renovate-bot
f80c850454
Renovate PR Deployment / Renovate PR Deployment (pull_request) Failing after 28m1s
Gitea Branch PR & Docker Deployment / Check and Create PR (push) Failing after 29m0s
Gitea Branch PR & Docker Deployment / Generate list of added/modified/deleted services (push) Has been skipped
Gitea Branch PR & Docker Deployment / Docker Compose Dry Run (push) Has been skipped
Gitea Branch PR & Docker Deployment / PR Merge (push) Has been skipped
Gitea Branch PR & Docker Deployment / Docker Compose Deployment (push) Has been skipped
199 lines
7.2 KiB
YAML
199 lines
7.2 KiB
YAML
name: aranea
|
|
services:
|
|
beszel-agent:
|
|
container_name: beszel-agent
|
|
environment:
|
|
LISTEN: 45876
|
|
KEY: ${BESZEL_ARANEA_AGENT_KEY}
|
|
TOKEN: ${BESZEL_ARANEA_TOKEN}
|
|
HUB_URL: http://192.168.1.254:22220
|
|
expose:
|
|
- 45876
|
|
image: henrygd/beszel-agent:latest@sha256:8874e2c53f9de5e063a6a80d6b617e20fa593ac5dc4eb4c6ce1f912f510f38f8
|
|
network_mode: host
|
|
restart: unless-stopped
|
|
volumes:
|
|
- beszel-agent-data:/var/lib/beszel-agent
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
- /dev/mmcblk0:/extra-filesystems/dev/mmcblk0:ro
|
|
# Dagu control-plane: Coordinator (gRPC) for distributed workers
|
|
dagu-coordinator:
|
|
container_name: dagu-coordinator
|
|
image: ghcr.io/dagucloud/dagu:latest@sha256:9a9c0dc0727b0779e4d568dc46c5618cbc3ae94e576b02264f021baa8c753e0e
|
|
command: ["dagu", "coordinator"]
|
|
environment:
|
|
# Peer config: insecure by default; set TLS envs if needed
|
|
DAGU_PEER_INSECURE: true
|
|
# Bind and advertise on container IP/DNS so workers can reach it
|
|
DAGU_COORDINATOR_HOST: dagu-coordinator
|
|
DAGU_COORDINATOR_PORT: 50055
|
|
ports:
|
|
- "50055:50055"
|
|
volumes:
|
|
- dagu-data:/var/lib/dagu
|
|
- ${ARANEA_DOCKER_DIR}/dagu/dags:/var/lib/dagu/dags:ro
|
|
# Dagu scheduler service (reads DAGs and enqueues runs)
|
|
dagu-scheduler:
|
|
container_name: dagu-scheduler
|
|
image: ghcr.io/dagucloud/dagu:latest@sha256:9a9c0dc0727b0779e4d568dc46c5618cbc3ae94e576b02264f021baa8c753e0e
|
|
command: ["dagu", "scheduler"]
|
|
environment:
|
|
- DAGU_COORDINATOR_HOST=dagu-coordinator
|
|
- DAGU_COORDINATOR_PORT=50055
|
|
- DAGU_SCHEDULER_PORT=8090
|
|
- DAGU_DAGS_DIR=/var/lib/dagu/dags
|
|
# Optional: set timezone, logging, etc
|
|
# - DAGU_TZ=UTC
|
|
# - DAGU_LOG_FORMAT=json
|
|
depends_on:
|
|
- dagu-coordinator
|
|
ports:
|
|
- "8090:8090" # Scheduler health
|
|
volumes:
|
|
- dagu-data:/var/lib/dagu
|
|
- ${ARANEA_DOCKER_DIR}/dagu/dags:/var/lib/dagu/dags:ro
|
|
# Dagu web UI / API server
|
|
dagu-server:
|
|
container_name: dagu-server
|
|
image: ghcr.io/dagucloud/dagu:latest@sha256:9a9c0dc0727b0779e4d568dc46c5618cbc3ae94e576b02264f021baa8c753e0e
|
|
command: ["dagu", "server"]
|
|
environment:
|
|
DAGU_COORDINATOR_HOST: dagu-coordinator
|
|
DAGU_COORDINATOR_PORT: 50055
|
|
DAGU_HOST: 0.0.0.0
|
|
DAGU_PORT: 8080
|
|
DAGU_DAGS_DIR: /var/lib/dagu/dags
|
|
# Builtin authentication (RBAC) CHANGE TOKEN_SECRET IN PRODUCTION
|
|
DAGU_AUTH_MODE: builtin
|
|
# Token secret: auto-generated if not set (persisted to {dataDir}/auth/token_secret)
|
|
# DAGU_AUTH_TOKEN_SECRET: your-secure-random-secret
|
|
# First admin account created via /setup page on first browser visit
|
|
# DAGU_AUTH_TOKEN_TTL: 24h # default is 24h
|
|
# If behind a proxy, set base path
|
|
# DAGU_BASE_PATH: /dagu
|
|
depends_on:
|
|
- dagu-scheduler
|
|
- dagu-coordinator
|
|
ports:
|
|
- "8080:8080"
|
|
volumes:
|
|
- dagu-data:/var/lib/dagu
|
|
- ${ARANEA_DOCKER_DIR}/dagu/dags:/var/lib/dagu/dags:ro
|
|
# Dagu worker (polls coordinator and executes tasks)
|
|
dagu-worker:
|
|
container_name: dagu-worker
|
|
image: ghcr.io/dagucloud/dagu:latest@sha256:9a9c0dc0727b0779e4d568dc46c5618cbc3ae94e576b02264f021baa8c753e0e
|
|
command: ["dagu", "worker"]
|
|
environment:
|
|
DAGU_COORDINATOR_HOST: dagu-coordinator
|
|
DAGU_COORDINATOR_PORT: 50055
|
|
# Optional worker tuning and labels
|
|
# - DAGU_WORKER_MAX_ACTIVE_RUNS=100
|
|
# - DAGU_WORKER_LABELS=region=us-east-1,instance-type=m5.large
|
|
# OTel: point DAGs to collector via per-DAG otel.endpoint: "otel-collector:4317"
|
|
depends_on:
|
|
- dagu-coordinator
|
|
volumes:
|
|
- dagu-data:/var/lib/dagu
|
|
# Workers typically don't need DAG definitions, but sharing is harmless
|
|
- ${ARANEA_DOCKER_DIR}/dagu/dags:/var/lib/dagu/dags:ro
|
|
docker-socket-proxy:
|
|
container_name: dockerproxy
|
|
environment:
|
|
AUTH: 1
|
|
BUILD: 1
|
|
COMMIT: 1
|
|
CONFIGS: 1
|
|
CONTAINERS: 1
|
|
DISTRIBUTION: 1
|
|
EVENTS: 1
|
|
EXEC: 1
|
|
GPRC: 1
|
|
IMAGES: 1
|
|
INFO: 1
|
|
NETWORKS: 1
|
|
NODES: 1
|
|
POST: 1
|
|
PLUGINS: 1
|
|
SERVICES: 1
|
|
SESSION: 1
|
|
SYSTEM: 1
|
|
TASKS: 1
|
|
VOLUMES: 1
|
|
LOG_LEVEL: debug
|
|
image: ghcr.io/tecnativa/docker-socket-proxy:latest@sha256:1f3a6f303320723d199d2316a3e82b2e2685d86c275d5e3deeaf182573b47476
|
|
ports:
|
|
- 2375:2375
|
|
privileged: true
|
|
restart: unless-stopped
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
frigate:
|
|
container_name: frigate
|
|
environment:
|
|
FRIGATE_RTSP_PASSWORD: ${FRIGATE_RTSP_PASSWORD}
|
|
privileged: true # this may not be necessary for all setups
|
|
restart: unless-stopped
|
|
stop_grace_period: 30s # allow enough time to shut down the various services
|
|
image: ghcr.io/blakeblackshear/frigate:stable@sha256:1724960349dad0bd2ae8ec884171a6fd5755a4dc242a0e66cadbda9c0e85c99b
|
|
shm_size: "512mb" # update for your cameras based on calculation above
|
|
devices:
|
|
# - /dev/bus/usb:/dev/bus/usb # Passes the USB Coral, needs to be modified for other versions
|
|
# - /dev/apex_0:/dev/apex_0 # Passes a PCIe Coral, follow driver instructions here https://github.com/jnicolson/gasket-builder
|
|
- /dev/video11:/dev/video11 # For Raspberry Pi 4B
|
|
# - /dev/dri/renderD128:/dev/dri/renderD128 # AMD / Intel GPU, needs to be updated for your hardware
|
|
# - /dev/accel:/dev/accel # Intel NPU
|
|
volumes:
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- ${ARANEA_DOCKER_DIR}/frigate/config:/config
|
|
- ${ARANEA_DOCKER_DIR}/frigate/media:/media/frigate
|
|
- type: tmpfs # 1GB In-memory filesystem for recording segment storage
|
|
target: /tmp/cache
|
|
tmpfs:
|
|
size: 1000000000
|
|
ports:
|
|
- "8971:8971"
|
|
- "5000:5000" # Internal unauthenticated access. Expose carefully.
|
|
- "8554:8554" # RTSP feeds
|
|
- "8555:8555/tcp" # WebRTC over tcp
|
|
- "8555:8555/udp" # WebRTC over udp
|
|
snapcast-client:
|
|
image: docker.io/sweisgerber/snapcast:latest@sha256:80d67d18ac21dad6c3c2ff0eca3d37a299113146aee14b49e221a3e242a3049c
|
|
hostname: snapcast-client
|
|
container_name: snapcast-client
|
|
environment:
|
|
PUID: ${PUID}
|
|
PGID: ${PGID}
|
|
HOST_AUDIO_GROUP: 29
|
|
START_SNAPCLIENT: true
|
|
SNAPCLIENT_OPTS: --soundcard 1 tcp://192.168.1.252:1704
|
|
TZ: ${TZ}
|
|
restart: "unless-stopped"
|
|
devices:
|
|
- /dev/snd:/dev/snd # optional, only if you want to use snapclient
|
|
portainer-agent:
|
|
container_name: portainer_agent
|
|
image: portainer/agent:latest@sha256:dc0e8285f8b4c105c3237f1cc0022f92dd265c53ced5f53b9ce7c9741144e879
|
|
volumes:
|
|
- /:/host
|
|
- /var/lib/docker/volumes:/var/lib/docker/volumes
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
restart: always
|
|
ports:
|
|
- 9001:9001
|
|
signoz-logspout:
|
|
command: signoz://192.168.1.254:8082
|
|
container_name: signoz-logspout
|
|
environment:
|
|
ENV: prod
|
|
SIGNOZ_LOG_ENDPOINT: http://192.168.1.254:8082
|
|
image: pavanputhra/logspout-signoz@sha256:6da8ce12279a5262de8b2d5c083ce82d4c878c4eab702b4d328afe147ed7553b
|
|
restart: unless-stopped
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
volumes:
|
|
beszel-agent-data:
|
|
name: beszel-agent-data
|
|
dagu-data:
|
|
name: dagu-data
|