diff --git a/backend/docker-compose.yaml b/backend/docker-compose.yaml new file mode 100644 index 0000000..a400ab6 --- /dev/null +++ b/backend/docker-compose.yaml @@ -0,0 +1,151 @@ +services: + nginxproxymanager: + container_name: nginxpm + image: jc21/nginx-proxy-manager:latest + restart: unless-stopped + ports: + - "80:80" + - "81:81" + - "443:443" + - "25565:25565" + volumes: + - /docker/config/nginxpm:/data + - /docker/config/letsencrypt:/etc/letsencrypt + - /data/www:/data/www +# Downloaders + gluetun: + container_name: gluetun + image: qmcgaw/gluetun + restart: unless-stopped + ports: + - "8080:8080" + cap_add: + - NET_ADMIN + env_file: + ./env/gluetun + environment: + - VPN_SERVICE_PROVIDER=airvpn + - VPN_TYPE=wireguard + - SERVER_COUNTRIES=Canada + - LOG_LEVEL=debug + - OPENVPN_VERSION=2.4 + - FIREWALL_VPN_INPUT_PORTS=46575 + privileged: true + devices: + - /dev/net/tun:/dev/net/tun + qbittorrent: + container_name: qbittorrent + image: ghcr.io/hotio/qbittorrent + restart: unless-stopped + network_mode: "service:gluetun" + environment: + - WEBUI_PORT=8080 + - PUID=950 + - PGID=950 + volumes: + - /docker/config/qbittorent:/config + - /data/media:/data/media + sabnzbd: + container_name: sabnzbd + image: ghcr.io/hotio/sabnzbd + restart: unless-stopped + ports: + - "8090:8080" + environment: + - PUID=950 + - PGID=950 + volumes: + - /docker/config/sabnzbd:/config + - /data/media:/data/media + +# Downloaders + prowlarr: + container_name: prowlarr + restart: unless-stopped + image: ghcr.io/hotio/prowlarr + ports: + - "9696:9696" + environment: + - PUID=950 + - PGID=950 + volumes: + - /docker/config/prowlarr:/config + bazarr: + container_name: bazarr + restart: unless-stopped + image: ghcr.io/hotio/bazarr + ports: + - "6767:6767" + environment: + - PUID=950 + - PGID=950 + volumes: + - /docker/config/bazarr:/config + - /data/media:/data/media + sonarr: + container_name: sonarr + restart: unless-stopped + image: ghcr.io/hotio/sonarr + ports: + - "8989:8989" + environment: + - PUID=950 + - PGID=950 + volumes: + - /docker/config/sonarr:/config + - /data/media:/data/media + radarr: + container_name: radarr + restart: unless-stopped + image: ghcr.io/hotio/radarr + ports: + - "7878:7878" + environment: + - PUID=950 + - PGID=950 + volumes: + - /docker/config/radarr:/config + - /data/media:/data/media + doplarr: + container_name: doplarr + restart: unless-stopped + image: ghcr.io/hotio/doplarr:latest + env_file: + - ./env/doplarr + environment: + - SONARR__URL=http://sonarr:8989 + - RADARR__URL=http://radarr:7878 + - LOG_LEVEL=:report + tachidesk: + container_name: tachidesk + image: ghcr.io/suwayomi/tachidesk:latest + restart: unless-stopped + ports: + - "4567:4567" + environment: + - PUID=950 + - PGID=950 + volumes: + - /data/media/books/new/:/home/suwayomi/.local/share/Tachidesk/downloads + - /docker/config/tachidesk/:/home/suwayomi/.local/share/Tachidesk +# Logging + loki: + container_name: loki + image: grafana/loki:latest + restart: unless-stopped + ports: + - "3100:3100" + volumes: + - /docker/config/loki-config.yml:/etc/loki/loki-config.yml + promtail: + container_name: promtail + image: grafana/promtail:latest + restart: unless-stopped + volumes: + - /docker/config/promtail-config.yml:/etc/promtail/promtail-config.yml + grafana: + container_name: grafana + image: grafana/grafana:latest + restart: unless-stopped + ports: + - "3000:3000" diff --git a/backend/env/doplarr b/backend/env/doplarr new file mode 100644 index 0000000..dffbae6 --- /dev/null +++ b/backend/env/doplarr @@ -0,0 +1,6 @@ +# general > api key +SONARR__API= +RADARR__API= + +DISCORD__TOKEN= + diff --git a/backend/env/gluetun b/backend/env/gluetun new file mode 100644 index 0000000..29bbe62 --- /dev/null +++ b/backend/env/gluetun @@ -0,0 +1,3 @@ +WIREGUARD_PRIVATE_KEY= +WIREGUARD_PRESHARED_KEY= +WIREGUARD_ADDRESSES= diff --git a/frontend/authentik.yaml b/frontend/authentik.yaml new file mode 100644 index 0000000..4e44cc9 --- /dev/null +++ b/frontend/authentik.yaml @@ -0,0 +1,66 @@ +services: + postgresql: + container_name: postgresql + image: docker.io/library/postgres:16-alpine + restart: unless-stopped + healthcheck: + test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] + start_period: 20s + interval: 30s + retries: 5 + timeout: 5s + volumes: + - /data/postgresql:/var/lib/postgresql/data + env_file: + - ./env/authentik + redis: + container_name: redis + image: docker.io/library/redis:alpine + command: --save 60 1 --loglevel warning + restart: unless-stopped + healthcheck: + test: ["CMD-SHELL", "redis-cli ping | grep PONG"] + start_period: 20s + interval: 30s + retries: 5 + timeout: 3s + volumes: + - /data/redis:/data + server: + container_name: authentik_server + image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.8.3} + restart: unless-stopped + command: server + environment: + AUTHENTIK_REDIS__HOST: redis + AUTHENTIK_POSTGRESQL__HOST: postgresql + volumes: + - /data/authentik/media:/media + - /data/authentik/custom-templates:/templates + env_file: + - ./env/authentik + ports: + - "9000:9000" + - "9443:9443" + depends_on: + - postgresql + - redis + worker: + container_name: authentik_worker + image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.8.3} + restart: unless-stopped + command: worker + environment: + AUTHENTIK_REDIS__HOST: redis + AUTHENTIK_POSTGRESQL__HOST: postgresql + user: root + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - /data/authentik/media:/media + - /data/certs:/certs + - /data/authentik/custom-templates:/templates + env_file: + - ./env/authentik + depends_on: + - postgresql + - redis diff --git a/frontend/docker-compose.yaml b/frontend/docker-compose.yaml new file mode 100644 index 0000000..69473c3 --- /dev/null +++ b/frontend/docker-compose.yaml @@ -0,0 +1,68 @@ +include: + - authentik.yaml + +services: + vaultwarden: + container_name: vaultwarden + image: vaultwarden/server:latest + restart: unless-stopped + env_file: + - ./env/vaultwarden + ports: + - "82:80" + environment: + - DOMAIN=https://vault.nerm.al + - PUSH_ENABLED=true + volumes: + - /data/vaultwarden:/data + kavita: + container_name: kavita + image: jvmilazz0/kavita:latest + restart: unless-stopped + ports: + - "5000:5000" + environment: + - PUID=950 + - GUID=950 + volumes: + - /docker/config/kavita:/app/config + - /data/media:/data/media + gitea: + container_name: gitea + image: gitea/gitea:latest + restart: unless-stopped + ports: + - "3000:3000" + - "222:22" + environment: + - USER_UID=950 + - USER_GID=950 + volumes: + - /data/files/gitea:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + depends_on: + - db + db: + image: mysql:8 + restart: unless-stopped + environment: + - MYSQL_ROOT_PASSWORD=gitea + - MYSQL_USER=gitea + - MYSQL_PASSWORD=gitea + - MYSQL_DATABASE=gitea + volumes: + - /data/files/mysql:/var/lib/mysql + + jellyfin: + container_name: jellyfin + image: ghcr.io/hotio/jellyfin + restart: unless-stopped + ports: + - "8096:8096" + environment: + - PUID=950 + - PGID=950 + volumes: + - /docker/config/jellyfin:/app/config + - /data/media:/data/media diff --git a/frontend/env/authentik b/frontend/env/authentik new file mode 100644 index 0000000..d242cc3 --- /dev/null +++ b/frontend/env/authentik @@ -0,0 +1,8 @@ +POSTGRES_PASSWORD= +POSTGRES_USER=authentik +POSTGRES_DB=authentik +AUTHENTIK_SECRET_KEY= + +AUTHENTIK_POSTGRESQL__USER=authentik +AUTHENTIK_POSTGRESQL__NAME=authentik +AUTHENTIK_POSTGRESQL__PASSWORD= diff --git a/frontend/env/vaultwarden b/frontend/env/vaultwarden new file mode 100644 index 0000000..831223d --- /dev/null +++ b/frontend/env/vaultwarden @@ -0,0 +1,3 @@ +# generate at https://bitwarden.com/host/ +PUSH_INSTALLATION_ID= +PUSH_INSTALLATION_KEY= diff --git a/server/docker-compose.yaml b/server/docker-compose.yaml new file mode 100644 index 0000000..583dd85 --- /dev/null +++ b/server/docker-compose.yaml @@ -0,0 +1,62 @@ +services: + proxy: + container_name: mc-velocity + image: itzg/mc-proxy + environment: + TYPE: VELOCITY + DEBUG: "false" + ENABLE_RCON: "true" + UID: 950 + GID: 950 + ports: + - "25565:25577" + volumes: + - /data/mc/config/velocity.toml:/config/velocity.toml:ro + - /data/mc/config/forwarding.secret:/config/forwarding.secret:ro + - /data/mc/server:/server + lobby: + container_name: mc-lobby + image: itzg/minecraft-server + environment: + EULA: "TRUE" + ONLINE_MODE: "FALSE" + TYPE: PAPER + SYNC_SKIP_NEWER_IN_DESTINATION: false + UID: 950 + GID: 950 + JVM_OPTS: -Dpaper.disableChannelLimit=true + volumes: + - /data/mc/config/paper-global.yml:/config/paper-global.yml + - /data/mc/lobby/:/data + ports: + - "25566:25565" + vanilla: + container_name: mc-vanilla + image: itzg/minecraft-server + environment: + EULA: "TRUE" + ONLINE_MODE: "FALSE" + TYPE: PAPER + SYNC_SKIP_NEWER_IN_DESTINATION: false + UID: 950 + GID: 950 + volumes: + - /data/mc/config/paper-global.yml:/config/paper-global.yml + - /data/mc/vanilla:/data + ports: + - "25567:25565" + rpg: + container_name: mc-rpg + image: itzg/minecraft-server:java17 + environment: + EULA: "true" + UID: 950 + GID: 950 + MEMORY: "24G" + TYPE: "FORGE" + VERSION: "1.18.2" + FORGE_VERSION: "40.2.17" + ports: + - "25568:25565" + volumes: + - /data/mc/rpg:/data