Initial commit

docker/tools/excalidraw/docker-compose.yml

@@ -0,0 +1,16 @@
+services:
+  excalidraw:
+    image: excalidraw/excalidraw
+    networks:
+      - default
+      - proxy
+    ports:
+      - "80"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.excalidraw.rule=Host(`excalidraw.local`)"
+
+networks:
+  proxy:
+    name: proxy
+    external: true

docker/tools/hedgedoc/docker-compose.yml

@@ -0,0 +1,55 @@
+services:
+  hedgedoc-database:
+    image: postgres:11.6-alpine
+    env_file:
+      - .env
+    environment:
+      - POSTGRES_DB=codimd
+    volumes:
+      - "database-data:/var/lib/postgresql/data"
+    restart: always
+
+  hedgedoc:
+    image: quay.io/hedgedoc/hedgedoc:1.10.0
+    networks:
+      - default
+      - proxy
+    env_file:
+      - .env
+    environment:
+      - CMD_USECDN=false
+      - CMD_ALLOW_EMAIL_REGISTER=false
+      - CMD_ALLOW_ANONYMOUS=false
+      - CMD_DOMAIN=md.vhaudiquet.fr
+      - CMD_PROTOCOL_USESSL=true
+    depends_on:
+      - hedgedoc-database
+    ports:
+      - "3000"
+    volumes:
+      - upload-data:/home/hackmd/app/public/uploads
+      - upload-data:/hedgedoc/public/uploads
+    restart: always
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.hedgedoc.rule=Host(`md.vhaudiquet.fr`)"
+      - "traefik.http.routers.hedgedoc.entrypoints=http"
+
+volumes:
+  database-data:
+      driver: local
+      driver_opts:
+        type: 'none'
+        o: 'bind'
+        device: '/app/codimd/db'
+  upload-data:
+    driver: local
+    driver_opts:
+      type: 'none'
+      o: 'bind'
+      device: '/app/codimd/uploads'
+
+networks:
+  proxy:
+    external: true
+    name: proxy

docker/tools/notesnook/docker-compose.yml

@@ -0,0 +1,283 @@
+x-server-discovery: &server-discovery
+  NOTESNOOK_SERVER_PORT: 5264
+  NOTESNOOK_SERVER_HOST: notesnook-server
+  IDENTITY_SERVER_PORT: 8264
+  IDENTITY_SERVER_HOST: identity-server
+  SSE_SERVER_PORT: 7264
+  SSE_SERVER_HOST: sse-server
+  SELF_HOSTED: 1
+  IDENTITY_SERVER_URL: ${AUTH_SERVER_PUBLIC_URL}
+  NOTESNOOK_APP_HOST: ${NOTESNOOK_APP_PUBLIC_URL}
+
+x-env-files: &env-files
+  - .env
+
+services:
+  validate:
+    image: vandot/alpine-bash
+    entrypoint: /bin/bash
+    env_file: *env-files
+    command:
+      - -c
+      - |
+        # List of required environment variables
+        required_vars=(
+          "INSTANCE_NAME"
+          "NOTESNOOK_API_SECRET"
+          "DISABLE_SIGNUPS"
+          "SMTP_USERNAME"
+          "SMTP_PASSWORD"
+          "SMTP_HOST"
+          "SMTP_PORT"
+          "AUTH_SERVER_PUBLIC_URL"
+          "NOTESNOOK_APP_PUBLIC_URL"
+          "MONOGRAPH_PUBLIC_URL"
+          "ATTACHMENTS_SERVER_PUBLIC_URL"
+        )
+
+        # Check each required environment variable
+        for var in "$${required_vars[@]}"; do
+          if [ -z "$${!var}" ]; then
+            echo "Error: Required environment variable $$var is not set."
+            exit 1
+          fi
+        done
+
+        echo "All required environment variables are set."
+    # Ensure the validate service runs first
+    restart: "no"
+
+  notesnook-db:
+    image: mongo:7.0.12
+    hostname: notesnookdb
+    volumes:
+      - dbdata:/data/db
+      - dbdata:/data/configdb
+    networks:
+      - notesnook
+    command: --replSet rs0 --bind_ip_all
+    depends_on:
+      validate:
+        condition: service_completed_successfully
+    healthcheck:
+      test: echo 'db.runCommand("ping").ok' | mongosh mongodb://localhost:27017 --quiet
+      interval: 40s
+      timeout: 30s
+      retries: 3
+      start_period: 60s
+
+  # the notesnook sync server requires transactions which only work
+  # with a MongoDB replica set.
+  # This job just runs `rs.initiate()` on our mongodb instance
+  # upgrading it to a replica set. This is only required once but we running
+  # it multiple times is no issue.
+  initiate-rs0:
+    image: mongo:7.0.12
+    networks:
+      - notesnook
+    depends_on:
+      - notesnook-db
+    entrypoint: /bin/sh
+    command:
+      - -c
+      - |
+        mongosh mongodb://notesnookdb:27017 <<EOF
+          rs.initiate();
+          rs.status();
+        EOF
+
+  notesnook-s3:
+    image: minio/minio:RELEASE.2024-07-29T22-14-52Z
+    # ports:
+      # - 9000:9000
+    networks:
+      - notesnook
+      - proxy
+    volumes:
+      - s3data:/data/s3
+    environment:
+      MINIO_BROWSER: "on"
+    depends_on:
+      validate:
+        condition: service_completed_successfully
+    env_file: *env-files
+    command: server /data/s3 --console-address :9090
+    healthcheck:
+      test: timeout 5s bash -c ':> /dev/tcp/127.0.0.1/9000' || exit 1
+      interval: 40s
+      timeout: 30s
+      retries: 3
+      start_period: 60s
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.notesnook-s3.rule=Host(`notesnook.vhaudiquet.fr`) && PathPrefix(`/s3`)"
+      - "traefik.http.routers.notesnook-s3.middlewares=notesnook-s3"
+      - "traefik.http.middlewares.notesnook-s3.stripprefix.prefixes=/s3"
+      - "traefik.docker.network=proxy"
+      - "traefik.http.routers.notesnook-s3.entrypoints=http"
+
+  # There's no way to specify a default bucket in Minio so we have to
+  # set it up ourselves.
+  setup-s3:
+    image: minio/mc:RELEASE.2024-07-26T13-08-44Z
+    depends_on:
+      - notesnook-s3
+    networks:
+      - notesnook
+    entrypoint: /bin/bash
+    env_file: *env-files
+    command:
+      - -c
+      - |
+        until mc alias set minio http://notesnook-s3:9000 ${MINIO_ROOT_USER:-minioadmin} ${MINIO_ROOT_PASSWORD:-minioadmin}; do
+          sleep 1;
+        done;
+        mc mb minio/attachments -p
+
+  identity-server:
+    image: streetwriters/identity:latest
+    ports:
+      - 8264
+    networks:
+      - notesnook
+      - proxy
+    env_file: *env-files
+    depends_on:
+      - notesnook-db
+    healthcheck:
+      test: wget --tries=1 -nv -q  http://localhost:8264/health -O- || exit 1
+      interval: 40s
+      timeout: 30s
+      retries: 3
+      start_period: 60s
+    environment:
+      <<: *server-discovery
+      MONGODB_CONNECTION_STRING: mongodb://notesnookdb:27017/identity?replSet=rs0
+      MONGODB_DATABASE_NAME: identity
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.identity-server.rule=Host(`notesnook.vhaudiquet.fr`) && PathPrefix(`/identity`)"
+      - "traefik.http.routers.identity-server.middlewares=identity-server,notesnook-server-cors"
+      - "traefik.http.middlewares.identity-server.stripprefix.prefixes=/identity"
+      - "traefik.docker.network=proxy"
+      - "traefik.http.routers.identity-server.entrypoints=http"
+      - "traefik.http.services.identity-server.loadbalancer.server.port=8264"
+
+  notesnook-server:
+    image: streetwriters/notesnook-sync:latest
+    ports:
+      - 5264
+    networks:
+      - notesnook
+      - proxy
+    env_file: *env-files
+    depends_on:
+      - notesnook-s3
+      - setup-s3
+      - identity-server
+    healthcheck:
+      test: wget --tries=1 -nv -q  http://localhost:5264/health -O- || exit 1
+      interval: 40s
+      timeout: 30s
+      retries: 3
+      start_period: 60s
+    environment:
+      <<: *server-discovery
+      MONGODB_CONNECTION_STRING: mongodb://notesnookdb:27017/?replSet=rs0
+      MONGODB_DATABASE_NAME: notesnook
+      S3_INTERNAL_SERVICE_URL: "http://notesnook-s3:9000"
+      S3_INTERNAL_BUCKET_NAME: "attachments"
+      S3_ACCESS_KEY_ID: "${MINIO_ROOT_USER:-minioadmin}"
+      S3_ACCESS_KEY: "${MINIO_ROOT_PASSWORD:-minioadmin}"
+      S3_SERVICE_URL: "${ATTACHMENTS_SERVER_PUBLIC_URL}"
+      S3_REGION: "us-east-1"
+      S3_BUCKET_NAME: "attachments"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.notesnook-server.rule=Host(`notesnook.vhaudiquet.fr`)"
+      - "traefik.docker.network=proxy"
+      - "traefik.http.routers.notesnook-server.entrypoints=http"
+      - "traefik.http.routers.notesnook-server.middlewares=notesnook-server-cors"
+      - "traefik.http.middlewares.notesnook-server-cors.headers.accesscontrolalloworiginlist=https://app.notesnook.com,http://localhost:3000,https://notesnook.vhaudiquet.fr"
+      - "traefik.http.middlewares.notesnook-server-cors.headers.accesscontrolallowmethods=GET,OPTIONS,PUT"
+      - "traefik.http.middlewares.notesnook-server-cors.headers.accesscontrolallowheaders=Authorization,*"
+      - "traefik.http.middlewares.notesnook-server-cors.headers.accesscontrolallowcredentials=true"
+  
+  sse-server:
+    image: streetwriters/sse:latest
+    ports:
+      - 7264
+    env_file: *env-files
+    depends_on:
+      - identity-server
+      - notesnook-server
+    networks:
+      - notesnook
+      - proxy
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.sse-server.rule=Host(`notesnook.vhaudiquet.fr`) && PathPrefix(`/sse`)"
+      - "traefik.http.routers.sse-server.middlewares=sse-server,notesnook-server-cors"
+      - "traefik.http.middlewares.sse-server.stripprefix.prefixes=/sse"
+      - "traefik.docker.network=proxy"
+      - "traefik.http.routers.sse-server.entrypoints=http"
+    healthcheck:
+      test: wget --tries=1 -nv -q  http://localhost:7264/health -O- || exit 1
+      interval: 40s
+      timeout: 30s
+      retries: 3
+      start_period: 60s
+    environment:
+      <<: *server-discovery
+
+  monograph-server:
+    image: streetwriters/monograph:latest
+    # ports:
+      # - 6264:3000
+    env_file: *env-files
+    depends_on:
+      - notesnook-server
+    networks:
+      - notesnook
+      - proxy
+    healthcheck:
+      test: wget --tries=1 -nv -q  http://localhost:3000/api/health -O- || exit 1
+      interval: 40s
+      timeout: 30s
+      retries: 3
+      start_period: 60s
+    environment:
+      <<: *server-discovery
+      API_HOST: http://notesnook-server:5264
+      PUBLIC_URL: ${MONOGRAPH_PUBLIC_URL}
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.monograph-server.rule=Host(`notesnook.vhaudiquet.fr`) && PathPrefix(`/monograph`)"
+      - "traefik.http.routers.monograph-server.middlewares=monograph-server,notesnook-server-cors"
+      - "traefik.http.middlewares.monograph-server.stripprefix.prefixes=/monograph"
+      - "traefik.docker.network=proxy"
+      - "traefik.http.routers.monograph-server.entrypoints=http"
+      - "traefik.http.services.monograph-server.loadbalancer.server.port=3000"
+  autoheal:
+    image: willfarrell/autoheal:latest
+    tty: true
+    restart: always
+    environment:
+      - AUTOHEAL_INTERVAL=60
+      - AUTOHEAL_START_PERIOD=300
+      - AUTOHEAL_DEFAULT_STOP_TIMEOUT=10
+    depends_on:
+      validate:
+        condition: service_completed_successfully
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+networks:
+  notesnook:
+
+  proxy:
+    name: proxy
+    external: true
+
+volumes:
+  dbdata:
+  s3data:

docker/tools/stirling-pdf/docker-compose.yml

@@ -0,0 +1,53 @@
+services:
+  stirling-pdf:
+    image: stirlingtools/stirling-pdf:latest
+    ports:
+      - '8080'
+    networks:
+      - default
+      - proxy
+    volumes:
+      - trainingData:/usr/share/tessdata # Required for extra OCR languages
+      - extraConfigs:/configs
+      - customFiles:/customFiles/
+      - logs:/logs/
+      - pipeline:/pipeline/
+    environment:
+      - DOCKER_ENABLE_SECURITY=false
+      - INSTALL_BOOK_AND_ADVANCED_HTML_OPS=false
+      - LANGS=en_GB,fr_FR
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.stirling-pdf.rule=Host(`stirling-pdf.local`)"
+
+volumes:
+  trainingData:
+    driver: local
+    driver_opts:
+      type: 'none'
+      o: 'bind'
+      device: '/app/stirling-pdf/trainingData'
+  extraConfigs:
+    driver: local
+    driver_opts:
+      type: 'none'
+      o: 'bind'
+      device: '/app/stirling-pdf/extraConfigs'
+  customFiles:
+    driver: local
+    driver_opts:
+      type: 'none'
+      o: 'bind'
+      device: '/app/stirling-pdf/customFiles'
+  pipeline:
+    driver: local
+    driver_opts:
+      type: 'none'
+      o: 'bind'
+      device: '/app/stirling-pdf/pipeline'
+  logs:
+
+networks:
+  proxy:
+    external: true
+    name: proxy