Trez.One
f73a81966f
Docker Compose Deployment / Check and Create PR (push) Successful in 28s
Docker Compose Deployment / Docker Compose Dry Run (push) Has been cancelled
Docker Compose Deployment / Update README & Generate List of Modified Services (push) Has been cancelled
Docker Compose Deployment / PR Merge (push) Has been cancelled
Docker Compose Deployment / Generate list of added/modified/deleted services (push) Has been cancelled
Docker Compose Deployment / Docker Compose Deployment (push) Has been cancelled
262 lines
8.7 KiB
YAML
262 lines
8.7 KiB
YAML
name: rikku
|
|
networks:
|
|
default:
|
|
name: rikku_default
|
|
services:
|
|
adguard:
|
|
cap_add:
|
|
- NET_BIND_SERVICE
|
|
- NET_RAW
|
|
container_name: adguard
|
|
environment:
|
|
TZ: ${TZ}
|
|
image: adguard/adguardhome:v0.107.65
|
|
network_mode: host
|
|
privileged: true
|
|
# ports:
|
|
# - "192.168.1.254:53:53/udp"
|
|
# - "192.168.1.254:53:53/tcp"
|
|
# - 3001:3000
|
|
# - "192.168.1.254:446:443/tcp"
|
|
# - 8008:80
|
|
# - "192.168.1.254:853:853/tcp"
|
|
# - 67:67
|
|
# - 688:68
|
|
restart: unless-stopped
|
|
volumes:
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- ${RIKKU_DOCKER_DIR}/adguard/work:/opt/adguardhome/work
|
|
- ${RIKKU_DOCKER_DIR}/adguard/conf:/opt/adguardhome/conf
|
|
beszel-agent:
|
|
container_name: beszel-agent
|
|
environment:
|
|
PORT: 45876
|
|
# Do not remove quotes around the key
|
|
KEY: '${BESZEL_RINOA_AGENT_KEY}'
|
|
TOKEN: ${BESZEL_RIKKU_TOKEN}
|
|
HUB_URL: http://192.168.1.254:22220
|
|
expose:
|
|
- 45876
|
|
image: henrygd/beszel-agent:0.12.7
|
|
network_mode: host
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ${RIKKU_DOCKER_DIR}/beszel-agent:/var/lib/beszel-agent
|
|
- /dev/mmcblk0:/extra-filesystems/dev/mmcblk0:ro
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
castsponsorskip:
|
|
container_name: castsponsorskip
|
|
image: ghcr.io/gabe565/castsponsorskip:0.8.2
|
|
environment:
|
|
# Set the container timezone
|
|
# See identifier list at https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
|
|
TZ: ${TZ}
|
|
# CSS_PAUSED_INTERVAL:
|
|
# CSS_PLAYING_INTERVAL:
|
|
# CSS_CATEGORIES:
|
|
# CSS_YOUTUBE_API_KEY:
|
|
# CSS_MUTE_ADS:
|
|
network_mode: host
|
|
restart: unless-stopped
|
|
docker-socket-proxy:
|
|
container_name: dockerproxy
|
|
environment:
|
|
AUTH: 0
|
|
BUILD: 0
|
|
COMMIT: 0
|
|
CONFIGS: 0
|
|
CONTAINERS: 1
|
|
DISTRIBUTION: 0
|
|
EVENTS: 0
|
|
EXEC: 0
|
|
GPRC: 0
|
|
IMAGES: 1
|
|
INFO: 1
|
|
NETWORKS: 1
|
|
NODES: 0
|
|
POST: 0
|
|
PLUGINS: 0
|
|
SERVICES: 0
|
|
SESSION: 0
|
|
SYSTEM: 0
|
|
TASKS: 0
|
|
VOLUMES: 0
|
|
LOG_LEVEL: debug
|
|
image: ghcr.io/tecnativa/docker-socket-proxy:latest
|
|
ports:
|
|
- 2375:2375
|
|
privileged: true
|
|
restart: unless-stopped
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
dockflare:
|
|
container_name: dockflare
|
|
environment:
|
|
AGENT_STATUS_UPDATE_INTERVAL_SECONDS: 10
|
|
CF_ACCOUNT_ID: ${CLOUDFLARE_ACCOUNT_ID}
|
|
CF_API_TOKEN: ${CLOUDFLARE_API_TOKEN}
|
|
CF_ZONE_ID: ${CLOUDFLARE_ZONE_ID}
|
|
CLEANUP_INTERVAL_SECONDS: 300
|
|
CLOUDFLARED_METRICS_PORT: 20119
|
|
CLOUDFLARED_NETWORK_NAME: rikku_default
|
|
DEFAULT_NO_TLS_VERIFY: false
|
|
GRACE_PERIOD_SECONDS: 600
|
|
LABEL_PREFIX: cloudflare.tunnel
|
|
MAX_CONCURRENT_DNS_OPS: 3
|
|
RECONCILIATION_BATCH_SIZE: 3
|
|
SCAN_ALL_NETWORKS: false
|
|
STATE_FILE_PATH: /app/data/state.json
|
|
TRUSTED_PROXIES: 192.168.1.0/24,172.18.0.0/16
|
|
TUNNEL_DNS_SCAN_ZONE_NAMES:
|
|
TUNNEL_NAME: dockflared-tunnel
|
|
TZ: ${TZ}
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "wget -qO- --server-response http://localhost:5000/ping 2>&1 | awk '/^ HTTP/{code=$2} /^[^{]/{next} {print; fflush()} END{exit (code>=400 || code==0)}' >/dev/null"]
|
|
interval: 1m30s
|
|
timeout: 30s
|
|
retries: 5
|
|
start_period: 30s
|
|
image: alplat/dockflare:stable # Or :unstable for the latest features
|
|
# labels:
|
|
# ## EXAMPLE CF TUNNEL LABELS ###
|
|
# Enable DockFlare management for this container
|
|
# - "cloudflare.tunnel.enable=true"
|
|
# The public hostname to expose
|
|
# - "cloudflare.tunnel.hostname=my-service.example.com"
|
|
# The internal service address (protocol://container_name_or_ip:port)
|
|
# Service type (http, https, tcp, ssh, rdp, http_status) is inferred from the prefix.
|
|
# - "cloudflare.tunnel.service=http://my-service:80"
|
|
# Optional: Specify a URL path. Only requests to hostname/path will match.
|
|
# - "cloudflare.tunnel.path=/app"
|
|
# Optional: Specify a different Cloudflare Zone for this hostname
|
|
# - "cloudflare.tunnel.zonename=another.example.com"
|
|
# Optional: Disable TLS verification if your internal service uses HTTP or a self-signed cert
|
|
# - "cloudflare.tunnel.no_tls_verify=true"
|
|
# Optional: Specify Origin Server Name (SNI) for TLS connection to origin
|
|
# - "cloudflare.tunnel.originsrvname=internal.service.local"
|
|
ports:
|
|
- 5001:5000
|
|
restart: unless-stopped
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
- dockflare_data:/app/data
|
|
ha-fusion:
|
|
container_name: ha-fusion
|
|
depends_on:
|
|
homeassistant:
|
|
condition: service_started
|
|
required: true
|
|
environment:
|
|
TZ: ${TZ}
|
|
HASS_URL: http://192.168.1.252:8123
|
|
image: ghcr.io/matt8707/ha-fusion:2024.10.1
|
|
labels:
|
|
com.centurylinklabs.watchtower.monitor-only: true
|
|
ports:
|
|
- 5050:5050
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ${RIKKU_DOCKER_DIR}/ha-fusion:/app/data
|
|
homeassistant:
|
|
container_name: homeassistant
|
|
devices:
|
|
- /dev/ttyAMA0:/dev/ttyAMA0
|
|
- /dev/ttyS0:/dev/ttyS0
|
|
environment:
|
|
DISABLE_JEMALLOC: true
|
|
image: ghcr.io/home-assistant/home-assistant:stable
|
|
labels:
|
|
com.centurylinklabs.watchtower.monitor-only: true
|
|
network_mode: host
|
|
privileged: true
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ${RIKKU_DOCKER_DIR}/homeassistant:/config
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- /run/dbus:/run/dbus:ro
|
|
ollama:
|
|
container_name: ollama
|
|
image: ollama/ollama:0.11.10
|
|
ports:
|
|
- 11434:11434
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ollama:/root/.ollama
|
|
signoz-logspout:
|
|
command: signoz://192.168.1.254:8082
|
|
container_name: signoz-logspout
|
|
environment:
|
|
ENV: prod
|
|
SIGNOZ_LOG_ENDPOINT: http://192.168.1.254:8082
|
|
image: pavanputhra/logspout-signoz:2025.07.19-887dfeb
|
|
restart: unless-stopped
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
upsnap:
|
|
container_name: upsnap
|
|
dns:
|
|
- 192.168.1.254
|
|
entrypoint: /bin/sh -c "./upsnap serve --http 0.0.0.0:5000"
|
|
environment:
|
|
TZ: ${TZ} # Set container timezone for cron schedules
|
|
UPSNAP_INTERVAL: '*/10 * * * * *' # Sets the interval in which the devices are pinged
|
|
UPSNAP_SCAN_RANGE: 192.168.1.0/24 # Scan range is used for device discovery on local network
|
|
UPSNAP_SCAN_TIMEOUT: 500ms # Scan timeout is nmap's --host-timeout value to wait for devices (https://nmap.org/book/man-performance.html)
|
|
UPSNAP_PING_PRIVILEGED: true # Set to false if you don't have root user permissions
|
|
UPSNAP_WEBSITE_TITLE: 'UpSnap @ Rikku' # Custom website title
|
|
# # To use a non-root user, create the mountpoint first (mkdir data) so that it has the right permission.
|
|
# # dns is used for name resolution during network scan
|
|
# # or install custom packages for shutdown
|
|
# entrypoint: /bin/sh -c "apk update && apk add --no-cache <YOUR_PACKAGE> && rm -rf /var/cache/apk/* && ./upsnap serve --http 0.0.0.0:8090"
|
|
healthcheck:
|
|
test: curl -fs "http://localhost:5000/api/health" || exit 1
|
|
interval: 10s
|
|
image: ghcr.io/seriousm4x/upsnap:5 # images are also available on docker hub: seriousm4x/upsnap:5
|
|
network_mode: host
|
|
privileged: true
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ${RIKKU_DOCKER_DIR}/upsnap:/app/pb_data
|
|
watchtower:
|
|
container_name: watchtower
|
|
environment:
|
|
REPO_PASS:
|
|
REPO_USER:
|
|
TZ: ${TZ}
|
|
WATCHTOWER_CLEANUP: true
|
|
WATCHTOWER_INCLUDE_STOPPED: false
|
|
WATCHTOWER_MONITOR_ONLY: false
|
|
WATCHTOWER_NOTIFICATIONS: gotify
|
|
WATCHTOWER_NOTIFICATIONS_LEVEL: info
|
|
WATCHTOWER_NOTIFICATION_TEMPLATE: '{{range .}}{{.Message}}{{println}}{{end}}'
|
|
WATCHTOWER_NOTIFICATION_URL:
|
|
WATCHTOWER_SCHEDULE: 0 0 4 * * *
|
|
WATCHTOWER_TIMEOUT: 30s
|
|
WATCHTOWER_HTTP_API_METRICS: true
|
|
WATCHTOWER_HTTP_API_TOKEN: ${WATCHTOWER_HTTP_API_TOKEN}
|
|
WATCHTOWER_NOTIFICATION_GOTIFY_URL: ${WATCHTOWER_NOTIFICATION_GOTIFY_URL}
|
|
WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN: ${WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN}
|
|
WATCHTOWER_NOTIFICATION_GOTIFY_TLS_SKIP_VERIFY: true
|
|
expose:
|
|
- 8080
|
|
hostname: Rikku
|
|
image: ghcr.io/containrrr/watchtower:latest
|
|
restart: unless-stopped
|
|
volumes:
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
webhook:
|
|
command: '-verbose -hooks=/etc/webhook/hooks.json -hotreload'
|
|
image: thecatlady/webhook:2.8.1
|
|
container_name: webhook
|
|
ports:
|
|
- 9000:9000
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ${RIKKU_DOCKER_DIR}/webhook/conf:/etc/webhook
|
|
- ${RIKKU_DOCKER_DIR}/webhook/scripts:/opt/webhook_scripts
|
|
volumes:
|
|
dockflare_data:
|
|
name: dockflare_data
|
|
ollama:
|
|
name: ollama |