Initial commit

2026-05-30 22:48:53 -03:00
commit eacdd18165
35 changed files with 828 additions and 0 deletions
--- a/services/copyparty/coolify.docker-compose.yml
+++ b/services/copyparty/coolify.docker-compose.yml
@@ -0,0 +1,105 @@
+services:
+  copyparty:
+    image: copyparty/ac
+    environment:
+      # - SERVICE_URL_COPYPARTY_3923
+      - LD_PRELOAD=/usr/lib/libmimalloc-secure.so.NOPE # enable mimalloc by replacing "NOPE" with "2" for a nice speed-boost (will use twice as much ram)
+      - PYTHONUNBUFFERED=1 # ensures log-messages are not delayed (but can reduce speed a tiny bit)
+    # container_name: idp_copyparty
+    # user: "1000:1000"  # should match the user/group of your fileshare volumes
+    volumes:
+      - type: bind
+        source: /share/app/copyparty/files/public
+        target: /w:z
+      - cpp/:/cfg:z
+    # networks:
+    #   - net
+    # expose:
+    #   - 3923
+    labels:
+      - 'traefik.enable=true'
+      - 'traefik.http.routers.copyparty.rule=Host(`files.cloud.velha.casa`)'
+      - 'traefik.http.routers.copyparty.entrypoints=https'
+      - 'traefik.http.routers.copyparty.tls=true'
+      - 'traefik.http.routers.copyparty.middlewares=authelia@docker'
+    stop_grace_period: 15s  # thumbnailer is allowed to continue finishing up for 10s after the shutdown signal
+
+  authelia:
+    image: authelia/authelia:v4.38.0-beta3  # the config files in the authelia folder use the new syntax
+    environment:
+      # - SERVICE_URL_AUTHELIA_9091
+    # container_name: idp_authelia
+    volumes:
+      - authelia:/config:z
+      - TZ=America/Sao_Paulo
+    # networks:
+    #   - net
+    labels:
+      - 'traefik.enable=true'
+      - 'traefik.http.routers.authelia.rule=Host(`authelia.cloud.velha.casa`)'
+      - 'traefik.http.routers.authelia.entrypoints=https'
+      - 'traefik.http.routers.authelia.tls=true'
+      #- 'traefik.http.routers.authelia.tls.certresolver=letsencrypt'  # uncomment this to enable automatic certificate signing (1/2)
+      - 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia.cloud.velha.casa/api/authz/forward-auth?authelia_url=https://authelia.cloud.velha.casa'
+      - 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true'
+      - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'
+    # expose:
+    #   - 9091
+    # restart: unless-stopped
+    # healthcheck:
+    #   disable: true
+
+  redis:
+    image: redis:7.2.4-alpine3.19
+    environment:
+      # - SERVICE_URL_REDIS_6379
+      - TZ=America/Sao_Paulo
+    # container_name: idp_redis
+    volumes:
+      - redis:/data:z
+    # networks:
+    #   - net
+    # expose:
+    #   - 6379
+    # restart: unless-stopped
+
+  # traefik:
+  #   image: traefik:2.11.0
+  #   container_name: idp_traefik
+  #   volumes:
+  #     - ./traefik:/etc/traefik:z
+  #     - /var/run/docker.sock:/var/run/docker.sock  # WARNING: this gives traefik full root-access to the host OS, but is recommended/required(?) by traefik
+  #   security_opt:
+  #     - label:disable  # disable selinux because it (rightly) blocks access to docker.sock
+  #   networks:
+  #     - net
+  #   labels:
+  #     - 'traefik.enable=true'
+  #     - 'traefik.http.routers.api.rule=Host(`traefik.example.com`)'
+  #     - 'traefik.http.routers.api.entrypoints=https'
+  #     - 'traefik.http.routers.api.service=api@internal'
+  #     - 'traefik.http.routers.api.tls=true'
+  #     #- 'traefik.http.routers.api.tls.certresolver=letsencrypt'  # uncomment this to enable automatic certificate signing (2/2)
+  #     - 'traefik.http.routers.api.middlewares=authelia@docker'
+  #   ports:
+  #     - '80:80'
+  #     - '443:443'
+  #   command:
+  #     - '--api'
+  #     - '--providers.docker=true'
+  #     - '--providers.docker.exposedByDefault=false'
+  #     - '--entrypoints.http=true'
+  #     - '--entrypoints.http.address=:80'
+  #     - '--entrypoints.http.http.redirections.entrypoint.to=https'
+  #     - '--entrypoints.http.http.redirections.entrypoint.scheme=https'
+  #     - '--entrypoints.https=true'
+  #     - '--entrypoints.https.address=:443'
+  #     - '--certificatesResolvers.letsencrypt.acme.email=your-email@your-domain.com'
+  #     - '--certificatesResolvers.letsencrypt.acme.storage=/etc/traefik/acme.json'
+  #     - '--certificatesResolvers.letsencrypt.acme.httpChallenge.entryPoint=http'
+  #     - '--log=true'
+  #     - '--log.level=WARNING'  # DEBUG
+
+# networks:
+#   net:
+#     driver: bridge
--- a/services/copyparty/coolify.simple.docker-compose.yml
+++ b/services/copyparty/coolify.simple.docker-compose.yml
@@ -0,0 +1,12 @@
+services:
+  copyparty:
+    image: 'copyparty/ac'
+    environment:
+      - SERVICE_URL_COPYPARTY_3923
+      - LD_PRELOAD=/usr/lib/libmimalloc-secure.so.NOPE
+    volumes:
+      - 'copyparty-config:/cfg'
+      - type: bind
+        source: /share/app/copyparty/files
+        target: /share/files
+        is_directory: true
--- a/services/copyparty/resources/copyparty.conf
+++ b/services/copyparty/resources/copyparty.conf
@@ -0,0 +1,25 @@
+[global]
+  e2dsa  # enable file indexing and filesystem scanning
+  e2ts   # enable multimedia indexing
+  ansi   # enable colors in log messages
+
+  # p: 3939          # listen on another port
+  # ipa: 10.89.      # only allow connections from 10.89.*
+  df: 4           # stop accepting uploads if less than 16 gb free disk space
+  ver              # show copyparty version in the controlpanel
+  # grid             # show thumbnails/grid-view by default
+  # theme: 2         # monokai
+  name: watermelon  # change the server-name that's displayed in the browser
+  # stats, nos-dup   # enable the prometheus endpoint, but disable the dupes counter (too slow)
+  no-robots, force-js  # make it harder for search engines to read your server
+
+
+[accounts]
+  $USER: $PASSWORD  # username: password
+
+
+[/]            # create a volume at "/" (the webroot), which will
+  /w           # share /w (the docker data volume)
+  accs:
+    rw: *      # everyone gets read-write access, but
+    rwmda: ed  # the user "ed" gets read-write-move-delete-admin
--- a/services/copyparty/resources/custom.copyparty.conf
+++ b/services/copyparty/resources/custom.copyparty.conf
@@ -0,0 +1,28 @@
+[global]
+  e2dsa
+  e2ts
+  ansi
+
+  df: 4
+  ver
+  name: dragonfruit
+  no-robots, force-js
+
+
+[accounts]
+  cloud: (rE*b#cm-Fn'pI#};ty3/gHg
+  canto: dosilencio
+
+
+[/]
+  /share/files/public
+  accs:
+    r: *
+    rwmda: cloud
+
+
+[/canto]
+  /share/files/canto
+  accs:
+    r: canto
+    rwmda: cloud
--- a/services/copyparty/resources/example.copyparty.conf
+++ b/services/copyparty/resources/example.copyparty.conf
@@ -0,0 +1,23 @@
+# append some arguments to the commandline;
+# accepts anything listed in --help (leading dashes are optional)
+# and inline comments are OK if there is 2 spaces before the '#'
+[global]
+  e2dsa                # enable file indexing and filesystem scanning
+  e2ts                 # and enable multimedia indexing
+  ansi                 # enable colors in log messages
+  df: 4                # stop accepting uploads if less than 16 gb free disk space
+  ver                  # show copyparty version in the controlpanel
+  name: watermelon     # change the server-name that's displayed in the browser
+  z, qr                # and zeroconf and qrcode (you can comma-separate arguments)
+  no-robots, force-js  # make it harder for search engines to read your server
+
+# create users:
+[accounts]
+  admin: (fill)  # username: password
+
+# create volumes:
+[/]                    # create a volume at "/" (the webroot), which will
+  /share/files/public  # share the contents of "." (the current directory)
+  accs:
+    r: *          # everyone gets read-access, but
+    rwmda: admin  # the user "admin" gets read-write-move-delete-admin