traveler/services
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Folder reorg if prep for using git runner

Browse source
This commit is contained in:
traveler 2026-01-10 21:25:19 -06:00
parent 304e85e450
commit 1a3749112d
102 changed files with 833 additions and 244 deletions
Download patch file Download diff file Expand all files Collapse all files

82
compose/docker2/Compose-vpn.yaml Executable file
View file

@ -0,0 +1,82 @@
services:
gluetun:
container_name: gluetun
image: qmcgaw/gluetun
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
volumes:
- /data/nfs/Baxter/Docker/gluetun:/gluetun
networks:
- netgrimoire
ports:
- 9117:9117 #jackett
- 9091:9091 #transmission
- 51413:51413 #transmission
- 51413:51413/udp #transmission
environment:
- VPN_SERVICE_PROVIDER=private internet access
- OPENVPN_USER=p1016182
- OPENVPN_PASSWORD=F@lcon12
- SERVER_REGIONS=Netherlands
- TZ=America/Chicago
- PGID=998
- PUID=1001
labels:
- caddy=jackett.netgrimoire.com
- caddy.import=authentik
- caddy.reverse_proxy="{{upstreams 9117}}"
jackett:
image: lscr.io/linuxserver/jackett:latest
container_name: jackett
environment:
- PUID=1001
- PGID=998
- TZ=America/Chicago
volumes:
- /DockerVol/jackett/config:/config
- /data/nfs/Baxter/Data:/data:shared
# ports:
# - 9117:9117
# networks:
# - vpn
network_mode: "container:gluetun"
restart: unless-stopped
labels:
- homepage.group=Jolly Roger
- homepage.name=Jackett
- homepage.icon=jackett.png
- homepage.href=http://jackett.netgrimoire.com
- homepage.description=Torrent Client
# - homepage.widget.type=lidarr
# - homepage.widget.url=http://lidarr:8686
# - homepage.widget.key=189afec5b97440209775a192870a2815
- kuma.jackett.http.name="Jackett"
- kuma.jackett.http.url=http://gluetun:9117
transmission:
image: lscr.io/linuxserver/transmission:latest
container_name: transmission
network_mode: "container:gluetun"
environment:
- PUID=1001
- PGID=998
- TZ=America/Chicago
volumes:
- /DockerVol/transmission/config:/config
- /data/nfs/Baxter/Data:/data:shared
restart: unless-stopped
networks:
netgrimoire:
external: true

8
compose/docker3/librenms/.env Normal file
View file

@ -0,0 +1,8 @@
TZ=America/Chicago
PUID=1001
PGID=998
MYSQL_DATABASE=librenms
MYSQL_USER=librenms
MYSQL_PASSWORD=libenms

188
compose/docker3/librenms/compose.yml Normal file
View file

@ -0,0 +1,188 @@
name: librenms
services:
libre_db:
image: mariadb:10
container_name: librenms_db
command:
- "mysqld"
- "--innodb-file-per-table=1"
- "--lower-case-table-names=0"
- "--character-set-server=utf8mb4"
- "--collation-server=utf8mb4_unicode_ci"
networks:
- netgrimoire
volumes:
#- "./db:/var/lib/mysql"
- libre_dbase:/var/lib/mysql
environment:
- "TZ=${TZ}"
- "MARIADB_RANDOM_ROOT_PASSWORD=yes"
- "MYSQL_DATABASE=${MYSQL_DATABASE}"
- "MYSQL_USER=${MYSQL_USER}"
- "MYSQL_PASSWORD=${MYSQL_PASSWORD}"
restart: always
libre_redis:
image: redis:7.2-alpine
container_name: librenms_redis
environment:
- "TZ=${TZ}"
networks:
- netgrimoire
restart: always
libre_msmtpd:
image: crazymax/msmtpd:latest
container_name: librenms_msmtpd
env_file:
- "./msmtpd.env"
networks:
- netgrimoire
restart: always
librenms:
image: librenms/librenms:latest
container_name: librenms
hostname: librenms
cap_add:
- NET_ADMIN
- NET_RAW
ports:
- "8000:8000/tcp"
depends_on:
- libre_db
- libre_redis
- libre_msmtpd
volumes:
# - "./librenms:/data"
- librenms:/data
networks:
- netgrimoire
env_file:
- "./librenms.env"
environment:
- "TZ=${TZ}"
- "PUID=${PUID}"
- "PGID=${PGID}"
- "DB_HOST=libre_db"
- "DB_NAME=${MYSQL_DATABASE}"
- "DB_USER=${MYSQL_USER}"
- "DB_PASSWORD=${MYSQL_PASSWORD}"
- "DB_TIMEOUT=60"
restart: always
dispatcher:
image: librenms/librenms:latest
container_name: librenms_dispatcher
hostname: librenms-dispatcher
cap_add:
- NET_ADMIN
- NET_RAW
depends_on:
- librenms
- libre_redis
volumes:
# - "./librenms:/data"
- librenms:/data
networks:
- netgrimoire
env_file:
- "./librenms.env"
environment:
- "TZ=${TZ}"
- "PUID=${PUID}"
- "PGID=${PGID}"
- "DB_HOST=libre_db"
- "DB_NAME=${MYSQL_DATABASE}"
- "DB_USER=${MYSQL_USER}"
- "DB_PASSWORD=${MYSQL_PASSWORD}"
- "DB_TIMEOUT=60"
- "DISPATCHER_NODE_ID=dispatcher1"
- "SIDECAR_DISPATCHER=1"
restart: always
syslogng:
image: librenms/librenms:latest
container_name: librenms_syslogng
hostname: librenms-syslogng
cap_add:
- NET_ADMIN
- NET_RAW
depends_on:
- librenms
- libre_redis
ports:
- "514:514/tcp"
- "514:514/udp"
volumes:
# - "./librenms:/data"
- librenms:/data
networks:
- netgrimoire
env_file:
- "./librenms.env"
environment:
- "TZ=${TZ}"
- "PUID=${PUID}"
- "PGID=${PGID}"
- "DB_HOST=libre_db"
- "DB_NAME=${MYSQL_DATABASE}"
- "DB_USER=${MYSQL_USER}"
- "DB_PASSWORD=${MYSQL_PASSWORD}"
- "DB_TIMEOUT=60"
- "SIDECAR_SYSLOGNG=1"
restart: always
snmptrapd:
image: librenms/librenms:latest
container_name: librenms_snmptrapd
hostname: librenms-snmptrapd
cap_add:
- NET_ADMIN
- NET_RAW
depends_on:
- librenms
- libre_redis
ports:
- "162:162/tcp"
- "162:162/udp"
volumes:
# - "./librenms:/data"
- librenms:/data
networks:
- netgrimoire
env_file:
- "./librenms.env"
environment:
- "TZ=${TZ}"
- "PUID=${PUID}"
- "PGID=${PGID}"
- "DB_HOST=libre_db"
- "DB_NAME=${MYSQL_DATABASE}"
- "DB_USER=${MYSQL_USER}"
- "DB_PASSWORD=${MYSQL_PASSWORD}"
- "DB_TIMEOUT=60"
- "SIDECAR_SNMPTRAPD=1"
restart: always
volumes:
libre_dbase:
driver: local
driver_opts:
type: none
o: bind
device: /DockerVol/librenms/libre_db
librenms:
driver: local
driver_opts:
type: none
o: bind
device: /DockerVol/librenms/data
networks:
netgrimoire:
external: true

16
compose/docker3/librenms/librenms.env Normal file
View file

@ -0,0 +1,16 @@
MEMORY_LIMIT=256M
MAX_INPUT_VARS=1000
UPLOAD_MAX_SIZE=16M
OPCACHE_MEM_SIZE=128
REAL_IP_FROM=0.0.0.0/32
REAL_IP_HEADER=X-Forwarded-For
LOG_IP_VAR=remote_addr
CACHE_DRIVER=redis
SESSION_DRIVER=redis
REDIS_HOST=redis
LIBRENMS_SNMP_COMMUNITY=librenmsdocker
LIBRENMS_WEATHERMAP=false
LIBRENMS_WEATHERMAP_SCHEDULE=*/5 * * * *

24
compose/docker3/librenms/monitor.yaml Normal file
View file

@ -0,0 +1,24 @@
services:
glances:
image: nicolargo/glances
container_name: glances
hostname: glances
restart: always
network_mode: host
privileged: true
pid: host
volumes:
- /DockerVol/glances/config:/glances/conf
- /var/run/docker.sock:/var/run/docker.sock
environment:
- TZ=America/Chicago
- "GLANCES_OPT=-w"
ports:
- 61208-61209:61208-61209
networks:
netgrimoire:
external: true

10
compose/docker3/librenms/msmtpd.env Normal file
View file

@ -0,0 +1,10 @@
# https://github.com/crazy-max/docker-msmtpd
SMTP_HOST=mail.netgrimoire.com
SMTP_PORT=587
SMTP_TLS=on
SMTP_STARTTLS=on
SMTP_TLS_CHECKCERT=on
SMTP_AUTH=on
SMTP_USER=traveler@netgrimoire.com
SMTP_PASSWORD=F@lcon13
SMTP_FROM=network@netgrimoire.com

16
compose/docker4/.env Executable file
View file

@ -0,0 +1,16 @@
# You MUST set a secret to secure/pepper the stored user passwords here. Use at least 64 characters.
# Generate one by using for example: pwgen -N 1 -s 96
# ATTENTION: This value must be the same on all Graylog nodes in the cluster.
# Changing this value after installation will render all user sessions and encrypted values in the database invalid. (e.g. encrypted access tokens)
GRAYLOG_PASSWORD_SECRET="TZ3XajhzIBugTl61oNNgrWL0OHTn4qYcNAuzTTHWRKYxxWf61oAEpHOpesLoP7ssgqBTuainTBX6YIVAcYs2de2jhPHQBYD5"
# You MUST specify a hash password for the root user (which you only need to initially set up the
# system and in case you lose connectivity to your authentication backend)
# This password cannot be changed using the API or via the web interface. If you need to change it,
# modify it in this file.
# Create one by using for example: echo -n yourpassword | shasum -a 256
# and put the resulting hash value into the following line
# CHANGE THIS!
GRAYLOG_ROOT_PASSWORD_SHA2="1b12de7f4069972e784d42dbe826c0769f1287412cd35479de127fcf816699dc"
PG_PASS=KzxbC4hiuEFAuACIijO8EGWa8YvO901BXmh39wBhS5pQv3XV
AUTHENTIK_SECRET_KEY=g8JIvopgkcpIeRUKgfT5KwHFUwGNBFobwhHMHx08wPTJTtAlmqllAwmr6u4jk+ng8O1gbV/gwZnYylMn

153
compose/docker4/graylog.yaml Executable file
View file

@ -0,0 +1,153 @@
#only works with compose
services:
# MongoDB: https://hub.docker.com/_/mongo/
mongodb:
container_name: graylog-mongo
image: mongo:5.0
volumes:
#- /DockerVol/Graylog/Mongo/data/db:/data/db
- mongodb_data:/data/db
networks:
- netgrimoire
environment:
- PGID=998
- PUID=1001
- UMASK=002
# deploy:
# placement:
# constraints:
# - node.hostname == docker2
datanode:
container_name: graylog-datanode
image: "${DATANODE_IMAGE:-graylog/graylog-datanode:6.0}"
hostname: "datanode"
environment:
GRAYLOG_DATANODE_NODE_ID_FILE: "/var/lib/graylog-datanode/node-id"
GRAYLOG_DATANODE_PASSWORD_SECRET: "TZ3XajhzIBugTl61oNNgrWL0OHTn4qYcNAuzTTHWRKYxxWf61oAEpHOpesLoP7ssgqBTuainTBX6YIVAcYs2de2jhPHQBYD5"
GRAYLOG_DATANODE_ROOT_PASSWORD_SHA2: "1b12de7f4069972e784d42dbe826c0769f1287412cd35479de127fcf816699dc"
GRAYLOG_DATANODE_MONGODB_URI: "mongodb://mongodb:27017/graylog"
PGID: 998
PUID: 1001
UMASK: 002
ulimits:
memlock:
hard: -1
soft: -1
nofile:
soft: 65536
hard: 65536
ports:
- "8999:8999/tcp" # DataNode API
- "9200:9200/tcp"
- "9300:9300/tcp"
volumes:
#- /DockerVol/Graylog/datanode:/var/lib/graylog-datanode
- graylog-datanode:/var/lib/graylog-datanode
networks:
- netgrimoire
# deploy:
# placement:
# constraints:
# - node.hostname == docker2
graylog:
container_name: graylog
hostname: "server"
image: "${GRAYLOG_IMAGE:-graylog/graylog:6.0}"
depends_on:
- mongodb
# -condition: "service_started"
entrypoint: "/usr/bin/tini -- /docker-entrypoint.sh"
environment:
GRAYLOG_NODE_ID_FILE: "/usr/share/graylog/data/data/node-id"
GRAYLOG_PASSWORD_SECRET: "TZ3XajhzIBugTl61oNNgrWL0OHTn4qYcNAuzTTHWRKYxxWf61oAEpHOpesLoP7ssgqBTuainTBX6YIVAcYs2de2jhPHQBYD5"
GRAYLOG_ROOT_PASSWORD_SHA2: "1b12de7f4069972e784d42dbe826c0769f1287412cd35479de127fcf816699dc"
GRAYLOG_HTTP_BIND_ADDRESS: "0.0.0.0:9000"
GRAYLOG_HTTP_EXTERNAL_URI: "http://log.netgrimoire.com/"
GRAYLOG_MONGODB_URI: "mongodb://mongodb:27017/graylog"
GRAYLOG_ELASTICSEARCH_SSL_VERIFY: false
GRAYLOG_DATANODE_TRANSPORT_URI: "http://datanode:9200"
PGID: 998
PUID: 1001
UMASK: 002
ports:
- "5044:5044/tcp" # Beats
- "5140:5140/udp" # Syslog
- "5140:5140/tcp" # Syslog
- "5555:5555/tcp" # RAW TCP
- "5555:5555/udp" # RAW UDP
- "9000:9000/tcp" # Server API
- "12201:12201/tcp" # GELF TCP
- "12201:12201/udp" # GELF UDP
- "10000:10000/tcp" # Custom TCP port
- "10000:10000/udp" # Custom UDP port
- "13301:13301/tcp" # Forwarder data
- "13302:13302/tcp" # Forwarder config
volumes:
#- "/DockerVol/Graylog/graylog_data:/usr/share/graylog/data/data"
#- "/DockerVol/Graylog/graylog_journal:/usr/share/graylog/data/journal"
- graylog_data:/usr/share/graylog/data/data
- graylog_journal:/usr/share/graylog/data/journal
networks:
- netgrimoire
# deploy:
# labels:
# - homepage.group=Monitoring
# - homepage.name=Graylog
# - homepage.icon=graylog.png
# - homepage.href=https://log.netgrimoire.com
# - homepage.description=Logging Server
# - caddy=log.netgrimoire.com
# - caddy.reverse_proxy="{{upstreams 9000}}"
# placement:
# constraints:
# - node.hostname == docker2
volumes:
mongodb_data:
driver: local
driver_opts:
type: none
o: bind
device: /DockerVol/Graylog/Mongo/data/db
graylog-datanode:
driver: local
driver_opts:
type: none
o: bind
device: /DockerVol/Graylog/datanode
graylog_data:
driver: local
driver_opts:
type: none
o: bind
device: /DockerVol/Graylog/graylog_data
graylog_journal:
driver: local
driver_opts:
type: none
o: bind
device: /DockerVol/Graylog/graylog_journal
networks:
netgrimoire:
external: true

42
compose/docker5/JellyFin.yaml Executable file
View file

@ -0,0 +1,42 @@
version: "3.8"
services:
jellyfin:
image: lscr.io/linuxserver/jellyfin
container_name: jellyfin
environment:
- PUID=1001
- PGID=998
- TZ=America/Chicago
# - JELLYFIN_PublishedServerUrl=http://jellyfin.local:8096 # Optional, helps clients find the server
volumes:
- /DockerVol/Jellyfin/config:/config
- /data/nfs/Baxter/Data/media:/data:shared
ports:
- "8096:8096"
- "8920:8920"
# - "7359:7359/udp"
# - "1900:1900/udp"
devices:
- /dev/dri:/dev/dri # Intel iGPU for VAAPI
restart: unless-stopped
networks:
- netgrimoire
labels:
# Homepage Dashboard
homepage.group: "Media"
homepage.name: "Jellyfin"
homepage.icon: "jellyfin.jpg"
homepage.href: "http://jellyfin.netgrimoire.com:8096"
homepage.description: "Media server with VAAPI transcoding"
# Diun (Docker Image Update Notifier)
diun.enable: "true"
diun.watch_repo: "true"
diun.notify: "ntfy" # change to your preferred notifier if needed
networks:
netgrimoire:
external: true

45
compose/docker5/JellyFinx.yaml Normal file
View file

@ -0,0 +1,45 @@
version: "3.8"
services:
jellyfinx:
image: lscr.io/linuxserver/jellyfin
container_name: jellyfinx
environment:
- PUID=1001
- PGID=998
- TZ=America/Chicago
# - JELLYFIN_PublishedServerUrl=http://jellyfin.local:7096
volumes:
- /DockerVol/Jellyfinx/config:/config
- /data/nfs/Baxter/Data/media:/data:shared
- /data/nfs/Baxter/Green/media/movies:/green:shared
- /data/nfs/Baxter/Green/media/After_Dark:/AfterDark:shared
ports:
- "7096:8096"
- "7920:8920"
devices:
- /dev/dri:/dev/dri # Intel iGPU for VAAPI
restart: unless-stopped
networks:
- netgrimoire
labels:
# Homepage Dashboard
homepage.group: "Media"
homepage.name: "Jellyfinx"
homepage.icon: "jellyfin"
homepage.href: http://jellyfinx.netgrimoire.com:7096
homepage.description: "Media server with VAAPI transcoding"
homepage.weight: "1"
# Diun (Docker Image Update Notifier)
diun.enable: "true"
diun.watch_repo: "true"
diun.notify: "ntfy" # or your notifier key/topic (e.g., smtp, gotify, etc.)
networks:
netgrimoire:
external: true

23
compose/nas/.env Executable file
View file

@ -0,0 +1,23 @@
# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables
# The location where your uploaded files are stored
UPLOAD_LOCATION=/srv/a18f546e-e9bf-4a8d-8b9d-02e7ec32b632/immich/library
# The location where your database files are stored
DB_DATA_LOCATION=/srv/a18f546e-e9bf-4a8d-8b9d-02e7ec32b632/immich/postgres
# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
TZ=America/Chicago
# The Immich version to use. You can pin this to a specific version like "v1.71.0"
IMMICH_VERSION=v2
# Connection secret for postgres. You should change it to a random password
# Please use only the characters `A-Za-z0-9`, without special characters or spaces
DB_PASSWORD=postgres
# The values below this line do not need to be changed
###################################################################################
DB_USERNAME=postgres
DB_DATABASE_NAME=immich

40
compose/nas/calibre.yaml Normal file
View file

@ -0,0 +1,40 @@
services:
Calibre:
image: lscr.io/linuxserver/calibre:latest
container_name: calibre
hostname: calibre
environment:
- TZ=America/Chicago
- PGID=998
- PUID=1001
networks:
- netgrimoire
volumes:
- /DockerVol/Calibre/Config:/config
- /DockerVol/Calibre/Plugins:/plugins
- /data/nfs/Baxter/Data/media:/data:shared
ports:
- 7070:8080
- 7081:8081
restart: unless-stopped
security_opt:
- seccomp=unconfined
# deploy:
labels:
# - homepage.group=Library
# - homepage.name=Calibre
# - homepage.icon=calibre.png
# - homepage.href=http://calibre.netgrimoire.com
# - homepage.description=Calibre Library
# - kuma.calibre.http.name="Calibre"
# - kuma.calibre.http.url=http://calibre:8080
- caddy=calibre.netgrimoire.com
- caddy.import=authentik
- caddy.reverse_proxy="{{upstreams 8080}}"
# placement:
# constraints:
# - node.hostname == nas
networks:
netgrimoire:
external: true

52
compose/nas/cloud.yaml Normal file
View file

@ -0,0 +1,52 @@
services:
nextcloud-aio-mastercontainer:
image: nextcloud/all-in-one:latest
init: true
restart: always
container_name: nextcloud-aio-mastercontainer # This line is not allowed to be changed as otherwise AIO will not work correctly
volumes:
- nextcloud_aio_mastercontainer:/mnt/docker-aio-config # This line is not allowed to be changed as otherwise the built-in backup solution will not work
- /var/run/docker.sock:/var/run/docker.sock:ro # May be changed on macOS, Windows or docker rootless. See the applicable documentation. If adjusting, don't forget to also set 'WATCHTOWER_DOCKER_SOCKET_PATH'!
- /srv/ssd1/NextCloud-AIO:/var/www/html/data
networks:
- netgrimoire # add to the same network as docker run would do
ports:
# - 80:80 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
- 8080:8080
# - 8443:8443 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
environment: # Is needed when using any of the options below
# AIO_DISABLE_BACKUP_SECTION: false # Setting this to true allows to hide the backup section in the AIO interface. See https://github.com/nextcloud/all-in-one#how-to-disable-the-backup-section
# AIO_COMMUNITY_CONTAINERS: # With this variable, you can add community containers very easily. See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers
APACHE_PORT: 11000 # Is needed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
APACHE_IP_BINDING: 0.0.0.0 # Should be set when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) that is running on the same host. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
APACHE_ADDITIONAL_NETWORK: netgrimoire # (Optional) Connect the apache container to an additional docker network. Needed when behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) running in a different docker network on same server. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
# BORG_RETENTION_POLICY: --keep-within=7d --keep-weekly=4 --keep-monthly=6 # Allows to adjust borgs retention policy. See https://github.com/nextcloud/all-in-one#how-to-adjust-borgs-retention-policy
# COLLABORA_SECCOMP_DISABLED: false # Setting this to true allows to disable Collabora's Seccomp feature. See https://github.com/nextcloud/all-in-one#how-to-disable-collaboras-seccomp-feature
NEXTCLOUD_DATADIR: /srv/ssd1/NextCloud-AIO # Allows to set the host directory for Nextcloud's datadir. ⚠️⚠️⚠️ Warning: do not set or adjust this value after the initial Nextcloud installation is done! See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir
# NEXTCLOUD_MOUNT: /mnt/ # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host
# NEXTCLOUD_UPLOAD_LIMIT: 16G # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-upload-limit-for-nextcloud
# NEXTCLOUD_MAX_TIME: 3600 # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-max-execution-time-for-nextcloud
# NEXTCLOUD_MEMORY_LIMIT: 512M # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-php-memory-limit-for-nextcloud
# NEXTCLOUD_TRUSTED_CACERTS_DIR: /path/to/my/cacerts # CA certificates in this directory will be trusted by the OS of the nextcloud container (Useful e.g. for LDAPS) See https://github.com/nextcloud/all-in-one#how-to-trust-user-defined-certification-authorities-ca
# NEXTCLOUD_STARTUP_APPS: deck twofactor_totp tasks calendar contacts notes # Allows to modify the Nextcloud apps that are installed on starting AIO the first time. See https://github.com/nextcloud/all-in-one#how-to-change-the-nextcloud-apps-that-are-installed-on-the-first-startup
# NEXTCLOUD_ADDITIONAL_APKS: imagemagick # This allows to add additional packages to the Nextcloud container permanently. Default is imagemagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-os-packages-permanently-to-the-nextcloud-container
# NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS: imagick # This allows to add additional php extensions to the Nextcloud container permanently. Default is imagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-php-extensions-permanently-to-the-nextcloud-container
# NEXTCLOUD_ENABLE_DRI_DEVICE: true # This allows to enable the /dev/dri device for containers that profit from it. ⚠️⚠️⚠️ Warning: this only works if the '/dev/dri' device is present on the host! If it should not exist on your host, don't set this to true as otherwise the Nextcloud container will fail to start! See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud
# NEXTCLOUD_ENABLE_NVIDIA_GPU: true # This allows to enable the NVIDIA runtime and GPU access for containers that profit from it. ⚠️⚠️⚠️ Warning: this only works if an NVIDIA gpu is installed on the server. See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud.
# NEXTCLOUD_KEEP_DISABLED_APPS: false # Setting this to true will keep Nextcloud apps that are disabled in the AIO interface and not uninstall them if they should be installed. See https://github.com/nextcloud/all-in-one#how-to-keep-disabled-apps
SKIP_DOMAIN_VALIDATION: true # This should only be set to true if things are correctly configured. See https://github.com/nextcloud/all-in-one?tab=readme-ov-file#how-to-skip-the-domain-validation
# TALK_PORT: 3478 # This allows to adjust the port that the talk container is using which is exposed on the host. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-talk-port
# WATCHTOWER_DOCKER_SOCKET_PATH: /var/run/docker.sock # Needs to be specified if the docker socket on the host is not located in the default '/var/run/docker.sock'. Otherwise mastercontainer updates will fail. For macos it needs to be '/var/run/docker.sock'
# security_opt: ["label:disable"] # Is needed when using SELinux
volumes: # If you want to store the data on a different drive, see https://github.com/nextcloud/all-in-one#how-to-store-the-filesinstallation-on-a-separate-drive
nextcloud_aio_mastercontainer:
name: nextcloud_aio_mastercontainer # This line is not allowed to be changed as otherwise the built-in backup solution will not work
networks:
netgrimoire:
external: true

91
compose/nas/immich.yaml Normal file
View file

@ -0,0 +1,91 @@
#
# WARNING: Make sure to use the docker-compose.yml of the current release:
#
# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
#
# The compose file on main may not be compatible with the latest release.
#
name: immich
services:
immich-server:
container_name: immich_server
image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
# extends:
# file: hwaccel.transcoding.yml
# service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
volumes:
# Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
- ${UPLOAD_LOCATION}:/usr/src/app/upload
- /etc/localtime:/etc/localtime:ro
- /srv/a18f546e-e9bf-4a8d-8b9d-02e7ec32b632:/mergerfs
- /srv/ssd1:/nextcloud
env_file:
- .env
ports:
- '2283:2283'
networks:
- netgrimoire
- immich
depends_on:
- redis
- database
#restart: always
healthcheck:
disable: false
immich-machine-learning:
container_name: immich_machine_learning
# For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag.
# Example tag: ${IMMICH_VERSION:-release}-cuda
image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
# extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
# file: hwaccel.ml.yml
# service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
volumes:
- model-cache:/cache
env_file:
- .env
restart: always
networks:
- immich
healthcheck:
disable: false
redis:
container_name: immich_redis
image: docker.io/valkey/valkey:8@sha256:81db6d39e1bba3b3ff32bd3a1b19a6d69690f94a3954ec131277b9a26b95b3aa
networks:
- immich
healthcheck:
test: redis-cli ping || exit 1
restart: always
database:
container_name: immich_postgres
#image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:bcf63357191b76a916ae5eb93464d65c07511da41e3bf7a8416db519b40b1c23
environment:
POSTGRES_PASSWORD: ${DB_PASSWORD}
POSTGRES_USER: ${DB_USERNAME}
POSTGRES_DB: ${DB_DATABASE_NAME}
POSTGRES_INITDB_ARGS: '--data-checksums'
volumes:
# Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
- ${DB_DATA_LOCATION}:/var/lib/postgresql/data
networks:
- immich
restart: always
volumes:
model-cache:
networks:
netgrimoire:
external: true
immich:
external: true

49
compose/nas/monitor.yaml Normal file
View file

@ -0,0 +1,49 @@
services:
scrutiny:
image: ghcr.io/analogj/scrutiny:master-omnibus
container_name: scrutiny
hostname: scrutiny
networks:
- netgrimoire
ports:
- 8081:8080
- 8086:8086
cap_add:
- SYS_RAWIO
devices:
- "/dev/sda"
- "/dev/sdb"
- "/dev/sdc"
- "/dev/sdd"
- "/dev/sde"
- "/dev/sdf"
- "/dev/sdg"
# - "/dev/sdh"
# - "/dev/sdi"
# - "/dev/sdj"
volumes:
- /run/udev:/run/udev:ro
- /DockerVol/scrutiny/config:/opt/scrutiny/config
- /DockerVol/scrutiny/influxdb:/opt/scrutiny/influxdb
glances:
image: nicolargo/glances
container_name: glances
hostname: glances
restart: always
network_mode: host
privileged: true
pid: host
volumes:
- /DockerVol/glances/config:/glances/conf
- /var/run/docker.sock:/var/run/docker.sock
environment:
- TZ=America/Chicago
- "GLANCES_OPT=-w"
ports:
- 61208-61209:61208-61209
networks:
netgrimoire:
external: true

24
compose/nas/namer.yaml Normal file
View file

@ -0,0 +1,24 @@
services:
namer:
container_name: namer
image: ghcr.io/theporndatabase/namer:latest
networks:
- netgrimoire
environment:
- PUID=1001
- PGID=998
- TZ=America/Chicago
- NAMER_CONFIG=/config/namer.cfg
volumes:
- /DockerVol/namer/:/config
- /data/nfs/Baxter/Green/:/data
ports:
- 6980:6980
restart: always
networks:
netgrimoire:
external: true

39
compose/nas/stash.yaml Normal file
View file

@ -0,0 +1,39 @@
services:
stash:
image: stashapp/stash:latest
container_name: stash
networks:
- netgrimoire
restart: unless-stopped
## the container's port must be the same with the STASH_PORT in the environment section
ports:
- 9999:9999
## If you intend to use stash's DLNA functionality uncomment the below network mode and c
# network_mode: host
environment:
- STASH_STASH=/data/
- STASH_GENERATED=/generated/
- STASH_METADATA=/metadata/
- STASH_CACHE=/cache/
- STASH_GRAPHQL_PLAYGROUND=true
## Adjust below to change default port (9999)
- STASH_PORT=9999
volumes:
- /etc/localtime:/etc/localtime:ro
## Adjust below paths (the left part) to your liking.
## E.g. you can change ./config:/root/.stash to ./stash:/root/.stash
## Keep configs, scrapers, and plugins here.
- /DockerVol/Stash/config:/root/.stash
## Point this at your collection.
- /data/nfs/Baxter/Green:/data
## This is where your stash's metadata lives
- /DockerVol/Stash/metadata:/metadata
## Any other cache content.
- ./DockerVol/Stash/cache:/cache
## Where to store generated content (screenshots,previews,transcodes,sprites)
- /DockerVol/Stash/generated:/generated
networks:
netgrimoire:
external: true

27
compose/nas/windows7.yaml Normal file
View file

@ -0,0 +1,27 @@
services:
windows:
image: dockurr/windows
container_name: win7
devices:
- /dev/kvm:/dev/kvm
cap_add:
- NET_ADMIN
ports:
- 8006:8006
- 3389:3389/tcp
- 3389:3389/udp
stop_grace_period: 2m
# restart: on-failure
environment:
VERSION: "7u"
RAM_SIZE: "4G"
CPU_CORES: "4"
DISK_SIZE: "64G"
DISK2_SIZE: "256G"
USERNAME: "traveler"
PASSWORD: "H@rvey"
# QEMU_OPTS: "-drive file=/disk/data.vhd,format=vpc,if=virtio"
# EXTRA_DISKS: /disk/data.vhd
volumes:
- /srv/6e859070-caa4-472f-bb3c-53fb44e1bcc9/DockerVol/windows7/:/storage
- /srv/6e859070-caa4-472f-bb3c-53fb44e1bcc9/DockerVol/windows7/storage/:/storage2