Initial commit
This commit is contained in:
commit
60dfcfcb8a
|
@ -0,0 +1,53 @@
|
|||
services:
|
||||
db:
|
||||
image: postgres:14.5-alpine
|
||||
container_name: akkoma_db
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- backend
|
||||
env_file: .env-db
|
||||
environment:
|
||||
POSTGRES_USER: akkoma
|
||||
POSTGRES_DB: akkoma
|
||||
# POSTGRES_PASSWORD:
|
||||
volumes:
|
||||
- /var/docker/akkoma/postgres:/var/lib/postgresql/data
|
||||
configs:
|
||||
- source: postgresql
|
||||
target: /etc/postgres/postgresql.conf
|
||||
mode: 0400
|
||||
|
||||
web:
|
||||
image: docker.fanyx.xyz/akkoma:stable-2023-02
|
||||
container_name: akkoma_web
|
||||
restart: unless-stopped
|
||||
depends_on:
|
||||
- db
|
||||
networks:
|
||||
- traefik_proxy
|
||||
- backend
|
||||
volumes:
|
||||
- /srv/docker/akkoma/akkoma:/opt/akkoma
|
||||
- /var/docker/akkoma/akkoma/uploads:/opt/akkoma/uploads
|
||||
- /var/docker/akkoma/akkoma/static:/opt/akkoma/instance/static
|
||||
configs:
|
||||
- source: akkoma
|
||||
target: /opt/akkoma/config/prod.secret.exs
|
||||
mode: 0400
|
||||
labels:
|
||||
traefik.enable: "true"
|
||||
traefik.http.routers.akkoma.entrypoints: "https"
|
||||
traefik.http.routers.akkoma.rule: "Host(`pl.fanyx.xyz`)"
|
||||
traefik.docker.network: "traefik_proxy"
|
||||
|
||||
networks:
|
||||
traefik_proxy:
|
||||
name: traefik_proxy
|
||||
backend:
|
||||
driver: bridge
|
||||
|
||||
configs:
|
||||
postgresql:
|
||||
file: /srv/docker/akkoma/postgresql.conf
|
||||
akkoma:
|
||||
file: /srv/docker/akkoma/secret.exs
|
|
@ -0,0 +1,24 @@
|
|||
# DB Version: 14
|
||||
# OS Type: linux
|
||||
# DB Type: web
|
||||
# Total Memory (RAM): 16 GB
|
||||
# CPUs num: 4
|
||||
# Connections num: 20
|
||||
# Data Storage: ssd
|
||||
|
||||
max_connections = 20
|
||||
shared_buffers = 4GB
|
||||
effective_cache_size = 12GB
|
||||
maintenance_work_mem = 1GB
|
||||
checkpoint_completion_target = 0.9
|
||||
wal_buffers = 16MB
|
||||
default_statistics_target = 100
|
||||
random_page_cost = 1.1
|
||||
effective_io_concurrency = 200
|
||||
work_mem = 104857kB
|
||||
min_wal_size = 1GB
|
||||
max_wal_size = 4GB
|
||||
max_worker_processes = 4
|
||||
max_parallel_workers_per_gather = 2
|
||||
max_parallel_workers = 4
|
||||
max_parallel_maintenance_workers = 2
|
|
@ -0,0 +1,19 @@
|
|||
services:
|
||||
filebrowser:
|
||||
image: filebrowser/filebrowser:v2.23.0
|
||||
container_name: filebrowser
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- traefik_proxy
|
||||
volumes:
|
||||
- /var/cloud/hendrik/public:/srv
|
||||
- /var/docker/filebrowser/filebrowser.db:/database.db
|
||||
user: "1000:1000"
|
||||
labels:
|
||||
traefik.http.routers.filebrowser.entrypoints: "https"
|
||||
traefik.http.routers.filebrowser.rule: "Host(`cloud.fanyx.xyz`)"
|
||||
traefik.enable: "true"
|
||||
|
||||
networks:
|
||||
traefik_proxy:
|
||||
name: traefik_proxy
|
|
@ -0,0 +1,25 @@
|
|||
services:
|
||||
funkwhale:
|
||||
image: funkwhale/all-in-one:1.2.8
|
||||
container_name: funkwhale
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- traefik_proxy
|
||||
env_file: .env
|
||||
environment:
|
||||
PUID: "994"
|
||||
PGID: "994"
|
||||
FUNKWHALE_HOSTNAME: "music.fanyx.xyz"
|
||||
FUNKWHALE_PROTOCOL: "https"
|
||||
NESTED_PROXY: "1"
|
||||
volumes:
|
||||
- /var/docker/funkwhale/data:/data
|
||||
- /var/cloud/hendrik/public/Music:/music/hendrik:ro
|
||||
labels:
|
||||
traefik.enable: "true"
|
||||
traefik.http.routers.funkwhale.entrypoints: "https"
|
||||
traefik.http.routers.funkwhale.rule: "Host(`music.fanyx.xyz`)"
|
||||
|
||||
networks:
|
||||
traefik_proxy:
|
||||
name: traefik_proxy
|
|
@ -0,0 +1,9 @@
|
|||
#!/bin/sh
|
||||
|
||||
docker-compose -f /srv/docker/funkwhale/compose.yaml \
|
||||
exec -it funkwhale /app/api/manage.py import_files \
|
||||
9cf82ebc-67b9-444e-99db-011e64053d74 \
|
||||
"/music/hendrik/" \
|
||||
--recursive \
|
||||
--noinput \
|
||||
--in-place
|
|
@ -0,0 +1,23 @@
|
|||
services:
|
||||
gitea:
|
||||
image: gitea/gitea:1.17.3
|
||||
container_name: gitea
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- traefik_proxy
|
||||
environment:
|
||||
USER_UID: "993"
|
||||
USER_GID: "993"
|
||||
volumes:
|
||||
- /var/docker/gitea/data:/data
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
labels:
|
||||
traefik.enable: "true"
|
||||
traefik.http.routers.gitea.entrypoints: "https"
|
||||
traefik.http.routers.gitea.rule: "Host(`git.fanyx.xyz`)"
|
||||
traefik.http.services.gitea.loadbalancer.server.port: "3000"
|
||||
|
||||
networks:
|
||||
traefik_proxy:
|
||||
name: traefik_proxy
|
|
@ -0,0 +1,45 @@
|
|||
services:
|
||||
hedgedoc:
|
||||
image: quay.io/hedgedoc/hedgedoc:1.9.6-alpine
|
||||
container_name: hedgedoc_web
|
||||
depends_on:
|
||||
- db
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- traefik_proxy
|
||||
- backend
|
||||
env_file: .env-hedgedoc
|
||||
environment:
|
||||
- NODE_ENV=production
|
||||
- CMD_DOMAIN=n.fanyx.xyz
|
||||
- CMD_PROTOCOL_USESSL=true
|
||||
- CMD_ALLOW_ANONYMOUS=false
|
||||
- CMD_ALLOW_ANONYMOUS_EDITS=true
|
||||
- CMD_ALLOW_FREEURL=true
|
||||
- CMD_REQUIRE_FREEURL_AUTHENTICATION=true
|
||||
- CMD_EMAIL=true
|
||||
- CMD_ALLOW_EMAIL_REGISTER=false
|
||||
volumes:
|
||||
- /var/docker/hedgedoc/uploads:/hedgedoc/public/uploads
|
||||
labels:
|
||||
traefik.enable: "true"
|
||||
traefik.http.routers.hedgedoc.entrypoints: "https"
|
||||
traefik.http.routers.hedgedoc.rule: "Host(`n.fanyx.xyz`)"
|
||||
traefik.http.routers.hedgedoc-ws.entrypoints: "https"
|
||||
traefik.http.routers.hedgedoc-ws.rule: "Host(`n.fanyx.xyz`) && Path(`/sockets.io/`)"
|
||||
traefik.http.middlewares.wsUpgrade.headers.customrequestheaders.X-Forwarded-Proto: "https"
|
||||
traefik.http.routers.hedgedoc-ws.middlewares: "wsUpgrade@docker"
|
||||
db:
|
||||
image: postgres:13.4-alpine
|
||||
container_name: hedgedoc_db
|
||||
restart: unless-stopped
|
||||
env_file: .env-db
|
||||
networks:
|
||||
- backend
|
||||
volumes:
|
||||
- /var/docker/hedgedoc/database:/var/lib/postgresql/data
|
||||
|
||||
networks:
|
||||
traefik_proxy:
|
||||
name: traefik_proxy
|
||||
backend:
|
|
@ -0,0 +1,9 @@
|
|||
services:
|
||||
infrared:
|
||||
image: docker.fanyx.xyz/infrared
|
||||
container_name: infrared
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ./configs:/configs
|
||||
network_mode: host
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
DomainName: "sta.mc.fanyx.xyz"
|
||||
ListenTo: ":25565"
|
||||
ProxyTo: ":25568"
|
||||
TimeOut: "5m"
|
||||
Server:
|
||||
Version: "1.12.2"
|
||||
Protocol: 340
|
||||
DisconnectMessage: "Unable to connect to backend server."
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
services:
|
||||
jellyfin:
|
||||
image: jellyfin/jellyfin:10.8.5
|
||||
container_name: jellyfin
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- /data/local_share/public/Videos:/media
|
||||
- /var/docker/jellyfin/cache:/cache
|
||||
- /var/docker/jellyfin/config:/config
|
||||
network_mode: "host"
|
|
@ -0,0 +1,27 @@
|
|||
services:
|
||||
linx:
|
||||
image: docker.fanyx.xyz/linx-server:2022-01
|
||||
container_name: linx-server
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- traefik_proxy
|
||||
command: ["-config", "/data/linx-server.conf"]
|
||||
configs:
|
||||
- source: linx-config
|
||||
target: /data/linx-server.conf
|
||||
mode: 0444
|
||||
volumes:
|
||||
- /var/docker/linx/files:/data/files
|
||||
- /var/docker/linx/meta:/data/meta
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.linx.entrypoints=https"
|
||||
- "traefik.http.routers.linx.rule=Host(`t.fanyx.xyz`)"
|
||||
|
||||
configs:
|
||||
linx-config:
|
||||
file: ./linx-server.conf
|
||||
|
||||
networks:
|
||||
traefik_proxy:
|
||||
name: traefik_proxy
|
|
@ -0,0 +1,15 @@
|
|||
bind = 0.0.0.0:8080
|
||||
sitename = t.fanyx.xyz
|
||||
siteurl = https://t.fanyx.xyz/
|
||||
selifpath = s
|
||||
maxsize = 4294967296
|
||||
maxexpiry = 0
|
||||
max-duration-time = 86400
|
||||
max-duration-size = 67108864
|
||||
allowhotlink = true
|
||||
remoteuploads = true
|
||||
nologs = true
|
||||
force-random-filename = false
|
||||
cleanup-every-minutes = 5
|
||||
realip = true
|
||||
|
|
@ -0,0 +1,22 @@
|
|||
services:
|
||||
maloja:
|
||||
image: krateng/maloja:3.1.4
|
||||
container_name: maloja
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- traefik_proxy
|
||||
env_file: .env
|
||||
environment:
|
||||
- MALOJA_DATA_DIRECTORY=/var/lib/maloja
|
||||
- MALOJA_HOST=0.0.0.0
|
||||
- MALOJA_SKIP_SETUP=True
|
||||
volumes:
|
||||
- /var/docker/maloja/data:/var/lib/maloja
|
||||
labels:
|
||||
traefik.enable: "true"
|
||||
traefik.http.routers.maloja.entrypoints: "https"
|
||||
traefik.http.routers.maloja.rule: "Host(`maloja.fanyx.xyz`)"
|
||||
|
||||
networks:
|
||||
traefik_proxy:
|
||||
name: traefik_proxy
|
|
@ -0,0 +1,22 @@
|
|||
services:
|
||||
sevtechages:
|
||||
image: itzg/minecraft-server:java8
|
||||
container_name: mc-sevtechages
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- TYPE=FORGE
|
||||
- EULA=TRUE
|
||||
- TZ=Europe/Berlin
|
||||
- VERSION=1.12.2
|
||||
- FORGEVERSION=14.23.5.2860
|
||||
- OPS=Fanyx
|
||||
- MEMORY=7G
|
||||
- USE_AIKAR_FLAGS=true
|
||||
- GUI=FALSE
|
||||
tty: true
|
||||
stdin_open: true
|
||||
volumes:
|
||||
- /var/docker/minecraft/sevtechages:/data
|
||||
ports:
|
||||
- "25568:25565"
|
||||
|
|
@ -0,0 +1,21 @@
|
|||
services:
|
||||
pihole:
|
||||
image: pihole/pihole:2022.10
|
||||
container_name: pihole
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "53:53/tcp"
|
||||
- "53:53/udp"
|
||||
- "8082:80/tcp"
|
||||
environment:
|
||||
TZ: "Berlin/Europe"
|
||||
WEBPASSWORD: "K2jgiRMxhBMYZpEV3MtXqdMb"
|
||||
volumes:
|
||||
- pihole_pihole-config:/etc/pihole/
|
||||
- pihole_pihole-dnsmasq:/etc/dnsmasq.d/
|
||||
|
||||
volumes:
|
||||
pihole_pihole-config:
|
||||
external: true
|
||||
pihole_pihole-dnsmasq:
|
||||
external: true
|
|
@ -0,0 +1,35 @@
|
|||
services:
|
||||
registry:
|
||||
image: registry:2.8
|
||||
container_name: registry
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- traefik_proxy
|
||||
configs:
|
||||
- source: registry
|
||||
target: /etc/docker/registry/config.yml
|
||||
mode: 0400
|
||||
volumes:
|
||||
- registry_registry:/var/lib/registry
|
||||
expose:
|
||||
- 5000
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.registry.entrypoints=https"
|
||||
- "traefik.http.routers.registry.rule=Host(`docker.fanyx.xyz`)"
|
||||
- "traefik.http.middlewares.headers.Headers.sslProxyHeaders.X-Forwarded-Proto=https"
|
||||
- "traefik.http.middlewares.headers.Headers.hostsProxyHeaders=X-Forwarded-Host"
|
||||
- "traefik.http.middlewares.auth.BasicAuth.usersfile=/htpasswd"
|
||||
- "traefik.http.routers.registry.middlewares=headers@docker,auth@docker"
|
||||
|
||||
volumes:
|
||||
registry_registry:
|
||||
external: true
|
||||
|
||||
configs:
|
||||
registry:
|
||||
file: ./config.yml
|
||||
|
||||
networks:
|
||||
traefik_proxy:
|
||||
name: traefik_proxy
|
|
@ -0,0 +1,15 @@
|
|||
version: 0.1
|
||||
storage:
|
||||
filesystem:
|
||||
rootdirectory: /var/lib/registry
|
||||
delete:
|
||||
enabled: true
|
||||
cache:
|
||||
blobdescriptor: inmemory
|
||||
http:
|
||||
addr: :5000
|
||||
headers:
|
||||
Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE']
|
||||
Access-Control-Expose-Headers: ['Docker-Content-Digest']
|
||||
X-Content-Type-Options: [nosniff]
|
||||
host: docker.fanyx.xyz
|
|
@ -0,0 +1,44 @@
|
|||
version: '3.8'
|
||||
services:
|
||||
tmserver:
|
||||
image: fanyx/tmserver:2.1.0
|
||||
container_name: trackmania_tmserver
|
||||
depends_on:
|
||||
- db
|
||||
restart: always
|
||||
env_file: .env
|
||||
# volumes:
|
||||
# - ./tracks:/var/lib/tmserver/GameData/Tracks/Challenges/Custom # => Custom tracks
|
||||
# - ./playlist.txt:/var/lib/tmserver/playlist.txt # => Custom playlist
|
||||
# - ./blacklist:/var/lib/xaseco/blacklist # => Plugin blacklist
|
||||
# - ./plugins:/var/lib/xaseco/plugins/custom # => Custom plugins
|
||||
# - ./config:/var/lib/xaseco/config # => Custom configuration files
|
||||
# ports:
|
||||
# - "2350:2350"
|
||||
# - "2350:2350/udp"
|
||||
# - "3450:3450/udp"
|
||||
db:
|
||||
image: mysql:5
|
||||
container_name: trackmania_db
|
||||
restart: always
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=tmforever
|
||||
- MYSQL_DATABASE=trackmania
|
||||
- MYSQL_USER=trackmania
|
||||
- MYSQL_PASSWORD=tmforever
|
||||
volumes:
|
||||
- trackmania-db:/var/lib/mysql
|
||||
pma:
|
||||
image: phpmyadmin/phpmyadmin:4.9
|
||||
container_name: trackmania_phpmyadmin
|
||||
depends_on:
|
||||
- db
|
||||
environment:
|
||||
- PMA_HOST=db
|
||||
restart: always
|
||||
# ports:
|
||||
# - "8080:80"
|
||||
|
||||
volumes:
|
||||
trackmania-db:
|
||||
|
|
@ -0,0 +1,29 @@
|
|||
services:
|
||||
traefik:
|
||||
image: traefik:2.8
|
||||
container_name: traefik
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
- "24880:8080"
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- ./config/acme/acme.json:/acme.json:rw
|
||||
configs:
|
||||
- source: traefik
|
||||
target: /traefik.yml
|
||||
- source: htpasswd
|
||||
target: /htpasswd
|
||||
networks:
|
||||
- traefik_proxy
|
||||
|
||||
networks:
|
||||
traefik_proxy:
|
||||
name: traefik_proxy
|
||||
|
||||
configs:
|
||||
traefik:
|
||||
file: ./config/traefik.yml
|
||||
htpasswd:
|
||||
file: ./config/htpasswd
|
|
@ -0,0 +1,63 @@
|
|||
api:
|
||||
dashboard: true
|
||||
insecure: true
|
||||
|
||||
entryPoints:
|
||||
http:
|
||||
address: ":80"
|
||||
http:
|
||||
redirections:
|
||||
entryPoint:
|
||||
to: https
|
||||
scheme: https
|
||||
https:
|
||||
address: ":443"
|
||||
http:
|
||||
tls:
|
||||
certResolver: default
|
||||
middlewares:
|
||||
- hsts@file
|
||||
|
||||
providers:
|
||||
docker:
|
||||
network: "traefik_proxy"
|
||||
exposedByDefault: false
|
||||
file:
|
||||
filename: "/traefik.yml"
|
||||
|
||||
certificatesResolvers:
|
||||
default:
|
||||
acme:
|
||||
email: "fanyx@fanyx.xyz"
|
||||
storage: "acme.json"
|
||||
caServer: "https://acme-v02.api.letsencrypt.org/directory"
|
||||
tlsChallenge: true
|
||||
httpChallenge:
|
||||
entrypoint: http
|
||||
|
||||
http:
|
||||
routers:
|
||||
jellyfin:
|
||||
entrypoints:
|
||||
- "https"
|
||||
rule: "Host(`v.fanyx.xyz`)"
|
||||
service: "jellyfin"
|
||||
radicale:
|
||||
entrypoints:
|
||||
- "https"
|
||||
rule: "Host(`r.fanyx.xyz`)"
|
||||
service: "radicale"
|
||||
services:
|
||||
jellyfin:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "http://172.18.0.1:8096"
|
||||
radicale:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "http://172.18.0.1:5232"
|
||||
middlewares:
|
||||
hsts:
|
||||
headers:
|
||||
frameDeny: true
|
||||
browserXssFilter: true
|
|
@ -0,0 +1,17 @@
|
|||
services:
|
||||
website:
|
||||
image: nginx:1.23.2-alpine
|
||||
container_name: website
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- traefik_proxy
|
||||
volumes:
|
||||
- /var/docker/www/website:/usr/share/nginx/html:ro
|
||||
labels:
|
||||
traefik.enable: "true"
|
||||
traefik.http.routers.website.entrypoints: "https"
|
||||
traefik.http.routers.website.rule: "Host(`fanyx.xyz`)"
|
||||
|
||||
networks:
|
||||
traefik_proxy:
|
||||
name: traefik_proxy
|
Loading…
Reference in New Issue