From f40b2319ae4b79309abd24d66bc814b6fb91d52b Mon Sep 17 00:00:00 2001 From: Thord Johansson Date: Tue, 26 Mar 2024 01:06:46 +0100 Subject: [PATCH] Merged docker compose files per hostname, thinkcentre over NFS4 --- naspi/homeassistant/docker-compose.yml | 16 +++ naspi/homepage/docker-compose.yml | 13 ++ naspi/mariadb/docker-compose.yml | 23 ++++ naspi/naspi-static/docker-compose.yml | 14 ++ naspi/nginx-proxy/docker-compose.yml | 25 ++++ naspi/owncast/docker-compose.yml | 12 ++ naspi/photoprism/docker-compose.yml | 130 ++++++++++++++++++ naspi/pihole/docker-compose.yml | 34 +++++ naspi/redis/docker-compose.yml | 12 ++ naspi/transmission/docker-compose.yml | 23 ++++ naspi/vaultwarden/docker-compose.yml | 14 ++ thinkcentre/kopia/docker-compose.yml | 59 -------- thinkcentre/nextcloud/docker-compose.yml | 43 ++++++ thinkcentre/portainer/docker-compose.yml | 14 -- thinkcentre/stash/docker-compose.yml | 35 +++++ .../docker-compose.yml | 0 16 files changed, 394 insertions(+), 73 deletions(-) create mode 100644 naspi/homeassistant/docker-compose.yml create mode 100644 naspi/homepage/docker-compose.yml create mode 100644 naspi/mariadb/docker-compose.yml create mode 100644 naspi/naspi-static/docker-compose.yml create mode 100644 naspi/nginx-proxy/docker-compose.yml create mode 100644 naspi/owncast/docker-compose.yml create mode 100644 naspi/photoprism/docker-compose.yml create mode 100644 naspi/pihole/docker-compose.yml create mode 100644 naspi/redis/docker-compose.yml create mode 100644 naspi/transmission/docker-compose.yml create mode 100644 naspi/vaultwarden/docker-compose.yml delete mode 100644 thinkcentre/kopia/docker-compose.yml create mode 100644 thinkcentre/nextcloud/docker-compose.yml delete mode 100644 thinkcentre/portainer/docker-compose.yml create mode 100644 thinkcentre/stash/docker-compose.yml rename thinkcentre/{nginx => thinkcentre-static}/docker-compose.yml (100%) diff --git a/naspi/homeassistant/docker-compose.yml b/naspi/homeassistant/docker-compose.yml new file mode 100644 index 0000000..7398ea9 --- /dev/null +++ b/naspi/homeassistant/docker-compose.yml @@ -0,0 +1,16 @@ +version: '3' +services: + homeassistant: + container_name: homeassistant + image: "ghcr.io/home-assistant/home-assistant:stable" + volumes: + - ${HOMEASSISTANT_PATH}/config:/config + - /etc/localtime:/etc/localtime:ro + - /run/dbus:/run/dbus:ro + devices: + - '/dev/serial/by-id/usb-Nabu_Casa_SkyConnect_v1.0_7cf0ee91b8d8ed11a8216b6162c613ac-if00-port0:/dev/ttyUSB0' + restart: unless-stopped + privileged: true + network_mode: host + environment: + - TZ=Europe/Stockholm diff --git a/naspi/homepage/docker-compose.yml b/naspi/homepage/docker-compose.yml new file mode 100644 index 0000000..99dde66 --- /dev/null +++ b/naspi/homepage/docker-compose.yml @@ -0,0 +1,13 @@ +version: "3.3" + +services: + homepage: + image: ghcr.io/benphelps/homepage:latest + container_name: homepage + network_mode: bridge + restart: unless-stopped + ports: + - 80:3000 + volumes: + - ${HOMEPAGE_CONFIG_PATH}:/app/config # Make sure your local config directory exists + - /var/run/docker.sock:/var/run/docker.sock # (optional) For docker integrations diff --git a/naspi/mariadb/docker-compose.yml b/naspi/mariadb/docker-compose.yml new file mode 100644 index 0000000..4e7efe7 --- /dev/null +++ b/naspi/mariadb/docker-compose.yml @@ -0,0 +1,23 @@ +version: '3.1' + +services: + + db: + container_name: mariadb-main + image: mariadb + restart: always + command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW + volumes: + - /mnt/data/mysql:/var/lib/mysql + environment: + - MARIADB_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD} + - MARIADB_DATABASE=${MARIADB_DATABASE} + - MARIADB_USER=${MARIADB_USER} + - MARIADB_PASSWORD=${MARIADB_PASSWORD} + + adminer: + container_name: mariadb-adminer + image: adminer + restart: always + ports: + - 8082:8080 diff --git a/naspi/naspi-static/docker-compose.yml b/naspi/naspi-static/docker-compose.yml new file mode 100644 index 0000000..6b8f121 --- /dev/null +++ b/naspi/naspi-static/docker-compose.yml @@ -0,0 +1,14 @@ +services: + nginx: + container_name: static-server + volumes: + - /var/www/static:/usr/share/nginx/html:ro + ports: + - 8888:80 + image: nginx + networks: + - proxy + +networks: + proxy: + external: true diff --git a/naspi/nginx-proxy/docker-compose.yml b/naspi/nginx-proxy/docker-compose.yml new file mode 100644 index 0000000..cdf2d70 --- /dev/null +++ b/naspi/nginx-proxy/docker-compose.yml @@ -0,0 +1,25 @@ +version: "3" + +# Remember to run: docker network create proxy + +networks: + proxy: + external: true + +services: + reverse-proxy: + container_name: nginx-proxy-manager + image: "jc21/nginx-proxy-manager:latest" + restart: always + ports: + - "80:80" + - "443:443" + - "81:81" + environment: + DB_SQLITE_FILE: "/data/database.sqlite" + DISABLE_IPV6: "true" + volumes: + - ./data:/data + - ./letsencrypt:/etc/letsencrypt + networks: + - proxy diff --git a/naspi/owncast/docker-compose.yml b/naspi/owncast/docker-compose.yml new file mode 100644 index 0000000..f29ee56 --- /dev/null +++ b/naspi/owncast/docker-compose.yml @@ -0,0 +1,12 @@ +version: '3.3' + +services: + run: + volumes: + - /mnt/data/storage/owncast:/app/data + ports: + - '8085:8080' + - '1935:1935' + image: gabekangas/owncast:latest + restart: always + container_name: owncast diff --git a/naspi/photoprism/docker-compose.yml b/naspi/photoprism/docker-compose.yml new file mode 100644 index 0000000..10fd7f3 --- /dev/null +++ b/naspi/photoprism/docker-compose.yml @@ -0,0 +1,130 @@ +version: '3.5' + +# Example Docker Compose config file for PhotoPrism (Linux / AMD64) +# +# Note: +# - Hardware transcoding is only available for sponsors due to the high maintenance and support effort. +# - Running PhotoPrism on a server with less than 4 GB of swap space or setting a memory/swap limit can cause unexpected +# restarts ("crashes"), for example, when the indexer temporarily needs more memory to process large files. +# - If you install PhotoPrism on a public server outside your home network, please always run it behind a secure +# HTTPS reverse proxy such as Traefik or Caddy. Your files and passwords will otherwise be transmitted +# in clear text and can be intercepted by anyone, including your provider, hackers, and governments: +# https://docs.photoprism.app/getting-started/proxies/traefik/ +# +# Setup Guides: +# - https://docs.photoprism.app/getting-started/docker-compose/ +# - https://docs.photoprism.app/getting-started/raspberry-pi/ +# +# Troubleshooting Checklists: +# - https://docs.photoprism.app/getting-started/troubleshooting/ +# - https://docs.photoprism.app/getting-started/troubleshooting/docker/ +# - https://docs.photoprism.app/getting-started/troubleshooting/mariadb/ +# +# CLI Commands: +# - https://docs.photoprism.app/getting-started/docker-compose/#command-line-interface +# +# All commands may have to be prefixed with "sudo" when not running as root. +# This will point the home directory shortcut ~ to /root in volume mounts. + +services: + photoprism: + container_name: photoprism + image: photoprism/photoprism:latest # :preview to test preview builds + ## Don't enable automatic restarts until PhotoPrism has been properly configured and tested! + ## If the service gets stuck in a restart loop, this points to a memory, filesystem, network, or database issue: + ## https://docs.photoprism.app/getting-started/troubleshooting/#fatal-server-errors + restart: unless-stopped + security_opt: + - seccomp:unconfined + - apparmor:unconfined + ports: + - "2342:2342" # HTTP port (host:container) + environment: + PHOTOPRISM_ADMIN_USER: "admin" # superadmin username + PHOTOPRISM_ADMIN_PASSWORD: "insecure" # initial superadmin password (minimum 8 characters) + PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password) + PHOTOPRISM_SITE_URL: "${SITE_URL}" # server URL in the format "http(s)://domain.name(:port)/(path)" + PHOTOPRISM_ORIGINALS_LIMIT: 5000 # file size limit for originals in MB (increase for high-res video) + PHOTOPRISM_HTTP_COMPRESSION: "gzip" # improves transfer speed and bandwidth utilization (none or gzip) + PHOTOPRISM_LOG_LEVEL: "info" # log level: trace, debug, info, warning, error, fatal, or panic + PHOTOPRISM_READONLY: "false" # do not modify originals directory (reduced functionality) + PHOTOPRISM_EXPERIMENTAL: "false" # enables experimental features + PHOTOPRISM_DISABLE_CHOWN: "false" # disables updating storage permissions via chmod and chown on startup + PHOTOPRISM_DISABLE_WEBDAV: "false" # disables built-in WebDAV server + PHOTOPRISM_DISABLE_SETTINGS: "false" # disables settings UI and API + PHOTOPRISM_DISABLE_TENSORFLOW: "false" # disables all features depending on TensorFlow + PHOTOPRISM_DISABLE_FACES: "false" # disables face detection and recognition (requires TensorFlow) + PHOTOPRISM_DISABLE_CLASSIFICATION: "false" # disables image classification (requires TensorFlow) + PHOTOPRISM_DISABLE_RAW: "false" # disables indexing and conversion of RAW files + PHOTOPRISM_RAW_PRESETS: "false" # enables applying user presets when converting RAW files (reduces performance) + PHOTOPRISM_JPEG_QUALITY: 85 # a higher value increases the quality and file size of JPEG images and thumbnails (25-100) + PHOTOPRISM_DETECT_NSFW: "true" # automatically flags photos as private that MAY be offensive (requires TensorFlow) + PHOTOPRISM_UPLOAD_NSFW: "true" # allows uploads that MAY be offensive (no effect without TensorFlow) + # PHOTOPRISM_DATABASE_DRIVER: "sqlite" # SQLite is an embedded database that doesn't require a server + PHOTOPRISM_DATABASE_DRIVER: "mysql" # use MariaDB 10.5+ or MySQL 8+ instead of SQLite for improved performance + PHOTOPRISM_DATABASE_SERVER: "${DATABASE_SERVER}" # MariaDB or MySQL database server (hostname:port) + PHOTOPRISM_DATABASE_NAME: "${DATABASE_NAME}" # MariaDB or MySQL database schema name + PHOTOPRISM_DATABASE_USER: "${DATABASE_USER}" # MariaDB or MySQL database user name + PHOTOPRISM_DATABASE_PASSWORD: "${DATABASE_PASSWORD}" # MariaDB or MySQL database user password + PHOTOPRISM_SITE_CAPTION: "AI-Powered Photos App" + PHOTOPRISM_SITE_DESCRIPTION: "" # meta site description + PHOTOPRISM_SITE_AUTHOR: "" # meta site author + ## Run/install on first startup (options: update https gpu tensorflow davfs clitools clean): + # PHOTOPRISM_INIT: "https gpu tensorflow" + ## Hardware Video Transcoding: + PHOTOPRISM_FFMPEG_ENCODER: "raspberry" # FFmpeg encoder ("software", "intel", "nvidia", "apple", "raspberry") + # PHOTOPRISM_FFMPEG_BITRATE: "32" # FFmpeg encoding bitrate limit in Mbit/s (default: 50) + ## Run as a non-root user after initialization (supported: 0, 33, 50-99, 500-600, and 900-1200): + # PHOTOPRISM_UID: 1000 + # PHOTOPRISM_GID: 1000 + # PHOTOPRISM_UMASK: 0000 + ## Start as non-root user before initialization (supported: 0, 33, 50-99, 500-600, and 900-1200): + # user: "1000:1000" + ## Share hardware devices with FFmpeg and TensorFlow (optional): + # devices: + # - "/dev/dri:/dev/dri" # Intel QSV + # - "/dev/nvidia0:/dev/nvidia0" # Nvidia CUDA + # - "/dev/nvidiactl:/dev/nvidiactl" + # - "/dev/nvidia-modeset:/dev/nvidia-modeset" + # - "/dev/nvidia-nvswitchctl:/dev/nvidia-nvswitchctl" + # - "/dev/nvidia-uvm:/dev/nvidia-uvm" + # - "/dev/nvidia-uvm-tools:/dev/nvidia-uvm-tools" + # - "/dev/video11:/dev/video11" # Video4Linux Video Encode Device (h264_v4l2m2m) + working_dir: "/photoprism" # do not change or remove + ## Storage Folders: "~" is a shortcut for your home directory, "." for the current directory + volumes: + # "/host/folder:/photoprism/folder" # Example + # - "~/Pictures:/photoprism/originals" # Original media files (DO NOT REMOVE) + # - "/example/family:/photoprism/originals/family" # *Additional* media folders can be mounted like this + # - "~/Import:/photoprism/import" # *Optional* base folder from which files can be imported to originals + # - "./storage:/photoprism/storage" # *Writable* storage folder for cache, database, and sidecar files (DO NOT REMOVE) + + - /mnt/hdd/Media/Photos/Originals:/photoprism/originals + - /mnt/hdd/Media/Photos/Import:/photoprism/import + - /mnt/data/storage/photoprism:/photoprism/storage + networks: + - default + - proxy + + ## -- (database server section removed; use separate mariadb container) + + ## Watchtower upgrades services automatically (optional) + ## see https://docs.photoprism.app/getting-started/updates/#watchtower + ## activate via "COMPOSE_PROFILES=update docker compose up -d" + #watchtower: + # restart: unless-stopped + # image: containrrr/watchtower + # profiles: ["update"] + # environment: + # WATCHTOWER_CLEANUP: "true" + # WATCHTOWER_POLL_INTERVAL: 7200 # checks for updates every two hours + # volumes: + # - "/var/run/docker.sock:/var/run/docker.sock" + # - "~/.docker/config.json:/config.json" # optional, for authentication if you have a Docker Hub account + +networks: + default: + name: mariadb_default + external: true + proxy: + external: true diff --git a/naspi/pihole/docker-compose.yml b/naspi/pihole/docker-compose.yml new file mode 100644 index 0000000..41471d8 --- /dev/null +++ b/naspi/pihole/docker-compose.yml @@ -0,0 +1,34 @@ +version: "3.8" + +# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/ +services: + pihole: + container_name: pihole + image: pihole/pihole:latest + # For DHCP it is recommended to remove these ports and instead add: network_mode: "host" + network_mode: host + #ports: + #- "53:53/tcp" + #- "53:53/udp" + #- "67:67/udp" # Only required if you are using Pi-hole as your DHCP server + #- "8081:80/tcp" + environment: + WEB_PORT: 8081 + TZ: 'Europe/Stockholm' + # WEBPASSWORD: 'set a secure password here or it will be random' + # Volumes store your data between container upgrades + volumes: + - '/mnt/data/storage/pihole/etc-pihole:/etc/pihole' + - '/mnt/data/storage/pihole/etc-dnsmasq.d:/etc/dnsmasq.d' + # https://github.com/pi-hole/docker-pi-hole#note-on-capabilities + cap_add: + - NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed + restart: unless-stopped +# networks: +# - proxy + +#networks: +# default: +# external: true +# proxy: +# external: true diff --git a/naspi/redis/docker-compose.yml b/naspi/redis/docker-compose.yml new file mode 100644 index 0000000..169dbd4 --- /dev/null +++ b/naspi/redis/docker-compose.yml @@ -0,0 +1,12 @@ +version: '3.3' +services: + redis: + container_name: redis + image: redis:latest + restart: always + networks: + - proxy + +networks: + proxy: + external: true diff --git a/naspi/transmission/docker-compose.yml b/naspi/transmission/docker-compose.yml new file mode 100644 index 0000000..ff63726 --- /dev/null +++ b/naspi/transmission/docker-compose.yml @@ -0,0 +1,23 @@ +version: "2.1" + +services: + transmission: + image: lscr.io/linuxserver/transmission:latest + container_name: transmission + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/Stockholm + - USER=${USERNAME} #optional + - PASS=${PASSWORD} #optional + - WHITELIST= #optional + - PEERPORT= #optional + - HOST_WHITELIST= #optional + volumes: + - /mnt/data/storage/transmission:/config + - /mnt/data/downloads:/downloads + ports: + - 9091:9091 + - 51413:51413 + - 51413:51413/udp + restart: unless-stopped diff --git a/naspi/vaultwarden/docker-compose.yml b/naspi/vaultwarden/docker-compose.yml new file mode 100644 index 0000000..741582f --- /dev/null +++ b/naspi/vaultwarden/docker-compose.yml @@ -0,0 +1,14 @@ +version: '3.3' +services: + server: + container_name: vaultwarden + volumes: + - /mnt/data/storage/vaultwarden:/data + ports: + - '5080:80' + image: 'vaultwarden/server:latest' + networks: + - proxy +networks: + proxy: + external: true diff --git a/thinkcentre/kopia/docker-compose.yml b/thinkcentre/kopia/docker-compose.yml deleted file mode 100644 index 883e352..0000000 --- a/thinkcentre/kopia/docker-compose.yml +++ /dev/null @@ -1,59 +0,0 @@ -version: '3.7' - -# on naspi for remote docker stop commands: -# sudo visudo -# thord ALL=(ALL) NOPASSWD: /bin/systemctl start docker, /bin/systemctl stop docker - -services: - kopia: - image: kopia/kopia:latest - hostname: kopia-host - container_name: kopia - restart: unless-stopped - networks: - vlan: - ipv4_address: 192.168.1.102 - ports: - - 51515:51515 - command: - - server - - start - - --disable-csrf-token-checks - - --insecure - - --address=0.0.0.0:51515 - - --server-username=${KOPIA_USER_NAME} - - --server-password=${KOPIA_USER_PASSWORD} - environment: - # Set repository password - KOPIA_PASSWORD: "${KOPIA_PASSWORD}" - USER: "User" - volumes: - # Mount local folders needed by kopia - - /opt/kopia/config:/app/config - - /opt/kopia/cache:/app/cache - - /opt/kopia/logs:/app/logs - # Use NFS volume for storage - - nfs-naspi:/data/naspi:ro - # Mount repository location locally - - /opt/kopia/repository:/repository - # Mount path for browsing mounted snapshots - - /tmp:/tmp:shared - - /home/thord/.config/rclone:/app/rclone - - /usr/bin/rclone:/app/rclone-bin - -volumes: - nfs-naspi: - driver: local - driver_opts: - type: nfs - o: addr=${NFS_SERVER_IP},ro,nolock - device: ":/mnt/data" -networks: - vlan: - driver: macvlan - driver_opts: - parent: eno1 # Adjust the parent interface based on your host configuration - ipam: - config: - - subnet: 192.168.1.0/24 - gateway: 192.168.1.1 # Adjust the gateway based on your network configuration diff --git a/thinkcentre/nextcloud/docker-compose.yml b/thinkcentre/nextcloud/docker-compose.yml new file mode 100644 index 0000000..d2b808b --- /dev/null +++ b/thinkcentre/nextcloud/docker-compose.yml @@ -0,0 +1,43 @@ +version: '2' + +volumes: + app: + +services: + app: + container_name: nextcloud + image: nextcloud + restart: always + ports: + - 8080:80 + volumes: + - app:/var/www/html + - /mnt/data/nextcloud/files:/var/www/html/data + - /mnt/data/nextcloud/config:/var/www/html/config + environment: + - MYSQL_PASSWORD=${MYSQL_PASSWORD} + - MYSQL_DATABASE=${MYSQL_DATABASE} + - MYSQL_USER=${MYSQL_USER} + - MYSQL_HOST=${MYSQL_HOST} + networks: + - mariadb_default + - proxy + +networks: + mariadb_default: + external: true + proxy: +# name: proxy + external: true + +volumes: + files: + driver_opts: + type: "nfs" + o: "addr=192.168.1.100,nfsvers=4" + device: ":/mnt/data/nextcloud/files" + config: + driver_opts: + type: "nfs" + o: "addr=192.168.1.100,nfsvers=4" + device: ":/mnt/data/nextcloud/config" diff --git a/thinkcentre/portainer/docker-compose.yml b/thinkcentre/portainer/docker-compose.yml deleted file mode 100644 index 1322b65..0000000 --- a/thinkcentre/portainer/docker-compose.yml +++ /dev/null @@ -1,14 +0,0 @@ -services: - portainer: - image: portainer/portainer-ce:latest - container_name: portainer - restart: always - ports: - - "8000:8000" - - "9443:9443" - volumes: - - /var/run/docker.sock:/var/run/docker.sock - - portainer_data:/data - -volumes: - portainer_data: diff --git a/thinkcentre/stash/docker-compose.yml b/thinkcentre/stash/docker-compose.yml new file mode 100644 index 0000000..7fb8afa --- /dev/null +++ b/thinkcentre/stash/docker-compose.yml @@ -0,0 +1,35 @@ +# APPNICENAME=Stash +# APPDESCRIPTION=An organizer for your ****, written in Go +version: '3.4' + +services: + stash: + image: stashapp/stash:latest + container_name: stash + restart: always + ## the container's port must be the same with the STASH_PORT in the environment section + ports: + - "9999:9999" + ## If you intend to use stash's DLNA functionality uncomment the below network mode and comment out the above ports section + # network_mode: host + logging: + driver: "json-file" + options: + max-file: "10" + max-size: "2m" + environment: + - STASH_STASH=data/ + - STASH_GENERATED=generated/ + - STASH_METADATA=metadata/ + - STASH_CACHE=cache/ + ## Adjust below to change default port (9999) + - STASH_PORT=9999 + volumes: + - /etc/localtime:/etc/localtime:ro + ## Adjust below paths (the left part) to your liking. + ## E.g. you can change ./config:/root/.stash to ./stash:/root/.stash + - config:/root/.stash + - /mnt/data/storage/stash-meta/metadata:/metadata + - /mnt/data/storage/stash-meta/cache:/cache + - /mnt/data/storage/stash-meta/generated:/generated + - /mnt/data/storage/stash:/data diff --git a/thinkcentre/nginx/docker-compose.yml b/thinkcentre/thinkcentre-static/docker-compose.yml similarity index 100% rename from thinkcentre/nginx/docker-compose.yml rename to thinkcentre/thinkcentre-static/docker-compose.yml