From 0b3498e8badba7eba44c8d1e48db7b2e000cd474 Mon Sep 17 00:00:00 2001 From: Peter Smit Date: Sat, 21 Dec 2024 11:48:58 +0100 Subject: [PATCH] Le big overhaul --- docker-compose.yml | 94 +++----------------------------- gitea/.env.example | 7 +++ gitea/docker-compose.yml | 26 +++++++++ gitea/runner-config.yaml | 98 ++++++++++++++++++++++++++++++++++ immich/.env.example | 9 ++++ immich/docker-compose.yml | 78 +++++++++++++++++++++++++++ pihole/docker-compose.yml | 0 pingvin/.env.example | 2 + pingvin/docker-compose.yml | 11 ++++ vaultwarden/.env.example | 2 + vaultwarden/docker-compose.yml | 13 +++++ 11 files changed, 252 insertions(+), 88 deletions(-) create mode 100644 gitea/.env.example create mode 100644 gitea/docker-compose.yml create mode 100644 gitea/runner-config.yaml create mode 100644 immich/.env.example create mode 100644 immich/docker-compose.yml create mode 100644 pihole/docker-compose.yml create mode 100644 pingvin/.env.example create mode 100644 pingvin/docker-compose.yml create mode 100644 vaultwarden/.env.example create mode 100644 vaultwarden/docker-compose.yml diff --git a/docker-compose.yml b/docker-compose.yml index 6d60fe7..ad4d047 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,88 +1,6 @@ -version: "3.8" - -services: -################################################################################################### - vaultwarden: - container_name: vaultwarden - image: vaultwarden/server:latest - restart: always - volumes: - - ${VAULTWARDEN_DATA_LOCATION}:/data/ - environment: - - ADMIN_TOKEN=${VAULTWARDEN_ADMIN_TOKEN} - env_file: - - .env - ports: - - "8080:80" -################################################################################################### - gitea: - container_name: gitea - image: gitea/gitea:latest-rootless - restart: always - volumes: - - ${GITEA_DATA_LOCATION}:/var/lib/gitea - - ${GITEA_CONFIG_LOCATION}:/etc/gitea - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - env_file: - - .env - ports: - - "3000:3000" - - "2222:2222" -################################################################################################### - immich-server: - container_name: immich_server - image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} - command: [ "start.sh", "immich" ] - volumes: - - ${UPLOAD_LOCATION}:/usr/src/app/upload - - /etc/localtime:/etc/localtime:ro - env_file: - - .env - ports: - - "2283:3001" - depends_on: - - immich-redis - - immich-database - restart: always - immich-microservices: - container_name: immich_microservices - image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} - command: [ "start.sh", "microservices" ] - volumes: - - ${UPLOAD_LOCATION}:/usr/src/app/upload - - /etc/localtime:/etc/localtime:ro - env_file: - - .env - depends_on: - - immich-redis - - immich-database - restart: always - immich-machine-learning: - container_name: immich_machine_learning - image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release} - volumes: - - immich-model-cache:/cache - env_file: - - .env - restart: always - immich-redis: - container_name: immich_redis - image: redis:6.2-alpine@sha256:afb290a0a0d0b2bd7537b62ebff1eb84d045c757c1c31ca2ca48c79536c0de82 - restart: always - immich-database: - container_name: immich_postgres - image: tensorchord/pgvecto-rs:pg14-v0.1.11@sha256:0335a1a22f8c5dd1b697f14f079934f5152eaaa216c09b61e293be285491f8ee - env_file: - - .env - environment: - POSTGRES_PASSWORD: ${DB_PASSWORD} - POSTGRES_USER: ${DB_USERNAME} - POSTGRES_DB: ${DB_DATABASE_NAME} - volumes: - - immich-pgdata:/var/lib/postgresql/data - restart: always - -volumes: - immich-pgdata: - immich-model-cache: \ No newline at end of file +include: + - gitea/docker-compose.yml + - immich/docker-compose.yml + - pihole/docker-compose.yml + - pingvin/docker-compose.yml + - vaultwarden/docker-compose.yml \ No newline at end of file diff --git a/gitea/.env.example b/gitea/.env.example new file mode 100644 index 0000000..303a14a --- /dev/null +++ b/gitea/.env.example @@ -0,0 +1,7 @@ +GITEA_DATA_LOCATION= +GITEA_CONFIG_LOCATION= + +GITEA_RUNNER_DATA_LOCATION= +GITEA_INSTANCE_URL= +REGISTRATION_TOKEN= +RUNNER_NAME= \ No newline at end of file diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml new file mode 100644 index 0000000..0f015b2 --- /dev/null +++ b/gitea/docker-compose.yml @@ -0,0 +1,26 @@ +services: + gitea: + container_name: gitea + image: gitea/gitea:1.22.6-rootless + restart: always + volumes: + - ${GITEA_DATA_LOCATION}:/var/lib/gitea + - ${GITEA_CONFIG_LOCATION}:/etc/gitea + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + env_file: + - .env + ports: + - "3000:3000" + - "2222:2222" + gitea-runner: + image: gitea/act_runner:0.2.11 + environment: + CONFIG_FILE: /config.yaml + GITEA_INSTANCE_URL: "${INSTANCE_URL}" + GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}" + GITEA_RUNNER_NAME: "${RUNNER_NAME}" + volumes: + - ./runner-config.yaml:/config.yaml + - ${GITEA_RUNNER_DATA_LOCATION}:/data + - /var/run/docker.sock:/var/run/docker.sock \ No newline at end of file diff --git a/gitea/runner-config.yaml b/gitea/runner-config.yaml new file mode 100644 index 0000000..d87c88b --- /dev/null +++ b/gitea/runner-config.yaml @@ -0,0 +1,98 @@ +# Example configuration file, it's safe to copy this as the default config file without any modification. + +log: + # The level of logging, can be trace, debug, info, warn, error, fatal + level: info + +runner: + # Where to store the registration result. + file: .runner + # Execute how many tasks concurrently at the same time. + capacity: 1 + # Extra environment variables to run jobs. + envs: + A_TEST_ENV_NAME_1: a_test_env_value_1 + A_TEST_ENV_NAME_2: a_test_env_value_2 + # Extra environment variables to run jobs from a file. + # It will be ignored if it's empty or the file doesn't exist. + env_file: .env + # The timeout for a job to be finished. + # Please note that the Gitea instance also has a timeout (3h by default) for the job. + # So the job could be stopped by the Gitea instance if it's timeout is shorter than this. + timeout: 3h + # The timeout for the runner to wait for running jobs to finish when shutting down. + # Any running jobs that haven't finished after this timeout will be cancelled. + shutdown_timeout: 0s + # Whether skip verifying the TLS certificate of the Gitea instance. + insecure: false + # The timeout for fetching the job from the Gitea instance. + fetch_timeout: 5s + # The interval for fetching the job from the Gitea instance. + fetch_interval: 2s + # The labels of a runner are used to determine which jobs the runner can run, and how to run them. + # Like: "macos-arm64:host" or "ubuntu-latest:docker://gitea/runner-images:ubuntu-latest" + # Find more images provided by Gitea at https://gitea.com/gitea/runner-images . + # If it's empty when registering, it will ask for inputting labels. + # If it's empty when execute `daemon`, will use labels in `.runner` file. + labels: + - "ubuntu-latest:docker://gitea/runner-images:ubuntu-latest" + - "ubuntu-22.04:docker://gitea/runner-images:ubuntu-22.04" + - "ubuntu-20.04:docker://gitea/runner-images:ubuntu-20.04" + +cache: + # Enable cache server to use actions/cache. + enabled: true + # The directory to store the cache data. + # If it's empty, the cache data will be stored in $HOME/.cache/actcache. + dir: "" + # The host of the cache server. + # It's not for the address to listen, but the address to connect from job containers. + # So 0.0.0.0 is a bad choice, leave it empty to detect automatically. + host: "" + # The port of the cache server. + # 0 means to use a random available port. + port: 0 + # The external cache server URL. Valid only when enable is true. + # If it's specified, act_runner will use this URL as the ACTIONS_CACHE_URL rather than start a server by itself. + # The URL should generally end with "/". + external_server: "" + +container: + # Specifies the network to which the container will connect. + # Could be host, bridge or the name of a custom network. + # If it's empty, act_runner will create a network automatically. + network: "" + # Whether to use privileged mode or not when launching task containers (privileged mode is required for Docker-in-Docker). + privileged: false + # And other options to be used when the container is started (eg, --add-host=my.gitea.url:host-gateway). + options: + # The parent directory of a job's working directory. + # NOTE: There is no need to add the first '/' of the path as act_runner will add it automatically. + # If the path starts with '/', the '/' will be trimmed. + # For example, if the parent directory is /path/to/my/dir, workdir_parent should be path/to/my/dir + # If it's empty, /workspace will be used. + workdir_parent: + # Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob + # You can specify multiple volumes. If the sequence is empty, no volumes can be mounted. + # For example, if you only allow containers to mount the `data` volume and all the json files in `/src`, you should change the config to: + # valid_volumes: + # - data + # - /src/*.json + # If you want to allow any volume, please use the following configuration: + # valid_volumes: + # - '**' + valid_volumes: [] + # overrides the docker client host with the specified one. + # If it's empty, act_runner will find an available docker host automatically. + # If it's "-", act_runner will find an available docker host automatically, but the docker host won't be mounted to the job containers and service containers. + # If it's not empty or "-", the specified docker host will be used. An error will be returned if it doesn't work. + docker_host: "" + # Pull docker image(s) even if already present + force_pull: true + # Rebuild docker image(s) even if already present + force_rebuild: false + +host: + # The parent directory of a job's working directory. + # If it's empty, $HOME/.cache/act/ will be used. + workdir_parent: \ No newline at end of file diff --git a/immich/.env.example b/immich/.env.example new file mode 100644 index 0000000..ab50699 --- /dev/null +++ b/immich/.env.example @@ -0,0 +1,9 @@ +UPLOAD_LOCATION= +IMMICH_DB_LOCATION= + +DB_HOSTNAME= +DB_USERNAME= +DB_PASSWORD= +DB_DATABASE_NAME= + +REDIS_HOSTNAME= \ No newline at end of file diff --git a/immich/docker-compose.yml b/immich/docker-compose.yml new file mode 100644 index 0000000..aaf661b --- /dev/null +++ b/immich/docker-compose.yml @@ -0,0 +1,78 @@ +services: + immich-server: + container_name: immich_server + image: ghcr.io/immich-app/immich-server:v1.123.0 + # extends: + # file: hwaccel.transcoding.yml + # service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding + volumes: + # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file + - ${UPLOAD_LOCATION}:/usr/src/app/upload + - /etc/localtime:/etc/localtime:ro + env_file: + - .env + ports: + - '2283:2283' + depends_on: + - redis + - database + restart: always + healthcheck: + disable: false + + immich-machine-learning: + container_name: immich_machine_learning + # For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag. + # Example tag: ${IMMICH_VERSION:-release}-cuda + image: ghcr.io/immich-app/immich-machine-learning:v1.123.0 + # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration + # file: hwaccel.ml.yml + # service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable + volumes: + - model-cache:/cache + env_file: + - .env + restart: always + healthcheck: + disable: false + + redis: + container_name: immich_redis + image: docker.io/redis:6.2-alpine@sha256:eaba718fecd1196d88533de7ba49bf903ad33664a92debb24660a922ecd9cac8 + healthcheck: + test: redis-cli ping || exit 1 + restart: always + + database: + container_name: immich_postgres + image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0 + environment: + POSTGRES_PASSWORD: ${DB_PASSWORD} + POSTGRES_USER: ${DB_USERNAME} + POSTGRES_DB: ${DB_DATABASE_NAME} + POSTGRES_INITDB_ARGS: '--data-checksums' + volumes: + # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file + - ${IMMICH_DB_LOCATION}:/var/lib/postgresql/data + healthcheck: + test: >- + pg_isready --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" || exit 1; + Chksum="$$(psql --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" --tuples-only --no-align + --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; + echo "checksum failure count is $$Chksum"; + [ "$$Chksum" = '0' ] || exit 1 + interval: 5m + start_interval: 30s + start_period: 5m + command: >- + postgres + -c shared_preload_libraries=vectors.so + -c 'search_path="$$user", public, vectors' + -c logging_collector=on + -c max_wal_size=2GB + -c shared_buffers=512MB + -c wal_compression=on + restart: always + +volumes: + model-cache: diff --git a/pihole/docker-compose.yml b/pihole/docker-compose.yml new file mode 100644 index 0000000..e69de29 diff --git a/pingvin/.env.example b/pingvin/.env.example new file mode 100644 index 0000000..f729964 --- /dev/null +++ b/pingvin/.env.example @@ -0,0 +1,2 @@ +PINGVIN_DATA_LOCATION= +PINGVIN_IMAGES_LOCATION= \ No newline at end of file diff --git a/pingvin/docker-compose.yml b/pingvin/docker-compose.yml new file mode 100644 index 0000000..f7f2ba8 --- /dev/null +++ b/pingvin/docker-compose.yml @@ -0,0 +1,11 @@ +services: + pingvin: + image: stonith404/pingvin-share:v1.7.0 + restart: unless-stopped + ports: + - 3000:3000 + environment: + - TRUST_PROXY=true + volumes: + - ${PINGVIN_DATA_LOCATION}:/opt/app/backend/data + - ${PINGVIN_IMAGES_LOCATION}:/opt/app/frontend/public/img \ No newline at end of file diff --git a/vaultwarden/.env.example b/vaultwarden/.env.example new file mode 100644 index 0000000..87730fe --- /dev/null +++ b/vaultwarden/.env.example @@ -0,0 +1,2 @@ +VAULTWARDEN_DATA_LOCATION= +VAULTWARDEN_ADMIN_TOKEN= diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml new file mode 100644 index 0000000..6dc99d8 --- /dev/null +++ b/vaultwarden/docker-compose.yml @@ -0,0 +1,13 @@ +services: + vaultwarden: + container_name: vaultwarden + image: vaultwarden/server:1.32.6 + restart: always + volumes: + - ${VAULTWARDEN_DATA_LOCATION}:/data/ + environment: + - ADMIN_TOKEN=${VAULTWARDEN_ADMIN_TOKEN} + env_file: + - .env + ports: + - "8080:80" \ No newline at end of file