Add Vaultwarden stack

Updating Traefik2 stack
Add PiHole stack
2024-12-30 15:01:42 -05:00 · 2024-12-30 14:54:33 -05:00 · 2024-12-30 14:51:09 -05:00 · 2024-12-30 14:50:03 -05:00 · 2024-12-30 14:48:04 -05:00 · 2024-12-30 14:46:12 -05:00
11 changed files with 124 additions and 207 deletions
--- a/HomeAssistant/docker-compose.yaml
+++ b/HomeAssistant/docker-compose.yaml
@ -0,0 +1,17 @@
+version: "3.8"
+
+name: homeassistant
+
+services:
+  homeassistant:
+    container_name: homeassistant
+    image: "ghcr.io/home-assistant/home-assistant:stable"
+    volumes:
+      - ./config:/config
+      - /etc/localtime:/etc/localtime:ro
+      - /run/dbus:/run/dbus:ro
+    restart: unless-stopped
+    privileged: true
+    network_mode: host
+    ports: 
+      - 8123 : 8123
--- a/Homepage/docker-compose.yaml
+++ b/Homepage/docker-compose.yaml
@ -3,8 +3,13 @@ services:
  homepage:
    image: ghcr.io/gethomepage/homepage:latest
    container_name: homepage
+    restart: always
+    #extra_hosts:
+    #  - hostname:ip # required if you refer to your services with hostnames instead of ip
    ports:
      - ${HOMEPAGE_HTTP_PORT}:3000
    volumes:
-      - ${HOMEPAGE_DIR}:/app/config # Make sure your local config directory exists
-      - /var/run/docker.sock:/var/run/docker.sock # (optional) For docker integrations
+      - ${HOMEPAGE_DIR}:/app/config
+      - ${HOMEPAGE_ICONS}:/app/public/icons
+      - /var/run/docker.sock:/var/run/docker.sock
+      
--- a/Homepage/stack.env
+++ b/Homepage/stack.env
@ -1,5 +1,3 @@
-HOMEPAGE_DIR=/path/to/homepage
+HOMEPAGE_DIR=/home/portainer/homepage
+HOMEPAGE_ICONS=/home/portainer/homepage/icons
 HOMEPAGE_HTTP_PORT=3000
-
-HOMEPAGE_PUID=1000
-HOMEPAGE_PGID=1000
--- a/Nextcloud/docker-compose.yaml
+++ b/Nextcloud/docker-compose.yaml
@ -1,145 +1,18 @@
 services:
-  aio-apache:
-    depends_on:
-      aio-nextcloud:
-        condition: service_started
-        required: false
-      aio-notify-push:
-        condition: service_started
-        required: false
-    image: nextcloud/aio-apache:latest
+  mastercontainer:
+    image: nextcloud/all-in-one:latest
    init: true
+    restart: always
+    container_name: nextcloud-aio-mastercontainer
+    volumes:
+      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    network_mode: bridge
    ports:
-      - ${APACHE_IP_BINDING}:${APACHE_PORT}:${APACHE_PORT}/tcp
-      - ${APACHE_IP_BINDING}:${APACHE_PORT}:${APACHE_PORT}/udp
+      - 8080:8080
    env_file:
      - stack.env
-    volumes:
-      - nextcloud_aio_nextcloud:/var/www/html:ro
-      - nextcloud_aio_apache:/mnt/data:rw
-    restart: unless-stopped
-    networks:
-      - nextcloud-aio
-    read_only: true
-    tmpfs:
-      - /var/log/supervisord
-      - /var/run/supervisord
-      - /usr/local/apache2/logs
-      - /tmp
-      - /home/www-data
-    labels:
-      - traefik.enable=true
-
-      # HTTP redirection to HTTPS
-      - traefik.http.routers.nextcloud.entrypoints=web
-      - traefik.http.routers.nextcloud.rule=Host(`${NEXTCLOUD_URL}`)
-      - traefik.http.middlewares.nextcloud-https-redirect.redirectscheme.scheme=https
-      - traefik.http.routers.nextcloud.middlewares=nextcloud-https-redirect
-
-      # HTTPS config
-      - traefik.http.routers.nextcloud-secure.entrypoints=websecure
-      - traefik.http.routers.nextcloud-secure.rule=Host(`${NEXTCLOUD_URL}`)
-      - traefik.http.routers.nextcloud-secure.tls=true
-      - traefik.http.routers.nextcloud-secure.tls.certresolver=myresolver
-      - traefik.http.services.nextcloud-secure.loadbalancer.server.port=21000
-      
-      - traefik.docker.network=proxy
-
-      - homepage.group=Cloud
-      - homepage.name=Nextcloud
-      - homepage.icon=nextcloud.png
-      - homepage.href=https://${NEXTCLOUD_URL}
-      - homepage.description=Personnal cloud 
-      - homepage.widget.type=nextcloud
-      - homepage.widget.url=https://${NEXTCLOUD_URL}
-      - homepage.widget.username=${NEXTCLOUD_API_USERNAME}
-      - homepage.widget.password=${NEXTCLOUD_API_PASSWORD}
-      
-  aio-database:
-    image: nextcloud/aio-postgresql:latest
-    init: true
-    expose:
-      - "5432"
-    volumes:
-      - nextcloud_aio_database:/var/lib/postgresql/data:rw
-      - nextcloud_aio_database_dump:/mnt/data:rw
-    env_file:
-      - stack.env
-    stop_grace_period: 1800s
-    restart: unless-stopped
-    shm_size: 268435456
-    networks:
-      - nextcloud-aio
-    read_only: true
-    tmpfs:
-      - /var/run/postgresql
-
-  aio-nextcloud:
-    depends_on:
-      aio-database:
-        condition: service_started
-        required: false
-      aio-redis:
-        condition: service_started
-        required: false
-    image: nextcloud/aio-nextcloud:latest
-    init: true
-    expose:
-      - "9000"
-      - "9001"
-    volumes:
-      - nextcloud_aio_nextcloud:/var/www/html:rw
-      - ${NEXTCLOUD_USER_DIR}:/mnt/ncdata:rw
-      - ${NEXTCLOUD_DOCKER_DIR}:/mnt:rw
-      - ${NEXTCLOUD_TRUSTED_CACERTS_DIR}:/usr/local/share/ca-certificates:ro
-    env_file:
-      - stack.env
-    stop_grace_period: 600s
-    restart: unless-stopped
-    networks:
-      - nextcloud-aio
-
-  aio-notify-push:
-    image: nextcloud/aio-notify-push:latest
-    init: true
-    expose:
-      - "7867"
-    volumes:
-      - nextcloud_aio_nextcloud:/nextcloud:ro
-    env_file:
-      - stack.env
-    restart: unless-stopped
-    networks:
-      - nextcloud-aio
-    read_only: true
-
-  aio-redis:
-    image: nextcloud/aio-redis:latest
-    init: true
-    expose:
-      - "6379"
-    env_file:
-      - stack.env
-    volumes:
-      - nextcloud_aio_redis:/data:rw
-    restart: unless-stopped
-    networks:
-      - nextcloud-aio
-    read_only: true

 volumes:
-  nextcloud_aio_apache:
-    name: nextcloud_aio_apache
-  nextcloud_aio_database:
-    name: nextcloud_aio_database
-  nextcloud_aio_database_dump:
-    name: nextcloud_aio_database_dump
-  nextcloud_aio_nextcloud:
-    name: nextcloud_aio_nextcloud
-  nextcloud_aio_redis:
-    name: nextcloud_aio_redis
-
-networks:
-  nextcloud-aio:
-    name: nextcloud-aio
-    driver: bridge
+  nextcloud_aio_mastercontainer:
+    name: nextcloud_aio_mastercontainer
--- a/Nextcloud/stack.env
+++ b/Nextcloud/stack.env
@ -1,39 +1,5 @@
-NEXTCLOUD_URL=nextcloud.example.com
-TZ=America/Toronto
-
-NEXTCLOUD_DOCKER_DIR=/path/to/nextcloud
-NEXTCLOUD_DATA_DIR=/path/to/users/data
-NEXTCLOUD_TRUSTED_CACERTS_DIR=./certificates
-
-NEXTCLOUD_API_USERNAME=YourApiUsername
-NEXTCLOUD_API_PASSWORD=YourApiPassword
-
-ADMIN_USER=admin
-ADMIN_PASSWORD=YOUR_ADMIN_PASSWORD
-
+APACHE_PORT=3003
 APACHE_IP_BINDING=0.0.0.0
-APACHE_PORT=21000
-APACHE_MAX_TIME=3600
-APACHE_MAX_SIZE=10737418240
-
-NEXTCLOUD_UPLOAD_LIMIT=10G
-POSTGRES_DB=nextcloud_database
-POSTGRES_HOST=aio-database
-POSTGRES_PASSWORD=YOUR_DB_PASSWORD
-POSTGRES_USER=nextcloud
-
-CLAMAV_ENABLED=false
-COLLABORA_ENABLED=false
-FULLTEXTSEARCH_ENABLED=false
-IMAGINARY_ENABLED=false
-TALK_ENABLED=false
-ONLYOFFICE_ENABLED=false
-
-NEXTCLOUD_HOST=aio-nextcloud
-NOTIFY_PUSH_HOST=aio-notify-push
-REDIS_HOST=aio-redis
-REDIS_HOST_PASSWORD=YOUR_REDIS_PASSWORD
-
-NC_DOMAIN=${NEXTCLOUD_URL}
-OVERWRITEHOST=${NC_DOMAIN}
-OVERWRITEPROTOCOL=https
+NEXTCLOUD_MOUNT=/mnt/nextcloud_smb # this is an smb mount point mounted in /etc/fstab
+NEXTCLOUD_DATADIR=/mnt/nextcloud_smb/data
+SKIP_DOMAIN_VALIDATION=false
--- a/PiHole/docker-compose.yaml
+++ b/PiHole/docker-compose.yaml
@ -0,0 +1,15 @@
+services:
+  pihole:
+    container_name: pihole
+    image: pihole/pihole:latest
+    restart: always
+    ports:
+      - "53:53/tcp"
+      - "53:53/udp"
+      - "8053:80/tcp"
+    env_file:
+      - stack.env
+    # Volumes store your data between container upgrades
+    volumes:
+      - ${PIHOLE_CONFIG_DIR}:/etc/pihole
+      - ${PIHOLE_DNS_FILE}:/etc/dnsmasq.d
--- a/PiHole/stack.env
+++ b/PiHole/stack.env
@ -0,0 +1,4 @@
+PIHOLE_CONFIG_DIR=/home/portainer/pihole/config
+PIHOLE_DNS_FILE=/home/portainer/pihole/dnsmasq.d
+WEBPASSWORD=
+TZ=America/Toronto
--- a/Traefik/docker-compose.yaml
+++ b/Traefik/docker-compose.yaml
@ -2,11 +2,12 @@ version: '3.3'

 services:
  reverse-proxy:
-    # The official v2 Traefik docker image
-    image: traefik:v2.10
-    # Enables the web UI and tells Traefik to listen to docker
+    image: traefik:latest
+    restart: always
+    #extra_hosts:
+    #  - hostname:ip # required to redirect hostnames to ips
    command:
-      #- "--log.level=DEBUG"
+      - "--api=true"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
@ -15,19 +16,15 @@ services:
      - "--entrypoints.websecure.address=:443"
      - "--entrypoints.web.address=:80"
      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
-      - "--certificatesresolvers.myresolver.acme.email=${TRAEFIK_ADMIN_EMAIL}"
+      - "--certificatesresolvers.myresolver.acme.email=YOUR@EMAIL"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
-    networks:
-      - backend
+      - "--log.level=DEBUG"
+      - "--log.filePath=/traefik/traefik.log" 
    ports:
-      - ${TRAEFIK_PORT_HTTP}:80 # The HTTP port
-      - ${TRAEFIK_PORT_HTTPS}:443 # The HTTP port
-      - ${TRAEFIK_BACKEND_PORT}:8080 # The Web UI (enabled by --api.insecure=true)
+      - 80:80 # The HTTP port
+      - 443:443 # The HTTPS port
+      - 8080:8080 # The Web UI (enabled by --api.insecure=true)
    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
      - ${TRAEFIK_DIR}:/traefik
-      - ${TRAEFIK_CERT_DIR}:/letsencrypt # For SSL certificates
-
-networks:
-  backend:
-    external: true
+      - ${TRAEFIK_DIR}/certs:/letsencrypt # For SSL certificates
+      - /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
--- a/Traefik/stack.env
+++ b/Traefik/stack.env
@ -1,8 +1 @@
-TRAEFIK_PORT_HTTP=80
-TRAEFIK_PORT_HTTPS=443
-TRAEFIK_BACKEND_PORT=8080
-
-TRAEFIK_ADMIN_EMAIL=admin@example.com
-
-TRAEFIK_DIR=/path/to/traefik
-TRAEFIK_CERT_DIR=/path/to/traefik/certs
+TRAEFIK_DIR=/home/portainer/traefik
--- a/Vaultwarden/docker-compose.yaml
+++ b/Vaultwarden/docker-compose.yaml
@ -0,0 +1,23 @@
+services:
+  vaultwarden:
+    image: timshel/vaultwarden:latest
+    container_name: vaultwarden
+    restart: always
+    env_file:
+      - stack.env
+    volumes:
+      - ${VAULTWARDEN_DIR}/data:/data
+    ports:
+      - ${VAULTWARDEN_PORT}:80
+
+  backup:
+    image: bruceforce/vaultwarden-backup
+    restart: on-failure
+    init: true
+    depends_on:
+      - vaultwarden
+    volumes:
+      - ${VAULTWARDEN_DIR}/data:/data/
+      - ${VAULTWARDEN_DIR}/backup:/backup/
+    env_file:
+      - stack.env
--- a/Vaultwarden/stack.env
+++ b/Vaultwarden/stack.env
@ -0,0 +1,26 @@
+VAULTWARDEN_DIR=/home/portainer/vaultwarden
+VAULTWARDEN_PORT=11001
+
+DOMAIN=
+SIGNUPS_ALLOWED=false
+PUSH_ENABLED=false
+SENDS_ALLOWED=false
+ORG_ATTACHMENT_LIMIT=5000
+USER_ATTACHMENT_LIMIT=3000
+INVITATION_ORG_NAME=NAME
+EMAIL_CHANGE_ALLOWED=false
+TEMPLATES_FOLDER=data/templates
+LOG_LEVEL=warn
+EXTENDED_LOGGING=true
+SSO_ENABLED=true
+SSO_ONLY=true
+SSO_FRONTEND=override
+SSO_CLIENT_ID=
+SSO_CLIENT_SECRET=
+SSO_AUTHORITY=
+SSO_SCOPES=email profile openid offline_access
+SSO_PKCE=true
+SSO_AUTH_ONLY_NOT_SESSION=true
+BACKUP_ON_STARTUP=true
+ENCRYPTION_PASSWORD=
+TIMESTAMP=true
Author	SHA1	Message	Date
SweetId	94db189099	Add Vaultwarden stack	2024-12-30 15:01:42 -05:00
SweetId	d466562458	Updating Traefik2 stack	2024-12-30 14:54:33 -05:00
SweetId	826d7f79ad	Add PiHole stack	2024-12-30 14:51:09 -05:00
SweetId	85697a23cd	Update Homepage stack	2024-12-30 14:50:03 -05:00
SweetId	030d31392d	Update Nextcloud stack	2024-12-30 14:48:04 -05:00
SweetId	0a56b99793	Add Home Assistant stack	2024-12-30 14:46:12 -05:00