vhaudiquet/homeprod
1
0
Fork 0
mirror of https://github.com/vhaudiquet/homeprod.git synced 2025-12-19 12:36:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Valentin Haudiquet
2025-03-22 14:29:48 +01:00
commit da7781035d
87 changed files with 3160 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
docker/home/home-assistant/docker-compose.yml Normal file
View File

@@ -0,0 +1,32 @@
services:
homeassistant:
container_name: homeassistant
image: "ghcr.io/home-assistant/home-assistant:stable"
ports:
- "8123"
networks:
- default
- proxy
environment:
- TZ=Europe/Paris
volumes:
- ha_config:/config
- /etc/localtime:/etc/localtime:ro
- /run/dbus:/run/dbus:ro
restart: unless-stopped
labels:
- "traefik.enable=true"
- "traefik.http.routers.homeassistant.rule=Host(`homeassistant.local`)"
volumes:
ha_config:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/home-assistant/config'
networks:
proxy:
external: true
name: proxy

16
docker/home/matter-server/docker-compose.yml Normal file
View File

@@ -0,0 +1,16 @@
services:
matter-server:
image: ghcr.io/home-assistant-libs/python-matter-server:stable
container_name: matter-server
restart: unless-stopped
network_mode: host
volumes:
- data:/data/
volumes:
data:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/matter-server/data'

25
docker/home/mosquitto-mqtt/docker-compose.yml Normal file
View File

@@ -0,0 +1,25 @@
services:
mosquitto:
image: eclipse-mosquitto
container_name: mosquitto
restart: unless-stopped
ports:
- "1883:1883"
- "9001:9001"
volumes:
- data:/mosquitto/data
- config:/mosquitto/config
volumes:
data:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/mosquitto/data'
config:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/mosquitto/config'

28
docker/home/node-red/docker-compose.yml Normal file
View File

@@ -0,0 +1,28 @@
services:
node-red:
image: nodered/node-red:latest
environment:
- TZ=Europe/Paris
ports:
- "1880"
networks:
- default
- proxy
volumes:
- data:/data
labels:
- "traefik.enable=true"
- "traefik.http.routers.node-red.rule=Host(`nodered.local`)"
volumes:
data:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/nodered/data'
networks:
proxy:
external: true
name: proxy

33
docker/home/zigbee2mqtt/docker-compose.yml Normal file
View File

@@ -0,0 +1,33 @@
services:
zigbee2mqtt:
container_name: zigbee2mqtt
restart: unless-stopped
image: koenkk/zigbee2mqtt
networks:
- default
- proxy
volumes:
- data:/app/data
- /run/udev:/run/udev:ro
ports:
- "8080"
environment:
- TZ=Europe/Paris
devices:
- /dev/ttyUSB0:/dev/ttyUSB0
labels:
- "traefik.enable=true"
- "traefik.http.routers.zigbee2mqtt.rule=Host(`zigbee2mqtt.local`)"
volumes:
data:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/zigbee2mqtt/data'
networks:
proxy:
external: true
name: proxy

23
docker/infrastructure/mail/roundcube/docker-compose.yml Normal file
View File

@@ -0,0 +1,23 @@
services:
roundcube:
image: roundcube/roundcubemail
container_name: roundcube
networks:
- default
- proxy
environment:
- ROUNDCUBEMAIL_DEFAULT_HOST=ssl://mail.vhaudiquet.fr
- ROUNDCUBEMAIL_DEFAULT_PORT=993
- ROUNDCUBEMAIL_SMTP_SERVER=ssl://mail.vhaudiquet.fr
- ROUNDCUBEMAIL_SMTP_PORT=465
ports:
- "8000"
labels:
- "traefik.enable=true"
- "traefik.http.routers.roundcube.rule=Host(`webmail.local`)"
- "traefik.http.routers.roundcube.entrypoints=http"
networks:
proxy:
name: proxy
external: true

32
docker/infrastructure/mail/stalwart/docker-compose.yml Normal file
View File

@@ -0,0 +1,32 @@
services:
stalwart:
image: stalwartlabs/mail-server:latest
container_name: stalwart
networks:
- default
- proxy
volumes:
- stalwart_data:/opt/stalwart-mail
ports:
- "25:25" # SMTP port
- "465:465" # SMTPS port
- "993:993" # IMAPS port
- "587:587" # SMTP Submission STARTTLS
- "8080" # HTTP port
labels:
- "traefik.enable=true"
- "traefik.http.routers.stalwart.rule=Host(`mail.vhaudiquet.fr`)"
- "traefik.http.services.stalwart.loadbalancer.server.port=8080"
volumes:
stalwart_data:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/stalwart/data'
networks:
proxy:
name: proxy
external: true

24
docker/infrastructure/network/traefik/docker-compose.yml Normal file
View File

@@ -0,0 +1,24 @@
services:
traefik:
image: traefik:v3.2
command:
- "--configFile=/etc/traefik/traefik.yml"
ports:
- "80:80"
- "8080:8080"
networks:
- default
- proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- type: bind
source: /root/traefik.yml
target: /etc/traefik/traefik.yml
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`traefik.local`)"
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
networks:
proxy:
name: proxy

16
docker/infrastructure/network/traefik/traefik.yml Normal file
View File

@@ -0,0 +1,16 @@
api:
insecure: true
entryPoints:
http:
address: ":80"
forwardedHeaders:
trustedIPs:
- "127.0.0.1/32"
- "10.1.2.11/32" # nginxproxymanager
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
network: proxy
exposedByDefault: false

11
docker/infrastructure/sshportal/docker-compose.yml Normal file
View File

@@ -0,0 +1,11 @@
services:
sshportal:
image: moul/sshportal
container_name: sshportal
ports:
- "2222:2222"
volumes:
- "data:/root/"
volumes:
data:

96
docker/personal/gramps/docker-compose.yml Normal file
View File

@@ -0,0 +1,96 @@
services:
grampsweb:
container_name: grampsweb
image: ghcr.io/gramps-project/grampsweb:latest
restart: always
networks:
- default
- proxy
ports:
- "5000"
environment:
GRAMPSWEB_TREE: "Gramps Web" # will create a new tree if not exists
GRAMPSWEB_CELERY_CONFIG__broker_url: "redis://grampsweb_redis:6379/0"
GRAMPSWEB_CELERY_CONFIG__result_backend: "redis://grampsweb_redis:6379/0"
GRAMPSWEB_RATELIMIT_STORAGE_URI: redis://grampsweb_redis:6379/1
depends_on:
- grampsweb_redis
volumes:
- gramps_users:/app/users
- gramps_index:/app/indexdir
- gramps_thumb_cache:/app/thumbnail_cache
- gramps_cache:/app/cache
- gramps_secret:/app/secret
- gramps_db:/root/.gramps/grampsdb
- gramps_media:/app/media
- gramps_tmp:/tmp
labels:
- "traefik.enable=true"
- "traefik.http.routers.grampsweb.rule=Host(`gramps.local`)"
grampsweb_celery:
container_name: grampsweb_celery
image: ghcr.io/gramps-project/grampsweb:latest
restart: always
environment:
GRAMPSWEB_TREE: "Gramps Web" # will create a new tree if not exists
GRAMPSWEB_CELERY_CONFIG__broker_url: "redis://grampsweb_redis:6379/0"
GRAMPSWEB_CELERY_CONFIG__result_backend: "redis://grampsweb_redis:6379/0"
GRAMPSWEB_RATELIMIT_STORAGE_URI: redis://grampsweb_redis:6379/1
volumes:
- gramps_users:/app/users
- gramps_index:/app/indexdir
- gramps_thumb_cache:/app/thumbnail_cache
- gramps_cache:/app/cache
- gramps_secret:/app/secret
- gramps_db:/root/.gramps/grampsdb
- gramps_media:/app/media
- gramps_tmp:/tmp
depends_on:
- grampsweb_redis
command: celery -A gramps_webapi.celery worker --loglevel=INFO --concurrency=2
grampsweb_redis:
image: docker.io/library/redis:7.2.4-alpine
container_name: grampsweb_redis
restart: always
volumes:
gramps_users:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/gramps/users'
gramps_index:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/gramps/index'
gramps_thumb_cache:
gramps_cache:
gramps_secret:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/gramps/secret'
gramps_db:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/gramps/db'
gramps_media:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/gramps/media'
gramps_tmp:
networks:
proxy:
name: proxy
external: true

39
docker/personal/media/films-series/jackett/docker-compose.yml Normal file
View File

@@ -0,0 +1,39 @@
services:
jackett:
container_name: jackett
image: ghcr.io/hotio/jackett
ports:
- "9117"
networks:
- default
- proxy
environment:
- PUID=1000
- PGID=1000
- UMASK=002
- TZ=Europe/Paris
volumes:
- config:/config
- definitions:/app/Definitions
labels:
- "traefik.enable=true"
- "traefik.http.routers.jackett.rule=Host(`jackett.local`)"
volumes:
config:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/jackett/config'
definitions:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/jackett/Definitions/Custom'
networks:
proxy:
external: true
name: proxy

58
docker/personal/media/films-series/jellyfin/docker-compose.yml Normal file
View File

@@ -0,0 +1,58 @@
services:
jellyfin:
image: jellyfin/jellyfin
container_name: jellyfin
user: "1000:1000"
networks:
- default
- proxy
ports:
- "8096"
volumes:
- config:/etc/jellyfin
- data:/var/lib/jellyfin
- cache:/cache
- log:/log
- nfs_films:/films
- nfs_series:/series
restart: 'unless-stopped'
# Alternative address used for autodiscovery
environment:
- JELLYFIN_PublishedServerUrl=https://flix.vhaudiquet.fr
- JELLYFIN_CONFIG_DIR=/etc/jellyfin
- JELLYFIN_DATA_DIR=/var/lib/jellyfin
- JELLYFIN_LOG_DIR=/log
- JELLYFIN_CACHE_DIR=/cache
labels:
- "traefik.enable=true"
- "traefik.http.routers.jellyfin.rule=Host(`flix.vhaudiquet.fr`)"
volumes:
nfs_films:
driver_opts:
type: 'nfs'
o: 'addr=truenas.local,ro'
device: ':/mnt/media/films'
nfs_series:
driver_opts:
type: 'nfs'
o: 'addr=truenas.local,ro'
device: ':/mnt/media/series'
cache:
log:
config:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/jellyfin/config'
data:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/jellyfin/data'
networks:
proxy:
name: proxy
external: true

32
docker/personal/media/films-series/jellyseerr/docker-compose.yml Normal file
View File

@@ -0,0 +1,32 @@
services:
jellyseerr:
image: fallenbagel/jellyseerr:latest
container_name: jellyseerr
environment:
- LOG_LEVEL=debug
- TZ=Europe/Paris
- PORT=5055 #optional
networks:
- default
- proxy
ports:
- 5055
volumes:
- config:/app/config
restart: unless-stopped
labels:
- "traefik.enable=true"
- "traefik.http.routers.jellyseerr.rule=Host(`jellyseerr.local`)"
volumes:
config:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/jellyseerr/config'
networks:
proxy:
name: proxy
external: true

44
docker/personal/media/films-series/radarr/docker-compose.yml Normal file
View File

@@ -0,0 +1,44 @@
services:
radarr:
container_name: radarr
image: ghcr.io/hotio/radarr
ports:
- "7878"
networks:
- default
- proxy
environment:
- PUID=1000
- PGID=1000
- UMASK=002
- TZ=Europe/Paris
volumes:
- config:/config
- data_movies:/films
- data_downloads:/mediadl
labels:
- "traefik.enable=true"
- "traefik.http.routers.radarr.rule=Host(`radarr.local`)"
volumes:
config:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/radarr/config'
data_movies:
driver_opts:
type: 'nfs'
o: 'addr=truenas.local'
device: ':/mnt/media/films'
data_downloads:
driver_opts:
type: 'nfs'
o: 'addr=truenas.local'
device: ':/mnt/media/download'
networks:
proxy:
external: true
name: proxy

48
docker/personal/media/films-series/sonarr/docker-compose.yml Normal file
View File

@@ -0,0 +1,48 @@
services:
sonarr:
container_name: sonarr
image: ghcr.io/hotio/sonarr:latest
ports:
- "8989"
networks:
- default
- proxy
environment:
- PUID=1000
- PGID=1000
- UMASK=002
- TZ=Europe/Paris
volumes:
- config:/config
- data_series:/data/tv
- data_downloads:/mediadl
- cache:/cache
- log:/log
labels:
- "traefik.enable=true"
- "traefik.http.routers.sonarr.rule=Host(`sonarr.local`)"
volumes:
cache:
log:
config:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/sonarr/config'
data_series:
driver_opts:
type: 'nfs'
o: 'addr=truenas.local'
device: ':/mnt/media/series'
data_downloads:
driver_opts:
type: 'nfs'
o: 'addr=truenas.local'
device: ':/mnt/media/download'
networks:
proxy:
external: true
name: proxy

44
docker/personal/media/films-series/transmission/docker-compose.yml Normal file
View File

@@ -0,0 +1,44 @@
services:
transmission:
image: lscr.io/linuxserver/transmission:latest
container_name: transmission
networks:
- default
- proxy
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Paris
- USER=transmission
- PASS=transmission
- HOST_WHITELIST=transmission.local
volumes:
- config:/config
- downloads:/mediadl
ports:
- '9091'
- 51413:51413
- 51413:51413/udp
restart: unless-stopped
labels:
- "traefik.enable=true"
- "traefik.http.routers.transmission.rule=Host(`transmission.local`)"
volumes:
config:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/transmission/config'
downloads:
driver_opts:
type: 'nfs'
o: 'addr=truenas.local'
device: ':/mnt/media/download'
networks:
proxy:
external: true
name: proxy

27
docker/personal/media/films-series/wizarr/docker-compose.yml Normal file
View File

@@ -0,0 +1,27 @@
services:
wizarr:
container_name: wizarr
image: ghcr.io/wizarrrr/wizarr:latest
networks:
- default
- proxy
ports:
- 5690:5690
volumes:
- wizarr_data:/data/database
labels:
- "traefik.enable=true"
- "traefik.http.routers.wizarr.rule=Host(`wizarr.local`)"
volumes:
wizarr_data:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/wizarr/data'
networks:
proxy:
external: true
name: proxy

41
docker/personal/media/music/navidrome/docker-compose.yml Normal file
View File

@@ -0,0 +1,41 @@
services:
navidrome:
image: deluan/navidrome:latest
user: 1000:1000 # should be owner of volumes
ports:
- "4533"
restart: unless-stopped
networks:
- default
- proxy
environment:
ND_SCANSCHEDULE: 1h
ND_LOGLEVEL: info
ND_SESSIONTIMEOUT: 24h
ND_BASEURL: "http://navidrome.local"
ND_PORT: 4533
ND_REVERSEPROXYWHITELIST: "172.20.0.0/16,10.1.2.11/32"
volumes:
- data:/data
- "music:/music:ro"
labels:
- "traefik.enable=true"
- "traefik.http.routers.navidrome.rule=Host(`navidrome.local`)"
volumes:
music:
driver_opts:
type: 'nfs'
o: 'addr=truenas.local,ro'
device: ':/mnt/media/music'
data:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/navidrome/data'
networks:
proxy:
external: true
name: proxy

94
docker/personal/media/youtube/tubearchivist/docker-compose.yml Normal file
View File

@@ -0,0 +1,94 @@
services:
tubearchivist:
container_name: tubearchivist
restart: unless-stopped
image: bbilly1/tubearchivist:v0.4.13
ports:
- "8000"
networks:
- default
- proxy
volumes:
- media:/youtube
- cache:/cache
env_file:
- .env
environment:
- ES_URL=http://archivist-es:9200
- REDIS_HOST=archivist-redis
- HOST_UID=1000
- HOST_GID=1000
- TA_HOST=tubearchivist.local
- TZ=Europe/Paris
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
interval: 2m
timeout: 10s
retries: 3
start_period: 30s
depends_on:
- archivist-es
- archivist-redis
labels:
- "traefik.enable=true"
- "traefik.http.routers.tubearchivist.rule=Host(`tubearchivist.local`)"
- "traefik.http.routers.tubearchivist.middlewares=tubearchivist-headers"
- "traefik.http.middlewares.tubearchivist-headers.headers.accesscontrolalloworiginlist=*"
- "traefik.http.middlewares.tubearchivist-headers.headers.accesscontrolallowmethods=GET,OPTIONS,PUT"
- "traefik.http.middlewares.tubearchivist-headers.headers.accesscontrolallowheaders=Authorization,*"
archivist-redis:
image: redis/redis-stack-server
container_name: archivist-redis
restart: unless-stopped
expose:
- "6379"
volumes:
- redis:/data
depends_on:
- archivist-es
archivist-es:
image: bbilly1/tubearchivist-es # only for amd64, or use official es 8.16.0
container_name: archivist-es
restart: unless-stopped
env_file:
- .env
environment:
- "ES_JAVA_OPTS=-Xms1g -Xmx1g"
- "xpack.security.enabled=true"
- "discovery.type=single-node"
- "path.repo=/usr/share/elasticsearch/data/snapshot"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- es:/usr/share/elasticsearch/data
expose:
- "9200"
volumes:
media:
driver_opts:
type: 'nfs'
o: 'addr=truenas.local'
device: ':/mnt/media/youtube'
cache:
redis:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/tubearchivist/redis'
es:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/tubearchivist/es'
networks:
proxy:
external: true
name: proxy

86
docker/personal/paperless/docker-compose.yml Normal file
View File

@@ -0,0 +1,86 @@
services:
pplessbroker:
image: docker.io/library/redis:7
restart: unless-stopped
volumes:
- redisdata:/data
pplessdb:
image: docker.io/library/postgres:16
restart: unless-stopped
volumes:
- pgdata:/var/lib/postgresql/data
env_file:
- .env
environment:
POSTGRES_DB: paperless
paperless-webserver:
image: ghcr.io/paperless-ngx/paperless-ngx:latest
restart: unless-stopped
networks:
- default
- proxy
depends_on:
- pplessdb
- pplessbroker
ports:
- "8000"
volumes:
- data:/usr/src/paperless/data
- media:/usr/src/paperless/media
- export:/usr/src/paperless/export
- consume:/usr/src/paperless/consume
labels:
- "traefik.enable=true"
- "traefik.http.routers.paperless-webserver.rule=Host(`paperless.local`)"
env_file: .env
environment:
PAPERLESS_REDIS: redis://pplessbroker:6379
PAPERLESS_DBHOST: pplessdb
PAPERLESS_APPS: allauth.socialaccount.providers.openid_connect
PAPERLESS_ACCOUNT_DEFAULT_HTTP_PROTOCOL: http
volumes:
data:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/paperless/data'
media:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/paperless/media'
pgdata:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/paperless/db'
redisdata:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/paperless/redis'
export:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/paperless/export'
consume:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/paperless/consume'
networks:
proxy:
external: true
name: proxy

48
docker/personal/radicale/docker-compose.yml Normal file
View File

@@ -0,0 +1,48 @@
services:
radicale:
image: tomsquest/docker-radicale
container_name: radicale
ports:
- 5232
init: true
read_only: true
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
cap_add:
- SETUID
- SETGID
- CHOWN
- KILL
deploy:
resources:
limits:
memory: 256M
pids: 50
healthcheck:
test: curl -f http://127.0.0.1:5232 || exit 1
interval: 30s
retries: 3
restart: unless-stopped
volumes:
- data:/data
labels:
- "traefik.enable=true"
- "traefik.http.routers.radicale.rule=Host(`radicale.local`)"
networks:
- default
- proxy
volumes:
data:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/radicale/data'
networks:
proxy:
external: true
name: proxy

42
docker/personal/syncthing/docker-compose.yml Normal file
View File

@@ -0,0 +1,42 @@
services:
syncthing-valentin:
image: syncthing/syncthing
container_name: syncthing-valentin
hostname: syncthing-valentin
network_mode: host
environment:
- PUID=1000
- PGID=1000
volumes:
- config:/var/syncthing/config
- valentin_documents:/valentin/Documents
- valentin_photos:/valentin/Photos
ports:
- 8384:8384 # Web UI
- 22000:22000/tcp # TCP file transfers
- 22000:22000/udp # QUIC file transfers
- 21027:21027/udp # Receive local discovery broadcasts
restart: unless-stopped
healthcheck:
test: curl -fkLsS -m 2 127.0.0.1:8384/rest/noauth/health | grep -o --color=never OK || exit 1
interval: 1m
timeout: 10s
retries: 3
volumes:
config:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/syncthing-valentin/config'
valentin_documents:
driver_opts:
type: 'nfs'
o: 'addr=truenas.local'
device: ':/mnt/main_storage/valentin/Documents'
valentin_photos:
driver_opts:
type: 'nfs'
o: 'addr=truenas.local'
device: ':/mnt/main_storage/valentin/Photos'

71
docker/personal/tandoor/docker-compose.yml Normal file
View File

@@ -0,0 +1,71 @@
services:
db_recipes:
restart: always
image: postgres:16-alpine
volumes:
- postgresql:/var/lib/postgresql/data
env_file:
- ./.env
web_recipes:
restart: always
image: vabene1111/recipes
env_file:
- ./.env
volumes:
- staticfiles:/opt/recipes/staticfiles
- nginx_config:/opt/recipes/nginx/conf.d
- mediafiles:/opt/recipes/mediafiles
depends_on:
- db_recipes
nginx_recipes:
image: nginx:mainline-alpine
restart: always
networks:
- default
- proxy
ports:
- 80
env_file:
- ./.env
depends_on:
- web_recipes
volumes:
- nginx_config:/etc/nginx/conf.d:ro
- staticfiles:/static:ro
- mediafiles:/media:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.nginx_recipes.rule=Host(`tandoor.local`)"
volumes:
nginx_config:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/tandoor/nginx_config'
staticfiles:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/tandoor/staticfiles'
mediafiles:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/tandoor/mediafiles'
postgresql:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/tandoor/db'
networks:
proxy:
external: true
name: proxy

27
docker/production/alexscript/docker-compose.yml Normal file
View File

@@ -0,0 +1,27 @@
services:
alexscript:
container_name: alexscript
image: git.vhaudiquet.fr/vhaudiquet/alexscript:latest
networks:
- default
- proxy
environment:
- TZ=Europe/Paris
ports:
- 80
volumes:
- /etc/timezone:/etc/timezone:ro
- reservations:/app/reservations
- selenium_data_02:/app/.chrome-selenium
labels:
- "traefik.enable=true"
- "traefik.http.routers.alexscript.rule=Host(`alexscript.vhaudiquet.fr`)"
volumes:
reservations:
selenium_data_02:
networks:
proxy:
external: true
name: proxy

20
docker/production/semery.fr/docker-compose.yml Normal file
View File

@@ -0,0 +1,20 @@
services:
semeryfr:
container_name: semeryfr
image: git.vhaudiquet.fr/semerys/semery.fr:latest
networks:
- default
- proxy
ports:
- 80
labels:
- "traefik.enable=true"
- "traefik.http.routers.semeryfr.rule=Host(`semery.fr`)"
environment:
- NGINX_HOST=semery.fr
- NGINX_PORT=80
networks:
proxy:
external: true
name: proxy

29
docker/production/vhaudiquet.fr/docker-compose.yml Normal file
View File

@@ -0,0 +1,29 @@
services:
vhaudiquetfr:
container_name: vhaudiquetfr
image: git.vhaudiquet.fr/vhaudiquet/vhaudiquet.fr:latest
networks:
- default
- proxy
ports:
- 80
labels:
- "traefik.enable=true"
- "traefik.http.routers.vhaudiquetfr.rule=Host(`vhaudiquet.fr`)"
environment:
- NGINX_HOST=vhaudiquet.fr
- NGINX_PORT=80
volumes:
- public:/usr/share/nginx/html/public
networks:
proxy:
external: true
name: proxy
volumes:
public:
driver_opts:
type: 'nfs'
o: 'addr=truenas.local'
device: ':/mnt/main_storage/public'

16
docker/tools/excalidraw/docker-compose.yml Normal file
View File

@@ -0,0 +1,16 @@
services:
excalidraw:
image: excalidraw/excalidraw
networks:
- default
- proxy
ports:
- "80"
labels:
- "traefik.enable=true"
- "traefik.http.routers.excalidraw.rule=Host(`excalidraw.local`)"
networks:
proxy:
name: proxy
external: true

55
docker/tools/hedgedoc/docker-compose.yml Normal file
View File

@@ -0,0 +1,55 @@
services:
hedgedoc-database:
image: postgres:11.6-alpine
env_file:
- .env
environment:
- POSTGRES_DB=codimd
volumes:
- "database-data:/var/lib/postgresql/data"
restart: always
hedgedoc:
image: quay.io/hedgedoc/hedgedoc:1.10.0
networks:
- default
- proxy
env_file:
- .env
environment:
- CMD_USECDN=false
- CMD_ALLOW_EMAIL_REGISTER=false
- CMD_ALLOW_ANONYMOUS=false
- CMD_DOMAIN=md.vhaudiquet.fr
- CMD_PROTOCOL_USESSL=true
depends_on:
- hedgedoc-database
ports:
- "3000"
volumes:
- upload-data:/home/hackmd/app/public/uploads
- upload-data:/hedgedoc/public/uploads
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.hedgedoc.rule=Host(`md.vhaudiquet.fr`)"
- "traefik.http.routers.hedgedoc.entrypoints=http"
volumes:
database-data:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/codimd/db'
upload-data:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/codimd/uploads'
networks:
proxy:
external: true
name: proxy

283
docker/tools/notesnook/docker-compose.yml Normal file
View File

@@ -0,0 +1,283 @@
x-server-discovery: &server-discovery
NOTESNOOK_SERVER_PORT: 5264
NOTESNOOK_SERVER_HOST: notesnook-server
IDENTITY_SERVER_PORT: 8264
IDENTITY_SERVER_HOST: identity-server
SSE_SERVER_PORT: 7264
SSE_SERVER_HOST: sse-server
SELF_HOSTED: 1
IDENTITY_SERVER_URL: ${AUTH_SERVER_PUBLIC_URL}
NOTESNOOK_APP_HOST: ${NOTESNOOK_APP_PUBLIC_URL}
x-env-files: &env-files
- .env
services:
validate:
image: vandot/alpine-bash
entrypoint: /bin/bash
env_file: *env-files
command:
- -c
- |
# List of required environment variables
required_vars=(
"INSTANCE_NAME"
"NOTESNOOK_API_SECRET"
"DISABLE_SIGNUPS"
"SMTP_USERNAME"
"SMTP_PASSWORD"
"SMTP_HOST"
"SMTP_PORT"
"AUTH_SERVER_PUBLIC_URL"
"NOTESNOOK_APP_PUBLIC_URL"
"MONOGRAPH_PUBLIC_URL"
"ATTACHMENTS_SERVER_PUBLIC_URL"
)
# Check each required environment variable
for var in "$${required_vars[@]}"; do
if [ -z "$${!var}" ]; then
echo "Error: Required environment variable $$var is not set."
exit 1
fi
done
echo "All required environment variables are set."
# Ensure the validate service runs first
restart: "no"
notesnook-db:
image: mongo:7.0.12
hostname: notesnookdb
volumes:
- dbdata:/data/db
- dbdata:/data/configdb
networks:
- notesnook
command: --replSet rs0 --bind_ip_all
depends_on:
validate:
condition: service_completed_successfully
healthcheck:
test: echo 'db.runCommand("ping").ok' | mongosh mongodb://localhost:27017 --quiet
interval: 40s
timeout: 30s
retries: 3
start_period: 60s
# the notesnook sync server requires transactions which only work
# with a MongoDB replica set.
# This job just runs `rs.initiate()` on our mongodb instance
# upgrading it to a replica set. This is only required once but we running
# it multiple times is no issue.
initiate-rs0:
image: mongo:7.0.12
networks:
- notesnook
depends_on:
- notesnook-db
entrypoint: /bin/sh
command:
- -c
- |
mongosh mongodb://notesnookdb:27017 <<EOF
rs.initiate();
rs.status();
EOF
notesnook-s3:
image: minio/minio:RELEASE.2024-07-29T22-14-52Z
# ports:
# - 9000:9000
networks:
- notesnook
- proxy
volumes:
- s3data:/data/s3
environment:
MINIO_BROWSER: "on"
depends_on:
validate:
condition: service_completed_successfully
env_file: *env-files
command: server /data/s3 --console-address :9090
healthcheck:
test: timeout 5s bash -c ':> /dev/tcp/127.0.0.1/9000' || exit 1
interval: 40s
timeout: 30s
retries: 3
start_period: 60s
labels:
- "traefik.enable=true"
- "traefik.http.routers.notesnook-s3.rule=Host(`notesnook.vhaudiquet.fr`) && PathPrefix(`/s3`)"
- "traefik.http.routers.notesnook-s3.middlewares=notesnook-s3"
- "traefik.http.middlewares.notesnook-s3.stripprefix.prefixes=/s3"
- "traefik.docker.network=proxy"
- "traefik.http.routers.notesnook-s3.entrypoints=http"
# There's no way to specify a default bucket in Minio so we have to
# set it up ourselves.
setup-s3:
image: minio/mc:RELEASE.2024-07-26T13-08-44Z
depends_on:
- notesnook-s3
networks:
- notesnook
entrypoint: /bin/bash
env_file: *env-files
command:
- -c
- |
until mc alias set minio http://notesnook-s3:9000 ${MINIO_ROOT_USER:-minioadmin} ${MINIO_ROOT_PASSWORD:-minioadmin}; do
sleep 1;
done;
mc mb minio/attachments -p
identity-server:
image: streetwriters/identity:latest
ports:
- 8264
networks:
- notesnook
- proxy
env_file: *env-files
depends_on:
- notesnook-db
healthcheck:
test: wget --tries=1 -nv -q http://localhost:8264/health -O- || exit 1
interval: 40s
timeout: 30s
retries: 3
start_period: 60s
environment:
<<: *server-discovery
MONGODB_CONNECTION_STRING: mongodb://notesnookdb:27017/identity?replSet=rs0
MONGODB_DATABASE_NAME: identity
labels:
- "traefik.enable=true"
- "traefik.http.routers.identity-server.rule=Host(`notesnook.vhaudiquet.fr`) && PathPrefix(`/identity`)"
- "traefik.http.routers.identity-server.middlewares=identity-server,notesnook-server-cors"
- "traefik.http.middlewares.identity-server.stripprefix.prefixes=/identity"
- "traefik.docker.network=proxy"
- "traefik.http.routers.identity-server.entrypoints=http"
- "traefik.http.services.identity-server.loadbalancer.server.port=8264"
notesnook-server:
image: streetwriters/notesnook-sync:latest
ports:
- 5264
networks:
- notesnook
- proxy
env_file: *env-files
depends_on:
- notesnook-s3
- setup-s3
- identity-server
healthcheck:
test: wget --tries=1 -nv -q http://localhost:5264/health -O- || exit 1
interval: 40s
timeout: 30s
retries: 3
start_period: 60s
environment:
<<: *server-discovery
MONGODB_CONNECTION_STRING: mongodb://notesnookdb:27017/?replSet=rs0
MONGODB_DATABASE_NAME: notesnook
S3_INTERNAL_SERVICE_URL: "http://notesnook-s3:9000"
S3_INTERNAL_BUCKET_NAME: "attachments"
S3_ACCESS_KEY_ID: "${MINIO_ROOT_USER:-minioadmin}"
S3_ACCESS_KEY: "${MINIO_ROOT_PASSWORD:-minioadmin}"
S3_SERVICE_URL: "${ATTACHMENTS_SERVER_PUBLIC_URL}"
S3_REGION: "us-east-1"
S3_BUCKET_NAME: "attachments"
labels:
- "traefik.enable=true"
- "traefik.http.routers.notesnook-server.rule=Host(`notesnook.vhaudiquet.fr`)"
- "traefik.docker.network=proxy"
- "traefik.http.routers.notesnook-server.entrypoints=http"
- "traefik.http.routers.notesnook-server.middlewares=notesnook-server-cors"
- "traefik.http.middlewares.notesnook-server-cors.headers.accesscontrolalloworiginlist=https://app.notesnook.com,http://localhost:3000,https://notesnook.vhaudiquet.fr"
- "traefik.http.middlewares.notesnook-server-cors.headers.accesscontrolallowmethods=GET,OPTIONS,PUT"
- "traefik.http.middlewares.notesnook-server-cors.headers.accesscontrolallowheaders=Authorization,*"
- "traefik.http.middlewares.notesnook-server-cors.headers.accesscontrolallowcredentials=true"
sse-server:
image: streetwriters/sse:latest
ports:
- 7264
env_file: *env-files
depends_on:
- identity-server
- notesnook-server
networks:
- notesnook
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.routers.sse-server.rule=Host(`notesnook.vhaudiquet.fr`) && PathPrefix(`/sse`)"
- "traefik.http.routers.sse-server.middlewares=sse-server,notesnook-server-cors"
- "traefik.http.middlewares.sse-server.stripprefix.prefixes=/sse"
- "traefik.docker.network=proxy"
- "traefik.http.routers.sse-server.entrypoints=http"
healthcheck:
test: wget --tries=1 -nv -q http://localhost:7264/health -O- || exit 1
interval: 40s
timeout: 30s
retries: 3
start_period: 60s
environment:
<<: *server-discovery
monograph-server:
image: streetwriters/monograph:latest
# ports:
# - 6264:3000
env_file: *env-files
depends_on:
- notesnook-server
networks:
- notesnook
- proxy
healthcheck:
test: wget --tries=1 -nv -q http://localhost:3000/api/health -O- || exit 1
interval: 40s
timeout: 30s
retries: 3
start_period: 60s
environment:
<<: *server-discovery
API_HOST: http://notesnook-server:5264
PUBLIC_URL: ${MONOGRAPH_PUBLIC_URL}
labels:
- "traefik.enable=true"
- "traefik.http.routers.monograph-server.rule=Host(`notesnook.vhaudiquet.fr`) && PathPrefix(`/monograph`)"
- "traefik.http.routers.monograph-server.middlewares=monograph-server,notesnook-server-cors"
- "traefik.http.middlewares.monograph-server.stripprefix.prefixes=/monograph"
- "traefik.docker.network=proxy"
- "traefik.http.routers.monograph-server.entrypoints=http"
- "traefik.http.services.monograph-server.loadbalancer.server.port=3000"
autoheal:
image: willfarrell/autoheal:latest
tty: true
restart: always
environment:
- AUTOHEAL_INTERVAL=60
- AUTOHEAL_START_PERIOD=300
- AUTOHEAL_DEFAULT_STOP_TIMEOUT=10
depends_on:
validate:
condition: service_completed_successfully
volumes:
- /var/run/docker.sock:/var/run/docker.sock
networks:
notesnook:
proxy:
name: proxy
external: true
volumes:
dbdata:
s3data:

53
docker/tools/stirling-pdf/docker-compose.yml Normal file
View File

@@ -0,0 +1,53 @@
services:
stirling-pdf:
image: stirlingtools/stirling-pdf:latest
ports:
- '8080'
networks:
- default
- proxy
volumes:
- trainingData:/usr/share/tessdata # Required for extra OCR languages
- extraConfigs:/configs
- customFiles:/customFiles/
- logs:/logs/
- pipeline:/pipeline/
environment:
- DOCKER_ENABLE_SECURITY=false
- INSTALL_BOOK_AND_ADVANCED_HTML_OPS=false
- LANGS=en_GB,fr_FR
labels:
- "traefik.enable=true"
- "traefik.http.routers.stirling-pdf.rule=Host(`stirling-pdf.local`)"
volumes:
trainingData:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/stirling-pdf/trainingData'
extraConfigs:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/stirling-pdf/extraConfigs'
customFiles:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/stirling-pdf/customFiles'
pipeline:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/stirling-pdf/pipeline'
logs:
networks:
proxy:
external: true
name: proxy