diff --git a/compose/services.yml b/compose/services.yml index 0990b7b..c0f6bdf 100644 --- a/compose/services.yml +++ b/compose/services.yml @@ -153,4 +153,49 @@ services: # - "traefik.http.routers.dozzle.middlewares=auth, csrf" # - "traefik.http.routers.dozzle.tls=true" # - "traefik.http.routers.dozzle.tls.certresolver=letsencrypt" - # - "traefik.http.services.dozzle.loadbalancer.server.port=8080" \ No newline at end of file + # - "traefik.http.services.dozzle.loadbalancer.server.port=8080" + + # kestra: + # image: kestra/kestra:latest-full + # container_name: kestra + # # pull_policy: always + # # Note that this is meant for development only. Refer to the documentation for production deployments of Kestra which runs without a root user. + # user: "root" + # command: server standalone --worker-thread=128 + # environment: + # KESTRA_CONFIGURATION: | + # datasources: + # postgres: + # url: jdbc:postgresql://postgres:5432/kestra + # driverClassName: org.postgresql.Driver + # username: ${POSTGRES_USER} + # password: ${POSTGRES_PASSWORD} + # kestra: + # server: + # basic-auth: + # enabled: true + # username: ${EMAIL_FROM} # it must be a valid email address + # password: ${EMAIL_PASSWORD} + # repository: + # type: postgres + # storage: + # type: local + # local: + # base-path: "/app/storage" + # queue: + # type: postgres + # tasks: + # tmp-dir: + # path: /tmp/kestra-wd/tmp + # url: http://kestra.furyhawk.lol/ + # volumes: + # - kestra_data:/app/storage + # - /var/run/docker.sock:/var/run/docker.sock + # # - /tmp/kestra-wd:/tmp/kestra-wd + # depends_on: + # - postgres + # expose: + # - "8080" + # - "8081" + # networks: + # - net \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml deleted file mode 100644 index d6cdeca..0000000 --- a/docker-compose.yml +++ /dev/null @@ -1,442 +0,0 @@ -x-environment: &default-environment - LOG_LEVEL: "DEBUG" - LOG_PATH: "./logs" - ACME_PATH: "./acme.json" - NETWORK: "${NETWORK:-host}" - FIN_LOCATION: "" - STREAMLIT_FIN_SERVER_PORT: "8501" - GROQ_API_KEY: "${GROQ_API_KEY}" - BAI_LOCATION: "" - STREAMLIT_BAI_SERVER_PORT: "8502" - -volumes: - bai_cache: {} - ghost_content: {} - ghost_mysql: {} - jellyfin_config: {} - jellyfin_cache: {} - kestra_data: {} - minio_data: {} - neo4j_data: {} - neo4j_logs: {} - pgadmin: {} - privatebin_data: {} - production_traefik: {} - postgres_data: {} - portainer_data: {} - thelounge_data: {} - -services: - postgres: - image: postgres - container_name: postgres - environment: - POSTGRES_DB: ${POSTGRES_DB} - POSTGRES_USER: ${POSTGRES_USER} - POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} - PGDATA: "/var/lib/postgresql/data" - LANG: en_US.utf8 - TZ: Asia/Singapore - volumes: - - postgres_data:/var/lib/postgresql/data - healthcheck: - test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] - interval: 30s - timeout: 10s - retries: 10 - ports: - - "5432:5432" - networks: - - net - - default - - api_server: - image: furyhawk/listen:latest - container_name: api_server - restart: always - depends_on: - - postgres - environment: - DATABASE__HOSTNAME: ${DATABASE__HOSTNAME} - DATABASE__USERNAME: ${POSTGRES_USER} - DATABASE__PASSWORD: ${POSTGRES_PASSWORD} - DATABASE__PORT: ${DATABASE__PORT} - DATABASE__DB: ${DATABASE__DB} - SECURITY__JWT_SECRET_KEY: ${SECURITY__JWT_SECRET_KEY} - SECURITY__BACKEND_CORS_ORIGINS: ${SECURITY__BACKEND_CORS_ORIGINS} - SECURITY__ALLOWED_HOSTS: ${SECURITY__ALLOWED_HOSTS} - ports: - - "8000:8000" - networks: - - net - - default - - osrm-backend: - environment: - # OSRM manager setup - - OSRM_ALGORITHM=mld - - OSRM_THREADS=2 - - OSRM_PORT=${OSRM_PORT:-5000} - - OSRM_PROFILE=/opt/car.lua - - OSRM_MAP_NAME=${OSRM_MAP_NAME} - - OSRM_GEOFABRIK_PATH=${OSRM_GEOFABRIK_PATH} - # Notify OSRM Manager to restart without stopping container - - OSRM_NOTIFY_FILEPATH=/data/osrm_notify.txt - image: furyhawk/osrm-backend:${OSRM_VERSION:-latest} - container_name: osrm_backend - restart: unless-stopped - expose: - - ${OSRM_PORT:-5000} - networks: - - net - - default - - minio-common: - image: minio/minio:latest - container_name: minio_server - environment: - MINIO_ROOT_USER: "${MINIO_ROOT_USER:-minioadmin}" - MINIO_ROOT_PASSWORD: "${MINIO_ROOT_PASSWORD:-minioadmin}" - MINIO_OPTS: "--console-address :9001" - MINIO_SERVER_URL: https://drive.furyhawk.lol - # user: "1000:1000" - restart: unless-stopped - command: server /data --address :9000 --console-address :9001 - healthcheck: - test: ["CMD", "mc", "ready", "local"] - interval: 65s - timeout: 5s - retries: 5 - volumes: - - minio_data:/data - expose: - - 9000 - - 9001 - networks: - - net - - default - - neo4j_server: - # Docker image to be used - image: ${NEO4J_DOCKER_IMAGE:-neo4j:latest} - container_name: neo4j_server - restart: unless-stopped - # Environment variables - environment: - NEO4J_AUTH: neo4j/${NEO4J_PASSWORD:-12345678} - NEO4J_dbms.default_listen_address: "0.0.0.0" - NEO4J_dbms.default_advertised_address: "neo4j.furyhawk.lol" - NEO4J_dbms.connector.bolt.advertised_address: ":443" - NEO4J_PLUGINS: '["apoc"]' - NEO4J_dbms_security_procedures_unrestricted: "apoc.*" - NEO4J_dbms_security_procedures_allowlist: "apoc.*" - NEO4J_server_memory_pagecache_size: 512M - NEO4J_server_memory_heap_max__size: 2G - user: "1000:1000" - depends_on: - - traefik - volumes: - - neo4j_data:/data - - neo4j_logs:/logs - # Expose ports - expose: - - 7474 - - 7687 - networks: - - net - - default - - syncthing: - image: syncthing/syncthing - container_name: syncthing - environment: - - PUID=1000 - - PGID=1000 - restart: unless-stopped - volumes: - - ~/st-sync:/var/syncthing - ports: - - "8384:8384" # Web UI - - "22000:22000/tcp" # TCP file transfers - - "22000:22000/udp" # QUIC file transfers - - "21027:21027/udp" # Receive local discovery broadcasts - networks: - - net - - default - - # kestra: - # image: kestra/kestra:latest-full - # container_name: kestra - # # pull_policy: always - # # Note that this is meant for development only. Refer to the documentation for production deployments of Kestra which runs without a root user. - # user: "root" - # command: server standalone --worker-thread=128 - # environment: - # KESTRA_CONFIGURATION: | - # datasources: - # postgres: - # url: jdbc:postgresql://postgres:5432/kestra - # driverClassName: org.postgresql.Driver - # username: ${POSTGRES_USER} - # password: ${POSTGRES_PASSWORD} - # kestra: - # server: - # basic-auth: - # enabled: true - # username: ${EMAIL_FROM} # it must be a valid email address - # password: ${EMAIL_PASSWORD} - # repository: - # type: postgres - # storage: - # type: local - # local: - # base-path: "/app/storage" - # queue: - # type: postgres - # tasks: - # tmp-dir: - # path: /tmp/kestra-wd/tmp - # url: http://kestra.furyhawk.lol/ - # volumes: - # - kestra_data:/app/storage - # - /var/run/docker.sock:/var/run/docker.sock - # # - /tmp/kestra-wd:/tmp/kestra-wd - # depends_on: - # - postgres - # expose: - # - "8080" - # - "8081" - # networks: - # - net - - adminer: - image: adminer - environment: - PGADMIN_DEFAULT_EMAIL: ${PGADMIN_DEFAULT_EMAIL} - PGADMIN_DEFAULT_PASSWORD: ${PGADMIN_DEFAULT_PASSWORD} - PGID: 1000 - PUID: 1000 - PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - PYTHONPATH: "/pgadmin4" - TZ: Asia/Singapore - user: "1000:1000" - volumes: - - pgadmin:/var/lib/pgadmin - restart: unless-stopped - depends_on: - - postgres - expose: - - 80 - networks: - - net - - cheatsheets-app: - image: furyhawk/cheatsheets:${CHEATSHEETSTAG:-latest} - restart: unless-stopped - expose: - - 80 - networks: - - net - - ghost-db: - image: mysql:8 - container_name: ghost-db - security_opt: - - seccomp:unconfined - restart: always - command: --mysql-native-password=ON - environment: - MYSQL_ROOT_PASSWORD: ${POSTGRES_PASSWORD} - volumes: - - ghost_mysql:/var/lib/mysql - expose: - - 3306 - networks: - - net - - ghost-server: - image: ghost - container_name: ghost_server - cap_add: - - CAP_SYS_NICE - security_opt: - - seccomp:unconfined - restart: always - depends_on: - - ghost-db - environment: - url: https://ghost.furyhawk.lol - database__client: mysql - database__connection__host: ghost-db - database__connection__user: root - database__connection__password: ${POSTGRES_PASSWORD} - database__connection__database: ghost - volumes: - - ghost_content:/var/lib/ghost/content - expose: - - 2368 - networks: - - net - - heynote-app: - image: furyhawk/heynote:${HEYNOTETAG:-latest} - restart: unless-stopped - environment: - NODE_ENV: production - expose: - - 5173 - networks: - - net - - jellyfin: - image: jellyfin/jellyfin - user: 1000:1000 - volumes: - - jellyfin_config:/config - - jellyfin_cache:/cache - - type: bind - source: ~/media - target: /media - read_only: false - restart: 'unless-stopped' - # Optional - alternative address used for autodiscovery - environment: - - JELLYFIN_PublishedServerUrl=https://media.furyhawk.lol - expose: - - 8096 - networks: - - net - - meshtastic_web: - image: ghcr.io/meshtastic/web - restart: unless-stopped - expose: - - 8080 - - 8443 - networks: - - net - - privatebin: - image: privatebin/nginx-fpm-alpine:latest - read_only: true - user: "1000:1000" - volumes: - - privatebin_data:/srv/data # data volume for pastes allows pastes - # to persist after container stop or restart - - './config/conf.php:/srv/cfg/conf.php:ro' # second volume for custom configuration file - expose: - - 8080 - restart: unless-stopped - networks: - - net - - redlib: - image: quay.io/redlib/redlib:latest-arm - restart: unless-stopped - user: nobody - read_only: true - security_opt: - - no-new-privileges:true - # - seccomp=seccomp-redlib.json - cap_drop: - - ALL - env_file: .env - healthcheck: - test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://127.0.0.1:3080/settings"] - interval: 5m - timeout: 3s - expose: - - 3080 # Specify `127.0.0.1:8080:3080` instead if using a reverse proxy - networks: - - net - - thelounge: - image: ghcr.io/thelounge/thelounge:latest - restart: unless-stopped - volumes: - - thelounge_data:/var/opt/thelounge # bind lounge config from the host's file system - expose: - - 9000 - networks: - - net - - streamlit-bai: - environment: - <<: *default-environment - image: furyhawk/beyondallinfo:latest - restart: unless-stopped - command: streamlit run --server.port=$STREAMLIT_BAI_SERVER_PORT --server.address=0.0.0.0 --server.baseUrlPath=$BAI_LOCATION src/app.py - volumes: - - bai_cache:/app/cache - expose: - - ${STREAMLIT_BAI_SERVER_PORT} - networks: - - net - - streamlit-fin: - environment: - <<: *default-environment - image: furyhawk/llama3toolsfin:main - restart: unless-stopped - expose: - - ${STREAMLIT_FIN_SERVER_PORT} - networks: - - net - - site_server: - image: nginx:alpine - restart: unless-stopped - volumes: - - ./site:/usr/share/nginx/html:ro - expose: - - 80 - networks: - - net - - portainer: - image: portainer/portainer-ce:sts - command: -H unix:///var/run/docker.sock - container_name: portainer - restart: always - volumes: - - /var/run/docker.sock:/var/run/docker.sock - - portainer_data:/data - expose: - - 8000 - - 9000 - networks: - - net - - default - - traefik: - environment: - <<: *default-environment - build: - context: . - dockerfile: ./compose/traefik/Dockerfile - image: traefik_production - container_name: traefik - restart: always - volumes: - - "${LOG_PATH:-./logs}:/logs" - - production_traefik:/etc/traefik/acme:z - - "/var/run/docker.sock:/var/run/docker.sock:ro" - # extra_hosts: - # - "host.docker.internal:host-gateway" - ports: - - "80:80" - - "443:443" - - "7687:7687" - - "8083:8083" - - "8084:8084" - - "8883:8883" - # - "1883:1883" - # - 18083:18083 - networks: - - net - - default - -networks: - net: - external: true - name: ${NETWORK:-web} \ No newline at end of file