From 774e600cebc6bbfda084f6433906516809f7cb16 Mon Sep 17 00:00:00 2001 From: matthias Date: Tue, 23 Sep 2025 14:34:33 +0200 Subject: [PATCH] cleaned up and resorted --- homenetwork/gateway/gateway.yml | 16 +- homenetwork/nas/magicmirror.yml | 17 ++ .../nas/nextcloud-fpm/docker-compose.yml | 141 -------------- .../nas/nextcloud-fpm/nc-fpm/Dockerfile | 13 -- .../nas/nextcloud-fpm/nginx/Dockerfile | 11 -- .../nas/nextcloud-fpm/nginx/nginx.conf | 175 ------------------ .../nas/nextcloud-fpm/redis/Dockerfile | 6 - homenetwork/nas/nextcloud-fpm/start.sh | 3 - homenetwork/nas/openvpn.sh | 16 -- homenetwork/nas/rclone-start.sh | 2 - homenetwork/nas/rclone_nextcloud.yml | 33 ---- homenetwork/nas/rclone_storage.yml | 94 ---------- homenetwork/nas/vaultwarden.yml | 35 ---- homenetwork/swarm/grafana.yml | 125 ------------- homenetwork/swarm/magicmirror.yml | 40 ---- homenetwork/swarm/portainer-agent-stack.yml | 39 ---- homenetwork/swarm/start.sh | 2 - 17 files changed, 21 insertions(+), 747 deletions(-) create mode 100644 homenetwork/nas/magicmirror.yml delete mode 100644 homenetwork/nas/nextcloud-fpm/docker-compose.yml delete mode 100644 homenetwork/nas/nextcloud-fpm/nc-fpm/Dockerfile delete mode 100644 homenetwork/nas/nextcloud-fpm/nginx/Dockerfile delete mode 100644 homenetwork/nas/nextcloud-fpm/nginx/nginx.conf delete mode 100644 homenetwork/nas/nextcloud-fpm/redis/Dockerfile delete mode 100755 homenetwork/nas/nextcloud-fpm/start.sh delete mode 100755 homenetwork/nas/openvpn.sh delete mode 100755 homenetwork/nas/rclone-start.sh delete mode 100644 homenetwork/nas/rclone_nextcloud.yml delete mode 100644 homenetwork/nas/rclone_storage.yml delete mode 100644 homenetwork/nas/vaultwarden.yml delete mode 100644 homenetwork/swarm/grafana.yml delete mode 100644 homenetwork/swarm/magicmirror.yml delete mode 100644 homenetwork/swarm/portainer-agent-stack.yml delete mode 100755 homenetwork/swarm/start.sh diff --git a/homenetwork/gateway/gateway.yml b/homenetwork/gateway/gateway.yml index 7540a7a..9a6c737 100644 --- a/homenetwork/gateway/gateway.yml +++ b/homenetwork/gateway/gateway.yml @@ -8,19 +8,12 @@ services: - PUID=1000 - PGID=100 - TZ=Etc/UTC -# - URL=vbchaos.nl - URL=mitscherlich.nl - VALIDATION=http -# - SUBDOMAINS=wildcard - SUBDOMAINS=nc,esp,git,jenkins,registry,registrybrowser,svn,vpn,vaultwarden,collabora -# - CERTPROVIDER= #optional -# - DNSPLUGIN=cloudflare #optional -# - PROPAGATION= #optional - - EMAIL= matthias.mitscherlich@gmail.com -# - ONLY_SUBDOMAINS=false #optional +# - EMAIL= matthias@mitscherlich.nl - ONLY_SUBDOMAINS=true - EXTRA_DOMAINS=nc.vbchaos.nl,vaultwarden.vbchaos.nl,vpn.vbchaos.nl,registry.vbchaos.nl,git.vbchaos.nl #optional - - STAGING=false #optional volumes: - /docker_config/swag:/config ports: @@ -37,7 +30,7 @@ services: ports: - 5555:80 environment: - - DOMAIN=https://vaultwarden.vbchaos.nl + - DOMAIN=https://vaultwarden.mitscherlich.nl - LOGIN_RATELIMIT_MAX_BURST=10 - LOGIN_RATELIMIT_SECONDS=60 - ADMIN_RATELIMIT_MAX_BURST=10 @@ -50,7 +43,7 @@ services: - SIGNUPS_VERIFY=true - SIGNUPS_VERIFY_RESEND_TIME=3600 - SIGNUPS_VERIFY_RESEND_LIMIT=5 - - SIGNUPS_DOMAINS_WHITELIST=vbchaos.nl + - SIGNUPS_DOMAINS_WHITELIST=vbchaos.nl,mitscherlich.nl - SMTP_HOST=smtp.gmail.com - SMTP_FROM=vaultwarden@vbchaos.nl - SMTP_FROM_NAME=Vaultwarden @@ -76,8 +69,7 @@ services: go-transip-dyndns: build: context: ./transip -# image: jlentink/go-transip-dyndns:latest -# container_name: go-transip-dyndns + container_name: transip-dyndns volumes: - ./go-transip-dyndns.toml:/etc/go-transip-dyndns.toml restart: unless-stopped diff --git a/homenetwork/nas/magicmirror.yml b/homenetwork/nas/magicmirror.yml new file mode 100644 index 0000000..dc58c50 --- /dev/null +++ b/homenetwork/nas/magicmirror.yml @@ -0,0 +1,17 @@ +services: + magicmirror: + image: karsten13/magicmirror:latest + ports: + - "8083:8080" + volumes: + - magicmirror_config:/opt/magic_mirror/config + - magicmirror_modules:/opt/magic_mirror/modules + - magicmirror_css:/opt/magic_mirror/css + restart: unless-stopped + command: + - npm + - run + - server + deploy: + placement: + constraints: [node.labels.isDNS == false] diff --git a/homenetwork/nas/nextcloud-fpm/docker-compose.yml b/homenetwork/nas/nextcloud-fpm/docker-compose.yml deleted file mode 100644 index 7eabe7e..0000000 --- a/homenetwork/nas/nextcloud-fpm/docker-compose.yml +++ /dev/null @@ -1,141 +0,0 @@ -version: "3" - -volumes: - nchome: - driver: local - driver_opts: - type: none - o: bind - device: /srv/dev-disk-by-uuid-9033ccb2-df6d-46a3-9996-99a0d4d34688/nextcloud/home - ncdb: - driver: local - driver_opts: - type: none - o: bind - device: /srv/dev-disk-by-uuid-9033ccb2-df6d-46a3-9996-99a0d4d34688/nextcloud/database - ncdata: - driver: local - driver_opts: - type: none - o: bind - device: /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/nextcloud/storage - - -services: - db: - image: mariadb:10.6 - restart: always - command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW - volumes: - - ncdb:/var/lib/mysql:Z - environment: - - MYSQL_ROOT_PASSWORD=rootpw - - MYSQL_PASSWORD=password - - MYSQL_DATABASE=nextcloud - - MYSQL_USER=nextcloud - - aio-imaginary: - image: nextcloud/aio-imaginary:latest - restart: always - environment: - - PORT=9000 - ports: - - 9999:9000 - command: -concurrency 50 -enable-url-source - - nextcloud: - build: - context: ./nc-fpm - args: - UID: ${MUID} - GID: ${MGID} - restart: always - links: - - db - volumes: - - nchome:/var/www/html:z - - ncdata:/var/www/html/data - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/:/ex_storage/ - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/fearium:/ex_storage/bands/fearium - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/breakpointnine:/ex_storage/bands/breakpointnine - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/lastfloorright:/ex_storage/bands/lastfloorright - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/nofunkallowed:/ex_storage/bands/nofunkallowed - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/music:/ex_storage/music - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/video:/ex_storage/video - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/repositories:/ex_storage/repositories - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/hwsw:/ex_storage/hwsw - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/timelapse:/ex_storage/timelapse - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/pictures:/ex_storage/pictures - - environment: - - MYSQL_PASSWORD=password - - MYSQL_DATABASE=nextcloud - - MYSQL_USER=nextcloud - - MYSQL_HOST=db - - REDIS_HOST=redis - -# collabora: -# image: collabora/code:latest -# restart: unless-stopped -# environment: -# - password=password -# - username=nextcloud -# - extra_params=--o:ssl.enable=true -# ports: -# - 9980:9980 - - - nginx: - build: - context: ./nginx - args: - UID: ${MUID} - GID: ${MGID} - restart: always - ports: - - 8888:80 - links: - - nextcloud - volumes: - - nchome:/var/www/html:z,ro - - redis: - build: - context: ./redis - args: - UID: ${MUID} - GID: ${MGID} - restart: always - - cron: - build: - context: ./nc-fpm - args: - UID: ${MUID} - GID: ${MGID} - restart: always - volumes: - - nchome:/var/www/html:z - - ncdata:/var/www/html/data - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/:/ex_storage/ - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/fearium:/ex_storage/bands/fearium - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/breakpointnine:/ex_storage/bands/breakpointnine - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/lastfloorright:/ex_storage/bands/lastfloorright - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/nofunkallowed:/ex_storage/bands/nofunkallowed - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/music:/ex_storage/music - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/video:/ex_storage/video - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/repositories:/ex_storage/repositories - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/hwsw:/ex_storage/hwsw - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/timelapse:/ex_storage/timelapse - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/pictures:/ex_storage/pictures - - environment: - - MYSQL_PASSWORD=password - - MYSQL_DATABASE=nextcloud - - MYSQL_USER=nextcloud - - MYSQL_HOST=db - - REDIS_HOST=redis - entrypoint: /cron.sh - depends_on: - - nextcloud - diff --git a/homenetwork/nas/nextcloud-fpm/nc-fpm/Dockerfile b/homenetwork/nas/nextcloud-fpm/nc-fpm/Dockerfile deleted file mode 100644 index 08834be..0000000 --- a/homenetwork/nas/nextcloud-fpm/nc-fpm/Dockerfile +++ /dev/null @@ -1,13 +0,0 @@ -FROM nextcloud:fpm - -ARG UID=1000 -ARG GID=1000 - -#RUN adduser --system --no-create-home --home /nonexistent --gecos 'www-data user' --shell /bin/false --uid 82 www-data -RUN usermod -u $UID -o www-data -RUN apt update \ - && apt -y install libmagickcore-6.q16-6-extra ffmpeg imagemagick ghostscript \ - && apt clean - -# Add custom cron job for previews -RUN echo '*/15 * * * * php /var/www/html/occ preview:pre-generate' >> /var/spool/cron/crontabs/www-data diff --git a/homenetwork/nas/nextcloud-fpm/nginx/Dockerfile b/homenetwork/nas/nextcloud-fpm/nginx/Dockerfile deleted file mode 100644 index 5e76d82..0000000 --- a/homenetwork/nas/nextcloud-fpm/nginx/Dockerfile +++ /dev/null @@ -1,11 +0,0 @@ -#FROM nginx:alpine -FROM nginx:bullseye - -ARG UID=1000 -ARG GID=1000 - -RUN usermod -u $UID -o www-data - -#RUN adduser --system --no-create-home --home /nonexistent --gecos 'www-data user' --shell /bin/false --uid $UID www-data - -COPY nginx.conf /etc/nginx/nginx.conf diff --git a/homenetwork/nas/nextcloud-fpm/nginx/nginx.conf b/homenetwork/nas/nextcloud-fpm/nginx/nginx.conf deleted file mode 100644 index 7b6e48c..0000000 --- a/homenetwork/nas/nextcloud-fpm/nginx/nginx.conf +++ /dev/null @@ -1,175 +0,0 @@ -user www-data; -worker_processes auto; - -error_log /var/log/nginx/error.log warn; -pid /var/run/nginx.pid; - - -events { - worker_connections 1024; -} - - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - #tcp_nopush on; - - # Prevent nginx HTTP Server Detection - server_tokens off; - - keepalive_timeout 65; - - #gzip on; - - upstream php-handler { - server nextcloud:9000; - } - - - server { - listen 80; - - # HSTS settings - # WARNING: Only add the preload option once you read about - # the consequences in https://hstspreload.org/. This option - # will add the domain to a hardcoded list that is shipped - # in all major browsers and getting removed from this list - # could take several months. - #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always; - - # set max upload size - client_max_body_size 512M; - fastcgi_buffers 64 4K; - - # Enable gzip but do not remove ETag headers - gzip on; - gzip_vary on; - gzip_comp_level 4; - gzip_min_length 256; - gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; - gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; - - # Pagespeed is not supported by Nextcloud, so if your server is built - # with the `ngx_pagespeed` module, uncomment this line to disable it. - #pagespeed off; - - # HTTP response headers borrowed from Nextcloud `.htaccess` - add_header Referrer-Policy "no-referrer" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-Download-Options "noopen" always; - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Permitted-Cross-Domain-Policies "none" always; - add_header X-Robots-Tag "noindex, nofollow" always; - add_header X-XSS-Protection "1; mode=block" always; - - # Remove X-Powered-By, which is an information leak - fastcgi_hide_header X-Powered-By; - - # Path to the root of your installation - root /var/www/html; - - # Specify how to handle directories -- specifying `/index.php$request_uri` - # here as the fallback means that Nginx always exhibits the desired behaviour - # when a client requests a path that corresponds to a directory that exists - # on the server. In particular, if that directory contains an index.php file, - # that file is correctly served; if it doesn't, then the request is passed to - # the front-end controller. This consistent behaviour means that we don't need - # to specify custom rules for certain paths (e.g. images and other assets, - # `/updater`, `/ocm-provider`, `/ocs-provider`), and thus - # `try_files $uri $uri/ /index.php$request_uri` - # always provides the desired behaviour. - index index.php index.html /index.php$request_uri; - - # Rule borrowed from `.htaccess` to handle Microsoft DAV clients - location = / { - if ( $http_user_agent ~ ^DavClnt ) { - return 302 /remote.php/webdav/$is_args$args; - } - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - # Make a regex exception for `/.well-known` so that clients can still - # access it despite the existence of the regex rule - # `location ~ /(\.|autotest|...)` which would otherwise handle requests - # for `/.well-known`. - location ^~ /.well-known { - # The rules in this block are an adaptation of the rules - # in `.htaccess` that concern `/.well-known`. - - location = /.well-known/carddav { return 301 /remote.php/dav/; } - location = /.well-known/caldav { return 301 /remote.php/dav/; } - - location /.well-known/acme-challenge { try_files $uri $uri/ =404; } - location /.well-known/pki-validation { try_files $uri $uri/ =404; } - - # Let Nextcloud's API for `/.well-known` URIs handle all other - # requests by passing them to the front-end controller. - return 301 /index.php$request_uri; - } - - # Rules borrowed from `.htaccess` to hide certain paths from clients - location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; } - location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; } - - # Ensure this block, which passes PHP files to the PHP process, is above the blocks - # which handle static assets (as seen below). If this block is not declared first, - # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php` - # to the URI, resulting in a HTTP 500 error response. - location ~ \.php(?:$|/) { - # Required for legacy support - rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri; - - fastcgi_split_path_info ^(.+?\.php)(/.*)$; - set $path_info $fastcgi_path_info; - - try_files $fastcgi_script_name =404; - - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param PATH_INFO $path_info; - #fastcgi_param HTTPS on; - - fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice - fastcgi_param front_controller_active true; # Enable pretty urls - fastcgi_pass php-handler; - - fastcgi_intercept_errors on; - fastcgi_request_buffering off; - } - - location ~ \.(?:css|js|svg|gif)$ { - try_files $uri /index.php$request_uri; - expires 6M; # Cache-Control policy borrowed from `.htaccess` - access_log off; # Optional: Don't log access to assets - } - - location ~ \.woff2?$ { - try_files $uri /index.php$request_uri; - expires 7d; # Cache-Control policy borrowed from `.htaccess` - access_log off; # Optional: Don't log access to assets - } - - # Rule borrowed from `.htaccess` - location /remote { - return 301 /remote.php$request_uri; - } - - location / { - try_files $uri $uri/ /index.php$request_uri; - } - } -} diff --git a/homenetwork/nas/nextcloud-fpm/redis/Dockerfile b/homenetwork/nas/nextcloud-fpm/redis/Dockerfile deleted file mode 100644 index 5770389..0000000 --- a/homenetwork/nas/nextcloud-fpm/redis/Dockerfile +++ /dev/null @@ -1,6 +0,0 @@ -FROM redis:latest - -ARG UID=1000 -ARG GID=1000 - -RUN usermod -u $UID -o www-data diff --git a/homenetwork/nas/nextcloud-fpm/start.sh b/homenetwork/nas/nextcloud-fpm/start.sh deleted file mode 100755 index 58e6caf..0000000 --- a/homenetwork/nas/nextcloud-fpm/start.sh +++ /dev/null @@ -1,3 +0,0 @@ -MUID="$(id -u www-data)" MGID="$(id -g www-data)" docker-compose build --no-cache -MUID="$(id -u www-data)" MGID="$(id -g www-data)" docker-compose up -d --force-recreate - diff --git a/homenetwork/nas/openvpn.sh b/homenetwork/nas/openvpn.sh deleted file mode 100755 index 683cec0..0000000 --- a/homenetwork/nas/openvpn.sh +++ /dev/null @@ -1,16 +0,0 @@ -OVPN_DATA="ovpn_data" -CLIENTNAME="matthias" - -IMAGE=giggio/openvpn-arm -#IMAGE=kylemanna/openvpn - -# Create the docker volume to store certificates and configuration -docker volume create --opt type=none --opt o=bind --opt device=/docker_config/openvpn --name $OVPN_DATA -docker run -v $OVPN_DATA:/etc/openvpn --rm $IMAGE ovpn_genconfig -u udp://vpn.vbchaos.nl -docker run -v $OVPN_DATA:/etc/openvpn --rm -it $IMAGE ovpn_initpki - -docker run -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp --name OpenVPN --cap-add=NET_ADMIN --device=/dev/net/tun $IMAGE - -docker run -v $OVPN_DATA:/etc/openvpn --rm -it $IMAGE easyrsa build-client-full $CLIENTNAME nopass - -docker run -v $OVPN_DATA:/etc/openvpn --rm $IMAGE ovpn_getclient $CLIENTNAME > $CLIENTNAME.ovpn diff --git a/homenetwork/nas/rclone-start.sh b/homenetwork/nas/rclone-start.sh deleted file mode 100755 index 96e7972..0000000 --- a/homenetwork/nas/rclone-start.sh +++ /dev/null @@ -1,2 +0,0 @@ -docker compose -f rclone_storage.yml up -d -docker compose -f rclone_nextcloud.yml up -d diff --git a/homenetwork/nas/rclone_nextcloud.yml b/homenetwork/nas/rclone_nextcloud.yml deleted file mode 100644 index da8700f..0000000 --- a/homenetwork/nas/rclone_nextcloud.yml +++ /dev/null @@ -1,33 +0,0 @@ - -name: backup_nextcloud - -services: - nc_storage: - image: registry.vbchaos.nl/rclone - container_name: backup_nextcloud_storage - environment: - - COMMAND=rclone copy -v /backup/ stackstorage:/julien/nextcloud/storage --exclude=storage/appdata_*/** - - CRON_SCHEDULE=0 0-23/1 * * * - volumes: - - ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/nextcloud:/backup - - nc_home: - image: registry.vbchaos.nl/rclone - container_name: backup_nextcloud_home - environment: - - COMMAND=rclone copy -v /backup/ stackstorage:/julien/nextcloud/home - - CRON_SCHEDULE=0 0-23/1 * * * * - volumes: - - ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf - - /srv/dev-disk-by-uuid-9033ccb2-df6d-46a3-9996-99a0d4d34688/nextcloud/home:/backup - - nc_db: - image: registry.vbchaos.nl/rclone - container_name: backup_nextcloud_database - environment: - - COMMAND=rclone copy -v /backup/ stackstorage:/julien/nextcloud/database - - CRON_SCHEDULE=0 0-23/1 * * * * - volumes: - - ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf - - /srv/dev-disk-by-uuid-9033ccb2-df6d-46a3-9996-99a0d4d34688/nextcloud/database:/backup diff --git a/homenetwork/nas/rclone_storage.yml b/homenetwork/nas/rclone_storage.yml deleted file mode 100644 index 3c6454c..0000000 --- a/homenetwork/nas/rclone_storage.yml +++ /dev/null @@ -1,94 +0,0 @@ - -name: backup_storage - -services: - docker_config: - image: registry.vbchaos.nl/rclone - container_name: backup_docker_config - environment: - - COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/docker_config - - CRON_SCHEDULE=0 1-23/4 * * * - volumes: - - ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/docker_config:/backup - - bands: - image: registry.vbchaos.nl/rclone - container_name: backup_bands - environment: - - COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/bands - - CRON_SCHEDULE=0 1-23/4 * * * - volumes: - - ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands:/backup - - hwsw: - image: registry.vbchaos.nl/rclone - container_name: backup_hwsw - environment: - - COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/hwsw - - CRON_SCHEDULE=0 1-23/4 * * * - volumes: - - ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/hwsw:/backup - - music: - image: registry.vbchaos.nl/rclone - container_name: bs_music - environment: - - COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/music - - CRON_SCHEDULE=0 2-23/4 * * * - volumes: - - ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/music:/backup - - pictures: - image: registry.vbchaos.nl/rclone - container_name: backup_pictures - environment: - - COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/pictures - - CRON_SCHEDULE=0 2-23/4 * * * - volumes: - - ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/pictures:/backup - - repositories: - image: registry.vbchaos.nl/rclone - container_name: backup_repositories - environment: - - COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/repositories - - CRON_SCHEDULE=0 2-23/4 * * * - volumes: - - ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/repositories:/backup - - video: - image: registry.vbchaos.nl/rclone - container_name: backup_video - environment: - - COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/video - - CRON_SCHEDULE=0 2-23/4 * * * - volumes: - - ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/video:/backup - - work: - image: registry.vbchaos.nl/rclone - container_name: backup_work - environment: - - COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/work - - CRON_SCHEDULE=0 2-23/4 * * * - volumes: - - ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/work:/backup - - timelapse: - image: registry.vbchaos.nl/rclone - container_name: backup_timelapse - environment: - - COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/timelapse - - CRON_SCHEDULE=0 0 * * * - volumes: - - ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/timelapse:/backup - diff --git a/homenetwork/nas/vaultwarden.yml b/homenetwork/nas/vaultwarden.yml deleted file mode 100644 index 83d9d9a..0000000 --- a/homenetwork/nas/vaultwarden.yml +++ /dev/null @@ -1,35 +0,0 @@ -version: '3' - -services: - vaultwarden: - container_name: vaultwarden - image: vaultwarden/server:latest - restart: unless-stopped - volumes: - - /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/docker_config/vaultwarden:/data/ - ports: - - 5555:80 - environment: - - DOMAIN=https://vaultwarden.vbchaos.nl - - LOGIN_RATELIMIT_MAX_BURST=10 - - LOGIN_RATELIMIT_SECONDS=60 - - ADMIN_RATELIMIT_MAX_BURST=10 - - ADMIN_RATELIMIT_SECONDS=2 - - ADMIN_TOKEN=$$argon2id$$v=19$$m=65540,t=3,p=4$$Vv4wT0EpGslsEAHpgw+U1FwxUQjguK9qkwJQB7WLP+k$$7lBaj+G9jLyXj5MxC2RqNGyGw0/vjOzcgwk4ArN6BVM - - SENDS_ALLOWED=true - - EMERGENCY_ACCESS_ALLOWED=true - - WEB_VAULT_ENABLED=true - - SIGNUPS_ALLOWED=false - - SIGNUPS_VERIFY=false - - SIGNUPS_VERIFY_RESEND_TIME=3600 - - SIGNUPS_VERIFY_RESEND_LIMIT=5 -# - SIGNUPS_DOMAINS_WHITELIST=vbchaos.nl,hotmail.com,gmail.com - - SMTP_HOST=smtp.gmail.com - - SMTP_FROM=vaultwarden@vbchaos.nl - - SMTP_FROM_NAME=Vaultwarden - - SMTP_SECURITY=starttls - - SMTP_PORT=587 - - SMTP_USERNAME=matthias.mitscherlich@gmail.com - - SMTP_PASSWORD=oomgyoiqepsqaikn - - SMTP_AUTH_MECHANISM="Login" - diff --git a/homenetwork/swarm/grafana.yml b/homenetwork/swarm/grafana.yml deleted file mode 100644 index 009d37a..0000000 --- a/homenetwork/swarm/grafana.yml +++ /dev/null @@ -1,125 +0,0 @@ -version: '3.8' - -networks: - grafana_network: - driver: overlay - attachable: true - -configs: - prometheus_config: - external: true - -volumes: - prometheus_data: - driver_opts: - type: nfs - o: addr=dockerstorage,nfsvers=4 - device: :/grafana_tmp_data/prometheus - - grafana_data: - driver_opts: - type: nfs - o: addr=dockerstorage,nfsvers=4 - device: :/grafana_tmp_data/grafana - - loki_data: - driver_opts: - type: nfs - o: addr=dockerstorage,nfsvers=4 - device: :/grafana_tmp_data/loki - - - -services: - -# loki: -# image: grafana/loki:2.6.1 -# user: "0:0" -# volumes: -# - loki_data:/loki -# ports: -# - "3100:3100" -# command: -config.file=/etc/loki/local-config.yaml - -# promtail: -# image: grafana/promtail:2.6.1 -# user: "0:0" -# volumes: -# - /var/log:/var/log -# command: -config.file=/etc/promtail/config.yml - - prometheus: -# user: "0:0" - hostname: prometheus - image: prom/prometheus - environment: - - TZ=Europe/Berlin #change Time Zone if needed - configs: - - source: prometheus_config - target: /etc/prometheus/prometheus.yml - volumes: - - prometheus_data:/prometheus - command: - - '--config.file=/etc/prometheus/prometheus.yml' - networks: - - grafana_network - ports: - - 9090:9090 - deploy: - placement: - constraints: [node.labels.isDNS == false] - - grafana: -# user: "0:0" - hostname: grafana - image: grafana/grafana - environment: - - TZ=Europe/Amsterdam -# configs: -# - source: grafana_config -# target: /etc/grafana/grafana.ini - volumes: - - grafana_data:/var/lib/grafana - networks: - - grafana_network - ports: - - 3300:3000 - deploy: - placement: - constraints: [node.labels.isDNS == false] - - - node-exporter: - image: prom/node-exporter:latest - deploy: - mode: global - volumes: - - /proc:/host/proc:ro - - /sys:/host/sys:ro - - /:/rootfs:ro - command: - - '--path.procfs=/host/proc' - - '--path.rootfs=/rootfs' - - '--path.sysfs=/host/sys' - - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)' - networks: - - grafana_network - ports: - - "9100:9100" - deploy: - mode: global - - tado-exporter: - image: registry.vbchaos.nl/tado-exporter:arm64 - hostname: tado-exporter - environment: - EXPORTER_USERNAME: matthias.mitscherlich@gmail.com - EXPORTER_PASSWORD: 14Mai1984 - networks: - - grafana_network - ports: - - "9898:9898" - deploy: - placement: - constraints: [node.labels.isDNS == false] - diff --git a/homenetwork/swarm/magicmirror.yml b/homenetwork/swarm/magicmirror.yml deleted file mode 100644 index 8ac1eab..0000000 --- a/homenetwork/swarm/magicmirror.yml +++ /dev/null @@ -1,40 +0,0 @@ -version: '3' - -volumes: - magicmirror_config: - driver_opts: - type: nfs - o: addr=dockerstorage,nfsvers=4 - device: :/docker_config/magicmirror/config - - magicmirror_modules: - driver_opts: - type: nfs - o: addr=dockerstorage,nfsvers=4 - device: :/docker_config/magicmirror/modules - - magicmirror_css: - driver_opts: - type: nfs - o: addr=dockerstorage,nfsvers=4 - device: :/docker_config/magicmirror/css - - -services: - magicmirror: - image: karsten13/magicmirror:latest - ports: - - "8083:8080" - volumes: - - magicmirror_config:/opt/magic_mirror/config - - magicmirror_modules:/opt/magic_mirror/modules - - magicmirror_css:/opt/magic_mirror/css - restart: unless-stopped - command: - - npm - - run - - server - deploy: - placement: - constraints: [node.labels.isDNS == false] - diff --git a/homenetwork/swarm/portainer-agent-stack.yml b/homenetwork/swarm/portainer-agent-stack.yml deleted file mode 100644 index dc6876c..0000000 --- a/homenetwork/swarm/portainer-agent-stack.yml +++ /dev/null @@ -1,39 +0,0 @@ -version: '3.2' - -services: - agent: - image: portainer/agent:2.19.4 - volumes: - - /var/run/docker.sock:/var/run/docker.sock - - /var/lib/docker/volumes:/var/lib/docker/volumes - networks: - - agent_network - deploy: - mode: global - placement: - constraints: [node.platform.os == linux] - - portainer: - image: portainer/portainer-ce:2.19.4 - command: -H tcp://tasks.agent:9001 --tlsskipverify - ports: - - "9443:9443" - - "9000:9000" - - "8000:8000" - volumes: - - portainer_data:/data - networks: - - agent_network - deploy: - mode: replicated - replicas: 1 - placement: - constraints: [node.role == manager] - -networks: - agent_network: - driver: overlay - attachable: true - -volumes: - portainer_data: diff --git a/homenetwork/swarm/start.sh b/homenetwork/swarm/start.sh deleted file mode 100755 index 1a62a81..0000000 --- a/homenetwork/swarm/start.sh +++ /dev/null @@ -1,2 +0,0 @@ -docker stack deploy -c portainer-agent-stack.yml portainer -docker stack deploy -c grafana.yml --with-registry-auth grafana