Trez/rikku-home-assistant
4
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Activity
Files
638cce683f264c5ae9bfa1a7363ee3d935a848dc
rikku-home-assistant/docker-compose.yml
T
Trez.One 638cce683f
Renovate / renovate (push) Successful in 2m27s
Details
Fixing Renovate volume and config.
2025-09-29 09:18:24 -04:00

309 lines
11 KiB
YAML
Raw Blame History

name: rikku
networks:
default:
name: rikku_default
services:
adguard:
cap_add:
- NET_BIND_SERVICE
- NET_RAW
container_name: adguard
environment:
TZ: ${TZ}
image: adguard/adguardhome:v0.107.66@sha256:cc8757742e547c722bb0bd9a3b11fce22771a75a5b0e07ce9a789ad62a2bfd37
network_mode: host
privileged: true
# ports:
# - "192.168.1.254:53:53/udp"
# - "192.168.1.254:53:53/tcp"
# - 3001:3000
# - "192.168.1.254:446:443/tcp"
# - 8008:80
# - "192.168.1.254:853:853/tcp"
# - 67:67
# - 688:68
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${RIKKU_DOCKER_DIR}/adguard/work:/opt/adguardhome/work
- ${RIKKU_DOCKER_DIR}/adguard/conf:/opt/adguardhome/conf
beszel-agent:
container_name: beszel-agent
environment:
PORT: 45876
# Do not remove quotes around the key
KEY: "${BESZEL_RINOA_AGENT_KEY}"
TOKEN: ${BESZEL_RIKKU_TOKEN}
HUB_URL: http://192.168.1.254:22220
expose:
- 45876
image: henrygd/beszel-agent:0.12.12@sha256:0830d9eb7866d3dfe810d8a8ed4fc3dad2c51b3bc855e3558a9aa4e8886c99be
network_mode: host
restart: unless-stopped
volumes:
- ${RIKKU_DOCKER_DIR}/beszel-agent:/var/lib/beszel-agent
- /dev/mmcblk0:/extra-filesystems/dev/mmcblk0:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
castsponsorskip:
container_name: castsponsorskip
image: ghcr.io/gabe565/castsponsorskip:0.8.2@sha256:fe3a1b45987168b9cbccc394496e42bed5d396cd4869aa70ea402c686e679403
environment:
# Set the container timezone
# See identifier list at https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
TZ: ${TZ}
# CSS_PAUSED_INTERVAL:
# CSS_PLAYING_INTERVAL:
# CSS_CATEGORIES:
# CSS_YOUTUBE_API_KEY:
# CSS_MUTE_ADS:
network_mode: host
restart: unless-stopped
docker-socket-proxy:
container_name: dockerproxy
environment:
AUTH: 0
BUILD: 0
COMMIT: 0
CONFIGS: 0
CONTAINERS: 1
DISTRIBUTION: 0
EVENTS: 0
EXEC: 0
GPRC: 0
IMAGES: 1
INFO: 1
NETWORKS: 1
NODES: 0
POST: 0
PLUGINS: 0
SERVICES: 0
SESSION: 0
SYSTEM: 0
TASKS: 0
VOLUMES: 0
LOG_LEVEL: debug
image: ghcr.io/tecnativa/docker-socket-proxy:latest@sha256:3400c429c5f9e1b21d62130fb93b16e2e772d4fb7695bd52fc2b743800b9fe9e
ports:
- 2375:2375
privileged: true
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
dockflare:
container_name: dockflare
environment:
AGENT_STATUS_UPDATE_INTERVAL_SECONDS: 10
CF_ACCOUNT_ID: ${CLOUDFLARE_ACCOUNT_ID}
CF_API_TOKEN: ${CLOUDFLARE_API_TOKEN}
CF_ZONE_ID: ${CLOUDFLARE_ZONE_ID}
CLEANUP_INTERVAL_SECONDS: 300
CLOUDFLARED_METRICS_PORT: 20119
CLOUDFLARED_NETWORK_NAME: rikku_default
DEFAULT_NO_TLS_VERIFY: false
GRACE_PERIOD_SECONDS: 600
LABEL_PREFIX: cloudflare.tunnel
MAX_CONCURRENT_DNS_OPS: 3
RECONCILIATION_BATCH_SIZE: 3
SCAN_ALL_NETWORKS: false
STATE_FILE_PATH: /app/data/state.json
TRUSTED_PROXIES: 192.168.1.0/24,172.18.0.0/16
TUNNEL_DNS_SCAN_ZONE_NAMES:
TUNNEL_NAME: dockflared-tunnel
TZ: ${TZ}
healthcheck:
test:
[
"CMD-SHELL",
"wget -qO- --server-response http://localhost:5000/ping 2>&1 | awk '/^ HTTP/{code=$2} /^[^{]/{next} {print; fflush()} END{exit (code>=400 || code==0)}' >/dev/null",
]
interval: 1m30s
timeout: 30s
retries: 5
start_period: 30s
image: alplat/dockflare:stable@sha256:e1f6aa1179c1e0f5003b3986e6ae5c15ae5605cbb5c38819fa3520feada6d078 # Or :unstable for the latest features
# labels:
# ## EXAMPLE CF TUNNEL LABELS ###
# Enable DockFlare management for this container
# - "cloudflare.tunnel.enable=true"
# The public hostname to expose
# - "cloudflare.tunnel.hostname=my-service.example.com"
# The internal service address (protocol://container_name_or_ip:port)
# Service type (http, https, tcp, ssh, rdp, http_status) is inferred from the prefix.
# - "cloudflare.tunnel.service=http://my-service:80"
# Optional: Specify a URL path. Only requests to hostname/path will match.
# - "cloudflare.tunnel.path=/app"
# Optional: Specify a different Cloudflare Zone for this hostname
# - "cloudflare.tunnel.zonename=another.example.com"
# Optional: Disable TLS verification if your internal service uses HTTP or a self-signed cert
# - "cloudflare.tunnel.no_tls_verify=true"
# Optional: Specify Origin Server Name (SNI) for TLS connection to origin
# - "cloudflare.tunnel.originsrvname=internal.service.local"
ports:
- 5001:5000
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- dockflare_data:/app/data
ha-fusion:
container_name: ha-fusion
depends_on:
homeassistant:
condition: service_started
required: true
environment:
TZ: ${TZ}
HASS_URL: http://192.168.1.252:8123
image: ghcr.io/matt8707/ha-fusion:2024.10.1@sha256:5eea4634ab2b1e7c7523943996d13318d109b293abe8e9e86c38daf5c41830cb
labels:
com.centurylinklabs.watchtower.monitor-only: true
ports:
- 5050:5050
restart: unless-stopped
volumes:
- ${RIKKU_DOCKER_DIR}/ha-fusion:/app/data
homeassistant:
container_name: homeassistant
devices:
- /dev/ttyAMA0:/dev/ttyAMA0
- /dev/ttyS0:/dev/ttyS0
environment:
DISABLE_JEMALLOC: true
image: ghcr.io/home-assistant/home-assistant:stable@sha256:89ec0583c7f47c8a150204f6b5ed48b5432026012bebe1226cf72775a795a5e1
labels:
com.centurylinklabs.watchtower.monitor-only: true
network_mode: host
privileged: true
restart: unless-stopped
volumes:
- ${RIKKU_DOCKER_DIR}/homeassistant:/config
- /etc/localtime:/etc/localtime:ro
- /run/dbus:/run/dbus:ro
ollama:
container_name: ollama
image: ollama/ollama:0.12.2@sha256:1b80cecb262ee3be70474130aaff1e4949dab741c74b94e819d3f2a2ba520f29
ports:
- 11434:11434
restart: unless-stopped
volumes:
- ollama:/root/.ollama
portainer-agent:
container_name: portainer_agent
image: portainer/agent:latest@sha256:ff968fbc40c78f8a822e1e6007e9f0e451b05263fed0639d7e37cbf6f4666b13
volumes:
- /:/host
- /var/lib/docker/volumes:/var/lib/docker/volumes
- /var/run/docker.sock:/var/run/docker.sock
restart: always
ports:
- 9001:9001
renovate:
container_name: renovate
environment:
RENOVATE_CONFIG_FILE: /etc/renovate/config.js
# --- Authentication & platform ---
RENOVATE_TOKEN: "${RENOVATE_GITEA_TOKEN}" # Gitea personal access token for renovate-bot
RENOVATE_PLATFORM: "gitea"
RENOVATE_ENDPOINT: "https://git.${MY_TLD}/api/v1" # your Gitea URL
RENOVATE_USERNAME: "renovate-bot"
RENOVATE_GIT_AUTHOR: "Renovate Bot <it-services@trez.wtf>"
RENOVATE_GITHUB_COM_TOKEN: ${LIBRECHAT_GITHUB_TOKEN}
# --- Behavior ---
RENOVATE_AUTODISCOVER: "true" # discover all repos renovate-bot has access to
RENOVATE_ONBOARDING: "true" # create onboarding PR if repo not configured
RENOVATE_REQUIRE_CONFIG: "optional" # run even if no renovate config exists
RENOVATE_REDIS_URL: redis://renovate-valkey:6379
LOG_LEVEL: "info"
# --- Enable dependency dashboard ---
RENOVATE_EXTENDS: "config:base,:dependencyDashboard"
# --- Example package rules ---
RENOVATE_PRUNE_BRANCH_AFTER_AUTOMERG: false
RENOVATE_PRUNE_STALE_BRANCHES: true
# --- Scheduling ---
# Renovate will only process PRs/updates in this time window
RENOVATE_SCHEDULE: '["after 2am and before 6am"]'
OTEL_EXPORTER_OTLP_ENDPOINT: http://192.168.1.254:4318
OTEL_SERVICE_NAME: renovate
OTEL_SERVICE_NAMESPACE: renovate.${MY_TLD}
# --- Registry creds ---
DOCKER_HUB_PASS: ${RENOVATE__DOCKER_HUB_PASS}
DOCKER_HUB_USER: ${RENOVATE__DOCKER_HUB_USER}
GHCR_TOKEN: ${RENOVATE__GHCR_TOKEN}
GHCR_USER: ${RENOVATE__GHCR_USER}
GITEA_BOT_PASS: ${RENOVATE__GITEA_BOT_PASS}
GITEA_BOT_USER: ${RENOVATE__GITEA_BOT_USER}
image: renovate/renovate:41.97.12-full@sha256:e20639264151d9dce8f0fc3b1219748f4844a76cc157263551d8e7e061daa60e
restart: unless-stopped
volumes:
- ${RIKKU_DOCKER_DIR}/renovate/config.js:/etc/renovate/config.js
renovate-valkey:
container_name: renovate-valkey
healthcheck:
test: redis-cli ping || exit 1
image: docker.io/bitnami/valkey:latest
environment:
ALLOW_EMPTY_PASSWORD: yes
VALKEY_DATA_DIR: /data/valkey
VALKEY_DATABASE: 0
expose:
- 6379
restart: unless-stopped
volumes:
- renovate-valkey-data:/data/valkey
signoz-logspout:
command: signoz://192.168.1.254:8082
container_name: signoz-logspout
environment:
ENV: prod
SIGNOZ_LOG_ENDPOINT: http://192.168.1.254:8082
image: pavanputhra/logspout-signoz:2025.07.19-887dfeb@sha256:6da8ce12279a5262de8b2d5c083ce82d4c878c4eab702b4d328afe147ed7553b
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
upsnap:
container_name: upsnap
dns:
- 192.168.1.254
entrypoint: /bin/sh -c "./upsnap serve --http 0.0.0.0:5000"
environment:
TZ: ${TZ} # Set container timezone for cron schedules
UPSNAP_INTERVAL: "*/10 * * * * *" # Sets the interval in which the devices are pinged
UPSNAP_SCAN_RANGE: 192.168.1.0/24 # Scan range is used for device discovery on local network
UPSNAP_SCAN_TIMEOUT: 500ms # Scan timeout is nmap's --host-timeout value to wait for devices (https://nmap.org/book/man-performance.html)
UPSNAP_PING_PRIVILEGED: true # Set to false if you don't have root user permissions
UPSNAP_WEBSITE_TITLE: "UpSnap @ Rikku" # Custom website title
# # To use a non-root user, create the mountpoint first (mkdir data) so that it has the right permission.
# # dns is used for name resolution during network scan
# # or install custom packages for shutdown
# entrypoint: /bin/sh -c "apk update && apk add --no-cache <YOUR_PACKAGE> && rm -rf /var/cache/apk/* && ./upsnap serve --http 0.0.0.0:8090"
healthcheck:
test: curl -fs "http://localhost:5000/api/health" || exit 1
interval: 10s
image: ghcr.io/seriousm4x/upsnap:5@sha256:c96e9d3f1559736544f723d99b778498982ebb2819de8e509548f8c5468b5542 # images are also available on docker hub: seriousm4x/upsnap:5
network_mode: host
privileged: true
restart: unless-stopped
volumes:
- ${RIKKU_DOCKER_DIR}/upsnap:/app/pb_data
webhook:
command: "-verbose -hooks=/etc/webhook/hooks.json -hotreload"
image: thecatlady/webhook:2.8.1@sha256:2c20d15f8f1b87ea1fa242787af6f288175bbb3402a04f1744a7f7a6a529d711
container_name: webhook
ports:
- 9000:9000
restart: unless-stopped
volumes:
- ${RIKKU_DOCKER_DIR}/webhook/conf:/etc/webhook
- ${RIKKU_DOCKER_DIR}/webhook/scripts:/opt/webhook_scripts
volumes:
dockflare_data:
name: dockflare_data
ollama:
name: ollama
renovate-valkey-data:
name: renovate-valkey-data
Reference in New Issue View Git Blame Copy Permalink