From a08c8cc7fa3ebfdeffe2385f8317ba80e5e317ed Mon Sep 17 00:00:00 2001 From: Christoph Califice Date: Wed, 13 Aug 2025 22:47:11 -0300 Subject: [PATCH] migrate to compose-projects folder and init repo --- RicoToGhostfolio/docker-compose.yml | 7 + caddy/docker-compose.yml | 28 +++ cloudflared/docker-compose.yml | 18 ++ cyber-chef/docker-compose.yml | 8 + filebrowser/docker-compose.yml | 15 ++ firefly-iii/.db.env | 3 + firefly-iii/.env | 341 ++++++++++++++++++++++++++ firefly-iii/.importer.env | 244 ++++++++++++++++++ firefly-iii/.importer.mor.env | 244 ++++++++++++++++++ firefly-iii/docker-compose.yml | 78 ++++++ free-games-claimer/docker-compose.yml | 16 ++ ghostfolio/.env | 15 ++ ghostfolio/docker-compose.yml | 75 ++++++ gitea/docker-compose.yml | 40 +++ glances/docker-compose.yml | 17 ++ grafana/docker-compose.yml | 89 +++++++ guacamole/docker-compose.yml | 163 ++++++++++++ homepage/docker-compose.yml | 17 ++ immich-app/.env | 20 ++ immich-app/docker-compose.yml | 46 ++++ memos/docker-compose.yml | 9 + n8n/.env | 15 ++ n8n/docker-compose.yml | 54 ++++ ntfy/docker-compose.yml | 30 +++ paperless/.docker-compose.env | 42 ++++ paperless/.env | 1 + paperless/docker-compose.yml | 86 +++++++ scrutiny/docker-compose.yml | 47 ++++ stirling-pdf/docker-compose.yml | 31 +++ uptime-kuma/docker-compose.yml | 13 + vaultwarden/.env | 5 + vaultwarden/docker-compose.yml | 11 + vikunja/docker-compose.yml | 45 ++++ 33 files changed, 1873 insertions(+) create mode 100644 RicoToGhostfolio/docker-compose.yml create mode 100644 caddy/docker-compose.yml create mode 100644 cloudflared/docker-compose.yml create mode 100644 cyber-chef/docker-compose.yml create mode 100644 filebrowser/docker-compose.yml create mode 100644 firefly-iii/.db.env create mode 100644 firefly-iii/.env create mode 100644 firefly-iii/.importer.env create mode 100644 firefly-iii/.importer.mor.env create mode 100644 firefly-iii/docker-compose.yml create mode 100644 free-games-claimer/docker-compose.yml create mode 100644 ghostfolio/.env create mode 100644 ghostfolio/docker-compose.yml create mode 100644 gitea/docker-compose.yml create mode 100644 glances/docker-compose.yml create mode 100644 grafana/docker-compose.yml create mode 100644 guacamole/docker-compose.yml create mode 100644 homepage/docker-compose.yml create mode 100644 immich-app/.env create mode 100644 immich-app/docker-compose.yml create mode 100644 memos/docker-compose.yml create mode 100644 n8n/.env create mode 100644 n8n/docker-compose.yml create mode 100644 ntfy/docker-compose.yml create mode 100644 paperless/.docker-compose.env create mode 100644 paperless/.env create mode 100644 paperless/docker-compose.yml create mode 100644 scrutiny/docker-compose.yml create mode 100644 stirling-pdf/docker-compose.yml create mode 100644 uptime-kuma/docker-compose.yml create mode 100644 vaultwarden/.env create mode 100755 vaultwarden/docker-compose.yml create mode 100644 vikunja/docker-compose.yml diff --git a/RicoToGhostfolio/docker-compose.yml b/RicoToGhostfolio/docker-compose.yml new file mode 100644 index 0000000..88f819c --- /dev/null +++ b/RicoToGhostfolio/docker-compose.yml @@ -0,0 +1,7 @@ +services: + rico-to-ghostfolio: + container_name: rico-to-ghostfolio + ports: + - "8001:8000" + build: + dockerfile: Dockerfile \ No newline at end of file diff --git a/caddy/docker-compose.yml b/caddy/docker-compose.yml new file mode 100644 index 0000000..1b7ce3c --- /dev/null +++ b/caddy/docker-compose.yml @@ -0,0 +1,28 @@ +services: + caddy: + # image: caddy:latest + container_name: caddy + build: + dockerfile: Dockerfile + restart: unless-stopped + cap_add: + - NET_ADMIN + ports: + - "2019:2019" + - "80:80" + - "443:443" + - "443:443/udp" + - "8282:8282" + volumes: + - ./Caddyfile:/etc/caddy/Caddyfile + - ./site/bortolaso-sail:/srv/bortolaso-sail + - ./site/ariang:/srv/ariang + - ./caddy-data:/data + - ./caddy-config:/config + networks: + - caddy-net + +networks: + caddy-net: + driver: bridge + name: caddy-net diff --git a/cloudflared/docker-compose.yml b/cloudflared/docker-compose.yml new file mode 100644 index 0000000..3bf7d29 --- /dev/null +++ b/cloudflared/docker-compose.yml @@ -0,0 +1,18 @@ +services: + cloudflared: + image: cloudflare/cloudflared:latest + container_name: cloudflared + user: "0:0" + volumes: + - ./config:/root/.cloudflared + #command: tunnel login + #command: tunnel create tunnel_ccalifice + command: tunnel --no-autoupdate run + restart: always + networks: + - caddy-net + +networks: + caddy-net: + external: true + name: caddy-net diff --git a/cyber-chef/docker-compose.yml b/cyber-chef/docker-compose.yml new file mode 100644 index 0000000..3b15ebf --- /dev/null +++ b/cyber-chef/docker-compose.yml @@ -0,0 +1,8 @@ +name: cyber-chef +services: + cyberchef: + ports: + - 8383:80 + image: ghcr.io/gchq/cyberchef:latest + restart: unless-stopped + container_name: container_name diff --git a/filebrowser/docker-compose.yml b/filebrowser/docker-compose.yml new file mode 100644 index 0000000..9d1865b --- /dev/null +++ b/filebrowser/docker-compose.yml @@ -0,0 +1,15 @@ +--- +services: + filebrowser: + image: filebrowser/filebrowser + container_name: filebrowser + user: "1000:1002" + ports: + - 8686:80 + volumes: + - /mnt/christoph:/srv/christoph + - /mnt/Public:/srv/Public + - ./database.db:/database.db + - ./settings.json:/.settings.json + - ./branding:/branding + restart: unless-stopped diff --git a/firefly-iii/.db.env b/firefly-iii/.db.env new file mode 100644 index 0000000..8057fcf --- /dev/null +++ b/firefly-iii/.db.env @@ -0,0 +1,3 @@ +MYSQL_RANDOM_ROOT_PASSWORD=yes +MYSQL_USER=firefly +MYSQL_PASSWORD=123mysql321$! diff --git a/firefly-iii/.env b/firefly-iii/.env new file mode 100644 index 0000000..3dde490 --- /dev/null +++ b/firefly-iii/.env @@ -0,0 +1,341 @@ +# You can leave this on "local". If you change it to production most console commands will ask for extra confirmation. +# Never set it to "testing". +APP_ENV=local + +# Set to true if you want to see debug information in error screens. +APP_DEBUG=false + +# This should be your email address. +# If you use Docker or similar, you can set this variable from a file by using SITE_OWNER_FILE +# The variable is used in some errors shown to users who aren't admin. +SITE_OWNER=christoph.califice@hotmail.com + +# The encryption key for your sessions. Keep this very secure. +# Change it to a string of exactly 32 chars or use something like `php artisan key:generate` to generate it. +# If you use Docker or similar, you can set this variable from a file by using APP_KEY_FILE +# +# Avoid the "#" character in your APP_KEY, it may break things. +# +APP_KEY=SomeRandomStringOf32CharsExactly + +# Firefly III will launch using this language (for new users and unauthenticated visitors) +# For a list of available languages: https://github.com/firefly-iii/firefly-iii/tree/main/resources/lang +# +# If text is still in English, remember that not everything may have been translated. +DEFAULT_LANGUAGE=en_US + +# The locale defines how numbers are formatted. +# by default this value is the same as whatever the language is. +DEFAULT_LOCALE=equal + +# Change this value to your preferred time zone. +# Example: Europe/Amsterdam +# For a list of supported time zones, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones +TZ=America/Sao_Paulo + +# TRUSTED_PROXIES is a useful variable when using Docker and/or a reverse proxy. +# Set it to ** and reverse proxies work just fine. +TRUSTED_PROXIES= + +# The log channel defines where your log entries go to. +# Several other options exist. You can use 'single' for one big fat error log (not recommended). +# Also available are 'syslog', 'errorlog' and 'stdout' which will log to the system itself. +# A rotating log option is 'daily', creates 5 files that (surprise) rotate. +# A cool option is 'papertrail' for cloud logging +# Default setting 'stack' will log to 'daily' and to 'stdout' at the same time. +LOG_CHANNEL=stack + +# Log level. You can set this from least severe to most severe: +# debug, info, notice, warning, error, critical, alert, emergency +# If you set it to debug your logs will grow large, and fast. If you set it to emergency probably +# nothing will get logged, ever. +APP_LOG_LEVEL=debug + +# Audit log level. +# The audit log is used to log notable Firefly III events on a separate channel. +# These log entries may contain sensitive financial information. +# The audit log is disabled by default. +# +# To enable it, set AUDIT_LOG_LEVEL to "info" +# To disable it, set AUDIT_LOG_LEVEL to "emergency" +AUDIT_LOG_LEVEL=emergency + +# +# If you want, you can redirect the audit logs to another channel. +# Set 'audit_stdout', 'audit_syslog', 'audit_errorlog' to log to the system itself. +# Use audit_daily to log to a rotating file. +# Use audit_papertrail to log to papertrail. +# +# If you do this, the audit logs may be mixed with normal logs because the settings for these channels +# are often the same as the settings for the normal logs. +AUDIT_LOG_CHANNEL= + +# +# Used when logging to papertrail: +# Also used when audit logs log to papertrail: +# +PAPERTRAIL_HOST= +PAPERTRAIL_PORT= + +# Database credentials. Make sure the database exists. I recommend a dedicated user for Firefly III +# For other database types, please see the FAQ: https://docs.firefly-iii.org/firefly-iii/faq/self-hosted/#i-want-to-use-sqlite +# If you use Docker or similar, you can set these variables from a file by appending them with _FILE +# Use "pgsql" for PostgreSQL +# Use "mysql" for MySQL and MariaDB. +# Use "sqlite" for SQLite. +DB_CONNECTION=mysql +DB_HOST=db +DB_PORT=3306 +DB_DATABASE=firefly +DB_USERNAME=firefly +DB_PASSWORD=secret_firefly_password +# leave empty or omit when not using a socket connection +DB_SOCKET= + +# MySQL supports SSL. You can configure it here. +# If you use Docker or similar, you can set these variables from a file by appending them with _FILE +MYSQL_USE_SSL=false +MYSQL_SSL_VERIFY_SERVER_CERT=true +# You need to set at least of these options +MYSQL_SSL_CAPATH=/etc/ssl/certs/ +MYSQL_SSL_CA= +MYSQL_SSL_CERT= +MYSQL_SSL_KEY= +MYSQL_SSL_CIPHER= + +# PostgreSQL supports SSL. You can configure it here. +# If you use Docker or similar, you can set these variables from a file by appending them with _FILE +PGSQL_SSL_MODE=prefer +PGSQL_SSL_ROOT_CERT=null +PGSQL_SSL_CERT=null +PGSQL_SSL_KEY=null +PGSQL_SSL_CRL_FILE=null + +# more PostgreSQL settings +PGSQL_SCHEMA=public + +# If you're looking for performance improvements, you could install memcached or redis +CACHE_DRIVER=file +SESSION_DRIVER=file + +# If you set either of the options above to 'redis', you might want to update these settings too +# If you use Docker or similar, you can set REDIS_HOST_FILE, REDIS_PASSWORD_FILE or +# REDIS_PORT_FILE to set the value from a file instead of from an environment variable + +# can be tcp, unix or http +REDIS_SCHEME=tcp + +# use only when using 'unix' for REDIS_SCHEME. Leave empty otherwise. +REDIS_PATH= + +# use only when using 'tcp' or 'http' for REDIS_SCHEME. Leave empty otherwise. +REDIS_HOST=127.0.0.1 +REDIS_PORT=6379 + +# Use only with Redis 6+ with proper ACL set. Leave empty otherwise. +REDIS_USERNAME= +REDIS_PASSWORD= + +# always use quotes and make sure redis db "0" and "1" exists. Otherwise change accordingly. +REDIS_DB="0" +REDIS_CACHE_DB="1" + +# Cookie settings. Should not be necessary to change these. +# If you use Docker or similar, you can set COOKIE_DOMAIN_FILE to set +# the value from a file instead of from an environment variable +# Setting samesite to "strict" may give you trouble logging in. +COOKIE_PATH="/" +COOKIE_DOMAIN= +COOKIE_SECURE=false +COOKIE_SAMESITE=lax + +# If you want Firefly III to email you, update these settings +# For instructions, see: https://docs.firefly-iii.org/firefly-iii/advanced-installation/email/#email +# If you use Docker or similar, you can set these variables from a file by appending them with _FILE +MAIL_MAILER=log +MAIL_HOST=null +MAIL_PORT=2525 +MAIL_FROM=changeme@example.com +MAIL_USERNAME=null +MAIL_PASSWORD=null +MAIL_ENCRYPTION=null +MAIL_SENDMAIL_COMMAND= + +# Other mail drivers: +# If you use Docker or similar, you can set these variables from a file by appending them with _FILE +MAILGUN_DOMAIN= +MAILGUN_SECRET= + +# If you are on EU region in mailgun, use api.eu.mailgun.net, otherwise use api.mailgun.net +# If you use Docker or similar, you can set this variable from a file by appending it with _FILE +MAILGUN_ENDPOINT=api.mailgun.net + +# If you use Docker or similar, you can set these variables from a file by appending them with _FILE +MANDRILL_SECRET= +SPARKPOST_SECRET= + +# Firefly III can send you the following messages. +SEND_ERROR_MESSAGE=true + +# These messages contain (sensitive) transaction information: +SEND_REPORT_JOURNALS=true + +# Set this value to true if you want to set the location of certain things, like transactions. +# Since this involves an external service, it's optional and disabled by default. +ENABLE_EXTERNAL_MAP=false + +# Set this value to true if you want Firefly III to download currency exchange rates +# from the internet. These rates are hosted by the creator of Firefly III inside +# an Azure Storage Container. +# Not all currencies may be available. Rates may be wrong. +ENABLE_EXTERNAL_RATES=true + +# The map will default to this location: +MAP_DEFAULT_LAT=51.983333 +MAP_DEFAULT_LONG=5.916667 +MAP_DEFAULT_ZOOM=6 + +# +# Some objects have room for an URL, like transactions and webhooks. +# By default, the following protocols are allowed: +# http, https, ftp, ftps, mailto +# +# To change this, set your preferred comma separated set below. +# Be sure to include http, https and other default ones if you need to. +# +VALID_URL_PROTOCOLS= + +# +# Firefly III authentication settings +# + +# +# Firefly III supports a few authentication methods: +# - 'web' (default, uses built in DB) +# - 'remote_user_guard' for Authelia etc +# Read more about these settings in the documentation. +# https://docs.firefly-iii.org/firefly-iii/advanced-installation/authentication +# +# LDAP is no longer supported :( +# +AUTHENTICATION_GUARD=web + +# +# Remote user guard settings +# +AUTHENTICATION_GUARD_HEADER=REMOTE_USER +AUTHENTICATION_GUARD_EMAIL= + +# +# Firefly III generates a basic keypair for your OAuth tokens. +# If you want, you can overrule the key with your own (secure) value. +# It's also possible to set PASSPORT_PUBLIC_KEY_FILE or PASSPORT_PRIVATE_KEY_FILE +# if you're using Docker secrets or similar solutions for secret management +# +PASSPORT_PRIVATE_KEY= +PASSPORT_PUBLIC_KEY= + +# +# Extra authentication settings +# +CUSTOM_LOGOUT_URL= + +# You can disable the X-Frame-Options header if it interferes with tools like +# Organizr. This is at your own risk. Applications running in frames run the risk +# of leaking information to their parent frame. +DISABLE_FRAME_HEADER=false + +# You can disable the Content Security Policy header when you're using an ancient browser +# or any version of Microsoft Edge / Internet Explorer (which amounts to the same thing really) +# This leaves you with the risk of not being able to stop XSS bugs should they ever surface. +# This is at your own risk. +DISABLE_CSP_HEADER=false + +# If you wish to track your own behavior over Firefly III, set valid analytics tracker information here. +# Nobody uses this except for me on the demo site. But hey, feel free to use this if you want to. +# Do not prepend the TRACKER_URL with http:// or https:// +# The only tracker supported is Matomo. +# You can set the following variables from a file by appending them with _FILE: +TRACKER_SITE_ID= +TRACKER_URL= + +# +# Firefly III supports webhooks. These are security sensitive and must be enabled manually first. +# +ALLOW_WEBHOOKS=false + +# +# The static cron job token can be useful when you use Docker and wish to manage cron jobs. +# 1. Set this token to any 32-character value (this is important!). +# 2. Use this token in the cron URL instead of a user's command line token that you can find in /profile +# +# For more info: https://docs.firefly-iii.org/firefly-iii/advanced-installation/cron/ +# +# You can set this variable from a file by appending it with _FILE +# +STATIC_CRON_TOKEN= + +# You can fine tune the start-up of a Docker container by editing these environment variables. +# Use this at your own risk. Disabling certain checks and features may result in lots of inconsistent data. +# However if you know what you're doing you can significantly speed up container start times. +# Set each value to true to enable, or false to disable. + +# Set this to true to build all locales supported by Firefly III. +# This may take quite some time (several minutes) and is generally not recommended. +# If you wish to change or alter the list of locales, start your Docker container with +# `docker run -v locale.gen:/etc/locale.gen -e DKR_BUILD_LOCALE=true` +# and make sure your preferred locales are in your own locale.gen. +DKR_BUILD_LOCALE=false + +# Check if the SQLite database exists. Can be skipped if you're not using SQLite. +# Won't significantly speed up things. +DKR_CHECK_SQLITE=true + +# Run database creation and migration commands. Disable this only if you're 100% sure the DB exists +# and is up to date. +DKR_RUN_MIGRATION=true + +# Run database upgrade commands. Disable this only when you're 100% sure your DB is up-to-date +# with the latest fixes (outside of migrations!) +DKR_RUN_UPGRADE=true + +# Verify database integrity. Includes all data checks and verifications. +# Disabling this makes Firefly III assume your DB is intact. +DKR_RUN_VERIFY=true + +# Run database reporting commands. When disabled, Firefly III won't go over your data to report current state. +# Disabling this should have no impact on data integrity or safety but it won't warn you of possible issues. +DKR_RUN_REPORT=true + +# Generate OAuth2 keys. +# When disabled, Firefly III won't attempt to generate OAuth2 Passport keys. This won't be an issue, IFF (if and only if) +# you had previously generated keys already and they're stored in your database for restoration. +DKR_RUN_PASSPORT_INSTALL=true + +# Leave the following configuration vars as is. +# Unless you like to tinker and know what you're doing. +APP_NAME=FireflyIII +BROADCAST_DRIVER=log +QUEUE_DRIVER=sync +CACHE_PREFIX=firefly +PUSHER_KEY= +IPINFO_TOKEN= +PUSHER_SECRET= +PUSHER_ID= +DEMO_USERNAME= +DEMO_PASSWORD= +FIREFLY_III_LAYOUT=v1 + +# +# If you have trouble configuring your Firefly III installation, DON'T BOTHER setting this variable. +# It won't work. It doesn't do ANYTHING. Don't believe the lies you read online. I'm not joking. +# This configuration value WILL NOT HELP. +# +# Notable exception to this rule is Synology, which, according to some users, will use APP_URL to rewrite stuff. +# +# This variable is ONLY used in some of the emails Firefly III sends around. Nowhere else. +# So when configuring anything WEB related this variable doesn't do anything. Nothing +# +# If you're stuck I understand you get desperate but look SOMEWHERE ELSE. +# +APP_URL=http://localhost diff --git a/firefly-iii/.importer.env b/firefly-iii/.importer.env new file mode 100644 index 0000000..eef5da0 --- /dev/null +++ b/firefly-iii/.importer.env @@ -0,0 +1,244 @@ +# Firefly Data Importer (FIDI) configuration file + +# Where is Firefly III? +# +# 1) Make sure you ADD http:// or https:// +# 2) Make sure you REMOVE any trailing slash from the end of the URL. +# 3) In case of Docker, refer to the internal IP of your Firefly III installation. +# +# Setting this value is not mandatory. But it is very useful. +# +# This variable can be set from a file if you append it with _FILE +# +FIREFLY_III_URL=http://192.168.1.202:88 + +# +# Imagine Firefly III can be reached at "http://172.16.0.2:8082" (internal Docker network or something). +# But you have a fancy URL: "https://personal-finances.bill.microsoft.com/" +# +# In those cases, you can overrule the URL so when the data importer links back to Firefly III, it uses the correct URL. +# +# 1) Make sure you ADD http:// or https:// +# 2) Make sure you REMOVE any trailing slash from the end of the URL. +# +# IF YOU SET THIS VALUE, YOU MUST ALSO SET THE FIREFLY_III_URL +# +# This variable can be set from a file if you append it with _FILE +# +VANITY_URL= + +# +# Set your Firefly III Personal Access Token (OAuth) +# You can create a Personal Access Token on the /profile page: +# go to the OAuth tab, then Personal Access Token and "Create token". +# +# - Do not use the "command line token". That's the WRONG one. +# - Do not use "APP_KEY" value from your Firefly III installation. That's the WRONG one. +# +# Setting this value is not mandatory. Instructions will follow if you omit this field. +# +# This variable can be set from a file if you append it with _FILE +# +FIREFLY_III_ACCESS_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiIxMyIsImp0aSI6ImM2NTdhNzg3MjI0NDhkZWVlNThmZTY0NmRhYzc5MThmOTJmZTY3ZmM5YjA0OGY3MTgzMjI0ZWU2MDhiN2U0Mzg3NGIwNTFkNmZiYTI5ZTdhIiwiaWF0IjoxNzA0NTcwMTI3LjYyMjMzMSwibmJmIjoxNzA0NTcwMTI3LjYyMjMzMywiZXhwIjoxNzM2MTkyNTI3LjU5MDkwMywic3ViIjoiMSIsInNjb3BlcyI6W119.kq9eElh0qMccrZrtEJbDnf3YXikxjZBDqhxA_O7dcgmikpT0D3Ql9o_arY18TaAHoiCirO2It5TWDbYCFWehWdZXwhlnwMUTrXUxkxdw8wkDe6_GfV44_IprBlWjORCAjYP0qKRX_UhN_mYwuZcBrHphVnl_T-EWGygBm-BD8cuPOKcAUiIhWz48p9BS3T8vz-g1EmhcAGa8c5VmCCNVXLD5_dNmcVm066tcs4a3dmc0bJ85-kAxABHoowZnZhdjrGT1pjdPtDI8HDwTWUeSZzqfRZKo-iyfH_VLcJ845GtJvP88SSdAlUXM15DxqPcJG4ruUDvBmAKb-3zGL6yu1MI6-LwgjvVc-O9W589n41Kp-cG9syk0E3ddYaQeO9h78Hm9ApKNJUX3OFLCeWp562qqvM3Rpd5IbPsJwO4L3TmQ4b1H385pWY5zGsovvx0-hmxNFnrtBjLR09rpp0tW1grINMD2XwfvJrD9nUfHEtCb9WxOjQhkMrBAC4Jr-EuP20HQTcCtImHHRqi3378E_Hum9UcJTcfFRX7_b5GJUAN6suyI_7ZOfDVfGQoUwTpgGKlHH8hIMEt6r4B7q39lpfIcaWFRMjKCIGcehAlH7kJ-QgfPfgdMrCfBsBw3IF28uhIPfiI5gDRymTKltxYh6IEKLAYZ4BHrhBmFiR5q0Gc +# +# You can also use a public client ID. This is available in Firefly III 5.4.0-alpha.3 and higher. +# This is a number (1, 2, 3). If you use the client ID, you can leave the access token empty and vice versa. +# +# This value is not mandatory to set. Instructions will follow if you omit this field. +# +# This variable can be set from a file if you append it with _FILE +# +FIREFLY_III_CLIENT_ID= + +# +# Nordigen information. +# The key and ID can be set from a file if you append it with _FILE +# +NORDIGEN_ID= +NORDIGEN_KEY= +NORDIGEN_SANDBOX=false + +# +# Spectre information +# +# The ID and secret can be set from a file if you append it with _FILE +SPECTRE_APP_ID= +SPECTRE_SECRET= + +# +# Use cache. No need to do this. +# +USE_CACHE=false + +# +# If set to true, the data import will not complain about running into duplicates. +# This will give you cleaner import mails if you run regular imports. +# +# This means that the data importer will not import duplicates, but it will not complain about them either. +# +# This setting has no influence on the settings in your configuration(.json). +# +# Of course, if something goes wrong *because* the transaction is a duplicate you will +# NEVER know unless you start digging in your log files. So be careful with this. +# +IGNORE_DUPLICATE_ERRORS=false + +# +# Auto import settings. Due to security constraints, you MUST enable each feature individually. +# You must also set a secret. The secret is used for the web routes. +# +# The auto-import secret must be a string of at least 16 characters. +# Visit this page for inspiration: https://www.random.org/passwords/?num=1&len=16&format=html&rnd=new +# +# Submit it using ?secret=X +# +# This variable can be set from a file if you append it with _FILE +# +AUTO_IMPORT_SECRET= + +# +# Is the /autoimport even endpoint enabled? +# By default it's disabled, and the secret alone will not enable it. +# +CAN_POST_AUTOIMPORT=false + +# +# Is the /autoupload endpoint enabled? +# By default it's disabled, and the secret alone will not enable it. +# +CAN_POST_FILES=false + +# +# Import directory white list. You need to set this before the auto importer will accept a directory to import from. +# +# This variable can be set from a file if you append it with _FILE +# +IMPORT_DIR_ALLOWLIST= + +# +# When you're running Firefly III under a (self-signed) certificate, +# the data importer may have trouble verifying the TLS connection. +# +# You have a few options to make sure the data importer can connect +# to Firefly III: +# - 'true': will verify all certificates. The most secure option and the default. +# - 'file.pem': refer to a file (you must provide it) to your custom root or intermediate certificates. +# - 'false': will verify NO certificates. Not very secure. +VERIFY_TLS_SECURITY=true + +# +# If you want, you can set a directory here where the data importer will look for import configurations. +# This is a separate setting from the /import directory that the auto-import uses. +# Setting this variable isn't necessary. The default value is "storage/configurations". +# +# This variable can be set from a file if you append it with _FILE +# +JSON_CONFIGURATION_DIR= + +# +# Time out when connecting with Firefly III. +# π*10 seconds is usually fine. +# +CONNECTION_TIMEOUT=31.41 + +# The following variables can be useful when debugging the application +APP_ENV=local +APP_DEBUG=false +LOG_CHANNEL=stack + +# +# If you turn this on, expect massive logs with lots of privacy sensitive data +# +LOG_RETURN_JSON=false + +# Log level. You can set this from least severe to most severe: +# debug, info, notice, warning, error, critical, alert, emergency +# If you set it to debug your logs will grow large, and fast. If you set it to emergency probably +# nothing will get logged, ever. +LOG_LEVEL=debug + +# TRUSTED_PROXIES is a useful variable when using Docker and/or a reverse proxy. +# Set it to ** and reverse proxies work just fine. +TRUSTED_PROXIES= + +# +# Time zone +# +TZ=America/Sao_Paulo + +# +# Use ASSET_URL when you're running the data importer in a sub-directory. +# +ASSET_URL= + +# +# Email settings. +# The data importer can send you a message with all errors, warnings and messages +# after a successful import. This is disabled by default +# +ENABLE_MAIL_REPORT=false + +# +# Force Firefly III URL to be secure? +# +# +EXPECT_SECURE_URL=false + +# If enabled, define which mailer you want to use. +# Options include: smtp, mailgun, postmark, sendmail, log, array +# Amazon SES is not supported. +# log = drop mails in the logs instead of sending them +# array = debug mailer that does nothing. +MAIL_MAILER= + +# where to send the report? +MAIL_DESTINATION=noreply@example.com + +# other mail settings +# These variables can be set from a file if you append it with _FILE +MAIL_FROM_ADDRESS=noreply@example.com +MAIL_HOST=smtp.mailtrap.io +MAIL_PORT=2525 +MAIL_USERNAME=username +MAIL_PASSWORD=password +MAIL_ENCRYPTION=null + +# Extra settings depending on your mail configuration above. +# These variables can be set from a file if you append it with _FILE +MAILGUN_DOMAIN= +MAILGUN_SECRET= +MAILGUN_ENDPOINT= +POSTMARK_TOKEN= + +# +# You probably won't need to change these settings. +# +BROADCAST_DRIVER=log +CACHE_DRIVER=file +QUEUE_CONNECTION=sync +SESSION_DRIVER=file +SESSION_LIFETIME=120 +IS_EXTERNAL=false + +REDIS_HOST=127.0.0.1 +REDIS_PASSWORD=null +REDIS_PORT=6379 + +# always use quotes +REDIS_DB="0" +REDIS_CACHE_DB="1" + +# The only tracker supported is Matomo. +# This is used on the public instance over at https://data-importer.firefly-iii.org +TRACKER_SITE_ID= +TRACKER_URL= + +APP_NAME=DataImporter + +# +# The APP_URL environment variable is NOT used anywhere. +# Don't bother setting it to fix your reverse proxy problems. It won't help. +# Don't open issues telling me it doesn't help because it's not supposed to. +# Laravel uses this to generate links on the command line, which is a feature the data importer does not use. +# +APP_URL=http://localhost diff --git a/firefly-iii/.importer.mor.env b/firefly-iii/.importer.mor.env new file mode 100644 index 0000000..5984dc5 --- /dev/null +++ b/firefly-iii/.importer.mor.env @@ -0,0 +1,244 @@ +# Firefly Data Importer (FIDI) configuration file + +# Where is Firefly III? +# +# 1) Make sure you ADD http:// or https:// +# 2) Make sure you REMOVE any trailing slash from the end of the URL. +# 3) In case of Docker, refer to the internal IP of your Firefly III installation. +# +# Setting this value is not mandatory. But it is very useful. +# +# This variable can be set from a file if you append it with _FILE +# +FIREFLY_III_URL=http://192.168.1.202:88 + +# +# Imagine Firefly III can be reached at "http://172.16.0.2:8082" (internal Docker network or something). +# But you have a fancy URL: "https://personal-finances.bill.microsoft.com/" +# +# In those cases, you can overrule the URL so when the data importer links back to Firefly III, it uses the correct URL. +# +# 1) Make sure you ADD http:// or https:// +# 2) Make sure you REMOVE any trailing slash from the end of the URL. +# +# IF YOU SET THIS VALUE, YOU MUST ALSO SET THE FIREFLY_III_URL +# +# This variable can be set from a file if you append it with _FILE +# +VANITY_URL= + +# +# Set your Firefly III Personal Access Token (OAuth) +# You can create a Personal Access Token on the /profile page: +# go to the OAuth tab, then Personal Access Token and "Create token". +# +# - Do not use the "command line token". That's the WRONG one. +# - Do not use "APP_KEY" value from your Firefly III installation. That's the WRONG one. +# +# Setting this value is not mandatory. Instructions will follow if you omit this field. +# +# This variable can be set from a file if you append it with _FILE +# +FIREFLY_III_ACCESS_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiIzMjkiLCJqdGkiOiIxODg5NzIxZjU0OTQzZjE1YmJmNThiYTcyMDUzYTgyZDY2MDFlNDNmZGY4M2UxZTM1ZDY2ZmZhNWVmYTc1NWQ1ODc1NDQ2MjhkMzJjZjczOCIsImlhdCI6MTcxMjU4MDY4NC44MzM2NTQsIm5iZiI6MTcxMjU4MDY4NC44MzM2NTcsImV4cCI6MTc0NDExNjY4NC43NzYzMTIsInN1YiI6IjIiLCJzY29wZXMiOltdfQ.MlxdQrRJu2wQYhjp8SXz7aw7e1gSzt8NwmHRc57V-0nq6TvtI1EAKiIrlk3t4meO1nNU81dmvOdcmbhXUEXlhpkRTTxqir58UZlVQVeZlkfL8r8rghRBmtnzxNNYdHjCytG9hOGHqYOfBIa_EDXx2Df3WROwPKAOzrbfm42KIG2IGJ8iFa5YgRUvoiAbRxoihjL6vV8YoNm82-i0r8CtIfxZTuvU_ve9fAhnOlxZWNy4k2iWkPsQNvTpV_lTLIaoPcETCZEcvmb3nUbhak9U9Q_Dy-s6YdD8yg-tAjkomDF9murAaYUI_1irkK7YKEaFPgM7tRSiQ8CkKgjjKR0JzHvvpWOW22qXVtgT6d1F3yu-sDEWtSjH9jdUdf1fLYrHLfEZIXaAbnLPEiHJf0u2r1CaRTDO_kkb_hAMLk09vftlitwrfvkNLlcZVDgqV3VuwO_tuTOc4FTrPA97oA38AnHgTLkC6EXO4r6n0gAcD4qhJcE9ADWLplcAR-_PBBdByQ3jKlyXqtXKyL5NVuyOQx_oLvVWmq3grYPb5nXUCrdUReLZvlgGK1feaesarPCss1PSkxmykNgplgjQIc85fJotIKaoduKLb_rDJ3speruRt63zkRbPQU4xrSn2TB4vrWuLpTFEGJa6sN2_muNxwc3USc8rZr2bpRMStBhaAOM +# +# You can also use a public client ID. This is available in Firefly III 5.4.0-alpha.3 and higher. +# This is a number (1, 2, 3). If you use the client ID, you can leave the access token empty and vice versa. +# +# This value is not mandatory to set. Instructions will follow if you omit this field. +# +# This variable can be set from a file if you append it with _FILE +# +FIREFLY_III_CLIENT_ID= + +# +# Nordigen information. +# The key and ID can be set from a file if you append it with _FILE +# +NORDIGEN_ID= +NORDIGEN_KEY= +NORDIGEN_SANDBOX=false + +# +# Spectre information +# +# The ID and secret can be set from a file if you append it with _FILE +SPECTRE_APP_ID= +SPECTRE_SECRET= + +# +# Use cache. No need to do this. +# +USE_CACHE=false + +# +# If set to true, the data import will not complain about running into duplicates. +# This will give you cleaner import mails if you run regular imports. +# +# This means that the data importer will not import duplicates, but it will not complain about them either. +# +# This setting has no influence on the settings in your configuration(.json). +# +# Of course, if something goes wrong *because* the transaction is a duplicate you will +# NEVER know unless you start digging in your log files. So be careful with this. +# +IGNORE_DUPLICATE_ERRORS=false + +# +# Auto import settings. Due to security constraints, you MUST enable each feature individually. +# You must also set a secret. The secret is used for the web routes. +# +# The auto-import secret must be a string of at least 16 characters. +# Visit this page for inspiration: https://www.random.org/passwords/?num=1&len=16&format=html&rnd=new +# +# Submit it using ?secret=X +# +# This variable can be set from a file if you append it with _FILE +# +AUTO_IMPORT_SECRET= + +# +# Is the /autoimport even endpoint enabled? +# By default it's disabled, and the secret alone will not enable it. +# +CAN_POST_AUTOIMPORT=false + +# +# Is the /autoupload endpoint enabled? +# By default it's disabled, and the secret alone will not enable it. +# +CAN_POST_FILES=false + +# +# Import directory white list. You need to set this before the auto importer will accept a directory to import from. +# +# This variable can be set from a file if you append it with _FILE +# +IMPORT_DIR_ALLOWLIST= + +# +# When you're running Firefly III under a (self-signed) certificate, +# the data importer may have trouble verifying the TLS connection. +# +# You have a few options to make sure the data importer can connect +# to Firefly III: +# - 'true': will verify all certificates. The most secure option and the default. +# - 'file.pem': refer to a file (you must provide it) to your custom root or intermediate certificates. +# - 'false': will verify NO certificates. Not very secure. +VERIFY_TLS_SECURITY=true + +# +# If you want, you can set a directory here where the data importer will look for import configurations. +# This is a separate setting from the /import directory that the auto-import uses. +# Setting this variable isn't necessary. The default value is "storage/configurations". +# +# This variable can be set from a file if you append it with _FILE +# +JSON_CONFIGURATION_DIR= + +# +# Time out when connecting with Firefly III. +# π*10 seconds is usually fine. +# +CONNECTION_TIMEOUT=31.41 + +# The following variables can be useful when debugging the application +APP_ENV=local +APP_DEBUG=false +LOG_CHANNEL=stack + +# +# If you turn this on, expect massive logs with lots of privacy sensitive data +# +LOG_RETURN_JSON=false + +# Log level. You can set this from least severe to most severe: +# debug, info, notice, warning, error, critical, alert, emergency +# If you set it to debug your logs will grow large, and fast. If you set it to emergency probably +# nothing will get logged, ever. +LOG_LEVEL=debug + +# TRUSTED_PROXIES is a useful variable when using Docker and/or a reverse proxy. +# Set it to ** and reverse proxies work just fine. +TRUSTED_PROXIES= + +# +# Time zone +# +TZ=America/Sao_Paulo + +# +# Use ASSET_URL when you're running the data importer in a sub-directory. +# +ASSET_URL= + +# +# Email settings. +# The data importer can send you a message with all errors, warnings and messages +# after a successful import. This is disabled by default +# +ENABLE_MAIL_REPORT=false + +# +# Force Firefly III URL to be secure? +# +# +EXPECT_SECURE_URL=false + +# If enabled, define which mailer you want to use. +# Options include: smtp, mailgun, postmark, sendmail, log, array +# Amazon SES is not supported. +# log = drop mails in the logs instead of sending them +# array = debug mailer that does nothing. +MAIL_MAILER= + +# where to send the report? +MAIL_DESTINATION=noreply@example.com + +# other mail settings +# These variables can be set from a file if you append it with _FILE +MAIL_FROM_ADDRESS=noreply@example.com +MAIL_HOST=smtp.mailtrap.io +MAIL_PORT=2525 +MAIL_USERNAME=username +MAIL_PASSWORD=password +MAIL_ENCRYPTION=null + +# Extra settings depending on your mail configuration above. +# These variables can be set from a file if you append it with _FILE +MAILGUN_DOMAIN= +MAILGUN_SECRET= +MAILGUN_ENDPOINT= +POSTMARK_TOKEN= + +# +# You probably won't need to change these settings. +# +BROADCAST_DRIVER=log +CACHE_DRIVER=file +QUEUE_CONNECTION=sync +SESSION_DRIVER=file +SESSION_LIFETIME=120 +IS_EXTERNAL=false + +REDIS_HOST=127.0.0.1 +REDIS_PASSWORD=null +REDIS_PORT=6379 + +# always use quotes +REDIS_DB="0" +REDIS_CACHE_DB="1" + +# The only tracker supported is Matomo. +# This is used on the public instance over at https://data-importer.firefly-iii.org +TRACKER_SITE_ID= +TRACKER_URL= + +APP_NAME=DataImporter + +# +# The APP_URL environment variable is NOT used anywhere. +# Don't bother setting it to fix your reverse proxy problems. It won't help. +# Don't open issues telling me it doesn't help because it's not supposed to. +# Laravel uses this to generate links on the command line, which is a feature the data importer does not use. +# +APP_URL=http://localhost diff --git a/firefly-iii/docker-compose.yml b/firefly-iii/docker-compose.yml new file mode 100644 index 0000000..5729b4b --- /dev/null +++ b/firefly-iii/docker-compose.yml @@ -0,0 +1,78 @@ +# +# The Firefly III Data Importer will ask you for the Firefly III URL and a "Client ID". +# You can generate the Client ID at http://localhost/profile (after registering) +# The Firefly III URL is: http://app:8080 +# +# Other URL's will give 500 | Server Error +# + +services: + app: + image: fireflyiii/core:latest + hostname: app + container_name: firefly_iii_core + networks: + - firefly_iii + restart: always + volumes: + - ./firefly_iii_upload:/var/www/html/storage/upload + env_file: .env + ports: + - '88:8080' + depends_on: + - db + db: + image: mariadb + hostname: db + container_name: firefly_iii_db + networks: + - firefly_iii + restart: always + env_file: .db.env + volumes: + - ./firefly_iii_db:/var/lib/mysql + + importer: + image: fireflyiii/data-importer:latest + hostname: importer + restart: always + container_name: firefly_iii_importer + networks: + - firefly_iii + ports: + - '89:8080' + depends_on: + - app + env_file: .importer.env + + importer_mor: + image: fireflyiii/data-importer:latest + hostname: importer + restart: always + container_name: firefly_iii_importer_mor + networks: + - firefly_iii + ports: + - '99:8080' + depends_on: + - app + env_file: .importer.mor.env + + cron: + # + # To make this work, set STATIC_CRON_TOKEN in your .env file or as an environment variable and replace REPLACEME below + # The STATIC_CRON_TOKEN must be *exactly* 32 characters long + # + image: alpine + container_name: firefly_iii_cron + restart: always + command: sh -c "echo \"0 3 * * * wget -qO- http://app:8080/api/v1/cron/REPLACEME\" | crontab - && crond -f -L /dev/stdout" + networks: + - firefly_iii +#volumes: +# firefly_iii_upload: +# firefly_iii_db: + +networks: + firefly_iii: + driver: bridge diff --git a/free-games-claimer/docker-compose.yml b/free-games-claimer/docker-compose.yml new file mode 100644 index 0000000..f5af5a7 --- /dev/null +++ b/free-games-claimer/docker-compose.yml @@ -0,0 +1,16 @@ +# start with `docker compose up` +services: + free-games-claimer: + container_name: fgc # is printed in front of every output line + image: ghcr.io/vogler/free-games-claimer # otherwise image name will be free-games-claimer-free-games-claimer + build: . + ports: + # - "5900:5900" # VNC server + - "6080:6080" # noVNC (browser-based VNC client) + volumes: + - ./fgc:/fgc/data + restart: unless-stopped + command: bash -c "node epic-games; node gog; node prime-gaming; echo sleeping; sleep 12h" +# environment: + # - EMAIL=foo@bar.org + # - NOTIFY='tgram://...' diff --git a/ghostfolio/.env b/ghostfolio/.env new file mode 100644 index 0000000..91b79ed --- /dev/null +++ b/ghostfolio/.env @@ -0,0 +1,15 @@ +COMPOSE_PROJECT_NAME=ghostfolio + +# CACHE +REDIS_HOST=redis +REDIS_PORT=6379 +REDIS_PASSWORD=Sup3R%ReD1SP48$ + +# POSTGRES +POSTGRES_DB=ghostfolio-db +POSTGRES_USER=user +POSTGRES_PASSWORD=very!Stronk887PA% + +ACCESS_TOKEN_SALT=4KCESSTOKEN2SAL7 +DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}?connect_timeout=300&sslmode=prefer +JWT_SECRET_KEY=thi1ss8pers5cret&J9WTA33ess \ No newline at end of file diff --git a/ghostfolio/docker-compose.yml b/ghostfolio/docker-compose.yml new file mode 100644 index 0000000..e1005f8 --- /dev/null +++ b/ghostfolio/docker-compose.yml @@ -0,0 +1,75 @@ +name: ghostfolio +services: + ghostfolio: + image: docker.io/ghostfolio/ghostfolio:latest + container_name: ghostfolio + restart: unless-stopped + init: true + cap_drop: + - ALL + security_opt: + - no-new-privileges:true + env_file: + - .env + ports: + - 3333:3333 + depends_on: + postgres: + condition: service_healthy + redis: + condition: service_healthy + healthcheck: + test: ['CMD-SHELL', 'curl -f http://localhost:3333/api/v1/health'] + interval: 10s + timeout: 5s + retries: 5 + + postgres: + image: docker.io/library/postgres:15-alpine + container_name: gf-postgres + restart: unless-stopped + cap_drop: + - ALL + cap_add: + - CHOWN + - DAC_READ_SEARCH + - FOWNER + - SETGID + - SETUID + security_opt: + - no-new-privileges:true + env_file: + - .env + healthcheck: + test: + ['CMD-SHELL', 'pg_isready -d "$${POSTGRES_DB}" -U $${POSTGRES_USER}'] + interval: 10s + timeout: 5s + retries: 5 + volumes: + - ./postgres:/var/lib/postgresql/data + + redis: + image: docker.io/library/redis:alpine + container_name: gf-redis + restart: unless-stopped + user: '999:1000' + cap_drop: + - ALL + security_opt: + - no-new-privileges:true + env_file: + - .env + command: + - /bin/sh + - -c + - redis-server --requirepass "$${REDIS_PASSWORD:?REDIS_PASSWORD variable is not set}" + healthcheck: + test: + ['CMD-SHELL', 'redis-cli --pass "$${REDIS_PASSWORD}" ping | grep PONG'] + interval: 10s + timeout: 5s + retries: 5 + + +#cab07a6b0a87711013ee5457411a26c7c7dd2787830b64b914d5678d4dc54af911752975380467fd73c3798b043855520ab148a372d8fd859860703833e96cba diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml new file mode 100644 index 0000000..4e1da81 --- /dev/null +++ b/gitea/docker-compose.yml @@ -0,0 +1,40 @@ +networks: + gitea: + external: false + +services: + server: + image: docker.gitea.com/gitea + container_name: gitea + environment: + - USER_UID=1000 + - USER_GID=1000 + - GITEA__database__DB_TYPE=postgres + - GITEA__database__HOST=db:5432 + - GITEA__database__NAME=gitea + - GITEA__database__USER=gitea + - GITEA__database__PASSWD=gitea + restart: always + networks: + - gitea + volumes: + - ./gitea:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + ports: + - "3005:3000" + - "222:22" + depends_on: + - db + + db: + image: docker.io/library/postgres:14 + restart: always + environment: + - POSTGRES_USER=gitea + - POSTGRES_PASSWORD=gitea + - POSTGRES_DB=gitea + networks: + - gitea + volumes: + - ./postgres:/var/lib/postgresql/data diff --git a/glances/docker-compose.yml b/glances/docker-compose.yml new file mode 100644 index 0000000..1cc919e --- /dev/null +++ b/glances/docker-compose.yml @@ -0,0 +1,17 @@ +services: + glances: + #image: nicolargo/glances:3.4.0.5-full + image: nicolargo/glances:latest-full + container_name: glances + restart: always + pid: host + ports: + - 61208:61208 + volumes: + - /var/run/docker.sock:/var/run/docker.sock + # Uncomment the below line if you want glances to display host OS detail instead of container's + - /etc/os-release:/etc/os-release:ro + - /mnt/restic:/restic + - /:/host:ro + environment: + - "GLANCES_OPT=-w" diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml new file mode 100644 index 0000000..609b95d --- /dev/null +++ b/grafana/docker-compose.yml @@ -0,0 +1,89 @@ +networks: + grafana: + +services: + loki: + container_name: loki + image: grafana/loki:latest + ports: + - "3100:3100" + command: -config.file=/etc/loki/local-config.yaml + networks: + - grafana + + promtail: + container_name: promtail + image: grafana/promtail:latest + volumes: + - /var/log:/var/log + command: -config.file=/etc/promtail/config.yml + networks: + - grafana + + alloy: + container_name: alloy + image: grafana/alloy:latest + profiles: ['alloy'] + volumes: + - ./config/alloy:/etc/alloy + + grafana: + environment: + - GF_PATHS_PROVISIONING=/etc/grafana/provisioning +# - GF_AUTH_ANONYMOUS_ENABLED=true +# - GF_AUTH_ANONYMOUS_ORG_ROLE=Admin + - GF_SECURITY_ADMIN_USER=ccalifice + - GF_SECURITY_ADMIN_PASSWORD=asdf1234 + - GF_FEATURE_TOGGLES_ENABLE=alertingSimplifiedRouting,alertingQueryAndExpressionsStepMode + entrypoint: + - sh + - -euc + - | + mkdir -p /etc/grafana/provisioning/datasources + cat < /etc/grafana/provisioning/datasources/ds.yaml + apiVersion: 1 + datasources: + - name: Loki + type: loki + access: proxy + orgId: 1 + url: http://loki:3100 + basicAuth: false + isDefault: true + version: 1 + editable: false + EOF + /run.sh + image: grafana/grafana:latest + ports: + - "3003:3000" + networks: + - grafana + volumes: + - ./data:/var/lib/grafana + user: "1000:1002" + container_name: grafana + + prometheus: + image: prom/prometheus + volumes: + - "./prometheus.yml:/etc/prometheus/prometheus.yml" + - ./prometheus-data:/prometheus + networks: + - grafana + ports: + - 9090:9090 + user: "1000:1002" + container_name: prometheus + + +#sudo docker plugin install grafana/loki-docker-driver:3.3.2-amd64 --alias loki --grant-all-permissions +# { +# "debug" : true, +# "log-driver": "loki", +# "log-opts": { +# "loki-url": "http://192.168.1.202:3100/loki/api/v1/push", +# "loki-batch-size": "400" +# }, +# "insecure-registries":["192.168.1.202:6610"] +# } diff --git a/guacamole/docker-compose.yml b/guacamole/docker-compose.yml new file mode 100644 index 0000000..f8604b3 --- /dev/null +++ b/guacamole/docker-compose.yml @@ -0,0 +1,163 @@ +#################################################################################### +# docker-compose file for Apache Guacamole +# created by PCFreak 2017-06-28 +# +# Apache Guacamole is a clientless remote desktop gateway. It supports standard +# protocols like VNC, RDP, and SSH. We call it clientless because no plugins or +# client software are required. Thanks to HTML5, once Guacamole is installed on +# a server, all you need to access your desktops is a web browser. +#################################################################################### +# +# What does this file do? +# +# Using docker-compose it will: +# +# - create a network 'guacnetwork_compose' with the 'bridge' driver. +# - create a service 'guacd_compose' from 'guacamole/guacd' connected to 'guacnetwork_compose' +# - create a service 'postgres_guacamole_compose' (1) from 'postgres' connected to 'guacnetwork_compose' +# - create a service 'guacamole_compose' (2) from 'guacamole/guacamole/' conn. to 'guacnetwork_compose' +# - create a service 'nginx_guacamole_compose' (3) from 'nginx' connected to 'guacnetwork_compose' +# +# (1) +# DB-Init script is in './init/initdb.sql' it has been created executing +# 'docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --postgresql > ./init/initdb.sql' +# once. +# DATA-DIR is in './data' +# If you want to change the DB password change all lines with 'POSTGRES_PASSWORD:' and +# change it to your needs before first start. +# To start from scratch delete './data' dir completely +# './data' will hold all data after first start! +# The initdb.d scripts are only executed the first time the container is started +# (and the database files are empty). If the database files already exist then the initdb.d +# scripts are ignored (e.g. when you mount a local directory or when docker-compose saves +# the volume and reuses it for the new container). +# +# !!!!! MAKE SURE your folder './init' is executable (chmod +x ./init) +# !!!!! or 'initdb.sql' will be ignored! +# +# './data' will hold all data after first start! +# +# (2) +# Make sure you use the same value for 'POSTGRES_USER' and 'POSTGRES_PASSWORD' +# as configured under (1) +# +# (3) +# ./nginx/templates folder will be mapped read-only into the container at /etc/nginx/templates +# and according to the official nginx container docs the guacamole.conf.template will be +# placed in /etc/nginx/conf.d/guacamole.conf after container startup. +# ./nginx/ssl will be mapped into the container at /etc/nginx/ssl +# prepare.sh creates a a self-signed certificate. If you want to use your own certs +# just remove the part that generates the certs from prepare.sh and replace +# 'self-ssl.key' and 'self.cert' with your certificate. +# nginx will export port 8443 to the outside world, make sure that this port is reachable +# on your system from the "outside world". All other traffic is only internal. +# +# You could remove the entire 'nginx' service from this file if you want to use your own +# reverse proxy in front of guacamole. If doing so, make sure you change the line +# from - 8080/tcp +# to - 8080:8080/tcp +# within the 'guacamole' service. This will expose the guacamole webinterface directly +# on port 8080 and you can use it for your own purposes. +# Note: Guacamole is available on :8080/guacamole, not /. +# +# !!!!! FOR INITAL SETUP (after git clone) run ./prepare.sh once +# +# !!!!! FOR A FULL RESET (WILL ERASE YOUR DATABASE, YOUR FILES, YOUR RECORDS AND CERTS) DO A +# !!!!! ./reset.sh +# +# +# The initial login to the guacamole webinterface is: +# +# Username: guacadmin +# Password: guacadmin +# +# Make sure you change it immediately! +# +# version date comment +# 0.1 2017-06-28 initial release +# 0.2 2017-10-09 minor fixes + internal GIT push +# 0.3 2017-10-09 minor fixes + public GIT push +# 0.4 2019-08-14 creating of ssl certs now in prepare.sh +# simplified nginx startup commands +# 0.5 2023-02-24 nginx now uses a template + some minor changes +# 0.6 2023-03-23 switched to postgres 15.2-alpine +# 0.61 2024-07-27 fix networks + version 3.0 +# 0.62 2024-07-27 fix +##################################################################################### + +#the attribute `version` is obsolete, it will be ignored, please remove it to avoid potential confusion +#version: '3.0' + +# networks +# create a network 'guacnetwork_compose' in mode 'bridged' +networks: + guacnetwork_compose: + driver: bridge + +# services +services: + # guacd + guacd: + container_name: guacd_compose + image: guacamole/guacd + networks: + - guacnetwork_compose + restart: always + volumes: + - ./drive:/drive:rw + - ./record:/record:rw + # postgres + postgres: + container_name: postgres_guacamole_compose + environment: + PGDATA: /var/lib/postgresql/data/guacamole + POSTGRES_DB: guacamole_db + POSTGRES_PASSWORD: 'H4RD!PA$$word92753' + POSTGRES_USER: guacamole_user + image: postgres:15.2-alpine + networks: + - guacnetwork_compose + restart: always + volumes: + - ./init:/docker-entrypoint-initdb.d:z + - ./data:/var/lib/postgresql/data:Z + + # guacamole + guacamole: + container_name: guacamole_compose + depends_on: + - guacd + - postgres + environment: + GUACD_HOSTNAME: guacd + POSTGRES_DATABASE: guacamole_db + POSTGRES_HOSTNAME: postgres + POSTGRES_PASSWORD: 'H4RD!PA$$word92753' + POSTGRES_USER: guacamole_user + image: guacamole/guacamole + networks: + - guacnetwork_compose + volumes: + - ./record:/record:rw + ports: +## enable next line if not using nginx + - 8181:8080/tcp # Guacamole is on :8080/guacamole, not /. +## enable next line when using nginx +# - 8080/tcp + restart: always + +########### optional ############## + # nginx +# nginx: +# container_name: nginx_guacamole_compose +# restart: always +# image: nginx:latest +# volumes: +# - ./nginx/templates:/etc/nginx/templates:ro +# - ./nginx/ssl/self.cert:/etc/nginx/ssl/self.cert:ro +# - ./nginx/ssl/self-ssl.key:/etc/nginx/ssl/self-ssl.key:ro +# ports: +# - 8443:443 +# networks: +# - guacnetwork_compose +#################################################################################### diff --git a/homepage/docker-compose.yml b/homepage/docker-compose.yml new file mode 100644 index 0000000..32f6fe9 --- /dev/null +++ b/homepage/docker-compose.yml @@ -0,0 +1,17 @@ +services: + homepage: + image: ghcr.io/gethomepage/homepage:latest + container_name: homepage + environment: + PUID: 1000 + PGID: 1002 + HOMEPAGE_ALLOWED_HOSTS: 192.168.1.202:3000 + ports: + - 3000:3000 + volumes: + - ./config:/app/config # Make sure your local config directory exists + - /mnt/servarr:/servarr + - /mnt/hdd_1tb:/hdd_1tb + restart: unless-stopped + + \ No newline at end of file diff --git a/immich-app/.env b/immich-app/.env new file mode 100644 index 0000000..c4477a7 --- /dev/null +++ b/immich-app/.env @@ -0,0 +1,20 @@ +# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables + +# The location where your uploaded files are stored +UPLOAD_LOCATION=./library + +# The Immich version to use. You can pin this to a specific version like "v1.71.0" +IMMICH_VERSION=v1.137.3 + +# Connection secret for postgres. You should change it to a random password +DB_PASSWORD=asdf1234 + +# The values below this line do not need to be changed +################################################################################### +DB_HOSTNAME=immich_postgres +DB_USERNAME=postgres +DB_DATABASE_NAME=immich + +REDIS_HOSTNAME=immich_redis + +EXTERNAL_LIB_CANON=/mnt/Canon diff --git a/immich-app/docker-compose.yml b/immich-app/docker-compose.yml new file mode 100644 index 0000000..393e796 --- /dev/null +++ b/immich-app/docker-compose.yml @@ -0,0 +1,46 @@ +name: immich +services: + immich-server: + container_name: immich_server + image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} + volumes: + - ${UPLOAD_LOCATION}:/usr/src/app/upload + - /etc/localtime:/etc/localtime:ro + - ${EXTERNAL_LIB_CANON}:/usr/src/app/external/canon:ro + env_file: + - .env + ports: + - 2283:2283 + depends_on: + - redis + - database + restart: always + + immich-machine-learning: + container_name: immich_machine_learning + image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release} + volumes: + - ./model-cache:/cache + env_file: + - .env + restart: always + + redis: + container_name: immich_redis + image: docker.io/valkey/valkey:8-bookworm@sha256:42cba146593a5ea9a622002c1b7cba5da7be248650cbb64ecb9c6c33d29794b1 + healthcheck: + test: redis-cli ping || exit 1 + restart: always + + database: + container_name: immich_postgres + image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0 + env_file: + - .env + environment: + POSTGRES_PASSWORD: ${DB_PASSWORD} + POSTGRES_USER: ${DB_USERNAME} + POSTGRES_DB: ${DB_DATABASE_NAME} + volumes: + - ./pgdata:/var/lib/postgresql/data + restart: always diff --git a/memos/docker-compose.yml b/memos/docker-compose.yml new file mode 100644 index 0000000..086efac --- /dev/null +++ b/memos/docker-compose.yml @@ -0,0 +1,9 @@ +name: memos +services: + memos: + container_name: memos + ports: + - 5230:5230 + volumes: + - ./memos/:/var/opt/memos + image: neosmemo/memos:stable \ No newline at end of file diff --git a/n8n/.env b/n8n/.env new file mode 100644 index 0000000..41357de --- /dev/null +++ b/n8n/.env @@ -0,0 +1,15 @@ +# The top level domain to serve from +DOMAIN_NAME=ccalifice.com + +# The subdomain to serve from +SUBDOMAIN=n8n + +# DOMAIN_NAME and SUBDOMAIN combined decide where n8n will be reachable from +# above example would result in: https://n8n.example.com + +# Optional timezone to set which gets used by Cron-Node by default +# If not set New York time will be used +GENERIC_TIMEZONE=America/Sao_Paulo + +# The email address to use for the SSL certificate creation +SSL_EMAIL=christoph.califice@hotmail.com diff --git a/n8n/docker-compose.yml b/n8n/docker-compose.yml new file mode 100644 index 0000000..d9eca7f --- /dev/null +++ b/n8n/docker-compose.yml @@ -0,0 +1,54 @@ +services: + n8n: + image: n8nio/n8n + container_name: n8n + ports: + - "5678:5678" + environment: + - N8N_SECURE_COOKIE=true + - N8N_BASIC_AUTH_ACTIVE=true + - N8N_BASIC_AUTH_USER=christoph.califice@hotmail.com + - N8N_BASIC_AUTH_PASSWORD=malvado6696 + - DB_TYPE=postgresdb + - DB_POSTGRESDB_HOST=db + - DB_POSTGRESDB_PORT=5432 + - DB_POSTGRESDB_DATABASE=n8n + - DB_POSTGRESDB_USER=n8n + - DB_POSTGRESDB_PASSWORD=n8n + - NODE_FUNCTION_ALLOW_EXTERNAL=axios,qs + - N8N_HOST=${SUBDOMAIN}.${DOMAIN_NAME} + - N8N_PORT=5678 + - N8N_PROTOCOL=https + - NODE_ENV=production + - WEBHOOK_URL=https://${SUBDOMAIN}.${DOMAIN_NAME}/ + - GENERIC_TIMEZONE=${GENERIC_TIMEZONE} + volumes: + - ./n8n_data:/home/node/.n8n + - ./files:/files + depends_on: + - db + restart: unless-stopped + networks: + - caddy-net + - n8n-net + + db: + image: postgres:12 + container_name: n8n-db + volumes: + - ./db-data:/var/lib/postgresql/data + environment: + - POSTGRES_USER=n8n + - POSTGRES_PASSWORD=n8n + - POSTGRES_DB=n8n + restart: unless-stopped + networks: + - n8n-net + +networks: + caddy-net: + external: true + name: caddy-net + n8n-net: + name: n8n-net + driver: bridge diff --git a/ntfy/docker-compose.yml b/ntfy/docker-compose.yml new file mode 100644 index 0000000..3038315 --- /dev/null +++ b/ntfy/docker-compose.yml @@ -0,0 +1,30 @@ +services: + ntfy: + image: binwiederhier/ntfy + container_name: ntfy + command: + - serve + environment: + - TZ=America/Sao_Paulo # optional: Change to your desired timezone + #user: UID:GID # optional: Set custom user/group or uid/gid + - NTFY_ENABLE_LOGIN=true + - NTFY_AUTH_FILE=/var/lib/ntfy/auth.db + - NTFY_CACHE_FILE=/var/lib/ntfy/cache.db + - NTFY_BASE_URL=https://ntfy.ccalifice.com + - NTFY_AUTH_DEFAULT_ACCESS=deny-all + - NTFY_BEHIND_PROXY=true + - NTFY_ATTACHMENT_CACHE_DIR=/var/lib/ntfy/attachments + volumes: + - ./var/cache/ntfy:/var/cache/ntfy + - ./var/lib/ntfy/:/var/lib/ntfy/ + - ./etc/ntfy:/etc/ntfy + ports: + - 9898:80 + restart: unless-stopped + networks: + - caddy-net + +networks: + caddy-net: + external: true + name: caddy-net diff --git a/paperless/.docker-compose.env b/paperless/.docker-compose.env new file mode 100644 index 0000000..7cbee39 --- /dev/null +++ b/paperless/.docker-compose.env @@ -0,0 +1,42 @@ +# The UID and GID of the user used to run paperless in the container. Set this +# to your UID and GID on the host so that you have write access to the +# consumption directory. +USERMAP_UID=1000 +USERMAP_GID=1002 + +# Additional languages to install for text recognition, separated by a +# whitespace. Note that this is +# different from PAPERLESS_OCR_LANGUAGE (default=eng), which defines the +# language used for OCR. +# The container installs English, German, Italian, Spanish and French by +# default. +# See https://packages.debian.org/search?keywords=tesseract-ocr-&searchon=names&suite=buster +# for available languages. +PAPERLESS_OCR_LANGUAGES=por + +############################################################################### +# Paperless-specific settings # +############################################################################### + +# All settings defined in the paperless.conf.example can be used here. The +# Docker setup does not use the configuration file. +# A few commonly adjusted settings are provided below. + +# This is required if you will be exposing Paperless-ngx on a public domain +# (if doing so please consider security measures such as reverse proxy) +PAPERLESS_URL=https://paperless.ccalifice.com + +# Adjust this key if you plan to make paperless available publicly. It should +# be a very long sequence of random characters. You don't need to remember it. +#PAPERLESS_SECRET_KEY=39vns094#$ds_KSIE903!jskSJ$0230pl@#%%kosKEO + +# Use this variable to set a timezone for the Paperless Docker containers. If not specified, defaults to UTC. +PAPERLESS_TIME_ZONE=America/Sao_Paulo + +# The default language to use for OCR. Set this to the language most of your +# documents are written in. +PAPERLESS_OCR_LANGUAGE=por + +# Set if accessing paperless via a domain subpath e.g. https://domain.com/PATHPREFIX and using a reverse-proxy like traefik or nginx +#PAPERLESS_FORCE_SCRIPT_NAME=/PATHPREFIX +#PAPERLESS_STATIC_URL=/PATHPREFIX/static/ # trailing slash required diff --git a/paperless/.env b/paperless/.env new file mode 100644 index 0000000..0bd5be6 --- /dev/null +++ b/paperless/.env @@ -0,0 +1 @@ +COMPOSE_PROJECT_NAME=paperless diff --git a/paperless/docker-compose.yml b/paperless/docker-compose.yml new file mode 100644 index 0000000..9c3ac3e --- /dev/null +++ b/paperless/docker-compose.yml @@ -0,0 +1,86 @@ +services: + broker: + container_name: paperless-broker + image: docker.io/library/redis:7 + restart: unless-stopped + volumes: + - ./redisdata:/data + networks: + - paperless-net + + db: + image: docker.io/library/postgres:15 + restart: unless-stopped + volumes: + - ./pgdata:/var/lib/postgresql/data + environment: + POSTGRES_DB: paperless + POSTGRES_USER: paperless + POSTGRES_PASSWORD: paperless + networks: + - paperless-net + container_name: paperless-db + + webserver: + image: ghcr.io/paperless-ngx/paperless-ngx:latest + container_name: paperless-ngx + restart: unless-stopped + depends_on: + - db + - broker + - gotenberg + - tika + ports: + - "8000:8000" + healthcheck: + test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8000"] + interval: 30s + timeout: 10s + retries: 5 + volumes: + - ./data:/usr/src/paperless/data + - ./media:/usr/src/paperless/media + - ./export:/usr/src/paperless/export + - ./consume:/usr/src/paperless/consume + env_file: .docker-compose.env + environment: + PAPERLESS_REDIS: redis://broker:6379 + PAPERLESS_DBHOST: db + PAPERLESS_TIKA_ENABLED: 1 + PAPERLESS_TIKA_GOTENBERG_ENDPOINT: http://gotenberg:3000 + PAPERLESS_TIKA_ENDPOINT: http://tika:9998 + PAPERLESS_OAUTH_CALLBACK_BASE_URL: https://paperless.ccalifice.com + PAPERLESS_URL: https://paperless.ccalifice.com + PAPERLESS_OUTLOOK_OAUTH_CLIENT_ID: '0285b467-7522-4845-ac05-3e89aa2e1024' + PAPERLESS_OUTLOOK_OAUTH_CLIENT_SECRET: 'l1F8Q~TqHOiy~6CL2kXEIjIQz-SoaJ.AuQ_0saN9' + USERMAP_UID: 1000 + USERMAP_GID: 1002 + networks: + - paperless-net + - caddy-net + + gotenberg: + image: docker.io/gotenberg/gotenberg:8.3.0 + restart: unless-stopped + networks: + - paperless-net + # The gotenberg chromium route is used to convert .eml files. We do not + # want to allow external content like tracking pixels or even javascript. + command: + - "gotenberg" + - "--chromium-disable-javascript=true" + - "--chromium-allow-list=file:///tmp/.*" + container_name: gotenberg + + tika: + image: ghcr.io/paperless-ngx/tika:latest + restart: unless-stopped + networks: + - paperless-net + container_name: tika + +networks: + caddy-net: + external: true + name: caddy-net + paperless-net: diff --git a/scrutiny/docker-compose.yml b/scrutiny/docker-compose.yml new file mode 100644 index 0000000..3eafb7f --- /dev/null +++ b/scrutiny/docker-compose.yml @@ -0,0 +1,47 @@ +networks: + monitoring: # A common network for all monitoring services to communicate into +# external: true +# notifications: # To Gotify or another Notification service +# external: true + +services: + influxdb: + container_name: scrutiny-influxdb + image: influxdb:2.1-alpine + ports: + - 8086:8086 + volumes: + - ./config/influxdb2/db:/var/lib/influxdb2 + - ./config/influxdb2/config:/etc/influxdb2 + environment: + - DOCKER_INFLUXDB_INIT_MODE=setup + - DOCKER_INFLUXDB_INIT_USERNAME=Admin + - DOCKER_INFLUXDB_INIT_PASSWORD=asdf1234 + - DOCKER_INFLUXDB_INIT_ORG=homelab + - DOCKER_INFLUXDB_INIT_BUCKET=scrutiny + - DOCKER_INFLUXDB_INIT_ADMIN_TOKEN=3249085v098scnm#386 + restart: unless-stopped + networks: + - monitoring + + scrutiny: + container_name: scrutiny + image: ghcr.io/analogj/scrutiny:master-web + ports: + - 8081:8080 + volumes: + - ./config/scrutiny/config:/opt/scrutiny/config + environment: + - SCRUTINY_WEB_INFLUXDB_HOST=influxdb + - SCRUTINY_WEB_INFLUXDB_PORT=8086 + - SCRUTINY_WEB_INFLUXDB_TOKEN=3249085v098scnm#386 + - SCRUTINY_WEB_INFLUXDB_ORG=homelab + - SCRUTINY_WEB_INFLUXDB_BUCKET=scrutiny + # Optional but highly recommended to notify you in case of a problem + - SCRUTINY_NOTIFY_URLS=["http://http://192.168.1.202:9898/SMART"] + depends_on: + - influxdb + restart: unless-stopped + networks: +# - notifications + - monitoring diff --git a/stirling-pdf/docker-compose.yml b/stirling-pdf/docker-compose.yml new file mode 100644 index 0000000..6b38e03 --- /dev/null +++ b/stirling-pdf/docker-compose.yml @@ -0,0 +1,31 @@ +services: + stirling-pdf: + container_name: stirling-PDF + image: frooodle/s-pdf:latest + deploy: + resources: + limits: + memory: 4G + healthcheck: + test: ["CMD-SHELL", "curl -f http://localhost:8080/api/v1/info/status | grep -q 'UP' && curl -fL http://localhost:8080/ | grep -qv 'Please sign in'"] + interval: 5s + timeout: 10s + retries: 16 + ports: + - "8585:8080" + volumes: + - ./data:/usr/share/tessdata:rw + - ./config:/configs:rw + - ./logs:/logs:rw + environment: + DOCKER_ENABLE_SECURITY: "false" + SECURITY_ENABLELOGIN: "false" + LANGS: "en_GB,en_US,ar_AR,de_DE,fr_FR,es_ES,zh_CN,zh_TW,ca_CA,it_IT,sv_SE,pl_PL,ro_RO,ko_KR,pt_BR,ru_RU,el_GR,hi_IN,hu_HU,tr_TR,id_ID" + SYSTEM_DEFAULTLOCALE: en-US + UI_APPNAME: Stirling-PDF + UI_HOMEDESCRIPTION: Stirling-PDF + UI_APPNAMENAVBAR: Stirling-PDF Latest + SYSTEM_MAXFILESIZE: "100" + METRICS_ENABLED: "true" + SYSTEM_GOOGLEVISIBILITY: "true" + restart: on-failure:5 diff --git a/uptime-kuma/docker-compose.yml b/uptime-kuma/docker-compose.yml new file mode 100644 index 0000000..57fc358 --- /dev/null +++ b/uptime-kuma/docker-compose.yml @@ -0,0 +1,13 @@ +# Simple docker-compose.yml +# You can change your port or volume location +services: + uptime-kuma: + image: louislam/uptime-kuma:1 + container_name: uptime-kuma + volumes: + - ./uptime-kuma-data:/app/data + ports: + - 3001:3001 # : + restart: always + environment: + - TZ="America/Sao_Paulo" diff --git a/vaultwarden/.env b/vaultwarden/.env new file mode 100644 index 0000000..5df3611 --- /dev/null +++ b/vaultwarden/.env @@ -0,0 +1,5 @@ +DOMAIN=http://vaultwarden.ccalifice.com/ +ADMIN_TOKEN=yuioqzkjiouqeiu3948sdnasdnmk239!!!asdakj&& +WEB_VAULT_ENABLED=true +WEBSOCKET_ENABLED=true +TZ=America/Sao_Paulo diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml new file mode 100755 index 0000000..65790ea --- /dev/null +++ b/vaultwarden/docker-compose.yml @@ -0,0 +1,11 @@ +services: + vaultwarden: + image: vaultwarden/server:latest + container_name: vaultwarden + restart: unless-stopped + volumes: + - ./vw-data:/data + ports: + - 8080:80 + env_file: + - .env diff --git a/vikunja/docker-compose.yml b/vikunja/docker-compose.yml new file mode 100644 index 0000000..f875f5c --- /dev/null +++ b/vikunja/docker-compose.yml @@ -0,0 +1,45 @@ +services: + vikunja: + container_name: vikunja + image: vikunja/vikunja + environment: +# VIKUNJA_SERVICE_PUBLICURL: https://tasks.ccalifice.com + VIKUNJA_DATABASE_HOST: db + VIKUNJA_DATABASE_PASSWORD: ejcurt!898f! + VIKUNJA_DATABASE_TYPE: postgres + VIKUNJA_DATABASE_USER: vikunja + VIKUNJA_DATABASE_DATABASE: vikunja + VIKUNJA_SERVICE_JWTSECRET: 4ab3fe5084fb63e68ecdac256e789be0124e1c6652aaeaa663d92bd3bfeb2a8eb1052740b132b5b9b6ae84b53fbd68e45bf4721e24faf75bb5f1cfb267eb04da + ports: + - 3456:3456 + volumes: + - ./files:/app/vikunja/files + depends_on: + db: + condition: service_healthy + restart: unless-stopped + networks: + - caddy-net + - vikunja + db: + container_name: vikunja-db + image: postgres:16 + environment: + POSTGRES_PASSWORD: ejcurt!898f! + POSTGRES_USER: vikunja + volumes: + - ./db:/var/lib/postgresql/data + restart: unless-stopped + healthcheck: + test: ["CMD-SHELL", "pg_isready -h localhost -U $$POSTGRES_USER"] + interval: 2s + networks: + - vikunja + + + +networks: + caddy-net: + external: true + name: caddy-net + vikunja: