docker-compose/mariadb/docker-compose.yml Normal file
View File

@@ -0,0 +1,30 @@
version: "3.0"
services:
mariadb:
image: lscr.io/linuxserver/mariadb
container_name: mariadb
environment:
- PUID=1000
- PGID=1003
- MYSQL_ROOT_PASSWORD=ChangeMe123
- TZ=America/New_York
- MYSQL_DATABASE=default
- MYSQL_USER=yourusername
- MYSQL_PASSWORD=ChangeMe123
volumes:
- /docker-containers/mariadb:/config
ports:
- "3306:3306"
restart: unless-stopped
stdin_open: true
tty: true
networks:
homelab:
aliases:
- mysql # how to add multiple aliases
- romm-db
- db
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one, wont work without it though..

142
docker-compose/mastodon/docker-compose.yml Normal file
View File

@@ -0,0 +1,142 @@
# https://github.com/mastodon/mastodon/blob/main/docker-compose.yml
version: '3'
services:
# Already installed in it's own container, not sure If I want to run here also. maybe different version?
db:
restart: always
image: postgres:14-alpine
shm_size: 256mb
networks:
- internal_mast
healthcheck:
test: ['CMD', 'pg_isready', '-U', 'postgres']
volumes:
#- ./postgres14:/var/lib/postgresql/data
- /docker-containers/mastodon/postgres14:/var/lib/postgresql/data
environment:
- 'POSTGRES_HOST_AUTH_METHOD=trust'
redis:
restart: always
image: redis:7-alpine
networks:
- internal_mast
healthcheck:
test: ['CMD', 'redis-cli', 'ping']
volumes:
- /docker-containers/mastodon/redis:/data
# Already installed in it's own container
# es:
# restart: always
# image: docker.elastic.co/elasticsearch/elasticsearch:7.17.4
# environment:
# - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Des.enforce.bootstrap.checks=true"
# - "xpack.license.self_generated.type=basic"
# - "xpack.security.enabled=false"
# - "xpack.watcher.enabled=false"
# - "xpack.graph.enabled=false"
# - "xpack.ml.enabled=false"
# - "bootstrap.memory_lock=true"
# - "cluster.name=es-mastodon"
# - "discovery.type=single-node"
# - "thread_pool.write.queue_size=1000"
# networks:
# - external_mast
# - internal_mast
# healthcheck:
# test: ["CMD-SHELL", "curl --silent --fail localhost:9200/_cluster/health || exit 1"]
# volumes:
# - ./elasticsearch:/usr/share/elasticsearch/data
# ulimits:
# memlock:
# soft: -1
# hard: -1
# nofile:
# soft: 65536
# hard: 65536
# ports:
# - '127.0.0.1:9200:9200'
web:
build: .
image: ghcr.io/mastodon/mastodon:v4.2.0
restart: always
env_file:
- /docker-containers/mastodon/.env.production
command: bundle exec puma -C config/puma.rb
networks:
- external_mast
- internal_mast
healthcheck:
# prettier-ignore
test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:3000/health || exit 1']
ports:
- '127.0.0.1:3000:3000'
depends_on:
- db
- redis
# - es
volumes:
- /docker-containers/mastodon/system:/mastodon/public/system
streaming:
build: .
image: ghcr.io/mastodon/mastodon:v4.2.0
restart: always
env_file:
-/docker-containers/mastodon/.env.production
command: node ./streaming
networks:
- external_mast
- internal_mast
healthcheck:
# prettier-ignore
test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1']
ports:
- '127.0.0.1:4000:4000'
depends_on:
- db
- redis
sidekiq:
build: .
image: ghcr.io/mastodon/mastodon:v4.2.0
restart: always
env_file:
- /docker-containers/mastodon/.env.production
command: bundle exec sidekiq
depends_on:
- db
- redis
networks:
- external_mast
- internal_mast
volumes:
- /docker-containers/mastodon/system:/mastodon/public/system
healthcheck:
test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"]
## Uncomment to enable federation with tor instances along with adding the following ENV variables
## http_hidden_proxy=http://privoxy:8118
## ALLOW_ACCESS_TO_HIDDEN_SERVICE=true
# tor:
# image: sirboops/tor
# networks:
# - external_mast
# - internal_mast
#
# privoxy:
# image: sirboops/privoxy
# volumes:
# - ./priv-config:/opt/config
# networks:
# - external_mast
# - internal_mast
networks:
external_mast:
internal_mast:
internal: true

39
docker-compose/mealie/docker-compose.yml Normal file
View File

@@ -0,0 +1,39 @@
---
version: "3.7"
services:
mealie:
image: ghcr.io/mealie-recipes/mealie:v3.3.0
container_name: mealie
ports:
- "9925:9000"
deploy:
resources:
limits:
memory: 1000M
environment:
- ALLOW_SIGNUP=true
- PUID=1000
- PGID=1006
- TZ=America/New_York
- MAX_WORKERS=1
- WEB_CONCURRENCY=1
- BASE_URL=https://mealie.example.com/
- OPENAI_BASE_URL= # leave empty to use standard if aren't sure
- OPENAI_API_KEY=YourAPIKEY
- OPENAI_MODEL=gpt-4o
- OPENAI_ENABLE_IMAGE_SERVICES=true
- OPENAI_WORKERS=1 # more = more money
- OPENAI_SEND_DATABASE_DATA=false # true = more money
- OPENAI_REQUEST_TIMEOUT=60 # default is 60
restart: always
volumes:
- /docker-containers/mealie:/app/data
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

96
docker-compose/mediacms/docker-compose.yml Normal file
View File

@@ -0,0 +1,96 @@
version: "3"
services:
migrations:
image: mediacms/mediacms:latest
volumes:
- /docker-containers/mediacms:/home/mediacms.io/mediacms/
environment:
ENABLE_UWSGI: 'no'
ENABLE_NGINX: 'no'
ENABLE_CELERY_SHORT: 'no'
ENABLE_CELERY_LONG: 'no'
ENABLE_CELERY_BEAT: 'no'
ADMIN_USER: 'yourusername'
ADMIN_EMAIL: 'your@email.com'
ADMIN_PASSWORD: 'ChangeMe123'
command: "./deploy/docker/prestart.sh"
restart: on-failure
depends_on:
redis:
condition: service_healthy
# db:
# condition: service_healthy
networks: # Specify network for container
- homelab
web:
image: mediacms/mediacms:latest
deploy:
replicas: 1
ports:
- "80:80"
volumes:
- /docker-containers/mediacms:/home/mediacms.io/mediacms/
environment:
ENABLE_CELERY_BEAT: 'no'
ENABLE_CELERY_SHORT: 'no'
ENABLE_CELERY_LONG: 'no'
ENABLE_MIGRATIONS: 'no'
depends_on:
- migrations
networks: # Specify network for container
- homelab
celery_beat:
image: mediacms/mediacms:latest
volumes:
- /docker-containers/mediacms:/home/mediacms.io/mediacms/
environment:
ENABLE_UWSGI: 'no'
ENABLE_NGINX: 'no'
ENABLE_CELERY_SHORT: 'no'
ENABLE_CELERY_LONG: 'no'
ENABLE_MIGRATIONS: 'no'
depends_on:
- redis
celery_worker:
image: mediacms/mediacms:latest
deploy:
replicas: 1
volumes:
- /docker-containers/mediacms:/home/mediacms.io/mediacms/
environment:
ENABLE_UWSGI: 'no'
ENABLE_NGINX: 'no'
ENABLE_CELERY_BEAT: 'no'
ENABLE_MIGRATIONS: 'no'
depends_on:
- migrations
# Uncomment below to use postgres db, running in seperate stack.
# db:
# image: postgres:15.2-alpine
# volumes:
# - ../postgres_data:/var/lib/postgresql/data/
# restart: always
# environment:
# POSTGRES_USER: mediacms
# POSTGRES_PASSWORD: mediacms
# POSTGRES_DB: mediacms
# TZ: Europe/London
# healthcheck:
# test: ["CMD-SHELL", "pg_isready", "--host=db", "--dbname=$POSTGRES_DB", "--username=$POSTGRES_USER"]
# interval: 10s
# timeout: 5s
# retries: 5
redis:
image: "redis:alpine"
restart: always
healthcheck:
test: ["CMD", "redis-cli","ping"]
interval: 30s
timeout: 10s
retries: 3
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

37
docker-compose/minecraft-paper_itzg/docker-compose.yml Normal file
View File

@@ -0,0 +1,37 @@
version: "3.8"
services:
mc:
image: itzg/minecraft-server
container_name: minecraft
environment:
EULA: "true"
TYPE: "PAPER"
VERSION: 1.21.1
PLUGINS: |
https://download.geysermc.org/v2/projects/geyser/versions/latest/builds/latest/downloads/spigot
https://download.geysermc.org/v2/projects/floodgate/versions/latest/builds/latest/downloads/spigot
VIEW_DISTANCE: 15
MAX_PLAYERS: 100
MEMORY: 12G
EXTRA_ARGS: '--world-dir /data/worlds/'
# WORLD: /data/worlds
# FORCE_WORLD_COPY: "false" # will copy a world from a directory then run if needed # still clones world from /data/worlds to /data/world
ports:
- "25565:25565"
- "19132:19132/udp"
- "8123:8123" # For dynmap
volumes:
# attach the relative directory 'data' to the container's /data path
- /docker-containers/minecraft-paper_itzg:/data
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
homelab:
aliases:
- mc
- mcecon
networks: # you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one

26
docker-compose/mixpost/.env Normal file
View File

@@ -0,0 +1,26 @@
# The name of your application.
APP_NAME=Mixpost
# Key used to encrypt and decrypt sensitive data. Generate this using the following tool:
# https://mixpost.app/tools/encryption-key-generator
APP_KEY=base64:YourBase64EncodedString
# Debug mode setting. Set to `false` for production environments.
APP_DEBUG=false
# Your app's domain or subdomain, without the 'http://' or 'https://' prefix.
APP_DOMAIN=mixpost.example.com
# Full application URL is automatically configured; no modification required.
APP_URL=https://${APP_DOMAIN}
# MySQL connection setup.
DB_CONNECTION=mysql
DB_HOST=mysql # Use one of the MariaDB aliases
DB_PORT=3306
DB_DATABASE=mixpost_db
DB_USERNAME=mixpost
DB_PASSWORD=yourPassword
# Specify the email address to be used for SSL certificate registration and notifications.
SSL_EMAIL=admin@example.com

53
docker-compose/mixpost/docker-compose.yml Normal file
View File

@@ -0,0 +1,53 @@
# social media management software # paid past facebook and twitter
# didn't want to mix traefik and nginx so stopped using for now may pick up later
# using mariadb for mysql connection. already setup within .env if checked
# even after getting working couldn't quite get it to post to facebook or twitter
# Will likely use n8n or node-red instead. Seems all these softwares go to paid plans eventually
version: "3.8"
services:
mixpost:
image: inovector/mixpost:latest
container_name: mixpost
# env_file:
# - .env
environment:
- APP_KEY=base64:YourBase64EncodedString
- APP_DEBUG=true
- APP_DOMAIN=mixpost.example.com
- APP_URL=https://mixpost.example.com
- DB_CONNECTION=mysql
- DB_HOST=mysql
- DB_PORT=3306
- DB_DATABASE=mixpost_db
- DB_USERNAME=mixpost
- DB_PASSWORD=yourPassword
- SSL_EMAIL=admin@example.com
ports:
- "8540:80"
- "8543:443"
volumes:
- /docker-containers/mixpost/app:/var/www/html/storage/app
- /docker-containers/mixpost/logs:/var/www/html/storage/logs
depends_on:
- redis
restart: unless-stopped
networks: # Specify network for container
homelab:
aliases:
- facebook
- instagram
redis:
image: 'redis:latest'
command: redis-server --appendonly yes --replica-read-only no
volumes:
- /docker-containers/mixpost/redis:/data
healthcheck:
test: ["CMD", "redis-cli", "ping"]
retries: 3
timeout: 5s
restart: unless-stopped
networks: # you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one

21
docker-compose/mkvtoolnix/docker-compose.yml Normal file
View File

@@ -0,0 +1,21 @@
version: "3"
services:
mkvtoolnix:
image: jlesage/mkvtoolnix
restart: unless-stopped
ports:
- "5800:5800" # mkvtoolnix gui
volumes:
- /docker-containers/mkvtoolnix:/config:rw
- /docker-containers/mkvtoolnix/storage:/storage:rw
- /TvShows:/storage/tvshows:rw
- /Videos:/storage/videos:rw
- /Movies:/storage/movies:rw
networks:
homelab:
aliases:
- mkvtool
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

16
docker-compose/mosquitto-eclipse/docker-compose.yml Normal file
View File

@@ -0,0 +1,16 @@
version: '2'
services:
mosquitto:
container_name: mosquitto
image: eclipse-mosquitto
restart: unless-stopped
ports:
- "1883:1883/tcp"
environment:
- TZ=American/New_York
volumes:
- /docker-containers/mosquitto-eclipse:/mosquitto/config
- /docker-containers/mosquitto-eclipse/data:/mosquitto/data
- /docker-containers/mosquitto-eclipse/log:/mosquitto/log
stdin_open: true
tty: true

132
docker-compose/musicbrainz/docker-compose.yml Normal file
View File

@@ -0,0 +1,132 @@
version: '3.1'
# Description: Default compose file, with host port for musicbrainz
volumes:
mqdata:
driver: local
pgdata:
driver: local
solrdata:
driver: local
dbdump:
driver: local
searchdump:
driver: local
services:
db:
build:
context: build/postgres
args:
- POSTGRES_VERSION=${POSTGRES_VERSION:-12}
image: musicbrainz-docker_db:${POSTGRES_VERSION:-12}
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "10"
restart: unless-stopped
command: postgres -c "shared_buffers=2048MB" -c "shared_preload_libraries=pg_amqp.so"
env_file:
- ./default/postgres.env
shm_size: "2GB"
volumes:
- pgdata:/var/lib/postgresql/data
expose:
- "5432"
musicbrainz:
build:
context: build/musicbrainz
args:
- POSTGRES_VERSION=${POSTGRES_VERSION:-12}
logging:
driver: "json-file"
options:
max-size: "50m"
max-file: "50"
ports:
- "${MUSICBRAINZ_DOCKER_HOST_IPADDRCOL:-}${MUSICBRAINZ_WEB_SERVER_PORT:-5000}:5000"
volumes:
- dbdump:/media/dbdump
- searchdump:/media/searchdump
restart: unless-stopped
env_file:
- ./default/postgres.env
environment:
- MUSICBRAINZ_BASE_FTP_URL=${MUSICBRAINZ_BASE_FTP_URL:-}
- MUSICBRAINZ_BASE_DOWNLOAD_URL=${MUSICBRAINZ_BASE_DOWNLOAD_URL:-https://data.metabrainz.org/pub/musicbrainz}
- MUSICBRAINZ_SERVER_PROCESSES=${MUSICBRAINZ_SERVER_PROCESSES:-10}
- MUSICBRAINZ_USE_PROXY=1
- MUSICBRAINZ_WEB_SERVER_HOST=${MUSICBRAINZ_WEB_SERVER_HOST:-localhost}
- MUSICBRAINZ_WEB_SERVER_PORT=${MUSICBRAINZ_WEB_SERVER_PORT:-5000}
depends_on:
- db
- mq
- search
- redis
indexer:
build: build/sir
env_file:
- ./default/postgres.env
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "10"
volumes:
- ${SIR_CONFIG_PATH:-./default/indexer.ini}:/code/config.ini
depends_on:
- db
- mq
- search
search:
build:
context: build/solr
args:
- MB_SOLR_VERSION=${MB_SOLR_VERSION:-3.4.2}
image: musicbrainz-docker_search:${MB_SOLR_VERSION:-3.4.2}
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "10"
restart: unless-stopped
environment:
- SOLR_HEAP=2g
- LOG4J_FORMAT_MSG_NO_LOOKUPS=true
expose:
- "8983"
volumes:
- solrdata:/opt/solr/server/solr/data
- searchdump:/media/searchdump
mq:
build: build/rabbitmq
hostname: "mq"
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "10"
restart: unless-stopped
ulimits:
nofile: 65536
volumes:
- mqdata:/var/lib/rabbitmq
expose:
- "5672"
redis:
image: redis:3-alpine
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "10"
restart: unless-stopped
expose:
- "6379"

26
docker-compose/n8n/docker-compose.yml Normal file
View File

@@ -0,0 +1,26 @@
version: '2'
services:
n8n:
container_name: n8n
image: docker.n8n.io/n8nio/n8n
restart: unless-stopped
ports:
- "5678:5678"
environment:
- N8N_HOST=${SUBDOMAIN}.${DOMAIN_NAME}
- N8N_PORT=5678
- N8N_PROTOCOL=https
- NODE_ENV=production
- WEBHOOK_URL=https://${SUBDOMAIN}.${DOMAIN_NAME}/
- GENERIC_TIMEZONE=${GENERIC_TIMEZONE}
volumes:
- /docker-containers/n8n/data:/home/node/.n8n
- /docker-containers/n8n/local-files:/files
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

27
docker-compose/navidrome/docker-compose.yml Normal file
View File

@@ -0,0 +1,27 @@
# version: "2.1" # Kind of old school and not needed with portainer
services:
# Music Streaming software. Browser + phone support substreamer/isub/amperfy(iphone)
navidrome:
image: deluan/navidrome:latest
container_name: navidrome
user: 1000:1006 # should be owner of volumes
ports:
- "4533:4533"
environment:
# Optional: put your config options customization here. Examples:
ND_CONFIGFILE: "/data/navidrome.toml"
ND_PROMETHEUS_ENABLED: "true"
ND_PROMETHEUS_METRICSPATH: "/metrics_naviprodigy986"
volumes:
- "/docker-containers/navidrome:/data"
- "/Music:/music:ro"
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

46
docker-compose/netbootxyz/docker-compose.yml Normal file
View File

@@ -0,0 +1,46 @@
---
version: "2.1"
services:
netbootxyz:
image: lscr.io/linuxserver/netbootxyz:latest
container_name: netbootxyz
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
- MENU_VERSION=2.0.83 #optional
- WEB_APP_PORT=3000 #optional
- NGINX_PORT=80 #optional
volumes:
- /docker-containers/netbootxyz/config:/config
- /docker-containers/netbootxyz/assets:/assets #optional
ports:
- 3069:3000
- 69:69/udp
- 8289:80 #optional
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
networks: # Specify network for container
mcprodnet:
ipv4_address: 192.168.1.168
#ipv6_address: 2605:a601:a627:100:2::1 # ip changed
# ipv6_address: 2605:a601:9132:d100:2::1 # newer, private setup within your network is better though fe:etc
# ipv6_address: 2001:3200:3200::20 # disabled because google fiber is shit and always changing and no way to update here
homelab:
aliases:
- netboot # adding multiple aliases under certain network
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)
mcprodnet:
#enable_ipv6: true
name: mcprodnet # We will name the network instead of letting docker do something random
driver: macvlan # Making the above network macvlan
driver_opts: # driver options to use
parent: eno1 # usually eth0 or eth1 but not always, used enp3s0 and enp4s0, had to delete /var/lib/docker/network/files/local-kv.db because phantom network
ipam:
config:
- subnet: "192.168.1.0/24" #Basically copy router range
gateway: "192.168.1.1" #host will eventually route to router, or just go direct

25
docker-compose/nginxproxymanager/docker-compose.yml Normal file
View File

@@ -0,0 +1,25 @@
version: '3.8'
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
restart: unless-stopped
ports:
# These ports are in format <host-port>:<container-port>
- '80:80' # Public HTTP Port
- '443:443' # Public HTTPS Port
- '81:81' # Admin Web Port
# Add any other Stream port you want to expose
# - '21:21' # FTP
# Uncomment the next line if you uncomment anything in the section
# environment:
# Uncomment this if you want to change the location of
# the SQLite DB file within the container
# DB_SQLITE_FILE: "/data/database.sqlite"
# Uncomment this if IPv6 is not enabled on your host
# DISABLE_IPV6: 'true'
volumes:
- ./data:/data
- ./letsencrypt:/etc/letsencrypt

38
docker-compose/nicotineplus/docker-compose.yml Normal file
View File

@@ -0,0 +1,38 @@
---
version: "2.1"
services:
nicotine-plus:
image: ghcr.io/fletchto99/nicotine-plus-docker:latest
container_name: nicotine-plus
security_opt:
- seccomp:unconfined #optional
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
# - PASSWORD= #optional
volumes:
- /docker-containers/nicotineplus/data:/config
- /unsorted/nicotineplus/complete:/data/downloads
- /unsorted/nicotineplus/incomplete:/data/incomplete_downloads
- /Music:/data/shared/Music #Shared Music Folder
- /Movies:/data/shared/Movies #Shared Movies folder
- /TvShows:/data/shared/TvShows #Shared TvShows folder
- /Videos:/data/shared/Videos #Shared Videos folder
- /programs:/data/shared/Programs #Shared Programs folder
- /games:/data/shared/Games #Shared Games folder
- /Books:/data/shared/Books #Shared Books folder
ports:
- 6080:6080
- 2234-2239:2234-2239
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
homelab:
aliases:
- nicotineplus # adding multiple aliases under certain network
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

26
docker-compose/node-red/docker-compose.yml Normal file
View File

@@ -0,0 +1,26 @@
################################################################################
# Node-RED Stack or Compose
################################################################################
# docker stack deploy node-red --compose-file docker-compose-node-red.yml
# docker-compose -f docker-compose-node-red.yml -p myNoderedProject up
################################################################################
version: "3.7"
services:
node-red:
image: nodered/node-red:latest
#image: nodered/node-red:2.2.3-12@sha256:051cdb78937b7396d5be102e575b3b47322bfa48efad5aeb0d86d0a3bef22d22 // armv7 version works for raspberry pi, apparently isn't very good at seeing whether 32 or 64 bit
environment:
- TZ=America/New_York
ports:
- "1880:1880"
networks:
- node-red-net
volumes:
- /docker-containers/node-red:/data
volumes:
node-red-data:
networks:
node-red-net:

145
docker-compose/nostr-relay/docker-compose.yml Normal file
View File

@@ -0,0 +1,145 @@
services:
nostream:
build: .
container_name: nostream
environment:
SECRET: ${SECRET}
RELAY_PORT: 8008
# Master
NOSTR_CONFIG_DIR: /home/node/.nostr
DB_HOST: nostream-db
DB_PORT: 5432
DB_USER: nostr_ts_relay
DB_PASSWORD: nostr_ts_relay
DB_NAME: nostr_ts_relay
DB_MIN_POOL_SIZE: 16
DB_MAX_POOL_SIZE: 64
DB_ACQUIRE_CONNECTION_TIMEOUT: 60000
# Read Replica
READ_REPLICAS: 2
READ_REPLICA_ENABLED: 'false'
# Read Replica No. 1
RR0_DB_HOST: db
RR0_DB_PORT: 5432
RR0_DB_USER: nostr_ts_relay
RR0_DB_PASSWORD: nostr_ts_relay
RR0_DB_NAME: nostr_ts_relay
RR0_DB_MIN_POOL_SIZE: 16
RR0_DB_MAX_POOL_SIZE: 64
RR0_DB_ACQUIRE_CONNECTION_TIMEOUT: 10000
# Read Replica No. 2
RR1_DB_HOST: db
RR1_DB_PORT: 5432
RR1_DB_USER: nostr_ts_relay
RR1_DB_PASSWORD: nostr_ts_relay
RR1_DB_NAME: nostr_ts_relay
RR1_DB_MIN_POOL_SIZE: 16
RR1_DB_MAX_POOL_SIZE: 64
RR1_DB_ACQUIRE_CONNECTION_TIMEOUT: 10000
# Add RR2, RR3, etc. to configure more read replicas
# Redis
REDIS_HOST: nostream-cache
REDIS_PORT: 6379
REDIS_USER: default
REDIS_PASSWORD: nostr_ts_relay
TOR_HOST: tor_proxy
TOR_CONTROL_PORT: 9051
TOR_PASSWORD: nostr_ts_relay
HIDDEN_SERVICE_PORT: 80
# Payments Processors
# Zebedee
ZEBEDEE_API_KEY: ${ZEBEDEE_API_KEY}
# Nodeless.io
NODELESS_API_KEY: ${NODELESS_API_KEY}
NODELESS_WEBHOOK_SECRET: ${NODELESS_WEBHOOK_SECRET}
# OpenNode
OPENNODE_API_KEY: ${OPENNODE_API_KEY}
# Lnbits
LNBITS_API_KEY: ${LNBITS_API_KEY}
# Enable DEBUG for troubleshooting. Examples:
# DEBUG: "primary:*"
# DEBUG: "worker:*"
# DEBUG: "knex:query"
user: node:node
volumes:
- ${PWD}/.nostr:/home/node/.nostr
ports:
- 127.0.0.1:8008:8008
depends_on:
nostream-cache:
condition: service_healthy
nostream-db:
condition: service_healthy
nostream-migrate:
condition: service_completed_successfully
restart: on-failure
networks:
default:
nostream-db:
image: postgres
container_name: nostream-db
environment:
POSTGRES_DB: nostr_ts_relay
POSTGRES_USER: nostr_ts_relay
POSTGRES_PASSWORD: nostr_ts_relay
volumes:
- ${PWD}/.nostr/data:/var/lib/postgresql/data
- ${PWD}/.nostr/db-logs:/var/log/postgresql
- ${PWD}/postgresql.conf:/postgresql.conf
networks:
default:
command: postgres -c 'config_file=/postgresql.conf'
restart: always
healthcheck:
test: ["CMD-SHELL", "pg_isready -U nostr_ts_relay"]
interval: 5s
timeout: 5s
retries: 5
start_period: 360s
nostream-cache:
image: redis:7.0.5-alpine3.16
container_name: nostream-cache
volumes:
- cache:/data
command: redis-server --loglevel warning --requirepass nostr_ts_relay
networks:
default:
restart: always
healthcheck:
test: [ "CMD", "redis-cli", "ping", "|", "grep", "PONG" ]
interval: 1s
timeout: 5s
retries: 5
nostream-migrate:
image: node:18-alpine3.16
container_name: nostream-migrate
environment:
DB_HOST: nostream-db
DB_PORT: 5432
DB_USER: nostr_ts_relay
DB_PASSWORD: nostr_ts_relay
DB_NAME: nostr_ts_relay
entrypoint:
- sh
- -c
- 'cd code && npm install --no-save --quiet knex@2.4.0 pg@8.8.0 && npx knex migrate:latest'
volumes:
- ./migrations:/code/migrations
- ./knexfile.js:/code/knexfile.js
depends_on:
nostream-db:
condition: service_healthy
networks:
default:
ipv4_address: 10.10.10.254
networks:
default:
name: nostream
ipam:
driver: default
config:
- subnet: 10.10.10.0/24
volumes:
cache:

19
docker-compose/notifiarr/docker-compose.yml Normal file
View File

@@ -0,0 +1,19 @@
version: "2.1"
services:
notifiarr:
container_name: notifiarr
hostname: notifiarr
image: golift/notifiarr
ports:
- "5454:5454"
volumes:
- /docker-containers/notifiarr:/config
- /var/run/utmp:/var/run/utmp
- /etc/machine-id:/etc/machine-id
restart: unless-stopped
networks:
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

26
docker-compose/nzbget/docker-compose.yml Normal file
View File

@@ -0,0 +1,26 @@
version: "2.1"
services:
nzbget:
image: lscr.io/linuxserver/nzbget:latest
container_name: nzbget
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
- NZBGET_USER=yourusername #optional
- NZBGET_PASS=ChangeMe123 #optional
volumes:
- /docker-containers/nzbget:/config
- /unsorted:/downloads #optional
- /docker-containers/swag-letsencrypt/keys/letsencrypt/fullchain.pem:/config/certs/fullchain.pem:r
- /docker-containers/swag-letsencrypt/keys/letsencrypt/privkey.pem:/config/certs/privkey.pem:r
ports:
- 6789:6789
- 6791:6791
restart: unless-stopped
networks:
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

22
docker-compose/ollama/docker-compose.yml Normal file
View File

@@ -0,0 +1,22 @@
services:
ollama:
image: docker.io/ollama/ollama:latest
ports:
- 7869:11434
volumes:
- /docker-containers/ollama/code:/code
- /docker-containers/ollama/data:/root/.ollama
container_name: ollama
pull_policy: always
tty: true
restart: always
environment:
- OLLAMA_KEEP_ALIVE=24h
- OLLAMA_HOST=0.0.0.0
networks:
- homelab
networks:
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

24
docker-compose/ombi/docker-compose.yml Normal file
View File

@@ -0,0 +1,24 @@
version: "2.1"
services:
# Plex Requests basically
ombi:
image: lscr.io/linuxserver/ombi:latest
container_name: ombi
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
- BASE_URL=/ombi #optional
volumes:
- /docker-containers/ombi:/config
ports:
- 3579:3579
restart: always
stdin_open: true
tty: true
networks:
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

16
docker-compose/omni-tools/docker-compose.yml Normal file
View File

@@ -0,0 +1,16 @@
services:
omni-tools:
image: iib0011/omni-tools:latest
container_name: omni-tools
restart: unless-stopped
ports:
- "8489:80"
networks:
homelab:
aliases:
- omnitools # adding multiple aliases under certain network
- omni
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

342
docker-compose/open-assistant/docker-compose.yml Normal file
View File

@@ -0,0 +1,342 @@
version: "3.8"
services:
# Use `docker compose --profile backend-dev up --build --attach-dependencies` to start a database and work and the backend.
# Use `docker compose --profile frontend-dev up --build --attach-dependencies` to start the services needed to work on the frontend. If you want to also run the inference, add a second `--profile inference` argument.
# If you update the containers used by the inference profile, please update inference/README.md. Thank you
# The profile ci is used by CI automations. (i.e E2E testing)
# This DB is for the FastAPI Backend.
db:
platform: "${DB_PLATFORM:-}"
image: ghcr.io/laion-ai/open-assistant/oasst-postgres
pull_policy: always
restart: always
profiles: ["frontend-dev", "backend-dev", "ci", "inference-dev"]
ports:
- 5432:5432
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: postgres
healthcheck:
test: ["CMD", "pg_isready", "-U", "postgres"]
interval: 2s
timeout: 2s
retries: 10
# Redis - caching + rate limiting on BE
redis:
image: redis
restart: always
profiles: ["frontend-dev", "backend-dev", "ci"]
ports:
- 6379:6379
healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
interval: 2s
timeout: 2s
retries: 10
command: redis-server /usr/local/etc/redis/redis.conf
volumes:
- ./redis.conf:/usr/local/etc/redis/redis.conf
# insights host - redis:6379
redis-insights:
image: redislabs/redisinsight:latest
profiles: ["backend-dev"]
ports:
- 8001:8001
# This DB is for Web Authentication and data caching.
webdb:
image: postgres
restart: always
profiles: ["frontend-dev", "ci", "inference-dev"]
ports:
- 5433:5432
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: oasst_web
healthcheck:
test: ["CMD", "pg_isready", "-U", "postgres"]
interval: 2s
timeout: 2s
retries: 10
# This lets you manually inspect the web and backend databases.
adminer:
image: adminer
restart: always
profiles: ["frontend-dev", "backend-dev"]
ports:
- 8089:8080
# This fakes an SMTP email server used by website authentication.
# User registration emails can be found by going to localhost:1080 and
# opening the emails listed.
maildev:
image: maildev/maildev
restart: always
profiles: ["frontend-dev", "ci"]
environment:
- MAILDEV_WEB_PORT=1080
- MAILDEV_SMTP_PORT=1025
ports:
- "1080:1080"
- "1025:1025"
# The oassist backend service.
backend:
build:
dockerfile: docker/Dockerfile.backend
context: .
image: oasst-backend
environment:
- POSTGRES_HOST=db
- REDIS_HOST=redis
- DEBUG_USE_SEED_DATA=True
- DEBUG_ALLOW_SELF_LABELING=True
- MAX_WORKERS=1
- DEBUG_SKIP_TOXICITY_CALCULATION=False
- DEBUG_SKIP_EMBEDDING_COMPUTATION=False
- CELERY_BROKER_URL=redis://redis:6379/0
- CELERY_RESULT_BACKEND=redis://redis:6379/0
depends_on:
db:
condition: service_healthy
profiles: ["frontend-dev", "ci", "inference-dev"]
ports:
- "8080:8080"
# The oassist backend celery worker service.
backend-worker:
build:
dockerfile: docker/Dockerfile.backend-worker
context: .
command: celery -A oasst_backend.celery_worker worker -l info -E
image: oasst-backend-worker
environment:
- CELERY_BROKER_URL=redis://redis:6379/0
- CELERY_RESULT_BACKEND=redis://redis:6379/0
- POSTGRES_HOST=db
- REDIS_HOST=redis
- MAX_WORKERS=1
depends_on:
db:
condition: service_healthy
redis:
condition: service_healthy
profiles: ["frontend-dev", "ci"]
# The oassist backend celery worker service.
backend-worker-beat:
build:
dockerfile: docker/Dockerfile.backend-worker
context: .
command: celery -A oasst_backend.celery_worker beat -l INFO
image: oasst-backend-worker-beat
environment:
- CELERY_BROKER_URL=redis://redis:6379/0
- CELERY_RESULT_BACKEND=redis://redis:6379/0
- POSTGRES_HOST=db
- REDIS_HOST=redis
- MAX_WORKERS=1
depends_on:
db:
condition: service_healthy
redis:
condition: service_healthy
profiles: ["frontend-dev", "ci"]
# The oassist web service.
web:
build:
dockerfile: docker/Dockerfile.website
context: .
image: oasst-web
environment:
- CLOUDFLARE_CAPTCHA_SECRET_KEY=1x0000000000000000000000000000000AA
- CLOUDFARE_CAPTCHA_SITE_KEY=1x00000000000000000000AA
- DATABASE_URL=postgres://postgres:postgres@webdb/oasst_web
- FASTAPI_URL=http://backend:8080
- FASTAPI_KEY=1234
- NEXTAUTH_SECRET=O/M2uIbGj+lDD2oyNa8ax4jEOJqCPJzO53UbWShmq98=
- EMAIL_SERVER_HOST=maildev
- EMAIL_SERVER_PORT=1025
- EMAIL_FROM=info@example.com
- ENABLE_EMAIL_SIGNIN=true
- ENABLE_EMAIL_SIGNIN_CAPTCHA=false
- NEXTAUTH_URL=http://localhost:3000
- DEBUG_LOGIN=true
- INFERENCE_SERVER_HOST=http://inference-server:8000
- ENABLE_CHAT=true
- ENABLE_DRAFTS_WITH_PLUGINS=false
- NUM_GENERATED_DRAFTS=3
depends_on:
webdb:
condition: service_healthy
ports:
- "3000:3000"
command: bash wait-for-postgres.sh node server.js
profiles: ["ci"]
# This DB is for Inference
inference-db:
image: postgres
restart: always
ports:
- 5434:5432
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: oasst_inference
healthcheck:
test: ["CMD", "pg_isready", "-U", "postgres"]
interval: 2s
timeout: 2s
retries: 10
profiles: ["inference"]
inference-redis:
image: redis
restart: always
profiles: ["inference"]
ports:
- 6389:6379
healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
interval: 2s
timeout: 2s
retries: 10
command: redis-server /usr/local/etc/redis/redis.conf
volumes:
- ./redis.conf:/usr/local/etc/redis/redis.conf
inference-server:
build:
dockerfile: docker/inference/Dockerfile.server
context: .
target: dev
image: oasst-inference-server:dev
environment:
PORT: 8000
REDIS_HOST: inference-redis
POSTGRES_HOST: inference-db
POSTGRES_DB: oasst_inference
DEBUG_API_KEYS: "0000"
TRUSTED_CLIENT_KEYS: "6969"
ALLOW_DEBUG_AUTH: "True"
API_ROOT: "http://localhost:8000"
volumes:
- "./oasst-shared:/opt/inference/lib/oasst-shared"
- "./inference/server:/opt/inference/server"
restart: unless-stopped
ports:
- "8000:8000"
depends_on:
inference-redis:
condition: service_healthy
inference-db:
condition: service_healthy
profiles: ["inference"]
inference-worker:
build:
dockerfile: docker/inference/Dockerfile.worker-full
context: .
image: oasst-inference-worker:dev
environment:
API_KEY: "0000"
MODEL_CONFIG_NAME: ${MODEL_CONFIG_NAME:-distilgpt2}
BACKEND_URL: "ws://inference-server:8000"
PARALLELISM: 2
volumes:
- "./oasst-shared:/opt/inference/lib/oasst-shared"
- "./inference/worker:/opt/inference/worker"
deploy:
replicas: 1
profiles: ["inference"]
inference-safety:
build:
dockerfile: docker/inference/Dockerfile.safety
context: .
image: oasst-inference-safety:dev
environment:
PORT: 8002
volumes:
- "./oasst-shared:/opt/inference/lib/oasst-shared"
- "./inference/safety:/opt/inference/safety"
profiles: ["inference-safety"]
prometheus:
image: prom/prometheus
container_name: prometheus
command:
- "--config.file=/etc/prometheus/prometheus.yml"
ports:
- 9090:9090
restart: unless-stopped
volumes:
- ${PWD}/docker/prometheus:/etc/prometheus
- prom_data:/prometheus
profiles: ["observability"]
grafana:
image: grafana/grafana
container_name: grafana
ports:
- 2000:2000
restart: unless-stopped
environment:
- GF_SECURITY_ADMIN_USER=admin
- GF_SECURITY_ADMIN_PASSWORD=grafana
- GF_SERVER_HTTP_PORT=2000
volumes:
- ${PWD}/docker/grafana/datasources:/etc/grafana/provisioning/datasources
- ${PWD}/docker/grafana/dashboards/dashboard.yaml:/etc/grafana/provisioning/dashboards/main.yaml
- ${PWD}/docker/grafana/dashboards:/var/lib/grafana/dashboards
profiles: ["observability"]
netdata:
image: netdata/netdata
container_name: netdata
pid: host
hostname: oasst-netdata
ports:
- 19999:19999
restart: unless-stopped
cap_add:
- SYS_PTRACE
- SYS_ADMIN
security_opt:
- apparmor:unconfined
volumes:
- netdataconfig:/etc/netdata
- netdatalib:/var/lib/netdata
- netdatacache:/var/cache/netdata
- /etc/passwd:/host/etc/passwd:ro
- /etc/group:/host/etc/group:ro
- /proc:/host/proc:ro
- /sys:/host/sys:ro
- /etc/os-release:/host/etc/os-release:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${PWD}/docker/netdata/go.d/redis.conf:/etc/netdata/go.d/redis.conf
- ${PWD}/docker/netdata/go.d/postgres.conf:/etc/netdata/go.d/postgres.conf
- ${PWD}/docker/netdata/go.d/prometheus.conf:/etc/netdata/go.d/prometheus.conf
environment:
# useful if want to claim monitoring agents into https://www.netdata.cloud/
# else ignore or leave blank to just use local netdata dashboards as localhost:19999
- NETDATA_CLAIM_TOKEN=${NETDATA_CLAIM_TOKEN:-}
- NETDATA_CLAIM_URL=https://app.netdata.cloud
profiles: ["observability"]
volumes:
prom_data:
netdataconfig:
netdatalib:
netdatacache:

56
docker-compose/open-webui/docker-compose.yml Normal file
View File

@@ -0,0 +1,56 @@
version: "3.8"
services:
open-webui:
image: ghcr.io/open-webui/open-webui:v0.6.36
container_name: open-webui
restart: unless-stopped
ports:
- "3030:8080"
environment:
- GLOBAL_LOG_LEVEL=DEBUG
- MODEL_SERVER_URL=http://ollama:11434
- PROVIDER=ollama,openai
- OPENAI_API_KEY=YourAPIKEY
# This variable is required to be set, otherwise you may experience Websocket issues, doesn't fix my issues tho
- CORS_ALLOW_ORIGIN=https://open-webui.example.com;https://example.com;http://open-webui;http://open-webui:8080;https://open-webui:8080;http://192.168.1.239;http://192.168.1.239:3030;http://localhost:3030;http://192.168.1.1:80;http://192.168.1.1:443
- WEBUI_URL=https://open-webui.example.com;https://example.com;http://open-webui;http://open-webui:8080;https://open-webui:8080;http://192.168.1.239;http://192.168.1.239:3030;http://localhost:3030;http://192.168.1.1:80;http://192.168.1.1:443
# - ENABLE_WEBSOCKET_SUPPORT=false # didn't work, default true
# - WEBUI_AUTH=false # can't be any users in db
# Required for multi-worker/multi-instance deployments
- REDIS_URL=redis://redis-valkey-webui:6379/0
# Required for websocket support
- WEBSOCKET_MANAGER=redis
- WEBSOCKET_REDIS_URL=redis://redis-valkey-webui:6379/1
volumes:
- /docker-containers/open-webui/data:/app/backend/data
extra_hosts:
- "host.docker.internal:host-gateway"
networks: # Specify network for container
homelab:
aliases:
- openwebui # adding multiple aliases under certain network
- open-wui
openwebui_net:
aliases:
- openwebui_internal
depends_on:
- redis-valkey-webui
redis-valkey-webui:
image: redis:7
container_name: redis-valkey-webui
restart: unless-stopped
networks:
- openwebui_net
networks:
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one
openwebui_net:
name: openwebui_net
external: false

16
docker-compose/openbooks/docker-compose.yml Normal file
View File

@@ -0,0 +1,16 @@
version: '3.3'
services:
openbooks:
ports:
- '8080:80'
volumes:
- 'booksVolume:/books'
restart: unless-stopped
container_name: OpenBooks
command: --name prodigious --persist
environment:
- BASE_PATH=/openbooks/
image: evanbuss/openbooks:latest
volumes:
booksVolume:

16
docker-compose/organizr/docker-compose.yml Normal file
View File

@@ -0,0 +1,16 @@
---
version: "2.1"
services:
organizr:
image: organizr/organizr
container_name: organizr
environment:
- branch=v2-master
- PUID=1000
- PGID=1003
- TZ=GMT-5
volumes:
- /docker-containers/organizr:/config
ports:
- 9983:80
restart: unless-stopped

17
docker-compose/paperless-ng/docker-compose.yml Normal file
View File

@@ -0,0 +1,17 @@
---
version: "2.1"
services:
paperless-ng:
image: lscr.io/linuxserver/paperless-ng:latest
container_name: paperless-ng
environment:
- PUID=1000
- PGID=1000
- TZ=America/New_York
- REDIS_URL= #optional
volumes:
- </path/to/appdata/config>:/config
- </path/to/appdata/data>:/data
ports:
- 8000:8000
restart: unless-stopped

25
docker-compose/phpmyadmin/docker-compose.yml Normal file
View File

@@ -0,0 +1,25 @@
---
version: "2.1"
services:
phpmyadmin:
image: lscr.io/linuxserver/phpmyadmin:latest
container_name: phpmyadmin
environment:
- PUID=1000
- PGID=1000
- TZ=America/New_York
- PMA_ARBITRARY=1 #optional
- PMA_ABSOLUTE_URI=https://phpmyadmin.example.com #optional
volumes:
- /docker-containers/phpmyadmin:/config
ports:
- 8008:8008
restart: unless-stopped
phpmyadmin:
image: phpmyadmin
restart: always
ports:
- 8080:80
environment:
- PMA_ARBITRARY=1

18
docker-compose/picard/docker-compose.yml Normal file
View File

@@ -0,0 +1,18 @@
version: '3'
services:
picard:
image: mikenye/picard:latest
ports:
- "5801:5800"
volumes:
- "/docker-containers/picard/config:/config:rw"
- "/Music:/storage:rw"
# restart: unless-stopped # disabled to see if something shows
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

24
docker-compose/pidgin/docker-compose.yml Normal file
View File

@@ -0,0 +1,24 @@
---
version: "2.1"
services:
pidgin:
image: lscr.io/linuxserver/pidgin:latest
container_name: pidgin
security_opt:
- seccomp:unconfined #optional
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
volumes:
- /docker-containers/pidgin:/config
ports:
- 3420:3000
- 3421:3001
restart: unless-stopped
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
# name: homelab # Networks can also be given a custom name, not needed if existing
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

25
docker-compose/plex-image-cleanup/docker-compose.yml Normal file
View File

@@ -0,0 +1,25 @@
version: "2.1"
services:
plex-image-cleanup:
image: meisnate12/plex-image-cleanup
container_name: plex-image-cleanup
environment:
- TZ=America/New_York
- SCHEDULE=00:33|monthly(1)
- PLEX_URL=http://plex:32400
- PLEX_TOKEN=PlexToken
- DISCORD=https://discord.com/api/webhooks/YourDiscordServerID/YourDiscordToken
- TIMEOUT=600
- MODE=remove
volumes:
- /docker-containers/plex-image-cleanup/config:/config
- /docker-containers/plex/Library/Application Support/Plex Media Server/:/plex
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

45
docker-compose/plex/docker-compose.yml Normal file
View File

@@ -0,0 +1,45 @@
---
version: "2.1"
services:
plex:
image: lscr.io/linuxserver/plex:latest
container_name: plex
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
- VERSION=docker
- PLEX_CLAIM=YourClaimString
volumes:
- /docker-containers/plex:/config
- /TvShows:/tv
- /Music:/music
- /Movies:/movies
- /Videos:/videos
- /Pictures:/pictures
- /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/fullchain.pem:/rcs1/certs/fullchain.pem:r
- /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/privkey.pem:/rcs1/certs/privkey.pem:r
devices:
- /dev/dri/renderD128:/dev/dri/renderD128
ports:
- 32400:32400
- 33400:33400 # webtools shit
- 1900:1900/udp
- 3005:3005
#- 5353:5353/udp #bonjour shit
- 8324:8324
- 32410:32410/udp
- 32412:32412/udp
- 32413:32413/udp
- 32414:32414/udp
- 32469:32469
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
# name: homelab # Networks can also be given a custom name, not needed if existing
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

47
docker-compose/pms-docker/docker-compose.yml Normal file
View File

@@ -0,0 +1,47 @@
#Updated slowly it seems so I tend not to use. Beta hasn't been updated in 3 years but that may be a mistake in transparency I suppose.
---
version: "2.1"
services:
plex:
image: plexinc/pms-docker/plex:beta
container_name: plex
environment:
- PLEX_UID=1000
- PLEX_GID=1006
- TZ=America/New_York
- VERSION=docker
- PLEX_CLAIM=YourClaimString
- ADVERTISE_IP="http://192.168.1.185:32400/,https://plex.example.com/"
- ALLOWED_NETWORKS="192.168.1.1/24" # Allow access to the server without requiring authorization.
volumes:
- /docker-containers/plex:/config
- /TvShows:/tv
- /Music:/music
- /Movies:/movies
- /Videos:/videos
- /Pictures:/pictures
- /docker-containers/swag-letsencrypt/keys/letsencrypt/fullchain.pem:/rcs1/certs/fullchain.pem:r
- /docker-containers/swag-letsencrypt/keys/letsencrypt/privkey.pem:/rcs1/certs/privkey.pem:r
devices:
- /dev/dri:/dev/dri # not sure if supported, should be HW
ports:
- 32400:32400
- 1900:1900/udp
- 3005:3005
#- 5353:5353/udp #bonjour shit
- 8324:8324
- 32410:32410/udp
- 32412:32412/udp
- 32413:32413/udp
- 32414:32414/udp
- 32469:32469
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
# name: homelab # Networks can also be given a custom name, not needed if existing
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

21
docker-compose/podgrab/docker-compose.yml Normal file
View File

@@ -0,0 +1,21 @@
version: "2.1"
services:
podgrab:
image: akhilrex/podgrab
container_name: podgrab
environment:
- CHECK_FREQUENCY=240
#- PASSWORD=ChangeMe123 ## Uncomment to enable basic authentication, username = podgrab
volumes:
- /docker-containers/podgrab:/config
- /Music/Podcasts:/assets
ports:
- 8182:8080
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

50
docker-compose/portainer-be/docker-compose.yml Normal file
View File

@@ -0,0 +1,50 @@
# version: '3' Supposedly obsolete now..
services:
portainer:
image: portainer/portainer-ee:sts # latest didnt pull docker pull portainer/portainer-ee:2.20.1 now sts to get 2.20.2 and newer versions of it
container_name: portainer
command: -H unix:///var/run/docker.sock
restart: unless-stopped
environment:
- VIRTUAL_HOST=portainer.example.com
- VIRTUAL_PORT=9000
security_opt:
- no-new-privileges:true
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /usr/share/zoneinfo/America/New_York:/etc/localtime
#- /docker-containers/portainer-be:/data # old location
- /docker-containers/portainer-be:/data
ports:
- 8000:8000 # new Portainer port I think
- 9443:9443 # SSL port for Portainer Business Edition
- 9110:9000 # Legacy Portainer CE version port 9k reflected 9110
# If referencing by container name for ip, use internal port not external (reverse proxy)
stdin_open: true # docker run -i #interactive
tty: true # docker run -t #ttyl
networks:
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
default:
homelab:
name: homelab # Networks can also be given a custom name, needs to be created if isn't already.
# a network with name homelab exists but was not created by compose.\\nSet `external: true` to use an existing network
external: true # This option causes compose to join the above network instead of making a _default one, if not created already could be issues
#enable_ipv6: true
# Save for later, think because it's already initialized this caused trouble starting out of nowhere.
# Also need to make network attachable somehow, think this is the thing you can't do in compose when creating a network, may not be needed though.
# # We will name the network instead of letting docker do something random
# driver: bridge # Making the above network macvlan
# driver_opts: # driver options to use
# parent: enp3s0 # usually eth0 or eth1 but not always, used enp3s0 and enp4s0, had to delete /var/lib/docker/network/files/local-kv.db because phantom network
# ipam:
# config:
# - subnet: "172.69.0.0/24" # Private range to initialize homelab possibly?
# # gateway: "192.168.1.1" #host will eventually route to router, or just go direct
# # - subnet: "2605:a601:9132:d100:2::/80" # dual subnet ipv6, has to match router subnet unfortunately for external connections like samsung tv
# # gateway: "2605:a601:9132:d100:2:ffff:ffff:ffff" #this needs to be router(ish)
# # external: true

28
docker-compose/portainer-ce/docker-compose.yml Normal file
View File

@@ -0,0 +1,28 @@
version: '3'
services:
portainer:
image: portainer/portainer-ce:latest
container_name: portainer
restart: unless-stopped
security_opt:
- no-new-privileges:true
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- /docker-containers/portainer-ce:/data
ports:
- 9110:9000 # If referencing by container name for ip, use internal port not external (reverse proxy)
stdin_open: true # docker run -i #interactive
tty: true # docker run -t #ttyl
networks:
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
# some-network:
# aliases: # Example
# - alias1 # Example
# - alias3 # Example
default:
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

41
docker-compose/postgres/docker-compose.yml Normal file
View File

@@ -0,0 +1,41 @@
# Use postgres/example user/password credentials
version: '3.9'
services:
postgres:
image: postgres:16
container_name: postgres
restart: always
# set shared memory limit when using docker-compose
shm_size: 128mb
# or set shared memory limit when deploy via swarm stack
#volumes:
# - type: tmpfs
# target: /dev/shm
# tmpfs:
# size: 134217728 # 128*2^20 bytes = 128Mb
environment:
POSTGRES_USER: yourusername
POSTGRES_PASSWORD: PostgresChangeMe123!
volumes:
# Mount the folder where your PostgreSQL database files should land
- /docker-containers/postgres/db:/var/lib/postgresql/data
networks:
homelab:
aliases:
- postgress # how to add multiple aliases
- postgressql
adminer:
image: adminer
container_name: adminer
restart: always
ports:
- 8389:8080
networks:
homelab:
aliases:
- postgresgui # how to add multiple aliases
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab: # Sub-section, any network name or 'default' to edit default one created
external: true # This option causes compose to join the above network instead of making a _default one

84
docker-compose/postiz/docker-compose.yml Normal file
View File

@@ -0,0 +1,84 @@
services:
postiz:
image: ghcr.io/gitroomhq/postiz-app:latest
container_name: postiz
restart: always
environment:
# You must change these. Replace `postiz.your-server.com` with your DNS name - this needs to be exactly the URL you're accessing Postiz on.
MAIN_URL: "https://postiz.your-server.com"
FRONTEND_URL: "https://postiz.your-server.com"
NEXT_PUBLIC_BACKEND_URL: "https://postiz.your-server.com/api"
JWT_SECRET: "random string that is unique to every install - just type random characters here!"
# These defaults are probably fine, but if you change your user/password, update it in the
# postiz-postgres or postiz-redis services below.
DATABASE_URL: "postgresql://postiz-user:postiz-password@postiz-postgres:5432/postiz-db-local"
REDIS_URL: "redis://postiz-redis:6379"
BACKEND_INTERNAL_URL: "http://localhost:3000"
IS_GENERAL: "true" # Required for self-hosting.
DISABLE_REGISTRATION: "false" # Only allow single registration, then disable signup
# The container images are pre-configured to use /uploads for file storage.
# You probably should not change this unless you have a really good reason!
STORAGE_PROVIDER: "local"
UPLOAD_DIRECTORY: "/uploads"
NEXT_PUBLIC_UPLOAD_DIRECTORY: "/uploads"
volumes:
- postiz-config:/config/
- postiz-uploads:/uploads/
ports:
- 5000:5000
networks:
- postiz-network
depends_on:
postiz-postgres:
condition: service_healthy
postiz-redis:
condition: service_healthy
postiz-postgres:
image: postgres:17-alpine
container_name: postiz-postgres
restart: always
environment:
POSTGRES_PASSWORD: postiz-password
POSTGRES_USER: postiz-user
POSTGRES_DB: postiz-db-local
volumes:
- postgres-volume:/var/lib/postgresql/data
networks:
- postiz-network
healthcheck:
test: pg_isready -U postiz-user -d postiz-db-local
interval: 10s
timeout: 3s
retries: 3
postiz-redis:
image: redis:7.2
container_name: postiz-redis
restart: always
healthcheck:
test: redis-cli ping
interval: 10s
timeout: 3s
retries: 3
volumes:
- postiz-redis-data:/data
networks:
- postiz-network
volumes:
postgres-volume:
external: false
postiz-redis-data:
external: false
postiz-config:
external: false
postiz-uploads:
external: false
networks:
postiz-network:
external: false

20
docker-compose/prometheus/docker-compose.yml Normal file
View File

@@ -0,0 +1,20 @@
---
version: "3"
services:
prometheus:
image: prom/prometheus
container_name: prometheus
volumes:
- /docker-containers/prometheus:/etc/prometheus
- /docker-containers/prometheus/configs:/prometheus
ports:
- 9090:9090
restart: unless-stopped
stdin_open: true # to attach to containers
tty: true # also used to attach to containers
# network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
networks: # Specify network for container
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
homelab:
external: true # This option causes compose to join the above network instead of making a _default one (supposedly)

28
docker-compose/prowlarr/docker-compose.yml Normal file
View File

@@ -0,0 +1,28 @@
version: "2.1"
services:
# Indexer for torrent sites
prowlarr:
image: lscr.io/linuxserver/prowlarr:develop
container_name: prowlarr
environment:
- PUID=1000
- PGID=1006
- TZ=America/New_York
volumes:
- /docker-containers/prowlarr:/config
ports:
- 9696:9696
restart: unless-stopped
stdin_open: true
tty: true
networks:
- homelab
networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area..
# some-network:
# aliases: # Example
# - alias1 # Example
# - alias3 # Example
homelab:
name: homelab # Networks can also be given a custom name
external: true # This option causes compose to join the above network instead of making a _default one

Some files were not shown because too many files have changed in this diff Show More