Compare commits
26 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 319f9de326 | |||
| c461393b09 | |||
| 1e7d183877 | |||
| 1e4ad6ac1a | |||
| 0aec31eca2 | |||
| 3e0d2963a5 | |||
| 0a49f05410 | |||
| 51cdb74265 | |||
| a5480f20f4 | |||
| cd174158f2 | |||
| 35cce79dd7 | |||
| 2fc16ad610 | |||
| 75f1098691 | |||
| c5213b50a1 | |||
| 03f6a061b7 | |||
| 38b0b89562 | |||
| 17b50c1445 | |||
| 3fb2a2aea5 | |||
| fedb88af3b | |||
| 767bb535cc | |||
| fc4d075e16 | |||
| 76fa75c4c7 | |||
| 465823d215 | |||
| e3975a83c5 | |||
| e4d2ca2e2d | |||
| 3519ca207a |
@@ -75,7 +75,7 @@ jobs:
|
|||||||
git fetch origin ${{ github.event.pull_request.base.ref }}
|
git fetch origin ${{ github.event.pull_request.base.ref }}
|
||||||
- name: Login to Gitea Container Registry
|
- name: Login to Gitea Container Registry
|
||||||
run: |
|
run: |
|
||||||
docker login -u gitea-sonarqube-bot -p ${{ secrets.BOT_GITEA_TOKEN }} https://git.trez.wtf
|
docker login -u gitea-sonarqube-bot -p ${{ secrets.BOT_GITEA_PASSWORD }} git.trez.wtf
|
||||||
- name: Save both versions of docker-compose.yml
|
- name: Save both versions of docker-compose.yml
|
||||||
run: |
|
run: |
|
||||||
git show origin/main:docker-compose.yml > docker-compose-main.yml || touch docker-compose-main.yml
|
git show origin/main:docker-compose.yml > docker-compose-main.yml || touch docker-compose-main.yml
|
||||||
@@ -318,7 +318,7 @@ jobs:
|
|||||||
uses: cpanato/vault-installer@main
|
uses: cpanato/vault-installer@main
|
||||||
- name: Login to Gitea Container Registry
|
- name: Login to Gitea Container Registry
|
||||||
run: |
|
run: |
|
||||||
docker login -u gitea-sonarqube-bot -p ${{ secrets.BOT_GITEA_TOKEN }} http://gitea:3000
|
docker login -u gitea-sonarqube-bot -p ${{ secrets.BOT_GITEA_PASSWORD }} git.trez.wtf
|
||||||
- name: Gotify Notification
|
- name: Gotify Notification
|
||||||
uses: eikendev/gotify-action@master
|
uses: eikendev/gotify-action@master
|
||||||
with:
|
with:
|
||||||
|
|||||||
@@ -36,6 +36,7 @@
|
|||||||
| explo | ghcr.io/lumepart/explo:latest |
|
| explo | ghcr.io/lumepart/explo:latest |
|
||||||
| fastenhealth | ghcr.io/fastenhealth/fasten-onprem:main |
|
| fastenhealth | ghcr.io/fastenhealth/fasten-onprem:main |
|
||||||
| flaresolverr | ghcr.io/flaresolverr/flaresolverr:latest |
|
| flaresolverr | ghcr.io/flaresolverr/flaresolverr:latest |
|
||||||
|
| freescout | tiredofit/freescout:latest |
|
||||||
| ghost | ghost:latest |
|
| ghost | ghost:latest |
|
||||||
| gitea | gitea/gitea:1.23.1 |
|
| gitea | gitea/gitea:1.23.1 |
|
||||||
| gitea-db | postgres:14 |
|
| gitea-db | postgres:14 |
|
||||||
@@ -85,8 +86,11 @@
|
|||||||
| mariadb | linuxserver/mariadb |
|
| mariadb | linuxserver/mariadb |
|
||||||
| mastodon | lscr.io/linuxserver/mastodon:latest |
|
| mastodon | lscr.io/linuxserver/mastodon:latest |
|
||||||
| mastodon-pg-db | postgres:17-alpine |
|
| mastodon-pg-db | postgres:17-alpine |
|
||||||
|
| maxun-backend | getmaxun/maxun-backend:latest |
|
||||||
|
| maxun-frontend | getmaxun/maxun-frontend:latest |
|
||||||
|
| maxun-pg-db | postgres:13-alpine |
|
||||||
| meilisearch | getmeili/meilisearch:v1.12.3 |
|
| meilisearch | getmeili/meilisearch:v1.12.3 |
|
||||||
| minio | minio/minio |
|
| minio | minio/minio:RELEASE.2025-04-22T22-12-26Z |
|
||||||
| mixpost | inovector/mixpost:latest |
|
| mixpost | inovector/mixpost:latest |
|
||||||
| mongodb | bitnami/mongodb:7.0 |
|
| mongodb | bitnami/mongodb:7.0 |
|
||||||
| multi-scrobbler | foxxmd/multi-scrobbler |
|
| multi-scrobbler | foxxmd/multi-scrobbler |
|
||||||
@@ -122,8 +126,6 @@
|
|||||||
| romm | rommapp/romm:latest |
|
| romm | rommapp/romm:latest |
|
||||||
| sabnzbdvpn | ghcr.io/binhex/arch-sabnzbdvpn:latest |
|
| sabnzbdvpn | ghcr.io/binhex/arch-sabnzbdvpn:latest |
|
||||||
| sablier | sablierapp/sablier:latest |
|
| sablier | sablierapp/sablier:latest |
|
||||||
| scraperr | jpyles0524/scraperr:latest |
|
|
||||||
| scraperr-api | jpyles0524/scraperr_api:latest |
|
|
||||||
| scrutiny | ghcr.io/analogj/scrutiny:master-omnibus |
|
| scrutiny | ghcr.io/analogj/scrutiny:master-omnibus |
|
||||||
| searxng | searxng/searxng:latest |
|
| searxng | searxng/searxng:latest |
|
||||||
| semaphore | semaphoreui/semaphore:v2.12.14 |
|
| semaphore | semaphoreui/semaphore:v2.12.14 |
|
||||||
@@ -147,14 +149,4 @@
|
|||||||
| web-check | lissy93/web-check |
|
| web-check | lissy93/web-check |
|
||||||
| whodb | clidey/whodb |
|
| whodb | clidey/whodb |
|
||||||
| youtubedl | nbr23/youtube-dl-server:latest |
|
| youtubedl | nbr23/youtube-dl-server:latest |
|
||||||
| zammad-backup | ghcr.io/zammad/zammad:6.5.0-15 |
|
|
||||||
| zammad-elasticsearch | bitnami/elasticsearch:8.17.4 |
|
|
||||||
| zammad-init | ghcr.io/zammad/zammad:6.5.0-15 |
|
|
||||||
| zammad-memcached | memcached:1.6.38-alpine |
|
|
||||||
| zammad-nginx | ghcr.io/zammad/zammad:6.5.0-15 |
|
|
||||||
| zammad-postgresql | postgres:17.4-alpine |
|
|
||||||
| zammad-railsserver | ghcr.io/zammad/zammad:6.5.0-15 |
|
|
||||||
| zammad-redis | redis:7.4.2-alpine |
|
|
||||||
| zammad-scheduler | ghcr.io/zammad/zammad:6.5.0-15 |
|
|
||||||
| zammad-websocket | ghcr.io/zammad/zammad:6.5.0-15 |
|
|
||||||
|
|
||||||
|
|||||||
@@ -0,0 +1,199 @@
|
|||||||
|
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||||
|
{% set secrets_path = 'rinoa-docker/env' %}
|
||||||
|
|
||||||
|
http:
|
||||||
|
pprof:
|
||||||
|
port: 6060
|
||||||
|
enabled: false
|
||||||
|
address: 0.0.0.0:8008
|
||||||
|
session_ttl: 720h
|
||||||
|
users:
|
||||||
|
- name: admin
|
||||||
|
password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['ADGUARD_BCRYPT'] }}
|
||||||
|
auth_attempts: 5
|
||||||
|
block_auth_min: 15
|
||||||
|
http_proxy: ""
|
||||||
|
language: ""
|
||||||
|
theme: auto
|
||||||
|
dns:
|
||||||
|
bind_hosts:
|
||||||
|
- 0.0.0.0
|
||||||
|
port: 53
|
||||||
|
anonymize_client_ip: false
|
||||||
|
ratelimit: 20
|
||||||
|
ratelimit_subnet_len_ipv4: 24
|
||||||
|
ratelimit_subnet_len_ipv6: 56
|
||||||
|
ratelimit_whitelist: []
|
||||||
|
refuse_any: true
|
||||||
|
upstream_dns:
|
||||||
|
- 94.140.14.14
|
||||||
|
- 94.140.15.15
|
||||||
|
- https://dns.adguard-dns.com/dns-query
|
||||||
|
- tls://dns.adguard-dns.com
|
||||||
|
- quic://dns.adguard-dns.com
|
||||||
|
- 1.1.1.1
|
||||||
|
- 1.0.0.1
|
||||||
|
- 1.1.1.2
|
||||||
|
- 1.0.0.2
|
||||||
|
- 185.228.168.9
|
||||||
|
- 185.228.169.9
|
||||||
|
- 76.76.2.3
|
||||||
|
- tls://getdnsapi.net
|
||||||
|
- 185.49.141.37
|
||||||
|
- tls://dot.seby.io
|
||||||
|
upstream_dns_file: ""
|
||||||
|
bootstrap_dns:
|
||||||
|
- 9.9.9.10
|
||||||
|
- 149.112.112.10
|
||||||
|
- 2620:fe::10
|
||||||
|
- 2620:fe::fe:10
|
||||||
|
fallback_dns: []
|
||||||
|
upstream_mode: load_balance
|
||||||
|
fastest_timeout: 1s
|
||||||
|
allowed_clients: []
|
||||||
|
disallowed_clients: []
|
||||||
|
blocked_hosts:
|
||||||
|
- version.bind
|
||||||
|
- id.server
|
||||||
|
- hostname.bind
|
||||||
|
trusted_proxies:
|
||||||
|
- 127.0.0.0/8
|
||||||
|
- ::1/128
|
||||||
|
cache_size: 4194304
|
||||||
|
cache_ttl_min: 0
|
||||||
|
cache_ttl_max: 0
|
||||||
|
cache_optimistic: false
|
||||||
|
bogus_nxdomain: []
|
||||||
|
aaaa_disabled: false
|
||||||
|
enable_dnssec: false
|
||||||
|
edns_client_subnet:
|
||||||
|
custom_ip: ""
|
||||||
|
enabled: false
|
||||||
|
use_custom: false
|
||||||
|
max_goroutines: 300
|
||||||
|
handle_ddr: true
|
||||||
|
ipset: []
|
||||||
|
ipset_file: ""
|
||||||
|
bootstrap_prefer_ipv6: false
|
||||||
|
upstream_timeout: 10s
|
||||||
|
private_networks: []
|
||||||
|
use_private_ptr_resolvers: false
|
||||||
|
local_ptr_upstreams: []
|
||||||
|
use_dns64: false
|
||||||
|
dns64_prefixes: []
|
||||||
|
serve_http3: false
|
||||||
|
use_http3_upstreams: false
|
||||||
|
serve_plain_dns: true
|
||||||
|
hostsfile_enabled: true
|
||||||
|
pending_requests:
|
||||||
|
enabled: true
|
||||||
|
tls:
|
||||||
|
enabled: true
|
||||||
|
server_name: ""
|
||||||
|
force_https: false
|
||||||
|
port_https: 446
|
||||||
|
port_dns_over_tls: 853
|
||||||
|
port_dns_over_quic: 853
|
||||||
|
port_dnscrypt: 0
|
||||||
|
dnscrypt_config_file: ""
|
||||||
|
allow_unencrypted_doh: false
|
||||||
|
certificate_chain: ""
|
||||||
|
private_key: ""
|
||||||
|
certificate_path: /opt/adguardhome/certs/live/trez.wtf/priv-fullchain-bundle.pem
|
||||||
|
private_key_path: /opt/adguardhome/certs/live/trez.wtf/priv-fullchain-bundle.pem
|
||||||
|
strict_sni_check: false
|
||||||
|
querylog:
|
||||||
|
dir_path: ""
|
||||||
|
ignored: []
|
||||||
|
interval: 2160h
|
||||||
|
size_memory: 1000
|
||||||
|
enabled: true
|
||||||
|
file_enabled: true
|
||||||
|
statistics:
|
||||||
|
dir_path: ""
|
||||||
|
ignored: []
|
||||||
|
interval: 24h
|
||||||
|
enabled: true
|
||||||
|
filters:
|
||||||
|
- enabled: true
|
||||||
|
url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_1.txt
|
||||||
|
name: AdGuard DNS filter
|
||||||
|
id: 1
|
||||||
|
- enabled: false
|
||||||
|
url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_2.txt
|
||||||
|
name: AdAway Default Blocklist
|
||||||
|
id: 2
|
||||||
|
whitelist_filters: []
|
||||||
|
user_rules: []
|
||||||
|
dhcp:
|
||||||
|
enabled: false
|
||||||
|
interface_name: ""
|
||||||
|
local_domain_name: lan
|
||||||
|
dhcpv4:
|
||||||
|
gateway_ip: 192.168.1.1
|
||||||
|
subnet_mask: 255.255.255.0
|
||||||
|
range_start: 192.168.1.2
|
||||||
|
range_end: 192.168.1.240
|
||||||
|
lease_duration: 86400
|
||||||
|
icmp_timeout_msec: 1000
|
||||||
|
options: []
|
||||||
|
dhcpv6:
|
||||||
|
range_start: ""
|
||||||
|
lease_duration: 86400
|
||||||
|
ra_slaac_only: false
|
||||||
|
ra_allow_slaac: false
|
||||||
|
filtering:
|
||||||
|
blocking_ipv4: ""
|
||||||
|
blocking_ipv6: ""
|
||||||
|
blocked_services:
|
||||||
|
schedule:
|
||||||
|
time_zone: America/New_York
|
||||||
|
ids: []
|
||||||
|
protection_disabled_until: null
|
||||||
|
safe_search:
|
||||||
|
enabled: false
|
||||||
|
bing: true
|
||||||
|
duckduckgo: true
|
||||||
|
ecosia: true
|
||||||
|
google: true
|
||||||
|
pixabay: true
|
||||||
|
yandex: true
|
||||||
|
youtube: true
|
||||||
|
blocking_mode: default
|
||||||
|
parental_block_host: family-block.dns.adguard.com
|
||||||
|
safebrowsing_block_host: standard-block.dns.adguard.com
|
||||||
|
rewrites: []
|
||||||
|
safe_fs_patterns:
|
||||||
|
- /opt/adguardhome/work/userfilters/*
|
||||||
|
safebrowsing_cache_size: 1048576
|
||||||
|
safesearch_cache_size: 1048576
|
||||||
|
parental_cache_size: 1048576
|
||||||
|
cache_time: 30
|
||||||
|
filters_update_interval: 24
|
||||||
|
blocked_response_ttl: 10
|
||||||
|
filtering_enabled: true
|
||||||
|
parental_enabled: false
|
||||||
|
safebrowsing_enabled: false
|
||||||
|
protection_enabled: true
|
||||||
|
clients:
|
||||||
|
runtime_sources:
|
||||||
|
whois: true
|
||||||
|
arp: true
|
||||||
|
rdns: true
|
||||||
|
dhcp: true
|
||||||
|
hosts: true
|
||||||
|
persistent: []
|
||||||
|
log:
|
||||||
|
enabled: true
|
||||||
|
file: ""
|
||||||
|
max_backups: 0
|
||||||
|
max_size: 100
|
||||||
|
max_age: 3
|
||||||
|
compress: false
|
||||||
|
local_time: false
|
||||||
|
verbose: false
|
||||||
|
os:
|
||||||
|
group: ""
|
||||||
|
user: ""
|
||||||
|
rlimit_nofile: 0
|
||||||
|
schema_version: 29
|
||||||
@@ -0,0 +1,75 @@
|
|||||||
|
<?xml version="1.0"?>
|
||||||
|
<clickhouse>
|
||||||
|
<!-- ZooKeeper is used to store metadata about replicas, when using Replicated tables.
|
||||||
|
Optional. If you don't use replicated tables, you could omit that.
|
||||||
|
|
||||||
|
See https://clickhouse.com/docs/en/engines/table-engines/mergetree-family/replication/
|
||||||
|
-->
|
||||||
|
<zookeeper>
|
||||||
|
<node index="1">
|
||||||
|
<host>zookeeper-1</host>
|
||||||
|
<port>2181</port>
|
||||||
|
</node>
|
||||||
|
<node index="2">
|
||||||
|
<host>zookeeper-2</host>
|
||||||
|
<port>2181</port>
|
||||||
|
</node>
|
||||||
|
<node index="3">
|
||||||
|
<host>zookeeper-3</host>
|
||||||
|
<port>2181</port>
|
||||||
|
</node>
|
||||||
|
</zookeeper>
|
||||||
|
|
||||||
|
<!-- Configuration of clusters that could be used in Distributed tables.
|
||||||
|
https://clickhouse.com/docs/en/operations/table_engines/distributed/
|
||||||
|
-->
|
||||||
|
<remote_servers>
|
||||||
|
<cluster>
|
||||||
|
<!-- Inter-server per-cluster secret for Distributed queries
|
||||||
|
default: no secret (no authentication will be performed)
|
||||||
|
|
||||||
|
If set, then Distributed queries will be validated on shards, so at least:
|
||||||
|
- such cluster should exist on the shard,
|
||||||
|
- such cluster should have the same secret.
|
||||||
|
|
||||||
|
And also (and which is more important), the initial_user will
|
||||||
|
be used as current user for the query.
|
||||||
|
|
||||||
|
Right now the protocol is pretty simple and it only takes into account:
|
||||||
|
- cluster name
|
||||||
|
- query
|
||||||
|
|
||||||
|
Also it will be nice if the following will be implemented:
|
||||||
|
- source hostname (see interserver_http_host), but then it will depends from DNS,
|
||||||
|
it can use IP address instead, but then the you need to get correct on the initiator node.
|
||||||
|
- target hostname / ip address (same notes as for source hostname)
|
||||||
|
- time-based security tokens
|
||||||
|
-->
|
||||||
|
<!-- <secret></secret> -->
|
||||||
|
<shard>
|
||||||
|
<!-- Optional. Whether to write data to just one of the replicas. Default: false (write data to all replicas). -->
|
||||||
|
<!-- <internal_replication>false</internal_replication> -->
|
||||||
|
<!-- Optional. Shard weight when writing data. Default: 1. -->
|
||||||
|
<!-- <weight>1</weight> -->
|
||||||
|
<replica>
|
||||||
|
<host>clickhouse</host>
|
||||||
|
<port>9000</port>
|
||||||
|
<!-- Optional. Priority of the replica for load_balancing. Default: 1 (less value has more priority). -->
|
||||||
|
<!-- <priority>1</priority> -->
|
||||||
|
</replica>
|
||||||
|
</shard>
|
||||||
|
<shard>
|
||||||
|
<replica>
|
||||||
|
<host>clickhouse-2</host>
|
||||||
|
<port>9000</port>
|
||||||
|
</replica>
|
||||||
|
</shard>
|
||||||
|
<shard>
|
||||||
|
<replica>
|
||||||
|
<host>clickhouse-3</host>
|
||||||
|
<port>9000</port>
|
||||||
|
</replica>
|
||||||
|
</shard>
|
||||||
|
</cluster>
|
||||||
|
</remote_servers>
|
||||||
|
</clickhouse>
|
||||||
@@ -0,0 +1,75 @@
|
|||||||
|
<?xml version="1.0"?>
|
||||||
|
<clickhouse>
|
||||||
|
<!-- ZooKeeper is used to store metadata about replicas, when using Replicated tables.
|
||||||
|
Optional. If you don't use replicated tables, you could omit that.
|
||||||
|
|
||||||
|
See https://clickhouse.com/docs/en/engines/table-engines/mergetree-family/replication/
|
||||||
|
-->
|
||||||
|
<zookeeper>
|
||||||
|
<node index="1">
|
||||||
|
<host>zookeeper-1</host>
|
||||||
|
<port>2181</port>
|
||||||
|
</node>
|
||||||
|
<!-- <node index="2">
|
||||||
|
<host>zookeeper-2</host>
|
||||||
|
<port>2181</port>
|
||||||
|
</node>
|
||||||
|
<node index="3">
|
||||||
|
<host>zookeeper-3</host>
|
||||||
|
<port>2181</port>
|
||||||
|
</node> -->
|
||||||
|
</zookeeper>
|
||||||
|
|
||||||
|
<!-- Configuration of clusters that could be used in Distributed tables.
|
||||||
|
https://clickhouse.com/docs/en/operations/table_engines/distributed/
|
||||||
|
-->
|
||||||
|
<remote_servers>
|
||||||
|
<cluster>
|
||||||
|
<!-- Inter-server per-cluster secret for Distributed queries
|
||||||
|
default: no secret (no authentication will be performed)
|
||||||
|
|
||||||
|
If set, then Distributed queries will be validated on shards, so at least:
|
||||||
|
- such cluster should exist on the shard,
|
||||||
|
- such cluster should have the same secret.
|
||||||
|
|
||||||
|
And also (and which is more important), the initial_user will
|
||||||
|
be used as current user for the query.
|
||||||
|
|
||||||
|
Right now the protocol is pretty simple and it only takes into account:
|
||||||
|
- cluster name
|
||||||
|
- query
|
||||||
|
|
||||||
|
Also it will be nice if the following will be implemented:
|
||||||
|
- source hostname (see interserver_http_host), but then it will depends from DNS,
|
||||||
|
it can use IP address instead, but then the you need to get correct on the initiator node.
|
||||||
|
- target hostname / ip address (same notes as for source hostname)
|
||||||
|
- time-based security tokens
|
||||||
|
-->
|
||||||
|
<!-- <secret></secret> -->
|
||||||
|
<shard>
|
||||||
|
<!-- Optional. Whether to write data to just one of the replicas. Default: false (write data to all replicas). -->
|
||||||
|
<!-- <internal_replication>false</internal_replication> -->
|
||||||
|
<!-- Optional. Shard weight when writing data. Default: 1. -->
|
||||||
|
<!-- <weight>1</weight> -->
|
||||||
|
<replica>
|
||||||
|
<host>clickhouse</host>
|
||||||
|
<port>9000</port>
|
||||||
|
<!-- Optional. Priority of the replica for load_balancing. Default: 1 (less value has more priority). -->
|
||||||
|
<!-- <priority>1</priority> -->
|
||||||
|
</replica>
|
||||||
|
</shard>
|
||||||
|
<!-- <shard>
|
||||||
|
<replica>
|
||||||
|
<host>clickhouse-2</host>
|
||||||
|
<port>9000</port>
|
||||||
|
</replica>
|
||||||
|
</shard>
|
||||||
|
<shard>
|
||||||
|
<replica>
|
||||||
|
<host>clickhouse-3</host>
|
||||||
|
<port>9000</port>
|
||||||
|
</replica>
|
||||||
|
</shard> -->
|
||||||
|
</cluster>
|
||||||
|
</remote_servers>
|
||||||
|
</clickhouse>
|
||||||
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,21 @@
|
|||||||
|
<functions>
|
||||||
|
<function>
|
||||||
|
<type>executable</type>
|
||||||
|
<name>histogramQuantile</name>
|
||||||
|
<return_type>Float64</return_type>
|
||||||
|
<argument>
|
||||||
|
<type>Array(Float64)</type>
|
||||||
|
<name>buckets</name>
|
||||||
|
</argument>
|
||||||
|
<argument>
|
||||||
|
<type>Array(Float64)</type>
|
||||||
|
<name>counts</name>
|
||||||
|
</argument>
|
||||||
|
<argument>
|
||||||
|
<type>Float64</type>
|
||||||
|
<name>quantile</name>
|
||||||
|
</argument>
|
||||||
|
<format>CSV</format>
|
||||||
|
<command>./histogramQuantile</command>
|
||||||
|
</function>
|
||||||
|
</functions>
|
||||||
@@ -0,0 +1,41 @@
|
|||||||
|
<?xml version="1.0"?>
|
||||||
|
<clickhouse>
|
||||||
|
<storage_configuration>
|
||||||
|
<disks>
|
||||||
|
<default>
|
||||||
|
<keep_free_space_bytes>10485760</keep_free_space_bytes>
|
||||||
|
</default>
|
||||||
|
<s3>
|
||||||
|
<type>s3</type>
|
||||||
|
<!-- For S3 cold storage,
|
||||||
|
if region is us-east-1, endpoint can be https://<bucket-name>.s3.amazonaws.com
|
||||||
|
if region is not us-east-1, endpoint should be https://<bucket-name>.s3-<region>.amazonaws.com
|
||||||
|
For GCS cold storage,
|
||||||
|
endpoint should be https://storage.googleapis.com/<bucket-name>/data/
|
||||||
|
-->
|
||||||
|
<endpoint>https://BUCKET-NAME.s3-REGION-NAME.amazonaws.com/data/</endpoint>
|
||||||
|
<access_key_id>ACCESS-KEY-ID</access_key_id>
|
||||||
|
<secret_access_key>SECRET-ACCESS-KEY</secret_access_key>
|
||||||
|
<!-- In case of S3, uncomment the below configuration in case you want to read
|
||||||
|
AWS credentials from the Environment variables if they exist. -->
|
||||||
|
<!-- <use_environment_credentials>true</use_environment_credentials> -->
|
||||||
|
<!-- In case of GCS, uncomment the below configuration, since GCS does
|
||||||
|
not support batch deletion and result in error messages in logs. -->
|
||||||
|
<!-- <support_batch_delete>false</support_batch_delete> -->
|
||||||
|
</s3>
|
||||||
|
</disks>
|
||||||
|
<policies>
|
||||||
|
<tiered>
|
||||||
|
<volumes>
|
||||||
|
<default>
|
||||||
|
<disk>default</disk>
|
||||||
|
</default>
|
||||||
|
<s3>
|
||||||
|
<disk>s3</disk>
|
||||||
|
<perform_ttl_move_on_insert>0</perform_ttl_move_on_insert>
|
||||||
|
</s3>
|
||||||
|
</volumes>
|
||||||
|
</tiered>
|
||||||
|
</policies>
|
||||||
|
</storage_configuration>
|
||||||
|
</clickhouse>
|
||||||
@@ -0,0 +1,123 @@
|
|||||||
|
<?xml version="1.0"?>
|
||||||
|
<clickhouse>
|
||||||
|
<!-- See also the files in users.d directory where the settings can be overridden. -->
|
||||||
|
|
||||||
|
<!-- Profiles of settings. -->
|
||||||
|
<profiles>
|
||||||
|
<!-- Default settings. -->
|
||||||
|
<default>
|
||||||
|
<!-- Maximum memory usage for processing single query, in bytes. -->
|
||||||
|
<max_memory_usage>10000000000</max_memory_usage>
|
||||||
|
|
||||||
|
<!-- How to choose between replicas during distributed query processing.
|
||||||
|
random - choose random replica from set of replicas with minimum number of errors
|
||||||
|
nearest_hostname - from set of replicas with minimum number of errors, choose replica
|
||||||
|
with minimum number of different symbols between replica's hostname and local hostname
|
||||||
|
(Hamming distance).
|
||||||
|
in_order - first live replica is chosen in specified order.
|
||||||
|
first_or_random - if first replica one has higher number of errors, pick a random one from replicas with minimum number of errors.
|
||||||
|
-->
|
||||||
|
<load_balancing>random</load_balancing>
|
||||||
|
</default>
|
||||||
|
|
||||||
|
<!-- Profile that allows only read queries. -->
|
||||||
|
<readonly>
|
||||||
|
<readonly>1</readonly>
|
||||||
|
</readonly>
|
||||||
|
</profiles>
|
||||||
|
|
||||||
|
<!-- Users and ACL. -->
|
||||||
|
<users>
|
||||||
|
<!-- If user name was not specified, 'default' user is used. -->
|
||||||
|
<default>
|
||||||
|
<!-- See also the files in users.d directory where the password can be overridden.
|
||||||
|
|
||||||
|
Password could be specified in plaintext or in SHA256 (in hex format).
|
||||||
|
|
||||||
|
If you want to specify password in plaintext (not recommended), place it in 'password' element.
|
||||||
|
Example: <password>qwerty</password>.
|
||||||
|
Password could be empty.
|
||||||
|
|
||||||
|
If you want to specify SHA256, place it in 'password_sha256_hex' element.
|
||||||
|
Example: <password_sha256_hex>65e84be33532fb784c48129675f9eff3a682b27168c0ea744b2cf58ee02337c5</password_sha256_hex>
|
||||||
|
Restrictions of SHA256: impossibility to connect to ClickHouse using MySQL JS client (as of July 2019).
|
||||||
|
|
||||||
|
If you want to specify double SHA1, place it in 'password_double_sha1_hex' element.
|
||||||
|
Example: <password_double_sha1_hex>e395796d6546b1b65db9d665cd43f0e858dd4303</password_double_sha1_hex>
|
||||||
|
|
||||||
|
If you want to specify a previously defined LDAP server (see 'ldap_servers' in the main config) for authentication,
|
||||||
|
place its name in 'server' element inside 'ldap' element.
|
||||||
|
Example: <ldap><server>my_ldap_server</server></ldap>
|
||||||
|
|
||||||
|
If you want to authenticate the user via Kerberos (assuming Kerberos is enabled, see 'kerberos' in the main config),
|
||||||
|
place 'kerberos' element instead of 'password' (and similar) elements.
|
||||||
|
The name part of the canonical principal name of the initiator must match the user name for authentication to succeed.
|
||||||
|
You can also place 'realm' element inside 'kerberos' element to further restrict authentication to only those requests
|
||||||
|
whose initiator's realm matches it.
|
||||||
|
Example: <kerberos />
|
||||||
|
Example: <kerberos><realm>EXAMPLE.COM</realm></kerberos>
|
||||||
|
|
||||||
|
How to generate decent password:
|
||||||
|
Execute: PASSWORD=$(base64 < /dev/urandom | head -c8); echo "$PASSWORD"; echo -n "$PASSWORD" | sha256sum | tr -d '-'
|
||||||
|
In first line will be password and in second - corresponding SHA256.
|
||||||
|
|
||||||
|
How to generate double SHA1:
|
||||||
|
Execute: PASSWORD=$(base64 < /dev/urandom | head -c8); echo "$PASSWORD"; echo -n "$PASSWORD" | sha1sum | tr -d '-' | xxd -r -p | sha1sum | tr -d '-'
|
||||||
|
In first line will be password and in second - corresponding double SHA1.
|
||||||
|
-->
|
||||||
|
<password></password>
|
||||||
|
|
||||||
|
<!-- List of networks with open access.
|
||||||
|
|
||||||
|
To open access from everywhere, specify:
|
||||||
|
<ip>::/0</ip>
|
||||||
|
|
||||||
|
To open access only from localhost, specify:
|
||||||
|
<ip>::1</ip>
|
||||||
|
<ip>127.0.0.1</ip>
|
||||||
|
|
||||||
|
Each element of list has one of the following forms:
|
||||||
|
<ip> IP-address or network mask. Examples: 213.180.204.3 or 10.0.0.1/8 or 10.0.0.1/255.255.255.0
|
||||||
|
2a02:6b8::3 or 2a02:6b8::3/64 or 2a02:6b8::3/ffff:ffff:ffff:ffff::.
|
||||||
|
<host> Hostname. Example: server01.clickhouse.com.
|
||||||
|
To check access, DNS query is performed, and all received addresses compared to peer address.
|
||||||
|
<host_regexp> Regular expression for host names. Example, ^server\d\d-\d\d-\d\.clickhouse\.com$
|
||||||
|
To check access, DNS PTR query is performed for peer address and then regexp is applied.
|
||||||
|
Then, for result of PTR query, another DNS query is performed and all received addresses compared to peer address.
|
||||||
|
Strongly recommended that regexp is ends with $
|
||||||
|
All results of DNS requests are cached till server restart.
|
||||||
|
-->
|
||||||
|
<networks>
|
||||||
|
<ip>::/0</ip>
|
||||||
|
</networks>
|
||||||
|
|
||||||
|
<!-- Settings profile for user. -->
|
||||||
|
<profile>default</profile>
|
||||||
|
|
||||||
|
<!-- Quota for user. -->
|
||||||
|
<quota>default</quota>
|
||||||
|
|
||||||
|
<!-- User can create other users and grant rights to them. -->
|
||||||
|
<!-- <access_management>1</access_management> -->
|
||||||
|
</default>
|
||||||
|
</users>
|
||||||
|
|
||||||
|
<!-- Quotas. -->
|
||||||
|
<quotas>
|
||||||
|
<!-- Name of quota. -->
|
||||||
|
<default>
|
||||||
|
<!-- Limits for time interval. You could specify many intervals with different limits. -->
|
||||||
|
<interval>
|
||||||
|
<!-- Length of interval. -->
|
||||||
|
<duration>3600</duration>
|
||||||
|
|
||||||
|
<!-- No limits. Just calculate resource usage for time interval. -->
|
||||||
|
<queries>0</queries>
|
||||||
|
<errors>0</errors>
|
||||||
|
<result_rows>0</result_rows>
|
||||||
|
<read_rows>0</read_rows>
|
||||||
|
<execution_time>0</execution_time>
|
||||||
|
</interval>
|
||||||
|
</default>
|
||||||
|
</quotas>
|
||||||
|
</clickhouse>
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
server_endpoint: ws://signoz:4320/v1/opamp
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
server_endpoint: ws://signoz:4320/v1/opamp
|
||||||
@@ -0,0 +1,25 @@
|
|||||||
|
# my global config
|
||||||
|
global:
|
||||||
|
scrape_interval: 5s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
|
||||||
|
evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
|
||||||
|
# scrape_timeout is set to the global default (10s).
|
||||||
|
|
||||||
|
# Alertmanager configuration
|
||||||
|
alerting:
|
||||||
|
alertmanagers:
|
||||||
|
- static_configs:
|
||||||
|
- targets:
|
||||||
|
- alertmanager:9093
|
||||||
|
|
||||||
|
# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
|
||||||
|
rule_files: []
|
||||||
|
# - "first_rules.yml"
|
||||||
|
# - "second_rules.yml"
|
||||||
|
# - 'alerts.yml'
|
||||||
|
|
||||||
|
# A scrape configuration containing exactly one endpoint to scrape:
|
||||||
|
# Here it's Prometheus itself.
|
||||||
|
scrape_configs: []
|
||||||
|
|
||||||
|
remote_read:
|
||||||
|
- url: tcp://clickhouse:9000/signoz_metrics
|
||||||
+71
-201
@@ -21,65 +21,6 @@ x-app-common: &jitsi_admin_app
|
|||||||
PHP_INI_MEMORY_LIMIT: "1G"
|
PHP_INI_MEMORY_LIMIT: "1G"
|
||||||
PHP_EXTENSION_LDAP: 1
|
PHP_EXTENSION_LDAP: 1
|
||||||
PHP_EXTENSION_INTL: 1
|
PHP_EXTENSION_INTL: 1
|
||||||
x-shared:
|
|
||||||
zammad-service: &zammad-service
|
|
||||||
environment: &zammad-environment
|
|
||||||
MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS:-zammad-memcached:11211}
|
|
||||||
POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB:-zammad_production}
|
|
||||||
POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST:-zammad-postgresql}
|
|
||||||
POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER:-zammad}
|
|
||||||
POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS:-zammad}
|
|
||||||
POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT:-5432}
|
|
||||||
POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS:-?pool=50}
|
|
||||||
POSTGRESQL_DB_CREATE:
|
|
||||||
REDIS_URL: ${ZAMMAD_REDIS_URL:-redis://zammad-redis:6379}
|
|
||||||
S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad-storage-bucket?region=us-east-fh-pln&force_path_style=true
|
|
||||||
# Backup settings
|
|
||||||
BACKUP_DIR: "${BACKUP_DIR:-/var/tmp/zammad}"
|
|
||||||
BACKUP_TIME: "${BACKUP_TIME:-03:00}"
|
|
||||||
HOLD_DAYS: "${HOLD_DAYS:-7}"
|
|
||||||
TZ: "${TZ:-Europe/Berlin}"
|
|
||||||
# Allow passing in these variables via .env:
|
|
||||||
AUTOWIZARD_JSON:
|
|
||||||
AUTOWIZARD_RELATIVE_PATH:
|
|
||||||
ELASTICSEARCH_ENABLED: false
|
|
||||||
ELASTICSEARCH_SCHEMA:
|
|
||||||
ELASTICSEARCH_HOST:
|
|
||||||
ELASTICSEARCH_PORT:
|
|
||||||
ELASTICSEARCH_USER: ${ELASTICSEARCH_USER:-elastic}
|
|
||||||
ELASTICSEARCH_PASS: ${ELASTICSEARCH_PASS:-zammad}
|
|
||||||
ELASTICSEARCH_NAMESPACE:
|
|
||||||
ELASTICSEARCH_REINDEX:
|
|
||||||
NGINX_PORT:
|
|
||||||
NGINX_EXPOSE_PORT: 15257
|
|
||||||
NGINX_CLIENT_MAX_BODY_SIZE:
|
|
||||||
NGINX_SERVER_NAME:
|
|
||||||
NGINX_SERVER_SCHEME:
|
|
||||||
RAILS_TRUSTED_PROXIES: 172.18.0.0/16
|
|
||||||
ZAMMAD_HTTP_TYPE:
|
|
||||||
ZAMMAD_FQDN:
|
|
||||||
ZAMMAD_WEB_CONCURRENCY:
|
|
||||||
ZAMMAD_PROCESS_SESSIONS_JOBS_WORKERS:
|
|
||||||
ZAMMAD_PROCESS_SCHEDULED_JOBS_WORKERS:
|
|
||||||
ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS:
|
|
||||||
# ZAMMAD_SESSION_JOBS_CONCURRENT is deprecated, please use ZAMMAD_PROCESS_SESSIONS_JOBS_WORKERS instead.
|
|
||||||
ZAMMAD_SESSION_JOBS_CONCURRENT:
|
|
||||||
# Variables used by ngingx-proxy container for reverse proxy creations
|
|
||||||
# for docs refer to https://github.com/nginx-proxy/nginx-proxy
|
|
||||||
VIRTUAL_HOST:
|
|
||||||
VIRTUAL_PORT:
|
|
||||||
# Variables used by acme-companion for retrieval of LetsEncrypt certificate
|
|
||||||
# for docs refer to https://github.com/nginx-proxy/acme-companion
|
|
||||||
LETSENCRYPT_HOST:
|
|
||||||
LETSENCRYPT_EMAIL:
|
|
||||||
image: ${IMAGE_REPO:-ghcr.io/zammad/zammad}:${VERSION:-6.5.0-15}
|
|
||||||
restart: ${RESTART:-always}
|
|
||||||
volumes:
|
|
||||||
- zammad-storage:/opt/zammad/storage
|
|
||||||
depends_on:
|
|
||||||
- zammad-memcached
|
|
||||||
- zammad-postgresql
|
|
||||||
- zammad-redis
|
|
||||||
x-maxun: &maxun-env
|
x-maxun: &maxun-env
|
||||||
environment:
|
environment:
|
||||||
NODE_ENV: production
|
NODE_ENV: production
|
||||||
@@ -101,9 +42,9 @@ x-maxun: &maxun-env
|
|||||||
BACKEND_PORT: 8080
|
BACKEND_PORT: 8080
|
||||||
FRONTEND_PORT: 5173
|
FRONTEND_PORT: 5173
|
||||||
BACKEND_URL: http://maxun-backend:8080
|
BACKEND_URL: http://maxun-backend:8080
|
||||||
PUBLIC_URL: http://maxun-frontend:5173
|
PUBLIC_URL: https://scrape.trez.wtf
|
||||||
VITE_BACKEND_URL: http://maxun-backend:8080
|
VITE_BACKEND_URL: http://maxun-backend:8080
|
||||||
VITE_PUBLIC_URL: http://maxun-frontend:5173
|
VITE_PUBLIC_URL: https://scrape.trez.wtf
|
||||||
MAXUN_TELEMETRY: true
|
MAXUN_TELEMETRY: true
|
||||||
PLAYWRIGHT_BROWSERS_PATH: /ms-playwright
|
PLAYWRIGHT_BROWSERS_PATH: /ms-playwright
|
||||||
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 0
|
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 0
|
||||||
@@ -138,6 +79,8 @@ services:
|
|||||||
volumes:
|
volumes:
|
||||||
- ${DOCKER_VOLUME_CONFIG}/actual-budget:/data
|
- ${DOCKER_VOLUME_CONFIG}/actual-budget:/data
|
||||||
adguard:
|
adguard:
|
||||||
|
cap_add:
|
||||||
|
- NET_BIND_SERVICE
|
||||||
container_name: adguard
|
container_name: adguard
|
||||||
environment:
|
environment:
|
||||||
TZ: ${TZ}
|
TZ: ${TZ}
|
||||||
@@ -145,6 +88,8 @@ services:
|
|||||||
labels:
|
labels:
|
||||||
swag: enable
|
swag: enable
|
||||||
swag_proto: http
|
swag_proto: http
|
||||||
|
swag_port: 8008
|
||||||
|
swag_address: 192.168.1.254
|
||||||
swag_url: adgh.${MY_TLD}
|
swag_url: adgh.${MY_TLD}
|
||||||
homepage.group: System Administration
|
homepage.group: System Administration
|
||||||
homepage.name: AdGuard Home
|
homepage.name: AdGuard Home
|
||||||
@@ -152,18 +97,19 @@ services:
|
|||||||
homepage.href: https://adgh.${MY_TLD}
|
homepage.href: https://adgh.${MY_TLD}
|
||||||
homepage.description: Ad-blocking/DNS
|
homepage.description: Ad-blocking/DNS
|
||||||
homepage.widget.type: adguard
|
homepage.widget.type: adguard
|
||||||
homepage.widget.url: http://adguard:80
|
homepage.widget.url: http://192.168.1.254:8008
|
||||||
homepage.widget.username: admin
|
homepage.widget.username: admin
|
||||||
homepage.widget.password: ${ADGUARD_PASSWORD}
|
homepage.widget.password: ${ADGUARD_PASSWORD}
|
||||||
ports:
|
network_mode: host
|
||||||
- "192.168.1.254:53:53/udp"
|
# ports:
|
||||||
- "192.168.1.254:53:53/tcp"
|
# - "192.168.1.254:53:53/udp"
|
||||||
- 3001:3000
|
# - "192.168.1.254:53:53/tcp"
|
||||||
- "192.168.1.254:446:443/tcp"
|
# - 3001:3000
|
||||||
- 8008:80
|
# - "192.168.1.254:446:443/tcp"
|
||||||
- "192.168.1.254:853:853/tcp"
|
# - 8008:80
|
||||||
- 67:67
|
# - "192.168.1.254:853:853/tcp"
|
||||||
- 688:68
|
# - 67:67
|
||||||
|
# - 688:68
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
user: 1000:1000
|
user: 1000:1000
|
||||||
volumes:
|
volumes:
|
||||||
@@ -1204,6 +1150,53 @@ services:
|
|||||||
source: /rinoa-storage
|
source: /rinoa-storage
|
||||||
target: /storage
|
target: /storage
|
||||||
type: bind
|
type: bind
|
||||||
|
freescout:
|
||||||
|
container_name: freescout
|
||||||
|
depends_on:
|
||||||
|
mariadb:
|
||||||
|
condition: service_started
|
||||||
|
required: true
|
||||||
|
environment:
|
||||||
|
ADMIN_EMAIL: it-services@${MY_TLD}
|
||||||
|
ADMIN_FIRST_NAME: Treasured
|
||||||
|
ADMIN_LAST_NAME: IT
|
||||||
|
ADMIN_PASS: ${FREESCOUT_ADMIN_PASS}
|
||||||
|
APP_TRUSTED_PROXIES: 172.18.0.0/16,192.168.1.0/24
|
||||||
|
DB_TYPE: mysql
|
||||||
|
DB_HOST: mariadb
|
||||||
|
DB_PORT: 3306
|
||||||
|
DB_NAME: freescout
|
||||||
|
DB_USER: freescout
|
||||||
|
DB_PASS: ${FREESCOUT_DB_PASS}
|
||||||
|
DB_SSL: FALSE
|
||||||
|
DISPLAY_ERRORS: TRUE
|
||||||
|
ENABLE_AUTO_UPDATE: TRUE
|
||||||
|
SETUP_TYPE: AUTO
|
||||||
|
SITE_URL: https://support.${MY_TLD}
|
||||||
|
SKIP_STORAGE_PERMISSIONS: FALSE
|
||||||
|
TIMEZONE: ${TZ}
|
||||||
|
image: tiredofit/freescout:latest
|
||||||
|
labels:
|
||||||
|
homepage.group: Lifestyle
|
||||||
|
homepage.name: FreeScout
|
||||||
|
homepage.icon: sh-freescout.svg
|
||||||
|
homepage.href: https://support.${MY_TLD}
|
||||||
|
homepage.description: Lightweight help desk and shared inbox
|
||||||
|
swag: enable
|
||||||
|
swag_proto: http
|
||||||
|
swag_url: support.${MY_TLD}
|
||||||
|
swag.uptime-kuma.enabled: true
|
||||||
|
swag.uptime-kuma.monitor.url: https://support.${MY_TLD}
|
||||||
|
swag.uptime-kuma.monitor.interval: 300
|
||||||
|
ports:
|
||||||
|
- 59095:80
|
||||||
|
restart: unless-stopped
|
||||||
|
volumes:
|
||||||
|
- ${DOCKER_VOLUME_CONFIG}/freescout/assets/modules:/assets/modules
|
||||||
|
- ${DOCKER_VOLUME_CONFIG}/freescout/assets/custom:/assets/custom
|
||||||
|
- ${DOCKER_VOLUME_CONFIG}/freescout/assets/custom-scripts:/assets/custom-scripts
|
||||||
|
- ${DOCKER_VOLUME_CONFIG}/freescout/data:/www/html
|
||||||
|
- ${DOCKER_VOLUME_CONFIG}/freescout/logs/:/www/logs
|
||||||
ghost:
|
ghost:
|
||||||
container_name: ghost_blog
|
container_name: ghost_blog
|
||||||
depends_on:
|
depends_on:
|
||||||
@@ -1336,7 +1329,7 @@ services:
|
|||||||
environment:
|
environment:
|
||||||
CONFIG_FILE: /config.yaml
|
CONFIG_FILE: /config.yaml
|
||||||
DOCKER_HOST: tcp://dockerproxy:2375
|
DOCKER_HOST: tcp://dockerproxy:2375
|
||||||
GITEA_INSTANCE_URL: https://git.trez.wtf
|
GITEA_INSTANCE_URL: http://gitea:3000
|
||||||
GITEA_RUNNER_REGISTRATION_TOKEN: "${GITEA_RUNNER_REGISTRATION_TOKEN}"
|
GITEA_RUNNER_REGISTRATION_TOKEN: "${GITEA_RUNNER_REGISTRATION_TOKEN}"
|
||||||
GITEA_RUNNER_NAME: "gitea-runner-1"
|
GITEA_RUNNER_NAME: "gitea-runner-1"
|
||||||
image: gitea/act_runner:latest
|
image: gitea/act_runner:latest
|
||||||
@@ -1633,7 +1626,7 @@ services:
|
|||||||
swag_proto: http
|
swag_proto: http
|
||||||
swag_port: 2283
|
swag_port: 2283
|
||||||
swag_url: pics.${MY_TLD}
|
swag_url: pics.${MY_TLD}
|
||||||
|
swag_server_custom_directive:
|
||||||
location /share {
|
location /share {
|
||||||
proxy_pass http://immich-public-proxy:3000;
|
proxy_pass http://immich-public-proxy:3000;
|
||||||
}
|
}
|
||||||
@@ -2691,6 +2684,8 @@ services:
|
|||||||
container_name: librechat-rag-api
|
container_name: librechat-rag-api
|
||||||
depends_on:
|
depends_on:
|
||||||
- librechat-vectordb
|
- librechat-vectordb
|
||||||
|
# env_file:
|
||||||
|
# - ${DOCKER_VOLUME_CONFIG}/librechat/librechat.env
|
||||||
environment:
|
environment:
|
||||||
DB_HOST: librechat-vectordb
|
DB_HOST: librechat-vectordb
|
||||||
OPENAI_API_KEY: ${LIBRECHAT_OPENAI_API_KEY}
|
OPENAI_API_KEY: ${LIBRECHAT_OPENAI_API_KEY}
|
||||||
@@ -2703,8 +2698,6 @@ services:
|
|||||||
RAG_PORT: 8000
|
RAG_PORT: 8000
|
||||||
image: ghcr.io/danny-avila/librechat-rag-api-dev-lite:latest
|
image: ghcr.io/danny-avila/librechat-rag-api-dev-lite:latest
|
||||||
restart: always
|
restart: always
|
||||||
# env_file:
|
|
||||||
# - ${DOCKER_VOLUME_CONFIG}/librechat/librechat.env
|
|
||||||
libretranslate:
|
libretranslate:
|
||||||
container_name: libretranslate
|
container_name: libretranslate
|
||||||
# command: --ssl --ga-id MY-GA-ID --req-limit 100 --char-limit 500
|
# command: --ssl --ga-id MY-GA-ID --req-limit 100 --char-limit 500
|
||||||
@@ -3119,7 +3112,7 @@ services:
|
|||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
maxun-pg-db:
|
maxun-pg-db:
|
||||||
container_name: maxun-pg-db
|
container_name: maxun-pg-db
|
||||||
image: postgres:17-alpine
|
image: postgres:13-alpine
|
||||||
environment:
|
environment:
|
||||||
POSTGRES_USER: maxun
|
POSTGRES_USER: maxun
|
||||||
POSTGRES_PASSWORD: ${MAXUN_DB_PASSWORD}
|
POSTGRES_PASSWORD: ${MAXUN_DB_PASSWORD}
|
||||||
@@ -3127,7 +3120,7 @@ services:
|
|||||||
expose:
|
expose:
|
||||||
- 5432
|
- 5432
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD-SHELL", "pg_isready -U postgres"]
|
test: ["CMD-SHELL", "pg_isready -U maxun"]
|
||||||
interval: 10s
|
interval: 10s
|
||||||
timeout: 5s
|
timeout: 5s
|
||||||
retries: 5
|
retries: 5
|
||||||
@@ -5071,12 +5064,6 @@ services:
|
|||||||
swag_proto: http
|
swag_proto: http
|
||||||
swag_url: scan.${MY_TLD}
|
swag_url: scan.${MY_TLD}
|
||||||
swag_port: 3000
|
swag_port: 3000
|
||||||
swag_server_custom_directive: |
|
|
||||||
include /config/nginx/sablier-server.conf;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
proxy_pass http://immich-public-proxy:3000;
|
|
||||||
}
|
|
||||||
swag.uptime-kuma.enabled: true
|
swag.uptime-kuma.enabled: true
|
||||||
swag.uptime-kuma.monitor.url: https://scan.${MY_TLD}
|
swag.uptime-kuma.monitor.url: https://scan.${MY_TLD}
|
||||||
swag.uptime-kuma.monitor.interval: 300
|
swag.uptime-kuma.monitor.interval: 300
|
||||||
@@ -5231,95 +5218,6 @@ services:
|
|||||||
source: /rinoa-storage
|
source: /rinoa-storage
|
||||||
target: /storage
|
target: /storage
|
||||||
type: bind
|
type: bind
|
||||||
zammad-backup:
|
|
||||||
<<: *zammad-service
|
|
||||||
container_name: zammad-backup
|
|
||||||
command: ["zammad-backup"]
|
|
||||||
volumes:
|
|
||||||
- zammad-backup:/var/tmp/zammad
|
|
||||||
- zammad-storage:/opt/zammad/storage:ro
|
|
||||||
user: 0:0
|
|
||||||
zammad-elasticsearch:
|
|
||||||
container_name: zammad-elasticsearch
|
|
||||||
image: bitnami/elasticsearch:${ELASTICSEARCH_VERSION:-8.17.4}
|
|
||||||
restart: ${RESTART:-always}
|
|
||||||
profiles:
|
|
||||||
- do-not-start
|
|
||||||
volumes:
|
|
||||||
- zammad-elasticsearch-data:/bitnami/elasticsearch/data
|
|
||||||
environment:
|
|
||||||
# Enable authorization without HTTPS. For external access with
|
|
||||||
# SSL termination, use solutions like nginx-proxy-manager.
|
|
||||||
ELASTICSEARCH_ENABLE_SECURITY: 'true'
|
|
||||||
ELASTICSEARCH_SKIP_TRANSPORT_TLS: 'true'
|
|
||||||
ELASTICSEARCH_ENABLE_REST_TLS: 'false'
|
|
||||||
# ELASTICSEARCH_USER is hardcoded to 'elastic' in the container.
|
|
||||||
ELASTICSEARCH_PASSWORD: ${ELASTICSEARCH_PASS:-zammad}
|
|
||||||
zammad-init:
|
|
||||||
<<: *zammad-service
|
|
||||||
container_name: zammad-init
|
|
||||||
command: ["zammad-init"]
|
|
||||||
depends_on:
|
|
||||||
- zammad-postgresql
|
|
||||||
restart: on-failure
|
|
||||||
user: 0:0
|
|
||||||
zammad-memcached:
|
|
||||||
container_name: zammad-memcached
|
|
||||||
command: memcached -m 256M
|
|
||||||
image: memcached:${MEMCACHE_VERSION:-1.6.38-alpine}
|
|
||||||
restart: ${RESTART:-always}
|
|
||||||
zammad-nginx:
|
|
||||||
<<: *zammad-service
|
|
||||||
container_name: zammad-nginx
|
|
||||||
command: ["zammad-nginx"]
|
|
||||||
expose:
|
|
||||||
- 8080
|
|
||||||
ports:
|
|
||||||
- 15257:8080
|
|
||||||
labels:
|
|
||||||
swag: enable
|
|
||||||
swag_proto: http
|
|
||||||
swag_port: 8080
|
|
||||||
swag_url: support.${MY_TLD}
|
|
||||||
swag.uptime-kuma.enabled: true
|
|
||||||
swag.uptime-kuma.monitor.url: https://support.${MY_TLD}
|
|
||||||
homepage.group: Personal/Professional Services
|
|
||||||
homepage.name: Zammad
|
|
||||||
homepage.href: https://support.${MY_TLD}
|
|
||||||
homepage.icon: zammad.svg
|
|
||||||
homepage.description: Open-source helpdesk/customer support system
|
|
||||||
depends_on:
|
|
||||||
- zammad-railsserver
|
|
||||||
zammad-postgresql:
|
|
||||||
container_name: zammad-postgresql
|
|
||||||
environment:
|
|
||||||
POSTGRES_DB: ${ZAMMAD_POSTGRES_DB:-zammad_production}
|
|
||||||
POSTGRES_USER: ${ZAMMAD_POSTGRES_USER:-zammad}
|
|
||||||
POSTGRES_PASSWORD: ${ZAMMAD_POSTGRES_PASS:-zammad}
|
|
||||||
image: postgres:${ZAMMAD_POSTGRES_VERSION:-17.4-alpine}
|
|
||||||
restart: ${RESTART:-always}
|
|
||||||
volumes:
|
|
||||||
- zammad-postgresql-data:/var/lib/postgresql/data
|
|
||||||
zammad-railsserver:
|
|
||||||
<<: *zammad-service
|
|
||||||
container_name: zammad-railsserver
|
|
||||||
command: ["zammad-railsserver"]
|
|
||||||
expose:
|
|
||||||
- 3000
|
|
||||||
zammad-redis:
|
|
||||||
container_name: zammad-redis
|
|
||||||
image: redis:${REDIS_VERSION:-7.4.2-alpine}
|
|
||||||
restart: ${RESTART:-always}
|
|
||||||
volumes:
|
|
||||||
- zammad-redis-data:/data
|
|
||||||
zammad-scheduler:
|
|
||||||
<<: *zammad-service
|
|
||||||
container_name: zammad-scheduler
|
|
||||||
command: ["zammad-scheduler"]
|
|
||||||
zammad-websocket:
|
|
||||||
<<: *zammad-service
|
|
||||||
container_name: zammad-websocket
|
|
||||||
command: ["zammad-websocket"]
|
|
||||||
volumes:
|
volumes:
|
||||||
authelia-pg-db:
|
authelia-pg-db:
|
||||||
name: authelia-pg-db
|
name: authelia-pg-db
|
||||||
@@ -5347,18 +5245,6 @@ volumes:
|
|||||||
name: graylog-data
|
name: graylog-data
|
||||||
graylog-datanode:
|
graylog-datanode:
|
||||||
name: graylog-datanode
|
name: graylog-datanode
|
||||||
hortusfox_app_backup:
|
|
||||||
name: hortusfox_app_backup
|
|
||||||
hortusfox_app_images:
|
|
||||||
name: hortusfox_app_images
|
|
||||||
hortusfox_app_logs:
|
|
||||||
name: hortusfox_app_logs
|
|
||||||
hortusfox_app_migrate:
|
|
||||||
name: hortusfox_app_migrate
|
|
||||||
hortusfox_app_themes:
|
|
||||||
name: hortusfox_app_themes
|
|
||||||
hortusfox_db_data:
|
|
||||||
name: hortusfox_db_data
|
|
||||||
immich-model-cache:
|
immich-model-cache:
|
||||||
name: immich-model-cache
|
name: immich-model-cache
|
||||||
influxdb2-data:
|
influxdb2-data:
|
||||||
@@ -5401,12 +5287,6 @@ volumes:
|
|||||||
name: mongodb_data
|
name: mongodb_data
|
||||||
n8n-data:
|
n8n-data:
|
||||||
name: n8n-data
|
name: n8n-data
|
||||||
netbird-mgmt:
|
|
||||||
name: netbird-mgmt
|
|
||||||
netbird-signal:
|
|
||||||
name: netbird-signal
|
|
||||||
netbird-letsencrypt:
|
|
||||||
name: netbird-letsencrypt
|
|
||||||
nextcloud_aio_mastercontainer:
|
nextcloud_aio_mastercontainer:
|
||||||
name: nextcloud_aio_mastercontainer
|
name: nextcloud_aio_mastercontainer
|
||||||
ollama:
|
ollama:
|
||||||
@@ -5452,14 +5332,4 @@ volumes:
|
|||||||
wallos-db:
|
wallos-db:
|
||||||
name: wallos-db
|
name: wallos-db
|
||||||
wallos-logos:
|
wallos-logos:
|
||||||
name: wallos-logos
|
name: wallos-logos
|
||||||
zammad-backup:
|
|
||||||
name: zammad-backup
|
|
||||||
zammad-storage:
|
|
||||||
name: zammad-storage
|
|
||||||
zammad-elasticsearch-data:
|
|
||||||
name: zammad-elasticsearch-data
|
|
||||||
zammad-postgresql-data:
|
|
||||||
name: zammad-postgresql-data
|
|
||||||
zammad-redis-data:
|
|
||||||
name: zammad-redis-data
|
|
||||||
Reference in New Issue
Block a user