From eacdd181654e9ba2b33a7d4197f1bb6592f0e592 Mon Sep 17 00:00:00 2001 From: "Matheus A." Date: Sat, 30 May 2026 22:48:53 -0300 Subject: [PATCH] Initial commit --- pipelines/docker/build/ImageMagick.dockerfile | 0 .../vars/dockerLib.groovy | 5 + .../vars/getAgentLabel.groovy | 3 + .../vars/jenkinsLib.groovy | 0 .../vars/steamCmdLib.groovy | 0 pipelines/jenkins/games/build-peak/Dockerfile | 0 .../jenkins/games/build-peak/pipeline.groovy | 39 +++++++ resources/rclone/rclone.conf | 42 +++++++ resources/rclone/sync-folders-pigallery2.sh | 18 +++ runIncus.sh | 19 ++++ .../minecraft/dragoncraft/docker-compose.yml | 24 ++++ services/copyparty/coolify.docker-compose.yml | 105 ++++++++++++++++++ .../coolify.simple.docker-compose.yml | 12 ++ services/copyparty/resources/copyparty.conf | 25 +++++ .../copyparty/resources/custom.copyparty.conf | 28 +++++ .../resources/example.copyparty.conf | 23 ++++ services/fireshare/coolify.docker-compose.yml | 19 ++++ services/gitea/README.md | 3 + services/gitea/coolify.docker-compose.yml | 49 ++++++++ services/gptwol/coolify.docker-compose.yml | 32 ++++++ services/immich/coolify.docker-compose.yml | 67 +++++++++++ services/jellyfin/coolify.docker-compose.yml | 23 ++++ services/jenkins/README.md | 11 ++ services/jenkins/coolify.docker-compose.yml | 27 +++++ services/jenkins/resources/jenkins.yml | 0 services/nextcloud/README.md | 23 ++++ services/nextcloud/coolify.docker-compose.yml | 69 ++++++++++++ .../coolify.mariadb.docker-compose.yml | 64 +++++++++++ .../pigallery2/coolify.docker-compose.yml | 18 +++ .../pterodactyl/coolify.docker-compose.yml | 0 services/soju/README.md | 3 + services/soju/coolify.docker-compose.yml | 20 ++++ services/vault/coolify.docker-compose.yml | 24 ++++ services/vaultwarden/README.md | 8 ++ .../vaultwarden/coolify.docker-compose.yml | 25 +++++ 35 files changed, 828 insertions(+) create mode 100644 pipelines/docker/build/ImageMagick.dockerfile create mode 100644 pipelines/jenkins/000-shared_libraries/vars/dockerLib.groovy create mode 100644 pipelines/jenkins/000-shared_libraries/vars/getAgentLabel.groovy create mode 100644 pipelines/jenkins/000-shared_libraries/vars/jenkinsLib.groovy create mode 100644 pipelines/jenkins/000-shared_libraries/vars/steamCmdLib.groovy create mode 100644 pipelines/jenkins/games/build-peak/Dockerfile create mode 100644 pipelines/jenkins/games/build-peak/pipeline.groovy create mode 100644 resources/rclone/rclone.conf create mode 100644 resources/rclone/sync-folders-pigallery2.sh create mode 100644 runIncus.sh create mode 100644 servers/minecraft/dragoncraft/docker-compose.yml create mode 100644 services/copyparty/coolify.docker-compose.yml create mode 100644 services/copyparty/coolify.simple.docker-compose.yml create mode 100644 services/copyparty/resources/copyparty.conf create mode 100644 services/copyparty/resources/custom.copyparty.conf create mode 100644 services/copyparty/resources/example.copyparty.conf create mode 100644 services/fireshare/coolify.docker-compose.yml create mode 100644 services/gitea/README.md create mode 100644 services/gitea/coolify.docker-compose.yml create mode 100644 services/gptwol/coolify.docker-compose.yml create mode 100644 services/immich/coolify.docker-compose.yml create mode 100644 services/jellyfin/coolify.docker-compose.yml create mode 100644 services/jenkins/README.md create mode 100644 services/jenkins/coolify.docker-compose.yml create mode 100644 services/jenkins/resources/jenkins.yml create mode 100644 services/nextcloud/README.md create mode 100644 services/nextcloud/coolify.docker-compose.yml create mode 100644 services/nextcloud/coolify.mariadb.docker-compose.yml create mode 100644 services/pigallery2/coolify.docker-compose.yml create mode 100644 services/pterodactyl/coolify.docker-compose.yml create mode 100644 services/soju/README.md create mode 100644 services/soju/coolify.docker-compose.yml create mode 100644 services/vault/coolify.docker-compose.yml create mode 100644 services/vaultwarden/README.md create mode 100644 services/vaultwarden/coolify.docker-compose.yml diff --git a/pipelines/docker/build/ImageMagick.dockerfile b/pipelines/docker/build/ImageMagick.dockerfile new file mode 100644 index 0000000..e69de29 diff --git a/pipelines/jenkins/000-shared_libraries/vars/dockerLib.groovy b/pipelines/jenkins/000-shared_libraries/vars/dockerLib.groovy new file mode 100644 index 0000000..57bc3ca --- /dev/null +++ b/pipelines/jenkins/000-shared_libraries/vars/dockerLib.groovy @@ -0,0 +1,5 @@ +def withDockerImage(String imageName, Closure cmd) { + docker.image(imageName).inside() { + cmd() + } +} diff --git a/pipelines/jenkins/000-shared_libraries/vars/getAgentLabel.groovy b/pipelines/jenkins/000-shared_libraries/vars/getAgentLabel.groovy new file mode 100644 index 0000000..0cb4f0a --- /dev/null +++ b/pipelines/jenkins/000-shared_libraries/vars/getAgentLabel.groovy @@ -0,0 +1,3 @@ +def call(String configName) { + return 'built-in' +} diff --git a/pipelines/jenkins/000-shared_libraries/vars/jenkinsLib.groovy b/pipelines/jenkins/000-shared_libraries/vars/jenkinsLib.groovy new file mode 100644 index 0000000..e69de29 diff --git a/pipelines/jenkins/000-shared_libraries/vars/steamCmdLib.groovy b/pipelines/jenkins/000-shared_libraries/vars/steamCmdLib.groovy new file mode 100644 index 0000000..e69de29 diff --git a/pipelines/jenkins/games/build-peak/Dockerfile b/pipelines/jenkins/games/build-peak/Dockerfile new file mode 100644 index 0000000..e69de29 diff --git a/pipelines/jenkins/games/build-peak/pipeline.groovy b/pipelines/jenkins/games/build-peak/pipeline.groovy new file mode 100644 index 0000000..62b9fce --- /dev/null +++ b/pipelines/jenkins/games/build-peak/pipeline.groovy @@ -0,0 +1,39 @@ +pipeline { + agent any + + stages { + stage('check for game updates') { + steps { + + } + } + + stage('download game') { + steps { + script { + withCredentials([string(credentialsId: 'ssh_key-root_at_banana', variable: 'API_KEY')]) { + sh "wget https://nexus.cloud.velha.casa/repository/static-hosted/peak-crack-files.zip" + } + } + } + } + + stage('patch game') { + steps { + + } + } + + stage('upload files') { + steps { + + } + } + + stage('notify') { + steps { + + } + } + } +} diff --git a/resources/rclone/rclone.conf b/resources/rclone/rclone.conf new file mode 100644 index 0000000..2e6ca2b --- /dev/null +++ b/resources/rclone/rclone.conf @@ -0,0 +1,42 @@ +[shared-furry-arts] +type = webdav +url = https://nextcloud.pudim.xyz/remote.php/dav/files/cloud/home/documents/furry-arts +vendor = nextcloud +user = cloud +pass = gJd_pnMll3uzQSzUxzUi4TMGVFv5KHDDLQ2TjP_p711m5MlDAJI8GzeMlTtH + +[shared-my-drawings-pngs] +type = webdav +url = https://nextcloud.pudim.xyz/remote.php/dav/files/cloud/home/documents/my-drawings/002_pngs +vendor = nextcloud +user = cloud +pass = TSGKtRCcvcAz3Gr8zxix5s668TXWeyq1l7D6YojMOaVaNYrJPOQyTvB5Fxlm + +[shared-pictures-memes] +type = webdav +url = https://nextcloud.pudim.xyz/remote.php/dav/files/cloud/home/pictures/memes +vendor = nextcloud +user = cloud +pass = uhEipgJfSpWS_YvARUP3615Xl5K6eehpdlupIq9x_GgfZGIZ3NsaMZF5xcwO + +[shared-pictures-screenshots] +type = webdav +url = https://nextcloud.pudim.xyz/remote.php/dav/files/cloud/home/pictures/screenshots +vendor = nextcloud +user = cloud +pass = G1XyfGDSudeq5qAy9_8-uwXxrpociii35ZZErmkiBx-i8_vNF0Ywj26JSwgE + +[shared-pictures-steam-screenshots] +type = webdav +url = https://nextcloud.pudim.xyz/remote.php/dav/files/cloud/home/pictures/steam-screenshots +vendor = nextcloud +user = cloud +pass = eTwu6irI3n-OOpjOL-05mkaQfGh858GS4fZ0rk7-4lCRAUxTGD49BgigFLvu + +[shared-pictures-wallpapers] +type = webdav +url = https://nextcloud.pudim.xyz/remote.php/dav/files/cloud/home/pictures/wallpapers +vendor = nextcloud +user = cloud +pass = UPykQ4Q05OG_6Ln-vuNzHUSKOyjx9N1VwW4VRcPqwD1RD79Y_QVeTZ49bQwQ + diff --git a/resources/rclone/sync-folders-pigallery2.sh b/resources/rclone/sync-folders-pigallery2.sh new file mode 100644 index 0000000..90fe380 --- /dev/null +++ b/resources/rclone/sync-folders-pigallery2.sh @@ -0,0 +1,18 @@ +#!/usr/bin/env bash + +PIGALLERY2_FOLDERPATH="${HOME}/incus/coolify/pigallery2" + +rclone_config_names_list=( + 'furry-arts' + 'my-drawings-pngs' + 'pictures-memes' + 'pictures-screenshots' + 'pictures-steam-screenshots' + 'pictures-wallpapers' +) + +cd "${PIGALLERY2_FOLDERPATH}" || exit + +for rclone_config_name in "${rclone_config_names_list[@]}"; do + rclone sync --progress "shared-${rclone_config_name}:" "${PIGALLERY2_FOLDERPATH}/${rclone_config_name}" +done diff --git a/runIncus.sh b/runIncus.sh new file mode 100644 index 0000000..e13e4c6 --- /dev/null +++ b/runIncus.sh @@ -0,0 +1,19 @@ +mkdir -p "$HOME/incus/coolify/jellyfin/data" +sudo incus config device add coolify sharedJellyfin disk source="$HOME/incus/coolify/jellyfin/data" path=/shared/jellyfin/data + +mkdir -p "$HOME/incus/coolify/nextcloud/data" +sudo incus config device add coolify sharedNextcloud disk source="$HOME/incus/coolify/nextcloud/data" path=/shared/nextcloud/data shift=true + +mkdir -p "$HOME/clouds/syncthing/data-hoarding" +sudo incus config device add coolify sharedPigallery2_DataHoarding disk source="$HOME/clouds/syncthing/data-hoarding" path=/shared/data-hoarding + +mkdir -p "$HOME/incus/coolify/pigallery2" +sudo incus config device add coolify sharedPigallery2 disk source="$HOME/incus/coolify/pigallery2" path=/shared/pigallery2 + +# won't work +# mkdir -p "$HOME/incus/coolify/vaultwarden/data" +# sudo incus config device add coolify sharedVaultwarden disk source="$HOME/incus/coolify/vaultwarden/data" path=/shared/vaultwarden/data + +# won't work +# mkdir -p "$HOME/incus/coolify/jenkins/data" +# sudo incus config device add coolify sharedJenkins disk source="$HOME/incus/coolify/jenkins/data" path=/shared/jenkins diff --git a/servers/minecraft/dragoncraft/docker-compose.yml b/servers/minecraft/dragoncraft/docker-compose.yml new file mode 100644 index 0000000..501a8e6 --- /dev/null +++ b/servers/minecraft/dragoncraft/docker-compose.yml @@ -0,0 +1,24 @@ +# Generated by setupmc.com on 2025-11-07T04:59:24.945Z + +services: + mc: + image: itzg/minecraft-server:latest + tty: true + stdin_open: true + ports: + - "25565:25565" + environment: + EULA: "TRUE" + TYPE: "AUTO_CURSEFORGE" + CF_PAGE_URL: "https://www.curseforge.com/minecraft/modpacks/dragoncraft" + CF_API_KEY: "$$2a$$10$$lxrO21bOQCJKA9Oh79QqxuR88if6JgkS3yg.n2.gDXWVE6SAQetqm" + MEMORY: "4096M" + DIFFICULTY: "2" + OPS: |- + noodlebites + ENABLE_WHITELIST: "true" + WHITELIST: |- + noodlebites + volumes: + - "./data:/data" + diff --git a/services/copyparty/coolify.docker-compose.yml b/services/copyparty/coolify.docker-compose.yml new file mode 100644 index 0000000..870047c --- /dev/null +++ b/services/copyparty/coolify.docker-compose.yml @@ -0,0 +1,105 @@ +services: + copyparty: + image: copyparty/ac + environment: + # - SERVICE_URL_COPYPARTY_3923 + - LD_PRELOAD=/usr/lib/libmimalloc-secure.so.NOPE # enable mimalloc by replacing "NOPE" with "2" for a nice speed-boost (will use twice as much ram) + - PYTHONUNBUFFERED=1 # ensures log-messages are not delayed (but can reduce speed a tiny bit) + # container_name: idp_copyparty + # user: "1000:1000" # should match the user/group of your fileshare volumes + volumes: + - type: bind + source: /share/app/copyparty/files/public + target: /w:z + - cpp/:/cfg:z + # networks: + # - net + # expose: + # - 3923 + labels: + - 'traefik.enable=true' + - 'traefik.http.routers.copyparty.rule=Host(`files.cloud.velha.casa`)' + - 'traefik.http.routers.copyparty.entrypoints=https' + - 'traefik.http.routers.copyparty.tls=true' + - 'traefik.http.routers.copyparty.middlewares=authelia@docker' + stop_grace_period: 15s # thumbnailer is allowed to continue finishing up for 10s after the shutdown signal + + authelia: + image: authelia/authelia:v4.38.0-beta3 # the config files in the authelia folder use the new syntax + environment: + # - SERVICE_URL_AUTHELIA_9091 + # container_name: idp_authelia + volumes: + - authelia:/config:z + - TZ=America/Sao_Paulo + # networks: + # - net + labels: + - 'traefik.enable=true' + - 'traefik.http.routers.authelia.rule=Host(`authelia.cloud.velha.casa`)' + - 'traefik.http.routers.authelia.entrypoints=https' + - 'traefik.http.routers.authelia.tls=true' + #- 'traefik.http.routers.authelia.tls.certresolver=letsencrypt' # uncomment this to enable automatic certificate signing (1/2) + - 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia.cloud.velha.casa/api/authz/forward-auth?authelia_url=https://authelia.cloud.velha.casa' + - 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true' + - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email' + # expose: + # - 9091 + # restart: unless-stopped + # healthcheck: + # disable: true + + redis: + image: redis:7.2.4-alpine3.19 + environment: + # - SERVICE_URL_REDIS_6379 + - TZ=America/Sao_Paulo + # container_name: idp_redis + volumes: + - redis:/data:z + # networks: + # - net + # expose: + # - 6379 + # restart: unless-stopped + + # traefik: + # image: traefik:2.11.0 + # container_name: idp_traefik + # volumes: + # - ./traefik:/etc/traefik:z + # - /var/run/docker.sock:/var/run/docker.sock # WARNING: this gives traefik full root-access to the host OS, but is recommended/required(?) by traefik + # security_opt: + # - label:disable # disable selinux because it (rightly) blocks access to docker.sock + # networks: + # - net + # labels: + # - 'traefik.enable=true' + # - 'traefik.http.routers.api.rule=Host(`traefik.example.com`)' + # - 'traefik.http.routers.api.entrypoints=https' + # - 'traefik.http.routers.api.service=api@internal' + # - 'traefik.http.routers.api.tls=true' + # #- 'traefik.http.routers.api.tls.certresolver=letsencrypt' # uncomment this to enable automatic certificate signing (2/2) + # - 'traefik.http.routers.api.middlewares=authelia@docker' + # ports: + # - '80:80' + # - '443:443' + # command: + # - '--api' + # - '--providers.docker=true' + # - '--providers.docker.exposedByDefault=false' + # - '--entrypoints.http=true' + # - '--entrypoints.http.address=:80' + # - '--entrypoints.http.http.redirections.entrypoint.to=https' + # - '--entrypoints.http.http.redirections.entrypoint.scheme=https' + # - '--entrypoints.https=true' + # - '--entrypoints.https.address=:443' + # - '--certificatesResolvers.letsencrypt.acme.email=your-email@your-domain.com' + # - '--certificatesResolvers.letsencrypt.acme.storage=/etc/traefik/acme.json' + # - '--certificatesResolvers.letsencrypt.acme.httpChallenge.entryPoint=http' + # - '--log=true' + # - '--log.level=WARNING' # DEBUG + +# networks: +# net: +# driver: bridge diff --git a/services/copyparty/coolify.simple.docker-compose.yml b/services/copyparty/coolify.simple.docker-compose.yml new file mode 100644 index 0000000..f66a53c --- /dev/null +++ b/services/copyparty/coolify.simple.docker-compose.yml @@ -0,0 +1,12 @@ +services: + copyparty: + image: 'copyparty/ac' + environment: + - SERVICE_URL_COPYPARTY_3923 + - LD_PRELOAD=/usr/lib/libmimalloc-secure.so.NOPE + volumes: + - 'copyparty-config:/cfg' + - type: bind + source: /share/app/copyparty/files + target: /share/files + is_directory: true diff --git a/services/copyparty/resources/copyparty.conf b/services/copyparty/resources/copyparty.conf new file mode 100644 index 0000000..df1d704 --- /dev/null +++ b/services/copyparty/resources/copyparty.conf @@ -0,0 +1,25 @@ +[global] + e2dsa # enable file indexing and filesystem scanning + e2ts # enable multimedia indexing + ansi # enable colors in log messages + + # p: 3939 # listen on another port + # ipa: 10.89. # only allow connections from 10.89.* + df: 4 # stop accepting uploads if less than 16 gb free disk space + ver # show copyparty version in the controlpanel + # grid # show thumbnails/grid-view by default + # theme: 2 # monokai + name: watermelon # change the server-name that's displayed in the browser + # stats, nos-dup # enable the prometheus endpoint, but disable the dupes counter (too slow) + no-robots, force-js # make it harder for search engines to read your server + + +[accounts] + $USER: $PASSWORD # username: password + + +[/] # create a volume at "/" (the webroot), which will + /w # share /w (the docker data volume) + accs: + rw: * # everyone gets read-write access, but + rwmda: ed # the user "ed" gets read-write-move-delete-admin diff --git a/services/copyparty/resources/custom.copyparty.conf b/services/copyparty/resources/custom.copyparty.conf new file mode 100644 index 0000000..6ab66cb --- /dev/null +++ b/services/copyparty/resources/custom.copyparty.conf @@ -0,0 +1,28 @@ +[global] + e2dsa + e2ts + ansi + + df: 4 + ver + name: dragonfruit + no-robots, force-js + + +[accounts] + cloud: (rE*b#cm-Fn'pI#};ty3/gHg + canto: dosilencio + + +[/] + /share/files/public + accs: + r: * + rwmda: cloud + + +[/canto] + /share/files/canto + accs: + r: canto + rwmda: cloud diff --git a/services/copyparty/resources/example.copyparty.conf b/services/copyparty/resources/example.copyparty.conf new file mode 100644 index 0000000..4d3b66a --- /dev/null +++ b/services/copyparty/resources/example.copyparty.conf @@ -0,0 +1,23 @@ +# append some arguments to the commandline; +# accepts anything listed in --help (leading dashes are optional) +# and inline comments are OK if there is 2 spaces before the '#' +[global] + e2dsa # enable file indexing and filesystem scanning + e2ts # and enable multimedia indexing + ansi # enable colors in log messages + df: 4 # stop accepting uploads if less than 16 gb free disk space + ver # show copyparty version in the controlpanel + name: watermelon # change the server-name that's displayed in the browser + z, qr # and zeroconf and qrcode (you can comma-separate arguments) + no-robots, force-js # make it harder for search engines to read your server + +# create users: +[accounts] + admin: (fill) # username: password + +# create volumes: +[/] # create a volume at "/" (the webroot), which will + /share/files/public # share the contents of "." (the current directory) + accs: + r: * # everyone gets read-access, but + rwmda: admin # the user "admin" gets read-write-move-delete-admin diff --git a/services/fireshare/coolify.docker-compose.yml b/services/fireshare/coolify.docker-compose.yml new file mode 100644 index 0000000..a4a2eb4 --- /dev/null +++ b/services/fireshare/coolify.docker-compose.yml @@ -0,0 +1,19 @@ +services: + fireshare: + image: shaneisrael/fireshare:latest + volumes: + - ./dev_root/fireshare_data:/data + - ./dev_root/fireshare_processed:/processed + - type: bind + source: /shared/nextcloud/data/cloud/files/clips + target: /videos + environment: + - SERVICE_URL_FIRESHARE_80 + - ADMIN_USERNAME=${SERVICE_USER_ADMIN:-admin} + - ADMIN_PASSWORD=${SERVICE_PASSWORD_ADMIN} + - SECRET_KEY=${SERVICE_BASE64_SECRETKEY} + - MINUTES_BETWEEN_VIDEO_SCANS=5 + - THUMBNAIL_VIDEO_LOCATION=0 + - DOMAIN=clips.cloud.velha.casa + - PUID=1000 + - PGID=1000 diff --git a/services/gitea/README.md b/services/gitea/README.md new file mode 100644 index 0000000..1fb2b9c --- /dev/null +++ b/services/gitea/README.md @@ -0,0 +1,3 @@ +incus config device add coolify gitea-ssh proxy \ + listen=tcp:0.0.0.0:22222 \ + connect=tcp::22222 diff --git a/services/gitea/coolify.docker-compose.yml b/services/gitea/coolify.docker-compose.yml new file mode 100644 index 0000000..4adeca0 --- /dev/null +++ b/services/gitea/coolify.docker-compose.yml @@ -0,0 +1,49 @@ +services: + gitea: + image: 'gitea/gitea:latest' + environment: + - SERVICE_FQDN_GITEA_3000 + - USER_UID=1000 + - USER_GID=1000 + - GITEA__database__DB_TYPE=mysql + - GITEA__database__HOST=mariadb + - 'GITEA__database__NAME=${MYSQL_DATABASE-gitea}' + - GITEA__database__USER=$SERVICE_USER_MYSQL + - GITEA__database__PASSWD=$SERVICE_PASSWORD_MYSQL + volumes: + - 'gitea-data:/data' + - 'gitea-timezone:/etc/timezone:ro' + - 'gitea-localtime:/etc/localtime:ro' + ports: + - '22222:22' + depends_on: + mariadb: + condition: service_healthy + healthcheck: + test: + - CMD + - curl + - '-f' + - 'http://127.0.0.1:3000' + interval: 2s + timeout: 10s + retries: 15 + mariadb: + image: 'mariadb:11' + volumes: + - 'gitea-mariadb-data:/var/lib/mysql' + environment: + - 'MYSQL_USER=${SERVICE_USER_MYSQL}' + - 'MYSQL_PASSWORD=${SERVICE_PASSWORD_MYSQL}' + - 'MYSQL_DATABASE=${MYSQL_DATABASE}' + - 'MYSQL_ROOT_PASSWORD=${SERVICE_PASSWORD_MYSQLROOT}' + healthcheck: + test: + - CMD + - healthcheck.sh + - '--connect' + - '--innodb_initialized' + interval: 5s + timeout: 20s + retries: 10 + diff --git a/services/gptwol/coolify.docker-compose.yml b/services/gptwol/coolify.docker-compose.yml new file mode 100644 index 0000000..e193d91 --- /dev/null +++ b/services/gptwol/coolify.docker-compose.yml @@ -0,0 +1,32 @@ +services: + gptwol: + image: misterbabou/gptwol:latest + # network_mode: host + # restart: unless-stopped + environment: + - TZ=America/Sao_Paulo + #- PORT=5000 #Free Port on Your host; default is 5000 + #- IP=0.0.0.0 #App listening IPV4 or IPV6 (ex [::]) address; default is 0.0.0.0 + #- LOG_LEVEL=INFO #Can be DEBUG, INFO, WARN or ERROR + - ENABLE_LOGIN=true # Enable or disable local login; You would be able to access with USERNAME and PASSWORD; default is false + - USERNAME=cloud # Set a username; default is admin + - PASSWORD=${SERVICE_PASSWORD_64_ADMIN} # Set a password; default is admin + #- OIDC_ENABLED=false # Enable OIDC LOGIN; default is false + #- OIDC_ISSUER=https://auth.exemple.com # Base URL of the OIDC server - Should not include the `/.well-known/openid-configuration` part and no trailing `/`; default is not set + #- OIDC_CLIENT_ID=oidcclientid # Your OIDC client ID; default is not set + #- OIDC_CLIENT_SECRET=oidcclientsecret # Your OIDC Client Secret; default is not set + #- OIDC_REDIRECT_URI=http(s)://urlofyourgptwol(:port) # Base URL of your GPTWOL instance; default is not set + #- SCRIPT_NAME=/my-app # Uncomment this line to run the app under a prefix; default is not set + #- ENABLE_ADD_DEL=true # Enable or disable ADD computer and Delete computer buttons; default is true + #- ENABLE_REFRESH=true # Enable or disable automatic status refresh; default is true + #- REFRESH_INTERVAL=30 # Uncomment to change time between each status check for icmp, arp or tcp, can (in s); default value is 30 seconds + #- PING_TIMEOUT=300 #Uncomment to change the time to wait for a ping answer in (in ms); default value is 300 milliseconds + #- ARP_INTERFACE=eth0 #Uncomment this line to set an arp interface manually for scan and test; default is not set + #- ARP_TIMEOUT=300 #Uncomment to change the time to wait for a arp answer (in ms); default value is 300 milliseconds + #- TCP_TIMEOUT=1 #Uncomment to change the time to wait for a tcp check (in s); default value 1 second + #- ENABLE_L2_WOL_PACKET=false # Enable L2 WOL packet instead of L4, default is false + #- L2_INTERFACE=eth0 # Set the default interface for L2 WOL (set this only if you set ENABLE_L2_WOL_PACKET to true), default is eth0 + - SERVICE_URL_GPTWOL_5000 + volumes: + - 'db-data:/app/db' + - 'cron-data:/etc/cron.d' diff --git a/services/immich/coolify.docker-compose.yml b/services/immich/coolify.docker-compose.yml new file mode 100644 index 0000000..875d1b5 --- /dev/null +++ b/services/immich/coolify.docker-compose.yml @@ -0,0 +1,67 @@ +services: + immich: + image: 'ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}' + volumes: + - 'immich-uploads:/usr/src/app/upload' + - type: bind + source: '/shared/nextcloud/data/cloud/files/home/pictures/DCIM' + target: '/libraries/DCIM' + is_directory: true + - '/etc/localtime:/etc/localtime:ro' + environment: + - SERVICE_URL_IMMICH_2283 + - UPLOAD_LOCATION=./library + - DB_DATA_LOCATION=./postgres + - DB_PASSWORD=$SERVICE_PASSWORD_POSTGRES + - DB_USERNAME=$SERVICE_USER_POSTGRES + - 'DB_DATABASE_NAME=${DB_DATABASE_NAME:-immich}' + - 'TZ=${TZ:-Etc/UTC}' + depends_on: + redis: + condition: service_healthy + database: + condition: service_healthy + healthcheck: + disable: false + immich-machine-learning: + container_name: immich_machine_learning + image: 'ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}' + volumes: + - 'immich-model-cache:/cache' + environment: + - UPLOAD_LOCATION=./library + - DB_DATA_LOCATION=./postgres + - DB_PASSWORD=$SERVICE_PASSWORD_POSTGRES + - DB_USERNAME=$SERVICE_USER_POSTGRES + - 'DB_DATABASE_NAME=${DB_DATABASE_NAME:-immich}' + - 'TZ=${TZ:-Etc/UTC}' + healthcheck: + disable: false + redis: + image: 'redis:7.4-alpine' + healthcheck: + test: + - CMD + - redis-cli + - PING + interval: 5s + timeout: 10s + retries: 20 + database: + image: 'ghcr.io/immich-app/postgres:14-vectorchord0.3.0-pgvectors0.2.0' + environment: + POSTGRES_PASSWORD: '${SERVICE_PASSWORD_POSTGRES}' + POSTGRES_USER: '${SERVICE_USER_POSTGRES}' + POSTGRES_DB: '${DB_DATABASE_NAME:-immich}' + POSTGRES_INITDB_ARGS: '--data-checksums' + DB_STORAGE_TYPE: '${DB_STORAGE_TYPE:-SSD}' + volumes: + - 'immich-postgres-data:/var/lib/postgresql/data' + healthcheck: + test: + - CMD-SHELL + - 'pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}' + interval: 5s + timeout: 20s + retries: 10 + diff --git a/services/jellyfin/coolify.docker-compose.yml b/services/jellyfin/coolify.docker-compose.yml new file mode 100644 index 0000000..b06f02a --- /dev/null +++ b/services/jellyfin/coolify.docker-compose.yml @@ -0,0 +1,23 @@ +services: + jellyfin: + image: 'lscr.io/linuxserver/jellyfin:latest' + environment: + - SERVICE_URL_JELLYFIN_8096 + - PUID=1000 + - PGID=1000 + - 'TZ=${TZ:-Brazil/Sao_Paulo}' + - JELLYFIN_PublishedServerUrl=$SERVICE_URL_JELLYFIN + volumes: + - 'jellyfin-config:/config' + - type: bind + source: /shared/jellyfin/data + target: /data + healthcheck: + test: + - CMD + - curl + - '-f' + - 'http://127.0.0.1:8096' + interval: 2s + timeout: 10s + retries: 15 diff --git a/services/jenkins/README.md b/services/jenkins/README.md new file mode 100644 index 0000000..56ab405 --- /dev/null +++ b/services/jenkins/README.md @@ -0,0 +1,11 @@ +- don't create '/jenkins' folder. it will be created automatically +- 'https://adoptium.net/installation/linux/' steps is mandatory + +- for bitwarden support in arm systems + +``` +apt install -y npm +npm install -g @bitwarden/cli +whereis bw +``` + diff --git a/services/jenkins/coolify.docker-compose.yml b/services/jenkins/coolify.docker-compose.yml new file mode 100644 index 0000000..1cafee7 --- /dev/null +++ b/services/jenkins/coolify.docker-compose.yml @@ -0,0 +1,27 @@ +services: + jenkins: + image: 'jenkins/jenkins:latest' + environment: + - SERVICE_FQDN_JENKINS_8080 + - 'CASC_JENKINS_CONFIG=/jenkins/casc/jenkins.yml' + volumes: + - 'jenkins-home:/var/jenkins_home' + # - type: bind + # source: '/shared/jenkins/home' + # target: '/var/jenkins_home' + # is_directory: true + - '/usr/local/bin/bw:/usr/local/bin/bw' + - '/var/run/docker.sock:/var/run/docker.sock' + - type: bind + source: '/shared/jenkins/jenkins.yml' + target: '/jenkins/jcasc/jenkins.yml' + healthcheck: + test: + - CMD + - curl + - '-f' + - 'http://localhost:8080/login' + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s diff --git a/services/jenkins/resources/jenkins.yml b/services/jenkins/resources/jenkins.yml new file mode 100644 index 0000000..e69de29 diff --git a/services/nextcloud/README.md b/services/nextcloud/README.md new file mode 100644 index 0000000..ab1e430 --- /dev/null +++ b/services/nextcloud/README.md @@ -0,0 +1,23 @@ +- if needed, restart server proxy in coolify + +- in coolify, make the database's service port publicly available (5432) + + + +- in start page, set database to "postgres" and use credentials provided by coolify dashboard +-- postgres host+port is likely "10.100.0.2:6379" +``` +``` + +- in `/config/www/nextcloud/config/config.php`, add: +``` + 'overwriteprotocol' => 'https', + 'filesystem_check_changes' => 1, +``` + +``` +``` + +- in admin panel, configure: +-- timezone + diff --git a/services/nextcloud/coolify.docker-compose.yml b/services/nextcloud/coolify.docker-compose.yml new file mode 100644 index 0000000..47a5830 --- /dev/null +++ b/services/nextcloud/coolify.docker-compose.yml @@ -0,0 +1,69 @@ +services: + nextcloud: + image: 'lscr.io/linuxserver/nextcloud:latest' + environment: + - SERVICE_URL_NEXTCLOUD_80 + - PUID=1000 + - PGID=1000 + - 'TZ=${TZ:-Brazil/Sao_Paulo}' + - 'POSTGRES_DB=${POSTGRES_DB:-nextcloud}' + - 'POSTGRES_USER=${SERVICE_USER_POSTGRES}' + - 'POSTGRES_PASSWORD=${SERVICE_PASSWORD_POSTGRES}' + - POSTGRES_HOST=nextcloud-db + - REDIS_HOST=redis + - REDIS_PORT=6379 + - 'NEXTCLOUD_ADMIN_USER=${SERVICE_USER_ADMIN}' + - 'NEXTCLOUD_ADMIN_PASSWORD=${SERVICE_PASSWORD_ADMIN}' + # - NEXTCLOUD_TRUSTED_DOMAINS=10.100.0.1 + # - OVERWRITEHOST=https://nextcloud.cloud.velha.casa + - OVERWRITEPROTOCOL=https + volumes: + - 'nextcloud-config:/config' + - 'nextcloud-data:/data' + - type: bind + source: /shared/app/nextcloud/data + target: /data + is_directory: true + depends_on: + nextcloud-db: + condition: service_healthy + redis: + condition: service_healthy + healthcheck: + test: + - CMD + - curl + - '-f' + - 'http://127.0.0.1:80' + interval: 2s + timeout: 10s + retries: 15 + nextcloud-db: + image: 'postgres:16-alpine' + ports: + - "5432:5432" + volumes: + - 'nextcloud-postgresql-data:/var/lib/postgresql/data' + environment: + - 'POSTGRES_USER=${SERVICE_USER_POSTGRES}' + - 'POSTGRES_PASSWORD=${SERVICE_PASSWORD_POSTGRES}' + - 'POSTGRES_DB=${POSTGRES_DB:-nextcloud}' + healthcheck: + test: + - CMD-SHELL + - 'pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}' + interval: 5s + timeout: 20s + retries: 10 + redis: + image: 'redis:7.4-alpine' + volumes: + - 'nextcloud-redis-data:/data' + healthcheck: + test: + - CMD + - redis-cli + - PING + interval: 5s + timeout: 10s + retries: 20 diff --git a/services/nextcloud/coolify.mariadb.docker-compose.yml b/services/nextcloud/coolify.mariadb.docker-compose.yml new file mode 100644 index 0000000..1eaf822 --- /dev/null +++ b/services/nextcloud/coolify.mariadb.docker-compose.yml @@ -0,0 +1,64 @@ +services: + nextcloud: + image: 'lscr.io/linuxserver/nextcloud:latest' + environment: + - SERVICE_URL_NEXTCLOUD_80 + - PUID=1000 + - PGID=1000 + - 'TZ=${TZ:-America/Sao_Paulo}' + - 'MYSQL_DATABASE=${MARIADB_DATABASE:-nextcloud}' + - 'MYSQL_USER=${SERVICE_USER_MARIADB}' + - 'MYSQL_PASSWORD=${SERVICE_PASSWORD_MARIADB}' + - MYSQL_HOST=nextcloud-db + - REDIS_HOST=redis + - REDIS_PORT=6379 + volumes: + - 'nextcloud-config:/config' + - type: bind + source: /shared/nextcloud/data + target: /data + is_directory: true + depends_on: + nextcloud-db: + condition: service_healthy + redis: + condition: service_healthy + healthcheck: + test: + - CMD + - curl + - '-f' + - 'http://127.0.0.1:80' + interval: 2s + timeout: 10s + retries: 15 + nextcloud-db: + image: 'mariadb:11' + volumes: + - 'nextcloud-mariadb-data:/var/lib/mysql' + environment: + - 'MYSQL_ROOT_PASSWORD=${SERVICE_PASSWORD_ROOT}' + - 'MYSQL_DATABASE=${MARIADB_DATABASE:-nextcloud}' + - 'MYSQL_USER=${SERVICE_USER_MARIADB}' + - 'MYSQL_PASSWORD=${SERVICE_PASSWORD_MARIADB}' + healthcheck: + test: + - CMD + - healthcheck.sh + - '--connect' + - '--innodb_initialized' + interval: 5s + timeout: 20s + retries: 10 + redis: + image: 'redis:7.4-alpine' + volumes: + - 'nextcloud-redis-data:/data' + healthcheck: + test: + - CMD + - redis-cli + - PING + interval: 5s + timeout: 10s + retries: 20 diff --git a/services/pigallery2/coolify.docker-compose.yml b/services/pigallery2/coolify.docker-compose.yml new file mode 100644 index 0000000..e1726f1 --- /dev/null +++ b/services/pigallery2/coolify.docker-compose.yml @@ -0,0 +1,18 @@ +services: + pigallery2: + image: 'bpatrik/pigallery2:latest' + environment: + - SERVICE_URL_PIGALLERY2_80 + - NODE_ENV=production + volumes: + - 'pigallery2-config:/app/data/config' + - 'db-data:/app/data/db' + - type: bind + # source: '/shared/data-hoarding' + source: '/shared/nextcloud/data/cloud/files/data-hoarding' + target: '/app/data/images/data-hoarding' + is_directory: true + - type: bind + source: '/shared/pigallery2' + target: '/app/data/images/my-stuff' + is_directory: true diff --git a/services/pterodactyl/coolify.docker-compose.yml b/services/pterodactyl/coolify.docker-compose.yml new file mode 100644 index 0000000..e69de29 diff --git a/services/soju/README.md b/services/soju/README.md new file mode 100644 index 0000000..ef0144d --- /dev/null +++ b/services/soju/README.md @@ -0,0 +1,3 @@ +incus profile device add default proxy proxy \ + listen=tcp:0.0.0.0:6668 \ + connect=tcp:127.0.0.1:6667 diff --git a/services/soju/coolify.docker-compose.yml b/services/soju/coolify.docker-compose.yml new file mode 100644 index 0000000..49fd8e4 --- /dev/null +++ b/services/soju/coolify.docker-compose.yml @@ -0,0 +1,20 @@ +services: + soju: + image: 'codeberg.org/emersion/soju:latest' + environment: + - SERVICE_URL_SOJU_80 + volumes: + - 'soju-db:/db' + - 'soju-uploads:/uploads' + - 'soju-run:/run/soju' + - + type: bind + source: ./soju/config + target: /soju-config + ports: + - 6667:6667 +volumes: + soju-db: null + soju-uploads: null + soju-run: null + diff --git a/services/vault/coolify.docker-compose.yml b/services/vault/coolify.docker-compose.yml new file mode 100644 index 0000000..515b41c --- /dev/null +++ b/services/vault/coolify.docker-compose.yml @@ -0,0 +1,24 @@ +services: + vault: + image: hashicorp/vault:latest + environment: + - 'SERVICE_URL_VAULT_8200' + - 'VAULT_ADDR=${SERVICE_URL_VAULT_8200}' + - 'VAULT_API_ADDR=${SERVICE_URL_VAULT_8200}' + - 'VAULT_ADDRESS=${SERVICE_URL_VAULT_8200}' + - 'VAULT_UI=true' + - 'VAULT_TOKEN=${SERVICE_PASSWORD_64_VAULTTOKEN}' + volumes: + - 'vault-data:/vault' + # - type: bind + # source: '/shared/vault' + # target: '/vault' + # is_directory: true + # - ./logs:/vault/logs/:rw + # - ./data:/vault/data/:rw + # - ./config:/vault/config/:rw + # - ./certs:/certs/:rw + # - ./file:/vault/file/:rw + # cap_add: + # - IPC_LOCK + # entrypoint: vault server -config /vault/config/config.hcl diff --git a/services/vaultwarden/README.md b/services/vaultwarden/README.md new file mode 100644 index 0000000..dc75de9 --- /dev/null +++ b/services/vaultwarden/README.md @@ -0,0 +1,8 @@ +- https://plugins.jenkins.io/bitwarden-credentials-provider/#plugin-content-getting-started +- after setting things up, it's possible that jenkins shows this in the logs: + +``` +java.lang.IllegalStateException: Bitwarden CLI is not installed and could not be downloaded automatically. If on an unsupported architecture, please install it manually and set the path in the Jenkins configuration. +``` + + diff --git a/services/vaultwarden/coolify.docker-compose.yml b/services/vaultwarden/coolify.docker-compose.yml new file mode 100644 index 0000000..0703cc3 --- /dev/null +++ b/services/vaultwarden/coolify.docker-compose.yml @@ -0,0 +1,25 @@ +services: + vaultwarden: + image: 'vaultwarden/server:latest' + environment: + - SERVICE_URL_VAULTWARDEN + - 'DOMAIN=${SERVICE_URL_VAULTWARDEN}' + - 'DATABASE_URL=${VAULTWARDEN_DB_URL:-data/db.sqlite3}' + - 'SIGNUPS_ALLOWED=true' # change to 'false' eventually + - 'INVITATIONS_ALLOWED=false' + - 'ADMIN_TOKEN=${SERVICE_PASSWORD_64_ADMIN}' + - IP_HEADER=X-Forwarded-For + - 'PUSH_ENABLED=${PUSH_ENABLED:-false}' + - 'PUSH_INSTALLATION_ID=${PUSH_SERVICE_ID}' + - 'PUSH_INSTALLATION_KEY=${PUSH_SERVICE_KEY}' + volumes: + - 'vaultwarden-data:/data' + healthcheck: + test: + - CMD + - curl + - '-f' + - 'http://127.0.0.1:80' + interval: 2s + timeout: 10s + retries: 15