2022-04-17 21:08:43 +00:00
|
|
|
version: "3.9"
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
ssl:
|
|
|
|
external: true
|
|
|
|
mariadb-data:
|
|
|
|
external: true
|
|
|
|
lumieredesoy-ghost-data:
|
|
|
|
external: true
|
|
|
|
victoria-metrics:
|
|
|
|
external: true
|
2023-03-22 21:53:30 +00:00
|
|
|
haproxy-socket:
|
|
|
|
external: true
|
2022-04-17 21:08:43 +00:00
|
|
|
postgres-13:
|
|
|
|
external: true
|
2023-03-22 21:53:30 +00:00
|
|
|
postgres-15:
|
|
|
|
external: true
|
2022-04-17 21:08:43 +00:00
|
|
|
|
|
|
|
networks:
|
|
|
|
default:
|
2022-04-18 19:04:23 +00:00
|
|
|
name: yann_default
|
2022-04-17 21:08:43 +00:00
|
|
|
driver: bridge
|
|
|
|
enable_ipv6: true
|
|
|
|
ipam:
|
|
|
|
driver: default
|
|
|
|
config:
|
|
|
|
- subnet: 172.20.0.0/24
|
|
|
|
gateway: 172.20.0.1
|
2022-09-25 20:46:03 +00:00
|
|
|
- subnet: 2a01:e0a:5b7:35f1::/64
|
|
|
|
gateway: 2a01:e0a:5b7:35f1::1
|
2022-04-17 21:08:43 +00:00
|
|
|
|
|
|
|
services:
|
|
|
|
openldap:
|
|
|
|
image: openldap-alpine
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/openldap/config/openldap:/etc/openldap
|
|
|
|
- /srv/docker/volume/openldap/mdb:/var/lib/openldap/openldap-data
|
|
|
|
- ssl:/ssl
|
|
|
|
ports:
|
|
|
|
- 389:389
|
|
|
|
restart: always
|
|
|
|
postgres:
|
2023-03-22 21:53:30 +00:00
|
|
|
image: postgres:15-alpine
|
2022-04-17 21:08:43 +00:00
|
|
|
volumes:
|
2023-03-22 21:53:30 +00:00
|
|
|
- postgres-15:/var/lib/postgresql/data
|
2022-04-17 21:08:43 +00:00
|
|
|
- ssl:/ssl:ro
|
|
|
|
dns: fd00::3:2
|
2023-03-22 21:53:30 +00:00
|
|
|
environment:
|
|
|
|
- POSTGRES_PASSWORD=J5PdCv9ObVh5uZCJDpndzXoUumAKn52K
|
2022-04-17 21:08:43 +00:00
|
|
|
networks:
|
|
|
|
default:
|
2022-09-25 20:46:03 +00:00
|
|
|
ipv6_address: 2a01:e0a:5b7:35f1::5432
|
2022-04-17 21:08:43 +00:00
|
|
|
restart: always
|
|
|
|
haproxy:
|
|
|
|
image: haproxy:alpine
|
|
|
|
volumes:
|
|
|
|
- ssl:/ssl:ro
|
|
|
|
- /etc/haproxy:/usr/local/etc/haproxy:ro
|
2022-10-03 19:56:58 +00:00
|
|
|
- /etc/haproxy:/etc/haproxy:ro
|
2023-03-22 21:53:30 +00:00
|
|
|
- haproxy-socket:/var/lib/haproxy:rw
|
2022-04-17 21:08:43 +00:00
|
|
|
ports:
|
2022-10-03 19:56:58 +00:00
|
|
|
- 443:443
|
|
|
|
- 443:443/udp
|
|
|
|
- 80:80
|
2022-04-17 21:08:43 +00:00
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
|
|
|
dns: fd00::3:2
|
|
|
|
networks:
|
|
|
|
default:
|
2022-10-03 19:56:58 +00:00
|
|
|
ipv6_address: 2a01:e0a:5b7:35f1::443
|
2023-03-22 21:53:30 +00:00
|
|
|
vault:
|
|
|
|
image: hashicorp/vault
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/vault:/vault
|
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
|
|
|
dns: 192.168.3.2
|
|
|
|
cap_add:
|
|
|
|
- IPC_LOCK
|
|
|
|
command: vault server -config /vault/config
|
2022-04-17 21:08:43 +00:00
|
|
|
caddy:
|
|
|
|
image: caddy:alpine
|
|
|
|
volumes:
|
|
|
|
- ssl:/etc/dehydrated:ro
|
|
|
|
- /etc/caddy:/etc/caddy
|
|
|
|
- /srv/www:/srv/www
|
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
|
|
|
dns: 192.168.3.2
|
|
|
|
redis:
|
|
|
|
image: redis:alpine
|
|
|
|
restart: always
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/redis/data:/data
|
|
|
|
- /srv/docker/volume/redis/config/redis.conf:/usr/local/etc/redis/redis.conf:ro
|
|
|
|
command: redis-server /usr/local/etc/redis/redis.conf
|
|
|
|
mem_limit: 512M
|
|
|
|
dns: 192.168.3.2
|
|
|
|
networks:
|
|
|
|
default:
|
2022-09-25 20:46:03 +00:00
|
|
|
ipv6_address: 2a01:e0a:5b7:35f1::6379
|
2022-04-17 21:08:43 +00:00
|
|
|
mariadb:
|
|
|
|
image: mariadb
|
|
|
|
volumes:
|
|
|
|
- mariadb-data:/var/lib/mysql
|
|
|
|
- ssl:/ssl:ro
|
|
|
|
ports:
|
|
|
|
- 3306:3306
|
|
|
|
dns: 192.168.3.2
|
|
|
|
networks:
|
|
|
|
default:
|
2022-09-25 20:46:03 +00:00
|
|
|
ipv6_address: 2a01:e0a:5b7:35f1::3306
|
2022-04-17 21:08:43 +00:00
|
|
|
restart: always
|
|
|
|
lumieredesoy-ghost:
|
2022-07-11 20:01:57 +00:00
|
|
|
image: ghost:5-alpine
|
2022-04-17 21:08:43 +00:00
|
|
|
volumes:
|
|
|
|
- lumieredesoy-ghost-data:/var/lib/ghost/content
|
|
|
|
- /srv/docker/volume/lumieredesoy_ghost/config/config.production.json:/var/lib/ghost/config.production.json:ro
|
|
|
|
env_file: env/lumieredesoy-ghost
|
|
|
|
restart: always
|
|
|
|
pdns:
|
|
|
|
image: pdns-alpine
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/pdns.conf:/etc/pdns/pdns.conf:ro
|
|
|
|
ports:
|
|
|
|
- "53:53/udp"
|
|
|
|
- "53:53/tcp"
|
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
|
|
|
dns: 192.168.3.2
|
|
|
|
networks:
|
|
|
|
default:
|
2022-09-25 20:46:03 +00:00
|
|
|
ipv6_address: 2a01:e0a:5b7:35f1::53
|
2022-04-17 21:08:43 +00:00
|
|
|
pdns-exporter:
|
|
|
|
image: debian:bullseye-slim
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/prometheus/powerdns_exporter/powerdns_exporter:/run/powerdns_exporter:ro
|
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
|
|
|
command: /run/powerdns_exporter -api-url http://pdns:8081/api/v1/ -api-key ${API_KEY}
|
|
|
|
grafana:
|
|
|
|
image: grafana/grafana
|
|
|
|
volumes:
|
2023-03-22 21:53:30 +00:00
|
|
|
- /srv/docker/volume/grafana/grafana.ini:/etc/grafana/grafana.ini
|
2022-04-17 21:08:43 +00:00
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
2022-10-18 21:19:52 +00:00
|
|
|
loki:
|
|
|
|
image: grafana/loki
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/loki/config/loki-docker-config.yaml:/etc/loki/local-config.yaml:ro
|
|
|
|
- /srv/docker/volume/loki/data:/loki:rw
|
|
|
|
restart: always
|
|
|
|
mem_limit: 1G
|
2022-04-17 21:08:43 +00:00
|
|
|
miniflux:
|
|
|
|
image: miniflux/miniflux
|
|
|
|
env_file: env/miniflux
|
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
2023-03-22 21:53:30 +00:00
|
|
|
php:
|
2022-04-17 21:08:43 +00:00
|
|
|
image: php-alpine
|
|
|
|
extra_hosts:
|
2023-03-22 21:53:30 +00:00
|
|
|
- "mail.verry.org:192.168.42.3"
|
|
|
|
dns: 192.168.3.2
|
2022-04-17 21:08:43 +00:00
|
|
|
volumes:
|
|
|
|
- /srv/www:/srv/www
|
|
|
|
restart: always
|
2023-03-22 21:53:30 +00:00
|
|
|
authentik-server:
|
|
|
|
image: ghcr.io/goauthentik/server:latest
|
|
|
|
restart: unless-stopped
|
|
|
|
command: server
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/authentik/media:/media
|
|
|
|
- /srv/docker/volume/authentik/custom-templates:/templates
|
|
|
|
env_file:
|
|
|
|
- env/authentik
|
|
|
|
authentik-worker:
|
|
|
|
image: ghcr.io/goauthentik/server:latest
|
|
|
|
restart: unless-stopped
|
|
|
|
command: worker
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/authentik/certs:/certs
|
|
|
|
- /srv/docker/volume/authentik/media:/media
|
|
|
|
- /srv/docker/volume/authentik/custom-templates:/templates
|
|
|
|
restart: unless-stopped
|
|
|
|
env_file:
|
|
|
|
- env/authentik
|
2022-04-17 21:08:43 +00:00
|
|
|
pgbouncer:
|
|
|
|
image: pgbouncer-alpine
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/pgbouncer:/etc/pgbouncer:ro
|
2023-03-22 21:53:30 +00:00
|
|
|
dns: 192.168.3.2
|
2022-04-17 21:08:43 +00:00
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
|
|
|
vmalert:
|
|
|
|
image: victoriametrics/vmalert
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/victoriametrics/vmalert/alert.rules:/alert.rules:ro
|
|
|
|
command: -rule=/alert.rules -datasource.url=http://victoria:8428 -notifier.url=http://prometheus-alertmanager:9093 -enableTCP6
|
|
|
|
restart: always
|
|
|
|
mem_limit: 512M
|
|
|
|
vmagent:
|
|
|
|
image: victoriametrics/vmagent
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/victoriametrics/vmagent/prometheus.yml:/prometheus.yml:ro
|
|
|
|
- /srv/docker/volume/victoriametrics/vmagent/blackbox:/blackbox:ro
|
|
|
|
extra_hosts:
|
|
|
|
- "peach.verry.org:172.17.0.1"
|
|
|
|
- "ns2.vpn6:fd00::42:2"
|
|
|
|
- "ns3.vpn6:fd00::42:3"
|
|
|
|
- "backup-01.dinoutoo.vpn6:fd00::42:9"
|
2023-03-22 21:53:30 +00:00
|
|
|
- "unbound-exporter:192.168.3.2"
|
2022-04-17 21:08:43 +00:00
|
|
|
- "quichante.vpn6:fd00::42:4"
|
|
|
|
- "click.vpn6:fd00::42:6"
|
|
|
|
- "quizz.vpn6:fd00::42:8"
|
2022-09-25 20:46:03 +00:00
|
|
|
- "kiwi.verry.org:2a01:e0a:5b7:35f3::6"
|
2022-04-17 21:08:43 +00:00
|
|
|
- "backup-01.dinoutoo.vpn:192.168.42.9"
|
2022-09-25 20:46:03 +00:00
|
|
|
- "home.verry.org:2a01:e0a:5b7:35f1::443"
|
2022-04-17 21:08:43 +00:00
|
|
|
- "mail.verry.org:192.168.3.5"
|
|
|
|
command: -enableTCP6 -promscrape.config=/prometheus.yml -remoteWrite.url=http://victoria:8428/api/v1/write -sortLabels -promscrape.config.strictParse=false
|
|
|
|
restart: always
|
|
|
|
mem_limit: 512M
|
|
|
|
prometheus-alertmanager:
|
|
|
|
image: prom/alertmanager
|
|
|
|
volumes:
|
2022-04-18 19:10:31 +00:00
|
|
|
- /srv/docker/volume/prometheus/config/alertmanager.yml:/etc/alertmanager/alertmanager.yml:ro
|
2022-11-19 17:19:02 +00:00
|
|
|
- /srv/docker/volume/alertmanager/data:/alertmanager:rw
|
2022-04-17 21:08:43 +00:00
|
|
|
extra_hosts:
|
|
|
|
- "mail.verry.org:192.168.3.5"
|
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
2022-11-19 17:19:02 +00:00
|
|
|
command:
|
|
|
|
- "--config.file=/etc/alertmanager/alertmanager.yml"
|
|
|
|
- "--storage.path=/alertmanager"
|
|
|
|
- "--web.external-url=https://alertmanager.verry.org/"
|
2022-04-17 21:08:43 +00:00
|
|
|
prometheus-blackbox:
|
|
|
|
image: prom/blackbox-exporter
|
|
|
|
volumes:
|
2022-04-18 19:10:31 +00:00
|
|
|
- /srv/docker/volume/prometheus/config/blackbox.yml:/etc/prometheus/blackbox.yml:ro
|
2022-04-17 21:08:43 +00:00
|
|
|
cap_add:
|
|
|
|
- NET_RAW
|
|
|
|
extra_hosts:
|
|
|
|
- "mail.verry.org:192.168.3.5"
|
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
|
|
|
prometheus-mysqld:
|
|
|
|
image: prom/mysqld-exporter
|
|
|
|
env_file: env/prometheus-mysqld
|
|
|
|
restart: always
|
|
|
|
mem_limit: 512M
|
|
|
|
prometheus-postgres:
|
|
|
|
image: quay.io/prometheuscommunity/postgres-exporter
|
|
|
|
env_file: env/prometheus-postgres
|
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
|
|
|
prometheus-redis:
|
|
|
|
image: oliver006/redis_exporter
|
|
|
|
env_file: env/prometheus-redis
|
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
|
|
|
prometheus-hue:
|
2022-12-30 17:19:42 +00:00
|
|
|
image: alpine
|
2022-04-17 21:08:43 +00:00
|
|
|
volumes:
|
2022-12-30 17:19:42 +00:00
|
|
|
- /srv/docker/volume/hue_exporter:/hue_exporter:ro
|
|
|
|
command: '/hue_exporter/hue_exporter -metrics-file=/hue_exporter/hue_metrics.json -hue-url="192.168.0.3" -username="qR4H-LSFFPuMz607ALjz56GF9qE4mmmsx4qrmD7Q" -listen-address=0.0.0.0:9773'
|
2022-04-17 21:08:43 +00:00
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
|
|
|
promtail:
|
|
|
|
image: grafana/promtail
|
|
|
|
command: -config.file=/etc/promtail/promtail.yaml
|
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/promtail:/etc/promtail:ro
|
|
|
|
rsyslog:
|
|
|
|
image: rsyslog-alpine
|
|
|
|
restart: always
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/rsyslog/config/rsyslog.conf:/etc/rsyslog.conf:ro
|
|
|
|
- /srv/docker/volume/rsyslog/data:/data
|
|
|
|
ports:
|
|
|
|
- 514:514/udp
|
|
|
|
- 514:514
|
|
|
|
dns: 192.168.3.2
|
|
|
|
mem_limit: 128M
|
|
|
|
networks:
|
|
|
|
default:
|
2022-09-25 20:46:03 +00:00
|
|
|
ipv6_address: 2a01:e0a:5b7:35f1::514
|
2022-04-17 21:08:43 +00:00
|
|
|
victoria:
|
|
|
|
image: victoriametrics/victoria-metrics
|
|
|
|
volumes:
|
|
|
|
- victoria-metrics:/victoria
|
2022-09-25 20:46:03 +00:00
|
|
|
command: -storageDataPath /victoria -retentionPeriod 60 -enableTCP6
|
2022-04-17 21:08:43 +00:00
|
|
|
restart: always
|
2022-09-25 20:46:03 +00:00
|
|
|
cpus: 1
|
|
|
|
mem_limit: 2048M
|
2022-04-17 21:08:43 +00:00
|
|
|
dnsdist:
|
|
|
|
image: dnsdist
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/dnsdist/dnsdist.conf:/etc/dnsdist.conf:ro
|
|
|
|
- ssl:/ssl
|
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
|
|
|
ports:
|
|
|
|
- 853:853
|
|
|
|
command: /usr/bin/dnsdist -u nobody -g nobody -C /etc/dnsdist.conf --supervised -v
|
|
|
|
networks:
|
|
|
|
default:
|
2022-09-25 20:46:03 +00:00
|
|
|
ipv6_address: 2a01:e0a:5b7:35f1::853
|
2022-04-17 21:08:43 +00:00
|
|
|
gitea:
|
|
|
|
image: gitea/gitea:dev
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/gitea/data:/data
|
|
|
|
restart: always
|
|
|
|
mem_limit: 512M
|
|
|
|
depends_on:
|
|
|
|
- postgres
|
|
|
|
routeros-exporter:
|
|
|
|
image: python-routeros
|
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
|
|
|
env_file: env/routeros-exporter
|
|
|
|
whoami:
|
|
|
|
image: traefik/whoami
|
|
|
|
restart: always
|
|
|
|
environment:
|
|
|
|
- WHOAMI_NAME=iamverry
|
|
|
|
bitwarden:
|
|
|
|
image: vaultwarden/server
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/bitwarden:/data
|
|
|
|
restart: always
|
|
|
|
mem_limit: 128M
|
|
|
|
env_file: env/vaultwarden
|
2022-10-29 21:17:57 +00:00
|
|
|
drone:
|
|
|
|
image: drone/drone:2
|
|
|
|
restart: always
|
|
|
|
env_file: env/drone
|
|
|
|
drone-runner-ssh:
|
|
|
|
image: drone/drone-runner-ssh
|
|
|
|
restart: always
|
|
|
|
env_file: env/drone-runner-ssh
|
|
|
|
minio:
|
|
|
|
image: minio/minio
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/minio/data:/data:rw
|
|
|
|
env_file: env/minio
|
|
|
|
restart: always
|
|
|
|
command: minio server /data
|
|
|
|
mem_limit: 1G
|
|
|
|
cpus: 0.5
|
2022-10-03 19:56:58 +00:00
|
|
|
dendrite:
|
|
|
|
image: matrixdotorg/dendrite-monolith:latest
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/dendrite/dendrite.yaml:/etc/dendrite/dendrite.yaml:ro
|
|
|
|
- /srv/docker/volume/dendrite/cert:/cert:ro
|
|
|
|
- /srv/docker/volume/dendrite/media:/var/dendrite/media
|
2022-11-09 15:50:13 +00:00
|
|
|
- /srv/docker/volume/dendrite/logs:/var/dendrite/logs
|
|
|
|
- /srv/docker/volume/dendrite/jetstream:/var/dendrite/jetstream
|
2022-10-03 19:56:58 +00:00
|
|
|
restart: always
|
|
|
|
mem_limit: 1G
|
2022-11-17 20:56:21 +00:00
|
|
|
cpus: 0.5
|
|
|
|
matrix-alertmanager:
|
|
|
|
image: jaywink/matrix-alertmanager:latest
|
|
|
|
env_file: env/matrix-alertmanager
|
|
|
|
restart: always
|
|
|
|
mem_limit: 1G
|
2022-10-03 19:56:58 +00:00
|
|
|
cpus: 0.5
|
2023-03-22 21:53:30 +00:00
|
|
|
uptime-kuma:
|
|
|
|
image: louislam/uptime-kuma
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/uptime-kuma/data:/app/data:rw
|
|
|
|
restart: always
|
|
|
|
mem_limit: 1G
|
|
|
|
cpus: 0.5
|
2022-11-09 15:50:13 +00:00
|
|
|
vikunja-api:
|
|
|
|
image: vikunja/api:latest
|
|
|
|
env_file: env/vikunja-api
|
|
|
|
volumes:
|
|
|
|
- /srv/docker/volume/vikunja/api/files:/app/vikunja/files:rw
|
|
|
|
restart: always
|
|
|
|
mem_limit: 1G
|
|
|
|
cpus: 0.5
|
|
|
|
vikunja-frontend:
|
|
|
|
image: vikunja/frontend
|
|
|
|
env_file: env/vikunja-frontend
|
|
|
|
restart: always
|
2023-03-22 21:53:30 +00:00
|
|
|
mem_limit: 512M
|
2022-11-09 15:50:13 +00:00
|
|
|
cpus: 0.5
|
|
|
|
networks:
|
|
|
|
default:
|
|
|
|
ipv4_address: 172.20.0.42
|
2022-04-17 21:08:43 +00:00
|
|
|
geoipupdate:
|
|
|
|
image: "maxmindinc/geoipupdate:latest"
|
|
|
|
volumes:
|
|
|
|
- "/srv/docker/volume/geoip:/usr/share/GeoIP"
|
|
|
|
env_file: env/geoipupdate
|