volumes: ssl: external: true victoria-metrics: external: true haproxy-socket: external: true postgres-13: external: true postgres-15: external: true networks: default: name: yann_default driver: bridge enable_ipv6: true ipam: driver: default config: - subnet: 172.20.0.0/24 gateway: 172.20.0.1 - subnet: 2a01:e0a:5b7:35f1::/64 gateway: 2a01:e0a:5b7:35f1::1 services: openldap: image: openldap-alpine volumes: - /srv/docker/volume/openldap/config/openldap:/etc/openldap - /srv/docker/volume/openldap/mdb:/var/lib/openldap/openldap-data - ssl:/ssl ports: - 389:389 restart: always postgres: image: postgres:15-alpine volumes: - postgres-15:/var/lib/postgresql/data - ssl:/ssl:ro dns: fd00::3:2 environment: - POSTGRES_PASSWORD=J5PdCv9ObVh5uZCJDpndzXoUumAKn52K networks: default: ipv6_address: 2a01:e0a:5b7:35f1::5432 restart: always haproxy: image: haproxytech/haproxy-alpine-quic:2.8 volumes: - ssl:/ssl:rw - /etc/haproxy:/usr/local/etc/haproxy:ro - /etc/haproxy:/etc/haproxy:ro - haproxy-socket:/var/lib/haproxy:rw restart: always mem_limit: 512M dns: fd00::3:2 networks: default: ipv6_address: 2a01:e0a:5b7:35f1::445 vault: image: hashicorp/vault volumes: - /srv/docker/volume/vault:/vault restart: always mem_limit: 128M dns: 192.168.3.2 cap_add: - IPC_LOCK command: vault server -config /vault/config caddy: image: caddy-alpine volumes: - ssl:/etc/dehydrated:ro - /etc/caddy:/etc/caddy - /srv/www:/srv/www - /srv/www/nfs/kiwi/Videos:/srv/www/nfs/kiwi/Videos:ro restart: always ports: - 443:443 - 443:443/udp - 80:80 mem_limit: 128M command: caddy run --config /etc/caddy/Caddyfile --adapter caddyfile networks: default: ipv6_address: 2a01:e0a:5b7:35f1::443 redis: image: redis:alpine restart: always volumes: - /srv/docker/volume/redis/data:/data - /srv/docker/volume/redis/config/redis.conf:/usr/local/etc/redis/redis.conf:ro command: redis-server /usr/local/etc/redis/redis.conf mem_limit: 512M dns: 192.168.3.2 networks: default: ipv6_address: 2a01:e0a:5b7:35f1::6379 pdns: image: pdns-alpine volumes: - /srv/docker/volume/pdns.conf:/etc/pdns/pdns.conf:ro ports: - "53:53/udp" - "53:53/tcp" restart: always mem_limit: 128M dns: 192.168.3.2 networks: default: ipv6_address: 2a01:e0a:5b7:35f1::53 pdns-exporter: image: debian:bullseye-slim volumes: - /srv/docker/volume/prometheus/powerdns_exporter/powerdns_exporter:/run/powerdns_exporter:ro restart: always mem_limit: 128M command: /run/powerdns_exporter -api-url http://pdns:8081/api/v1/ -api-key ${API_KEY} grafana: image: grafana/grafana volumes: - /srv/docker/volume/grafana/grafana.ini:/etc/grafana/grafana.ini restart: always mem_limit: 1G php: image: php83-alpine extra_hosts: - "mail.verry.org:192.168.42.3" dns: 192.168.3.2 command: php-fpm volumes: - /srv/www:/srv/www restart: always loki: image: grafana/loki volumes: - /srv/docker/volume/loki/config/loki-docker-config.yaml:/etc/loki/local-config.yaml:ro - /srv/docker/volume/loki/data:/loki:rw restart: always mem_limit: 1G miniflux: image: miniflux/miniflux env_file: env/miniflux restart: always mem_limit: 128M pgbouncer: image: pgbouncer-alpine volumes: - /srv/docker/volume/pgbouncer:/etc/pgbouncer:ro dns: 192.168.3.2 restart: always mem_limit: 128M vmalert: image: victoriametrics/vmalert volumes: - /srv/docker/volume/victoriametrics/vmalert/alert.rules:/alert.rules:ro command: -rule=/alert.rules -datasource.url=http://victoria:8428 -notifier.url=http://prometheus-alertmanager:9093 -enableTCP6 restart: always mem_limit: 512M vmagent: image: victoriametrics/vmagent volumes: - /srv/docker/volume/victoriametrics/vmagent/prometheus.yml:/prometheus.yml:ro - /srv/docker/volume/victoriametrics/vmagent/blackbox:/blackbox:ro extra_hosts: - "peach.verry.org:172.17.0.1" - "ns2.vpn6:fd00::42:2" - "ns3.vpn6:fd00::42:3" - "backup-01.dinoutoo.vpn6:fd00::42:9" - "unbound-exporter:192.168.3.2" - "quichante.vpn6:fd00::42:4" - "click.vpn6:fd00::42:6" - "quizz.vpn6:fd00::42:8" - "kiwi.verry.org:2a01:e0a:5b7:35f3::6" - "backup-01.dinoutoo.vpn:192.168.42.9" - "home.verry.org:2a01:e0a:5b7:35f1::443" - "mail.verry.org:192.168.3.5" command: -enableTCP6 -promscrape.config=/prometheus.yml -remoteWrite.url=http://victoria:8428/api/v1/write -sortLabels -promscrape.config.strictParse=false restart: always mem_limit: 512M prometheus-alertmanager: image: prom/alertmanager volumes: - /srv/docker/volume/prometheus/config/alertmanager.yml:/etc/alertmanager/alertmanager.yml:ro - /srv/docker/volume/alertmanager/data:/alertmanager:rw extra_hosts: - "mail.verry.org:192.168.3.5" restart: always mem_limit: 128M command: - "--config.file=/etc/alertmanager/alertmanager.yml" - "--storage.path=/alertmanager" - "--web.external-url=https://alertmanager.verry.org/" prometheus-blackbox: image: prom/blackbox-exporter volumes: - /srv/docker/volume/prometheus/config/blackbox.yml:/etc/prometheus/blackbox.yml:ro cap_add: - NET_RAW extra_hosts: - "mail.verry.org:192.168.3.5" restart: always mem_limit: 128M prometheus-postgres: image: quay.io/prometheuscommunity/postgres-exporter env_file: env/prometheus-postgres restart: always mem_limit: 128M prometheus-redis: image: oliver006/redis_exporter env_file: env/prometheus-redis restart: always mem_limit: 128M prometheus-hue: image: alpine volumes: - /srv/docker/volume/hue_exporter:/hue_exporter:ro command: '/hue_exporter/hue_exporter -metrics-file=/hue_exporter/hue_metrics.json -hue-url="192.168.0.3" -username="qR4H-LSFFPuMz607ALjz56GF9qE4mmmsx4qrmD7Q" -listen-address=0.0.0.0:9773' restart: always mem_limit: 128M promtail: image: grafana/promtail command: -config.file=/etc/promtail/promtail.yaml restart: always mem_limit: 128M volumes: - /srv/docker/volume/promtail:/etc/promtail:ro rsyslog: image: rsyslog-alpine restart: always volumes: - /srv/docker/volume/rsyslog/config/rsyslog.conf:/etc/rsyslog.conf:ro - /srv/docker/volume/rsyslog/data:/data ports: - 514:514/udp - 514:514 dns: 192.168.3.2 mem_limit: 128M networks: default: ipv6_address: 2a01:e0a:5b7:35f1::514 victoria: image: victoriametrics/victoria-metrics volumes: - victoria-metrics:/victoria command: -storageDataPath /victoria -retentionPeriod 60 -enableTCP6 restart: always cpus: 1 mem_limit: 2048M dnsdist: image: dnsdist volumes: - /srv/docker/volume/dnsdist/dnsdist.conf:/etc/dnsdist.conf:ro - ssl:/ssl restart: always mem_limit: 128M ports: - 853:853 command: /usr/bin/dnsdist -u nobody -g nobody -C /etc/dnsdist.conf --supervised -v networks: default: ipv6_address: 2a01:e0a:5b7:35f1::853 gitea: image: codeberg.org/forgejo/forgejo:7 volumes: - /srv/docker/volume/gitea/data:/data restart: always mem_limit: 512M depends_on: - postgres routeros-exporter: image: python-routeros restart: always mem_limit: 128M env_file: env/routeros-exporter whoami: image: traefik/whoami restart: always environment: - WHOAMI_NAME=iamverry linkding: image: sissbruecker/linkding:latest volumes: - /srv/docker/volume/linkding:/etc/linkding/data restart: always mem_limit: 1G env_file: env/linkding command: uwsgi --http [::]:9090 uwsgi.ini drone: image: drone/drone:2 restart: always env_file: env/drone drone-runner-ssh: image: drone/drone-runner-ssh restart: always env_file: env/drone-runner-ssh # minio: # image: minio/minio # volumes: # - /srv/docker/volume/minio/data:/data:rw # env_file: env/minio # restart: always # command: minio server /data # mem_limit: 1G # cpus: 0.5 matrixsyncv3: image: alpine:3.18 env_file: env/matrixsyncv3 volumes: - /srv/docker/volume/sliding-sync/bin/syncv3:/bin/syncv3 restart: always command: /bin/syncv3 mem_limit: 1G cpus: 0.5 dendrite: image: matrixdotorg/dendrite-monolith:latest volumes: - /srv/docker/volume/dendrite/dendrite.yaml:/etc/dendrite/dendrite.yaml:ro - /srv/docker/volume/dendrite/cert:/cert:ro - /srv/docker/volume/dendrite/media:/var/dendrite/media - /srv/docker/volume/dendrite/logs:/var/dendrite/logs - /srv/docker/volume/dendrite/jetstream:/var/dendrite/jetstream restart: always mem_limit: 1G cpus: 0.5 matrix-alertmanager: image: jaywink/matrix-alertmanager:latest env_file: env/matrix-alertmanager restart: always mem_limit: 1G cpus: 0.5 uptime-kuma: image: louislam/uptime-kuma volumes: - /srv/docker/volume/uptime-kuma/data:/app/data:rw restart: always mem_limit: 2G cpus: 1 openspeedtest: environment: - ENABLE_LETSENCRYPT=False - DOMAIN_NAME=speedtest.verry.org image: "openspeedtest/latest" geoipupdate: image: "maxmindinc/geoipupdate:latest" volumes: - "/srv/docker/volume/geoip:/usr/share/GeoIP" env_file: env/geoipupdate