This commit is contained in:
Brian Zalewski 2024-01-13 10:58:03 +00:00
parent 590903cf9a
commit 5f706fac8b
14 changed files with 168 additions and 119 deletions

View file

@ -24,9 +24,9 @@ config:
docker: docker:
healthchecks: healthchecks:
allowedHosts: '*' allowedHosts: '*'
defaultFromEmail: no-reply@megabyte.space s3Endpoint: s3.wasabisys.com
siteLogoUrl: https://raw.githubusercontent.com/megabyte-labs/install.doctor/master/home/dot_local/etc/branding/black-icon-128x128.png siteLogoUrl: https://raw.githubusercontent.com/megabyte-labs/install.doctor/master/home/dot_local/etc/branding/black-icon-128x128.png
siteName: CombineOS Healthchecks siteName: Healthchecks
siteRoot: '/' siteRoot: '/'
portainer: portainer:
siteLogoUrl: https://gitlab.com/megabyte-labs/misc/assets/-/raw/master/logo/color3@10x.png siteLogoUrl: https://gitlab.com/megabyte-labs/misc/assets/-/raw/master/logo/color3@10x.png

View file

@ -0,0 +1,7 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmVWE2U1lTaDFndHNCYkkv
OC9UWnJnKzU2dDcydjhmcVBIVlJxRytHQzNNCm85SjJESXlhY01VRlJCUi9vVXN3
R3RkOGtKc3dUREdtd2NvZ1NVb3lzMFkKLS0tIFIvc3FreTFsczF3R0tOY2VOaW9h
eWJ5Z3YvbnVEeE4yZGVGVTM5OWIvcE0KtRKkOlEYhSwnjOfFs7cw15Zz7J8vW9Dv
uDFT3wzibSYfeCX8rhhu7CdqBB0InIklSozC
-----END AGE ENCRYPTED FILE-----

View file

@ -0,0 +1,7 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuVkQxN1c5ejByRDNSM2hx
b1IwcTJxWFIvNkxTNmVPbW5TVXFFUzNVOUR3CmhLOFExRVRhakdYcUNGbi9GM2ZT
V016bktYOEo0a1ZTd2NGdWxxejVzZEEKLS0tIDMrVUpxNWFYaC9WVWttWkhManV5
UGZJVHR6ZzhsVUR5Y1djaHc4QjJwQmsK8f3FRTSBS9Kf47BSyYlluvDkdySitGem
0eUnFevBRmN6Vim4VqokcvZoy32xPCqUa14Te5kUHbrXheAtMsK/Lw==
-----END AGE ENCRYPTED FILE-----

View file

@ -0,0 +1,7 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxbHBwQkRqVThNWlVXZFc0
YUNiNlI3N016VC9zaW5BS1JMRzVkdG1Cc3drClJ1dWFxdTBJcUhzWVVDaUFqMjJS
bkFwTWVoU2FxaGlkN3ltUmlzU2ltQkEKLS0tIGZYaENQOElqUDlwVG8rYktvbFRi
aEpjTGNFWGNPd3BEbTY4RG05SGtNeUEKxookow/IkARufcGLvLNc0+9cV/JTbQoK
KOV0QpE6Wwch7bpBfeHB3H1Rv3p0jgNQvqYXqA==
-----END AGE ENCRYPTED FILE-----

View file

@ -0,0 +1,7 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLbWVtYnFMWnM3bmhQcGJu
R1JOR2VpVnJZK0tsR3NoV2o2QW9WV3R2eWxNCnJNdFFZRDBXNnh2NVBHMG1ZdFR5
NWp0Y3ppT0NQdWVSVXNyYWZqejdlM3cKLS0tIHFwMlZ2V1dMcGhHUGFic2ZIUEhI
SUJBRzZJYnh6SHFZdVhZRkVQa3k2YjgKgV5Phj4VpdrYErOAaIIEycp+pAO3GJIW
inJV72iPbtbaMClZdK1mRX+x1+nZvb7UITe4k63YAOhpKEReIJ+irUins8ygeltJ
-----END AGE ENCRYPTED FILE-----

View file

@ -1,16 +0,0 @@
---
version: '3.8'
services:
code-server:
image: linuxserver/code-server
container_name: CodeServer
environment:
PUID: 1000
PGID: 1000
TZ: America/New_York
volumes:
- ./config:/config
ports:
- 28814:8443
restart: unless-stopped

View file

@ -1,28 +0,0 @@
---
version: "3.8"
services:
dashy:
# To build from source, replace 'image: lissy93/dashy' with 'build: .'
# build: .
image: lissy93/dashy
container_name: Dashy
# Pass in your config file below, by specifying the path on your host machine
volumes:
- /root/my-config.yml:{{ .host.home }}/config/dashy/conf.yml
ports:
- 4000:80
# Set any environmental variables
environment:
- NODE_ENV=production
# Specify your user ID and group ID. You can find this by running `id -u` and `id -g`
# - UID=1000
# - GID=1000
# Specify restart policy
restart: unless-stopped
# Configure healthchecks
healthcheck:
test: ['CMD', 'node', '/app/services/healthcheck']
interval: 1m30s
timeout: 10s
retries: 3
start_period: 40s

View file

@ -12,53 +12,50 @@ services:
- nginx_network - nginx_network
environment: environment:
ALLOWED_HOSTS: "{{ .docker.healthchecks.allowedHosts }}" ALLOWED_HOSTS: "{{ .docker.healthchecks.allowedHosts }}"
APPRISE_ENABLED: 'True' APPRISE_ENABLED: "False"
DB_HOST: postgres DB_HOST: "postgres"
DB_NAME: healthdb DB_NAME: "healthdb"
DB_PASSWORD_FILE: /run/secrets/healthchecks_db_password DB_PASSWORD_FILE: /run/secrets/healthchecks_db_password
DB_USER: healthuser DB_USER: "healthuser"
DEBUG: 'False' DEBUG: "False"
DEFAULT_FROM_EMAIL: "{{ .docker.healthchecks.defaultFromEmail }}" DEFAULT_FROM_EMAIL: "no-reply@{{ .host.domain }}"
DISCORD_CLIENT_ID_FILE: /run/secrets/discord_client_id
DISCORD_CLIENT_SECRET_FILE: /run/secrets/discord_client_secret
EMAIL_HOST_PASSWORD_FILE: /run/secrets/sendgrid_api_key EMAIL_HOST_PASSWORD_FILE: /run/secrets/sendgrid_api_key
EMAIL_HOST_USER: {{ .host.smtp.user }} EMAIL_HOST_USER: "{{ .host.smtp.user }}"
EMAIL_HOST: {{ .host.smtp.host }} EMAIL_HOST: "{{ .host.smtp.host }}"
EMAIL_PORT: {{ .host.smtp.port }} EMAIL_PORT: "{{ .host.smtp.port }}"
EMAIL_USE_TLS: 'True' EMAIL_USE_TLS: "True"
PGID: 1000 MATRIX_ACCESS_TOKEN_FILE: /run/secrets/matrix_access_token
PROMETHEUS_ENABLED: 'True'
PUID: 1000
REGENERATE_SETTINGS: 'True'
SECRET_KEY_FILE: /run/secrets/healthchecks_secret_key
SHELL_ENABLED: 'True'
SITE_LOGO_URL: {{ .docker.healthchecks.siteLogoUrl }}
SITE_NAME: {{ .docker.healthchecks.siteName }}
SITE_ROOT: {{ .docker.healthchecks.siteRoot }}
SLACK_CLIENT_ID_FILE: /run/secrets/slack_client_id
SLACK_CLIENT_SECRET_FILE: /run/secrets/slack_client_secret
SLACK_ENABLED: 'True'
SUPERUSER_EMAIL: "{{ .user.email }}"
SUPERUSER_PASSWORD_FILE: /run/secrets/healthchecks_superuser_password
TZ: "{{ .user.timezone }}"
WEBHOOKS_ENABLED: 'True'
DISCORD_CLIENT_ID:
DISCORD_CLIENT_SECRET:
MATRIX_HOMESERVER_FILE: /run/secrets/matrix_homeserver MATRIX_HOMESERVER_FILE: /run/secrets/matrix_homeserver
MATRIX_USER_ID_FILE: /run/secrets/matrix_username MATRIX_USER_ID_FILE: /run/secrets/matrix_username
MATRIX_ACCESS_TOKEN_FILE: /run/secrets/matrix_access_token PGID: 1000
APPRISE_ENABLED: 'True' PROMETHEUS_ENABLED: "True"
SHELL_ENABLED: 'True' PUID: 1000
PUSHBULLET_CLIENT_ID_FILE: /run/secrets/pushbullet_client_id PUSHBULLET_CLIENT_ID_FILE: /run/secrets/pushbullet_client_id
PUSHBULLET_CLIENT_SECRET_FILE: /run/secrets/pushbullet_client_secret PUSHBULLET_CLIENT_SECRET_FILE: /run/secrets/pushbullet_client_secret
S3_ACCESS_KEY: S3_ACCESS_KEY_FILE: /run/secrets/healthchecks_s3_access_key
S3_BUCKET: S3_BUCKET: "health.{{ .host.domain }}"
S3_ENDPOINT: S3_ENDPOINT: "{{ .docker.healthchecks.s3Endpoint }}"
S3_REGION: S3_REGION: ""
S3_SECRET_KEY: S3_SECRET_KEY_FILE: /run/secrets/healthchecks_s3_secret_key
TELEGRAM_BOT_NAME: /run/secrets/telegram_bot_name SECRET_KEY_FILE: /run/secrets/healthchecks_secret_key
TELEGRAM_TOKEN: /run/secrets/telegram_bot_token SHELL_ENABLED: "True"
TWILIO_ACCOUNT: /run/secrets/twilio_account_sid SITE_LOGO_URL: "{{ .docker.healthchecks.siteLogoUrl }}"
TWILIO_AUTH: /run/secrets/twilio_auth_token SITE_NAME: "{{ .docker.healthchecks.siteName }}"
TWILIO_FROM: /run/secrets/twilio_from_number SITE_ROOT: "{{ .docker.healthchecks.siteRoot }}"
SLACK_CLIENT_ID_FILE: /run/secrets/slack_client_id
SLACK_CLIENT_SECRET_FILE: /run/secrets/slack_client_secret
SLACK_ENABLED: "True"
SUPERUSER_EMAIL: "{{ .user.email }}"
SUPERUSER_PASSWORD_FILE: /run/secrets/healthchecks_superuser_password
TELEGRAM_BOT_NAME_FILE: /run/secrets/telegram_bot_name
TELEGRAM_TOKEN_FILE: /run/secrets/telegram_bot_token
TWILIO_ACCOUNT_FILE: /run/secrets/twilio_account_sid
TWILIO_AUTH_FILE: /run/secrets/twilio_auth_token
TWILIO_FROM_FILE: /run/secrets/twilio_from_number
TZ: "{{ .user.timezone }}"
WEBHOOKS_ENABLED: "True"
deploy: deploy:
mode: replicated mode: replicated
replicas: 1 replicas: 1
@ -70,15 +67,23 @@ services:
restart: unless-stopped restart: unless-stopped
secrets: secrets:
- healthchecks_db_password - healthchecks_db_password
- healthchecks_s3_access_key
- healthchecks_s3_secret_key
- healthchecks_secret_key - healthchecks_secret_key
- healthchecks_superuser_password
- matrix_access_token
- matrix_homeserver
- matrix_username
- pushbullet_client_id
- pushbullet_client_secret
- sendgrid_api_key - sendgrid_api_key
- slack_client_id - slack_client_id
- slack_client_secret - slack_client_secret
- telegram_bot_name - telegram_bot_name
- telegram_bot_token - telegram_bot_token
- healthchecks_superuser_password - twilio_account_sid
- pushbullet_client_id - twilio_auth_token
- pushbullet_client_secret - twilio_from_number
postgres: postgres:
container_name: Postgres container_name: Postgres
@ -90,15 +95,13 @@ services:
- healthchecks_network - healthchecks_network
environment: environment:
POSTGRES_PASSWORD_FILE: /run/secrets/healthchecks_db_password POSTGRES_PASSWORD_FILE: /run/secrets/healthchecks_db_password
POSTGRES_USER_FILE: /run/secrets/healthchecks_db_user POSTGRES_USER: healthuser
POSTGRES_DB_FILE: /run/secrets/healthchecks_db_name POSTGRES_DB: healthdb
deploy: deploy:
mode: replicated mode: replicated
replicas: 1 replicas: 1
secrets: secrets:
- healthchecks_db_name - healthchecks_db_password
- healthchecks_db_password
- healthchecks_db_user
networks: networks:
healthchecks_network: healthchecks_network:
@ -109,23 +112,41 @@ networks:
external: true external: true
secrets: secrets:
healthchecks_db_name:
external: true
healthchecks_db_password: healthchecks_db_password:
external: true external: true
healthchecks_db_user:
external: true
healthchecks_secret_key: healthchecks_secret_key:
external: true external: true
healthchecks_superuser_password:
external: true
healthchecks_s3_access_key:
external: true
healthchecks_s3_secret_key:
external: true
matrix_access_token:
external: true
matrix_homeserver:
external: true
matrix_username:
external: true
pushbullet_client_id:
external: true
pushbullet_client_secret:
external: true
sendgrid_api_key: sendgrid_api_key:
external: true external: true
healthchecks_slack_client_id: slack_client_id:
external: true external: true
healthchecks_slack_client_secret: slack_client_secret:
external: true external: true
healthchecks_superuser_email: telegram_bot_name:
external: true external: true
healthchecks_superuser_password: telegram_bot_token:
external: true
twilio_account_sid:
external: true
twilio_auth_token:
external: true
twilio_from_number:
external: true external: true
volumes: volumes:

View file

@ -0,0 +1,20 @@
---
services:
kasm:
image: lscr.io/linuxserver/kasm:latest
container_name: Kasm
privileged: true
environment:
KASM_PORT: 443
DOCKER_HUB_USERNAME: USER
DOCKER_HUB_PASSWORD: PASS
DOCKER_MTU: 1500
volumes:
- /path/to/data:/opt
- /path/to/profiles:/profiles #optional
- /dev/input:/dev/input #optional
- /run/udev/data:/run/udev/data #optional
ports:
- 3000:3000
- 443:443
restart: unless-stopped

View file

@ -0,0 +1,23 @@
---
version: "3.7"
services:
nextcloud:
image: lscr.io/linuxserver/nextcloud:latest
container_name: NextCloud
environment:
PUID: 1000
PGID: 1000
TZ: "{{ .user.timezone }}"
volumes:
- nextcloud_config:/config
- nextcloud_data:/data
ports:
- 26777:443
restart: unless-stopped
volumes:
nextcloud_config:
name: nextcloud_config
nextcloud_data:
name: nextcloud_data

View file

@ -24,8 +24,8 @@ services:
volumes: volumes:
- portainer_manager_data:/data - portainer_manager_data:/data
networks: networks:
- cloudflared_tunnel
- portainer_agent_network - portainer_agent_network
- nginx_network
secrets: secrets:
- portainer_admin_password - portainer_admin_password
deploy: deploy:
@ -38,11 +38,13 @@ services:
image: cloudflare/cloudflared image: cloudflare/cloudflared
command: tunnel run command: tunnel run
deploy: deploy:
replicas: 2 replicas: 4
networks: networks:
- cloudflared_tunnel - cloudflared_tunnel
environment: environment:
TUNNEL_TOKEN: /run/secrets/cloudflared_docker_swarm_token TUNNEL_TOKEN_FILE: /run/secrets/cloudflared_docker_swarm_token
secrets:
- cloudflared_docker_swarm_token
networks: networks:
cloudflared_tunnel: cloudflared_tunnel:
@ -51,8 +53,6 @@ networks:
driver: overlay driver: overlay
attachable: true attachable: true
internal: true internal: true
nginx_network:
external: true
secrets: secrets:
cloudflared_docker_swarm_token: cloudflared_docker_swarm_token:

View file

@ -10,4 +10,5 @@ services:
- "8081:8081" - "8081:8081"
volumes: volumes:
nexus-data: nexus_data:
name: nexus_data

View file

@ -17,19 +17,19 @@ services:
- statping_app:/app - statping_app:/app
- services.yml:/app/services.yml - services.yml:/app/services.yml
environment: environment:
VIRTUAL_HOST: localhost
VIRTUAL_PORT: 8072
DB_CONN: postgres
DB_HOST: postgres
ADMIN_USER: admin
ADMIN_PASSWORD_FILE: /run/secrets/statping_admin_password ADMIN_PASSWORD_FILE: /run/secrets/statping_admin_password
ADMIN_USER: "admin"
API_SECRET_FILE: /run/secrets/statping_api_secret API_SECRET_FILE: /run/secrets/statping_api_secret
DB_USER: statuser DB_CONN: "postgres"
DB_DATABASE: "statdb"
DB_HOST: "postgres"
DB_PASS_FILE: /run/secrets/statping_database_password DB_PASS_FILE: /run/secrets/statping_database_password
DB_DATABASE: statdb DB_USER: "statuser"
NAME: "{{ .docker.statping.name }}"
DESCRIPTION: "{{ .docker.statping.description }}" DESCRIPTION: "{{ .docker.statping.description }}"
DOMAIN: "status.{{ .host.domain }}" DOMAIN: "status.{{ .host.domain }}"
NAME: "{{ .docker.statping.name }}"
VIRTUAL_HOST: "localhost"
VIRTUAL_PORT: "8072"
deploy: deploy:
mode: replicated mode: replicated
replicas: 1 replicas: 1
@ -47,9 +47,9 @@ services:
networks: networks:
- statping_network - statping_network
environment: environment:
POSTGRES_DB: "statdb"
POSTGRES_PASSWORD_FILE: /run/secrets/statping_database_password POSTGRES_PASSWORD_FILE: /run/secrets/statping_database_password
POSTGRES_USER: statuser POSTGRES_USER: "statuser"
POSTGRES_DB: statdb
deploy: deploy:
mode: replicated mode: replicated
replicas: 1 replicas: 1