2559 lines
122 KiB
HTML
2559 lines
122 KiB
HTML
|
<?xml version="1.0" encoding="utf-8"?>
|
||
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
|
||
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||
|
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
|
||
|
<head>
|
||
|
<!-- 2021-10-25 lun. 14:33 -->
|
||
|
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
|
||
|
<title>Home Server</title>
|
||
|
<meta name="author" content="Dehaeze Thomas" />
|
||
|
<meta name="generator" content="Org Mode" />
|
||
|
<link rel="stylesheet" type="text/css" href="./dist/style.css"/>
|
||
|
<script type="text/javascript" src="./dist/script.js"></script>
|
||
|
</head>
|
||
|
<body>
|
||
|
<div id="org-div-home-and-up">
|
||
|
<a accesskey="h" href="./index.html"> UP </a>
|
||
|
|
|
||
|
<a accesskey="H" href="./index.html"> HOME </a>
|
||
|
</div><div id="content" class="content">
|
||
|
<h1 class="title">Home Server</h1>
|
||
|
<div id="table-of-contents" role="doc-toc">
|
||
|
<h2>Table of Contents</h2>
|
||
|
<div id="text-table-of-contents" role="doc-toc">
|
||
|
<ul>
|
||
|
<li><a href="#org673983e">Hardware</a></li>
|
||
|
<li><a href="#orga615d49">Installation</a>
|
||
|
<ul>
|
||
|
<li><a href="#orgbaf5c05">Ubuntu</a></li>
|
||
|
<li><a href="#orgce66c6f">Install Important software</a></li>
|
||
|
<li><a href="#org0ce3c49">Terminal Problem</a></li>
|
||
|
<li><a href="#org5d9a4d5">Minor Modifications of <code>~/.inputrc</code></a></li>
|
||
|
<li><a href="#org9af1429">Partition and Format Disk Drives</a></li>
|
||
|
<li><a href="#orge8c1f60">MergerFS and FStab</a></li>
|
||
|
<li><a href="#orgec4527f">Automating with SnapRAID Runner</a></li>
|
||
|
<li><a href="#org1c1f1ad">Install Docker</a></li>
|
||
|
<li><a href="#org74f1b9b">Executing the Docker Command Without Sudo</a></li>
|
||
|
<li><a href="#org92be6a5">Install Docker-Compose</a></li>
|
||
|
<li><a href="#orgcb62a85">Setup Docker Networks</a></li>
|
||
|
<li><a href="#org3416665">Change Timezone</a></li>
|
||
|
<li><a href="#org94403c3">Secure the Web Server</a></li>
|
||
|
<li><a href="#org94449af">Automatic Security Updates</a></li>
|
||
|
<li><a href="#org243021b">Setup cronjobs</a></li>
|
||
|
<li><a href="#org8270f7b">Run <code>docker-compose</code></a></li>
|
||
|
<li><a href="#orgf79a4d1">Docker config <code>~/.docker/config.json</code></a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
<li><a href="#org066e8a2">Maintenance - How To</a>
|
||
|
<ul>
|
||
|
<li><a href="#org82796e9">Update System/Packages</a></li>
|
||
|
<li><a href="#orge11433c">Docker Commands</a></li>
|
||
|
<li><a href="#org25c046d"><code>snapraid</code></a></li>
|
||
|
<li><a href="#org6e18227">Restore Online backup with <code>restic</code></a></li>
|
||
|
<li><a href="#org26ffd0b">Add <code>wireguard</code> client</a>
|
||
|
<ul>
|
||
|
<li><a href="#org64a0a3c">With an Android client</a></li>
|
||
|
<li><a href="#orgb409071">With a Linux client</a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
<li><a href="#orgcaaa31c">Docker-Compose</a>
|
||
|
<ul>
|
||
|
<li><a href="#org1897d40">Networks</a></li>
|
||
|
<li><a href="#org4e418e6">Logging</a></li>
|
||
|
<li><a href="#org822841f"><code>traefik</code> - Application proxy (link)</a>
|
||
|
<ul>
|
||
|
<li><a href="#orgd92c6fb"><code>traefik.yaml</code></a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
<li><a href="#org01d80a6"><code>authelia</code> - Single Sign-On Multi-Factor portal (link)</a>
|
||
|
<ul>
|
||
|
<li><a href="#orgb0a0c87"><code>configuration.yml</code></a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
<li><a href="#orgd4fd48d"><code>lldap</code> - LDAP Server (link)</a></li>
|
||
|
<li><a href="#org6b7ce0a"><code>gotify</code> - Notification service (link)</a></li>
|
||
|
<li><a href="#org4f32269"><code>nginx</code> - Root (used for Matrix)</a>
|
||
|
<ul>
|
||
|
<li><a href="#org60502ee"><code>nginx.conf</code></a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
<li><a href="#org9525168"><code>homer</code> - Home page (link)</a>
|
||
|
<ul>
|
||
|
<li><a href="#orgcdbaa2f"><code>config.yml</code></a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
<li><a href="#org69410ad"><code>snapraid</code> - Manage local backup with parity disk (link)</a>
|
||
|
<ul>
|
||
|
<li><a href="#org268eb95"><code>snapraid.conf</code></a></li>
|
||
|
<li><a href="#orgd08790b"><code>snapraid-runner.conf</code></a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
<li><a href="#orgca71b98"><code>portainer</code> - Manage docker (link)</a></li>
|
||
|
<li><a href="#orgb5bc8f7"><code>wireguard</code> - VPN (link)</a></li>
|
||
|
<li><a href="#org5bd5b68"><code>gluetun</code> - Provide VPN connection to other containers (link)</a></li>
|
||
|
<li><a href="#org25595ca"><code>transmission</code> - Torrent client (link)</a></li>
|
||
|
<li><a href="#org8381c5f"><code>gitea</code> - Git server (link)</a></li>
|
||
|
<li><a href="#org1932d9e"><code>wikijs</code> - Wiki App (link)</a></li>
|
||
|
<li><a href="#org41419ce"><code>research</code> - Research Pages (link)</a>
|
||
|
<ul>
|
||
|
<li><a href="#org842c7ec"><code>Caddyfile</code></a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
<li><a href="#org6319523"><code>dotfiles</code> - Dotfiles (link)</a>
|
||
|
<ul>
|
||
|
<li><a href="#orgfc0a576"><code>Caddyfile</code></a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
<li><a href="#org56db687"><code>hugo</code> - Wiki + Blog (link)</a></li>
|
||
|
<li><a href="#org7d0630e"><code>syncthing</code> - File Synchronization (link)</a></li>
|
||
|
<li><a href="#orgba9af47"><code>miniflux</code> - RSS reader (link)</a></li>
|
||
|
<li><a href="#orga0b0d17"><code>homeassistant</code> - Home Automation (link)</a></li>
|
||
|
<li><a href="#org2f6aaaf"><code>jellyfin</code> - Media server (link)</a></li>
|
||
|
<li><a href="#orgc123881"><code>jfa-go</code> - Manage Jellyfin Users (link)</a></li>
|
||
|
<li><a href="#org5e8e039"><code>audioserve</code> - Audiobook server (link)</a></li>
|
||
|
<li><a href="#orgfda7376"><code>filebrowser</code> - Web file browser (link)</a>
|
||
|
<ul>
|
||
|
<li><a href="#orga0657d6"><code>.filebrowser.json</code></a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
<li><a href="#org38dd59c"><code>scrutiny</code> - Hard drive monitoring (link)</a></li>
|
||
|
<li><a href="#orgd459bfa"><code>radicale</code> - CalDAV/CardDAV server (link)</a>
|
||
|
<ul>
|
||
|
<li><a href="#orgc3fd52f"><code>config</code></a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
<li><a href="#orgc6e7c15"><code>restic</code> - Automatic online backups (link)</a>
|
||
|
<ul>
|
||
|
<li><a href="#org922569f"><code>exclude.txt</code> - Exclude files</a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
<li><a href="#org090efb5"><code>octoprint</code> - Web interface for 3D printing (link)</a></li>
|
||
|
<li><a href="#org6fc53a7"><code>mealie</code> - Recipe Manager (link)</a></li>
|
||
|
<li><a href="#org99c58c9"><code>diun</code> - Notification for Docker image updates (link)</a></li>
|
||
|
<li><a href="#orgde60f5d"><code>commento</code> - Commenting system (link)</a></li>
|
||
|
<li><a href="#org92e824e"><code>uptime-kuma</code> - Monitoring Tool (link)</a></li>
|
||
|
<li><a href="#orge8a184a"><code>kavita</code> - Reading server (link)</a></li>
|
||
|
<li><a href="#orge5608bc"><code>mosquitto</code> - MQTT broker (link)</a></li>
|
||
|
<li><a href="#orgb7add6d"><code>zigbee2mqtt</code> - Zigbee to MQTT bridge (link)</a></li>
|
||
|
<li><a href="#org81ab575"><code>zigbee2mqttassistant</code> - GUI for Zigbee2Mqtt (link)</a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
<li><a href="#org515b6e0">Cron Jobs</a>
|
||
|
<ul>
|
||
|
<li><a href="#orgaf6db6e">Caddy Update</a></li>
|
||
|
</ul>
|
||
|
</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org673983e" class="outline-2">
|
||
|
<h2 id="org673983e">Hardware</h2>
|
||
|
<div class="outline-text-2" id="text-org673983e">
|
||
|
<table border="2" cellspacing="0" cellpadding="6" rules="groups" frame="hsides">
|
||
|
<caption class="t-above"><span class="table-number">Table 1:</span> Home Server Hardware</caption>
|
||
|
|
||
|
<colgroup>
|
||
|
<col class="org-left" />
|
||
|
|
||
|
<col class="org-left" />
|
||
|
</colgroup>
|
||
|
<thead>
|
||
|
<tr>
|
||
|
<th scope="col" class="org-left"><b>Part</b></th>
|
||
|
<th scope="col" class="org-left"><b>Model</b></th>
|
||
|
</tr>
|
||
|
</thead>
|
||
|
<tbody>
|
||
|
<tr>
|
||
|
<td class="org-left">Case</td>
|
||
|
<td class="org-left">Fractal Design Node 804</td>
|
||
|
</tr>
|
||
|
|
||
|
<tr>
|
||
|
<td class="org-left">Motherboard</td>
|
||
|
<td class="org-left">ASUS PRIME B450M-A</td>
|
||
|
</tr>
|
||
|
|
||
|
<tr>
|
||
|
<td class="org-left">CPU</td>
|
||
|
<td class="org-left">AMD Ryzen 3 3200G</td>
|
||
|
</tr>
|
||
|
|
||
|
<tr>
|
||
|
<td class="org-left">RAM</td>
|
||
|
<td class="org-left">Corsair Vengeance LPX 16Go (2x8Go) DDR4 3200MHz</td>
|
||
|
</tr>
|
||
|
|
||
|
<tr>
|
||
|
<td class="org-left">Cooler</td>
|
||
|
<td class="org-left">ARCTIC Freezer 34 eSports DUO</td>
|
||
|
</tr>
|
||
|
|
||
|
<tr>
|
||
|
<td class="org-left">PSU</td>
|
||
|
<td class="org-left">Corsair SF450</td>
|
||
|
</tr>
|
||
|
|
||
|
<tr>
|
||
|
<td class="org-left">SSD M.2</td>
|
||
|
<td class="org-left">Samsung 970 EVO Plus 250Gb</td>
|
||
|
</tr>
|
||
|
|
||
|
<tr>
|
||
|
<td class="org-left">Disk Drives</td>
|
||
|
<td class="org-left">Various drives ranging from 3Tb to 8Tb</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orga615d49" class="outline-2">
|
||
|
<h2 id="orga615d49">Installation</h2>
|
||
|
<div class="outline-text-2" id="text-orga615d49">
|
||
|
</div>
|
||
|
<div id="outline-container-orgbaf5c05" class="outline-3">
|
||
|
<h3 id="orgbaf5c05">Ubuntu</h3>
|
||
|
<div class="outline-text-3" id="text-orgbaf5c05">
|
||
|
<ul class="org-ul">
|
||
|
<li>Download <b>Ubuntu Server 20.04 LTS</b> (<a href="https://ubuntu.com/download/server">link</a>).</li>
|
||
|
<li>Activate OpenSSH and add SSH Keys</li>
|
||
|
<li>Account: <code>thomas</code>, hostname: <code>homelab</code></li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgce66c6f" class="outline-3">
|
||
|
<h3 id="orgce66c6f">Install Important software</h3>
|
||
|
<div class="outline-text-3" id="text-orgce66c6f">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash"><span class="org-type">sudo</span> apt install neovim tmux fd-find ripgrep fzf apache2-utils unrar ranger
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org0ce3c49" class="outline-3">
|
||
|
<h3 id="org0ce3c49">Terminal Problem</h3>
|
||
|
<div class="outline-text-3" id="text-org0ce3c49">
|
||
|
<p>
|
||
|
On the local host, using Termite:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">infocmp > termite.terminfo <span class="org-comment-delimiter"># </span><span class="org-comment">export Termite's Terminfo</span>
|
||
|
scp termite.terminfo user@remote-host:~/ <span class="org-comment-delimiter"># </span><span class="org-comment">or any other method to copy to the remote host</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
On the remote host, in the directory where you copied <code>termite.terminfo</code>:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">tic -x termite.terminfo <span class="org-comment-delimiter"># </span><span class="org-comment">import Terminfo for current user</span>
|
||
|
<span class="org-type">rm</span> termite.terminfo <span class="org-comment-delimiter"># </span><span class="org-comment">optional: remove Terminfo file</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org5d9a4d5" class="outline-3">
|
||
|
<h3 id="org5d9a4d5">Minor Modifications of <code>~/.inputrc</code></h3>
|
||
|
<div class="outline-text-3" id="text-org5d9a4d5">
|
||
|
<p>
|
||
|
Modify <code>~/.inputrc</code>, like so:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-conf"><span class="org-string">"\e[A"</span>: history-search-backward <span class="org-comment-delimiter"># </span><span class="org-comment">arrow up</span>
|
||
|
<span class="org-string">"\e[B"</span>: history-search-forward <span class="org-comment-delimiter"># </span><span class="org-comment">arrow down</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org9af1429" class="outline-3">
|
||
|
<h3 id="org9af1429">Partition and Format Disk Drives</h3>
|
||
|
<div class="outline-text-3" id="text-org9af1429">
|
||
|
<p>
|
||
|
A nice tutorial is available <a href="https://www.digitalocean.com/community/tutorials/how-to-partition-and-format-storage-devices-in-linux">here</a>.
|
||
|
</p>
|
||
|
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">lsblk
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash"><span class="org-type">sudo</span> parted /dev/sda mklabel gpt
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash"><span class="org-type">sudo</span> parted -a opt /dev/sda mkpart <span class="org-string">"partitionname"</span> ext4 0% 100%
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash"><span class="org-type">sudo</span> mkfs.ext4 -L partitionname /dev/sda1
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orge8c1f60" class="outline-3">
|
||
|
<h3 id="orge8c1f60">MergerFS and FStab</h3>
|
||
|
<div class="outline-text-3" id="text-orge8c1f60">
|
||
|
<p>
|
||
|
<b>MergerFS</b> is a transparent layer that sits on top of the data drives providing a single mount point for reads / writes (<a href="https://selfhostedhome.com/combining-different-sized-drives-with-mergerfs-and-snapraid/">link</a>).
|
||
|
</p>
|
||
|
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash"><span class="org-type">sudo</span> apt install mergerfs
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
Create mount points
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash"><span class="org-type">sudo</span> <span class="org-type">mkdir</span> /mnt/disk0
|
||
|
<span class="org-type">sudo</span> <span class="org-type">mkdir</span> /mnt/disk1
|
||
|
<span class="org-type">sudo</span> <span class="org-type">mkdir</span> /mnt/parity
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
Create folder where disks will be merged.
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash"><span class="org-type">sudo</span> <span class="org-type">mkdir</span> /srv/storage
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
Edit <code>/etc/fstab</code>.
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-conf">/dev/disk/by-uuid/7fb7873c-83bd-4805-98ab-506e6c7b56fa /mnt/disk0 ext4 defaults <span class="org-highlight-numbers-number">0</span> <span class="org-highlight-numbers-number">0</span>
|
||
|
/dev/disk/by-uuid/6574b7ae-321c-4078-9793-bc41a4fa5588 /mnt/disk1 ext4 defaults <span class="org-highlight-numbers-number">0</span> <span class="org-highlight-numbers-number">0</span>
|
||
|
/dev/disk/by-uuid/6fcd38b9-0886-46bd-900d-cb1f170dbcee /mnt/parity ext4 defaults <span class="org-highlight-numbers-number">0</span> <span class="org-highlight-numbers-number">0</span>
|
||
|
|
||
|
<span class="org-variable-name">/mnt/disk* /srv/storage fuse.mergerfs direct_io,defaults,allow_other,minfreespace</span>=50G,fsname=mergerfs <span class="org-highlight-numbers-number">0</span> <span class="org-highlight-numbers-number">0</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgec4527f" class="outline-3">
|
||
|
<h3 id="orgec4527f">Automating with SnapRAID Runner</h3>
|
||
|
<div class="outline-text-3" id="text-orgec4527f">
|
||
|
<p>
|
||
|
<b>SnapRAID</b> is a snapshot parity calculation tool which acts at the block level independent of filesystem (<a href="https://selfhostedhome.com/combining-different-sized-drives-with-mergerfs-and-snapraid/">link</a>).
|
||
|
</p>
|
||
|
|
||
|
<p>
|
||
|
SnapRAID is here used inside a Docker container (<a href="https://hub.docker.com/r/xagaba/snapraid">link</a>).
|
||
|
</p>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org1c1f1ad" class="outline-3">
|
||
|
<h3 id="org1c1f1ad">Install Docker</h3>
|
||
|
<div class="outline-text-3" id="text-org1c1f1ad">
|
||
|
<p>
|
||
|
The procedure is well explained <a href="https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-20-04">here</a>.
|
||
|
</p>
|
||
|
|
||
|
<p>
|
||
|
If docker is already installed, remove it:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash"><span class="org-type">sudo</span> apt remove docker
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org74f1b9b" class="outline-3">
|
||
|
<h3 id="org74f1b9b">Executing the Docker Command Without Sudo</h3>
|
||
|
<div class="outline-text-3" id="text-org74f1b9b">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash"><span class="org-type">sudo</span> usermod -aG docker $<span class="org-rainbow-delimiters-depth-1">{</span><span class="org-variable-name">USER</span><span class="org-rainbow-delimiters-depth-1">}</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
To apply the new group membership, log out of the server and back in, or type the following:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">su - $<span class="org-rainbow-delimiters-depth-1">{</span><span class="org-variable-name">USER</span><span class="org-rainbow-delimiters-depth-1">}</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org92be6a5" class="outline-3">
|
||
|
<h3 id="org92be6a5">Install Docker-Compose</h3>
|
||
|
<div class="outline-text-3" id="text-org92be6a5">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash"><span class="org-type">sudo</span> apt install docker-compose
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgcb62a85" class="outline-3">
|
||
|
<h3 id="orgcb62a85">Setup Docker Networks</h3>
|
||
|
<div class="outline-text-3" id="text-orgcb62a85">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">docker network create --gateway 192.168.90.1 --subnet 192.168.90.0/24 t2_proxy
|
||
|
docker network create docker_default
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org3416665" class="outline-3">
|
||
|
<h3 id="org3416665">Change Timezone</h3>
|
||
|
<div class="outline-text-3" id="text-org3416665">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash"><span class="org-type">sudo</span> timedatectl set-timezone Europe/Paris
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org94403c3" class="outline-3">
|
||
|
<h3 id="org94403c3">Secure the Web Server</h3>
|
||
|
<div class="outline-text-3" id="text-org94403c3">
|
||
|
<p>
|
||
|
Most of it comes from <a href="https://github.com/imthenachoman/How-To-Secure-A-Linux-Server">here</a>.
|
||
|
</p>
|
||
|
|
||
|
<ul class="org-ul">
|
||
|
<li>Set <code>PasswordAuthentication</code> no in <code>/etc/ssh/sshd_config</code></li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org94449af" class="outline-3">
|
||
|
<h3 id="org94449af">Automatic Security Updates</h3>
|
||
|
<div class="outline-text-3" id="text-org94449af">
|
||
|
<p>
|
||
|
The procedure is well explained <a href="https://www.linuxbabe.com/ubuntu/automatic-security-update-unattended-upgrades-ubuntu">here</a>.
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash"><span class="org-type">sudo</span> apt install unattended-upgrades update-notifier-common
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
Edit <code>/etc/apt/apt.conf.d/50unattended-upgrades</code>, and change the following lines:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-conf">Unattended-Upgrade::Remove-Unused-Dependencies <span class="org-string">"true"</span>;
|
||
|
Unattended-Upgrade::Automatic-Reboot <span class="org-string">"true"</span>;
|
||
|
Unattended-Upgrade::Automatic-Reboot-Time <span class="org-string">"04:00"</span>;
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
Edit <code>/etc/apt/apt.conf.d/20auto-upgrades</code>:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-conf">APT::Periodic::Update-Package-Lists <span class="org-string">"1"</span>;
|
||
|
APT::Periodic::Unattended-Upgrade <span class="org-string">"1"</span>;
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org243021b" class="outline-3">
|
||
|
<h3 id="org243021b">Setup cronjobs</h3>
|
||
|
<div class="outline-text-3" id="text-org243021b">
|
||
|
<p>
|
||
|
Create a folder <code>~/cron</code> with all the scripts and logs related to cron.
|
||
|
</p>
|
||
|
|
||
|
<p>
|
||
|
To edit the cron jobs, type <code>crontab -e</code> and add a line like:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-conf">*/5 * * * * /home/thomas/cron/caddy_update.sh >> /home/thomas/cron/caddy_update.log 2>&1
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
That will run every 5 minutes.
|
||
|
To check how the first part of the crontab works, check <a href="https://crontab.guru/">this website</a>.
|
||
|
</p>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org8270f7b" class="outline-3">
|
||
|
<h3 id="org8270f7b">Run <code>docker-compose</code></h3>
|
||
|
<div class="outline-text-3" id="text-org8270f7b">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash"><span class="org-type">cd</span> ~/docker && docker-compose up -d
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgf79a4d1" class="outline-3">
|
||
|
<h3 id="orgf79a4d1">Docker config <code>~/.docker/config.json</code></h3>
|
||
|
<div class="outline-text-3" id="text-orgf79a4d1">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-json">{
|
||
|
<span class="org-keyword">"psFormat"</span>: <span class="org-string">"table {{ .ID }}\\t{{ .Names }}\t{{ .Status }}"</span>
|
||
|
}
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org066e8a2" class="outline-2">
|
||
|
<h2 id="org066e8a2">Maintenance - How To</h2>
|
||
|
<div class="outline-text-2" id="text-org066e8a2">
|
||
|
</div>
|
||
|
<div id="outline-container-org82796e9" class="outline-3">
|
||
|
<h3 id="org82796e9">Update System/Packages</h3>
|
||
|
<div class="outline-text-3" id="text-org82796e9">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash"><span class="org-type">sudo</span> -- sh -c <span class="org-string">'apt-get update; apt-get upgrade -y; apt-get dist-upgrade -y; apt-get autoremove -y; apt-get autoclean -y'</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orge11433c" class="outline-3">
|
||
|
<h3 id="orge11433c">Docker Commands</h3>
|
||
|
<div class="outline-text-3" id="text-orge11433c">
|
||
|
<ul class="org-ul">
|
||
|
<li>Starting a container: <code>$ docker start homeassistant</code></li>
|
||
|
<li>Stopping a container: <code>$ docker stop homeassistant</code></li>
|
||
|
<li>Restarting a container: <code>$ docker restart homeassistant</code></li>
|
||
|
<li>Listing the running containers: <code>$ docker ps or $ cd ~/docker/ && docker-compose ps</code></li>
|
||
|
<li>View the logs of a container: <code>$ docker logs -f homeassistant</code></li>
|
||
|
<li>Drop a shell into a container: <code>$ docker exec -it homeassistant /bin/bash</code></li>
|
||
|
<li>Update specific container: <code>docker-compose pull --ignore-pull-failures homeassistant</code></li>
|
||
|
</ul>
|
||
|
|
||
|
<p>
|
||
|
Update All Containers
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash"><span class="org-type">cd</span> ~/docker/ && docker-compose pull --ignore-pull-failures && docker-compose up -d
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
Clean up Docker environment
|
||
|
This will delete all unused images, volumes and networks.
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">docker system prune -f && docker image prune -f && docker volume prune -f
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org25c046d" class="outline-3">
|
||
|
<h3 id="org25c046d"><code>snapraid</code></h3>
|
||
|
<div class="outline-text-3" id="text-org25c046d">
|
||
|
<p>
|
||
|
To see all files “backed up” by snapraid, use:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">docker exec -ti snapraid snapraid list | fzf
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
In reality, snapraid is ran from the docker container:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">docker exec -ti snapraid snapraid fix -f <path_to_file>
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
The path to file should be relative: <code>/srv/storage/Cloud/org/file.org</code> -> <code>Cloud/org/file.org</code>
|
||
|
</p>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org6e18227" class="outline-3">
|
||
|
<h3 id="org6e18227">Restore Online backup with <code>restic</code></h3>
|
||
|
<div class="outline-text-3" id="text-org6e18227">
|
||
|
<p>
|
||
|
To list backups:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">docker exec restic restic snapshots
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<pre class="example">
|
||
|
ID Time Host Tags Paths
|
||
|
--------------------------------------------------------------------------------
|
||
|
a7b98408 2020-09-03 21:18:00 4803c2af7d4e /data/documents/manuals
|
||
|
088e31a4 2020-09-03 21:50:26 4803c2af7d4e /data/documents/manuals
|
||
|
9cf0b480 2020-09-03 22:05:47 4803c2af7d4e /data/documents/manuals
|
||
|
--------------------------------------------------------------------------------
|
||
|
3 snapshots
|
||
|
</pre>
|
||
|
|
||
|
|
||
|
<p>
|
||
|
Force backup of folder:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">docker exec restic restic backup /data/documents/manuals
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<pre class="example">
|
||
|
|
||
|
Files: 0 new, 2 changed, 8475 unmodified
|
||
|
Dirs: 0 new, 2 changed, 0 unmodified
|
||
|
Added to the repo: 1.010 KiB
|
||
|
|
||
|
processed 8477 files, 589.800 MiB in 0:02
|
||
|
snapshot 9cf0b480 saved
|
||
|
</pre>
|
||
|
|
||
|
|
||
|
<p>
|
||
|
Find the path to the file within the snapshot:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">docker exec restic restic <span class="org-type">find</span> file_name
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
Find files only for a specific snapshot:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">docker exec restic restic <span class="org-type">find</span> -s latest file_name
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
Restore files/folders (replace file/folders):
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">docker exec restic restic restore --include /data/documents/manuals --target / 088e31a4
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
You can use <code>latest</code> instead of the ID.
|
||
|
</p>
|
||
|
|
||
|
<p>
|
||
|
If indeed, we want to make a copy of the file, we can use the backup folder
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">docker exec restic restic restore --include /data/documents/manuals --target /backup 088e31a4
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org26ffd0b" class="outline-3">
|
||
|
<h3 id="org26ffd0b">Add <code>wireguard</code> client</h3>
|
||
|
<div class="outline-text-3" id="text-org26ffd0b">
|
||
|
</div>
|
||
|
<div id="outline-container-org64a0a3c" class="outline-4">
|
||
|
<h4 id="org64a0a3c">With an Android client</h4>
|
||
|
<div class="outline-text-4" id="text-org64a0a3c">
|
||
|
<p>
|
||
|
Show the QRcode corresponding the a specific peer with:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">docker exec -it wireguard /app/show-peer <span class="org-highlight-numbers-number">1</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
Then, simply scan the QRcode with the <a href="https://github.com/WireGuard/wireguard-android">Wireguard</a> application.
|
||
|
</p>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgb409071" class="outline-4">
|
||
|
<h4 id="orgb409071">With a Linux client</h4>
|
||
|
<div class="outline-text-4" id="text-orgb409071">
|
||
|
<p>
|
||
|
Copy the file <code>$CONFIGDIR/wireguard/peeri/peeri.conf</code>, e.g.:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-conf">[<span class="org-type">Interface</span>]
|
||
|
<span class="org-variable-name">Address</span> = 10.13.13.4/24
|
||
|
<span class="org-variable-name">DNS</span> = 10.13.1.1
|
||
|
<span class="org-variable-name">PrivateKey</span> = ****
|
||
|
<span class="org-variable-name">ListenPort</span> = <span class="org-highlight-numbers-number">51820</span>
|
||
|
|
||
|
[<span class="org-type">Peer</span>]
|
||
|
<span class="org-variable-name">PublicKey</span> = ****
|
||
|
<span class="org-variable-name">Endpoint</span> = wireguard.tdehaeze.xyz:<span class="org-highlight-numbers-number">51820</span>
|
||
|
<span class="org-variable-name">AllowedIPs</span> = 0.0.0.0/0, ::0/0
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
Then, paste the file to <code>/etc/wireguard/interfacename.conf</code>.
|
||
|
And then:
|
||
|
</p>
|
||
|
<ul class="org-ul">
|
||
|
<li><code>sudo chmod 600 /etc/wireguard/interfacename.conf</code></li>
|
||
|
<li><code>sudo chown root:root /etc/wireguard/interfacename.conf</code></li>
|
||
|
</ul>
|
||
|
|
||
|
<p>
|
||
|
Then, start the tunnel with:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">wg-quick up interfacename
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgcaaa31c" class="outline-2">
|
||
|
<h2 id="orgcaaa31c">Docker-Compose</h2>
|
||
|
<div class="outline-text-2" id="text-orgcaaa31c">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"><span class="org-variable-name">version</span>: <span class="org-string">"3.4"</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org1897d40" class="outline-3">
|
||
|
<h3 id="org1897d40">Networks</h3>
|
||
|
<div class="outline-text-3" id="text-org1897d40">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"><span class="org-variable-name">networks</span>:
|
||
|
<span class="org-variable-name">t2_proxy</span>:
|
||
|
<span class="org-variable-name">external</span>:
|
||
|
<span class="org-variable-name">name</span>: t2_proxy
|
||
|
<span class="org-variable-name">backend</span>:
|
||
|
<span class="org-variable-name">external</span>: <span class="org-constant">false</span>
|
||
|
<span class="org-variable-name">default</span>:
|
||
|
<span class="org-variable-name">driver</span>: bridge
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org4e418e6" class="outline-3">
|
||
|
<h3 id="org4e418e6">Logging</h3>
|
||
|
<div class="outline-text-3" id="text-org4e418e6">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"><span class="org-variable-name">x-logging</span>:
|
||
|
<span class="org-function-name">&default-logging</span>
|
||
|
<span class="org-variable-name">driver</span>: <span class="org-string">"json-file"</span>
|
||
|
<span class="org-variable-name">options</span>:
|
||
|
<span class="org-variable-name">max-size</span>: <span class="org-string">"200k"</span>
|
||
|
<span class="org-variable-name">max-file</span>: <span class="org-string">"10"</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org822841f" class="outline-3">
|
||
|
<h3 id="org822841f"><code>traefik</code> - Application proxy (<a href="https://github.com/traefik/traefik">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org822841f">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"><span class="org-variable-name">services</span>:
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">traefik</span>:
|
||
|
<span class="org-variable-name">container_name</span>: traefik
|
||
|
<span class="org-variable-name">image</span>: traefik:2.2.1
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">depends_on</span>:
|
||
|
- authelia
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
<span class="org-variable-name">t2_proxy</span>:
|
||
|
<span class="org-variable-name">ipv4_address</span>: 192.168.90.254 <span class="org-comment-delimiter"># </span><span class="org-comment">You can specify a static IP</span>
|
||
|
<span class="org-variable-name">security_opt</span>:
|
||
|
- no-new-privileges:true
|
||
|
<span class="org-variable-name">ports</span>:
|
||
|
- 80:80 <span class="org-comment-delimiter"># </span><span class="org-comment">http</span>
|
||
|
- 443:443 <span class="org-comment-delimiter"># </span><span class="org-comment">https</span>
|
||
|
- 8448:8448 <span class="org-comment-delimiter"># </span><span class="org-comment">Matrix</span>
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/traefik2/rules:/rules
|
||
|
- $CONFIGDIR/traefik2/acme/acme.json:/acme.json
|
||
|
- $CONFIGDIR/traefik2/shared:/shared
|
||
|
- $CONFIGDIR/traefik2/traefik.yaml:/etc/traefik/traefik.yaml
|
||
|
- /var/log/traefik:/var/log
|
||
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- CF_API_EMAIL=$CLOUDFLARE_EMAIL
|
||
|
- CF_API_KEY=$CLOUDFLARE_API_KEY
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">HTTP-to-HTTPS Redirect</span>
|
||
|
- <span class="org-string">"traefik.http.routers.http-catchall.entrypoints=http"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.http-catchall.middlewares=redirect-to-https"</span>
|
||
|
- <span class="org-string">"traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">HTTP Routers</span>
|
||
|
- <span class="org-string">"traefik.http.routers.traefik-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.traefik-rtr.rule=Host(`traefik.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.traefik-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.traefik-rtr.middlewares=authelia@docker"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.traefik-rtr.service=traefik-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.traefik-rtr.tls.domains[0].main=$DOMAINNAME"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.traefik-rtr.tls.domains[0].sans=*.$DOMAINNAME"</span>
|
||
|
- <span class="org-string">"traefik.http.services.traefik-svc.loadbalancer.server.port=8080"</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">Services - API</span>
|
||
|
- <span class="org-string">"traefik.http.routers.traefik-rtr.service=api@internal"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgd92c6fb" class="outline-4">
|
||
|
<h4 id="orgd92c6fb"><code>traefik.yaml</code></h4>
|
||
|
<div class="outline-text-4" id="text-orgd92c6fb">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"><span class="org-variable-name">global</span>:
|
||
|
<span class="org-variable-name">checkNewVersion</span>: <span class="org-constant">true</span>
|
||
|
<span class="org-variable-name">sendAnonymousUsage</span>: <span class="org-constant">false</span>
|
||
|
|
||
|
<span class="org-variable-name">entryPoints</span>:
|
||
|
<span class="org-variable-name">http</span>:
|
||
|
<span class="org-variable-name">address</span>: :80
|
||
|
<span class="org-variable-name">https</span>:
|
||
|
<span class="org-variable-name">address</span>: :443
|
||
|
<span class="org-variable-name">forwardedHeaders</span>:
|
||
|
<span class="org-variable-name">trustedIPs</span>: 173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/12,172.64.0.0/13,131.0.72.0/22
|
||
|
<span class="org-variable-name">synapse</span>:
|
||
|
<span class="org-variable-name">address</span>: :8448
|
||
|
|
||
|
<span class="org-variable-name">api</span>:
|
||
|
<span class="org-variable-name">dashboard</span>: <span class="org-constant">true</span>
|
||
|
|
||
|
<span class="org-variable-name">log</span>:
|
||
|
<span class="org-variable-name">level</span>: ERROR
|
||
|
|
||
|
<span class="org-variable-name">accessLog</span>:
|
||
|
<span class="org-variable-name">filePath</span>: /var/log/access.log
|
||
|
<span class="org-variable-name">filters</span>:
|
||
|
<span class="org-variable-name">statusCodes</span>: 400-499
|
||
|
|
||
|
<span class="org-variable-name">providers</span>:
|
||
|
<span class="org-variable-name">docker</span>:
|
||
|
<span class="org-variable-name">endpoint</span>: unix:///var/run/docker.sock
|
||
|
<span class="org-variable-name">defaultrule</span>: Host(`{{ index .Labels <span class="org-string">"com.docker.compose.service"</span> }}.$DOMAINNAME`)
|
||
|
<span class="org-variable-name">exposedByDefault</span>: <span class="org-constant">false</span>
|
||
|
<span class="org-variable-name">network</span>: t2_proxy
|
||
|
<span class="org-variable-name">swarmMode</span>: <span class="org-constant">false</span>
|
||
|
<span class="org-variable-name">file</span>:
|
||
|
<span class="org-variable-name">directory</span>: /rules
|
||
|
<span class="org-variable-name">watch</span>: <span class="org-constant">true</span>
|
||
|
|
||
|
<span class="org-variable-name">certificatesResolvers</span>:
|
||
|
<span class="org-variable-name">dns-cloudflare</span>:
|
||
|
<span class="org-variable-name">acme</span>:
|
||
|
<span class="org-variable-name">email</span>: $CLOUDFLARE_EMAIL
|
||
|
<span class="org-variable-name">storage</span>: /acme.json
|
||
|
<span class="org-variable-name">dnsChallenge</span>:
|
||
|
<span class="org-variable-name">provider</span>: cloudflare
|
||
|
<span class="org-variable-name">resolvers</span>: 1.1.1.1:53,1.0.0.1:53
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org01d80a6" class="outline-3">
|
||
|
<h3 id="org01d80a6"><code>authelia</code> - Single Sign-On Multi-Factor portal (<a href="https://github.com/authelia/authelia">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org01d80a6">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">authelia</span>:
|
||
|
<span class="org-variable-name">image</span>: authelia/authelia:4.30
|
||
|
<span class="org-variable-name">container_name</span>: authelia
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
- backend
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/authelia:/config
|
||
|
- /etc/timezone:/etc/timezone:ro
|
||
|
- /etc/localtime:/etc/localtime:ro
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
- AUTHELIA_NOTIFIER_SMTP_PASSWORD=$AUTHELIA_NOTIFIER_SMTP_PASSWORD
|
||
|
- AUTHELIA_JWT_SECRET=$AUTHELIA_JWT_SECRET
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.authelia-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.authelia-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.authelia-rtr.service=authelia-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.authelia-rtr.rule=Host(`login.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.services.authelia-svc.loadbalancer.server.port=9091"</span>
|
||
|
- <span class="org-string">"traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://login.$DOMAINNAME/"</span>
|
||
|
- <span class="org-string">"traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true"</span>
|
||
|
- <span class="org-string">"traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email"</span>
|
||
|
- <span class="org-string">"treafik.http.middlewares.chain-authelia.chain.middlewares=middlewares-rate-limit, middlewares-secure-headers, middlewares-authelia"</span>
|
||
|
- <span class="org-string">"traefik.docker.network=t2_proxy"</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgb0a0c87" class="outline-4">
|
||
|
<h4 id="orgb0a0c87"><code>configuration.yml</code></h4>
|
||
|
<div class="outline-text-4" id="text-orgb0a0c87">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"><span class="org-comment">---</span>
|
||
|
<span class="org-comment-delimiter">###############################################################</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">Authelia configuration #</span>
|
||
|
<span class="org-comment-delimiter">###############################################################</span>
|
||
|
|
||
|
<span class="org-variable-name">default_redirection_url</span>: https://authelia.tdehaeze.xyz
|
||
|
|
||
|
<span class="org-variable-name">server</span>:
|
||
|
<span class="org-variable-name">host</span>: 0.0.0.0
|
||
|
<span class="org-variable-name">port</span>: 9091
|
||
|
|
||
|
<span class="org-variable-name">log</span>:
|
||
|
<span class="org-variable-name">level</span>: debug
|
||
|
|
||
|
<span class="org-variable-name">totp</span>:
|
||
|
<span class="org-variable-name">issuer</span>: authelia.com
|
||
|
<span class="org-variable-name">period</span>: 30
|
||
|
<span class="org-variable-name">skew</span>: 1
|
||
|
|
||
|
<span class="org-variable-name">authentication_backend</span>:
|
||
|
<span class="org-variable-name">file</span>:
|
||
|
<span class="org-variable-name">path</span>: /config/users_database.yml
|
||
|
<span class="org-variable-name">password</span>:
|
||
|
<span class="org-variable-name">algorithm</span>: argon2id
|
||
|
<span class="org-variable-name">iterations</span>: 1
|
||
|
<span class="org-variable-name">salt_length</span>: 16
|
||
|
<span class="org-variable-name">parallelism</span>: 8
|
||
|
<span class="org-variable-name">memory</span>: 1024
|
||
|
|
||
|
<span class="org-variable-name">access_control</span>:
|
||
|
<span class="org-variable-name">default_policy</span>: deny
|
||
|
<span class="org-variable-name">rules</span>:
|
||
|
- <span class="org-variable-name">domain</span>: traefik.tdehaeze.xyz
|
||
|
<span class="org-variable-name">policy</span>: one_factor
|
||
|
<span class="org-variable-name">subject</span>:
|
||
|
- [<span class="org-string">"group:admins"</span>]
|
||
|
- <span class="org-variable-name">domain</span>: zigbee2mqttassistant.tdehaeze.xyz
|
||
|
<span class="org-variable-name">policy</span>: one_factor
|
||
|
<span class="org-variable-name">subject</span>:
|
||
|
- [<span class="org-string">"group:admins"</span>]
|
||
|
- <span class="org-variable-name">domain</span>: scrutiny.tdehaeze.xyz
|
||
|
<span class="org-variable-name">policy</span>: one_factor
|
||
|
<span class="org-variable-name">subject</span>:
|
||
|
- [<span class="org-string">"group:admins"</span>]
|
||
|
- <span class="org-variable-name">domain</span>: portainer.tdehaeze.xyz
|
||
|
<span class="org-variable-name">policy</span>: one_factor
|
||
|
<span class="org-variable-name">subject</span>:
|
||
|
- [<span class="org-string">"group:admins"</span>]
|
||
|
- <span class="org-variable-name">domain</span>: syncthing.tdehaeze.xyz
|
||
|
<span class="org-variable-name">policy</span>: one_factor
|
||
|
<span class="org-variable-name">subject</span>:
|
||
|
- [<span class="org-string">"group:admins"</span>]
|
||
|
- <span class="org-variable-name">domain</span>: octoprint.tdehaeze.xyz
|
||
|
<span class="org-variable-name">policy</span>: one_factor
|
||
|
<span class="org-variable-name">subject</span>:
|
||
|
- [<span class="org-string">"group:admins"</span>]
|
||
|
- <span class="org-variable-name">domain</span>: uptime.tdehaeze.xyz
|
||
|
<span class="org-variable-name">policy</span>: one_factor
|
||
|
<span class="org-variable-name">subject</span>:
|
||
|
- [<span class="org-string">"group:admins"</span>]
|
||
|
- <span class="org-variable-name">domain</span>: joal.tdehaeze.xyz
|
||
|
<span class="org-variable-name">policy</span>: one_factor
|
||
|
<span class="org-variable-name">subject</span>:
|
||
|
- [<span class="org-string">"group:admins"</span>]
|
||
|
- <span class="org-variable-name">domain</span>: down.tdehaeze.xyz
|
||
|
<span class="org-variable-name">policy</span>: one_factor
|
||
|
<span class="org-variable-name">subject</span>:
|
||
|
- [<span class="org-string">"group:admins"</span>]
|
||
|
- [<span class="org-string">"group:friends"</span>]
|
||
|
- [<span class="org-string">"group:family"</span>]
|
||
|
- <span class="org-variable-name">domain</span>: qobuz.tdehaeze.xyz
|
||
|
<span class="org-variable-name">policy</span>: one_factor
|
||
|
<span class="org-variable-name">subject</span>:
|
||
|
- [<span class="org-string">"group:admins"</span>]
|
||
|
- [<span class="org-string">"group:friends"</span>]
|
||
|
- [<span class="org-string">"group:family"</span>]
|
||
|
|
||
|
<span class="org-variable-name">session</span>:
|
||
|
<span class="org-variable-name">name</span>: authelia_session
|
||
|
<span class="org-variable-name">expiration</span>: 3600
|
||
|
<span class="org-variable-name">inactivity</span>: 300
|
||
|
<span class="org-variable-name">domain</span>: tdehaeze.xyz
|
||
|
|
||
|
<span class="org-variable-name">regulation</span>:
|
||
|
<span class="org-variable-name">max_retries</span>: 3
|
||
|
<span class="org-variable-name">find_time</span>: 120
|
||
|
<span class="org-variable-name">ban_time</span>: 300
|
||
|
|
||
|
<span class="org-variable-name">storage</span>:
|
||
|
<span class="org-variable-name">local</span>:
|
||
|
<span class="org-variable-name">path</span>: /config/db.sqlite3
|
||
|
|
||
|
<span class="org-variable-name">notifier</span>:
|
||
|
<span class="org-variable-name">smtp</span>:
|
||
|
<span class="org-variable-name">username</span>: tdehaeze.xyz@gmail.com
|
||
|
<span class="org-variable-name">host</span>: smtp.gmail.com
|
||
|
<span class="org-variable-name">port</span>: 587
|
||
|
<span class="org-variable-name">sender</span>: tdehaeze.xyz@gmail.com
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgd4fd48d" class="outline-3">
|
||
|
<h3 id="orgd4fd48d"><code>lldap</code> - LDAP Server (<a href="https://github.com/nitnelave/lldap">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-orgd4fd48d">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">lldap</span>:
|
||
|
<span class="org-variable-name">image</span>: nitnelave/lldap
|
||
|
<span class="org-variable-name">container_name</span>: lldap
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
- backend
|
||
|
<span class="org-variable-name">ports</span>:
|
||
|
- 3890:3890
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/lldap:/data
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.lldap-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.lldap-rtr.rule=Host(`lldap.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.lldap-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.lldap-rtr.service=lldap-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.lldap-rtr.middlewares=authelia@docker"</span>
|
||
|
- <span class="org-string">"traefik.http.services.lldap-svc.loadbalancer.server.port=17170"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org6b7ce0a" class="outline-3">
|
||
|
<h3 id="org6b7ce0a"><code>gotify</code> - Notification service (<a href="https://github.com/gotify/server">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org6b7ce0a">
|
||
|
<p>
|
||
|
In order to have notifications on Linux desktop use <a href="https://github.com/ztpnk/gotify-dunst">gotify-dunst</a>.
|
||
|
</p>
|
||
|
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">gotify</span>:
|
||
|
<span class="org-variable-name">container_name</span>: gotify
|
||
|
<span class="org-variable-name">image</span>: gotify/server
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
- GOTIFY_DEFAULTUSER_NAME=$GOTIFY_DEFAULTUSER_NAME
|
||
|
- GOTIFY_DEFAULTUSER_PASS=$GOTIFY_DEFAULTUSER_PASS
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/gotify:/app/data
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.gotify-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.gotify-rtr.rule=Host(`gotify.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.gotify-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.gotify-rtr.service=gotify-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.gotify-svc.loadbalancer.server.port=80"</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org4f32269" class="outline-3">
|
||
|
<h3 id="org4f32269"><code>nginx</code> - Root (used for Matrix)</h3>
|
||
|
<div class="outline-text-3" id="text-org4f32269">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">root</span>:
|
||
|
<span class="org-variable-name">container_name</span>: root
|
||
|
<span class="org-variable-name">image</span>: nginx
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/root/nginx.conf:/etc/nginx/nginx.conf
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.root-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.root-rtr.rule=Host(`$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.root-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.root-rtr.service=root-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.root-svc.loadbalancer.server.port=8080"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org60502ee" class="outline-4">
|
||
|
<h4 id="org60502ee"><code>nginx.conf</code></h4>
|
||
|
<div class="outline-text-4" id="text-org60502ee">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-conf"><span class="org-type">events</span> {
|
||
|
|
||
|
}
|
||
|
|
||
|
<span class="org-type">http</span> {
|
||
|
<span class="org-type">server</span> {
|
||
|
server_name tdehaeze.xyz;
|
||
|
listen <span class="org-highlight-numbers-number">8080</span>;
|
||
|
|
||
|
<span class="org-type">location /.well-known/matrix/client</span> {
|
||
|
proxy_pass https://matrix.tdehaeze.xyz/.well-known/matrix/client;
|
||
|
proxy_set_header X-Forwarded-For $remote_addr;
|
||
|
}
|
||
|
|
||
|
<span class="org-type">location /.well-known/matrix/server</span> {
|
||
|
proxy_pass https://matrix.tdehaeze.xyz/.well-known/matrix/server;
|
||
|
proxy_set_header X-Forwarded-For $remote_addr;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org9525168" class="outline-3">
|
||
|
<h3 id="org9525168"><code>homer</code> - Home page (<a href="https://github.com/bastienwirtz/homer">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org9525168">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">homer</span>:
|
||
|
<span class="org-variable-name">container_name</span>: homer
|
||
|
<span class="org-variable-name">image</span>: b4bz/homer
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- UID=$PUID
|
||
|
- GID=$PGID
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/homer/assets/:/www/assets
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.homer-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.homer-rtr.rule=Host(`homer.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.homer-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.homer-rtr.service=homer-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.homer-svc.loadbalancer.server.port=8080"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgcdbaa2f" class="outline-4">
|
||
|
<h4 id="orgcdbaa2f"><code>config.yml</code></h4>
|
||
|
<div class="outline-text-4" id="text-orgcdbaa2f">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"><span class="org-comment">---</span>
|
||
|
<span class="org-variable-name">title</span>: <span class="org-string">"Homepage"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">""</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"assets/homer.png"</span>
|
||
|
<span class="org-variable-name">header</span>: <span class="org-constant">false</span>
|
||
|
<span class="org-variable-name">footer</span>: <span class="org-constant">false</span>
|
||
|
|
||
|
<span class="org-variable-name">columns</span>: <span class="org-string">"auto"</span>
|
||
|
<span class="org-variable-name">connectivityCheck</span>: <span class="org-constant">false</span>
|
||
|
|
||
|
<span class="org-variable-name">theme</span>: default
|
||
|
|
||
|
<span class="org-variable-name">links</span>: []
|
||
|
|
||
|
<span class="org-variable-name">services</span>:
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Websites"</span>
|
||
|
<span class="org-variable-name">icon</span>: <span class="org-string">"fas fa-desktop"</span>
|
||
|
<span class="org-variable-name">items</span>:
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Brain"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/brain.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Digital Brain"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://brain.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Wiki"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/wikijs.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Shared Wiki"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://wiki.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Research"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/orgmode.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Research Pages"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://research.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Dotfiles"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/dotfiles.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"My Literate Dotfiles"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://dotfiles.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Miam"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/miam.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Personnal Recipes"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://miam.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Multimedia"</span>
|
||
|
<span class="org-variable-name">icon</span>: <span class="org-string">"fas fa-photo-video"</span>
|
||
|
<span class="org-variable-name">items</span>:
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Jellyfin"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/jellyfin.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Media Library"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://jellyfin.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Kavita"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/kavita.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Book Library"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://kavita.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Cloud"</span>
|
||
|
<span class="org-variable-name">icon</span>: <span class="org-string">"fas fa-cloud"</span>
|
||
|
<span class="org-variable-name">items</span>:
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"File Browser"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/cloud.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Simple Personnal Could"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://cloud.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Syncthing"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/syncthing.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"P2P Sync"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://syncthing.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Radicale"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/radicale.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"CalDAV/CardDAV Server"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://radicale.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Miniflux"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/miniflux.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"RSS Feeds"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://rss.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Gitea"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/gitea.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Git Server"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://git.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Download"</span>
|
||
|
<span class="org-variable-name">icon</span>: <span class="org-string">"fas fa-download"</span>
|
||
|
<span class="org-variable-name">items</span>:
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Down"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/down.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Torrent Download"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://down.tdehaeze.xyz/"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Qobuz"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Music Download"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/qobuz.png"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://qobuz.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Transmission"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/transmission.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Torrent Client"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"http://torrent.tdehaeze.xyz:9091/transmission/web/"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Joal"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/joal.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Increase Ratio"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://joal.tdehaeze.xyz/joal/ui/#/"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Config"</span>
|
||
|
<span class="org-variable-name">icon</span>: <span class="org-string">"fas fa-cog"</span>
|
||
|
<span class="org-variable-name">items</span>:
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Portainer"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/portainer.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Manger Docker"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://portainer.tdehaeze.xyz/#/containers"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Traefik"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/traefik.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Reverse Proxy"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://traefik.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Uptime"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/uptime.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Monitoring"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://uptime.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Commento"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/commento.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Commenting System"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://commento.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Gotify"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/gotify.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Messaging System"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://gotify.tdehaeze.xyz"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Scrutiny"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/scrutiny.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"S.M.A.R.T"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"http://scrutiny.tdehaeze.xyz/web/dashboard"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Home"</span>
|
||
|
<span class="org-variable-name">icon</span>: <span class="org-string">"fas fa-home"</span>
|
||
|
<span class="org-variable-name">items</span>:
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"OpenWRT"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/openwrt.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Router"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"http://192.168.1.1/"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Home Assistant"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/homeassistant.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Home Assistant"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"http://home.tdehaeze.xyz:8123"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"Zigbee2MQTT"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/zigbee2mqtt.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"Zigbee2MQTT Assistant"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://zigbee2mqttassistant.tdehaeze.xyz/"</span>
|
||
|
- <span class="org-variable-name">name</span>: <span class="org-string">"OctoPrint"</span>
|
||
|
<span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/octoprint.png"</span>
|
||
|
<span class="org-variable-name">subtitle</span>: <span class="org-string">"3D-Printing"</span>
|
||
|
<span class="org-variable-name">url</span>: <span class="org-string">"https://octoprint.tdehaeze.xyz/"</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org69410ad" class="outline-3">
|
||
|
<h3 id="org69410ad"><code>snapraid</code> - Manage local backup with parity disk (<a href="https://github.com/amadvance/snapraid">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org69410ad">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">snapraid</span>:
|
||
|
<span class="org-variable-name">container_name</span>: snapraid
|
||
|
<span class="org-variable-name">image</span>: xagaba/snapraid
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">privileged</span>: <span class="org-constant">true</span>
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- /mnt:/mnt
|
||
|
- $CONFIGDIR/snapraid:/config
|
||
|
- <span class="org-variable-name">type</span>: <span class="org-string">"bind"</span>
|
||
|
<span class="org-variable-name">source</span>: /dev/disk
|
||
|
<span class="org-variable-name">target</span>: /dev/disk
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org268eb95" class="outline-4">
|
||
|
<h4 id="org268eb95"><code>snapraid.conf</code></h4>
|
||
|
<div class="outline-text-4" id="text-org268eb95">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-conf"><span class="org-comment-delimiter"># </span><span class="org-comment">Defines the file to use as parity storage</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">It must NOT be in a data disk</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">Format: "parity FILE_PATH"</span>
|
||
|
parity /mnt/parity/snapraid.parity
|
||
|
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">Defines the files to use as content list</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">You can use multiple specification to store more copies</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">You must have least one copy for each parity file plus one. Some more don't</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">hurt</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">They can be in the disks used for data, parity or boot,</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">but each file must be in a different disk</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">Format: "content FILE_PATH"</span>
|
||
|
content /var/snapraid.content
|
||
|
content /mnt/disk0/.snapraid.content
|
||
|
content /mnt/disk1/.snapraid.content
|
||
|
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">Defines the data disks to use</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">The order is relevant for parity, do not change it</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">Format: "disk DISK_NAME DISK_MOUNT_POINT"</span>
|
||
|
disk d0 /mnt/disk0
|
||
|
disk d1 /mnt/disk1
|
||
|
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">Excludes hidden files and directories (uncomment to enable).</span>
|
||
|
<span class="org-comment-delimiter">#</span><span class="org-comment">nohidden</span>
|
||
|
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">Defines files and directories to exclude</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">Remember that all the paths are relative at the mount points</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">Format: "exclude FILE"</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">Format: "exclude DIR/"</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">Format: "exclude /PATH/FILE"</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">Format: "exclude /PATH/DIR/"</span>
|
||
|
exclude *.unrecoverable
|
||
|
exclude /tmp/
|
||
|
exclude /lost+found/
|
||
|
exclude *.!sync
|
||
|
exclude .AppleDouble
|
||
|
exclude ._AppleDouble
|
||
|
exclude .DS_Store
|
||
|
exclude ._.DS_Store
|
||
|
exclude .Thumbs.db
|
||
|
exclude .fseventsd
|
||
|
exclude .Spotlight-V100
|
||
|
exclude .TemporaryItems
|
||
|
exclude .Trashes
|
||
|
exclude .AppleDB
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgd08790b" class="outline-4">
|
||
|
<h4 id="orgd08790b"><code>snapraid-runner.conf</code></h4>
|
||
|
<div class="outline-text-4" id="text-orgd08790b">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-conf">[<span class="org-type">snapraid</span>]
|
||
|
; path to the snapraid executable (e.g. /bin/snapraid)
|
||
|
<span class="org-variable-name">executable</span> = /usr/bin/snapraid
|
||
|
; path to the snapraid config to be used
|
||
|
<span class="org-variable-name">config</span> = /config/snapraid.conf
|
||
|
; abort operation if there are more deletes than this, set to -1 to disable
|
||
|
<span class="org-variable-name">deletethreshold</span> = -1
|
||
|
; if you want touch to be ran each time
|
||
|
<span class="org-variable-name">touch</span> = false
|
||
|
|
||
|
[<span class="org-type">logging</span>]
|
||
|
; logfile to write to, leave empty to disable
|
||
|
<span class="org-variable-name">file</span> = /config/snapraid.log
|
||
|
; maximum logfile size in KiB, leave empty for infinite
|
||
|
<span class="org-variable-name">maxsize</span> = <span class="org-highlight-numbers-number">5000</span>
|
||
|
|
||
|
; [email]
|
||
|
; ; when to send an email, comma-separated list of [success, error]
|
||
|
<span class="org-variable-name">; sendon</span> = success,error
|
||
|
; ; set to false to get full programm output via email
|
||
|
<span class="org-variable-name">; short</span> = true
|
||
|
<span class="org-variable-name">; subject</span> = [SnapRAID] Status Report:
|
||
|
<span class="org-variable-name">; from</span> =
|
||
|
<span class="org-variable-name">; to</span> =
|
||
|
; ; maximum email size in KiB
|
||
|
<span class="org-variable-name">; maxsize</span> = <span class="org-highlight-numbers-number">500</span>
|
||
|
;
|
||
|
; [smtp]
|
||
|
<span class="org-variable-name">; host</span> =
|
||
|
; ; leave empty for default port
|
||
|
<span class="org-variable-name">; port</span> =
|
||
|
; ; set to <span class="org-string">"true"</span> to activate
|
||
|
<span class="org-variable-name">; ssl</span> = false
|
||
|
<span class="org-variable-name">; tls</span> = false
|
||
|
<span class="org-variable-name">; user</span> =
|
||
|
<span class="org-variable-name">; password</span> =
|
||
|
|
||
|
[<span class="org-type">scrub</span>]
|
||
|
; set to true to run scrub after sync
|
||
|
<span class="org-variable-name">enabled</span> = false
|
||
|
<span class="org-variable-name">percentage</span> = <span class="org-highlight-numbers-number">12</span>
|
||
|
<span class="org-variable-name">older-than</span> = <span class="org-highlight-numbers-number">10</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
|
||
|
<div id="outline-container-orgca71b98" class="outline-3">
|
||
|
<h3 id="orgca71b98"><code>portainer</code> - Manage docker (<a href="https://github.com/portainer/portainer">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-orgca71b98">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">portainer</span>:
|
||
|
<span class="org-variable-name">container_name</span>: portainer
|
||
|
<span class="org-variable-name">image</span>: portainer/portainer
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">command</span>: -H unix:///var/run/docker.sock
|
||
|
<span class="org-variable-name">command</span>: --no-auth
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">security_opt</span>:
|
||
|
- no-new-privileges:true
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||
|
- $CONFIGDIR/portainer:/data
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.portainer-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.portainer-rtr.rule=Host(`portainer.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.portainer-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.portainer-rtr.service=portainer-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.portainer-rtr.middlewares=authelia@docker"</span>
|
||
|
- <span class="org-string">"traefik.http.services.portainer-svc.loadbalancer.server.port=9000"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgb5bc8f7" class="outline-3">
|
||
|
<h3 id="orgb5bc8f7"><code>wireguard</code> - VPN (<a href="https://github.com/linuxserver/docker-wireguard">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-orgb5bc8f7">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">wireguard</span>:
|
||
|
<span class="org-variable-name">container_name</span>: wireguard
|
||
|
<span class="org-variable-name">image</span>: linuxserver/wireguard
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">cap_add</span>:
|
||
|
- NET_ADMIN
|
||
|
- SYS_MODULE
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
- SERVERURL=wireguard.tdehaeze.xyz
|
||
|
- SERVERPORT=51820
|
||
|
- PEERS=3
|
||
|
- PEERDNS=auto
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/wireguard:/config
|
||
|
- /lib/modules:/lib/modules
|
||
|
<span class="org-variable-name">ports</span>:
|
||
|
- 51820:51820/udp
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org5bd5b68" class="outline-3">
|
||
|
<h3 id="org5bd5b68"><code>gluetun</code> - Provide VPN connection to other containers (<a href="https://github.com/bubuntux/nordvpn">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org5bd5b68">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">gluetun</span>:
|
||
|
<span class="org-variable-name">image</span>: qmcgaw/gluetun
|
||
|
<span class="org-variable-name">container_name</span>: gluetun
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">cap_add</span>:
|
||
|
- NET_ADMIN
|
||
|
<span class="org-variable-name">network_mode</span>: bridge
|
||
|
<span class="org-variable-name">ports</span>:
|
||
|
- 8065:8065 <span class="org-comment-delimiter"># </span><span class="org-comment">For transmission</span>
|
||
|
- 9091:9091 <span class="org-comment-delimiter"># </span><span class="org-comment">For transmission</span>
|
||
|
- 51413:51413 <span class="org-comment-delimiter"># </span><span class="org-comment">For transmission</span>
|
||
|
- 51413:51413/udp <span class="org-comment-delimiter"># </span><span class="org-comment">For transmission</span>
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- OPENVPN_USER=$NORDVPN_NAME
|
||
|
- OPENVPN_PASSWORD=$NORDVPN_PASS
|
||
|
- VPNSP=nordvpn
|
||
|
- REGION=France
|
||
|
- SERVER_NUMBER=776
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/gluetun:/config
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org25595ca" class="outline-3">
|
||
|
<h3 id="org25595ca"><code>transmission</code> - Torrent client (<a href="https://hub.docker.com/r/linuxserver/transmission">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org25595ca">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">transmission</span>:
|
||
|
<span class="org-variable-name">container_name</span>: transmission
|
||
|
<span class="org-variable-name">image</span>: ghcr.io/linuxserver/transmission
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">network_mode</span>: container:gluetun
|
||
|
<span class="org-variable-name">depends_on</span>:
|
||
|
- gluetun
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
- USER=$TRANSMISSION_NAME
|
||
|
- PASS=$TRANSMISSION_PASS
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/transmission:/config
|
||
|
- /srv/storage/Downloads:/downloads
|
||
|
- /srv/storage/Downloads/watch:/watch
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org8381c5f" class="outline-3">
|
||
|
<h3 id="org8381c5f"><code>gitea</code> - Git server (<a href="https://github.com/go-gitea/gitea">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org8381c5f">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">gitea</span>:
|
||
|
<span class="org-variable-name">container_name</span>: git
|
||
|
<span class="org-variable-name">image</span>: gitea/gitea:1.13.2
|
||
|
<span class="org-variable-name">depends_on</span>:
|
||
|
- gitea_db
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
- backend
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/gitea:/data
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
- SSH_PORT=$GITEA_SSH_PORT
|
||
|
<span class="org-variable-name">ports</span>:
|
||
|
- <span class="org-string">"2222:22"</span>
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.git-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.git-rtr.rule=Host(`git.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.git-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.git-rtr.service=git-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.git-svc.loadbalancer.server.port=3000"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">gitea_db</span>:
|
||
|
<span class="org-variable-name">container_name</span>: gitea_db
|
||
|
<span class="org-variable-name">image</span>: mariadb:10
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- backend
|
||
|
<span class="org-variable-name">ports</span>:
|
||
|
- 3306:3306
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- MYSQL_ROOT_PASSWORD=$GITEA_DB_MYSQL_ROOT_PASSWORD
|
||
|
- MYSQL_DATABASE=gitea
|
||
|
- MYSQL_USER=gitea
|
||
|
- MYSQL_PASSWORD=$GITEA_DB_MYSQL_PASSWORD
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/mariadb:/var/lib/mysql
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org1932d9e" class="outline-3">
|
||
|
<h3 id="org1932d9e"><code>wikijs</code> - Wiki App (<a href="https://github.com/Requarks/wiki">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org1932d9e">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">wikijs</span>:
|
||
|
<span class="org-variable-name">image</span>: ghcr.io/linuxserver/wikijs:version-2.5.201
|
||
|
<span class="org-variable-name">container_name</span>: wikijs
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/wikijs/config:/config
|
||
|
- $CONFIGDIR/wikijs/data:/data
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.wikijs-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.wikijs-rtr.rule=Host(`wiki.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.wikijs-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.wikijs-rtr.service=wikijs-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.wikijs-svc.loadbalancer.server.port=3000"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org41419ce" class="outline-3">
|
||
|
<h3 id="org41419ce"><code>research</code> - Research Pages (<a href="https://git.tdehaeze.xyz/tdehaeze/research-home-page">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org41419ce">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">caddy</span>:
|
||
|
<span class="org-variable-name">container_name</span>: caddy
|
||
|
<span class="org-variable-name">image</span>: abiosoft/caddy:1.0.3-no-stats
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
- PLUGINS=git
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/caddy/Caddyfile:/etc/Caddyfile
|
||
|
- $CONFIGDIR/web:/srv
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">- ~/.ssh:/root/.ssh</span>
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.caddy-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.caddy-rtr.rule=Host(`research.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.caddy-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.caddy-rtr.service=caddy-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.caddy-svc.loadbalancer.server.port=2015"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org842c7ec" class="outline-4">
|
||
|
<h4 id="org842c7ec"><code>Caddyfile</code></h4>
|
||
|
<div class="outline-text-4" id="text-org842c7ec">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-conf">0.0.0.0:<span class="org-highlight-numbers-number">2015</span> {
|
||
|
root /srv/www/
|
||
|
|
||
|
<span class="org-type">git</span> {
|
||
|
repo https://git.tdehaeze.xyz/tdehaeze/research-home-page
|
||
|
path /srv/www/
|
||
|
interval -1
|
||
|
hook /research-home-page/webhook QHZgAKjD8q2v54Ru
|
||
|
then git submodule update --init --recursive --merge
|
||
|
}
|
||
|
}
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org6319523" class="outline-3">
|
||
|
<h3 id="org6319523"><code>dotfiles</code> - Dotfiles (<a href="https://git.tdehaeze.xyz/tdehaeze/literate-dotfiles">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org6319523">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">dotfiles</span>:
|
||
|
<span class="org-variable-name">container_name</span>: dotfiles
|
||
|
<span class="org-variable-name">image</span>: abiosoft/caddy:1.0.3-no-stats
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
- PLUGINS=git
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/dotfiles/Caddyfile:/etc/Caddyfile
|
||
|
- $CONFIGDIR/dotfiles/www:/srv/www
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.dotfiles-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.dotfiles-rtr.rule=Host(`dotfiles.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.dotfiles-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.dotfiles-rtr.service=dotfiles-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.dotfiles-svc.loadbalancer.server.port=2015"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgfc0a576" class="outline-4">
|
||
|
<h4 id="orgfc0a576"><code>Caddyfile</code></h4>
|
||
|
<div class="outline-text-4" id="text-orgfc0a576">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-conf">0.0.0.0:<span class="org-highlight-numbers-number">2015</span> {
|
||
|
root /srv/www/docs/
|
||
|
|
||
|
<span class="org-type">git</span> {
|
||
|
repo https://git.tdehaeze.xyz/tdehaeze/literate-dotfiles
|
||
|
path /srv/www/
|
||
|
interval -1
|
||
|
hook /literate-dotfiles/webhook QHZgAKjD8q2v54Ru
|
||
|
}
|
||
|
}
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org56db687" class="outline-3">
|
||
|
<h3 id="org56db687"><code>hugo</code> - Wiki + Blog (<a href="https://git.tdehaeze.xyz/tdehaeze/digital-brain">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org56db687">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">hugo</span>:
|
||
|
<span class="org-variable-name">container_name</span>: hugo
|
||
|
<span class="org-variable-name">image</span>: tdehaeze/hugo-caddy
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- REPO=git.tdehaeze.xyz/tdehaeze/digital-brain
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.hugo-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.hugo-rtr.rule=Host(`brain.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.hugo-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.hugo-rtr.service=hugo-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.hugo-svc.loadbalancer.server.port=2015"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org7d0630e" class="outline-3">
|
||
|
<h3 id="org7d0630e"><code>syncthing</code> - File Synchronization (<a href="https://hub.docker.com/r/linuxserver/syncthing">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org7d0630e">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">syncthing</span>:
|
||
|
<span class="org-variable-name">container_name</span>: syncthing
|
||
|
<span class="org-variable-name">image</span>: linuxserver/syncthing
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
- UMASK_SET=022
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/syncthing:/config
|
||
|
- /srv/storage/Cloud:/Cloud
|
||
|
- /srv/storage/Cloud/pictures/phone:/Pictures
|
||
|
- /srv/storage/Cloud/pdfs:/Onyx/Download
|
||
|
- /srv/storage/Cloud/pdfs-notes:/Onyx/note
|
||
|
- /srv/storage/Cloud/.stfolder:/Onyx/.stfolder
|
||
|
- /srv/storage/.password-store:/.password-store
|
||
|
<span class="org-variable-name">ports</span>:
|
||
|
- 22000:22000
|
||
|
- 21027:21027/udp
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.syncthing-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.syncthing-rtr.rule=Host(`syncthing.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.syncthing-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.syncthing-rtr.service=syncthing-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.syncthing-rtr.middlewares=authelia@docker"</span>
|
||
|
- <span class="org-string">"traefik.http.services.syncthing-svc.loadbalancer.server.port=8384"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgba9af47" class="outline-3">
|
||
|
<h3 id="orgba9af47"><code>miniflux</code> - RSS reader (<a href="https://hub.docker.com/r/miniflux/miniflux">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-orgba9af47">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">miniflux</span>:
|
||
|
<span class="org-variable-name">container_name</span>: miniflux
|
||
|
<span class="org-variable-name">image</span>: miniflux/miniflux
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
- backend
|
||
|
<span class="org-variable-name">depends_on</span>:
|
||
|
- miniflux_db
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- DATABASE_URL=postgres://miniflux:SCJWWXqHwehP7f8g@miniflux_db/miniflux?sslmode=disable
|
||
|
- RUN_MIGRATIONS=1
|
||
|
- CREATE_ADMIN=1
|
||
|
- ADMIN_USERNAME=$MINIFLUX_ADMIN_NAME
|
||
|
- ADMIN_PASSWORD=$MINIFLUX_ADMIN_PASS
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.miniflux-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.miniflux-rtr.rule=Host(`rss.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.miniflux-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.miniflux-rtr.service=miniflux-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.miniflux-svc.loadbalancer.server.port=8080"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">miniflux_db</span>:
|
||
|
<span class="org-variable-name">container_name</span>: miniflux_db
|
||
|
<span class="org-variable-name">image</span>: postgres:12
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- backend
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- POSTGRES_USER=miniflux
|
||
|
- POSTGRES_PASSWORD=$MINIFLUX_POSTGRES_PASSWORD
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/miniflux_db:/var/lib/postgresql/data
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orga0b0d17" class="outline-3">
|
||
|
<h3 id="orga0b0d17"><code>homeassistant</code> - Home Automation (<a href="https://hub.docker.com/r/homeassistant/home-assistant">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-orga0b0d17">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">homeassistant</span>:
|
||
|
<span class="org-variable-name">container_name</span>: homeassistant
|
||
|
<span class="org-variable-name">image</span>: homeassistant/home-assistant
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-comment-delimiter">#</span><span class="org-comment">networks:</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">- t2_proxy</span>
|
||
|
<span class="org-comment-delimiter">#</span><span class="org-comment">ports:</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">- target: 8123</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">published: 8123</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">protocol: tcp</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">mode: host</span>
|
||
|
<span class="org-variable-name">privileged</span>: <span class="org-constant">true</span>
|
||
|
<span class="org-variable-name">ports</span>:
|
||
|
- 8123:8123
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">network_mode: host</span>
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/homeassistant:/config
|
||
|
- /etc/localtime:/etc/localtime:ro
|
||
|
- /dev/bus/usb:/dev/bus/usb
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.homeassistant-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.homeassistant-rtr.rule=Host(`home.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.homeassistant-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.homeassistant-rtr.service=homeassistant-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.homeassistant-svc.loadbalancer.server.port=8123"</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">- "traefik.http.services.homeassistant-svc.loadbalancer.servers.url=http://172.17.0.1:8123"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org2f6aaaf" class="outline-3">
|
||
|
<h3 id="org2f6aaaf"><code>jellyfin</code> - Media server (<a href="https://hub.docker.com/r/linuxserver/jellyfin">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org2f6aaaf">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">jellyfin</span>:
|
||
|
<span class="org-variable-name">container_name</span>: jellyfin
|
||
|
<span class="org-variable-name">image</span>: linuxserver/jellyfin
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/jellyfin:/config
|
||
|
- /srv/storage/TVShows:/data/tvshows
|
||
|
- /srv/storage/Documentaries:/data/documentaries
|
||
|
- /srv/storage/LiveMusic:/data/livemusic
|
||
|
- /srv/storage/Animes:/data/animes
|
||
|
- /srv/storage/Movies:/data/movies
|
||
|
- /srv/storage/Music:/data/music
|
||
|
- /srv/storage/StandUp:/data/standup
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">group-add</span>:
|
||
|
- 109
|
||
|
<span class="org-variable-name">devices</span>:
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">VAAPI Devices</span>
|
||
|
- /dev/dri/renderD128:/dev/dri/renderD128
|
||
|
- /dev/dri/card0:/dev/dri/card0
|
||
|
<span class="org-variable-name">ports</span>:
|
||
|
- 8096:8096
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.jellyfin-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.jellyfin-rtr.rule=Host(`jellyfin.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.jellyfin-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.jellyfin-rtr.service=jellyfin-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.jellyfin-svc.loadbalancer.server.port=8096"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgc123881" class="outline-3">
|
||
|
<h3 id="orgc123881"><code>jfa-go</code> - Manage Jellyfin Users (<a href="https://github.com/hrfee/jfa-go">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-orgc123881">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">jfa</span>:
|
||
|
<span class="org-variable-name">container_name</span>: jfa
|
||
|
<span class="org-variable-name">image</span>: hrfee/jfa-go
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">depends_on</span>:
|
||
|
- jellyfin
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/jfa:/data
|
||
|
- $CONFIGDIR/jellyfin:/jf
|
||
|
- /etc/localtime:/etc/localtime:ro
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.jfa-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.jfa-rtr.rule=Host(`jfa.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.jfa-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.jfa-rtr.service=jfa-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.jfa-svc.loadbalancer.server.port=8056"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org5e8e039" class="outline-3">
|
||
|
<h3 id="org5e8e039"><code>audioserve</code> - Audiobook server (<a href="https://github.com/izderadicka/audioserve">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org5e8e039">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">audioserve</span>:
|
||
|
<span class="org-variable-name">container_name</span>: audioserve
|
||
|
<span class="org-variable-name">image</span>: izderadicka/audioserve
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">command</span>: /audiobooks
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
- AUDIOSERVE_SHARED_SECRET=$AUDIOSERVE_SHARED_SECRET
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- /srv/storage/AudioBooks:/audiobooks
|
||
|
- /etc/localtime:/etc/localtime:ro
|
||
|
- $CONFIGDIR/audioserve:/home/audioserve/.audioserve
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.audioserve-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.audioserve-rtr.rule=Host(`audiobook.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.audioserve-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.audioserve-rtr.service=audioserve-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.audioserve-svc.loadbalancer.server.port=3000"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgfda7376" class="outline-3">
|
||
|
<h3 id="orgfda7376"><code>filebrowser</code> - Web file browser (<a href="https://hub.docker.com/r/filebrowser/filebrowser">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-orgfda7376">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">filebrowser</span>:
|
||
|
<span class="org-variable-name">container_name</span>: filebrowser
|
||
|
<span class="org-variable-name">image</span>: filebrowser/filebrowser
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/filebrowser/database.db:/database.db
|
||
|
- $CONFIGDIR/filebrowser/.filebrowser.json:/.filebrowser.json
|
||
|
- /srv/storage:/srv/storage
|
||
|
<span class="org-variable-name">user</span>: <span class="org-string">"${PUID}:${PGID}"</span>
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.filebrowser-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.filebrowser-rtr.rule=Host(`cloud.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.filebrowser-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.filebrowser-rtr.service=filebrowser-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.filebrowser-svc.loadbalancer.server.port=80"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orga0657d6" class="outline-4">
|
||
|
<h4 id="orga0657d6"><code>.filebrowser.json</code></h4>
|
||
|
<div class="outline-text-4" id="text-orga0657d6">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-json">{
|
||
|
<span class="org-keyword">"port"</span>: <span class="org-highlight-numbers-number">80</span>,
|
||
|
<span class="org-keyword">"baseURL"</span>: <span class="org-string">""</span>,
|
||
|
<span class="org-keyword">"address"</span>: <span class="org-string">""</span>,
|
||
|
<span class="org-keyword">"log"</span>: <span class="org-string">"stdout"</span>,
|
||
|
<span class="org-keyword">"database"</span>: <span class="org-string">"/database.db"</span>,
|
||
|
<span class="org-keyword">"root"</span>: <span class="org-string">"/srv/storage"</span>
|
||
|
}
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org38dd59c" class="outline-3">
|
||
|
<h3 id="org38dd59c"><code>scrutiny</code> - Hard drive monitoring (<a href="https://hub.docker.com/r/hotio/scrutiny">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org38dd59c">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">scrutiny</span>:
|
||
|
<span class="org-variable-name">container_name</span>: scrutiny
|
||
|
<span class="org-variable-name">image</span>: linuxserver/scrutiny
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">cap_add</span>:
|
||
|
- SYS_RAWIO
|
||
|
- SYS_ADMIN
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
- SCRUTINY_WEB=true
|
||
|
- SCRUTINY_COLLECTOR=false
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/scrutiny:/config
|
||
|
- /run/udev:/run/udev:ro
|
||
|
<span class="org-variable-name">devices</span>:
|
||
|
- /dev/sda:/dev/sda
|
||
|
- /dev/sdb:/dev/sdb
|
||
|
- /dev/sdc:/dev/sdc
|
||
|
- /dev/sdd:/dev/sdd
|
||
|
- /dev/nvme0n1:/dev/nvme0n1
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.scrutiny-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.scrutiny-rtr.rule=Host(`scrutiny.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.scrutiny-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.scrutiny-rtr.service=scrutiny-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.scrutiny-rtr.middlewares=authelia@docker"</span>
|
||
|
- <span class="org-string">"traefik.http.services.scrutiny-svc.loadbalancer.server.port=8080"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgd459bfa" class="outline-3">
|
||
|
<h3 id="orgd459bfa"><code>radicale</code> - CalDAV/CardDAV server (<a href="https://github.com/tomsquest/docker-radicale">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-orgd459bfa">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">radicale</span>:
|
||
|
<span class="org-variable-name">container_name</span>: radicale
|
||
|
<span class="org-variable-name">image</span>: tomsquest/docker-radicale:latest
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/radicale/config:/config:ro
|
||
|
- $CONFIGDIR/radicale/data:/data
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- TZ=$TZ
|
||
|
- UID=$PUID
|
||
|
- GID=$PGID
|
||
|
<span class="org-variable-name">security_opt</span>:
|
||
|
- no-new-privileges:true
|
||
|
<span class="org-variable-name">cap_drop</span>:
|
||
|
- ALL
|
||
|
<span class="org-variable-name">cap_add</span>:
|
||
|
- SETUID
|
||
|
- SETGID
|
||
|
- CHOWN
|
||
|
- KILL
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.radicale-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.radicale-rtr.rule=Host(`radicale.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.radicale-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.radicale-rtr.service=radicale-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.radicale-svc.loadbalancer.server.port=5232"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgc3fd52f" class="outline-4">
|
||
|
<h4 id="orgc3fd52f"><code>config</code></h4>
|
||
|
<div class="outline-text-4" id="text-orgc3fd52f">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-conf">[<span class="org-type">server</span>]
|
||
|
<span class="org-variable-name">hosts</span> = 0.0.0.0:<span class="org-highlight-numbers-number">5232</span>
|
||
|
|
||
|
[<span class="org-type">auth</span>]
|
||
|
<span class="org-variable-name">type</span> = htpasswd
|
||
|
<span class="org-variable-name">htpasswd_filename</span> = /config/users
|
||
|
<span class="org-variable-name">htpasswd_encryption</span> = md5
|
||
|
|
||
|
[<span class="org-type">storage</span>]
|
||
|
<span class="org-variable-name">filesystem_folder</span> = /data/collections
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgc6e7c15" class="outline-3">
|
||
|
<h3 id="orgc6e7c15"><code>restic</code> - Automatic online backups (<a href="https://github.com/djmaze/resticker/">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-orgc6e7c15">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">restic</span>:
|
||
|
<span class="org-variable-name">container_name</span>: restic
|
||
|
<span class="org-variable-name">image</span>: mazzolino/restic
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- BACKUP_CRON=0 30 0 * * *
|
||
|
- RESTIC_REPOSITORY=b2:tdehaeze:/restic
|
||
|
- RESTIC_PASSWORD=$RESTIC_PASSWORD
|
||
|
- RESTIC_BACKUP_SOURCES=/source
|
||
|
- RESTIC_FORGET_ARGS=--group-by tag --keep-daily 7 --keep-weekly 4 --keep-monthly 12 --prune
|
||
|
- RESTIC_BACKUP_ARGS=--tag local --exclude-file /exclude.txt
|
||
|
- B2_ACCOUNT_ID=$RESTIC_B2_ACCOUNT_ID
|
||
|
- B2_ACCOUNT_KEY=$RESTIC_B2_ACCOUNT_KEY
|
||
|
- UID=$PUID
|
||
|
- GID=$PGID
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/restic/exclude.txt:/exclude.txt:ro
|
||
|
- /srv/storage/Cloud/thesis:/source/Cloud/thesis:ro
|
||
|
- /home/thomas/docker:/source/docker:ro
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org922569f" class="outline-4">
|
||
|
<h4 id="org922569f"><code>exclude.txt</code> - Exclude files</h4>
|
||
|
<div class="outline-text-4" id="text-org922569f">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-conf">*.db
|
||
|
*.log
|
||
|
*.log.*
|
||
|
/source/docker/config/gitea/git/
|
||
|
/source/docker/config/guacamole/
|
||
|
/source/docker/config/guacamole_db/
|
||
|
/source/docker/config/mariadb/
|
||
|
/source/docker/config/miniflux_db/
|
||
|
/source/docker/config/jellyfin/data/
|
||
|
/source/docker/config/dotfiles/www/
|
||
|
/source/docker/config/web/www/
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org090efb5" class="outline-3">
|
||
|
<h3 id="org090efb5"><code>octoprint</code> - Web interface for 3D printing (<a href="https://github.com/OctoPrint/OctoPrint">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org090efb5">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">octoprint</span>:
|
||
|
<span class="org-variable-name">container_name</span>: octoprint
|
||
|
<span class="org-variable-name">image</span>: octoprint/octoprint
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- UID=$PUID
|
||
|
- GID=$PGID
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">privileged</span>: <span class="org-constant">true</span>
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/octoprint:/octoprint
|
||
|
- /dev/bus/usb:/dev/bus/usb
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.octoprint-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.octoprint-rtr.rule=Host(`octoprint.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.octoprint-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.octoprint-rtr.service=octoprint-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.octoprint-rtr.middlewares=authelia@docker"</span>
|
||
|
- <span class="org-string">"traefik.http.services.octoprint-svc.loadbalancer.server.port=80"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org6fc53a7" class="outline-3">
|
||
|
<h3 id="org6fc53a7"><code>mealie</code> - Recipe Manager (<a href="https://github.com/hay-kot/mealie">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org6fc53a7">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">miam</span>:
|
||
|
<span class="org-variable-name">container_name</span>: miam
|
||
|
<span class="org-variable-name">image</span>: hkotel/mealie
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- db_type=sqlite
|
||
|
- UID=$PUID
|
||
|
- GID=$PGID
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/mealie:/app/data
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.miam-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.miam-rtr.rule=Host(`miam.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.miam-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.miam-rtr.service=miam-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.miam-svc.loadbalancer.server.port=80"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org99c58c9" class="outline-3">
|
||
|
<h3 id="org99c58c9"><code>diun</code> - Notification for Docker image updates (<a href="https://github.com/crazy-max/diun/">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org99c58c9">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">diun</span>:
|
||
|
<span class="org-variable-name">container_name</span>: diun
|
||
|
<span class="org-variable-name">image</span>: crazymax/diun
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- backend
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- TZ=$TZ
|
||
|
- LOG_LEVEL=info
|
||
|
- LOG_JSON=false
|
||
|
- DIUN_WATCH_WORKERS=20
|
||
|
- DIUN_WATCH_SCHEDULE=0 7 * * 6
|
||
|
- DIUN_PROVIDERS_DOCKER=true
|
||
|
- DIUN_PROVIDERS_DOCKER_WATCHBYDEFAULT=true
|
||
|
- DIUN_NOTIF_GOTIFY_ENDPOINT=$GOTIFY_URL
|
||
|
- DIUN_NOTIF_GOTIFY_TOKEN=$DIUN_GOTIFY_TOKEN
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||
|
- $CONFIGDIR/diun:/data
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgde60f5d" class="outline-3">
|
||
|
<h3 id="orgde60f5d"><code>commento</code> - Commenting system (<a href="https://github.com/adtac/commento">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-orgde60f5d">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">commento</span>:
|
||
|
<span class="org-variable-name">container_name</span>: commento
|
||
|
<span class="org-variable-name">image</span>: registry.gitlab.com/commento/commento
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
- backend
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">ports:</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">- 8080:8080</span>
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- TZ=$TZ
|
||
|
- UID=$PUID
|
||
|
- GID=$PGID
|
||
|
- COMMENTO_ORIGIN=https://commento.tdehaeze.xyz/
|
||
|
- COMMENTO_PORT=8080
|
||
|
- COMMENTO_POSTGRES=postgres://postgres:$COMMENTO_DB_PASSWORD@commento_db:5432/commento?sslmode=disable
|
||
|
- COMMENTO_SMTP_HOST=smtp.gmail.com
|
||
|
- COMMENTO_SMTP_PORT=587
|
||
|
- COMMENTO_SMTP_USERNAME=tdehaeze.xyz@gmail.com
|
||
|
- COMMENTO_SMTP_PASSWORD=$GMAIL_PASS
|
||
|
- COMMENTO_SMTP_FROM_ADDRESS=tdehaeze.xyz@gmail.com
|
||
|
<span class="org-variable-name">depends_on</span>:
|
||
|
- commento_db
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.commento-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.commento-rtr.rule=Host(`commento.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.commento-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.commento-rtr.service=commento-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.commento-svc.loadbalancer.server.port=8080"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">commento_db</span>:
|
||
|
<span class="org-variable-name">container_name</span>: commento_db
|
||
|
<span class="org-variable-name">image</span>: postgres:13
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- backend
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- POSTGRES_DB=commento
|
||
|
- POSTGRES_USER=postgres
|
||
|
- POSTGRES_PASSWORD=$COMMENTO_DB_PASSWORD
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/commento_db:/var/lib/postgresql/data
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org92e824e" class="outline-3">
|
||
|
<h3 id="org92e824e"><code>uptime-kuma</code> - Monitoring Tool (<a href="https://github.com/louislam/uptime-kuma">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org92e824e">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">uptime-kuma</span>:
|
||
|
<span class="org-variable-name">container_name</span>: uptime-kuma
|
||
|
<span class="org-variable-name">image</span>: louislam/uptime-kuma
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- TZ=$TZ
|
||
|
- UID=$PUID
|
||
|
- GID=$PGID
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/uptime-kuma:/app/data
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.uptime-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.uptime-rtr.rule=Host(`uptime.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.uptime-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.uptime-rtr.service=uptime-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.uptime-rtr.middlewares=authelia@docker"</span>
|
||
|
- <span class="org-string">"traefik.http.services.uptime-svc.loadbalancer.server.port=3001"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orge8a184a" class="outline-3">
|
||
|
<h3 id="orge8a184a"><code>kavita</code> - Reading server (<a href="https://github.com/Kareadita/Kavita">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-orge8a184a">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">kavita</span>:
|
||
|
<span class="org-variable-name">container_name</span>: kavita
|
||
|
<span class="org-variable-name">image</span>: kizaing/kavita:latest
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- TZ=$TZ
|
||
|
- UID=$PUID
|
||
|
- GID=$PGID
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/kavita:/kavita/data
|
||
|
- /srv/storage/Books:/books
|
||
|
- /srv/storage/Scans:/scans
|
||
|
- /srv/storage/Comics:/comics
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.kavita-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.kavita-rtr.rule=Host(`kavita.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.kavita-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.kavita-rtr.service=kavita-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.services.kavita-svc.loadbalancer.server.port=5000"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orge5608bc" class="outline-3">
|
||
|
<h3 id="orge5608bc"><code>mosquitto</code> - MQTT broker (<a href="https://github.com/eclipse/mosquitto/">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-orge5608bc">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">mosquitto</span>:
|
||
|
<span class="org-variable-name">container_name</span>: mosquitto
|
||
|
<span class="org-variable-name">image</span>: eclipse-mosquitto
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- UID=$PUID
|
||
|
- GID=$PGID
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">expose</span>:
|
||
|
- 1883
|
||
|
- 9001
|
||
|
<span class="org-variable-name">ports</span>:
|
||
|
- 1883:1883
|
||
|
- 9001:9001
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/mosquitto/config:/mosquitto/config
|
||
|
- $CONFIGDIR/mosquitto/log:/mosquitto/log
|
||
|
- $CONFIGDIR/mosquitto/data:/mosquitto/data
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-orgb7add6d" class="outline-3">
|
||
|
<h3 id="orgb7add6d"><code>zigbee2mqtt</code> - Zigbee to MQTT bridge (<a href="https://github.com/Koenkk/zigbee2mqtt/">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-orgb7add6d">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">zigbee2mqtt</span>:
|
||
|
<span class="org-variable-name">container_name</span>: zigbee2mqtt
|
||
|
<span class="org-variable-name">image</span>: koenkk/zigbee2mqtt
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">privileged</span>: <span class="org-constant">true</span>
|
||
|
<span class="org-variable-name">depends_on</span>:
|
||
|
- mosquitto
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- UID=$PUID
|
||
|
- GID=$PGID
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">volumes</span>:
|
||
|
- $CONFIGDIR/zigbee2mqtt:/app/data
|
||
|
- /run/udev:/run/udev:ro
|
||
|
<span class="org-variable-name">devices</span>:
|
||
|
- /dev/ttyACM0:/dev/ttyACM0
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org81ab575" class="outline-3">
|
||
|
<h3 id="org81ab575"><code>zigbee2mqttassistant</code> - GUI for Zigbee2Mqtt (<a href="https://github.com/yllibed/Zigbee2MqttAssistant">link</a>)</h3>
|
||
|
<div class="outline-text-3" id="text-org81ab575">
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-yaml"> <span class="org-variable-name">zigbee2mqttAssistant</span>:
|
||
|
<span class="org-variable-name">container_name</span>: zigbee2mqttassistant
|
||
|
<span class="org-variable-name">image</span>: carldebilly/zigbee2mqttassistant
|
||
|
<span class="org-variable-name">restart</span>: unless-stopped
|
||
|
<span class="org-variable-name">networks</span>:
|
||
|
- t2_proxy
|
||
|
<span class="org-variable-name">environment</span>:
|
||
|
- Z2MA_SETTINGS__MQTTSERVER=192.168.1.21:1883
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">- Z2MA_SETTINGS__MQTTUSERNAME={MQTTUSERNAME}</span>
|
||
|
<span class="org-comment-delimiter"># </span><span class="org-comment">- Z2MA_SETTINGS__MQTTPASSWORD={MQTTPASSWORD}</span>
|
||
|
- PUID=$PUID
|
||
|
- PGID=$PGID
|
||
|
- TZ=$TZ
|
||
|
<span class="org-variable-name">labels</span>:
|
||
|
- <span class="org-string">"traefik.enable=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.zigbee2mqttassistant-rtr.entrypoints=https"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.zigbee2mqttassistant-rtr.rule=Host(`zigbee2mqttassistant.$DOMAINNAME`)"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.zigbee2mqttassistant-rtr.tls=true"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.zigbee2mqttassistant-rtr.service=zigbee2mqttassistant-svc"</span>
|
||
|
- <span class="org-string">"traefik.http.routers.zigbee2mqttassistant-rtr.middlewares=authelia@docker"</span>
|
||
|
- <span class="org-string">"traefik.http.services.zigbee2mqttassistant-svc.loadbalancer.server.port=80"</span>
|
||
|
<span class="org-variable-name">logging</span>: <span class="org-function-name">*default-logging</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
<div id="outline-container-org515b6e0" class="outline-2">
|
||
|
<h2 id="org515b6e0">Cron Jobs</h2>
|
||
|
<div class="outline-text-2" id="text-org515b6e0">
|
||
|
</div>
|
||
|
<div id="outline-container-orgaf6db6e" class="outline-3">
|
||
|
<h3 id="orgaf6db6e">Caddy Update</h3>
|
||
|
<div class="outline-text-3" id="text-orgaf6db6e">
|
||
|
<p>
|
||
|
Create a script <code>~/cron/caddy_update.sh</code> with:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-bash">docker exec caddy /bin/sh -c <span class="org-string">"</span><span class="org-type"><span class="org-string">cd</span></span><span class="org-string"> /srv/www && </span><span class="org-type"><span class="org-string">echo</span></span><span class="org-string"> -e \"Update repo </span><span class="org-string"><span class="org-sh-quoted-exec">$(</span></span><span class="org-sh-quoted-exec">date</span><span class="org-string"><span class="org-sh-quoted-exec">)</span></span><span class="org-string">\" && </span><span class="org-type"><span class="org-string">git</span></span><span class="org-string"> submodule update --recursive --remote --merge"</span>
|
||
|
</pre>
|
||
|
</div>
|
||
|
|
||
|
<p>
|
||
|
Type <code>crontab -e</code> and add this line:
|
||
|
</p>
|
||
|
<div class="org-src-container">
|
||
|
<pre class="src src-conf">*/5 * * * * /home/thomas/cron/caddy_update.sh >> /home/thomas/cron/caddy_update.log 2>&1
|
||
|
</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div id="postamble" class="status">
|
||
|
<p class="author">Author: Dehaeze Thomas</p>
|
||
|
<p class="date">Created: 2021-10-25 lun. 14:33</p>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|