renovate workflow and replace all by latest version
This commit is contained in:
23
.gitea/workflows/renovate.yaml
Normal file
23
.gitea/workflows/renovate.yaml
Normal file
@@ -0,0 +1,23 @@
|
||||
name: renovate
|
||||
|
||||
on:
|
||||
workflow_dispatch: # allows the workflow to be run manually when desired
|
||||
branches:
|
||||
- main
|
||||
schedule: # runs this workflow at the scheduled time (uses UTC, adjust for your timezone)
|
||||
- cron: "0 12 * * *"
|
||||
push: # runs this workflow when pushes to the main branch are made
|
||||
branches:
|
||||
- main
|
||||
|
||||
jobs:
|
||||
renovate:
|
||||
runs-on: ubuntu-latest
|
||||
container: ghcr.io/renovatebot/renovate:latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- run: renovate
|
||||
env:
|
||||
RENOVATE_CONFIG_FILE: ${{ gitea.workspace }}/config.js
|
||||
LOG_LEVEL: "debug"
|
||||
RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }}
|
||||
@@ -4,16 +4,14 @@ services:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: adminer:latest
|
||||
container_name: adminer
|
||||
container_name: adminer:5.4.1
|
||||
ports:
|
||||
- 8085:8080
|
||||
networks:
|
||||
networks:
|
||||
- ip4net
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.adminer.rule=Host(`adminer.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.adminer.entrypoints=https"
|
||||
- "traefik.http.routers.adminer.tls=true"
|
||||
- "traefik.http.routers.adminer.tls=true"
|
||||
|
||||
@@ -9,7 +9,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
container_name: lldap
|
||||
container_name: lldap:0.6.2
|
||||
image: lldap/lldap:latest
|
||||
ports:
|
||||
# For LDAP, not recommended to expose, see Usage section.
|
||||
@@ -18,7 +18,7 @@ services:
|
||||
# - "6360:6360"
|
||||
# For the web front-end
|
||||
- "17170:17170"
|
||||
networks:
|
||||
networks:
|
||||
- ip6net
|
||||
- ip4net
|
||||
volumes:
|
||||
@@ -34,8 +34,6 @@ services:
|
||||
# You can also set a different database:
|
||||
- LLDAP_DATABASE_URL=postgres://lldap:${LLDAP_DB_PASSWORD}@postgres/lldap
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.lldap.rule=Host(`ldap.${PUBLIC_DOMAIN}`)"
|
||||
@@ -46,4 +44,4 @@ services:
|
||||
- "traefik.http.services.lldap-service.loadbalancer.server.port=17170"
|
||||
- "traefik.http.services.lldap-service.loadbalancer.server.scheme=http"
|
||||
# middlewares
|
||||
- "traefik.http.routers.lldap.middlewares=crowdsec-bouncer@file"
|
||||
- "traefik.http.routers.lldap.middlewares=crowdsec-bouncer@file"
|
||||
|
||||
@@ -3,10 +3,10 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: mariadb:latest
|
||||
image: mariadb:12.1.2
|
||||
container_name: mariadb
|
||||
command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
|
||||
networks:
|
||||
networks:
|
||||
- ip4net
|
||||
environment:
|
||||
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
|
||||
@@ -14,6 +14,3 @@ services:
|
||||
- ${DB_PATH}/mariadb/data:/var/lib/mysql
|
||||
# init db
|
||||
- ${DB_PATH}/mariadb/init:/docker-entrypoint-initdb.d
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
@@ -7,10 +7,10 @@ services:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
container_name: pgadmin
|
||||
image: dpage/pgadmin4:latest
|
||||
image: dpage/pgadmin4:9.11.0
|
||||
ports:
|
||||
- 8082:80
|
||||
networks:
|
||||
networks:
|
||||
- ip4net
|
||||
secrets: [pgadmin_default_password]
|
||||
volumes:
|
||||
@@ -19,10 +19,8 @@ services:
|
||||
PGADMIN_DEFAULT_EMAIL: ${EMAIL}
|
||||
PGADMIN_DEFAULT_PASSWORD_FILE: /run/secrets/pgadmin_default_password
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.pgadmin.rule=Host(`pgadmin.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.pgadmin.entrypoints=https"
|
||||
- "traefik.http.routers.pgadmin.tls=true"
|
||||
- "traefik.http.routers.pgadmin.tls=true"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
secrets:
|
||||
secrets:
|
||||
postgres_default_password:
|
||||
file: ${DB_PATH}/postgres/secrets/default_password.txt
|
||||
services:
|
||||
@@ -10,7 +10,7 @@ services:
|
||||
image: postgres:16.4
|
||||
ports:
|
||||
- 5432:5432
|
||||
networks:
|
||||
networks:
|
||||
- ip4net
|
||||
- ip6net
|
||||
secrets: [postgres_default_password]
|
||||
@@ -23,9 +23,6 @@ services:
|
||||
volumes:
|
||||
- ${DB_PATH}/postgres/data/postgres:/var/lib/postgresql/data
|
||||
- ${DB_PATH}/postgres/init/postgres:/docker-entrypoint-initdb.d
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
|
||||
postgres-with-pg-vector:
|
||||
extends:
|
||||
@@ -35,7 +32,7 @@ services:
|
||||
image: tensorchord/pgvecto-rs:pg16-v0.3.0
|
||||
ports:
|
||||
- 5433:5432
|
||||
networks:
|
||||
networks:
|
||||
- ip4net
|
||||
- ip6net
|
||||
secrets: [postgres_default_password]
|
||||
@@ -48,6 +45,3 @@ services:
|
||||
volumes:
|
||||
- ${DB_PATH}/postgres/data/postgres-with-pg-vector:/var/lib/postgresql/data
|
||||
- ${DB_PATH}/postgres/init/postgres-with-pg-vector:/docker-entrypoint-initdb.d
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
@@ -4,12 +4,9 @@ services:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
container_name: redis
|
||||
image: redis:latest
|
||||
networks:
|
||||
image: redis:8.4.0
|
||||
networks:
|
||||
- ip4net
|
||||
- ip6net
|
||||
volumes:
|
||||
- ${DB_PATH}/redis/data:/data
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
@@ -13,14 +13,15 @@ services:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
container_name: authelia
|
||||
image: authelia/authelia:latest
|
||||
image: authelia/authelia:4.39.15
|
||||
ports:
|
||||
- 9959:9959 # metrics prometheus
|
||||
networks:
|
||||
networks:
|
||||
- ip6net
|
||||
expose:
|
||||
- 9091
|
||||
secrets: [JWT_SECRET, SESSION_SECRET, STORAGE_PASSWORD, STORAGE_ENCRYPTION_KEY]
|
||||
secrets:
|
||||
[JWT_SECRET, SESSION_SECRET, STORAGE_PASSWORD, STORAGE_ENCRYPTION_KEY]
|
||||
environment:
|
||||
AUTHELIA_JWT_SECRET_FILE: /run/secrets/JWT_SECRET
|
||||
AUTHELIA_SESSION_SECRET_FILE: /run/secrets/SESSION_SECRET
|
||||
@@ -32,15 +33,13 @@ services:
|
||||
- ${INFRA_PATH}/authelia/config:/config
|
||||
- "/var/log/authelia/:/config/log"
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- 'traefik.enable=true'
|
||||
- 'traefik.http.routers.authelia.rule=Host(`auth.${PUBLIC_DOMAIN}`)'
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.authelia.rule=Host(`auth.${PUBLIC_DOMAIN}`)"
|
||||
- "traefik.http.routers.authelia.tls.certresolver=myresolver"
|
||||
- 'traefik.http.routers.authelia.entryPoints=https'
|
||||
- 'traefik.http.routers.authelia.tls=true'
|
||||
- 'traefik.http.routers.authelia.service=authelia-svc'
|
||||
- 'traefik.http.services.authelia-svc.loadbalancer.server.port=9091'
|
||||
- "traefik.http.routers.authelia.entryPoints=https"
|
||||
- "traefik.http.routers.authelia.tls=true"
|
||||
- "traefik.http.routers.authelia.service=authelia-svc"
|
||||
- "traefik.http.services.authelia-svc.loadbalancer.server.port=9091"
|
||||
# Middleware
|
||||
- "traefik.http.routers.authelia.middlewares=crowdsec-bouncer@file"
|
||||
|
||||
@@ -4,7 +4,7 @@ services:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
container_name: crowdsec
|
||||
image: crowdsecurity/crowdsec:latest
|
||||
image: crowdsecurity/crowdsec:1.7.4
|
||||
environment:
|
||||
COLLECTIONS: crowdsecurity/traefik crowdsecurity/appsec-virtual-patching crowdsecurity/appsec-generic-rules crowdsecurity/http-cve
|
||||
CROWDSEC_BOUNCER_API_KEY: ${CROWDSEC_API_KEY}
|
||||
@@ -12,7 +12,7 @@ services:
|
||||
ports:
|
||||
- 6061:8080
|
||||
- 6060:6060
|
||||
networks:
|
||||
networks:
|
||||
- ip4net
|
||||
- ip6net
|
||||
volumes:
|
||||
@@ -22,6 +22,3 @@ services:
|
||||
- /var/log/crowdsec:/var/log/crowdsec:ro
|
||||
- /var/log/syslog:/var/log/syslog:ro
|
||||
- /var/log/kern.log:/var/log/kern.log:ro
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
@@ -3,11 +3,11 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: ghcr.io/gethomepage/homepage:latest
|
||||
image: ghcr.io/gethomepage/homepage:v1.8.0
|
||||
container_name: homepage
|
||||
ports:
|
||||
- 3030:3000
|
||||
networks:
|
||||
networks:
|
||||
- ip4net
|
||||
environment:
|
||||
HOMEPAGE_VAR_LOCAL_DOMAIN: ${LOCAL_DOMAIN}
|
||||
@@ -20,8 +20,6 @@ services:
|
||||
- ${EXTERNAL_STORAGE}:/disks/e
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro # optional, for docker integrations
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.homepage.rule=Host(`homepage.${LOCAL_DOMAIN}`)"
|
||||
|
||||
@@ -3,11 +3,11 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
container_name: ntfy
|
||||
image: binwiederhier/ntfy
|
||||
container_name: ntfy
|
||||
image: binwiederhier/ntfy:2.15.0
|
||||
ports:
|
||||
- "4023:80"
|
||||
networks:
|
||||
networks:
|
||||
- ip4net
|
||||
command:
|
||||
- serve
|
||||
@@ -16,12 +16,10 @@ services:
|
||||
- ${INFRA_PATH}/ntfy/config:/etc/ntfy
|
||||
- ${INFRA_PATH}/ntfy/data:/var/lib/ntfy
|
||||
labels:
|
||||
# Watchtower
|
||||
- 'com.centurylinklabs.watchtower.enable=true'
|
||||
# Traefik
|
||||
- 'traefik.enable=true'
|
||||
- 'traefik.http.routers.ntfy.rule=Host(`ntfy.${PUBLIC_DOMAIN}`)'
|
||||
- 'traefik.http.routers.ntfy.entrypoints=https'
|
||||
- 'traefik.http.routers.ntfy.tls=true'
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.ntfy.rule=Host(`ntfy.${PUBLIC_DOMAIN}`)"
|
||||
- "traefik.http.routers.ntfy.entrypoints=https"
|
||||
- "traefik.http.routers.ntfy.tls=true"
|
||||
# Middlewares
|
||||
- "traefik.http.routers.ntfy.middlewares=crowdsec-bouncer@file"
|
||||
|
||||
@@ -4,18 +4,16 @@ services:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
container_name: speedtest
|
||||
image: openspeedtest/latest
|
||||
image: openspeedtest/latest:2.0.6
|
||||
ports:
|
||||
- "4001:3001" # webport mapping (host:container)
|
||||
- "3999:3001" # webport mapping (host:container)
|
||||
networks:
|
||||
networks:
|
||||
- ip4net
|
||||
labels:
|
||||
# Watchtower
|
||||
- 'com.centurylinklabs.watchtower.enable=true'
|
||||
# Traefik
|
||||
- 'traefik.enable=true'
|
||||
- 'traefik.http.routers.speedtest.rule=Host(`speedtest.${LOCAL_DOMAIN}`)'
|
||||
- 'traefik.http.routers.speedtest.entrypoints=https'
|
||||
- 'traefik.http.routers.speedtest.tls=true'
|
||||
- 'traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=10000000000'
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.speedtest.rule=Host(`speedtest.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.speedtest.entrypoints=https"
|
||||
- "traefik.http.routers.speedtest.tls=true"
|
||||
- "traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=10000000000"
|
||||
|
||||
@@ -3,7 +3,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: syncthing/syncthing
|
||||
image: syncthing/syncthing:2.0.12
|
||||
container_name: syncthing
|
||||
volumes:
|
||||
- ${EXTERNAL_STORAGE}/notes/Obsidian-sync:/var/syncthing-data/Obsidian-sync
|
||||
@@ -14,12 +14,10 @@ services:
|
||||
- 22000:22000/tcp # TCP file transfers
|
||||
- 22000:22000/udp # QUIC file transfers
|
||||
- 21027:21027/udp # Receive local discovery broadcasts
|
||||
networks:
|
||||
networks:
|
||||
- ip4net
|
||||
- ip6net
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.syncthing.rule=Host(`syncthing.${LOCAL_DOMAIN}`)"
|
||||
|
||||
@@ -3,8 +3,8 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: "traefik:latest"
|
||||
container_name: "traefik"
|
||||
image: traefik:3.6.5
|
||||
container_name: traefik
|
||||
ports:
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
@@ -28,8 +28,6 @@ services:
|
||||
- "${INFRA_PATH}/traefik/html/ban.html:/ban.html"
|
||||
- "${INFRA_PATH}/traefik/html/captcha.html:/captcha.html"
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.traefik.service=api@internal"
|
||||
@@ -41,15 +39,13 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: traefik/whoami:latest
|
||||
container_name: "traefik-whoami"
|
||||
networks:
|
||||
image: traefik/whoami:1.11
|
||||
container_name: traefik-whoami
|
||||
networks:
|
||||
- ip4net
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.whoami.rule=Host(`whoami.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.whoami.entrypoints=https"
|
||||
- 'traefik.http.routers.whoami.tls=true'
|
||||
- "traefik.http.routers.whoami.tls=true"
|
||||
|
||||
@@ -5,7 +5,7 @@ services:
|
||||
# extends:
|
||||
# file: ${TEMPLATES_PATH}
|
||||
# service: default
|
||||
image: louislam/uptime-kuma
|
||||
image: louislam/uptime-kuma:2.0.2
|
||||
container_name: uptime-kuma
|
||||
restart: unless-stopped
|
||||
security_opt:
|
||||
@@ -21,8 +21,6 @@ services:
|
||||
- ip4net
|
||||
- ip6net
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.uptime-kuma.rule=Host(`uptime-kuma.${LOCAL_DOMAIN}`)"
|
||||
|
||||
@@ -3,7 +3,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: ghcr.io/advplyr/audiobookshelf:latest
|
||||
image: ghcr.io/advplyr/audiobookshelf:2.32.1
|
||||
container_name: audiobookshelf
|
||||
ports:
|
||||
- 13378:80
|
||||
@@ -14,13 +14,11 @@ services:
|
||||
- ${MEDIA_PATH}/audiobookshelf/config:/config
|
||||
- ${MEDIA_PATH}/audiobookshelf/data/metadata:/metadata
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.audiobookshelf.rule=Host(`audiobookshelf.${PUBLIC_DOMAIN}`)"
|
||||
- "traefik.http.routers.audiobookshelf.entrypoints=https"
|
||||
- "traefik.http.routers.audiobookshelf.tls.certresolver=myresolver"
|
||||
- 'traefik.http.routers.audiobookshelf.tls=true'
|
||||
- "traefik.http.routers.audiobookshelf.tls=true"
|
||||
# Middlewares
|
||||
- "traefik.http.routers.audiobookshelf.middlewares=crowdsec-bouncer@file"
|
||||
|
||||
@@ -3,7 +3,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: lscr.io/linuxserver/calibre:latest
|
||||
image: lscr.io/linuxserver/calibre:8.16.2
|
||||
container_name: calibre
|
||||
environment:
|
||||
- PASSWORD= #optional
|
||||
@@ -18,20 +18,18 @@ services:
|
||||
networks:
|
||||
- ip4net
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.calibre.rule=Host(`calibre.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.calibre.entrypoints=https"
|
||||
- 'traefik.http.routers.calibre.tls=true'
|
||||
- 'traefik.http.services.calibre.loadbalancer.server.port=8080'
|
||||
- "traefik.http.routers.calibre.tls=true"
|
||||
- "traefik.http.services.calibre.loadbalancer.server.port=8080"
|
||||
|
||||
calibre-web:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: lscr.io/linuxserver/calibre-web:latest
|
||||
image: lscr.io/linuxserver/calibre-web:0.6.25
|
||||
container_name: calibre-web
|
||||
environment:
|
||||
- DOCKER_MODS=linuxserver/mods:universal-calibre #optional
|
||||
@@ -44,10 +42,8 @@ services:
|
||||
networks:
|
||||
- ip6net
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.calibre-web.rule=Host(`calibre-web.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.calibre-web.entrypoints=https"
|
||||
- 'traefik.http.routers.calibre-web.tls=true'
|
||||
- "traefik.http.routers.calibre-web.tls=true"
|
||||
|
||||
@@ -4,7 +4,7 @@ services:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
container_name: immich_server
|
||||
image: ghcr.io/immich-app/immich-server:release
|
||||
image: ghcr.io/immich-app/immich-server:v2.4.1
|
||||
environment:
|
||||
DB_PASSWORD: ${IMMICH_DB_PASSWORD}
|
||||
DB_HOSTNAME: postgres-with-pg-vector
|
||||
@@ -21,14 +21,12 @@ services:
|
||||
networks:
|
||||
- ip6net
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.immich-server.rule=Host(`immich.${PUBLIC_DOMAIN}`)"
|
||||
- "traefik.http.routers.immich-server.entrypoints=https"
|
||||
- "traefik.http.routers.immich-server.tls.certresolver=myresolver"
|
||||
- 'traefik.http.routers.immich-server.tls=true'
|
||||
- "traefik.http.routers.immich-server.tls=true"
|
||||
# Middlewares
|
||||
- "traefik.http.routers.immich-server.middlewares=crowdsec-bouncer@file"
|
||||
|
||||
@@ -37,24 +35,21 @@ services:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
container_name: immich_machine_learning
|
||||
image: ghcr.io/immich-app/immich-machine-learning:release
|
||||
image: ghcr.io/immich-app/immich-machine-learning:v2.4.1
|
||||
ports:
|
||||
- 3003:3003
|
||||
volumes:
|
||||
- ${MEDIA_PATH}/immich/data/model-cache:/cache
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
|
||||
# https://github.com/Salvoxia/immich-folder-album-creator
|
||||
# one time run:
|
||||
# one time run:
|
||||
# docker run -e -e API_URL="https://immich.crescentec.xyz/api/" -e API_KEY="qTaebdVMtph9yD0pSJRJDQJkDEpexiXNMJ5V5HBEnA" -e ROOT_PATH="/usr/src/app/external" -e LOG_LEVEL="DEBUG" salvoxia/immich-folder-album-creator:latest /script/immich_auto_album.sh
|
||||
immich-folder-album-creator:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
container_name: immich_folder_album_creator
|
||||
image: salvoxia/immich-folder-album-creator:latest
|
||||
image: salvoxia/immich-folder-album-creator:0.24.0
|
||||
environment:
|
||||
API_URL: https://immich.crescentec.xyz/api
|
||||
API_KEY: qTaebdVMtph9yD0pSJRJDQJkDEpexiXNMJ5V5HBEnA
|
||||
@@ -65,6 +60,3 @@ services:
|
||||
#UNATTENDED: 1
|
||||
volumes:
|
||||
- /usr/src/app/external:/usr/src/app/external
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
|
||||
@@ -3,8 +3,8 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: ghcr.io/kiwix/kiwix-serve
|
||||
container_name: kiwix
|
||||
image: ghcr.io/kiwix/kiwix-serve:3.8.1
|
||||
container_name: kiwix
|
||||
ports:
|
||||
- 2009:8080
|
||||
networks:
|
||||
@@ -12,13 +12,11 @@ services:
|
||||
volumes:
|
||||
- ${EXTERNAL_STORAGE}/wikipedia/:/data
|
||||
command:
|
||||
- '*.zim'
|
||||
- "*.zim"
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.kiwix.rule=Host(`wikipedia.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.kiwix.entrypoints=https"
|
||||
- 'traefik.http.routers.kiwix.tls=true'
|
||||
- 'traefik.http.services.kiwix.loadbalancer.server.port=8080'
|
||||
- "traefik.http.routers.kiwix.tls=true"
|
||||
- "traefik.http.services.kiwix.loadbalancer.server.port=8080"
|
||||
|
||||
@@ -3,13 +3,13 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: lscr.io/linuxserver/lidarr
|
||||
container_name: lidarr
|
||||
image: lscr.io/linuxserver/lidarr:3.1.0
|
||||
container_name: lidarr
|
||||
ports:
|
||||
- 2010:8686
|
||||
networks:
|
||||
- ip4net
|
||||
dns:
|
||||
dns:
|
||||
- 8.8.8.8
|
||||
- 1.1.1.1
|
||||
volumes:
|
||||
@@ -17,10 +17,8 @@ services:
|
||||
- ${MEDIA_PATH}/data:/data
|
||||
- ${EXTERNAL_STORAGE}/media/music:/music
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.lidarr.rule=Host(`lidarr.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.lidarr.entrypoints=https"
|
||||
- 'traefik.http.routers.lidarr.tls=true'
|
||||
- "traefik.http.routers.lidarr.tls=true"
|
||||
|
||||
@@ -3,7 +3,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: deluan/navidrome
|
||||
image: deluan/navidrome:0.59.0
|
||||
container_name: navidrome
|
||||
ports:
|
||||
- 2011:4533
|
||||
@@ -16,13 +16,11 @@ services:
|
||||
ND_REVERSEPROXYWHITELIST: 0.0.0.0/0
|
||||
ND_ENABLEUSEREDITING: false
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.navidrome.rule=Host(`navidrome.${PUBLIC_DOMAIN}`)"
|
||||
- "traefik.http.routers.navidrome.entrypoints=https"
|
||||
- 'traefik.http.routers.navidrome.tls=true'
|
||||
- "traefik.http.routers.navidrome.tls=true"
|
||||
# Middlewares
|
||||
- "traefik.http.routers.navidrome.middlewares=crowdsec-bouncer@file, authelia@file"
|
||||
# Subsonic endpoint use basic authentication middleware from authelia
|
||||
|
||||
@@ -3,7 +3,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: lscr.io/linuxserver/prowlarr:develop
|
||||
image: lscr.io/linuxserver/prowlarr:2.3.0
|
||||
container_name: prowlarr
|
||||
ports:
|
||||
- 2004:9696
|
||||
@@ -12,10 +12,9 @@ services:
|
||||
volumes:
|
||||
- ${MEDIA_PATH}/prowlarr/config:/config
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.prowlarr.rule=Host(`prowlarr.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.prowlarr.entrypoints=https"
|
||||
- 'traefik.http.routers.prowlarr.tls=true'
|
||||
- "traefik.http.routers.prowlarr.tls=true"
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: lscr.io/linuxserver/qbittorrent:latest
|
||||
image: lscr.io/linuxserver/qbittorrent:5.1.4
|
||||
container_name: qbittorrent
|
||||
ports:
|
||||
- 2002:2002
|
||||
@@ -22,10 +22,8 @@ services:
|
||||
- ${EXTERNAL_STORAGE}/media/audiobooks:/data/downloaded/audiobooks
|
||||
- ${EXTERNAL_STORAGE}/media/music:/data/downloaded/music
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.qbittorrent.rule=Host(`qbittorrent.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.qbittorrent.entrypoints=https"
|
||||
- 'traefik.http.routers.qbittorrent.tls=true'
|
||||
- "traefik.http.routers.qbittorrent.tls=true"
|
||||
|
||||
@@ -15,10 +15,8 @@ services:
|
||||
- ${EXTERNAL_STORAGE}/media/audiobooks:/data/media/audiobooks
|
||||
- ${EXTERNAL_STORAGE}/media/books:/data/media/books
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.readarr.rule=Host(`readarr.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.readarr.entrypoints=https"
|
||||
- 'traefik.http.routers.readarr.tls=true'
|
||||
- "traefik.http.routers.readarr.tls=true"
|
||||
|
||||
@@ -3,9 +3,9 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: slskd/slskd
|
||||
image: slskd/slskd:0.24.1
|
||||
container_name: slskd
|
||||
user: ${PUID}:${PGID}
|
||||
user: ${PUID}:${PGID}
|
||||
ports:
|
||||
- 2013:5031 # http
|
||||
- 2014:5030 # https
|
||||
@@ -19,11 +19,9 @@ services:
|
||||
- ${MEDIA_PATH}/data/slskd_downloads:/app/downloads
|
||||
- ${EXTERNAL_STORAGE}/media/music:/app/library
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.slskd.rule=Host(`slskd.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.slskd.entrypoints=https"
|
||||
- 'traefik.http.routers.slskd.tls=true'
|
||||
- 'traefik.http.services.slskd.loadbalancer.server.port=5030'
|
||||
- "traefik.http.routers.slskd.tls=true"
|
||||
- "traefik.http.services.slskd.loadbalancer.server.port=5030"
|
||||
|
||||
@@ -3,9 +3,9 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: mrusse08/soularr
|
||||
image: mrusse08/soularr:latest
|
||||
container_name: soularr
|
||||
user: ${PUID}:${PGID}
|
||||
user: ${PUID}:${PGID}
|
||||
networks:
|
||||
- ip4net
|
||||
volumes:
|
||||
|
||||
@@ -4,18 +4,17 @@ services:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
container_name: dozzle
|
||||
image: amir20/dozzle:latest
|
||||
image: amir20/dozzle:8.14.12
|
||||
ports:
|
||||
- 8083:8080
|
||||
networks:
|
||||
networks:
|
||||
- ip4net
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.dozzle.rule=Host(`dozzle.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.dozzle.entrypoints=https"
|
||||
- "traefik.http.routers.dozzle.tls=true"
|
||||
- "traefik.http.routers.dozzle.tls=true"
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@ services:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
container_name: grafana
|
||||
image: grafana/grafana-oss:latest
|
||||
image: grafana/grafana-oss:12.3.1
|
||||
ports:
|
||||
- 8090:3000
|
||||
networks:
|
||||
@@ -12,10 +12,9 @@ services:
|
||||
volumes:
|
||||
- ${MONITORING_PATH}/grafana/data:/var/lib/grafana
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.grafana.rule=Host(`grafana.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.grafana.entrypoints=https"
|
||||
- "traefik.http.routers.grafana.tls=true"
|
||||
- "traefik.http.routers.grafana.tls=true"
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@ services:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
container_name: loki
|
||||
image: grafana/loki
|
||||
image: grafana/loki:3.5.9
|
||||
ports:
|
||||
- 8094:3100
|
||||
networks:
|
||||
@@ -12,8 +12,6 @@ services:
|
||||
volumes:
|
||||
- ${MONITORING_PATH}/loki/config/loki-config.yml:/etc/loki/local-config.yaml
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.loki.rule=Host(`loki.${LOCAL_DOMAIN}`)"
|
||||
@@ -24,14 +22,11 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
container_name: promtail
|
||||
image: grafana/promtail
|
||||
container_name: promtail
|
||||
image: grafana/promtail:3.5.9
|
||||
networks:
|
||||
- ip4net
|
||||
volumes:
|
||||
- ${MONITORING_PATH}/loki/config/promtail-config.yml:/etc/promtail/config.yml
|
||||
- /var/log:/var/log
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
|
||||
@@ -4,7 +4,7 @@ services:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
container_name: prometheus
|
||||
image: prom/prometheus:latest
|
||||
image: prom/prometheus:3.8.1
|
||||
ports:
|
||||
- 9090:9090
|
||||
networks:
|
||||
@@ -12,10 +12,9 @@ services:
|
||||
volumes:
|
||||
- ${MONITORING_PATH}/prometheus/config:/etc/prometheus
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.prometheus.rule=Host(`prometheus.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.prometheus.entrypoints=https"
|
||||
- "traefik.http.routers.prometheus.tls=true"
|
||||
- "traefik.http.routers.prometheus.tls=true"
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: freshrss/freshrss:latest
|
||||
image: freshrss/freshrss:1.28.0
|
||||
container_name: freshrss
|
||||
ports:
|
||||
- 4014:80
|
||||
@@ -13,11 +13,9 @@ services:
|
||||
- ${SERVICE_PATH}/freshrss/data:/var/www/FreshRSS/data
|
||||
- ${SERVICE_PATH}/freshrss/extensions:/var/www/FreshRSS/extensions
|
||||
environment:
|
||||
CRON_MIN: '3,33'
|
||||
CRON_MIN: "3,33"
|
||||
TRUSTED_PROXY: 172.16.0.1/12 192.168.0.1/16
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.freshrss.rule=Host(`rss.${PUBLIC_DOMAIN}`)"
|
||||
|
||||
@@ -3,7 +3,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: ghost:latest
|
||||
image: ghost:6.10.3-alpine
|
||||
container_name: ghost
|
||||
ports:
|
||||
- 4016:2368
|
||||
@@ -30,4 +30,5 @@ services:
|
||||
environment:
|
||||
MYSQL_ROOT_PASSWORD: example
|
||||
volumes:
|
||||
- ${SERVICE_PATH}/ghost/data/db:/var/lib/mysql
|
||||
- ${SERVICE_PATH}/ghost/data/db:/var/lib/mysql
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: gitea/gitea:latest
|
||||
image: gitea/gitea:1.25
|
||||
container_name: gitea
|
||||
environment:
|
||||
- APP_NAME="Gitea"
|
||||
@@ -37,8 +37,6 @@ services:
|
||||
expose:
|
||||
- 4002
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.gitea.rule=Host(`gitea.${PUBLIC_DOMAIN}`)"
|
||||
@@ -48,4 +46,22 @@ services:
|
||||
- "traefik.http.routers.gitea.service=gitea-service"
|
||||
- "traefik.http.services.gitea-service.loadbalancer.server.port=4002"
|
||||
# Middlewares
|
||||
- "traefik.http.routers.gitea.middlewares=crowdsec-bouncer@file"
|
||||
- "traefik.http.routers.gitea.middlewares=crowdsec-bouncer@file"
|
||||
|
||||
gitea-runner:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: gitea/act_runner:0.2.13
|
||||
container_name: gitea_runner
|
||||
depends_on:
|
||||
- gitea
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- ${SERVICE_PATH}/gitea/config/runner-config.yaml:/config.yaml
|
||||
- ${SERVICE_PATH}/gitea/data/runner-data:/data
|
||||
environment:
|
||||
- CONFIG_FILE=/config.yaml
|
||||
- GITEA_INSTANCE_URL=gitea
|
||||
- GITEA_RUNNER_REGISTRATION_TOKEN=${GITEA_RUNNER_TOKEN}
|
||||
- GITEA_RUNNER_NAME=gitea-runner
|
||||
|
||||
@@ -3,21 +3,20 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: ghcr.io/home-assistant/home-assistant:stable
|
||||
image: ghcr.io/home-assistant/home-assistant:2025.12.4
|
||||
container_name: home-assistant
|
||||
networks:
|
||||
- ip4net
|
||||
ports:
|
||||
- 4012:8123
|
||||
- 4012:8123
|
||||
volumes:
|
||||
- ${SERVICE_PATH}/home-assistant/config:/config
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- /run/dbus:/run/dbus:ro
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.home-assistant.rule=Host(`ha.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.home-assistant.entrypoints=https"
|
||||
- "traefik.http.routers.home-assistant.tls=true"
|
||||
- "traefik.http.routers.home-assistant.tls=true"
|
||||
|
||||
|
||||
@@ -3,17 +3,16 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: corentinth/it-tools:latest
|
||||
image: corentinth/it-tools:2024.10.22-7ca5933
|
||||
container_name: it-tools
|
||||
ports:
|
||||
- '4007:80'
|
||||
- "4007:80"
|
||||
networks:
|
||||
- ip4net
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.it-tools.rule=Host(`it-tools.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.it-tools.entrypoints=https"
|
||||
- "traefik.http.routers.it-tools.tls=true"
|
||||
- "traefik.http.routers.it-tools.tls=true"
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: quay.io/jupyter/base-notebook:latest
|
||||
image: quay.io/jupyter/base-notebook:ubuntu-24.04
|
||||
container_name: jupyter
|
||||
volumes:
|
||||
- ${SERVICE_PATH}/jupyter-notebook/data:/home/jovyan/work
|
||||
@@ -13,10 +13,8 @@ services:
|
||||
- ip4net
|
||||
command: start-notebook.py --NotebookApp.token='aToken1234'
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.jupyter.rule=Host(`jupyter.${LOCAL_DOMAIN}`)"
|
||||
- "traefik.http.routers.jupyter.entrypoints=https"
|
||||
- "traefik.http.routers.jupyter.tls=true"
|
||||
- "traefik.http.routers.jupyter.tls=true"
|
||||
|
||||
@@ -3,8 +3,8 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: ghcr.io/linkwarden/linkwarden:latest
|
||||
container_name: linkwarden
|
||||
image: ghcr.io/linkwarden/linkwarden:v2.13.5
|
||||
container_name: linkwarden
|
||||
ports:
|
||||
- 4020:3000
|
||||
networks:
|
||||
@@ -24,8 +24,6 @@ services:
|
||||
- AUTHELIA_CLIENT_ID=linkwarden
|
||||
- AUTHELIA_CLIENT_SECRET=${LINKWARDEN_OIDC_CLIENT_SECRET}
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.linkwarden.rule=Host(`linkwarden.${PUBLIC_DOMAIN}`)"
|
||||
@@ -36,7 +34,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: getmeili/meilisearch:latest
|
||||
image: getmeili/meilisearch:1.31.0
|
||||
container_name: linkwarden_meili
|
||||
networks:
|
||||
- ip4net
|
||||
|
||||
@@ -3,7 +3,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: ghcr.io/mealie-recipes/mealie:latest
|
||||
image: ghcr.io/mealie-recipes/mealie:v3.8.0
|
||||
container_name: mealie
|
||||
ports:
|
||||
- "4006:9000"
|
||||
@@ -23,14 +23,12 @@ services:
|
||||
POSTGRES_DB: mealie
|
||||
# OIDC using authelia
|
||||
OIDC_AUTH_ENABLED: true
|
||||
OIDC_SIGNUP_ENABLED: false
|
||||
OIDC_SIGNUP_ENABLED: false
|
||||
OIDC_CONFIGURATION_URL: https://auth.${PUBLIC_DOMAIN}/.well-known/openid-configuration
|
||||
OIDC_CLIENT_ID: mealie
|
||||
OIDC_CLIENT_SECRET: ${MEALIE_OIDC_CLIENT_SECRET}
|
||||
OIDC_CLIENT_SECRET: ${MEALIE_OIDC_CLIENT_SECRET}
|
||||
OIDC_AUTO_REDIRECT: false
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.mealie.rule=Host(`mealie.${PUBLIC_DOMAIN}`)"
|
||||
|
||||
@@ -3,8 +3,8 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: docker.n8n.io/n8nio/n8n
|
||||
container_name: n8n
|
||||
image: docker.n8n.io/n8nio/n8n:2.1.4
|
||||
container_name: n8n
|
||||
ports:
|
||||
- 4022:5678
|
||||
networks:
|
||||
@@ -18,10 +18,8 @@ services:
|
||||
user: root
|
||||
volumes:
|
||||
- ${SERVICE_PATH}/n8n/data:/home/node/.n8n
|
||||
entrypoint: /home/node/.n8n/script/entrypoint.sh
|
||||
entrypoint: /home/node/.n8n/script/entrypoint.sh
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.n8n.rule=Host(`n8n.${LOCAL_DOMAIN}`)"
|
||||
|
||||
@@ -3,8 +3,8 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: ollama/ollama
|
||||
container_name: ollama
|
||||
image: ollama/ollama:0.13.5
|
||||
container_name: ollama
|
||||
ports:
|
||||
- 4019:11434
|
||||
networks:
|
||||
@@ -12,8 +12,6 @@ services:
|
||||
volumes:
|
||||
- ${SERVICE_PATH}/ollama/data:/root/.ollama
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.ollama.rule=Host(`ollama.${PUBLIC_DOMAIN}`)"
|
||||
|
||||
@@ -3,7 +3,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: ghcr.io/paperless-ngx/paperless-ngx:latest
|
||||
image: ghcr.io/paperless-ngx/paperless-ngx:2.20.3
|
||||
container_name: paperless-ngx
|
||||
ports:
|
||||
- "4009:8000"
|
||||
@@ -37,8 +37,6 @@ services:
|
||||
# PAPERLESS_APPS: "allauth.socialaccount.providers.openid_connect"
|
||||
# PAPERLESS_SOCIALACCOUNT_PROVIDERS: '{"openid_connect":{"SCOPE":["openid","profile","email"],"OAUTH_PKCE_ENABLED":true,"APPS":[{"provider_id":"authelia","name":"Authelia","client_id":"paperless","secret":"jzO0JYA35oOojGqxFJUaDXdgdXhuACyq4b3lvOx233wtoSyv19prQfCKah1mwyDv","settings":{"server_url":"https://auth.crescentec.xyz","token_auth_method":"client_secret_basic"}}]}}'
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.paperless.rule=Host(`paperless.${PUBLIC_DOMAIN}`)"
|
||||
|
||||
@@ -3,15 +3,13 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: bentopdf/bentopdf-simple
|
||||
image: bentopdf/bentopdf-simple:1.15.1
|
||||
container_name: pdf
|
||||
ports:
|
||||
- '4003:8080'
|
||||
- "4003:8080"
|
||||
networks:
|
||||
- ip6net
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.pdf.rule=Host(`pdf.${PUBLIC_DOMAIN}`)"
|
||||
|
||||
@@ -3,7 +3,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: tomsquest/docker-radicale
|
||||
image: tomsquest/docker-radicale:3.5.10.0
|
||||
container_name: radicale
|
||||
ports:
|
||||
- 4017:5232
|
||||
@@ -26,8 +26,6 @@ services:
|
||||
- ${SERVICE_PATH}/radicale/config:/config/
|
||||
- ${EXTERNAL_STORAGE}/calendars-contacts:/data
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.radicale.rule=Host(`radicale.${PUBLIC_DOMAIN}`)"
|
||||
|
||||
@@ -3,18 +3,18 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: vaultwarden/server
|
||||
container_name: vaultwarden
|
||||
image: vaultwarden/server:1.35.0
|
||||
container_name: vaultwarden
|
||||
ports:
|
||||
- 4018:80
|
||||
networks:
|
||||
- ip6net
|
||||
environment:
|
||||
DOMAIN: "https://vaultwarden.${PUBLIC_DOMAIN}"
|
||||
SIGNUPS_ALLOWED: false
|
||||
SIGNUPS_ALLOWED: false
|
||||
INVITATIONS_ALLOWED: false
|
||||
SSO_ENABLED: false # for now sso does only help companies for role management and the master password is still necessary
|
||||
SSO_ONLY: false
|
||||
SSO_ENABLED: false # for now sso does only help companies for role management and the master password is still necessary
|
||||
SSO_ONLY: false
|
||||
SSO_AUTHORITY: https://auth.${PUBLIC_DOMAIN}
|
||||
SSO_SCOPES: profile email offline_access
|
||||
SSO_CLIENT_ID: vaultwarden
|
||||
@@ -22,8 +22,6 @@ services:
|
||||
volumes:
|
||||
- ${EXTERNAL_STORAGE}/passwords:/data/
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.vaultwarden.rule=Host(`vaultwarden.${PUBLIC_DOMAIN}`)"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
secrets:
|
||||
secrets:
|
||||
vikunja_jwt_secret:
|
||||
file: ${SERVICE_PATH}/vikunja/secrets/vikunja_jwt_secret.txt
|
||||
services:
|
||||
@@ -6,7 +6,7 @@ services:
|
||||
extends:
|
||||
file: ${TEMPLATES_PATH}
|
||||
service: default
|
||||
image: vikunja/vikunja:latest
|
||||
image: vikunja/vikunja:0.24.6
|
||||
container_name: vikunja
|
||||
secrets: [vikunja_jwt_secret]
|
||||
environment:
|
||||
@@ -19,17 +19,16 @@ services:
|
||||
VIKUNJA_SERVICE_PUBLICURL: https://vikunja.${PUBLIC_DOMAIN}
|
||||
networks:
|
||||
- ip6net
|
||||
volumes:
|
||||
volumes:
|
||||
- ${SERVICE_PATH}/vikunja/data:/app/vikunja/files
|
||||
- ${SERVICE_PATH}/vikunja/config:/etc/vikunja
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Traefik
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.vikunja.rule=Host(`vikunja.${PUBLIC_DOMAIN}`)"
|
||||
- "traefik.http.routers.vikunja.entrypoints=https"
|
||||
- "traefik.http.routers.vikunja.tls.certresolver=myresolver"
|
||||
- 'traefik.http.routers.vikunja.tls=true'
|
||||
- "traefik.http.routers.vikunja.tls=true"
|
||||
# Middlewares
|
||||
- "traefik.http.routers.vikunja.middlewares=crowdsec-bouncer@file"
|
||||
- "traefik.http.routers.vikunja.middlewares=crowdsec-bouncer@file"
|
||||
|
||||
|
||||
42
renovate.json
Normal file
42
renovate.json
Normal file
@@ -0,0 +1,42 @@
|
||||
{
|
||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||
"extends": [
|
||||
"config:recommended"
|
||||
],
|
||||
"dependencyDashboard": true,
|
||||
"dependencyDashboardTitle": "Renovate Dashboard",
|
||||
"assignees": [
|
||||
"chriswin"
|
||||
],
|
||||
"labels": [
|
||||
"renovate"
|
||||
],
|
||||
"configMigration": true,
|
||||
"prHourlyLimit": 0,
|
||||
"docker-compose": {
|
||||
"hostRules": [
|
||||
{
|
||||
"matchHost": "docker.io",
|
||||
"concurrentRequestLimit": 2
|
||||
}
|
||||
],
|
||||
"packageRules": [
|
||||
{
|
||||
"matchPackageNames": "tensorchord/pgvecto-rs",
|
||||
"enabled": false
|
||||
},
|
||||
{
|
||||
"matchPackageNames": "mysql",
|
||||
"enabled": false
|
||||
},
|
||||
{
|
||||
"matchPackageNames": "mrusse08/soularr",
|
||||
"enabled": false
|
||||
},
|
||||
{
|
||||
"matchPackageNames": "mysql",
|
||||
"enabled": false
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user