Proxy

.gitignore

@@ -0,0 +1 @@
+.env

compose/forgejo.runner.yml

@@ -1,58 +0,0 @@
-# SAMPLE ENV
-# SHARED_SECRET=super-secret-string
-# ROOT_PASSWORD=super-secret-password
-
-volumes:
-  docker_certs:
-
-services:
-  docker-in-docker:
-    image: docker:dind
-    hostname: docker
-    privileged: true
-    environment:
-      DOCKER_TLS_CERTDIR: /certs
-      DOCKER_HOST: docker-in-docker
-    volumes:
-      - docker_certs:/certs
-
-  runner-register:
-    image: code.forgejo.org/forgejo/runner:3.4.1
-    links:
-      - docker-in-docker
-    environment:
-      DOCKER_HOST: tcp://docker-in-docker:2376
-      SHARED_SECRET: $SHARED_SECRET
-    volumes:
-      - /srv/runner-data:/data
-    user: 0:0
-    command: >-
-      bash -ec '
-      while : ; do
-        forgejo-runner create-runner-file --connect --instance http://codeberg.org --name runner --secret ${SHARED_SECRET} && break ;
-        sleep 1 ;
-      done ;
-      sed -i -e "s|\"labels\": null|\"labels\": [\"docker:docker://node:20-bookworm\", \"ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04\"]|" .runner ;
-      forgejo-runner generate-config > config.yml ;
-      sed -i -e "s|network: .*|network: host|" config.yml ;
-      sed -i -e "s|^  envs:$$|  envs:\n    DOCKER_HOST: tcp://docker:2376\n    DOCKER_TLS_VERIFY: 1\n    DOCKER_CERT_PATH: /certs/client|" config.yml ;
-      sed -i -e "s|^  options:|  options: -v /certs/client:/certs/client|" config.yml ;
-      sed -i -e "s|  valid_volumes: \[\]$$|  valid_volumes:\n    - /certs/client|" config.yml ;
-      chown -R 1000:1000 /data
-      '
-
-  runner-daemon:
-    image: code.forgejo.org/forgejo/runner:3.4.1
-    links:
-      - docker-in-docker
-    environment:
-      DOCKER_HOST: tcp://docker:2376
-      DOCKER_CERT_PATH: /certs/client
-      DOCKER_TLS_VERIFY: "1"
-    volumes:
-      - /srv/runner-data:/data
-      - docker_certs:/certs
-    command: >-
-      bash -c '
-      while : ; do test -w .runner && forgejo-runner --config config.yml daemon ; sleep 1 ; done
-      '

compose/immich.yml

@@ -1,56 +0,0 @@
-# SAMPLE ENV
-# UPLOAD_LOCATION=/mnt/nvme/immich/upload
-# DB_DATA_LOCATION=/mnt/nvme/immich/db
-# IMMICH_VERSION=release
-# DB_PASSWORD=immich
-# DB_USERNAME=immich
-# DB_DATABASE_NAME=immich
-
-services:
-  immich-server:
-    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
-    volumes:
-      - ${UPLOAD_LOCATION}:/usr/src/app/upload
-      - /etc/localtime:/etc/localtime:ro
-    environment:
-      DB_PASSWORD: ${DB_PASSWORD}
-      DB_USERNAME: ${DB_USERNAME}
-      DB_DATABASE_NAME: ${DB_DATABASE_NAME}
-    ports:
-      - 2283:3001
-    depends_on:
-      - redis
-      - database
-    restart: always
-
-  immich-machine-learning:
-    image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
-    volumes:
-      - model-cache:/cache
-    restart: always
-
-  redis:
-    image: docker.io/redis:6.2-alpine@sha256:e3b17ba9479deec4b7d1eeec1548a253acc5374d68d3b27937fcfe4df8d18c7e
-    healthcheck:
-      test: redis-cli ping || exit 1
-    restart: always
-
-  database:
-    image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
-    environment:
-      POSTGRES_PASSWORD: ${DB_PASSWORD}
-      POSTGRES_USER: ${DB_USERNAME}
-      POSTGRES_DB: ${DB_DATABASE_NAME}
-      POSTGRES_INITDB_ARGS: '--data-checksums'
-    volumes:
-      - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
-    healthcheck:
-      test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
-      interval: 5m
-      start_interval: 30s
-      start_period: 5m
-    command: ["postgres", "-c" ,"shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "logging_collector=on", "-c", "max_wal_size=2GB", "-c", "shared_buffers=512MB", "-c", "wal_compression=on"]
-    restart: always
-
-volumes:
-  model-cache:

compose/media.yml

@@ -15,6 +15,8 @@ services:
       - ${ROOT_PATH}/data/media:/media
     ports:
       - 8096:8096
+    networks:
+      - proxy
     restart: unless-stopped
 
   sonarr:
@@ -58,3 +60,8 @@ services:
     volumes:
       - ${ROOT_PATH}/config:/config
       - ${ROOT_PATH}/data:/data
+
+networks:
+  proxy_default:
+    name: proxy
+    external: true

compose/nginx.yml

@@ -1,12 +1,17 @@
 services:
   app:
-    image: 'jc21/nginx-proxy-manager:latest'
+    image: "jc21/nginx-proxy-manager:latest"
     restart: unless-stopped
     ports:
-      - '80:80' # Public HTTP Port
-      - '443:443' # Public HTTPS Port
-      - '81:81' # Admin Web Port
-      - '25565-25569:25565-25569' #Minecraft Ports
+      - "80:80" # Public HTTP Port
+      - "443:443" # Public HTTPS Port
+      - "81:81" # Admin Web Port
+      - "25565-25569:25565-25569" #Minecraft Ports
+    networks:
+      - proxy
     volumes:
       - ./data:/data
-      - ./letsencrypt:/etc/letsencrypt
+      - ./letsencrypt:/etc/letsencrypt
+
+networks:
+  proxy:

compose/uptime.yml

@@ -2,8 +2,15 @@
 
 services:
   kuma:
-    image: 'louislam/uptime-kuma:1'
+    image: "louislam/uptime-kuma:1"
     ports:
-      - '17958:3001'
+      - "17958:3001"
+    networks:
+      - proxy
     volumes:
-      - './uptimekuma_data:/app/data'
+      - "./uptimekuma_data:/app/data"
+
+networks:
+  proxy:
+    name: proxy
+    external: true