commit dc4006f506f9324d97e044e5d7cd48db3ce2d4ce Author: Waylon S. Walker Date: Fri May 26 13:20:35 2023 -0500 init compose diff --git a/home-gallery/docker-compose.yml b/home-gallery/docker-compose.yml new file mode 100644 index 0000000..2151437 --- /dev/null +++ b/home-gallery/docker-compose.yml @@ -0,0 +1,62 @@ +version: "3.9" +services: + api: + # custom build via + #build: packages/api-server + image: xemle/home-gallery-api-server + container_name: home-gallery-api-server + restart: unless-stopped + security_opt: + - no-new-privileges:true + networks: + - proxy + environment: + # TensorflowJS backends + # - cpu: slowest and best support + # - wasm: good perfromance for arm64 and amd64 platforms + # - node: best performance on amd64 platform + #- BACKEND=cpu + # - BACKEND=wasm + - BACKEND=node + gallery: + # custom build via + #build: . + image: xemle/home-gallery + container_name: home-gallery + restart: unless-stopped + security_opt: + - no-new-privileges:true + networks: + - proxy + environment: + - GALLERY_API_SERVER=http://api:3000 + #- GALLERY_API_SERVER_CONCURRENT=1 # On low powered devices + #- GALLERY_API_SERVER_TIMEOUT=60 # On low powered devices + - GALLERY_OPEN_BROWSER=false + volumes: + - /etc/localtime:/etc/localtime:ro + - ${PWD}/home-gallery/data:/data + # Mount your media directories below /data + # - ${HOME}/Pictures:/data/Pictures + - /tank/home-gallery/:/data/Pictures + # ports: + # - "3000:3000" + entrypoint: ["node", "/app/gallery.js"] + command: ["run", "server"] + + labels: + - "traefik.enable=true" + - "traefik.http.routers.home-gallery.entrypoints=http" + - "traefik.http.routers.home-gallery.rule=Host(`home-gallery.${URL}`)" + - "traefik.http.middlewares.home-gallery-https-redirect.redirectscheme.scheme=https" + - "traefik.http.routers.home-gallery.middlewares=home-gallery-https-redirect" + - "traefik.http.routers.home-gallery-secure.entrypoints=https" + - "traefik.http.routers.home-gallery-secure.rule=Host(`home-gallery.local.waylonwalker.com`)" + - "traefik.http.routers.home-gallery-secure.tls=true" + - "traefik.http.routers.home-gallery-secure.service=home-gallery" + - "traefik.http.services.home-gallery.loadbalancer.server.port=3000" + - "traefik.docker.network=proxy" + +networks: + proxy: + external: true diff --git a/librespeed/docker-compose.yml b/librespeed/docker-compose.yml new file mode 100644 index 0000000..53293c4 --- /dev/null +++ b/librespeed/docker-compose.yml @@ -0,0 +1,41 @@ +version: "3.1" +services: + librespeed: + image: lscr.io/linuxserver/librespeed + container_name: librespeed + restart: unless-stopped + security_opt: + - no-new-privileges:true + networks: + - proxy + # environment: + # - PUID=1000 + # - PGID=1000 + # - PASSWORD=PASSWORD + # - CUSTOM_RESULTS=false #optional + # - DB_TYPE=sqlite #optional + # - DB_NAME=DB_NAME #optional + # - DB_HOSTNAME=DB_HOSTNAME #optional + # - DB_USERNAME=DB_USERNAME #optional + # - DB_PASSWORD=DB_PASSWORD #optional + # - DB_PORT=DB_PORT #optional + volumes: + - /etc/localtime:/etc/localtime:ro + - ${PWD}/data/librespeed/config:/config + + labels: + - "traefik.enable=true" + - "traefik.http.routers.librespeed.entrypoints=http" + - "traefik.http.routers.librespeed.rule=Host(`librespeed.${URL}`)" + - "traefik.http.middlewares.librespeed-https-redirect.redirectscheme.scheme=https" + - "traefik.http.routers.librespeed.middlewares=librespeed-https-redirect" + - "traefik.http.routers.librespeed-secure.entrypoints=https" + - "traefik.http.routers.librespeed-secure.rule=Host(`librespeed.local.waylonwalker.com`)" + - "traefik.http.routers.librespeed-secure.tls=true" + - "traefik.http.routers.librespeed-secure.service=librespeed" + - "traefik.http.services.librespeed.loadbalancer.server.port=80" + - "traefik.docker.network=proxy" + +networks: + proxy: + external: true diff --git a/netdata/docker-compose.yml b/netdata/docker-compose.yml new file mode 100644 index 0000000..8f9a0fb --- /dev/null +++ b/netdata/docker-compose.yml @@ -0,0 +1,36 @@ +version: "3" +services: + netdata: + image: netdata/netdata + container_name: netdata + # ports: + # - 19999:19999 + cap_add: + - SYS_PTRACE + networks: + - proxy + security_opt: + - apparmor:unconfined + volumes: + - /etc/passwd:/host/etc/passwd:ro + - /etc/os-release:/host/etc/os-release:ro + - /etc/group:/host/etc/group:ro + - /proc:/host/proc:ro + - /sys:/host/sys:ro + + labels: + - "traefik.enable=true" + - "traefik.http.routers.netdata.entrypoints=http" + - "traefik.http.routers.netdata.rule=Host(`netdata.${URL}`)" + - "traefik.http.middlewares.netdata-https-redirect.redirectscheme.scheme=https" + - "traefik.http.routers.netdata.middlewares=netdata-https-redirect" + - "traefik.http.routers.netdata-secure.entrypoints=https" + - "traefik.http.routers.netdata-secure.rule=Host(`netdata.local.waylonwalker.com`)" + - "traefik.http.routers.netdata-secure.tls=true" + - "traefik.http.routers.netdata-secure.service=netdata" + - "traefik.http.services.netdata.loadbalancer.server.port=19999" + - "traefik.docker.network=proxy" + +networks: + proxy: + external: true diff --git a/photoview/docker-compose.yml b/photoview/docker-compose.yml new file mode 100644 index 0000000..0fd5a6d --- /dev/null +++ b/photoview/docker-compose.yml @@ -0,0 +1,79 @@ +version: "3" + +services: + photoview-db: + image: mariadb:10.5 + container_name: photoview-db + restart: unless-stopped + security_opt: + - no-new-privileges:true + networks: + - proxy + environment: + - MYSQL_DATABASE=photoview + - MYSQL_USER=photoview + - MYSQL_PASSWORD=photosecret + - MYSQL_RANDOM_ROOT_PASSWORD=1 + volumes: + - /etc/localtime:/etc/localtime:ro + - db_data:/var/lib/mysql + + photoview: + image: viktorstrate/photoview:2 + container_name: photoview + restart: unless-stopped + security_opt: + - no-new-privileges:true + networks: + - proxy + # ports: + # - "8101:80" + depends_on: + - photoview-db + + environment: + - PHOTOVIEW_DATABASE_DRIVER=mysql + - PHOTOVIEW_MYSQL_URL=photoview:photosecret@tcp(photoview-db)/photoview + - PHOTOVIEW_LISTEN_IP=photoview + - PHOTOVIEW_LISTEN_PORT=80 + - PHOTOVIEW_MEDIA_CACHE=/app/cache + + # Optional: If you are using Samba/CIFS-Share and experience problems with "directory not found" + # Enable the following Godebug + # - GODEBUG=asyncpreemptoff=1 + + # Optional: To enable map related features, you need to create a mapbox token. + # A token can be generated for free here https://account.mapbox.com/access-tokens/ + # It's a good idea to limit the scope of the token to your own domain, to prevent others from using it. + # - MAPBOX_TOKEN= + + volumes: + - /etc/localtime:/etc/localtime:ro + - api_cache:/app/cache + + # Change This: to the directory where your photos are located on your server. + # If the photos are located at `/home/user/photos`, then change this value + # to the following: `/home/user/photos:/photos:ro`. + # You can mount multiple paths, if your photos are spread across multiple directories. + - /tank/syncthing/config:/photos:ro + + labels: + - "traefik.enable=true" + - "traefik.http.routers.photoview.entrypoints=http" + - "traefik.http.routers.photoview.rule=Host(`photoview.${URL}`)" + - "traefik.http.middlewares.photoview-https-redirect.redirectscheme.scheme=https" + - "traefik.http.routers.photoview.middlewares=photoview-https-redirect" + - "traefik.http.routers.photoview-secure.entrypoints=https" + - "traefik.http.routers.photoview-secure.rule=Host(`photoview.local.waylonwalker.com`)" + - "traefik.http.routers.photoview-secure.tls=true" + - "traefik.http.routers.photoview-secure.service=photoview" + - "traefik.http.services.photoview.loadbalancer.server.port=80" + - "traefik.docker.network=proxy" + +networks: + proxy: + external: true + +volumes: + db_data: + api_cache: diff --git a/pihole/docker-compose.yml b/pihole/docker-compose.yml new file mode 100644 index 0000000..ce7445d --- /dev/null +++ b/pihole/docker-compose.yml @@ -0,0 +1,71 @@ +version: "3" + +# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/ +services: + pihole: + image: pihole/pihole:latest + container_name: pihole + restart: unless-stopped + security_opt: + - no-new-privileges:true + networks: + - proxy + # Volumes store your data between container upgrades + volumes: + - /etc/localtime:/etc/localtime:ro + - ${PWD}/pihole/data/etc-pihole/:/etc/pihole/ + - ${PWD}/pihole/data/etc-dnsmasq.d/:/etc/dnsmasq.d/ + # ports: + # - "8080:80/tcp" + # - "53:53/tcp" + # - "53:53/udp" + # - "67:67/udp" + environment: + # TZ: "America/Chicago" + WEBPASSWORD: "${PIHOLE_PASSWORD}" + # Recommended but not required (DHCP needs NET_ADMIN) + # https://github.com/pi-hole/docker-pi-hole#note-on-capabilities + cap_add: + - NET_ADMIN + + labels: + - "traefik.enable=true" + - "traefik.http.routers.pihole.entrypoints=http" + - "traefik.http.routers.pihole.rule=Host(`pihole.${URL}`)" + - "traefik.http.middlewares.pihole-https-redirect.redirectscheme.scheme=https" + - "traefik.http.routers.pihole.middlewares=pihole-https-redirect" + - "traefik.http.routers.pihole-secure.entrypoints=https" + - "traefik.http.routers.pihole-secure.rule=Host(`pihole.${URL}`)" + - "traefik.http.routers.pihole-secure.tls=true" + - "traefik.http.routers.pihole-secure.service=pihole" + - "traefik.http.services.pihole.loadbalancer.server.port=80" + - "traefik.docker.network=proxy" + +networks: + proxy: + external: true +# +# version: "3" + +# # More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/ +# services: +# pihole: +# container_name: pihole +# image: pihole/pihole:latest +# # For DHCP it is recommended to remove these ports and instead add: network_mode: "host" +# ports: +# # - "53:53/tcp" +# # - "53:53/udp" +# # - "67:67/udp" # Only required if you are using Pi-hole as your DHCP server +# - "8080:80/tcp" +# environment: +# TZ: "America/Chicago" +# # WEBPASSWORD: 'set a secure password here or it will be random' +# # Volumes store your data between container upgrades +# volumes: +# - "./etc-pihole:/etc/pihole" +# - "./etc-dnsmasq.d:/etc/dnsmasq.d" +# # https://github.com/pi-hole/docker-pi-hole#note-on-capabilities +# cap_add: +# - NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed +# restart: unless-stopped diff --git a/portainer/docker-compose.yml b/portainer/docker-compose.yml new file mode 100644 index 0000000..6d36f18 --- /dev/null +++ b/portainer/docker-compose.yml @@ -0,0 +1,31 @@ +version: "3" + +services: + portainer: + image: portainer/portainer-ce + container_name: portainer + restart: unless-stopped + security_opt: + - no-new-privileges:true + networks: + - proxy + volumes: + - /etc/localtime:/etc/localtime:ro + - /var/run/docker.sock:/var/run/docker.sock:ro + - ${PWD}/portainer/data:/data + labels: + - "traefik.enable=true" + - "traefik.http.routers.portainer.entrypoints=http" + - "traefik.http.routers.portainer.rule=Host(`portainer.${URL}`)" + - "traefik.http.middlewares.portainer-https-redirect.redirectscheme.scheme=https" + - "traefik.http.routers.portainer.middlewares=portainer-https-redirect" + - "traefik.http.routers.portainer-secure.entrypoints=https" + - "traefik.http.routers.portainer-secure.rule=Host(`portainer.local.waylonwalker.com`)" + - "traefik.http.routers.portainer-secure.tls=true" + - "traefik.http.routers.portainer-secure.service=portainer" + - "traefik.http.services.portainer.loadbalancer.server.port=9000" + - "traefik.docker.network=proxy" + +networks: + proxy: + external: true diff --git a/shinobi/docker-compose.yml b/shinobi/docker-compose.yml new file mode 100644 index 0000000..9d2e901 --- /dev/null +++ b/shinobi/docker-compose.yml @@ -0,0 +1,39 @@ +version: "3" +services: + shinobi: + image: registry.gitlab.com/shinobi-systems/shinobi:dev + container_name: Shinobi + restart: unless-stopped + security_opt: + - no-new-privileges:true + networks: + - proxy + environment: + - PLUGIN_KEYS={} + - SSL_ENABLED=false + volumes: + - /etc/localtime:/etc/localtime:ro + - ${PWD}/data/config:/config + - ${PWD}/data/customAutoLoad:/home/Shinobi/libs/customAutoLoad + - ${PWD}/data/database:/var/lib/mysql + - ${PWD}/data/videos:/home/Shinobi/videos + - ${PWD}/data/plugins:/home/Shinobi/plugins + - /dev/shm/Shinobi/streams:/dev/shm/streams + # ports: + # - 8102:8080 + labels: + - "traefik.enable=true" + - "traefik.http.routers.shinobi.entrypoints=http" + - "traefik.http.routers.shinobi.rule=Host(`shinobi.${URL}`)" + - "traefik.http.middlewares.shinobi-https-redirect.redirectscheme.scheme=https" + - "traefik.http.routers.shinobi.middlewares=shinobi-https-redirect" + - "traefik.http.routers.shinobi-secure.entrypoints=https" + - "traefik.http.routers.shinobi-secure.rule=Host(`shinobi.local.waylonwalker.com`)" + - "traefik.http.routers.shinobi-secure.tls=true" + - "traefik.http.routers.shinobi-secure.service=shinobi" + - "traefik.http.services.shinobi.loadbalancer.server.port=8080" + - "traefik.docker.network=proxy" + +networks: + proxy: + external: true diff --git a/syncthing/docker-compose.yml b/syncthing/docker-compose.yml new file mode 100644 index 0000000..45c4bc0 --- /dev/null +++ b/syncthing/docker-compose.yml @@ -0,0 +1,39 @@ +version: "3.1" + +services: + syncthing: + image: ghcr.io/linuxserver/syncthing + container_name: syncthing + restart: unless-stopped + security_opt: + - no-new-privileges:true + networks: + - proxy + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/Chicago + volumes: + - /etc/localtime:/etc/localtime:ro + - /tank/syncthing/config:/config + - /tank/syncthing:/data + # ports: + # - 8384:8384 + # - 22000:22000 + # - 21027:21027/udp + labels: + - "traefik.enable=true" + - "traefik.http.routers.syncthing.entrypoints=http" + - "traefik.http.routers.syncthing.rule=Host(`syncthing.${URL}`)" + - "traefik.http.middlewares.syncthing-https-redirect.redirectscheme.scheme=https" + - "traefik.http.routers.syncthing.middlewares=syncthing-https-redirect" + - "traefik.http.routers.syncthing-secure.entrypoints=https" + - "traefik.http.routers.syncthing-secure.rule=Host(`syncthing.local.waylonwalker.com`)" + - "traefik.http.routers.syncthing-secure.tls=true" + - "traefik.http.routers.syncthing-secure.service=syncthing" + - "traefik.http.services.syncthing.loadbalancer.server.port=8384" + - "traefik.docker.network=proxy" + +networks: + proxy: + external: true diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml new file mode 100644 index 0000000..12d6294 --- /dev/null +++ b/traefik/docker-compose.yml @@ -0,0 +1,45 @@ +version: "3" + +services: + traefik: + image: traefik:latest + container_name: traefik + restart: unless-stopped + security_opt: + - no-new-privileges:true + networks: + - proxy + ports: + - 80:80 + - 443:443 + environment: + - CF_API_EMAIL=waylon@waylonwalker.com + - CF_DNS_API_TOKEN=${CF_DNS_API_TOKEN} + # - CF_API_KEY=YOUR_API_KEY + # be sure to use the correct one depending on if you are using a token or key + volumes: + - /etc/localtime:/etc/localtime:ro + - /var/run/docker.sock:/var/run/docker.sock:ro + - ./data/traefik.yml:/traefik.yml:ro + - ./data/acme.json:/acme.json + - ./data/config.yml:/config.yml:ro + labels: + - "traefik.enable=true" + - "traefik.http.routers.traefik.entrypoints=http" + - "traefik.http.routers.traefik.rule=Host(`traefik-dashboard.${URL}`)" + - "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_USERNAME}:${TRAEFIK_PASSWORD}" + - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https" + - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https" + - "traefik.http.routers.traefik.middlewares=traefik-https-redirect" + - "traefik.http.routers.traefik-secure.entrypoints=https" + - "traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.${URL}`)" + - "traefik.http.routers.traefik-secure.middlewares=traefik-auth" + - "traefik.http.routers.traefik-secure.tls=true" + - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare" + - "traefik.http.routers.traefik-secure.tls.domains[0].main=${URL}" + - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.${URL}" + - "traefik.http.routers.traefik-secure.service=api@internal" + +networks: + proxy: + external: true diff --git a/wyze-bridge/docker-compose.yml b/wyze-bridge/docker-compose.yml new file mode 100644 index 0000000..341be8e --- /dev/null +++ b/wyze-bridge/docker-compose.yml @@ -0,0 +1,45 @@ +version: "3" + +services: + wyze-bridge: + image: mrlt8/wyze-bridge:latest + container_name: wyze-bridge + restart: unless-stopped + security_opt: + - no-new-privileges:true + networks: + - proxy + # ports: + # - 1935:6100 + # - 8554:6102 + # - 8888:6103 + # - 5000:6104 + environment: + - QUALITY=SD30 + - WYZE_EMAIL=quadmx08@gmail.com + - WYZE_PASSWORD=${WYZE_PASSWORD} + - SNAPSHOT=RTSP1 + - IMG_DIR=/img/ + - TZ=America/Chicago + - RECORD_ALL=True + volumes: + - /etc/localtime:/etc/localtime:ro + - ${PWD}/wyze-bridge/data/cams/img:/img + - ${PWD}/wyze-bridge/data/record:/record + + labels: + - "traefik.enable=true" + - "traefik.http.routers.cams.entrypoints=http" + - "traefik.http.routers.cams.rule=Host(`cams.${URL}`)" + - "traefik.http.middlewares.cams-https-redirect.redirectscheme.scheme=https" + - "traefik.http.routers.cams.middlewares=cams-https-redirect" + - "traefik.http.routers.cams-secure.entrypoints=https" + - "traefik.http.routers.cams-secure.rule=Host(`cams.local.waylonwalker.com`)" + - "traefik.http.routers.cams-secure.tls=true" + - "traefik.http.routers.cams-secure.service=cams" + - "traefik.http.services.cams.loadbalancer.server.port=5000" + - "traefik.docker.network=proxy" + +networks: + proxy: + external: true