12 Commits

Author SHA1 Message Date
dependabot[bot] 6f725608ca Bump actions/checkout from 5 to 7
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v5...v7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-29 21:48:04 +00:00
Bensuperpc 6c21e5fd5e Add authelia 2026-06-29 23:46:32 +02:00
Bensuperpc d1d5a9de29 Add searxng 2026-06-20 01:03:21 +02:00
Bensuperpc 16304ea649 Add dependency-track 2026-05-17 23:05:22 +02:00
Bensuperpc 54cc6f0802 clean old ssh config, split network, improve caddy config 2026-05-16 00:42:29 +02:00
Bensuperpc 4bb3fe6d98 Update argus 2026-05-08 23:31:18 +02:00
Bensuperpc 596ffd8a6b Improve ollama 2026-05-07 21:17:11 +02:00
Bensuperpc a8bddcb18c Add argus 2026-05-07 21:16:47 +02:00
Bensuperpc 9f043ac4eb Update Minecraft server 2026-05-04 00:20:11 +02:00
Bensuperpc 7ff08b937d Move to mono repo
Signed-off-by: Bensuperpc <bensuperpc@gmail.com>
2026-03-31 18:56:37 +02:00
Bensuperpc d7f684398e Update 2026-01-21 00:30:52 +01:00
Bensuperpc bd1078d42e Update Caddy and uptimekuma
Signed-off-by: Bensuperpc <bensuperpc@gmail.com>
2025-12-28 23:29:41 +01:00
132 changed files with 2169 additions and 588 deletions
+2 -2
View File
@@ -22,14 +22,14 @@ jobs:
timeout-minutes: 30
steps:
- name: "Checkout Code"
uses: actions/checkout@v5
uses: actions/checkout@v7
with:
submodules: "recursive"
fetch-depth: 0
- name: "Check compose"
run: make check
- name: "Update server image"
run: make image-update
run: make pull
- name: "Build server"
run: make build
# - name: "Start server"
+1 -1
View File
@@ -11,7 +11,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: "Checkout Code"
uses: actions/checkout@v5
uses: actions/checkout@v7
with:
token: ${{ secrets.CI_TOKEN }}
repository: ${{ github.repository }}
-9
View File
@@ -1,9 +0,0 @@
[submodule "infrastructure/services/minecraft-server"]
path = infrastructure/services/minecraft-server
url = git@github.com:bensuperpc/docker-minecraft-server.git
[submodule "infrastructure/services/7daystodie"]
path = infrastructure/services/7daystodie-server
url = git@github.com:bensuperpc/docker-7daystodie.git
[submodule "infrastructure/services/satisfactory"]
path = infrastructure/services/satisfactory-server
url = git@github.com:bensuperpc/docker-satisfactory.git
+4 -3
View File
@@ -29,8 +29,9 @@ COMPOSE_DIR ?= --project-directory ./$(PROJECT_DIRECTORY)
UID ?= 1000
GID ?= 1000
TZ ?= Europe/Paris
ENV_ARG_VAR ?= PUID=$(UID) PGID=$(GID)
ENV_ARG_VAR ?= PUID=$(UID) PGID=$(GID) TZ=$(TZ)
DOCKER_COMPOSE_COMMAND ?= $(ENV_ARG_VAR) $(DOCKER_EXEC) compose $(COMPOSE_DIR) $(COMPOSE_FILES) $(PROFILE_CMD)
@@ -66,11 +67,11 @@ git-update:
git pull --recurse-submodules --all --progress
.PHONY: update
update: image-update git-update
update: git-update
.PHONY: clean
clean:
docker system prune -f
$(ENV_ARG_VAR) $(DOCKER_EXEC) system prune -f
.PHONY: purge
purge:
+2 -2
View File
@@ -24,8 +24,8 @@
PROJECT_DIRECTORY := infrastructure
CONFIG_DIRECTORY := presets
CONFIGS := minecraft
# 7dtd minecraft satisfactory torrent
CONFIGS := torrent
#DOCKER_PROFILES :=
include DockerCompose.mk
+183 -59
View File
@@ -1,30 +1,30 @@
# Infrastructure
_Open source, decentralized and self-hosted infrastructure for many services._
## About
It uses caddy and docker-compose to run my services (And many other things).
It's a **work in progress**, and I'm still learning a lot about it.
If you have any **questions** or **suggestions**, feel free to open an issue or a pull request.
_Open source, decentralized and self-hosted infrastructure for many local services and authentication with Authelia._
## Features
- [x] caddy 2 HTTP/S reverse proxy
- [x] Authelia (SSO / authentication middleware)
- [x] Open-WebUI + Ollama (Local chatGPT)
- [x] qbittorrent and transmission (Torrent client/server)
- [x] Docker / docker-compose
- [x] Wordpress (Via FASTCGI/caddy)
- [x] Jellyfin (Media server)
- [x] Homepage (Dashboard)
- [x] SearXNG (Self-hosted search engine)
- [x] Jellyfin (Eg Netflix, Disney+)
- [x] Forgejo (Git server, fork of Gitea)
- [x] Uptime Kuma (Monitoring)
- [x] qbittorrent and transmission (Torrent client/server)
- [x] Argus (Application update monitoring)
- [x] SyncThing (File synchronization)
- [x] Dufs (File server)
- [x] PsiTransfer, ProjectSend, Picoshare (File sharing)
- [x] it-tools and omni-tools (Tools for IT)
- [x] Open-WebUI (Local chatGPT)
- [x] Privatebin (Pastebin)
- [X] [Satisfactory](https://github.com/bensuperpc/docker-satisfactory)
- [x] [7 days to die](https://github.com/bensuperpc/docker-7daystodie)
- [x] [minecraft](https://github.com/bensuperpc/docker-minecraft-server)
- [x] it-tools, omni-tools and cyberchef (Tools for IT)
- [x] Privatebin
- [x] Memos (Note-taking)
- [x] Stirling PDF (PDF tools)
- [x] Wordpress (Via FASTCGI/caddy)
- [x] Dependency-Track (SBOM / vulnerability tracking)
- [X] Game (Satisfactory, Minecraft, 7 Days to Die, Team Fortress 2 etc...)
## Architecture
@@ -44,8 +44,8 @@ The homepage is a dashboard with many widgets and services.
- [Docker Compose](https://docs.docker.com/compose/install/)
- [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git)
- [Web domain](https://www.ovh.com/world/domains/) (I use OVH)
- [Open port 80, 443, 22, 2222 and 5555 on your router](http://192.168.1.1/)
- For games server, you need to open these ports (7777, 25565, 26900, 26901, 26903)
- [Open port 80, 443, 22 and 2222 on your router](http://192.168.1.1/)
- For games server, you need to open these ports (7777, 8888, 25565, 26900, 26901, 26903)
List of ports used by the services in this infrastructure:
@@ -56,10 +56,13 @@ List of ports used by the services in this infrastructure:
| 22 | Forgejo | Git/SSH access |
| 2222 | OpenSSH | Global SSH access |
| 7777 | Satisfactory | Game server port |
| 8888 | Satisfactory | Game server port |
| 25565 | Minecraft | Game server port |
| 8100 | Bluemap Minecraft | Web map port |
| 26900 | 7 Days to Die | Game server port |
| 26901 | 7 Days to Die | Game server port |
| 26903 | 7 Days to Die | Game server port |
| 27015 | Team Fortress 2 | Game server port |
**To avoid get rate limit from letsencrypt (10 certificates per 3 hours), you need to disable some certificates in the caddyfiles and enable them 3h later...**
@@ -78,7 +81,29 @@ Go to the folder
cd infrastructure
```
Change services you want to enable in the [Makefile](Makefile) file, by default all services are enabled (games servers included).
### Start the infrastructure
Start the website with:
```sh
make up
```
Stop the website with:
```sh
make stop
```
Remove containers with:
```sh
make down
```
Services are enabled via **preset configuration files** in the [`presets/`](presets/) directory.
The active presets are declared in the [`Makefile`](Makefile) via the `CONFIGS` variable, for example, `CONFIGS := chatgpt` loads `presets/chatgpt.conf` which activates the `main_infrastructure`, `caddy`, `openssh`, and `openwebui` profiles.
### Configure the domain
@@ -88,7 +113,7 @@ For all **bensuperpc.org**, you need to replace it with your domain, example: **
find . \( -type d -name .git -prune \) -o -type f -print0 | xargs -0 sed -i 's/bensuperpc.org/mydomain.com/g'
```
Check if all bensuperpc.* are replaced by your domain in [Caddyfile](caddy/services/wordpress/Caddyfile)
Check if all bensuperpc.* are replaced by your domain in [Caddyfile](infrastructure/services/caddy/config/Caddyfile)
And then, caddy will generate the certificate for you and renew it automatically :D
@@ -96,25 +121,29 @@ And then, caddy will generate the certificate for you and renew it automatically
| ------------------------------------------------------------------ | ---- | ------------------------------------------------------------ |
| [bensuperpc.org](https://bensuperpc.org) | Main | Redirect to [www.bensuperpc.org](https://www.bensuperpc.org) |
| [www.bensuperpc.org](https://www.bensuperpc.org) | Main | Homepage |
| [open-webui.bensuperpc.org](https://open-webui.bensuperpc.org) | Sub | For local chatGPT |
| [wordpress.bensuperpc.org](https://wordpress.bensuperpc.org) | Sub | Wordpress website |
| [openwebui.bensuperpc.org](https://openwebui.bensuperpc.org) | Sub | For local chatGPT with ollama and openweb-ui |
| [authelia.bensuperpc.org](https://authelia.bensuperpc.org) | Sub | Authelia for authentication |
| [uptimekuma.bensuperpc.org](https://uptimekuma.bensuperpc.org) | Sub | Uptime Kuma for monitoring |
| [qbittorrent.bensuperpc.org](https://qbittorrent.bensuperpc.org) | Sub | Torrent client/server |
| [dozzle.bensuperpc.org](https://dozzle.bensuperpc.org) | Sub | Dozzle for docker logs |
| [transmission.bensuperpc.org](https://transmission.bensuperpc.org) | Sub | Torrent client/server |
| [forgejo.bensuperpc.org](https://forgejo.bensuperpc.org/) | Sub | Fork of Gitea for git |
| [git.bensuperpc.org](https://git.bensuperpc.org) | Sub | Fork of Gitea for git |
| [link.bensuperpc.org](https://link.bensuperpc.org) | Sub | For link shortener |
| [jellyfin.bensuperpc.org](https://jellyfin.bensuperpc.org) | Sub | Jellyfin for media server |
| [syncthing.bensuperpc.org](https://syncthing.bensuperpc.org) | Sub | SyncThing for file synchronization |
| [psitransfer.bensuperpc.org](https://psitransfer.bensuperpc.org) | Sub | PsiTransfer for file sharing |
| [it-tools.bensuperpc.org](https://it-tools.bensuperpc.org) | Sub | Tools for IT |
| [omni-tools.bensuperpc.org](https://omni-tools.bensuperpc.org) | Sub | Tools for IT |
| [privatebin.bensuperpc.org](https://privatebin.bensuperpc.org) | Sub | Pastebin |
| [privatebin.bensuperpc.org](https://privatebin.bensuperpc.org) | Sub | Privatebin |
| [projectsend.bensuperpc.org](https://projectsend.bensuperpc.org) | Sub | ProjectSend for file sharing |
| [picoshare.bensuperpc.org](https://picoshare.bensuperpc.org) | Sub | Picoshare for file sharing |
| [dufs.bensuperpc.org](https://dufs.bensuperpc.org) | Sub | Dufs for file sharing |
| [memos.bensuperpc.org](https://memos.bensuperpc.org) | Sub | Caddy for file sharing |
| [memos.bensuperpc.org](https://memos.bensuperpc.org) | Sub | Memos note-taking app |
| [stirlingpdf.bensuperpc.org](https://stirlingpdf.bensuperpc.org) | Sub | Stirling PDF tools |
| [argus.bensuperpc.org](https://argus.bensuperpc.org) | Sub | Argus for monitoring application updates |
| [searxng.bensuperpc.org](https://searxng.bensuperpc.org) | Sub | SearXNG self-hosted search engine |
| [dependency-track.bensuperpc.org](https://dependency-track.bensuperpc.org) | Sub | SBOM / vulnerability analysis |
| [wordpress.bensuperpc.org](https://wordpress.bensuperpc.org) | Sub | Wordpress website |
### Configure the infrastructure
@@ -136,27 +165,52 @@ For [caddy_backup.env](infrastructure/services/caddy/env/caddy_backup.env) file,
RESTIC_PASSWORD=7L1Ncbquax0B2TCOmrjaQl9n5mnY88bQ
```
#### Wordpress
For the [wordpress.env](infrastructure/services/wordpress/env/wordpress.env) file, you need to change the password and user for the database.
On [caddy.env](infrastructure/services/caddy/env/caddy.env) file, you need to update some variables, like the main domain, mail domain and scheme (http or https).
```sh
WORDPRESS_DB_USER=bensuperpc
WORDPRESS_DB_PASSWORD=lEOEf8cndnDjp84O4Uv5D9zJLJDFatLw
MAIN_DOMAIN=bensuperpc.org
MAIL_DOMAIN=bensuperpc@gmail.com
# Scheme
SCHEME=https
# ignore_loaded_certs off
AUTO_HTTPS_OPTIONS=ignore_loaded_certs
```
For [wordpress_db.env](infrastructure/services/wordpress/env/wordpress_db.env) file, you need to change the password(s) and user for the database.
#### Authelia
For [authelia.env](infrastructure/services/authelia/env/authelia.env) file, you need to change the password(s) and secret key:
```sh
MARIADB_ROOT_PASSWORD=7L1Ncbquax0B2TCOmrjaQl9n5mnY88bQ
MARIADB_USER=bensuperpc
MARIADB_PASSWORD=lEOEf8cndnDjp84O4Uv5D9zJLJDFatLw
AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET=ht87MVnXkXhBpDkMUHqKDqdg8UGBJt+Fx5jNIqXnN2k=
AUTHELIA_SESSION_SECRET=nsvbXKGRXVZUCUkOapntlq/Zh+d75WacTK5Jgyh8zYk=
AUTHELIA_STORAGE_ENCRYPTION_KEY=aWeIT74xIhGVd9nUOr4YTToTl5rpBEbzc/fv4jemuos=
AUTHELIA_STORAGE_POSTGRES_HOST=authelia-postgres
AUTHELIA_STORAGE_POSTGRES_PORT=5432
AUTHELIA_STORAGE_POSTGRES_DATABASE=authelia_db
AUTHELIA_STORAGE_POSTGRES_USERNAME=authelia
AUTHELIA_STORAGE_POSTGRES_PASSWORD=sAdkxFW6k3GiMOrlBpl6OV76eb9cQz/uk95jmA2UpI8=
```
For [wordpress_backup.env](infrastructure/services/wordpress/env/wordpress_backup.env) file, you need to change the password(s) for the restic backup.
Same for [authelia_postgres.env](infrastructure/services/authelia/env/authelia_postgres.env) file, you need to change the password(s) and user for the database.
```sh
RESTIC_PASSWORD=7L1Ncbquax0B2TCOmrjaQl9n5mnY88bQ
POSTGRES_USER=authelia
POSTGRES_PASSWORD=sAdkxFW6k3GiMOrlBpl6OV76eb9cQz/uk95jmA2UpI8=
POSTGRES_DB=authelia_db
```
You also need to update [users_database.yml](infrastructure/services/authelia/config/users_database.yml)
```sh
docker run --rm authelia/authelia:latest authelia crypto hash generate argon2 --password 'MyPassword'
```
#### Dozzle
To generate a new user for dozzle, you can use the following command [users.yml](infrastructure/services/dozzle/config/users.yml):
```sh
docker run -it --rm amir20/dozzle generate bensuperpc --password mypassword --email bensuperpc@gmail.com --name "bensuperpc"
```
#### PsiTransfer
@@ -223,37 +277,32 @@ USER_PASSWORD=rdUwf36C11PLmpU9Lvq7tP5pfFBKAuCh
#### Open-WebUI
For [open-webui.env](infrastructure/services/open-webui/env/open-webui.env) file, entirely optional.
For [open-webui.env](infrastructure/services/open-webui/env/open-webui.env) file, you must change the secret key for the webui and configure its PostgreSQL backend.
To download the model, you can use:
```sh
WEBUI_SECRET_KEY=7d83b15a417d090ba5c6b899270a05dd215c60848354c0c7574226d6ff02f39e
```
Also update [openwebui-postgres.env](infrastructure/services/open-webui/env/openwebui-postgres.env) with your own credentials.
To download the model, through open-webui GUI or you can use the following command:
```sh
docker exec -it ollama ollama run deepseek-r1:8b
```
### Start the infrastructure
#### Dependency-Track
Start the website with:
For [dependency-track.env](infrastructure/services/dependency-track/env/dependency-track.env) file, you need to set the database credentials and the API server URL.
```sh
make start-at
POSTGRES_USER=dtrack
POSTGRES_PASSWORD=<your_password>
POSTGRES_DB=dtrack_db
ALPINE_DATA_DIRECTORY=/data
```
Stop the website with (or CTRL+C with the previous command):
```sh
make stop
```
Remove countainers with:
```sh
make down
```
You can disable some services by removing the service name in PROFILES variable in the [Makefile](Makefile) file.
To enable the gitea CI: [how-to-build-docker-containers-using-gitea-runners](https://medium.com/@lokanx/how-to-build-docker-containers-using-gitea-runners-600729555e07)
The frontend is available at `https://dependency-track.bensuperpc.org` and the API server at `/api/*`. Default credentials are `admin` / `admin`, **change them on first login**.
### Homepage
@@ -274,7 +323,7 @@ Once the installation is complete, you need to set the installation lock:
FORGEJO__security__INSTALL_LOCK=true
```
### Forgejo Runner
### Forgejo Runner (Out of date)
```sh
docker exec -it forgejo_runner /bin/bash
@@ -310,7 +359,7 @@ You will need to provide the following information:
```sh
https://forgejo.bensuperpc.org/
<Your Registration Token, in https://forgejo.bensuperpc.org/admin/actions/runners>
ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-22.04
ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-24.04
main
```
@@ -325,7 +374,7 @@ This infrastructure uses docker volumes to store data, all configuration/data fo
### SSH access
The default port for ssh/rsync is is 2222.
The default port for SSH/rsync is 2222.
You can access to the server with:
@@ -333,6 +382,76 @@ You can access to the server with:
ssh -p 2222 admin@bensuperpc.org
```
### Qbittorrent
To activate the alternative webui theme (VueTorrent), you need to go in the qbittorrent settings, then in the `webui` section, check the `Use alternative webui` and add `/vuetorrent` to text field.
#### Local testing
If you want to test the infrastructure locally, you can add these lines in your `/etc/hosts` file:
```sh
127.0.0.1 openwebui.bensuperpc.org
127.0.0.1 authelia.bensuperpc.org
127.0.0.1 memos.bensuperpc.org
127.0.0.1 stirlingpdf.bensuperpc.org
127.0.0.1 public.bensuperpc.org
127.0.0.1 private.bensuperpc.org
127.0.0.1 jellyfin.bensuperpc.org
127.0.0.1 syncthing.bensuperpc.org
127.0.0.1 psitransfer.bensuperpc.org
127.0.0.1 projectsend.bensuperpc.org
127.0.0.1 picoshare.bensuperpc.org
127.0.0.1 dufs.bensuperpc.org
127.0.0.1 it-tools.bensuperpc.org
127.0.0.1 omni-tools.bensuperpc.org
127.0.0.1 privatebin.bensuperpc.org
127.0.0.1 forgejo.bensuperpc.org
127.0.0.1 git.bensuperpc.org
127.0.0.1 qbittorrent.bensuperpc.org
127.0.0.1 transmission.bensuperpc.org
127.0.0.1 uptimekuma.bensuperpc.org
127.0.0.1 wordpress.bensuperpc.org
127.0.0.1 searxng.bensuperpc.org
127.0.0.1 dependency-track.bensuperpc.org
127.0.0.1 homepage.bensuperpc.org
```
Then update the [caddy.env](infrastructure/services/caddy/env/caddy.env) file with your local domain to disable the letsencrypt certificate generation and auto redirect to https:
```sh
MAIN_DOMAIN=bensuperpc.org
# Scheme
SCHEME=https
# ignore_loaded_certs off
AUTO_HTTPS_OPTIONS=ignore_loaded_certs
```
And remove all the `import authelia_middleware` in the caddyfiles, authelia need https to work.
#### Wordpress
For the [wordpress.env](infrastructure/services/wordpress/env/wordpress.env) file, you need to change the password and user for the database.
```sh
WORDPRESS_DB_USER=bensuperpc
WORDPRESS_DB_PASSWORD=lEOEf8cndnDjp84O4Uv5D9zJLJDFatLw
```
For [wordpress_db.env](infrastructure/services/wordpress/env/wordpress_db.env) file, you need to change the password(s) and user for the database.
```sh
MARIADB_ROOT_PASSWORD=7L1Ncbquax0B2TCOmrjaQl9n5mnY88bQ
MARIADB_USER=bensuperpc
MARIADB_PASSWORD=lEOEf8cndnDjp84O4Uv5D9zJLJDFatLw
```
For [wordpress_backup.env](infrastructure/services/wordpress/env/wordpress_backup.env) file, you need to change the password(s) for the restic backup.
```sh
RESTIC_PASSWORD=7L1Ncbquax0B2TCOmrjaQl9n5mnY88bQ
```
## Sources
- [Wordpress](https://wordpress.org/)
@@ -348,6 +467,7 @@ ssh -p 2222 admin@bensuperpc.org
- [Letsencrypt](https://letsencrypt.org/)
- [Caddy](https://caddyserver.com/)
- [Adminer](https://www.adminer.org/)
- [self-hosted-ai-stack](https://triedandtestedbuilds.com/self-hosted-ai-stack-part-1)
- [Uptime Kuma](https://uptime-kuma.com/)
- [qbittorrent](https://www.qbittorrent.org/)
- [Transmission](https://transmissionbt.com/)
@@ -370,6 +490,10 @@ ssh -p 2222 admin@bensuperpc.org
- [Forgejo-runner](https://code.forgejo.org/forgejo/runner)
- [Forgejo-runner](https://huijzer.xyz/posts/55)
- [Forgejo](https://nickcunningh.am/blog/how-to-setup-and-configure-forgejo-with-support-for-forgejo-actions-and-more)
- [Argus](https://github.com/release-argus/Argus)
- [SearXNG](https://github.com/searxng/searxng)
- [Dependency-Track](https://dependencytrack.org/)
- [Authelia](https://www.authelia.com/)
## License
+16 -4
View File
@@ -41,11 +41,23 @@ include:
- services/uptime-kuma/docker-compose.uptime-kuma.yml
# open-webui
- services/open-webui/docker-compose.open-webui.yml
# Memos
- services/memos/docker-compose.memos.yml
# Argus
- services/argus/docker-compose.argus.yml
# Dependency-Track
- services/dependency-track/docker-compose.dependency-track.yml
# Searxng
- services/searxng/docker-compose.searxng.yml
# Authelia
- services/authelia/docker-compose.authelia.yml
# Dozzle
- services/dozzle/docker-compose.dozzle.yml
# Minecraft
- services/minecraft-server/minecraft-server/docker-compose.yml
- services/minecraft-server/docker-compose.yml
# 7daystodie
- services/7daystodie-server/7daystodie-server/docker-compose.yml
- services/7daystodie-server/docker-compose.yml
# Satisfactory
- services/satisfactory-server/satisfactory-server/docker-compose.yml
- services/satisfactory-server/docker-compose.yml
# Team Fortress 2
- services/teamfortress2-server/teamfortress2-server/docker-compose.yml
- services/teamfortress2-server/docker-compose.yml
@@ -0,0 +1,56 @@
services:
# 7 days to die server
7daystodie_server:
image: vinanrra/7dtd-server:latest
container_name: 7daystodie_server
profiles:
- 7daystodie_server
restart: on-failure:7
ports:
- "26900:26900"
- "26901:26901"
- "26902:26902"
# - "8080:8080" # WEBADMIN
# - "8081:8081" # TELNET
# - "8082:8082" # WEBSERVER
volumes:
- 7daystodie_server_save:/home/sdtdserver/.local/share/7DaysToDie # 7 Days To Die world saves
- 7daystodie_server_config_lgsm:/home/sdtdserver/lgsm/config-lgsm/sdtdserver # LGSM config folder
- 7daystodie_server_file:/home/sdtdserver/serverfiles # Optional - serverfiles folder
- 7daystodie_server_log:/home/sdtdserver/log
networks:
- 7daystodie-network
env_file:
- ./env/7daystodie.env
environment:
- PUID=${PUID:-1000}
- PGID=${PGID:-1000}
- TZ=${TZ:-Europe/Paris}
# security_opt:
# - no-new-privileges:true
# cap_drop:
# - SYS_ADMIN
deploy:
resources:
limits:
memory: 16G
reservations:
memory: 4G
volumes:
7daystodie_backup:
name: 7daystodie_backup
7daystodie_server_save:
name: 7daystodie_server_save
7daystodie_server_config_lgsm:
name: 7daystodie_server_config_lgsm
7daystodie_server_file:
name: 7daystodie_server_file
7daystodie_server_log:
name: 7daystodie_server_log
networks:
7daystodie-network:
driver: bridge
name: 7daystodie-network
@@ -0,0 +1,7 @@
START_MODE=3
VERSION=stable
TimeZone=Europe/Paris
BACKUP=NO
BACKUP_HOUR=2
BACKUP_MAX=7
MONITOR=NO
@@ -0,0 +1,33 @@
services:
7daystodie_backup:
image: mazzolino/restic:latest
container_name: 7daystodie_backup
profiles:
- 7daystodie_backup
depends_on:
- 7daystodie_server
restart: on-failure:7
env_file:
- ./env/7daystodie_backup.env
volumes:
- 7daystodie_backup:/mnt/restic
- 7daystodie_server_save:/data:ro
security_opt:
- no-new-privileges:true
network_mode: none
cap_drop:
- NET_ADMIN
- NET_RAW
- SYS_ADMIN
volumes:
7daystodie_backup:
name: 7daystodie_backup
7daystodie_server_save:
name: 7daystodie_server_save
7daystodie_server_config_lgsm:
name: 7daystodie_server_config_lgsm
7daystodie_server_file:
name: 7daystodie_server_file
7daystodie_server_log:
name: 7daystodie_server_log
@@ -0,0 +1,14 @@
#RUN_ON_STARTUP=true
RESTIC_REPOSITORY=/mnt/restic
RESTIC_BACKUP_SOURCES=/data
RESTIC_PASSWORD=SCY5cmu12Odca302EXabPA9jXYkCb2NN
# Backup (exuclusive with Check and Prune)
BACKUP_CRON=*/15 * * * *
RESTIC_BACKUP_ARGS=--tag docker-volumes --verbose
#RESTIC_FORGET_ARGS=--prune --keep-last 8 --keep-daily 7 --keep-weekly 5 --keep-monthly 12 --keep-yearly 4
# Check (exuclusive with Check and Prune)
#CHECK_CRON=*/15 * * * *
#RESTIC_CHECK_ARGS=--read-data-subset=40%
# Prune (exuclusive with Check and Prune)
#PRUNE_CRON=*/15 * * * *
#RESTIC_PRUNE_ARGS=
@@ -0,0 +1,5 @@
include:
# 7 days to die server
- 7daystodie/docker-compose.7daystodie.yml
# Backup server
- backup/docker-compose.backup.yml
@@ -0,0 +1,87 @@
settings:
log:
level: DEBUG
defaults:
service:
latest_version:
access_token: <secret>
deployed_version:
allow_invalid_certs: true
notify:
default_gotify:
type: gotify
url_fields:
host: gotify.example.io
token: <secret>
default_mattermost:
type: mattermost
url_fields:
host: localhost
port: "8081"
token: <secret>
webhook:
awx_more:
type: github
url: http://localhost:8081
secret: <secret>
silent_fails: true
awx_other:
type: github
url: https://localhost:8081/api/v2/job_templates/36/github/
secret: <secret>
silent_fails: true
service:
forgejo:
latest_version:
type: url
url: https://code.forgejo.org/api/v1/repos/forgejo/forgejo/releases
url_commands:
- type: regex
regex: "['\"]tag_name['\"]: *['\"]v?([0-9.]+(?:-dev)?)['\"]"
deployed_version:
type: url
url: https://code.forgejo.org
regex: Powered by Forgejo.*\s+Version:\s+([0-9.]+(?:-dev)?)
dashboard:
web_url: https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/{{ version }}.md
icon: https://code.forgejo.org/assets/img/logo.svg
tags:
- go
svt-av1:
latest_version:
type: url
url: https://gitlab.com/api/v4/projects/AOMediaCodec%2FSVT-AV1/repository/tags?order_by=version&sort=desc
url_commands:
- type: regex
regex: '"name":"v?([0-9.]+(?:-rc[0-9]+)?)"'
dashboard:
icon: https://upload.wikimedia.org/wikipedia/commons/8/84/AV1_logo_2018.svg
web_url: https://gitlab.com/AOMediaCodec/SVT-AV1/-/releases/v{{ version }}
tags:
- av1
- video
- encoder
ffmpeg:
latest_version:
type: url
url: https://api.github.com/repos/FFmpeg/FFmpeg/tags
url_commands:
- type: regex
regex: '"name":"n?([0-9.]+)"'
dashboard:
icon: https://upload.wikimedia.org/wikipedia/commons/7/76/FFmpeg_icon.svg?utm_source=commons.wikimedia.org&utm_campaign=index&utm_content=original
web_url: https://github.com/FFmpeg/FFmpeg/releases/tag/n{{ version }}
qbittorrent:
latest_version:
type: url
url: https://api.github.com/repos/qbittorrent/qBittorrent/releases/latest
url_commands:
- type: regex
regex: '"tag_name":"release-([0-9.]+)"'
dashboard:
icon: https://upload.wikimedia.org/wikipedia/commons/6/66/New_qBittorrent_Logo.svg
web_url: https://github.com/qbittorrent/qBittorrent/releases/tag/release-{{ version }}
tags:
- bittorrent
- qt
- cplusplus
@@ -0,0 +1,34 @@
services:
# argus
argus:
image: releaseargus/argus:latest
container_name: argus
profiles:
- argus
environment:
- ARGUS_UID=${PUID:-1000}
- ARGUS_GID=${PGID:-1000}
- TZ=${TZ:-Europe/Paris}
restart: on-failure:7
depends_on:
- caddy
networks:
- caddy-infra
volumes:
- argus_data:/app/data/
- ./config/config.yml:/app/config.yml
# healthcheck:
# test: ["CMD", "/healthcheck", "http://localhost:8080/api/v1/healthcheck"]
# interval: 1m
# timeout: 10s
# retries: 3
# start_period: 10s
volumes:
argus_data:
name: argus_data
networks:
caddy-infra:
driver: bridge
name: caddy-infra
@@ -0,0 +1,64 @@
theme: auto
server:
address: "tcp://0.0.0.0:9091"
log:
level: info
authentication_backend:
file:
path: /config/users_database.yml
access_control:
default_policy: deny
rules:
- domain:
- "authelia.bensuperpc.org"
- "www.bensuperpc.org"
- "public.bensuperpc.org"
- "it-tools.bensuperpc.org"
- "omni-tools.bensuperpc.org"
- "cyberchef.bensuperpc.org"
- "wordpress.bensuperpc.org"
- "homepage.bensuperpc.org"
policy: bypass
- domain:
- "jellyfin.bensuperpc.org"
- "openwebui.bensuperpc.org"
- "searxng.bensuperpc.org"
subject:
- 'group:admins'
- 'group:users'
policy: one_factor
- domain:
- "*.bensuperpc.org"
subject:
- 'group:admins'
policy: one_factor
# - domain: "dependency-track.bensuperpc.org"
# resources:
# - "^/api/.*"
# policy: bypass
# - domain: "*.bensuperpc.org"
# policy: two_factor
session:
expiration: 72h
inactivity: 60m
remember_me: 1M
cookies:
- domain: "bensuperpc.org"
authelia_url: "https://authelia.bensuperpc.org"
regulation:
max_retries: 5
find_time: 3m
ban_time: 15m
storage:
postgres: {}
notifier:
filesystem:
filename: /config/notification.txt
@@ -0,0 +1,8 @@
users:
bensuperpc:
displayname: "Bensuperpc"
password: "$argon2id$v=19$m=65536,t=3,p=4$1T+CwoeP6hcoddG8l1iilg$omcB+SICmNQzmZIXhE54S5+J68AU32f60a5ctYoEObU"
email: "bensuperpc@gmail.com"
groups:
- admins
- users
@@ -0,0 +1,56 @@
services:
authelia:
container_name: authelia
image: authelia/authelia:latest
profiles:
- authelia
- caddy
depends_on:
authelia-postgres:
condition: service_healthy
# environment:
# - TZ=America/New_York
# - PUID=${PUID:-1000}
# - PGID=${PGID:-1000}
env_file:
- ./env/authelia.env
environment:
- TZ=${TZ:-Europe/Paris}
volumes:
- ./config:/config
networks:
- caddy-infra
- authelia-internal
restart: on-failure:7
authelia-postgres:
image: postgres:17-alpine
container_name: authelia-postgres
restart: on-failure:7
volumes:
- authelia_db_data:/var/lib/postgresql/data
env_file:
- ./env/authelia_postgres.env
profiles:
- authelia
- caddy
environment:
- TZ=${TZ:-Europe/Paris}
healthcheck:
test: [ "CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}" ]
interval: 5s
timeout: 3s
retries: 5
networks:
- authelia-internal
networks:
caddy-infra:
driver: bridge
name: caddy-infra
authelia-internal:
driver: bridge
name: authelia-internal
volumes:
authelia_db_data: {}
+8
View File
@@ -0,0 +1,8 @@
AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET=ht87MVnXkXhBpDkMUHqKDqdg8UGBJt+Fx5jNIqXnN2k=
AUTHELIA_SESSION_SECRET=nsvbXKGRXVZUCUkOapntlq/Zh+d75WacTK5Jgyh8zYk=
AUTHELIA_STORAGE_ENCRYPTION_KEY=aWeIT74xIhGVd9nUOr4YTToTl5rpBEbzc/fv4jemuos=
AUTHELIA_STORAGE_POSTGRES_HOST=authelia-postgres
AUTHELIA_STORAGE_POSTGRES_PORT=5432
AUTHELIA_STORAGE_POSTGRES_DATABASE=authelia_db
AUTHELIA_STORAGE_POSTGRES_USERNAME=authelia
AUTHELIA_STORAGE_POSTGRES_PASSWORD=sAdkxFW6k3GiMOrlBpl6OV76eb9cQz/uk95jmA2UpI8=
@@ -0,0 +1,3 @@
POSTGRES_USER=authelia
POSTGRES_PASSWORD=sAdkxFW6k3GiMOrlBpl6OV76eb9cQz/uk95jmA2UpI8=
POSTGRES_DB=authelia_db
+32 -1
View File
@@ -10,6 +10,37 @@
}
format json
}
auto_https {$AUTO_HTTPS_OPTIONS}
}
import website/*
# Common settings
import website/header.caddy
import website/authelia_middleware.caddy
# All website configurations
import website/main.caddy
import website/cyberchef.caddy
import website/forgejo.caddy
import website/homepage.caddy
import website/jellyfin.caddy
import website/memos.caddy
import website/openwebui.caddy
import website/privatebin.caddy
import website/psitransfer.caddy
import website/stirlingpdf.caddy
import website/transmission.caddy
import website/wordpress.caddy
import website/dufs.caddy
import website/it-tools.caddy
import website/omni-tools.caddy
import website/picoshare.caddy
import website/projectsend.caddy
import website/qbittorrent.caddy
import website/syncthing.caddy
import website/uptimekuma.caddy
import website/argus.caddy
import website/dependency-track.caddy
import website/searxng.caddy
import website/authelia.caddy
import website/dozzle.caddy
@@ -0,0 +1,4 @@
{$SCHEME}://argus.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$ARGUS_ADDRESS}
}
@@ -0,0 +1,3 @@
{$SCHEME}://authelia.{$MAIN_DOMAIN} {
reverse_proxy {$AUTHELIA_ADDRESS}
}
@@ -0,0 +1,6 @@
(authelia_middleware) {
forward_auth authelia:9091 {
uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
}
}
@@ -1,4 +1,5 @@
cyberchef.{$MAIN_DOMAIN} {
{$SCHEME}://cyberchef.{$MAIN_DOMAIN} {
import authelia_middleware
# Load balance between 2 instances
reverse_proxy {
to cyberchef0:8000 cyberchef1:8000
@@ -0,0 +1,5 @@
{$SCHEME}://dependency-track.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy /api/* {$DEPENDENCY_TRACK_APISERVER_ADDRESS}
reverse_proxy {$DEPENDENCY_TRACK_FRONTEND_ADDRESS}
}
@@ -0,0 +1,4 @@
{$SCHEME}://dozzle.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$DOZZLE_ADDRESS}
}
@@ -1,3 +1,4 @@
dufs.{$MAIN_DOMAIN} {
{$SCHEME}://dufs.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy dufs:5000
}
@@ -1,7 +1,9 @@
git.{$MAIN_DOMAIN} {
reverse_proxy forgejo:3000
{$SCHEME}://git.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$FORGEJO_ADDRESS}
}
forgejo.{$MAIN_DOMAIN} {
{$SCHEME}://forgejo.{$MAIN_DOMAIN} {
import authelia_middleware
redir https://git.{$MAIN_DOMAIN}{uri} permanent
}
@@ -11,4 +11,5 @@
#Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
#Cross-Origin-Resource-Policy: same-origin
#Content-Security-Policy: default-src 'self'; img-src 'self' data:; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self';
}
@@ -1,3 +1,4 @@
homepage.{$MAIN_DOMAIN} {
reverse_proxy homepage:3000
{$SCHEME}://homepage.{$MAIN_DOMAIN} {
import authelia_middleware
redir https://www.{$MAIN_DOMAIN}{uri} permanent
}
@@ -1,4 +1,5 @@
it-tools.{$MAIN_DOMAIN} {
{$SCHEME}://it-tools.{$MAIN_DOMAIN} {
import authelia_middleware
# Load balance between 2 instances
reverse_proxy {
to it-tools0:8080 it-tools1:8080
@@ -6,4 +7,7 @@ it-tools.{$MAIN_DOMAIN} {
lb_retries 3
lb_try_interval 1s
}
header {
import header_common
}
}
@@ -1,3 +1,7 @@
jellyfin.{$MAIN_DOMAIN} {
reverse_proxy jellyfin:8096
{$SCHEME}://jellyfin.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$JELLYFIN_ADDRESS}
header {
import header_common
}
}
@@ -1,4 +1,5 @@
www.{$MAIN_DOMAIN} {
{$SCHEME}://www.{$MAIN_DOMAIN} {
import authelia_middleware
header {
Cache-Control "public, max-age=10"
import header_common
@@ -12,11 +13,11 @@ www.{$MAIN_DOMAIN} {
reverse_proxy homepage:3000
}
{$MAIN_DOMAIN} {
redir https://www.{host}{uri} permanent
{$SCHEME}://{$MAIN_DOMAIN} {
redir https://www.{$MAIN_DOMAIN}{uri} permanent
}
public.{$MAIN_DOMAIN} {
{$SCHEME}://public.{$MAIN_DOMAIN} {
root * /public_data
file_server browse
@@ -1,3 +1,4 @@
memos.{$MAIN_DOMAIN} {
reverse_proxy memos:5230
{$SCHEME}://memos.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$MEMOS_ADDRESS}
}
@@ -1,4 +1,5 @@
omni-tools.{$MAIN_DOMAIN} {
{$SCHEME}://omni-tools.{$MAIN_DOMAIN} {
import authelia_middleware
# Load balance between 2 instances
reverse_proxy {
to omni-tools0:80 omni-tools1:80
@@ -1,3 +0,0 @@
open-webui.{$MAIN_DOMAIN} {
reverse_proxy open-webui:8080
}
@@ -0,0 +1,4 @@
{$SCHEME}://openwebui.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$OPEN_WEBUI_ADDRESS}
}
@@ -1,3 +1,4 @@
picoshare.{$MAIN_DOMAIN} {
reverse_proxy picoshare:4001
{$SCHEME}://picoshare.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$PICOSHARE_ADDRESS}
}
@@ -1,7 +1,4 @@
privatebin.{$MAIN_DOMAIN} {
reverse_proxy privatebin:8080
}
pastebin.{$MAIN_DOMAIN} {
redir https://privatebin.{$MAIN_DOMAIN} permanent
{$SCHEME}://privatebin.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$PRIVATEBIN_ADDRESS}
}
@@ -1,3 +1,4 @@
projectsend.{$MAIN_DOMAIN} {
reverse_proxy projectsend:80
{$SCHEME}://projectsend.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$PROJECTSEND_ADDRESS}
}
@@ -1,7 +1,9 @@
transfer.{$MAIN_DOMAIN} {
reverse_proxy psitransfer:3000
{$SCHEME}://transfer.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$PSITRANSFER_ADDRESS}
}
psitransfer.{$MAIN_DOMAIN} {
{$SCHEME}://psitransfer.{$MAIN_DOMAIN} {
import authelia_middleware
redir https://transfer.{$MAIN_DOMAIN}{uri} permanent
}
@@ -1,11 +1,15 @@
torrent.{$MAIN_DOMAIN} {
reverse_proxy qbittorrent:8080
{$SCHEME}://torrent.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$QBITTORRENT_ADDRESS} {
header_up Referer "{$SCHEME}://torrent.{$MAIN_DOMAIN}"
}
header {
Cache-Control "no-store"
import header_common
}
}
qbittorrent.{$MAIN_DOMAIN} {
{$SCHEME}://qbittorrent.{$MAIN_DOMAIN} {
import authelia_middleware
redir https://torrent.{$MAIN_DOMAIN} permanent
}
@@ -0,0 +1,4 @@
{$SCHEME}://searxng.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$SEARXNG_ADDRESS}
}
@@ -1,3 +1,4 @@
stirlingpdf.{$MAIN_DOMAIN} {
reverse_proxy stirlingpdf:8080
{$SCHEME}://stirlingpdf.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$STIRLINGPDF_ADDRESS}
}
@@ -1,5 +1,6 @@
syncthing.{$MAIN_DOMAIN} {
reverse_proxy syncthing:8384 {
{$SCHEME}://syncthing.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$SYNCTHING_ADDRESS} {
header_up Host {upstream_hostport}
}
}
@@ -1,3 +1,4 @@
transmission.{$MAIN_DOMAIN} {
reverse_proxy transmission:9091
{$SCHEME}://transmission.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$TRANSMISSION_ADDRESS}
}
@@ -1,3 +1,8 @@
uptimekuma.{$MAIN_DOMAIN} {
reverse_proxy uptime-kuma:3001
{$SCHEME}://uptimekuma.{$MAIN_DOMAIN} {
import authelia_middleware
reverse_proxy {$UPTIMEKUMA_ADDRESS}
header {
Cache-Control "no-store"
import header_common
}
}
@@ -1,6 +1,7 @@
wordpress.{$MAIN_DOMAIN} {
{$SCHEME}://wordpress.{$MAIN_DOMAIN} {
import authelia_middleware
root * /var/www/html
php_fastcgi wordpress:9000
php_fastcgi {$WORDPRESS_ADDRESS}
file_server
encode zstd gzip
@@ -16,9 +17,6 @@ wordpress.{$MAIN_DOMAIN} {
respond /uploads/*.php 404
header {
# disable FLoC tracking
Permissions-Policy interest-cohort=()
# enable HSTS
Strict-Transport-Security max-age=31536000;
@@ -29,6 +27,6 @@ wordpress.{$MAIN_DOMAIN} {
# X-Frame-Options DENY
# Disable powerful features we don't need
Permissions-Policy "geolocation=(), camera=(), microphone=() interest-cohort=()"
Permissions-Policy "geolocation=(), camera=(), microphone=()"
}
}
@@ -1,14 +1,15 @@
services:
# Caddy
caddy:
image: bensuperpc/caddy-l4:latest
#image: bensuperpc/caddy-l4:latest
image: caddy:latest
container_name: caddy
profiles:
- caddy
depends_on:
main_infrastructure:
condition: service_completed_successfully
restart: on-failure:5
restart: on-failure:7
ports:
- 80:80/tcp
- 80:80/udp
@@ -22,9 +23,17 @@ services:
- public_data:/public_data:ro
networks:
- infra-network
- caddy-infra
- caddy-media
- caddy-tools
- caddy-files
- caddy-dev
- caddy-ai
- caddy-web
env_file:
- ./env/caddy.env
environment:
- TZ=${TZ:-Europe/Paris}
security_opt:
- no-new-privileges:true
healthcheck:
@@ -40,9 +49,11 @@ services:
- caddy
depends_on:
- caddy
restart: on-failure:5
restart: on-failure:7
env_file:
- ./env/caddy_backup.env
environment:
- TZ=${TZ:-Europe/Paris}
volumes:
- caddy_backup:/mnt/restic
- caddy_data:/data:ro
@@ -63,3 +74,26 @@ volumes:
name: wordpress
public_data:
name: public_data
networks:
caddy-infra:
driver: bridge
name: caddy-infra
caddy-media:
driver: bridge
name: caddy-media
caddy-tools:
driver: bridge
name: caddy-tools
caddy-files:
driver: bridge
name: caddy-files
caddy-dev:
driver: bridge
name: caddy-dev
caddy-ai:
driver: bridge
name: caddy-ai
caddy-web:
driver: bridge
name: caddy-web
+26
View File
@@ -1,2 +1,28 @@
MAIN_DOMAIN=bensuperpc.org
MAIL_DOMAIN=bensuperpc@gmail.com
# Services
JELLYFIN_ADDRESS=jellyfin:8096
QBITTORRENT_ADDRESS=qbittorrent:8080
ARGUS_ADDRESS=argus:8080
FORGEJO_ADDRESS=forgejo:3000
UPTIMEKUMA_ADDRESS=uptime-kuma:3001
MEMOS_ADDRESS=memos:5230
HOMEPAGE_ADDRESS=homepage:3000
OPEN_WEBUI_ADDRESS=openwebui:8080
PICOSHARE_ADDRESS=picoshare:4001
PRIVATEBIN_ADDRESS=privatebin:8080
PROJECTSEND_ADDRESS=projectsend:80
STIRLINGPDF_ADDRESS=stirlingpdf:8080
SYNCTHING_ADDRESS=syncthing:8384
TRANSMISSION_ADDRESS=transmission:9091
PSITRANSFER_ADDRESS=psitransfer:3000
WORDPRESS_ADDRESS=wordpress:9000
DEPENDENCY_TRACK_FRONTEND_ADDRESS=dependency-track-frontend:8080
DEPENDENCY_TRACK_APISERVER_ADDRESS=dependency-track-apiserver:8080
SEARXNG_ADDRESS=searxng:8080
AUTHELIA_ADDRESS=authelia:9091
DOZZLE_ADDRESS=dozzle:8080
# Scheme
SCHEME=https
# ignore_loaded_certs off
AUTO_HTTPS_OPTIONS=ignore_loaded_certs
@@ -5,11 +5,11 @@ services:
container_name: cyberchef0
profiles:
- cyberchef
restart: on-failure:5
restart: on-failure:7
depends_on:
- caddy
networks:
- infra-network
- caddy-tools
read_only: false
security_opt:
- no-new-privileges:true
@@ -30,11 +30,11 @@ services:
container_name: cyberchef1
profiles:
- cyberchef
restart: on-failure:5
restart: on-failure:7
depends_on:
- caddy
networks:
- infra-network
- caddy-tools
read_only: false
security_opt:
- no-new-privileges:true
@@ -49,3 +49,8 @@ services:
reservations:
cpus: '0.001'
memory: 20M
networks:
caddy-tools:
driver: bridge
name: caddy-tools
@@ -0,0 +1,74 @@
services:
dependency-track-apiserver:
image: dependencytrack/apiserver
container_name: dependency-track-apiserver
profiles:
- dependency-track
depends_on:
dependency-track-postgres:
condition: service_healthy
env_file:
- ./env/dependency-track.env
restart: on-failure:7
networks:
- caddy-web
- dependency-track-internal
deploy:
resources:
limits:
memory: 4g
restart_policy:
condition: on-failure
volumes:
- 'dtrack-data:/data'
dependency-track-frontend:
image: dependencytrack/frontend
container_name: dependency-track-frontend
profiles:
- dependency-track
restart: on-failure:7
networks:
- caddy-web
- dependency-track-internal
depends_on:
dependency-track-apiserver:
condition: service_healthy
caddy:
condition: service_healthy
security_opt:
- no-new-privileges:true
env_file:
- ./env/dependency-track.env
dependency-track-postgres:
image: postgres:17-alpine
container_name: dependency-track-postgres
profiles:
- dependency-track
env_file:
- ./env/postgres.env
restart: on-failure:7
networks:
- dependency-track-internal
healthcheck:
test: [ "CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}" ]
interval: 5s
timeout: 3s
retries: 5
volumes:
- "dtrack-postgres-data:/var/lib/postgresql/data"
volumes:
dtrack-data:
name: dtrack-data
dtrack-postgres-data:
name: dtrack-postgres-data
networks:
caddy-web:
driver: bridge
name: caddy-web
dependency-track-internal:
driver: bridge
name: dependency-track-internal
@@ -0,0 +1,7 @@
ALPINE_DATABASE_MODE="external"
ALPINE_DATABASE_URL="jdbc:postgresql://dependency-track-postgres:5432/dtrack"
ALPINE_DATABASE_DRIVER="org.postgresql.Driver"
ALPINE_DATABASE_USERNAME="dtrack"
ALPINE_DATABASE_PASSWORD="dtrack"
API_BASE_URL="https://dependency-track.bensuperpc.org"
@@ -0,0 +1,3 @@
POSTGRES_DB="dtrack"
POSTGRES_USER="dtrack"
POSTGRES_PASSWORD="dtrack"
@@ -0,0 +1,7 @@
users:
bensuperpc:
email: bensuperpc@gmail.com
name: bensuperpc
password: $2a$11$w56N4NICh5xD5Bbq6Z2Z2ef9/QUaa/YKleMiawn/Bru9hYsQOJyrm
filter: ""
roles: ""
@@ -0,0 +1,56 @@
services:
dozzle:
image: amir20/dozzle:latest
container_name: dozzle
profiles:
- dozzle
restart: on-failure:7
depends_on:
- caddy
- dozzle-dockerproxy
env_file:
- ./env/dozzle.env
environment:
- TZ=${TZ:-Europe/Paris}
volumes:
- dozzle_data:/data
secrets:
- source: dozzle_users
target: /data/users.yml
networks:
- caddy-infra
- dozzle-internal
dozzle-dockerproxy:
image: tecnativa/docker-socket-proxy:latest
container_name: dozzle-dockerproxy
profiles:
- dozzle
restart: on-failure:7
environment:
- CONTAINERS=1
- POST=0
- PING=1
- VERSION=1
- EVENTS=1
- INFO=1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- dozzle-internal
networks:
caddy-infra:
driver: bridge
name: caddy-infra
dozzle-internal:
driver: bridge
name: dozzle-internal
volumes:
dozzle_data:
name: dozzle_data
secrets:
dozzle_users:
file: ./config/users.yml
+2
View File
@@ -0,0 +1,2 @@
DOZZLE_AUTH_PROVIDER=simple
DOZZLE_REMOTE_HOST=tcp://dozzle-dockerproxy:2375
@@ -6,7 +6,7 @@ services:
profiles:
- dufs
# user: ${PUID:-1000}:${PGID:-1000}
restart: on-failure:5
restart: on-failure:7
depends_on:
- caddy
env_file:
@@ -14,7 +14,7 @@ services:
volumes:
- public_data:/data
networks:
- infra-network
- caddy-files
security_opt:
- no-new-privileges:true
@@ -22,4 +22,9 @@ volumes:
public_data:
name: public_data
private_data:
name: private_data
name: private_data
networks:
caddy-files:
driver: bridge
name: caddy-files
@@ -1,11 +1,11 @@
services:
# forgejo
forgejo:
image: codeberg.org/forgejo/forgejo:13
image: codeberg.org/forgejo/forgejo:15
container_name: forgejo
profiles:
- forgejo
restart: on-failure:5
restart: on-failure:7
depends_on:
- database_forgejo
- caddy
@@ -18,7 +18,8 @@ services:
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
networks:
- infra-network
- caddy-dev
- forgejo-internal
# user: ${PUID:-1000}:${PGID:-1000}
security_opt:
- no-new-privileges:true
@@ -31,14 +32,14 @@ services:
- forgejo
depends_on:
- caddy
restart: on-failure:5
restart: on-failure:7
volumes:
- forgejo_db:/var/lib/mysql:rw
env_file:
- ./env/forgejo_db.env
command: '--default-authentication-plugin=mysql_native_password'
networks:
- infra-network
- forgejo-internal
security_opt:
- no-new-privileges:true
@@ -48,7 +49,7 @@ services:
container_name: 'docker_dind'
hostname: docker
networks:
- infra-network
- forgejo-internal
profiles:
- forgejo-runner
privileged: true
@@ -59,13 +60,11 @@ services:
- forgejo_certs:/certs
forgejo_runner:
image: data.forgejo.org/forgejo/runner:9
image: data.forgejo.org/forgejo/runner:12
networks:
- infra-network
- forgejo-internal
profiles:
- forgejo-runner
links:
- docker-in-docker
depends_on:
docker-in-docker:
condition: service_started
@@ -91,3 +90,11 @@ volumes:
name: forgejo_certs
forgejo_runner:
name: forgejo_runner
networks:
caddy-dev:
driver: bridge
name: caddy-dev
forgejo-internal:
driver: bridge
name: forgejo-internal
+3 -3
View File
@@ -4,7 +4,7 @@ FORGEJO__database__DB_TYPE=mysql
FORGEJO__database__HOST=database_forgejo:3306
FORGEJO__database__NAME=forgejo
FORGEJO__database__USER=bensuperpc
FORGEJO__database__PASSWD=K7s5yoHknnEd7vsZoxb8I3dK9mjToF1j
FORGEJO__database__PASSWD=ZcuHcM9tnIEM7EEO7R5jCpEt6v1d6r7s
FORGEJO__APP_NAME=Bensuperpc's Forgejo
FORGEJO__APP_SLOGAN=Personal Code, Mirrors, and More
FORGEJO__server__DOMAIN=git.bensuperpc.org
@@ -13,9 +13,9 @@ FORGEJO__server__HTTP_PORT=3000
FORGEJO__server__SSH_LISTEN_PORT=2222
FORGEJO__server__SSH_PORT=22
FORGEJO__server__ROOT_URL=https://git.bensuperpc.org
FORGEJO__security__SECRET_KEY=ykcZt23an1E4lFHWvrCKdAyt16WAiK9c
FORGEJO__security__SECRET_KEY=7IWrMh7mC7UMo1SowvUsAT2LOX49eU6P
#FORGEJO__security__INTERNAL_TOKEN=
#FORGEJO__security__INSTALL_LOCK=true
FORGEJO__security__INSTALL_LOCK=true
FORGEJO__security__MIN_PASSWORD_LENGTH=8
FORGEJO__actions__ENABLED=true
FORGEJO__actions__DEFAULT_ACTIONS_URL="https://git.bensuperpc.org"
+2 -2
View File
@@ -1,4 +1,4 @@
MARIADB_ROOT_PASSWORD=xpc4zIhHZzWKqVHcjBu4aW6aS7jG8d7X
MARIADB_ROOT_PASSWORD=ZI8Trbot3b8WGqE5AKj1yphKMu4v9qQw
MARIADB_USER=bensuperpc
MARIADB_PASSWORD=K7s5yoHknnEd7vsZoxb8I3dK9mjToF1j
MARIADB_PASSWORD=ZcuHcM9tnIEM7EEO7R5jCpEt6v1d6r7s
MARIADB_DATABASE=forgejo
@@ -2,9 +2,6 @@
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/docker
#jellyfin:
# host: jellyfin
# port: 8096
#my-docker:
# socket: /var/run/docker.sock
my-docker:
host: homepage-dockerproxy
port: 2375
@@ -2,112 +2,135 @@
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/services/
- Personal:
- wordpress:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/wordpress.png
href: https://wordpress.bensuperpc.org/
description: Wordpress
ping: wordpress.bensuperpc.org
container: wordpress
- jellyfin:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/jellyfin.png
href: https://jellyfin.bensuperpc.org/
description: Jellyfin
ping: jellyfin.bensuperpc.org
container: jellyfin
- projectsend:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/projectsend.png
href: https://projectsend.bensuperpc.org/
description: ProjectSend
ping: projectsend.bensuperpc.org
container: projectsend
- Sharing:
- psitransfer:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/psitransfer.png
href: https://psitransfer.bensuperpc.org/
description: PsiTransfer
ping: psitransfer.bensuperpc.org
container: psitransfer
- picoshare:
# icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/picoshare.png
href: https://picoshare.bensuperpc.org/
description: PicoShare
ping: picoshare.bensuperpc.org
container: picoshare
- privatebin:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/privatebin.png
href: https://privatebin.bensuperpc.org/
description: PrivateBin
ping: privatebin.bensuperpc.org
container: privatebin
- qbittorrent:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/qbittorrent.png
href: https://qbittorrent.bensuperpc.org/
description: qBittorrent
ping: qbittorrent.bensuperpc.org
container: qbittorrent
- syncthing:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/syncthing.png
href: https://syncthing.bensuperpc.org/
description: Syncthing
ping: syncthing.bensuperpc.org
container: syncthing
- transmission:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/transmission.png
href: https://transmission.bensuperpc.org/
description: Transmission
ping: transmission.bensuperpc.org
container: transmission
- dufs:
# icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/dufs.png
href: https://dufs.bensuperpc.org/
description: Dufs
ping: dufs.bensuperpc.org
container: dufs
# - caddy:
# icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/caddy.png
# href: https://public.bensuperpc.org/
# description: File browser
# ping: public.bensuperpc.org
# container: caddy
- Utils:
- Public:
- it-tools:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/it-tools.png
href: https://it-tools.bensuperpc.org/
description: IT Tools
ping: it-tools.bensuperpc.org
# ping: it-tools.bensuperpc.org
container: it-tools0
server: my-docker
- omni-tools:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/it-tools.png
href: https://omni-tools.bensuperpc.org/
description: Omni Tools
ping: omni-tools.bensuperpc.org
# ping: omni-tools.bensuperpc.org
container: omni-tools0
server: my-docker
- cyberchef:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/cyberchef.png
href: https://cyberchef.bensuperpc.org/
description: CyberChef
ping: cyberchef.bensuperpc.org
# ping: cyberchef.bensuperpc.org
container: cyberchef0
server: my-docker
- caddy:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/caddy.png
href: https://public.bensuperpc.org/
description: File browser
# ping: public.bensuperpc.org
container: caddy
server: my-docker
- psitransfer:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/psitransfer.png
href: https://psitransfer.bensuperpc.org/
description: PsiTransfer
# ping: psitransfer.bensuperpc.org
container: psitransfer
server: my-docker
- stirlingpdf:
#icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/stirlingpdf.png
href: https://stirlingpdf.bensuperpc.org/
description: StirlingPDF
ping: stirlingpdf.bensuperpc.org
# ping: stirlingpdf.bensuperpc.org
container: stirlingpdf
server: my-docker
- privatebin:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/privatebin.png
href: https://privatebin.bensuperpc.org/
description: PrivateBin
# ping: privatebin.bensuperpc.org
container: privatebin
server: my-docker
- forgejo:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/forgejo.png
href: https://forgejo.bensuperpc.org/
description: Forgejo
ping: forgejo.bensuperpc.org
# ping: forgejo.bensuperpc.org
container: forgejo
server: my-docker
- wordpress:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/wordpress.png
href: https://wordpress.bensuperpc.org/
description: Wordpress
# ping: wordpress.bensuperpc.org
container: wordpress
server: my-docker
- dufs:
# icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/dufs.png
href: https://dufs.bensuperpc.org/
description: Dufs
# ping: dufs.bensuperpc.org
container: dufs
server: my-docker
- Personal:
- jellyfin:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/jellyfin.png
href: https://jellyfin.bensuperpc.org/
description: Jellyfin
# ping: jellyfin.bensuperpc.org
container: jellyfin
server: my-docker
- projectsend:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/projectsend.png
href: https://projectsend.bensuperpc.org/
description: ProjectSend
# ping: projectsend.bensuperpc.org
container: projectsend
server: my-docker
- searxng:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/searxng.png
href: https://searxng.bensuperpc.org/
description: SearXNG
# ping: searxng.bensuperpc.org
container: searxng
server: my-docker
- open-webui:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/open-webui.png
href: https://open-webui.bensuperpc.org/
href: https://openwebui.bensuperpc.org/
description: ChatGPT local
ping: open-webui.bensuperpc.org
container: open-webui
# ping: openwebui.bensuperpc.org
container: openwebui
server: my-docker
- picoshare:
# icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/picoshare.png
href: https://picoshare.bensuperpc.org/
description: PicoShare
# ping: picoshare.bensuperpc.org
container: picoshare
server: my-docker
- qbittorrent:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/qbittorrent.png
href: https://qbittorrent.bensuperpc.org/
description: qBittorrent
# ping: qbittorrent.bensuperpc.org
container: qbittorrent
server: my-docker
- syncthing:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/syncthing.png
href: https://syncthing.bensuperpc.org/
description: Syncthing
# ping: syncthing.bensuperpc.org
container: syncthing
server: my-docker
- transmission:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/transmission.png
href: https://transmission.bensuperpc.org/
description: Transmission
# ping: transmission.bensuperpc.org
container: transmission
server: my-docker
- Games:
- minecraft:
@@ -115,19 +138,22 @@
# href: https://minecraft.bensuperpc.org/
description: Minecraft server
# ping: minecraft.bensuperpc.org
container: minecraft-server
# container: minecraft-server
#server: my-docker
- 7dtd:
# icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/7dtd.png
# href: https://7dtd.bensuperpc.org/
description: 7 Days to Die server
# ping: 7dtd.bensuperpc.org
container: 7daystodie_server
# container: 7daystodie_server
#server: my-docker
- satisfactory:
# icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/7dtd.png
# href: https://7dtd.bensuperpc.org/
description: Satisfactory server
# ping: 7dtd.bensuperpc.org
container: satisfactory_server
# container: satisfactory_server
#server: my-docker
- Admin:
- uptime-kuma:
@@ -136,4 +162,18 @@
description: Uptime Kuma
ping: uptimekuma.bensuperpc.org
container: uptime-kuma
server: my-docker
- authelia:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/authelia.png
href: https://authelia.bensuperpc.org/
description: Authelia
# ping: authelia.bensuperpc.org
container: authelia
server: my-docker
- dozzle:
icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/dozzle.png
href: https://dozzle.bensuperpc.org/
description: Dozzle
# ping: dozzle.bensuperpc.org
container: dozzle
server: my-docker
@@ -24,19 +24,15 @@ color: slate
language: en
layout:
Personal:
Public:
style: row
columns: 6
Sharing:
Personal:
style: row
columns: 6
Admin:
style: row
columns: 6
Utils:
style: row
columns: 6
initiallyCollapsed: false
Games:
style: row
columns: 6
@@ -1,7 +1,6 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/widgets/services/
# https://gethomepage.dev/widgets/services/qbittorrent/
#- logo:
# icon: /image/daisy.jpg
@@ -5,29 +5,49 @@ services:
container_name: homepage
profiles:
- homepage
restart: on-failure:5
restart: on-failure:7
# environment:
# - PUID=${PUID:-1000}
# - PGID=${PGID:-1000}
depends_on:
- caddy
- homepage-dockerproxy
env_file:
- ./env/homepage.env
environment:
- TZ=${TZ:-Europe/Paris}
volumes:
- homepage_log:/app/logs
- ./config:/app/config
- ./image:/app/public/image:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
# develop:
# watch:
# - action: sync+restart
# path: ./homepage/image
# target: /app/public/image
networks:
- infra-network
- caddy-infra
- homepage-internal
security_opt:
- no-new-privileges:true
homepage-dockerproxy:
image: tecnativa/docker-socket-proxy:latest
container_name: homepage-dockerproxy
profiles:
- homepage
restart: on-failure:7
environment:
- CONTAINERS=1
- POST=0
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- homepage-internal
volumes:
homepage_log:
name: homepage_log
name: homepage_log
networks:
caddy-infra:
driver: bridge
name: caddy-infra
homepage-internal:
driver: bridge
name: homepage-internal
+1 -3
View File
@@ -1,3 +1 @@
PSITRANSFER_ADMIN_PASS=n9jLVNT9QUotTJTT91JqH4GyBTg9pvEn
#PSITRANSFER_PORT=3000
HOMEPAGE_ALLOWED_HOSTS=www.bensuperpc.org
HOMEPAGE_ALLOWED_HOSTS=www.bensuperpc.org,homepage.bensuperpc.org
@@ -5,16 +5,18 @@ services:
container_name: it-tools0
profiles:
- it-tools
restart: on-failure:5
restart: on-failure:7
depends_on:
- caddy
networks:
- infra-network
- caddy-tools
read_only: false
security_opt:
- no-new-privileges:true
cap_drop:
- SYS_ADMIN
environment:
- TZ=${TZ:-Europe/Paris}
deploy:
resources:
@@ -30,16 +32,18 @@ services:
container_name: it-tools1
profiles:
- it-tools
restart: on-failure:5
restart: on-failure:7
depends_on:
- caddy
networks:
- infra-network
- caddy-tools
read_only: false
security_opt:
- no-new-privileges:true
cap_drop:
- SYS_ADMIN
environment:
- TZ=${TZ:-Europe/Paris}
deploy:
resources:
@@ -49,3 +53,8 @@ services:
reservations:
cpus: '0.001'
memory: 20M
networks:
caddy-tools:
driver: bridge
name: caddy-tools
@@ -5,10 +5,11 @@ services:
container_name: jellyfin
profiles:
- jellyfin
restart: on-failure:5
restart: on-failure:7
environment:
- PUID=${PUID:-1000}
- PGID=${PGID:-1000}
- TZ=${TZ:-Europe/Paris}
depends_on:
- caddy
env_file:
@@ -22,7 +23,7 @@ services:
devices:
- /dev/dri:/dev/dri
networks:
- infra-network
- caddy-media
security_opt:
- no-new-privileges:true
@@ -34,4 +35,9 @@ volumes:
public_data:
name: public_data
private_data:
name: private_data
name: private_data
networks:
caddy-media:
driver: bridge
name: caddy-media
+1 -2
View File
@@ -1,2 +1 @@
TZ=Etc/UTC
DOCKER_MODS=linuxserver/mods:jellyfin-opencl-intel
DOCKER_MODS=linuxserver/mods:jellyfin-opencl-intel
@@ -18,6 +18,19 @@ services:
# Fix root permissions on mounted volumes
command: chown -R ${PUID:-1000}:${PGID:-1000} /public_data /private_data
watchtower:
container_name: watchtower
profiles:
- main_infrastructure
image: nickfedor/watchtower:latest
environment:
- TZ=${TZ:-Europe/Paris}
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: on-failure:7
networks:
- watchtower-network
volumes:
public_data:
name: public_data
@@ -25,6 +38,27 @@ volumes:
name: private_data
networks:
infra-network:
watchtower-network:
driver: bridge
name: infra-network
name: watchtower-network
caddy-infra:
driver: bridge
name: caddy-infra
caddy-media:
driver: bridge
name: caddy-media
caddy-tools:
driver: bridge
name: caddy-tools
caddy-files:
driver: bridge
name: caddy-files
caddy-dev:
driver: bridge
name: caddy-dev
caddy-ai:
driver: bridge
name: caddy-ai
caddy-web:
driver: bridge
name: caddy-web
@@ -5,7 +5,7 @@ services:
container_name: memos
profiles:
- memos
restart: on-failure:5
restart: on-failure:7
depends_on:
- caddy
env_file:
@@ -13,10 +13,15 @@ services:
volumes:
- memos_config:/var/opt/memos
networks:
- infra-network
- caddy-tools
security_opt:
- no-new-privileges:true
volumes:
memos_config:
name: memos_config
networks:
caddy-tools:
driver: bridge
name: caddy-tools
@@ -0,0 +1,31 @@
services:
minecraft_backup:
image: mazzolino/restic:latest
container_name: minecraft_backup
profiles:
- minecraft_backup
depends_on:
- mc-server
- minecraft_proxy
restart: on-failure:7
env_file:
- ./env/backup.env
volumes:
- minecraft_server_backup:/mnt/restic
- minecraft_server_data:/data/minecraft_server_data:ro
- minecraft_proxy_data:/data/minecraft_proxy_data:ro
security_opt:
- no-new-privileges:true
network_mode: none
cap_drop:
- NET_ADMIN
- NET_RAW
- SYS_ADMIN
volumes:
minecraft_server_backup:
name: minecraft_server_backup
minecraft_server_data:
name: minecraft_server_data
minecraft_proxy_data:
name: minecraft_proxy_data
@@ -0,0 +1,14 @@
#RUN_ON_STARTUP=true
RESTIC_REPOSITORY=/mnt/restic
RESTIC_BACKUP_SOURCES=/data
RESTIC_PASSWORD=7xymiWBH4c56rlBXPXbgkxF2zw3f2AGs
# Backup (exuclusive with Check and Prune)
RESTIC_BACKUP_ARGS=--tag docker-volumes --verbose
BACKUP_CRON=*/15 * * * *
#RESTIC_FORGET_ARGS=--prune --keep-last 8 --keep-daily 7 --keep-weekly 5 --keep-monthly 12 --keep-yearly 4
# Check (exuclusive with Check and Prune)
#CHECK_CRON=*/15 * * * *
#RESTIC_CHECK_ARGS=--read-data-subset=40%
# Prune (exuclusive with Check and Prune)
#PRUNE_CRON=*/15 * * * *
#RESTIC_PRUNE_ARGS=
@@ -0,0 +1,5 @@
include:
# Minecraft server
- minecraft-server/docker-compose.minecraft.yml
# Backup server
- backup/docker-compose.backup.yml
@@ -0,0 +1,4 @@
https://github.com/bensuperpc/docker-minecraft-server/releases/download/Test_worlds/better-stonecutter-v1-1.zip
https://github.com/bensuperpc/docker-minecraft-server/releases/download/Test_worlds/cuttable-wood-v2-2.zip
https://github.com/bensuperpc/docker-minecraft-server/releases/download/Test_worlds/easy-bone-blocks-v1-0-1.zip
https://github.com/bensuperpc/docker-minecraft-server/releases/download/Test_worlds/more-smeltable-items-v2-0-3.zip
@@ -0,0 +1,152 @@
# Dynmap
https://dev.bukkit.org/projects/dynmap/files/4167109/download
# Dynmap-WorldGuard
# https://dev.bukkit.org/projects/dynmap-worldguard/files/latest
# v1.4-beta-1 (05-02-2022)
https://dev.bukkit.org/projects/dynmap-worldguard/files/3635984/download
# Dynmap-EssentialsX
# https://dev.bukkit.org/projects/dynmap-essentialsx/files/latest
# v1.0-beta-1 (09-02-2022)
https://dev.bukkit.org/projects/dynmap-essentialsx/files/3634752/download
# Dynmap-Structures
https://dev.bukkit.org/projects/dynmap-structures/files/3845985/download
# EssentialsX
https://github.com/EssentialsX/Essentials/releases/download/2.19.7/EssentialsX-2.19.7.jar
# EssentialsX Add-on
https://github.com/EssentialsX/Essentials/releases/download/2.19.7/EssentialsXChat-2.19.7.jar
https://github.com/EssentialsX/Essentials/releases/download/2.19.7/EssentialsXSpawn-2.19.7.jar
# https://github.com/EssentialsX/Essentials/releases/download/2.19.7/EssentialsXDiscord-2.19.7.jar
https://github.com/EssentialsX/Essentials/releases/download/2.19.7/EssentialsXProtect-2.19.7.jar
https://github.com/EssentialsX/Essentials/releases/download/2.19.7/EssentialsXAntiBuild-2.19.7.jar
# https://github.com/EssentialsX/Essentials/releases/download/2.19.7/EssentialsXGeoIP-2.19.7.jar
# Serverutils
# https://serverutils.fvdh.dev/api/v1/Bukkit/latest
https://github.com/bensuperpc/docker-minecraft-server/releases/download/Test_worlds/ServerUtils-Bukkit-3.5.3.jar
# WorldEdit, WorldGuard and FastAsyncWorldEdit
# https://dev.bukkit.org/projects/worldedit/files/latest
https://dev.bukkit.org/projects/worldguard/files/latest
https://ci.athion.net/job/FastAsyncWorldEdit/339/artifact/artifacts/FastAsyncWorldEdit-Bukkit-2.5.1-SNAPSHOT-339.jar
https://github.com/MrMicky-FR/WorldEditSelectionVisualizer/releases/download/v2.1.3/WorldEditSelectionVisualizer-2.1.3.jar
# LuckPerms
# https://download.luckperms.net/1438/bukkit/loader/LuckPerms-Bukkit-5.4.30.jar
# Vault
https://dev.bukkit.org/projects/vault/files/latest
# Advanced Portals
# https://dev.bukkit.org/projects/advanced-portals/files/latest
https://github.com/sekwah41/Advanced-Portals/releases/download/v0.9.2/Advanced-Portals-0.9.2.jar
# ProtocolLib
# https://github.com/dmulloy2/ProtocolLib/releases/download/4.8.0/ProtocolLib.jar
https://ci.dmulloy2.net/job/ProtocolLib/lastSuccessfulBuild/artifact/target/ProtocolLib.jar
# NBT-API
https://dev.bukkit.org/projects/nbt-api/files/latest
# CoreProtect
https://dev.bukkit.org/projects/coreprotect/files/latest
# Decent Holograms
# https://www.spigotmc.org/resources/decent-holograms-1-8-1-18-papi-support-no-dependencies.96927/
# https://github.com/DecentSoftware-eu/DecentHolograms/releases/download/2.7.2/DecentHolograms-2.7.2.jar
# DropHeads
# https://dev.bukkit.org/projects/dropheads/files/latest
# OpenInv
https://dev.bukkit.org/projects/openinv/files/latest
# Animated-TabList
https://dev.bukkit.org/projects/animated-tab-tablist/files/latest
# DeadChest
# https://dev.bukkit.org/projects/dead-chest/files/latest
# UberEnchant
https://dev.bukkit.org/projects/uberenchant/files/latest
# TreeAssist
# https://dev.bukkit.org/projects/tree-assist/files/latest
# Beta TreeAssist v7.3.31 (18-07-2022)
https://dev.bukkit.org/projects/tree-assist/files/3963990/download
# Shopkeepers
https://dev.bukkit.org/projects/shopkeepers/files/latest
# EconomyShopGUI
https://dev.bukkit.org/projects/economyshopgui/files/latest
# SignShop v3
# https://dev.bukkit.org/projects/signshop/files/latest
# Quickshop-reremake
# https://dev.bukkit.org/projects/quickshop-reremake/files/latest
# https://ci.codemc.io/job/PotatoCraft-Studio/job/QuickShopDynmap/7/artifact/target/QuickShop-Dynmap-1.0.jar
# CustomCrafting Advanced Custom Recipes
# https://dev.bukkit.org/projects/customcrafting-advanced-custom-recipes/files/latest
# https://dev.bukkit.org/projects/wolfyutilities/files/latest
# Insta Mine Deepslate
https://dev.bukkit.org/projects/insta-mine-deepslate/files/latest
# SkinsRestorerX
https://github.com/SkinsRestorer/SkinsRestorerX/releases/download/14.2.5/SkinsRestorer.jar
# ImageOnMap
https://dev.bukkit.org/projects/imageonmap/files/latest
# Geyser
https://ci.opencollab.dev/job/GeyserMC/job/Geyser/job/master/lastSuccessfulBuild/artifact/bootstrap/spigot/target/Geyser-Spigot.jar
# Floodgate
https://ci.opencollab.dev/job/GeyserMC/job/Floodgate/job/master/lastSuccessfulBuild/artifact/spigot/build/libs/floodgate-spigot.jar
# ViaVersion
# https://github.com/ViaVersion/ViaVersion/releases/download/4.3.1/ViaVersion-4.3.1.jar
# ViaBackwards
# https://github.com/ViaVersion/ViaBackwards/releases/download/4.3.0/ViaBackwards-4.3.0.jar
# PvPManager
# https://dev.bukkit.org/projects/pvpmanager/files/latest
# AuthMe Reloaded
# https://ci.codemc.io/job/AuthMe/job/AuthMeReloaded/lastSuccessfulBuild/artifact/target/AuthMe-5.6.0-SNAPSHOT.jar
# SignBoard
# https://dev.bukkit.org/projects/signboard/files/latest
# plan-player-analytics
https://github.com/plan-player-analytics/Plan/releases/download/5.5.2163/Plan-5.5-build-2163.jar
# MiniMOTD
# https://github.com/jpenilla/MiniMOTD/releases/download/v2.0.9/minimotd-universal-2.0.9.jar
# Citizens2
https://ci.citizensnpcs.co/job/Citizens2/2756/artifact/dist/target/Citizens-2.0.30-b2756.jar
# Simple voice chat [BUKKIT/SPIGOT/PAPER][1.19] Simple Voice Chat 1.19-2.2.45 (18-06-2022)
https://dev.bukkit.org/projects/simple-voice-chat/files/latest
# BKCommonLib
https://ci.mg-dev.eu/job/BKCommonLib/1454/artifact/target/BKCommonLib-1.19.3-v2-SNAPSHOT-1454.jar
# MyWorlds
https://ci.mg-dev.eu/job/MyWorlds/lastSuccessfulBuild/artifact/target/MyWorlds-1.19.3-v2-SNAPSHOT-196.jar
# PurpurExtras
https://cdn.modrinth.com/data/Hn8OHmqL/versions/w60JPGhg/PurpurExtras-1.23.0.jar
#FreedomChat
https://cdn.modrinth.com/data/MubyTbnA/versions/qGaisS0d/FreedomChat-1.3.1.jar
@@ -0,0 +1,77 @@
services:
minecraft_proxy:
image: itzg/bungeecord:latest
container_name: minecraft_proxy_server
profiles:
- minecraft_proxy
- minecraft_server
restart: on-failure:7
env_file:
- ./env/proxy.env
environment:
INIT_MEMORY: "512M"
MAX_MEMORY: "2048M"
ports:
# Server Minecraft port
- "25565:25577"
# Server Minecraft Bedrock port (GeyserMC)
#- "19132:19132/udp"
# Rcon port
#- "25576:25575"
# Plan port
# - "8806:8804"
volumes:
- minecraft_proxy_data:/server
networks:
- minecraft-network
mc-server:
image: itzg/minecraft-server:latest
container_name: minecraft_server
profiles:
- minecraft_server
depends_on:
- minecraft_proxy
restart: on-failure:7
ports:
# Server Minecraft port (Disable if you use proxy)
# - "25565:25565"
# Rcon port
# - "25575:25575"
# Server Minecraft Bedrock port (GeyserMC)
# - "19132:19132/udp"
# Dynmap port
# - "8123:8123"
# BlueMap port
- "8100:8100"
# Plan port
- "8804:8804"
env_file:
- ./env/server.env
- ./env/world.env
- ./env/mods_plugins.env
environment:
MAX_MEMORY: "${MAX_MEMORY:-24G}"
volumes:
- minecraft_server_data:/data
# - ./asset_links/plugins.txt:/extras/plugins.txt:ro
networks:
- minecraft-network
deploy:
resources:
# limits:
# cpus: '8.0'
# memory: 26G
reservations:
cpus: '0.01'
memory: 20M
volumes:
minecraft_server_data:
name: minecraft_server_data
minecraft_proxy_data:
name: minecraft_proxy_data
networks:
minecraft-network:
driver: bridge
name: minecraft-network
@@ -0,0 +1,34 @@
# Disable SignLink: 39593
#KeepChunks,Chunky,Plasmo Voice Server,viaversion,viabackwards,LuckPerms,QuickShop-Reremake,KeepChunks, DecentHolograms
#SPIGET_RESOURCES=23307,81534,91064,19254,27448,28140,62575,23307,96927
# MODPACK= # MODPACK or MODS
# MODS=https://dev.bukkit.org/projects/dynmap/files/3620010/download
#MODS_FILE=/extras/plugins.txt
REMOVE_OLD_MODS=false
REMOVE_OLD_MODS_INCLUDE=*.jar,*-version.json
REMOVE_OLD_MODS_EXCLUDE=
REMOVE_OLD_MODS_DEPTH=16
# RESOURCE_PACK=
# RESOURCE_PACK_SHA1=
# Minecraft Datapack
# DATAPACKS=Terralith_v2.2_Seed_3820.zip
#DATAPACKS_FILE=/extras/datapacks.txt
#REMOVE_OLD_DATAPACKS=false
#REMOVE_OLD_DATAPACKS_INCLUDE=*.zip
# REMOVE_OLD_DATAPACKS_EXCLUDE=
#REMOVE_OLD_DATAPACKS_DEPTH=1
#RESOURCE_PACK=
#RESOURCE_PACK_SHA1=
# MODS_FORGEAPI_KEY
# MODS_FORGEAPI_FILE
# MODS_FORGEAPI_PROJECTIDS
# MODS_FORGEAPI_RELEASES
# MODS_FORGEAPI_DOWNLOAD_DEPENDENCIES
# MODS_FORGEAPI_IGNORE_GAMETYPE
# REMOVE_OLD_FORGEAPI_MODS
# REMOVE_OLD_DATAPACKS_DEPTH
# REMOVE_OLD_DATAPACKS_INCLUDE
@@ -0,0 +1,14 @@
TYPE=VELOCITY
VELOCITY_VERSION=3.5.0-SNAPSHOT
VELOCITY_BUILD_ID=594
#PLUGINS=
#SPIGET_PLUGINS=
DEBUG=false
DEBUG_HELPER=false
ENABLE_RCON=false
#RCON_PASSWORD=6hxU3Oxmh2Q8e6S9fjkdWJik
#RCON_PORT=25576
INIT_MEMORY=512M
MAX_MEMORY=1536M
#JVM_OPTS=
JVM_XX_OPTS=-XX:+UseG1GC -XX:G1HeapRegionSize=4M -XX:+UnlockExperimentalVMOptions -XX:+ParallelRefProcEnabled -XX:+AlwaysPreTouch -XX:MaxInlineLevel=15
@@ -0,0 +1,81 @@
# Base options
EULA=true
ONLINE_MODE=false
SERVER_PORT=25565
SERVER_NAME=MyServer
ICON=https://github.com/bensuperpc/docker-minecraft-server/releases/download/Test_world/icon_64x64.png
OVERRIDE_ICON=true
MOTD=A §l§cMinecraft§r §nserver
OVERRIDE_SERVER_PROPERTIES=true
ENFORCE_SECURE_PROFILE=false
# Server jar options
TYPE=PURPUR
VERSION=1.21.11
PURPUR_BUILD=2568
FORCE_REDOWNLOAD=false
BUILD_FROM_SOURCE=false
# Server options
INIT_MEMORY=2G
MAX_MEMORY=12G
EXEC_DIRECTLY=false
USE_AIKAR_FLAGS=true
USE_SIMD_FLAGS=true
# TUNE_VIRTUALIZED=true
# ENABLE_JMX=true
CONSOLE=false
GUI=false
TZ=Europe/Paris
# OPS options
OPS=Bensuperpc
# OPS_FILE=
OVERRIDE_OPS=true
#OP_PERMISSION_LEVEL=4
#FUNCTION_PERMISSION_LEVEL
# WHITELIST options
ENABLE_WHITELIST=false
OVERRIDE_WHITELIST=true
#WHITELIST=Bensuperpc
# WHITELIST_FILE=
ENFORCE_WHITELIST=false
# AUTOPAUSE options
ENABLE_AUTOPAUSE=false
AUTOPAUSE_TIMEOUT_EST=7200000
AUTOPAUSE_TIMEOUT_INIT=3600000
AUTOPAUSE_TIMEOUT_KN=480000
# AUTOSTOP options
# ENABLE_AUTOSTOP=true
# AUTOSTOP_TIMEOUT_EST
# AUTOSTOP_TIMEOUT_INIT
# AUTOSTOP_PERIOD
NETWORK_COMPRESSION_THRESHOLD=-1
LOG_TIMESTAMP=true
MAX_TICK_TIME=-1
# Time (sec) before AFK player was disconnected
PLAYER_IDLE_TIMEOUT=600
MAX_PLAYERS=32
ALLOW_FLIGHT=false
# RCON options
ENABLE_RCON=false
RCON_PASSWORD=6hxU3Oxmh2Q8e6S9fjkdWJik
RCON_PORT=25575
BROADCAST_CONSOLE_TO_OPS=true
BROADCAST_RCON_TO_OPS=true
# QUERY options
#ENABLE_QUERY=true
#QUERY_PORT=25565
# Others options
SNOOPER_ENABLED=true
ENABLE_STATUS=true
PREVIEWS_CHAT=false
#SYNC_CHUNK_WRITES=true
@@ -0,0 +1,22 @@
LEVEL=world
LEVEL_TYPE=default
# MAX_WORLD_SIZE=10000
# MAX_BUILD_HEIGHT=256
ALLOW_NETHER=true
GENERATE_STRUCTURES=true
VIEW_DISTANCE=12
SIMULATION_DISTANCE=10
ENABLE_COMMAND_BLOCK=true
ANNOUNCE_PLAYER_ACHIEVEMENTS=true
PVP=true
DIFFICULTY=hard
FORCE_GAMEMODE=false
MODE=survival
HARDCORE=false
SPAWN_PROTECTION=16
SEED=3820
# Spawn Entities Options
SPAWN_ANIMALS=true
SPAWN_MONSTERS=true
SPAWN_NPCS=true
@@ -5,16 +5,18 @@ services:
container_name: omni-tools0
profiles:
- omni-tools
restart: on-failure:5
restart: on-failure:7
depends_on:
- caddy
networks:
- infra-network
- caddy-tools
read_only: false
security_opt:
- no-new-privileges:true
cap_drop:
- SYS_ADMIN
environment:
- TZ=${TZ:-Europe/Paris}
deploy:
resources:
@@ -30,16 +32,18 @@ services:
container_name: omni-tools1
profiles:
- omni-tools
restart: on-failure:5
restart: on-failure:7
depends_on:
- caddy
networks:
- infra-network
- caddy-tools
read_only: false
security_opt:
- no-new-privileges:true
cap_drop:
- SYS_ADMIN
environment:
- TZ=${TZ:-Europe/Paris}
deploy:
resources:
@@ -49,3 +53,8 @@ services:
reservations:
cpus: '0.001'
memory: 20M
networks:
caddy-tools:
driver: bridge
name: caddy-tools
@@ -1,42 +1,105 @@
name: openwebui
services:
ollama:
image: ollama/ollama:latest
#platform: linux/amd64
image: ollama/ollama:${OLLAMA_DOCKER_TAG-latest}
container_name: ollama
profiles:
- open-webui
- openwebui
- ollama
depends_on:
- caddy
restart: on-failure:5
restart: on-failure:7
tty: true
volumes:
- ollama:/root/.ollama
# ports:
# - ${OLLAMA_PORT-11434}:11434
env_file:
- ./env/ollama.env
environment:
- TZ=${TZ:-Europe/Paris}
security_opt:
- no-new-privileges:true
networks:
- infra-network
- openwebui-internal
# devices:
# - /dev/dri
# - /dev/kfd
open-webui:
image: ghcr.io/open-webui/open-webui:main
container_name: open-webui
openwebui-postgres:
image: postgres:17-alpine
container_name: openwebui-postgres
profiles:
- open-webui
- openwebui
env_file:
- ./env/openwebui-postgres.env
environment:
- TZ=${TZ:-Europe/Paris}
volumes:
- open-webui:/app/backend/data
- openwebui-postgres:/var/lib/postgresql/data
restart: on-failure:7
networks:
- openwebui-internal
healthcheck:
test: [ "CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}" ]
interval: 5s
timeout: 3s
retries: 5
# pgadmin:
# image: dpage/pgadmin4:latest
# container_name: pgadmin
# profiles:
# - openwebui
# env_file:
# - ./env/openwebui-pgadmin.env
# volumes:
# - openwebui-pgadmin:/var/lib/pgadmin
# restart: on-failure:7
# depends_on:
# openwebui-postgres:
# condition: service_healthy
# networks:
# - openwebui-network
openwebui:
image: ghcr.io/open-webui/open-webui:${WEBUI_DOCKER_TAG-main}
container_name: openwebui
profiles:
- openwebui
volumes:
- openwebui:/app/backend/data
depends_on:
- ollama
- caddy
- openwebui-postgres
env_file:
- ./env/open-webui.env
#environment:
- ./env/openwebui.env
environment:
- TZ=${TZ:-Europe/Paris}
# - UID=${PUID:-1000}
# - GID=${PGID:-1000}
restart: on-failure:5
# ports:
# - ${OPEN_WEBUI_PORT-3000}:8080
restart: on-failure:7
networks:
- infra-network
- caddy-ai
- openwebui-internal
security_opt:
- no-new-privileges:true
volumes:
ollama: {}
open-webui: {}
openwebui: {}
openwebui-postgres: {}
openwebui-pgadmin: {}
networks:
caddy-ai:
driver: bridge
name: caddy-ai
openwebui-internal:
driver: bridge
name: openwebui-internal
+8
View File
@@ -0,0 +1,8 @@
# OLLAMA_GPU_OVERHEAD=0
# OLLAMA_VULKAN=1
# OLLAMA_NEW_ENGINE=1
# OLLAMA_GPU_LAYERS=
# OLLAMA_DEBUG=1
# OLLAMA_SCHED_SPREAD=1
# OLLAMA_FLASH_ATTENTION=1
# OLLAMA_CONTEXT_LENGTH=2048
@@ -0,0 +1,4 @@
PGADMIN_DEFAULT_EMAIL=admin@local.ai
PGADMIN_DEFAULT_PASSWORD=admin123
PGADMIN_CONFIG_SERVER_MODE=False
PGADMIN_CONFIG_MASTER_PASSWORD_REQUIRED=False
@@ -0,0 +1,3 @@
POSTGRES_DB=openwebui
POSTGRES_USER=postgres
POSTGRES_PASSWORD=securepassword123
@@ -1,5 +1,6 @@
OLLAMA_BASE_URL=http://ollama:11434
#WEBUI_SECRET_KEY=
# openssl rand -hex 32
WEBUI_SECRET_KEY=7d83b15a417d090ba5c6b899270a05dd215c60848354c0c7574226d6ff02f39e
#HF_HUB_OFFLINE=1
# Disable analytics
SCARF_NO_ANALYTICS=true
@@ -9,6 +10,9 @@ ANONYMIZED_TELEMETRY=false
#OPENAI_API_BASE_URL=
#OPENAI_API_KEY=
# Database configuration
DATABASE_URL=postgresql://postgres:securepassword123@openwebui-postgres:5432/openwebui
# Only with stable-diffusion-webui
#ENABLE_IMAGE_GENERATION=true
#AUTOMATIC1111_BASE_URL=http://stable-diffusion-webui:7860
@@ -5,12 +5,13 @@ services:
container_name: openssh
profiles:
- openssh
restart: on-failure:5
restart: on-failure:7
env_file:
- ./env/openssh.env
environment:
- PUID=${PUID:-1000}
- PGID=${PGID:-1000}
- TZ=${TZ:-Europe/Paris}
volumes:
- openssh_config:/config:rw
- ./config/authorized_keys:/authorized_ssh_keys:ro
@@ -29,14 +30,14 @@ services:
- minecraft_server_backup:/minecraft_server_backup:rw
- minecraft_server_data:/minecraft_server_data:rw
- minecraft_proxy_data:/minecraft_proxy_data:rw
- minecraft_rcon_data:/minecraft_rcon_data:rw
- forgejo_data:/forgejo_data:rw
- forgejo_db:/forgejo_db:rw
- teamfortress2_backup:/teamfortress2_backup:rw
- teamfortress2_data:/teamfortress2_data:rw
- argus_data:/argus_data:rw
- qbittorrent_config:/qbittorrent_config:rw
networks:
- infra-network
- openssh-network
security_opt:
- no-new-privileges:false
ports:
@@ -77,8 +78,6 @@ volumes:
name: minecraft_server_data
minecraft_proxy_data:
name: minecraft_proxy_data
minecraft_rcon_data:
name: minecraft_rcon_data
# teamfortress2
teamfortress2_backup:
name: teamfortress2_backup
@@ -89,3 +88,13 @@ volumes:
name: forgejo_data
forgejo_db:
name: forgejo_db
# argus
argus_data:
name: argus_data
qbittorrent_config:
name: qbittorrent_config
networks:
openssh-network:
driver: bridge
name: openssh-network
+1 -2
View File
@@ -1,11 +1,10 @@
TZ=Etc/UTC
SUDO_ACCESS=true
PASSWORD_ACCESS=false
DOCKER_MODS=linuxserver/mods:openssh-server-rsync
#PUBLIC_KEY_URL=https://github.com/bensuperpc.keys
PUBLIC_KEY_DIR=/authorized_ssh_keys
USER_NAME=admin
USER_PASSWORD=rdUwf36C11PLmpU9Lvq7tP5pfFBKAuCh
USER_PASSWORD=it47mnLJIhNFspkYQo70zJsAYX7n0DSX
#PUBLIC_KEY=yourpublickey
#PUBLIC_KEY_FILE=/path/to/file
@@ -5,15 +5,17 @@ services:
container_name: picoshare
profiles:
- picoshare
restart: on-failure:5
restart: on-failure:7
depends_on:
- caddy
env_file:
- ./env/picoshare.env
environment:
- TZ=${TZ:-Europe/Paris}
volumes:
- picoshare_data:/data
networks:
- infra-network
- caddy-files
security_opt:
- no-new-privileges:true
read_only: false
@@ -32,4 +34,9 @@ services:
volumes:
picoshare_data:
name: picoshare_data
name: picoshare_data
networks:
caddy-files:
driver: bridge
name: caddy-files
@@ -274,6 +274,17 @@ dir = PATH "data"
;version = "latest"
;bucket = "my-bucket"
;[shlink]
; - Shlink requires you to make a post call with a generated API key.
; use this section to setup the API key and URL. In order to use this section,
; "urlshortener" needs to point to the base URL of your PrivateBin
; instance with "?shortenviashlink&link=" appended. For example:
; urlshortener = "${basepath}?shortenviashlink&link="
; This URL will in turn call Shlink on the server side, using the URL from
; "apiurl" and the API Key from the "apikey" parameters below.
; apiurl = "https://shlink.example.com/rest/v3/short-urls"
; apikey = "your_api_key"
;[yourls]
; When using YOURLS as a "urlshortener" config item:
; - By default, "urlshortener" will point to the YOURLS API URL, with or without
@@ -5,14 +5,16 @@ services:
container_name: privatebin
profiles:
- privatebin
restart: on-failure:5
restart: on-failure:7
depends_on:
- caddy
volumes:
- privatebin_data:/srv/data
- ./config/conf.php:/srv/cfg/conf.php:ro
environment:
- TZ=${TZ:-Europe/Paris}
networks:
- infra-network
- caddy-tools
security_opt:
- no-new-privileges:true
read_only: true
@@ -27,4 +29,9 @@ services:
volumes:
privatebin_data:
name: privatebin_data
name: privatebin_data
networks:
caddy-tools:
driver: bridge
name: caddy-tools
@@ -5,17 +5,17 @@ services:
container_name: projectsend
profiles:
- projectsend
restart: on-failure:5
restart: on-failure:7
depends_on:
- caddy
env_file:
- ./env/projectsend.env
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- projectsend_config:/config
- projectsend_share:/data
networks:
- infra-network
- caddy-files
- projectsend-internal
security_opt:
- no-new-privileges:true
cap_drop:
@@ -30,14 +30,16 @@ services:
- projectsend
depends_on:
- caddy
restart: on-failure:5
restart: on-failure:7
volumes:
- projectsend_db:/var/lib/mysql:rw
env_file:
- ./env/projectsend_db.env
environment:
- TZ=${TZ:-Europe/Paris}
command: '--default-authentication-plugin=mysql_native_password'
networks:
- infra-network
- projectsend-internal
security_opt:
- no-new-privileges:true
@@ -48,3 +50,12 @@ volumes:
name: projectsend_config
projectsend_share:
name: projectsend_share
networks:
caddy-files:
driver: bridge
name: caddy-files
projectsend-internal:
driver: bridge
name: projectsend-internal
@@ -5,16 +5,18 @@ services:
container_name: psitransfer
profiles:
- psitransfer
restart: on-failure:5
restart: on-failure:7
# user: ${PUID:-1000}:${PGID:-1000}
depends_on:
- caddy
env_file:
- ./env/psitransfer.env
environment:
- TZ=${TZ:-Europe/Paris}
volumes:
- psitransfer_data:/data
networks:
- infra-network
- caddy-files
security_opt:
- no-new-privileges:true
read_only: true
@@ -29,4 +31,9 @@ services:
volumes:
psitransfer_data:
name: psitransfer_data
name: psitransfer_data
networks:
caddy-files:
driver: bridge
name: caddy-files
@@ -5,7 +5,7 @@ services:
container_name: qbittorrent
profiles:
- qbittorrent
restart: on-failure:5
restart: on-failure:7
depends_on:
- caddy
env_file:
@@ -13,6 +13,7 @@ services:
environment:
- PUID=${PUID:-1000}
- PGID=${PGID:-1000}
- TZ=${TZ:-Europe/Paris}
ports:
- 6881:6881
- 6881:6881/udp
@@ -21,7 +22,7 @@ services:
- public_data:/downloads
- private_data:/private_downloads
networks:
- infra-network
- caddy-media
security_opt:
- no-new-privileges:true
@@ -31,4 +32,9 @@ volumes:
public_data:
name: public_data
private_data:
name: private_data
name: private_data
networks:
caddy-media:
driver: bridge
name: caddy-media
@@ -1,4 +1,3 @@
TZ=Etc/UTC
WEBUI_PORT=8080
TORRENTING_PORT=6881
# Use alternative WebUI: /vuetorrent

Some files were not shown because too many files have changed in this diff Show More