Removed Mayan EDMS, updated Minecraft compose

This commit is contained in:
Thord Johansson 2023-07-24 17:14:14 +02:00
parent 26b9164521
commit a4e863b647
8 changed files with 136 additions and 385 deletions

112
_mayan-edms/.env Normal file
View File

@ -0,0 +1,112 @@
##################################################################
# These variables are passed to Docker Compose to change how the #
# `docker-compose.yml` file is interpreted. #
##################################################################
# Default project name. Can also change this using the
# docker-compose `-p, --project-name NAME` option.
COMPOSE_PROJECT_NAME=mayan
# Default profiles.
COMPOSE_PROFILES=all_in_one,postgresql,rabbitmq,redis
# User alternate Mayan EDMS Docker image or tag.
# MAYAN_DOCKER_IMAGE_NAME=mayanedms/mayanedms
# MAYAN_DOCKER_IMAGE_TAG=s4.2
# Modify this to your database server if not using the database deployed
# by the Docker Compose file.
#MAYAN_DATABASE_HOST=mariadb-app
# Security. Change these before the first run.
# Once these are set do not change them here. If you wish to change the
# passwords or usernames after the installation has completed, follow the
# documentation of each component individually and then update the password
# or username in this file. _PASSWORD_START_MARKER
# MAYAN_DATABASE_NAME=
# MAYAN_DATABASE_PASSWORD=
# MAYAN_DATABASE_USER=
# MAYAN_ELASTICSEARCH_PASSWORD=
# MAYAN_RABBITMQ_USER=
# MAYAN_RABBITMQ_PASSWORD=
# MAYAN_RABBITMQ_VHOST=
# MAYAN_REDIS_PASSWORD=
# MAYAN_FRONTEND_HTTP_PORT=80
MAYAN_WORKER_CUSTOM_QUEUE_LIST=
# Change if you use external services.
MAYAN_DOCKER_WAIT="postgresql:5432 rabbitmq:5672 redis:6379"
# RabbitMQ
# MAYAN_RABBITMQ_ADMIN_HTTP_PORT=15672
# Allows running an additional worker with a custom list of queues.
MAYAN_WORKER_CUSTOM_QUEUE_LIST=
# Traefik
# Enable to use production Let's Encrypt server.
# MAYAN_TRAEFIK_LETS_ENCRYPT_SERVER=https://acme-v02.api.letsencrypt.org/directory
# Enable to launch the Let's Encrypt TLS challenge.
# MAYAN_TRAEFIK_LETS_ENCRYPT_TLS_CHALLENGE=true
# Enable to activate the Traefik UI.
# MAYAN_TRAEFIK_API_INSECURE=true
# Configure the administrative email for the domain.
MAYAN_TRAEFIK_LETS_ENCRYPT_EMAIL=
MAYAN_TRAEFIK_EXTERNAL_DOMAIN=
# Expose the Traefik secure dashboard.
MAYAN_TRAEFIK_DASHBOARD_ENABLE=false
# Traefik secure dashboard username and password.
# Obtained using: echo $(htpasswd -nB your_username_of_choice)
# Enclose in single quotes.
MAYAN_TRAEFIK_DASHBOARD_AUTHENTICATION=''
# Insecure value of admin:admin
# MAYAN_TRAEFIK_DASHBOARD_AUTHENTICATION='admin:$$2y$$05$$mr0lbnUpImKmjXyClgdV6OfwKgOFZKq7ldadIcQXHMwzIZI99wos6'
# Expose the frontend through Traefik.
MAYAN_TRAEFIK_FRONTEND_ENABLE=false
# Expose the RabbitMQ administrative interface through Traefik.
MAYAN_TRAEFIK_RABBITMQ_ENABLE=false
# MAYAN_TRAEFIK_DASHBOARD_HTTP_PORT=8080
# MAYAN_TRAEFIK_LETSENCRYPT_VOLUME=traefik-certificates-letsencrypt
# MAYAN_TRAEFIK_HTTP_PORT=80
# MAYAN_TRAEFIK_HTTPS_PORT=443
MAYAN_TRAEFIK_LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER=
#########################################################
# These variables are passed to the running containers. #
# They are interpreted by Mayan EDMS. #
#########################################################
# To use block storage.
# MAYAN_DOCUMENTS_STORAGE_BACKEND="storages.backends.s3boto3.S3Boto3Storage"
# MAYAN_DOCUMENTS_STORAGE_BACKEND_ARGUMENTS="{'access_key':'<access key>','secret_key':'<secret key>','bucket_name':'mayan','endpoint_url':'http://<URL:port>','verify':'False'}" # 'verify':'False' for local servers with self signed SSL certificate
# To add operating system packages, like additional OCR language,
# packages, put then in the variable below.
# MAYAN_APT_INSTALLS="tesseract-ocr-deu tesseract-ocr-nld"
# To use LDAP authentication.
# Create a folder named `user_settings` in the `media` folder.
# Copy the file `contrib/settings/ldap_connection_settings.py` from the online
# repository and place in the new `user_settings` folder.
# Edit the `user_settings/ldap_connection_settings' file to work with your
# LDAP server.
# Example: https://django-auth-ldap.readthedocs.io/en/latest/example.html
# Restart the stack and test.

View File

@ -1,373 +0,0 @@
version: '3.9'
x-mayan-container:
&mayan-container
env_file: .env
environment:
MAYAN_CELERY_BROKER_URL: amqp://${MAYAN_RABBITMQ_USER:-mayan}:${MAYAN_RABBITMQ_PASSWORD:-mayanrabbitpass}@rabbitmq:5672/${MAYAN_RABBITMQ_VHOST:-mayan}
MAYAN_CELERY_RESULT_BACKEND: redis://:${MAYAN_REDIS_PASSWORD:-mayanredispassword}@redis:6379/1
MAYAN_DATABASES: "{'default':{'ENGINE':'django.db.backends.postgresql','NAME':'${MAYAN_DATABASE_NAME:-mayan}','PASSWORD':'${MAYAN_DATABASE_PASSWORD:-mayandbpass}','USER':'${MAYAN_DATABASE_USER:-mayan}','HOST':'${MAYAN_DATABASE_HOST:-postgresql}'} }"
MAYAN_LOCK_MANAGER_BACKEND: mayan.apps.lock_manager.backends.redis_lock.RedisLock
MAYAN_LOCK_MANAGER_BACKEND_ARGUMENTS: "{'redis_url':'redis://:${MAYAN_REDIS_PASSWORD:-mayanredispassword}@redis:6379/2'}"
image: ${MAYAN_DOCKER_IMAGE_NAME:-mayanedms/mayanedms}:${MAYAN_DOCKER_IMAGE_TAG:-s4.4}
networks:
- mayan
restart: unless-stopped
volumes:
- ${MAYAN_APP_VOLUME:-app}:/var/lib/mayan
# Optional volumes to access external data like staging or watch folders
# - /opt/staging_folder:/staging_folder
# - /opt/watch_folder:/watch_folder
x-mayan-traefik-labels:
&mayan-traefik-labels
labels:
- "traefik.enable=${MAYAN_TRAEFIK_FRONTEND_ENABLE:-false}"
- "traefik.http.middlewares.mayan_frontend_http_redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.mayan_frontend_http_redirect.redirectscheme.permanent=false"
- "traefik.http.routers.mayan_frontend_http.entrypoints=http"
- "traefik.http.routers.mayan_frontend_http.middlewares=mayan_frontend_http_redirect"
- "traefik.http.routers.mayan_frontend_http.rule=Host(`${MAYAN_TRAEFIK_EXTERNAL_DOMAIN}`)"
- "traefik.http.routers.mayan_frontend_https.entrypoints=https"
- "traefik.http.routers.mayan_frontend_https.rule=Host(`${MAYAN_TRAEFIK_EXTERNAL_DOMAIN}`)"
- "traefik.http.routers.mayan_frontend_https.service=mayan_frontend_http"
- "traefik.http.routers.mayan_frontend_https.tls=true"
- "traefik.http.routers.mayan_frontend_https.tls.certresolver=letsencrypt"
- "traefik.http.services.mayan_frontend_http.loadbalancer.server.port=8000"
x-mayan-frontend-ports:
&mayan-frontend-ports
# Disable ports if using Traefik. Set to an empty list `[]`.
ports:
- "${MAYAN_FRONTEND_HTTP_PORT:-80}:8000"
# []
networks:
keycloak:
driver: bridge
# Change to true when using Traefik for increased security.
internal: false
mayan:
driver: bridge
# Change to true when using Traefik for increased security.
internal: false
traefik: {}
services:
app:
<<: [*mayan-container,*mayan-traefik-labels,*mayan-frontend-ports]
profiles:
- all_in_one
elasticsearch:
environment:
- bootstrap.memory_lock=true
- discovery.type=single-node
- http.max_content_length=400mb
- xpack.security.enabled=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- ELASTIC_PASSWORD=${MAYAN_ELASTICSEARCH_PASSWORD:-mayanespassword}
image: ${MAYAN_DOCKER_ELASTICSEARCH_IMAGE:-elasticsearch}:${MAYAN_DOCKER_ELASTICSEARCH_TAG:-7.17.9}
networks:
- mayan
# Enable to allow external access to the database.
# ports:
# - "9200:9200"
profiles:
- elasticsearch
restart: unless-stopped
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- ${MAYAN_ELASTICSEARCH_VOLUME:-elasticsearch}:/usr/share/elasticsearch/data
keycloak:
command:
- start
environment:
KEYCLOAK_ADMIN: ${MAYAN_KEYCLOAK_ADMIN:-admin}
KEYCLOAK_ADMIN_PASSWORD: ${MAYAN_KEYCLOAK_ADMIN_PASSWORD:-admin}
KC_DB: postgres
KC_DB_PASSWORD: ${MAYAN_KEYCLOAK_DATABASE_PASSWORD:-keycloakdbpass}
KC_DB_URL_DATABASE: ${MAYAN_KEYCLOAK_DATABASE_NAME:-keycloak}
KC_DB_URL_HOST: keycloak-postgres
KC_DB_USERNAME: ${MAYAN_DATABASE_KEYCLOAK_USER:-keycloak}
KC_HOSTNAME_URL: http://127.0.0.1:8081/
KC_HOSTNAME_STRICT: false
KC_HTTP_ENABLED: true
image: ${MAYAN_DOCKER_KEYCLOAK_IMAGE:-keycloak/keycloak}:${MAYAN_DOCKER_KEYCLOAK_TAG:-20.0.1}
labels:
- "traefik.enable=${MAYAN_TRAEFIK_KEYCLOAK_ENABLE:-false}"
- "traefik.http.middlewares.keycloak_http_redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.keycloak_http_redirect.redirectscheme.permanent=false"
- "traefik.http.routers.keycloak_http.entrypoints=http"
- "traefik.http.routers.keycloak_http.middlewares=keycloak_http_redirect"
- "traefik.http.routers.keycloak_http.rule=Host(`${MAYAN_TRAEFIK_EXTERNAL_DOMAIN}`)"
- "traefik.http.routers.keycloak_https.entrypoints=https"
- "traefik.http.routers.keycloak_https.rule=Host(`${MAYAN_TRAEFIK_EXTERNAL_DOMAIN}`)"
- "traefik.http.routers.keycloak_https.service=keycloak_http"
- "traefik.http.routers.keycloak_https.tls=true"
- "traefik.http.routers.keycloak_https.tls.certresolver=letsencrypt"
- "traefik.http.services.keycloak_http.loadbalancer.server.port=${MAYAN_TRAEFIK_KEYCLOAK_HTTP_PORT:-8081}"
networks:
- keycloak
- mayan
# Disable ports if using Traefik.
ports:
- "${MAYAN_TRAEFIK_KEYCLOAK_HTTP_PORT:-8081}:${MAYAN_TRAEFIK_KEYCLOAK_HTTP_PORT:-8081}"
profiles:
- keycloak
restart: unless-stopped
keycloak-postgres:
environment:
POSTGRES_DB: ${MAYAN_KEYCLOAK_DATABASE_NAME:-keycloak}
POSTGRES_PASSWORD: ${MAYAN_KEYCLOAK_DATABASE_PASSWORD:-keycloakdbpass}
POSTGRES_USER: ${MAYAN_DATABASE_KEYCLOAK_USER:-keycloak}
image: postgres:${MAYAN_DOCKER_KEYCLOAK_POSTGRES_TAG:-13.8-alpine}
networks:
- keycloak
profiles:
- keycloak_postgresql
restart: unless-stopped
volumes:
- ${MAYAN_KEYCLOAK_POSTGRES_VOLUME:-keycloak-postgres}:/var/lib/postgresql/data
postgresql:
command:
- "postgres"
- "-c"
- "checkpoint_completion_target=0.6"
- "-c"
- "default_statistics_target=200"
- "-c"
- "maintenance_work_mem=128MB"
- "-c"
- "max_connections=150"
- "-c"
- "shared_buffers=256MB"
- "-c"
- "work_mem=8MB"
environment:
POSTGRES_DB: ${MAYAN_DATABASE_NAME:-mayan}
POSTGRES_PASSWORD: ${MAYAN_DATABASE_PASSWORD:-mayandbpass}
POSTGRES_USER: ${MAYAN_DATABASE_USER:-mayan}
image: ${MAYAN_DOCKER_POSTGRES_IMAGE:-postgres}:${MAYAN_DOCKER_POSTGRES_TAG:-13.10-alpine}
networks:
- mayan
# Enable to allow external access to the database.
# ports:
# - "5432:5432"
profiles:
- postgresql
restart: unless-stopped
volumes:
- ${MAYAN_POSTGRES_VOLUME:-postgres}:/var/lib/postgresql/data
redis:
command:
- redis-server
- --appendonly
- "no"
- --databases
- "3"
- --maxmemory
- "100mb"
- --maxclients
- "500"
- --maxmemory-policy
- "allkeys-lru"
- --save
- ""
- --tcp-backlog
- "256"
- --requirepass
- "${MAYAN_REDIS_PASSWORD:-mayanredispassword}"
image: ${MAYAN_DOCKER_REDIS_IMAGE:-redis}:${MAYAN_DOCKER_REDIS_TAG:-7.0.10-alpine}
networks:
- mayan
profiles:
- redis
restart: unless-stopped
volumes:
- ${MAYAN_REDIS_VOLUME:-redis}:/data
# Run a frontend gunicorn container
frontend:
<<: [*mayan-container,*mayan-traefik-labels,*mayan-frontend-ports]
command:
- run_frontend
profiles:
- extra_frontend
# Enable to run standalone workers
mountindex:
<<: *mayan-container
cap_add:
- SYS_ADMIN
devices:
- "/dev/fuse:/dev/fuse"
entrypoint:
- /bin/sh
- -c
- 'mkdir --parents /mnt/index && chown mayan:mayan /mnt/index && /usr/local/bin/entrypoint.sh run_command "mirroring_mount_index --allow-other creation_date /mnt/index"' # Replace "creation_date" with the index of your choice.
profiles:
- mountindex
security_opt:
- apparmor:unconfined
volumes:
- type: bind
source: /mnt/mayan_indexes/creation_date # Host location where the index will show up.
target: /mnt/index # Location inside the container where the index will be mounted. Must the same is in the "entrypoint" section.
bind:
propagation: shared
# Run a separate class A worker
worker_a:
<<: *mayan-container
command:
- run_worker
- worker_a
- "--prefetch-multiplier=1"
profiles:
- extra_worker_a
# Run a separate class B worker
worker_b:
<<: *mayan-container
command:
- run_worker
- worker_b
- "--prefetch-multiplier=1"
profiles:
- extra_worker_b
# Run a separate class C worker
worker_c:
<<: *mayan-container
command:
- run_worker
- worker_c
- "--prefetch-multiplier=1"
profiles:
- extra_worker_c
# Run a separate class D worker
worker_d:
<<: *mayan-container
command:
- run_worker
- worker_d
- "--concurrency=1 --prefetch-multiplier=1"
profiles:
- extra_worker_d
worker_custom_queue:
<<: *mayan-container
command:
- /bin/sh
- -c
- 'MAYAN_QUEUE_LIST=${MAYAN_WORKER_CUSTOM_QUEUE_LIST} /usr/local/bin/run_worker.sh --prefetch-multiplier=1'
profiles:
- extra_worker_custom
# Run a separate Celery beat container
celery_beat:
<<: *mayan-container
command:
- run_celery
- "beat --pidfile= --loglevel=ERROR"
profiles:
- extra_celery_beat
setup_or_upgrade:
<<: *mayan-container
command:
- run_initial_setup_or_perform_upgrade
profiles:
- extra_setup_or_upgrade
restart: "no"
rabbitmq:
image: ${MAYAN_DOCKER_RABBITMQ_IMAGE:-rabbitmq}:${MAYAN_DOCKER_RABBITMQ_TAG:-3.11.13-management-alpine}
environment:
RABBITMQ_DEFAULT_USER: ${MAYAN_RABBITMQ_USER:-mayan}
RABBITMQ_DEFAULT_PASS: ${MAYAN_RABBITMQ_PASSWORD:-mayanrabbitpass}
RABBITMQ_DEFAULT_VHOST: ${MAYAN_RABBITMQ_VHOST:-mayan}
labels:
- "traefik.enable=${MAYAN_TRAEFIK_RABBITMQ_ENABLE:-false}"
- "traefik.http.routers.rabbitmq_admin_http.entrypoints=rabbitmq_admin_http"
- "traefik.http.routers.rabbitmq_admin_http.rule=Host(`${MAYAN_TRAEFIK_EXTERNAL_DOMAIN}`)"
- "traefik.http.routers.rabbitmq_admin_http.service=rabbitmq_admin_http"
- "traefik.http.routers.rabbitmq_admin_http.tls=true"
- "traefik.http.routers.rabbitmq_admin_http.tls.certresolver=letsencrypt"
- "traefik.http.services.rabbitmq_admin_http.loadbalancer.server.port=15672"
networks:
- mayan
# Enable to allow access to the administration interface.
# ports:
# - "${MAYAN_RABBITMQ_ADMIN_PORT:-15672}:15672"
profiles:
- rabbitmq
restart: unless-stopped
volumes:
- ${MAYAN_RABBITMQ_VOLUME:-rabbitmq}:/var/lib/rabbitmq
traefik:
container_name: "traefik"
command:
# - "--log.level=DEBUG"
- "--api.dashboard=true"
- "--api.insecure=${MAYAN_TRAEFIK_API_INSECURE:-false}"
- "--certificatesresolvers.letsencrypt.acme.caserver=${MAYAN_TRAEFIK_LETS_ENCRYPT_SERVER:-https://acme-staging-v02.api.letsencrypt.org/directory}"
- "--certificatesresolvers.letsencrypt.acme.dnschallenge=${MAYAN_TRAEFIK_LETS_ENCRYPT_DNS_CHALLENGE:-false}"
- "--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=${MAYAN_TRAEFIK_LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER}"
- "--certificatesresolvers.letsencrypt.acme.email=${MAYAN_TRAEFIK_LETS_ENCRYPT_EMAIL}"
- "--certificatesresolvers.letsencrypt.acme.storage=/traefik-certificates-letsencrypt/acme.json"
- "--certificatesresolvers.letsencrypt.acme.tlschallenge=${MAYAN_TRAEFIK_LETS_ENCRYPT_TLS_CHALLENGE:-false}"
- "--entrypoints.http.address=:80"
- "--entrypoints.https.address=:443"
- "--entrypoints.keycloak_http.address=:${MAYAN_TRAEFIK_KEYCLOAK_HTTP_PORT:-8081}"
- "--entrypoints.rabbitmq_admin_http.address=:15672"
- "--entrypoints.traefik_dashboard_http.address=:8080"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
# - Add DNS provider variables (https://doc.traefik.io/traefik/https/acme/#providers)
# environment:
image: ${MAYAN_DOCKER_TRAEFIK_IMAGE:-traefik}:${MAYAN_DOCKER_TRAEFIK_TAG:-v2.5}
labels:
- "traefik.enable=${MAYAN_TRAEFIK_DASHBOARD_ENABLE:-false}"
- "traefik.http.middlewares.basic-auth-global.basicauth.users=${MAYAN_TRAEFIK_DASHBOARD_AUTHENTICATION}"
- "traefik.http.routers.traefik_https.entrypoints=traefik_dashboard_http"
- "traefik.http.routers.traefik_https.middlewares=basic-auth-global"
- "traefik.http.routers.traefik_https.rule=Host(`${MAYAN_TRAEFIK_EXTERNAL_DOMAIN}`)"
- "traefik.http.routers.traefik_https.service=api@internal"
- "traefik.http.routers.traefik_https.tls=true"
- "traefik.http.routers.traefik_https.tls.certresolver=letsencrypt"
networks:
- mayan
- traefik
ports:
- "${MAYAN_RABBITMQ_ADMIN_HTTP_PORT:-15672}:15672"
- "${MAYAN_TRAEFIK_DASHBOARD_HTTP_PORT:-8080}:8080"
- "${MAYAN_TRAEFIK_KEYCLOAK_HTTP_PORT:-8081}:8081"
- "${MAYAN_TRAEFIK_HTTP_PORT:-80}:80"
- "${MAYAN_TRAEFIK_HTTPS_PORT:-443}:443"
profiles:
- traefik
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${MAYAN_TRAEFIK_LETSENCRYPT_VOLUME:-traefik-certificates-letsencrypt}:/traefik-certificates-letsencrypt
volumes:
app:
elasticsearch:
keycloak-postgres:
postgres:
mountindex:
rabbitmq:
redis:
traefik-certificates-letsencrypt:

1
homepage/.env Normal file
View File

@ -0,0 +1 @@
HOMEPAGE_CONFIG_PATH=/mnt/data/storage/homepage/config

1
homepage/config Symbolic link
View File

@ -0,0 +1 @@
/mnt/data/storage/homepage/config/

View File

@ -7,7 +7,7 @@ services:
network_mode: bridge network_mode: bridge
restart: unless-stopped restart: unless-stopped
ports: ports:
- 2255:3000 - 80:3000
volumes: volumes:
- ${HOMEPAGE_CONFIG_PATH}:/app/config # Make sure your local config directory exists - ${HOMEPAGE_CONFIG_PATH}:/app/config # Make sure your local config directory exists
- /var/run/docker.sock:/var/run/docker.sock # (optional) For docker integrations - /var/run/docker.sock:/var/run/docker.sock # (optional) For docker integrations

View File

@ -3,15 +3,23 @@ version: '3.3'
services: services:
minecraft-server: minecraft-server:
volumes: volumes:
- /mnt/data/storage/minecraft:/data - serverdata:/data
environment: environment:
- TYPE=FORGE - TYPE=FORGE
- MEMORY=2G - MEMORY=4G
- VERSION=1.18.2 - VERSION=1.18.2
- FORGE_VERSION=40.1.93 - FORGE_VERSION=40.1.93
- EULA=TRUE - EULA=TRUE
- MOTD=Hej och välkommen!
ports: ports:
- '25565:25565' - '25565:25565'
container_name: mc-forge container_name: minecraft
image: itzg/minecraft-server image: itzg/minecraft-server
volumes:
serverdata:
driver_opts:
type: "nfs"
o: "addr=192.168.1.100,nfsvers=4,retrans=6"
device: ":/mnt/data/storage/minecraft"

View File

@ -0,0 +1,8 @@
version: '3.3'
services:
opentts:
container_name: opentts
ports:
- '5500:5500'
image: 'synesthesiam/opentts:all'
command: --no-espeak --cache

View File

@ -10,9 +10,3 @@ services:
image: gabekangas/owncast:latest image: gabekangas/owncast:latest
restart: always restart: always
container_name: owncast container_name: owncast
networks:
- proxy
networks:
proxy:
external: true