Initial commit

This commit is contained in:
fanyx 2023-03-09 22:10:22 +01:00
commit 60dfcfcb8a
21 changed files with 536 additions and 0 deletions

53
akkoma/compose.yaml Normal file
View File

@ -0,0 +1,53 @@
services:
db:
image: postgres:14.5-alpine
container_name: akkoma_db
restart: unless-stopped
networks:
- backend
env_file: .env-db
environment:
POSTGRES_USER: akkoma
POSTGRES_DB: akkoma
# POSTGRES_PASSWORD:
volumes:
- /var/docker/akkoma/postgres:/var/lib/postgresql/data
configs:
- source: postgresql
target: /etc/postgres/postgresql.conf
mode: 0400
web:
image: docker.fanyx.xyz/akkoma:stable-2023-02
container_name: akkoma_web
restart: unless-stopped
depends_on:
- db
networks:
- traefik_proxy
- backend
volumes:
- /srv/docker/akkoma/akkoma:/opt/akkoma
- /var/docker/akkoma/akkoma/uploads:/opt/akkoma/uploads
- /var/docker/akkoma/akkoma/static:/opt/akkoma/instance/static
configs:
- source: akkoma
target: /opt/akkoma/config/prod.secret.exs
mode: 0400
labels:
traefik.enable: "true"
traefik.http.routers.akkoma.entrypoints: "https"
traefik.http.routers.akkoma.rule: "Host(`pl.fanyx.xyz`)"
traefik.docker.network: "traefik_proxy"
networks:
traefik_proxy:
name: traefik_proxy
backend:
driver: bridge
configs:
postgresql:
file: /srv/docker/akkoma/postgresql.conf
akkoma:
file: /srv/docker/akkoma/secret.exs

24
akkoma/postgresql.conf Normal file
View File

@ -0,0 +1,24 @@
# DB Version: 14
# OS Type: linux
# DB Type: web
# Total Memory (RAM): 16 GB
# CPUs num: 4
# Connections num: 20
# Data Storage: ssd
max_connections = 20
shared_buffers = 4GB
effective_cache_size = 12GB
maintenance_work_mem = 1GB
checkpoint_completion_target = 0.9
wal_buffers = 16MB
default_statistics_target = 100
random_page_cost = 1.1
effective_io_concurrency = 200
work_mem = 104857kB
min_wal_size = 1GB
max_wal_size = 4GB
max_worker_processes = 4
max_parallel_workers_per_gather = 2
max_parallel_workers = 4
max_parallel_maintenance_workers = 2

19
filebrowser/compose.yaml Normal file
View File

@ -0,0 +1,19 @@
services:
filebrowser:
image: filebrowser/filebrowser:v2.23.0
container_name: filebrowser
restart: unless-stopped
networks:
- traefik_proxy
volumes:
- /var/cloud/hendrik/public:/srv
- /var/docker/filebrowser/filebrowser.db:/database.db
user: "1000:1000"
labels:
traefik.http.routers.filebrowser.entrypoints: "https"
traefik.http.routers.filebrowser.rule: "Host(`cloud.fanyx.xyz`)"
traefik.enable: "true"
networks:
traefik_proxy:
name: traefik_proxy

25
funkwhale/compose.yaml Normal file
View File

@ -0,0 +1,25 @@
services:
funkwhale:
image: funkwhale/all-in-one:1.2.8
container_name: funkwhale
restart: unless-stopped
networks:
- traefik_proxy
env_file: .env
environment:
PUID: "994"
PGID: "994"
FUNKWHALE_HOSTNAME: "music.fanyx.xyz"
FUNKWHALE_PROTOCOL: "https"
NESTED_PROXY: "1"
volumes:
- /var/docker/funkwhale/data:/data
- /var/cloud/hendrik/public/Music:/music/hendrik:ro
labels:
traefik.enable: "true"
traefik.http.routers.funkwhale.entrypoints: "https"
traefik.http.routers.funkwhale.rule: "Host(`music.fanyx.xyz`)"
networks:
traefik_proxy:
name: traefik_proxy

View File

@ -0,0 +1,9 @@
#!/bin/sh
docker-compose -f /srv/docker/funkwhale/compose.yaml \
exec -it funkwhale /app/api/manage.py import_files \
9cf82ebc-67b9-444e-99db-011e64053d74 \
"/music/hendrik/" \
--recursive \
--noinput \
--in-place

23
gitea/compose.yaml Normal file
View File

@ -0,0 +1,23 @@
services:
gitea:
image: gitea/gitea:1.17.3
container_name: gitea
restart: unless-stopped
networks:
- traefik_proxy
environment:
USER_UID: "993"
USER_GID: "993"
volumes:
- /var/docker/gitea/data:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
labels:
traefik.enable: "true"
traefik.http.routers.gitea.entrypoints: "https"
traefik.http.routers.gitea.rule: "Host(`git.fanyx.xyz`)"
traefik.http.services.gitea.loadbalancer.server.port: "3000"
networks:
traefik_proxy:
name: traefik_proxy

45
hedgedoc/compose.yaml Normal file
View File

@ -0,0 +1,45 @@
services:
hedgedoc:
image: quay.io/hedgedoc/hedgedoc:1.9.6-alpine
container_name: hedgedoc_web
depends_on:
- db
restart: unless-stopped
networks:
- traefik_proxy
- backend
env_file: .env-hedgedoc
environment:
- NODE_ENV=production
- CMD_DOMAIN=n.fanyx.xyz
- CMD_PROTOCOL_USESSL=true
- CMD_ALLOW_ANONYMOUS=false
- CMD_ALLOW_ANONYMOUS_EDITS=true
- CMD_ALLOW_FREEURL=true
- CMD_REQUIRE_FREEURL_AUTHENTICATION=true
- CMD_EMAIL=true
- CMD_ALLOW_EMAIL_REGISTER=false
volumes:
- /var/docker/hedgedoc/uploads:/hedgedoc/public/uploads
labels:
traefik.enable: "true"
traefik.http.routers.hedgedoc.entrypoints: "https"
traefik.http.routers.hedgedoc.rule: "Host(`n.fanyx.xyz`)"
traefik.http.routers.hedgedoc-ws.entrypoints: "https"
traefik.http.routers.hedgedoc-ws.rule: "Host(`n.fanyx.xyz`) && Path(`/sockets.io/`)"
traefik.http.middlewares.wsUpgrade.headers.customrequestheaders.X-Forwarded-Proto: "https"
traefik.http.routers.hedgedoc-ws.middlewares: "wsUpgrade@docker"
db:
image: postgres:13.4-alpine
container_name: hedgedoc_db
restart: unless-stopped
env_file: .env-db
networks:
- backend
volumes:
- /var/docker/hedgedoc/database:/var/lib/postgresql/data
networks:
traefik_proxy:
name: traefik_proxy
backend:

9
infrared/compose.yaml Normal file
View File

@ -0,0 +1,9 @@
services:
infrared:
image: docker.fanyx.xyz/infrared
container_name: infrared
restart: unless-stopped
volumes:
- ./configs:/configs
network_mode: host

View File

@ -0,0 +1,9 @@
DomainName: "sta.mc.fanyx.xyz"
ListenTo: ":25565"
ProxyTo: ":25568"
TimeOut: "5m"
Server:
Version: "1.12.2"
Protocol: 340
DisconnectMessage: "Unable to connect to backend server."

10
jellyfin/compose.yaml Normal file
View File

@ -0,0 +1,10 @@
services:
jellyfin:
image: jellyfin/jellyfin:10.8.5
container_name: jellyfin
restart: unless-stopped
volumes:
- /data/local_share/public/Videos:/media
- /var/docker/jellyfin/cache:/cache
- /var/docker/jellyfin/config:/config
network_mode: "host"

27
linx/compose.yaml Normal file
View File

@ -0,0 +1,27 @@
services:
linx:
image: docker.fanyx.xyz/linx-server:2022-01
container_name: linx-server
restart: unless-stopped
networks:
- traefik_proxy
command: ["-config", "/data/linx-server.conf"]
configs:
- source: linx-config
target: /data/linx-server.conf
mode: 0444
volumes:
- /var/docker/linx/files:/data/files
- /var/docker/linx/meta:/data/meta
labels:
- "traefik.enable=true"
- "traefik.http.routers.linx.entrypoints=https"
- "traefik.http.routers.linx.rule=Host(`t.fanyx.xyz`)"
configs:
linx-config:
file: ./linx-server.conf
networks:
traefik_proxy:
name: traefik_proxy

15
linx/linx-server.conf Normal file
View File

@ -0,0 +1,15 @@
bind = 0.0.0.0:8080
sitename = t.fanyx.xyz
siteurl = https://t.fanyx.xyz/
selifpath = s
maxsize = 4294967296
maxexpiry = 0
max-duration-time = 86400
max-duration-size = 67108864
allowhotlink = true
remoteuploads = true
nologs = true
force-random-filename = false
cleanup-every-minutes = 5
realip = true

22
maloja/compose.yaml Normal file
View File

@ -0,0 +1,22 @@
services:
maloja:
image: krateng/maloja:3.1.4
container_name: maloja
restart: unless-stopped
networks:
- traefik_proxy
env_file: .env
environment:
- MALOJA_DATA_DIRECTORY=/var/lib/maloja
- MALOJA_HOST=0.0.0.0
- MALOJA_SKIP_SETUP=True
volumes:
- /var/docker/maloja/data:/var/lib/maloja
labels:
traefik.enable: "true"
traefik.http.routers.maloja.entrypoints: "https"
traefik.http.routers.maloja.rule: "Host(`maloja.fanyx.xyz`)"
networks:
traefik_proxy:
name: traefik_proxy

View File

@ -0,0 +1,22 @@
services:
sevtechages:
image: itzg/minecraft-server:java8
container_name: mc-sevtechages
restart: unless-stopped
environment:
- TYPE=FORGE
- EULA=TRUE
- TZ=Europe/Berlin
- VERSION=1.12.2
- FORGEVERSION=14.23.5.2860
- OPS=Fanyx
- MEMORY=7G
- USE_AIKAR_FLAGS=true
- GUI=FALSE
tty: true
stdin_open: true
volumes:
- /var/docker/minecraft/sevtechages:/data
ports:
- "25568:25565"

21
pihole/compose.yaml Normal file
View File

@ -0,0 +1,21 @@
services:
pihole:
image: pihole/pihole:2022.10
container_name: pihole
restart: unless-stopped
ports:
- "53:53/tcp"
- "53:53/udp"
- "8082:80/tcp"
environment:
TZ: "Berlin/Europe"
WEBPASSWORD: "K2jgiRMxhBMYZpEV3MtXqdMb"
volumes:
- pihole_pihole-config:/etc/pihole/
- pihole_pihole-dnsmasq:/etc/dnsmasq.d/
volumes:
pihole_pihole-config:
external: true
pihole_pihole-dnsmasq:
external: true

35
registry/compose.yaml Normal file
View File

@ -0,0 +1,35 @@
services:
registry:
image: registry:2.8
container_name: registry
restart: unless-stopped
networks:
- traefik_proxy
configs:
- source: registry
target: /etc/docker/registry/config.yml
mode: 0400
volumes:
- registry_registry:/var/lib/registry
expose:
- 5000
labels:
- "traefik.enable=true"
- "traefik.http.routers.registry.entrypoints=https"
- "traefik.http.routers.registry.rule=Host(`docker.fanyx.xyz`)"
- "traefik.http.middlewares.headers.Headers.sslProxyHeaders.X-Forwarded-Proto=https"
- "traefik.http.middlewares.headers.Headers.hostsProxyHeaders=X-Forwarded-Host"
- "traefik.http.middlewares.auth.BasicAuth.usersfile=/htpasswd"
- "traefik.http.routers.registry.middlewares=headers@docker,auth@docker"
volumes:
registry_registry:
external: true
configs:
registry:
file: ./config.yml
networks:
traefik_proxy:
name: traefik_proxy

15
registry/config.yml Normal file
View File

@ -0,0 +1,15 @@
version: 0.1
storage:
filesystem:
rootdirectory: /var/lib/registry
delete:
enabled: true
cache:
blobdescriptor: inmemory
http:
addr: :5000
headers:
Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE']
Access-Control-Expose-Headers: ['Docker-Content-Digest']
X-Content-Type-Options: [nosniff]
host: docker.fanyx.xyz

44
trackmania/compose.yaml Normal file
View File

@ -0,0 +1,44 @@
version: '3.8'
services:
tmserver:
image: fanyx/tmserver:2.1.0
container_name: trackmania_tmserver
depends_on:
- db
restart: always
env_file: .env
# volumes:
# - ./tracks:/var/lib/tmserver/GameData/Tracks/Challenges/Custom # => Custom tracks
# - ./playlist.txt:/var/lib/tmserver/playlist.txt # => Custom playlist
# - ./blacklist:/var/lib/xaseco/blacklist # => Plugin blacklist
# - ./plugins:/var/lib/xaseco/plugins/custom # => Custom plugins
# - ./config:/var/lib/xaseco/config # => Custom configuration files
# ports:
# - "2350:2350"
# - "2350:2350/udp"
# - "3450:3450/udp"
db:
image: mysql:5
container_name: trackmania_db
restart: always
environment:
- MYSQL_ROOT_PASSWORD=tmforever
- MYSQL_DATABASE=trackmania
- MYSQL_USER=trackmania
- MYSQL_PASSWORD=tmforever
volumes:
- trackmania-db:/var/lib/mysql
pma:
image: phpmyadmin/phpmyadmin:4.9
container_name: trackmania_phpmyadmin
depends_on:
- db
environment:
- PMA_HOST=db
restart: always
# ports:
# - "8080:80"
volumes:
trackmania-db:

29
traefik/compose.yaml Normal file
View File

@ -0,0 +1,29 @@
services:
traefik:
image: traefik:2.8
container_name: traefik
restart: unless-stopped
ports:
- "80:80"
- "443:443"
- "24880:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./config/acme/acme.json:/acme.json:rw
configs:
- source: traefik
target: /traefik.yml
- source: htpasswd
target: /htpasswd
networks:
- traefik_proxy
networks:
traefik_proxy:
name: traefik_proxy
configs:
traefik:
file: ./config/traefik.yml
htpasswd:
file: ./config/htpasswd

View File

@ -0,0 +1,63 @@
api:
dashboard: true
insecure: true
entryPoints:
http:
address: ":80"
http:
redirections:
entryPoint:
to: https
scheme: https
https:
address: ":443"
http:
tls:
certResolver: default
middlewares:
- hsts@file
providers:
docker:
network: "traefik_proxy"
exposedByDefault: false
file:
filename: "/traefik.yml"
certificatesResolvers:
default:
acme:
email: "fanyx@fanyx.xyz"
storage: "acme.json"
caServer: "https://acme-v02.api.letsencrypt.org/directory"
tlsChallenge: true
httpChallenge:
entrypoint: http
http:
routers:
jellyfin:
entrypoints:
- "https"
rule: "Host(`v.fanyx.xyz`)"
service: "jellyfin"
radicale:
entrypoints:
- "https"
rule: "Host(`r.fanyx.xyz`)"
service: "radicale"
services:
jellyfin:
loadBalancer:
servers:
- url: "http://172.18.0.1:8096"
radicale:
loadBalancer:
servers:
- url: "http://172.18.0.1:5232"
middlewares:
hsts:
headers:
frameDeny: true
browserXssFilter: true

17
www/compose.yaml Normal file
View File

@ -0,0 +1,17 @@
services:
website:
image: nginx:1.23.2-alpine
container_name: website
restart: unless-stopped
networks:
- traefik_proxy
volumes:
- /var/docker/www/website:/usr/share/nginx/html:ro
labels:
traefik.enable: "true"
traefik.http.routers.website.entrypoints: "https"
traefik.http.routers.website.rule: "Host(`fanyx.xyz`)"
networks:
traefik_proxy:
name: traefik_proxy