diff --git a/Stacks/DS1-Main/audiobookshelf/compose.yaml b/Stacks/DS1-Main/audiobookshelf/compose.yaml new file mode 100644 index 0000000..0f26962 --- /dev/null +++ b/Stacks/DS1-Main/audiobookshelf/compose.yaml @@ -0,0 +1,23 @@ +services: + audiobookshelf: + container_name: Audiobookshelf + image: advplyr/audiobookshelf + security_opt: + - no-new-privileges:true + healthcheck: + test: ["CMD-SHELL", "nc -z 127.0.0.1 80 || exit 1"] + interval: 10s + timeout: 5s + retries: 3 + start_period: 90s + mem_limit: 4g + cpu_shares: 768 + environment: + JWT_SECRET_KEY: dOxZYTTZgXKMHkqLBIQVImayQXAVWdzGBPuFJKggzcgvgPJPXpWzqzKaUOIOGGIr + ports: + - 13378:80 + volumes: + - /volume1/docker/audiobookshelf:/config:rw + - /volume1/docker/audiobookshelf/metadata:/metadata:rw + - /volume1/data/docker/audiobookshelf/audiobooks:/audiobooks:rw + restart: on-failure:5 \ No newline at end of file diff --git a/Stacks/DS1-Main/gitea/compose.yaml b/Stacks/DS1-Main/gitea/compose.yaml new file mode 100644 index 0000000..dd0f27d --- /dev/null +++ b/Stacks/DS1-Main/gitea/compose.yaml @@ -0,0 +1,46 @@ +services: + db: + image: postgres:18 + container_name: Gitea-DB + hostname: gitea-db + security_opt: + - no-new-privileges:true + healthcheck: + test: ["CMD", "pg_isready", "-q", "-d", "gitea", "-U", "giteauser"] + timeout: 45s + interval: 10s + retries: 10 + volumes: + - /volume1/docker/gitea/db:/var/lib/postgresql:rw + environment: + - POSTGRES_DB=gitea + - POSTGRES_USER=giteauser + - POSTGRES_PASSWORD=giteapass + restart: on-failure:5 + + web: + image: gitea/gitea:latest + container_name: Gitea + hostname: gitea + security_opt: + - no-new-privileges:true + healthcheck: + test: wget --no-verbose --tries=1 --spider http://localhost:3000/ || exit 1 + ports: + - 3052:3000 + - 2222:22 + volumes: + - /volume1/docker/gitea/data:/data:rw + - /volume1/docker/gitea/data:/data/git/repositories:rw + - /etc/TZ:/etc/TZ:ro + - /etc/localtime:/etc/localtime:ro + environment: + - USER_UID=1026 + - USER_GID=100 + - GITEA__database__DB_TYPE=postgres + - GITEA__database__HOST=gitea-db:5432 + - GITEA__database__NAME=gitea + - GITEA__database__USER=giteauser + - GITEA__database__PASSWD=giteapass + - ROOT_URL=https://gitea.mschwab.net + restart: on-failure:5 \ No newline at end of file diff --git a/Stacks/DS1-Main/immich/compose.yaml b/Stacks/DS1-Main/immich/compose.yaml new file mode 100644 index 0000000..de75e09 --- /dev/null +++ b/Stacks/DS1-Main/immich/compose.yaml @@ -0,0 +1,76 @@ +# +# WARNING: To install Immich, follow our guide: https://docs.immich.app/install/docker-compose +# +# Make sure to use the docker-compose.yml of the current release: +# +# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml +# +# The compose file on main may not be compatible with the latest release. + +name: immich + +services: + immich-server: + container_name: immich_server + image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} + # extends: + # file: hwaccel.transcoding.yml + # service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding + volumes: + # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file + - ${UPLOAD_LOCATION}:/data + - /etc/localtime:/etc/localtime:ro + env_file: + - stack.env + ports: + - '2283:2283' + depends_on: + - redis + - database + restart: always + healthcheck: + disable: false + + immich-machine-learning: + container_name: immich_machine_learning + # For hardware acceleration, add one of -[armnn, cuda, rocm, openvino, rknn] to the image tag. + # Example tag: ${IMMICH_VERSION:-release}-cuda + image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release} + # extends: # uncomment this section for hardware acceleration - see https://docs.immich.app/features/ml-hardware-acceleration + # file: hwaccel.ml.yml + # service: cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference - use the `-wsl` version for WSL2 where applicable + volumes: + - model-cache:/cache + env_file: + - stack.env + restart: always + healthcheck: + disable: false + + redis: + container_name: immich_redis + image: redis:8 + healthcheck: + test: redis-cli ping || exit 1 + restart: always + + database: + container_name: immich_postgres + image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:bcf63357191b76a916ae5eb93464d65c07511da41e3bf7a8416db519b40b1c23 + environment: + POSTGRES_PASSWORD: ${DB_PASSWORD} + POSTGRES_USER: ${DB_USERNAME} + POSTGRES_DB: ${DB_DATABASE_NAME} + POSTGRES_INITDB_ARGS: '--data-checksums' + # Uncomment the DB_STORAGE_TYPE: 'HDD' var if your database isn't stored on SSDs + # DB_STORAGE_TYPE: 'HDD' + volumes: + # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file + - ${DB_DATA_LOCATION}:/var/lib/postgresql/data + shm_size: 128mb + restart: always + healthcheck: + disable: false + +volumes: + model-cache: \ No newline at end of file diff --git a/Stacks/DS1-Main/immich/docker-compose.yml b/Stacks/DS1-Main/immich/docker-compose.yml new file mode 100644 index 0000000..de75e09 --- /dev/null +++ b/Stacks/DS1-Main/immich/docker-compose.yml @@ -0,0 +1,76 @@ +# +# WARNING: To install Immich, follow our guide: https://docs.immich.app/install/docker-compose +# +# Make sure to use the docker-compose.yml of the current release: +# +# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml +# +# The compose file on main may not be compatible with the latest release. + +name: immich + +services: + immich-server: + container_name: immich_server + image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} + # extends: + # file: hwaccel.transcoding.yml + # service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding + volumes: + # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file + - ${UPLOAD_LOCATION}:/data + - /etc/localtime:/etc/localtime:ro + env_file: + - stack.env + ports: + - '2283:2283' + depends_on: + - redis + - database + restart: always + healthcheck: + disable: false + + immich-machine-learning: + container_name: immich_machine_learning + # For hardware acceleration, add one of -[armnn, cuda, rocm, openvino, rknn] to the image tag. + # Example tag: ${IMMICH_VERSION:-release}-cuda + image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release} + # extends: # uncomment this section for hardware acceleration - see https://docs.immich.app/features/ml-hardware-acceleration + # file: hwaccel.ml.yml + # service: cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference - use the `-wsl` version for WSL2 where applicable + volumes: + - model-cache:/cache + env_file: + - stack.env + restart: always + healthcheck: + disable: false + + redis: + container_name: immich_redis + image: redis:8 + healthcheck: + test: redis-cli ping || exit 1 + restart: always + + database: + container_name: immich_postgres + image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:bcf63357191b76a916ae5eb93464d65c07511da41e3bf7a8416db519b40b1c23 + environment: + POSTGRES_PASSWORD: ${DB_PASSWORD} + POSTGRES_USER: ${DB_USERNAME} + POSTGRES_DB: ${DB_DATABASE_NAME} + POSTGRES_INITDB_ARGS: '--data-checksums' + # Uncomment the DB_STORAGE_TYPE: 'HDD' var if your database isn't stored on SSDs + # DB_STORAGE_TYPE: 'HDD' + volumes: + # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file + - ${DB_DATA_LOCATION}:/var/lib/postgresql/data + shm_size: 128mb + restart: always + healthcheck: + disable: false + +volumes: + model-cache: \ No newline at end of file diff --git a/Stacks/DS1-Main/immich/stack.env b/Stacks/DS1-Main/immich/stack.env new file mode 100644 index 0000000..ba4ac94 --- /dev/null +++ b/Stacks/DS1-Main/immich/stack.env @@ -0,0 +1,26 @@ +# You can find documentation for all the supported env variables at https://docs.immich.app/install/environment-variables + +# The location where your uploaded files are stored +UPLOAD_LOCATION=/volume1/data/docker/immich + +# The location where your database files are stored. Network shares are not supported for the database +DB_DATA_LOCATION=/volume1/docker/immich/db + +# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List +# TZ=Etc/UTC + +# The Immich version to use. You can pin this to a specific version like "v2.1.0" + +# Connection secret for postgres. You should change it to a random password +# Please use only the characters `A-Za-z0-9`, without special characters or spaces +DB_PASSWORD=postgres + +# The values below this line do not need to be changed +################################################################################### +DB_USERNAME=postgres +DB_DATABASE_NAME=immich + + +IMMICH_VERSION=release + +REDIS_HOSTNAME=immich_redis diff --git a/Stacks/DS1-Main/lemp/docker-compose.yml b/Stacks/DS1-Main/lemp/docker-compose.yml new file mode 100644 index 0000000..332d73d --- /dev/null +++ b/Stacks/DS1-Main/lemp/docker-compose.yml @@ -0,0 +1,17 @@ +services: + php: + image: serversideup/php:8.5-fpm-nginx + ports: + - "81:8080" + environment: + # Customize PHP with environment variables + PHP_OPCACHE_ENABLE: "1" + PHP_MEMORY_LIMIT: "512M" + + deploy: + resources: + limits: + memory: 512M + + volumes: + - /volume1/docker/lemp:/var/www/html \ No newline at end of file diff --git a/Stacks/DS1-Main/n8n/compose.yaml b/Stacks/DS1-Main/n8n/compose.yaml new file mode 100644 index 0000000..53e5581 --- /dev/null +++ b/Stacks/DS1-Main/n8n/compose.yaml @@ -0,0 +1,65 @@ +services: + db: + image: postgres:18 + container_name: n8n-DB + hostname: n8n-db + security_opt: + - no-new-privileges:true + healthcheck: + test: ["CMD", "pg_isready", "-q", "-d", "n8n", "-U", "n8nuser"] + timeout: 45s + interval: 10s + retries: 10 + volumes: + - /volume1/docker/n8n/db:/var/lib/postgresql:rw + environment: + TZ: Europe/Zurich + POSTGRES_DB: n8n + POSTGRES_USER: n8nuser + POSTGRES_PASSWORD: n8npass + restart: on-failure:5 + + n8n: + image: n8nio/n8n:latest + container_name: n8n + healthcheck: + test: ["CMD-SHELL", "nc -z 127.0.0.1 5678 || exit 1"] + interval: 10s + timeout: 5s + retries: 3 + start_period: 90s + hostname: n8n + user: 0:0 + security_opt: + - no-new-privileges:true + ports: + - 5678:5678 + volumes: + - /volume1/docker/n8n/data:/root/.n8n:rw + - /volume1/docker/n8n/files:/files:rw + environment: + N8N_HOST: n8n.mschwab.net + WEBHOOK_URL: https://n8n.mschwab.net + N8N_EDITOR_BASE_URL: https://n8n.mschwab.net + GENERIC_TIMEZONE: Europe/Zurich + TZ: Europe/Zurich + N8N_PORT: 5678 + N8N_PROXY_HOPS: 4 + N8N_ENCRYPTION_KEY: ZOmyQvEDgElilcPkqVxHZOZaBcckRXSBYPuyWGkULRHczUffyBZghUiZhYyfQYiE + N8N_PROTOCOL: https + NODE_ENV: production + N8N_DIAGNOSTICS_ENABLED: false + N8N_RUNNERS_ENABLED: true + N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS: true + N8N_RESTRICT_FILE_ACCESS_TO: /files + N8N_SECURE_COOKIE: true #or false if you want to use n8n without synology.me DDNS + DB_TYPE: postgresdb + DB_POSTGRESDB_DATABASE: n8n + DB_POSTGRESDB_HOST: n8n-db + DB_POSTGRESDB_PORT: 5432 + DB_POSTGRESDB_USER: n8nuser + DB_POSTGRESDB_PASSWORD: n8npass + restart: on-failure:5 + depends_on: + db: + condition: service_healthy \ No newline at end of file diff --git a/Stacks/DS1-Main/nextcloud/compose.yaml b/Stacks/DS1-Main/nextcloud/compose.yaml new file mode 100644 index 0000000..c230efd --- /dev/null +++ b/Stacks/DS1-Main/nextcloud/compose.yaml @@ -0,0 +1,41 @@ +version: "3.9" + +services: + db: + image: mariadb:11 + container_name: nextcloud-db + restart: unless-stopped + command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW + volumes: + - /volume1/docker/nextcloud/db:/var/lib/mysql:rw + - /volume1/docker/nextcloud/db:/etc/mysql/conf.d:rw + environment: + - MYSQL_ROOT_PASSWORD=q3OLnO3x%lj7lyT + - MYSQL_PASSWORD=JYEGoDdcx27ZB7& + - MYSQL_DATABASE=nextcloud + - MYSQL_USER=nextcloud + + app: + image: nextcloud:latest + container_name: nextcloud-app + restart: unless-stopped + ports: + - "8080:80" + volumes: + - /volume1/docker/nextcloud/html:/var/www/html:rw + - /volume1/docker/nextcloud/config:/var/www/html/config:rw + - /volume1/data/docker/nextcloud/data:/var/www/html/data:rw + - /volume1/docker/paperlessngx/consume:/mnt/paperlessngx:rw + - /volume1/data/docker/immich/upload:/mnt/immich:rw + - /volume1/data/nextcloud/:/mnt/synology:rw + + environment: + - MYSQL_PASSWORD=JYEGoDdcx27ZB7& + - MYSQL_DATABASE=nextcloud + - MYSQL_USER=nextcloud + - MYSQL_HOST=db + - NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.mschwab.net + - OVERWRITEHOST=nextcloud.mschwab.net + - OVERWRITEPROTOCOL=https + depends_on: + - db \ No newline at end of file diff --git a/Stacks/DS1-Main/nginx/docker-compose.yml b/Stacks/DS1-Main/nginx/docker-compose.yml new file mode 100644 index 0000000..1a1590a --- /dev/null +++ b/Stacks/DS1-Main/nginx/docker-compose.yml @@ -0,0 +1,17 @@ +version: "3.8" + +services: + app: + image: nginx:alpine + ports: + - "8082:80" + environment: + - APP_ENV=${APP_ENV:-production} + volumes: + - ./html:/usr/share/nginx/html:ro + restart: unless-stopped + +# Add more services as needed +# networks: +# default: +# driver: bridge diff --git a/Stacks/DS1-Main/paperlessngx/compose.yaml b/Stacks/DS1-Main/paperlessngx/compose.yaml new file mode 100644 index 0000000..6cb67ff --- /dev/null +++ b/Stacks/DS1-Main/paperlessngx/compose.yaml @@ -0,0 +1,120 @@ +services: + redis: + image: redis:8 + command: + - /bin/sh + - -c + - redis-server --requirepass redispass + container_name: PaperlessNGX-REDIS + hostname: paper-redis + security_opt: + - no-new-privileges:true + read_only: true + user: 1026:100 + healthcheck: + test: ["CMD-SHELL", "redis-cli ping || exit 1"] + volumes: + - /volume1/docker/paperlessngx/redis:/data:rw + environment: + TZ: Europe/Zurich + restart: on-failure:5 + + db: + image: postgres:18 + container_name: PaperlessNGX-DB + hostname: paper-db + security_opt: + - no-new-privileges:true + healthcheck: + test: ["CMD", "pg_isready", "-q", "-d", "paperless", "-U", "paperlessuser"] + timeout: 45s + interval: 10s + retries: 10 + volumes: + - /volume1/docker/paperlessngx/db:/var/lib/postgresql:rw + environment: + POSTGRES_DB: paperless + POSTGRES_USER: paperlessuser + POSTGRES_PASSWORD: paperlesspass + restart: on-failure:5 + + paperless: + image: ghcr.io/paperless-ngx/paperless-ngx:latest + container_name: PaperlessNGX + hostname: paperless-ngx + security_opt: + - no-new-privileges:true + healthcheck: + test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8000"] + interval: 30s + timeout: 10s + retries: 5 + ports: + - 8777:8000 + volumes: + - /volume1/data/docker/paperlessngx/data:/usr/src/paperless/data:rw + - /volume1/data/docker/paperlessngx/media:/usr/src/paperless/media:rw + - /volume1/docker/paperlessngx/export:/usr/src/paperless/export:rw + - /volume1/docker/paperlessngx/consume:/usr/src/paperless/consume:rw + - /volume1/docker/paperlessngx/trash:/usr/src/paperless/trash:rw + environment: + PAPERLESS_REDIS: redis://:redispass@paper-redis:6379 + PAPERLESS_DBENGINE: postgresql + PAPERLESS_DBHOST: paper-db + PAPERLESS_DBNAME: paperless + PAPERLESS_DBUSER: paperlessuser + PAPERLESS_DBPASS: paperlesspass + PAPERLESS_EMPTY_TRASH_DIR: ../trash + PAPERLESS_FILENAME_FORMAT: '{{ created_year }}/{{ correspondent }}/{{ document_type }}/{{ title }}' + PAPERLESS_OCR_ROTATE_PAGES_THRESHOLD: 6 + PAPERLESS_TASK_WORKERS: 1 + USERMAP_UID: 1026 + USERMAP_GID: 100 + PAPERLESS_TIME_ZONE: Europe/Zurich + PAPERLESS_SECRET_KEY: pbasJHwKYTKIYOIBABKyEmKHvjSCrStEVUcRvPOcbJrrJddgrlbKQiSrUAOxZztO + PAPERLESS_ADMIN_USER: michael + PAPERLESS_ADMIN_PASSWORD: schwa-mi4Paperless + PAPERLESS_URL: https://paperngx.mschwab.net + PAPERLESS_CSRF_TRUSTED_ORIGINS: https://paperngx.mschwab.net + PAPERLESS_OCR_LANGUAGE: deu+eng + PAPERLESS_CONSUMER_RECURSIVE: true + PAPERLESS_CONSUMER_SUBDIRS_AS_TAGS: true + PAPERLESS_TIKA_ENABLED: 1 + PAPERLESS_TIKA_GOTENBERG_ENDPOINT: http://gotenberg:3000 + PAPERLESS_TIKA_ENDPOINT: http://tika:9998 + restart: on-failure:5 + depends_on: + db: + condition: service_healthy + redis: + condition: service_healthy + tika: + condition: service_started + gotenberg: + condition: service_started + + gotenberg: + image: docker.io/gotenberg/gotenberg:7.10 + container_name: PaperlessNGX-GOTENBERG + hostname: gotenberg + security_opt: + - no-new-privileges:true + user: 1026:100 + command: + - "gotenberg" + - "--chromium-disable-javascript=true" + - "--chromium-allow-list=file:///tmp/.*" + restart: on-failure:5 + healthcheck: + disable: false + + tika: + image: docker.io/apache/tika:latest + container_name: PaperlessNGX-TIKA + hostname: tika + security_opt: + - no-new-privileges:true + user: 1026:100 + restart: on-failure:5 + healthcheck: + disable: false diff --git a/Stacks/DS1-Main/paperlessngx/docker-compose.yml b/Stacks/DS1-Main/paperlessngx/docker-compose.yml new file mode 100644 index 0000000..6cb67ff --- /dev/null +++ b/Stacks/DS1-Main/paperlessngx/docker-compose.yml @@ -0,0 +1,120 @@ +services: + redis: + image: redis:8 + command: + - /bin/sh + - -c + - redis-server --requirepass redispass + container_name: PaperlessNGX-REDIS + hostname: paper-redis + security_opt: + - no-new-privileges:true + read_only: true + user: 1026:100 + healthcheck: + test: ["CMD-SHELL", "redis-cli ping || exit 1"] + volumes: + - /volume1/docker/paperlessngx/redis:/data:rw + environment: + TZ: Europe/Zurich + restart: on-failure:5 + + db: + image: postgres:18 + container_name: PaperlessNGX-DB + hostname: paper-db + security_opt: + - no-new-privileges:true + healthcheck: + test: ["CMD", "pg_isready", "-q", "-d", "paperless", "-U", "paperlessuser"] + timeout: 45s + interval: 10s + retries: 10 + volumes: + - /volume1/docker/paperlessngx/db:/var/lib/postgresql:rw + environment: + POSTGRES_DB: paperless + POSTGRES_USER: paperlessuser + POSTGRES_PASSWORD: paperlesspass + restart: on-failure:5 + + paperless: + image: ghcr.io/paperless-ngx/paperless-ngx:latest + container_name: PaperlessNGX + hostname: paperless-ngx + security_opt: + - no-new-privileges:true + healthcheck: + test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8000"] + interval: 30s + timeout: 10s + retries: 5 + ports: + - 8777:8000 + volumes: + - /volume1/data/docker/paperlessngx/data:/usr/src/paperless/data:rw + - /volume1/data/docker/paperlessngx/media:/usr/src/paperless/media:rw + - /volume1/docker/paperlessngx/export:/usr/src/paperless/export:rw + - /volume1/docker/paperlessngx/consume:/usr/src/paperless/consume:rw + - /volume1/docker/paperlessngx/trash:/usr/src/paperless/trash:rw + environment: + PAPERLESS_REDIS: redis://:redispass@paper-redis:6379 + PAPERLESS_DBENGINE: postgresql + PAPERLESS_DBHOST: paper-db + PAPERLESS_DBNAME: paperless + PAPERLESS_DBUSER: paperlessuser + PAPERLESS_DBPASS: paperlesspass + PAPERLESS_EMPTY_TRASH_DIR: ../trash + PAPERLESS_FILENAME_FORMAT: '{{ created_year }}/{{ correspondent }}/{{ document_type }}/{{ title }}' + PAPERLESS_OCR_ROTATE_PAGES_THRESHOLD: 6 + PAPERLESS_TASK_WORKERS: 1 + USERMAP_UID: 1026 + USERMAP_GID: 100 + PAPERLESS_TIME_ZONE: Europe/Zurich + PAPERLESS_SECRET_KEY: pbasJHwKYTKIYOIBABKyEmKHvjSCrStEVUcRvPOcbJrrJddgrlbKQiSrUAOxZztO + PAPERLESS_ADMIN_USER: michael + PAPERLESS_ADMIN_PASSWORD: schwa-mi4Paperless + PAPERLESS_URL: https://paperngx.mschwab.net + PAPERLESS_CSRF_TRUSTED_ORIGINS: https://paperngx.mschwab.net + PAPERLESS_OCR_LANGUAGE: deu+eng + PAPERLESS_CONSUMER_RECURSIVE: true + PAPERLESS_CONSUMER_SUBDIRS_AS_TAGS: true + PAPERLESS_TIKA_ENABLED: 1 + PAPERLESS_TIKA_GOTENBERG_ENDPOINT: http://gotenberg:3000 + PAPERLESS_TIKA_ENDPOINT: http://tika:9998 + restart: on-failure:5 + depends_on: + db: + condition: service_healthy + redis: + condition: service_healthy + tika: + condition: service_started + gotenberg: + condition: service_started + + gotenberg: + image: docker.io/gotenberg/gotenberg:7.10 + container_name: PaperlessNGX-GOTENBERG + hostname: gotenberg + security_opt: + - no-new-privileges:true + user: 1026:100 + command: + - "gotenberg" + - "--chromium-disable-javascript=true" + - "--chromium-allow-list=file:///tmp/.*" + restart: on-failure:5 + healthcheck: + disable: false + + tika: + image: docker.io/apache/tika:latest + container_name: PaperlessNGX-TIKA + hostname: tika + security_opt: + - no-new-privileges:true + user: 1026:100 + restart: on-failure:5 + healthcheck: + disable: false diff --git a/Stacks/DS1-Main/snippet-box/compose.yaml b/Stacks/DS1-Main/snippet-box/compose.yaml new file mode 100644 index 0000000..75887a9 --- /dev/null +++ b/Stacks/DS1-Main/snippet-box/compose.yaml @@ -0,0 +1,9 @@ +services: + snippet-box: + image: pawelmalak/snippet-box:latest + container_name: snippet-box + volumes: + - /volume1/docker/snippetbox/data:/app/data + ports: + - 5212:5000 + restart: unless-stopped \ No newline at end of file diff --git a/Stacks/DS1-Main/vaultwarden/compose.yaml b/Stacks/DS1-Main/vaultwarden/compose.yaml new file mode 100644 index 0000000..7f5f821 --- /dev/null +++ b/Stacks/DS1-Main/vaultwarden/compose.yaml @@ -0,0 +1,47 @@ +services: + db: + image: postgres:17 + container_name: Vaultwarden-DB + hostname: vaultwarden-db + security_opt: + - no-new-privileges:true + healthcheck: + test: ["CMD", "pg_isready", "-q", "-d", "vaultwarden", "-U", "vaultwardenuser"] + timeout: 45s + interval: 10s + retries: 10 + volumes: + - /volume1/docker/vaultwarden/db:/var/lib/postgresql/data:rw + environment: + POSTGRES_DB: vaultwarden + POSTGRES_USER: vaultwardenuser + POSTGRES_PASSWORD: vaultwardenpass + restart: on-failure:5 + + vaultwarden: + image: vaultwarden/server:latest + container_name: Vaultwarden + hostname: vaultwarden + security_opt: + - no-new-privileges:true + user: 1026:100 + ports: + - 4080:4020 + volumes: + - /volume1/docker/vaultwarden/data:/data:rw + environment: + ROCKET_PORT: 4020 + DATABASE_URL: postgresql://vaultwardenuser:vaultwardenpass@vaultwarden-db:5432/vaultwarden + ADMIN_TOKEN: schwa-mi@VaultWarden + DISABLE_ADMIN_TOKEN: false + DOMAIN: https://vaultwarden.mschwab.net + SMTP_HOST: smtp.gmail.com + SMTP_FROM: michael.schwab82@gmail.com + SMTP_PORT: 587 + SMTP_SECURITY: starttls + SMTP_USERNAME: michael.schwab82@gmail.com + SMTP_PASSWORD: jaiauojwzxxjiwgz + restart: on-failure:5 + depends_on: + db: + condition: service_started \ No newline at end of file diff --git a/Stacks/DS1-Main/vaultwarden/docker-compose.yml b/Stacks/DS1-Main/vaultwarden/docker-compose.yml new file mode 100644 index 0000000..7f5f821 --- /dev/null +++ b/Stacks/DS1-Main/vaultwarden/docker-compose.yml @@ -0,0 +1,47 @@ +services: + db: + image: postgres:17 + container_name: Vaultwarden-DB + hostname: vaultwarden-db + security_opt: + - no-new-privileges:true + healthcheck: + test: ["CMD", "pg_isready", "-q", "-d", "vaultwarden", "-U", "vaultwardenuser"] + timeout: 45s + interval: 10s + retries: 10 + volumes: + - /volume1/docker/vaultwarden/db:/var/lib/postgresql/data:rw + environment: + POSTGRES_DB: vaultwarden + POSTGRES_USER: vaultwardenuser + POSTGRES_PASSWORD: vaultwardenpass + restart: on-failure:5 + + vaultwarden: + image: vaultwarden/server:latest + container_name: Vaultwarden + hostname: vaultwarden + security_opt: + - no-new-privileges:true + user: 1026:100 + ports: + - 4080:4020 + volumes: + - /volume1/docker/vaultwarden/data:/data:rw + environment: + ROCKET_PORT: 4020 + DATABASE_URL: postgresql://vaultwardenuser:vaultwardenpass@vaultwarden-db:5432/vaultwarden + ADMIN_TOKEN: schwa-mi@VaultWarden + DISABLE_ADMIN_TOKEN: false + DOMAIN: https://vaultwarden.mschwab.net + SMTP_HOST: smtp.gmail.com + SMTP_FROM: michael.schwab82@gmail.com + SMTP_PORT: 587 + SMTP_SECURITY: starttls + SMTP_USERNAME: michael.schwab82@gmail.com + SMTP_PASSWORD: jaiauojwzxxjiwgz + restart: on-failure:5 + depends_on: + db: + condition: service_started \ No newline at end of file diff --git a/Stacks/DS1-Main/vscode/compose.yaml b/Stacks/DS1-Main/vscode/compose.yaml new file mode 100644 index 0000000..4a20839 --- /dev/null +++ b/Stacks/DS1-Main/vscode/compose.yaml @@ -0,0 +1,19 @@ +services: + wallos: + container_name: vscode + image: ghcr.io/linuxserver/code-server + + mem_limit: 4g + cpu_shares: 768 + + restart: on-failure:5 + ports: + - 8377:8443 + volumes: + - /volume1/docker/vscode:/config + - /volume1/data/docker/vscode/workspace:/home/workspace + environment: + TZ: Europe/Zurich + PASSWORD: schwa-mi4Vscode + PROXY_DOMAIN: vscode.mschwab.net + SUDO_PASSWORD: schwa-mi4Vscode \ No newline at end of file diff --git a/Stacks/DS1-Main/wallos/docker-compose.yml b/Stacks/DS1-Main/wallos/docker-compose.yml new file mode 100644 index 0000000..01754ff --- /dev/null +++ b/Stacks/DS1-Main/wallos/docker-compose.yml @@ -0,0 +1,18 @@ +services: + wallos: + container_name: Wallos + image: bellamy/wallos:latest + healthcheck: + test: curl -f http://localhost:80/ || exit 1 + mem_limit: 4g + cpu_shares: 768 + security_opt: + - no-new-privileges:true + restart: on-failure:5 + ports: + - 8353:80/tcp + volumes: + - /volume1/docker/wallos/images:/var/www/html/images/uploads/logos:rw + - /volume1/docker/wallos/db:/var/www/html/db:rw + environment: + TZ: Europe/Zurich \ No newline at end of file diff --git a/Stacks/DS1-Main/web-check/compose.yaml b/Stacks/DS1-Main/web-check/compose.yaml new file mode 100644 index 0000000..f05032f --- /dev/null +++ b/Stacks/DS1-Main/web-check/compose.yaml @@ -0,0 +1,11 @@ +services: + webcheck: + container_name: Web-Check + image: lissy93/web-check + mem_limit: 4g + cpu_shares: 768 + security_opt: + - no-new-privileges:true + restart: on-failure:5 + ports: + - 6160:3000 \ No newline at end of file