feat: create util stack consolidating utility services
Consolidates 6 utility services into a single util stack:
- drop (PairDrop) - P2P file sharing
- joplin (Joplin Server) - Note-taking and sync
- links (Linkwarden) - Bookmark manager with Meilisearch
- mattermost (Mattermost) - Team collaboration
- vault (Vaultwarden) - Password manager
- tandoor (Tandoor) - Recipe manager
Changes:
- Created util/compose.yaml with all 6 services
- Moved rtc_config.json to util directory
- Updated environment variables to use UTIL_ prefix
- Updated restic volume references to util_* names
- Container names changed from {service}_app to util_{service}
- Volume names changed from {service}_* to util_{service}_*
- Removed individual stack directories (drop, joplin, links, mattermost, vault, tandoor)
- Updated compose.yaml to include util/compose.yaml instead of individual stacks
All services maintain their original hostnames and functionality.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
77
arty.yml
77
arty.yml
@@ -40,25 +40,44 @@ envs:
|
||||
SEXY_PASSWORD_RESET_URL_ALLOW_LIST: https://sexy.pivoine.art/password/reset
|
||||
SEXY_FRONTEND_PUBLIC_API_URL: https://sexy.pivoine.art/api
|
||||
SEXY_FRONTEND_PUBLIC_URL: https://sexy.pivoine.art
|
||||
# Util Stack (Mattermost, Tandoor, Linkwarden, Vault, Joplin, PairDrop)
|
||||
UTIL_TRAEFIK_ENABLED: true
|
||||
UTIL_COMPOSE_PROJECT_NAME: util
|
||||
# Mattermost
|
||||
MATTERMOST_TRAEFIK_ENABLED: true
|
||||
MATTERMOST_COMPOSE_PROJECT_NAME: mattermost
|
||||
MATTERMOST_IMAGE: mattermost/mattermost-team-edition:latest
|
||||
MATTERMOST_TRAEFIK_HOST: mattermost.pivoine.art
|
||||
MATTERMOST_DB_NAME: mattermost
|
||||
UTIL_MATTERMOST_IMAGE: mattermost/mattermost-team-edition:latest
|
||||
UTIL_MATTERMOST_TRAEFIK_HOST: mattermost.pivoine.art
|
||||
UTIL_MATTERMOST_DB_NAME: mattermost
|
||||
# Tandoor
|
||||
TANDOOR_TRAEFIK_ENABLED: true
|
||||
TANDOOR_COMPOSE_PROJECT_NAME: tandoor
|
||||
TANDOOR_IMAGE: vabene1111/recipes:latest
|
||||
TANDOOR_TRAEFIK_HOST: tandoor.pivoine.art
|
||||
TANDOOR_DB_NAME: tandoor
|
||||
TANDOOR_ENABLE_SIGNUP: 0
|
||||
TANDOOR_REVERSE_PROXY_AUTH: 0
|
||||
TANDOOR_EMAIL_USE_TLS: 0
|
||||
TANDOOR_EMAIL_USE_SSL: 1
|
||||
TANDOOR_GUNICORN_MEDIA: 0
|
||||
TANDOOR_COMMENT_PREF_DEFAULT: 1
|
||||
TANDOOR_SHOPPING_MIN_AUTOSYNC_INTERVAL: 5
|
||||
UTIL_TANDOOR_IMAGE: vabene1111/recipes:latest
|
||||
UTIL_TANDOOR_TRAEFIK_HOST: tandoor.pivoine.art
|
||||
UTIL_TANDOOR_DB_NAME: tandoor
|
||||
UTIL_TANDOOR_ENABLE_SIGNUP: 0
|
||||
UTIL_TANDOOR_REVERSE_PROXY_AUTH: 0
|
||||
UTIL_TANDOOR_EMAIL_USE_TLS: 0
|
||||
UTIL_TANDOOR_EMAIL_USE_SSL: 1
|
||||
UTIL_TANDOOR_GUNICORN_MEDIA: 0
|
||||
UTIL_TANDOOR_COMMENT_PREF_DEFAULT: 1
|
||||
UTIL_TANDOOR_SHOPPING_MIN_AUTOSYNC_INTERVAL: 5
|
||||
# Linkwarden
|
||||
UTIL_LINKS_DOCKER_IMAGE: ghcr.io/linkwarden/linkwarden:latest
|
||||
UTIL_LINKS_TRAEFIK_HOST: links.pivoine.art
|
||||
UTIL_LINKS_DB_NAME: linkwarden
|
||||
UTIL_LINKS_MEILI_IMAGE: getmeili/meilisearch:v1.12.8
|
||||
UTIL_LINKS_MEILI_NO_ANALYTICS: true
|
||||
# Vault
|
||||
UTIL_VAULT_IMAGE: vaultwarden/server:latest
|
||||
UTIL_VAULT_TRAEFIK_HOST: vault.pivoine.art
|
||||
UTIL_VAULT_WEBSOCKET_ENABLED: true
|
||||
UTIL_VAULT_SIGNUPS_ALLOWED: true
|
||||
UTIL_VAULT_INVITATIONS_ALLOWED: true
|
||||
UTIL_VAULT_SHOW_PASSWORD_HINT: false
|
||||
# Joplin
|
||||
UTIL_JOPLIN_IMAGE: joplin/server:latest
|
||||
UTIL_JOPLIN_TRAEFIK_HOST: joplin.pivoine.art
|
||||
UTIL_JOPLIN_APP_PORT: 22300
|
||||
UTIL_JOPLIN_DB_NAME: joplin
|
||||
# PairDrop
|
||||
UTIL_DROP_TRAEFIK_HOST: drop.pivoine.art
|
||||
# Filestash
|
||||
STASH_TRAEFIK_ENABLED: true
|
||||
STASH_COMPOSE_PROJECT_NAME: stash
|
||||
@@ -66,14 +85,6 @@ envs:
|
||||
STASH_TRAEFIK_HOST: stash.pivoine.art
|
||||
STASH_PORT: 8334
|
||||
STASH_CANARY: true
|
||||
# Linkwarden
|
||||
LINKS_TRAEFIK_ENABLED: true
|
||||
LINKS_COMPOSE_PROJECT_NAME: links
|
||||
LINKS_DOCKER_IMAGE: ghcr.io/linkwarden/linkwarden:latest
|
||||
LINKS_TRAEFIK_HOST: links.pivoine.art
|
||||
LINKS_DB_NAME: linkwarden
|
||||
LINKS_MEILI_IMAGE: getmeili/meilisearch:v1.12.8
|
||||
LINKS_MEILI_NO_ANALYTICS: true
|
||||
# Restic
|
||||
RESTIC_TRAEFIK_ENABLED: true
|
||||
RESTIC_COMPOSE_PROJECT_NAME: restic
|
||||
@@ -81,22 +92,6 @@ envs:
|
||||
RESTIC_TRAEFIK_HOST: restic.pivoine.art
|
||||
RESTIC_HOSTNAME: falcon
|
||||
RESTIC_BACKUP_PATH: /mnt/hidrive/users/valknar/Backup
|
||||
# Vault
|
||||
VAULT_TRAEFIK_ENABLED: true
|
||||
VAULT_COMPOSE_PROJECT_NAME: vault
|
||||
VAULT_IMAGE: vaultwarden/server:latest
|
||||
VAULT_TRAEFIK_HOST: vault.pivoine.art
|
||||
VAULT_WEBSOCKET_ENABLED: true
|
||||
VAULT_SIGNUPS_ALLOWED: true
|
||||
VAULT_INVITATIONS_ALLOWED: true
|
||||
VAULT_SHOW_PASSWORD_HINT: false
|
||||
# Joplin
|
||||
JOPLIN_TRAEFIK_ENABLED: true
|
||||
JOPLIN_COMPOSE_PROJECT_NAME: joplin
|
||||
JOPLIN_IMAGE: joplin/server:latest
|
||||
JOPLIN_TRAEFIK_HOST: joplin.pivoine.art
|
||||
JOPLIN_APP_PORT: 22300
|
||||
JOPLIN_DB_NAME: joplin
|
||||
# Jellyfin
|
||||
JELLY_TRAEFIK_ENABLED: true
|
||||
JELLY_COMPOSE_PROJECT_NAME: jelly
|
||||
|
||||
@@ -2,12 +2,7 @@ name: falcon
|
||||
include:
|
||||
- core/compose.yaml
|
||||
- sexy/compose.yaml
|
||||
- mattermost/compose.yaml
|
||||
- tandoor/compose.yaml
|
||||
- links/compose.yaml
|
||||
- vault/compose.yaml
|
||||
- joplin/compose.yaml
|
||||
- drop/compose.yaml
|
||||
- util/compose.yaml
|
||||
- ai/compose.yaml
|
||||
- restic/compose.yaml
|
||||
- netdata/compose.yaml
|
||||
|
||||
@@ -1,41 +0,0 @@
|
||||
services:
|
||||
pairdrop:
|
||||
image: lscr.io/linuxserver/pairdrop:latest
|
||||
container_name: ${DROP_COMPOSE_PROJECT_NAME}_app
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ./rtc_config.json:/rtc_config.json:ro
|
||||
environment:
|
||||
PUID: 1000
|
||||
PGID: 1000
|
||||
TZ: ${TIMEZONE:-Europe/Berlin}
|
||||
RATE_LIMIT: true
|
||||
WS_FALLBACK: true
|
||||
WS_SERVER: true
|
||||
RTC_CONFIG: /rtc_config.json
|
||||
DEBUG_MODE: true
|
||||
networks:
|
||||
- compose_network
|
||||
labels:
|
||||
- 'traefik.enable=${DROP_TRAEFIK_ENABLED}'
|
||||
# HTTP to HTTPS redirect
|
||||
- 'traefik.http.middlewares.${DROP_COMPOSE_PROJECT_NAME}-redirect-web-secure.redirectscheme.scheme=https'
|
||||
- 'traefik.http.routers.${DROP_COMPOSE_PROJECT_NAME}-web.middlewares=${DROP_COMPOSE_PROJECT_NAME}-redirect-web-secure'
|
||||
- 'traefik.http.routers.${DROP_COMPOSE_PROJECT_NAME}-web.rule=Host(`${DROP_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${DROP_COMPOSE_PROJECT_NAME}-web.entrypoints=web'
|
||||
# HTTPS router
|
||||
- 'traefik.http.routers.${DROP_COMPOSE_PROJECT_NAME}-web-secure.rule=Host(`${DROP_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${DROP_COMPOSE_PROJECT_NAME}-web-secure.tls.certresolver=resolver'
|
||||
- 'traefik.http.routers.${DROP_COMPOSE_PROJECT_NAME}-web-secure.entrypoints=web-secure'
|
||||
- 'traefik.http.middlewares.${DROP_COMPOSE_PROJECT_NAME}-web-secure-compress.compress=true'
|
||||
- 'traefik.http.routers.${DROP_COMPOSE_PROJECT_NAME}-web-secure.middlewares=${DROP_COMPOSE_PROJECT_NAME}-web-secure-compress,security-headers@file'
|
||||
# Service
|
||||
- 'traefik.http.services.${DROP_COMPOSE_PROJECT_NAME}-web-secure.loadbalancer.server.port=3000'
|
||||
- 'traefik.docker.network=${NETWORK_NAME}'
|
||||
# Watchtower
|
||||
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
||||
|
||||
networks:
|
||||
compose_network:
|
||||
name: ${NETWORK_NAME}
|
||||
external: true
|
||||
@@ -1,52 +0,0 @@
|
||||
services:
|
||||
joplin:
|
||||
image: ${JOPLIN_IMAGE:-joplin/server:latest}
|
||||
container_name: ${JOPLIN_COMPOSE_PROJECT_NAME}_app
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- joplin_data:/data
|
||||
environment:
|
||||
TZ: ${TIMEZONE:-Europe/Berlin}
|
||||
APP_PORT: ${JOPLIN_APP_PORT:-22300}
|
||||
APP_BASE_URL: https://${JOPLIN_TRAEFIK_HOST}
|
||||
DB_CLIENT: pg
|
||||
POSTGRES_HOST: ${CORE_DB_HOST}
|
||||
POSTGRES_PORT: ${CORE_DB_PORT}
|
||||
POSTGRES_DATABASE: ${JOPLIN_DB_NAME}
|
||||
POSTGRES_USER: ${DB_USER}
|
||||
POSTGRES_PASSWORD: ${DB_PASSWORD}
|
||||
MAILER_ENABLED: 1
|
||||
MAILER_HOST: ${EMAIL_SMTP_HOST}
|
||||
MAILER_PORT: ${EMAIL_SMTP_PORT}
|
||||
MAILER_SECURE: 1
|
||||
MAILER_AUTH_USER: ${EMAIL_SMTP_USER}
|
||||
MAILER_AUTH_PASSWORD: ${EMAIL_SMTP_PASSWORD}
|
||||
MAILER_NOREPLY_NAME: Joplin Server
|
||||
MAILER_NOREPLY_EMAIL: ${EMAIL_FROM}
|
||||
networks:
|
||||
- compose_network
|
||||
depends_on:
|
||||
- postgres
|
||||
labels:
|
||||
- 'traefik.enable=${JOPLIN_TRAEFIK_ENABLED}'
|
||||
- 'traefik.http.middlewares.${JOPLIN_COMPOSE_PROJECT_NAME}-redirect-web-secure.redirectscheme.scheme=https'
|
||||
- 'traefik.http.routers.${JOPLIN_COMPOSE_PROJECT_NAME}-web.middlewares=${JOPLIN_COMPOSE_PROJECT_NAME}-redirect-web-secure'
|
||||
- 'traefik.http.routers.${JOPLIN_COMPOSE_PROJECT_NAME}-web.rule=Host(`${JOPLIN_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${JOPLIN_COMPOSE_PROJECT_NAME}-web.entrypoints=web'
|
||||
- 'traefik.http.routers.${JOPLIN_COMPOSE_PROJECT_NAME}-web-secure.rule=Host(`${JOPLIN_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${JOPLIN_COMPOSE_PROJECT_NAME}-web-secure.tls.certresolver=resolver'
|
||||
- 'traefik.http.routers.${JOPLIN_COMPOSE_PROJECT_NAME}-web-secure.entrypoints=web-secure'
|
||||
- 'traefik.http.middlewares.${JOPLIN_COMPOSE_PROJECT_NAME}-web-secure-compress.compress=true'
|
||||
- 'traefik.http.routers.${JOPLIN_COMPOSE_PROJECT_NAME}-web-secure.middlewares=${JOPLIN_COMPOSE_PROJECT_NAME}-web-secure-compress'
|
||||
- 'traefik.http.services.${JOPLIN_COMPOSE_PROJECT_NAME}-web-secure.loadbalancer.server.port=22300'
|
||||
- 'traefik.docker.network=${NETWORK_NAME}'
|
||||
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
||||
|
||||
volumes:
|
||||
joplin_data:
|
||||
name: joplin_data
|
||||
|
||||
networks:
|
||||
compose_network:
|
||||
name: ${NETWORK_NAME}
|
||||
external: true
|
||||
@@ -1,54 +0,0 @@
|
||||
services:
|
||||
linkwarden:
|
||||
image: ${LINKS_DOCKER_IMAGE}
|
||||
container_name: ${LINKS_COMPOSE_PROJECT_NAME}_app
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- compose_network
|
||||
environment:
|
||||
TZ: ${TIMEZONE:-Europe/Amsterdam}
|
||||
DATABASE_URL: postgresql://${DB_USER}:${DB_PASSWORD}@${CORE_DB_HOST}:${CORE_DB_PORT}/${LINKS_DB_NAME}
|
||||
NEXTAUTH_SECRET: ${LINKS_NEXTAUTH_SECRET}
|
||||
NEXTAUTH_URL: https://${LINKS_TRAEFIK_HOST}
|
||||
MEILI_ADDR: http://linkwarden_meilisearch:7700
|
||||
MEILI_MASTER_KEY: ${LINKS_MEILI_MASTER_KEY}
|
||||
BASE_URL: https://${LINKS_TRAEFIK_HOST}
|
||||
NEXT_PUBLIC_EMAIL_PROVIDER: true
|
||||
EMAIL_FROM: ${EMAIL_FROM}
|
||||
EMAIL_SERVER: ${LINKS_EMAIL_SERVER}
|
||||
volumes:
|
||||
- linkwarden_data:/data/data
|
||||
depends_on:
|
||||
- linkwarden_meilisearch
|
||||
labels:
|
||||
- 'traefik.enable=${LINKS_TRAEFIK_ENABLED:-true}'
|
||||
- 'traefik.http.middlewares.${LINKS_COMPOSE_PROJECT_NAME}-redirect-web-secure.redirectscheme.scheme=https'
|
||||
- 'traefik.http.routers.${LINKS_COMPOSE_PROJECT_NAME}-web.middlewares=${LINKS_COMPOSE_PROJECT_NAME}-redirect-web-secure'
|
||||
- 'traefik.http.routers.${LINKS_COMPOSE_PROJECT_NAME}-web.rule=Host(`${LINKS_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${LINKS_COMPOSE_PROJECT_NAME}-web.entrypoints=web'
|
||||
- 'traefik.http.routers.${LINKS_COMPOSE_PROJECT_NAME}-web-secure.rule=Host(`${LINKS_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${LINKS_COMPOSE_PROJECT_NAME}-web-secure.tls.certresolver=resolver'
|
||||
- 'traefik.http.routers.${LINKS_COMPOSE_PROJECT_NAME}-web-secure.entrypoints=web-secure'
|
||||
- 'traefik.http.middlewares.${LINKS_COMPOSE_PROJECT_NAME}-web-secure-compress.compress=true'
|
||||
- 'traefik.http.routers.${LINKS_COMPOSE_PROJECT_NAME}-web-secure.middlewares=${LINKS_COMPOSE_PROJECT_NAME}-web-secure-compress'
|
||||
- 'traefik.http.services.${LINKS_COMPOSE_PROJECT_NAME}-web-secure.loadbalancer.server.port=3000'
|
||||
- 'traefik.docker.network=${NETWORK_NAME}'
|
||||
- 'com.centurylinklabs.watchtower.enable=true'
|
||||
|
||||
linkwarden_meilisearch:
|
||||
image: ${LINKS_MEILI_IMAGE}
|
||||
container_name: ${LINKS_COMPOSE_PROJECT_NAME}_meilisearch
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- compose_network
|
||||
environment:
|
||||
MEILI_MASTER_KEY: ${LINKS_MEILI_MASTER_KEY}
|
||||
MEILI_NO_ANALYTICS: ${LINKS_MEILI_NO_ANALYTICS:-true}
|
||||
volumes:
|
||||
- linkwarden_meili_data:/meili_data
|
||||
|
||||
volumes:
|
||||
linkwarden_data:
|
||||
name: ${LINKS_COMPOSE_PROJECT_NAME}_data
|
||||
linkwarden_meili_data:
|
||||
name: ${LINKS_COMPOSE_PROJECT_NAME}_meili_data
|
||||
@@ -1,74 +0,0 @@
|
||||
services:
|
||||
mattermost:
|
||||
image: ${MATTERMOST_IMAGE:-mattermost/mattermost-team-edition:latest}
|
||||
container_name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_app
|
||||
restart: unless-stopped
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
pids_limit: 200
|
||||
read_only: false
|
||||
tmpfs:
|
||||
- /tmp
|
||||
volumes:
|
||||
- mattermost_config:/mattermost/config:rw
|
||||
- mattermost_data:/mattermost/data:rw
|
||||
- mattermost_logs:/mattermost/logs:rw
|
||||
- mattermost_plugins:/mattermost/plugins:rw
|
||||
- mattermost_client_plugins:/mattermost/client/plugins:rw
|
||||
- mattermost_bleve:/mattermost/bleve-indexes:rw
|
||||
environment:
|
||||
TZ: ${TIMEZONE:-Europe/Berlin}
|
||||
MM_SQLSETTINGS_DRIVERNAME: postgres
|
||||
MM_SQLSETTINGS_DATASOURCE: postgres://${DB_USER}:${DB_PASSWORD}@${CORE_DB_HOST}:${CORE_DB_PORT}/${MATTERMOST_DB_NAME}?sslmode=disable&connect_timeout=10
|
||||
MM_BLEVESETTINGS_INDEXDIR: /mattermost/bleve-indexes
|
||||
MM_SERVICESETTINGS_SITEURL: https://${MATTERMOST_TRAEFIK_HOST}
|
||||
MM_SERVICESETTINGS_ENABLELOCALMODE: "true"
|
||||
# Email settings
|
||||
MM_EMAILSETTINGS_ENABLESMTPAUTH: "true"
|
||||
MM_EMAILSETTINGS_SMTPUSERNAME: ${EMAIL_SMTP_USER}
|
||||
MM_EMAILSETTINGS_SMTPPASSWORD: ${EMAIL_SMTP_PASSWORD}
|
||||
MM_EMAILSETTINGS_SMTPSERVER: ${EMAIL_SMTP_HOST}
|
||||
MM_EMAILSETTINGS_SMTPPORT: ${EMAIL_SMTP_PORT}
|
||||
MM_EMAILSETTINGS_CONNECTIONSECURITY: TLS
|
||||
MM_EMAILSETTINGS_FEEDBACKNAME: Mattermost
|
||||
MM_EMAILSETTINGS_FEEDBACKEMAIL: ${EMAIL_FROM}
|
||||
MM_EMAILSETTINGS_REPLYTOADDRESS: ${EMAIL_FROM}
|
||||
networks:
|
||||
- compose_network
|
||||
labels:
|
||||
- 'traefik.enable=${MATTERMOST_TRAEFIK_ENABLED}'
|
||||
# HTTP to HTTPS redirect
|
||||
- 'traefik.http.middlewares.${MATTERMOST_COMPOSE_PROJECT_NAME}-redirect-web-secure.redirectscheme.scheme=https'
|
||||
- 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web.middlewares=${MATTERMOST_COMPOSE_PROJECT_NAME}-redirect-web-secure'
|
||||
- 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web.rule=Host(`${MATTERMOST_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web.entrypoints=web'
|
||||
# HTTPS router
|
||||
- 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure.rule=Host(`${MATTERMOST_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure.tls.certresolver=resolver'
|
||||
- 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure.entrypoints=web-secure'
|
||||
- 'traefik.http.middlewares.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure-compress.compress=true'
|
||||
- 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure.middlewares=${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure-compress,security-headers@file'
|
||||
# Service
|
||||
- 'traefik.http.services.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure.loadbalancer.server.port=8065'
|
||||
- 'traefik.docker.network=${NETWORK_NAME}'
|
||||
# Watchtower
|
||||
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
||||
|
||||
volumes:
|
||||
mattermost_config:
|
||||
name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_config
|
||||
mattermost_data:
|
||||
name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_data
|
||||
mattermost_logs:
|
||||
name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_logs
|
||||
mattermost_plugins:
|
||||
name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_plugins
|
||||
mattermost_client_plugins:
|
||||
name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_client_plugins
|
||||
mattermost_bleve:
|
||||
name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_bleve
|
||||
|
||||
networks:
|
||||
compose_network:
|
||||
name: ${NETWORK_NAME}
|
||||
external: true
|
||||
@@ -19,18 +19,18 @@ services:
|
||||
- backup_core_redis_data:/volumes/core_redis_data:ro
|
||||
- backup_directus_uploads:/volumes/directus_uploads:ro
|
||||
- backup_directus_bundle:/volumes/directus_bundle:ro
|
||||
- backup_mattermost_config:/volumes/mattermost_config:ro
|
||||
- backup_mattermost_data:/volumes/mattermost_data:ro
|
||||
- backup_mattermost_plugins:/volumes/mattermost_plugins:ro
|
||||
- backup_tandoor_staticfiles:/volumes/tandoor_staticfiles:ro
|
||||
- backup_tandoor_mediafiles:/volumes/tandoor_mediafiles:ro
|
||||
- backup_util_mattermost_config:/volumes/mattermost_config:ro
|
||||
- backup_util_mattermost_data:/volumes/mattermost_data:ro
|
||||
- backup_util_mattermost_plugins:/volumes/mattermost_plugins:ro
|
||||
- backup_util_tandoor_staticfiles:/volumes/tandoor_staticfiles:ro
|
||||
- backup_util_tandoor_mediafiles:/volumes/tandoor_mediafiles:ro
|
||||
- backup_n8n_data:/volumes/n8n_data:ro
|
||||
- backup_filestash_data:/volumes/filestash_data:ro
|
||||
- backup_linkwarden_data:/volumes/linkwarden_data:ro
|
||||
- backup_linkwarden_meili_data:/volumes/linkwarden_meili_data:ro
|
||||
- backup_util_linkwarden_data:/volumes/linkwarden_data:ro
|
||||
- backup_util_linkwarden_meili_data:/volumes/linkwarden_meili_data:ro
|
||||
- backup_letsencrypt_data:/volumes/letsencrypt_data:ro
|
||||
- backup_vaultwarden_data:/volumes/vaultwarden_data:ro
|
||||
- backup_joplin_data:/volumes/joplin_data:ro
|
||||
- backup_util_vaultwarden_data:/volumes/vaultwarden_data:ro
|
||||
- backup_util_joplin_data:/volumes/joplin_data:ro
|
||||
- backup_jelly_config:/volumes/jelly_config:ro
|
||||
- backup_netdata_config:/volumes/netdata_config:ro
|
||||
- backup_ai_postgres_data:/volumes/ai_postgres_data:ro
|
||||
@@ -91,20 +91,20 @@ volumes:
|
||||
backup_directus_bundle:
|
||||
name: core_directus_bundle
|
||||
external: true
|
||||
backup_mattermost_config:
|
||||
name: mattermost_config
|
||||
backup_util_mattermost_config:
|
||||
name: util_mattermost_config
|
||||
external: true
|
||||
backup_mattermost_data:
|
||||
name: mattermost_data
|
||||
backup_util_mattermost_data:
|
||||
name: util_mattermost_data
|
||||
external: true
|
||||
backup_mattermost_plugins:
|
||||
name: mattermost_plugins
|
||||
backup_util_mattermost_plugins:
|
||||
name: util_mattermost_plugins
|
||||
external: true
|
||||
backup_tandoor_staticfiles:
|
||||
name: tandoor_staticfiles
|
||||
backup_util_tandoor_staticfiles:
|
||||
name: util_tandoor_staticfiles
|
||||
external: true
|
||||
backup_tandoor_mediafiles:
|
||||
name: tandoor_mediafiles
|
||||
backup_util_tandoor_mediafiles:
|
||||
name: util_tandoor_mediafiles
|
||||
external: true
|
||||
backup_n8n_data:
|
||||
name: dev_n8n_data
|
||||
@@ -112,20 +112,20 @@ volumes:
|
||||
backup_filestash_data:
|
||||
name: stash_filestash_data
|
||||
external: true
|
||||
backup_linkwarden_data:
|
||||
name: links_data
|
||||
backup_util_linkwarden_data:
|
||||
name: util_linkwarden_data
|
||||
external: true
|
||||
backup_linkwarden_meili_data:
|
||||
name: links_meili_data
|
||||
backup_util_linkwarden_meili_data:
|
||||
name: util_linkwarden_meili_data
|
||||
external: true
|
||||
backup_letsencrypt_data:
|
||||
name: proxy_letsencrypt_data
|
||||
external: true
|
||||
backup_vaultwarden_data:
|
||||
name: vault_data
|
||||
backup_util_vaultwarden_data:
|
||||
name: util_vaultwarden_data
|
||||
external: true
|
||||
backup_joplin_data:
|
||||
name: joplin_data
|
||||
backup_util_joplin_data:
|
||||
name: util_joplin_data
|
||||
external: true
|
||||
|
||||
backup_jelly_config:
|
||||
|
||||
@@ -1,78 +0,0 @@
|
||||
services:
|
||||
tandoor:
|
||||
image: ${TANDOOR_IMAGE:-vabene1111/recipes:latest}
|
||||
container_name: ${TANDOOR_COMPOSE_PROJECT_NAME}_app
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
# Django settings
|
||||
SECRET_KEY: ${TANDOOR_SECRET_KEY}
|
||||
ALLOWED_HOSTS: ${TANDOOR_TRAEFIK_HOST}
|
||||
TIMEZONE: ${TIMEZONE:-Europe/Berlin}
|
||||
|
||||
# Database configuration
|
||||
DB_ENGINE: django.db.backends.postgresql
|
||||
POSTGRES_HOST: ${CORE_DB_HOST}
|
||||
POSTGRES_PORT: ${CORE_DB_PORT}
|
||||
POSTGRES_USER: ${DB_USER}
|
||||
POSTGRES_PASSWORD: ${DB_PASSWORD}
|
||||
POSTGRES_DB: ${TANDOOR_DB_NAME}
|
||||
|
||||
# Application settings
|
||||
ENABLE_SIGNUP: ${TANDOOR_ENABLE_SIGNUP:-0}
|
||||
REVERSE_PROXY_AUTH: ${TANDOOR_REVERSE_PROXY_AUTH:-0}
|
||||
|
||||
# Email configuration (IONOS SMTP)
|
||||
EMAIL_HOST: ${EMAIL_SMTP_HOST}
|
||||
EMAIL_PORT: ${EMAIL_SMTP_PORT}
|
||||
EMAIL_HOST_USER: ${EMAIL_SMTP_USER}
|
||||
EMAIL_HOST_PASSWORD: ${EMAIL_SMTP_PASSWORD}
|
||||
EMAIL_USE_TLS: ${TANDOOR_EMAIL_USE_TLS:-0}
|
||||
EMAIL_USE_SSL: ${TANDOOR_EMAIL_USE_SSL:-1}
|
||||
DEFAULT_FROM_EMAIL: ${EMAIL_FROM}
|
||||
|
||||
# Gunicorn settings
|
||||
GUNICORN_MEDIA: ${TANDOOR_GUNICORN_MEDIA:-0}
|
||||
|
||||
# Optional features
|
||||
COMMENT_PREF_DEFAULT: ${TANDOOR_COMMENT_PREF_DEFAULT:-1}
|
||||
SHOPPING_MIN_AUTOSYNC_INTERVAL: ${TANDOOR_SHOPPING_MIN_AUTOSYNC_INTERVAL:-5}
|
||||
|
||||
volumes:
|
||||
- tandoor_staticfiles:/opt/recipes/staticfiles
|
||||
- tandoor_mediafiles:/opt/recipes/mediafiles
|
||||
|
||||
depends_on:
|
||||
- postgres
|
||||
|
||||
networks:
|
||||
- compose_network
|
||||
|
||||
labels:
|
||||
- 'traefik.enable=${TANDOOR_TRAEFIK_ENABLED}'
|
||||
# HTTP to HTTPS redirect
|
||||
- 'traefik.http.middlewares.${TANDOOR_COMPOSE_PROJECT_NAME}-redirect-web-secure.redirectscheme.scheme=https'
|
||||
- 'traefik.http.routers.${TANDOOR_COMPOSE_PROJECT_NAME}-web.middlewares=${TANDOOR_COMPOSE_PROJECT_NAME}-redirect-web-secure'
|
||||
- 'traefik.http.routers.${TANDOOR_COMPOSE_PROJECT_NAME}-web.rule=Host(`${TANDOOR_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${TANDOOR_COMPOSE_PROJECT_NAME}-web.entrypoints=web'
|
||||
# HTTPS router
|
||||
- 'traefik.http.routers.${TANDOOR_COMPOSE_PROJECT_NAME}-web-secure.rule=Host(`${TANDOOR_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${TANDOOR_COMPOSE_PROJECT_NAME}-web-secure.tls.certresolver=resolver'
|
||||
- 'traefik.http.routers.${TANDOOR_COMPOSE_PROJECT_NAME}-web-secure.entrypoints=web-secure'
|
||||
- 'traefik.http.middlewares.${TANDOOR_COMPOSE_PROJECT_NAME}-web-secure-compress.compress=true'
|
||||
- 'traefik.http.routers.${TANDOOR_COMPOSE_PROJECT_NAME}-web-secure.middlewares=${TANDOOR_COMPOSE_PROJECT_NAME}-web-secure-compress,security-headers@file'
|
||||
# Service
|
||||
- 'traefik.http.services.${TANDOOR_COMPOSE_PROJECT_NAME}-web-secure.loadbalancer.server.port=80'
|
||||
- 'traefik.docker.network=${NETWORK_NAME}'
|
||||
# Watchtower
|
||||
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
||||
|
||||
volumes:
|
||||
tandoor_staticfiles:
|
||||
name: ${TANDOOR_COMPOSE_PROJECT_NAME}_staticfiles
|
||||
tandoor_mediafiles:
|
||||
name: ${TANDOOR_COMPOSE_PROJECT_NAME}_mediafiles
|
||||
|
||||
networks:
|
||||
compose_network:
|
||||
name: ${NETWORK_NAME}
|
||||
external: true
|
||||
324
util/compose.yaml
Normal file
324
util/compose.yaml
Normal file
@@ -0,0 +1,324 @@
|
||||
services:
|
||||
# PairDrop - P2P file sharing
|
||||
pairdrop:
|
||||
image: lscr.io/linuxserver/pairdrop:latest
|
||||
container_name: ${UTIL_COMPOSE_PROJECT_NAME}_pairdrop
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ./rtc_config.json:/rtc_config.json:ro
|
||||
environment:
|
||||
PUID: 1000
|
||||
PGID: 1000
|
||||
TZ: ${TIMEZONE:-Europe/Berlin}
|
||||
RATE_LIMIT: true
|
||||
WS_FALLBACK: true
|
||||
WS_SERVER: true
|
||||
RTC_CONFIG: /rtc_config.json
|
||||
DEBUG_MODE: true
|
||||
networks:
|
||||
- compose_network
|
||||
labels:
|
||||
- 'traefik.enable=${UTIL_TRAEFIK_ENABLED}'
|
||||
# HTTP to HTTPS redirect
|
||||
- 'traefik.http.middlewares.${UTIL_COMPOSE_PROJECT_NAME}-pairdrop-redirect-web-secure.redirectscheme.scheme=https'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-pairdrop-web.middlewares=${UTIL_COMPOSE_PROJECT_NAME}-pairdrop-redirect-web-secure'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-pairdrop-web.rule=Host(`${UTIL_DROP_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-pairdrop-web.entrypoints=web'
|
||||
# HTTPS router
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-pairdrop-web-secure.rule=Host(`${UTIL_DROP_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-pairdrop-web-secure.tls.certresolver=resolver'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-pairdrop-web-secure.entrypoints=web-secure'
|
||||
- 'traefik.http.middlewares.${UTIL_COMPOSE_PROJECT_NAME}-pairdrop-web-secure-compress.compress=true'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-pairdrop-web-secure.middlewares=${UTIL_COMPOSE_PROJECT_NAME}-pairdrop-web-secure-compress,security-headers@file'
|
||||
# Service
|
||||
- 'traefik.http.services.${UTIL_COMPOSE_PROJECT_NAME}-pairdrop-web-secure.loadbalancer.server.port=3000'
|
||||
- 'traefik.docker.network=${NETWORK_NAME}'
|
||||
# Watchtower
|
||||
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
||||
|
||||
# Joplin Server - Note-taking and sync
|
||||
joplin:
|
||||
image: ${UTIL_JOPLIN_IMAGE:-joplin/server:latest}
|
||||
container_name: ${UTIL_COMPOSE_PROJECT_NAME}_joplin
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- joplin_data:/data
|
||||
environment:
|
||||
TZ: ${TIMEZONE:-Europe/Berlin}
|
||||
APP_PORT: ${UTIL_JOPLIN_APP_PORT:-22300}
|
||||
APP_BASE_URL: https://${UTIL_JOPLIN_TRAEFIK_HOST}
|
||||
DB_CLIENT: pg
|
||||
POSTGRES_HOST: ${CORE_DB_HOST}
|
||||
POSTGRES_PORT: ${CORE_DB_PORT}
|
||||
POSTGRES_DATABASE: ${UTIL_JOPLIN_DB_NAME}
|
||||
POSTGRES_USER: ${DB_USER}
|
||||
POSTGRES_PASSWORD: ${DB_PASSWORD}
|
||||
MAILER_ENABLED: 1
|
||||
MAILER_HOST: ${EMAIL_SMTP_HOST}
|
||||
MAILER_PORT: ${EMAIL_SMTP_PORT}
|
||||
MAILER_SECURE: 1
|
||||
MAILER_AUTH_USER: ${EMAIL_SMTP_USER}
|
||||
MAILER_AUTH_PASSWORD: ${EMAIL_SMTP_PASSWORD}
|
||||
MAILER_NOREPLY_NAME: Joplin Server
|
||||
MAILER_NOREPLY_EMAIL: ${EMAIL_FROM}
|
||||
networks:
|
||||
- compose_network
|
||||
depends_on:
|
||||
- postgres
|
||||
labels:
|
||||
- 'traefik.enable=${UTIL_TRAEFIK_ENABLED}'
|
||||
- 'traefik.http.middlewares.${UTIL_COMPOSE_PROJECT_NAME}-joplin-redirect-web-secure.redirectscheme.scheme=https'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-joplin-web.middlewares=${UTIL_COMPOSE_PROJECT_NAME}-joplin-redirect-web-secure'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-joplin-web.rule=Host(`${UTIL_JOPLIN_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-joplin-web.entrypoints=web'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-joplin-web-secure.rule=Host(`${UTIL_JOPLIN_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-joplin-web-secure.tls.certresolver=resolver'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-joplin-web-secure.entrypoints=web-secure'
|
||||
- 'traefik.http.middlewares.${UTIL_COMPOSE_PROJECT_NAME}-joplin-web-secure-compress.compress=true'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-joplin-web-secure.middlewares=${UTIL_COMPOSE_PROJECT_NAME}-joplin-web-secure-compress'
|
||||
- 'traefik.http.services.${UTIL_COMPOSE_PROJECT_NAME}-joplin-web-secure.loadbalancer.server.port=22300'
|
||||
- 'traefik.docker.network=${NETWORK_NAME}'
|
||||
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
||||
|
||||
# Linkwarden - Bookmark manager
|
||||
linkwarden:
|
||||
image: ${UTIL_LINKS_DOCKER_IMAGE}
|
||||
container_name: ${UTIL_COMPOSE_PROJECT_NAME}_linkwarden
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- compose_network
|
||||
environment:
|
||||
TZ: ${TIMEZONE:-Europe/Amsterdam}
|
||||
DATABASE_URL: postgresql://${DB_USER}:${DB_PASSWORD}@${CORE_DB_HOST}:${CORE_DB_PORT}/${UTIL_LINKS_DB_NAME}
|
||||
NEXTAUTH_SECRET: ${LINKS_NEXTAUTH_SECRET}
|
||||
NEXTAUTH_URL: https://${UTIL_LINKS_TRAEFIK_HOST}
|
||||
MEILI_ADDR: http://linkwarden_meilisearch:7700
|
||||
MEILI_MASTER_KEY: ${LINKS_MEILI_MASTER_KEY}
|
||||
BASE_URL: https://${UTIL_LINKS_TRAEFIK_HOST}
|
||||
NEXT_PUBLIC_EMAIL_PROVIDER: true
|
||||
EMAIL_FROM: ${EMAIL_FROM}
|
||||
EMAIL_SERVER: ${LINKS_EMAIL_SERVER}
|
||||
volumes:
|
||||
- linkwarden_data:/data/data
|
||||
depends_on:
|
||||
- linkwarden_meilisearch
|
||||
labels:
|
||||
- 'traefik.enable=${UTIL_TRAEFIK_ENABLED}'
|
||||
- 'traefik.http.middlewares.${UTIL_COMPOSE_PROJECT_NAME}-linkwarden-redirect-web-secure.redirectscheme.scheme=https'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-linkwarden-web.middlewares=${UTIL_COMPOSE_PROJECT_NAME}-linkwarden-redirect-web-secure'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-linkwarden-web.rule=Host(`${UTIL_LINKS_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-linkwarden-web.entrypoints=web'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-linkwarden-web-secure.rule=Host(`${UTIL_LINKS_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-linkwarden-web-secure.tls.certresolver=resolver'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-linkwarden-web-secure.entrypoints=web-secure'
|
||||
- 'traefik.http.middlewares.${UTIL_COMPOSE_PROJECT_NAME}-linkwarden-web-secure-compress.compress=true'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-linkwarden-web-secure.middlewares=${UTIL_COMPOSE_PROJECT_NAME}-linkwarden-web-secure-compress'
|
||||
- 'traefik.http.services.${UTIL_COMPOSE_PROJECT_NAME}-linkwarden-web-secure.loadbalancer.server.port=3000'
|
||||
- 'traefik.docker.network=${NETWORK_NAME}'
|
||||
- 'com.centurylinklabs.watchtower.enable=true'
|
||||
|
||||
# Linkwarden Meilisearch
|
||||
linkwarden_meilisearch:
|
||||
image: ${UTIL_LINKS_MEILI_IMAGE}
|
||||
container_name: ${UTIL_COMPOSE_PROJECT_NAME}_linkwarden_meilisearch
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- compose_network
|
||||
environment:
|
||||
MEILI_MASTER_KEY: ${LINKS_MEILI_MASTER_KEY}
|
||||
MEILI_NO_ANALYTICS: ${UTIL_LINKS_MEILI_NO_ANALYTICS:-true}
|
||||
volumes:
|
||||
- linkwarden_meili_data:/meili_data
|
||||
|
||||
# Mattermost - Team collaboration
|
||||
mattermost:
|
||||
image: ${UTIL_MATTERMOST_IMAGE:-mattermost/mattermost-team-edition:latest}
|
||||
container_name: ${UTIL_COMPOSE_PROJECT_NAME}_mattermost
|
||||
restart: unless-stopped
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
pids_limit: 200
|
||||
read_only: false
|
||||
tmpfs:
|
||||
- /tmp
|
||||
volumes:
|
||||
- mattermost_config:/mattermost/config:rw
|
||||
- mattermost_data:/mattermost/data:rw
|
||||
- mattermost_logs:/mattermost/logs:rw
|
||||
- mattermost_plugins:/mattermost/plugins:rw
|
||||
- mattermost_client_plugins:/mattermost/client/plugins:rw
|
||||
- mattermost_bleve:/mattermost/bleve-indexes:rw
|
||||
environment:
|
||||
TZ: ${TIMEZONE:-Europe/Berlin}
|
||||
MM_SQLSETTINGS_DRIVERNAME: postgres
|
||||
MM_SQLSETTINGS_DATASOURCE: postgres://${DB_USER}:${DB_PASSWORD}@${CORE_DB_HOST}:${CORE_DB_PORT}/${UTIL_MATTERMOST_DB_NAME}?sslmode=disable&connect_timeout=10
|
||||
MM_BLEVESETTINGS_INDEXDIR: /mattermost/bleve-indexes
|
||||
MM_SERVICESETTINGS_SITEURL: https://${UTIL_MATTERMOST_TRAEFIK_HOST}
|
||||
MM_SERVICESETTINGS_ENABLELOCALMODE: "true"
|
||||
# Email settings
|
||||
MM_EMAILSETTINGS_ENABLESMTPAUTH: "true"
|
||||
MM_EMAILSETTINGS_SMTPUSERNAME: ${EMAIL_SMTP_USER}
|
||||
MM_EMAILSETTINGS_SMTPPASSWORD: ${EMAIL_SMTP_PASSWORD}
|
||||
MM_EMAILSETTINGS_SMTPSERVER: ${EMAIL_SMTP_HOST}
|
||||
MM_EMAILSETTINGS_SMTPPORT: ${EMAIL_SMTP_PORT}
|
||||
MM_EMAILSETTINGS_CONNECTIONSECURITY: TLS
|
||||
MM_EMAILSETTINGS_FEEDBACKNAME: Mattermost
|
||||
MM_EMAILSETTINGS_FEEDBACKEMAIL: ${EMAIL_FROM}
|
||||
MM_EMAILSETTINGS_REPLYTOADDRESS: ${EMAIL_FROM}
|
||||
networks:
|
||||
- compose_network
|
||||
labels:
|
||||
- 'traefik.enable=${UTIL_TRAEFIK_ENABLED}'
|
||||
# HTTP to HTTPS redirect
|
||||
- 'traefik.http.middlewares.${UTIL_COMPOSE_PROJECT_NAME}-mattermost-redirect-web-secure.redirectscheme.scheme=https'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-mattermost-web.middlewares=${UTIL_COMPOSE_PROJECT_NAME}-mattermost-redirect-web-secure'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-mattermost-web.rule=Host(`${UTIL_MATTERMOST_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-mattermost-web.entrypoints=web'
|
||||
# HTTPS router
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-mattermost-web-secure.rule=Host(`${UTIL_MATTERMOST_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-mattermost-web-secure.tls.certresolver=resolver'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-mattermost-web-secure.entrypoints=web-secure'
|
||||
- 'traefik.http.middlewares.${UTIL_COMPOSE_PROJECT_NAME}-mattermost-web-secure-compress.compress=true'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-mattermost-web-secure.middlewares=${UTIL_COMPOSE_PROJECT_NAME}-mattermost-web-secure-compress,security-headers@file'
|
||||
# Service
|
||||
- 'traefik.http.services.${UTIL_COMPOSE_PROJECT_NAME}-mattermost-web-secure.loadbalancer.server.port=8065'
|
||||
- 'traefik.docker.network=${NETWORK_NAME}'
|
||||
# Watchtower
|
||||
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
||||
|
||||
# Vaultwarden - Password manager
|
||||
vaultwarden:
|
||||
image: ${UTIL_VAULT_IMAGE:-vaultwarden/server:latest}
|
||||
container_name: ${UTIL_COMPOSE_PROJECT_NAME}_vaultwarden
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- vaultwarden_data:/data
|
||||
environment:
|
||||
TZ: ${TIMEZONE:-Europe/Berlin}
|
||||
DOMAIN: https://${UTIL_VAULT_TRAEFIK_HOST}
|
||||
WEBSOCKET_ENABLED: ${UTIL_VAULT_WEBSOCKET_ENABLED:-true}
|
||||
SIGNUPS_ALLOWED: ${UTIL_VAULT_SIGNUPS_ALLOWED:-false}
|
||||
INVITATIONS_ALLOWED: ${UTIL_VAULT_INVITATIONS_ALLOWED:-true}
|
||||
SHOW_PASSWORD_HINT: ${UTIL_VAULT_SHOW_PASSWORD_HINT:-false}
|
||||
SMTP_HOST: ${EMAIL_SMTP_HOST}
|
||||
SMTP_FROM: ${EMAIL_FROM}
|
||||
SMTP_FROM_NAME: Vaultwarden
|
||||
SMTP_SECURITY: force_tls
|
||||
SMTP_PORT: ${EMAIL_SMTP_PORT}
|
||||
SMTP_USERNAME: ${EMAIL_SMTP_USER}
|
||||
SMTP_PASSWORD: ${EMAIL_SMTP_PASSWORD}
|
||||
networks:
|
||||
- compose_network
|
||||
labels:
|
||||
- 'traefik.enable=${UTIL_TRAEFIK_ENABLED}'
|
||||
- 'traefik.http.middlewares.${UTIL_COMPOSE_PROJECT_NAME}-vaultwarden-redirect-web-secure.redirectscheme.scheme=https'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-vaultwarden-web.middlewares=${UTIL_COMPOSE_PROJECT_NAME}-vaultwarden-redirect-web-secure'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-vaultwarden-web.rule=Host(`${UTIL_VAULT_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-vaultwarden-web.entrypoints=web'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-vaultwarden-web-secure.rule=Host(`${UTIL_VAULT_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-vaultwarden-web-secure.tls.certresolver=resolver'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-vaultwarden-web-secure.entrypoints=web-secure'
|
||||
- 'traefik.http.middlewares.${UTIL_COMPOSE_PROJECT_NAME}-vaultwarden-web-secure-compress.compress=true'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-vaultwarden-web-secure.middlewares=${UTIL_COMPOSE_PROJECT_NAME}-vaultwarden-web-secure-compress'
|
||||
- 'traefik.http.services.${UTIL_COMPOSE_PROJECT_NAME}-vaultwarden-web-secure.loadbalancer.server.port=80'
|
||||
- 'traefik.docker.network=${NETWORK_NAME}'
|
||||
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
||||
|
||||
# Tandoor - Recipe manager
|
||||
tandoor:
|
||||
image: ${UTIL_TANDOOR_IMAGE:-vabene1111/recipes:latest}
|
||||
container_name: ${UTIL_COMPOSE_PROJECT_NAME}_tandoor
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
# Django settings
|
||||
SECRET_KEY: ${TANDOOR_SECRET_KEY}
|
||||
ALLOWED_HOSTS: ${UTIL_TANDOOR_TRAEFIK_HOST}
|
||||
TIMEZONE: ${TIMEZONE:-Europe/Berlin}
|
||||
|
||||
# Database configuration
|
||||
DB_ENGINE: django.db.backends.postgresql
|
||||
POSTGRES_HOST: ${CORE_DB_HOST}
|
||||
POSTGRES_PORT: ${CORE_DB_PORT}
|
||||
POSTGRES_USER: ${DB_USER}
|
||||
POSTGRES_PASSWORD: ${DB_PASSWORD}
|
||||
POSTGRES_DB: ${UTIL_TANDOOR_DB_NAME}
|
||||
|
||||
# Application settings
|
||||
ENABLE_SIGNUP: ${UTIL_TANDOOR_ENABLE_SIGNUP:-0}
|
||||
REVERSE_PROXY_AUTH: ${UTIL_TANDOOR_REVERSE_PROXY_AUTH:-0}
|
||||
|
||||
# Email configuration (IONOS SMTP)
|
||||
EMAIL_HOST: ${EMAIL_SMTP_HOST}
|
||||
EMAIL_PORT: ${EMAIL_SMTP_PORT}
|
||||
EMAIL_HOST_USER: ${EMAIL_SMTP_USER}
|
||||
EMAIL_HOST_PASSWORD: ${EMAIL_SMTP_PASSWORD}
|
||||
EMAIL_USE_TLS: ${UTIL_TANDOOR_EMAIL_USE_TLS:-0}
|
||||
EMAIL_USE_SSL: ${UTIL_TANDOOR_EMAIL_USE_SSL:-1}
|
||||
DEFAULT_FROM_EMAIL: ${EMAIL_FROM}
|
||||
|
||||
# Gunicorn settings
|
||||
GUNICORN_MEDIA: ${UTIL_TANDOOR_GUNICORN_MEDIA:-0}
|
||||
|
||||
# Optional features
|
||||
COMMENT_PREF_DEFAULT: ${UTIL_TANDOOR_COMMENT_PREF_DEFAULT:-1}
|
||||
SHOPPING_MIN_AUTOSYNC_INTERVAL: ${UTIL_TANDOOR_SHOPPING_MIN_AUTOSYNC_INTERVAL:-5}
|
||||
|
||||
volumes:
|
||||
- tandoor_staticfiles:/opt/recipes/staticfiles
|
||||
- tandoor_mediafiles:/opt/recipes/mediafiles
|
||||
|
||||
depends_on:
|
||||
- postgres
|
||||
|
||||
networks:
|
||||
- compose_network
|
||||
|
||||
labels:
|
||||
- 'traefik.enable=${UTIL_TRAEFIK_ENABLED}'
|
||||
# HTTP to HTTPS redirect
|
||||
- 'traefik.http.middlewares.${UTIL_COMPOSE_PROJECT_NAME}-tandoor-redirect-web-secure.redirectscheme.scheme=https'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-tandoor-web.middlewares=${UTIL_COMPOSE_PROJECT_NAME}-tandoor-redirect-web-secure'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-tandoor-web.rule=Host(`${UTIL_TANDOOR_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-tandoor-web.entrypoints=web'
|
||||
# HTTPS router
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-tandoor-web-secure.rule=Host(`${UTIL_TANDOOR_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-tandoor-web-secure.tls.certresolver=resolver'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-tandoor-web-secure.entrypoints=web-secure'
|
||||
- 'traefik.http.middlewares.${UTIL_COMPOSE_PROJECT_NAME}-tandoor-web-secure-compress.compress=true'
|
||||
- 'traefik.http.routers.${UTIL_COMPOSE_PROJECT_NAME}-tandoor-web-secure.middlewares=${UTIL_COMPOSE_PROJECT_NAME}-tandoor-web-secure-compress,security-headers@file'
|
||||
# Service
|
||||
- 'traefik.http.services.${UTIL_COMPOSE_PROJECT_NAME}-tandoor-web-secure.loadbalancer.server.port=80'
|
||||
- 'traefik.docker.network=${NETWORK_NAME}'
|
||||
# Watchtower
|
||||
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
||||
|
||||
volumes:
|
||||
joplin_data:
|
||||
name: ${UTIL_COMPOSE_PROJECT_NAME}_joplin_data
|
||||
linkwarden_data:
|
||||
name: ${UTIL_COMPOSE_PROJECT_NAME}_linkwarden_data
|
||||
linkwarden_meili_data:
|
||||
name: ${UTIL_COMPOSE_PROJECT_NAME}_linkwarden_meili_data
|
||||
mattermost_config:
|
||||
name: ${UTIL_COMPOSE_PROJECT_NAME}_mattermost_config
|
||||
mattermost_data:
|
||||
name: ${UTIL_COMPOSE_PROJECT_NAME}_mattermost_data
|
||||
mattermost_logs:
|
||||
name: ${UTIL_COMPOSE_PROJECT_NAME}_mattermost_logs
|
||||
mattermost_plugins:
|
||||
name: ${UTIL_COMPOSE_PROJECT_NAME}_mattermost_plugins
|
||||
mattermost_client_plugins:
|
||||
name: ${UTIL_COMPOSE_PROJECT_NAME}_mattermost_client_plugins
|
||||
mattermost_bleve:
|
||||
name: ${UTIL_COMPOSE_PROJECT_NAME}_mattermost_bleve
|
||||
vaultwarden_data:
|
||||
name: ${UTIL_COMPOSE_PROJECT_NAME}_vaultwarden_data
|
||||
tandoor_staticfiles:
|
||||
name: ${UTIL_COMPOSE_PROJECT_NAME}_tandoor_staticfiles
|
||||
tandoor_mediafiles:
|
||||
name: ${UTIL_COMPOSE_PROJECT_NAME}_tandoor_mediafiles
|
||||
|
||||
networks:
|
||||
compose_network:
|
||||
name: ${NETWORK_NAME}
|
||||
external: true
|
||||
@@ -1,46 +0,0 @@
|
||||
services:
|
||||
vaultwarden:
|
||||
image: ${VAULT_IMAGE:-vaultwarden/server:latest}
|
||||
container_name: ${VAULT_COMPOSE_PROJECT_NAME}_app
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- vaultwarden_data:/data
|
||||
environment:
|
||||
TZ: ${TIMEZONE:-Europe/Berlin}
|
||||
DOMAIN: https://${VAULT_TRAEFIK_HOST}
|
||||
WEBSOCKET_ENABLED: ${VAULT_WEBSOCKET_ENABLED:-true}
|
||||
SIGNUPS_ALLOWED: ${VAULT_SIGNUPS_ALLOWED:-false}
|
||||
INVITATIONS_ALLOWED: ${VAULT_INVITATIONS_ALLOWED:-true}
|
||||
SHOW_PASSWORD_HINT: ${VAULT_SHOW_PASSWORD_HINT:-false}
|
||||
SMTP_HOST: ${EMAIL_SMTP_HOST}
|
||||
SMTP_FROM: ${EMAIL_FROM}
|
||||
SMTP_FROM_NAME: Vaultwarden
|
||||
SMTP_SECURITY: force_tls
|
||||
SMTP_PORT: ${EMAIL_SMTP_PORT}
|
||||
SMTP_USERNAME: ${EMAIL_SMTP_USER}
|
||||
SMTP_PASSWORD: ${EMAIL_SMTP_PASSWORD}
|
||||
networks:
|
||||
- compose_network
|
||||
labels:
|
||||
- 'traefik.enable=${VAULT_TRAEFIK_ENABLED}'
|
||||
- 'traefik.http.middlewares.${VAULT_COMPOSE_PROJECT_NAME}-redirect-web-secure.redirectscheme.scheme=https'
|
||||
- 'traefik.http.routers.${VAULT_COMPOSE_PROJECT_NAME}-web.middlewares=${VAULT_COMPOSE_PROJECT_NAME}-redirect-web-secure'
|
||||
- 'traefik.http.routers.${VAULT_COMPOSE_PROJECT_NAME}-web.rule=Host(`${VAULT_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${VAULT_COMPOSE_PROJECT_NAME}-web.entrypoints=web'
|
||||
- 'traefik.http.routers.${VAULT_COMPOSE_PROJECT_NAME}-web-secure.rule=Host(`${VAULT_TRAEFIK_HOST}`)'
|
||||
- 'traefik.http.routers.${VAULT_COMPOSE_PROJECT_NAME}-web-secure.tls.certresolver=resolver'
|
||||
- 'traefik.http.routers.${VAULT_COMPOSE_PROJECT_NAME}-web-secure.entrypoints=web-secure'
|
||||
- 'traefik.http.middlewares.${VAULT_COMPOSE_PROJECT_NAME}-web-secure-compress.compress=true'
|
||||
- 'traefik.http.routers.${VAULT_COMPOSE_PROJECT_NAME}-web-secure.middlewares=${VAULT_COMPOSE_PROJECT_NAME}-web-secure-compress'
|
||||
- 'traefik.http.services.${VAULT_COMPOSE_PROJECT_NAME}-web-secure.loadbalancer.server.port=80'
|
||||
- 'traefik.docker.network=${NETWORK_NAME}'
|
||||
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
||||
|
||||
volumes:
|
||||
vaultwarden_data:
|
||||
name: ${VAULT_COMPOSE_PROJECT_NAME}_data
|
||||
|
||||
networks:
|
||||
compose_network:
|
||||
name: ${NETWORK_NAME}
|
||||
external: true
|
||||
Reference in New Issue
Block a user