valknar/stacks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: valknar:15f62b9e5516fc425312324e819db544637261d0
Branches Tags
valknar:main
..
compare: valknar:main
Branches Tags
valknar:main

9 Commits
15f62b9e55 ... main

Author SHA1 Message Date
Sebastian Krüger
74768a3ce5 chore: traefik without watchtower 2026-03-06 10:29:48 +01:00
Sebastian Krüger
1865844260 chore: cleanup 2026-03-05 09:51:40 +01:00
Sebastian Krüger
491d54bbd5 fix: update sexy_db credentials to sexy:sexy 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-04 21:53:00 +01:00
Sebastian Krüger
f697eae0de fix: sexy directus image tag 2026-03-04 16:46:24 +01:00
Sebastian Krüger
f427f408e0 feat: add blinko stack, remove joplin 2026-03-02 10:10:26 +01:00
Sebastian Krüger
d0c38c1f46 fix: traefik image tag 2026-03-02 09:49:14 +01:00
Sebastian Krüger
a22da351ed chore: umami tracking setup 2026-02-21 11:34:07 +01:00
Sebastian Krüger
0f10af0ca4 feat: palina ai image blog 2026-02-17 18:38:25 +01:00
Sebastian Krüger
e555a78131 fix: use latest images 2026-02-17 12:23:09 +01:00
9 changed files with 152 additions and 112 deletions
Expand all files Collapse all files

2
README.md
View File

@@ -13,7 +13,7 @@ Each stack is independently deployable with its own `compose.yml` and `.env`. Al
| `watchtower` | Automatic container updates | watchtower | | `watchtower` | Automatic container updates | watchtower |
| `umami` | Web analytics | umami, db | | `umami` | Web analytics | umami, db |
| `immich` | Photo & video management | immich, ml, redis, db | | `immich` | Photo & video management | immich, ml, redis, db |
| `joplin` | Note sync server | joplin, db | | `blinko` | AI-powered personal notes | blinko, db |
| `mattermost` | Team chat | mattermost, db | | `mattermost` | Team chat | mattermost, db |
| `gitea` | Git hosting + CI runner | gitea, runner, db | | `gitea` | Git hosting + CI runner | gitea, runner, db |
| `coolify` | Deployment platform | coolify, realtime, redis, db | | `coolify` | Deployment platform | coolify, realtime, redis, db |

4
_backup/backup.sh
View File

@@ -33,10 +33,10 @@ mkdir -p "$DUMP_DIR"
declare -A DATABASES=( declare -A DATABASES=(
[umami_db]="umami:umami" [umami_db]="umami:umami"
[joplin_db]="joplin:joplin" [blinko_db]="blinko:blinko"
[gitea_db]="gitea:gitea" [gitea_db]="gitea:gitea"
[mattermost_db]="mattermost:mattermost" [mattermost_db]="mattermost:mattermost"
[sexy_db]="directus:directus" [sexy_db]="sexy:sexy"
[immich_db]="immich:immich" [immich_db]="immich:immich"
[coolify_db]="coolify:coolify" [coolify_db]="coolify:coolify"
) )

2
api/compose.yml
View File

@@ -69,7 +69,7 @@ services:
- compose_network - compose_network
realesrgan: realesrgan:
image: dev.pivoine.art/valknar/realesrgan-api:latest-cpu image: dev.pivoine.art/valknar/realesrgan-api:latest
container_name: api_realesrgan container_name: api_realesrgan
environment: environment:
- RSR_EXECUTION_PROVIDERS=["cpu"] - RSR_EXECUTION_PROVIDERS=["cpu"]

54
blinko/compose.yml Normal file
View File

@@ -0,0 +1,54 @@
---
services:
blinko:
image: blinkospace/blinko:latest
container_name: blinko
environment:
TZ: ${TIMEZONE:-Europe/Amsterdam}
NODE_ENV: production
NEXTAUTH_URL: https://${TRAEFIK_HOST}
NEXT_PUBLIC_BASE_URL: https://${TRAEFIK_HOST}
NEXTAUTH_SECRET: ${BLINKO_NEXTAUTH_SECRET}
DATABASE_URL: postgresql://blinko:blinko@blinko_db:5432/blinko
volumes:
- ../.data/blinko/app:/app/.blinko
depends_on:
db:
condition: service_healthy
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.blinko-redirect-web-secure.redirectscheme.scheme=https"
- "traefik.http.routers.blinko-web.middlewares=blinko-redirect-web-secure"
- "traefik.http.routers.blinko-web.rule=Host(`${TRAEFIK_HOST}`)"
- "traefik.http.routers.blinko-web.entrypoints=web"
- "traefik.http.routers.blinko-web-secure.rule=Host(`${TRAEFIK_HOST}`)"
- "traefik.http.routers.blinko-web-secure.tls.certresolver=resolver"
- "traefik.http.routers.blinko-web-secure.entrypoints=web-secure"
- "traefik.http.routers.blinko-web-secure.middlewares=security-headers@file"
- "traefik.http.services.blinko-web-secure.loadbalancer.server.port=1111"
- "traefik.docker.network=${NETWORK_NAME}"
- "com.centurylinklabs.watchtower.enable=true"
networks:
- compose_network
db:
image: postgres:14-alpine
container_name: blinko_db
environment:
POSTGRES_DB: blinko
POSTGRES_USER: blinko
POSTGRES_PASSWORD: blinko
volumes:
- ../.data/blinko/db:/var/lib/postgresql/data
restart: always
healthcheck:
test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
interval: 5s
timeout: 5s
retries: 5
networks:
- compose_network
networks:
compose_network:
name: ${NETWORK_NAME}
external: true

2
gitea/runner-config.yaml
View File

@@ -3,7 +3,7 @@ log:
runner: runner:
file: .runner file: .runner
capacity: 1 capacity: 4
envs: {} envs: {}
env_file: .env env_file: .env
timeout: 3h timeout: 3h

59
joplin/compose.yml
View File

@@ -1,59 +0,0 @@
---
services:
joplin:
image: joplin/server:latest
container_name: joplin
environment:
TZ: ${TIMEZONE:-Europe/Amsterdam}
APP_PORT: 22300
APP_BASE_URL: https://${TRAEFIK_HOST}
DB_CLIENT: pg
POSTGRES_HOST: joplin_db
POSTGRES_PORT: 5432
POSTGRES_DATABASE: joplin
POSTGRES_USER: joplin
POSTGRES_PASSWORD: joplin
MAILER_ENABLED: 1
MAILER_HOST: mailpit
MAILER_PORT: 1025
MAILER_SECURE: 0
depends_on:
db:
condition: service_healthy
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.joplin-redirect-web-secure.redirectscheme.scheme=https"
- "traefik.http.routers.joplin-web.middlewares=joplin-redirect-web-secure"
- "traefik.http.routers.joplin-web.rule=Host(`${TRAEFIK_HOST}`)"
- "traefik.http.routers.joplin-web.entrypoints=web"
- "traefik.http.routers.joplin-web-secure.rule=Host(`${TRAEFIK_HOST}`)"
- "traefik.http.routers.joplin-web-secure.tls.certresolver=resolver"
- "traefik.http.routers.joplin-web-secure.entrypoints=web-secure"
- "traefik.http.routers.joplin-web-secure.middlewares=security-headers@file"
- "traefik.http.services.joplin-web-secure.loadbalancer.server.port=22300"
- "traefik.docker.network=${NETWORK_NAME}"
- "com.centurylinklabs.watchtower.enable=true"
networks:
- compose_network
db:
image: postgres:16-alpine
container_name: joplin_db
environment:
POSTGRES_DB: joplin
POSTGRES_USER: joplin
POSTGRES_PASSWORD: joplin
volumes:
- ../.data/joplin/db:/var/lib/postgresql/data
restart: always
healthcheck:
test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
interval: 5s
timeout: 5s
retries: 5
networks:
- compose_network
networks:
compose_network:
name: ${NETWORK_NAME}
external: true

59
palina/compose.yml Normal file
View File

@@ -0,0 +1,59 @@
---
services:
ghost:
image: ghost:latest
container_name: palina_ghost
restart: always
environment:
database__client: mysql
database__connection__host: palina_db
database__connection__user: root
database__connection__password: palina
database__connection__database: palina
mail__transport: SMTP
mail__options__service: Mailpit
mail__options__host: mailpit
mail__options__port: 1025
mail__options__secure: false
mail__options__auth__user: ""
mail__options__auth__pass: ""
url: https://${TRAEFIK_HOST}
depends_on:
db:
condition: service_healthy
volumes:
- ../.data/ghost/content:/var/lib/ghost/content
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.palina-redirect-web-secure.redirectscheme.scheme=https"
- "traefik.http.routers.palina-web.middlewares=palina-redirect-web-secure"
- "traefik.http.routers.palina-web.rule=Host(`${TRAEFIK_HOST}`)"
- "traefik.http.routers.palina-web.entrypoints=web"
- "traefik.http.routers.palina-web-secure.rule=Host(`${TRAEFIK_HOST}`)"
- "traefik.http.routers.palina-web-secure.tls.certresolver=resolver"
- "traefik.http.routers.palina-web-secure.entrypoints=web-secure"
- "traefik.http.routers.palina-web-secure.middlewares=security-headers@file"
- "traefik.http.services.palina-web-secure.loadbalancer.server.port=2368"
- "traefik.docker.network=${NETWORK_NAME}"
- "com.centurylinklabs.watchtower.enable=true"
networks:
- compose_network
db:
image: mysql:8.0
container_name: palina_db
restart: always
environment:
MYSQL_ROOT_PASSWORD: palina
volumes:
- ../.data/ghost/db:/var/lib/mysql
healthcheck:
test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
interval: 5s
timeout: 5s
retries: 5
networks:
- compose_network
networks:
compose_network:
name: ${NETWORK_NAME}
external: true

78
sexy/compose.yml
View File

@@ -11,9 +11,8 @@ services:
NODE_ENV: production NODE_ENV: production
PUBLIC_API_URL: https://${TRAEFIK_HOST}/api PUBLIC_API_URL: https://${TRAEFIK_HOST}/api
PUBLIC_URL: https://${TRAEFIK_HOST} PUBLIC_URL: https://${TRAEFIK_HOST}
PUBLIC_UMAMI_ID: "" PUBLIC_UMAMI_ID: ${UMAMI_ID}
volumes: PUBLIC_UMAMI_SCRIPT: ${UMAMI_SCRIPT}
- ../.data/sexy/bundle:/home/node/app/packages/bundle
restart: always restart: always
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
@@ -31,41 +30,30 @@ services:
- "com.centurylinklabs.watchtower.enable=true" - "com.centurylinklabs.watchtower.enable=true"
networks: networks:
- compose_network - compose_network
directus: backend:
image: directus/directus:11.12.0 image: dev.pivoine.art/valknar/sexy-backend:latest
container_name: sexy_directus container_name: sexy_backend
environment: environment:
TZ: ${TIMEZONE:-Europe/Amsterdam} TZ: ${TIMEZONE:-Europe/Amsterdam}
SECRET: ${DIRECTUS_SECRET} NODE_ENV: production
DB_CLIENT: pg PORT: 4000
DB_HOST: sexy_db DATABASE_URL: postgresql://${DB_USER:-sexy}:${DB_PASSWORD:-sexy}@sexy_db:5432/${DB_NAME:-sexy}
DB_PORT: 5432 REDIS_URL: redis://sexy_redis:6379
DB_DATABASE: directus UPLOAD_DIR: /data/uploads
DB_USER: directus
DB_PASSWORD: directus
CACHE_ENABLED: "true"
CACHE_AUTO_PURGE: "true"
CACHE_STORE: redis
REDIS: redis://sexy_redis:6379
ASSETS_CACHE_TTL: "31536000"
WEBSOCKETS_ENABLED: "true"
PUBLIC_URL: https://${TRAEFIK_HOST}/api
CORS_ENABLED: "true"
CORS_ORIGIN: https://${TRAEFIK_HOST} CORS_ORIGIN: https://${TRAEFIK_HOST}
COOKIE_SECRET: ${COOKIE_SECRET}
SESSION_COOKIE_SECURE: "true" SESSION_COOKIE_SECURE: "true"
SESSION_COOKIE_SAME_SITE: strict SESSION_COOKIE_SAME_SITE: strict
SESSION_COOKIE_DOMAIN: ${TRAEFIK_HOST} SESSION_COOKIE_DOMAIN: ${TRAEFIK_HOST}
EXTENSIONS_PATH: ./extensions PUBLIC_URL: https://${TRAEFIK_HOST}
EXTENSIONS_AUTO_RELOAD: "false" SMTP_HOST: ${SMTP_HOST:-mailpit}
CONTENT_SECURITY_POLICY_DIRECTIVES__FRAME_SRC: https://${TRAEFIK_HOST} SMTP_PORT: ${SMTP_PORT:-1025}
EMAIL_TRANSPORT: smtp SMTP_SECURE: ${SMTP_SECURE:-false}
EMAIL_SMTP_HOST: mailpit SMTP_USER: ${SMTP_USER:-}
EMAIL_SMTP_PORT: 1025 SMTP_PASS: ${SMTP_PASS:-}
USER_REGISTER_URL_ALLOW_LIST: https://${TRAEFIK_HOST}/signup/verify EMAIL_FROM: ${EMAIL_FROM:-noreply@sexy.pivoine.art}
PASSWORD_RESET_URL_ALLOW_LIST: https://${TRAEFIK_HOST}/password/reset
volumes: volumes:
- ../.data/sexy/uploads:/directus/uploads - ../.data/sexy/uploads:/data/uploads
- ../.data/sexy/bundle:/directus/extensions/sexy.pivoine.art
depends_on: depends_on:
db: db:
condition: service_healthy condition: service_healthy
@@ -74,17 +62,17 @@ services:
restart: always restart: always
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.middlewares.sexy-directus-redirect-web-secure.redirectscheme.scheme=https" - "traefik.http.middlewares.sexy-backend-redirect-web-secure.redirectscheme.scheme=https"
- "traefik.http.routers.sexy-directus-web.middlewares=sexy-directus-redirect-web-secure" - "traefik.http.routers.sexy-backend-web.middlewares=sexy-backend-redirect-web-secure"
- "traefik.http.routers.sexy-directus-web.rule=Host(`${TRAEFIK_HOST}`) && PathPrefix(`/api`)" - "traefik.http.routers.sexy-backend-web.rule=Host(`${TRAEFIK_HOST}`) && PathPrefix(`/api`)"
- "traefik.http.routers.sexy-directus-web.entrypoints=web" - "traefik.http.routers.sexy-backend-web.entrypoints=web"
- "traefik.http.routers.sexy-directus-web-secure.rule=Host(`${TRAEFIK_HOST}`) && PathPrefix(`/api`)" - "traefik.http.routers.sexy-backend-web-secure.rule=Host(`${TRAEFIK_HOST}`) && PathPrefix(`/api`)"
- "traefik.http.routers.sexy-directus-web-secure.tls.certresolver=resolver" - "traefik.http.routers.sexy-backend-web-secure.tls.certresolver=resolver"
- "traefik.http.routers.sexy-directus-web-secure.entrypoints=web-secure" - "traefik.http.routers.sexy-backend-web-secure.entrypoints=web-secure"
- "traefik.http.middlewares.sexy-directus-compress.compress=true" - "traefik.http.middlewares.sexy-backend-strip.stripprefix.prefixes=/api"
- "traefik.http.middlewares.sexy-directus-strip.stripprefix.prefixes=/api" - "traefik.http.middlewares.sexy-backend-compress.compress=true"
- "traefik.http.routers.sexy-directus-web-secure.middlewares=sexy-directus-strip,sexy-directus-compress" - "traefik.http.routers.sexy-backend-web-secure.middlewares=sexy-backend-strip,sexy-backend-compress"
- "traefik.http.services.sexy-directus-web-secure.loadbalancer.server.port=8055" - "traefik.http.services.sexy-backend-web-secure.loadbalancer.server.port=4000"
- "traefik.docker.network=${NETWORK_NAME}" - "traefik.docker.network=${NETWORK_NAME}"
- "com.centurylinklabs.watchtower.enable=true" - "com.centurylinklabs.watchtower.enable=true"
networks: networks:
@@ -104,9 +92,9 @@ services:
image: postgres:16-alpine image: postgres:16-alpine
container_name: sexy_db container_name: sexy_db
environment: environment:
POSTGRES_DB: directus POSTGRES_DB: ${DB_NAME:-sexy}
POSTGRES_USER: directus POSTGRES_USER: ${DB_USER:-sexy}
POSTGRES_PASSWORD: directus POSTGRES_PASSWORD: ${DB_PASSWORD:-sexy}
volumes: volumes:
- ../.data/sexy/db:/var/lib/postgresql/data - ../.data/sexy/db:/var/lib/postgresql/data
restart: always restart: always

4
traefik/compose.yml
View File

@@ -1,7 +1,7 @@
--- ---
services: services:
traefik: traefik:
image: traefik:latest image: traefik:v3
container_name: traefik container_name: traefik
command: command:
- "--api.dashboard=false" - "--api.dashboard=false"
@@ -38,8 +38,6 @@ services:
timeout: 5s timeout: 5s
retries: 3 retries: 3
start_period: 10s start_period: 10s
labels:
- "com.centurylinklabs.watchtower.enable=true"
networks: networks:
- compose_network - compose_network
- coolify_network - coolify_network