Added nextcloud and immich

This commit is contained in:
xeovalyte 2024-10-23 10:12:13 +02:00
parent 4eefcd1933
commit 74b0efc9ee
Signed by: xeovalyte
SSH Key Fingerprint: SHA256:kSQDrQDmKzljJzfGYcd3m9RqHi4h8rSwkZ3sQ9kBURo
10 changed files with 168 additions and 8 deletions

View File

@ -642,12 +642,21 @@ access_control:
- domain: 'bitwarden.timo.bmrs.nl'
policy: 'two_factor'
- domain: 'cloud.timo.bmrs.nl'
policy: 'bypass'
- domain: 'office.timo.bmrs.nl'
policy: 'bypass'
- domain: 'git.timo.bmrs.nl'
policy: 'bypass'
- domain: 'home.timo.bmrs.nl'
policy: 'one_factor'
- domain: 'immich.timo.bmrs.nl'
policy: 'bypass'
- domain: 'ldap.timo.bmrs.nl'
policy: 'two_factor'
subject: 'group:admin'

View File

@ -0,0 +1,4 @@
@immich host immich.timo.bmrs.nl
handle @immich {
reverse_proxy immich:2283
}

View File

@ -0,0 +1,12 @@
@nextcloud host cloud.timo.bmrs.nl
handle @nextcloud {
redir /.well-known/carddav /remote.php/dav/ 301
redir /.well-known/caldav /remote.php/dav/ 301
reverse_proxy nextcloud:80
}
@office host office.timo.bmrs.nl
handle @office {
reverse_proxy nextcloud-office:9980
}

View File

@ -20,6 +20,8 @@ services:
proxy:
aliases:
- auth.timo.bmrs.nl
- cloud.timo.bmrs.nl
- office.timo.bmrs.nl
volumes:
data:

View File

@ -355,10 +355,10 @@ RUN_USER = ; git
;;
;; MySQL Configuration
;;
DB_TYPE = mysql
HOST = 127.0.0.1:3306 ; can use socket e.g. /var/run/mysqld/mysqld.sock
NAME = gitea
USER = root
;DB_TYPE = mysql
;HOST = 127.0.0.1:3306 ; can use socket e.g. /var/run/mysqld/mysqld.sock
;NAME = gitea
;USER = root
;PASSWD = ;Use PASSWD = `your password` for quoting if you use special characters in the password.
;SSL_MODE = false ; either "false" (default), "true", or "skip-verify"
;CHARSET_COLLATION = ; Empty as default, Gitea will try to find a case-sensitive collation. Don't change it unless you clearly know what you need.

View File

@ -14,7 +14,7 @@ services:
- /etc/localtime:/etc/localtime:ro
environment:
FORGEJO__database__DB_TYPE: postgres
FORGEJO__database__HOST: "db:5432"
FORGEJO__database__HOST: "forgejo-db"
FORGEJO__database__NAME: forgejo
FORGEJO__database__USER: forgejo
FORGEJO__database__PASSWD: ${DB_PASSWORD}

View File

@ -51,5 +51,6 @@
- LLDAP:
description: Active directory
href: https://ldap.timo.bmrs.nl/
server: docker
container: lldap

View File

@ -0,0 +1,78 @@
services:
immich:
image: ghcr.io/immich-app/immich-server:release
container_name: immich
restart: unless-stopped
volumes:
- data:/usr/src/app/upload
- /etc/localtime:/etc/localtime:ro
environment:
DB_HOSTNAME: "immich-db"
env_file:
- .env
depends_on:
- redis
- db
immich-machine-learning:
image: ghcr.io/immich-app/immich-machine-learning:release
container_name: immich-machine-learning
restart: unless-stopped
volumes:
- cache:/cache
env_file:
- .env
redis:
image: docker.io/redis:6.2-alpine@sha256:2ba50e1ac3a0ea17b736ce9db2b0a9f6f8b85d4c27d5f5accc6a416d8f42c6d5
container_name: immich-redis
restart: unless-stopped
healthcheck:
test: redis-cli ping || exit 1
volumes:
- data_redis:/data
db:
image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
container_name: immich-db
restart: unless-stopped
volumes:
# Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
- data_db:/var/lib/postgresql/data
healthcheck:
test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
interval: 5m
start_interval: 30s
start_period: 5m
command:
[
'postgres',
'-c',
'shared_preload_libraries=vectors.so',
'-c',
'search_path="$$user", public, vectors',
'-c',
'logging_collector=on',
'-c',
'max_wal_size=2GB',
'-c',
'shared_buffers=512MB',
'-c',
'wal_compression=on',
]
environment:
POSTGRES_PASSWORD: ${DB_PASSWORD}
POSTGRES_USER: ${DB_USERNAME}
POSTGRES_DB: ${DB_DATABASE_NAME}
POSTGRES_INITDB_ARGS: '--data-checksums'
volumes:
data:
data_db:
data_redis:
cache:
networks:
default:
name: proxy
external: true

View File

@ -0,0 +1,54 @@
services:
nextcloud:
image: nextcloud:apache
container_name: nextcloud
restart: unless-stopped
volumes:
- data:/var/www/html
environment:
POSTGRES_HOST: nextcloud-db
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
POSTGRES_DB: nextcloud
POSTGRES_USER: nextcloud
REDIS_HOST: nextcloud-redis
TRUSTED_PROXIES: "172.23.0.0/24"
depends_on:
- db
- redis
db:
image: postgres:16
container_name: nextcloud-db
restart: unless-stopped
volumes:
- data_db:/var/lib/postgresql/data
environment:
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
POSTGRES_DB: nextcloud
POSTGRES_USER: nextcloud
redis:
image: redis:alpine
container_name: nextcloud-redis
restart: unless-stopped
volumes:
- data_redis:/data
office:
image: collabora/code
container_name: nextcloud-office
restart: unless-stopped
environment:
DOMAIN: "cloud.timo.bmrs.nl"
extra_params: "--o:ssl.enable=false --o:ssl.termination=true"
volumes:
data:
data_db:
data_redis:
networks:
default:
name: proxy
external: true

View File

@ -24,9 +24,9 @@
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/f8c0a59c-7e1a-4eb7-960e-20ba65fec156"; }
];
# swapDevices =
# [ { device = "/dev/disk/by-uuid/f8c0a59c-7e1a-4eb7-960e-20ba65fec156"; }
# ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's