fern/stacks
1
0
Fork 0
mirror of https://github.com/firewalkwithm3/stacks.git synced 2025-07-02 10:57:48 +08:00
Code Issues Projects Releases Packages Wiki Activity Actions

dclint

Browse source
This commit is contained in:
Fern Garden 2025-07-01 17:30:05 +08:00
parent d4dd9806b4
commit fc40d136e4
35 changed files with 698 additions and 681 deletions
Download patch file Download diff file Expand all files Collapse all files

6
13ft/compose.yaml
View file

@ -1,11 +1,13 @@
name: 13ft
services: services:
13ft: 13ft:
container_name: 13ft
image: ghcr.io/wasi-master/13ft:latest image: ghcr.io/wasi-master/13ft:latest
restart: unless-stopped container_name: 13ft
networks: networks:
- default - default
- proxy - proxy
restart: unless-stopped
labels: labels:
caddy: 13ft.ferngarden.net caddy: 13ft.ferngarden.net
caddy.import: internal caddy.import: internal

319
arr/compose.yaml
View file

@ -1,159 +1,98 @@
name: arr
services: services:
jellyseerr:
image: ghcr.io/fallenbagel/jellyseerr:latest
container_name: jellyseerr
networks:
- default
- proxy
- media
environment:
- LOG_LEVEL=debug
- TZ=Australia/Perth
volumes:
- jellyseerr_config:/app/config
restart: unless-stopped
labels:
caddy: jellyseerr.fern.garden
caddy.import: internal
caddy.reverse_proxy: "{{upstreams 5055}}"
jackett:
image: lscr.io/linuxserver/jackett:latest
container_name: jackett
networks:
- default
- media
- proxy
environment:
- PUID=1000
- PGID=1800
- TZ=Australia/Perth
volumes:
- jackett_config:/config
- jackett_downloads:/downloads
restart: unless-stopped
labels:
caddy: jackett.ferngarden.net
caddy.1_import: internal
caddy.2_import: authentik
prowlarr:
image: lscr.io/linuxserver/prowlarr:latest
container_name: prowlarr
networks:
- default
- media
- proxy
environment:
- PUID=1000
- PGID=1800
- TZ=Australia/Perth
volumes:
- prowlarr_config:/config
restart: unless-stopped
labels:
caddy: prowlarr.ferngarden.net
caddy.1_import: internal
caddy.2_import: authentik
flaresolverr:
image: ghcr.io/flaresolverr/flaresolverr:latest
container_name: flaresolverr
networks:
- default
environment:
- LOG_LEVEL=info
- LOG_HTML=false
- CAPTCHA_SOLVER=none
- TZ=Australia/Perth
restart: unless-stopped
bazarr: bazarr:
image: lscr.io/linuxserver/bazarr:latest image: lscr.io/linuxserver/bazarr:latest
container_name: bazarr container_name: bazarr
networks: volumes:
- default - bazarr_config:/config
- media - /media:/media
- proxy
environment: environment:
- PUID=1000 - PUID=1000
- PGID=1800 - PGID=1800
- TZ=Australia/Perth - TZ=Australia/Perth
volumes: networks:
- bazarr_config:/config - default
- /media:/media - media
- proxy
restart: unless-stopped restart: unless-stopped
labels: labels:
caddy: bazarr.ferngarden.net caddy: bazarr.ferngarden.net
caddy.1_import: internal caddy.1_import: internal
caddy.2_import: authentik caddy.2_import: authentik
sonarr: cleanuparr:
image: lscr.io/linuxserver/sonarr:latest image: ghcr.io/cleanuparr/cleanuparr:latest
container_name: sonarr container_name: cleanuparr
networks: volumes:
- default - /mnt/docker/cleanuparr/config:/config
- media - /media:/media
- proxy
environment: environment:
- TZ=Australia/Perth
- PUID=1000 - PUID=1000
- PGID=1800 - PGID=1800
- TZ=Australia/Perth networks:
volumes: - default
- sonarr_config:/config - proxy
- /media:/media - media
restart: unless-stopped restart: unless-stopped
labels: labels:
caddy: sonarr.ferngarden.net caddy: cleanuparr.ferngarden.net
caddy.1_import: internal caddy.import: internal
caddy.2_import: authentik caddy.reverse_proxy: '{{ upstreams 11011 }}'
radarr: flaresolverr:
image: lscr.io/linuxserver/radarr:latest image: ghcr.io/flaresolverr/flaresolverr:latest
container_name: radarr container_name: flaresolverr
environment:
- LOG_LEVEL=info
- LOG_HTML=false
- CAPTCHA_SOLVER=none
- TZ=Australia/Perth
networks: networks:
- default - default
- media
- proxy
environment:
- PUID=1000
- PGID=1800
- TZ=Australia/Perth
volumes:
- radarr_config:/config
- /media:/media
restart: unless-stopped restart: unless-stopped
labels:
caddy: radarr.ferngarden.net
caddy.1_import: internal
caddy.2_import: authentik
lidarr: jackett:
image: blampe/lidarr:latest image: lscr.io/linuxserver/jackett:latest
container_name: lidarr container_name: jackett
networks: volumes:
- default - jackett_config:/config
- media - jackett_downloads:/downloads
- proxy
environment: environment:
- PUID=1000 - PUID=1000
- PGID=1800 - PGID=1800
- TZ=Australia/Perth - TZ=Australia/Perth
volumes: networks:
- lidarr_config:/config - default
- /mnt/docker/beets/config:/beets - media
- ./install_beets.bash:/custom-cont-init.d/install_beets.bash:ro - proxy
- /media:/media
restart: unless-stopped restart: unless-stopped
labels: labels:
caddy: lidarr.ferngarden.net caddy: jackett.ferngarden.net
caddy.1_import: internal caddy.1_import: internal
caddy.2_import: authentik caddy.2_import: authentik
jellyseerr:
image: ghcr.io/fallenbagel/jellyseerr:latest
container_name: jellyseerr
volumes:
- jellyseerr_config:/app/config
environment:
- LOG_LEVEL=debug
- TZ=Australia/Perth
networks:
- default
- proxy
- media
restart: unless-stopped
labels:
caddy: jellyseerr.fern.garden
caddy.import: internal
caddy.reverse_proxy: "{{upstreams 5055}}"
kapowarr: kapowarr:
container_name: kapowarr
image: mrcas/kapowarr:latest image: mrcas/kapowarr:latest
user: 1000:1800 container_name: kapowarr
volumes: volumes:
- /mnt/docker/kapowarr/database:/app/db - /mnt/docker/kapowarr/database:/app/db
- /media:/media - /media:/media
@ -165,79 +104,141 @@ services:
caddy: kapowarr.ferngarden.net caddy: kapowarr.ferngarden.net
caddy.import: internal caddy.import: internal
caddy.reverse_proxy: '{{ upstreams 5656 }}' caddy.reverse_proxy: '{{ upstreams 5656 }}'
user: 1000:1800
letterboxd-list-radarr: letterboxd-list-radarr:
image: screeny05/letterboxd-list-radarr:latest image: screeny05/letterboxd-list-radarr:latest
container_name: letterboxd-list-radarr container_name: letterboxd-list-radarr
restart: unless-stopped
networks:
- default
environment:
- REDIS_URL=redis://letterboxd-list-radarr_redis:6379
depends_on: depends_on:
- letterboxd-list-radarr_redis - letterboxd-list-radarr_redis
environment:
- REDIS_URL=redis://letterboxd-list-radarr_redis:6379
networks:
- default
restart: unless-stopped
letterboxd-list-radarr_redis: letterboxd-list-radarr_redis:
image: redis:6.0
container_name: letterboxd-list-radarr_redis container_name: letterboxd-list-radarr_redis
restart: unless-stopped
networks:
- default
volumes: volumes:
- letterboxd-list-radarr_redis:/data - letterboxd-list-radarr_redis:/data
image: redis:6.0
soularr:
image: mrusse08/soularr:latest
container_name: soularr
networks: networks:
- default - default
- media
user: 1000:1800
environment:
- TZ=Australia/Perth
- SCRIPT_INTERVAL=300
volumes:
- /media:/media
- /mnt/docker/soularr/config:/data
restart: unless-stopped restart: unless-stopped
cleanuparr: lidarr:
image: ghcr.io/cleanuparr/cleanuparr:latest image: blampe/lidarr:latest
container_name: cleanuparr container_name: lidarr
restart: unless-stopped
networks:
- default
- proxy
- media
volumes: volumes:
- /mnt/docker/cleanuparr/config:/config - lidarr_config:/config
- /mnt/docker/beets/config:/beets
- ./install_beets.bash:/custom-cont-init.d/install_beets.bash:ro
- /media:/media - /media:/media
environment: environment:
- TZ=Australia/Perth
- PUID=1000 - PUID=1000
- PGID=1800 - PGID=1800
- TZ=Australia/Perth
networks:
- default
- media
- proxy
restart: unless-stopped
labels: labels:
caddy: cleanuparr.ferngarden.net caddy: lidarr.ferngarden.net
caddy.import: internal caddy.1_import: internal
caddy.reverse_proxy: '{{ upstreams 11011 }}' caddy.2_import: authentik
profilarr: profilarr:
image: santiagosayshey/profilarr:latest image: santiagosayshey/profilarr:latest
container_name: profilarr container_name: profilarr
networks:
- default
- media
- proxy
volumes: volumes:
- profilarr_config:/config - profilarr_config:/config
environment: environment:
- TZ=Australia/Perth - TZ=Australia/Perth
networks:
- default
- media
- proxy
restart: unless-stopped restart: unless-stopped
labels: labels:
caddy: profilarr.ferngarden.net caddy: profilarr.ferngarden.net
caddy.import: internal caddy.import: internal
caddy.reverse_proxy: "{{upstreams 6868}}" caddy.reverse_proxy: "{{upstreams 6868}}"
prowlarr:
image: lscr.io/linuxserver/prowlarr:latest
container_name: prowlarr
volumes:
- prowlarr_config:/config
environment:
- PUID=1000
- PGID=1800
- TZ=Australia/Perth
networks:
- default
- media
- proxy
restart: unless-stopped
labels:
caddy: prowlarr.ferngarden.net
caddy.1_import: internal
caddy.2_import: authentik
radarr:
image: lscr.io/linuxserver/radarr:latest
container_name: radarr
volumes:
- radarr_config:/config
- /media:/media
environment:
- PUID=1000
- PGID=1800
- TZ=Australia/Perth
networks:
- default
- media
- proxy
restart: unless-stopped
labels:
caddy: radarr.ferngarden.net
caddy.1_import: internal
caddy.2_import: authentik
sonarr:
image: lscr.io/linuxserver/sonarr:latest
container_name: sonarr
volumes:
- sonarr_config:/config
- /media:/media
environment:
- PUID=1000
- PGID=1800
- TZ=Australia/Perth
networks:
- default
- media
- proxy
restart: unless-stopped
labels:
caddy: sonarr.ferngarden.net
caddy.1_import: internal
caddy.2_import: authentik
soularr:
image: mrusse08/soularr:latest
container_name: soularr
volumes:
- /media:/media
- /mnt/docker/soularr/config:/data
environment:
- TZ=Australia/Perth
- SCRIPT_INTERVAL=300
networks:
- default
- media
restart: unless-stopped
user: 1000:1800
networks: networks:
default: default:
proxy: proxy:

10
audiobookshelf/compose.yaml
View file

@ -1,17 +1,19 @@
name: audiobookshelf
services: services:
audiobookshelf: audiobookshelf:
image: ghcr.io/advplyr/audiobookshelf:latest image: ghcr.io/advplyr/audiobookshelf:latest
container_name: audiobookshelf container_name: audiobookshelf
restart: unless-stopped
networks:
- default
- proxy
volumes: volumes:
- audiobookshelf_config:/config - audiobookshelf_config:/config
- audiobookshelf_metadata:/metadata - audiobookshelf_metadata:/metadata
- /media:/media - /media:/media
environment: environment:
- TZ=Australia/Perth - TZ=Australia/Perth
networks:
- default
- proxy
restart: unless-stopped
labels: labels:
caddy: audiobooks.fern.garden caddy: audiobooks.fern.garden
caddy.reverse_proxy: "{{upstreams 80}}" caddy.reverse_proxy: "{{upstreams 80}}"

196
authentik/compose.yaml
View file

@ -1,129 +1,132 @@
name: authentik
services: services:
authentik:
image: ghcr.io/goauthentik/server:${AUTHENTIK_VERSION}
container_name: authentik
depends_on:
authentik_db:
condition: service_healthy
authentik_redis:
condition: service_healthy
volumes:
- authentik_media:/media
- authentik_templates:/templates
environment:
- AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
- AUTHENTIK_REDIS__HOST=authentik_redis
- AUTHENTIK_POSTGRESQL__HOST=authentik_db
- AUTHENTIK_POSTGRESQL__USER=authentik
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD}
- AUTHENTIK_OUTPOSTS__DISABLE_EMBEDDED_OUTPOST=true
networks:
- default
- proxy
command: server
restart: unless-stopped
labels:
caddy: auth.fern.garden
caddy.reverse_proxy: "{{upstreams 9000}}"
authentik_db: authentik_db:
image: docker.io/library/postgres:16-alpine image: docker.io/library/postgres:16-alpine
container_name: authentik_db container_name: authentik_db
networks:
- default
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
start_period: 20s
interval: 30s
retries: 5
timeout: 5s
volumes: volumes:
- authentik_db:/var/lib/postgresql/data - authentik_db:/var/lib/postgresql/data
environment: environment:
- POSTGRES_USER=authentik - POSTGRES_USER=authentik
- POSTGRES_DB=authentik - POSTGRES_DB=authentik
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
authentik_redis:
image: docker.io/library/redis:alpine
container_name: authentik_redis
networks: networks:
- default - default
command: --save 60 1 --loglevel warning restart: unless-stopped
restart: always
healthcheck: healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"] test: [ "CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}" ]
start_period: 20s start_period: 20s
interval: 30s interval: 30s
retries: 5 retries: 5
timeout: 3s timeout: 5s
volumes:
- authentik_redis:/data
authentik: authentik_ldap:
image: ghcr.io/goauthentik/server:${AUTHENTIK_VERSION} image: ghcr.io/goauthentik/ldap:${AUTHENTIK_VERSION}
container_name: authentik container_name: authentik_ldap
networks:
- default
- proxy
restart: unless-stopped
command: server
environment:
- AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
- AUTHENTIK_REDIS__HOST=authentik_redis
- AUTHENTIK_POSTGRESQL__HOST=authentik_db
- AUTHENTIK_POSTGRESQL__USER=authentik
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD}
- AUTHENTIK_OUTPOSTS__DISABLE_EMBEDDED_OUTPOST=true
volumes:
- authentik_media:/media
- authentik_templates:/templates
depends_on:
authentik_db:
condition: service_healthy
authentik_redis:
condition: service_healthy
labels:
caddy: auth.fern.garden
caddy.reverse_proxy: "{{upstreams 9000}}"
authentik_worker:
image: ghcr.io/goauthentik/server:${AUTHENTIK_VERSION}
container_name: authentik_worker
networks:
- default
restart: unless-stopped
command: worker
environment:
- AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
- AUTHENTIK_REDIS__HOST=authentik_redis
- AUTHENTIK_POSTGRESQL__HOST=authentik_db
- AUTHENTIK_POSTGRESQL__USER=authentik
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD}
- AUTHENTIK_OUTPOSTS__DISABLE_EMBEDDED_OUTPOST=true
user: root
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- authentik_media:/media
- authentik_templates:/templates
- authentik_certs:/certs
depends_on:
authentik_db:
condition: service_healthy
authentik_redis:
condition: service_healthy
authentik_proxy:
image: ghcr.io/goauthentik/proxy:${AUTHENTIK_VERSION}
container_name: authentik_proxy
networks:
- default
- proxy
environment:
- AUTHENTIK_HOST=http://authentik:9000
- AUTHENTIK_HOST_BROWSER=https://auth.fern.garden
- AUTHENTIK_INSECURE=true
- AUTHENTIK_TOKEN=${AUTHENTIK_PROXY_TOKEN}
depends_on: depends_on:
authentik: authentik:
condition: service_healthy condition: service_healthy
authentik_worker: authentik_worker:
condition: service_healthy condition: service_healthy
authentik_ldap:
image: ghcr.io/goauthentik/ldap:${AUTHENTIK_VERSION}
container_name: authentik_ldap
networks:
- default
ports:
- 389:3389
- 636:6636
environment: environment:
- AUTHENTIK_HOST=http://authentik:9000 - AUTHENTIK_HOST=http://authentik:9000
- AUTHENTIK_HOST_BROWSER=https://auth.fern.garden - AUTHENTIK_HOST_BROWSER=https://auth.fern.garden
- AUTHENTIK_INSECURE=true - AUTHENTIK_INSECURE=true
- AUTHENTIK_TOKEN=${AUTHENTIK_LDAP_TOKEN} - AUTHENTIK_TOKEN=${AUTHENTIK_LDAP_TOKEN}
networks:
- default
authentik_proxy:
image: ghcr.io/goauthentik/proxy:${AUTHENTIK_VERSION}
container_name: authentik_proxy
depends_on: depends_on:
authentik: authentik:
condition: service_healthy condition: service_healthy
authentik_worker: authentik_worker:
condition: service_healthy condition: service_healthy
environment:
- AUTHENTIK_HOST=http://authentik:9000
- AUTHENTIK_HOST_BROWSER=https://auth.fern.garden
- AUTHENTIK_INSECURE=true
- AUTHENTIK_TOKEN=${AUTHENTIK_PROXY_TOKEN}
networks:
- default
- proxy
authentik_redis:
image: docker.io/library/redis:alpine
container_name: authentik_redis
volumes:
- authentik_redis:/data
networks:
- default
command: --save 60 1 --loglevel warning
restart: always
healthcheck:
test: [ "CMD-SHELL", "redis-cli ping | grep PONG" ]
start_period: 20s
interval: 30s
retries: 5
timeout: 3s
authentik_worker:
image: ghcr.io/goauthentik/server:${AUTHENTIK_VERSION}
container_name: authentik_worker
depends_on:
authentik_db:
condition: service_healthy
authentik_redis:
condition: service_healthy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- authentik_media:/media
- authentik_templates:/templates
- authentik_certs:/certs
environment:
- AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
- AUTHENTIK_REDIS__HOST=authentik_redis
- AUTHENTIK_POSTGRESQL__HOST=authentik_db
- AUTHENTIK_POSTGRESQL__USER=authentik
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD}
- AUTHENTIK_OUTPOSTS__DISABLE_EMBEDDED_OUTPOST=true
networks:
- default
command: worker
restart: unless-stopped
user: root
networks:
default:
proxy:
external: true
volumes: volumes:
authentik_db: authentik_db:
@ -136,8 +139,3 @@ volumes:
name: authentik_certs name: authentik_certs
authentik_templates: authentik_templates:
name: authentik_templates name: authentik_templates
networks:
default:
proxy:
external: true

37
caddy/compose.yaml
View file

@ -1,30 +1,27 @@
name: caddy
services: services:
caddy: caddy:
image: ghcr.io/firewalkwithm3/caddy:latest image: ghcr.io/firewalkwithm3/caddy:latest
container_name: caddy container_name: caddy
restart: unless-stopped
ports:
- 80:80
- 443:443
- 443:443/udp
networks:
- default
- proxy
- traefik
environment:
- CADDY_INGRESS_NETWORKS=proxy
- CF_API_TOKEN=${CF_API_TOKEN}
- CROWDSEC_API_KEY=${CROWDSEC_API_KEY}
- CADDY_DOCKER_CADDYFILE_PATH=/etc/caddy/Caddyfile
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
- ./Caddyfile:/etc/caddy/Caddyfile - ./Caddyfile:/etc/caddy/Caddyfile
- /srv:/srv - /srv:/srv
- caddy_data:/data - caddy_data:/data
environment:
volumes: - CADDY_INGRESS_NETWORKS=proxy
caddy_data: - CF_API_TOKEN=${CF_API_TOKEN}
name: caddy_data - CROWDSEC_API_KEY=${CROWDSEC_API_KEY}
- CADDY_DOCKER_CADDYFILE_PATH=/etc/caddy/Caddyfile
ports:
- '80:80'
- '443:443'
- '443:443/udp'
networks:
- default
- proxy
- traefik
restart: unless-stopped
networks: networks:
default: default:
@ -32,3 +29,7 @@ networks:
external: true external: true
traefik: traefik:
external: true external: true
volumes:
caddy_data:
name: caddy_data

15
calibre/compose.yaml
View file

@ -1,27 +1,30 @@
name: calibre
services: services:
calibre-web-automated: calibre-web-automated:
image: crocodilestick/calibre-web-automated:latest image: crocodilestick/calibre-web-automated:latest
container_name: calibre-web-automated container_name: calibre-web-automated
environment:
- PUID=1000
- PGID=1800
- TZ=Australia/Perth
volumes: volumes:
- /mnt/docker/calibre-web-automated/config:/config - /mnt/docker/calibre-web-automated/config:/config
- /media/media/calibre/ingest:/cwa-book-ingest - /media/media/calibre/ingest:/cwa-book-ingest
- /media/media/calibre/library:/calibre-library - /media/media/calibre/library:/calibre-library
environment:
- PUID=1000
- PGID=1800
- TZ=Australia/Perth
networks: networks:
- default - default
- proxy - proxy
- media - media
restart: unless-stopped
labels: labels:
caddy: books.fern.garden caddy: books.fern.garden
caddy.reverse_proxy: '{{ upstreams 8083 }}' caddy.reverse_proxy: '{{ upstreams 8083 }}'
restart: unless-stopped
cwa-downloader: cwa-downloader:
image: ghcr.io/calibrain/calibre-web-automated-book-downloader:latest image: ghcr.io/calibrain/calibre-web-automated-book-downloader:latest
container_name: cwa-downloader container_name: cwa-downloader
volumes:
- /media/media/calibre/ingest:/cwa-book-ingest
environment: environment:
FLASK_PORT: 8084 FLASK_PORT: 8084
LOG_LEVEL: info LOG_LEVEL: info
@ -36,8 +39,6 @@ services:
- media - media
- proxy - proxy
restart: unless-stopped restart: unless-stopped
volumes:
- /media/media/calibre/ingest:/cwa-book-ingest
labels: labels:
caddy: books-dl.ferngarden.net caddy: books-dl.ferngarden.net
caddy.import: internal caddy.import: internal

7
dozzle/compose.yaml
View file

@ -1,7 +1,11 @@
name: dozzle
services: services:
dozzle: dozzle:
image: amir20/dozzle:latest image: amir20/dozzle:latest
container_name: dozzle container_name: dozzle
environment:
DOZZLE_AUTH_PROVIDER: forward-proxy
DOZZLE_REMOTE_HOST: tcp://docker_socket_proxy:2375|docker.local,tcp://10.0.1.105:2375|minecraft.local,tcp://10.0.1.4:2375|weebill.local
networks: networks:
- default - default
- metrics - metrics
@ -10,9 +14,6 @@ services:
caddy: dozzle.ferngarden.net caddy: dozzle.ferngarden.net
caddy.1_import: internal caddy.1_import: internal
caddy.2_import: authentik caddy.2_import: authentik
environment:
DOZZLE_AUTH_PROVIDER: forward-proxy
DOZZLE_REMOTE_HOST: tcp://docker_socket_proxy:2375|docker.local,tcp://10.0.1.105:2375|minecraft.local,tcp://10.0.1.4:2375|weebill.local
networks: networks:
default: default:

48
forgejo/compose.yaml
View file

@ -1,12 +1,26 @@
name: forgejo
services: services:
forgejo_db:
image: postgres:14
container_name: forgejo_db
volumes:
- forgejo_db:/var/lib/postgresql/data
environment:
- POSTGRES_USER=forgejo
- POSTGRES_DB=forgejo
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
networks:
- default
restart: unless-stopped
server: server:
image: codeberg.org/forgejo/forgejo:11 image: codeberg.org/forgejo/forgejo:11
container_name: forgejo container_name: forgejo
networks: depends_on:
- proxy - forgejo_db
- default volumes:
ports: - forgejo_data:/data
- 222:22 - /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment: environment:
- USER_UID=1000 - USER_UID=1000
- USER_GID=1000 - USER_GID=1000
@ -15,30 +29,16 @@ services:
- FORGEJO__database__NAME=forgejo - FORGEJO__database__NAME=forgejo
- FORGEJO__database__USER=forgejo - FORGEJO__database__USER=forgejo
- FORGEJO__database__PASSWD=${POSTGRES_PASSWORD} - FORGEJO__database__PASSWD=${POSTGRES_PASSWORD}
ports:
- '222:22'
networks:
- proxy
- default
restart: unless-stopped restart: unless-stopped
volumes:
- forgejo_data:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
depends_on:
- forgejo_db
labels: labels:
caddy: git.fern.garden caddy: git.fern.garden
caddy.reverse_proxy: "{{upstreams 3000}}" caddy.reverse_proxy: "{{upstreams 3000}}"
forgejo_db:
image: postgres:14
container_name: forgejo_db
networks:
- default
restart: unless-stopped
environment:
- POSTGRES_USER=forgejo
- POSTGRES_DB=forgejo
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
volumes:
- forgejo_db:/var/lib/postgresql/data
networks: networks:
default: default:
proxy: proxy:

9
grocy/compose.yaml
View file

@ -1,7 +1,10 @@
name: grocy
services: services:
grocy: grocy:
image: lscr.io/linuxserver/grocy:latest image: lscr.io/linuxserver/grocy:latest
container_name: grocy container_name: grocy
volumes:
- grocy_config:/config
environment: environment:
- PUID=1000 - PUID=1000
- PGID=1000 - PGID=1000
@ -10,13 +13,11 @@ services:
- GROCY_FEATURE_FLAG_SHOPPINGLIST=false - GROCY_FEATURE_FLAG_SHOPPINGLIST=false
- GROCY_FEATURE_FLAG_STOCK=false - GROCY_FEATURE_FLAG_STOCK=false
- GROCY_CURRENCY=AUD - GROCY_CURRENCY=AUD
ports:
- '9192:80'
networks: networks:
- default - default
- proxy - proxy
ports:
- 9192:80
volumes:
- grocy_config:/config
restart: unless-stopped restart: unless-stopped
labels: labels:
caddy: grocy.ferngarden.net caddy: grocy.ferngarden.net

17
homebox/compose.yaml
View file

@ -1,18 +1,19 @@
name: homebox
services: services:
homebox: homebox:
image: ghcr.io/sysadminsmedia/homebox:latest-rootless image: ghcr.io/sysadminsmedia/homebox:latest-rootless
container_name: homebox container_name: homebox
restart: unless-stopped
environment:
- HBOX_LOG_LEVEL=info
- HBOX_LOG_FORMAT=text
- HBOX_WEB_MAX_FILE_UPLOAD=10
- HBOX_OPTIONS_ALLOW_ANALYTICS=false
volumes: volumes:
- homebox_data:/data/ - homebox_data:/data/
environment:
- HBOX_LOG_LEVEL=info
- HBOX_LOG_FORMAT=text
- HBOX_WEB_MAX_FILE_UPLOAD=10
- HBOX_OPTIONS_ALLOW_ANALYTICS=false
networks: networks:
- default - default
- proxy - proxy
restart: unless-stopped
labels: labels:
caddy: homebox.ferngarden.net caddy: homebox.ferngarden.net
caddy.import: internal caddy.import: internal
@ -24,5 +25,5 @@ networks:
external: true external: true
volumes: volumes:
homebox_data: homebox_data:
name: homebox_data name: homebox_data

5
homepage/compose.yaml
View file

@ -1,21 +1,22 @@
name: homepage
services: services:
homepage: homepage:
image: ghcr.io/gethomepage/homepage:latest image: ghcr.io/gethomepage/homepage:latest
container_name: homepage container_name: homepage
volumes: volumes:
- /mnt/docker/homepage/config:/app/config - /mnt/docker/homepage/config:/app/config
user: 1000:1000
restart: unless-stopped
environment: environment:
HOMEPAGE_ALLOWED_HOSTS: dash.ferngarden.net HOMEPAGE_ALLOWED_HOSTS: dash.ferngarden.net
networks: networks:
- default - default
- proxy - proxy
- metrics - metrics
restart: unless-stopped
labels: labels:
caddy: dash.ferngarden.net caddy: dash.ferngarden.net
caddy.import: internal caddy.import: internal
caddy.reverse_proxy: '{{ upstreams 3000 }}' caddy.reverse_proxy: '{{ upstreams 3000 }}'
user: 1000:1000
networks: networks:
proxy: proxy:

12
hortusfox/compose.yaml
View file

@ -1,7 +1,10 @@
name: hortusfox
services: services:
hortusfox: hortusfox:
image: ghcr.io/danielbrendel/hortusfox-web:latest image: ghcr.io/danielbrendel/hortusfox-web:latest
container_name: hortusfox container_name: hortusfox
depends_on:
- hortusfox_db
volumes: volumes:
- hortusfox_images:/var/www/html/public/img - hortusfox_images:/var/www/html/public/img
- hortusfox_logs:/var/www/html/hortusfox/logs - hortusfox_logs:/var/www/html/hortusfox/logs
@ -21,8 +24,6 @@ services:
networks: networks:
- default - default
- proxy - proxy
depends_on:
- hortusfox_db
labels: labels:
caddy: hortusfox.ferngarden.net caddy: hortusfox.ferngarden.net
caddy.import: internal caddy.import: internal
@ -31,16 +32,16 @@ services:
hortusfox_db: hortusfox_db:
image: mariadb image: mariadb
container_name: hortusfox_db container_name: hortusfox_db
restart: always volumes:
- hortusfox_db:/var/lib/mysql
environment: environment:
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
MYSQL_DATABASE: hortusfox MYSQL_DATABASE: hortusfox
MYSQL_USER: hortusfox MYSQL_USER: hortusfox
MYSQL_PASSWORD: ${MYSQL_PASSWORD} MYSQL_PASSWORD: ${MYSQL_PASSWORD}
volumes:
- hortusfox_db:/var/lib/mysql
networks: networks:
- default - default
restart: always
networks: networks:
default: default:
@ -55,3 +56,4 @@ volumes:
hortusfox_themes: hortusfox_themes:
hortusfox_migrate: hortusfox_migrate:

60
immich/compose.yaml
View file

@ -1,23 +1,21 @@
name: immich
services: services:
immich: immich:
container_name: immich
hostname: immich-server
image: ghcr.io/immich-app/immich-server:release image: ghcr.io/immich-app/immich-server:release
container_name: immich
depends_on:
- immich_db
- immich_redis
volumes: volumes:
- immich_library:/usr/src/app/upload - immich_library:/usr/src/app/upload
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
networks:
- default
- proxy
environment: environment:
- DB_USERNAME=postgres - DB_USERNAME=postgres
- DB_DATABASE_NAME=immich - DB_DATABASE_NAME=immich
- DB_PASSWORD=${DB_PASSWORD} - DB_PASSWORD=${DB_PASSWORD}
devices: networks:
- /dev/dri:/dev/dri - default
depends_on: - proxy
- immich_redis
- immich_db
restart: unless-stopped restart: unless-stopped
healthcheck: healthcheck:
disable: false disable: false
@ -25,12 +23,28 @@ services:
caddy: photos.ferngarden.net caddy: photos.ferngarden.net
caddy.import: internal caddy.import: internal
caddy.reverse_proxy: "{{upstreams 2283}}" caddy.reverse_proxy: "{{upstreams 2283}}"
devices:
- /dev/dri:/dev/dri
hostname: immich-server
immich_db:
image: ghcr.io/immich-app/postgres:14-vectorchord0.3.0-pgvectors0.2.0@sha256:fa4f6e0971f454cd95fec5a9aaed2ed93d8f46725cc6bc61e0698e97dba96da1
container_name: immich_db
volumes:
- immich_db:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD=${DB_PASSWORD}
- POSTGRES_USER=postgres
- POSTGRES_DB=immich
- POSTGRES_INITDB_ARGS='--data-checksums'
networks:
- default
restart: always
hostname: database
immich_ml: immich_ml:
container_name: immich_ml
hostname: immich-machine-learning
image: ghcr.io/immich-app/immich-machine-learning:release image: ghcr.io/immich-app/immich-machine-learning:release
container_name: immich_ml
volumes: volumes:
- immich_ml_cache:/cache - immich_ml_cache:/cache
networks: networks:
@ -38,31 +52,17 @@ services:
restart: unless-stopped restart: unless-stopped
healthcheck: healthcheck:
disable: false disable: false
hostname: immich-machine-learning
immich_redis: immich_redis:
container_name: immich_redis
hostname: redis
image: docker.io/valkey/valkey:8-bookworm@sha256:ff21bc0f8194dc9c105b769aeabf9585fea6a8ed649c0781caeac5cb3c247884 image: docker.io/valkey/valkey:8-bookworm@sha256:ff21bc0f8194dc9c105b769aeabf9585fea6a8ed649c0781caeac5cb3c247884
container_name: immich_redis
networks: networks:
- default - default
restart: unless-stopped
healthcheck: healthcheck:
test: redis-cli ping || exit 1 test: redis-cli ping || exit 1
restart: unless-stopped hostname: redis
immich_db:
container_name: immich_db
hostname: database
image: ghcr.io/immich-app/postgres:14-vectorchord0.3.0-pgvectors0.2.0@sha256:fa4f6e0971f454cd95fec5a9aaed2ed93d8f46725cc6bc61e0698e97dba96da1
networks:
- default
environment:
- POSTGRES_PASSWORD=${DB_PASSWORD}
- POSTGRES_USER=postgres
- POSTGRES_DB=immich
- POSTGRES_INITDB_ARGS='--data-checksums'
volumes:
- immich_db:/var/lib/postgresql/data
restart: always
networks: networks:
default: default:

3
it-tools/compose.yaml
View file

@ -1,11 +1,12 @@
name: it-tools
services: services:
it-tools: it-tools:
image: corentinth/it-tools:latest image: corentinth/it-tools:latest
container_name: it-tools container_name: it-tools
restart: unless-stopped
networks: networks:
- default - default
- proxy - proxy
restart: unless-stopped
labels: labels:
caddy: it-tools.ferngarden.net caddy: it-tools.ferngarden.net
caddy.import: internal caddy.import: internal

81
jellyfin/compose.yaml
View file

@ -1,25 +1,14 @@
name: jellyfin
services: services:
jellyfin: jellyfin:
image: jellyfin/jellyfin image: jellyfin/jellyfin
container_name: jellyfin container_name: jellyfin
user: 1000:1800
group_add:
- 992
devices:
- /dev/dri/renderD128:/dev/dri/renderD128
networks:
- default
- proxy
- media
volumes: volumes:
- jellyfin_cache:/var/cache/jellyfin - jellyfin_cache:/var/cache/jellyfin
- jellyfin_config:/etc/jellyfin - jellyfin_config:/etc/jellyfin
- jellyfin_data:/var/lib/jellyfin - jellyfin_data:/var/lib/jellyfin
- jellyfin_logs:/var/log/jellyfin - jellyfin_logs:/var/log/jellyfin
- /media:/media - /media:/media
restart: unless-stopped
ports:
- 8096:8096
environment: environment:
- JELLYFIN_PublishedServerUrl=https://jellyfin.fern.garden - JELLYFIN_PublishedServerUrl=https://jellyfin.fern.garden
- JELLYFIN_CACHE_DIR=/var/cache/jellyfin - JELLYFIN_CACHE_DIR=/var/cache/jellyfin
@ -27,38 +16,30 @@ services:
- JELLYFIN_DATA_DIR=/var/lib/jellyfin - JELLYFIN_DATA_DIR=/var/lib/jellyfin
- JELLYFIN_LOG_DIR=/var/log/jellyfin - JELLYFIN_LOG_DIR=/var/log/jellyfin
- TZ=Australia/Perth - TZ=Australia/Perth
ports:
- '8096:8096'
networks:
- default
- proxy
- media
restart: unless-stopped
labels: labels:
caddy: jellyfin.fern.garden caddy: jellyfin.fern.garden
caddy.@blacklist.not.path: "/metrics" caddy.@blacklist.not.path: "/metrics"
caddy.reverse_proxy: "@blacklist {{upstreams 8096}}" caddy.reverse_proxy: "@blacklist {{upstreams 8096}}"
user: 1000:1800
jellystat_db: devices:
image: postgres:15.2 - /dev/dri/renderD128:/dev/dri/renderD128
shm_size: '1gb' group_add:
container_name: jellystat_db - 992
restart: unless-stopped
logging:
driver: "json-file"
options:
max-file: "5"
max-size: "10m"
environment:
POSTGRES_USER: jellystat
POSTGRES_PASSWORD: ${JELLYSTAT_POSTGRES_PASSWORD}
networks:
- default
volumes:
- jellystat_db:/var/lib/postgresql/data
jellystat: jellystat:
image: cyfershepard/jellystat:latest image: cyfershepard/jellystat:latest
container_name: jellystat container_name: jellystat
restart: unless-stopped depends_on:
logging: - jellystat_db
driver: "json-file" volumes:
options: - jellystat_data:/app/backend/backup-data
max-file: "5"
max-size: "10m"
environment: environment:
POSTGRES_USER: jellystat POSTGRES_USER: jellystat
POSTGRES_PASSWORD: ${JELLYSTAT_POSTGRES_PASSWORD} POSTGRES_PASSWORD: ${JELLYSTAT_POSTGRES_PASSWORD}
@ -68,18 +49,38 @@ services:
JS_USER: fern JS_USER: fern
JS_PASSWORD: ${JELLYSTAT_PASSWORD} JS_PASSWORD: ${JELLYSTAT_PASSWORD}
TZ: Australia/Perth TZ: Australia/Perth
volumes:
- jellystat_data:/app/backend/backup-data
networks: networks:
- default - default
- proxy - proxy
depends_on: restart: unless-stopped
- jellystat_db logging:
driver: "json-file"
options:
max-file: "5"
max-size: "10m"
labels: labels:
caddy: jellystat.ferngarden.net caddy: jellystat.ferngarden.net
caddy.import: internal caddy.import: internal
caddy.reverse_proxy: '{{upstreams 3000}}' caddy.reverse_proxy: '{{upstreams 3000}}'
jellystat_db:
image: postgres:15.2
container_name: jellystat_db
volumes:
- jellystat_db:/var/lib/postgresql/data
environment:
POSTGRES_USER: jellystat
POSTGRES_PASSWORD: ${JELLYSTAT_POSTGRES_PASSWORD}
networks:
- default
restart: unless-stopped
logging:
driver: "json-file"
options:
max-file: "5"
max-size: "10m"
shm_size: '1gb'
networks: networks:
default: default:
media: media:

5
komga/compose.yaml
View file

@ -1,3 +1,4 @@
name: komga
services: services:
komga: komga:
image: gotson/komga image: gotson/komga
@ -5,18 +6,18 @@ services:
volumes: volumes:
- komga_config:/config - komga_config:/config
- /media:/media:ro - /media:/media:ro
user: "1000:1800"
environment: environment:
- TZ=Australia/Perth - TZ=Australia/Perth
- KOMGA_OAUTH2_ACCOUNT_CREATION=true - KOMGA_OAUTH2_ACCOUNT_CREATION=true
restart: unless-stopped
networks: networks:
- default - default
- media - media
- proxy - proxy
restart: unless-stopped
labels: labels:
caddy: comics.fern.garden caddy: comics.fern.garden
caddy.reverse_proxy: '{{upstreams 25600}}' caddy.reverse_proxy: '{{upstreams 25600}}'
user: "1000:1800"
networks: networks:
default: default:

39
linkwarden/compose.yaml
View file

@ -1,18 +1,12 @@
name: linkwarden
services: services:
linkwarden_db:
image: postgres:16-alpine
container_name: linkwarden_db
environment:
- POSTGRES_USER=linkwarden
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=linkwarden
restart: always
volumes:
- /mnt/docker/linkwarden/database:/var/lib/postgresql/data
networks:
- default
linkwarden: linkwarden:
image: ghcr.io/linkwarden/linkwarden:latest image: ghcr.io/linkwarden/linkwarden:latest
depends_on:
- linkwarden_db
- linkwarden_search
volumes:
- /mnt/docker/linkwarden/data:/data/data
environment: environment:
- DATABASE_URL=postgresql://linkwarden:${POSTGRES_PASSWORD}@linkwarden_db:5432/linkwarden - DATABASE_URL=postgresql://linkwarden:${POSTGRES_PASSWORD}@linkwarden_db:5432/linkwarden
- MEILI_HOST=linkwarden_search - MEILI_HOST=linkwarden_search
@ -22,27 +16,34 @@ services:
- AUTHENTIK_ISSUER=https://auth.fern.garden/application/o/linkwarden - AUTHENTIK_ISSUER=https://auth.fern.garden/application/o/linkwarden
- AUTHENTIK_CLIENT_ID=${AUTHENTIK_CLIENT_ID} - AUTHENTIK_CLIENT_ID=${AUTHENTIK_CLIENT_ID}
- AUTHENTIK_CLIENT_SECRET=${AUTHENTIK_CLIENT_SECRET} - AUTHENTIK_CLIENT_SECRET=${AUTHENTIK_CLIENT_SECRET}
restart: always
volumes:
- /mnt/docker/linkwarden/data:/data/data
depends_on:
- linkwarden_db
- linkwarden_search
networks: networks:
- default - default
- proxy - proxy
restart: always
labels: labels:
caddy: linkwarden.ferngarden.net caddy: linkwarden.ferngarden.net
caddy.import: internal caddy.import: internal
caddy.reverse_proxy: '{{ upstreams 3000 }}' caddy.reverse_proxy: '{{ upstreams 3000 }}'
linkwarden_db:
image: postgres:16-alpine
container_name: linkwarden_db
volumes:
- /mnt/docker/linkwarden/database:/var/lib/postgresql/data
environment:
- POSTGRES_USER=linkwarden
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=linkwarden
networks:
- default
restart: always
linkwarden_search: linkwarden_search:
image: getmeili/meilisearch:v1.12.8 image: getmeili/meilisearch:v1.12.8
container_name: linkwarden_search container_name: linkwarden_search
restart: always
volumes: volumes:
- /mnt/docker/linkwarden/search:/meili_data - /mnt/docker/linkwarden/search:/meili_data
networks: networks:
- default - default
restart: always
networks: networks:
default: default:

27
mailserver/compose.yaml
View file

@ -1,19 +1,8 @@
name: mailserver
services: services:
mailserver: mailserver:
image: ghcr.io/docker-mailserver/docker-mailserver:latest image: ghcr.io/docker-mailserver/docker-mailserver:latest
container_name: mailserver container_name: mailserver
hostname: mail.ferngarden.net
env_file: mailserver.env
environment:
SSL_TYPE: manual
SSL_CERT_PATH: /srv/tls/caddy/certificates/acme-v02.api.letsencrypt.org-directory/wildcard_.ferngarden.net/wildcard_.ferngarden.net.crt
SSL_KEY_PATH: /srv/tls/caddy/certificates/acme-v02.api.letsencrypt.org-directory/wildcard_.ferngarden.net/wildcard_.ferngarden.net.key
ports:
- "25:25" # SMTP (explicit TLS => STARTTLS, Authentication is DISABLED => use port 465/587 instead)
- "143:143" # IMAP4 (explicit TLS => STARTTLS)
- "465:465" # ESMTP (implicit TLS)
- "587:587" # ESMTP (explicit TLS => STARTTLS)
- "993:993" # IMAP4 (implicit TLS)
volumes: volumes:
- mailserver_data:/var/mail/ - mailserver_data:/var/mail/
- mailserver_state:/var/mail-state/ - mailserver_state:/var/mail-state/
@ -21,12 +10,24 @@ services:
- mailserver_config:/tmp/docker-mailserver/ - mailserver_config:/tmp/docker-mailserver/
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
- caddy_data:/srv/tls - caddy_data:/srv/tls
environment:
SSL_TYPE: manual
SSL_CERT_PATH: /srv/tls/caddy/certificates/acme-v02.api.letsencrypt.org-directory/wildcard_.ferngarden.net/wildcard_.ferngarden.net.crt
SSL_KEY_PATH: /srv/tls/caddy/certificates/acme-v02.api.letsencrypt.org-directory/wildcard_.ferngarden.net/wildcard_.ferngarden.net.key
env_file: mailserver.env
ports:
- '25:25' # SMTP (explicit TLS => STARTTLS, Authentication is DISABLED => use port 465/587 instead)
- '143:143' # IMAP4 (explicit TLS => STARTTLS)
- '465:465' # ESMTP (implicit TLS)
- '587:587' # ESMTP (explicit TLS => STARTTLS)
- '993:993' # IMAP4 (implicit TLS)
restart: always restart: always
stop_grace_period: 1m
healthcheck: healthcheck:
test: "ss --listening --ipv4 --tcp | grep --silent ':smtp' || exit 1" test: "ss --listening --ipv4 --tcp | grep --silent ':smtp' || exit 1"
timeout: 3s timeout: 3s
retries: 0 retries: 0
hostname: mail.ferngarden.net
stop_grace_period: 1m
volumes: volumes:
mailserver_data: mailserver_data:

15
metrics/compose.yaml
View file

@ -1,32 +1,33 @@
name: metrics
services: services:
docker_socket_proxy: docker_socket_proxy:
image: ghcr.io/tecnativa/docker-socket-proxy:latest image: ghcr.io/tecnativa/docker-socket-proxy:latest
container_name: docker_socket_proxy container_name: docker_socket_proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro # Mounted as read-only
environment: environment:
- CONTAINERS=1 # Allow access to viewing containers - CONTAINERS=1 # Allow access to viewing containers
- INFO=1 - INFO=1
- POST=0 # Disallow any POST operations (effectively read-only) - POST=0 # Disallow any POST operations (effectively read-only)
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro # Mounted as read-only
restart: unless-stopped
ports: ports:
- 2375:2375 - '2375:2375'
networks: networks:
- default - default
- metrics - metrics
restart: unless-stopped
glances: glances:
image: nicolargo/glances:latest image: nicolargo/glances:latest
container_name: glances container_name: glances
restart: always
pid: host
environment: environment:
- "GLANCES_OPT=-w" - "GLANCES_OPT=-w"
ports: ports:
- 61208:61208 - '61208:61208'
networks: networks:
- default - default
- metrics - metrics
restart: always
pid: host
networks: networks:
default: default:

56
minecraft/compose.yaml
View file

@ -1,55 +1,57 @@
name: minecraft
services: services:
minecraft_proxy: minecraft_proxy:
image: itzg/mc-proxy image: itzg/mc-proxy
container_name: minecraft_proxy container_name: minecraft_proxy
restart: unless-stopped
volumes: volumes:
- velocity_config:/config - velocity_config:/config
- velocity_server:/server - velocity_server:/server
networks:
- default
ports:
- 25565:25565
environment: environment:
- TYPE=VELOCITY - TYPE=VELOCITY
- MINECRAFT_VERSION=1.21.5 - MINECRAFT_VERSION=1.21.5
ports:
minecraft_server_mc: - '25565:25565'
image: itzg/minecraft-server
container_name: minecraft_server_mc
hostname: mc
restart: unless-stopped
volumes:
- minecraft_server_mc:/data
networks: networks:
- default - default
depends_on: restart: unless-stopped
- minecraft_proxy
env_file:
- server.env
environment:
- MOTD=meow
- ICON=https://git.fern.garden/fern/stacks/raw/branch/main/minecraft/server-icons/mc.png
- PLUGINS=https://dev.bukkit.org/projects/dead-chest/files/latest
minecraft_server_bob: minecraft_server_bob:
image: itzg/minecraft-server image: itzg/minecraft-server
container_name: minecraft_server_bob container_name: minecraft_server_bob
hostname: bob
restart: unless-stopped
volumes:
- minecraft_server_bob:/data
depends_on: depends_on:
- minecraft_proxy - minecraft_proxy
env_file: volumes:
- server.env - minecraft_server_bob:/data
environment: environment:
- MOTD=it's bob's world, we're just living in it - MOTD=it's bob's world, we're just living in it
- ICON=https://git.fern.garden/fern/stacks/raw/branch/main/minecraft/server-icons/bob.png - ICON=https://git.fern.garden/fern/stacks/raw/branch/main/minecraft/server-icons/bob.png
env_file:
- server.env
restart: unless-stopped
hostname: bob
minecraft_server_mc:
image: itzg/minecraft-server
container_name: minecraft_server_mc
depends_on:
- minecraft_proxy
volumes:
- minecraft_server_mc:/data
environment:
- MOTD=meow
- ICON=https://git.fern.garden/fern/stacks/raw/branch/main/minecraft/server-icons/mc.png
- PLUGINS=https://dev.bukkit.org/projects/dead-chest/files/latest
env_file:
- server.env
networks:
- default
restart: unless-stopped
hostname: mc
networks: networks:
default: default:
volumes: volumes:
minecraft_webadmin_db: minecraft_webadmin_db:
name: minecraft_webadmin_db name: minecraft_webadmin_db

21
miniflux/compose.yaml
View file

@ -1,11 +1,8 @@
name: miniflux
services: services:
miniflux: miniflux:
image: miniflux/miniflux:latest image: miniflux/miniflux:latest
container_name: miniflux container_name: miniflux
restart: unless-stopped
networks:
- default
- proxy
depends_on: depends_on:
miniflux_db: miniflux_db:
condition: service_healthy condition: service_healthy
@ -22,6 +19,10 @@ services:
- OAUTH2_REDIRECT_URL=https://rss.ferngarden.net/oauth2/oidc/callback - OAUTH2_REDIRECT_URL=https://rss.ferngarden.net/oauth2/oidc/callback
- OAUTH2_OIDC_DISCOVERY_ENDPOINT=https://auth.fern.garden/application/o/miniflux/ - OAUTH2_OIDC_DISCOVERY_ENDPOINT=https://auth.fern.garden/application/o/miniflux/
- OAUTH2_USER_CREATION=1 - OAUTH2_USER_CREATION=1
networks:
- default
- proxy
restart: unless-stopped
labels: labels:
caddy: rss.ferngarden.net caddy: rss.ferngarden.net
caddy.import: internal caddy.import: internal
@ -30,17 +31,17 @@ services:
miniflux_db: miniflux_db:
image: postgres:17-alpine image: postgres:17-alpine
container_name: miniflux_db container_name: miniflux_db
restart: unless-stopped volumes:
networks: - miniflux_db:/var/lib/postgresql/data
- default
environment: environment:
- POSTGRES_USER=miniflux - POSTGRES_USER=miniflux
- POSTGRES_DB=miniflux - POSTGRES_DB=miniflux
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
volumes: networks:
- miniflux_db:/var/lib/postgresql/data - default
restart: unless-stopped
healthcheck: healthcheck:
test: ["CMD", "pg_isready", "-U", "miniflux"] test: [ "CMD", "pg_isready", "-U", "miniflux" ]
interval: 10s interval: 10s
start_period: 30s start_period: 30s

15
navidrome/compose.yaml
View file

@ -1,11 +1,11 @@
name: navidrome
services: services:
navidrome: navidrome:
image: deluan/navidrome:latest image: deluan/navidrome:latest
container_name: navidrome container_name: navidrome
networks: volumes:
- default - navidrome_data:/data
- proxy - /media/media/beets:/music:ro
restart: unless-stopped
environment: environment:
- ND_BASEURL=https://music.fern.garden - ND_BASEURL=https://music.fern.garden
- ND_REVERSEPROXYUSERHEADER=X-authentik-username - ND_REVERSEPROXYUSERHEADER=X-authentik-username
@ -13,9 +13,10 @@ services:
- ND_LASTFM_APIKEY=${ND_LASTFM_APIKEY} - ND_LASTFM_APIKEY=${ND_LASTFM_APIKEY}
- ND_LASTFM_SECRET=${ND_LASTFM_SECRET} - ND_LASTFM_SECRET=${ND_LASTFM_SECRET}
- ND_PLAYLISTSPATH=Playlists - ND_PLAYLISTSPATH=Playlists
volumes: networks:
- navidrome_data:/data - default
- /media/media/beets:/music:ro - proxy
restart: unless-stopped
labels: labels:
caddy: music.fern.garden caddy: music.fern.garden
caddy.import: authentik caddy.import: authentik

7
netatalk/compose.yaml
View file

@ -1,10 +1,8 @@
name: netatalk
services: services:
netatalk: netatalk:
image: netatalk/netatalk:latest image: netatalk/netatalk:latest
container_name: netatalk container_name: netatalk
network_mode: host
cap_add:
- NET_ADMIN
volumes: volumes:
- netatalk_backup:/mnt/afpbackup - netatalk_backup:/mnt/afpbackup
- /srv/netatalk:/mnt/afpshare - /srv/netatalk:/mnt/afpshare
@ -15,6 +13,9 @@ services:
- AFP_GROUP=afpusers - AFP_GROUP=afpusers
- ATALKD_INTERFACE=eth0 - ATALKD_INTERFACE=eth0
- TZ=Australia/Perth - TZ=Australia/Perth
network_mode: host
cap_add:
- NET_ADMIN
volumes: volumes:
netatalk_backup: netatalk_backup:

11
nextcloud-aio/compose.yaml
View file

@ -1,23 +1,24 @@
name: nextcloud-aio
services: services:
nextcloud-aio-mastercontainer: nextcloud-aio-mastercontainer:
image: ghcr.io/nextcloud-releases/all-in-one:latest image: ghcr.io/nextcloud-releases/all-in-one:latest
container_name: nextcloud-aio-mastercontainer container_name: nextcloud-aio-mastercontainer
init: true
network_mode: bridge
restart: always
volumes: volumes:
- nextcloud_aio_mastercontainer:/mnt/docker-aio-config - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
- /var/run/docker.sock:/var/run/docker.sock:ro - /var/run/docker.sock:/var/run/docker.sock:ro
ports:
- 8080:8080
environment: environment:
APACHE_PORT: 11000 APACHE_PORT: 11000
APACHE_IP_BINDING: 0.0.0.0 APACHE_IP_BINDING: 0.0.0.0
APACHE_ADDITIONAL_NETWORK: proxy APACHE_ADDITIONAL_NETWORK: proxy
ports:
- '8080:8080'
network_mode: bridge
restart: always
labels: labels:
caddy: cloud.ferngarden.net caddy: cloud.ferngarden.net
caddy.import: internal caddy.import: internal
caddy.reverse_proxy: "nextcloud-aio-apache:11000" caddy.reverse_proxy: "nextcloud-aio-apache:11000"
init: true
volumes: volumes:
nextcloud_aio_mastercontainer: nextcloud_aio_mastercontainer:

56
notifications/compose.yaml
View file

@ -1,37 +1,10 @@
name: notifications
services: services:
ntfy:
image: binwiederhier/ntfy
container_name: ntfy
networks:
- default
- proxy
command: serve
volumes:
- ntfy_cache:/var/cache/ntfy
- ntfy_config:/etc/ntfy
- ntfy_data:/var/lib/ntfy
healthcheck:
test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:2586/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"]
interval: 60s
timeout: 10s
retries: 3
start_period: 40s
restart: unless-stopped
labels:
caddy: ntfy.fern.garden
caddy.reverse_proxy: "{{upstreams 2586}}"
mollysocket: mollysocket:
image: ghcr.io/mollyim/mollysocket:1 image: ghcr.io/mollyim/mollysocket:1
container_name: mollysocket container_name: mollysocket
networks:
- default
- proxy
restart: unless-stopped
volumes: volumes:
- mollysocket_data:/data - mollysocket_data:/data
working_dir: /data
command: server
environment: environment:
- MOLLY_DB=/data/mollysocket.db - MOLLY_DB=/data/mollysocket.db
- MOLLY_ALLOWED_ENDPOINTS=["https://ntfy.fern.garden"] - MOLLY_ALLOWED_ENDPOINTS=["https://ntfy.fern.garden"]
@ -40,9 +13,36 @@ services:
- MOLLY_HOST=0.0.0.0 - MOLLY_HOST=0.0.0.0
- MOLLY_PORT=8020 - MOLLY_PORT=8020
- RUST_LOG=info - RUST_LOG=info
networks:
- default
- proxy
command: server
working_dir: /data
restart: unless-stopped
labels: labels:
caddy: mollysocket.fern.garden caddy: mollysocket.fern.garden
caddy.reverse_proxy: "{{upstreams 8020}}" caddy.reverse_proxy: "{{upstreams 8020}}"
ntfy:
image: binwiederhier/ntfy
container_name: ntfy
volumes:
- ntfy_cache:/var/cache/ntfy
- ntfy_config:/etc/ntfy
- ntfy_data:/var/lib/ntfy
networks:
- default
- proxy
command: serve
restart: unless-stopped
healthcheck:
test: [ "CMD-SHELL", "wget -q --tries=1 http://localhost:2586/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1" ]
interval: 60s
timeout: 10s
retries: 3
start_period: 40s
labels:
caddy: ntfy.fern.garden
caddy.reverse_proxy: "{{upstreams 2586}}"
networks: networks:
default: default:

46
paperless/compose.yaml
View file

@ -1,30 +1,8 @@
name: paperless
services: services:
paperless_redis:
image: docker.io/library/redis:8
container_name: paperless_redis
restart: unless-stopped
volumes:
- paperless_redis:/data
networks:
- default
paperless_db:
image: docker.io/library/postgres:17
container_name: paperless_db
restart: unless-stopped
volumes:
- paperless_db:/var/lib/postgresql/data
environment:
POSTGRES_DB: paperless
POSTGRES_USER: paperless
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
networks:
- default
paperless: paperless:
image: ghcr.io/paperless-ngx/paperless-ngx:latest image: ghcr.io/paperless-ngx/paperless-ngx:latest
container_name: paperless container_name: paperless
restart: unless-stopped
depends_on: depends_on:
- paperless_db - paperless_db
- paperless_redis - paperless_redis
@ -66,11 +44,33 @@ services:
networks: networks:
- default - default
- proxy - proxy
restart: unless-stopped
labels: labels:
caddy: paperless.ferngarden.net caddy: paperless.ferngarden.net
caddy.import: internal caddy.import: internal
caddy.reverse_proxy: "{{upstreams 8000}}" caddy.reverse_proxy: "{{upstreams 8000}}"
paperless_db:
image: docker.io/library/postgres:17
container_name: paperless_db
volumes:
- paperless_db:/var/lib/postgresql/data
environment:
POSTGRES_DB: paperless
POSTGRES_USER: paperless
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
networks:
- default
restart: unless-stopped
paperless_redis:
image: docker.io/library/redis:8
container_name: paperless_redis
volumes:
- paperless_redis:/data
networks:
- default
restart: unless-stopped
networks: networks:
default: default:
proxy: proxy:

114
qbittorrent/compose.yaml
View file

@ -1,9 +1,41 @@
name: qbittorrent
services: services:
cross-seed:
image: ghcr.io/cross-seed/cross-seed:6
container_name: cross-seed
volumes:
- cross-seed_config:/config
- /media:/media
networks:
- default
- media
command: daemon
restart: unless-stopped
user: 1000:1800
fertilizer:
image: ghcr.io/moleculekayak/fertilizer:latest
container_name: fertilizer
volumes:
- qbittorrent_config:/torrents:ro
- /media:/media
environment:
- OPS_KEY=${OPS_KEY}
- RED_KEY=${RED_KEY}
- INJECT_TORRENTS=true
- INJECTION_LINK_DIRECTORY=/media/downloads/fertilizer/linked-data
- QBITTORRENT_URL=http://fern:${QBITTORRENT_PASS}@qbittorrent_gluetun:8080
networks:
default:
ipv4_address: 172.16.7.4
command: fertilizer -o /media/downloads/fertilizer/torrent-files -i /torrents/qBittorrent/BT_backup --server
user: 1000:1800
qbittorrent: qbittorrent:
image: lscr.io/linuxserver/qbittorrent:latest image: lscr.io/linuxserver/qbittorrent:latest
container_name: qbittorrent container_name: qbittorrent
restart: unless-stopped depends_on:
network_mode: service:qbittorrent_gluetun qbittorrent_gluetun:
condition: service_healthy
volumes: volumes:
- qbittorrent_config:/config - qbittorrent_config:/config
- /media:/media - /media:/media
@ -12,27 +44,17 @@ services:
- PUID=1000 - PUID=1000
- PGID=1800 - PGID=1800
- TZ=Australia/Perth - TZ=Australia/Perth
network_mode: service:qbittorrent_gluetun
restart: unless-stopped
healthcheck: healthcheck:
test: ["CMD-SHELL", "curl -sf https://api.ipify.org || exit 1"] test: [ "CMD-SHELL", "curl -sf https://api.ipify.org || exit 1" ]
interval: 30s interval: 30s
timeout: 10s timeout: 10s
retries: 3 retries: 3
depends_on:
qbittorrent_gluetun:
condition: service_healthy
qbittorrent_gluetun: qbittorrent_gluetun:
image: qmcgaw/gluetun image: qmcgaw/gluetun
container_name: qbittorrent_gluetun container_name: qbittorrent_gluetun
restart: unless-stopped
networks:
- default
- proxy
- media
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
volumes: volumes:
- qbittorrent_gluetun_auth:/gluetun/auth - qbittorrent_gluetun_auth:/gluetun/auth
environment: environment:
@ -44,16 +66,23 @@ services:
- WIREGUARD_ADDRESSES=10.2.0.2/32 - WIREGUARD_ADDRESSES=10.2.0.2/32
- WIREGUARD_PRIVATE_KEY=${WIREGUARD_PRIVATE_KEY} - WIREGUARD_PRIVATE_KEY=${WIREGUARD_PRIVATE_KEY}
- BLOCK_MALICIOUS=off - BLOCK_MALICIOUS=off
networks:
- default
- proxy
- media
restart: unless-stopped
labels: labels:
caddy: qbittorrent.ferngarden.net caddy: qbittorrent.ferngarden.net
caddy.import: internal caddy.import: internal
caddy.reverse_proxy: "{{upstreams 8080}}" caddy.reverse_proxy: "{{upstreams 8080}}"
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
qbittorrent_qsticky: qbittorrent_qsticky:
image: ghcr.io/monstermuffin/qsticky:latest image: ghcr.io/monstermuffin/qsticky:latest
container_name: qbittorrent_qsticky container_name: qbittorrent_qsticky
networks:
- default
environment: environment:
- QBITTORRENT_HOST=qbittorrent_gluetun - QBITTORRENT_HOST=qbittorrent_gluetun
- QBITTORRENT_HTTPS=false - QBITTORRENT_HTTPS=false
@ -64,57 +93,14 @@ services:
- GLUETUN_AUTH_TYPE=apikey - GLUETUN_AUTH_TYPE=apikey
- GLUETUN_APIKEY=${GLUETUN_APIKEY} - GLUETUN_APIKEY=${GLUETUN_APIKEY}
- LOG_LEVEL=INFO - LOG_LEVEL=INFO
networks:
- default
restart: unless-stopped
healthcheck: healthcheck:
test: ["CMD", "python3", "-c", "import json; exit(0 if json.load(open('/app/health/status.json'))['healthy'] else 1)"] test: [ "CMD", "python3", "-c", "import json; exit(0 if json.load(open('/app/health/status.json'))['healthy'] else 1)" ]
interval: 30s interval: 30s
timeout: 10s timeout: 10s
retries: 3 retries: 3
restart: unless-stopped
# qbittorrent_mamapi:
# image: elforkhead/mamapi
# container_name: qbittorrent_mamapi
# restart: unless-stopped
# network_mode: service:qbittorrent_gluetun
# environment:
# - TZ=Australia/Perth
# - MAM_ID=${MAM_ID}
# volumes:
# - qbittorrent_mamapi_data:/data
# depends_on:
# qbittorrent_gluetun:
# condition: service_healthy
cross-seed:
image: ghcr.io/cross-seed/cross-seed:6
container_name: cross-seed
user: 1000:1800
volumes:
- cross-seed_config:/config
- /media:/media
networks:
- default
- media
command: daemon
restart: unless-stopped
fertilizer:
image: ghcr.io/moleculekayak/fertilizer:latest
container_name: fertilizer
user: 1000:1800
networks:
default:
ipv4_address: 172.16.7.4
volumes:
- qbittorrent_config:/torrents:ro
- /media:/media
environment:
- OPS_KEY=${OPS_KEY}
- RED_KEY=${RED_KEY}
- INJECT_TORRENTS=true
- INJECTION_LINK_DIRECTORY=/media/downloads/fertilizer/linked-data
- QBITTORRENT_URL=http://fern:${QBITTORRENT_PASS}@qbittorrent_gluetun:8080
command: fertilizer -o /media/downloads/fertilizer/torrent-files -i /torrents/qBittorrent/BT_backup --server
networks: networks:
default: default:

31
romm/compose.yaml
View file

@ -1,8 +1,18 @@
name: romm
services: services:
romm: romm:
image: rommapp/romm:latest image: rommapp/romm:latest
container_name: romm container_name: romm
restart: unless-stopped depends_on:
romm_db:
condition: service_healthy
restart: true
volumes:
- romm_resources:/romm/resources # Resources fetched from IGDB (covers, screenshots, etc.)
- romm_redis:/redis-data # Cached data for background tasks
- romm_assets:/romm/assets # Uploaded saves, states, etc.
- romm_config:/romm/config # Path where config.yml is stored
- /media/media/romm:/romm/library/roms:ro # Your game library. Check https://github.com/rommapp/romm?tab=readme-ov-file#folder-structure for more details.
environment: environment:
- DB_HOST=romm_db - DB_HOST=romm_db
- DB_NAME=romm # Should match MARIADB_DATABASE in mariadb - DB_NAME=romm # Should match MARIADB_DATABASE in mariadb
@ -21,19 +31,10 @@ services:
- SCREENSCRAPER_USER=mondas # Use your ScreenScraper username and password - SCREENSCRAPER_USER=mondas # Use your ScreenScraper username and password
- SCREENSCRAPER_PASSWORD=${SCREENSCRAPER_PASSWORD} # https://docs.romm.app/latest/Getting-Started/Metadata-Providers/#screenscraper - SCREENSCRAPER_PASSWORD=${SCREENSCRAPER_PASSWORD} # https://docs.romm.app/latest/Getting-Started/Metadata-Providers/#screenscraper
- STEAMGRIDDB_API_KEY=${STEAMGRIDDB_API_KEY} # https://github.com/rommapp/romm/wiki/Metadata-Providers#steamgriddb - STEAMGRIDDB_API_KEY=${STEAMGRIDDB_API_KEY} # https://github.com/rommapp/romm/wiki/Metadata-Providers#steamgriddb
volumes:
- romm_resources:/romm/resources # Resources fetched from IGDB (covers, screenshots, etc.)
- romm_redis:/redis-data # Cached data for background tasks
- romm_assets:/romm/assets # Uploaded saves, states, etc.
- romm_config:/romm/config # Path where config.yml is stored
- /media/media/romm:/romm/library/roms:ro # Your game library. Check https://github.com/rommapp/romm?tab=readme-ov-file#folder-structure for more details.
depends_on:
romm_db:
condition: service_healthy
restart: true
networks: networks:
- default - default
- proxy - proxy
restart: unless-stopped
labels: labels:
caddy: games.fern.garden caddy: games.fern.garden
caddy.reverse_proxy: '{{upstreams 8080}}' caddy.reverse_proxy: '{{upstreams 8080}}'
@ -41,18 +42,18 @@ services:
romm_db: romm_db:
image: mariadb:latest image: mariadb:latest
container_name: romm_db container_name: romm_db
restart: unless-stopped volumes:
- romm_db:/var/lib/mysql
environment: environment:
- MARIADB_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD} # Use a unique, secure password - MARIADB_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD} # Use a unique, secure password
- MARIADB_DATABASE=romm - MARIADB_DATABASE=romm
- MARIADB_USER=romm - MARIADB_USER=romm
- MARIADB_PASSWORD=${MARIADB_PASSWORD} - MARIADB_PASSWORD=${MARIADB_PASSWORD}
volumes:
- romm_db:/var/lib/mysql
networks: networks:
- default - default
restart: unless-stopped
healthcheck: healthcheck:
test: [CMD, healthcheck.sh, --connect, --innodb_initialized] test: [ CMD, healthcheck.sh, --connect, --innodb_initialized ]
start_period: 30s start_period: 30s
start_interval: 10s start_interval: 10s
interval: 10s interval: 10s

13
scrutiny/compose.yaml
View file

@ -1,17 +1,12 @@
name: scrutiny
services: services:
scrutiny: scrutiny:
image: ghcr.io/analogj/scrutiny:master-omnibus image: ghcr.io/analogj/scrutiny:master-omnibus
container_name: scrutiny container_name: scrutiny
cap_add:
- SYS_RAWIO
volumes: volumes:
- /run/udev:/run/udev:ro - /run/udev:/run/udev:ro
- /mnt/docker/scrutiny/influxdb:/opt/scrutiny/influxdb - /mnt/docker/scrutiny/influxdb:/opt/scrutiny/influxdb
- /mnt/docker/scrutiny/config:/opt/scrutiny/config - /mnt/docker/scrutiny/config:/opt/scrutiny/config
devices:
- /dev/sdc
- /dev/sdd
- /dev/sde
networks: networks:
- default - default
- proxy - proxy
@ -19,6 +14,12 @@ services:
caddy: scrutiny.ferngarden.net caddy: scrutiny.ferngarden.net
caddy.import: internal caddy.import: internal
caddy.reverse_proxy: '{{ upstreams 8080 }}' caddy.reverse_proxy: '{{ upstreams 8080 }}'
cap_add:
- SYS_RAWIO
devices:
- /dev/sdc
- /dev/sdd
- /dev/sde
networks: networks:
default: default:

21
slskd/compose.yaml
View file

@ -1,14 +1,11 @@
name: slskd
services: services:
slskd: slskd:
image: slskd/slskd:latest image: slskd/slskd:latest
container_name: slskd container_name: slskd
networks: volumes:
- default - /mnt/docker/slskd/data:/app
- proxy - /media:/media
- media
user: 1000:1800
ports:
- 50300:50300
environment: environment:
- SLSKD_REMOTE_CONFIGURATION=true - SLSKD_REMOTE_CONFIGURATION=true
- SLSKD_SHARED_DIR=/media/media/lidarr - SLSKD_SHARED_DIR=/media/media/lidarr
@ -18,14 +15,18 @@ services:
- SLSKD_PASSWORD=${SLSKD_PASSWORD} - SLSKD_PASSWORD=${SLSKD_PASSWORD}
- SLSKD_SLSK_USERNAME=MtQueerie - SLSKD_SLSK_USERNAME=MtQueerie
- SLSKD_SLSK_PASSWORD=${SLSKD_SLSK_PASSWORD} - SLSKD_SLSK_PASSWORD=${SLSKD_SLSK_PASSWORD}
volumes: ports:
- /mnt/docker/slskd/data:/app - '50300:50300'
- /media:/media networks:
- default
- proxy
- media
restart: unless-stopped restart: unless-stopped
labels: labels:
caddy: slskd.ferngarden.net caddy: slskd.ferngarden.net
caddy.import: internal caddy.import: internal
caddy.reverse_proxy: "{{upstreams 5030}}" caddy.reverse_proxy: "{{upstreams 5030}}"
user: 1000:1800
networks: networks:
default: default:

23
stash/compose.yaml
View file

@ -1,18 +1,8 @@
name: stash
services: services:
stash: stash:
image: stashapp/stash:latest image: stashapp/stash:latest
container_name: stash container_name: stash
networks:
- default
- proxy
restart: unless-stopped
environment:
- STASH_STASH=/data/
- STASH_GENERATED=/generated/
- STASH_METADATA=/metadata/
- STASH_CACHE=/cache/
- STASH_BLOBS=/blobs/
- STASH_PORT=9999
volumes: volumes:
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
- /media/downloads/porn:/data:ro - /media/downloads/porn:/data:ro
@ -21,6 +11,17 @@ services:
- stash_cache:/cache - stash_cache:/cache
- stash_blobs:/blobs - stash_blobs:/blobs
- stash_generated:/generated - stash_generated:/generated
environment:
- STASH_STASH=/data/
- STASH_GENERATED=/generated/
- STASH_METADATA=/metadata/
- STASH_CACHE=/cache/
- STASH_BLOBS=/blobs/
- STASH_PORT=9999
networks:
- default
- proxy
restart: unless-stopped
labels: labels:
caddy: stash.ferngarden.net caddy: stash.ferngarden.net
caddy.1_import: internal caddy.1_import: internal

3
stirling-pdf/compose.yaml
View file

@ -1,3 +1,4 @@
name: stirling-pdf
services: services:
stirling-pdf: stirling-pdf:
image: docker.stirlingpdf.com/stirlingtools/stirling-pdf:latest image: docker.stirlingpdf.com/stirlingtools/stirling-pdf:latest
@ -11,7 +12,6 @@ services:
environment: environment:
- DOCKER_ENABLE_SECURITY=false - DOCKER_ENABLE_SECURITY=false
- LANGS=en_GB - LANGS=en_GB
user: 1000:1000
networks: networks:
- default - default
- proxy - proxy
@ -19,6 +19,7 @@ services:
caddy: pdf.ferngarden.net caddy: pdf.ferngarden.net
caddy.import: internal caddy.import: internal
caddy.reverse_proxy: '{{ upstreams 8080 }}' caddy.reverse_proxy: '{{ upstreams 8080 }}'
user: 1000:1000
networks: networks:
default: default:

19
synapse/compose.yaml
View file

@ -1,17 +1,18 @@
name: synapse
services: services:
synapse: synapse:
image: docker.io/matrixdotorg/synapse:latest image: docker.io/matrixdotorg/synapse:latest
container_name: synapse container_name: synapse
restart: unless-stopped depends_on:
- synapse_db
volumes:
- synapse_data:/data
environment:
- SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
networks: networks:
- default - default
- proxy - proxy
environment: restart: unless-stopped
- SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
volumes:
- synapse_data:/data
depends_on:
- synapse_db
labels: labels:
caddy_0: mx.fern.garden caddy_0: mx.fern.garden
caddy_0.1_reverse_proxy: reverse_proxy /_matrix/* synapse:8008 caddy_0.1_reverse_proxy: reverse_proxy /_matrix/* synapse:8008
@ -36,11 +37,11 @@ services:
synapse_db: synapse_db:
image: docker.io/postgres:16-alpine image: docker.io/postgres:16-alpine
container_name: synapse_db container_name: synapse_db
volumes:
- synapse_db:/var/lib/postgresql/data
networks: networks:
- default - default
restart: unless-stopped restart: unless-stopped
volumes:
- synapse_db:/var/lib/postgresql/data
networks: networks:
default: default:

13
vaultwarden/compose.yaml
View file

@ -1,11 +1,10 @@
name: vaultwarden
services: services:
vaultwarden: vaultwarden:
image: vaultwarden/server:latest image: vaultwarden/server:latest
container_name: vaultwarden container_name: vaultwarden
networks: volumes:
- default - vaultwarden_data:/data
- proxy
restart: unless-stopped
environment: environment:
- DOMAIN=https://vault.ferngarden.net - DOMAIN=https://vault.ferngarden.net
- SMTP_HOST=mail.ferngarden.net - SMTP_HOST=mail.ferngarden.net
@ -14,8 +13,10 @@ services:
- SMTP_FROM=ornithologist@ferngarden.net - SMTP_FROM=ornithologist@ferngarden.net
- SMTP_USERNAME=ornithologist@ferngarden.net - SMTP_USERNAME=ornithologist@ferngarden.net
- SMTP_PASSWORD=${SMTP_PASSWORD} - SMTP_PASSWORD=${SMTP_PASSWORD}
volumes: networks:
- vaultwarden_data:/data - default
- proxy
restart: unless-stopped
labels: labels:
caddy: vault.ferngarden.net caddy: vault.ferngarden.net
caddy.import: internal caddy.import: internal

9
wallos/compose.yaml
View file

@ -1,14 +1,15 @@
name: wallosf
services: services:
wallos: wallos:
image: bellamy/wallos:latest image: bellamy/wallos:latest
container_name: wallos container_name: wallos
restart: unless-stopped
networks:
- default
- proxy
volumes: volumes:
- wallos_db:/var/www/html/db - wallos_db:/var/www/html/db
- wallos_logos:/var/www/html/images/uploads/logos - wallos_logos:/var/www/html/images/uploads/logos
networks:
- default
- proxy
restart: unless-stopped
labels: labels:
caddy: subscriptions.ferngarden.net caddy: subscriptions.ferngarden.net
caddy.import: internal caddy.import: internal