add compose files

2024-03-31 15:32:07 +02:00 · 2024-03-31 15:32:07 +02:00 · 947d8fc764
commit 947d8fc764
parent 3af0ca22d3
12 changed files with 450 additions and 0 deletions
--- a/stateful/conduit-compose.yml
+++ b/stateful/conduit-compose.yml
@ -0,0 +1,64 @@
+networks:
+
+  proxy-net:
+    external: true
+
+services:
+
+  conduit:
+  
+    image: matrixconduit/matrix-conduit:latest
+    restart: unless-stopped
+    volumes:
+      - ./containers_storage/conduit/:/var/lib/matrix-conduit/
+    networks:
+      - proxy-net
+    ports:
+      - "6167:6167"
+    environment:
+      CONDUIT_SERVER_NAME: matrix.slowte.ch
+      CONDUIT_DATABASE_PATH: /var/lib/matrix-conduit/
+      CONDUIT_DATABASE_BACKEND: rocksdb
+      CONDUIT_PORT: 6167
+      CONDUIT_MAX_REQUEST_SIZE: 20_000_000
+      CONDUIT_ALLOW_REGISTRATION: 'false'
+      CONDUIT_ALLOW_FEDERATION: 'true'
+      CONDUIT_ALLOW_CHECK_FOR_UPDATES: 'true'
+      CONDUIT_TRUSTED_SERVERS: '["matrix.org"]'
+      CONDUIT_MAX_CONCURRENT_REQUESTS: 100
+      CONDUIT_ADDRESS: 0.0.0.0
+      CONDUIT_CONFIG: ''
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=proxy-net"
+      - "traefik.http.routers.conduit.rule=Host(`matrix.slowte.ch`)"
+      - "traefik.http.services.conduit.loadbalancer.server.port=6167"
+      - "traefik.http.routers.conduit.tls=true"
+      - "traefik.http.routers.conduit.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.conduit.middlewares=cors-headers@docker"
+      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowOriginList=*"
+      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowHeaders=Origin, X-Requested-With, Content-Type, Accept, Authorization"
+      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowMethods=GET, POST, PUT, DELETE, OPTIONS"
+
+  conduit-nginx:
+  
+    image: nginx:latest
+    restart: unless-stopped
+    volumes:
+      - ./containers_storage/conduit-nginx/matrix.conf:/etc/nginx/conf.d/matrix.conf
+      - ./containers_storage/conduit-nginx/www:/var/www/
+    networks:
+      - proxy-net
+    ports:
+      - "6168:80"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=proxy-net"
+      - "traefik.http.routers.conduit-nginx.rule=Host(`matrix.slowte.ch`) && PathPrefix(`/.well-known/matrix`)"
+      - "traefik.http.services.conduit-nginx.loadbalancer.server.port=80"
+      - "traefik.http.routers.conduit-nginx.tls=true"
+      - "traefik.http.routers.conduit-nginx.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.conduit-nginx.middlewares=cors-headers@docker"
+      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowOriginList=*"
+      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowHeaders=Origin, X-Requested-With, Content-Type, Accept, Authorization"
+      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowMethods=GET, POST, PUT, DELETE, OPTIONS"
--- a/stateful/forgejo-compose.yml
+++ b/stateful/forgejo-compose.yml
@ -0,0 +1,53 @@
+networks:
+
+  proxy-net:
+    external: true
+  forgejo-net:
+    external: false
+
+services:
+
+  forgejo:
+  
+    image: "codeberg.org/forgejo/forgejo:1.21"
+    container_name: "forgejo"
+    environment:
+      - FORGEJO__database__DB_TYPE=postgres
+      - FORGEJO__database__HOST=forgejo-db:5432
+      - FORGEJO__database__NAME=forgejo
+      - FORGEJO__database__USER=forgejo
+      - FORGEJO__database__PASSWD=forgejo
+      - FORGEJO__server__SSH_PORT=1883
+    restart: unless-stopped
+    networks:
+      - proxy-net
+      - forgejo-net
+    ports:
+      - "3000:3000"
+      - "222:22"
+    volumes:
+      - ./containers_storage/forgejo:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    depends_on:
+      - forgejo-db
+    labels:
+      - traefik.enable=true
+      - traefik.docker.network=proxy-net
+      - traefik.http.routers.forgejo.rule=Host(`forge.slowte.ch`)
+      - traefik.http.services.forgejo.loadbalancer.server.port=3000
+      - traefik.http.routers.forgejo.tls=true
+      - traefik.http.routers.forgejo.tls.certresolver=letsencrypt
+
+  forgejo-db:
+  
+    image: postgres:14
+    restart: unless-stopped
+    environment:
+      - POSTGRES_USER=forgejo
+      - POSTGRES_PASSWORD=forgejo
+      - POSTGRES_DB=forgejo
+    networks:
+      - forgejo-net
+    volumes:
+      - ./containers_storage/forgejo-postgres:/var/lib/postgresql/data
--- a/stateful/nocodb-compose.yml
+++ b/stateful/nocodb-compose.yml
@ -0,0 +1,50 @@
+networks:
+
+  proxy-net:
+    external: true
+  nocodb-net:
+    external: false
+
+services: 
+
+  nocodb:
+  
+    depends_on: 
+      root_db: 
+        condition: service_healthy
+    networks:
+      - nocodb-net
+      - proxy-net
+    environment: 
+      NC_DB: "pg://root_db:5432?u=postgres&p=password&d=root_db"
+    image: "nocodb/nocodb:latest"
+    ports: 
+      - "3005:8080"
+    restart: unless-stopped
+    volumes: 
+      - "./containers_storage/nocode:/usr/app/data"
+    labels:
+      - traefik.enable=true
+      - traefik.docker.network=proxy-net
+      - traefik.http.routers.nocodb.rule=Host(`data.slowte.ch`)
+      - traefik.http.services.nocodb.loadbalancer.server.port=8080
+      - traefik.http.routers.nocodb.tls=true
+      - traefik.http.routers.nocodb.tls.certresolver=letsencrypt
+      
+  root_db: 
+  
+    environment: 
+      POSTGRES_DB: root_db
+      POSTGRES_PASSWORD: password
+      POSTGRES_USER: postgres
+    networks:
+      - nocodb-net
+    healthcheck: 
+      interval: 10s
+      retries: 10
+      test: "pg_isready -U \"$$POSTGRES_USER\" -d \"$$POSTGRES_DB\""
+      timeout: 2s
+    image: postgres:15
+    restart: unless-stopped
+    volumes: 
+      - "./containers_storage/nocode-db:/var/lib/postgresql/data"
--- a/stateful/pihole-compose.yml
+++ b/stateful/pihole-compose.yml
@ -0,0 +1,24 @@
+networks:
+
+  proxy-net:
+    external: true
+
+services:
+
+  pihole:
+  
+    container_name: pihole
+    image: pihole/pihole:latest
+    ports:
+      - "53:53/tcp"
+      - "53:53/udp"
+      - "3002:80/tcp"
+    environment:
+      TZ: 'Europe/Zurich'
+      WEBPASSWORD: '${PIHOLE_PASSWORD}'
+    volumes:
+      - './containers_storage/pihole/etc:/etc/pihole'
+      - './containers_storage/pihole/dnsmasq.d:/etc/dnsmasq.d'
+    restart: unless-stopped
+    networks:
+      - proxy-net
--- a/stateful/teammapper-compose.yml
+++ b/stateful/teammapper-compose.yml
@ -0,0 +1,55 @@
+networks:
+
+  proxy-net:
+    external: true
+  teammapper-net:
+    external: false
+
+services:
+  teammapper:
+    image: ghcr.io/b310-digital/teammapper:latest
+    environment:
+      MODE: PROD
+      BINDING: "0.0.0.0"
+      POSTGRES_DATABASE: teammapper-db
+      POSTGRES_HOST: teammapper-postgres
+      POSTGRES_PASSWORD: pass
+      POSTGRES_PORT: 5432
+      POSTGRES_SSL: false
+      POSTGRES_SSL_REJECT_UNAUTHORIZED: false
+      POSTGRES_USER: team
+      POSTGRES_QUERY_TIMEOUT: 100000
+      POSTGRES_STATEMENT_TIMEOUT: 100000
+      DELETE_AFTER_DAYS: 30
+    restart: unless-stopped
+    networks:
+      - proxy-net
+      - teammapper-net
+    ports:
+      - 3003:3000
+    depends_on:
+      - teammapper-postgres
+      
+    labels:
+      - traefik.enable=true
+      - traefik.docker.network=proxy-net
+      - traefik.http.routers.teammapper.rule=Host(`think.slowte.ch`)
+      - traefik.http.services.teammapper.loadbalancer.server.port=3000
+      - traefik.http.routers.teammapper.tls=true
+      - traefik.http.routers.teammapper.tls.certresolver=letsencrypt
+      - traefik.http.routers.teammapper.middlewares=auth
+      - traefik.http.middlewares.auth.basicauth.users=${TEAMMAPPER_BASICAUTH}
+
+  teammapper-postgres:
+    image: postgres:12-alpine
+    environment:
+      PGDATA: /var/lib/postgresql/data/pgdata
+      POSTGRES_DB: teammapper-db
+      POSTGRES_PASSWORD: pass
+      POSTGRES_PORT: 5432
+      POSTGRES_USER: team
+    volumes:
+      - './containers_storage/teammapper-postgres:/var/lib/postgresql/data/pgdata'
+    restart: unless-stopped
+    networks:
+      - teammapper-net
--- a/stateful/traefik-compose.yml
+++ b/stateful/traefik-compose.yml
@ -0,0 +1,21 @@
+networks:
+
+  proxy-net:
+    external: true
+
+services:
+
+  traefik:
+  
+    image: "traefik:latest"
+    container_name: "traefik"
+    restart: unless-stopped
+    networks:
+      - proxy-net
+    ports:
+      - "80:80"
+      - "443:443"
+      - "8080:8080"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ./containers_storage/traefik:/etc/traefik
--- a/stateful/vaultwarden-compose.yml
+++ b/stateful/vaultwarden-compose.yml
@ -0,0 +1,29 @@
+networks:
+
+  proxy-net:
+    external: true
+
+services:
+
+  vaultwarden:
+  
+    image: "vaultwarden/server:latest"
+    container_name: "vaultwarden"
+    environment:
+      - ADMIN_TOKEN=${ADMIN_TOKEN}
+      - SIGNUPS_ALLOWED=false
+      - DOMAIN=https://vault.slowte.ch
+    restart: unless-stopped
+    networks:
+      - proxy-net
+    ports:
+      - "3001:80"
+    volumes:
+      - ./containers_storage/vaultwarden:/data:rw
+    labels:
+      - traefik.enable=true
+      - traefik.docker.network=proxy-net
+      - traefik.http.routers.vaultwarden.rule=Host(`vault.slowte.ch`)
+      - traefik.http.services.vaultwarden.loadbalancer.server.port=80
+      - traefik.http.routers.vaultwarden.tls=true
+      - traefik.http.routers.vaultwarden.tls.certresolver=letsencrypt
--- a/stateless/dlnextcloud-compose.yml
+++ b/stateless/dlnextcloud-compose.yml
@ -0,0 +1,17 @@
+services:
+
+  dlnextcloud:
+  
+    container_name: dlnextcloud
+    network_mode: "host"
+    build: https://forge.slowte.ch/selfhosted/dlnextcloud.git
+    image: dlnextcloud
+    restart: unless-stopped
+    environment:
+      - NC_PASSWORD=${NC_PASSWORD}
+      - NC_MUSIC_DIR_URL=https://cloud.slowte.ch/remote.php/dav/files/mediaserver/audio
+      - NC_RADIO_DIR_URL=https://cloud.slowte.ch/remote.php/dav/files/mediaserver/radio
+      - NC_USERNAME=mediaserver
+      - GERBERA_IP=192.168.0.107
+      - GERBERA_PORT=49152
+    privileged: true
--- a/stateless/leantime-compose.yml
+++ b/stateless/leantime-compose.yml
@ -0,0 +1,37 @@
+networks:
+
+  proxy-net:
+    external: true
+  leantime-net:
+    external: false
+
+services:
+
+  leantime:
+  
+    container_name: leantime
+    image: leantime/leantime:latest
+    restart: unless-stopped
+    env_file: ./containers_storage/leantime/.env
+    networks:
+      - leantime-net
+      - proxy-net
+    volumes:
+      - ./containers_storage/leantime/public_userfiles:/var/www/html/public/userfiles
+      - ./containers_storage/leantime/userfiles:/var/www/html/userfiles
+    ports:
+      - "8002:80"
+    depends_on:
+      - leantime-mysql
+
+  leantime-mysql:
+  
+    container_name: leantime-mysql
+    image: mysql:8.0
+    volumes:
+      - ./containers_storage/leantime-mysql:/var/lib/mysql
+    restart: unless-stopped
+    env_file: ./containers_storage/leantime/.env
+    networks:
+      - leantime-net
+    command: --character-set-server=UTF8MB4 --collation-server=UTF8MB4_unicode_ci
--- a/stateless/n8n-compose.yml
+++ b/stateless/n8n-compose.yml
@ -0,0 +1,25 @@
+networks:
+
+  proxy-net:
+    external: true
+
+services:
+
+  n8n:
+  
+    container_name: n8n  
+    image: docker.n8n.io/n8nio/n8n
+    restart: unless-stopped
+    ports:
+      - "8001:5678"
+    volumes:
+      - ./containers_storage/n8n:/home/node/.n8n
+    networks:
+      - proxy-net
+    environment:
+      - N8N_HOST=flows.slowte.ch
+      - N8N_PORT=5678
+      - N8N_PROTOCOL=https
+      - NODE_ENV=production
+      - WEBHOOK_URL=https://flows.slowte.ch/
+      - GENERIC_TIMEZONE=Europe/Zurich
--- a/stateless/ntfy-compose.yml
+++ b/stateless/ntfy-compose.yml
@ -0,0 +1,30 @@
+networks:
+
+  proxy-net:
+    external: true
+
+services:
+
+  ntfy:
+  
+    container_name: ntfy
+    image: binwiederhier/ntfy
+    networks:
+      - proxy-net
+    command:
+      - serve
+    environment:
+      - TZ=CET
+    volumes:      
+      - ./containers_storage/ntfy/cache:/var/cache/ntfy
+      - ./containers_storage/ntfy/lib:/var/lib/ntfy
+      - ./containers_storage/ntfy/etc:/etc/ntfy
+    ports:
+      - "8003:80"
+    healthcheck:
+        test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:80/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"]
+        interval: 60s
+        timeout: 10s
+        retries: 3
+        start_period: 40s
+    restart: unless-stopped
--- a/stateless/woodpecker-compose.yml
+++ b/stateless/woodpecker-compose.yml
@ -0,0 +1,45 @@
+networks:
+
+  proxy-net:
+    external: true
+  woodpecker-net:
+    external: false
+
+services:
+
+  woodpecker:
+  
+    container_name: woodpecker
+    image: woodpeckerci/woodpecker-server:latest
+    networks:
+      - woodpecker-net
+      - proxy-net
+    restart: unless-stopped
+    ports:
+      - 8000:8000
+    volumes:
+      - ./containers_storage/woodpecker:/var/lib/woodpecker/
+    environment:
+      - WOODPECKER_OPEN=true
+      - WOODPECKER_HOST=https://ci.slowte.ch
+      - WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET}
+      - WOODPECKER_GITEA=true
+      - WOODPECKER_GITEA_URL=https://forge.slowte.ch
+      - WOODPECKER_GITEA_CLIENT=${WOODPECKER_GITEA_CLIENT}
+      - WOODPECKER_GITEA_SECRET=${WOODPECKER_GITEA_SECRET}
+
+  woodpecker-worker:
+    
+    container_name: woodpecker-worker
+    image: woodpeckerci/woodpecker-agent:latest
+    command: agent
+    restart: unless-stopped
+    networks:
+      - woodpecker-net
+    depends_on:
+      - woodpecker
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      - WOODPECKER_SERVER=woodpecker:9000
+      - WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET}