Trez/rinoa-docker
4
0
Fork 0
Code Issues 1 Pull Requests 9 Actions Activity

Updated Docker Compose file with new services.

Browse Source
This commit is contained in:
trez.one
2024-11-26 15:46:10 -05:00
parent 7dba22c027
commit 699945c768
2 changed files with 700 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files
jitsi-env.example
+366
View File
@@ -0,0 +1,366 @@
ADMIN_DB_PASSWORD=
ADMIN_JWT_SECRET=
AMPLITUDE_ID=
ANALYTICS_SCRIPT_URLS=
ANALYTICS_WHITELISTED_EVENTS=
AUDIO_QUALITY_OPUS_BITRATE=
AUTH_TYPE=
AUTO_CAPTION_ON_RECORD=
AUTOSCALER_SIDECAR_GROUP_NAME=
AUTOSCALER_SIDECAR_HOST_ID=
AUTOSCALER_SIDECAR_INSTANCE_ID=
AUTOSCALER_SIDECAR_KEY_FILE=
AUTOSCALER_SIDECAR_KEY_ID=
AUTOSCALER_SIDECAR_PORT=
AUTOSCALER_SIDECAR_REGION=
AUTOSCALER_SIDECAR_SHUTDOWN_POLLING_INTERVAL=
AUTOSCALER_SIDECAR_STATS_POLLING_INTERVAL=
AUTOSCALER_URL=
BRANDING_DATA_URL=
BRIDGE_AVG_PARTICIPANT_STRESS=
BRIDGE_STRESS_THRESHOLD=
CALLSTATS_CUSTOM_SCRIPT_URL=
CALLSTATS_ID=
CALLSTATS_SECRET=
CHROME_EXTENSION_BANNER_JSON=
CHROMIUM_FLAGS=
COLIBRI_REST_ENABLED=
COLIBRI_WEBSOCKET_PORT=
CONFCODE_URL=
CONFIG_EXTERNAL_CONNECT=
DATABASE_URL=
DEFAULT_LANGUAGE=
DEPLOYMENTINFO_ENVIRONMENT=
DEPLOYMENTINFO_ENVIRONMENT_TYPE=
DEPLOYMENTINFO_REGION=
DEPLOYMENTINFO_SHARD=
DEPLOYMENTINFO_USERREGION=
DESKTOP_SHARING_FRAMERATE_MAX=
DESKTOP_SHARING_FRAMERATE_MIN=
DIALIN_NUMBERS_URL=
DIALOUT_AUTH_URL=
DIALOUT_CODES_URL=
DISABLE_AUDIO_LEVELS=
DISABLE_DEEP_LINKING=
DISABLE_GRANT_MODERATOR=
DISABLE_HTTPS=
DISABLE_KICKOUT=
DISABLE_LOCAL_RECORDING=
DISABLE_POLLS=
DISABLE_PRIVATE_CHAT=
DISABLE_PROFILE=
DISABLE_REACTIONS=
DISABLE_REMOTE_VIDEO_MENU=
DISABLE_START_FOR_ALL=
DOCKER_HOST_ADDRESS=
DROPBOX_APPKEY=
DROPBOX_REDIRECT_URI=
DYNAMIC_BRANDING_URL=
E2EPING_MAX_CONFERENCE_SIZE=
E2EPING_MAX_MESSAGE_PER_SECOND=
E2EPING_NUM_REQUESTS=
ENABLE_AUDIO_PROCESSING=
ENABLE_AUTH=
ENABLE_AUTO_LOGIN=
ENABLE_AUTO_OWNER=
ENABLE_AV_MODERATION=
ENABLE_BREAKOUT_ROOMS=
ENABLE_CALENDAR=
ENABLE_CLOSE_PAGE=
ENABLE_CODEC_OPUS_RED=
ENABLE_COLIBRI_WEBSOCKET=
ENABLE_E2EPING=
ENABLE_END_CONFERENCE=
ENABLE_FILE_RECORDING_SHARING=
ENABLE_HSTS=
ENABLE_HTTP_REDIRECT=
ENABLE_JAAS_COMPONENTS=
ENABLE_JVB_XMPP_SERVER=
ENABLE_LETSENCRYPT=
ENABLE_LIPSYNC=
ENABLE_LIVESTREAMING=
ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK=
ENABLE_LIVESTREAMING_HELP_LINK=
ENABLE_LIVESTREAMING_TERMS_LINK=
ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING=
ENABLE_LOBBY=
ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT=
ENABLE_LOCAL_RECORDING_SELF_START=
ENABLE_NO_AUDIO_DETECTION=
ENABLE_NOISY_MIC_DETECTION=
ENABLE_OCTO=
ENABLE_OPUS_RED=
ENABLE_PREJOIN_PAGE=
ENABLE_REMB=
ENABLE_REQUIRE_DISPLAY_NAME=
ENABLE_SCTP=
ENABLE_SERVICE_RECORDING=
ENABLE_SIMULCAST=
ENABLE_STATS_ID=
ENABLE_STEREO=
ENABLE_SUBDOMAINS=
ENABLE_TALK_WHILE_MUTED=
ENABLE_TCC=
ENABLE_TRANSCRIPTIONS=
ENABLE_WELCOME_PAGE=
ENABLE_XMPP_WEBSOCKET=
ETHERPAD_DEFAULT_PAD_TEXT=
ETHERPAD_PUBLIC_URL=
ETHERPAD_`=
SKIN_VARIANTS=
ETHERPAD_SKIN_VARIANTS=
ETHERPAD_TITLE=
TITLE=
URL_BASE=
ETHERPAD_URL_BASE=
GC_CLIENT_CERT_URL=
GC_CLIENT_EMAIL=
GC_CLIENT_ID=
GC_GEN_MAX_TH=
GC_GEN_MIN_TH=
GC_INC_SPEED=
GC_INC_STEP_SIZE=
GC_INC_TH=
GC_PRIVATE_KEY=
GC_PRIVATE_KEY_ID=
GC_PROJECT_ID=
GC_TYPE=
GLOBAL_CONFIG=
GLOBAL_MODULES=
GOOGLE_ANALYTICS_ID=
GOOGLE_API_APP_CLIENT_ID=
HIDE_PREJOIN_DISPLAY_NAME=
HIDE_PREJOIN_EXTRA_BUTTONS=
HIDE_PREMEETING_BUTTONS=
HTTP_PORT=
HTTPS_PORT=
INVITE_SERVICE_URL=
JIBRI_BREWERY_MUC=
JIBRI_FINALIZE_RECORDING_SCRIPT_PATH=
JIBRI_HTTP_API_EXTERNAL_PORT=
JIBRI_HTTP_API_INTERNAL_PORT=
JIBRI_PENDING_TIMEOUT=
JIBRI_RECORDER_PASSWORD=
JIBRI_RECORDER_USER=
JIBRI_RECORDING_CONSTANT_RATE_FACTOR=
JIBRI_RECORDING_DIR=
JIBRI_RECORDING_FRAMERATE=
JIBRI_RECORDING_QUEUE_SIZE=
JIBRI_RECORDING_RESOLUTION=
JIBRI_RECORDING_STREAMING_MAX_BITRATE=
JIBRI_RECORDING_VIDEO_ENCODE_PRESET=
JIBRI_REQUEST_RETRIES=
JIBRI_STATSD_HOST=
JIBRI_STATSD_PORT=
JIBRI_STRIP_DOMAIN_JID=
JIBRI_USAGE_TIMEOUT=
JIBRI_WEBHOOK_SUBSCRIBERS=
JIBRI_XMPP_PASSWORD=
JIBRI_XMPP_USER=
JICOFO_AUTH_LIFETIME=
JICOFO_AUTH_PASSWORD=
JICOFO_AUTH_TYPE=
JICOFO_BRIDGE_REGION_GROUPS=
JICOFO_COMPONENT_SECRET=
JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT=
JICOFO_CONF_MAX_AUDIO_SENDERS=
JICOFO_CONF_MAX_VIDEO_SENDERS=
JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT=
JICOFO_CONF_SOURCE_SIGNALING_DELAYS=
JICOFO_CONF_SSRC_REWRITING=
JICOFO_CONF_STRIP_SIMULCAST=
JICOFO_ENABLE_AUTH=
JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS=
JICOFO_ENABLE_HEALTH_CHECKS=
JICOFO_ENABLE_REST=
JICOFO_HEALTH_CHECKS_USE_PRESENCE=
JICOFO_MULTI_STREAM_BACKWARD_COMPAT=
JICOFO_OCTO_REGION=
JIGAGI_SIP_PASSWORD=
JIGAGI_SIP_PORT=
JIGAGI_SIP_SERVER=
JIGAGI_SIP_TRANSPORT=
JIGAGI_SIP_URI=
JIGASI_BREWERY_MUC=
JIGASI_DISABLE_SIP=
JIGASI_ENABLE_SDES_SRTP=
JIGASI_HEALTH_CHECK_INTERVAL=
JIGASI_HEALTH_CHECK_SIP_URI=
JIGASI_PORT_MAX=
JIGASI_PORT_MIN=
JIGASI_SIP_DEFAULT_ROOM=
JIGASI_SIP_KEEP_ALIVE_METHOD=
JIGASI_SIP_URI=
JIGASI_TRANSCRIBER_ADVERTISE_URL=
JIGASI_TRANSCRIBER_RECORD_AUDIO=
JIGASI_TRANSCRIBER_SEND_TXT=
JIGASI_XMPP_PASSWORD=
JIGASI_XMPP_USER=
JVB_ADVERTISE_IPS=
JVB_ADVERTISE_PRIVATE_CANDIDATES=
JVB_AUTH_PASSWORD=
JVB_AUTH_USER=
JVB_BREWERY_MUC=
JVB_DISABLE_STUN=
JVB_MUC_NICKNAME=
JVB_OCTO_BIND_ADDRESS=
JVB_OCTO_REGION=
JVB_OCTO_RELAY_ID=
JVB_PORT=
JVB_STUN_SERVERS=
JVB_WS_DOMAIN=
JVB_WS_SERVER_ID=
JVB_XMPP_AUTH_DOMAIN=
JVB_XMPP_INTERNAL_MUC_DOMAIN=
JVB_XMPP_PORT=
JVB_XMPP_SERVER=
JWT_ACCEPTED_AUDIENCES=
JWT_ACCEPTED_ISSUERS=
JWT_ALLOW_EMPTY=
JWT_APP_ID=
JWT_APP_SECRET=
JWT_ASAP_KEYSERVER=
JWT_AUTH_TYPE=
JWT_ENABLE_DOMAIN_VERIFICATION=
JWT_TOKEN_AUTH_MODULE=
KEYCLOAK_ADMIN_PASSWORD=
KEYCLOAK_ROOT_LOG_LEVEL=
laF_baseUrl=
LDAP_AUTH_METHOD=
LDAP_BASE=
LDAP_BINDDN=
LDAP_BINDPW=
LDAP_FILTER=
LDAP_START_TLS=
LDAP_TLS_CACERT_DIR=
LDAP_TLS_CACERT_FILE=
LDAP_TLS_CHECK_PEER=
LDAP_TLS_CIPHERS=
LDAP_URL=
LDAP_USE_TLS=
LDAP_VERSION=
LETSENCRYPT_DOMAIN=
LETSENCRYPT_EMAIL=
LETSENCRYPT_USE_STAGING=
LOCAL_ADDRESS=
LOG_LEVEL=
MAILER_DSN=
MATOMO_ENDPOINT=
MATOMO_SITE_ID=
MATRIX_UVS_AUTH_TOKEN=
MATRIX_UVS_ISSUER=
MATRIX_UVS_SYNC_POWER_LEVELS=
MATRIX_UVS_URL=
MAX_BRIDGE_PARTICIPANTS=
MAX_PARTICIPANTS=
MERCURE_JWT_SECRET=
MERCURE_PUBLIC_URL=
MICROSOFT_API_APP_CLIENT_ID=
MY_TLD=
NGINX_RESOLVER=
NGINX_WORKER_CONNECTIONS=
NGINX_WORKER_PROCESSES=
OCTO_BRIDGE_SELECTION_STRATEGY=
P2P_PREFERRED_CODEC=
PEOPLE_SEARCH_URL=
PREFERRED_LANGUAGE=
PROSODY_AUTH_TYPE=
PROSODY_ENABLE_RATE_LIMITS=
PROSODY_RATE_LIMIT_ALLOW_RANGES=
PROSODY_RATE_LIMIT_CACHE_SIZE=
PROSODY_RATE_LIMIT_LOGIN_RATE=
PROSODY_RATE_LIMIT_SESSION_RATE=
PROSODY_RATE_LIMIT_TIMEOUT=
PROSODY_RESERVATION_ENABLED=
PROSODY_RESERVATION_REST_BASE_URL=
PUBLIC_URL=
PUBLIC_URL=
registerEmailAdress=
RESOLUTION=
RESOLUTION_MIN=
RESOLUTION_WIDTH=
RESOLUTION_WIDTH_MIN=
SENTRY_ENVIRONMENT=
SENTRY_RELEASE=
SHUTDOWN_REST_ENABLED=
SIP_URI=
START_AUDIO_MUTED=
START_AUDIO_ONLY=
START_BITRATE=
START_SILENT=
START_VIDEO_MUTED=
START_WITH_AUDIO_MUTED=
START_WITH_VIDEO_MUTED=
SUPPRESS_ERRORS_IN_PAD_TEXT=
TESTING_CAP_SCREENSHARE_BITRATE=
TESTING_OCTO_PROBABILITY=
TOKEN_AUTH_URL=
TOOLBAR_BUTTONS=
TRANSLATION_LANGUAGES=
TRANSLATION_LANGUAGES_HEAD=
TURN_CREDENTIALS=
TURN_HOST=
TURN_PORT=
TURNS_HOST=
TURNS_PORT=
TURN_TRANSPORT=
TZ=
USE_APP_LANGUAGE=
VICH_BASE=
VIDEOQUALITY_BITRATE_H264_HIGH=
VIDEOQUALITY_BITRATE_H264_LOW=
VIDEOQUALITY_BITRATE_H264_STANDARD=
VIDEOQUALITY_BITRATE_VP8_HIGH=
VIDEOQUALITY_BITRATE_VP8_LOW=
VIDEOQUALITY_BITRATE_VP8_STANDARD=
VIDEOQUALITY_BITRATE_VP9_HIGH=
VIDEOQUALITY_BITRATE_VP9_LOW=
VIDEOQUALITY_BITRATE_VP9_STANDARD=
VIDEOQUALITY_ENFORCE_PREFERRED_CODEC=
VIDEOQUALITY_PREFERRED_CODEC=
WEBSOCKET_SECRET=
WHITEBOARD_COLLAB_SERVER_PUBLIC_URL=
WHITEBOARD_ENABLED=
XMPP_AUTH_DOMAIN=
XMPP_BOSH_URL_BASE=
XMPP_DOMAIN=
XMPP_GUEST_DOMAIN=
XMPP_INTERNAL_MUC_DOMAIN=
XMPP_INTERNAL_MUC_MODULES=
XMPP_MODULES=
XMPP_MUC_CONFIGURATION=
XMPP_MUC_DOMAIN=
XMPP_MUC_MODULES=
XMPP_PORT=
XMPP_RECORDER_DOMAIN=
XMPP_SERVER=
XMPP_TRUST_ALL_CERTS=
# Allow insecure certificate while connecting Keycloak
# Set this if Keycloak has not a trusted certificate. Dont set this on prod
ALLOW_UNSECURE_CERT=1
# Secret for API
# Update this value for your deployment
API_SECRET=J2EQnU25NhmhFebLjHrJGVMl7SpE93ktgVi9h3Fm4aNMBJLYcvR9UdPveMpthokD
# Timeout for API session
API_TIMEOUT=86400
# Postgresql host address
DB_HOST=galaxy-db
# Postgresql password
# Update this value for your deployment
DB_PASSWD=A$s%o7!^$CapY8dsjJsromXfVbGfL8vt
# FQDN for this setup
GALAXY_FQDN=app.galaxy-kc.loc
# Keycloak client ID
KEYCLOAK_CLIENT_ID=galaxy
# Keycloak address
KEYCLOAK_ORIGIN=https=//ucs-sso-ng.mydomain.corp
# Keycloak realm
KEYCLOAK_REALM=ucs
rinoa-docker-compose.yml
+334 -103
View File
@@ -392,7 +392,7 @@ services:
- --keys=dht_crawler
container_name: bitmagnet
depends_on:
bitmagnet-pgsql:
bitmagnet-pg-db:
condition: service_healthy
required: true
gluetun:
@@ -401,7 +401,7 @@ services:
restart: true
environment:
LOG_FILE_ROTATION_ENABLED: true
POSTGRES_HOST: bitmagnet-pgsql
POSTGRES_HOST: bitmagnet-pg-db
POSTGRES_PASSWORD: ${BITMAGNET_POSTGRESQL_PASSWORD}
POSTGRES_USER: bitmagnet
image: ghcr.io/bitmagnet-io/bitmagnet:latest
@@ -430,8 +430,8 @@ services:
type: bind
bind:
create_host_path: true
bitmagnet-pgsql:
container_name: bitmagnet-pgsql
bitmagnet-pg-db:
container_name: bitmagnet-pg-db
environment:
POSTGRES_DB: bitmagnet
POSTGRES_PASSWORD: ${BITMAGNET_POSTGRESQL_PASSWORD}
@@ -444,7 +444,7 @@ services:
test:
- CMD-SHELL
- pg_isready
image: postgres:16-alpine
image: postgres:17-alpine
networks:
bitmagnet:
ipv4_address: 192.168.55.8
@@ -452,7 +452,7 @@ services:
restart: unless-stopped
shm_size: 1g
volumes:
- source: bitmagnet-pgsql
- source: bitmagnet-pg-db
target: /var/lib/postgresql/data
type: volume
volume: {}
@@ -512,6 +512,40 @@ services:
source: /rinoa-storage
target: /storage
type: bind
bluesky-pds:
container_name: bluesky-pds
environment:
PDS_ADMIN_EMAIL: charish.patel@trez.wtf
PDS_HOSTNAME: bsky.trez.wtf
PDS_JWT_SECRET: ${BLUESKY_PDS_JWT_SECRET}
PDS_ADMIN_PASSWORD: ${BLUESKY_PDS_ADMIN_PASSWORD}
PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: ${BLUESKY_PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX}
PDS_DATA_DIRECTORY: /pds
PDS_EMAIL_SMTP_URL: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25
PDS_EMAIL_FROM_ADDRESS: noreply@trez.wtf
PDS_BLOBSTORE_DISK_LOCATION: /pds/blocks
PDS_BLOB_UPLOAD_LIMIT: 52428800
PDS_DID_PLC_URL: ${PDS_DID_PLC_URL}
PDS_BSKY_APP_VIEW_URL: ${PDS_BSKY_APP_VIEW_URL}
PDS_BSKY_APP_VIEW_DID: ${PDS_BSKY_APP_VIEW_DID}
PDS_REPORT_SERVICE_URL: ${PDS_REPORT_SERVICE_URL}
PDS_REPORT_SERVICE_DID: ${PDS_REPORT_SERVICE_DID}
PDS_CRAWLERS: ${PDS_CRAWLERS}
LOG_ENABLED: true
expose:
- 3000
image: ghcr.io/bluesky-social/pds:latest
labels:
- swag=enable
- swag_port=3000
- swag_url=bsky.${MY_TLD}
- swag.uptime-kuma.enabled=true
- swag.uptime-kuma.monitor.url=https://bsky.${MY_TLD}
restart: unless-stopped
volumes:
- type: bind
source: ${DOCKER_VOLUME_CONFIG}/bluesky-pds
target: /pds
browserless:
container_name: browserless
environment:
@@ -536,6 +570,55 @@ services:
networks:
default: null
restart: unless-stopped
castopod:
container_name: castopod
depends_on:
- mariadb
environment:
MYSQL_DATABASE: castopod
MYSQL_USER: castopod
MYSQL_PASSWORD: ${CASTOPOD_MYSQL_PASSWORD}
CP_DATABASE_HOSTNAME: mariadb
CP_DATABASE_NAME: castopod
CP_DATABASE_USERNAME: castopod
CP_DATABASE_PASSWORD: ${CASTOPOD_MYSQL_PASSWORD}
CP_BASEURL: pod.trez.wtf
CP_ANALYTICS_SALT: ${CASTOPOD_ANALYTICS_SALT}
CP_CACHE_HANDLER: redis
CP_DISABLE_HTTPS: 1
CP_REDIS_HOST: redis
CP_EMAIL_SMTP_HOST: postal-smtp
CP_EMAIL_FROM: noreply@trez.wtf
CP_EMAIL_SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER}
CP_EMAIL_SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
expose:
- 8000
image: castopod/castopod:latest
labels:
- homepage.group=Social
- homepage.name=Castopod
- homepage.href=https://pod.${MY_TLD}
- homepage.icon=castopod.png
- homepage.description=Podcast self-hosting
- swag=enable
- swag_port=8000
- swag_url=pod.${MY_TLD}
- swag.uptime-kuma.enabled=true
- swag.uptime-kuma.monitor.url=https://pod.${MY_TLD}
restart: unless-stopped
volumes:
- castopod-media:/var/www/castopod/public/media
cloudflared:
command: ['tunnel', '--no-autoupdate', 'run', '--token', '${CLOUDFLARED_TUNNEL_TOKEN}']
container_name: cloudflared
environment:
CLOUDFLARED_TUNNEL_KEY: ${CLOUDFLARED_TUNNEL_TOKEN}
extra_hosts:
- host.docker.internal:host-gateway
image: 'cloudflare/cloudflared:latest'
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/cloudflared:/etc/cloudflared
cloudflareddns:
container_name: cloudflareddns
environment:
@@ -1141,12 +1224,11 @@ services:
- GITEA__mailer__PROTOCOL=smtp
- GITEA__mailer__SMTP_ADDR=postal-smtp
- GITEA__mailer__SMTP_PORT=25
- GITEA__mailer__IS_TLS_ENABLED=faLse
- GITEA__mailer__USER=${POSTAL_SMTP_AUTH_USER}
- GITEA__mailer__PASSWD=${POSTAL_SMTP_AUTH_PASSWORD}
image: gitea/gitea:1.22.2
labels:
- homepage.group=Code
- homepage.group=Code/DevOps
- homepage.name=Gitea
- homepage.href=https://git.${MY_TLD}
- homepage.icon=gitea.svg
@@ -1155,8 +1237,6 @@ services:
- homepage.widget.url=http://gitea:3000
- homepage.widget.key=${GITEA_HOMEPAGE_API_KEY}
- swag=enable
- swag_port=3000
- swag_proto=http
- swag_url=git.${MY_TLD}
- swag.uptime-kuma.enabled=true
- swag.uptime-kuma.monitor.url=https://git.${MY_TLD}
@@ -1223,10 +1303,11 @@ services:
OG_GITEA_SECRET: ${OPENGIST_GITEA_SECRET}
OG_GITEA_URL: https://git.trez.wtf
OG_GITEA_NAME: "Gitea @ Rinoa"
OG_SSH_EXTERNAL_DOMAIN: gist-ssh.trez.wtf
image: ghcr.io/thomiceli/opengist:latest
labels:
homepage.description: Private Code Gists
homepage.group: Code
homepage.group: Code/DevOps
homepage.href: https://gist.trez.wtf
homepage.icon: /icons/opengist.svg
homepage.name: Opengist
@@ -1250,12 +1331,10 @@ services:
environment:
CONFIG_FILE: /config.yaml
DOCKER_HOST: tcp://dockerproxy:2375
GITEA_INSTANCE_URL: http://gitea:3000
GITEA_INSTANCE_URL: https://git.trez.wtf
GITEA_RUNNER_REGISTRATION_TOKEN: "${GITEA_RUNNER_REGISTRATION_TOKEN}"
GITEA_RUNNER_NAME: "gitea-runner-1"
image: gitea/act_runner:latest
networks:
default: null
ports:
- 63604:63604
restart: always
@@ -1274,6 +1353,7 @@ services:
GITEA_SQ_BOT_CONFIG_PATH: /home/bot/config/config.yaml
ports:
- 58525:58525
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/gitea/sonarqube-bot/:/home/bot/config/
gluetun:
@@ -1289,7 +1369,7 @@ services:
expose:
- 8000
extra_hosts:
- bitmagnet-pgsql:192.168.55.8
- bitmagnet-pg-db:192.168.55.8
image: qmcgaw/gluetun:latest
networks:
bitmagnet:
@@ -2012,7 +2092,7 @@ services:
- swag_url=itt.${MY_TLD}
- swag.uptime-kuma.enabled=true
- swag.uptime-kuma.monitor.url=https://itt.${MY_TLD}
- homepage.group=Code
- homepage.group=Code/DevOps
- homepage.name=IT-Tools
- homepage.href=https://itt.${MY_TLD}
- homepage.icon=it-tools.svg
@@ -2033,7 +2113,7 @@ services:
MAILER_DSN: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25
MERCURE_JWT_SECRET: ${JITSI__ADMIN_JWT_SECRET}
MERCURE_PUBLIC_URL: https://meet-admin.${MY_TLD}
MERCURE_URL: http://jitsi-admin-websocket
MERCURE_URL: http://jitsi-admin-websocket:3000
OAUTH_KEYCLOAK_CLIENT_ID: null
OAUTH_KEYCLOAK_CLIENT_REALM: null
OAUTH_KEYCLOAK_CLIENT_SECRET: null
@@ -2043,6 +2123,18 @@ services:
laF_baseUrl: https://meet-admin.${MY_TLD}
registerEmailAdress: noreply@trez.wtf
image: h2invent/jitsi-admin-main
labels:
- swag=enable
- swag_proto=http
- swag_port=3000
- swag_url=meet-admin.${MY_TLD}
- swag.uptime-kuma.enabled=true
- swag.uptime-kuma.monitor.url=https://meet-admin.${MY_TLD}
- homepage.group=System Administration
- homepage.name=Jitsi Admin
- homepage.href=https://meet-admin.${MY_TLD}
- homepage.icon=/icons/jitsi-admin.png
- homepage.description=Web Conferencing
networks:
default: null
restart: unless-stopped
@@ -2104,7 +2196,7 @@ services:
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/keycloak
target: /opt/keycloak
target: /opt/keycloak/data/import
type: bind
bind:
create_host_path: true
@@ -2118,7 +2210,9 @@ services:
labels:
- swag=enable
- swag_proto=http
- swag_port=3000
- swag_url=meet-admin.${MY_TLD}
- swag_server_custom_directive="location /ws { proxy_pass http://localhost:3000; proxy_set_header X-Forwarded-Proto http; proxy_set_header Host $$host; }"
- swag.uptime-kuma.enabled=true
- swag.uptime-kuma.monitor.url=https://meet-admin.${MY_TLD}
- homepage.group=System Administration
@@ -2711,8 +2805,8 @@ services:
target: /var/lib/postgresql/data
type: volume
volume: {}
joplin-server:
container_name: joplin-server
joplin:
container_name: joplin
environment:
- ACCOUNT_TYPES_ENABLED=true
- APP_PORT=${JOPLIN_APP_PORT}
@@ -2735,18 +2829,15 @@ services:
- POSTGRES_HOST=joplin-db
image: joplin/server:latest
labels:
- homepage.group=Personal Services
- homepage.name=Joplin
- homepage.href=https://notes.${MY_TLD}
- homepage.icon=joplin.svg
- homepage.description=Open-source note taking & to-do
- swag=enable
- swag_proto=http
- swag_port=22300
- swag_url=notes.${MY_TLD}
- swag_server_custom_directive="proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;"
- swag.uptime-kuma.enabled=true
- swag.uptime-kuma.monitor.url=https://notes.${MY_TLD}
homepage.group: Personal Services
homepage.name: Joplin
homepage.href: https://notes.${MY_TLD}
homepage.icon: joplin.svg
homepage.description: Open-source note taking & to-do
swag: enable
swag_url: notes.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.url: https://notes.${MY_TLD}
networks:
default: null
ports:
@@ -2911,7 +3002,7 @@ services:
container_name: lldap
environment:
- UID=${PUID}
- GID=${GUID}
- GID=${PGID}
- TZ=${TZ}
- LLDAP_JWT_SECRET=${LLDAP_JWT_SECRET}
- LLDAP_KEY_SEED=${LLDAP_KEY_SEED}
@@ -3114,7 +3205,7 @@ services:
- homepage.icon=mattermost.svg
- homepage.description=Team collaboration and technical workflows (Slack alternative)
- swag=enable
- swag_custom_directive=client_max_body_size 0;
- swag_server_custom_directive=client_max_body_size 0;
- swag_proto=http
- swag_port=8065
- swag_url=mm.${MY_TLD}
@@ -3472,6 +3563,69 @@ services:
type: bind
bind:
create_host_path: true
netbox:
container_name: netbox
depends_on:
netbox-db:
condition: service_healthy
required: true
redis:
condition: service_started
required: true
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
SUPERUSER_EMAIL: charish.patel@pm.me
SUPERUSER_PASSWORD: ${NETBOX_SUPERUSER_PASSWORD}
ALLOWED_HOST: net.trez.wtf
DB_NAME: netbox
DB_USER: netbox
DB_PASSWORD: ${NETBOX_PG_DB_PASSWORD}
DB_HOST: netbox-db
DB_PORT: 5432
DEBUG: false
DOCKER_MODS: linuxserver/mods:netbox-slurpit
REDIS_HOST: redis
REDIS_PORT: 6379
REMOTE_AUTH_ENABLED:
image: lscr.io/linuxserver/netbox:latest
labels:
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: Netbox
homepage.href: https://net.${MY_TLD}
homepage.icon: netbox.svg
homepage.description: Network modeling/documentation
swag: enable
swag_url: net.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.url: https://net.${MY_TLD}
ports:
- 8007:8000
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/netbox/:/config
netbox-db:
container_name: netbox-db
environment:
POSTGRES_USER: netbox
POSTGRES_PASSWORD: ${NETBOX_PG_DB_PASSWORD}
POSTGRES_DB: netbox
expose:
- 5432
healthcheck:
test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER
start_period: 20s
timeout: 30s
interval: 10s
retries: 5
image: postgres:17-alpine
restart: always
volumes:
- source: netbox-pg-db
target: /var/lib/postgresql/data
type: volume
volume: {}
nextcloud:
container_name: nextcloud
environment:
@@ -4170,6 +4324,7 @@ services:
- homepage.icon=libreddit.svg
- homepage.description=Redlib is a private front-end like Invidious but for Reddit
- swag=enable
- swag_auth=authelia
- swag_proto=http
- swag_port=8080
- swag_url=rlib.${MY_TLD}
@@ -4465,6 +4620,120 @@ services:
type: bind
bind:
create_host_path: true
semaphore:
container_name: semaphore
environment:
ANSIBLE_HOST_KEY_CHECKING: false
SEMAPHORE_ADMIN_PASSWORD: ${SEMAPHORE_ADMIN_PASSWORD}
SEMAPHORE_ADMIN_NAME: admin
SEMAPHORE_ADMIN_EMAIL: charish.patel@pm.me
SEMAPHORE_ADMIN: admin
SEMAPHORE_DB_DIALECT: bolt
SEMAPHORE_EMAIL_ALERT: true
SEMAPHORE_EMAIL_SENDER: noreply@trez.wtf
SEMAPHORE_EMAIL_HOST: postal-smtp
SEMAPHORE_EMAIL_PORT: 25
SEMAPHORE_EMAIL_USERNAME: ${POSTAL_SMTP_AUTH_USER}
SEMAPHORE_EMAIL_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
SEMAPHORE_EMAIL_SECURE: false
SEMAPHORE_USE_REMOTE_RUNNER: true
image: semaphoreui/semaphore:v2.10.32
labels:
- homepage.group=Code/DevOps
- homepage.name=Semaphore
- homepage.href=https://devops.${MY_TLD}
- homepage.icon=semaphore.svg
- homepage.description=Modern UI for Ansible, Terraform, OpenTofu, PowerShell and other DevOps tools
- swag=enable
- swag_port=3000
- swag_proto=http
- swag_url=devops.${MY_TLD}
- swag.uptime-kuma.enabled=true
- swag.uptime-kuma.monitor.url=https://search.${MY_TLD}
ports:
- 3015:3000
restart: unless-stopped
volumes:
- semaphore_config:/etc/semaphore
- semaphore_data:/var/lib/semaphore
- semaphore_tmp:/tmp/semaphore
slurpit-portal:
container_name: slurpit-portal
environment:
TZ: ${TZ}
PORTAL_BASE_URL: https://slurpit.trez.wtf
PORTAL_WAREHOUSE_URL: http://slurpit-warehouse
image: slurpit/portal:latest
labels:
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: Slurp'it
homepage.href: https://slurpit.${MY_TLD}
homepage.icon: /icons/slurpit.png
homepage.description: Network discovery
swag: enable
swag_port: 80
swag_url: slurpit.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.url: https://slurpit.${MY_TLD}
ports:
- 8110:80
- 5443:443
restart: always
volumes:
- ${DOCKER_VOLUME_CONFIG}/slurpit/logs/nginx:/var/log/nginx/
- ${DOCKER_VOLUME_CONFIG}/slurpit/logs/mysql:/var/log/mysql/
- ${DOCKER_VOLUME_CONFIG}/slurpit/logs/php:/var/log/php/
- ${DOCKER_VOLUME_CONFIG}/slurpit/certs:/etc/nginx/certs/
- ${DOCKER_VOLUME_CONFIG}/slurpit/db/portal:/var/lib/mysql
- ${DOCKER_VOLUME_CONFIG}/slurpit/backup/portal:/backup/files
slurpit-scanner:
container_name: slurpit-scanner
depends_on:
slurpit-warehouse:
condition: service_healthy
environment:
TZ: ${TZ}
SCANNER_POOLSIZE: 4
SCANNER_TIMEOUT: 10
SCANNER_WAREHOUSE_URL: http://slurpit-warehouse
image: slurpit/scanner:latest
restart: always
volumes:
- ${DOCKER_VOLUME_CONFIG}/slurpit/logs/scanner:/logs
slurpit-scraper:
container_name: slurpit-scraper
depends_on:
slurpit-warehouse:
condition: service_healthy
image: slurpit/scraper:latest
environment:
TZ: ${TZ}
SCRAPER_TIMEOUT: 20
SCRAPER_POOLSIZE: 4
SCRAPER_WAREHOUSE_URL: http://slurpit-warehouse
restart: always
volumes:
- ${DOCKER_VOLUME_CONFIG}/slurpit/logs/scraper:/logs
slurpit-warehouse:
container_name: slurpit-warehouse
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost/services"]
interval: 10s
timeout: 10s
retries: 360
image: slurpit/warehouse:latest
environment:
TZ: ${TZ}
WAREHOUSE_CALLBACK_SCANNER_URL: http://slurpit-portal/callback/scanner
WAREHOUSE_CALLBACK_SCANNER_TOKEN:
WAREHOUSE_CALLBACK_SCRAPER_URL: http://slurpit-portal/callback/scraper
WAREHOUSE_CALLBACK_SCRAPER_TOKEN:
restart: always
volumes:
- ${DOCKER_VOLUME_CONFIG}/slurpit/backup/warehouse:/backup/files
- ${DOCKER_VOLUME_CONFIG}/slurpit/db/warehouse:/var/lib/mongodb
- ${DOCKER_VOLUME_CONFIG}/slurpit/logs/warehouse/mongodb:/var/log/mongodb
- ${DOCKER_VOLUME_CONFIG}/slurpit/logs/warehouse:/logs
sonarqube:
container_name: sonarqube
depends_on:
@@ -4486,11 +4755,11 @@ services:
hostname: sonarqube
image: mc1arke/sonarqube-with-community-branch-plugin:lts
labels:
- homepage.group=Code
- homepage.group=Code/DevOps
- homepage.name=Sonarqube
- homepage.href=https://sqube.trez.wtf
- homepage.icon=sonarqube.svg
- homepage.description=Code quality/security
- homepage.description=Code/DevOps quality/security
- swag=enable
- swag_proto=http
- swag_port=9000
@@ -4518,6 +4787,7 @@ services:
timeout: 5s
retries: 5
image: postgres:17-alpine
restart: unless-stopped
volumes:
- sonarqube-db:/var/lib/postgresql
- sonarqube-db-data:/var/lib/postgresql/data
@@ -4676,7 +4946,7 @@ services:
- VALIDATION=dns
- CROWDSEC_API_KEY=${CROWDSEC_API_KEY}
- CROWDSEC_LAPI_URL=http://crowdsec:8080
- DOCKER_MODS=linuxserver/mods:universal-docker|linuxserver/mods:swag-auto-reload|linuxserver/mods:swag-auto-proxy|linuxserver/mods:swag-dashboard|linuxserver/mods:swag-maxmind|linuxserver/mods:universal-stdout-logs|ghcr.io/linuxserver/mods:swag-crowdsec
- DOCKER_MODS=linuxserver/mods:universal-docker|linuxserver/mods:swag-auto-reload|linuxserver/mods:swag-auto-proxy|linuxserver/mods:swag-dashboard|linuxserver/mods:swag-maxmind|linuxserver/mods:universal-stdout-logs|ghcr.io/linuxserver/mods:swag-crowdsec|linuxserver/mods:swag-auto-uptime-kuma
- PROPAGATION=30
- UPTIME_KUMA_PASSWORD=${UPTIME_KUMA_PASSWORD}
- UPTIME_KUMA_URL=http://uptimekuma:3001
@@ -4690,7 +4960,7 @@ services:
- swag_url=swag.${MY_TLD}
- swag_auth=authelia
- swag.uptime-kuma.enabled=true
- swag.uptime-kuma.monitor.url=https://trac.${MY_TLD}
- swag.uptime-kuma.monitor.url=https://swag.${MY_TLD}
- homepage.group=Infrastructure/App Performance Monitoring
- homepage.name=SWAG Dashboard
- homepage.href=https://swag.${MY_TLD}
@@ -4764,7 +5034,6 @@ services:
- homepage.widget.url=http://tandoor-recipes:8080
- homepage.widget.key=${TANDOOR_API_TOKEN}
- swag=enable
- swag_server_custom_directive="proxy_set_header X-Forwarded-Host $$http_host; proxy_set_header Host $$http_host;"
- swag_proto=http
- swag_url=recipes.${MY_TLD}
- swag.uptime-kuma.enabled=true
@@ -6156,52 +6425,6 @@ services:
source: /etc/localtime
target: /etc/localtime
type: bind
vault:
cap_add:
- IPC_LOCK
command:
- server
container_name: hc-vault
environment:
- AWS_ACCESS_KEY_ID=${VAULT_HASHICORP_AWS_ACCESS_KEY_ID}
- AWS_SECRET_ACCESS_KEY=${VAULT_HASHICORP_AWS_SECRET_ACCESS_KEY}
image: hashicorp/vault:latest
labels:
- homepage.group=Code
- homepage.name=Vault
- homepage.icon=vault.png
- homepage.href=https://vault.${MY_TLD}
- homepage.description=Hashicorp Vault for secrets, key/value stores, etc.
- swag=enable
- swag_proto=http
- swag_port=8200
- swag_address=hc-vault
- swag_url=vault.${MY_TLD}
- swag.uptime-kuma.enabled=true
- swag.uptime-kuma.monitor.url=https://vault.${MY_TLD}
networks:
default: null
ports:
- mode: ingress
protocol: tcp
published: "8200"
target: 8200
- mode: ingress
protocol: tcp
published: "8250"
target: 8250
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/config/
target: /vault/config
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/logs/
target: /vault/logs
type: bind
bind:
create_host_path: true
wallabag:
container_name: wallabag
depends_on:
@@ -7141,8 +7364,10 @@ services:
volumes:
authelia-pg-db:
name: compose_authelia-pg-db
bitmagnet-pgsql:
name: compose_bitmagnet-pgsql
bitmagnet-pg-db:
name: bitmagnet-pg-db
castopod-media:
name: castopod-media
crowdsec-config:
name: compose_crowdsec-config
crowdsec-db:
@@ -7156,9 +7381,9 @@ volumes:
fastenhealth-db:
name: compose_fastenhealth-db
filebeat_etc:
name: compose_filebeat_etc
name: filebeat_etc
filebeat_var:
name: compose_filebeat_var
name: filebeat_var
gitea-pg-db:
name: compose_gitea-pg-db
grafana-mimir-data:
@@ -7217,6 +7442,8 @@ volumes:
name: compose_mongo3_config
mongo3_data:
name: compose_mongo3_data
netbox-pg-db:
name: netbox-pg-db
ollama:
name: compose_ollama
paperless-ngx-data:
@@ -7233,8 +7460,12 @@ volumes:
name: compose_plausible-event-logs
reactive-resume-pg:
name: compose_reactive-resume-pg
rustdesk-data:
name: compose_rustdesk-data
semaphore_config:
name: semaphore_config
semaphore_data:
name: semaphore_data
semaphore_tmp:
name: semaphore_tmp
sonarqube-data:
name: sonarqube-data
sonarqube-db:
@@ -7258,29 +7489,29 @@ volumes:
wallos-logos:
name: compose_wallos-logos
wazuh-dashboard-config:
name: compose_wazuh-dashboard-config
name: wazuh-dashboard-config
wazuh-dashboard-custom:
name: compose_wazuh-dashboard-custom
name: wazuh-dashboard-custom
wazuh-indexer-data:
name: compose_wazuh-indexer-data
name: wazuh-indexer-data
wazuh_active_response:
name: compose_wazuh_active_response
name: wazuh_active_response
wazuh_agentless:
name: compose_wazuh_agentless
name: wazuh_agentless
wazuh_api_configuration:
name: compose_wazuh_api_configuration
name: wazuh_api_configuration
wazuh_etc:
name: compose_wazuh_etc
name: wazuh_etc
wazuh_integrations:
name: compose_wazuh_integrations
name: wazuh_integrations
wazuh_logs:
name: compose_wazuh_logs
name: wazuh_logs
wazuh_queue:
name: compose_wazuh_queue
name: wazuh_queue
wazuh_var_multigroups:
name: compose_wazuh_var_multigroups
name: wazuh_var_multigroups
wazuh_wodles:
name: compose_wazuh_wodles
name: wazuh_wodles
zammad-backup:
driver: local
name: compose_zammad-backup