x-environment: &default-environment LOG_LEVEL: "DEBUG" LOG_PATH: "./logs" ACME_PATH: "./acme.json" NETWORK: "${NETWORK:-host}" FIN_LOCATION: "" STREAMLIT_FIN_SERVER_PORT: "8501" GROQ_API_KEY: "${GROQ_API_KEY}" BAI_LOCATION: "" STREAMLIT_BAI_SERVER_PORT: "8502" volumes: ghost_content: {} ghost_mysql: {} jellyfin_config: {} jellyfin_cache: {} kestra_data: {} minio_data: {} neo4j_data: {} neo4j_logs: {} pgadmin: {} privatebin_data: {} production_traefik: {} postgres_data: {} portainer_data: {} thelounge_data: {} services: postgres: image: postgres container_name: postgres environment: POSTGRES_DB: ${POSTGRES_DB} POSTGRES_USER: ${POSTGRES_USER} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} PGDATA: "/var/lib/postgresql/data" LANG: en_US.utf8 TZ: Asia/Singapore volumes: - postgres_data:/var/lib/postgresql/data healthcheck: test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] interval: 30s timeout: 10s retries: 10 ports: - "5432:5432" networks: - net - default adminer: image: adminer container_name: adminer environment: PGADMIN_DEFAULT_EMAIL: ${PGADMIN_DEFAULT_EMAIL} PGADMIN_DEFAULT_PASSWORD: ${PGADMIN_DEFAULT_PASSWORD} PGID: 1000 PUID: 1000 PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" PYTHONPATH: "/pgadmin4" TZ: Asia/Singapore user: "1000:1000" volumes: - pgadmin:/var/lib/pgadmin restart: unless-stopped depends_on: - postgres expose: - 80 networks: - net osrm-backend: environment: # OSRM manager setup - OSRM_ALGORITHM=mld - OSRM_THREADS=2 - OSRM_PORT=${OSRM_PORT:-5000} - OSRM_PROFILE=/opt/car.lua - OSRM_MAP_NAME=${OSRM_MAP_NAME} - OSRM_GEOFABRIK_PATH=${OSRM_GEOFABRIK_PATH} # Notify OSRM Manager to restart without stopping container - OSRM_NOTIFY_FILEPATH=/data/osrm_notify.txt image: furyhawk/osrm-backend:${OSRM_VERSION:-latest} container_name: osrm_backend restart: unless-stopped expose: - ${OSRM_PORT:-5000} networks: - net - default minio-common: image: minio/minio:latest container_name: minio_server environment: MINIO_ROOT_USER: "${MINIO_ROOT_USER:-minioadmin}" MINIO_ROOT_PASSWORD: "${MINIO_ROOT_PASSWORD:-minioadmin}" MINIO_OPTS: "--console-address :9001" MINIO_SERVER_URL: https://drive.furyhawk.lol # user: "1000:1000" restart: unless-stopped command: server /data --address :9000 --console-address :9001 healthcheck: test: ["CMD", "mc", "ready", "local"] interval: 65s timeout: 5s retries: 5 volumes: - minio_data:/data expose: - 9000 - 9001 networks: - net - default neo4j_server: # Docker image to be used image: ${NEO4J_DOCKER_IMAGE:-neo4j:latest} container_name: neo4j_server restart: unless-stopped # Environment variables environment: NEO4J_AUTH: neo4j/${NEO4J_PASSWORD:-12345678} NEO4J_dbms.default_listen_address: "0.0.0.0" NEO4J_dbms.default_advertised_address: "neo4j.furyhawk.lol" NEO4J_dbms.connector.bolt.advertised_address: ":443" NEO4J_PLUGINS: '["apoc"]' NEO4J_dbms_security_procedures_unrestricted: "apoc.*" NEO4J_dbms_security_procedures_allowlist: "apoc.*" NEO4J_server_memory_pagecache_size: 512M NEO4J_server_memory_heap_max__size: 2G user: "1000:1000" depends_on: - traefik volumes: - neo4j_data:/data - neo4j_logs:/logs # Expose ports expose: - 7474 - 7687 networks: - net - default api_server: image: furyhawk/listen:latest container_name: api_server restart: always depends_on: - postgres environment: DATABASE__HOSTNAME: ${DATABASE__HOSTNAME} DATABASE__USERNAME: ${POSTGRES_USER} DATABASE__PASSWORD: ${POSTGRES_PASSWORD} DATABASE__PORT: ${DATABASE__PORT} DATABASE__DB: ${DATABASE__DB} SECURITY__JWT_SECRET_KEY: ${SECURITY__JWT_SECRET_KEY} SECURITY__BACKEND_CORS_ORIGINS: ${SECURITY__BACKEND_CORS_ORIGINS} SECURITY__ALLOWED_HOSTS: ${SECURITY__ALLOWED_HOSTS} ports: - "8000:8000" networks: - net - default # kestra: # image: kestra/kestra:latest-full # container_name: kestra # # pull_policy: always # # Note that this is meant for development only. Refer to the documentation for production deployments of Kestra which runs without a root user. # user: "root" # command: server standalone --worker-thread=128 # environment: # KESTRA_CONFIGURATION: | # datasources: # postgres: # url: jdbc:postgresql://postgres:5432/kestra # driverClassName: org.postgresql.Driver # username: ${POSTGRES_USER} # password: ${POSTGRES_PASSWORD} # kestra: # server: # basic-auth: # enabled: true # username: ${EMAIL_FROM} # it must be a valid email address # password: ${EMAIL_PASSWORD} # repository: # type: postgres # storage: # type: local # local: # base-path: "/app/storage" # queue: # type: postgres # tasks: # tmp-dir: # path: /tmp/kestra-wd/tmp # url: http://kestra.furyhawk.lol/ # volumes: # - kestra_data:/app/storage # - /var/run/docker.sock:/var/run/docker.sock # # - /tmp/kestra-wd:/tmp/kestra-wd # depends_on: # - postgres # expose: # - "8080" # - "8081" # networks: # - net cheatsheets-app: image: furyhawk/cheatsheets:${CHEATSHEETSTAG:-latest} container_name: cheatsheets_app restart: unless-stopped expose: - 80 networks: - net ghost-server: image: ghost container_name: ghost_server cap_add: - CAP_SYS_NICE security_opt: - seccomp:unconfined restart: always depends_on: - ghost-db environment: url: https://ghost.furyhawk.lol database__client: mysql database__connection__host: ghost-db database__connection__user: root database__connection__password: ${POSTGRES_PASSWORD} database__connection__database: ghost volumes: - ghost_content:/var/lib/ghost/content expose: - 2368 networks: - net ghost-db: image: mysql:8 container_name: ghost-db security_opt: - seccomp:unconfined restart: always command: --mysql-native-password=ON environment: MYSQL_ROOT_PASSWORD: ${POSTGRES_PASSWORD} volumes: - ghost_mysql:/var/lib/mysql expose: - 3306 networks: - net heynote-app: image: furyhawk/heynote:${HEYNOTETAG:-latest} container_name: heynote_app restart: unless-stopped environment: NODE_ENV: production expose: - 5173 networks: - net jellyfin: image: jellyfin/jellyfin container_name: jellyfin user: 1000:1000 volumes: - jellyfin_config:/config - jellyfin_cache:/cache - type: bind source: ~/media target: /media read_only: false restart: 'unless-stopped' # Optional - alternative address used for autodiscovery environment: - JELLYFIN_PublishedServerUrl=https://media.furyhawk.lol expose: - 8096 networks: - net meshtastic_web: image: ghcr.io/meshtastic/web container_name: meshtastic_web restart: unless-stopped expose: - 8080 - 8443 networks: - net privatebin: image: privatebin/nginx-fpm-alpine:latest read_only: true user: "1000:1000" volumes: - privatebin_data:/srv/data # data volume for pastes allows pastes # to persist after container stop or restart - './config/conf.php:/srv/cfg/conf.php:ro' # second volume for custom configuration file expose: - 8080 restart: unless-stopped networks: - net redlib: image: quay.io/redlib/redlib:latest-arm restart: unless-stopped user: nobody read_only: true security_opt: - no-new-privileges:true # - seccomp=seccomp-redlib.json cap_drop: - ALL env_file: .env healthcheck: test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://127.0.0.1:3080/settings"] interval: 5m timeout: 3s expose: - 3080 # Specify `127.0.0.1:8080:3080` instead if using a reverse proxy networks: - net thelounge: image: ghcr.io/thelounge/thelounge:latest container_name: thelounge expose: - 9000 restart: unless-stopped volumes: - thelounge_data:/var/opt/thelounge # bind lounge config from the host's file system networks: - net streamlit-bai: environment: <<: *default-environment image: furyhawk/beyondallinfo:latest container_name: streamlit_bai_app restart: unless-stopped command: streamlit run --server.port=$STREAMLIT_BAI_SERVER_PORT --server.address=0.0.0.0 --server.baseUrlPath=$BAI_LOCATION src/app.py volumes: - type: bind source: ${PWD}/cache/bar_cache.sqlite target: /app/bar_cache.sqlite - type: bind source: ${PWD}/cache/short_cache.sqlite target: /app/short_cache.sqlite expose: - ${STREAMLIT_BAI_SERVER_PORT} networks: - net streamlit-fin: environment: <<: *default-environment image: furyhawk/llama3toolsfin:main container_name: streamlit_fin_app restart: unless-stopped expose: - ${STREAMLIT_FIN_SERVER_PORT} networks: - net syncthing: image: syncthing/syncthing container_name: syncthing environment: - PUID=1000 - PGID=1000 restart: unless-stopped volumes: - ~/st-sync:/var/syncthing ports: - "8384:8384" # Web UI - "22000:22000/tcp" # TCP file transfers - "22000:22000/udp" # QUIC file transfers - "21027:21027/udp" # Receive local discovery broadcasts networks: - net - default site_server: image: nginx:alpine container_name: site_server restart: unless-stopped volumes: - ./site:/usr/share/nginx/html:ro expose: - 80 networks: - net portainer: image: portainer/portainer-ce:sts command: -H unix:///var/run/docker.sock container_name: portainer restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock - portainer_data:/data expose: - 8000 - 9000 networks: - net - default traefik: environment: <<: *default-environment build: context: . dockerfile: ./compose/traefik/Dockerfile image: traefik_production container_name: traefik restart: always volumes: - "${LOG_PATH:-./logs}:/logs" - production_traefik:/etc/traefik/acme:z - "/var/run/docker.sock:/var/run/docker.sock:ro" # extra_hosts: # - "host.docker.internal:host-gateway" ports: - "80:80" - "443:443" - "7687:7687" - "8083:8083" - "8084:8084" - "8883:8883" # - "1883:1883" # - 18083:18083 networks: - net - default networks: net: external: true name: ${NETWORK:-web}