Compare commits
No commits in common. "b6c1431526c820fe9308f01d1916514008d6e291" and "d13a06c7f6ab37649fd36399ce3f0aa4beb50916" have entirely different histories.
b6c1431526
...
d13a06c7f6
17 changed files with 144 additions and 146 deletions
|
@ -49,8 +49,8 @@ in {
|
|||
postgres = {condition = "service_healthy";};
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/auth/authentik_media:/media"
|
||||
"/home/ghoscht/.docker/auth/authentik_custom_templates:/templates"
|
||||
"/storage/dataset/docker/auth/authentik_media:/media"
|
||||
"/storage/dataset/docker/auth/authentik_custom_templates:/templates"
|
||||
];
|
||||
networks = [
|
||||
"dmz"
|
||||
|
@ -74,8 +74,8 @@ in {
|
|||
};
|
||||
volumes = [
|
||||
"/var/run/docker.sock:/var/run/docker.sock"
|
||||
"/home/ghoscht/.docker/auth/authentik_media:/media"
|
||||
"/home/ghoscht/.docker/auth/authentik_custom_templates:/templates"
|
||||
"/storage/dataset/docker/auth/authentik_media:/media"
|
||||
"/storage/dataset/docker/auth/authentik_custom_templates:/templates"
|
||||
];
|
||||
restart = "always";
|
||||
user = "root";
|
||||
|
@ -98,7 +98,7 @@ in {
|
|||
};
|
||||
restart = "always";
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/auth/redis_data:/data"
|
||||
"/storage/dataset/docker/auth/redis_data:/data"
|
||||
];
|
||||
networks = [
|
||||
"internal"
|
||||
|
@ -111,7 +111,7 @@ in {
|
|||
"/home/ghoscht/.docker/auth/postgres.env"
|
||||
];
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/auth/postgres_data:/var/lib/postgresql/data"
|
||||
"/storage/dataset/docker/auth/postgres_data:/var/lib/postgresql/data"
|
||||
];
|
||||
healthcheck = {
|
||||
test = [
|
||||
|
|
|
@ -29,9 +29,9 @@
|
|||
"/home/ghoscht/.docker/dashboard/homarr.env"
|
||||
];
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/dashboard/homarr_data:/data"
|
||||
"/home/ghoscht/.docker/dashboard/homarr_config:/app/data/configs"
|
||||
"/home/ghoscht/.docker/dashboard/homarr_icons:/app/public/imgs"
|
||||
"/storage/dataset/docker/dashboard/homarr_data:/data"
|
||||
"/storage/dataset/docker/dashboard/homarr_config:/app/data/configs"
|
||||
"/storage/dataset/docker/dashboard/homarr_icons:/app/public/imgs"
|
||||
];
|
||||
restart = "always";
|
||||
networks = [
|
||||
|
|
|
@ -17,11 +17,11 @@
|
|||
./smarthome
|
||||
./signal
|
||||
./feed
|
||||
# ./matrix
|
||||
./matrix
|
||||
./headscale
|
||||
./auth
|
||||
./minio
|
||||
# ./stats
|
||||
./stats
|
||||
./wiki
|
||||
];
|
||||
|
||||
|
|
|
@ -11,9 +11,9 @@
|
|||
driver = "bridge";
|
||||
ipam.config = [
|
||||
{
|
||||
subnet = "172.29.1.0/24";
|
||||
ip_range = "172.29.1.4/30";
|
||||
gateway = "172.29.1.1";
|
||||
subnet = "172.28.1.0/24";
|
||||
ip_range = "172.28.1.5/30";
|
||||
gateway = "172.28.1.1";
|
||||
}
|
||||
];
|
||||
};
|
||||
|
@ -30,8 +30,8 @@
|
|||
VIRTUAL_HOST = "pihole.ghoscht.com";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/dns/pihole_data:/etc/pihole"
|
||||
"/home/ghoscht/.docker/dns/pihole_dnsmasq:/etc/dnsmasq.d"
|
||||
"/storage/dataset/docker/dns/pihole_data:/etc/pihole"
|
||||
"/storage/dataset/docker/dns/pihole_dnsmasq:/etc/dnsmasq.d"
|
||||
];
|
||||
labels = {
|
||||
"traefik.enable" = "true";
|
||||
|
@ -46,7 +46,7 @@
|
|||
networks = {
|
||||
dmz = {};
|
||||
dns = {
|
||||
ipv4_address = "172.29.1.6";
|
||||
ipv4_address = "172.28.1.6";
|
||||
};
|
||||
};
|
||||
capabilities = {
|
||||
|
@ -61,13 +61,14 @@
|
|||
unbound.service = {
|
||||
image = "mvance/unbound:1.19.3";
|
||||
container_name = "unbound";
|
||||
useHostStore = true;
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/dns/unbound_data:/opt/unbound/etc/unbound"
|
||||
"/storage/dataset/docker/dns/unbound_data:/opt/unbound/etc/unbound"
|
||||
];
|
||||
restart = "always";
|
||||
networks = {
|
||||
dns = {
|
||||
ipv4_address = "172.29.1.5";
|
||||
ipv4_address = "172.28.1.5";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -32,7 +32,7 @@
|
|||
feed-db.service = {
|
||||
image = "postgres:13-alpine";
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/feed/ttrss_db:/var/lib/postgresql/data"
|
||||
"/storage/dataset/docker/feed/ttrss_db:/var/lib/postgresql/data"
|
||||
];
|
||||
env_file = [
|
||||
"/home/ghoscht/.docker/feed/ttrss.env"
|
||||
|
|
|
@ -33,7 +33,7 @@
|
|||
"traefik.http.routers.forgejo-external.tls.certresolver" = "letsencrypt";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/git/forgejo_data:/data"
|
||||
"/storage/dataset/docker/git/forgejo_data:/data"
|
||||
"/etc/localtime:/etc/localtime:ro"
|
||||
];
|
||||
ports = [
|
||||
|
@ -60,7 +60,7 @@
|
|||
"/home/ghoscht/.docker/git/forgejo-db.env"
|
||||
];
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/git/forgejo_db:/var/lib/postgresql/data"
|
||||
"/storage/dataset/docker/git/forgejo_db:/var/lib/postgresql/data"
|
||||
];
|
||||
restart = "unless-stopped";
|
||||
networks = [
|
||||
|
|
|
@ -29,8 +29,8 @@
|
|||
"traefik.http.routers.headscale-external.tls.certresolver" = "letsencrypt";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/headscale/headscale_config:/etc/headscale"
|
||||
"/home/ghoscht/.docker/headscale/headscale_data:/var/lib/headscale"
|
||||
"/storage/dataset/docker/headscale/headscale_config:/etc/headscale"
|
||||
"/storage/dataset/docker/headscale/headscale_data:/var/lib/headscale"
|
||||
];
|
||||
networks = [
|
||||
"dmz"
|
||||
|
|
|
@ -41,7 +41,7 @@
|
|||
volumes = [
|
||||
"/home/ghoscht/.docker/infrastructure/traefik_config/traefik.yml:/traefik.yml:ro"
|
||||
"/home/ghoscht/.docker/infrastructure/traefik_config/conf:/conf:ro"
|
||||
"/home/ghoscht/.docker/infrastructure/traefik_data/acme.json:/acme.json"
|
||||
"/storage/dataset/docker/infrastructure/traefik_data/acme.json:/acme.json"
|
||||
"/var/run/docker.sock:/var/run/docker.sock:ro"
|
||||
"traefik-logs:/var/log/traefik"
|
||||
];
|
||||
|
@ -61,11 +61,11 @@
|
|||
COLLECTIONS = "crowdsecurity/linux crowdsecurity/traefik firix/authentik LePresidente/gitea Dominic-Wagner/vaultwarden";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/infrastructure/crowdsec_config/acquis.yaml:/etc/crowdsec/acquis.yaml"
|
||||
"/home/ghoscht/.docker/infrastructure/crowdsec_config/profiles.yaml:/etc/crowdsec/profiles.yaml"
|
||||
"/home/ghoscht/.docker/infrastructure/crowdsec_config/ntfy.yaml:/etc/crowdsec/notifications/ntfy.yaml"
|
||||
"/home/ghoscht/.docker/infrastructure/crowdsec_db:/var/lib/crowdsec/data/"
|
||||
"/home/ghoscht/.docker/infrastructure/crowdsec_data:/etc/crowdsec/"
|
||||
"/storage/dataset/docker/infrastructure/crowdsec_config/acquis.yaml:/etc/crowdsec/acquis.yaml"
|
||||
"/storage/dataset/docker/infrastructure/crowdsec_config/profiles.yaml:/etc/crowdsec/profiles.yaml"
|
||||
"/storage/dataset/docker/infrastructure/crowdsec_config/ntfy.yaml:/etc/crowdsec/notifications/ntfy.yaml"
|
||||
"/storage/dataset/docker/infrastructure/crowdsec_db:/var/lib/crowdsec/data/"
|
||||
"/storage/dataset/docker/infrastructure/crowdsec_data:/etc/crowdsec/"
|
||||
"traefik-logs:/var/log/traefik/:ro"
|
||||
"/var/run/docker.sock:/var/run/docker.sock:ro"
|
||||
];
|
||||
|
@ -115,8 +115,8 @@
|
|||
};
|
||||
volumes = [
|
||||
"/run/udev:/run/udev:ro"
|
||||
"/home/ghoscht/.docker/infrastructure/scrutiny_data:/opt/scrutiny/config"
|
||||
"/home/ghoscht/.docker/infrastructure/scrutiny_influxdb_data:/opt/scrutiny/influxdb"
|
||||
"/storage/dataset/docker/infrastructure/scrutiny_data:/opt/scrutiny/config"
|
||||
"/storage/dataset/docker/infrastructure/scrutiny_influxdb_data:/opt/scrutiny/influxdb"
|
||||
];
|
||||
devices = [
|
||||
"/dev/nvme0"
|
||||
|
@ -136,7 +136,7 @@
|
|||
container_name = "diun";
|
||||
restart = "always";
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/infrastructure/diun_data:/data"
|
||||
"/storage/dataset/docker/infrastructure/diun_data:/data"
|
||||
"/var/run/docker.sock:/var/run/docker.sock"
|
||||
];
|
||||
environment = {
|
||||
|
|
|
@ -31,7 +31,7 @@
|
|||
"traefik.http.routers.synapse-external.tls.certresolver" = "letsencrypt";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/matrix/synapse_data:/data"
|
||||
"/storage/dataset/docker/matrix/synapse_data:/data"
|
||||
];
|
||||
env_file = [
|
||||
"/home/ghoscht/.docker/matrix/synapse.env"
|
||||
|
@ -53,7 +53,7 @@
|
|||
"/home/ghoscht/.docker/matrix/synapse.env"
|
||||
];
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/matrix/synapse_db:/var/lib/postgresql/data"
|
||||
"/storage/dataset/docker/matrix/synapse_db:/var/lib/postgresql/data"
|
||||
];
|
||||
restart = "unless-stopped";
|
||||
networks = [
|
||||
|
@ -64,8 +64,8 @@
|
|||
container_name = "matrix-nginx";
|
||||
image = "nginx:1.25.4";
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/matrix/nginx_data/matrix.conf:/etc/nginx/conf.d/matrix.conf"
|
||||
"/home/ghoscht/.docker/matrix/nginx_data/www:/var/www/"
|
||||
"/storage/dataset/docker/matrix/nginx_data/matrix.conf:/etc/nginx/conf.d/matrix.conf"
|
||||
"/storage/dataset/docker/matrix/nginx_data/www:/var/www/"
|
||||
];
|
||||
labels = {
|
||||
"traefik.enable" = "true";
|
||||
|
@ -94,7 +94,7 @@
|
|||
element.service = {
|
||||
image = "vectorim/element-web:v1.11.64";
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/matrix/element_data/element-config.json:/app/config.json"
|
||||
"/storage/dataset/docker/matrix/element_data/element-config.json:/app/config.json"
|
||||
];
|
||||
labels = {
|
||||
"traefik.enable" = "true";
|
||||
|
|
|
@ -28,7 +28,7 @@
|
|||
"diun.exclude_tags" = "\\d{4,}";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/media/jellyfin_data:/config"
|
||||
"/storage/dataset/docker/media/jellyfin_data:/config"
|
||||
"/storage/dataset/data/media/tv:/tv"
|
||||
"/storage/dataset/data/media/anime:/anime"
|
||||
"/storage/dataset/data/media/movies:/movies"
|
||||
|
@ -66,7 +66,7 @@
|
|||
"traefik.http.routers.navidrome-external.tls.certresolver" = "letsencrypt";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/media/navidrome_data:/data"
|
||||
"/storage/dataset/docker/media/navidrome_data:/data"
|
||||
"/storage/dataset/data/media/music:/music"
|
||||
];
|
||||
environment = {
|
||||
|
@ -92,7 +92,7 @@
|
|||
"traefik.http.routers.kavita.tls.certresolver" = "letsencrypt";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/media/kavita_data:/kavita/config"
|
||||
"/storage/dataset/docker/media/kavita_data:/kavita/config"
|
||||
"/storage/dataset/data/media/manga:/manga"
|
||||
"/storage/dataset/data/media/comics:/comics"
|
||||
];
|
||||
|
@ -115,7 +115,7 @@
|
|||
"traefik.http.routers.transmission.middlewares" = "authentik@file";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/media/transmission_data:/config"
|
||||
"/storage/dataset/docker/media/transmission_data:/config"
|
||||
"/storage/dataset/data/:/data"
|
||||
];
|
||||
environment = {
|
||||
|
@ -161,7 +161,7 @@
|
|||
"traefik.http.routers.prowlarr.middlewares" = "authentik@file";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/media/prowlarr_data:/config"
|
||||
"/storage/dataset/docker/media/prowlarr_data:/config"
|
||||
];
|
||||
environment = {
|
||||
PUID = 1000;
|
||||
|
@ -190,7 +190,7 @@
|
|||
"traefik.http.routers.sonarr.middlewares" = "authentik@file";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/media/sonarr_data:/config"
|
||||
"/storage/dataset/docker/media/sonarr_data:/config"
|
||||
"/storage/dataset/data/:/data"
|
||||
];
|
||||
environment = {
|
||||
|
@ -221,7 +221,7 @@
|
|||
"traefik.http.routers.radarr.middlewares" = "authentik@file";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/media/radarr_data:/config"
|
||||
"/storage/dataset/docker/media/radarr_data:/config"
|
||||
"/storage/dataset/data/:/data"
|
||||
];
|
||||
environment = {
|
||||
|
@ -255,9 +255,9 @@
|
|||
"diun.exclude_tags" = "\\d{4,}";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/media/lidarr_data:/config"
|
||||
"/home/ghoscht/.docker/media/lidarr_addons/custom-services.d:/custom-services.d"
|
||||
"/home/ghoscht/.docker/media/lidarr_addons/custom-cont-init.d:/custom-cont-init.d"
|
||||
"/storage/dataset/docker/media/lidarr_data:/config"
|
||||
"/storage/dataset/docker/media/lidarr_addons/custom-services.d:/custom-services.d"
|
||||
"/storage/dataset/docker/media/lidarr_addons/custom-cont-init.d:/custom-cont-init.d"
|
||||
"/storage/dataset/data/:/data"
|
||||
];
|
||||
environment = {
|
||||
|
@ -286,7 +286,7 @@
|
|||
"traefik.http.routers.bazarr.middlewares" = "authentik@file";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/media/bazarr_data:/config"
|
||||
"/storage/dataset/docker/media/bazarr_data:/config"
|
||||
"/storage/dataset/data/:/data"
|
||||
];
|
||||
environment = {
|
||||
|
@ -310,7 +310,7 @@
|
|||
"traefik.http.routers.jellyseerr.tls.certresolver" = "letsencrypt";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/media/jellyseerr_data:/app/config"
|
||||
"/storage/dataset/docker/media/jellyseerr_data:/app/config"
|
||||
];
|
||||
environment = {
|
||||
PUID = 1000;
|
||||
|
@ -337,7 +337,7 @@
|
|||
"diun.include_tags" = "^v\\d+\\.\\d+\\.\\d+$$";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/media/autobrr_data:/config"
|
||||
"/storage/dataset/docker/media/autobrr_data:/config"
|
||||
];
|
||||
environment = {
|
||||
PUID = 1000;
|
||||
|
@ -353,33 +353,33 @@
|
|||
};
|
||||
restart = "always";
|
||||
};
|
||||
# deemix.service = {
|
||||
# image = "finniedj/deemix:latest";
|
||||
# container_name = "deemix";
|
||||
# labels = {
|
||||
# "traefik.enable" = "true";
|
||||
# "traefik.http.routers.deemix.entrypoints" = "websecure";
|
||||
# "traefik.http.routers.deemix.rule" = "Host(`deemix.ghoscht.com`)";
|
||||
# "traefik.http.services.deemix.loadbalancer.server.port" = "6595";
|
||||
# "traefik.docker.network" = "dmz";
|
||||
# "traefik.http.routers.deemix.tls" = "true";
|
||||
# "traefik.http.routers.deemix.tls.certresolver" = "letsencrypt";
|
||||
# };
|
||||
# volumes = [
|
||||
# "/home/ghoscht/.data/deemix:/downloads"
|
||||
# ];
|
||||
# environment = {
|
||||
# PUID = 1000;
|
||||
# PGID = 1000;
|
||||
# UMASK_SET = 022;
|
||||
# TZ = "Europe/Berlin";
|
||||
# };
|
||||
# network_mode = "service:vpn";
|
||||
# depends_on = {
|
||||
# vpn = {condition = "service_healthy";};
|
||||
# };
|
||||
# restart = "always";
|
||||
# };
|
||||
deemix.service = {
|
||||
image = "finniedj/deemix:latest";
|
||||
container_name = "deemix";
|
||||
labels = {
|
||||
"traefik.enable" = "true";
|
||||
"traefik.http.routers.deemix.entrypoints" = "websecure";
|
||||
"traefik.http.routers.deemix.rule" = "Host(`deemix.ghoscht.com`)";
|
||||
"traefik.http.services.deemix.loadbalancer.server.port" = "6595";
|
||||
"traefik.docker.network" = "dmz";
|
||||
"traefik.http.routers.deemix.tls" = "true";
|
||||
"traefik.http.routers.deemix.tls.certresolver" = "letsencrypt";
|
||||
};
|
||||
volumes = [
|
||||
"/storage/dataset/data/deemix:/downloads"
|
||||
];
|
||||
environment = {
|
||||
PUID = 1000;
|
||||
PGID = 1000;
|
||||
UMASK_SET = 022;
|
||||
TZ = "Europe/Berlin";
|
||||
};
|
||||
network_mode = "service:vpn";
|
||||
depends_on = {
|
||||
vpn = {condition = "service_healthy";};
|
||||
};
|
||||
restart = "always";
|
||||
};
|
||||
unpackerr.service = {
|
||||
image = "golift/unpackerr:0.13";
|
||||
container_name = "unpackerr";
|
||||
|
@ -433,10 +433,10 @@
|
|||
restart = "always";
|
||||
};
|
||||
port-refresh.service = {
|
||||
image = "git.ghoscht.com/ghoscht/deluge-windscribe-ephemeral-port:v3-beta";
|
||||
image = "ghoscht/windscribe-ephemeral-port:latest";
|
||||
container_name = "port-refresh";
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/media/port-refresh_config/config.yml:/config/config.yaml"
|
||||
"/storage/dataset/docker/media/port-refresh_config/config.yml:/config/config.yaml"
|
||||
];
|
||||
networks = [
|
||||
"internal"
|
||||
|
|
|
@ -22,8 +22,7 @@
|
|||
"traefik.http.routers.nextcloud.tls.certresolver" = "letsencrypt";
|
||||
};
|
||||
volumes = [
|
||||
"/storage/dataset/docker/nextcloud/nextcloud_data/data:/var/www/html/data"
|
||||
"/home/ghoscht/.docker/nextcloud/nextcloud_data:/var/www/html"
|
||||
"/storage/dataset/docker/nextcloud/nextcloud_data:/var/www/html"
|
||||
];
|
||||
hostname = "nextcloud.ghoscht.com";
|
||||
environment = {
|
||||
|
@ -42,7 +41,7 @@
|
|||
"/home/ghoscht/.docker/nextcloud/nextcloud.env"
|
||||
];
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/nextcloud/nextcloud_db:/var/lib/mysql"
|
||||
"/storage/dataset/docker/nextcloud/nextcloud_db:/var/lib/mysql"
|
||||
];
|
||||
restart = "unless-stopped";
|
||||
command = "--transaction-isolation=READ-COMMITTED --binlog-format=ROW";
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
|
||||
services = {
|
||||
vaultwarden.service = {
|
||||
image = "vaultwarden/server:1.32.4";
|
||||
image = "vaultwarden/server:1.32.0";
|
||||
container_name = "vaultwarden";
|
||||
labels = {
|
||||
"traefik.enable" = "true";
|
||||
|
@ -30,7 +30,7 @@
|
|||
"traefik.http.routers.vaultwarden-external.tls.certresolver" = "letsencrypt";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/passwords/vaultwarden_data/:/data"
|
||||
"/storage/dataset/docker/passwords/vaultwarden_data/:/data"
|
||||
];
|
||||
environment = {
|
||||
DOMAIN = "http://vaultwarden.ghoscht.com";
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
# "traefik.http.routers.homeassistant.middlewares" = "authentik@file";
|
||||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/smarthome/homeassistant_data:/config"
|
||||
"/storage/dataset/docker/smarthome/homeassistant_data:/config"
|
||||
"/etc/localtime:/etc/localtime:ro"
|
||||
"/run/dbus:/run/dbus:ro"
|
||||
];
|
||||
|
|
|
@ -39,7 +39,7 @@
|
|||
"/home/ghoscht/.docker/stats/grafana.env"
|
||||
];
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/stats/grafana_data:/var/lib/grafana"
|
||||
"/storage/dataset/docker/stats/grafana_data:/var/lib/grafana"
|
||||
];
|
||||
networks = [
|
||||
"dmz"
|
||||
|
@ -49,7 +49,7 @@
|
|||
loki.service = {
|
||||
image = "grafana/loki:3.0.0";
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/stats/loki_data:/etc/loki"
|
||||
"/storage/dataset/docker/stats/loki_data:/etc/loki"
|
||||
];
|
||||
ports = [
|
||||
"3100:3100"
|
||||
|
@ -63,7 +63,7 @@
|
|||
image = "grafana/promtail:3.0.0";
|
||||
volumes = [
|
||||
"/var/log:/var/log"
|
||||
"/home/ghoscht/.docker/stats/promtail_data/promtail-config.yml:/etc/promtail/promtail-config.yml"
|
||||
"/storage/dataset/docker/stats/promtail_data/promtail-config.yml:/etc/promtail/promtail-config.yml"
|
||||
];
|
||||
command = "-config.file=/etc/promtail/promtail-config.yml";
|
||||
networks = [
|
||||
|
@ -73,8 +73,8 @@
|
|||
prometheus.service = {
|
||||
image = "prom/prometheus:v2.53.0";
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/stats/prometheus_config/prometheus.yml:/etc/prometheus/prometheus.yml"
|
||||
"/home/ghoscht/.docker/stats/prometheus_data:/prometheus"
|
||||
"/storage/dataset/docker/stats/prometheus_config/prometheus.yml:/etc/prometheus/prometheus.yml"
|
||||
"/storage/dataset/docker/stats/prometheus_data:/prometheus"
|
||||
];
|
||||
command = [
|
||||
"--config.file=/etc/prometheus/prometheus.yml"
|
||||
|
|
|
@ -24,36 +24,36 @@ in {
|
|||
'';
|
||||
};
|
||||
|
||||
# systemd.services.add-loki-logging-driver = {
|
||||
# description = "Add grafana loki docker driver";
|
||||
# after = ["network.target"];
|
||||
# wantedBy = ["multi-user.target"];
|
||||
#
|
||||
# serviceConfig.Type = "oneshot";
|
||||
# script = let
|
||||
# dockercli = "${config.virtualisation.docker.package}/bin/docker";
|
||||
# in ''
|
||||
# # Put a true at the end to prevent getting non-zero return code, which will
|
||||
# # crash the whole service.
|
||||
# check=$(${dockercli} plugin ls | grep "loki" || true)
|
||||
# if [ -z "$check" ]; then
|
||||
# ${dockercli} plugin install grafana/loki-docker-driver:latest --alias loki --grant-all-permissions
|
||||
# else
|
||||
# echo "loki docker driver already exists in docker"
|
||||
# fi
|
||||
# '';
|
||||
# };
|
||||
systemd.services.add-loki-logging-driver = {
|
||||
description = "Add grafana loki docker driver";
|
||||
after = ["network.target"];
|
||||
wantedBy = ["multi-user.target"];
|
||||
|
||||
# virtualisation.docker.daemon.settings = {
|
||||
# debug = true;
|
||||
# log-driver = "loki";
|
||||
# log-opts = {
|
||||
# loki-url = "http://localhost:3100/loki/api/v1/push";
|
||||
# loki-batch-size = "400";
|
||||
# loki-max-backoff = "800ms";
|
||||
# loki-retries = "2";
|
||||
# loki-timeout = "1s";
|
||||
# keep-file = "true";
|
||||
# };
|
||||
# };
|
||||
serviceConfig.Type = "oneshot";
|
||||
script = let
|
||||
dockercli = "${config.virtualisation.docker.package}/bin/docker";
|
||||
in ''
|
||||
# Put a true at the end to prevent getting non-zero return code, which will
|
||||
# crash the whole service.
|
||||
check=$(${dockercli} plugin ls | grep "loki" || true)
|
||||
if [ -z "$check" ]; then
|
||||
${dockercli} plugin install grafana/loki-docker-driver:latest --alias loki --grant-all-permissions
|
||||
else
|
||||
echo "loki docker driver already exists in docker"
|
||||
fi
|
||||
'';
|
||||
};
|
||||
|
||||
virtualisation.docker.daemon.settings = {
|
||||
debug = true;
|
||||
log-driver = "loki";
|
||||
log-opts = {
|
||||
loki-url = "http://localhost:3100/loki/api/v1/push";
|
||||
loki-batch-size = "400";
|
||||
loki-max-backoff = "800ms";
|
||||
loki-retries = "2";
|
||||
loki-timeout = "1s";
|
||||
keep-file = "true";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -55,7 +55,7 @@
|
|||
command = "--save 60 1 --loglevel warning";
|
||||
restart = "always";
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/wiki/redis_data:/data"
|
||||
"/storage/dataset/docker/wiki/redis_data:/data"
|
||||
];
|
||||
networks = [
|
||||
"internal"
|
||||
|
@ -65,7 +65,7 @@
|
|||
image = "postgres:12.18";
|
||||
restart = "always";
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/wiki/postgres_data:/var/lib/postgresql/data"
|
||||
"/storage/dataset/docker/wiki/postgres_data:/var/lib/postgresql/data"
|
||||
];
|
||||
networks = [
|
||||
"internal"
|
||||
|
|
|
@ -80,7 +80,7 @@ in {
|
|||
|
||||
locations:
|
||||
dashboard:
|
||||
from: /home/ghoscht/.docker/dashboard
|
||||
from: /storage/dataset/docker/dashboard
|
||||
to:
|
||||
- zfs
|
||||
- eustachius
|
||||
|
@ -93,7 +93,7 @@ in {
|
|||
after:
|
||||
- arion -f ${arionPath}/dashboard/arion-compose.nix -p ${arionPath}/dashboard/arion-pkgs.nix start
|
||||
dns:
|
||||
from: /home/ghoscht/.docker/dns
|
||||
from: /storage/dataset/docker/dns
|
||||
to:
|
||||
- zfs
|
||||
- eustachius
|
||||
|
@ -106,7 +106,7 @@ in {
|
|||
after:
|
||||
- arion -f ${arionPath}/dns/arion-compose.nix -p ${arionPath}/dns/arion-pkgs.nix start
|
||||
feed:
|
||||
from: /home/ghoscht/.docker/feed
|
||||
from: /storage/dataset/docker/feed
|
||||
to:
|
||||
- zfs
|
||||
- eustachius
|
||||
|
@ -119,7 +119,7 @@ in {
|
|||
after:
|
||||
- arion -f ${arionPath}/feed/arion-compose.nix -p ${arionPath}/feed/arion-pkgs.nix start
|
||||
git:
|
||||
from: /home/ghoscht/.docker/git
|
||||
from: /storage/dataset/docker/git
|
||||
to:
|
||||
- zfs
|
||||
- eustachius
|
||||
|
@ -131,7 +131,7 @@ in {
|
|||
after:
|
||||
- arion -f ${arionPath}/git/arion-compose.nix -p ${arionPath}/git/arion-pkgs.nix start
|
||||
media:
|
||||
from: /home/ghoscht/.docker/media
|
||||
from: /storage/dataset/docker/media
|
||||
to:
|
||||
- zfs
|
||||
- eustachius
|
||||
|
@ -143,9 +143,7 @@ in {
|
|||
after:
|
||||
- arion -f ${arionPath}/media/arion-compose.nix -p ${arionPath}/media/arion-pkgs.nix start
|
||||
nextcloud:
|
||||
from:
|
||||
- /storage/dataset/docker/nextcloud/nextcloud_data/data
|
||||
- /home/ghoscht/.docker/nextcloud/
|
||||
from: /storage/dataset/docker/nextcloud
|
||||
to:
|
||||
- zfs
|
||||
- eustachius
|
||||
|
@ -157,7 +155,7 @@ in {
|
|||
after:
|
||||
- arion -f ${arionPath}/nextcloud/arion-compose.nix -p ${arionPath}/nextcloud/arion-pkgs.nix start
|
||||
smarthome:
|
||||
from: /home/ghoscht/.docker/smarthome
|
||||
from: /storage/dataset/docker/smarthome
|
||||
to:
|
||||
- zfs
|
||||
- eustachius
|
||||
|
@ -170,10 +168,10 @@ in {
|
|||
after:
|
||||
- arion -f ${arionPath}/smarthome/arion-compose.nix -p ${arionPath}/smarthome/arion-pkgs.nix start
|
||||
passwords:
|
||||
from: /home/ghoscht/.docker/passwords
|
||||
from: /storage/dataset/docker/passwords
|
||||
to:
|
||||
- zfs
|
||||
# - ssd
|
||||
- ssd
|
||||
- eustachius
|
||||
cron: '0 4 * * *' # Every Day at 4:00
|
||||
hooks:
|
||||
|
@ -183,7 +181,7 @@ in {
|
|||
after:
|
||||
- arion -f ${arionPath}/passwords/arion-compose.nix -p ${arionPath}/passwords/arion-pkgs.nix start
|
||||
matrix:
|
||||
from: /home/ghoscht/.docker/matrix
|
||||
from: /storage/dataset/docker/matrix
|
||||
to:
|
||||
- zfs
|
||||
- eustachius
|
||||
|
@ -207,7 +205,7 @@ in {
|
|||
after:
|
||||
- arion -f ${arionPath}/media/arion-compose.nix -p ${arionPath}/media/arion-pkgs.nix start
|
||||
headscale:
|
||||
from: /home/ghoscht/.docker/headscale
|
||||
from: /storage/dataset/docker/headscale
|
||||
to:
|
||||
- zfs
|
||||
forget: prune
|
||||
|
@ -219,7 +217,7 @@ in {
|
|||
after:
|
||||
- arion -f ${arionPath}/headscale/arion-compose.nix -p ${arionPath}/headscale/arion-pkgs.nix start
|
||||
auth:
|
||||
from: /home/ghoscht/.docker/auth
|
||||
from: /storage/dataset/docker/auth
|
||||
to:
|
||||
- zfs
|
||||
- eustachius
|
||||
|
@ -232,7 +230,7 @@ in {
|
|||
after:
|
||||
- arion -f ${arionPath}/auth/arion-compose.nix -p ${arionPath}/auth/arion-pkgs.nix start
|
||||
infrastructure:
|
||||
from: /home/ghoscht/.docker/infrastructure
|
||||
from: /storage/dataset/docker/infrastructure
|
||||
to:
|
||||
- zfs
|
||||
- eustachius
|
||||
|
@ -245,7 +243,7 @@ in {
|
|||
after:
|
||||
- arion -f ${arionPath}/infrastructure/arion-compose.nix -p ${arionPath}/infrastructure/arion-pkgs.nix start
|
||||
wiki:
|
||||
from: /home/ghoscht/.docker/wiki
|
||||
from: /storage/dataset/docker/wiki
|
||||
to:
|
||||
- zfs
|
||||
- eustachius
|
||||
|
@ -258,7 +256,7 @@ in {
|
|||
after:
|
||||
- arion -f ${arionPath}/wiki/arion-compose.nix -p ${arionPath}/wiki/arion-pkgs.nix start
|
||||
stats:
|
||||
from: /home/ghoscht/.docker/stats
|
||||
from: /storage/dataset/docker/stats
|
||||
to:
|
||||
- zfs
|
||||
- eustachius
|
||||
|
@ -271,7 +269,7 @@ in {
|
|||
after:
|
||||
- arion -f ${arionPath}/stats/arion-compose.nix -p ${arionPath}/stats/arion-pkgs.nix start
|
||||
minio:
|
||||
from: /storage/dataset/docker/minio
|
||||
from: /storage/dataset/docker/stats
|
||||
to:
|
||||
- zfs
|
||||
- eustachius
|
||||
|
@ -299,10 +297,10 @@ in {
|
|||
type: local
|
||||
path: /storage/dataset/backups
|
||||
key: '${config.sops.placeholder."autorestic/zfs_key"}'
|
||||
# ssd:
|
||||
# type: local
|
||||
# path: /home/ghoscht/Backups
|
||||
# key: '${config.sops.placeholder."autorestic/ssd_key"}'
|
||||
ssd:
|
||||
type: local
|
||||
path: /home/ghoscht/Backups
|
||||
key: '${config.sops.placeholder."autorestic/ssd_key"}'
|
||||
eustachius:
|
||||
type: rest
|
||||
path: http://100.64.0.3:8000/franz
|
||||
|
|
Loading…
Reference in a new issue