michael/docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Stacks from Dockhand

Browse Source
This commit is contained in:
Michael
2026-03-14 00:32:13 +01:00
parent 2d7608598c
commit c4005e0e4e
17 changed files with 778 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
Stacks/DS1-Main/audiobookshelf/compose.yaml Normal file
View File

@@ -0,0 +1,23 @@
services:
audiobookshelf:
container_name: Audiobookshelf
image: advplyr/audiobookshelf
security_opt:
- no-new-privileges:true
healthcheck:
test: ["CMD-SHELL", "nc -z 127.0.0.1 80 || exit 1"]
interval: 10s
timeout: 5s
retries: 3
start_period: 90s
mem_limit: 4g
cpu_shares: 768
environment:
JWT_SECRET_KEY: dOxZYTTZgXKMHkqLBIQVImayQXAVWdzGBPuFJKggzcgvgPJPXpWzqzKaUOIOGGIr
ports:
- 13378:80
volumes:
- /volume1/docker/audiobookshelf:/config:rw
- /volume1/docker/audiobookshelf/metadata:/metadata:rw
- /volume1/data/docker/audiobookshelf/audiobooks:/audiobooks:rw
restart: on-failure:5

46
Stacks/DS1-Main/gitea/compose.yaml Normal file
View File

@@ -0,0 +1,46 @@
services:
db:
image: postgres:18
container_name: Gitea-DB
hostname: gitea-db
security_opt:
- no-new-privileges:true
healthcheck:
test: ["CMD", "pg_isready", "-q", "-d", "gitea", "-U", "giteauser"]
timeout: 45s
interval: 10s
retries: 10
volumes:
- /volume1/docker/gitea/db:/var/lib/postgresql:rw
environment:
- POSTGRES_DB=gitea
- POSTGRES_USER=giteauser
- POSTGRES_PASSWORD=giteapass
restart: on-failure:5
web:
image: gitea/gitea:latest
container_name: Gitea
hostname: gitea
security_opt:
- no-new-privileges:true
healthcheck:
test: wget --no-verbose --tries=1 --spider http://localhost:3000/ || exit 1
ports:
- 3052:3000
- 2222:22
volumes:
- /volume1/docker/gitea/data:/data:rw
- /volume1/docker/gitea/data:/data/git/repositories:rw
- /etc/TZ:/etc/TZ:ro
- /etc/localtime:/etc/localtime:ro
environment:
- USER_UID=1026
- USER_GID=100
- GITEA__database__DB_TYPE=postgres
- GITEA__database__HOST=gitea-db:5432
- GITEA__database__NAME=gitea
- GITEA__database__USER=giteauser
- GITEA__database__PASSWD=giteapass
- ROOT_URL=https://gitea.mschwab.net
restart: on-failure:5

76
Stacks/DS1-Main/immich/compose.yaml Normal file
View File

@@ -0,0 +1,76 @@
#
# WARNING: To install Immich, follow our guide: https://docs.immich.app/install/docker-compose
#
# Make sure to use the docker-compose.yml of the current release:
#
# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
#
# The compose file on main may not be compatible with the latest release.
name: immich
services:
immich-server:
container_name: immich_server
image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
# extends:
# file: hwaccel.transcoding.yml
# service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
volumes:
# Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
- ${UPLOAD_LOCATION}:/data
- /etc/localtime:/etc/localtime:ro
env_file:
- stack.env
ports:
- '2283:2283'
depends_on:
- redis
- database
restart: always
healthcheck:
disable: false
immich-machine-learning:
container_name: immich_machine_learning
# For hardware acceleration, add one of -[armnn, cuda, rocm, openvino, rknn] to the image tag.
# Example tag: ${IMMICH_VERSION:-release}-cuda
image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
# extends: # uncomment this section for hardware acceleration - see https://docs.immich.app/features/ml-hardware-acceleration
# file: hwaccel.ml.yml
# service: cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference - use the `-wsl` version for WSL2 where applicable
volumes:
- model-cache:/cache
env_file:
- stack.env
restart: always
healthcheck:
disable: false
redis:
container_name: immich_redis
image: redis:8
healthcheck:
test: redis-cli ping || exit 1
restart: always
database:
container_name: immich_postgres
image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:bcf63357191b76a916ae5eb93464d65c07511da41e3bf7a8416db519b40b1c23
environment:
POSTGRES_PASSWORD: ${DB_PASSWORD}
POSTGRES_USER: ${DB_USERNAME}
POSTGRES_DB: ${DB_DATABASE_NAME}
POSTGRES_INITDB_ARGS: '--data-checksums'
# Uncomment the DB_STORAGE_TYPE: 'HDD' var if your database isn't stored on SSDs
# DB_STORAGE_TYPE: 'HDD'
volumes:
# Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
- ${DB_DATA_LOCATION}:/var/lib/postgresql/data
shm_size: 128mb
restart: always
healthcheck:
disable: false
volumes:
model-cache:

76
Stacks/DS1-Main/immich/docker-compose.yml Normal file
View File

@@ -0,0 +1,76 @@
#
# WARNING: To install Immich, follow our guide: https://docs.immich.app/install/docker-compose
#
# Make sure to use the docker-compose.yml of the current release:
#
# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
#
# The compose file on main may not be compatible with the latest release.
name: immich
services:
immich-server:
container_name: immich_server
image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
# extends:
# file: hwaccel.transcoding.yml
# service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
volumes:
# Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
- ${UPLOAD_LOCATION}:/data
- /etc/localtime:/etc/localtime:ro
env_file:
- stack.env
ports:
- '2283:2283'
depends_on:
- redis
- database
restart: always
healthcheck:
disable: false
immich-machine-learning:
container_name: immich_machine_learning
# For hardware acceleration, add one of -[armnn, cuda, rocm, openvino, rknn] to the image tag.
# Example tag: ${IMMICH_VERSION:-release}-cuda
image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
# extends: # uncomment this section for hardware acceleration - see https://docs.immich.app/features/ml-hardware-acceleration
# file: hwaccel.ml.yml
# service: cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference - use the `-wsl` version for WSL2 where applicable
volumes:
- model-cache:/cache
env_file:
- stack.env
restart: always
healthcheck:
disable: false
redis:
container_name: immich_redis
image: redis:8
healthcheck:
test: redis-cli ping || exit 1
restart: always
database:
container_name: immich_postgres
image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:bcf63357191b76a916ae5eb93464d65c07511da41e3bf7a8416db519b40b1c23
environment:
POSTGRES_PASSWORD: ${DB_PASSWORD}
POSTGRES_USER: ${DB_USERNAME}
POSTGRES_DB: ${DB_DATABASE_NAME}
POSTGRES_INITDB_ARGS: '--data-checksums'
# Uncomment the DB_STORAGE_TYPE: 'HDD' var if your database isn't stored on SSDs
# DB_STORAGE_TYPE: 'HDD'
volumes:
# Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
- ${DB_DATA_LOCATION}:/var/lib/postgresql/data
shm_size: 128mb
restart: always
healthcheck:
disable: false
volumes:
model-cache:

26
Stacks/DS1-Main/immich/stack.env Normal file
View File

@@ -0,0 +1,26 @@
# You can find documentation for all the supported env variables at https://docs.immich.app/install/environment-variables
# The location where your uploaded files are stored
UPLOAD_LOCATION=/volume1/data/docker/immich
# The location where your database files are stored. Network shares are not supported for the database
DB_DATA_LOCATION=/volume1/docker/immich/db
# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
# TZ=Etc/UTC
# The Immich version to use. You can pin this to a specific version like "v2.1.0"
# Connection secret for postgres. You should change it to a random password
# Please use only the characters `A-Za-z0-9`, without special characters or spaces
DB_PASSWORD=postgres
# The values below this line do not need to be changed
###################################################################################
DB_USERNAME=postgres
DB_DATABASE_NAME=immich
IMMICH_VERSION=release
REDIS_HOSTNAME=immich_redis

17
Stacks/DS1-Main/lemp/docker-compose.yml Normal file
View File

@@ -0,0 +1,17 @@
services:
php:
image: serversideup/php:8.5-fpm-nginx
ports:
- "81:8080"
environment:
# Customize PHP with environment variables
PHP_OPCACHE_ENABLE: "1"
PHP_MEMORY_LIMIT: "512M"
deploy:
resources:
limits:
memory: 512M
volumes:
- /volume1/docker/lemp:/var/www/html

65
Stacks/DS1-Main/n8n/compose.yaml Normal file
View File

@@ -0,0 +1,65 @@
services:
db:
image: postgres:18
container_name: n8n-DB
hostname: n8n-db
security_opt:
- no-new-privileges:true
healthcheck:
test: ["CMD", "pg_isready", "-q", "-d", "n8n", "-U", "n8nuser"]
timeout: 45s
interval: 10s
retries: 10
volumes:
- /volume1/docker/n8n/db:/var/lib/postgresql:rw
environment:
TZ: Europe/Zurich
POSTGRES_DB: n8n
POSTGRES_USER: n8nuser
POSTGRES_PASSWORD: n8npass
restart: on-failure:5
n8n:
image: n8nio/n8n:latest
container_name: n8n
healthcheck:
test: ["CMD-SHELL", "nc -z 127.0.0.1 5678 || exit 1"]
interval: 10s
timeout: 5s
retries: 3
start_period: 90s
hostname: n8n
user: 0:0
security_opt:
- no-new-privileges:true
ports:
- 5678:5678
volumes:
- /volume1/docker/n8n/data:/root/.n8n:rw
- /volume1/docker/n8n/files:/files:rw
environment:
N8N_HOST: n8n.mschwab.net
WEBHOOK_URL: https://n8n.mschwab.net
N8N_EDITOR_BASE_URL: https://n8n.mschwab.net
GENERIC_TIMEZONE: Europe/Zurich
TZ: Europe/Zurich
N8N_PORT: 5678
N8N_PROXY_HOPS: 4
N8N_ENCRYPTION_KEY: ZOmyQvEDgElilcPkqVxHZOZaBcckRXSBYPuyWGkULRHczUffyBZghUiZhYyfQYiE
N8N_PROTOCOL: https
NODE_ENV: production
N8N_DIAGNOSTICS_ENABLED: false
N8N_RUNNERS_ENABLED: true
N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS: true
N8N_RESTRICT_FILE_ACCESS_TO: /files
N8N_SECURE_COOKIE: true #or false if you want to use n8n without synology.me DDNS
DB_TYPE: postgresdb
DB_POSTGRESDB_DATABASE: n8n
DB_POSTGRESDB_HOST: n8n-db
DB_POSTGRESDB_PORT: 5432
DB_POSTGRESDB_USER: n8nuser
DB_POSTGRESDB_PASSWORD: n8npass
restart: on-failure:5
depends_on:
db:
condition: service_healthy

41
Stacks/DS1-Main/nextcloud/compose.yaml Normal file
View File

@@ -0,0 +1,41 @@
version: "3.9"
services:
db:
image: mariadb:11
container_name: nextcloud-db
restart: unless-stopped
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
volumes:
- /volume1/docker/nextcloud/db:/var/lib/mysql:rw
- /volume1/docker/nextcloud/db:/etc/mysql/conf.d:rw
environment:
- MYSQL_ROOT_PASSWORD=q3OLnO3x%lj7lyT
- MYSQL_PASSWORD=JYEGoDdcx27ZB7&
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
app:
image: nextcloud:latest
container_name: nextcloud-app
restart: unless-stopped
ports:
- "8080:80"
volumes:
- /volume1/docker/nextcloud/html:/var/www/html:rw
- /volume1/docker/nextcloud/config:/var/www/html/config:rw
- /volume1/data/docker/nextcloud/data:/var/www/html/data:rw
- /volume1/docker/paperlessngx/consume:/mnt/paperlessngx:rw
- /volume1/data/docker/immich/upload:/mnt/immich:rw
- /volume1/data/nextcloud/:/mnt/synology:rw
environment:
- MYSQL_PASSWORD=JYEGoDdcx27ZB7&
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_HOST=db
- NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.mschwab.net
- OVERWRITEHOST=nextcloud.mschwab.net
- OVERWRITEPROTOCOL=https
depends_on:
- db

17
Stacks/DS1-Main/nginx/docker-compose.yml Normal file
View File

@@ -0,0 +1,17 @@
version: "3.8"
services:
app:
image: nginx:alpine
ports:
- "8082:80"
environment:
- APP_ENV=${APP_ENV:-production}
volumes:
- ./html:/usr/share/nginx/html:ro
restart: unless-stopped
# Add more services as needed
# networks:
# default:
# driver: bridge

120
Stacks/DS1-Main/paperlessngx/compose.yaml Normal file
View File

@@ -0,0 +1,120 @@
services:
redis:
image: redis:8
command:
- /bin/sh
- -c
- redis-server --requirepass redispass
container_name: PaperlessNGX-REDIS
hostname: paper-redis
security_opt:
- no-new-privileges:true
read_only: true
user: 1026:100
healthcheck:
test: ["CMD-SHELL", "redis-cli ping || exit 1"]
volumes:
- /volume1/docker/paperlessngx/redis:/data:rw
environment:
TZ: Europe/Zurich
restart: on-failure:5
db:
image: postgres:18
container_name: PaperlessNGX-DB
hostname: paper-db
security_opt:
- no-new-privileges:true
healthcheck:
test: ["CMD", "pg_isready", "-q", "-d", "paperless", "-U", "paperlessuser"]
timeout: 45s
interval: 10s
retries: 10
volumes:
- /volume1/docker/paperlessngx/db:/var/lib/postgresql:rw
environment:
POSTGRES_DB: paperless
POSTGRES_USER: paperlessuser
POSTGRES_PASSWORD: paperlesspass
restart: on-failure:5
paperless:
image: ghcr.io/paperless-ngx/paperless-ngx:latest
container_name: PaperlessNGX
hostname: paperless-ngx
security_opt:
- no-new-privileges:true
healthcheck:
test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8000"]
interval: 30s
timeout: 10s
retries: 5
ports:
- 8777:8000
volumes:
- /volume1/data/docker/paperlessngx/data:/usr/src/paperless/data:rw
- /volume1/data/docker/paperlessngx/media:/usr/src/paperless/media:rw
- /volume1/docker/paperlessngx/export:/usr/src/paperless/export:rw
- /volume1/docker/paperlessngx/consume:/usr/src/paperless/consume:rw
- /volume1/docker/paperlessngx/trash:/usr/src/paperless/trash:rw
environment:
PAPERLESS_REDIS: redis://:redispass@paper-redis:6379
PAPERLESS_DBENGINE: postgresql
PAPERLESS_DBHOST: paper-db
PAPERLESS_DBNAME: paperless
PAPERLESS_DBUSER: paperlessuser
PAPERLESS_DBPASS: paperlesspass
PAPERLESS_EMPTY_TRASH_DIR: ../trash
PAPERLESS_FILENAME_FORMAT: '{{ created_year }}/{{ correspondent }}/{{ document_type }}/{{ title }}'
PAPERLESS_OCR_ROTATE_PAGES_THRESHOLD: 6
PAPERLESS_TASK_WORKERS: 1
USERMAP_UID: 1026
USERMAP_GID: 100
PAPERLESS_TIME_ZONE: Europe/Zurich
PAPERLESS_SECRET_KEY: pbasJHwKYTKIYOIBABKyEmKHvjSCrStEVUcRvPOcbJrrJddgrlbKQiSrUAOxZztO
PAPERLESS_ADMIN_USER: michael
PAPERLESS_ADMIN_PASSWORD: schwa-mi4Paperless
PAPERLESS_URL: https://paperngx.mschwab.net
PAPERLESS_CSRF_TRUSTED_ORIGINS: https://paperngx.mschwab.net
PAPERLESS_OCR_LANGUAGE: deu+eng
PAPERLESS_CONSUMER_RECURSIVE: true
PAPERLESS_CONSUMER_SUBDIRS_AS_TAGS: true
PAPERLESS_TIKA_ENABLED: 1
PAPERLESS_TIKA_GOTENBERG_ENDPOINT: http://gotenberg:3000
PAPERLESS_TIKA_ENDPOINT: http://tika:9998
restart: on-failure:5
depends_on:
db:
condition: service_healthy
redis:
condition: service_healthy
tika:
condition: service_started
gotenberg:
condition: service_started
gotenberg:
image: docker.io/gotenberg/gotenberg:7.10
container_name: PaperlessNGX-GOTENBERG
hostname: gotenberg
security_opt:
- no-new-privileges:true
user: 1026:100
command:
- "gotenberg"
- "--chromium-disable-javascript=true"
- "--chromium-allow-list=file:///tmp/.*"
restart: on-failure:5
healthcheck:
disable: false
tika:
image: docker.io/apache/tika:latest
container_name: PaperlessNGX-TIKA
hostname: tika
security_opt:
- no-new-privileges:true
user: 1026:100
restart: on-failure:5
healthcheck:
disable: false

120
Stacks/DS1-Main/paperlessngx/docker-compose.yml Normal file
View File

@@ -0,0 +1,120 @@
services:
redis:
image: redis:8
command:
- /bin/sh
- -c
- redis-server --requirepass redispass
container_name: PaperlessNGX-REDIS
hostname: paper-redis
security_opt:
- no-new-privileges:true
read_only: true
user: 1026:100
healthcheck:
test: ["CMD-SHELL", "redis-cli ping || exit 1"]
volumes:
- /volume1/docker/paperlessngx/redis:/data:rw
environment:
TZ: Europe/Zurich
restart: on-failure:5
db:
image: postgres:18
container_name: PaperlessNGX-DB
hostname: paper-db
security_opt:
- no-new-privileges:true
healthcheck:
test: ["CMD", "pg_isready", "-q", "-d", "paperless", "-U", "paperlessuser"]
timeout: 45s
interval: 10s
retries: 10
volumes:
- /volume1/docker/paperlessngx/db:/var/lib/postgresql:rw
environment:
POSTGRES_DB: paperless
POSTGRES_USER: paperlessuser
POSTGRES_PASSWORD: paperlesspass
restart: on-failure:5
paperless:
image: ghcr.io/paperless-ngx/paperless-ngx:latest
container_name: PaperlessNGX
hostname: paperless-ngx
security_opt:
- no-new-privileges:true
healthcheck:
test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8000"]
interval: 30s
timeout: 10s
retries: 5
ports:
- 8777:8000
volumes:
- /volume1/data/docker/paperlessngx/data:/usr/src/paperless/data:rw
- /volume1/data/docker/paperlessngx/media:/usr/src/paperless/media:rw
- /volume1/docker/paperlessngx/export:/usr/src/paperless/export:rw
- /volume1/docker/paperlessngx/consume:/usr/src/paperless/consume:rw
- /volume1/docker/paperlessngx/trash:/usr/src/paperless/trash:rw
environment:
PAPERLESS_REDIS: redis://:redispass@paper-redis:6379
PAPERLESS_DBENGINE: postgresql
PAPERLESS_DBHOST: paper-db
PAPERLESS_DBNAME: paperless
PAPERLESS_DBUSER: paperlessuser
PAPERLESS_DBPASS: paperlesspass
PAPERLESS_EMPTY_TRASH_DIR: ../trash
PAPERLESS_FILENAME_FORMAT: '{{ created_year }}/{{ correspondent }}/{{ document_type }}/{{ title }}'
PAPERLESS_OCR_ROTATE_PAGES_THRESHOLD: 6
PAPERLESS_TASK_WORKERS: 1
USERMAP_UID: 1026
USERMAP_GID: 100
PAPERLESS_TIME_ZONE: Europe/Zurich
PAPERLESS_SECRET_KEY: pbasJHwKYTKIYOIBABKyEmKHvjSCrStEVUcRvPOcbJrrJddgrlbKQiSrUAOxZztO
PAPERLESS_ADMIN_USER: michael
PAPERLESS_ADMIN_PASSWORD: schwa-mi4Paperless
PAPERLESS_URL: https://paperngx.mschwab.net
PAPERLESS_CSRF_TRUSTED_ORIGINS: https://paperngx.mschwab.net
PAPERLESS_OCR_LANGUAGE: deu+eng
PAPERLESS_CONSUMER_RECURSIVE: true
PAPERLESS_CONSUMER_SUBDIRS_AS_TAGS: true
PAPERLESS_TIKA_ENABLED: 1
PAPERLESS_TIKA_GOTENBERG_ENDPOINT: http://gotenberg:3000
PAPERLESS_TIKA_ENDPOINT: http://tika:9998
restart: on-failure:5
depends_on:
db:
condition: service_healthy
redis:
condition: service_healthy
tika:
condition: service_started
gotenberg:
condition: service_started
gotenberg:
image: docker.io/gotenberg/gotenberg:7.10
container_name: PaperlessNGX-GOTENBERG
hostname: gotenberg
security_opt:
- no-new-privileges:true
user: 1026:100
command:
- "gotenberg"
- "--chromium-disable-javascript=true"
- "--chromium-allow-list=file:///tmp/.*"
restart: on-failure:5
healthcheck:
disable: false
tika:
image: docker.io/apache/tika:latest
container_name: PaperlessNGX-TIKA
hostname: tika
security_opt:
- no-new-privileges:true
user: 1026:100
restart: on-failure:5
healthcheck:
disable: false

9
Stacks/DS1-Main/snippet-box/compose.yaml Normal file
View File

@@ -0,0 +1,9 @@
services:
snippet-box:
image: pawelmalak/snippet-box:latest
container_name: snippet-box
volumes:
- /volume1/docker/snippetbox/data:/app/data
ports:
- 5212:5000
restart: unless-stopped

47
Stacks/DS1-Main/vaultwarden/compose.yaml Normal file
View File

@@ -0,0 +1,47 @@
services:
db:
image: postgres:17
container_name: Vaultwarden-DB
hostname: vaultwarden-db
security_opt:
- no-new-privileges:true
healthcheck:
test: ["CMD", "pg_isready", "-q", "-d", "vaultwarden", "-U", "vaultwardenuser"]
timeout: 45s
interval: 10s
retries: 10
volumes:
- /volume1/docker/vaultwarden/db:/var/lib/postgresql/data:rw
environment:
POSTGRES_DB: vaultwarden
POSTGRES_USER: vaultwardenuser
POSTGRES_PASSWORD: vaultwardenpass
restart: on-failure:5
vaultwarden:
image: vaultwarden/server:latest
container_name: Vaultwarden
hostname: vaultwarden
security_opt:
- no-new-privileges:true
user: 1026:100
ports:
- 4080:4020
volumes:
- /volume1/docker/vaultwarden/data:/data:rw
environment:
ROCKET_PORT: 4020
DATABASE_URL: postgresql://vaultwardenuser:vaultwardenpass@vaultwarden-db:5432/vaultwarden
ADMIN_TOKEN: schwa-mi@VaultWarden
DISABLE_ADMIN_TOKEN: false
DOMAIN: https://vaultwarden.mschwab.net
SMTP_HOST: smtp.gmail.com
SMTP_FROM: michael.schwab82@gmail.com
SMTP_PORT: 587
SMTP_SECURITY: starttls
SMTP_USERNAME: michael.schwab82@gmail.com
SMTP_PASSWORD: jaiauojwzxxjiwgz
restart: on-failure:5
depends_on:
db:
condition: service_started

47
Stacks/DS1-Main/vaultwarden/docker-compose.yml Normal file
View File

@@ -0,0 +1,47 @@
services:
db:
image: postgres:17
container_name: Vaultwarden-DB
hostname: vaultwarden-db
security_opt:
- no-new-privileges:true
healthcheck:
test: ["CMD", "pg_isready", "-q", "-d", "vaultwarden", "-U", "vaultwardenuser"]
timeout: 45s
interval: 10s
retries: 10
volumes:
- /volume1/docker/vaultwarden/db:/var/lib/postgresql/data:rw
environment:
POSTGRES_DB: vaultwarden
POSTGRES_USER: vaultwardenuser
POSTGRES_PASSWORD: vaultwardenpass
restart: on-failure:5
vaultwarden:
image: vaultwarden/server:latest
container_name: Vaultwarden
hostname: vaultwarden
security_opt:
- no-new-privileges:true
user: 1026:100
ports:
- 4080:4020
volumes:
- /volume1/docker/vaultwarden/data:/data:rw
environment:
ROCKET_PORT: 4020
DATABASE_URL: postgresql://vaultwardenuser:vaultwardenpass@vaultwarden-db:5432/vaultwarden
ADMIN_TOKEN: schwa-mi@VaultWarden
DISABLE_ADMIN_TOKEN: false
DOMAIN: https://vaultwarden.mschwab.net
SMTP_HOST: smtp.gmail.com
SMTP_FROM: michael.schwab82@gmail.com
SMTP_PORT: 587
SMTP_SECURITY: starttls
SMTP_USERNAME: michael.schwab82@gmail.com
SMTP_PASSWORD: jaiauojwzxxjiwgz
restart: on-failure:5
depends_on:
db:
condition: service_started

19
Stacks/DS1-Main/vscode/compose.yaml Normal file
View File

@@ -0,0 +1,19 @@
services:
wallos:
container_name: vscode
image: ghcr.io/linuxserver/code-server
mem_limit: 4g
cpu_shares: 768
restart: on-failure:5
ports:
- 8377:8443
volumes:
- /volume1/docker/vscode:/config
- /volume1/data/docker/vscode/workspace:/home/workspace
environment:
TZ: Europe/Zurich
PASSWORD: schwa-mi4Vscode
PROXY_DOMAIN: vscode.mschwab.net
SUDO_PASSWORD: schwa-mi4Vscode

18
Stacks/DS1-Main/wallos/docker-compose.yml Normal file
View File

@@ -0,0 +1,18 @@
services:
wallos:
container_name: Wallos
image: bellamy/wallos:latest
healthcheck:
test: curl -f http://localhost:80/ || exit 1
mem_limit: 4g
cpu_shares: 768
security_opt:
- no-new-privileges:true
restart: on-failure:5
ports:
- 8353:80/tcp
volumes:
- /volume1/docker/wallos/images:/var/www/html/images/uploads/logos:rw
- /volume1/docker/wallos/db:/var/www/html/db:rw
environment:
TZ: Europe/Zurich

11
Stacks/DS1-Main/web-check/compose.yaml Normal file
View File

@@ -0,0 +1,11 @@
services:
webcheck:
container_name: Web-Check
image: lissy93/web-check
mem_limit: 4g
cpu_shares: 768
security_opt:
- no-new-privileges:true
restart: on-failure:5
ports:
- 6160:3000