chriswin/home-server-docker
1
0
Fork 0
Code Issues 1 Pull Requests 3 Actions Packages Projects Releases Wiki Activity

renovate workflow and replace all by latest version

Browse Source
This commit is contained in:
chriswin23
2025-12-29 01:55:59 +01:00
parent d4061164a6
commit 8b9b0e9853
46 changed files with 227 additions and 239 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
project/service/freshrss/freshrss.yml
View File

@@ -3,7 +3,7 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: freshrss/freshrss:latest
image: freshrss/freshrss:1.28.0
container_name: freshrss
ports:
- 4014:80
@@ -13,11 +13,9 @@ services:
- ${SERVICE_PATH}/freshrss/data:/var/www/FreshRSS/data
- ${SERVICE_PATH}/freshrss/extensions:/var/www/FreshRSS/extensions
environment:
CRON_MIN: '3,33'
CRON_MIN: "3,33"
TRUSTED_PROXY: 172.16.0.1/12 192.168.0.1/16
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Traefik
- "traefik.enable=true"
- "traefik.http.routers.freshrss.rule=Host(`rss.${PUBLIC_DOMAIN}`)"

5
project/service/ghost/ghost.yml
View File

@@ -3,7 +3,7 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: ghost:latest
image: ghost:6.10.3-alpine
container_name: ghost
ports:
- 4016:2368
@@ -30,4 +30,5 @@ services:
environment:
MYSQL_ROOT_PASSWORD: example
volumes:
- ${SERVICE_PATH}/ghost/data/db:/var/lib/mysql
- ${SERVICE_PATH}/ghost/data/db:/var/lib/mysql

24
project/service/gitea/gitea.yml
View File

@@ -3,7 +3,7 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: gitea/gitea:latest
image: gitea/gitea:1.25
container_name: gitea
environment:
- APP_NAME="Gitea"
@@ -37,8 +37,6 @@ services:
expose:
- 4002
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Traefik
- "traefik.enable=true"
- "traefik.http.routers.gitea.rule=Host(`gitea.${PUBLIC_DOMAIN}`)"
@@ -48,4 +46,22 @@ services:
- "traefik.http.routers.gitea.service=gitea-service"
- "traefik.http.services.gitea-service.loadbalancer.server.port=4002"
# Middlewares
- "traefik.http.routers.gitea.middlewares=crowdsec-bouncer@file"
- "traefik.http.routers.gitea.middlewares=crowdsec-bouncer@file"
gitea-runner:
extends:
file: ${TEMPLATES_PATH}
service: default
image: gitea/act_runner:0.2.13
container_name: gitea_runner
depends_on:
- gitea
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ${SERVICE_PATH}/gitea/config/runner-config.yaml:/config.yaml
- ${SERVICE_PATH}/gitea/data/runner-data:/data
environment:
- CONFIG_FILE=/config.yaml
- GITEA_INSTANCE_URL=gitea
- GITEA_RUNNER_REGISTRATION_TOKEN=${GITEA_RUNNER_TOKEN}
- GITEA_RUNNER_NAME=gitea-runner

9
project/service/home-assistant/home-assistant.yml
View File

@@ -3,21 +3,20 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: ghcr.io/home-assistant/home-assistant:stable
image: ghcr.io/home-assistant/home-assistant:2025.12.4
container_name: home-assistant
networks:
- ip4net
ports:
- 4012:8123
- 4012:8123
volumes:
- ${SERVICE_PATH}/home-assistant/config:/config
- /etc/localtime:/etc/localtime:ro
- /run/dbus:/run/dbus:ro
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Traefik
- "traefik.enable=true"
- "traefik.http.routers.home-assistant.rule=Host(`ha.${LOCAL_DOMAIN}`)"
- "traefik.http.routers.home-assistant.entrypoints=https"
- "traefik.http.routers.home-assistant.tls=true"
- "traefik.http.routers.home-assistant.tls=true"

9
project/service/it-tools/it-tools.yml
View File

@@ -3,17 +3,16 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: corentinth/it-tools:latest
image: corentinth/it-tools:2024.10.22-7ca5933
container_name: it-tools
ports:
- '4007:80'
- "4007:80"
networks:
- ip4net
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Traefik
- "traefik.enable=true"
- "traefik.http.routers.it-tools.rule=Host(`it-tools.${LOCAL_DOMAIN}`)"
- "traefik.http.routers.it-tools.entrypoints=https"
- "traefik.http.routers.it-tools.tls=true"
- "traefik.http.routers.it-tools.tls=true"

6
project/service/jupyter-notebook/jupyter-notebook.yml
View File

@@ -3,7 +3,7 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: quay.io/jupyter/base-notebook:latest
image: quay.io/jupyter/base-notebook:ubuntu-24.04
container_name: jupyter
volumes:
- ${SERVICE_PATH}/jupyter-notebook/data:/home/jovyan/work
@@ -13,10 +13,8 @@ services:
- ip4net
command: start-notebook.py --NotebookApp.token='aToken1234'
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Traefik
- "traefik.enable=true"
- "traefik.http.routers.jupyter.rule=Host(`jupyter.${LOCAL_DOMAIN}`)"
- "traefik.http.routers.jupyter.entrypoints=https"
- "traefik.http.routers.jupyter.tls=true"
- "traefik.http.routers.jupyter.tls=true"

8
project/service/linkwarden/linkwarden.yml
View File

@@ -3,8 +3,8 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: ghcr.io/linkwarden/linkwarden:latest
container_name: linkwarden
image: ghcr.io/linkwarden/linkwarden:v2.13.5
container_name: linkwarden
ports:
- 4020:3000
networks:
@@ -24,8 +24,6 @@ services:
- AUTHELIA_CLIENT_ID=linkwarden
- AUTHELIA_CLIENT_SECRET=${LINKWARDEN_OIDC_CLIENT_SECRET}
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Traefik
- "traefik.enable=true"
- "traefik.http.routers.linkwarden.rule=Host(`linkwarden.${PUBLIC_DOMAIN}`)"
@@ -36,7 +34,7 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: getmeili/meilisearch:latest
image: getmeili/meilisearch:1.31.0
container_name: linkwarden_meili
networks:
- ip4net

8
project/service/mealie/mealie.yml
View File

@@ -3,7 +3,7 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: ghcr.io/mealie-recipes/mealie:latest
image: ghcr.io/mealie-recipes/mealie:v3.8.0
container_name: mealie
ports:
- "4006:9000"
@@ -23,14 +23,12 @@ services:
POSTGRES_DB: mealie
# OIDC using authelia
OIDC_AUTH_ENABLED: true
OIDC_SIGNUP_ENABLED: false
OIDC_SIGNUP_ENABLED: false
OIDC_CONFIGURATION_URL: https://auth.${PUBLIC_DOMAIN}/.well-known/openid-configuration
OIDC_CLIENT_ID: mealie
OIDC_CLIENT_SECRET: ${MEALIE_OIDC_CLIENT_SECRET}
OIDC_CLIENT_SECRET: ${MEALIE_OIDC_CLIENT_SECRET}
OIDC_AUTO_REDIRECT: false
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Traefik
- "traefik.enable=true"
- "traefik.http.routers.mealie.rule=Host(`mealie.${PUBLIC_DOMAIN}`)"

8
project/service/n8n/n8n.yml
View File

@@ -3,8 +3,8 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: docker.n8n.io/n8nio/n8n
container_name: n8n
image: docker.n8n.io/n8nio/n8n:2.1.4
container_name: n8n
ports:
- 4022:5678
networks:
@@ -18,10 +18,8 @@ services:
user: root
volumes:
- ${SERVICE_PATH}/n8n/data:/home/node/.n8n
entrypoint: /home/node/.n8n/script/entrypoint.sh
entrypoint: /home/node/.n8n/script/entrypoint.sh
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Traefik
- "traefik.enable=true"
- "traefik.http.routers.n8n.rule=Host(`n8n.${LOCAL_DOMAIN}`)"

6
project/service/ollama/ollama.yml
View File

@@ -3,8 +3,8 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: ollama/ollama
container_name: ollama
image: ollama/ollama:0.13.5
container_name: ollama
ports:
- 4019:11434
networks:
@@ -12,8 +12,6 @@ services:
volumes:
- ${SERVICE_PATH}/ollama/data:/root/.ollama
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Traefik
- "traefik.enable=true"
- "traefik.http.routers.ollama.rule=Host(`ollama.${PUBLIC_DOMAIN}`)"

4
project/service/paperless-ngx/paperless-ngx.yml
View File

@@ -3,7 +3,7 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: ghcr.io/paperless-ngx/paperless-ngx:latest
image: ghcr.io/paperless-ngx/paperless-ngx:2.20.3
container_name: paperless-ngx
ports:
- "4009:8000"
@@ -37,8 +37,6 @@ services:
# PAPERLESS_APPS: "allauth.socialaccount.providers.openid_connect"
# PAPERLESS_SOCIALACCOUNT_PROVIDERS: '{"openid_connect":{"SCOPE":["openid","profile","email"],"OAUTH_PKCE_ENABLED":true,"APPS":[{"provider_id":"authelia","name":"Authelia","client_id":"paperless","secret":"jzO0JYA35oOojGqxFJUaDXdgdXhuACyq4b3lvOx233wtoSyv19prQfCKah1mwyDv","settings":{"server_url":"https://auth.crescentec.xyz","token_auth_method":"client_secret_basic"}}]}}'
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Traefik
- "traefik.enable=true"
- "traefik.http.routers.paperless.rule=Host(`paperless.${PUBLIC_DOMAIN}`)"

6
project/service/pdf/pdf.yml
View File

@@ -3,15 +3,13 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: bentopdf/bentopdf-simple
image: bentopdf/bentopdf-simple:1.15.1
container_name: pdf
ports:
- '4003:8080'
- "4003:8080"
networks:
- ip6net
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Traefik
- "traefik.enable=true"
- "traefik.http.routers.pdf.rule=Host(`pdf.${PUBLIC_DOMAIN}`)"

4
project/service/radicale/radicale.yml
View File

@@ -3,7 +3,7 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: tomsquest/docker-radicale
image: tomsquest/docker-radicale:3.5.10.0
container_name: radicale
ports:
- 4017:5232
@@ -26,8 +26,6 @@ services:
- ${SERVICE_PATH}/radicale/config:/config/
- ${EXTERNAL_STORAGE}/calendars-contacts:/data
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Traefik
- "traefik.enable=true"
- "traefik.http.routers.radicale.rule=Host(`radicale.${PUBLIC_DOMAIN}`)"

12
project/service/vaultwarden/vaultwarden.yml
View File

@@ -3,18 +3,18 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: vaultwarden/server
container_name: vaultwarden
image: vaultwarden/server:1.35.0
container_name: vaultwarden
ports:
- 4018:80
networks:
- ip6net
environment:
DOMAIN: "https://vaultwarden.${PUBLIC_DOMAIN}"
SIGNUPS_ALLOWED: false
SIGNUPS_ALLOWED: false
INVITATIONS_ALLOWED: false
SSO_ENABLED: false # for now sso does only help companies for role management and the master password is still necessary
SSO_ONLY: false
SSO_ENABLED: false # for now sso does only help companies for role management and the master password is still necessary
SSO_ONLY: false
SSO_AUTHORITY: https://auth.${PUBLIC_DOMAIN}
SSO_SCOPES: profile email offline_access
SSO_CLIENT_ID: vaultwarden
@@ -22,8 +22,6 @@ services:
volumes:
- ${EXTERNAL_STORAGE}/passwords:/data/
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Traefik
- "traefik.enable=true"
- "traefik.http.routers.vaultwarden.rule=Host(`vaultwarden.${PUBLIC_DOMAIN}`)"

13
project/service/vikunja/vikunja.yml
View File

@@ -1,4 +1,4 @@
secrets:
secrets:
vikunja_jwt_secret:
file: ${SERVICE_PATH}/vikunja/secrets/vikunja_jwt_secret.txt
services:
@@ -6,7 +6,7 @@ services:
extends:
file: ${TEMPLATES_PATH}
service: default
image: vikunja/vikunja:latest
image: vikunja/vikunja:0.24.6
container_name: vikunja
secrets: [vikunja_jwt_secret]
environment:
@@ -19,17 +19,16 @@ services:
VIKUNJA_SERVICE_PUBLICURL: https://vikunja.${PUBLIC_DOMAIN}
networks:
- ip6net
volumes:
volumes:
- ${SERVICE_PATH}/vikunja/data:/app/vikunja/files
- ${SERVICE_PATH}/vikunja/config:/etc/vikunja
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Traefik
- "traefik.enable=true"
- "traefik.http.routers.vikunja.rule=Host(`vikunja.${PUBLIC_DOMAIN}`)"
- "traefik.http.routers.vikunja.entrypoints=https"
- "traefik.http.routers.vikunja.tls.certresolver=myresolver"
- 'traefik.http.routers.vikunja.tls=true'
- "traefik.http.routers.vikunja.tls=true"
# Middlewares
- "traefik.http.routers.vikunja.middlewares=crowdsec-bouncer@file"
- "traefik.http.routers.vikunja.middlewares=crowdsec-bouncer@file"