update
This commit is contained in:
		
							parent
							
								
									1566dd9f60
								
							
						
					
					
						commit
						dbb998c18a
					
				
					 341 changed files with 14731 additions and 0 deletions
				
			
		
							
								
								
									
										7
									
								
								0_skeleton/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										7
									
								
								0_skeleton/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,7 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://docs.docker.com/compose/gettingstarted/ | ||||||
|  | 
 | ||||||
|  | # Notes | ||||||
|  | 
 | ||||||
|  | This is an example skeleton to use. Usually combined with Traefik as reverse proxy. | ||||||
							
								
								
									
										45
									
								
								0_skeleton/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										45
									
								
								0_skeleton/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,45 @@ | ||||||
|  | version: '3.3' | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   example: | ||||||
|  |     image: user/image:tag | ||||||
|  |     container_name: example | ||||||
|  |     hostname: example | ||||||
|  |     #user: 1000:1000 | ||||||
|  |     #depends_on: | ||||||
|  |     #  - xxx | ||||||
|  |     restart: unless-stopped | ||||||
|  |     ports: | ||||||
|  |       - 8080:8080/tcp | ||||||
|  |     expose: | ||||||
|  |       - 8080 | ||||||
|  |     volumes: | ||||||
|  |       #- /etc/localtime:/etc/localtime:ro | ||||||
|  |       #- /etc/timezone:/etc/timezone:ro | ||||||
|  |       #- /var/run/docker.sock:/var/run/docker.sock:ro | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/example:/opt/example/data | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Europe/Berlin      | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.CHANGEME.rule=Host(`service.example.com`) | ||||||
|  |     #  - traefik.http.services.CHANGEME.loadbalancer.server.port=8080 | ||||||
|  |     #  # Optional part when proxying to services that already provide ssl/tls   | ||||||
|  |     #  - traefik.http.services.CHANGEME.loadbalancer.server.scheme=https | ||||||
|  |     #  - traefik.http.services.CHANGEME.loadbalancer.serverstransport=insecureTransport@file | ||||||
|  |     #  # Optional part for file upload max sizes | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000 | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000 | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000 | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.CHANGEME.middlewares=local-ipwhitelist@file,authelia@docker | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
							
								
								
									
										409
									
								
								README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										409
									
								
								README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,409 @@ | ||||||
|  | > [!CAUTION] | ||||||
|  | > The samples are intended for local development environments such as project setups, tinkering with software stacks, etc. These samples may be deployed in production environments or exposed to the Internet but please adhere to general hardening and security guidelines. Adjust all default credentials, use a separate `.env` file or platform for secret management, implement a backup process and have a tested disaster recovery plan. Use a reverse proxy to stream-line your web service exposure and provide an encrypted HTTPS communication channel with trusted SSL certificates. | ||||||
|  | 
 | ||||||
|  | ## 🐳 Project List | ||||||
|  | 
 | ||||||
|  | ### Table of Contents (ToC) | ||||||
|  | 
 | ||||||
|  | - [Analytics](#analytics) | ||||||
|  | - [Archiving and Digital Preservation (DP)](#archiving-and-digital-preservation-dp) | ||||||
|  | - [Asset Management](#asset-management) | ||||||
|  | - [Audio and Video Management](#audio-and-video-management) | ||||||
|  | - [Automation and Monitoring](#automation-and-monitoring) | ||||||
|  | - [Backups](#backups) | ||||||
|  | - [Blogging Platforms and Homepages](#blogging-platforms-and-homepages) | ||||||
|  | - [Communication - Social Networks, Forums and Video Conferencing](#communication---social-networks-forums-and-video-conferencing) | ||||||
|  | - [Document Management](#document-management) | ||||||
|  | - [Domain Name Service (DNS)](#domain-name-service-dns) | ||||||
|  | - [E-commerce](#e-commerce) | ||||||
|  | - [File Transfer & Synchronization](#file-transfer--synchronization) | ||||||
|  | - [Games and Control Panels](#games-and-control-servers) | ||||||
|  | - [Genealogy](#genealogy) | ||||||
|  | - [Identity Management - Single Sign-On (SSO) & LDAP](#identity-management---single-sign-on-sso--ldap) | ||||||
|  | - [LLM & AI](#large-language-models--ai) | ||||||
|  | - [Miscellaneous](#miscellaneous) | ||||||
|  | - [Money, Budgeting & Management](#money-budgeting--management) | ||||||
|  | - [Note-taking & Editors](#note-taking--editors) | ||||||
|  | - [Password Managers](#password-managers) | ||||||
|  | - [Pastebins](#pastebins) | ||||||
|  | - [Personal Dashboards](#personal-dashboards) | ||||||
|  | - [Photo and Video Galleries](#photo-and-video-galleries) | ||||||
|  | - [Proxy](#proxy) | ||||||
|  | - [Recipe Management](#recipe-management) | ||||||
|  | - [Request Bins](#request-bins) | ||||||
|  | - [Security & Privacy](#security--privacy) | ||||||
|  | - [Software Development - Project Management, DevOps](#software-development---project-management-devops) | ||||||
|  | - [URL Shorteners](#url-shorteners) | ||||||
|  | - [Virtual Private Network (VPN) & Remote Access](#virtual-private-network-vpn--remote-access) | ||||||
|  | - [Wikis & Knowledge Base](#wikis--knowledge-base) | ||||||
|  | 
 | ||||||
|  | ### Personal Dashboards | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | Dashboards for accessing information and applications. | ||||||
|  | 
 | ||||||
|  | - [Homepage](examples/homepage) - A highly customizable homepage (or startpage / application dashboard) with Docker and service API integrations. | ||||||
|  | - [Homer](examples/homer) - A dead simple static homepage to expose your server services, with an easy yaml configuration and connectivity check. | ||||||
|  | - [Dashy](examples/dashy) - Feature-rich homepage for your homelab, with easy YAML configuration. | ||||||
|  | - [Homarr](examples/homarr) - A sleek, modern dashboard that puts all of your apps and services at your fingertips. | ||||||
|  | - [Flame](examples/flame) - Flame is self-hosted startpage for your server. Easily manage your apps and bookmarks with built-in editors. | ||||||
|  | - [Heimdall](examples/heimdall) - Heimdall is an elegant solution to organise all your web applications. | ||||||
|  | 
 | ||||||
|  | ### Password Managers | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | A [password manager](https://en.wikipedia.org/wiki/Password_manager) allows users to store, generate, and manage their passwords for local applications and online services. | ||||||
|  | 
 | ||||||
|  | - [Vaultwarden](examples/vaultwarden) - Lightweight Bitwarden server API implementation written in Rust. Unlocks paid Bitwarden features such as 2FA. | ||||||
|  | - [Bitwarden Unified](examples/bitwarden-unified) - Official Bitwarden deployment option (beta) targeting selfhosters by providing a resource-efficient, single Docker image with multiple database support. | ||||||
|  | - [Passbolt CE](examples/passbolt) - Passbolt CE open source password manager for teams based on GPG. | ||||||
|  | 
 | ||||||
|  | ### Proxy | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | A [proxy](https://en.wikipedia.org/wiki/Proxy_server) is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. | ||||||
|  | 
 | ||||||
|  | - [Traefik](examples/traefik) - Traefik is a modern HTTP reverse proxy and load balancer made to deploy microservices with ease. It supports several backends (Docker, Swarm, Mesos/Marathon, …) to manage its configuration automatically and dynamically. | ||||||
|  | - [Nginx Proxy Manager](examples/nginx-proxy-manager) - Nginx Proxy Manager is an easy way to accomplish reverse proxying hosts with SSL termination. | ||||||
|  | - [Caddy](examples/caddy) - The Caddy web server is an extensible, cross-platform, open-source web server written in Go. Caddy obtains and renews TLS certificates for your sites automatically. | ||||||
|  | - ~~[oauth2-proxy](https://github.com/oauth2-proxy/oauth2-proxy)~~ - A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers. | ||||||
|  | 
 | ||||||
|  | ### Identity Management - Single Sign-On (SSO) & LDAP | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | [Single sign-on (SSO)](https://en.wikipedia.org/wiki/Single_sign-on) is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems. | ||||||
|  | 
 | ||||||
|  | - [Authelia](examples/authelia) - Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion for reverse proxies by allowing, denying, or redirecting requests. Recommended to combine with [Traefik](examples/traefik). | ||||||
|  | - [Authentik](examples/authentik) - Authentik is an open-source Identity Provider focused on flexibility and versatility. | ||||||
|  | - [Keycloak](examples/keycloak) - Keycloak is an open-source Identity and Access Management (IAM) solution for modern applications and services. | ||||||
|  | - [lldap](examples/lldap) - lldap is a lightweight authentication server that provides an opinionated, simplified LDAP interface for authentication. It integrates with many backends, from KeyCloak to Authelia to Nextcloud and more. | ||||||
|  | 
 | ||||||
|  | ### Large Language Models & AI | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | A [Large Language Model (LLM)](https://en.wikipedia.org/wiki/Large_language_model) is a language model notable for its ability to achieve general-purpose language generation and other natural language processing tasks such as classification. LLMs can be used for text generation, a form of generative [AI](https://en.wikipedia.org/wiki/Artificial_intelligence), by taking an input text and repeatedly predicting the next token or word. | ||||||
|  | 
 | ||||||
|  | - [Ollama + Open WebUI](examples/ollama-ui) - Get up and running with Llama 3, Mistral, Gemma, and other large language models using Ollama. Using an interactive, user-friendly WebUI via Open WebUI (formerly known as Ollama WebUI). | ||||||
|  | - [Serge](examples/serge) - A web interface for chatting with Alpaca through llama.cpp. Fully dockerized, with an easy to use API. | ||||||
|  | 
 | ||||||
|  | ### Virtual Private Network (VPN) & Remote Access | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | A [VPN](https://en.wikipedia.org/wiki/Virtual_private_network) is a mechanism for creating a secure connection between a computing device and a computer network, or between two networks, using an insecure communication medium such as the public Internet. | ||||||
|  | 
 | ||||||
|  | - [wg-easy](examples/wg-easy) - The easiest way to install & manage WireGuard on any Linux host. All-in-one deployment of a WireGuard VPN network service + web management UI. | ||||||
|  | - [WireGuard](examples/wireguard) - WireGuard by Linuxserver.io is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. | ||||||
|  | - [IPSec VPN Server](examples/ipsec-vpn-server) - Docker image to run an IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2. | ||||||
|  | - [OpenVPN-AS](examples/openvpn) - OpenVPN Access Server delivers an enterprise VPN solution for businesses of all sizes, providing a securely encrypted connection to private networks over unsecured public internet. | ||||||
|  | - [Firezone](examples/firezone) - Self-hosted secure remote access gateway that supports the WireGuard protocol. It offers a Web GUI, 1-line install script, multi-factor auth (MFA), and SSO. | ||||||
|  | - ~~[Netbird](https://github.com/netbirdio/netbird)~~ - Quickly connect your computers, servers, cloud instances, and IoT devices into a secure private network. No configuration required. | ||||||
|  | - [Headscale](examples/headscale) - An open source, self-hosted implementation of the Tailscale control server. | ||||||
|  | - [Guacamole](examples/guacamole) - Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, SSH and RDP. | ||||||
|  | 
 | ||||||
|  | ### Domain Name Service (DNS) | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | [DNS](https://en.wikipedia.org/wiki/Domain_Name_System) servers and management tools with advertisement blocking funtionality, primarily aimed at home or small networks. | ||||||
|  | 
 | ||||||
|  | - [AdGuard Home](examples/adguard-home) - AdGuard Home is a network-wide software for blocking ads and tracking. | ||||||
|  | - [AdGuard Home Sync](examples/adguard-home-sync) - Synchronize AdGuardHome config to replica instances. | ||||||
|  | - [Technitium DNS](examples/technitium-dns) - An open source authoritative as well as recursive DNS server that can be used for self hosting a DNS server for privacy & security. | ||||||
|  | - [Pihole](examples/pihole) - Pi-hole is a Linux network-level advertisement and Internet tracker blocking application which acts as a DNS sinkhole and optionally a DHCP server, intended for use on a private network. | ||||||
|  | - [Cloudflare DDNS](examples/cloudflare-ddns) - Dynamic DNS (DDNS) is a service that keeps the DNS updated with a web property's correct IP address, even if that IP address is constantly being updated. | ||||||
|  | 
 | ||||||
|  | ### Software Development - Project Management, DevOps | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | Tools and software for [software project management](https://en.wikipedia.org/wiki/Software_project_management). | ||||||
|  | 
 | ||||||
|  | - [JetBrains YouTrack](examples/jetbrains-youtrack) - YouTrack is a proprietary, commercial browser-based bug tracker, issue tracking system and project management software developed by JetBrains. | ||||||
|  | - [Leantime](examples/leantime) - Leantime is an open source project management system for small teams and startups written in PHP, Javascript using MySQL. | ||||||
|  | - [Gitea](examples/gitea) - Community managed fork of Gogs, lightweight code hosting solution. | ||||||
|  | - [Drone](examples/drone) - Drone is a continuous delivery system built on container technology. Drone uses a simple YAML build file, to define and execute build pipelines inside Docker containers. | ||||||
|  | - [Gitlab Community](examples/gitlab-ce) -  Self Hosted Git repository management, code reviews, issue tracking, activity feeds and wikis. | ||||||
|  | - [Code-Server](examples/code-server) - VS Code in the browser, hosted on a remote server. | ||||||
|  | - [Onedev](examples/onedev) - Self-hosted Git Server with CI/CD and Kanban. | ||||||
|  | 
 | ||||||
|  | ### Automation and Monitoring | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | [Automation](https://en.wikipedia.org/wiki/Automation) software designed to reduce human intervention in processes. | ||||||
|  | 
 | ||||||
|  | - [n8n](examples/n8n) - Free and source-available fair-code licensed workflow automation tool. Easily automate tasks across different services. | ||||||
|  | - [Home Assistant](examples/home-assistant) - Open source home automation that puts local control and privacy first. Powered by a worldwide community of tinkerers and DIY enthusiasts. Perfect to run on a Raspberry Pi or a local server. | ||||||
|  | - [Portainer](examples/portainer) - Portainer is a lightweight management UI which allows you to easily manage your different Docker environments (Docker hosts or Swarm clusters). | ||||||
|  | - [Dockge](https://github.com/louislam/dockge/blob/master/compose.yaml) - A fancy, easy-to-use and reactive self-hosted docker compose.yaml stack-oriented manager. | ||||||
|  | - [Uptimekuma](examples/uptimekuma) - Uptime Kuma is an easy-to-use self-hosted monitoring tool. | ||||||
|  | - [Changedetection](examples/changedetection) - Self-hosted tool for staying up-to-date with web-site content changes. | ||||||
|  | - [Grafana+Loki+Promtail+InfluxDB+Telegraf](examples/grafana-monitoring) - Grafana is the open source analytics & monitoring solution for every database. Combined with other open-source tools like Loki, Promtail, InfluxDB and Telegraf, monitoring data can be aggregated, normalized, filtered, parsed and finally visualized within a web dashboard. | ||||||
|  | - [Speedtest-Tracker](examples/speedtest-tracker) - Continuously track your internet speed. | ||||||
|  | - [Openspeedtest](examples/openspeedtest) - A free and open-source HTML5 network performance estimation tool written in vanilla JavaScript and only uses built-in web APIs like XHR, HTML, CSS, JS and SVG. | ||||||
|  | - [Goaccess](examples/nginx-proxy-manager-goaccess) - Real-time web log analyzer and interactive viewer that visualizes various logs of popular reverse proxies such as Nginx, Nginx Proxy Manager and Traefik. | ||||||
|  | - [WatchYourLAN](examples/watchyourlan) - Lightweight network IP scanner with web GUI. | ||||||
|  | - [Watchtower](examples/watchtower) - A container-based solution for automating Docker container base image updates. | ||||||
|  | - [Unify Network Application](examples/unify-network-application) - The Unifi-network-application software is a powerful, enterprise wireless software engine ideal for high-density client deployments requiring low latency and high uptime performance. | ||||||
|  | - [UpSnap](examples/upsnap) - A simple wake on lan app written with SvelteKit, Go, PocketBase and nmap. | ||||||
|  | 
 | ||||||
|  | ### Recipe Management | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | Software and tools for managing [recipes](https://en.wikipedia.org/wiki/Recipe). | ||||||
|  | 
 | ||||||
|  | - [Tandoor](examples/tandoor) - Django application to manage, tag and search recipes using either built-in models or external storage providers hosting PDFs, Images or other files. | ||||||
|  | - [Mealie](examples/mealie) - Material design inspired recipe manager with category and tag management, shopping-lists, meal-planner, and site customizations. Mealie is focused on simple user interactions to keep the whole family using the app. | ||||||
|  | 
 | ||||||
|  | ### Photo and Video Galleries | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | A [gallery](https://en.wikipedia.org/wiki/Gallery_Software) is software that helps the user publish or share photos, pictures, videos or other digital media. | ||||||
|  | 
 | ||||||
|  | - [Immich](examples/immich) - Self-hosted photo and video backup solution directly from your mobile phone. Alternative to Google Photos. | ||||||
|  | - [Photoprism](examples/photoprism) - Personal photo management powered by Go and Google TensorFlow. Browse, organize, and share your personal photo collection, using the latest technologies to automatically tag and find pictures. | ||||||
|  | - [Stash](examples/stash) - Stash is a self-hosted webapp written in Go which organizes and serves your porn. | ||||||
|  | - [LibrePhotos](examples/librephotos) - A self-hosted open source photo management service, with face recognition, geolocation, and more. | ||||||
|  | - [Chevereto](examples/chevereto) - Ultimate image sharing software. Create your very own personal image hosting website in just minutes. | ||||||
|  | 
 | ||||||
|  | ### Audio and Video Management | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | Software to manage audio and video material. | ||||||
|  | 
 | ||||||
|  | - [Arr-Suite](examples/arr-suite) - Docker stack consisting of Prowlarr, Sonarr, Radarr, Lidarr, Readarr, Flaresolverr, Qbittorrent and Emby. | ||||||
|  | - [Raveberry](examples/raveberry) - A multi-user music server with a focus on participation. | ||||||
|  | - [Deemix](examples/deemix) - deemix is a barebone deezer downloader library built from the ashes of Deezloader Remix. | ||||||
|  | - [Forte](examples/forte) - forte is a self-hosted music platform. You can either connect to a forte server or create your own server for your friends & family. However, it is also very convenient to use forte on your local machine as a stand-alone music player. Supports group streaming sessions. | ||||||
|  | - [MeTube](examples/metube) - Web GUI for youtube-dl (using the yt-dlp fork) with playlist support. Allows you to download videos and audio only from YouTube and dozens of other sites. | ||||||
|  | - [Transmission](examples/transmission) - Transmission is a fast, easy, and free BitTorrent client. | ||||||
|  | - [FlareSolverr](examples/flaresolverr) - FlareSolverr is a proxy server to bypass Cloudflare and DDoS-GUARD protection. | ||||||
|  | - [Plex](examples/plex) - Plex organizes video, music and photos from personal media libraries and streams them to smart TVs, streaming boxes and mobile devices. | ||||||
|  | - [Jellyfin](examples/jellyfin) - Jellyfin is the volunteer-built media solution that puts you in control of your media. Stream to any device from your own server, with no strings attached. | ||||||
|  | - [Jackett](examples/jackett) - Jackett translates queries from apps (Sonarr, Radarr, SickRage, CouchPotato, Mylar3, Lidarr, DuckieTV, qBittorrent, Nefarious etc.) into tracker-site-specific http queries, parses the html or json response, and then sends results back to the requesting software. This allows for getting recent uploads (like RSS) and performing searches. Jackett is a single repository of maintained indexer scraping & translation logic - removing the burden from other apps. | ||||||
|  | - [Lidarr](examples/lidarr) - Lidarr is a music collection manager for Usenet and BitTorrent users. It can monitor multiple RSS feeds for new albums from your favorite artists and will interface with clients and indexers to grab, sort, and rename them. | ||||||
|  | - [Prowlarr](examples/prowlarr) - Prowlarr is an indexer manager/proxy built on the popular *arr .net/reactjs base stack to integrate with your various PVR apps. Prowlarr supports management of both Torrent Trackers and Usenet Indexers. It integrates seamlessly with Lidarr, Mylar3, Radarr, Readarr, and Sonarr offering complete management of your indexers with no per app Indexer setup required (we do it all). | ||||||
|  | - [Radarr](examples/radarr) - Radarr is a movie collection manager for Usenet and BitTorrent users. It can monitor multiple RSS feeds for new movies and will interface with clients and indexers to grab, sort, and rename them. It can also be configured to automatically upgrade the quality of existing files in the library when a better quality format becomes available. | ||||||
|  | - [Sonarr](examples/sonarr) - Sonarr is a PVR for Usenet and BitTorrent users. It can monitor multiple RSS feeds for new episodes of your favorite shows and will grab, sort and rename them. It can also be configured to automatically upgrade the quality of files already downloaded when a better quality format becomes available. | ||||||
|  | - [Ombi](examples/ombi) - Ombi is a tool that enables users to manage requests for movies and TV shows on their Plex server. It provides an easy-to-use interface for users to request new content, leave notes and report issues. Ombi also offers notification and newsletter features, making it easier for server owners to manage user requests and share new content updates. | ||||||
|  | 
 | ||||||
|  | ### Archiving and Digital Preservation (DP) | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | Digital [archiving](https://en.wikipedia.org/wiki/Archival_science) and [preservation](https://en.wikipedia.org/wiki/Digital_preservation) software. | ||||||
|  | 
 | ||||||
|  | - [Archivebox](examples/archivebox) - ArchiveBox is a powerful, self-hosted internet archiving solution to collect, save, and view websites offline. | ||||||
|  | - [Shiori](examples/shiori) - Simple bookmark manager and website archiver built with Go. | ||||||
|  | - [Readeck](examples/readeck) - Readeck is a simple web application that lets you save the precious readable content of web pages you like and want to keep forever. | ||||||
|  | 
 | ||||||
|  | ### Document Management | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | A [document management system](https://en.wikipedia.org/wiki/Document_management_system) (DMS) is a system used to receive, track, manage and store documents and reduce paper. | ||||||
|  | 
 | ||||||
|  | - [Paperless NGX](examples/paperless-ngx) - A community-supported supercharged version of paperless: scan, index and archive all your physical documents. | ||||||
|  | - [Papermerge](examples/papermerge) - Free and open source document management system with OCR designed for scanned documents, digital archives, pdf, tiff, jpeg. | ||||||
|  | - [DocuSeal](examples/docuseal) - Create, fill, and sign digital documents (alternative to DocuSign). | ||||||
|  | - [Koillection](examples/koillection) - Koillection is a self-hosted service allowing users to manage any kind of collections. | ||||||
|  | - [VoucherVault](examples/vouchervault) - Django web application to store and manage vouchers, coupons, loyalty and gift cards digitally. Supports expiry notifications, transaction histories and file uploads. | ||||||
|  | 
 | ||||||
|  | ### Pastebins | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | A [pastebin](https://en.wikipedia.org/wiki/Pastebin) is a type of online content-hosting service used for sharing and storing code and text. | ||||||
|  | 
 | ||||||
|  | - [PrivateBin](examples/privatebin) - PrivateBin is a minimalist, opensource online pastebin/discussion board where the server has zero knowledge of hosted data. | ||||||
|  | - [Hemmelig](examples/hemmelig) - Keep your sensitive information out of chat logs, emails, and more with encrypted secrets. Free encrypted secret sharing for everyone! | ||||||
|  | 
 | ||||||
|  | ### File Transfer & Synchronization | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | - [ownCloud OCIS](examples/owncloud-ocis) - ownCloud Infinite Scale (oCIS) is the new file sync & share platform written in Golang that will be the foundation of your data management platform. | ||||||
|  | - [ownCloud](https://doc.owncloud.com/server/next/admin_manual/installation/docker/#docker-compose) - ownCloud is an open-source file sync, share and content collaboration software that lets teams work on data easily from anywhere, on any device. | ||||||
|  | - [Nextcloud](examples/nextcloud) - Access and share your files, calendars, contacts, mail and more from any device, on your terms. | ||||||
|  | - [Seafile](examples/seafile) - File hosting and sharing solution primary for teams and organizations. | ||||||
|  | - [SFTPGo](examples/sftpgo) - Fully featured and highly configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support - S3, Google Cloud Storage, Azure Blob. | ||||||
|  | - [Filebrowser](examples/filebrowser) - filebrowser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit your files. | ||||||
|  | - [FileRun](examples/filerun) - FileRun is a self-hosted File Sync and Share web-based application. It is a full featured web based file manager with an easy to use user interface. | ||||||
|  | - [Gokapi](examples/gokapi) - Lightweight selfhosted Firefox Send alternative without public upload. AWS S3 supported. | ||||||
|  | - [Projectsend](examples/projectsend) - ProjectSend is a free, open source software that lets you share files with your clients, focused on ease of use and privacy. It supports clients groups, system users roles, statistics, multiple languages, detailed logs and much more! | ||||||
|  | - [Pwndrop](examples/pwndrop) - pwndrop is a self-deployable file hosting service for sending out red teaming payloads or securely sharing your private files over HTTP and WebDAV. | ||||||
|  | - [Droppy](examples/droppy) (deprecated) - droppy is a self-hosted file storage server with a web interface and capabilities to edit files and view media directly in the browser. It is particularly well-suited to be run on low-end hardware like the Raspberry Pi. | ||||||
|  | - [PairDrop](examples/pairdrop) - PairDrop is a sublime alternative to AirDrop that works on all platforms. Send images, documents or text via peer to peer connection to devices in the same local network/Wi-Fi or to paired devices. | ||||||
|  | - [MinIO](examples/minio) - MinIO is an object storage server, compatible with Amazon S3 cloud storage service, mainly used for storing unstructured data (such as photos, videos, log files, etc.). | ||||||
|  | - [Transfer.sh](examples/transfer.sh) - Easy and fast file sharing from the command-line. | ||||||
|  | - [Transfer.zip](examples/transfer.zip) - Transfer files securely and E2E encrypted (AES-256 GCM) between browsers using WebRTC Peer2peer. | ||||||
|  | - [Send](examples/send) - Simple, private file sharing with encryption. A fork of Mozilla's Firefox Send. | ||||||
|  | - [Syncthing](examples/syncthing) - Syncthing is a continuous file synchronization program. It synchronizes files between two or more computers. | ||||||
|  | 
 | ||||||
|  | ### Backups | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#awesome-sysadmin)** | ||||||
|  | 
 | ||||||
|  | [Backup](https://en.wikipedia.org/wiki/Backup) software. | ||||||
|  | 
 | ||||||
|  | - [Duplicati](examples/duplicati) - Duplicati is a backup client that securely stores encrypted, incremental, compressed remote backups of local files on cloud storage services and remote file servers. | ||||||
|  | - [Duplicacy](examples/duplicacy) - A lock-free deduplication cloud backup tool. | ||||||
|  | 
 | ||||||
|  | ### Note-taking & Editors | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | [Note taking](https://en.wikipedia.org/wiki/Note-taking) editors. | ||||||
|  | 
 | ||||||
|  | - [Excalidraw](examples/excalidraw) - Excalidraw is a virtual collaborative whiteboard tool that lets you easily sketch diagrams that have a hand-drawn feel to them. | ||||||
|  | - [HedgeDoc](examples/hedgedoc) - HedgeDoc lets you create real-time collaborative markdown notes. | ||||||
|  | - [Overleaf](examples/overleaf) - Overleaf is a collaborative cloud-based LaTeX editor used for writing, editing and publishing scientific documents. | ||||||
|  | - [Obsidian-Gitsync-Perlite](https://github.com/l4rm4nd/Obsidian-Gitsync-Perlite) - Continuously sync Obsidian markdown notes from GitHub and publish it for the webs. | ||||||
|  | - [Obsidian-Remote](examples/obsidian-remote) - This docker image allows you to run obsidian in docker as a container and access it via your web browser. | ||||||
|  | - [Memos](examples/memos) - An open-source, self-hosted memo hub with knowledge management and social networking. | ||||||
|  | 
 | ||||||
|  | ### URL Shorteners | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | - [YOURLS](examples/yourls) - The de-facto standard self hosted URL shortener in PHP. | ||||||
|  | 
 | ||||||
|  | ### Blogging Platforms and Homepages | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | A [blog](https://en.wikipedia.org/wiki/Blog) is a discussion or informational website consisting of discrete, diary-style text entries (posts). | ||||||
|  | 
 | ||||||
|  | - [Ghost](examples/ghost) - Ghost is a free and open source blogging platform written in JavaScript and distributed under the MIT License, designed to simplify the process of online publishing for individual bloggers as well as online publications. | ||||||
|  | - [WordPress](examples/wordpress) - WordPress is a free and open-source content management system written in hypertext preprocessor language and paired with a MySQL or MariaDB database with supported HTTPS. | ||||||
|  | - [Nginx + PHP](examples/nginx-php) - Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. Combined with PHP, a general-purpose scripting language geared toward web development, server-side functions can be implemented for the webs. | ||||||
|  | 
 | ||||||
|  | ### Communication - Social Networks, Forums and Video Conferencing | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | [Social Networking](https://en.wikipedia.org/wiki/Social_networking_service) and [Forum](https://en.wikipedia.org/wiki/Internet_forum) software. | ||||||
|  | 
 | ||||||
|  | - [Rocket.Chat](examples/rocketchat) - Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript for organizations with high standards of data protection. | ||||||
|  | - [Mattermost](examples/mattermost) - Mattermost is an open source platform for secure collaboration across the entire software development lifecycle. | ||||||
|  | - [Answer](examples/answer) - An open-source knowledge-based community software. You can use it quickly to build Q&A community for your products, customers, teams, and more. | ||||||
|  | - [Mirotalk P2P](examples/mirotalk) - Simple, Secure, Fast Real-Time Video Conferences Up to 4k and 60fps, compatible with all browsers and platforms. | ||||||
|  | - [Reactive-Resume](examples/rxresume) - A one-of-a-kind resume builder that keeps your privacy in mind. Completely secure, customizable, portable, open-source and free forever. | ||||||
|  | 
 | ||||||
|  | ### E-commerce | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | [E-commerce](https://en.wikipedia.org/wiki/E-commerce) software. | ||||||
|  | 
 | ||||||
|  | - [EverShop](examples/evershop) - EverShop is a GraphQL Based and React ecommerce platform with essential commerce features. Built with React, modular and fully customizable. | ||||||
|  | 
 | ||||||
|  | ### Analytics | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | [Analytics](https://en.wikipedia.org/wiki/Analytics) is the systematic computational analysis of data or statistics. It is used for the discovery, interpretation, and communication of meaningful patterns in data. | ||||||
|  | 
 | ||||||
|  | - [Matomo](examples/matomo) - Matomo is the leading Free/Libre open analytics platform. | ||||||
|  | - [Plausible](examples/plausible) - Simple, open-source, lightweight (< 1 KB) and privacy-friendly web analytics alternative to Google Analytics. | ||||||
|  | 
 | ||||||
|  | ### Security & Privacy | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | Software that helps to increase security and privacy. | ||||||
|  | 
 | ||||||
|  | - [Nessus](examples/nessus) - Nessus is a proprietary vulnerability scanner developed by Tenable, Inc. | ||||||
|  | - [Greenbone](examples/greenbone) - Greenbone is the world's most trusted provider of open source vulnerability management. | ||||||
|  | - [SonarQube](examples/sonarqube) - SonarQube is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs and code smells on 29 programming languages. | ||||||
|  | - [Fail2ban](examples/fail2ban) - Fail2ban is an intrusion prevention software framework. Written in the Python programming language, it is designed to prevent against brute-force attacks. | ||||||
|  | - [Tor-Browser](examples/tor-browser) - Running a Tor browser instance on any headless server. | ||||||
|  | - [Firefox](examples/firefox) - Firefox by linuxserver.io allows you to run the popular Firefox web broser on a remote server. | ||||||
|  | - [Bibliogram](examples/bibliogram) (deprecated) - Bibliogram is a private front-end frontend to Instagram, similar to Invidous. | ||||||
|  | - [Nitter](examples/nitter) - Nitter is an alternative front-end to Twitter, and was inspired by Invidious. | ||||||
|  | - [Unify Network Application](examples/unify-network-application) - The Unifi-network-application software is a powerful, enterprise wireless software engine ideal for high-density client deployments requiring low latency and high uptime performance. | ||||||
|  | 
 | ||||||
|  | ### Wikis & Knowledge Base | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | A [wiki](https://en.wikipedia.org/wiki/Wiki) is a publication collaboratively edited and managed by its own audience directly using a web browser. | ||||||
|  | 
 | ||||||
|  | - [Bookstack](examples/bookstack) - BookStack is a free and open-source wiki software aimed for a simple, self-hosted, and easy-to-use platform. | ||||||
|  | - [Wiki.js](examples/wikijs) - Wiki.js is an open source project that has been made possible due to the generous contributions by community backers. | ||||||
|  | - [Answer](examples/answer) - An open-source knowledge-based community software. You can use it quickly to build Q&A community for your products, customers, teams, and more. | ||||||
|  | - [Obsidian-Remote](examples/obsidian-remote) - This docker image allows you to run obsidian in docker as a container and access it via your web browser. | ||||||
|  | - [Obsidian-Gitsync-Perlite](https://github.com/l4rm4nd/Obsidian-Gitsync-Perlite) - Continuously sync Obsidian markdown notes from GitHub and publish it for the webs. | ||||||
|  | - [Memos](examples/memos) - An open-source, self-hosted memo hub with knowledge management and social networking. | ||||||
|  | - [HedgeDoc](examples/hedgedoc) - HedgeDoc lets you create real-time collaborative markdown notes. | ||||||
|  | - [Docmost](examples/docmost) - Docmost is an open source collaborative documentation and wiki software. It is an open-source alternative to the likes of Confluence and Notion. | ||||||
|  | 
 | ||||||
|  | ### Money, Budgeting & Management | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | [Money management](https://en.wikipedia.org/wiki/Money_management) and budgeting software. | ||||||
|  | 
 | ||||||
|  | - [TRSync](examples/trsync) - Django web frontend for pytr to download all Trade Republic depot data. | ||||||
|  | - [Money-Balancer](examples/money-balancer) - A simple application for managing debt with your friends! | ||||||
|  | - [Firefly III](examples/firefly-iii) - A self-hosted manager for your personal finances. | ||||||
|  | - [VoucherVault](examples/vouchervault) - Django web application to store and manage vouchers, coupons, loyalty and gift cards digitally. Supports expiry notifications, transaction histories and file uploads. | ||||||
|  | 
 | ||||||
|  | ### Genealogy | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | [Genealogy software](https://en.wikipedia.org/wiki/Genealogy_software) used to record, organize, and publish genealogical data. | ||||||
|  | 
 | ||||||
|  | - [webtrees](examples/webtrees) - webtrees is the web's leading online collaborative genealogy application. It allows you to view and edit your genealogy on your selfhosted website. | ||||||
|  | - [Gramps-Web](examples/gramps) - Gramps Web is a web app for collaborative genealogy. It is based on and interoperable with Gramps, the leading open source genealogy desktop application. | ||||||
|  | 
 | ||||||
|  | ### Asset Management | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | [Asset management](https://en.wikipedia.org/wiki/Asset_management) is a systematic approach to the governance and realization of all value for which a group or entity is responsible. | ||||||
|  | 
 | ||||||
|  | - [Domainmod](examples/domainmod) - DomainMOD is an open source application used to manage your domains and other internet assets in a central location. | ||||||
|  | - [Snipe-IT](examples/snipe-it) - Snipe-IT is a free, open source IT asset management system written in PHP. | ||||||
|  | - [Koillection](examples/koillection) - Koillection is a self-hosted service allowing users to manage any kind of collections. | ||||||
|  | - [VoucherVault](examples/vouchervault) - Django web application to store and manage vouchers, coupons, loyalty and gift cards digitally. Supports expiry notifications, transaction histories and file uploads. | ||||||
|  | 
 | ||||||
|  | ### Request Bins | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | A request bin service allows one to collect and inspect HTTP requests. It may be used to create mock API endpoints or troubleshoot HTTP requests. Also used by security professionals to verify security vulnerabilities like Server Side Request Forgery (SSRF) and others. | ||||||
|  | 
 | ||||||
|  | - [RequestBin](examples/requestbin) - RequestBin gives you a unique URL that collects HTTP requests for debugging and development purposes. | ||||||
|  | - [Webhook.site](examples/webhook.site) - Easily test HTTP webhooks with this handy tool that displays requests instantly. | ||||||
|  | - [Request-Baskets](https://github.com/darklynx/request-baskets) - HTTP requests collector to test webhooks, notifications, REST clients and more. | ||||||
|  | - [Mockbin](https://github.com/Kong/mockbin) - Mock, Test & Track HTTP Requests and Response for Microservices. | ||||||
|  | 
 | ||||||
|  | ### Games and Control Servers | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | Multiplayer game servers, browser games and utilities for managing game servers. | ||||||
|  | 
 | ||||||
|  | - [cs2-dedicated-server](examples/cs2-dedicated-server) - CS2 Dedicated Server Docker Image with an RCON web-based control panel. | ||||||
|  | - [posio](examples/posio) - A multiplayer geography game using Websockets. | ||||||
|  | - [Monkeytype](examples/monkeytype) - The most customizable typing website with a minimalistic design and a ton of features. Test yourself in various modes, track your progress and improve your speed. | ||||||
|  | 
 | ||||||
|  | ### Miscellaneous | ||||||
|  | 
 | ||||||
|  | **[`^        back to top        ^`](#-project-list)** | ||||||
|  | 
 | ||||||
|  | Software that does not fit in another section. | ||||||
|  | 
 | ||||||
|  | - [Network-Multitool](examples/network-multitool) - Multi-arch multitool for container network troubleshooting. | ||||||
|  | - [IT-Tools](examples/it-tools) - Collection of handy online tools for developers, with great UX. | ||||||
							
								
								
									
										3
									
								
								examples/adguard-home-sync/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/adguard-home-sync/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/bakito/adguardhome-sync | ||||||
							
								
								
									
										21
									
								
								examples/adguard-home-sync/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										21
									
								
								examples/adguard-home-sync/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,21 @@ | ||||||
|  | version: "2.1" | ||||||
|  | services: | ||||||
|  |   adguardhome-sync: | ||||||
|  |     image: linuxserver/adguardhome-sync | ||||||
|  |     container_name: adguardhome-sync | ||||||
|  |     hostname: adguardhome-sync | ||||||
|  |     environment: | ||||||
|  |       - ORIGIN_URL=http://10.10.10.10:8080 # your main adguard instance for synchronization | ||||||
|  |       - ORIGIN_USERNAME=admin1 | ||||||
|  |       - ORIGIN_PASSWORD=password1 | ||||||
|  |       - REPLICA_URL=http://20.20.20.20:8080 # your replica adguard instance to be synced with main instance | ||||||
|  |       - REPLICA_USERNAME=admin2 | ||||||
|  |       - REPLICA_PASSWORD=password2 | ||||||
|  |       - CRON=*/30 * * * * # run every 30 minute; see https://crontab.guru/ | ||||||
|  |       - RUNONSTART=true | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |     restart: unless-stopped | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/adguard-home-sync:/config | ||||||
							
								
								
									
										3
									
								
								examples/adguard-home/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/adguard-home/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/AdguardTeam/AdGuardHome | ||||||
							
								
								
									
										37
									
								
								examples/adguard-home/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										37
									
								
								examples/adguard-home/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,37 @@ | ||||||
|  | version: "3" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   adguard: | ||||||
|  |     container_name: adguard | ||||||
|  |     hostname: adguard | ||||||
|  |     image: adguard/adguardhome:latest | ||||||
|  |     ports: | ||||||
|  |       - 3000:3000/tcp # only required during initial setup | ||||||
|  |       - 8080:80/tcp # web interface after setup | ||||||
|  |       - 53:53/tcp # dns | ||||||
|  |       - 53:53/udp # dns | ||||||
|  |       # - 67:67/udp # dhcp | ||||||
|  |       # - 68:68/tcp # dhcp | ||||||
|  |       # - 68:68/udp # dhcp | ||||||
|  |       # - 784:784/udp # dns-over-quic | ||||||
|  |       # - 853:853/tcp # dns over tls | ||||||
|  |       # - 853:853/udp # dns over tls | ||||||
|  |       # - 5443:5443/tcp # dnscrypt | ||||||
|  |       # - 5443:5443/udp # dnscrypt | ||||||
|  |     restart: unless-stopped | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/adguard-home/work:/opt/adguardhome/work | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/adguard-home/conf:/opt/adguardhome/conf | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.adguard.rule=Host(`dns.example.com`) | ||||||
|  |     #  - traefik.http.services.adguard.loadbalancer.server.port=8080 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.adguard.middlewares=local-ipwhitelist@file,authelia@docker | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true       | ||||||
							
								
								
									
										3
									
								
								examples/answer/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/answer/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/answerdev/answer | ||||||
							
								
								
									
										31
									
								
								examples/answer/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										31
									
								
								examples/answer/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,31 @@ | ||||||
|  | version: "3" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   answer: | ||||||
|  |     container_name: answer | ||||||
|  |     image: answerdev/answer | ||||||
|  |     ports: | ||||||
|  |       - '9080:80' | ||||||
|  |     expose: | ||||||
|  |       - 80 | ||||||
|  |     restart: unless-stopped | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/answer/data:/data | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.answer.rule=Host(`faq.example.com`) | ||||||
|  |     #  - traefik.http.services.answer.loadbalancer.server.port=80 | ||||||
|  |     #  # Optional part for file upload max sizes | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000 | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000 | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000 | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.answer.middlewares=local-ipwhitelist@file,authelia@docker | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
							
								
								
									
										17
									
								
								examples/archivebox/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										17
									
								
								examples/archivebox/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,17 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/ArchiveBox/ArchiveBox | ||||||
|  | - https://github.com/ArchiveBox/ArchiveBox/blob/dev/docker-compose.yml | ||||||
|  | 
 | ||||||
|  | # Notes | ||||||
|  | 
 | ||||||
|  | Before starting the compose stack, ensure that you have downloaded the sonic configuration file, if you plan on using the sonic container.  | ||||||
|  | 
 | ||||||
|  | Place the config file in the bind volume mount path for sonic. | ||||||
|  | 
 | ||||||
|  | The default username and password are: archivebox | ||||||
|  | 
 | ||||||
|  | > [!CAUTION] | ||||||
|  | > Please read the [official storage requirements](https://github.com/ArchiveBox/ArchiveBox#storage-requirements) if your ArchiveBox instance is running slow, sluggish or times out. | ||||||
|  | > | ||||||
|  | > **TLDR**: Do not store the Docker volume data on a network storage like SMB/NFS. | ||||||
							
								
								
									
										84
									
								
								examples/archivebox/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										84
									
								
								examples/archivebox/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,84 @@ | ||||||
|  | version: "3.9" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   archivebox: | ||||||
|  |     image: archivebox/archivebox:dev | ||||||
|  |     container_name: archivebox | ||||||
|  |     command: server --quick-init 0.0.0.0:8000 | ||||||
|  |     restart: unless-stopped | ||||||
|  |     ports: | ||||||
|  |       - 8000:8000 | ||||||
|  |     expose: | ||||||
|  |       - 8000 | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/archivebox/data:/data # archivebox application data | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/archivebox/crontabs:/var/spool/cron/crontabs # archivebox crontab data for scheduled runs | ||||||
|  |       #- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/archivebox/source-code:/app/archivebox # bind mounts the archivebox source code for development | ||||||
|  |     environment: | ||||||
|  |       # see https://docs.archivebox.io/en/master/Configuration.html for more details | ||||||
|  |       - ADMIN_USERNAME=archivebox # your initial username | ||||||
|  |       - ADMIN_PASSWORD=archivebox # your initial password | ||||||
|  |       - ALLOWED_HOSTS=* | ||||||
|  |       - PUBLIC_INDEX=False | ||||||
|  |       - PUBLIC_SNAPSHOTS=False | ||||||
|  |       - PUBLIC_ADD_VIEW=False | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - SEARCH_BACKEND_ENGINE=sonic | ||||||
|  |       - SEARCH_BACKEND_HOST_NAME=sonic | ||||||
|  |       - SEARCH_BACKEND_PASSWORD=deport-silver-showcase-pusher-radiantly | ||||||
|  |       - MEDIA_MAX_SIZE=750m | ||||||
|  |       - TIMEOUT=60 | ||||||
|  |       - CHECK_SSL_VALIDITY=False | ||||||
|  |       - SAVE_TITLE=False | ||||||
|  |       - SAVE_FAVICON=False | ||||||
|  |       - SAVE_WGET=False | ||||||
|  |       - SAVE_WARC=False | ||||||
|  |       - SAVE_PDF=True | ||||||
|  |       - SAVE_SCREENSHOT=True | ||||||
|  |       - SAVE_DOM=True | ||||||
|  |       - SAVE_SINGLEFILE=True | ||||||
|  |       - SAVE_READABILITY=False | ||||||
|  |       - SAVE_GIT=False | ||||||
|  |       - SAVE_MEDIA=True | ||||||
|  |       - SUBMIT_ARCHIVE_DOT_ORG=False | ||||||
|  |       - SAVE_ARCHIVE_DOT_ORG=False | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #  - archivebox_default | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.archivebox.rule=Host(`archive.exmple.com`) | ||||||
|  |     #  - traefik.http.services.archivebox.loadbalancer.server.port=8000 | ||||||
|  |     #  # Part for optional traefik middlewares | ||||||
|  |     #  - traefik.http.routers.archivebox.middlewares=local-ipwhitelist@file | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|  | ### Example: To run the Sonic full-text search backend, first download the config file to sonic.cfg | ||||||
|  | #   $ curl -O https://raw.githubusercontent.com/ArchiveBox/ArchiveBox/master/etc/sonic.cfg | ||||||
|  | # After starting, backfill any existing Snapshots into the full-text index: | ||||||
|  | #   $ docker-compose run archivebox update --index-only | ||||||
|  | 
 | ||||||
|  |   sonic: | ||||||
|  |     image: valeriansaliou/sonic:latest | ||||||
|  |     container_name: archivebox-sonic | ||||||
|  |     expose: | ||||||
|  |       - 1491 | ||||||
|  |     environment: | ||||||
|  |       - SEARCH_BACKEND_PASSWORD=deport-silver-showcase-pusher-radiantly | ||||||
|  |     volumes: | ||||||
|  |       # Example: To run the Sonic full-text search backend, first download the config file to sonic.cfg | ||||||
|  |       # curl https://raw.githubusercontent.com/ArchiveBox/ArchiveBox/master/etc/sonic.cfg -o /mnt/docker-volumes/archivebox/sonic/sonic.cfg | ||||||
|  |       # After starting, backfill any existing Snapshots into the full-text index: | ||||||
|  |       # $ docker-compose run archivebox update --index-only | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/archivebox/sonic/sonic.cfg:/etc/sonic.cfg:ro | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/archivebox/sonic/store:/var/lib/sonic/store | ||||||
|  |     #networks: | ||||||
|  |     #  - archivebox_default | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
|  | #  archivebox_default: | ||||||
|  | #    external: false | ||||||
							
								
								
									
										66
									
								
								examples/archivebox/sonic.cfg
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										66
									
								
								examples/archivebox/sonic.cfg
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,66 @@ | ||||||
|  | # Sonic | ||||||
|  | # Fast, lightweight and schema-less search backend | ||||||
|  | # Configuration file | ||||||
|  | # Example: https://github.com/valeriansaliou/sonic/blob/master/config.cfg | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|  | [server] | ||||||
|  | 
 | ||||||
|  | log_level = "warn" | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|  | [channel] | ||||||
|  | 
 | ||||||
|  | inet = "0.0.0.0:1491" | ||||||
|  | tcp_timeout = 300 | ||||||
|  | 
 | ||||||
|  | auth_password = "${env.SEARCH_BACKEND_PASSWORD}" | ||||||
|  | 
 | ||||||
|  | [channel.search] | ||||||
|  | 
 | ||||||
|  | query_limit_default = 65535 | ||||||
|  | query_limit_maximum = 65535 | ||||||
|  | query_alternates_try = 10 | ||||||
|  | 
 | ||||||
|  | suggest_limit_default = 5 | ||||||
|  | suggest_limit_maximum = 20 | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|  | [store] | ||||||
|  | 
 | ||||||
|  | [store.kv] | ||||||
|  | 
 | ||||||
|  | path = "/var/lib/sonic/store/kv/" | ||||||
|  | 
 | ||||||
|  | retain_word_objects = 100000 | ||||||
|  | 
 | ||||||
|  | [store.kv.pool] | ||||||
|  | 
 | ||||||
|  | inactive_after = 1800 | ||||||
|  | 
 | ||||||
|  | [store.kv.database] | ||||||
|  | 
 | ||||||
|  | flush_after = 900 | ||||||
|  | 
 | ||||||
|  | compress = true | ||||||
|  | parallelism = 2 | ||||||
|  | max_files = 100 | ||||||
|  | max_compactions = 1 | ||||||
|  | max_flushes = 1 | ||||||
|  | write_buffer = 16384 | ||||||
|  | write_ahead_log = true | ||||||
|  | 
 | ||||||
|  | [store.fst] | ||||||
|  | 
 | ||||||
|  | path = "/var/lib/sonic/store/fst/" | ||||||
|  | 
 | ||||||
|  | [store.fst.pool] | ||||||
|  | 
 | ||||||
|  | inactive_after = 300 | ||||||
|  | 
 | ||||||
|  | [store.fst.graph] | ||||||
|  | 
 | ||||||
|  | consolidate_after = 180 | ||||||
|  | 
 | ||||||
|  | max_size = 2048 | ||||||
|  | max_words = 250000 | ||||||
							
								
								
									
										84
									
								
								examples/arr-suite/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										84
									
								
								examples/arr-suite/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,84 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://docs.linuxserver.io/images/docker-prowlarr/ | ||||||
|  | - https://docs.linuxserver.io/images/docker-sonarr/ | ||||||
|  | - https://docs.linuxserver.io/images/docker-radarr/ | ||||||
|  | - https://docs.linuxserver.io/images/docker-lidarr/ | ||||||
|  | - https://docs.linuxserver.io/images/docker-readarr/ | ||||||
|  | - https://github.com/FlareSolverr/FlareSolverr | ||||||
|  | - https://docs.linuxserver.io/images/docker-qbittorrent/ | ||||||
|  | - https://hub.docker.com/r/qmcgaw/gluetun | ||||||
|  | - https://docs.linuxserver.io/images/docker-emby/ | ||||||
|  | - https://docs.linuxserver.io/images/docker-jellyfin (alternative option to emby) | ||||||
|  | 
 | ||||||
|  | # Notes | ||||||
|  | 
 | ||||||
|  | > [!WARNING] | ||||||
|  | > Downloading copyright restricted movies or media in general is illegal in most countries. | ||||||
|  | > | ||||||
|  | >  Use this docker stack responsibly! | ||||||
|  | 
 | ||||||
|  | > [!CAUTION] | ||||||
|  | > This setup makes use of gluetun to obtain a vpn killswitch network. This requires a vpn provider like mullvad or others. | ||||||
|  | 
 | ||||||
|  | Docker stack consisting of various arr-services like: | ||||||
|  | 
 | ||||||
|  | - Prowlarr | ||||||
|  |   - Used as indexer for torrent links | ||||||
|  | - Sonarr | ||||||
|  |   - Used for tv shows | ||||||
|  | - Radarr | ||||||
|  |   - Used for movies | ||||||
|  | - Lidarr | ||||||
|  |   - Used for music | ||||||
|  | - Readarr | ||||||
|  |   - Used for books | ||||||
|  | - Flaresolverr | ||||||
|  |   - Used to bypass Cloudflare for prowlarr | ||||||
|  |   - You must add it at prowlarr as indexer with the tag `flaresolverr` | ||||||
|  | - Qbittorrent | ||||||
|  |   - Used as download client; run behind gluetun vpn killswitch container | ||||||
|  |   - A temporary password for the `admin` user will be printed to the container log on startup. Change it immediately to a static one that does not change again. | ||||||
|  | - Gluetun | ||||||
|  |   - Used for establishing an openvpn/wireguard killswitch vpn connection for qbittorrent | ||||||
|  |   - Requires an active subscription for a vpn provider (e.g. Mullvad) | ||||||
|  | - Emby / Jellyfin | ||||||
|  |   - Used to manage your media libraries and stream it from various devices | ||||||
|  |   | ||||||
|  | The following bind mount volumes are defined: | ||||||
|  | 
 | ||||||
|  | - `/arr-suite/configs/<container-name>` | ||||||
|  |   - holds the config files of an arr container | ||||||
|  | - `/arr-suite/media/` | ||||||
|  |   - will hold your media files such as movies, music, books, tv-shows, qbittorrent downloads etc. | ||||||
|  | 
 | ||||||
|  | ## Setup | ||||||
|  | 
 | ||||||
|  | You can follow this Youtube tutorial on how to setup most of the arr applications: | ||||||
|  | 
 | ||||||
|  | https://www.youtube.com/watch?v=LD8-Qr3B2-o | ||||||
|  | 
 | ||||||
|  | **Note**:  As all arr containers live within the same Docker network, you can easily reference container names instead of IPs. Docker will resolve the container names automatically to the current docker containers' IP. No need for port mappings or defining your Docker server's IP address. Use Docker networks! The only exception is qbittorrent, which uses the vpn killswitch network of the gluetun container. Here, the gluetun container will expose qbittorrent's web ui on TCP/8080 and the IP address of your docker host server. Setup qbittorrent in all arr-applications using your server's local IP address, on which port 8080 is mapped to. | ||||||
|  | 
 | ||||||
|  | > [!WARNING] | ||||||
|  | > We configured qbittorrent to use the non-default path `/media/downloads` for downloads. | ||||||
|  | > | ||||||
|  | > Please define this location path in the qbittorrent admin panel too! | ||||||
|  | 
 | ||||||
|  |  | ||||||
|  | 
 | ||||||
|  |  | ||||||
|  | 
 | ||||||
|  |  | ||||||
|  | 
 | ||||||
|  |  | ||||||
|  | 
 | ||||||
|  | ## Traefik + Emby + HTTP Headers | ||||||
|  | 
 | ||||||
|  | During the setup of Emby in a web browser (HTTPS via Traefik) you may notice errors in the developer console, which prevent the web page from loading properly. | ||||||
|  | 
 | ||||||
|  | Those errors occur, if you have configured secure HTTP response headers such as X-Content-Type-Options with the directive "nosniff". | ||||||
|  | 
 | ||||||
|  | To complete the web-based setup, you either have to temporarely disable the HTTP header or browse the Emby instance without Traefik as reverse proxy.  | ||||||
|  | 
 | ||||||
|  | After the setup was completed, the errors are gone and you can use Emby regularly with Traefik, HTTPS and any X-Content-Type-Options header configuration. | ||||||
							
								
								
									
										263
									
								
								examples/arr-suite/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										263
									
								
								examples/arr-suite/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,263 @@ | ||||||
|  | version: "3.6" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  | 
 | ||||||
|  |   # image used to index torrent links from the internet | ||||||
|  |   prowlarr: | ||||||
|  |     image: linuxserver/prowlarr:latest | ||||||
|  |     container_name: arr-suite-prowlarr | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/prowlarr:/config # database and Prowlarr configs | ||||||
|  |     expose: | ||||||
|  |       - 9696/tcp # web ui | ||||||
|  |     ports: | ||||||
|  |       - 9696:9696/tcp # web ui | ||||||
|  |     restart: unless-stopped | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.prowlarr.rule=Host(`prowlarr.example.com`) | ||||||
|  |     #  - traefik.http.services.prowlarr.loadbalancer.server.port=9696 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.prowlarr.middlewares=local-ipwhitelist@file | ||||||
|  | 
 | ||||||
|  |   # image used to scan for tv shows | ||||||
|  |   sonarr: | ||||||
|  |     image: linuxserver/sonarr:latest | ||||||
|  |     container_name: arr-suite-sonarr | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/sonarr:/config # database and Radarr configs | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/media:/media # location of media and qbittorrent download folder | ||||||
|  |     expose: | ||||||
|  |       - 8989/tcp # web ui | ||||||
|  |     ports: | ||||||
|  |       - 8989:8989/tcp # web ui | ||||||
|  |     restart: unless-stopped | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.sonarr.rule=Host(`sonarr.example.com`) | ||||||
|  |     #  - traefik.http.services.sonarr.loadbalancer.server.port=8989 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.sonarr.middlewares=local-ipwhitelist@file | ||||||
|  | 
 | ||||||
|  |   # image used to scan for movies | ||||||
|  |   radarr: | ||||||
|  |     image: linuxserver/radarr:latest | ||||||
|  |     container_name: arr-suite-radarr | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/radarr:/config | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/media:/media # location of media and qbittorrent download folder | ||||||
|  |     expose: | ||||||
|  |       - 7878/tcp # web ui | ||||||
|  |     ports: | ||||||
|  |       - 7878:7878/tcp # web ui | ||||||
|  |     restart: unless-stopped | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.radarr.rule=Host(`radarr.example.com`) | ||||||
|  |     #  - traefik.http.services.radarr.loadbalancer.server.port=7878 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.radarr.middlewares=local-ipwhitelist@file | ||||||
|  | 
 | ||||||
|  |   # image used to scan for music | ||||||
|  |   lidarr: | ||||||
|  |     image: linuxserver/lidarr:latest | ||||||
|  |     container_name: arr-suite-lidarr | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/lidarr:/config | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/media:/media # location of media and qbittorrent download folder | ||||||
|  |     expose: | ||||||
|  |       - 8686/tcp # web ui | ||||||
|  |     ports: | ||||||
|  |       - 8686:8686/tcp # web ui | ||||||
|  |     restart: unless-stopped | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.lidarr.rule=Host(`lidarr.example.com`) | ||||||
|  |     #  - traefik.http.services.lidarr.loadbalancer.server.port=8686 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.lidarr.middlewares=local-ipwhitelist@file | ||||||
|  | 
 | ||||||
|  |   # image used to scan for books | ||||||
|  |   readarr: | ||||||
|  |     image: linuxserver/readarr:develop | ||||||
|  |     container_name: arr-suite-readarr | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/readarr:/config | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/media:/media # location of media and qbittorrent download folder | ||||||
|  |     expose: | ||||||
|  |       - 8787/tcp # web ui | ||||||
|  |     ports: | ||||||
|  |       - 8787:8787/tcp # web ui | ||||||
|  |     restart: unless-stopped | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.readarr.rule=Host(`readarr.example.com`) | ||||||
|  |     #  - traefik.http.services.readarr.loadbalancer.server.port=8787 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.readarr.middlewares=local-ipwhitelist@file | ||||||
|  | 
 | ||||||
|  |   # image used to bypass cloudflare for prowlarr | ||||||
|  |   flaresolverr: | ||||||
|  |     image: flaresolverr/flaresolverr:latest | ||||||
|  |     container_name: arr-suite-flaresolverr | ||||||
|  |     environment: | ||||||
|  |       - LOG_LEVEL=info | ||||||
|  |       - LOG_HTML=false | ||||||
|  |       - CAPTCHA_SOLVER=none | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |     expose: | ||||||
|  |       - 8191/tcp # listening port for selenium | ||||||
|  |     restart: unless-stopped | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy     | ||||||
|  | 
 | ||||||
|  |   # image used for vpn killswitch network | ||||||
|  |   gluetun: | ||||||
|  |     image: qmcgaw/gluetun:latest | ||||||
|  |     container_name: arr-suite-gluetun | ||||||
|  |     cap_add: | ||||||
|  |       - NET_ADMIN | ||||||
|  |     ports: | ||||||
|  |       - 8080:8080 # qbittorrent http web ui | ||||||
|  |     environment: | ||||||
|  |       # see https://github.com/qdm12/gluetun-wiki for more details | ||||||
|  |       # example envs based on https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/mullvad.md | ||||||
|  |       - VPN_SERVICE_PROVIDER=mullvad # define the vpn provider | ||||||
|  |       - VPN_TYPE=wireguard # define the vpn protocol to use | ||||||
|  |       - WIREGUARD_PRIVATE_KEY=wOEI9rqqbDwnN8/Bpp22sVz48T71vJ4fYmFWujulwUU= # define your wireguard private key here | ||||||
|  |       - WIREGUARD_ADDRESSES=10.64.222.21/32 # define the ipv4 vpn network subnet here | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/gluetun:/gluetun | ||||||
|  |     restart: unless-stopped | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.qbittorrent.rule=Host(`qbittorrent.example.com`) | ||||||
|  |     #  - traefik.http.services.qbittorrent.loadbalancer.server.port=8080 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.qbittorrent.middlewares=local-ipwhitelist@file | ||||||
|  | 
 | ||||||
|  |   # image used to download stuff; run over gluetun network (vpn killswitch) | ||||||
|  |   qbittorrent: | ||||||
|  |     image: linuxserver/qbittorrent:latest | ||||||
|  |     container_name: arr-suite-qbittorrent | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |       - WEBUI_PORT=8080 | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/qbittorrent:/config | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/media/downloads:/media/downloads | ||||||
|  |     depends_on: | ||||||
|  |       - gluetun | ||||||
|  |     network_mode: container:arr-suite-gluetun # use the gluetun container network (vpn killswitch) | ||||||
|  |     restart: unless-stopped | ||||||
|  | 
 | ||||||
|  |   # image used to manage media and stream it | ||||||
|  |   emby: | ||||||
|  |     image: linuxserver/emby:latest | ||||||
|  |     container_name: arr-suite-emby | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/emby:/config # emby data storage location; can grow very large | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/media:/data # media goes here | ||||||
|  |       #- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/emby/lib:/opt/vc/lib # optional; path for Raspberry Pi OpenMAX libs | ||||||
|  |     expose: | ||||||
|  |       - 8096/tcp # http web ui | ||||||
|  |       - 8920/tcp # https web ui | ||||||
|  |     ports: | ||||||
|  |       - 8096:8096/tcp # http web ui | ||||||
|  |     #devices: | ||||||
|  |     #  - /dev/dri:/dev/dri #optional | ||||||
|  |     #  - /dev/vchiq:/dev/vchiq #optional | ||||||
|  |     #  - /dev/video10:/dev/video10 #optional | ||||||
|  |     #  - /dev/video11:/dev/video11 #optional | ||||||
|  |     #  - /dev/video12:/dev/video12 #optional | ||||||
|  |     restart: unless-stopped | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.emby.rule=Host(`emby.example.com`) | ||||||
|  |     #  - traefik.http.services.emby.loadbalancer.server.port=8096 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.emby.middlewares=local-ipwhitelist@file | ||||||
|  | 
 | ||||||
|  |   # image used to manage media and stream it | ||||||
|  |   #jellyfin: | ||||||
|  |   #  image: linuxserver/jellyfin:latest | ||||||
|  |   #  container_name: arr-suite-jellyfin | ||||||
|  |   #  environment: | ||||||
|  |   #    - PUID=1000 | ||||||
|  |   #    - PGID=1000 | ||||||
|  |   #    - TZ=Europe/Berlin | ||||||
|  |   #  volumes: | ||||||
|  |   #    - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/jellyfin:/config # emby data storage location; can grow very large | ||||||
|  |   #    - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/media:/data # media goes here | ||||||
|  |   #    #- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/jellyfin/lib:/opt/vc/lib # optional; path for Raspberry Pi OpenMAX libs | ||||||
|  |   #  expose: | ||||||
|  |   #    - 8096/tcp # http web ui | ||||||
|  |   #  ports: | ||||||
|  |   #    - 8096:8096/tcp # http web ui | ||||||
|  |   #  #devices: | ||||||
|  |   #  #  - /dev/dri:/dev/dri #optional | ||||||
|  |   #  #  - /dev/vchiq:/dev/vchiq #optional | ||||||
|  |   #  #  - /dev/video10:/dev/video10 #optional | ||||||
|  |   #  #  - /dev/video11:/dev/video11 #optional | ||||||
|  |   #  #  - /dev/video12:/dev/video12 #optional | ||||||
|  |   #  restart: unless-stopped | ||||||
|  |   #  #networks: | ||||||
|  |   #  #  - proxy | ||||||
|  |   #  #labels: | ||||||
|  |   #  #  - traefik.enable=true | ||||||
|  |   #  #  - traefik.docker.network=proxy | ||||||
|  |   #  #  - traefik.http.routers.jellyfin.rule=Host(`jellyfin.example.com`) | ||||||
|  |   #  #  - traefik.http.services.jellyfin.loadbalancer.server.port=8096 | ||||||
|  |   #  #  # Optional part for traefik middlewares | ||||||
|  |   #  #  - traefik.http.routers.jellyfin.middlewares=local-ipwhitelist@file     | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
							
								
								
									
										23
									
								
								examples/authelia/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										23
									
								
								examples/authelia/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,23 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/authelia/authelia | ||||||
|  | - https://www.youtube.com/watch?v=u6H-Qwf4nZA&t=1314s | ||||||
|  | - https://docs.technotim.live/posts/authelia-traefik/ | ||||||
|  | 
 | ||||||
|  | # Notes | ||||||
|  | 
 | ||||||
|  | You have to put the configuration files from the directory `config` here to your Docker volume bind mount. | ||||||
|  | 
 | ||||||
|  | The do the following: | ||||||
|  | 
 | ||||||
|  | 1. Adjust the configuration.yml to your needs. Especially replace exmaple.com with your own domain name. Add all your to be protected subdomains to the access_control area. Replace all secrets with your secure strings (may use `openssl rand -base64 35` to generate a secure, random string). | ||||||
|  | 2. Adjust users_database.yml and add your user accounts. You can create new password hashes via `docker run --rm authelia/authelia:latest authelia crypto hash generate argon2 --password 'ExamplePassword'` | ||||||
|  | 3. Finally, add authelia as middleware for each container to protect. I recommend using labels. Note that authelia should always be listed first. | ||||||
|  | 
 | ||||||
|  | ```` | ||||||
|  |     labels: | ||||||
|  |       - traefik.enable=true | ||||||
|  |       - traefik.http.routers.protected-service.middlewares=authelia@docker,local-ipwhitelist@file | ||||||
|  | ```` | ||||||
|  | 
 | ||||||
|  | **Note**: You can also add Authelia as file provider middleware. See [here](../traefik/fileConfig.yml) for an example Traefik dynamic configuration file. Afterwards, you can use the file provider `authelia@file` instead or besides of `authelia@docker`. | ||||||
							
								
								
									
										176
									
								
								examples/authelia/config/configuration.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										176
									
								
								examples/authelia/config/configuration.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,176 @@ | ||||||
|  | --- | ||||||
|  | ############################################################### | ||||||
|  | #                   Authelia configuration                    # | ||||||
|  | ############################################################### | ||||||
|  | 
 | ||||||
|  | server: | ||||||
|  |   address: 'tcp://:9091/' | ||||||
|  |    | ||||||
|  | log: | ||||||
|  |   level: debug | ||||||
|  | 
 | ||||||
|  | theme: dark | ||||||
|  | 
 | ||||||
|  | identity_validation: | ||||||
|  |   reset_password: | ||||||
|  |     jwt_secret: unsecure_jwt_secret | ||||||
|  | 
 | ||||||
|  | totp: | ||||||
|  |   issuer: authelia.com | ||||||
|  | 
 | ||||||
|  | # duo_api: | ||||||
|  | #  hostname: api-123456789.example.com | ||||||
|  | #  integration_key: ABCDEF | ||||||
|  | #  # This secret can also be set using the env variables AUTHELIA_DUO_API_SECRET_KEY_FILE | ||||||
|  | #  secret_key: 1234567890abcdefghifjkl | ||||||
|  | 
 | ||||||
|  | password_policy: | ||||||
|  |   standard: | ||||||
|  |     enabled: true | ||||||
|  |     min_length: 16 | ||||||
|  |     max_length: 0 | ||||||
|  |     require_uppercase: true | ||||||
|  |     require_lowercase: true | ||||||
|  |     require_number: true | ||||||
|  |     require_special: true | ||||||
|  | 
 | ||||||
|  | authentication_backend: | ||||||
|  |   file: | ||||||
|  |     path: /config/users_database.yml | ||||||
|  |     password: | ||||||
|  |       algorithm: argon2id | ||||||
|  |       iterations: 1 | ||||||
|  |       salt_length: 16 | ||||||
|  |       parallelism: 8 | ||||||
|  |       memory: 64 | ||||||
|  | 
 | ||||||
|  | access_control: | ||||||
|  |   default_policy: deny | ||||||
|  |   rules: | ||||||
|  |     # Rules applied to everyone | ||||||
|  |     # chose from bypass, one_factor and two_factor | ||||||
|  |     - domain: public.example.com | ||||||
|  |       policy: bypass | ||||||
|  |     - domain: subdomain1.example.com | ||||||
|  |       policy: one_factor | ||||||
|  |     - domain: subdomain2.example.com | ||||||
|  |       policy: two_factor | ||||||
|  |       subject: | ||||||
|  |         - "group:admins"  # access restriction based on groups | ||||||
|  | 
 | ||||||
|  | session: | ||||||
|  |   name: authelia_session | ||||||
|  |   # This secret can also be set using the env variables AUTHELIA_SESSION_SECRET_FILE | ||||||
|  |   secret: unsecure_session_secret | ||||||
|  |   expiration: 1h  # 1 hour | ||||||
|  |   inactivity: 5m  # 5 minutes | ||||||
|  |   cookies: | ||||||
|  |     - domain: example.com | ||||||
|  |       authelia_url: 'https://example.com' | ||||||
|  |       default_redirection_url: 'https://www.example.com'  # must be diffent to authelia_url | ||||||
|  |        | ||||||
|  |   redis: | ||||||
|  |     host: authelia-redis | ||||||
|  |     port: 6379 | ||||||
|  |     # This secret can also be set using the env variables AUTHELIA_SESSION_REDIS_PASSWORD_FILE | ||||||
|  |     password: SuperSecureRedisAuthPassword # must be the same as in the docker-compose.yml defined for the redis service | ||||||
|  | 
 | ||||||
|  | regulation: | ||||||
|  |   max_retries: 3 | ||||||
|  |   find_time: 120 | ||||||
|  |   ban_time: 300 | ||||||
|  | 
 | ||||||
|  | # yubikey support | ||||||
|  | webauthn: | ||||||
|  |   disable: false | ||||||
|  |   display_name: Authelia | ||||||
|  |   attestation_conveyance_preference: indirect | ||||||
|  |   user_verification: preferred | ||||||
|  |   timeout: 60s | ||||||
|  | 
 | ||||||
|  | storage: | ||||||
|  |   encryption_key: a_very_important_secret # Now required | ||||||
|  |   local: | ||||||
|  |     path: /config/db.sqlite3 | ||||||
|  | 
 | ||||||
|  | notifier: | ||||||
|  |   # smtp: | ||||||
|  |   #   username: test | ||||||
|  |   #   # This secret can also be set using the env variables AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE | ||||||
|  |   #   password: password | ||||||
|  |   #   host: smtp.gmail.com | ||||||
|  |   #   port: 465 | ||||||
|  |   #   sender: "MySender <admin@example.com>" | ||||||
|  |   filesystem: | ||||||
|  |     filename: /config/notifications.txt | ||||||
|  | 
 | ||||||
|  | #identity_providers: | ||||||
|  | #  oidc: | ||||||
|  | #    hmac_secret: 'a-very-secure-hmac-secret' | ||||||
|  | #    jwks: | ||||||
|  | #      - key_id: 'authelia' | ||||||
|  | #        algorithm: 'RS256' | ||||||
|  | #        use: 'sig' | ||||||
|  | #        certificate_chain: | | ||||||
|  | #          -----BEGIN CERTIFICATE----- | ||||||
|  | #          <PUBLIC-KEY-DATA-COMES-HERE> | ||||||
|  | #          -----END CERTIFICATE----- | ||||||
|  | #        key: | | ||||||
|  | #          -----BEGIN PRIVATE KEY----- | ||||||
|  | #          <PRIVATE-KEY-DATA-COMES-HERE> | ||||||
|  | #          -----END PRIVATE KEY----- | ||||||
|  | #    enable_client_debug_messages: false | ||||||
|  | #    minimum_parameter_entropy: 8 | ||||||
|  | #    enforce_pkce: 'public_clients_only' | ||||||
|  | #    enable_pkce_plain_challenge: false | ||||||
|  | #    enable_jwt_access_token_stateless_introspection: false | ||||||
|  | #    discovery_signed_response_alg: 'none' | ||||||
|  | #    discovery_signed_response_key_id: '' | ||||||
|  | #    require_pushed_authorization_requests: false | ||||||
|  | #    lifespans: | ||||||
|  | #      access_token: '1h' | ||||||
|  | #      authorize_code: '1m' | ||||||
|  | #      id_token: '1h' | ||||||
|  | #      refresh_token: '90m' | ||||||
|  | #    cors: | ||||||
|  | #      endpoints: | ||||||
|  | #        - 'authorization' | ||||||
|  | #        - 'token' | ||||||
|  | #        - 'revocation' | ||||||
|  | #        - 'introspection' | ||||||
|  | #      allowed_origins: | ||||||
|  | #        - 'https://immich.example.com' | ||||||
|  | #      allowed_origins_from_client_redirect_uris: false | ||||||
|  | #    clients: | ||||||
|  | #      - client_id: immich | ||||||
|  | #        client_name: Immich OIDC | ||||||
|  | #        client_secret: 'a-very-secure-client-secret' | ||||||
|  | #        public: false | ||||||
|  | #        authorization_policy: one_factor # may use two_factor to enforce 2FA | ||||||
|  | #        consent_mode: explicit | ||||||
|  | #        token_endpoint_auth_method: "client_secret_basic" | ||||||
|  | #        pre_configured_consent_duration: 1w | ||||||
|  | #        scopes: | ||||||
|  | #          - openid | ||||||
|  | #          - groups | ||||||
|  | #          - email | ||||||
|  | #          - profile | ||||||
|  | #        redirect_uris: # adjust to your domains | ||||||
|  | #          - https://authelia.example.com/ | ||||||
|  | #          - https://authelia.example.com/oauth2/callback | ||||||
|  | #          - https://immich.example.com/oauth2/callback | ||||||
|  | #          - https://immich.example.com/auth/login | ||||||
|  | #          - https://immich.example.com/user-settings | ||||||
|  | #          - https://immich.example.com | ||||||
|  | #          - app.immich:/ | ||||||
|  | #          - https://immich.example.com/api/oauth/mobile-redirect | ||||||
|  | #        grant_types: | ||||||
|  | #          - refresh_token | ||||||
|  | #          - authorization_code | ||||||
|  | #        response_types: | ||||||
|  | #          - code | ||||||
|  | #        response_modes: | ||||||
|  | #          - form_post | ||||||
|  | #          - query | ||||||
|  | #          - fragment     | ||||||
|  | ... | ||||||
							
								
								
									
										19
									
								
								examples/authelia/config/users_database.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								examples/authelia/config/users_database.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,19 @@ | ||||||
|  | --- | ||||||
|  | ############################################################### | ||||||
|  | #                         Users Database                      # | ||||||
|  | ############################################################### | ||||||
|  | 
 | ||||||
|  | # This file can be used if you do not have an LDAP set up. | ||||||
|  | 
 | ||||||
|  | # List of users | ||||||
|  | users: | ||||||
|  |   yourUsername:  # define here your username | ||||||
|  |     disabled: false | ||||||
|  |     displayname: "My Authelia User" | ||||||
|  |     # Password is authelia | ||||||
|  |     password: "$argon2id$v=19$m=65536,t=3,p=4$mTOaOa3MOexX7JQ02BdXzw$OzAxTnSPEnahQgIi+y4QPP5/xYIQ8uEWDYW+vlupeTM"  # generate a secure hash with: $ docker run authelia/authelia:latest authelia crypto hash generate argon2 --password 'password' | ||||||
|  |     email: authelia@example.com | ||||||
|  |     groups: | ||||||
|  |       - admins | ||||||
|  |       - dev | ||||||
|  | ... | ||||||
							
								
								
									
										40
									
								
								examples/authelia/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										40
									
								
								examples/authelia/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,40 @@ | ||||||
|  | version: '3.3' | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   authelia: | ||||||
|  |     image: authelia/authelia | ||||||
|  |     container_name: authelia | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/authelia/config:/config | ||||||
|  |     networks: | ||||||
|  |       - proxy | ||||||
|  |     labels: | ||||||
|  |       - 'traefik.enable=true' | ||||||
|  |       - 'traefik.http.routers.authelia.rule=Host(`auth.example.com`)'  # replace with your domain name | ||||||
|  |       - 'traefik.http.routers.authelia.entrypoints=https' | ||||||
|  |       - 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.example.com'  # replace with your domain name | ||||||
|  |       - 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true' | ||||||
|  |       - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'  # yamllint disable-line rule:line-length | ||||||
|  |     expose: | ||||||
|  |       - 9091 | ||||||
|  |     restart: unless-stopped | ||||||
|  |     environment: | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  | 
 | ||||||
|  |   redis: | ||||||
|  |     image: redis:alpine | ||||||
|  |     container_name: authelia-redis | ||||||
|  |     command: redis-server --requirepass SuperSecureRedisAuthPassword # also reflect this in the authelia config file | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/authelia/redis:/data | ||||||
|  |     networks: | ||||||
|  |       - proxy | ||||||
|  |     expose: | ||||||
|  |       - 6379 | ||||||
|  |     restart: unless-stopped | ||||||
|  |     environment: | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  | 
 | ||||||
|  | networks: | ||||||
|  |    proxy: | ||||||
|  |       external: true | ||||||
							
								
								
									
										12
									
								
								examples/authentik/.env
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										12
									
								
								examples/authentik/.env
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,12 @@ | ||||||
|  | # define the version to use | ||||||
|  | AUTHENTIK_VERSION=2024.8 | ||||||
|  | 
 | ||||||
|  | # database credentials | ||||||
|  | PG_USER=authentik | ||||||
|  | PG_DB=authentik | ||||||
|  | 
 | ||||||
|  | # generate via: pwgen -s 40 1 | ||||||
|  | PG_PASS=7jFjT4pUyf0YOlQ84LrO6JdLVWpzKEGiEMtdVwBE | ||||||
|  | 
 | ||||||
|  | # generate via: pwgen -s 50 1 | ||||||
|  | AUTHENTIK_SECRET_KEY=YZRzXecsKQVEJ3Lr5uoKRGXZkETsYjUDT1qtQ28JjzWzDYvcoG | ||||||
							
								
								
									
										30
									
								
								examples/authentik/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										30
									
								
								examples/authentik/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,30 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://goauthentik.io/docs/installation/ | ||||||
|  | - https://blog.lrvt.de/authentik-traefik-azure-ad/ | ||||||
|  | 
 | ||||||
|  | # Notes | ||||||
|  | 
 | ||||||
|  | Start by creating a new Docker network for separation: | ||||||
|  | 
 | ||||||
|  | ```` | ||||||
|  | docker network create authentik-internal | ||||||
|  | ```` | ||||||
|  | 
 | ||||||
|  | Then adjust the `.env` file with your private secrets and spawn up the stack: | ||||||
|  | 
 | ||||||
|  | ```` | ||||||
|  | docker compose up -d | ||||||
|  | ```` | ||||||
|  | 
 | ||||||
|  | After spawning up the Authentik stack, you will be greeted by Authentik's login dashboard. However, you have to onboard an admin user first.  | ||||||
|  | 
 | ||||||
|  | This is done by visiting the following URL:  | ||||||
|  | 
 | ||||||
|  | ```` | ||||||
|  | # with TLS reverse proxy | ||||||
|  | https://<hostname>/if/flow/initial-setup/ | ||||||
|  | 
 | ||||||
|  | # without TLS reverse proxy | ||||||
|  | https://<hostname>:9000/if/flow/initial-setup/ | ||||||
|  | ```` | ||||||
							
								
								
									
										109
									
								
								examples/authentik/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										109
									
								
								examples/authentik/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,109 @@ | ||||||
|  | version: "3.4" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  | 
 | ||||||
|  |   postgresql: | ||||||
|  |     image: docker.io/library/postgres:16-alpine | ||||||
|  |     container_name: authentik-psql | ||||||
|  |     restart: unless-stopped | ||||||
|  |     healthcheck: | ||||||
|  |       test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] | ||||||
|  |       start_period: 20s | ||||||
|  |       interval: 30s | ||||||
|  |       retries: 5 | ||||||
|  |       timeout: 5s | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/authentik/psql:/var/lib/postgresql/data | ||||||
|  |     environment: | ||||||
|  |       POSTGRES_PASSWORD: ${PG_PASS:-authentik} | ||||||
|  |       POSTGRES_USER: ${PG_USER:-authentik} | ||||||
|  |       POSTGRES_DB: ${PG_DB:-authentik} | ||||||
|  |     env_file: | ||||||
|  |       - .env | ||||||
|  |     networks: | ||||||
|  |       - authentik-internal | ||||||
|  | 
 | ||||||
|  |   redis: | ||||||
|  |     image: docker.io/library/redis:alpine | ||||||
|  |     container_name: authentik-redis | ||||||
|  |     command: --save 60 1 --loglevel warning | ||||||
|  |     restart: unless-stopped | ||||||
|  |     healthcheck: | ||||||
|  |       test: ["CMD-SHELL", "redis-cli ping | grep PONG"] | ||||||
|  |       start_period: 20s | ||||||
|  |       interval: 30s | ||||||
|  |       retries: 5 | ||||||
|  |       timeout: 3s | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/authentik/redis:/data | ||||||
|  |     networks: | ||||||
|  |       - authentik-internal | ||||||
|  | 
 | ||||||
|  |   authentik-proxy: | ||||||
|  |     image: ghcr.io/goauthentik/server:${AUTHENTIK_VERSION:-2024.8} | ||||||
|  |     container_name: authentik | ||||||
|  |     restart: unless-stopped | ||||||
|  |     command: server | ||||||
|  |     environment: | ||||||
|  |       AUTHENTIK_REDIS__HOST: redis | ||||||
|  |       AUTHENTIK_POSTGRESQL__HOST: postgresql | ||||||
|  |       AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} | ||||||
|  |       AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} | ||||||
|  |       AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS:-authentik} | ||||||
|  |       AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:-authentiksupersecretkey} | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/authentik/media:/media | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/authentik/custom-templates:/templates | ||||||
|  |     ports: | ||||||
|  |       - 9000 | ||||||
|  |     expose: | ||||||
|  |       - 9000 | ||||||
|  |       - 9443 | ||||||
|  |     env_file: | ||||||
|  |       - .env | ||||||
|  |     depends_on: | ||||||
|  |       - postgresql | ||||||
|  |       - redis | ||||||
|  |     networks: | ||||||
|  |       - proxy | ||||||
|  |       - authentik-internal | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.http.routers.authentik.rule=Host(`authentik.example.com`) || HostRegexp(`{subdomain:[A-Za-z0-9](?:[A-Za-z0-9\-]{0,61}[A-Za-z0-9])?}.example.com`) && PathPrefix(`/outpost.goauthentik.io/`) | ||||||
|  |     #  - traefik.http.services.authentik.loadbalancer.server.port=9000 | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.middlewares.authentik.forwardauth.address=http://authentik-proxy:9000/outpost.goauthentik.io/auth/traefik | ||||||
|  |     #  - traefik.http.middlewares.authentik.forwardauth.trustForwardHeader=true | ||||||
|  |     #  - traefik.http.middlewares.authentik.forwardauth.authResponseHeaders=X-authentik-username,X-authentik-groups,X-authentik-email,X-authentik-name,X-authentik-uid,X-authentik-jwt,X-authentik-meta-jwks,X-authentik-meta-outpost,X-authentik-meta-provider,X-authentik-meta-app,X-authentik-meta-version | ||||||
|  | 
 | ||||||
|  |   worker: | ||||||
|  |     image: ghcr.io/goauthentik/server:${AUTHENTIK_VERSION:-2024.8} | ||||||
|  |     container_name: authentik-worker | ||||||
|  |     restart: unless-stopped | ||||||
|  |     command: worker | ||||||
|  |     user: root | ||||||
|  |     environment: | ||||||
|  |       AUTHENTIK_REDIS__HOST: redis | ||||||
|  |       AUTHENTIK_POSTGRESQL__HOST: postgresql | ||||||
|  |       AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} | ||||||
|  |       AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} | ||||||
|  |       AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS:-authentik} | ||||||
|  |       AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:-authentiksupersecretkey} | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/authentik/certs:/certs | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/authentik/media:/media | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/authentik/custom-templates:/templates | ||||||
|  |     env_file: | ||||||
|  |       - .env | ||||||
|  |     depends_on: | ||||||
|  |       - postgresql | ||||||
|  |       - redis | ||||||
|  |     networks: | ||||||
|  |       - proxy | ||||||
|  |       - authentik-internal | ||||||
|  | 
 | ||||||
|  | networks: | ||||||
|  |   proxy: | ||||||
|  |     external: true | ||||||
|  |   authentik-internal: | ||||||
|  |     internal: true | ||||||
							
								
								
									
										4
									
								
								examples/bibliogram/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								examples/bibliogram/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,4 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://hub.docker.com/r/schklom/bibliogram | ||||||
|  | - https://git.sr.ht/~cadence/bibliogram-docs/tree/master/docs/Configuring.md#files | ||||||
							
								
								
									
										3
									
								
								examples/bibliogram/config.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/bibliogram/config.js
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | module.exports = { | ||||||
|  |     website_origin: "https://mydomain.net" | ||||||
|  | } | ||||||
							
								
								
									
										23
									
								
								examples/bibliogram/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										23
									
								
								examples/bibliogram/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,23 @@ | ||||||
|  | version: '3.4' | ||||||
|  | services: | ||||||
|  |   bibliogram: | ||||||
|  |     image: schklom/bibliogram | ||||||
|  |     container_name: bibliogram | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/bibliogram/config.js:/app/config.js:ro | ||||||
|  |     ports: | ||||||
|  |       - 10407:10407 | ||||||
|  |     restart: unless-stopped | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.bibliogram.rule=Host(`bibliogram.example.com`) | ||||||
|  |     #  - traefik.http.services.bibliogram.loadbalancer.server.port=10407 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.bibliogram.middlewares=local-ipwhitelist@file,authelia@docker | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true   | ||||||
							
								
								
									
										7
									
								
								examples/bitwarden/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										7
									
								
								examples/bitwarden/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,7 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://bitwarden.com/help/install-and-deploy-unified-beta/ | ||||||
|  | 
 | ||||||
|  | # Note | ||||||
|  | 
 | ||||||
|  | Does not work with MariaDB at the moment. See https://github.com/bitwarden/server/issues/2718 | ||||||
							
								
								
									
										49
									
								
								examples/bitwarden/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										49
									
								
								examples/bitwarden/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,49 @@ | ||||||
|  | version: "3.8" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   bitwarden: | ||||||
|  |     image: bitwarden/self-host:2024.8.0-beta | ||||||
|  |     container_name: bitwarden_unified | ||||||
|  |     restart: always | ||||||
|  |     depends_on: | ||||||
|  |       - db | ||||||
|  |     env_file: | ||||||
|  |       - settings.env | ||||||
|  |     ports: | ||||||
|  |       - "8888:8080" | ||||||
|  |     expose: | ||||||
|  |       - 8080 | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/bitwarden-unified/data:/etc/bitwarden | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/bitwarden-unified/data/logs:/var/log/bitwarden | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.bitwarden.rule=Host(`bitwarden.example.com`) | ||||||
|  |     #  - traefik.http.services.bitwarden.loadbalancer.server.port=8080 | ||||||
|  |     #  # Optional part for file upload max sizes | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000 | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000 | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000 | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.bitwarden.middlewares=local-ipwhitelist@file | ||||||
|  |    | ||||||
|  |   db: | ||||||
|  |     image: postgres:alpine3.18 | ||||||
|  |     container_name: bitwarden_unified_db | ||||||
|  |     restart: always | ||||||
|  |     environment: | ||||||
|  |       POSTGRES_USER: "bitwarden" | ||||||
|  |       POSTGRES_PASSWORD: "super_strong_password" | ||||||
|  |       POSTGRES_DB: "bitwarden_vault"     | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/bitwarden-unified/psql:/var/lib/postgresql/data | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
							
								
								
									
										61
									
								
								examples/bitwarden/settings.env
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										61
									
								
								examples/bitwarden/settings.env
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,61 @@ | ||||||
|  | ##################### | ||||||
|  | # Required Settings # | ||||||
|  | ##################### | ||||||
|  | 
 | ||||||
|  | # Server hostname | ||||||
|  | BW_DOMAIN=bitwarden.example.com | ||||||
|  | 
 | ||||||
|  | # Database | ||||||
|  | # Available providers are sqlserver, postgresql, or mysql/mariadb | ||||||
|  | BW_DB_PROVIDER=postgresql | ||||||
|  | BW_DB_SERVER=db | ||||||
|  | BW_DB_DATABASE=bitwarden_vault | ||||||
|  | BW_DB_USERNAME=bitwarden | ||||||
|  | BW_DB_PASSWORD=super_strong_password | ||||||
|  | 
 | ||||||
|  | # Installation information | ||||||
|  | # Get your ID and key from https://bitwarden.com/host/ | ||||||
|  | BW_INSTALLATION_ID=xxxxxxxx-xxxxxxxx-xxxxxxxxx-xxxxxxxxxxx # change this !!! | ||||||
|  | BW_INSTALLATION_KEY=MyInstallationkey # change this !!! | ||||||
|  | 
 | ||||||
|  | ##################### | ||||||
|  | # Optional Settings # | ||||||
|  | ##################### | ||||||
|  | # Learn more here: https://bitwarden.com/help/environment-variables/ | ||||||
|  | 
 | ||||||
|  | # SSL | ||||||
|  | #BW_ENABLE_SSL=true | ||||||
|  | #BW_ENABLE_SSL_CA=true | ||||||
|  | #BW_SSL_CERT=ssl.crt | ||||||
|  | #BW_SSL_KEY=ssl.key | ||||||
|  | #BW_SSL_CA_CERT=ca.crt | ||||||
|  | 
 | ||||||
|  | # Services | ||||||
|  | # Some services, namely for enterprise use cases, are disabled by default. Defaults shown below. | ||||||
|  | #BW_ENABLE_ADMIN=true | ||||||
|  | #BW_ENABLE_API=true | ||||||
|  | #BW_ENABLE_EVENTS=false | ||||||
|  | #BW_ENABLE_ICONS=true | ||||||
|  | #BW_ENABLE_IDENTITY=true | ||||||
|  | #BW_ENABLE_NOTIFICATIONS=true | ||||||
|  | #BW_ENABLE_SCIM=false | ||||||
|  | #BW_ENABLE_SSO=false | ||||||
|  | 
 | ||||||
|  | #BW_ICONS_PROXY_TO_CLOUD=false | ||||||
|  | 
 | ||||||
|  | # Mail | ||||||
|  | #globalSettings__mail__replyToEmail=noreply@$BW_DOMAIN | ||||||
|  | #globalSettings__mail__smtp__host=smtphost.example.com | ||||||
|  | #globalSettings__mail__smtp__port=587 | ||||||
|  | #globalSettings__mail__smtp__ssl=false | ||||||
|  | #globalSettings__mail__smtp__username=smtpusername | ||||||
|  | #globalSettings__mail__smtp__password=smtppassword | ||||||
|  | 
 | ||||||
|  | # Yubikey | ||||||
|  | #globalSettings__yubico__clientId=REPLACE | ||||||
|  | #globalSettings__yubico__key=REPLACE | ||||||
|  | 
 | ||||||
|  | # Other | ||||||
|  | #globalSettings__disableUserRegistration=true | ||||||
|  | #globalSettings__hibpApiKey=REPLACE | ||||||
|  | #adminSettings__admins="admin1@email.com,admin2@email.com" | ||||||
							
								
								
									
										3
									
								
								examples/bookstack/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/bookstack/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/linuxserver/docker-bookstack | ||||||
							
								
								
									
										58
									
								
								examples/bookstack/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										58
									
								
								examples/bookstack/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,58 @@ | ||||||
|  | version: "3" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   bookstack: | ||||||
|  |     image: linuxserver/bookstack | ||||||
|  |     container_name: bookstack | ||||||
|  |     hostname: bookstack | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - APP_URL=http://127.0.0.1:8099 # change this to your prod url with https | ||||||
|  |       - DB_HOST=bookstack_db | ||||||
|  |       - DB_USER=bookstack | ||||||
|  |       - DB_PASS=USERPW1 | ||||||
|  |       - DB_DATABASE=bookstackapp | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/bookstack/config:/config | ||||||
|  |     restart: unless-stopped | ||||||
|  |     ports: | ||||||
|  |       - 8099:80 | ||||||
|  |     depends_on: | ||||||
|  |       - bookstack_db | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.bookstack.rule=Host(`bookstack.example.com`) | ||||||
|  |     #  - traefik.http.services.bookstack.loadbalancer.server.port=80 | ||||||
|  |     #  # Optional part for file upload max sizes | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000 | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000 | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000 | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.bookstack.middlewares=local-ipwhitelist@file,authelia@docker     | ||||||
|  | 
 | ||||||
|  |   bookstack_db: | ||||||
|  |     image: linuxserver/mariadb | ||||||
|  |     container_name: bookstack_db | ||||||
|  |     hostname: bookstack_db | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - MYSQL_ROOT_PASSWORD=ROOTPW | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |       - MYSQL_DATABASE=bookstackapp | ||||||
|  |       - MYSQL_USER=bookstack | ||||||
|  |       - MYSQL_PASSWORD=USERPW1 | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/bookstack/mariadb-config:/config | ||||||
|  |     restart: unless-stopped | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true   | ||||||
							
								
								
									
										4
									
								
								examples/caddy/CaddyFile
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								examples/caddy/CaddyFile
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,4 @@ | ||||||
|  | service.example.com { | ||||||
|  |   encode zstd gzip | ||||||
|  |   reverse_proxy nginx:80 | ||||||
|  | } | ||||||
							
								
								
									
										3
									
								
								examples/caddy/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/caddy/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/caddyserver/caddy | ||||||
							
								
								
									
										15
									
								
								examples/caddy/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										15
									
								
								examples/caddy/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,15 @@ | ||||||
|  | version: "3.7" | ||||||
|  | services: | ||||||
|  |   caddy: | ||||||
|  |     image: caddy:latest | ||||||
|  |     container_name: caddy | ||||||
|  |     restart: unless-stopped | ||||||
|  |     environment: | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |     ports: | ||||||
|  |       - "80:80" | ||||||
|  |       - "443:443" | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/caddy/CaddyFile:/etc/caddy/Caddyfile | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/caddy/data:/data | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/caddy/config:/config | ||||||
							
								
								
									
										3
									
								
								examples/changedetection/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/changedetection/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/linuxserver/docker-changedetection.io | ||||||
							
								
								
									
										27
									
								
								examples/changedetection/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										27
									
								
								examples/changedetection/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,27 @@ | ||||||
|  | version: "2.1" | ||||||
|  | services: | ||||||
|  |   changedetection: | ||||||
|  |     image: lscr.io/linuxserver/changedetection.io:latest | ||||||
|  |     container_name: changedetection | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/changedetection/config:/config | ||||||
|  |     ports: | ||||||
|  |       - 5000:5000 | ||||||
|  |     restart: unless-stopped | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.http.routers.changedetection.rule=Host(`changedetection.example.com`) | ||||||
|  |     #  - traefik.http.services.changedetection.loadbalancer.server.port=5000 | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  # Part for local lan services only; disable to expose externally | ||||||
|  |     #  - traefik.http.routers.changedetection.middlewares=local-ipwhitelist@file,basic-auth@file | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
							
								
								
									
										31
									
								
								examples/chevereto/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										31
									
								
								examples/chevereto/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,31 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/chevereto/chevereto | ||||||
|  | 
 | ||||||
|  | # Notes | ||||||
|  | 
 | ||||||
|  | If you want to use bind mounts instead of Docker volumes, you can do so. | ||||||
|  | 
 | ||||||
|  | However, the container will report back permission errors for the path `/var/www/html/images/_assets/`. Something like: | ||||||
|  | 
 | ||||||
|  | ```` | ||||||
|  | chevereto          | Exception thrown in /var/www/html/app/src/Legacy/Classes/LocalStorage.php:45 | ||||||
|  | chevereto          |  | ||||||
|  | chevereto          | # Message [Code #600] | ||||||
|  | chevereto          | Path /var/www/html/images/_assets/ is not writable | ||||||
|  | ```` | ||||||
|  | 
 | ||||||
|  | Those can only be solved by spawning a shell into the Docker container and fixing the permissions as follows: | ||||||
|  | 
 | ||||||
|  | ```` | ||||||
|  | # spawning shell into the docker container | ||||||
|  | docker exec -it chevereto bash | ||||||
|  | 
 | ||||||
|  | # fixing permissions to www-data | ||||||
|  | mkdir -p /var/www/html/images/_assets | ||||||
|  | chown -R www-data:www-data /var/www/html/images/* | ||||||
|  | chmod -R 777 /var/www/html/images/* | ||||||
|  | ```` | ||||||
|  | No container restart necessary. The web application should now work flawlessly. | ||||||
|  | 
 | ||||||
|  | Note: The permission issues only occur if bind mounts are used over Docker named volumes. | ||||||
							
								
								
									
										60
									
								
								examples/chevereto/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										60
									
								
								examples/chevereto/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,60 @@ | ||||||
|  | version: "3.7" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   chevereto: | ||||||
|  |     image: ghcr.io/chevereto/chevereto:4.0 | ||||||
|  |     container_name: chevereto | ||||||
|  |     init: true | ||||||
|  |     restart: unless-stopped | ||||||
|  |     volumes: | ||||||
|  |       - chevereto:/var/www/html/images | ||||||
|  |     ports: | ||||||
|  |       - 8999:80 | ||||||
|  |     expose: | ||||||
|  |       - 80 | ||||||
|  |     environment: | ||||||
|  |       CHEVERETO_DB_HOST: mariadb | ||||||
|  |       CHEVERETO_DB_USER: chevereto | ||||||
|  |       CHEVERETO_DB_PASS: chevereto | ||||||
|  |       CHEVERETO_DB_PORT: 3306 | ||||||
|  |       CHEVERETO_DB_NAME: chevereto | ||||||
|  |       CHEVERETO_ASSET_STORAGE_TYPE: local | ||||||
|  |       CHEVERETO_ASSET_STORAGE_URL: /images/_assets | ||||||
|  |       CHEVERETO_ASSET_STORAGE_BUCKET: /var/www/html/images/_assets | ||||||
|  |       # only enable the next env if chevereto is run behind a reverse proxy | ||||||
|  |       # adjust to the corresponding http header of your reverse proxy, where a user's real IP is propagated | ||||||
|  |       # see https://github.com/chevereto/chevereto/issues/44 | ||||||
|  |       #CHEVERETO_HEADER_CLIENT_IP: X-Forwarded-For  | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.http.routers.chevereto.rule=Host(`chevereto.example.com`) | ||||||
|  |     #  - traefik.http.services.chevereto.loadbalancer.server.port=80 | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  # Part for local lan services only | ||||||
|  |     #  - traefik.http.routers.chevereto.middlewares=authentik@docker | ||||||
|  | 
 | ||||||
|  |   mariadb: | ||||||
|  |     image: mariadb | ||||||
|  |     container_name: chevereto_mariadb | ||||||
|  |     restart: unless-stopped | ||||||
|  |     init: true | ||||||
|  |     environment: | ||||||
|  |       MYSQL_DATABASE: chevereto | ||||||
|  |       MYSQL_USER: chevereto | ||||||
|  |       MYSQL_PASSWORD: chevereto | ||||||
|  |       MARIADB_ROOT_PASSWORD: chevereto | ||||||
|  |     volumes: | ||||||
|  |       - chevereto_mariadb:/var/lib/mysql | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  | 
 | ||||||
|  | # volumes are recommended due to weird www-data permission in chevereto container | ||||||
|  | volumes: | ||||||
|  |   chevereto: {} | ||||||
|  |   chevereto_mariadb: {} | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
							
								
								
									
										3
									
								
								examples/cloudflare-ddns/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/cloudflare-ddns/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/favonia/cloudflare-ddns | ||||||
							
								
								
									
										19
									
								
								examples/cloudflare-ddns/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								examples/cloudflare-ddns/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,19 @@ | ||||||
|  | version: "3" | ||||||
|  | services: | ||||||
|  |   cloudflare-ddns: | ||||||
|  |     image: favonia/cloudflare-ddns:latest | ||||||
|  |     container_name: cloudflare-ddns | ||||||
|  |     #network_mode: host | ||||||
|  |     restart: always | ||||||
|  |     user: "1000:1000" | ||||||
|  |     cap_drop: | ||||||
|  |       - all | ||||||
|  |     read_only: true | ||||||
|  |     security_opt: | ||||||
|  |       - no-new-privileges:true | ||||||
|  |     environment: | ||||||
|  |       - CF_API_TOKEN=YOUR-CLOUDFLARE-API-TOKEN # pls adjust | ||||||
|  |       - DOMAINS=example.org,www.example.org,example.io # pls adjust; a list of fully qualified domain names separated by commas | ||||||
|  |       - PROXIED=false # if true, instructs Cloudflare to cache webpages on your machine and hide its actual IP addresses | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |       - IP6_PROVIDER=none # disbale IPv6 | ||||||
							
								
								
									
										3
									
								
								examples/code-server/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/code-server/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/linuxserver/docker-code-server | ||||||
							
								
								
									
										39
									
								
								examples/code-server/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										39
									
								
								examples/code-server/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,39 @@ | ||||||
|  | version: "2.1" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  | 
 | ||||||
|  |   code-server: | ||||||
|  |     image: lscr.io/linuxserver/code-server:latest | ||||||
|  |     container_name: code-server | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |       - PASSWORD=MyStrongLoginPassword | ||||||
|  |       - SUDO_PASSWORD=MyOptionalStrongSudoPassword #optional | ||||||
|  |       #- SUDO_PASSWORD_HASH= #optional | ||||||
|  |       - PROXY_DOMAIN=vscode.example.com #optional | ||||||
|  |       - DEFAULT_WORKSPACE=/config/workspace #optional | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/vscode/config:/config | ||||||
|  |     ports: | ||||||
|  |       - 8443:8443 | ||||||
|  |     restart: unless-stopped | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.codeserver.rule=Host(`code.example.com`) | ||||||
|  |     #  - traefik.http.services.codeserver.loadbalancer.server.port=8443 | ||||||
|  |     #  # Optional part for file upload max sizes | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000 | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000 | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000 | ||||||
|  |     #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.codeserver.middlewares=local-ipwhitelist@file,authelia@docker | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
							
								
								
									
										14
									
								
								examples/cs2-dedicated-server/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										14
									
								
								examples/cs2-dedicated-server/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,14 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/joedwards32/CS2 | ||||||
|  | - https://github.com/shobhit-pathak/cs2-rcon-panel | ||||||
|  | 
 | ||||||
|  | # Notes | ||||||
|  | 
 | ||||||
|  | Minimum system requirements are: | ||||||
|  | 
 | ||||||
|  | - 2 CPUs | ||||||
|  | - 2 GiB RAM | ||||||
|  | - 40 GB of disk space for the container or mounted as a persistent volume on /home/steam/cs2-dedicated/ | ||||||
|  | 
 | ||||||
|  | Default login for the rcon panel is `cspanel:v67ic55x4ghvjfj`. | ||||||
							
								
								
									
										53
									
								
								examples/cs2-dedicated-server/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										53
									
								
								examples/cs2-dedicated-server/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,53 @@ | ||||||
|  | version: '3.7' | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  | 
 | ||||||
|  |   cs2-server: | ||||||
|  |     image: joedwards32/cs2 | ||||||
|  |     container_name: cs2-dedicated-server | ||||||
|  |     restart: unless-stopped | ||||||
|  |     environment: | ||||||
|  |       # Server configuration | ||||||
|  |       - SRCDS_TOKEN=<YOUR-GAME-SERVER-TOKEN>        # Game Server Token from https://steamcommunity.com/dev/managegameservers | ||||||
|  |       - CS2_SERVERNAME=MY-CS2-SERVER                # (Set the visible name for your private server) | ||||||
|  |       - CS2_CHEATS=0                                # (0 - disable cheats, 1 - enable cheats) | ||||||
|  |       - CS2_PORT=27015                              # (CS2 server listen port tcp_udp) | ||||||
|  |       - CS2_SERVER_HIBERNATE=0                      # (Put server in a low CPU state when there are no players. 0 - hibernation disabled, 1 - hibernation enabled) | ||||||
|  |       - CS2_LAN=0                                   # (0 - LAN mode disabled, 1 - LAN Mode enabled) | ||||||
|  |       - CS2_RCONPW=cruelly-sequel-dejected          #  (RCON password) | ||||||
|  |       - CS2_PW=sake-earthly-lair                    # (CS2 server password) | ||||||
|  |       - CS2_MAXPLAYERS=10                           # (Max players) | ||||||
|  |       # Game modes | ||||||
|  |       - CS2_GAMEALIAS=competitive   # (Game type, e.g. casual, competitive, deathmatch. See https://developer.valvesoftware.com/wiki/Counter-Strike_2/Dedicated_Servers) | ||||||
|  |       - CS2_GAMETYPE=0              # (Used if CS2_GAMEALIAS not defined. See https://developer.valvesoftware.com/wiki/Counter-Strike_2/Dedicated_Servers) | ||||||
|  |       - CS2_GAMEMODE=1              # (Used if CS2_GAMEALIAS not defined. See https://developer.valvesoftware.com/wiki/Counter-Strike_2/Dedicated_Servers) | ||||||
|  |       - CS2_MAPGROUP=mg_active      # (Map pool) | ||||||
|  |       - CS2_STARTMAP=de_dust2       # (Start map) | ||||||
|  |       # Bots | ||||||
|  |       - CS2_BOT_DIFFICULTY=0              # (0 - easy, 1 - normal, 2 - hard, 3 - expert) | ||||||
|  |       - CS2_BOT_QUOTA=0                   # (Number of bots) | ||||||
|  |       - CS2_BOT_QUOTA_MODE=competitive    # (fill, competitive) | ||||||
|  |       # TV | ||||||
|  |       - TV_AUTORECORD=0             # Automatically records all games as CSTV demos: 0=off, 1=on. | ||||||
|  |       - TV_ENABLE=0                 # Activates CSTV on server: 0=off, 1=on. | ||||||
|  |       - TV_PORT=27020               # Host SourceTV port | ||||||
|  |       - TV_PW=changeme              # CSTV password for clients | ||||||
|  |       - TV_RELAY_PW=changeme        # CSTV password for relay proxies | ||||||
|  |       - TV_MAXRATE=0                # World snapshots to broadcast per second. Affects camera tickrate. | ||||||
|  |       - TV_DELAY=0                  # Max CSTV spectator bandwidth rate allowed, 0 == unlimited | ||||||
|  |     volumes: | ||||||
|  |       - cs2:/home/steam/cs2-dedicated/ | ||||||
|  |     ports: | ||||||
|  |       - 27015:27015/tcp         # TCP | ||||||
|  |       - 27015:27015/udp         # UDP | ||||||
|  |       #- 27020:27020/udp        # UDP | ||||||
|  | 
 | ||||||
|  |   cs2-rconpanel: | ||||||
|  |     image: soren90/rcon-panel | ||||||
|  |     container_name: cs2-rcon-panel | ||||||
|  |     ports: | ||||||
|  |       - 3000:3000 | ||||||
|  |     restart: unless-stopped | ||||||
|  | 
 | ||||||
|  | volumes: | ||||||
|  |   cs2: | ||||||
							
								
								
									
										10
									
								
								examples/dashy/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										10
									
								
								examples/dashy/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,10 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/Lissy93/dashy | ||||||
|  | 
 | ||||||
|  | # Notes | ||||||
|  | 
 | ||||||
|  | > [!CAUTION] | ||||||
|  | > Dashy's authentication happens on the client side only, which can be easily bypassed by an attacker. It is not recommended to expose Dashy, as it is not considered secure. | ||||||
|  | > | ||||||
|  | > More information [here](https://subract.dev/posts/dashy/) | ||||||
							
								
								
									
										23
									
								
								examples/dashy/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										23
									
								
								examples/dashy/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,23 @@ | ||||||
|  | --- | ||||||
|  | version: "3.8" | ||||||
|  | services: | ||||||
|  |   dashy: | ||||||
|  |     container_name: dashy | ||||||
|  |     hostname: dashy | ||||||
|  |     image: lissy93/dashy | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/dashy/config/config.yml:/app/public/conf.yml | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/dashy/icons:/app/public/item-icons | ||||||
|  |     environment: | ||||||
|  |       - NODE_ENV=production | ||||||
|  |       - UID=1000 | ||||||
|  |       - GID=1000 | ||||||
|  |     restart: unless-stopped | ||||||
|  |     ports: | ||||||
|  |       - 4000:80     | ||||||
|  |     healthcheck: | ||||||
|  |       test: ['CMD', 'node', '/app/services/healthcheck'] | ||||||
|  |       interval: 1m30s | ||||||
|  |       timeout: 10s | ||||||
|  |       retries: 3 | ||||||
|  |       start_period: 40s | ||||||
							
								
								
									
										3
									
								
								examples/deemix/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/deemix/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://gitlab.com/Bockiii/deemix-docker | ||||||
							
								
								
									
										31
									
								
								examples/deemix/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										31
									
								
								examples/deemix/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,31 @@ | ||||||
|  | version: "3" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   deemix: | ||||||
|  |     container_name: deemix | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |     hostname: deemix | ||||||
|  |     image: registry.gitlab.com/bockiii/deemix-docker:latest | ||||||
|  |     restart: unless-stopped | ||||||
|  |     ports: | ||||||
|  |       - 6595:6595 | ||||||
|  |     expose: | ||||||
|  |       - 6595 | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/deemix/config:/config | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/deemix/downloads:/downloads | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.deemix.rule=Host(`deemix.example.com`) | ||||||
|  |     #  - traefik.http.services.deemix.loadbalancer.server.port=6595 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.deemix.middlewares=local-ipwhitelist@file,authelia@docker | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
							
								
								
									
										7
									
								
								examples/docmost/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										7
									
								
								examples/docmost/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,7 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/docmost/docmost | ||||||
|  | 
 | ||||||
|  | # Notes | ||||||
|  | 
 | ||||||
|  | Ensure to adjust the `APP_URL` environment variable to your domain name with correct protocol (http or https) if you use a reverse proxy. | ||||||
							
								
								
									
										72
									
								
								examples/docmost/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										72
									
								
								examples/docmost/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,72 @@ | ||||||
|  | version: '3' | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  | 
 | ||||||
|  |   docmost: | ||||||
|  |     image: docmost/docmost:0.2.10 | ||||||
|  |     container_name: docmost | ||||||
|  |     depends_on: | ||||||
|  |       - db | ||||||
|  |       - redis | ||||||
|  |     environment: | ||||||
|  |       - APP_URL=http://127.0.0.1:3000 | ||||||
|  |       - APP_SECRET=A_VERY_SECURE_STRING | ||||||
|  |       - DATABASE_URL=postgresql://docmost:STRONG_DB_PASSWORD@db:5432/docmost?schema=public | ||||||
|  |       - REDIS_URL=redis://redis:6379 | ||||||
|  |       # --------- S3 Storage Configuration -------- | ||||||
|  |       #- STORAGE_DRIVER=s3 # 'local' is the default; if you use s3 then fill out below env variables | ||||||
|  |       #- AWS_S3_ACCESS_KEY_ID=xxx # Your AWS S3 access key ID | ||||||
|  |       #- AWS_S3_SECRET_ACCESS_KEY=xxx # Your AWS S3 secret access key | ||||||
|  |       #- AWS_S3_REGION=xxx # The region where your S3 bucket is located | ||||||
|  |       #- AWS_S3_BUCKET=xxx # The name of your S3 bucket | ||||||
|  |       #- AWS_S3_ENDPOINT=xxx # The endpoint URL for your S3 service (optional) | ||||||
|  |       # --------- Mail Configuration -------- | ||||||
|  |       #- MAIL_DRIVER=smtp | ||||||
|  |       #- SMTP_HOST=smtp.gmail.com | ||||||
|  |       #- SMTP_PORT=587 | ||||||
|  |       #- SMTP_USERNAME=smtpuser | ||||||
|  |       #- SMTP_PASSWORD=smtppassword | ||||||
|  |       #- MAIL_FROM_ADDRESS=hello@example.com | ||||||
|  |       #- MAIL_FROM_NAME=Docmost | ||||||
|  |     ports: | ||||||
|  |       - 3000:3000 | ||||||
|  |     expose: | ||||||
|  |       - 3000 | ||||||
|  |     restart: unless-stopped | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/docmost/storage:/app/data/storage | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.docmost.rule=Host(`wiki.example.com`) | ||||||
|  |     #  - traefik.http.services.docmost.loadbalancer.server.port=3000 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.docmost.middlewares=local-ipwhitelist@file | ||||||
|  | 
 | ||||||
|  |   db: | ||||||
|  |     image: postgres:16-alpine | ||||||
|  |     container_name: docmost-db | ||||||
|  |     environment: | ||||||
|  |       - POSTGRES_DB=docmost | ||||||
|  |       - POSTGRES_USER=docmost | ||||||
|  |       - POSTGRES_PASSWORD=STRONG_DB_PASSWORD | ||||||
|  |     restart: unless-stopped | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/docmost/database:/var/lib/postgresql/data | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  | 
 | ||||||
|  |   redis: | ||||||
|  |     image: redis:7.2-alpine | ||||||
|  |     container_name: docmost-redis | ||||||
|  |     restart: unless-stopped | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/docmost/redis:/data | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
							
								
								
									
										3
									
								
								examples/docuseal/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/docuseal/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/docusealco/docuseal | ||||||
							
								
								
									
										52
									
								
								examples/docuseal/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										52
									
								
								examples/docuseal/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,52 @@ | ||||||
|  | version: '3' | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  | 
 | ||||||
|  |   app: | ||||||
|  |     image: docuseal/docuseal:latest | ||||||
|  |     container_name: docuseal | ||||||
|  |     restart: unless-stopped | ||||||
|  |     environment: | ||||||
|  |       - DATABASE_URL=postgresql://postgres:postgres@postgres:5432/docuseal | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/docuseal/data:/data | ||||||
|  |     depends_on: | ||||||
|  |       postgres: | ||||||
|  |         condition: service_healthy | ||||||
|  |     ports: | ||||||
|  |       - 3000:3000 | ||||||
|  |     expose: | ||||||
|  |       - 3000 | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.docuseal.rule=Host(`docuseal.example.com`) | ||||||
|  |     #  - traefik.http.services.docuseal.loadbalancer.server.port=3000 | ||||||
|  |     #  # Optional part for traefik middlewares | ||||||
|  |     #  - traefik.http.routers.docuseal.middlewares=local-ipwhitelist@file,authelia@docker | ||||||
|  | 
 | ||||||
|  |   postgres: | ||||||
|  |     image: postgres:15-alpine | ||||||
|  |     container_name: docuseal-db | ||||||
|  |     restart: unless-stopped | ||||||
|  |     environment: | ||||||
|  |       - POSTGRES_USER=postgres | ||||||
|  |       - POSTGRES_PASSWORD=postgres | ||||||
|  |       - POSTGRES_DB=docuseal | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/docuseal/pg_data:/var/lib/postgresql/data | ||||||
|  |     healthcheck: | ||||||
|  |       test: ["CMD-SHELL", "pg_isready -U postgres"] | ||||||
|  |       interval: 5s | ||||||
|  |       timeout: 5s | ||||||
|  |       retries: 5 | ||||||
|  |     expose: | ||||||
|  |       - 5432 | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
							
								
								
									
										3
									
								
								examples/domainmod/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/domainmod/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/domainmod/domainmod | ||||||
							
								
								
									
										40
									
								
								examples/domainmod/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										40
									
								
								examples/domainmod/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,40 @@ | ||||||
|  | --- | ||||||
|  | version: '3.7' | ||||||
|  | services: | ||||||
|  |   app: | ||||||
|  |     image: domainmod/domainmod:latest | ||||||
|  |     container_name: domainmod_app | ||||||
|  |     hostname: domainmod_app | ||||||
|  |     depends_on: | ||||||
|  |       - db | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |       - DOMAINMOD_WEB_ROOT= | ||||||
|  |       - DOMAINMOD_DATABASE_HOST=db | ||||||
|  |       - DOMAINMOD_DATABASE=domainmod | ||||||
|  |       - DOMAINMOD_USER=domainmod | ||||||
|  |       - DOMAINMOD_PASSWORD=password1 | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/domainmod/app:/var/www/html | ||||||
|  |     ports: | ||||||
|  |       - 8080:80 | ||||||
|  |     restart: unless-stopped | ||||||
|  | 
 | ||||||
|  |   db: | ||||||
|  |     image: ghcr.io/linuxserver/mariadb:alpine | ||||||
|  |     container_name: domainmod_db | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |       - MYSQL_DATABASE=domainmod | ||||||
|  |       - MYSQL_USER=domainmod | ||||||
|  |       - MYSQL_PASSWORD=password1 | ||||||
|  |       - MYSQL_ROOT_PASSWORD=password2 | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/domainmod/database:/config | ||||||
|  |     expose: | ||||||
|  |       - 3306 | ||||||
|  |     restart: unless-stopped | ||||||
							
								
								
									
										3
									
								
								examples/drone/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/drone/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/harness/drone | ||||||
							
								
								
									
										55
									
								
								examples/drone/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										55
									
								
								examples/drone/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,55 @@ | ||||||
|  | version: "3.7" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   drone-server: | ||||||
|  |     image: drone/drone:latest | ||||||
|  |     container_name: drone-server | ||||||
|  |     restart: unless-stopped | ||||||
|  |     dns: | ||||||
|  |       - 192.168.178.100 # specify your internal dns server for proper dns lookups; especially if you are using https and hostnames | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/drone/data:/var/lib/drone | ||||||
|  |       #- /var/run/docker.sock:/var/run/docker.sock:ro | ||||||
|  |     environment: | ||||||
|  |       - DRONE_DEBUG=true | ||||||
|  |       #- DRONE_ADMIN=droneadm | ||||||
|  |       #- DRONE_USER_CREATE=username:droneadm,admin:true | ||||||
|  |       - DRONE_SERVER_PORT=:80 | ||||||
|  |       - DRONE_DATABASE_DRIVER=sqlite3 | ||||||
|  |       - DRONE_GIT_ALWAYS_AUTH=false | ||||||
|  |       - DRONE_GITEA_SERVER=https://git.domain.tld # change this to your gitea instance | ||||||
|  |       - DRONE_RPC_SECRET=8aff725d2e16ef31fbc42 | ||||||
|  |       - DRONE_SERVER_HOST=drone.domain.tld # change this to your drone instance | ||||||
|  |       - DRONE_HOST=https://drone.domain.tld # change this to your drone instance; adjust http/https | ||||||
|  |       - DRONE_SERVER_PROTO=https # adjust http/https | ||||||
|  |       - DRONE_TLS_AUTOCERT=false | ||||||
|  |       - DRONE_AGENTS_ENABLED=true | ||||||
|  |       - DRONE_GITEA_CLIENT_ID=XXX-XXX # change this to your client ID from Gitea; see https://docs.drone.io/server/provider/gitea/ | ||||||
|  |       - DRONE_GITEA_CLIENT_SECRET=XXX-XXX # change this to your client secret from Gitea; see https://docs.drone.io/server/provider/gitea/ | ||||||
|  |     networks: | ||||||
|  |       - proxy | ||||||
|  |     labels: | ||||||
|  |       - traefik.enable=true | ||||||
|  |       - traefik.http.routers.drone-server.rule=Host(`drone.domain.tld`) | ||||||
|  |       - traefik.http.services.drone-server.loadbalancer.server.port=80 | ||||||
|  |       - traefik.docker.network=proxy | ||||||
|  |       # Part for local lan services only; disable to expose externally | ||||||
|  |       - traefik.http.routers.drone-server.middlewares=local-ipwhitelist@file | ||||||
|  | 
 | ||||||
|  |   drone-agent: | ||||||
|  |     image: drone/agent:1.2.1 | ||||||
|  |     command: agent | ||||||
|  |     restart: unless-stopped | ||||||
|  |     container_name: drone-agent | ||||||
|  |     volumes: | ||||||
|  |       - /var/run/docker.sock:/var/run/docker.sock # optional; necessary if you run docker runners and need access to docker socket | ||||||
|  |     environment: | ||||||
|  |       - DRONE_RPC_SERVER=http://drone-server:80 | ||||||
|  |       - DRONE_RPC_SECRET=8aff725d2e16ef31fbc42 | ||||||
|  |       - DRONE_RUNNER_CAPACITY=2 | ||||||
|  |     networks: | ||||||
|  |       - proxy | ||||||
|  | 
 | ||||||
|  | networks: | ||||||
|  |   proxy: | ||||||
|  |     external: true | ||||||
							
								
								
									
										3
									
								
								examples/droppy/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/droppy/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/silverwind/droppy (deprecated) | ||||||
							
								
								
									
										16
									
								
								examples/droppy/docker-compose-deprecated.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										16
									
								
								examples/droppy/docker-compose-deprecated.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,16 @@ | ||||||
|  | version: '2' | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   droppy: | ||||||
|  |     container_name: droppy | ||||||
|  |     image: silverwind/droppy | ||||||
|  |     ports: | ||||||
|  |       - 8989:8989 | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/droppy/config:/config | ||||||
|  |       - /path/to/my/data/for/sharing:/files # path to shared files | ||||||
|  |     environment: | ||||||
|  |       - UID=1000 | ||||||
|  |       - GID=1000 | ||||||
|  |       - TZ="Europe/Berlin" | ||||||
|  |     restart: unless-stopped | ||||||
							
								
								
									
										4
									
								
								examples/duplicacy/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								examples/duplicacy/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,4 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://hub.docker.com/r/saspus/duplicacy-web | ||||||
|  | - https://spin.atomicobject.com/2021/02/06/duplicacy-docker-image/ | ||||||
							
								
								
									
										21
									
								
								examples/duplicacy/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										21
									
								
								examples/duplicacy/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,21 @@ | ||||||
|  | --- | ||||||
|  | version: '3.7' | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   duplicacy-web: | ||||||
|  |     container_name: duplicacy-web | ||||||
|  |     hostname: myhost # pls adjust | ||||||
|  |     image: saspus/duplicacy-web:mini | ||||||
|  |     environment: | ||||||
|  |       - USR_ID=1000 # user account id on the system | ||||||
|  |       - GRP_ID=1000 # group id on the system | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |       - DUPLICACY_WEB_VERSION=latest | ||||||
|  |     ports: | ||||||
|  |       - "3875:3875/tcp" | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/duplicacy-web/config:/config | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/duplicacy-web/logs:/logs | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/duplicacy-web/cache:/cache | ||||||
|  |       - /path/to/my/data/dir1:/data/dir1:ro # 1st path to your data for backup | ||||||
|  |       - /path/to/my/data/dir2:/data/dir2:ro # 2nd path to your data for backup | ||||||
							
								
								
									
										3
									
								
								examples/duplicati/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/duplicati/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/duplicati/duplicati | ||||||
							
								
								
									
										28
									
								
								examples/duplicati/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										28
									
								
								examples/duplicati/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,28 @@ | ||||||
|  | version: "3" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   duplicati: | ||||||
|  |     container_name: duplicati | ||||||
|  |     entrypoint: | ||||||
|  |       - /init | ||||||
|  |     ports: | ||||||
|  |       - 8200:8200 # MGMT UI | ||||||
|  |     environment: | ||||||
|  |       - PUID=0 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |     hostname: duplicati | ||||||
|  |     image: linuxserver/duplicati:latest | ||||||
|  |     #labels: | ||||||
|  |     #  - com.centurylinklabs.watchtower.enable=false | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.http.routers.duplicati.rule=Host(`duplicati.example.com`) | ||||||
|  |     #  - traefik.http.services.duplicati.loadbalancer.server.port=8200 | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  # Part for local lan services only | ||||||
|  |     #  - traefik.http.routers.duplicati.middlewares=local-ipwhitelist@file | ||||||
|  |     restart: unless-stopped | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/duplicati/backups:/backups | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/duplicati/config:/config | ||||||
|  |       - /path/to/my/data/to/backup:/source # change this | ||||||
							
								
								
									
										18
									
								
								examples/evershop/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										18
									
								
								examples/evershop/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,18 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/evershopcommerce/evershop | ||||||
|  | - https://evershop.io/docs/development/getting-started/installation-guide | ||||||
|  | 
 | ||||||
|  | # Notes | ||||||
|  | 
 | ||||||
|  | After spawning up the docker containers, the webshop will be available on http://127.0.0.1:3000. | ||||||
|  | 
 | ||||||
|  | You can access the admin dashboard at /admin. You must create a new admin user by Docker exec as follows: | ||||||
|  | 
 | ||||||
|  | ```` | ||||||
|  | # exec into the evershop container | ||||||
|  | docker exec -it evershop sh | ||||||
|  | 
 | ||||||
|  | # creating a new admin user | ||||||
|  | npm run user:create -- --email "myemail@example.com" --password "MySuperSecurePassword" --name "MyName" | ||||||
|  | ```` | ||||||
							
								
								
									
										48
									
								
								examples/evershop/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										48
									
								
								examples/evershop/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,48 @@ | ||||||
|  | version: '3.8' | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  | 
 | ||||||
|  |   app: | ||||||
|  |     image: evershop/evershop:latest | ||||||
|  |     container_name: evershop | ||||||
|  |     restart: always | ||||||
|  |     environment: | ||||||
|  |       DB_HOST: database | ||||||
|  |       DB_PORT: 5432 | ||||||
|  |       DB_PASSWORD: postgres | ||||||
|  |       DB_USER: postgres | ||||||
|  |       DB_NAME: postgres | ||||||
|  |     depends_on: | ||||||
|  |       - database | ||||||
|  |     ports: | ||||||
|  |       - 3000:3000 | ||||||
|  |     expose: | ||||||
|  |       - 3000 | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  - traefik.http.routers.evershop.rule=Host(`shop.example.com`) | ||||||
|  |     #  - traefik.http.services.evershop.loadbalancer.server.port=3000 | ||||||
|  |     #  # Part for optional traefik middlewares | ||||||
|  |     #  - traefik.http.routers.evershop.middlewares=local-ipwhitelist@file,authelia@docker  | ||||||
|  | 
 | ||||||
|  |   database: | ||||||
|  |     image: postgres:16 | ||||||
|  |     container_name: evershop-db | ||||||
|  |     restart: unless-stopped | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/evershop/psqldata:/var/lib/postgresql/data | ||||||
|  |     environment: | ||||||
|  |       POSTGRES_PASSWORD: postgres | ||||||
|  |       POSTGRES_USER: postgres | ||||||
|  |       POSTGRES_DB: postgres | ||||||
|  |     expose: | ||||||
|  |       - 5432 | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
							
								
								
									
										10
									
								
								examples/excalidraw/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										10
									
								
								examples/excalidraw/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,10 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/excalidraw/excalidraw | ||||||
|  | 
 | ||||||
|  | # Notes | ||||||
|  | 
 | ||||||
|  | Collaboration is not yet supported natively. You would have to also host an Excalidraw collaboration room: | ||||||
|  | 
 | ||||||
|  | - https://github.com/excalidraw/excalidraw-room | ||||||
|  | - https://github.com/excalidraw/excalidraw/issues/4993#issuecomment-1783669768 | ||||||
							
								
								
									
										32
									
								
								examples/excalidraw/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										32
									
								
								examples/excalidraw/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,32 @@ | ||||||
|  | version: "3.8" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   excalidraw: | ||||||
|  |     container_name: excalidraw | ||||||
|  |     image: excalidraw/excalidraw:latest | ||||||
|  |     ports: | ||||||
|  |       - "3000:80" | ||||||
|  |     restart: unless-stopped | ||||||
|  |     stdin_open: true | ||||||
|  |     healthcheck: | ||||||
|  |       disable: true | ||||||
|  |     environment: | ||||||
|  |       - NODE_ENV=production | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #volumes: | ||||||
|  |     #  - ./:/opt/node_app/app:delegated | ||||||
|  |     #  - ./package.json:/opt/node_app/package.json | ||||||
|  |     #  - ./yarn.lock:/opt/node_app/yarn.lock | ||||||
|  |     #  - notused:/opt/node_app/app/node_modules | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.http.routers.excalidraw.rule=Host(`draw.example.com`) | ||||||
|  |     #  - traefik.http.services.excalidraw.loadbalancer.server.port=80 | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  # Part for local lan services only; disable to expose externally | ||||||
|  |     #  - traefik.http.routers.excalidraw.middlewares=local-ipwhitelist@file | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #   external: true | ||||||
							
								
								
									
										6
									
								
								examples/fail2ban/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										6
									
								
								examples/fail2ban/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,6 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/crazy-max/docker-fail2ban | ||||||
|  | - https://blog.lrvt.de/configuring-fail2ban-with-traefik/ | ||||||
|  | - https://blog.lrvt.de/fail2ban-with-nginx-proxy-manager/ | ||||||
|  | - https://github.com/l4rm4nd/F2BFilters | ||||||
							
								
								
									
										18
									
								
								examples/fail2ban/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										18
									
								
								examples/fail2ban/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,18 @@ | ||||||
|  | version: "3" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   fail2ban: | ||||||
|  |     container_name: fail2ban | ||||||
|  |     cap_add: | ||||||
|  |       - NET_ADMIN | ||||||
|  |       - NET_RAW | ||||||
|  |     environment: | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |       - F2B_DB_PURGE_AGE=14d | ||||||
|  |     image: crazymax/fail2ban:latest | ||||||
|  |     network_mode: host | ||||||
|  |     restart: unless-stopped | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/fail2Ban/data:/data | ||||||
|  |       - /path/to/my/logs/to/monitor:/var/log | ||||||
|  |       #- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/traefik/logs:/var/log/traefik | ||||||
							
								
								
									
										8
									
								
								examples/filebrowser/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										8
									
								
								examples/filebrowser/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,8 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/hurlenko/filebrowser-docker | ||||||
|  | - https://github.com/filebrowser/filebrowser | ||||||
|  | 
 | ||||||
|  | # Notes | ||||||
|  | 
 | ||||||
|  | Default login is `admin:admin` as mentioned [here](https://filebrowser.org/installation#:~:text=You%20just%20need%20to%20go,Password%3A%20admin). | ||||||
							
								
								
									
										15
									
								
								examples/filebrowser/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										15
									
								
								examples/filebrowser/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,15 @@ | ||||||
|  | version: "3" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   filebrowser: | ||||||
|  |     image: hurlenko/filebrowser | ||||||
|  |     container_name: filebrowser | ||||||
|  |     user: 1000:1000 # adjust to your needs | ||||||
|  |     ports: | ||||||
|  |       - 8080:8080 | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/filebrowser/data:/data | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/filebrowser/config:/config | ||||||
|  |     environment: | ||||||
|  |       - FB_BASEURL=/filebrowser | ||||||
|  |     restart: unless-stopped | ||||||
							
								
								
									
										3
									
								
								examples/filerun/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/filerun/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/filerun/docker | ||||||
							
								
								
									
										32
									
								
								examples/filerun/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										32
									
								
								examples/filerun/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,32 @@ | ||||||
|  | version: '2' | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   db: | ||||||
|  |     image: mariadb:10.1 | ||||||
|  |     container_name: filerun-db | ||||||
|  |     environment: | ||||||
|  |       - MYSQL_ROOT_PASSWORD=your_mysql_root_password | ||||||
|  |       - MYSQL_USER=your_filerun_username | ||||||
|  |       - MYSQL_PASSWORD=your_filerun_password | ||||||
|  |       - MYSQL_DATABASE=your_filerun_database | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/filerun/db:/var/lib/mysql | ||||||
|  | 
 | ||||||
|  |   filerun: | ||||||
|  |     image: filerun/filerun | ||||||
|  |     container_name: filerun | ||||||
|  |     environment: | ||||||
|  |       - FR_DB_HOST=db | ||||||
|  |       - FR_DB_PORT=3306 | ||||||
|  |       - FR_DB_USER=your_filerun_username | ||||||
|  |       - FR_DB_PASS=your_filerun_password | ||||||
|  |       - FR_DB_NAME=your_filerun_database | ||||||
|  |     depends_on: | ||||||
|  |       - db | ||||||
|  |     links: | ||||||
|  |       - db:db | ||||||
|  |     ports: | ||||||
|  |       - 8080:80 | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/filerun/html:/var/www/html | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/filerun/files:/user-files | ||||||
							
								
								
									
										316
									
								
								examples/firefly/.env
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										316
									
								
								examples/firefly/.env
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,316 @@ | ||||||
|  | # You can leave this on "local". If you change it to production most console commands will ask for extra confirmation. | ||||||
|  | # Never set it to "testing". | ||||||
|  | APP_ENV=local | ||||||
|  | 
 | ||||||
|  | # Set to true if you want to see debug information in error screens. | ||||||
|  | APP_DEBUG=false | ||||||
|  | 
 | ||||||
|  | # This should be your email address. | ||||||
|  | # If you use Docker or similar, you can set this variable from a file by using SITE_OWNER_FILE | ||||||
|  | # The variable is used in some errors shown to users who aren't admin. | ||||||
|  | SITE_OWNER=mail@example.com | ||||||
|  | 
 | ||||||
|  | # The encryption key for your sessions. Keep this very secure. | ||||||
|  | # Change it to a string of exactly 32 chars or use something like `php artisan key:generate` to generate it. | ||||||
|  | # If you use Docker or similar, you can set this variable from a file by using APP_KEY_FILE | ||||||
|  | # | ||||||
|  | # Avoid the "#" character in your APP_KEY, it may break things. | ||||||
|  | # | ||||||
|  | APP_KEY=SomeRandomStringOf32CharsExactly | ||||||
|  | 
 | ||||||
|  | # Firefly III will launch using this language (for new users and unauthenticated visitors) | ||||||
|  | # For a list of available languages: https://github.com/firefly-iii/firefly-iii/tree/main/resources/lang | ||||||
|  | # | ||||||
|  | # If text is still in English, remember that not everything may have been translated. | ||||||
|  | DEFAULT_LANGUAGE=en_US | ||||||
|  | 
 | ||||||
|  | # The locale defines how numbers are formatted. | ||||||
|  | # by default this value is the same as whatever the language is. | ||||||
|  | DEFAULT_LOCALE=equal | ||||||
|  | 
 | ||||||
|  | # Change this value to your preferred time zone. | ||||||
|  | # Example: Europe/Amsterdam | ||||||
|  | # For a list of supported time zones, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones | ||||||
|  | TZ=Europe/Berlin | ||||||
|  | 
 | ||||||
|  | # TRUSTED_PROXIES is a useful variable when using Docker and/or a reverse proxy. | ||||||
|  | # Set it to ** and reverse proxies work just fine. | ||||||
|  | TRUSTED_PROXIES=* | ||||||
|  | 
 | ||||||
|  | # The log channel defines where your log entries go to. | ||||||
|  | # Several other options exist. You can use 'single' for one big fat error log (not recommended). | ||||||
|  | # Also available are 'syslog', 'errorlog' and 'stdout' which will log to the system itself. | ||||||
|  | # A rotating log option is 'daily', creates 5 files that (surprise) rotate. | ||||||
|  | # A cool option is 'papertrail' for cloud logging | ||||||
|  | # Default setting 'stack' will log to 'daily' and to 'stdout' at the same time. | ||||||
|  | LOG_CHANNEL=stack | ||||||
|  | 
 | ||||||
|  | # | ||||||
|  | # Used when logging to papertrail: | ||||||
|  | # | ||||||
|  | PAPERTRAIL_HOST= | ||||||
|  | PAPERTRAIL_PORT= | ||||||
|  | 
 | ||||||
|  | # Log level. You can set this from least severe to most severe: | ||||||
|  | # debug, info, notice, warning, error, critical, alert, emergency | ||||||
|  | # If you set it to debug your logs will grow large, and fast. If you set it to emergency probably | ||||||
|  | # nothing will get logged, ever. | ||||||
|  | APP_LOG_LEVEL=notice | ||||||
|  | 
 | ||||||
|  | # Audit log level. | ||||||
|  | # Set this to "emergency" if you dont want to store audit logs, leave on info otherwise. | ||||||
|  | AUDIT_LOG_LEVEL=info | ||||||
|  | 
 | ||||||
|  | # Database credentials. Make sure the database exists. I recommend a dedicated user for Firefly III | ||||||
|  | # For other database types, please see the FAQ: https://docs.firefly-iii.org/support/faq | ||||||
|  | # If you use Docker or similar, you can set these variables from a file by appending them with _FILE | ||||||
|  | # Use "pgsql" for PostgreSQL | ||||||
|  | # Use "mysql" for MySQL and MariaDB. | ||||||
|  | # Use "sqlite" for SQLite. | ||||||
|  | DB_CONNECTION=mysql | ||||||
|  | DB_HOST=db | ||||||
|  | DB_PORT=3306 | ||||||
|  | DB_DATABASE=firefly | ||||||
|  | DB_USERNAME=firefly | ||||||
|  | DB_PASSWORD=MySecretDatabasePassword | ||||||
|  | # leave empty or omit when not using a socket connection | ||||||
|  | DB_SOCKET= | ||||||
|  | 
 | ||||||
|  | # MySQL supports SSL. You can configure it here. | ||||||
|  | # If you use Docker or similar, you can set these variables from a file by appending them with _FILE | ||||||
|  | MYSQL_USE_SSL=false | ||||||
|  | MYSQL_SSL_VERIFY_SERVER_CERT=true | ||||||
|  | # You need to set at least of these options | ||||||
|  | MYSQL_SSL_CAPATH=/etc/ssl/certs/ | ||||||
|  | MYSQL_SSL_CA= | ||||||
|  | MYSQL_SSL_CERT= | ||||||
|  | MYSQL_SSL_KEY= | ||||||
|  | MYSQL_SSL_CIPHER= | ||||||
|  | 
 | ||||||
|  | # PostgreSQL supports SSL. You can configure it here. | ||||||
|  | # If you use Docker or similar, you can set these variables from a file by appending them with _FILE | ||||||
|  | PGSQL_SSL_MODE=prefer | ||||||
|  | PGSQL_SSL_ROOT_CERT=null | ||||||
|  | PGSQL_SSL_CERT=null | ||||||
|  | PGSQL_SSL_KEY=null | ||||||
|  | PGSQL_SSL_CRL_FILE=null | ||||||
|  | 
 | ||||||
|  | # more PostgreSQL settings | ||||||
|  | PGSQL_SCHEMA=public | ||||||
|  | 
 | ||||||
|  | # If you're looking for performance improvements, you could install memcached or redis | ||||||
|  | CACHE_DRIVER=file | ||||||
|  | SESSION_DRIVER=file | ||||||
|  | 
 | ||||||
|  | # If you set either of the options above to 'redis', you might want to update these settings too | ||||||
|  | # If you use Docker or similar, you can set REDIS_HOST_FILE, REDIS_PASSWORD_FILE or | ||||||
|  | # REDIS_PORT_FILE to set the value from a file instead of from an environment variable | ||||||
|  | 
 | ||||||
|  | # can be tcp, unix or http | ||||||
|  | REDIS_SCHEME=tcp | ||||||
|  | 
 | ||||||
|  | # use only when using 'unix' for REDIS_SCHEME. Leave empty otherwise. | ||||||
|  | REDIS_PATH= | ||||||
|  | 
 | ||||||
|  | # use only when using 'tcp' or 'http' for REDIS_SCHEME. Leave empty otherwise. | ||||||
|  | REDIS_HOST=127.0.0.1 | ||||||
|  | REDIS_PORT=6379 | ||||||
|  | 
 | ||||||
|  | # Use only with Redis 6+ with proper ACL set. Leave empty otherwise. | ||||||
|  | REDIS_USERNAME= | ||||||
|  | REDIS_PASSWORD= | ||||||
|  | 
 | ||||||
|  | # always use quotes and make sure redis db "0" and "1" exists. Otherwise change accordingly. | ||||||
|  | REDIS_DB="0" | ||||||
|  | REDIS_CACHE_DB="1" | ||||||
|  | 
 | ||||||
|  | # Cookie settings. Should not be necessary to change these. | ||||||
|  | # If you use Docker or similar, you can set COOKIE_DOMAIN_FILE to set | ||||||
|  | # the value from a file instead of from an environment variable | ||||||
|  | # Setting samesite to "strict" may give you trouble logging in. | ||||||
|  | COOKIE_PATH="/" | ||||||
|  | COOKIE_DOMAIN= | ||||||
|  | COOKIE_SECURE=false | ||||||
|  | COOKIE_SAMESITE=lax | ||||||
|  | 
 | ||||||
|  | # If you want Firefly III to email you, update these settings | ||||||
|  | # For instructions, see: https://docs.firefly-iii.org/advanced-installation/email | ||||||
|  | # If you use Docker or similar, you can set these variables from a file by appending them with _FILE | ||||||
|  | MAIL_MAILER=log | ||||||
|  | MAIL_HOST=null | ||||||
|  | MAIL_PORT=2525 | ||||||
|  | MAIL_FROM=changeme@example.com | ||||||
|  | MAIL_USERNAME=null | ||||||
|  | MAIL_PASSWORD=null | ||||||
|  | MAIL_ENCRYPTION=null | ||||||
|  | 
 | ||||||
|  | # Other mail drivers: | ||||||
|  | # If you use Docker or similar, you can set these variables from a file by appending them with _FILE | ||||||
|  | MAILGUN_DOMAIN= | ||||||
|  | MAILGUN_SECRET= | ||||||
|  | 
 | ||||||
|  | # If you are on EU region in mailgun, use api.eu.mailgun.net, otherwise use api.mailgun.net | ||||||
|  | # If you use Docker or similar, you can set this variable from a file by appending it with _FILE | ||||||
|  | MAILGUN_ENDPOINT=api.mailgun.net | ||||||
|  | 
 | ||||||
|  | # If you use Docker or similar, you can set these variables from a file by appending them with _FILE | ||||||
|  | MANDRILL_SECRET= | ||||||
|  | SPARKPOST_SECRET= | ||||||
|  | 
 | ||||||
|  | # Firefly III can send you the following messages. | ||||||
|  | SEND_ERROR_MESSAGE=true | ||||||
|  | 
 | ||||||
|  | # These messages contain (sensitive) transaction information: | ||||||
|  | SEND_REPORT_JOURNALS=true | ||||||
|  | 
 | ||||||
|  | # Set this value to true if you want to set the location | ||||||
|  | # of certain things, like transactions. Since this involves an external service, it's optional | ||||||
|  | # and disabled by default. | ||||||
|  | ENABLE_EXTERNAL_MAP=false | ||||||
|  | 
 | ||||||
|  | # Set this value to true if you want Firefly III to download currency exchange rates | ||||||
|  | # from the internet. These rates are hosted by the creator of Firefly III inside | ||||||
|  | # an Azure Storage Container. | ||||||
|  | # Not all currencies may be available. Rates may be wrong. | ||||||
|  | ENABLE_EXTERNAL_RATES=false | ||||||
|  | 
 | ||||||
|  | # The map will default to this location: | ||||||
|  | MAP_DEFAULT_LAT=51.983333 | ||||||
|  | MAP_DEFAULT_LONG=5.916667 | ||||||
|  | MAP_DEFAULT_ZOOM=6 | ||||||
|  | 
 | ||||||
|  | # | ||||||
|  | # Firefly III authentication settings | ||||||
|  | # | ||||||
|  | 
 | ||||||
|  | # | ||||||
|  | # Firefly III supports a few authentication methods: | ||||||
|  | # - 'web' (default, uses built in DB) | ||||||
|  | # - 'remote_user_guard' for Authelia etc | ||||||
|  | # Read more about these settings in the documentation. | ||||||
|  | # https://docs.firefly-iii.org/advanced-installation/authentication | ||||||
|  | # | ||||||
|  | # LDAP is no longer supported :( | ||||||
|  | # | ||||||
|  | AUTHENTICATION_GUARD=web | ||||||
|  | 
 | ||||||
|  | # | ||||||
|  | # Remote user guard settings | ||||||
|  | # | ||||||
|  | AUTHENTICATION_GUARD_HEADER=REMOTE_USER | ||||||
|  | AUTHENTICATION_GUARD_EMAIL= | ||||||
|  | 
 | ||||||
|  | # | ||||||
|  | # Firefly III generates a basic keypair for your OAuth tokens. | ||||||
|  | # If you want, you can overrule the key with your own (secure) value. | ||||||
|  | # It's also possible to set PASSPORT_PUBLIC_KEY_FILE or PASSPORT_PRIVATE_KEY_FILE | ||||||
|  | # if you're using Docker secrets or similar solutions for secret management | ||||||
|  | # | ||||||
|  | PASSPORT_PRIVATE_KEY= | ||||||
|  | PASSPORT_PUBLIC_KEY= | ||||||
|  | 
 | ||||||
|  | # | ||||||
|  | # Extra authentication settings | ||||||
|  | # | ||||||
|  | CUSTOM_LOGOUT_URL= | ||||||
|  | 
 | ||||||
|  | # You can disable the X-Frame-Options header if it interferes with tools like | ||||||
|  | # Organizr. This is at your own risk. Applications running in frames run the risk | ||||||
|  | # of leaking information to their parent frame. | ||||||
|  | DISABLE_FRAME_HEADER=false | ||||||
|  | 
 | ||||||
|  | # You can disable the Content Security Policy header when you're using an ancient browser | ||||||
|  | # or any version of Microsoft Edge / Internet Explorer (which amounts to the same thing really) | ||||||
|  | # This leaves you with the risk of not being able to stop XSS bugs should they ever surface. | ||||||
|  | # This is at your own risk. | ||||||
|  | DISABLE_CSP_HEADER=false | ||||||
|  | 
 | ||||||
|  | # If you wish to track your own behavior over Firefly III, set valid analytics tracker information here. | ||||||
|  | # Nobody uses this except for me on the demo site. But hey, feel free to use this if you want to. | ||||||
|  | # Do not prepend the TRACKER_URL with http:// or https:// | ||||||
|  | # The only tracker supported is Matomo. | ||||||
|  | # You can set the following variables from a file by appending them with _FILE: | ||||||
|  | TRACKER_SITE_ID= | ||||||
|  | TRACKER_URL= | ||||||
|  | 
 | ||||||
|  | # | ||||||
|  | # Firefly III supports webhooks. These are security sensitive and must be enabled manually first. | ||||||
|  | # | ||||||
|  | ALLOW_WEBHOOKS=false | ||||||
|  | 
 | ||||||
|  | # | ||||||
|  | # The static cron job token can be useful when you use Docker and wish to manage cron jobs. | ||||||
|  | # 1. Set this token to any 32-character value (this is important!). | ||||||
|  | # 2. Use this token in the cron URL instead of a user's command line token. | ||||||
|  | # | ||||||
|  | # For more info: https://docs.firefly-iii.org/firefly-iii/advanced-installation/cron/ | ||||||
|  | # | ||||||
|  | # You can set this variable from a file by appending it with _FILE | ||||||
|  | # | ||||||
|  | STATIC_CRON_TOKEN= | ||||||
|  | 
 | ||||||
|  | # You can fine tune the start-up of a Docker container by editing these environment variables. | ||||||
|  | # Use this at your own risk. Disabling certain checks and features may result in lots of inconsistent data. | ||||||
|  | # However if you know what you're doing you can significantly speed up container start times. | ||||||
|  | # Set each value to true to enable, or false to disable. | ||||||
|  | 
 | ||||||
|  | # Set this to true to build all locales supported by Firefly III. | ||||||
|  | # This may take quite some time (several minutes) and is generally not recommended. | ||||||
|  | # If you wish to change or alter the list of locales, start your Docker container with | ||||||
|  | # `docker run -v locale.gen:/etc/locale.gen -e DKR_BUILD_LOCALE=true` | ||||||
|  | # and make sure your preferred locales are in your own locale.gen. | ||||||
|  | DKR_BUILD_LOCALE=false | ||||||
|  | 
 | ||||||
|  | # Check if the SQLite database exists. Can be skipped if you're not using SQLite. | ||||||
|  | # Won't significantly speed up things. | ||||||
|  | DKR_CHECK_SQLITE=true | ||||||
|  | 
 | ||||||
|  | # Run database creation and migration commands. Disable this only if you're 100% sure the DB exists | ||||||
|  | # and is up to date. | ||||||
|  | DKR_RUN_MIGRATION=true | ||||||
|  | 
 | ||||||
|  | # Run database upgrade commands. Disable this only when you're 100% sure your DB is up-to-date | ||||||
|  | # with the latest fixes (outside of migrations!) | ||||||
|  | DKR_RUN_UPGRADE=true | ||||||
|  | 
 | ||||||
|  | # Verify database integrity. Includes all data checks and verifications. | ||||||
|  | # Disabling this makes Firefly III assume your DB is intact. | ||||||
|  | DKR_RUN_VERIFY=true | ||||||
|  | 
 | ||||||
|  | # Run database reporting commands. When disabled, Firefly III won't go over your data to report current state. | ||||||
|  | # Disabling this should have no impact on data integrity or safety but it won't warn you of possible issues. | ||||||
|  | DKR_RUN_REPORT=true | ||||||
|  | 
 | ||||||
|  | # Generate OAuth2 keys. | ||||||
|  | # When disabled, Firefly III won't attempt to generate OAuth2 Passport keys. This won't be an issue, IFF (if and only if) | ||||||
|  | # you had previously generated keys already and they're stored in your database for restoration. | ||||||
|  | DKR_RUN_PASSPORT_INSTALL=true | ||||||
|  | 
 | ||||||
|  | # Leave the following configuration vars as is. | ||||||
|  | # Unless you like to tinker and know what you're doing. | ||||||
|  | APP_NAME=FireflyIII | ||||||
|  | BROADCAST_DRIVER=log | ||||||
|  | QUEUE_DRIVER=sync | ||||||
|  | CACHE_PREFIX=firefly | ||||||
|  | PUSHER_KEY= | ||||||
|  | IPINFO_TOKEN= | ||||||
|  | PUSHER_SECRET= | ||||||
|  | PUSHER_ID= | ||||||
|  | DEMO_USERNAME= | ||||||
|  | DEMO_PASSWORD= | ||||||
|  | IS_HEROKU=false | ||||||
|  | FIREFLY_III_LAYOUT=v1 | ||||||
|  | 
 | ||||||
|  | # | ||||||
|  | # If you have trouble configuring your Firefly III installation, DON'T BOTHER setting this variable. | ||||||
|  | # It won't work. It doesn't do ANYTHING. Don't believe the lies you read online. I'm not joking. | ||||||
|  | # This configuration value WILL NOT HELP. | ||||||
|  | # | ||||||
|  | # Notable exception to this rule is Synology, which, according to some users, will use APP_URL to rewrite stuff. | ||||||
|  | # | ||||||
|  | # This variable is ONLY used in some of the emails Firefly III sends around. Nowhere else. | ||||||
|  | # So when configuring anything WEB related this variable doesn't do anything. Nothing | ||||||
|  | # | ||||||
|  | # If you're stuck I understand you get desperate but look SOMEWHERE ELSE. | ||||||
|  | # | ||||||
|  | APP_URL=http://localhost | ||||||
							
								
								
									
										4
									
								
								examples/firefly/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								examples/firefly/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,4 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/firefly-iii/docker | ||||||
|  | - https://docs.firefly-iii.org/firefly-iii/installation/docker/ | ||||||
							
								
								
									
										26
									
								
								examples/firefly/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										26
									
								
								examples/firefly/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,26 @@ | ||||||
|  | version: '3.3' | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   app: | ||||||
|  |     image: fireflyiii/core:latest | ||||||
|  |     container_name: firefly | ||||||
|  |     restart: unless-stopped | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/firefly/upload:/var/www/html/storage/upload | ||||||
|  |     env_file: .env | ||||||
|  |     ports: | ||||||
|  |       - 80:8080 | ||||||
|  |     depends_on: | ||||||
|  |       - db | ||||||
|  |    | ||||||
|  |   db: | ||||||
|  |     image: mariadb     | ||||||
|  |     container_name: firefly-db | ||||||
|  |     restart: unless-stopped | ||||||
|  |     environment: | ||||||
|  |       - MYSQL_RANDOM_ROOT_PASSWORD=yes | ||||||
|  |       - MYSQL_USER=firefly | ||||||
|  |       - MYSQL_PASSWORD=MySecretDatabasePassword # if changed --> also update in .env file | ||||||
|  |       - MYSQL_DATABASE=firefly | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/firefly/mysql:/var/lib/mysql | ||||||
							
								
								
									
										3
									
								
								examples/firefox/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/firefox/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://hub.docker.com/r/linuxserver/firefox | ||||||
							
								
								
									
										31
									
								
								examples/firefox/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										31
									
								
								examples/firefox/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,31 @@ | ||||||
|  | version: "3.3" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   firefox: | ||||||
|  |     image: lscr.io/linuxserver/firefox:latest | ||||||
|  |     container_name: firefox | ||||||
|  |     hostname: firefox | ||||||
|  |     restart: unless-stopped | ||||||
|  |     security_opt: | ||||||
|  |       - seccomp:unconfined # optional | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 # optional | ||||||
|  |       - PGID=1000 # optional | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/firefox/config:/config | ||||||
|  |     ports: | ||||||
|  |       - 3210:3000 | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.http.routers.firefox.rule=Host(`firefox.example.com`) | ||||||
|  |     #  - traefik.http.services.firefox.loadbalancer.server.port=8080 | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  # Part for optional traefik middlewares | ||||||
|  |     #  - traefik.http.routers.firefox.middlewares=local-ipwhitelist@file,basic-auth@file | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
							
								
								
									
										33
									
								
								examples/firezone/.env
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										33
									
								
								examples/firezone/.env
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,33 @@ | ||||||
|  | # Change these settings | ||||||
|  | EXTERNAL_URL=https://firezone.example.com | ||||||
|  | DEFAULT_ADMIN_EMAIL=admin@example.com | ||||||
|  | DEFAULT_ADMIN_PASSWORD=ins4vOVm9RwuiY4j | ||||||
|  | 
 | ||||||
|  | GUARDIAN_SECRET_KEY=qAWbvgyHUQVgRtF+JaJseNIt779CLADuYZdWfXPy4R6zQ51wom0SJtpvEVIGYKH0 | ||||||
|  | SECRET_KEY_BASE=lThlZfb7E79kgKdg7q9e2jf/XF7VXSg/sFFi6xD7CUhVOybLhkYPyeYbFmIJ3Nv0 | ||||||
|  | LIVE_VIEW_SIGNING_SALT=+lKcWppaW5GPqfYupk8qjuAfWuuHDxRA | ||||||
|  | COOKIE_SIGNING_SALT=i+nxqzyT | ||||||
|  | COOKIE_ENCRYPTION_SALT=CyMASGO+ | ||||||
|  | DATABASE_ENCRYPTION_KEY=ftVUOP6G7twvORBaxVR1Z1d8gaKeJMeOIOtR+Zc1sIs= | ||||||
|  | DATABASE_PASSWORD=cN8IrZTSBMgcu++k | ||||||
|  | 
 | ||||||
|  | # The ability to change the IPv4 and IPv6 address pool will be removed | ||||||
|  | # in a future Firezone release in order to reduce the possible combinations | ||||||
|  | # of network configurations we need to handle. | ||||||
|  | # | ||||||
|  | # Due to the above, we recommend not changing these unless absolutely | ||||||
|  | # necessary. | ||||||
|  | WIREGUARD_IPV4_NETWORK=100.64.0.0/10 | ||||||
|  | WIREGUARD_IPV4_ADDRESS=100.64.0.1 | ||||||
|  | WIREGUARD_IPV6_NETWORK=fd00::/106 | ||||||
|  | WIREGUARD_IPV6_ADDRESS=fd00::1 | ||||||
|  | 
 | ||||||
|  | #PHOENIX_EXTERNAL_TRUSTED_PROXIES=["192.168.178.0/24"] | ||||||
|  | #PHOENIX_PRIVATE_CLIENTS=["192.168.0.0/24"] | ||||||
|  | 
 | ||||||
|  | # further env variables | ||||||
|  | # see https://github.com/firezone/firezone/blob/legacy/website/src/app/docs/reference/env-vars/readme.mdx | ||||||
|  | 
 | ||||||
|  | TELEMETRY_ENABLED=false | ||||||
|  | CONNECTIVITY_CHECKS_ENABLED=false | ||||||
|  | LOCAL_AUTH_ENABLED=true | ||||||
							
								
								
									
										44
									
								
								examples/firezone/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										44
									
								
								examples/firezone/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,44 @@ | ||||||
|  | # Reference | ||||||
|  | 
 | ||||||
|  | - https://github.com/l4rm4nd/firezone (fork, maintained) | ||||||
|  | - https://github.com/firezone/firezone/tree/legacy (EoL) | ||||||
|  | 
 | ||||||
|  | > [!WARNING] | ||||||
|  | > Firezone v0.7 has reached End-of-Life on 31st January 2024. | ||||||
|  | > | ||||||
|  | > It undergoes a complete redesign (zero-knowledge, cloud) for v1.0 and won't provide any updates for the v0.7 (legacy) branch anymore. More information can be found [here](https://www.firezone.dev/blog/firezone-1-0). | ||||||
|  | 
 | ||||||
|  | > [!TIP] | ||||||
|  | > A new fork (l4rm4nd/fireabend) tries to fix outdated dependencies and keep the software alive. | ||||||
|  | > | ||||||
|  | > The fork starts with a new v7.0.0 release version and tag. | ||||||
|  | 
 | ||||||
|  | # Notes | ||||||
|  | 
 | ||||||
|  | ```` | ||||||
|  | # download compose file | ||||||
|  | wget https://raw.githubusercontent.com/Haxxnet/Compose-Examples/main/examples/firezone/docker-compose.yml | ||||||
|  | 
 | ||||||
|  | # generate an .env file | ||||||
|  | docker run --rm ghcr.io/l4rm4nd/firezone:latest bin/gen-env > .env | ||||||
|  | 
 | ||||||
|  | # adjust .env file to your needs | ||||||
|  | # define EXTERNAL_URL + DEFAULT_ADMIN_EMAIL + DEFAULT_ADMIN_PASSWORD | ||||||
|  | 
 | ||||||
|  | # disable telemetry via .env | ||||||
|  | echo -e "\nTELEMETRY_ENABLED=false" >> .env | ||||||
|  | 
 | ||||||
|  | # enable local auth | ||||||
|  | echo -e "\nLOCAL_AUTH_ENABLED=true" >> .env | ||||||
|  | 
 | ||||||
|  | # migrate database and create admin user | ||||||
|  | docker compose run --rm firezone bin/migrate | ||||||
|  | docker compose run --rm firezone bin/create-or-reset-admin | ||||||
|  | 
 | ||||||
|  | # spawn the container stack | ||||||
|  | docker compose up -d | ||||||
|  | ```` | ||||||
|  | 
 | ||||||
|  | Afterwards, the admin mgmt UI is accessible on http://127.0.0.1:13000. | ||||||
|  | 
 | ||||||
|  | It is recommended to combine Firezone with a TLS reverse proxy such as Traefik as well as with an Identity Provider (IdP) such as Keycloak or Authentik for Single-Sign-On (SSO). Once SSO is enabled, you should disable the possibility for local authentication via the .env file. | ||||||
							
								
								
									
										72
									
								
								examples/firezone/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										72
									
								
								examples/firezone/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,72 @@ | ||||||
|  | x-deploy: &default-deploy | ||||||
|  |   restart_policy: | ||||||
|  |     condition: unless-stopped | ||||||
|  |     delay: 5s | ||||||
|  |     window: 120s | ||||||
|  |   update_config: | ||||||
|  |     order: start-first | ||||||
|  | 
 | ||||||
|  | version: "3.7" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  | 
 | ||||||
|  |   firezone: | ||||||
|  |     image: l4rm4nd/firezone | ||||||
|  |     container_name: firezone-web | ||||||
|  |     ports: | ||||||
|  |       - 51820:51820/udp | ||||||
|  |       - 127.0.0.1:13000:13000/tcp | ||||||
|  |     expose: | ||||||
|  |       - 13000 | ||||||
|  |     env_file: | ||||||
|  |       # This should contain a list of env vars for configuring Firezone. | ||||||
|  |       # See https://docs.firezone.dev/reference/env-vars for more info. | ||||||
|  |       - ${FZ_INSTALL_DIR:-.}/.env | ||||||
|  |     volumes: | ||||||
|  |       # IMPORTANT: Persists WireGuard private key and other data. If | ||||||
|  |       # /var/firezone/private_key exists when Firezone starts, it is | ||||||
|  |       # used as the WireGuard private. Otherwise, one is generated. | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/firezone/data:/var/firezone | ||||||
|  |     cap_add: | ||||||
|  |       # Needed for WireGuard and firewall support. | ||||||
|  |       - NET_ADMIN | ||||||
|  |       - SYS_MODULE | ||||||
|  |     sysctls: | ||||||
|  |       # Needed for masquerading and NAT. | ||||||
|  |       - net.ipv6.conf.all.disable_ipv6=0 | ||||||
|  |       - net.ipv4.ip_forward=1 | ||||||
|  |       - net.ipv6.conf.all.forwarding=1 | ||||||
|  |     depends_on: | ||||||
|  |       - postgres | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     # - traefik.enable=true | ||||||
|  |     # - traefik.docker.network=proxy | ||||||
|  |     # - traefik.http.routers.firezone_https.rule=Host(`firezone.example.com`) | ||||||
|  |     # - traefik.http.routers.firezone_https.tls=true | ||||||
|  |     # - traefik.http.services.firezone.loadbalancer.server.port=13000 | ||||||
|  |     # #- traefik.http.routers.firezone.middlewares=local-ipwhitelist@file       | ||||||
|  | 
 | ||||||
|  |     deploy: | ||||||
|  |       <<: *default-deploy | ||||||
|  | 
 | ||||||
|  |   postgres: | ||||||
|  |     image: postgres:15-alpine | ||||||
|  |     container_name: firezone-db | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/firezone/db:/var/lib/postgresql/data | ||||||
|  |     environment: | ||||||
|  |       POSTGRES_DB: ${DATABASE_NAME:-firezone} | ||||||
|  |       POSTGRES_USER: ${DATABASE_USER:-postgres} | ||||||
|  |       POSTGRES_PASSWORD: ${DATABASE_PASSWORD:?err} | ||||||
|  |     deploy: | ||||||
|  |       <<: *default-deploy | ||||||
|  |       update_config: | ||||||
|  |         order: stop-first | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy         | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
							
								
								
									
										3
									
								
								examples/flame/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/flame/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/pawelmalak/flame | ||||||
							
								
								
									
										14
									
								
								examples/flame/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										14
									
								
								examples/flame/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,14 @@ | ||||||
|  | version: '3.6' | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   flame: | ||||||
|  |     image: pawelmalak/flame | ||||||
|  |     container_name: flame | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/flame:/app/data | ||||||
|  |       #- /var/run/docker.sock:/var/run/docker.sock # optional but required for Docker integration | ||||||
|  |     ports: | ||||||
|  |       - 5005:5005 | ||||||
|  |     environment: | ||||||
|  |       - PASSWORD=MyStrongLoginPassword | ||||||
|  |     restart: unless-stopped | ||||||
							
								
								
									
										3
									
								
								examples/flaresolverr/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/flaresolverr/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://hub.docker.com/r/flaresolverr/flaresolverr | ||||||
							
								
								
									
										14
									
								
								examples/flaresolverr/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										14
									
								
								examples/flaresolverr/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,14 @@ | ||||||
|  | version: '3.3' | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |     flaresolverr: | ||||||
|  |         image: ghcr.io/flaresolverr/flaresolverr:latest | ||||||
|  |         container_name: flaresolverr | ||||||
|  |         ports: | ||||||
|  |             - 8191:8191 | ||||||
|  |         environment: | ||||||
|  |             - LOG_LEVEL=${LOG_LEVEL:-info} | ||||||
|  |             - LOG_HTML=${LOG_HTML:-false} | ||||||
|  |             - CAPTCHA_SOLVER=${CAPTCHA_SOLVER:-none} | ||||||
|  |             - TZ=Europe/Berlin | ||||||
|  |         restart: unless-stopped | ||||||
							
								
								
									
										9
									
								
								examples/forte/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										9
									
								
								examples/forte/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,9 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/kaangiray26/forte | ||||||
|  | 
 | ||||||
|  | # Notes | ||||||
|  | 
 | ||||||
|  | After deploying, the forte admin dashboard will be available on TCP/3000. You can log into the web dashboard using `forte` as username and `alternative` as password. Please change those default credentials. Use a reverse proxy like Traefik if you plan on exposing the forte instance, as HTTPS is required to stream flawlessly. | ||||||
|  | 
 | ||||||
|  | After creating a user account via the forte web dashboard, you can browse https://forte.buzl.uk/ and use your own server to stream music from. Specify your created user account and the automatically created password token. | ||||||
							
								
								
									
										59
									
								
								examples/forte/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										59
									
								
								examples/forte/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,59 @@ | ||||||
|  | version: '3' | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |     app: | ||||||
|  |         image: kaangiray26/forte:4.3 | ||||||
|  |         container_name: forte | ||||||
|  |         restart: on-failure | ||||||
|  |         ports: | ||||||
|  |             - 3000:3000 | ||||||
|  |         depends_on: | ||||||
|  |             postgres: | ||||||
|  |                 condition: service_healthy | ||||||
|  |         environment: | ||||||
|  |             port: 3000               # Set Port | ||||||
|  |             version: "4.3"           # Set Version | ||||||
|  |             verbose: false           # Verbose Logging | ||||||
|  |             custom_about: false      # For your own about page | ||||||
|  |             hostname: localhost      # Set Hostname | ||||||
|  |             NODE_ENV: production     # Set Node Environment | ||||||
|  |             POSTGRES_HOST: postgres  # Postgres Host/IP | ||||||
|  |             POSTGRES_USER: forte     # Set Postgres Username | ||||||
|  |             POSTGRES_PASSWORD: forte # Set Postgres Password | ||||||
|  |             POSTGRES_PORT: 5432      # Postgres Database Port | ||||||
|  |             POSTGRES_DB: forte       # Set Postgres Database Name | ||||||
|  |         volumes: | ||||||
|  |             - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/forte/library:/library # your music library to import from | ||||||
|  |         #networks: | ||||||
|  |         #    - proxy | ||||||
|  |         #labels: | ||||||
|  |         #    - traefik.enable=true | ||||||
|  |         #    - traefik.http.routers.forte.rule=Host(`forte.example.com`) | ||||||
|  |         #    - traefik.http.services.forte.loadbalancer.server.port=3000 | ||||||
|  |         #    - traefik.docker.network=proxy | ||||||
|  |         #    - traefik.http.middlewares.cors.headers.customResponseHeaders.Access-Control-Allow-Origin=https://forte.buzl.uk | ||||||
|  |         #    - traefik.http.middlewares.cors.headers.customFrameOptionsValue=forte.buzl.uk | ||||||
|  |         #    - traefik.http.middlewares.cors.headers.customResponseHeaders.Cross-Origin-Resource-Policy=cross-origin | ||||||
|  |         #    - traefik.http.routers.forte.middlewares=cors,local-ipwhitelist@file | ||||||
|  | 
 | ||||||
|  |     postgres: | ||||||
|  |         image: kaangiray26/postgres:2.0 | ||||||
|  |         container_name: forte-db | ||||||
|  |         restart: always | ||||||
|  |         environment: | ||||||
|  |             POSTGRES_DB: forte       # Set Postgres Database Name | ||||||
|  |             POSTGRES_USER: forte     # Set Postgres Username | ||||||
|  |             POSTGRES_PASSWORD: forte # Set Postgres Password | ||||||
|  |         volumes: | ||||||
|  |             - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/forte/db:/var/lib/postgresql/data | ||||||
|  |         healthcheck: | ||||||
|  |             test: [ "CMD-SHELL", "pg_isready -U forte" ] | ||||||
|  |             interval: 10s | ||||||
|  |             timeout: 5s | ||||||
|  |             retries: 5 | ||||||
|  |         #networks: | ||||||
|  |         #    - proxy | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #   proxy: | ||||||
|  | #     external: true | ||||||
							
								
								
									
										12
									
								
								examples/ghost/.env
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										12
									
								
								examples/ghost/.env
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,12 @@ | ||||||
|  | DB_CLIENT=mysql | ||||||
|  | DB_HOST=database | ||||||
|  | DB_USER=ghost | ||||||
|  | DB_ROOT_PASS=password1 | ||||||
|  | DB_USER_PASS=password2 | ||||||
|  | DB_NAME=ghost | ||||||
|  | 
 | ||||||
|  | SMTP_HOST=smtp.google.com | ||||||
|  | SMTP_PORT=587 | ||||||
|  | SMTP_USER=blog@example.com | ||||||
|  | SMTP_PASS=my-secure-smtp-password | ||||||
|  | SMTP_MAIL_FROM="Ghost <blog@example.com" | ||||||
							
								
								
									
										3
									
								
								examples/ghost/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/ghost/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/TryGhost/Ghost | ||||||
							
								
								
									
										41
									
								
								examples/ghost/docker-compose-rpi-arm.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										41
									
								
								examples/ghost/docker-compose-rpi-arm.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,41 @@ | ||||||
|  | version: '3.3' | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   blog: | ||||||
|  |     image: ghost:5 | ||||||
|  |     container_name: ghost | ||||||
|  |     restart: always | ||||||
|  |     ports: | ||||||
|  |       - 8080:2368 | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/ghost/content:/var/lib/ghost/content | ||||||
|  |     environment: | ||||||
|  |       # see https://ghost.org/docs/config/#configuration-options | ||||||
|  |       database__client: ${DB_CLIENT:-mysql} | ||||||
|  |       database__connection__host: ${DB_HOST:-database} | ||||||
|  |       database__connection__user:  ${DB_USER:-ghost} | ||||||
|  |       database__connection__password: ${DB_USER_PASS:-DatabasePassword1234} | ||||||
|  |       database__connection__database: ${DB_NAME:-ghost} | ||||||
|  |       #url: https://blog.example.com # change this for production | ||||||
|  |       NODE_ENV: production | ||||||
|  |       #mail__transport: SMTP | ||||||
|  |       #mail__options__host: ${SMTP_HOST:-smtp.google.com} | ||||||
|  |       #mail__options__port: ${SMTP_PORT:-587} | ||||||
|  |       #mail__options__auth__user: ${SMTP_USER:-blog@example.com} | ||||||
|  |       #mail__options__auth__pass: ${SMTP_PASS:-SMTPPassword} | ||||||
|  |       #mail__from: ${SMTP_MAIL_FROM:-Ghost} | ||||||
|  | 
 | ||||||
|  |   database: | ||||||
|  |     image: linuxserver/mariadb | ||||||
|  |     container_name: ghost-db | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - MYSQL_ROOT_PASSWORD=${DB_ROOT_PASS:-DatabasePassword1234} | ||||||
|  |       - TZ=Europe/Berlin | ||||||
|  |       - MYSQL_DATABASE=${DB_NAME:-ghost} | ||||||
|  |       - MYSQL_USER=${DB_USER:-ghost} | ||||||
|  |       - MYSQL_PASSWORD=${DB_USER_PASS:-DatabasePassword1234} | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/ghost/mariadb/config:/config | ||||||
|  |     restart: unless-stopped | ||||||
							
								
								
									
										70
									
								
								examples/ghost/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										70
									
								
								examples/ghost/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,70 @@ | ||||||
|  | version: '3.3' | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  | 
 | ||||||
|  |   blog: | ||||||
|  |     image: ghost:5-alpine | ||||||
|  |     container_name: ghost | ||||||
|  |     restart: always | ||||||
|  |     depends_on: | ||||||
|  |       database: | ||||||
|  |         condition: service_healthy | ||||||
|  |     healthcheck: | ||||||
|  |       test: "/usr/bin/nc localhost 2368 || exit 1" | ||||||
|  |       interval: 30s | ||||||
|  |       timeout: 10s | ||||||
|  |       retries: 5         | ||||||
|  |     expose: | ||||||
|  |       - 2368 | ||||||
|  |     ports: | ||||||
|  |       - 2368:2368 | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/ghost/content:/var/lib/ghost/content | ||||||
|  |     environment: | ||||||
|  |       # see https://ghost.org/docs/config/#configuration-options | ||||||
|  |       database__client: ${DB_CLIENT:-mysql} | ||||||
|  |       database__connection__host: ${DB_HOST:-database} | ||||||
|  |       database__connection__user: ${DB_USER:-ghost} | ||||||
|  |       database__connection__password: ${DB_USER_PASS:-DatabasePassword1234} | ||||||
|  |       database__connection__database: ${DB_NAME:-ghost} | ||||||
|  |       url: http://127.0.0.1:2368 # adjust to your domain and correct protocol handler + port | ||||||
|  |       #NODE_ENV: developmnent # default is production already | ||||||
|  |       #mail__transport: SMTP | ||||||
|  |       #mail__options__host: ${SMTP_HOST:-smtp.google.com} | ||||||
|  |       #mail__options__port: ${SMTP_PORT:-587} | ||||||
|  |       #mail__options__auth__user: ${SMTP_USER:-ghost@example.com} | ||||||
|  |       #mail__options__auth__pass: ${SMTP_PASS:-SMTPPassword} | ||||||
|  |       #mail__from: ${SMTP_MAIL_FROM:-Ghost} | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy       | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.http.routers.ghost.rule=Host(`blog.example.com`) | ||||||
|  |     #  - traefik.http.services.ghost.loadbalancer.server.port=2368 | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  # Part for local lan services only | ||||||
|  |     #  #- traefik.http.routers.ghost.middlewares=external-secure@file | ||||||
|  | 
 | ||||||
|  |   database: | ||||||
|  |     image: mysql:8 | ||||||
|  |     container_name: ghost_db | ||||||
|  |     restart: always | ||||||
|  |     healthcheck: | ||||||
|  |       test: ["CMD", 'mysqladmin', 'ping', '-h', 'localhost', '-u', 'root', '-p$$DB_ROOT_PASS' ] | ||||||
|  |       timeout: 20s | ||||||
|  |       retries: 10 | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/ghost/mysql:/var/lib/mysql | ||||||
|  |     expose: | ||||||
|  |       - 3306 | ||||||
|  |     environment: | ||||||
|  |       MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASS:-DatabaseRootPassword54321} | ||||||
|  |       MYSQL_DATABASE: ${DB_NAME:-ghost} | ||||||
|  |       MYSQL_USER: ${DB_USER:-ghost} | ||||||
|  |       MYSQL_PASSWORD: ${DB_USER_PASS:-DatabasePassword1234} | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |      | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
							
								
								
									
										3
									
								
								examples/gitea/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/gitea/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/go-gitea/gitea | ||||||
							
								
								
									
										29
									
								
								examples/gitea/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										29
									
								
								examples/gitea/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,29 @@ | ||||||
|  | version: "3" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   gitea: | ||||||
|  |     container_name: gitea | ||||||
|  |     environment: | ||||||
|  |       - USER_UID=1000 | ||||||
|  |       - USER_GID=1000 | ||||||
|  |     hostname: gitea | ||||||
|  |     ports: | ||||||
|  |       - 3000:3000 #webgui | ||||||
|  |       - 2222:22 #ssh | ||||||
|  |     image: gitea/gitea:latest | ||||||
|  |     restart: unless-stopped | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/gitea/data:/data | ||||||
|  |     #networks: | ||||||
|  |     #  - proxy | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.http.routers.gitea.rule=Host(`git.example.com`) | ||||||
|  |     #  - traefik.http.services.gitea.loadbalancer.server.port=3000 | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  # Part for local lan services only | ||||||
|  |     #  - traefik.http.routers.gitea.middlewares=local-ipwhitelist@file | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  proxy: | ||||||
|  | #    external: true | ||||||
							
								
								
									
										3
									
								
								examples/gitlab/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/gitlab/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://docs.gitlab.com/ee/install/docker.html | ||||||
							
								
								
									
										27
									
								
								examples/gitlab/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										27
									
								
								examples/gitlab/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,27 @@ | ||||||
|  | version: '3.7' | ||||||
|  | services: | ||||||
|  |   gitlab-ce: | ||||||
|  |     image: gitlab/gitlab-ce:latest | ||||||
|  |     restart: unless-stopped | ||||||
|  |     container_name: gitlab-ce | ||||||
|  |     environment: | ||||||
|  |       GITLAB_OMNIBUS_CONFIG: | | ||||||
|  |         external_url 'http://gitlab.example.com' # please adjust | ||||||
|  |     ports: | ||||||
|  |       - 8033:80 # HTTP | ||||||
|  |       - 8434:443 # HTTPS | ||||||
|  |       - 2222:22 # SSH | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/gitlab/config:/etc/gitlab | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/gitlab/logs:/var/log/gitlab | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/gitlab/data:/var/opt/gitlab | ||||||
|  |    | ||||||
|  |   gitlab-runner: | ||||||
|  |     image: gitlab/gitlab-runner:alpine | ||||||
|  |     container_name: gitlab-runner | ||||||
|  |     restart: unless-stopped | ||||||
|  |     depends_on: | ||||||
|  |       - gitlab-ce | ||||||
|  |     volumes: | ||||||
|  |       - /var/run/docker.sock:/var/run/docker.sock | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/gitlab/runner:/etc/gitlab-runner | ||||||
							
								
								
									
										3
									
								
								examples/gokapi/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								examples/gokapi/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://github.com/Forceu/Gokapi | ||||||
							
								
								
									
										12
									
								
								examples/gokapi/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										12
									
								
								examples/gokapi/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,12 @@ | ||||||
|  | version: "3.7" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  |   gokapi: | ||||||
|  |     image: f0rc3/gokapi:latest | ||||||
|  |     container_name: gokapi | ||||||
|  |     restart: unless-stopped | ||||||
|  |     ports: | ||||||
|  |       - 53842:53842 | ||||||
|  |     volumes: | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/gokapi/data:/app/data | ||||||
|  |       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/gokapi/config:/app/config | ||||||
							
								
								
									
										3894
									
								
								examples/grafana-monitoring/Grafana_Dashboard_Template.json
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3894
									
								
								examples/grafana-monitoring/Grafana_Dashboard_Template.json
									
									
									
									
									
										Normal file
									
								
							
										
											
												File diff suppressed because it is too large
												Load diff
											
										
									
								
							
							
								
								
									
										18
									
								
								examples/grafana-monitoring/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										18
									
								
								examples/grafana-monitoring/README.md
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,18 @@ | ||||||
|  | # References | ||||||
|  | 
 | ||||||
|  | - https://blog.lrvt.de/monitoring-dashboard-with-grafana-telegraf-influxdb-and-docker/ | ||||||
|  | - https://blog.lrvt.de/log-visualization-with-grafana-loki-promtail/ | ||||||
|  | 
 | ||||||
|  | # Notes | ||||||
|  | 
 | ||||||
|  | Spawning up this docker stack will provide you with: | ||||||
|  | 
 | ||||||
|  | - A containerized Grafana web instance runnning on the default port TCP/3000 | ||||||
|  | - A containerized Telegraf instance that fetches data points from your docker host server | ||||||
|  | - A containerized InfluxDB instance for storing Telegraf data, which can be defined in Grafana as datasource (just specify `http://influxdb:8086`). Default database is `telegraf`. Default username is `telegrafuser`. Default password is `MyStrongTelegrafPassword`. Defaults can be changed in `/volume-data/influxdb/init/create-database.iql`. | ||||||
|  | - A containerized Promtail instance that can fetch various log files (bind mounted into the promtail container from your docker host server) and send them into the Loki container (e.g. /var/log/auth.log or your Traefik reverse proxy logs) | ||||||
|  | - A containerized Loki instance for storing Promtail log data, which can be defined in Grafana as datasource (just specify `http://loki:3100`). No authentication enabled per default. | ||||||
|  | 
 | ||||||
|  | Finally, after configuring InfluxDB and Loki as datasources on Grafana, you can just import the provided `Grafana_Dashboard_Template.json` dashboard template YAML file in Grafana by browsing http://127.0.0.1:3000/dashboard/import. Your dashboard will look like the following: | ||||||
|  | 
 | ||||||
|  | <img src="https://blog.lrvt.de/content/images/2022/11/image-4-1.png"> | ||||||
							
								
								
									
										104
									
								
								examples/grafana-monitoring/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										104
									
								
								examples/grafana-monitoring/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,104 @@ | ||||||
|  | version: "2" | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  | 
 | ||||||
|  |   loki: | ||||||
|  |     image: grafana/loki:2.9.10 | ||||||
|  |     hostname: loki | ||||||
|  |     container_name: loki | ||||||
|  |     volumes: | ||||||
|  |       - ./volume-data/loki:/etc/loki # place loki-config.yml | ||||||
|  |     ports: | ||||||
|  |       - "127.0.0.1:3100:3100" | ||||||
|  |     restart: unless-stopped | ||||||
|  |     user: 1000:1000 | ||||||
|  |     command: -config.file=/etc/loki/loki-config.yml   | ||||||
|  |     #networks: | ||||||
|  |     #  - monitoring_default | ||||||
|  | 
 | ||||||
|  |   promtail: | ||||||
|  |     image: grafana/promtail:latest | ||||||
|  |     container_name: promtail | ||||||
|  |     depends_on: | ||||||
|  |       - loki | ||||||
|  |     hostname: promtail | ||||||
|  |     volumes: | ||||||
|  |       - /var/log:/var/log:ro # let promtail access the docker host's log files | ||||||
|  |       - ./volume-data/promtail:/etc/promtail # place promtail-config.yml | ||||||
|  |       #- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/traefik/logs:/var/log/traefik # let promtail access your traefik reverse logs | ||||||
|  |     restart: unless-stopped | ||||||
|  |     command: -config.file=/etc/promtail/promtail-config.yml | ||||||
|  |     #networks: | ||||||
|  |     #  - monitoring_default | ||||||
|  | 
 | ||||||
|  |   influxdb: | ||||||
|  |     image: influxdb:1.8 | ||||||
|  |     container_name: influxdb | ||||||
|  |     hostname: influxdb | ||||||
|  |     restart: unless-stopped | ||||||
|  |     volumes: | ||||||
|  |       - ./volume-data/influxdb/data:/var/lib/influxdb | ||||||
|  |       - ./volume-data/influxdb/influxdb.conf:/etc/influxdb/influxdb.conf:ro # place infuxdb.conf | ||||||
|  |       - ./volume-data/influxdb/init:/docker-entrypoint-initdb.d # place create-database.iql for database init | ||||||
|  |     environment: | ||||||
|  |       - INFLUXDB_ADMIN_USER=admin | ||||||
|  |       - INFLUXDB_ADMIN_PASSWORD=SuperDuperAdminPW | ||||||
|  |     #networks: | ||||||
|  |     #  - monitoring_default | ||||||
|  | 
 | ||||||
|  |   telegraf: | ||||||
|  |     image: telegraf:latest | ||||||
|  |     restart: unless-stopped | ||||||
|  |     user: telegraf:$(stat -c '%g' /var/run/docker.sock) # see: https://www.influxdata.com/blog/docker-run-telegraf-as-non-root/ | ||||||
|  |     container_name: telegraf | ||||||
|  |     hostname: telegraf | ||||||
|  |     dns: | ||||||
|  |       - 1.1.1.1 | ||||||
|  |       - 8.8.8.8 | ||||||
|  |     depends_on: | ||||||
|  |       - influxdb | ||||||
|  |     volumes: | ||||||
|  |       - ./volume-data/telegraf/telegraf.conf:/etc/telegraf/telegraf.conf:ro # place telegraf.conf | ||||||
|  |       - /:/hostfs:ro | ||||||
|  |       - /etc:/hostfs/etc:ro | ||||||
|  |       - /proc:/hostfs/proc:ro | ||||||
|  |       - /sys:/hostfs/sys:ro | ||||||
|  |       - /var/run/utmp:/var/run/utmp:ro | ||||||
|  |       - /var/run/docker.sock:/var/run/docker.sock:ro | ||||||
|  |     environment: | ||||||
|  |       - HOST_ETC=/hostfs/etc | ||||||
|  |       - HOST_PROC=/hostfs/proc | ||||||
|  |       - HOST_SYS=/hostfs/sys | ||||||
|  |       - HOST_MOUNT_PREFIX=/hostfs | ||||||
|  |     #networks: | ||||||
|  |     #  - monitoring_default | ||||||
|  | 
 | ||||||
|  |   grafana: | ||||||
|  |     container_name: grafana | ||||||
|  |     hostname: grafana | ||||||
|  |     user: 1000:1000 | ||||||
|  |     depends_on: | ||||||
|  |       - influxdb | ||||||
|  |       - loki | ||||||
|  |       - promtail | ||||||
|  |     image: grafana/grafana:latest | ||||||
|  |     restart: unless-stopped | ||||||
|  |     #environment: | ||||||
|  |     #  - GF_SERVER_ROOT_URL=https://grafana.example.com # optional | ||||||
|  |     volumes: | ||||||
|  |       - ./volume-data/grafana:/var/lib/grafana | ||||||
|  |     ports: | ||||||
|  |       - 3000:3000 | ||||||
|  |     #networks: | ||||||
|  |     #  - monitoring_default | ||||||
|  |     #labels: | ||||||
|  |     #  - traefik.enable=true | ||||||
|  |     #  - traefik.http.routers.grafana.rule=Host(`grafana.example.com`) | ||||||
|  |     #  - traefik.http.services.grafana.loadbalancer.server.port=3000 | ||||||
|  |     #  - traefik.docker.network=proxy | ||||||
|  |     #  # Part for local lan services only | ||||||
|  |     #  - traefik.http.routers.grafana.middlewares=local-ipwhitelist@file | ||||||
|  | 
 | ||||||
|  | #networks: | ||||||
|  | #  monitoring_default: | ||||||
|  | #   external: true | ||||||
|  | @ -0,0 +1,24 @@ | ||||||
|  | # Bind address to use for the RPC service for backup and restore. | ||||||
|  | bind-address = "127.0.0.1:8088" | ||||||
|  | [meta] | ||||||
|  |   dir = "/var/lib/influxdb/meta" | ||||||
|  | [data] | ||||||
|  |   dir = "/var/lib/influxdb/data" | ||||||
|  |   wal-dir = "/var/lib/influxdb/wal" | ||||||
|  |   series-id-set-cache-size = 100 | ||||||
|  | [http] | ||||||
|  |   enabled = true | ||||||
|  |   bind-address = ":8086" | ||||||
|  |   auth-enabled = true | ||||||
|  | [logging] | ||||||
|  | [subscriber] | ||||||
|  | [[graphite]] | ||||||
|  | [[collectd]] | ||||||
|  | [[opentsdb]] | ||||||
|  | [[udp]] | ||||||
|  | [continuous_queries] | ||||||
|  | [tls] | ||||||
|  | [coordinator] | ||||||
|  | [retention] | ||||||
|  | [shard-precreation] | ||||||
|  | [monitor] | ||||||
|  | @ -0,0 +1,3 @@ | ||||||
|  | CREATE DATABASE telegraf WITH DURATION 31d | ||||||
|  | CREATE USER telegrafuser WITH PASSWORD 'MyStrongTelegrafPassword' | ||||||
|  | GRANT ALL ON telegraf to telegrafuser | ||||||
							
								
								
									
										48
									
								
								examples/grafana-monitoring/volume-data/loki/loki-config.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										48
									
								
								examples/grafana-monitoring/volume-data/loki/loki-config.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,48 @@ | ||||||
|  | auth_enabled: false | ||||||
|  | 
 | ||||||
|  | server: | ||||||
|  |   http_listen_port: 3100 | ||||||
|  |   grpc_listen_port: 9096 | ||||||
|  | 
 | ||||||
|  | common: | ||||||
|  |   path_prefix: /tmp/loki | ||||||
|  |   storage: | ||||||
|  |     filesystem: | ||||||
|  |       chunks_directory: /tmp/loki/chunks | ||||||
|  |       rules_directory: /tmp/loki/rules | ||||||
|  |   replication_factor: 1 | ||||||
|  |   ring: | ||||||
|  |     instance_addr: 127.0.0.1 | ||||||
|  |     kvstore: | ||||||
|  |       store: inmemory | ||||||
|  | 
 | ||||||
|  | limits_config: | ||||||
|  |    reject_old_samples: true | ||||||
|  |    reject_old_samples_max_age: 168h | ||||||
|  |    retention_period: 360h | ||||||
|  |    max_query_series: 100000 | ||||||
|  |    max_query_parallelism: 2 | ||||||
|  |    split_queries_by_interval: 0 | ||||||
|  | 
 | ||||||
|  | schema_config: | ||||||
|  |   configs: | ||||||
|  |     - from: 2020-10-24 | ||||||
|  |       store: boltdb-shipper | ||||||
|  |       object_store: filesystem | ||||||
|  |       schema: v11 | ||||||
|  |       index: | ||||||
|  |         prefix: index_ | ||||||
|  |         period: 24h | ||||||
|  | 
 | ||||||
|  | query_range: | ||||||
|  |   parallelise_shardable_queries: false | ||||||
|  | 
 | ||||||
|  | querier: | ||||||
|  |   max_concurrent: 2048 | ||||||
|  | 
 | ||||||
|  | frontend: | ||||||
|  |   max_outstanding_per_tenant: 4096 | ||||||
|  |   compress_responses: true | ||||||
|  | 
 | ||||||
|  | ruler: | ||||||
|  |   alertmanager_url: http://localhost:9093 | ||||||
Some files were not shown because too many files have changed in this diff Show more
		Loading…
	
		Reference in a new issue
	
	 hhftechnologies
						hhftechnologies