cleaned up and resorted
This commit is contained in:
@@ -8,19 +8,12 @@ services:
|
||||
- PUID=1000
|
||||
- PGID=100
|
||||
- TZ=Etc/UTC
|
||||
# - URL=vbchaos.nl
|
||||
- URL=mitscherlich.nl
|
||||
- VALIDATION=http
|
||||
# - SUBDOMAINS=wildcard
|
||||
- SUBDOMAINS=nc,esp,git,jenkins,registry,registrybrowser,svn,vpn,vaultwarden,collabora
|
||||
# - CERTPROVIDER= #optional
|
||||
# - DNSPLUGIN=cloudflare #optional
|
||||
# - PROPAGATION= #optional
|
||||
- EMAIL= matthias.mitscherlich@gmail.com
|
||||
# - ONLY_SUBDOMAINS=false #optional
|
||||
# - EMAIL= matthias@mitscherlich.nl
|
||||
- ONLY_SUBDOMAINS=true
|
||||
- EXTRA_DOMAINS=nc.vbchaos.nl,vaultwarden.vbchaos.nl,vpn.vbchaos.nl,registry.vbchaos.nl,git.vbchaos.nl #optional
|
||||
- STAGING=false #optional
|
||||
volumes:
|
||||
- /docker_config/swag:/config
|
||||
ports:
|
||||
@@ -37,7 +30,7 @@ services:
|
||||
ports:
|
||||
- 5555:80
|
||||
environment:
|
||||
- DOMAIN=https://vaultwarden.vbchaos.nl
|
||||
- DOMAIN=https://vaultwarden.mitscherlich.nl
|
||||
- LOGIN_RATELIMIT_MAX_BURST=10
|
||||
- LOGIN_RATELIMIT_SECONDS=60
|
||||
- ADMIN_RATELIMIT_MAX_BURST=10
|
||||
@@ -50,7 +43,7 @@ services:
|
||||
- SIGNUPS_VERIFY=true
|
||||
- SIGNUPS_VERIFY_RESEND_TIME=3600
|
||||
- SIGNUPS_VERIFY_RESEND_LIMIT=5
|
||||
- SIGNUPS_DOMAINS_WHITELIST=vbchaos.nl
|
||||
- SIGNUPS_DOMAINS_WHITELIST=vbchaos.nl,mitscherlich.nl
|
||||
- SMTP_HOST=smtp.gmail.com
|
||||
- SMTP_FROM=vaultwarden@vbchaos.nl
|
||||
- SMTP_FROM_NAME=Vaultwarden
|
||||
@@ -76,8 +69,7 @@ services:
|
||||
go-transip-dyndns:
|
||||
build:
|
||||
context: ./transip
|
||||
# image: jlentink/go-transip-dyndns:latest
|
||||
# container_name: go-transip-dyndns
|
||||
container_name: transip-dyndns
|
||||
volumes:
|
||||
- ./go-transip-dyndns.toml:/etc/go-transip-dyndns.toml
|
||||
restart: unless-stopped
|
||||
|
||||
@@ -0,0 +1,17 @@
|
||||
services:
|
||||
magicmirror:
|
||||
image: karsten13/magicmirror:latest
|
||||
ports:
|
||||
- "8083:8080"
|
||||
volumes:
|
||||
- magicmirror_config:/opt/magic_mirror/config
|
||||
- magicmirror_modules:/opt/magic_mirror/modules
|
||||
- magicmirror_css:/opt/magic_mirror/css
|
||||
restart: unless-stopped
|
||||
command:
|
||||
- npm
|
||||
- run
|
||||
- server
|
||||
deploy:
|
||||
placement:
|
||||
constraints: [node.labels.isDNS == false]
|
||||
@@ -1,141 +0,0 @@
|
||||
version: "3"
|
||||
|
||||
volumes:
|
||||
nchome:
|
||||
driver: local
|
||||
driver_opts:
|
||||
type: none
|
||||
o: bind
|
||||
device: /srv/dev-disk-by-uuid-9033ccb2-df6d-46a3-9996-99a0d4d34688/nextcloud/home
|
||||
ncdb:
|
||||
driver: local
|
||||
driver_opts:
|
||||
type: none
|
||||
o: bind
|
||||
device: /srv/dev-disk-by-uuid-9033ccb2-df6d-46a3-9996-99a0d4d34688/nextcloud/database
|
||||
ncdata:
|
||||
driver: local
|
||||
driver_opts:
|
||||
type: none
|
||||
o: bind
|
||||
device: /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/nextcloud/storage
|
||||
|
||||
|
||||
services:
|
||||
db:
|
||||
image: mariadb:10.6
|
||||
restart: always
|
||||
command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
|
||||
volumes:
|
||||
- ncdb:/var/lib/mysql:Z
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=rootpw
|
||||
- MYSQL_PASSWORD=password
|
||||
- MYSQL_DATABASE=nextcloud
|
||||
- MYSQL_USER=nextcloud
|
||||
|
||||
aio-imaginary:
|
||||
image: nextcloud/aio-imaginary:latest
|
||||
restart: always
|
||||
environment:
|
||||
- PORT=9000
|
||||
ports:
|
||||
- 9999:9000
|
||||
command: -concurrency 50 -enable-url-source
|
||||
|
||||
nextcloud:
|
||||
build:
|
||||
context: ./nc-fpm
|
||||
args:
|
||||
UID: ${MUID}
|
||||
GID: ${MGID}
|
||||
restart: always
|
||||
links:
|
||||
- db
|
||||
volumes:
|
||||
- nchome:/var/www/html:z
|
||||
- ncdata:/var/www/html/data
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/:/ex_storage/
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/fearium:/ex_storage/bands/fearium
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/breakpointnine:/ex_storage/bands/breakpointnine
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/lastfloorright:/ex_storage/bands/lastfloorright
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/nofunkallowed:/ex_storage/bands/nofunkallowed
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/music:/ex_storage/music
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/video:/ex_storage/video
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/repositories:/ex_storage/repositories
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/hwsw:/ex_storage/hwsw
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/timelapse:/ex_storage/timelapse
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/pictures:/ex_storage/pictures
|
||||
|
||||
environment:
|
||||
- MYSQL_PASSWORD=password
|
||||
- MYSQL_DATABASE=nextcloud
|
||||
- MYSQL_USER=nextcloud
|
||||
- MYSQL_HOST=db
|
||||
- REDIS_HOST=redis
|
||||
|
||||
# collabora:
|
||||
# image: collabora/code:latest
|
||||
# restart: unless-stopped
|
||||
# environment:
|
||||
# - password=password
|
||||
# - username=nextcloud
|
||||
# - extra_params=--o:ssl.enable=true
|
||||
# ports:
|
||||
# - 9980:9980
|
||||
|
||||
|
||||
nginx:
|
||||
build:
|
||||
context: ./nginx
|
||||
args:
|
||||
UID: ${MUID}
|
||||
GID: ${MGID}
|
||||
restart: always
|
||||
ports:
|
||||
- 8888:80
|
||||
links:
|
||||
- nextcloud
|
||||
volumes:
|
||||
- nchome:/var/www/html:z,ro
|
||||
|
||||
redis:
|
||||
build:
|
||||
context: ./redis
|
||||
args:
|
||||
UID: ${MUID}
|
||||
GID: ${MGID}
|
||||
restart: always
|
||||
|
||||
cron:
|
||||
build:
|
||||
context: ./nc-fpm
|
||||
args:
|
||||
UID: ${MUID}
|
||||
GID: ${MGID}
|
||||
restart: always
|
||||
volumes:
|
||||
- nchome:/var/www/html:z
|
||||
- ncdata:/var/www/html/data
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/:/ex_storage/
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/fearium:/ex_storage/bands/fearium
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/breakpointnine:/ex_storage/bands/breakpointnine
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/lastfloorright:/ex_storage/bands/lastfloorright
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands/nofunkallowed:/ex_storage/bands/nofunkallowed
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/music:/ex_storage/music
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/video:/ex_storage/video
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/repositories:/ex_storage/repositories
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/hwsw:/ex_storage/hwsw
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/timelapse:/ex_storage/timelapse
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/pictures:/ex_storage/pictures
|
||||
|
||||
environment:
|
||||
- MYSQL_PASSWORD=password
|
||||
- MYSQL_DATABASE=nextcloud
|
||||
- MYSQL_USER=nextcloud
|
||||
- MYSQL_HOST=db
|
||||
- REDIS_HOST=redis
|
||||
entrypoint: /cron.sh
|
||||
depends_on:
|
||||
- nextcloud
|
||||
|
||||
@@ -1,13 +0,0 @@
|
||||
FROM nextcloud:fpm
|
||||
|
||||
ARG UID=1000
|
||||
ARG GID=1000
|
||||
|
||||
#RUN adduser --system --no-create-home --home /nonexistent --gecos 'www-data user' --shell /bin/false --uid 82 www-data
|
||||
RUN usermod -u $UID -o www-data
|
||||
RUN apt update \
|
||||
&& apt -y install libmagickcore-6.q16-6-extra ffmpeg imagemagick ghostscript \
|
||||
&& apt clean
|
||||
|
||||
# Add custom cron job for previews
|
||||
RUN echo '*/15 * * * * php /var/www/html/occ preview:pre-generate' >> /var/spool/cron/crontabs/www-data
|
||||
@@ -1,11 +0,0 @@
|
||||
#FROM nginx:alpine
|
||||
FROM nginx:bullseye
|
||||
|
||||
ARG UID=1000
|
||||
ARG GID=1000
|
||||
|
||||
RUN usermod -u $UID -o www-data
|
||||
|
||||
#RUN adduser --system --no-create-home --home /nonexistent --gecos 'www-data user' --shell /bin/false --uid $UID www-data
|
||||
|
||||
COPY nginx.conf /etc/nginx/nginx.conf
|
||||
@@ -1,175 +0,0 @@
|
||||
user www-data;
|
||||
worker_processes auto;
|
||||
|
||||
error_log /var/log/nginx/error.log warn;
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
|
||||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
sendfile on;
|
||||
#tcp_nopush on;
|
||||
|
||||
# Prevent nginx HTTP Server Detection
|
||||
server_tokens off;
|
||||
|
||||
keepalive_timeout 65;
|
||||
|
||||
#gzip on;
|
||||
|
||||
upstream php-handler {
|
||||
server nextcloud:9000;
|
||||
}
|
||||
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
|
||||
# HSTS settings
|
||||
# WARNING: Only add the preload option once you read about
|
||||
# the consequences in https://hstspreload.org/. This option
|
||||
# will add the domain to a hardcoded list that is shipped
|
||||
# in all major browsers and getting removed from this list
|
||||
# could take several months.
|
||||
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
|
||||
|
||||
# set max upload size
|
||||
client_max_body_size 512M;
|
||||
fastcgi_buffers 64 4K;
|
||||
|
||||
# Enable gzip but do not remove ETag headers
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 4;
|
||||
gzip_min_length 256;
|
||||
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
|
||||
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
|
||||
|
||||
# Pagespeed is not supported by Nextcloud, so if your server is built
|
||||
# with the `ngx_pagespeed` module, uncomment this line to disable it.
|
||||
#pagespeed off;
|
||||
|
||||
# HTTP response headers borrowed from Nextcloud `.htaccess`
|
||||
add_header Referrer-Policy "no-referrer" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
add_header X-Download-Options "noopen" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
||||
add_header X-Robots-Tag "noindex, nofollow" always;
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
|
||||
# Remove X-Powered-By, which is an information leak
|
||||
fastcgi_hide_header X-Powered-By;
|
||||
|
||||
# Path to the root of your installation
|
||||
root /var/www/html;
|
||||
|
||||
# Specify how to handle directories -- specifying `/index.php$request_uri`
|
||||
# here as the fallback means that Nginx always exhibits the desired behaviour
|
||||
# when a client requests a path that corresponds to a directory that exists
|
||||
# on the server. In particular, if that directory contains an index.php file,
|
||||
# that file is correctly served; if it doesn't, then the request is passed to
|
||||
# the front-end controller. This consistent behaviour means that we don't need
|
||||
# to specify custom rules for certain paths (e.g. images and other assets,
|
||||
# `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
|
||||
# `try_files $uri $uri/ /index.php$request_uri`
|
||||
# always provides the desired behaviour.
|
||||
index index.php index.html /index.php$request_uri;
|
||||
|
||||
# Rule borrowed from `.htaccess` to handle Microsoft DAV clients
|
||||
location = / {
|
||||
if ( $http_user_agent ~ ^DavClnt ) {
|
||||
return 302 /remote.php/webdav/$is_args$args;
|
||||
}
|
||||
}
|
||||
|
||||
location = /robots.txt {
|
||||
allow all;
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
# Make a regex exception for `/.well-known` so that clients can still
|
||||
# access it despite the existence of the regex rule
|
||||
# `location ~ /(\.|autotest|...)` which would otherwise handle requests
|
||||
# for `/.well-known`.
|
||||
location ^~ /.well-known {
|
||||
# The rules in this block are an adaptation of the rules
|
||||
# in `.htaccess` that concern `/.well-known`.
|
||||
|
||||
location = /.well-known/carddav { return 301 /remote.php/dav/; }
|
||||
location = /.well-known/caldav { return 301 /remote.php/dav/; }
|
||||
|
||||
location /.well-known/acme-challenge { try_files $uri $uri/ =404; }
|
||||
location /.well-known/pki-validation { try_files $uri $uri/ =404; }
|
||||
|
||||
# Let Nextcloud's API for `/.well-known` URIs handle all other
|
||||
# requests by passing them to the front-end controller.
|
||||
return 301 /index.php$request_uri;
|
||||
}
|
||||
|
||||
# Rules borrowed from `.htaccess` to hide certain paths from clients
|
||||
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
|
||||
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
|
||||
|
||||
# Ensure this block, which passes PHP files to the PHP process, is above the blocks
|
||||
# which handle static assets (as seen below). If this block is not declared first,
|
||||
# then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
|
||||
# to the URI, resulting in a HTTP 500 error response.
|
||||
location ~ \.php(?:$|/) {
|
||||
# Required for legacy support
|
||||
rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri;
|
||||
|
||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||
set $path_info $fastcgi_path_info;
|
||||
|
||||
try_files $fastcgi_script_name =404;
|
||||
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param PATH_INFO $path_info;
|
||||
#fastcgi_param HTTPS on;
|
||||
|
||||
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
|
||||
fastcgi_param front_controller_active true; # Enable pretty urls
|
||||
fastcgi_pass php-handler;
|
||||
|
||||
fastcgi_intercept_errors on;
|
||||
fastcgi_request_buffering off;
|
||||
}
|
||||
|
||||
location ~ \.(?:css|js|svg|gif)$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
expires 6M; # Cache-Control policy borrowed from `.htaccess`
|
||||
access_log off; # Optional: Don't log access to assets
|
||||
}
|
||||
|
||||
location ~ \.woff2?$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
expires 7d; # Cache-Control policy borrowed from `.htaccess`
|
||||
access_log off; # Optional: Don't log access to assets
|
||||
}
|
||||
|
||||
# Rule borrowed from `.htaccess`
|
||||
location /remote {
|
||||
return 301 /remote.php$request_uri;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php$request_uri;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
FROM redis:latest
|
||||
|
||||
ARG UID=1000
|
||||
ARG GID=1000
|
||||
|
||||
RUN usermod -u $UID -o www-data
|
||||
@@ -1,3 +0,0 @@
|
||||
MUID="$(id -u www-data)" MGID="$(id -g www-data)" docker-compose build --no-cache
|
||||
MUID="$(id -u www-data)" MGID="$(id -g www-data)" docker-compose up -d --force-recreate
|
||||
|
||||
@@ -1,16 +0,0 @@
|
||||
OVPN_DATA="ovpn_data"
|
||||
CLIENTNAME="matthias"
|
||||
|
||||
IMAGE=giggio/openvpn-arm
|
||||
#IMAGE=kylemanna/openvpn
|
||||
|
||||
# Create the docker volume to store certificates and configuration
|
||||
docker volume create --opt type=none --opt o=bind --opt device=/docker_config/openvpn --name $OVPN_DATA
|
||||
docker run -v $OVPN_DATA:/etc/openvpn --rm $IMAGE ovpn_genconfig -u udp://vpn.vbchaos.nl
|
||||
docker run -v $OVPN_DATA:/etc/openvpn --rm -it $IMAGE ovpn_initpki
|
||||
|
||||
docker run -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp --name OpenVPN --cap-add=NET_ADMIN --device=/dev/net/tun $IMAGE
|
||||
|
||||
docker run -v $OVPN_DATA:/etc/openvpn --rm -it $IMAGE easyrsa build-client-full $CLIENTNAME nopass
|
||||
|
||||
docker run -v $OVPN_DATA:/etc/openvpn --rm $IMAGE ovpn_getclient $CLIENTNAME > $CLIENTNAME.ovpn
|
||||
@@ -1,2 +0,0 @@
|
||||
docker compose -f rclone_storage.yml up -d
|
||||
docker compose -f rclone_nextcloud.yml up -d
|
||||
@@ -1,33 +0,0 @@
|
||||
|
||||
name: backup_nextcloud
|
||||
|
||||
services:
|
||||
nc_storage:
|
||||
image: registry.vbchaos.nl/rclone
|
||||
container_name: backup_nextcloud_storage
|
||||
environment:
|
||||
- COMMAND=rclone copy -v /backup/ stackstorage:/julien/nextcloud/storage --exclude=storage/appdata_*/**
|
||||
- CRON_SCHEDULE=0 0-23/1 * * *
|
||||
volumes:
|
||||
- ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/nextcloud:/backup
|
||||
|
||||
nc_home:
|
||||
image: registry.vbchaos.nl/rclone
|
||||
container_name: backup_nextcloud_home
|
||||
environment:
|
||||
- COMMAND=rclone copy -v /backup/ stackstorage:/julien/nextcloud/home
|
||||
- CRON_SCHEDULE=0 0-23/1 * * * *
|
||||
volumes:
|
||||
- ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf
|
||||
- /srv/dev-disk-by-uuid-9033ccb2-df6d-46a3-9996-99a0d4d34688/nextcloud/home:/backup
|
||||
|
||||
nc_db:
|
||||
image: registry.vbchaos.nl/rclone
|
||||
container_name: backup_nextcloud_database
|
||||
environment:
|
||||
- COMMAND=rclone copy -v /backup/ stackstorage:/julien/nextcloud/database
|
||||
- CRON_SCHEDULE=0 0-23/1 * * * *
|
||||
volumes:
|
||||
- ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf
|
||||
- /srv/dev-disk-by-uuid-9033ccb2-df6d-46a3-9996-99a0d4d34688/nextcloud/database:/backup
|
||||
@@ -1,94 +0,0 @@
|
||||
|
||||
name: backup_storage
|
||||
|
||||
services:
|
||||
docker_config:
|
||||
image: registry.vbchaos.nl/rclone
|
||||
container_name: backup_docker_config
|
||||
environment:
|
||||
- COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/docker_config
|
||||
- CRON_SCHEDULE=0 1-23/4 * * *
|
||||
volumes:
|
||||
- ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/docker_config:/backup
|
||||
|
||||
bands:
|
||||
image: registry.vbchaos.nl/rclone
|
||||
container_name: backup_bands
|
||||
environment:
|
||||
- COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/bands
|
||||
- CRON_SCHEDULE=0 1-23/4 * * *
|
||||
volumes:
|
||||
- ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/bands:/backup
|
||||
|
||||
hwsw:
|
||||
image: registry.vbchaos.nl/rclone
|
||||
container_name: backup_hwsw
|
||||
environment:
|
||||
- COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/hwsw
|
||||
- CRON_SCHEDULE=0 1-23/4 * * *
|
||||
volumes:
|
||||
- ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/hwsw:/backup
|
||||
|
||||
music:
|
||||
image: registry.vbchaos.nl/rclone
|
||||
container_name: bs_music
|
||||
environment:
|
||||
- COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/music
|
||||
- CRON_SCHEDULE=0 2-23/4 * * *
|
||||
volumes:
|
||||
- ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/music:/backup
|
||||
|
||||
pictures:
|
||||
image: registry.vbchaos.nl/rclone
|
||||
container_name: backup_pictures
|
||||
environment:
|
||||
- COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/pictures
|
||||
- CRON_SCHEDULE=0 2-23/4 * * *
|
||||
volumes:
|
||||
- ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/pictures:/backup
|
||||
|
||||
repositories:
|
||||
image: registry.vbchaos.nl/rclone
|
||||
container_name: backup_repositories
|
||||
environment:
|
||||
- COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/repositories
|
||||
- CRON_SCHEDULE=0 2-23/4 * * *
|
||||
volumes:
|
||||
- ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/repositories:/backup
|
||||
|
||||
video:
|
||||
image: registry.vbchaos.nl/rclone
|
||||
container_name: backup_video
|
||||
environment:
|
||||
- COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/video
|
||||
- CRON_SCHEDULE=0 2-23/4 * * *
|
||||
volumes:
|
||||
- ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/video:/backup
|
||||
|
||||
work:
|
||||
image: registry.vbchaos.nl/rclone
|
||||
container_name: backup_work
|
||||
environment:
|
||||
- COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/work
|
||||
- CRON_SCHEDULE=0 2-23/4 * * *
|
||||
volumes:
|
||||
- ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/work:/backup
|
||||
|
||||
timelapse:
|
||||
image: registry.vbchaos.nl/rclone
|
||||
container_name: backup_timelapse
|
||||
environment:
|
||||
- COMMAND=rclone copy -v /backup/ stackstorage:/julien/storage/timelapse
|
||||
- CRON_SCHEDULE=0 0 * * *
|
||||
volumes:
|
||||
- ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/timelapse:/backup
|
||||
|
||||
@@ -1,35 +0,0 @@
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
vaultwarden:
|
||||
container_name: vaultwarden
|
||||
image: vaultwarden/server:latest
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- /srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/docker_config/vaultwarden:/data/
|
||||
ports:
|
||||
- 5555:80
|
||||
environment:
|
||||
- DOMAIN=https://vaultwarden.vbchaos.nl
|
||||
- LOGIN_RATELIMIT_MAX_BURST=10
|
||||
- LOGIN_RATELIMIT_SECONDS=60
|
||||
- ADMIN_RATELIMIT_MAX_BURST=10
|
||||
- ADMIN_RATELIMIT_SECONDS=2
|
||||
- ADMIN_TOKEN=$$argon2id$$v=19$$m=65540,t=3,p=4$$Vv4wT0EpGslsEAHpgw+U1FwxUQjguK9qkwJQB7WLP+k$$7lBaj+G9jLyXj5MxC2RqNGyGw0/vjOzcgwk4ArN6BVM
|
||||
- SENDS_ALLOWED=true
|
||||
- EMERGENCY_ACCESS_ALLOWED=true
|
||||
- WEB_VAULT_ENABLED=true
|
||||
- SIGNUPS_ALLOWED=false
|
||||
- SIGNUPS_VERIFY=false
|
||||
- SIGNUPS_VERIFY_RESEND_TIME=3600
|
||||
- SIGNUPS_VERIFY_RESEND_LIMIT=5
|
||||
# - SIGNUPS_DOMAINS_WHITELIST=vbchaos.nl,hotmail.com,gmail.com
|
||||
- SMTP_HOST=smtp.gmail.com
|
||||
- SMTP_FROM=vaultwarden@vbchaos.nl
|
||||
- SMTP_FROM_NAME=Vaultwarden
|
||||
- SMTP_SECURITY=starttls
|
||||
- SMTP_PORT=587
|
||||
- SMTP_USERNAME=matthias.mitscherlich@gmail.com
|
||||
- SMTP_PASSWORD=oomgyoiqepsqaikn
|
||||
- SMTP_AUTH_MECHANISM="Login"
|
||||
|
||||
@@ -1,125 +0,0 @@
|
||||
version: '3.8'
|
||||
|
||||
networks:
|
||||
grafana_network:
|
||||
driver: overlay
|
||||
attachable: true
|
||||
|
||||
configs:
|
||||
prometheus_config:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
prometheus_data:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/grafana_tmp_data/prometheus
|
||||
|
||||
grafana_data:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/grafana_tmp_data/grafana
|
||||
|
||||
loki_data:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/grafana_tmp_data/loki
|
||||
|
||||
|
||||
|
||||
services:
|
||||
|
||||
# loki:
|
||||
# image: grafana/loki:2.6.1
|
||||
# user: "0:0"
|
||||
# volumes:
|
||||
# - loki_data:/loki
|
||||
# ports:
|
||||
# - "3100:3100"
|
||||
# command: -config.file=/etc/loki/local-config.yaml
|
||||
|
||||
# promtail:
|
||||
# image: grafana/promtail:2.6.1
|
||||
# user: "0:0"
|
||||
# volumes:
|
||||
# - /var/log:/var/log
|
||||
# command: -config.file=/etc/promtail/config.yml
|
||||
|
||||
prometheus:
|
||||
# user: "0:0"
|
||||
hostname: prometheus
|
||||
image: prom/prometheus
|
||||
environment:
|
||||
- TZ=Europe/Berlin #change Time Zone if needed
|
||||
configs:
|
||||
- source: prometheus_config
|
||||
target: /etc/prometheus/prometheus.yml
|
||||
volumes:
|
||||
- prometheus_data:/prometheus
|
||||
command:
|
||||
- '--config.file=/etc/prometheus/prometheus.yml'
|
||||
networks:
|
||||
- grafana_network
|
||||
ports:
|
||||
- 9090:9090
|
||||
deploy:
|
||||
placement:
|
||||
constraints: [node.labels.isDNS == false]
|
||||
|
||||
grafana:
|
||||
# user: "0:0"
|
||||
hostname: grafana
|
||||
image: grafana/grafana
|
||||
environment:
|
||||
- TZ=Europe/Amsterdam
|
||||
# configs:
|
||||
# - source: grafana_config
|
||||
# target: /etc/grafana/grafana.ini
|
||||
volumes:
|
||||
- grafana_data:/var/lib/grafana
|
||||
networks:
|
||||
- grafana_network
|
||||
ports:
|
||||
- 3300:3000
|
||||
deploy:
|
||||
placement:
|
||||
constraints: [node.labels.isDNS == false]
|
||||
|
||||
|
||||
node-exporter:
|
||||
image: prom/node-exporter:latest
|
||||
deploy:
|
||||
mode: global
|
||||
volumes:
|
||||
- /proc:/host/proc:ro
|
||||
- /sys:/host/sys:ro
|
||||
- /:/rootfs:ro
|
||||
command:
|
||||
- '--path.procfs=/host/proc'
|
||||
- '--path.rootfs=/rootfs'
|
||||
- '--path.sysfs=/host/sys'
|
||||
- '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)'
|
||||
networks:
|
||||
- grafana_network
|
||||
ports:
|
||||
- "9100:9100"
|
||||
deploy:
|
||||
mode: global
|
||||
|
||||
tado-exporter:
|
||||
image: registry.vbchaos.nl/tado-exporter:arm64
|
||||
hostname: tado-exporter
|
||||
environment:
|
||||
EXPORTER_USERNAME: matthias.mitscherlich@gmail.com
|
||||
EXPORTER_PASSWORD: 14Mai1984
|
||||
networks:
|
||||
- grafana_network
|
||||
ports:
|
||||
- "9898:9898"
|
||||
deploy:
|
||||
placement:
|
||||
constraints: [node.labels.isDNS == false]
|
||||
|
||||
@@ -1,40 +0,0 @@
|
||||
version: '3'
|
||||
|
||||
volumes:
|
||||
magicmirror_config:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/docker_config/magicmirror/config
|
||||
|
||||
magicmirror_modules:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/docker_config/magicmirror/modules
|
||||
|
||||
magicmirror_css:
|
||||
driver_opts:
|
||||
type: nfs
|
||||
o: addr=dockerstorage,nfsvers=4
|
||||
device: :/docker_config/magicmirror/css
|
||||
|
||||
|
||||
services:
|
||||
magicmirror:
|
||||
image: karsten13/magicmirror:latest
|
||||
ports:
|
||||
- "8083:8080"
|
||||
volumes:
|
||||
- magicmirror_config:/opt/magic_mirror/config
|
||||
- magicmirror_modules:/opt/magic_mirror/modules
|
||||
- magicmirror_css:/opt/magic_mirror/css
|
||||
restart: unless-stopped
|
||||
command:
|
||||
- npm
|
||||
- run
|
||||
- server
|
||||
deploy:
|
||||
placement:
|
||||
constraints: [node.labels.isDNS == false]
|
||||
|
||||
@@ -1,39 +0,0 @@
|
||||
version: '3.2'
|
||||
|
||||
services:
|
||||
agent:
|
||||
image: portainer/agent:2.19.4
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- /var/lib/docker/volumes:/var/lib/docker/volumes
|
||||
networks:
|
||||
- agent_network
|
||||
deploy:
|
||||
mode: global
|
||||
placement:
|
||||
constraints: [node.platform.os == linux]
|
||||
|
||||
portainer:
|
||||
image: portainer/portainer-ce:2.19.4
|
||||
command: -H tcp://tasks.agent:9001 --tlsskipverify
|
||||
ports:
|
||||
- "9443:9443"
|
||||
- "9000:9000"
|
||||
- "8000:8000"
|
||||
volumes:
|
||||
- portainer_data:/data
|
||||
networks:
|
||||
- agent_network
|
||||
deploy:
|
||||
mode: replicated
|
||||
replicas: 1
|
||||
placement:
|
||||
constraints: [node.role == manager]
|
||||
|
||||
networks:
|
||||
agent_network:
|
||||
driver: overlay
|
||||
attachable: true
|
||||
|
||||
volumes:
|
||||
portainer_data:
|
||||
@@ -1,2 +0,0 @@
|
||||
docker stack deploy -c portainer-agent-stack.yml portainer
|
||||
docker stack deploy -c grafana.yml --with-registry-auth grafana
|
||||
Reference in New Issue
Block a user