ccalifice/compose-projects-services
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

migrate to compose-projects folder and init repo

Browse Source
This commit is contained in:
Christoph Califice
2025-08-13 22:47:11 -03:00
commit a08c8cc7fa
33 changed files with 1873 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
RicoToGhostfolio/docker-compose.yml Normal file
View File

@@ -0,0 +1,7 @@
services:
rico-to-ghostfolio:
container_name: rico-to-ghostfolio
ports:
- "8001:8000"
build:
dockerfile: Dockerfile

28
caddy/docker-compose.yml Normal file
View File

@@ -0,0 +1,28 @@
services:
caddy:
# image: caddy:latest
container_name: caddy
build:
dockerfile: Dockerfile
restart: unless-stopped
cap_add:
- NET_ADMIN
ports:
- "2019:2019"
- "80:80"
- "443:443"
- "443:443/udp"
- "8282:8282"
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile
- ./site/bortolaso-sail:/srv/bortolaso-sail
- ./site/ariang:/srv/ariang
- ./caddy-data:/data
- ./caddy-config:/config
networks:
- caddy-net
networks:
caddy-net:
driver: bridge
name: caddy-net

18
cloudflared/docker-compose.yml Normal file
View File

@@ -0,0 +1,18 @@
services:
cloudflared:
image: cloudflare/cloudflared:latest
container_name: cloudflared
user: "0:0"
volumes:
- ./config:/root/.cloudflared
#command: tunnel login
#command: tunnel create tunnel_ccalifice
command: tunnel --no-autoupdate run
restart: always
networks:
- caddy-net
networks:
caddy-net:
external: true
name: caddy-net

8
cyber-chef/docker-compose.yml Normal file
View File

@@ -0,0 +1,8 @@
name: cyber-chef
services:
cyberchef:
ports:
- 8383:80
image: ghcr.io/gchq/cyberchef:latest
restart: unless-stopped
container_name: container_name

15
filebrowser/docker-compose.yml Normal file
View File

@@ -0,0 +1,15 @@
---
services:
filebrowser:
image: filebrowser/filebrowser
container_name: filebrowser
user: "1000:1002"
ports:
- 8686:80
volumes:
- /mnt/christoph:/srv/christoph
- /mnt/Public:/srv/Public
- ./database.db:/database.db
- ./settings.json:/.settings.json
- ./branding:/branding
restart: unless-stopped

3
firefly-iii/.db.env Normal file
View File

@@ -0,0 +1,3 @@
MYSQL_RANDOM_ROOT_PASSWORD=yes
MYSQL_USER=firefly
MYSQL_PASSWORD=123mysql321$!

341
firefly-iii/.env Normal file
View File

@@ -0,0 +1,341 @@
# You can leave this on "local". If you change it to production most console commands will ask for extra confirmation.
# Never set it to "testing".
APP_ENV=local
# Set to true if you want to see debug information in error screens.
APP_DEBUG=false
# This should be your email address.
# If you use Docker or similar, you can set this variable from a file by using SITE_OWNER_FILE
# The variable is used in some errors shown to users who aren't admin.
SITE_OWNER=christoph.califice@hotmail.com
# The encryption key for your sessions. Keep this very secure.
# Change it to a string of exactly 32 chars or use something like `php artisan key:generate` to generate it.
# If you use Docker or similar, you can set this variable from a file by using APP_KEY_FILE
#
# Avoid the "#" character in your APP_KEY, it may break things.
#
APP_KEY=SomeRandomStringOf32CharsExactly
# Firefly III will launch using this language (for new users and unauthenticated visitors)
# For a list of available languages: https://github.com/firefly-iii/firefly-iii/tree/main/resources/lang
#
# If text is still in English, remember that not everything may have been translated.
DEFAULT_LANGUAGE=en_US
# The locale defines how numbers are formatted.
# by default this value is the same as whatever the language is.
DEFAULT_LOCALE=equal
# Change this value to your preferred time zone.
# Example: Europe/Amsterdam
# For a list of supported time zones, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
TZ=America/Sao_Paulo
# TRUSTED_PROXIES is a useful variable when using Docker and/or a reverse proxy.
# Set it to ** and reverse proxies work just fine.
TRUSTED_PROXIES=
# The log channel defines where your log entries go to.
# Several other options exist. You can use 'single' for one big fat error log (not recommended).
# Also available are 'syslog', 'errorlog' and 'stdout' which will log to the system itself.
# A rotating log option is 'daily', creates 5 files that (surprise) rotate.
# A cool option is 'papertrail' for cloud logging
# Default setting 'stack' will log to 'daily' and to 'stdout' at the same time.
LOG_CHANNEL=stack
# Log level. You can set this from least severe to most severe:
# debug, info, notice, warning, error, critical, alert, emergency
# If you set it to debug your logs will grow large, and fast. If you set it to emergency probably
# nothing will get logged, ever.
APP_LOG_LEVEL=debug
# Audit log level.
# The audit log is used to log notable Firefly III events on a separate channel.
# These log entries may contain sensitive financial information.
# The audit log is disabled by default.
#
# To enable it, set AUDIT_LOG_LEVEL to "info"
# To disable it, set AUDIT_LOG_LEVEL to "emergency"
AUDIT_LOG_LEVEL=emergency
#
# If you want, you can redirect the audit logs to another channel.
# Set 'audit_stdout', 'audit_syslog', 'audit_errorlog' to log to the system itself.
# Use audit_daily to log to a rotating file.
# Use audit_papertrail to log to papertrail.
#
# If you do this, the audit logs may be mixed with normal logs because the settings for these channels
# are often the same as the settings for the normal logs.
AUDIT_LOG_CHANNEL=
#
# Used when logging to papertrail:
# Also used when audit logs log to papertrail:
#
PAPERTRAIL_HOST=
PAPERTRAIL_PORT=
# Database credentials. Make sure the database exists. I recommend a dedicated user for Firefly III
# For other database types, please see the FAQ: https://docs.firefly-iii.org/firefly-iii/faq/self-hosted/#i-want-to-use-sqlite
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
# Use "pgsql" for PostgreSQL
# Use "mysql" for MySQL and MariaDB.
# Use "sqlite" for SQLite.
DB_CONNECTION=mysql
DB_HOST=db
DB_PORT=3306
DB_DATABASE=firefly
DB_USERNAME=firefly
DB_PASSWORD=secret_firefly_password
# leave empty or omit when not using a socket connection
DB_SOCKET=
# MySQL supports SSL. You can configure it here.
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
MYSQL_USE_SSL=false
MYSQL_SSL_VERIFY_SERVER_CERT=true
# You need to set at least of these options
MYSQL_SSL_CAPATH=/etc/ssl/certs/
MYSQL_SSL_CA=
MYSQL_SSL_CERT=
MYSQL_SSL_KEY=
MYSQL_SSL_CIPHER=
# PostgreSQL supports SSL. You can configure it here.
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
PGSQL_SSL_MODE=prefer
PGSQL_SSL_ROOT_CERT=null
PGSQL_SSL_CERT=null
PGSQL_SSL_KEY=null
PGSQL_SSL_CRL_FILE=null
# more PostgreSQL settings
PGSQL_SCHEMA=public
# If you're looking for performance improvements, you could install memcached or redis
CACHE_DRIVER=file
SESSION_DRIVER=file
# If you set either of the options above to 'redis', you might want to update these settings too
# If you use Docker or similar, you can set REDIS_HOST_FILE, REDIS_PASSWORD_FILE or
# REDIS_PORT_FILE to set the value from a file instead of from an environment variable
# can be tcp, unix or http
REDIS_SCHEME=tcp
# use only when using 'unix' for REDIS_SCHEME. Leave empty otherwise.
REDIS_PATH=
# use only when using 'tcp' or 'http' for REDIS_SCHEME. Leave empty otherwise.
REDIS_HOST=127.0.0.1
REDIS_PORT=6379
# Use only with Redis 6+ with proper ACL set. Leave empty otherwise.
REDIS_USERNAME=
REDIS_PASSWORD=
# always use quotes and make sure redis db "0" and "1" exists. Otherwise change accordingly.
REDIS_DB="0"
REDIS_CACHE_DB="1"
# Cookie settings. Should not be necessary to change these.
# If you use Docker or similar, you can set COOKIE_DOMAIN_FILE to set
# the value from a file instead of from an environment variable
# Setting samesite to "strict" may give you trouble logging in.
COOKIE_PATH="/"
COOKIE_DOMAIN=
COOKIE_SECURE=false
COOKIE_SAMESITE=lax
# If you want Firefly III to email you, update these settings
# For instructions, see: https://docs.firefly-iii.org/firefly-iii/advanced-installation/email/#email
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
MAIL_MAILER=log
MAIL_HOST=null
MAIL_PORT=2525
MAIL_FROM=changeme@example.com
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
MAIL_SENDMAIL_COMMAND=
# Other mail drivers:
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
MAILGUN_DOMAIN=
MAILGUN_SECRET=
# If you are on EU region in mailgun, use api.eu.mailgun.net, otherwise use api.mailgun.net
# If you use Docker or similar, you can set this variable from a file by appending it with _FILE
MAILGUN_ENDPOINT=api.mailgun.net
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
MANDRILL_SECRET=
SPARKPOST_SECRET=
# Firefly III can send you the following messages.
SEND_ERROR_MESSAGE=true
# These messages contain (sensitive) transaction information:
SEND_REPORT_JOURNALS=true
# Set this value to true if you want to set the location of certain things, like transactions.
# Since this involves an external service, it's optional and disabled by default.
ENABLE_EXTERNAL_MAP=false
# Set this value to true if you want Firefly III to download currency exchange rates
# from the internet. These rates are hosted by the creator of Firefly III inside
# an Azure Storage Container.
# Not all currencies may be available. Rates may be wrong.
ENABLE_EXTERNAL_RATES=true
# The map will default to this location:
MAP_DEFAULT_LAT=51.983333
MAP_DEFAULT_LONG=5.916667
MAP_DEFAULT_ZOOM=6
#
# Some objects have room for an URL, like transactions and webhooks.
# By default, the following protocols are allowed:
# http, https, ftp, ftps, mailto
#
# To change this, set your preferred comma separated set below.
# Be sure to include http, https and other default ones if you need to.
#
VALID_URL_PROTOCOLS=
#
# Firefly III authentication settings
#
#
# Firefly III supports a few authentication methods:
# - 'web' (default, uses built in DB)
# - 'remote_user_guard' for Authelia etc
# Read more about these settings in the documentation.
# https://docs.firefly-iii.org/firefly-iii/advanced-installation/authentication
#
# LDAP is no longer supported :(
#
AUTHENTICATION_GUARD=web
#
# Remote user guard settings
#
AUTHENTICATION_GUARD_HEADER=REMOTE_USER
AUTHENTICATION_GUARD_EMAIL=
#
# Firefly III generates a basic keypair for your OAuth tokens.
# If you want, you can overrule the key with your own (secure) value.
# It's also possible to set PASSPORT_PUBLIC_KEY_FILE or PASSPORT_PRIVATE_KEY_FILE
# if you're using Docker secrets or similar solutions for secret management
#
PASSPORT_PRIVATE_KEY=
PASSPORT_PUBLIC_KEY=
#
# Extra authentication settings
#
CUSTOM_LOGOUT_URL=
# You can disable the X-Frame-Options header if it interferes with tools like
# Organizr. This is at your own risk. Applications running in frames run the risk
# of leaking information to their parent frame.
DISABLE_FRAME_HEADER=false
# You can disable the Content Security Policy header when you're using an ancient browser
# or any version of Microsoft Edge / Internet Explorer (which amounts to the same thing really)
# This leaves you with the risk of not being able to stop XSS bugs should they ever surface.
# This is at your own risk.
DISABLE_CSP_HEADER=false
# If you wish to track your own behavior over Firefly III, set valid analytics tracker information here.
# Nobody uses this except for me on the demo site. But hey, feel free to use this if you want to.
# Do not prepend the TRACKER_URL with http:// or https://
# The only tracker supported is Matomo.
# You can set the following variables from a file by appending them with _FILE:
TRACKER_SITE_ID=
TRACKER_URL=
#
# Firefly III supports webhooks. These are security sensitive and must be enabled manually first.
#
ALLOW_WEBHOOKS=false
#
# The static cron job token can be useful when you use Docker and wish to manage cron jobs.
# 1. Set this token to any 32-character value (this is important!).
# 2. Use this token in the cron URL instead of a user's command line token that you can find in /profile
#
# For more info: https://docs.firefly-iii.org/firefly-iii/advanced-installation/cron/
#
# You can set this variable from a file by appending it with _FILE
#
STATIC_CRON_TOKEN=
# You can fine tune the start-up of a Docker container by editing these environment variables.
# Use this at your own risk. Disabling certain checks and features may result in lots of inconsistent data.
# However if you know what you're doing you can significantly speed up container start times.
# Set each value to true to enable, or false to disable.
# Set this to true to build all locales supported by Firefly III.
# This may take quite some time (several minutes) and is generally not recommended.
# If you wish to change or alter the list of locales, start your Docker container with
# `docker run -v locale.gen:/etc/locale.gen -e DKR_BUILD_LOCALE=true`
# and make sure your preferred locales are in your own locale.gen.
DKR_BUILD_LOCALE=false
# Check if the SQLite database exists. Can be skipped if you're not using SQLite.
# Won't significantly speed up things.
DKR_CHECK_SQLITE=true
# Run database creation and migration commands. Disable this only if you're 100% sure the DB exists
# and is up to date.
DKR_RUN_MIGRATION=true
# Run database upgrade commands. Disable this only when you're 100% sure your DB is up-to-date
# with the latest fixes (outside of migrations!)
DKR_RUN_UPGRADE=true
# Verify database integrity. Includes all data checks and verifications.
# Disabling this makes Firefly III assume your DB is intact.
DKR_RUN_VERIFY=true
# Run database reporting commands. When disabled, Firefly III won't go over your data to report current state.
# Disabling this should have no impact on data integrity or safety but it won't warn you of possible issues.
DKR_RUN_REPORT=true
# Generate OAuth2 keys.
# When disabled, Firefly III won't attempt to generate OAuth2 Passport keys. This won't be an issue, IFF (if and only if)
# you had previously generated keys already and they're stored in your database for restoration.
DKR_RUN_PASSPORT_INSTALL=true
# Leave the following configuration vars as is.
# Unless you like to tinker and know what you're doing.
APP_NAME=FireflyIII
BROADCAST_DRIVER=log
QUEUE_DRIVER=sync
CACHE_PREFIX=firefly
PUSHER_KEY=
IPINFO_TOKEN=
PUSHER_SECRET=
PUSHER_ID=
DEMO_USERNAME=
DEMO_PASSWORD=
FIREFLY_III_LAYOUT=v1
#
# If you have trouble configuring your Firefly III installation, DON'T BOTHER setting this variable.
# It won't work. It doesn't do ANYTHING. Don't believe the lies you read online. I'm not joking.
# This configuration value WILL NOT HELP.
#
# Notable exception to this rule is Synology, which, according to some users, will use APP_URL to rewrite stuff.
#
# This variable is ONLY used in some of the emails Firefly III sends around. Nowhere else.
# So when configuring anything WEB related this variable doesn't do anything. Nothing
#
# If you're stuck I understand you get desperate but look SOMEWHERE ELSE.
#
APP_URL=http://localhost

244
firefly-iii/.importer.env Normal file
View File

@@ -0,0 +1,244 @@
# Firefly Data Importer (FIDI) configuration file
# Where is Firefly III?
#
# 1) Make sure you ADD http:// or https://
# 2) Make sure you REMOVE any trailing slash from the end of the URL.
# 3) In case of Docker, refer to the internal IP of your Firefly III installation.
#
# Setting this value is not mandatory. But it is very useful.
#
# This variable can be set from a file if you append it with _FILE
#
FIREFLY_III_URL=http://192.168.1.202:88
#
# Imagine Firefly III can be reached at "http://172.16.0.2:8082" (internal Docker network or something).
# But you have a fancy URL: "https://personal-finances.bill.microsoft.com/"
#
# In those cases, you can overrule the URL so when the data importer links back to Firefly III, it uses the correct URL.
#
# 1) Make sure you ADD http:// or https://
# 2) Make sure you REMOVE any trailing slash from the end of the URL.
#
# IF YOU SET THIS VALUE, YOU MUST ALSO SET THE FIREFLY_III_URL
#
# This variable can be set from a file if you append it with _FILE
#
VANITY_URL=
#
# Set your Firefly III Personal Access Token (OAuth)
# You can create a Personal Access Token on the /profile page:
# go to the OAuth tab, then Personal Access Token and "Create token".
#
# - Do not use the "command line token". That's the WRONG one.
# - Do not use "APP_KEY" value from your Firefly III installation. That's the WRONG one.
#
# Setting this value is not mandatory. Instructions will follow if you omit this field.
#
# This variable can be set from a file if you append it with _FILE
#
FIREFLY_III_ACCESS_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiIxMyIsImp0aSI6ImM2NTdhNzg3MjI0NDhkZWVlNThmZTY0NmRhYzc5MThmOTJmZTY3ZmM5YjA0OGY3MTgzMjI0ZWU2MDhiN2U0Mzg3NGIwNTFkNmZiYTI5ZTdhIiwiaWF0IjoxNzA0NTcwMTI3LjYyMjMzMSwibmJmIjoxNzA0NTcwMTI3LjYyMjMzMywiZXhwIjoxNzM2MTkyNTI3LjU5MDkwMywic3ViIjoiMSIsInNjb3BlcyI6W119.kq9eElh0qMccrZrtEJbDnf3YXikxjZBDqhxA_O7dcgmikpT0D3Ql9o_arY18TaAHoiCirO2It5TWDbYCFWehWdZXwhlnwMUTrXUxkxdw8wkDe6_GfV44_IprBlWjORCAjYP0qKRX_UhN_mYwuZcBrHphVnl_T-EWGygBm-BD8cuPOKcAUiIhWz48p9BS3T8vz-g1EmhcAGa8c5VmCCNVXLD5_dNmcVm066tcs4a3dmc0bJ85-kAxABHoowZnZhdjrGT1pjdPtDI8HDwTWUeSZzqfRZKo-iyfH_VLcJ845GtJvP88SSdAlUXM15DxqPcJG4ruUDvBmAKb-3zGL6yu1MI6-LwgjvVc-O9W589n41Kp-cG9syk0E3ddYaQeO9h78Hm9ApKNJUX3OFLCeWp562qqvM3Rpd5IbPsJwO4L3TmQ4b1H385pWY5zGsovvx0-hmxNFnrtBjLR09rpp0tW1grINMD2XwfvJrD9nUfHEtCb9WxOjQhkMrBAC4Jr-EuP20HQTcCtImHHRqi3378E_Hum9UcJTcfFRX7_b5GJUAN6suyI_7ZOfDVfGQoUwTpgGKlHH8hIMEt6r4B7q39lpfIcaWFRMjKCIGcehAlH7kJ-QgfPfgdMrCfBsBw3IF28uhIPfiI5gDRymTKltxYh6IEKLAYZ4BHrhBmFiR5q0Gc
#
# You can also use a public client ID. This is available in Firefly III 5.4.0-alpha.3 and higher.
# This is a number (1, 2, 3). If you use the client ID, you can leave the access token empty and vice versa.
#
# This value is not mandatory to set. Instructions will follow if you omit this field.
#
# This variable can be set from a file if you append it with _FILE
#
FIREFLY_III_CLIENT_ID=
#
# Nordigen information.
# The key and ID can be set from a file if you append it with _FILE
#
NORDIGEN_ID=
NORDIGEN_KEY=
NORDIGEN_SANDBOX=false
#
# Spectre information
#
# The ID and secret can be set from a file if you append it with _FILE
SPECTRE_APP_ID=
SPECTRE_SECRET=
#
# Use cache. No need to do this.
#
USE_CACHE=false
#
# If set to true, the data import will not complain about running into duplicates.
# This will give you cleaner import mails if you run regular imports.
#
# This means that the data importer will not import duplicates, but it will not complain about them either.
#
# This setting has no influence on the settings in your configuration(.json).
#
# Of course, if something goes wrong *because* the transaction is a duplicate you will
# NEVER know unless you start digging in your log files. So be careful with this.
#
IGNORE_DUPLICATE_ERRORS=false
#
# Auto import settings. Due to security constraints, you MUST enable each feature individually.
# You must also set a secret. The secret is used for the web routes.
#
# The auto-import secret must be a string of at least 16 characters.
# Visit this page for inspiration: https://www.random.org/passwords/?num=1&len=16&format=html&rnd=new
#
# Submit it using ?secret=X
#
# This variable can be set from a file if you append it with _FILE
#
AUTO_IMPORT_SECRET=
#
# Is the /autoimport even endpoint enabled?
# By default it's disabled, and the secret alone will not enable it.
#
CAN_POST_AUTOIMPORT=false
#
# Is the /autoupload endpoint enabled?
# By default it's disabled, and the secret alone will not enable it.
#
CAN_POST_FILES=false
#
# Import directory white list. You need to set this before the auto importer will accept a directory to import from.
#
# This variable can be set from a file if you append it with _FILE
#
IMPORT_DIR_ALLOWLIST=
#
# When you're running Firefly III under a (self-signed) certificate,
# the data importer may have trouble verifying the TLS connection.
#
# You have a few options to make sure the data importer can connect
# to Firefly III:
# - 'true': will verify all certificates. The most secure option and the default.
# - 'file.pem': refer to a file (you must provide it) to your custom root or intermediate certificates.
# - 'false': will verify NO certificates. Not very secure.
VERIFY_TLS_SECURITY=true
#
# If you want, you can set a directory here where the data importer will look for import configurations.
# This is a separate setting from the /import directory that the auto-import uses.
# Setting this variable isn't necessary. The default value is "storage/configurations".
#
# This variable can be set from a file if you append it with _FILE
#
JSON_CONFIGURATION_DIR=
#
# Time out when connecting with Firefly III.
# π*10 seconds is usually fine.
#
CONNECTION_TIMEOUT=31.41
# The following variables can be useful when debugging the application
APP_ENV=local
APP_DEBUG=false
LOG_CHANNEL=stack
#
# If you turn this on, expect massive logs with lots of privacy sensitive data
#
LOG_RETURN_JSON=false
# Log level. You can set this from least severe to most severe:
# debug, info, notice, warning, error, critical, alert, emergency
# If you set it to debug your logs will grow large, and fast. If you set it to emergency probably
# nothing will get logged, ever.
LOG_LEVEL=debug
# TRUSTED_PROXIES is a useful variable when using Docker and/or a reverse proxy.
# Set it to ** and reverse proxies work just fine.
TRUSTED_PROXIES=
#
# Time zone
#
TZ=America/Sao_Paulo
#
# Use ASSET_URL when you're running the data importer in a sub-directory.
#
ASSET_URL=
#
# Email settings.
# The data importer can send you a message with all errors, warnings and messages
# after a successful import. This is disabled by default
#
ENABLE_MAIL_REPORT=false
#
# Force Firefly III URL to be secure?
#
#
EXPECT_SECURE_URL=false
# If enabled, define which mailer you want to use.
# Options include: smtp, mailgun, postmark, sendmail, log, array
# Amazon SES is not supported.
# log = drop mails in the logs instead of sending them
# array = debug mailer that does nothing.
MAIL_MAILER=
# where to send the report?
MAIL_DESTINATION=noreply@example.com
# other mail settings
# These variables can be set from a file if you append it with _FILE
MAIL_FROM_ADDRESS=noreply@example.com
MAIL_HOST=smtp.mailtrap.io
MAIL_PORT=2525
MAIL_USERNAME=username
MAIL_PASSWORD=password
MAIL_ENCRYPTION=null
# Extra settings depending on your mail configuration above.
# These variables can be set from a file if you append it with _FILE
MAILGUN_DOMAIN=
MAILGUN_SECRET=
MAILGUN_ENDPOINT=
POSTMARK_TOKEN=
#
# You probably won't need to change these settings.
#
BROADCAST_DRIVER=log
CACHE_DRIVER=file
QUEUE_CONNECTION=sync
SESSION_DRIVER=file
SESSION_LIFETIME=120
IS_EXTERNAL=false
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379
# always use quotes
REDIS_DB="0"
REDIS_CACHE_DB="1"
# The only tracker supported is Matomo.
# This is used on the public instance over at https://data-importer.firefly-iii.org
TRACKER_SITE_ID=
TRACKER_URL=
APP_NAME=DataImporter
#
# The APP_URL environment variable is NOT used anywhere.
# Don't bother setting it to fix your reverse proxy problems. It won't help.
# Don't open issues telling me it doesn't help because it's not supposed to.
# Laravel uses this to generate links on the command line, which is a feature the data importer does not use.
#
APP_URL=http://localhost

244
firefly-iii/.importer.mor.env Normal file
View File

@@ -0,0 +1,244 @@
# Firefly Data Importer (FIDI) configuration file
# Where is Firefly III?
#
# 1) Make sure you ADD http:// or https://
# 2) Make sure you REMOVE any trailing slash from the end of the URL.
# 3) In case of Docker, refer to the internal IP of your Firefly III installation.
#
# Setting this value is not mandatory. But it is very useful.
#
# This variable can be set from a file if you append it with _FILE
#
FIREFLY_III_URL=http://192.168.1.202:88
#
# Imagine Firefly III can be reached at "http://172.16.0.2:8082" (internal Docker network or something).
# But you have a fancy URL: "https://personal-finances.bill.microsoft.com/"
#
# In those cases, you can overrule the URL so when the data importer links back to Firefly III, it uses the correct URL.
#
# 1) Make sure you ADD http:// or https://
# 2) Make sure you REMOVE any trailing slash from the end of the URL.
#
# IF YOU SET THIS VALUE, YOU MUST ALSO SET THE FIREFLY_III_URL
#
# This variable can be set from a file if you append it with _FILE
#
VANITY_URL=
#
# Set your Firefly III Personal Access Token (OAuth)
# You can create a Personal Access Token on the /profile page:
# go to the OAuth tab, then Personal Access Token and "Create token".
#
# - Do not use the "command line token". That's the WRONG one.
# - Do not use "APP_KEY" value from your Firefly III installation. That's the WRONG one.
#
# Setting this value is not mandatory. Instructions will follow if you omit this field.
#
# This variable can be set from a file if you append it with _FILE
#
FIREFLY_III_ACCESS_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiIzMjkiLCJqdGkiOiIxODg5NzIxZjU0OTQzZjE1YmJmNThiYTcyMDUzYTgyZDY2MDFlNDNmZGY4M2UxZTM1ZDY2ZmZhNWVmYTc1NWQ1ODc1NDQ2MjhkMzJjZjczOCIsImlhdCI6MTcxMjU4MDY4NC44MzM2NTQsIm5iZiI6MTcxMjU4MDY4NC44MzM2NTcsImV4cCI6MTc0NDExNjY4NC43NzYzMTIsInN1YiI6IjIiLCJzY29wZXMiOltdfQ.MlxdQrRJu2wQYhjp8SXz7aw7e1gSzt8NwmHRc57V-0nq6TvtI1EAKiIrlk3t4meO1nNU81dmvOdcmbhXUEXlhpkRTTxqir58UZlVQVeZlkfL8r8rghRBmtnzxNNYdHjCytG9hOGHqYOfBIa_EDXx2Df3WROwPKAOzrbfm42KIG2IGJ8iFa5YgRUvoiAbRxoihjL6vV8YoNm82-i0r8CtIfxZTuvU_ve9fAhnOlxZWNy4k2iWkPsQNvTpV_lTLIaoPcETCZEcvmb3nUbhak9U9Q_Dy-s6YdD8yg-tAjkomDF9murAaYUI_1irkK7YKEaFPgM7tRSiQ8CkKgjjKR0JzHvvpWOW22qXVtgT6d1F3yu-sDEWtSjH9jdUdf1fLYrHLfEZIXaAbnLPEiHJf0u2r1CaRTDO_kkb_hAMLk09vftlitwrfvkNLlcZVDgqV3VuwO_tuTOc4FTrPA97oA38AnHgTLkC6EXO4r6n0gAcD4qhJcE9ADWLplcAR-_PBBdByQ3jKlyXqtXKyL5NVuyOQx_oLvVWmq3grYPb5nXUCrdUReLZvlgGK1feaesarPCss1PSkxmykNgplgjQIc85fJotIKaoduKLb_rDJ3speruRt63zkRbPQU4xrSn2TB4vrWuLpTFEGJa6sN2_muNxwc3USc8rZr2bpRMStBhaAOM
#
# You can also use a public client ID. This is available in Firefly III 5.4.0-alpha.3 and higher.
# This is a number (1, 2, 3). If you use the client ID, you can leave the access token empty and vice versa.
#
# This value is not mandatory to set. Instructions will follow if you omit this field.
#
# This variable can be set from a file if you append it with _FILE
#
FIREFLY_III_CLIENT_ID=
#
# Nordigen information.
# The key and ID can be set from a file if you append it with _FILE
#
NORDIGEN_ID=
NORDIGEN_KEY=
NORDIGEN_SANDBOX=false
#
# Spectre information
#
# The ID and secret can be set from a file if you append it with _FILE
SPECTRE_APP_ID=
SPECTRE_SECRET=
#
# Use cache. No need to do this.
#
USE_CACHE=false
#
# If set to true, the data import will not complain about running into duplicates.
# This will give you cleaner import mails if you run regular imports.
#
# This means that the data importer will not import duplicates, but it will not complain about them either.
#
# This setting has no influence on the settings in your configuration(.json).
#
# Of course, if something goes wrong *because* the transaction is a duplicate you will
# NEVER know unless you start digging in your log files. So be careful with this.
#
IGNORE_DUPLICATE_ERRORS=false
#
# Auto import settings. Due to security constraints, you MUST enable each feature individually.
# You must also set a secret. The secret is used for the web routes.
#
# The auto-import secret must be a string of at least 16 characters.
# Visit this page for inspiration: https://www.random.org/passwords/?num=1&len=16&format=html&rnd=new
#
# Submit it using ?secret=X
#
# This variable can be set from a file if you append it with _FILE
#
AUTO_IMPORT_SECRET=
#
# Is the /autoimport even endpoint enabled?
# By default it's disabled, and the secret alone will not enable it.
#
CAN_POST_AUTOIMPORT=false
#
# Is the /autoupload endpoint enabled?
# By default it's disabled, and the secret alone will not enable it.
#
CAN_POST_FILES=false
#
# Import directory white list. You need to set this before the auto importer will accept a directory to import from.
#
# This variable can be set from a file if you append it with _FILE
#
IMPORT_DIR_ALLOWLIST=
#
# When you're running Firefly III under a (self-signed) certificate,
# the data importer may have trouble verifying the TLS connection.
#
# You have a few options to make sure the data importer can connect
# to Firefly III:
# - 'true': will verify all certificates. The most secure option and the default.
# - 'file.pem': refer to a file (you must provide it) to your custom root or intermediate certificates.
# - 'false': will verify NO certificates. Not very secure.
VERIFY_TLS_SECURITY=true
#
# If you want, you can set a directory here where the data importer will look for import configurations.
# This is a separate setting from the /import directory that the auto-import uses.
# Setting this variable isn't necessary. The default value is "storage/configurations".
#
# This variable can be set from a file if you append it with _FILE
#
JSON_CONFIGURATION_DIR=
#
# Time out when connecting with Firefly III.
# π*10 seconds is usually fine.
#
CONNECTION_TIMEOUT=31.41
# The following variables can be useful when debugging the application
APP_ENV=local
APP_DEBUG=false
LOG_CHANNEL=stack
#
# If you turn this on, expect massive logs with lots of privacy sensitive data
#
LOG_RETURN_JSON=false
# Log level. You can set this from least severe to most severe:
# debug, info, notice, warning, error, critical, alert, emergency
# If you set it to debug your logs will grow large, and fast. If you set it to emergency probably
# nothing will get logged, ever.
LOG_LEVEL=debug
# TRUSTED_PROXIES is a useful variable when using Docker and/or a reverse proxy.
# Set it to ** and reverse proxies work just fine.
TRUSTED_PROXIES=
#
# Time zone
#
TZ=America/Sao_Paulo
#
# Use ASSET_URL when you're running the data importer in a sub-directory.
#
ASSET_URL=
#
# Email settings.
# The data importer can send you a message with all errors, warnings and messages
# after a successful import. This is disabled by default
#
ENABLE_MAIL_REPORT=false
#
# Force Firefly III URL to be secure?
#
#
EXPECT_SECURE_URL=false
# If enabled, define which mailer you want to use.
# Options include: smtp, mailgun, postmark, sendmail, log, array
# Amazon SES is not supported.
# log = drop mails in the logs instead of sending them
# array = debug mailer that does nothing.
MAIL_MAILER=
# where to send the report?
MAIL_DESTINATION=noreply@example.com
# other mail settings
# These variables can be set from a file if you append it with _FILE
MAIL_FROM_ADDRESS=noreply@example.com
MAIL_HOST=smtp.mailtrap.io
MAIL_PORT=2525
MAIL_USERNAME=username
MAIL_PASSWORD=password
MAIL_ENCRYPTION=null
# Extra settings depending on your mail configuration above.
# These variables can be set from a file if you append it with _FILE
MAILGUN_DOMAIN=
MAILGUN_SECRET=
MAILGUN_ENDPOINT=
POSTMARK_TOKEN=
#
# You probably won't need to change these settings.
#
BROADCAST_DRIVER=log
CACHE_DRIVER=file
QUEUE_CONNECTION=sync
SESSION_DRIVER=file
SESSION_LIFETIME=120
IS_EXTERNAL=false
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379
# always use quotes
REDIS_DB="0"
REDIS_CACHE_DB="1"
# The only tracker supported is Matomo.
# This is used on the public instance over at https://data-importer.firefly-iii.org
TRACKER_SITE_ID=
TRACKER_URL=
APP_NAME=DataImporter
#
# The APP_URL environment variable is NOT used anywhere.
# Don't bother setting it to fix your reverse proxy problems. It won't help.
# Don't open issues telling me it doesn't help because it's not supposed to.
# Laravel uses this to generate links on the command line, which is a feature the data importer does not use.
#
APP_URL=http://localhost

78
firefly-iii/docker-compose.yml Normal file
View File

@@ -0,0 +1,78 @@
#
# The Firefly III Data Importer will ask you for the Firefly III URL and a "Client ID".
# You can generate the Client ID at http://localhost/profile (after registering)
# The Firefly III URL is: http://app:8080
#
# Other URL's will give 500 | Server Error
#
services:
app:
image: fireflyiii/core:latest
hostname: app
container_name: firefly_iii_core
networks:
- firefly_iii
restart: always
volumes:
- ./firefly_iii_upload:/var/www/html/storage/upload
env_file: .env
ports:
- '88:8080'
depends_on:
- db
db:
image: mariadb
hostname: db
container_name: firefly_iii_db
networks:
- firefly_iii
restart: always
env_file: .db.env
volumes:
- ./firefly_iii_db:/var/lib/mysql
importer:
image: fireflyiii/data-importer:latest
hostname: importer
restart: always
container_name: firefly_iii_importer
networks:
- firefly_iii
ports:
- '89:8080'
depends_on:
- app
env_file: .importer.env
importer_mor:
image: fireflyiii/data-importer:latest
hostname: importer
restart: always
container_name: firefly_iii_importer_mor
networks:
- firefly_iii
ports:
- '99:8080'
depends_on:
- app
env_file: .importer.mor.env
cron:
#
# To make this work, set STATIC_CRON_TOKEN in your .env file or as an environment variable and replace REPLACEME below
# The STATIC_CRON_TOKEN must be *exactly* 32 characters long
#
image: alpine
container_name: firefly_iii_cron
restart: always
command: sh -c "echo \"0 3 * * * wget -qO- http://app:8080/api/v1/cron/REPLACEME\" | crontab - && crond -f -L /dev/stdout"
networks:
- firefly_iii
#volumes:
# firefly_iii_upload:
# firefly_iii_db:
networks:
firefly_iii:
driver: bridge

16
free-games-claimer/docker-compose.yml Normal file
View File

@@ -0,0 +1,16 @@
# start with `docker compose up`
services:
free-games-claimer:
container_name: fgc # is printed in front of every output line
image: ghcr.io/vogler/free-games-claimer # otherwise image name will be free-games-claimer-free-games-claimer
build: .
ports:
# - "5900:5900" # VNC server
- "6080:6080" # noVNC (browser-based VNC client)
volumes:
- ./fgc:/fgc/data
restart: unless-stopped
command: bash -c "node epic-games; node gog; node prime-gaming; echo sleeping; sleep 12h"
# environment:
# - EMAIL=foo@bar.org
# - NOTIFY='tgram://...'

15
ghostfolio/.env Normal file
View File

@@ -0,0 +1,15 @@
COMPOSE_PROJECT_NAME=ghostfolio
# CACHE
REDIS_HOST=redis
REDIS_PORT=6379
REDIS_PASSWORD=Sup3R%ReD1SP48$
# POSTGRES
POSTGRES_DB=ghostfolio-db
POSTGRES_USER=user
POSTGRES_PASSWORD=very!Stronk887PA%
ACCESS_TOKEN_SALT=4KCESSTOKEN2SAL7
DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}?connect_timeout=300&sslmode=prefer
JWT_SECRET_KEY=thi1ss8pers5cret&J9WTA33ess

75
ghostfolio/docker-compose.yml Normal file
View File

@@ -0,0 +1,75 @@
name: ghostfolio
services:
ghostfolio:
image: docker.io/ghostfolio/ghostfolio:latest
container_name: ghostfolio
restart: unless-stopped
init: true
cap_drop:
- ALL
security_opt:
- no-new-privileges:true
env_file:
- .env
ports:
- 3333:3333
depends_on:
postgres:
condition: service_healthy
redis:
condition: service_healthy
healthcheck:
test: ['CMD-SHELL', 'curl -f http://localhost:3333/api/v1/health']
interval: 10s
timeout: 5s
retries: 5
postgres:
image: docker.io/library/postgres:15-alpine
container_name: gf-postgres
restart: unless-stopped
cap_drop:
- ALL
cap_add:
- CHOWN
- DAC_READ_SEARCH
- FOWNER
- SETGID
- SETUID
security_opt:
- no-new-privileges:true
env_file:
- .env
healthcheck:
test:
['CMD-SHELL', 'pg_isready -d "$${POSTGRES_DB}" -U $${POSTGRES_USER}']
interval: 10s
timeout: 5s
retries: 5
volumes:
- ./postgres:/var/lib/postgresql/data
redis:
image: docker.io/library/redis:alpine
container_name: gf-redis
restart: unless-stopped
user: '999:1000'
cap_drop:
- ALL
security_opt:
- no-new-privileges:true
env_file:
- .env
command:
- /bin/sh
- -c
- redis-server --requirepass "$${REDIS_PASSWORD:?REDIS_PASSWORD variable is not set}"
healthcheck:
test:
['CMD-SHELL', 'redis-cli --pass "$${REDIS_PASSWORD}" ping | grep PONG']
interval: 10s
timeout: 5s
retries: 5
#cab07a6b0a87711013ee5457411a26c7c7dd2787830b64b914d5678d4dc54af911752975380467fd73c3798b043855520ab148a372d8fd859860703833e96cba

40
gitea/docker-compose.yml Normal file
View File

@@ -0,0 +1,40 @@
networks:
gitea:
external: false
services:
server:
image: docker.gitea.com/gitea
container_name: gitea
environment:
- USER_UID=1000
- USER_GID=1000
- GITEA__database__DB_TYPE=postgres
- GITEA__database__HOST=db:5432
- GITEA__database__NAME=gitea
- GITEA__database__USER=gitea
- GITEA__database__PASSWD=gitea
restart: always
networks:
- gitea
volumes:
- ./gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3005:3000"
- "222:22"
depends_on:
- db
db:
image: docker.io/library/postgres:14
restart: always
environment:
- POSTGRES_USER=gitea
- POSTGRES_PASSWORD=gitea
- POSTGRES_DB=gitea
networks:
- gitea
volumes:
- ./postgres:/var/lib/postgresql/data

17
glances/docker-compose.yml Normal file
View File

@@ -0,0 +1,17 @@
services:
glances:
#image: nicolargo/glances:3.4.0.5-full
image: nicolargo/glances:latest-full
container_name: glances
restart: always
pid: host
ports:
- 61208:61208
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# Uncomment the below line if you want glances to display host OS detail instead of container's
- /etc/os-release:/etc/os-release:ro
- /mnt/restic:/restic
- /:/host:ro
environment:
- "GLANCES_OPT=-w"

89
grafana/docker-compose.yml Normal file
View File

@@ -0,0 +1,89 @@
networks:
grafana:
services:
loki:
container_name: loki
image: grafana/loki:latest
ports:
- "3100:3100"
command: -config.file=/etc/loki/local-config.yaml
networks:
- grafana
promtail:
container_name: promtail
image: grafana/promtail:latest
volumes:
- /var/log:/var/log
command: -config.file=/etc/promtail/config.yml
networks:
- grafana
alloy:
container_name: alloy
image: grafana/alloy:latest
profiles: ['alloy']
volumes:
- ./config/alloy:/etc/alloy
grafana:
environment:
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
# - GF_AUTH_ANONYMOUS_ENABLED=true
# - GF_AUTH_ANONYMOUS_ORG_ROLE=Admin
- GF_SECURITY_ADMIN_USER=ccalifice
- GF_SECURITY_ADMIN_PASSWORD=asdf1234
- GF_FEATURE_TOGGLES_ENABLE=alertingSimplifiedRouting,alertingQueryAndExpressionsStepMode
entrypoint:
- sh
- -euc
- |
mkdir -p /etc/grafana/provisioning/datasources
cat <<EOF > /etc/grafana/provisioning/datasources/ds.yaml
apiVersion: 1
datasources:
- name: Loki
type: loki
access: proxy
orgId: 1
url: http://loki:3100
basicAuth: false
isDefault: true
version: 1
editable: false
EOF
/run.sh
image: grafana/grafana:latest
ports:
- "3003:3000"
networks:
- grafana
volumes:
- ./data:/var/lib/grafana
user: "1000:1002"
container_name: grafana
prometheus:
image: prom/prometheus
volumes:
- "./prometheus.yml:/etc/prometheus/prometheus.yml"
- ./prometheus-data:/prometheus
networks:
- grafana
ports:
- 9090:9090
user: "1000:1002"
container_name: prometheus
#sudo docker plugin install grafana/loki-docker-driver:3.3.2-amd64 --alias loki --grant-all-permissions
# {
# "debug" : true,
# "log-driver": "loki",
# "log-opts": {
# "loki-url": "http://192.168.1.202:3100/loki/api/v1/push",
# "loki-batch-size": "400"
# },
# "insecure-registries":["192.168.1.202:6610"]
# }

163
guacamole/docker-compose.yml Normal file
View File

@@ -0,0 +1,163 @@
####################################################################################
# docker-compose file for Apache Guacamole
# created by PCFreak 2017-06-28
#
# Apache Guacamole is a clientless remote desktop gateway. It supports standard
# protocols like VNC, RDP, and SSH. We call it clientless because no plugins or
# client software are required. Thanks to HTML5, once Guacamole is installed on
# a server, all you need to access your desktops is a web browser.
####################################################################################
#
# What does this file do?
#
# Using docker-compose it will:
#
# - create a network 'guacnetwork_compose' with the 'bridge' driver.
# - create a service 'guacd_compose' from 'guacamole/guacd' connected to 'guacnetwork_compose'
# - create a service 'postgres_guacamole_compose' (1) from 'postgres' connected to 'guacnetwork_compose'
# - create a service 'guacamole_compose' (2) from 'guacamole/guacamole/' conn. to 'guacnetwork_compose'
# - create a service 'nginx_guacamole_compose' (3) from 'nginx' connected to 'guacnetwork_compose'
#
# (1)
# DB-Init script is in './init/initdb.sql' it has been created executing
# 'docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --postgresql > ./init/initdb.sql'
# once.
# DATA-DIR is in './data'
# If you want to change the DB password change all lines with 'POSTGRES_PASSWORD:' and
# change it to your needs before first start.
# To start from scratch delete './data' dir completely
# './data' will hold all data after first start!
# The initdb.d scripts are only executed the first time the container is started
# (and the database files are empty). If the database files already exist then the initdb.d
# scripts are ignored (e.g. when you mount a local directory or when docker-compose saves
# the volume and reuses it for the new container).
#
# !!!!! MAKE SURE your folder './init' is executable (chmod +x ./init)
# !!!!! or 'initdb.sql' will be ignored!
#
# './data' will hold all data after first start!
#
# (2)
# Make sure you use the same value for 'POSTGRES_USER' and 'POSTGRES_PASSWORD'
# as configured under (1)
#
# (3)
# ./nginx/templates folder will be mapped read-only into the container at /etc/nginx/templates
# and according to the official nginx container docs the guacamole.conf.template will be
# placed in /etc/nginx/conf.d/guacamole.conf after container startup.
# ./nginx/ssl will be mapped into the container at /etc/nginx/ssl
# prepare.sh creates a a self-signed certificate. If you want to use your own certs
# just remove the part that generates the certs from prepare.sh and replace
# 'self-ssl.key' and 'self.cert' with your certificate.
# nginx will export port 8443 to the outside world, make sure that this port is reachable
# on your system from the "outside world". All other traffic is only internal.
#
# You could remove the entire 'nginx' service from this file if you want to use your own
# reverse proxy in front of guacamole. If doing so, make sure you change the line
# from - 8080/tcp
# to - 8080:8080/tcp
# within the 'guacamole' service. This will expose the guacamole webinterface directly
# on port 8080 and you can use it for your own purposes.
# Note: Guacamole is available on :8080/guacamole, not /.
#
# !!!!! FOR INITAL SETUP (after git clone) run ./prepare.sh once
#
# !!!!! FOR A FULL RESET (WILL ERASE YOUR DATABASE, YOUR FILES, YOUR RECORDS AND CERTS) DO A
# !!!!! ./reset.sh
#
#
# The initial login to the guacamole webinterface is:
#
# Username: guacadmin
# Password: guacadmin
#
# Make sure you change it immediately!
#
# version date comment
# 0.1 2017-06-28 initial release
# 0.2 2017-10-09 minor fixes + internal GIT push
# 0.3 2017-10-09 minor fixes + public GIT push
# 0.4 2019-08-14 creating of ssl certs now in prepare.sh
# simplified nginx startup commands
# 0.5 2023-02-24 nginx now uses a template + some minor changes
# 0.6 2023-03-23 switched to postgres 15.2-alpine
# 0.61 2024-07-27 fix networks + version 3.0
# 0.62 2024-07-27 fix
#####################################################################################
#the attribute `version` is obsolete, it will be ignored, please remove it to avoid potential confusion
#version: '3.0'
# networks
# create a network 'guacnetwork_compose' in mode 'bridged'
networks:
guacnetwork_compose:
driver: bridge
# services
services:
# guacd
guacd:
container_name: guacd_compose
image: guacamole/guacd
networks:
- guacnetwork_compose
restart: always
volumes:
- ./drive:/drive:rw
- ./record:/record:rw
# postgres
postgres:
container_name: postgres_guacamole_compose
environment:
PGDATA: /var/lib/postgresql/data/guacamole
POSTGRES_DB: guacamole_db
POSTGRES_PASSWORD: 'H4RD!PA$$word92753'
POSTGRES_USER: guacamole_user
image: postgres:15.2-alpine
networks:
- guacnetwork_compose
restart: always
volumes:
- ./init:/docker-entrypoint-initdb.d:z
- ./data:/var/lib/postgresql/data:Z
# guacamole
guacamole:
container_name: guacamole_compose
depends_on:
- guacd
- postgres
environment:
GUACD_HOSTNAME: guacd
POSTGRES_DATABASE: guacamole_db
POSTGRES_HOSTNAME: postgres
POSTGRES_PASSWORD: 'H4RD!PA$$word92753'
POSTGRES_USER: guacamole_user
image: guacamole/guacamole
networks:
- guacnetwork_compose
volumes:
- ./record:/record:rw
ports:
## enable next line if not using nginx
- 8181:8080/tcp # Guacamole is on :8080/guacamole, not /.
## enable next line when using nginx
# - 8080/tcp
restart: always
########### optional ##############
# nginx
# nginx:
# container_name: nginx_guacamole_compose
# restart: always
# image: nginx:latest
# volumes:
# - ./nginx/templates:/etc/nginx/templates:ro
# - ./nginx/ssl/self.cert:/etc/nginx/ssl/self.cert:ro
# - ./nginx/ssl/self-ssl.key:/etc/nginx/ssl/self-ssl.key:ro
# ports:
# - 8443:443
# networks:
# - guacnetwork_compose
####################################################################################

17
homepage/docker-compose.yml Normal file
View File

@@ -0,0 +1,17 @@
services:
homepage:
image: ghcr.io/gethomepage/homepage:latest
container_name: homepage
environment:
PUID: 1000
PGID: 1002
HOMEPAGE_ALLOWED_HOSTS: 192.168.1.202:3000
ports:
- 3000:3000
volumes:
- ./config:/app/config # Make sure your local config directory exists
- /mnt/servarr:/servarr
- /mnt/hdd_1tb:/hdd_1tb
restart: unless-stopped

20
immich-app/.env Normal file
View File

@@ -0,0 +1,20 @@
# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables
# The location where your uploaded files are stored
UPLOAD_LOCATION=./library
# The Immich version to use. You can pin this to a specific version like "v1.71.0"
IMMICH_VERSION=v1.137.3
# Connection secret for postgres. You should change it to a random password
DB_PASSWORD=asdf1234
# The values below this line do not need to be changed
###################################################################################
DB_HOSTNAME=immich_postgres
DB_USERNAME=postgres
DB_DATABASE_NAME=immich
REDIS_HOSTNAME=immich_redis
EXTERNAL_LIB_CANON=/mnt/Canon

46
immich-app/docker-compose.yml Normal file
View File

@@ -0,0 +1,46 @@
name: immich
services:
immich-server:
container_name: immich_server
image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
volumes:
- ${UPLOAD_LOCATION}:/usr/src/app/upload
- /etc/localtime:/etc/localtime:ro
- ${EXTERNAL_LIB_CANON}:/usr/src/app/external/canon:ro
env_file:
- .env
ports:
- 2283:2283
depends_on:
- redis
- database
restart: always
immich-machine-learning:
container_name: immich_machine_learning
image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
volumes:
- ./model-cache:/cache
env_file:
- .env
restart: always
redis:
container_name: immich_redis
image: docker.io/valkey/valkey:8-bookworm@sha256:42cba146593a5ea9a622002c1b7cba5da7be248650cbb64ecb9c6c33d29794b1
healthcheck:
test: redis-cli ping || exit 1
restart: always
database:
container_name: immich_postgres
image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
env_file:
- .env
environment:
POSTGRES_PASSWORD: ${DB_PASSWORD}
POSTGRES_USER: ${DB_USERNAME}
POSTGRES_DB: ${DB_DATABASE_NAME}
volumes:
- ./pgdata:/var/lib/postgresql/data
restart: always

9
memos/docker-compose.yml Normal file
View File

@@ -0,0 +1,9 @@
name: memos
services:
memos:
container_name: memos
ports:
- 5230:5230
volumes:
- ./memos/:/var/opt/memos
image: neosmemo/memos:stable

15
n8n/.env Normal file
View File

@@ -0,0 +1,15 @@
# The top level domain to serve from
DOMAIN_NAME=ccalifice.com
# The subdomain to serve from
SUBDOMAIN=n8n
# DOMAIN_NAME and SUBDOMAIN combined decide where n8n will be reachable from
# above example would result in: https://n8n.example.com
# Optional timezone to set which gets used by Cron-Node by default
# If not set New York time will be used
GENERIC_TIMEZONE=America/Sao_Paulo
# The email address to use for the SSL certificate creation
SSL_EMAIL=christoph.califice@hotmail.com

54
n8n/docker-compose.yml Normal file
View File

@@ -0,0 +1,54 @@
services:
n8n:
image: n8nio/n8n
container_name: n8n
ports:
- "5678:5678"
environment:
- N8N_SECURE_COOKIE=true
- N8N_BASIC_AUTH_ACTIVE=true
- N8N_BASIC_AUTH_USER=christoph.califice@hotmail.com
- N8N_BASIC_AUTH_PASSWORD=malvado6696
- DB_TYPE=postgresdb
- DB_POSTGRESDB_HOST=db
- DB_POSTGRESDB_PORT=5432
- DB_POSTGRESDB_DATABASE=n8n
- DB_POSTGRESDB_USER=n8n
- DB_POSTGRESDB_PASSWORD=n8n
- NODE_FUNCTION_ALLOW_EXTERNAL=axios,qs
- N8N_HOST=${SUBDOMAIN}.${DOMAIN_NAME}
- N8N_PORT=5678
- N8N_PROTOCOL=https
- NODE_ENV=production
- WEBHOOK_URL=https://${SUBDOMAIN}.${DOMAIN_NAME}/
- GENERIC_TIMEZONE=${GENERIC_TIMEZONE}
volumes:
- ./n8n_data:/home/node/.n8n
- ./files:/files
depends_on:
- db
restart: unless-stopped
networks:
- caddy-net
- n8n-net
db:
image: postgres:12
container_name: n8n-db
volumes:
- ./db-data:/var/lib/postgresql/data
environment:
- POSTGRES_USER=n8n
- POSTGRES_PASSWORD=n8n
- POSTGRES_DB=n8n
restart: unless-stopped
networks:
- n8n-net
networks:
caddy-net:
external: true
name: caddy-net
n8n-net:
name: n8n-net
driver: bridge

30
ntfy/docker-compose.yml Normal file
View File

@@ -0,0 +1,30 @@
services:
ntfy:
image: binwiederhier/ntfy
container_name: ntfy
command:
- serve
environment:
- TZ=America/Sao_Paulo # optional: Change to your desired timezone
#user: UID:GID # optional: Set custom user/group or uid/gid
- NTFY_ENABLE_LOGIN=true
- NTFY_AUTH_FILE=/var/lib/ntfy/auth.db
- NTFY_CACHE_FILE=/var/lib/ntfy/cache.db
- NTFY_BASE_URL=https://ntfy.ccalifice.com
- NTFY_AUTH_DEFAULT_ACCESS=deny-all
- NTFY_BEHIND_PROXY=true
- NTFY_ATTACHMENT_CACHE_DIR=/var/lib/ntfy/attachments
volumes:
- ./var/cache/ntfy:/var/cache/ntfy
- ./var/lib/ntfy/:/var/lib/ntfy/
- ./etc/ntfy:/etc/ntfy
ports:
- 9898:80
restart: unless-stopped
networks:
- caddy-net
networks:
caddy-net:
external: true
name: caddy-net

42
paperless/.docker-compose.env Normal file
View File

@@ -0,0 +1,42 @@
# The UID and GID of the user used to run paperless in the container. Set this
# to your UID and GID on the host so that you have write access to the
# consumption directory.
USERMAP_UID=1000
USERMAP_GID=1002
# Additional languages to install for text recognition, separated by a
# whitespace. Note that this is
# different from PAPERLESS_OCR_LANGUAGE (default=eng), which defines the
# language used for OCR.
# The container installs English, German, Italian, Spanish and French by
# default.
# See https://packages.debian.org/search?keywords=tesseract-ocr-&searchon=names&suite=buster
# for available languages.
PAPERLESS_OCR_LANGUAGES=por
###############################################################################
# Paperless-specific settings #
###############################################################################
# All settings defined in the paperless.conf.example can be used here. The
# Docker setup does not use the configuration file.
# A few commonly adjusted settings are provided below.
# This is required if you will be exposing Paperless-ngx on a public domain
# (if doing so please consider security measures such as reverse proxy)
PAPERLESS_URL=https://paperless.ccalifice.com
# Adjust this key if you plan to make paperless available publicly. It should
# be a very long sequence of random characters. You don't need to remember it.
#PAPERLESS_SECRET_KEY=39vns094#$ds_KSIE903!jskSJ$0230pl@#%%kosKEO
# Use this variable to set a timezone for the Paperless Docker containers. If not specified, defaults to UTC.
PAPERLESS_TIME_ZONE=America/Sao_Paulo
# The default language to use for OCR. Set this to the language most of your
# documents are written in.
PAPERLESS_OCR_LANGUAGE=por
# Set if accessing paperless via a domain subpath e.g. https://domain.com/PATHPREFIX and using a reverse-proxy like traefik or nginx
#PAPERLESS_FORCE_SCRIPT_NAME=/PATHPREFIX
#PAPERLESS_STATIC_URL=/PATHPREFIX/static/ # trailing slash required

1
paperless/.env Normal file
View File

@@ -0,0 +1 @@
COMPOSE_PROJECT_NAME=paperless

86
paperless/docker-compose.yml Normal file
View File

@@ -0,0 +1,86 @@
services:
broker:
container_name: paperless-broker
image: docker.io/library/redis:7
restart: unless-stopped
volumes:
- ./redisdata:/data
networks:
- paperless-net
db:
image: docker.io/library/postgres:15
restart: unless-stopped
volumes:
- ./pgdata:/var/lib/postgresql/data
environment:
POSTGRES_DB: paperless
POSTGRES_USER: paperless
POSTGRES_PASSWORD: paperless
networks:
- paperless-net
container_name: paperless-db
webserver:
image: ghcr.io/paperless-ngx/paperless-ngx:latest
container_name: paperless-ngx
restart: unless-stopped
depends_on:
- db
- broker
- gotenberg
- tika
ports:
- "8000:8000"
healthcheck:
test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8000"]
interval: 30s
timeout: 10s
retries: 5
volumes:
- ./data:/usr/src/paperless/data
- ./media:/usr/src/paperless/media
- ./export:/usr/src/paperless/export
- ./consume:/usr/src/paperless/consume
env_file: .docker-compose.env
environment:
PAPERLESS_REDIS: redis://broker:6379
PAPERLESS_DBHOST: db
PAPERLESS_TIKA_ENABLED: 1
PAPERLESS_TIKA_GOTENBERG_ENDPOINT: http://gotenberg:3000
PAPERLESS_TIKA_ENDPOINT: http://tika:9998
PAPERLESS_OAUTH_CALLBACK_BASE_URL: https://paperless.ccalifice.com
PAPERLESS_URL: https://paperless.ccalifice.com
PAPERLESS_OUTLOOK_OAUTH_CLIENT_ID: '0285b467-7522-4845-ac05-3e89aa2e1024'
PAPERLESS_OUTLOOK_OAUTH_CLIENT_SECRET: 'l1F8Q~TqHOiy~6CL2kXEIjIQz-SoaJ.AuQ_0saN9'
USERMAP_UID: 1000
USERMAP_GID: 1002
networks:
- paperless-net
- caddy-net
gotenberg:
image: docker.io/gotenberg/gotenberg:8.3.0
restart: unless-stopped
networks:
- paperless-net
# The gotenberg chromium route is used to convert .eml files. We do not
# want to allow external content like tracking pixels or even javascript.
command:
- "gotenberg"
- "--chromium-disable-javascript=true"
- "--chromium-allow-list=file:///tmp/.*"
container_name: gotenberg
tika:
image: ghcr.io/paperless-ngx/tika:latest
restart: unless-stopped
networks:
- paperless-net
container_name: tika
networks:
caddy-net:
external: true
name: caddy-net
paperless-net:

47
scrutiny/docker-compose.yml Normal file
View File

@@ -0,0 +1,47 @@
networks:
monitoring: # A common network for all monitoring services to communicate into
# external: true
# notifications: # To Gotify or another Notification service
# external: true
services:
influxdb:
container_name: scrutiny-influxdb
image: influxdb:2.1-alpine
ports:
- 8086:8086
volumes:
- ./config/influxdb2/db:/var/lib/influxdb2
- ./config/influxdb2/config:/etc/influxdb2
environment:
- DOCKER_INFLUXDB_INIT_MODE=setup
- DOCKER_INFLUXDB_INIT_USERNAME=Admin
- DOCKER_INFLUXDB_INIT_PASSWORD=asdf1234
- DOCKER_INFLUXDB_INIT_ORG=homelab
- DOCKER_INFLUXDB_INIT_BUCKET=scrutiny
- DOCKER_INFLUXDB_INIT_ADMIN_TOKEN=3249085v098scnm#386
restart: unless-stopped
networks:
- monitoring
scrutiny:
container_name: scrutiny
image: ghcr.io/analogj/scrutiny:master-web
ports:
- 8081:8080
volumes:
- ./config/scrutiny/config:/opt/scrutiny/config
environment:
- SCRUTINY_WEB_INFLUXDB_HOST=influxdb
- SCRUTINY_WEB_INFLUXDB_PORT=8086
- SCRUTINY_WEB_INFLUXDB_TOKEN=3249085v098scnm#386
- SCRUTINY_WEB_INFLUXDB_ORG=homelab
- SCRUTINY_WEB_INFLUXDB_BUCKET=scrutiny
# Optional but highly recommended to notify you in case of a problem
- SCRUTINY_NOTIFY_URLS=["http://http://192.168.1.202:9898/SMART"]
depends_on:
- influxdb
restart: unless-stopped
networks:
# - notifications
- monitoring

31
stirling-pdf/docker-compose.yml Normal file
View File

@@ -0,0 +1,31 @@
services:
stirling-pdf:
container_name: stirling-PDF
image: frooodle/s-pdf:latest
deploy:
resources:
limits:
memory: 4G
healthcheck:
test: ["CMD-SHELL", "curl -f http://localhost:8080/api/v1/info/status | grep -q 'UP' && curl -fL http://localhost:8080/ | grep -qv 'Please sign in'"]
interval: 5s
timeout: 10s
retries: 16
ports:
- "8585:8080"
volumes:
- ./data:/usr/share/tessdata:rw
- ./config:/configs:rw
- ./logs:/logs:rw
environment:
DOCKER_ENABLE_SECURITY: "false"
SECURITY_ENABLELOGIN: "false"
LANGS: "en_GB,en_US,ar_AR,de_DE,fr_FR,es_ES,zh_CN,zh_TW,ca_CA,it_IT,sv_SE,pl_PL,ro_RO,ko_KR,pt_BR,ru_RU,el_GR,hi_IN,hu_HU,tr_TR,id_ID"
SYSTEM_DEFAULTLOCALE: en-US
UI_APPNAME: Stirling-PDF
UI_HOMEDESCRIPTION: Stirling-PDF
UI_APPNAMENAVBAR: Stirling-PDF Latest
SYSTEM_MAXFILESIZE: "100"
METRICS_ENABLED: "true"
SYSTEM_GOOGLEVISIBILITY: "true"
restart: on-failure:5

13
uptime-kuma/docker-compose.yml Normal file
View File

@@ -0,0 +1,13 @@
# Simple docker-compose.yml
# You can change your port or volume location
services:
uptime-kuma:
image: louislam/uptime-kuma:1
container_name: uptime-kuma
volumes:
- ./uptime-kuma-data:/app/data
ports:
- 3001:3001 # <Host Port>:<Container Port>
restart: always
environment:
- TZ="America/Sao_Paulo"

5
vaultwarden/.env Normal file
View File

@@ -0,0 +1,5 @@
DOMAIN=http://vaultwarden.ccalifice.com/
ADMIN_TOKEN=yuioqzkjiouqeiu3948sdnasdnmk239!!!asdakj&&
WEB_VAULT_ENABLED=true
WEBSOCKET_ENABLED=true
TZ=America/Sao_Paulo

11
vaultwarden/docker-compose.yml Executable file
View File

@@ -0,0 +1,11 @@
services:
vaultwarden:
image: vaultwarden/server:latest
container_name: vaultwarden
restart: unless-stopped
volumes:
- ./vw-data:/data
ports:
- 8080:80
env_file:
- .env

45
vikunja/docker-compose.yml Normal file
View File

@@ -0,0 +1,45 @@
services:
vikunja:
container_name: vikunja
image: vikunja/vikunja
environment:
# VIKUNJA_SERVICE_PUBLICURL: https://tasks.ccalifice.com
VIKUNJA_DATABASE_HOST: db
VIKUNJA_DATABASE_PASSWORD: ejcurt!898f!
VIKUNJA_DATABASE_TYPE: postgres
VIKUNJA_DATABASE_USER: vikunja
VIKUNJA_DATABASE_DATABASE: vikunja
VIKUNJA_SERVICE_JWTSECRET: 4ab3fe5084fb63e68ecdac256e789be0124e1c6652aaeaa663d92bd3bfeb2a8eb1052740b132b5b9b6ae84b53fbd68e45bf4721e24faf75bb5f1cfb267eb04da
ports:
- 3456:3456
volumes:
- ./files:/app/vikunja/files
depends_on:
db:
condition: service_healthy
restart: unless-stopped
networks:
- caddy-net
- vikunja
db:
container_name: vikunja-db
image: postgres:16
environment:
POSTGRES_PASSWORD: ejcurt!898f!
POSTGRES_USER: vikunja
volumes:
- ./db:/var/lib/postgresql/data
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -h localhost -U $$POSTGRES_USER"]
interval: 2s
networks:
- vikunja
networks:
caddy-net:
external: true
name: caddy-net
vikunja: