diff --git a/.gitea/workflows/pr-docker-deploy.yml b/.gitea/workflows/pr-docker-deploy.yml index 4208fba..73ed70b 100644 --- a/.gitea/workflows/pr-docker-deploy.yml +++ b/.gitea/workflows/pr-docker-deploy.yml @@ -199,9 +199,59 @@ jobs: notification_title: 'GITEA: Docker Compose Dry Run @ Rikku' notification_message: 'Docker Compose dry run completed successfully.' + regenerate-readme-modified-services: + name: Update README & Generate List of Modified Services + runs-on: ubuntu-latest + needs: [docker-compose-dry-run] + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install yq + uses: dcarbone/install-yq-action@v1 + + - name: Gotify Notification + uses: eikendev/gotify-action@master + with: + gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}' + notification_title: 'GITEA: README Update' + notification_message: 'Updating README...' + + - name: Generate service list + run: | + yq '.services | to_entries | map({"service": .key, "image": .value.image})' docker-compose.yml > services.yml + + - name: Generate Markdown Table + uses: gazab/create-markdown-table@v1 + id: service-table + with: + file: ./services.yml + + - name: Regenerate README + run: | + echo "# List of Services" > README.md + echo -e "\n\n" >> README.md + echo "${{ steps.service-table.outputs.table }}" >> README.md + + - name: Add/Commit README.md + id: commit-readme + uses: EndBug/add-and-commit@v9 + with: + message: "chore: Update README" + add: "README.md" + + - name: Gotify Notification + uses: eikendev/gotify-action@master + with: + gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}' + notification_title: 'GITEA: README Update' + notification_message: 'README updated' + pr-merge: name: PR Merge - needs: [generate-service-list, docker-compose-dry-run] + needs: [generate-service-list, docker-compose-dry-run, regenerate-readme-modified-services] runs-on: ubuntu-latest steps: - name: Checkout @@ -300,6 +350,17 @@ jobs: registry_pass: ${{ secrets.GHCR_LOGIN_TOKEN }} summary: true + - name: Docker Compose Healthcheck + uses: jaracogmbh/docker-compose-health-check-action@v1.0.0 + env: + DOCKER_HOST: tcp://192.168.1.252:2375 + with: + max-retries: 30 + retry-interval: 10 + compose-file: "docker-compose.yml" + skip-exited: "true" + skip-no-healthcheck: "true" + - name: Gotify Notification uses: eikendev/gotify-action@master with: diff --git a/README.md b/README.md new file mode 100644 index 0000000..9d37d19 --- /dev/null +++ b/README.md @@ -0,0 +1,19 @@ +# List of Services + + + +| Service | Image | +| --- | --- | +| adguard | adguard/adguardhome:v0.107.65 | +| beszel-agent | henrygd/beszel-agent:0.12.7 | +| castsponsorskip | ghcr.io/gabe565/castsponsorskip:0.8.2 | +| docker-socket-proxy | ghcr.io/tecnativa/docker-socket-proxy:latest | +| dockflare | alplat/dockflare:stable | +| ha-fusion | ghcr.io/matt8707/ha-fusion:2024.10.1 | +| homeassistant | ghcr.io/home-assistant/home-assistant:stable | +| ollama | ollama/ollama:0.11.10 | +| signoz-logspout | pavanputhra/logspout-signoz:2025.07.19-887dfeb | +| upsnap | ghcr.io/seriousm4x/upsnap:5 | +| watchtower | ghcr.io/containrrr/watchtower:latest | +| webhook | thecatlady/webhook:2.8.1 | + diff --git a/docker-compose.yml b/docker-compose.yml index b0890a8..08fdc08 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -89,6 +89,57 @@ services: restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock + dockflare: + container_name: dockflare + environment: + AGENT_STATUS_UPDATE_INTERVAL_SECONDS: 10 + CF_ACCOUNT_ID: ${CLOUDFLARE_ACCOUNT_ID} + CF_API_TOKEN: ${CLOUDFLARE_API_TOKEN} + CF_ZONE_ID: ${CLOUDFLARE_ZONE_ID} + CLEANUP_INTERVAL_SECONDS: 300 + CLOUDFLARED_METRICS_PORT: 20119 + CLOUDFLARED_NETWORK_NAME: rikku_default + DEFAULT_NO_TLS_VERIFY: false + GRACE_PERIOD_SECONDS: 600 + LABEL_PREFIX: cloudflare.tunnel + MAX_CONCURRENT_DNS_OPS: 3 + RECONCILIATION_BATCH_SIZE: 3 + SCAN_ALL_NETWORKS: false + STATE_FILE_PATH: /app/data/state.json + TRUSTED_PROXIES: 192.168.1.0/24,172.18.0.0/16 + TUNNEL_DNS_SCAN_ZONE_NAMES: + TUNNEL_NAME: dockflared-tunnel + TZ: ${TZ} + healthcheck: + test: ["CMD-SHELL", "wget -qO- --server-response http://localhost:5000/ping 2>&1 | awk '/^ HTTP/{code=$2} /^[^{]/{next} {print; fflush()} END{exit (code>=400 || code==0)}' >/dev/null"] + interval: 1m30s + timeout: 30s + retries: 5 + start_period: 30s + image: alplat/dockflare:stable # Or :unstable for the latest features + # labels: + # ## EXAMPLE CF TUNNEL LABELS ### + # Enable DockFlare management for this container + # - "cloudflare.tunnel.enable=true" + # The public hostname to expose + # - "cloudflare.tunnel.hostname=my-service.example.com" + # The internal service address (protocol://container_name_or_ip:port) + # Service type (http, https, tcp, ssh, rdp, http_status) is inferred from the prefix. + # - "cloudflare.tunnel.service=http://my-service:80" + # Optional: Specify a URL path. Only requests to hostname/path will match. + # - "cloudflare.tunnel.path=/app" + # Optional: Specify a different Cloudflare Zone for this hostname + # - "cloudflare.tunnel.zonename=another.example.com" + # Optional: Disable TLS verification if your internal service uses HTTP or a self-signed cert + # - "cloudflare.tunnel.no_tls_verify=true" + # Optional: Specify Origin Server Name (SNI) for TLS connection to origin + # - "cloudflare.tunnel.originsrvname=internal.service.local" + ports: + - 5001:5000 + restart: unless-stopped + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + - dockflare_data:/app/data ha-fusion: container_name: ha-fusion depends_on: @@ -141,6 +192,31 @@ services: restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock + upsnap: + container_name: upsnap + dns: + - 192.168.1.254 + entrypoint: /bin/sh -c "./upsnap serve --http 0.0.0.0:5000" + environment: + TZ: ${TZ} # Set container timezone for cron schedules + UPSNAP_INTERVAL: '*/10 * * * * *' # Sets the interval in which the devices are pinged + UPSNAP_SCAN_RANGE: 192.168.1.0/24 # Scan range is used for device discovery on local network + UPSNAP_SCAN_TIMEOUT: 500ms # Scan timeout is nmap's --host-timeout value to wait for devices (https://nmap.org/book/man-performance.html) + UPSNAP_PING_PRIVILEGED: true # Set to false if you don't have root user permissions + UPSNAP_WEBSITE_TITLE: 'UpSnap @ Rikku' # Custom website title + # # To use a non-root user, create the mountpoint first (mkdir data) so that it has the right permission. + # # dns is used for name resolution during network scan + # # or install custom packages for shutdown + # entrypoint: /bin/sh -c "apk update && apk add --no-cache && rm -rf /var/cache/apk/* && ./upsnap serve --http 0.0.0.0:8090" + healthcheck: + test: curl -fs "http://localhost:5000/api/health" || exit 1 + interval: 10s + image: ghcr.io/seriousm4x/upsnap:5 # images are also available on docker hub: seriousm4x/upsnap:5 + network_mode: host + privileged: true + restart: unless-stopped + volumes: + - ${RIKKU_DOCKER_DIR}/upsnap:/app/pb_data watchtower: container_name: watchtower environment: @@ -180,5 +256,7 @@ services: - ${RIKKU_DOCKER_DIR}/webhook/conf:/etc/webhook - ${RIKKU_DOCKER_DIR}/webhook/scripts:/opt/webhook_scripts volumes: + dockflare_data: + name: dockflare_data ollama: name: ollama \ No newline at end of file