chris/docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: chris:b243abca8622a1b78a96eff4710600c051a1e7c3
Branches Tags
chris:main chris:caddy-docker
...
compare: chris:main
Branches Tags
chris:main chris:caddy-docker

72 Commits
b243abca86 ... main

Author SHA1 Message Date
Chris King
ff4bea25f6 Add initial commit of new media management docker stack 
Includes transmission, gluetun, sonarr, radarr stacks
Includes framework for adding plex, tautulli, prowlarr, overseerr, requestrr, and trash guides sync stacks
Includes port-watcher docker container that monitors gluetun port forwarding file and sets transmission peer_port automatically
 2025-03-12 10:47:54 -07:00
Chris King
2abb9cb5d2 Add script for managing torrentarr containers (not in use) 2025-03-12 10:45:08 -07:00
Chris King
8231589d4d Update Overseer lastscan times 2025-03-12 10:44:38 -07:00
Chris King
1ffdc6caaf Add custom TimestampTrade plugin 
Add custom RemoveMarkers plugin
 2025-03-12 10:43:57 -07:00
Chris King
eb5693322d Update stashapp config 2025-03-12 10:43:10 -07:00
Chris King
773fb9067b Rename stashapp matcher to @exclude 
Update stashapp exclusions
 2025-03-12 10:37:43 -07:00
Chris King
31a5e76cee Disable DupFileManager Stash plugin dryrun mode 2025-02-18 01:19:53 -08:00
Chris King
db5394a2c5 Remove logging options from Stash docker-compose.yml so that it uses defaults (journald) 2025-02-18 01:19:18 -08:00
Chris King
e07521a6ae Migrate Seedsync setup to /docker directory 
Now able to track and backup all seedsync configs
Add config backups to gitignore for Seedsync
 2025-02-18 01:17:53 -08:00
Chris King
8a2240a43e Finish Komodo setup 
Add OIDC snippet to Caddyfile
Add komodo to Caddyfile
 2025-02-18 01:12:53 -08:00
Chris King
0dcd0c9823 Move Caddy named volumes to bind mounts for backup 2025-02-18 01:10:39 -08:00
Chris King
5ffc709df3 Move Authentik named volumes to bind mounts for backup 2025-02-18 01:10:03 -08:00
Chris King
a572313d3d Moved DupFileManager plugin to a fork in Gitea and moved the files to a new directory 2025-02-16 06:20:19 -08:00
Chris King
8de9b57365 Move Stash to Authentik 
Add bypass for bedroom ShieldTV
Remove Stash port forwarding
Set STASH_EXTERNAL_HOST to URL
Add customized DupFileManager plugin to Stash
Enable custom_served_folders in Stash
Disable built-in Stash auth in favor of Authentik
Add additional Stash plugins and plugin sources
Add FansDB stash box configuration
 2025-02-16 01:20:53 -08:00
Chris King
79aa347f6a Change default Authentik snippet to only modify X-Real-IP and X-Forwarded-Port headers 
Caddy passes through and sets other headers automatically
Only use Cloudflare connecting IP header when request is coming from cloudflare
 2025-02-16 01:16:36 -08:00
Chris King
d2810af09f Corrected accidental string bool 2025-02-13 16:11:35 -08:00
Chris King
aaaaa7766e Added additional motion masks for timestamps 
Added zone definitions for all cameras
Adjusted motion threshhold and contour_area for all cameras
 2025-02-13 16:10:18 -08:00
Chris King
b532587d76 stashapp - Added new transfer directory 2025-02-13 16:08:11 -08:00
Chris King
8749ca7376 Moved Tautulli to Docker 
Added tautulli.tremendousturtle.tools to Caddy
Added additional gitignore file for Tautulli
 2025-02-13 16:07:23 -08:00
Chris King
12a0e84181 Default Komodo setup 2025-02-04 02:22:58 -08:00
Chris King
aa51e224f8 Add network bandwidth monitoring for frigate 
Add Frigate+ API key to enable image annotation/upload
Adjust doorbell motion parameters
Adjust detect stationary threshold
Enable recording retention for all 3 days and 30 days for motion
 2025-02-04 02:22:38 -08:00
Chris King
67a8025b49 Add Dozzle to Caddy 2025-02-04 02:20:13 -08:00
Chris King
d2942bf100 Revert Authentik to stable build version 2024.12.3 2025-02-04 02:19:56 -08:00
Chris King
2d1ac160e7 Setup Dozzle 2025-02-04 02:19:17 -08:00
Chris King
3d4cdaf8d6 Enable frigate snapshots 
Add additional objects to track
 2025-01-30 21:15:07 -08:00
Chris King
7f5284c865 Enable repository indexing service 
Enable reverse proxy trusted proxies
 2025-01-23 09:24:34 -08:00
Chris King
25937216ab Change Authentik server image to use env variables again 2025-01-23 08:19:27 -08:00
Chris King
bcc325afe1 Remove unused code-server config 2025-01-22 22:38:10 -08:00
Chris King
e951edffaf Switch Frigate image to custom built image with simple user access controls based on username 2025-01-22 18:24:12 -08:00
Chris King
2e67562d95 Add code-server docker config 
code-server docker is actually not used at this time
 2025-01-22 18:23:30 -08:00
Chris King
78688d8bf5 Move gitea to Authentik 
Enable reverse proxy authentication via headers for Gitea
 2025-01-22 18:22:43 -08:00
Chris King
97a97f5028 Add bypass rules to Authelia access control for gitea API 2025-01-22 18:21:59 -08:00
Chris King
f3bbf41add Change frigate proxy user header to Authentik configured user header 2025-01-16 14:29:55 -08:00
Chris King
ceb05e3644 Expose frigate UI port to host for troubleshooting and access 2025-01-16 14:29:13 -08:00
Chris King
6040bcba8e Add home.docker.internal definition to Authentik container 
Remove env variables from authentik container image
 2025-01-16 14:28:39 -08:00
Chris King
9f394b4b97 Move Caddyfile into config/Caddyfile to allow caddy reload to work in Docker 
Remove caddyfile configs setup in docker-compose.yml
Add authentik, redirect, and authentik-forward Caddyfile snippets
Move homepage, frigate, and code into Authentik in Caddyfile
Add redirect for home to homepage
 2025-01-16 14:27:23 -08:00
Chris King
6d353fcd69 Expose 9000 and 9443 for Authentik 2025-01-13 12:04:23 -08:00
Chris King
b94f8d6557 Merge branch 'caddy-docker' 2025-01-13 11:51:02 -08:00
Chris King
8a07851ab8 Update overseerr configs 2025-01-13 11:50:54 -08:00
Chris King
63edf652b7 Update settings.json for oversseerr 2025-01-13 11:49:21 -08:00
Chris King
a2dff6fdd8 Change web interface ports to use expose in docker-compose.yml instead of ports 
Change any port changes in docker-compose files to use expose and the default port instead of 3001:3000
Any localhost limited ports changed to expose instead
Add requestrr to caddyfile
 2025-01-13 11:49:02 -08:00
Chris King
a671b15a96 Add TLS resolvers to allow acme challenges to resolve 
Configure non-docker apps to proxy to host.docker.internal
Configure triliumnext-notes to use port 8080
Add host.docker.internal to caddy docker-compose
Explicitly specify .env file for caddy container
Remove port expose for triliumnext-notes container
 2025-01-13 10:59:43 -08:00
Chris King
936242e24d Merge branch 'main' into caddy-docker 2025-01-13 09:39:45 -08:00
Chris King
817723d0bf update overseerr settings.json 2025-01-13 09:37:40 -08:00
Chris King
f016deb3a9 update overseerr settings.json 2025-01-13 09:35:23 -08:00
Chris King
ce8e342560 change caddy admin to listen on all interfaces in docker container 
add cloudflared docker
change overseerr docker-compose to use proxy-net for testing
 2025-01-13 09:34:55 -08:00
Chris King
ad9b4fef97 Updated authentik db service name to db in all locations 2025-01-12 23:49:47 -08:00
Chris King
28c734c1d2 Updated docker-compose files for use with Docker Caddy 
Defined top level name for all services
Added proxy-net to services
Updated main service/server container service name to "app"
Updated hostname references to projectname-app-1
Updated docker Caddy caddyfile to reference container names
Updated docker Caddy caddyfile to use 192.168.1.234 instead of localhost for non-docker services
Adjusted caddyfile accordingly
 2025-01-12 23:37:59 -08:00
Chris King
342559c8eb update overseerr and stashapp config files in preparation for new branch creation 2025-01-12 22:49:26 -08:00
Chris King
77803655c0 add Caddy docker configuration 
add Caddy Dockerfile to build image using xcaddy including cloudflare modules
docker-compose.yml file builds image instead of pulling it
 2025-01-12 22:47:49 -08:00
Chris King
eb0f41261f add authentik docker-compose.yml 2025-01-12 22:46:49 -08:00
Chris King
005c60abc3 rename authelia service to authelia 
add proxy-net to authelia container
 2025-01-12 22:46:09 -08:00
Chris King
7002b866f9 ignore authentik and caddy env files 2025-01-12 22:44:03 -08:00
Chris King
9c767b6e0c Add homepage integration labels for Frigate 2025-01-08 01:42:09 -08:00
Chris King
b66436fa95 Add homepage integration labels 2025-01-08 01:41:55 -08:00
Chris King
e36c6a7f1c Add dockerproxy for docker integration 
Add generated homepage config files
Add docker integration setup
 2025-01-08 01:41:39 -08:00
Chris King
43bacbcb48 Exclude log directories 2025-01-08 01:40:23 -08:00
Chris King
3d62803e05 Added homepage docker-compose 2025-01-08 00:17:55 -08:00
Chris King
99193bcaa7 Add TriliumNext Notes 2024-12-26 16:42:28 -08:00
Chris King
579adad744 Update requestrr notifications.json gitignore 2024-12-16 13:17:50 -08:00
Chris King
a67bdd8503 Removed requestrr notifications.json from git 2024-12-16 13:16:42 -08:00
Chris King
994b2d4c01 do not track requestrr notifications.json 2024-12-16 13:15:10 -08:00
Chris King
5ce753bd71 init stashapp docker 
add stashapp specific gitignore entries
 2024-12-16 02:28:59 -08:00
Chris King
e21a330b33 init requestrr docker 2024-12-16 01:44:14 -08:00
Chris King
914a7487b4 init overseerr docker 2024-12-16 01:44:00 -08:00
Chris King
3a3d3ff9c4 init orbital-sync docker 2024-12-16 01:43:39 -08:00
Chris King
1ddee07e72 init openobserve docker 2024-12-16 01:43:27 -08:00
Chris King
c3f08d5191 init homepage docker 2024-12-16 01:43:13 -08:00
Chris King
116a7716ac init gitea docker 2024-12-16 01:43:05 -08:00
Chris King
eeeb05be82 init frigate docker 2024-12-16 01:42:52 -08:00
Chris King
f170058551 init authelia docker 2024-12-16 01:42:38 -08:00
Chris King
f3920b60ab Init actual-server docker 2024-12-16 01:42:18 -08:00
57 changed files with 2839 additions and 1 deletions
Expand all files Collapse all files

8
.gitignore vendored
View File

@@ -1,3 +1,9 @@
data/
secrets/
tmp/
tmp/
stashapp/**/config.yml.*
stashapp/**/icon.png
requestrr/**/notifications.json
logs/
authentik/.env
caddy/.env

32
actual-server/docker-compose.yml Normal file
View File

@@ -0,0 +1,32 @@
name: actual-server
services:
app:
image: docker.io/actualbudget/actual-server:latest
networks:
- proxy-net
#ports:
# This line makes Actual available at port 5006 of the device you run the server on,
# i.e. http://localhost:5006. You can change the first number to change the port, if you want.
# - '5006:5006'
expose:
- "5006"
#environment:
# - ACTUAL_LOGIN_METHOD=header
# Uncomment any of the lines below to set configuration options.
# - ACTUAL_HTTPS_KEY=/data/selfhost.key
# - ACTUAL_HTTPS_CERT=/data/selfhost.crt
# - ACTUAL_PORT=5006
# - ACTUAL_UPLOAD_FILE_SYNC_SIZE_LIMIT_MB=20
# - ACTUAL_UPLOAD_SYNC_ENCRYPTED_FILE_SYNC_SIZE_LIMIT_MB=50
# - ACTUAL_UPLOAD_FILE_SIZE_LIMIT_MB=20
# See all options and more details at https://actualbudget.github.io/docs/Installing/Configuration
# !! If you are not using any of these options, remove the 'environment:' tag entirely.
volumes:
# Change './actual-data' below to the path to the folder you want Actual to store its data in on your server.
# '/data' is the path Actual will look for its files in by default, so leave that as-is.
- ./data:/data
restart: unless-stopped
networks:
proxy-net:
external: true

30
authelia/config/authelia/configuration.yml Normal file
View File

@@ -0,0 +1,30 @@
server:
endpoints:
authz:
forward-auth:
implementation: 'ForwardAuth'
# Security https://www.authelia.com/configuration/security/access-control/
access_control:
networks:
- name: 'internal'
networks:
- '192.168.1.0/24'
- '172.16.0.0/12'
rules:
- domain: 'gitea.tremendousturtle.tools'
policy: bypass
networks:
- 'internal'
resources:
- '^/api([/?].*)?$'
- '^/v2([/?].*)?$'
- domain: '*.tremendousturtle.tools'
policy: two_factor
# Session https://www.authelia.com/configuration/session/introduction/
# Set also AUTHELIA_SESSION_SECRET_FILE
session:
cookies:
- domain: 'tremendousturtle.tools'
authelia_url: 'https://auth.tremendousturtle.tools'

91
authelia/docker-compose.yml Normal file
View File

@@ -0,0 +1,91 @@
name: authelia
services:
app:
image: authelia/authelia:latest
restart: unless-stopped
depends_on:
- database
- redis
volumes:
- ./config/authelia:/config
networks:
- proxy-net
- default
ports:
- "9091:9091"
environment:
AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE: /run/secrets/jwt_secret
AUTHELIA_SESSION_SECRET_FILE: /run/secrets/session_secret
AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: /run/secrets/smtp_pass
AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: /run/secrets/storage_encryption_key
AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: /run/secrets/postgres_pass
AUTHELIA_SESSION_REDIS_PASSWORD_FILE: /run/secrets/redis_pass
AUTHELIA_THEME: auto
AUTHELIA_LOG_LEVEL: debug
AUTHELIA_AUTHENTICATION_BACKEND_FILE_PATH: /run/secrets/users_database
AUTHELIA_TOTP_ISSUER: tremendousturtle.tools
AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: deny
AUTHELIA_SESSION_REDIS_HOST: authelia-redis-1
AUTHELIA_SESSION_REDIS_PORT: 6379
AUTHELIA_STORAGE_POSTGRES_ADDRESS: tcp://authelia-database-1:5432
AUTHELIA_STORAGE_POSTGRES_DATABASE: authelia
AUTHELIA_STORAGE_POSTGRES_USERNAME: authelia
AUTHELIA_NOTIFIER_SMTP_ADDRESS: submissions://smtp.mailgun.org:465
AUTHELIA_NOTIFIER_SMTP_USERNAME: auth@mail.tremendousturtle.tools
AUTHELIA_NOTIFIER_SMTP_SENDER: Authelia <auth@tremendousturtle.tools>
secrets:
- jwt_secret
- session_secret
- smtp_pass
- storage_encryption_key
- postgres_pass
- redis_pass
- users_database
labels:
- homepage.group=Utility
- homepage.name=Authelia
- homepage.icon=authelia
- homepage.href=https://auth.tremendousturtle.tools/
- homepage.description=Authentication
database:
image: postgres:15
restart: unless-stopped
volumes:
- ./data/postgres:/var/lib/postgresql/data
environment:
POSTGRES_USER: authelia
POSTGRES_PASSWORD_FILE: /run/secrets/postgres_pass
secrets:
- postgres_pass
redis:
image: redis:7
restart: unless-stopped
environment:
REDIS_PASSWORD_FILE: /run/secrets/redis_pass
command: sh -c "redis-server --save 60 1 --loglevel warning --requirepass $(cat $$REDIS_PASSWORD_FILE)"
volumes:
- ./data/redis:/data
secrets:
- redis_pass
networks:
proxy-net:
external: true
secrets:
postgres_pass:
file: ./secrets/POSTGRES_PASS
jwt_secret:
file: ./secrets/JWT_SECRET
session_secret:
file: ./secrets/SESSION_SECRET
smtp_pass:
file: ./secrets/SMTP_PASSWORD
storage_encryption_key:
file: ./secrets/STORAGE_ENCRYPTION_KEY
redis_pass:
file: ./secrets/REDIS_PASSWORD
users_database:
file: ./secrets/users_database.yml

95
authentik/docker-compose.yml Normal file
View File

@@ -0,0 +1,95 @@
name: authentik
services:
db:
image: docker.io/library/postgres:16-alpine
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
start_period: 20s
interval: 30s
retries: 5
timeout: 5s
volumes:
- ./data/postgres:/var/lib/postgresql/data
environment:
POSTGRES_PASSWORD: ${PG_PASS:?database password required}
POSTGRES_USER: ${PG_USER:-authentik}
POSTGRES_DB: ${PG_DB:-authentik}
env_file:
- .env
redis:
image: docker.io/library/redis:alpine
command: --save 60 1 --loglevel warning
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
start_period: 20s
interval: 30s
retries: 5
timeout: 3s
volumes:
- ./data/redis:/data
app:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.12.3}
restart: unless-stopped
command: server
environment:
AUTHENTIK_REDIS__HOST: authentik-redis-1
AUTHENTIK_POSTGRESQL__HOST: authentik-db-1
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
networks:
- proxy-net
- default
extra_hosts:
- "host.docker.internal:host-gateway"
volumes:
- ./data/media:/media
- ./config/custom-templates:/templates
env_file:
- .env
ports:
- "${COMPOSE_PORT_HTTP:-9000}:9000"
- "${COMPOSE_PORT_HTTPS:-9443}:9443"
expose:
- "9000"
- "9443"
depends_on:
db:
condition: service_healthy
redis:
condition: service_healthy
worker:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.12.3}
restart: unless-stopped
command: worker
environment:
AUTHENTIK_REDIS__HOST: authentik-redis-1
AUTHENTIK_POSTGRESQL__HOST: authentik-db-1
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
# `user: root` and the docker socket volume are optional.
# See more for the docker socket integration here:
# https://goauthentik.io/docs/outposts/integrations/docker
# Removing `user: root` also prevents the worker from fixing the permissions
# on the mounted folders, so when removing this make sure the folders have the correct UID/GID
# (1000:1000 by default)
user: root
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./data/media:/media
- ./data/certs:/certs
- ./config/custom-templates:/templates
env_file:
- .env
depends_on:
db:
condition: service_healthy
redis:
condition: service_healthy
networks:
proxy-net:
external: true

9
caddy/Dockerfile Normal file
View File

@@ -0,0 +1,9 @@
FROM caddy:2.9.1-builder AS builder
RUN xcaddy build \
--with github.com/caddy-dns/cloudflare \
--with github.com/WeidiDeng/caddy-cloudflare-ip
FROM caddy:2.9.1
COPY --from=builder /usr/bin/caddy /usr/bin/caddy

221
caddy/config/Caddyfile Normal file
View File

@@ -0,0 +1,221 @@
# Global Config
{
email certs@tremendousturtle.tools
default_sni tremendousturtle.tools
acme_ca https://acme-v02.api.letsencrypt.org/directory
admin :2019
# debug
# acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
servers {
trusted_proxies cloudflare {
interval 12h
timeout 15s
}
client_ip_headers Cf-Connecting-Ip X-Forwarded-For X-Real-IP
}
}
# Global Reusable Blocks
(tls) {
tls {
dns cloudflare {
zone_token {env.CF_ZONE_TOKEN}
api_token {env.CF_API_TOKEN}
}
resolvers 1.1.1.1 1.0.0.1
}
}
(secure) {
forward_auth {args[0]} authelia-app-1:9091 {
uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
}
}
(secure-external) {
forward_auth {args[0]} https://auth.tremendousturtle.tools {
uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
header_up Host {upstream_hostport}
}
}
(ttt-log) {
log {
output file /logs/{args[0]}.tremendousturtle.tools.log
}
}
(ttt-proxy) {
reverse_proxy {args[0]}:{args[1]} {
header_up X-Real-IP {http.request.header.CF-Connecting-IP}
header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
}
}
(ttt-app) {
{args[0]}.tremendousturtle.tools {
import ttt-log {args[0]}
import tls
import secure *
import ttt-proxy {args[0]}-app-1 {args[1]}
}
}
(ttt-app-local) {
{args[0]}.tremendousturtle.tools {
import ttt-log {args[0]}
import tls
import secure *
import ttt-proxy host.docker.internal {args[1]}
}
}
(ttt-app-alt) {
{args[0]}.tremendousturtle.tools {
import ttt-log {args[0]}
import tls
import secure *
import ttt-proxy {args[1]} {args[2]}
}
}
(authentik) {
{args[0]}.tremendousturtle.tools {
import ttt-log {args[0]}
import tls
@not_cf header !CF-Connecting-IP
@cf header CF-Connecting-IP *
reverse_proxy @not_cf authentik-app-1:9000 {
header_up X-Real-IP {remote_host}
header_up X-Forwarded-Port {server_port}
}
reverse_proxy @cf authentik-app-1:9000 {
header_up X-Real-IP {http.request.header.CF-Connecting-IP}
header_up X-Forwarded-Port {server_port}
}
}
}
(oidc) {
{args[0]}.tremendousturtle.tools {
import ttt-log {args[0]}
import tls
@not_cf header !CF-Connecting-IP
@cf header CF-Connecting-IP *
reverse_proxy @not_cf {args[0]}-app-1:{args[1]} {
header_up X-Real-IP {remote_host}
header_up X-Forwarded-Port {server_port}
}
reverse_proxy @cf {args[0]}-app-1:{args[1]} {
header_up X-Real-IP {http.request.header.CF-Connecting-IP}
header_up X-Forwarded-Port {server_port}
}
}
}
(redirect) {
{args[0]}.tremendousturtle.tools {
import tls
redir https://{args[1]}.tremendousturtle.tools{uri}
}
}
(authentik-forward) {
{args[0]}.tremendousturtle.tools {
import ttt-log {args[0]}
import tls
route {
# always forward outpost path to actual outpost
reverse_proxy /outpost.goauthentik.io/* http://authentik-app-1:9000
# forward authentication to outpost
forward_auth http://authentik-app-1:9000 {
uri /outpost.goauthentik.io/auth/caddy
# capitalization of the headers is important, otherwise they will be empty
copy_headers X-Authentik-Username X-Authentik-Groups X-Authentik-Entitlements X-Authentik-Email X-Authentik-Name X-Authentik-Uid X-Authentik-Jwt X-Authentik-Meta-Jwks X-Authentik-Meta-Outpost X-Authentik-Meta-Provider X-Authentik-Meta-App X-Authentik-Meta-Version
# optional, in this config trust all private ranges, should probably be set to the outposts IP
trusted_proxies private_ranges
}
# actual site configuration below, for example
reverse_proxy {args[1]}:{args[2]}
}
}
}
# Web Config
tremendousturtle.tools {
import tls
respond "I'm Alive!"
}
auth.tremendousturtle.tools {
import tls
reverse_proxy authelia-app-1:9091
}
authentik.tremendousturtle.tools {
import tls
reverse_proxy authentik-app-1:9000
}
# Define code.tremendousturtle.tools
# Locally hosted non-docker apps (proxies to 192.168.1.234 instead of localhost)
#import ttt-app-local code 8020
import ttt-app-local pihole 1080
import ttt-app-local sonarr 8989
import ttt-app-local radarr 7878
import ttt-app-local prowlarr 9696
import ttt-app-local cockpit 9090
# Docker apps with same subdomain as docker compose project name
#import ttt-app frigate 8971
import ttt-app overseerr 5055
import ttt-app openobserve 5080
#import ttt-app gitea 3000
#import ttt-app homepage 3000
import ttt-app requestrr 4545
# Alternate configuration (different subdomain and docker compose project name)
import ttt-app-alt budget actual-server-app-1 5006
import ttt-app-alt trilium triliumnext-notes-app-1 8080
import ttt-app-alt notes triliumnext-notes-app-1 8080
#import ttt-app-alt stash stashapp-app-1 9999
import ttt-app-alt pihole1 192.168.1.116 80
# Authentik Configs
import authentik homepage
import redirect home homepage
import authentik frigate
import authentik code
import authentik gitea
import authentik dozzle
import authentik tautulli
#import authentik-test stash
# Authentik OIDC Configs
import oidc komodo 9120
stash.tremendousturtle.tools {
import ttt-log stash
import tls
@not_cf header !CF-Connecting-IP
@cf header CF-Connecting-IP *
# Match the bedroom Nvidia Shield IP to skip Authentik
@exclude client_ip 192.168.1.142 192.168.1.234 127.0.0.1
reverse_proxy @exclude stashapp-app-1:9999 {
header_up X-Real-IP {remote_host}
header_up X-Forwarded-Port {server_port}
}
# When not from cloudflare just use the remote host as the real IP
reverse_proxy @not_cf authentik-app-1:9000 {
header_up X-Real-IP {remote_host}
header_up X-Forwarded-Port {server_port}
}
# When from cloudflare tunnel use the CF-Connecting-IP as the real IP
reverse_proxy @cf authentik-app-1:9000 {
header_up X-Real-IP {http.request.header.CF-Connecting-IP}
header_up X-Forwarded-Port {server_port}
}

25
caddy/docker-compose.yml Normal file
View File

@@ -0,0 +1,25 @@
name: caddy
services:
app:
build: .
restart: unless-stopped
env_file: .env
networks:
- proxy-net
extra_hosts:
- "host.docker.internal:host-gateway"
ports:
- "80:80"
- "443:443"
- "443:443/udp"
- "2019:2019"
volumes:
- ./data/site:/srv
- ./data/logs:/logs
- ./config:/etc/caddy
- ./data/caddy_data:/data
- ./data/caddy_config:/config
networks:
proxy-net:
external: true

16
cloudflared/docker-compose.yml Normal file
View File

@@ -0,0 +1,16 @@
name: cloudflared
services:
app:
image: cloudflare/cloudflared:latest
volumes:
- ./config:/etc/cloudflared
command: tunnel --no-autoupdate run --token eyJhIjoiNjhmNjVkYzZkNDgzODZkMTMwNTk2ODk4ZThjNzVhODMiLCJ0IjoiYmNkMjg3OGYtYTRmYi00OWJmLTk0MGMtMzFkYWE2ZDkyNjIwIiwicyI6Ill6STNNbUUwT0RrdE4yWmhaaTAwWWpZM0xXRTFaRFF0TkdWa09HTmpOVFEwTnpRdyJ9
restart: unless-stopped
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- proxy-net
networks:
proxy-net:
external: true

19
dozzle/docker-compose.yml Normal file
View File

@@ -0,0 +1,19 @@
name: dozzle
services:
app:
image: amir20/dozzle:latest
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
expose:
- "8080"
environment:
DOZZLE_AUTH_PROVIDER: forward-proxy
DOZZLE_ENABLE_ACTIONS: true
DOZZLE_HOSTNAME: dozzle.tremendousturtle.tools
networks:
- proxy-net
networks:
proxy-net:
external: true

230
frigate/config/config.yaml Normal file
View File

@@ -0,0 +1,230 @@
# yaml-language-server: $schema=http://192.168.1.234:5000/api/config/schema.json
auth:
enabled: false
proxy:
header_map:
user: X-Forwarded-Preferred-Username
tls:
enabled: false
mqtt:
enabled: false
go2rtc:
streams:
nw_garage:
- ffmpeg:http://192.168.1.240/flv?port=1935&app=bcs&stream=channel0_main.bcs&user=frigate&password=RN3cCsRP5HDF4hFy6dis5NTG#video=copy#audio=copy#audio=opus
ne_garage:
- ffmpeg:http://192.168.1.136/flv?port=1935&app=bcs&stream=channel0_main.bcs&user=frigate&password=6aLJ6lWfm3aTlsgkJrt2m8S8#video=copy#audio=copy#audio=opus
doorbell:
- ffmpeg:http://192.168.1.60/flv?port=1935&app=bcs&stream=channel0_main.bcs&user=frigate&password=dcp5rWdsQ3L4gVyUC2lLNGlf#video=copy#audio=copy#audio=opus
- rtsp://192.168.1.60/Preview_01_sub
webrtc:
candidates:
- 192.168.1.234:8555
- stun:8555
detectors: # <---- add detectors
coral1:
type: edgetpu
device: pci:0
coral2:
type: edgetpu
device: pci:1
objects:
track:
- person
- car
- motorcycle
- bicycle
- dog
- cat
- license plate
- face
- amazon
- usps
- fedex
- ups
- package
- waste bin
cameras:
nw_garage:
enabled: true
ffmpeg:
inputs:
- path: rtsp://127.0.0.1:8554/nw_garage
input_args: preset-rtsp-restream
roles:
- record
- detect
hwaccel_args: preset-vaapi
detect:
enabled: true
width: 960
height: 720
fps: 5
record:
enabled: true
motion:
mask:
- 0.865,0.955,0.865,0.99,0.895,0.99,0.895,0.955
- 0.827,0.955,0.827,0.99,0.858,0.99,0.858,0.955
- 0.79,0.955,0.79,0.99,0.821,0.99,0.821,0.955
- 0.905,0.992,0.932,0.99,0.932,0.965,0.905,0.964
- 0.942,0.987,0.983,0.987,0.982,0.957,0.942,0.958
- 0.69,0.988,0.719,0.988,0.719,0.957,0.69,0.958
threshold: 35
contour_area: 15
improve_contrast: true
zones:
Front_Yard:
coordinates: 0,0.552,0.13,0.709,0.246,0.822,0.451,1,0,1
loitering_time: 0
objects:
- cat
- dog
- package
- person
- usps
- waste bin
Driveway:
coordinates:
0,0.494,0,0.549,0.131,0.706,0.251,0.824,0.454,1,1,1,1,0.37,0.856,0.33,0.743,0.296,0.569,0.253,0.451,0.225,0.264,0.324,0.177,0.372,0.043,0.461
loitering_time: 0
Street:
coordinates:
0,0.491,0.05,0.454,0.176,0.371,0.257,0.325,0.45,0.224,0.49,0.217,0.561,0.185,0.671,0.139,0.738,0.114,0.813,0.084,0.756,0.049,0.736,0.027,0.737,0,0.474,0,0.46,0.009,0.389,0.012,0.318,0.022,0,0.128
loitering_time: 0
ne_garage:
enabled: true
ffmpeg:
inputs:
- path: rtsp://127.0.0.1:8554/ne_garage
input_args: preset-rtsp-restream
roles:
- record
- detect
hwaccel_args: preset-vaapi
detect:
enabled: true
width: 960
height: 720
fps: 5
record:
enabled: true
motion:
mask:
- 0.865,0.955,0.865,0.99,0.895,0.99,0.895,0.955
- 0.827,0.955,0.827,0.99,0.858,0.99,0.858,0.955
- 0.79,0.955,0.79,0.99,0.821,0.99,0.821,0.955
- 0.905,0.992,0.932,0.99,0.932,0.965,0.905,0.964
- 0.942,0.987,0.983,0.987,0.982,0.957,0.942,0.958
- 0.69,0.988,0.719,0.988,0.719,0.957,0.69,0.958
- 0.86,0,0.849,0.11,1,0.187,1,0
threshold: 45
contour_area: 16
improve_contrast: true
zones:
Front_Yard:
coordinates:
0,0.247,0,0.417,0.07,0.391,0.16,0.363,0.287,0.332,0.406,0.306,0.518,0.286,0.314,0.18,0.21,0.195,0.119,0.212
loitering_time: 0
objects:
- cat
- dog
- package
- person
- usps
- waste bin
Driveway:
coordinates:
0,0.42,0,1,1,1,1,0.601,0.876,0.512,0.709,0.402,0.584,0.328,0.514,0.289,0.413,0.307,0.297,0.332,0.177,0.361,0.085,0.388
loitering_time: 0
Street:
coordinates:
0.043,0.059,0.132,0.102,0.205,0.131,0.311,0.176,0.414,0.229,0.523,0.287,0.527,0.293,0.622,0.348,0.697,0.392,0.79,0.452,0.901,0.526,1,0.598,1,0.203,0.612,0.024,0.473,0,0.043,0
loitering_time: 0
doorbell:
enabled: true
ffmpeg:
inputs:
- path: rtsp://127.0.0.1:8554/doorbell
input_args: preset-rtsp-restream
roles:
- record
- detect
hwaccel_args: preset-vaapi
detect:
enabled: true
width: 960
height: 720
fps: 5
record:
enabled: true
motion:
mask:
- 0.79,0.003,0.79,0.035,0.82,0.035,0.82,0.003
- 0.828,0.003,0.828,0.035,0.858,0.035,0.858,0.003
- 0.866,0.003,0.866,0.035,0.896,0.035,0.896,0.003
- 0.904,0.039,0.933,0.038,0.933,0.011,0.904,0.011
- 0.943,0.033,0.983,0.033,0.983,0.004,0.942,0.005
- 0.691,0.034,0.72,0.033,0.72,0.005,0.69,0.005
threshold: 40
contour_area: 13
improve_contrast: true
zones:
Front_Yard:
coordinates: 0,0.876,0,1,1,1,1,0.596,0.491,0.59
loitering_time: 0
objects:
- cat
- dog
- package
- person
- usps
- waste bin
Street:
coordinates: 0.363,0.583,0.643,0.591,0.644,0.524,0.363,0.522
loitering_time: 0
version: 0.14
camera_groups:
Birdseye:
order: 1
icon: LuBird
cameras: birdseye
Front:
order: 2
icon: LuWarehouse
cameras:
- doorbell
- ne_garage
- nw_garage
detect:
stationary:
interval: 50
threshold: 50
snapshots:
enabled: true
retain:
default: 30
record:
enabled: true
retain:
days: 3
mode: all
events:
retain:
default: 30
mode: motion
telemetry:
stats:
network_bandwidth: true

54
frigate/docker-compose.yml Normal file
View File

@@ -0,0 +1,54 @@
name: frigate
services:
app:
restart: unless-stopped
#image: ghcr.io/blakeblackshear/frigate:stable
image: gitea.tremendousturtle.tools/chris/frigate:v0.14.1-web-admin-088ff992
cap_add:
- NET_ADMIN
- NET_RAW
shm_size: "250mb"
devices:
- /dev/apex_0:/dev/apex_0 # Passes a PCIe Coral
- /dev/apex_1:/dev/apex_1 # Passes a PCIe Coral
- /dev/dri/renderD128:/dev/dri/renderD128 # GPU hw accel
volumes:
- /etc/localtime:/etc/localtime:ro
- ./data:/config
- ./config/config.yaml:/config/config.yaml
- /media/surveillance:/media/frigate
- type: tmpfs
target: /tmp/cache
tmpfs:
size: 4000000000
networks:
- proxy-net
ports:
# - "8971:8971"
- "8554:8554" # RTSP feeds
- "8555:8555/tcp" # WebRTC over tcp
- "8555:8555/udp" # WebRTC over udp
- "5000:5000" # VS Code schema validation allowed
expose:
- "8971"
secrets:
- PLUS_API_KEY
environment:
LIBVA_DRIVER_NAME: "radeonsi" # FRIGATE_RTSP_PASSWORD: "69$nC*6$jADbc!"
labels:
- homepage.group=Utility
- homepage.name=Frigate
- homepage.icon=frigate
- homepage.href=https://frigate.tremendousturtle.tools/
- homepage.description=Camera Surveillance
- homepage.widget.type=frigate
- homepage.widget.url=http://frigate-app-1:5000
- homepage.widget.enableRecentEvents=true
networks:
proxy-net:
external: true
secrets:
PLUS_API_KEY:
file: ./secrets/PLUS_API_KEY

2
gitea/.env Normal file
View File

@@ -0,0 +1,2 @@
GITEA_DB_NAME=gitea
GITEA_DB_USER=gitea

64
gitea/docker-compose.yml Normal file
View File

@@ -0,0 +1,64 @@
networks:
gitea:
external: false
proxy-net:
external: true
name: gitea
services:
app:
image: gitea/gitea:latest
environment:
USER_UID: 141
USER_GID: 150
GITEA__database__DB_TYPE: postgres
GITEA__database__HOST: gitea-db-1:5432
GITEA__database__NAME: ${GITEA_DB_NAME}
GITEA__database__USER: ${GITEA_DB_USER}
GITEA__database__PASSWD__FILE: /run/secrets/postgres_pass
GITEA__server__SSH_AUTHORIZED_KEYS_COMMAND_TEMPLATE: gitea --config={{.CustomConf}} serv key-{{.Key.ID}}
GITEA__service__ENABLE_REVERSE_PROXY_AUTHENTICATION: true
GITEA__service__ENABLE_REVERSE_PROXY_AUTO_REGISTRATION: true
GITEA__service__ENABLE_REVERSE_PROXY_EMAIL: true
GITEA__indexer__REPO_INDEXER_ENABLED: true
GITEA__indexer__REPO_INDEXER_PATH: indexers/repos.bleve
GITEA__indexer__MAX_FILE_SIZE: 1048576
GITEA__indexer__REPO_INDEXER_INCLUDE: ""
GITEA__indexer__REPO_INDEXER_EXCLUDE: resources/bin/**
GITEA__security__REVERSE_PROXY_LIMIT: 2
GITEA__security__REVERSE_PROXY_TRUSTED_PROXIES: '172.31.0.0/16'
restart: unless-stopped
networks:
- gitea
- proxy-net
volumes:
- ./data/gitea:/data
- /home/git/.ssh/:/data/git/.ssh
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "127.0.0.1:2222:22"
expose:
- "3000"
depends_on:
- db
secrets:
- postgres_pass
db:
image: postgres:14
restart: unless-stopped
environment:
POSTGRES_USER: ${GITEA_DB_USER}
POSTGRES_PASSWORD_FILE: /run/secrets/postgres_pass
POSTGRES_DB: ${GITEA_DB_NAME}
networks:
- gitea
volumes:
- ./data/postgres:/var/lib/postgresql/data
secrets:
- postgres_pass
secrets:
postgres_pass:
file: ./secrets/POSTGRES_PASS

18
homepage/config/bookmarks.yaml Normal file
View File

@@ -0,0 +1,18 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/bookmarks
- Developer:
- Github:
- abbr: GH
href: https://github.com/
- Social:
- Reddit:
- abbr: RE
href: https://reddit.com/
- Entertainment:
- YouTube:
- abbr: YT
href: https://youtube.com/

0
homepage/config/custom.css Normal file
View File

0
homepage/config/custom.js Normal file
View File

10
homepage/config/docker.yaml Normal file
View File

@@ -0,0 +1,10 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/docker/
my-docker:
host: homepage-dockerproxy-1
port: 2375
# my-docker:
# socket: /var/run/docker.sock

2
homepage/config/kubernetes.yaml Normal file
View File

@@ -0,0 +1,2 @@
---
# sample kubernetes config

18
homepage/config/services.yaml Normal file
View File

@@ -0,0 +1,18 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/services/
- My First Group:
- My First Service:
href: http://localhost/
description: Homepage is awesome
- My Second Group:
- My Second Service:
href: http://localhost/
description: Homepage is the best
- My Third Group:
- My Third Service:
href: http://localhost/
description: Homepage is 😎

7
homepage/config/settings.yaml Normal file
View File

@@ -0,0 +1,7 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/settings/
providers:
openweathermap: openweathermapapikey
weatherapi: weatherapiapikey

12
homepage/config/widgets.yaml Normal file
View File

@@ -0,0 +1,12 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/info-widgets/
- resources:
cpu: true
memory: true
disk: /
- search:
provider: duckduckgo
target: _blank

33
homepage/docker-compose.yml Normal file
View File

@@ -0,0 +1,33 @@
name: homepage
services:
app:
image: ghcr.io/gethomepage/homepage:latest
depends_on:
- dockerproxy
environment:
DOCKER_TEMPLATE_CREATED: true
expose:
- "3000"
networks:
- proxy-net
- default
restart: unless-stopped
volumes:
- ./config:/app/config # Make sure your local config directory exists
dockerproxy:
image: ghcr.io/tecnativa/docker-socket-proxy:latest
environment:
- CONTAINERS=1 # Allow access to viewing containers
- SERVICES=1 # Allow access to viewing services (necessary when using Docker Swarm)
- TASKS=1 # Allow access to viewing tasks (necessary when using Docker Swarm)
- POST=0 # Disallow any POST operations (effectively read-only)
expose:
- "2375"
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro # Mounted as read-only
networks:
proxy-net:
external: true

131
komodo/.env Normal file
View File

@@ -0,0 +1,131 @@
####################################
# 🦎 KOMODO COMPOSE - VARIABLES 🦎 #
####################################
## These compose variables can be used with all Komodo deployment options.
## Pass these variables to the compose up command using `--env-file komodo/compose.env`.
## Additionally, they are passed to both Komodo Core and Komodo Periphery with `env_file: ./compose.env`,
## so you can pass any additional environment variables to Core / Periphery directly in this file as well.
## Stick to a specific version, or use `latest`
COMPOSE_KOMODO_IMAGE_TAG=latest
## Note: 🚨 Podman does NOT support local logging driver 🚨. See Podman options here:
## `https://docs.podman.io/en/v4.6.1/markdown/podman-run.1.html#log-driver-driver`
COMPOSE_LOGGING_DRIVER=journald # Enable log rotation with the local driver.
## DB credentials - Ignored for Sqlite
KOMODO_DB_USERNAME=admin
KOMODO_DB_PASSWORD_FILE=/run/secrets/KOMODO_DB_PASSWORD
## Configure a secure passkey to authenticate between Core / Periphery.
KOMODO_PASSKEY_FILE=/run/secrets/KOMODO_PASSKEY
#=-------------------------=#
#= Komodo Core Environment =#
#=-------------------------=#
## Full variable list + descriptions are available here:
## 🦎 https://github.com/mbecker20/komodo/blob/main/config/core.config.toml 🦎
## Note. Secret variables also support `${VARIABLE}_FILE` syntax to pass docker compose secrets.
## Docs: https://docs.docker.com/compose/how-tos/use-secrets/#examples
## Used for Oauth / Webhook url suggestion / Caddy reverse proxy.
KOMODO_HOST=https://komodo.tremendousturtle.tools
## Displayed in the browser tab.
KOMODO_TITLE=Komodo
## Create a server matching this address as the "first server".
## Use `https://host.docker.internal:8120` when using systemd-managed Periphery.
KOMODO_FIRST_SERVER=https://periphery:8120
## Make all buttons just double-click, rather than the full confirmation dialog.
KOMODO_DISABLE_CONFIRM_DIALOG=false
## Rate Komodo polls your servers for
## status / container status / system stats / alerting.
## Options: 1-sec, 5-sec, 15-sec, 1-min, 5-min.
## Default: 15-sec
KOMODO_MONITORING_INTERVAL="5-sec"
## Rate Komodo polls Resources for updates,
## like outdated commit hash.
## Options: 1-min, 5-min, 15-min, 30-min, 1-hr.
## Default: 5-min
KOMODO_RESOURCE_POLL_INTERVAL="1-min"
## Used to auth incoming webhooks. Alt: KOMODO_WEBHOOK_SECRET_FILE
KOMODO_WEBHOOK_SECRET_FILE=/run/secrets/KOMODO_WEBHOOK_SECRET
## Used to generate jwt. Alt: KOMODO_JWT_SECRET_FILE
KOMODO_JWT_SECRET_FILE=/run/secrets/KOMODO_JWT_SECRET
## Enable login with username + password.
KOMODO_LOCAL_AUTH=false
## Disable new user signups.
KOMODO_DISABLE_USER_REGISTRATION=false
## All new logins are auto enabled
KOMODO_ENABLE_NEW_USERS=false
## Disable non-admins from creating new resources.
KOMODO_DISABLE_NON_ADMIN_CREATE=false
## Allows all users to have Read level access to all resources.
KOMODO_TRANSPARENT_MODE=false
## Time to live for jwt tokens.
## Options: 1-hr, 12-hr, 1-day, 3-day, 1-wk, 2-wk
KOMODO_JWT_TTL="1-wk"
## OIDC Login
KOMODO_OIDC_ENABLED=true
## Must reachable from Komodo Core container
KOMODO_OIDC_PROVIDER=https://authentik.tremendousturtle.tools/application/o/komodo/
## Change the host to one reachable be reachable by users (optional if it is the same as above).
## DO NOT include the `path` part of the URL.
KOMODO_OIDC_REDIRECT_HOST=https://authentik.tremendousturtle.tools
## Your client credentials
KOMODO_OIDC_CLIENT_ID_FILE=/run/secrets/KOMODO_OIDC_CLIENT_ID # Alt: KOMODO_OIDC_CLIENT_ID_FILE
KOMODO_OIDC_CLIENT_SECRET_FILE=/run/secrets/KOMODO_OIDC_CLIENT_SECRET # Alt: KOMODO_OIDC_CLIENT_SECRET_FILE
## Make usernames the full email.
# KOMODO_OIDC_USE_FULL_EMAIL=true
## Add additional trusted audiences for token claims verification.
## Supports comma separated list, and passing with _FILE (for compose secrets).
# KOMODO_OIDC_ADDITIONAL_AUDIENCES=abc,123 # Alt: KOMODO_OIDC_ADDITIONAL_AUDIENCES_FILE
## Github Oauth
KOMODO_GITHUB_OAUTH_ENABLED=false
# KOMODO_GITHUB_OAUTH_ID= # Alt: KOMODO_GITHUB_OAUTH_ID_FILE
# KOMODO_GITHUB_OAUTH_SECRET= # Alt: KOMODO_GITHUB_OAUTH_SECRET_FILE
## Google Oauth
KOMODO_GOOGLE_OAUTH_ENABLED=false
# KOMODO_GOOGLE_OAUTH_ID= # Alt: KOMODO_GOOGLE_OAUTH_ID_FILE
# KOMODO_GOOGLE_OAUTH_SECRET= # Alt: KOMODO_GOOGLE_OAUTH_SECRET_FILE
## Aws - Used to launch Builder instances and ServerTemplate instances.
KOMODO_AWS_ACCESS_KEY_ID= # Alt: KOMODO_AWS_ACCESS_KEY_ID_FILE
KOMODO_AWS_SECRET_ACCESS_KEY= # Alt: KOMODO_AWS_SECRET_ACCESS_KEY_FILE
## Hetzner - Used to launch ServerTemplate instances
## Hetzner Builder not supported due to Hetzner pay-by-the-hour pricing model
KOMODO_HETZNER_TOKEN= # Alt: KOMODO_HETZNER_TOKEN_FILE
#=------------------------------=#
#= Komodo Periphery Environment =#
#=------------------------------=#
## Full variable list + descriptions are available here:
## 🦎 https://github.com/mbecker20/komodo/blob/main/config/periphery.config.toml 🦎
## Periphery passkeys must include KOMODO_PASSKEY to authenticate.
PERIPHERY_PASSKEYS_FILE=${KOMODO_PASSKEY_FILE}
## Specify the root directory used by Periphery agent.
PERIPHERY_ROOT_DIRECTORY=/etc/komodo
## Enable SSL using self signed certificates.
## Connect to Periphery at https://address:8120.
PERIPHERY_SSL_ENABLED=true
## If the disk size is overreporting, can use one of these to
## whitelist / blacklist the disks to filter them, whichever is easier.
## Accepts comma separated list of paths.
## Usually whitelisting just /etc/hostname gives correct size.
PERIPHERY_INCLUDE_DISK_MOUNTS=/etc/hostname
# PERIPHERY_EXCLUDE_DISK_MOUNTS=/snap,/etc/repos

115
komodo/docker-compose.yml Normal file
View File

@@ -0,0 +1,115 @@
################################
# 🦎 KOMODO COMPOSE - MONGO 🦎 #
################################
## This compose file will deploy:
## 1. MongoDB
## 2. Komodo Core
## 3. Komodo Periphery
name: komodo
services:
db:
image: mongo
labels:
komodo.skip: # Prevent Komodo from stopping with StopAllContainers
command: --quiet --wiredTigerCacheSizeGB 0.25
restart: unless-stopped
logging:
driver: ${COMPOSE_LOGGING_DRIVER:-local}
networks:
- default
# ports:
# - 27017:27017
volumes:
- ./data/mongo-data:/data/db
- ./config/mongo-config:/data/configdb
environment:
MONGO_INITDB_ROOT_USERNAME: ${KOMODO_DB_USERNAME}
MONGO_INITDB_ROOT_PASSWORD_FILE: ${KOMODO_DB_PASSWORD_FILE}
secrets:
- KOMODO_DB_PASSWORD
app:
image: ghcr.io/mbecker20/komodo:${COMPOSE_KOMODO_IMAGE_TAG:-latest}
labels:
komodo.skip: # Prevent Komodo from stopping with StopAllContainers
restart: unless-stopped
depends_on:
- db
logging:
driver: ${COMPOSE_LOGGING_DRIVER:-local}
networks:
- default
- proxy-net
ports:
- 9120:9120
env_file: ./.env
environment:
KOMODO_DATABASE_ADDRESS: db:27017
KOMODO_DATABASE_USERNAME: ${KOMODO_DB_USERNAME}
KOMODO_DATABASE_PASSWORD_FILE: ${KOMODO_DB_PASSWORD_FILE}
KOMODO_LOGGING_LEVEL: info
volumes:
## Core cache for repos for latest commit hash / contents
- ./data/repo-cache:/repo-cache
## Store sync files on server
- ./data/syncs:/syncs
## Optionally mount a custom core.config.toml
# - /path/to/core.config.toml:/config/config.toml
secrets:
- KOMODO_DB_PASSWORD
- KOMODO_PASSKEY
- KOMODO_WEBHOOK_SECRET
- KOMODO_JWT_SECRET
- KOMODO_OIDC_CLIENT_SECRET
- KOMODO_OIDC_CLIENT_ID
## Deploy Periphery container using this block,
## or deploy the Periphery binary with systemd using
## https://github.com/mbecker20/komodo/tree/main/scripts
periphery:
image: ghcr.io/mbecker20/periphery:${COMPOSE_KOMODO_IMAGE_TAG:-latest}
labels:
komodo.skip: # Prevent Komodo from stopping with StopAllContainers
restart: unless-stopped
logging:
driver: ${COMPOSE_LOGGING_DRIVER:-local}
networks:
- default
env_file: ./.env
environment:
PERIPHERY_REPO_DIR: ${PERIPHERY_ROOT_DIRECTORY:-/etc/komodo}/repos
PERIPHERY_STACK_DIR: ${PERIPHERY_ROOT_DIRECTORY:-/etc/komodo}/stacks
PERIPHERY_SSL_KEY_FILE: ${PERIPHERY_ROOT_DIRECTORY:-/etc/komodo}/ssl/key.pem
PERIPHERY_SSL_CERT_FILE: ${PERIPHERY_ROOT_DIRECTORY:-/etc/komodo}/ssl/cert.pem
volumes:
## Mount external docker socket
- /var/run/docker.sock:/var/run/docker.sock
## Allow Periphery to see processes outside of container
- /proc:/proc
## Specify the Periphery agent root directory.
## Must be the same inside and outside the container,
## or docker will get confused. See https://github.com/mbecker20/komodo/discussions/180.
## Default: /etc/komodo.
- ${PERIPHERY_ROOT_DIRECTORY:-/etc/komodo}:${PERIPHERY_ROOT_DIRECTORY:-/etc/komodo}
secrets:
- KOMODO_PASSKEY
networks:
default: {}
proxy-net:
external: true
secrets:
KOMODO_DB_PASSWORD:
file: ./secrets/KOMODO_DB_PASSWORD
KOMODO_PASSKEY:
file: ./secrets/KOMODO_PASSKEY
KOMODO_WEBHOOK_SECRET:
file: ./secrets/KOMODO_WEBHOOK_SECRET
KOMODO_JWT_SECRET:
file: ./secrets/KOMODO_JWT_SECRET
KOMODO_OIDC_CLIENT_SECRET:
file: ./secrets/KOMODO_OIDC_CLIENT_SECRET
KOMODO_OIDC_CLIENT_ID:
file: ./secrets/KOMODO_OIDC_CLIENT_ID

0
media-dude/.env Normal file
View File

0
media-dude/docker-compose.yml Normal file
View File

74
media-dude/torrentarr/compose.torrentarr.yml Normal file
View File

@@ -0,0 +1,74 @@
services:
transmission:
image: lscr.io/linuxserver/transmission:latest
environment:
DOCKER_MODS: linuxserver/mods:transmission-env-var-settings
PUID: 998 # media user
PGID: 998 # media group
UMASK: "002"
TZ: America/Los_Angeles
TRANSMISSION_DOWNLOAD_DIR: ${TORRENTARR_DOWNLOAD_DIR:?error}/complete
TRANSMISSION_INCOMPLETE_DIR: ${TORRENTARR_DOWNLOAD_DIR:?error}/incomplete
TRANSMISSION_SPEED_LIMIT_UP: "3750"
TRANSMISSION_SPEED_LIMIT_UP_ENABLED: "true"
TRANSMISSION_WATCH_DIR_ENABLED: "false"
TRANSMISSION_RPC_PORT: ${TORRENTARR_TRANSMISSION_RPC_PORT:?error}
TRANSMISSION_RPC_AUTHENTICATION_REQUIRED: "false"
volumes:
- ./transmission_config:/config
- ${TORRENTARR_DOWNLOAD_DIR:?error}:${TORRENTARR_DOWNLOAD_DIR:?error}
network_mode: "service:gluetun"
restart: unless-stopped
depends_on:
gluetun:
condition: service_healthy
gluetun:
image: qmcgaw/gluetun
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
volumes:
- gluetun_forwarding:/tmp/gluetun_forwarding
ports:
- ${TORRENTARR_TRANSMISSION_RPC_PORT:?error}:${TORRENTARR_TRANSMISSION_RPC_PORT:?error}
restart: unless-stopped
environment:
VPN_SERVICE_PROVIDER: protonvpn
VPN_TYPE: wireguard
VPN_PORT_FORWARDING: on
VPN_PORT_FORWARDING_STATUS_FILE: /tmp/gluetun_forwarding/forwarded_port
PORT_FORWARD_ONLY: "on"
SERVER_COUNTRIES: United States
SERVER_CITIES: Los Angeles
UPDATER_PERIOD: 24h
secrets:
- wireguard_private_key
port-watcher:
build: ../port-watcher
volumes:
- gluetun_forwarding:/watch
environment:
PORT_FILE: /watch/forwarded_port
TRANSMISSION_HOST: gluetun
TRANSMISSION_PORT: ${TORRENTARR_TRANSMISSION_RPC_PORT:?error}
restart: unless-stopped
healthcheck:
test: ["CMD", "test", "-f", "/watch/forwarded_port"]
interval: 10s
timeout: 60s
retries: 10
start_period: 10s
depends_on:
transmission:
condition: service_started
gluetun:
condition: service_healthy
volumes:
gluetun_forwarding:
secrets:
wireguard_private_key:
file: ./secrets/wireguard_private_key

4
media-dude/torrentarr/movies/.env Normal file
View File

@@ -0,0 +1,4 @@
COMPOSE_FILE=compose.yml:../compose.torrentarr.yml
TORRENTARR_DOWNLOAD_DIR=/media/movies/torrents
TORRENTARR_TRANSMISSION_RPC_PORT=10011
COMPOSE_BAKE=true

15
media-dude/torrentarr/movies/compose.yml Normal file
View File

@@ -0,0 +1,15 @@
name: torrentarr-movies
services:
radarr:
image: ghcr.io/hotio/radarr
restart: unless-stopped
ports:
- "7878:7878"
environment:
PUID: 998
PGID: 998
UMASK: "002"
TZ: America/Los_Angeles
volumes:
- ./radarr_config:/config
- /media/movies/library:/media/movies/library

8
media-dude/torrentarr/port-watcher/Dockerfile Normal file
View File

@@ -0,0 +1,8 @@
FROM python:3.11-alpine
WORKDIR /app
COPY port-watcher.py .
RUN pip install watchdog transmission-rpc
CMD ["python", "port-watcher.py"]

82
media-dude/torrentarr/port-watcher/port-watcher.py Normal file
View File

@@ -0,0 +1,82 @@
#!/usr/bin/env python3
import os
import time
import logging
from transmission_rpc import Client
from watchdog.observers import Observer
from watchdog.events import FileSystemEventHandler
logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(message)s')
logger = logging.getLogger()
PORT_FILE = os.getenv('PORT_FILE', '/watch/forwarded_port')
TRANSMISSION_HOST = os.getenv('TRANSMISSION_HOST', 'gluetun')
TRANSMISSION_PORT = os.getenv('TRANSMISSION_PORT', 9091)
class PortFileHandler(FileSystemEventHandler):
def __init__(self):
self.last_port = None
self.transmission_client = Client(host=TRANSMISSION_HOST, port=TRANSMISSION_PORT)
self.check_port_file() # Initial check
def on_modified(self, event):
if not event.is_directory and event.src_path == PORT_FILE:
self.check_port_file()
def check_port_file(self):
try:
if not os.path.exists(PORT_FILE):
logger.info(f"Port file not found: {PORT_FILE}")
return
with open(PORT_FILE, 'r') as f:
port = f.read().strip()
if port != self.last_port and port.isdigit():
self.last_port = port
logger.info(f"Port forwarding changed to: {port}")
self.update_transmission(port)
except Exception as e:
logger.error(f"Error checking port file: {e}")
def update_transmission(self, port):
max_attempts = 5
attempt = 1
delay = 5 # seconds between retry attempts
while attempt <= max_attempts:
logger.info(f"Attempt {attempt}/{max_attempts}: Setting Transmission peer_port to {port}")
try:
self.transmission_client.set_session(peer_port=int(port))
logger.info(f"Successfully updated Transmission peer_port to {port}")
logger.info(f"Testing Transmission peer port...")
if self.transmission_client.port_test():
logger.info("Transmission peer port is open")
else:
logger.warning("Transmission peer port does not appear to be open")
return
except Exception as e:
logger.warning(f"Attempt {attempt}/{max_attempts} failed: {e}")
if attempt < max_attempts:
logger.info(f"Retrying in {delay} seconds...")
time.sleep(delay)
attempt += 1
logger.error(f"Failed to update Transmission peer_port after {max_attempts} attempts")
if __name__ == "__main__":
path = os.path.dirname(PORT_FILE)
logger.info(f"Starting port-watcher monitoring {PORT_FILE}")
event_handler = PortFileHandler()
observer = Observer()
observer.schedule(event_handler, path, recursive=False)
observer.start()
try:
while True:
time.sleep(1)
except KeyboardInterrupt:
observer.stop()
observer.join()

4
media-dude/torrentarr/tv/.env Normal file
View File

@@ -0,0 +1,4 @@
COMPOSE_FILE=compose.yml:../compose.torrentarr.yml
TORRENTARR_DOWNLOAD_DIR=/media/tv/torrents
TORRENTARR_TRANSMISSION_RPC_PORT=10010
COMPOSE_BAKE=true

15
media-dude/torrentarr/tv/compose.yml Normal file
View File

@@ -0,0 +1,15 @@
name: torrentarr-tv
services:
sonarr:
image: ghcr.io/hotio/sonarr
restart: unless-stopped
ports:
- "8989:8989"
environment:
PUID: 998
PGID: 998
UMASK: "002"
TZ: America/Los_Angeles
volumes:
- ./sonarr_config:/config
- /media/tv/library:/media/tv/library

45
openobserve/docker-compose.yml Normal file
View File

@@ -0,0 +1,45 @@
name: openobserve
services:
db:
image: postgres:15
restart: unless-stopped
environment:
POSTGRES_USER: openobserve
POSTGRES_PASSWORD_FILE: /run/secrets/postgres_pass
volumes:
- ./data/postgres:/var/lib/postgresql/data
secrets:
- postgres_pass
app:
image: public.ecr.aws/zinclabs/openobserve:latest
restart: unless-stopped
depends_on:
- db
networks:
- proxy-net
- default
ports:
- "5514:5514"
expose:
- "5080"
env_file: ./secrets/openobserve.env
environment:
ZO_DATA_DIR: /data
ZO_DATA_STREAM_DIR: /stream
ZO_WEB_URL: https://openobserve.tremendousturtle.tools
ZO_TELEMETRY: false
ZO_PROMETHEUS_ENABLED: true
ZO_META_STORE: postgres
volumes:
- ./data/openobserve:/data
- ./data/stream:/stream
networks:
proxy-net:
external: true
secrets:
postgres_pass:
file: ./secrets/POSTGRES_PASS

18
orbital-sync/docker-compose.yml Normal file
View File

@@ -0,0 +1,18 @@
name: orbital-sync
services:
app:
image: mattwebbio/orbital-sync:1
restart: unless-stopped
networks:
- proxy-net
environment:
PRIMARY_HOST_BASE_URL: 'http://192.168.1.234:1080'
PRIMARY_HOST_PASSWORD: ""
SECONDARY_HOSTS_1_BASE_URL: 'http://192.168.1.116'
SECONDARY_HOSTS_1_PASSWORD: 'e8JBq59!pwM6Ppj'
INTERVAL_MINUTES: 60
VERBOSE: true
networks:
proxy-net:
external: true

223
overseerr/config/settings.json Normal file
View File

@@ -0,0 +1,223 @@
{
"clientId": "bb40a33d-0bd4-4a13-b47e-57f97de8ed90",
"vapidPrivate": "NIRnOAl2iPQL4iLbTAsgLcxBuJnbINj5-k-_BDPEgQw",
"vapidPublic": "BHoozLG75WFgLXzgH_ljnWotlAwqGRat1eRZsd_zcsykHzN1MhWdukHOIgb7MzQYrcwMYHboeqihkSyoIKo7ziI",
"main": {
"apiKey": "MTYzNDA4NTYzNzU5MTgzNTQ2YzFhLTE3MGItNDE0Yi1hNjliLWVhYjJkZmE0ZDNhYyk=",
"applicationTitle": "Overseerr",
"applicationUrl": "",
"csrfProtection": false,
"cacheImages": false,
"defaultPermissions": 32,
"defaultQuotas": {
"movie": {},
"tv": {}
},
"hideAvailable": false,
"localLogin": true,
"newPlexLogin": true,
"region": "",
"originalLanguage": "",
"trustProxy": true,
"partialRequestsEnabled": true,
"locale": "en"
},
"plex": {
"name": "winterfell",
"ip": "192.168.1.234",
"port": 32400,
"useSsl": false,
"libraries": [
{
"id": "7",
"name": "4k Movies",
"enabled": true,
"type": "movie",
"lastScan": 1741801200034
},
{
"id": "2",
"name": "Movies",
"enabled": true,
"type": "movie",
"lastScan": 1741801200054
},
{
"id": "1",
"name": "TV Shows",
"enabled": true,
"type": "show",
"lastScan": 1741801200272
}
],
"machineId": "5e16f8ceb511bde943f92bbe07e3e6e33307eb16"
},
"tautulli": {
"hostname": "192.168.1.234",
"port": 8181,
"apiKey": "079935546d82416db237001d03059dc3"
},
"radarr": [
{
"name": "Radarr",
"hostname": "192.168.1.234",
"port": 7878,
"apiKey": "3fa0b478a19f4cb3add222e20f448ab8",
"useSsl": false,
"baseUrl": "",
"activeProfileId": 14,
"activeProfileName": "Default (Remux 1080p)",
"activeDirectory": "/media/movies",
"is4k": false,
"minimumAvailability": "released",
"tags": [],
"isDefault": true,
"syncEnabled": true,
"preventSearch": false,
"tagRequests": false,
"id": 0
}
],
"sonarr": [
{
"name": "Sonarr",
"hostname": "192.168.1.234",
"port": 8989,
"apiKey": "a050eae4aa664ac5b8b108d67e3f502f",
"useSsl": false,
"baseUrl": "",
"activeProfileId": 7,
"activeLanguageProfileId": 1,
"activeProfileName": "Default",
"activeDirectory": "/media/tv",
"activeAnimeProfileId": 9,
"activeAnimeLanguageProfileId": 1,
"activeAnimeProfileName": "Anime (Remux-1080p)",
"activeAnimeDirectory": "/media/tv",
"tags": [],
"animeTags": [],
"is4k": false,
"isDefault": true,
"enableSeasonFolders": true,
"syncEnabled": true,
"preventSearch": false,
"tagRequests": false,
"id": 0
}
],
"public": {
"initialized": true
},
"notifications": {
"agents": {
"email": {
"enabled": false,
"options": {
"emailFrom": "",
"smtpHost": "",
"smtpPort": 587,
"secure": false,
"ignoreTls": false,
"requireTls": false,
"allowSelfSigned": false,
"senderName": "Overseerr"
}
},
"discord": {
"enabled": true,
"types": 222,
"options": {
"webhookUrl": "https://discord.com/api/webhooks/897900990202777690/XRKCdyjqniEYYLwHI5du2BX96TlHmLjqzC8lEppioqIpR1uf2zkDNOHRg_zDOVG0kAwG",
"enableMentions": true
}
},
"lunasea": {
"enabled": false,
"types": 0,
"options": {
"webhookUrl": ""
}
},
"slack": {
"enabled": false,
"types": 0,
"options": {
"webhookUrl": ""
}
},
"telegram": {
"enabled": false,
"types": 0,
"options": {
"botAPI": "",
"chatId": "",
"sendSilently": false
}
},
"pushbullet": {
"enabled": false,
"types": 0,
"options": {
"accessToken": ""
}
},
"pushover": {
"enabled": false,
"types": 0,
"options": {
"accessToken": "",
"userToken": ""
}
},
"webhook": {
"enabled": false,
"types": 0,
"options": {
"webhookUrl": "",
"jsonPayload": "IntcbiAgICBcIm5vdGlmaWNhdGlvbl90eXBlXCI6IFwie3tub3RpZmljYXRpb25fdHlwZX19XCIsXG4gICAgXCJzdWJqZWN0XCI6IFwie3tzdWJqZWN0fX1cIixcbiAgICBcIm1lc3NhZ2VcIjogXCJ7e21lc3NhZ2V9fVwiLFxuICAgIFwiaW1hZ2VcIjogXCJ7e2ltYWdlfX1cIixcbiAgICBcImVtYWlsXCI6IFwie3tub3RpZnl1c2VyX2VtYWlsfX1cIixcbiAgICBcInVzZXJuYW1lXCI6IFwie3tub3RpZnl1c2VyX3VzZXJuYW1lfX1cIixcbiAgICBcImF2YXRhclwiOiBcInt7bm90aWZ5dXNlcl9hdmF0YXJ9fVwiLFxuICAgIFwie3ttZWRpYX19XCI6IHtcbiAgICAgICAgXCJtZWRpYV90eXBlXCI6IFwie3ttZWRpYV90eXBlfX1cIixcbiAgICAgICAgXCJ0bWRiSWRcIjogXCJ7e21lZGlhX3RtZGJpZH19XCIsXG4gICAgICAgIFwiaW1kYklkXCI6IFwie3ttZWRpYV9pbWRiaWR9fVwiLFxuICAgICAgICBcInR2ZGJJZFwiOiBcInt7bWVkaWFfdHZkYmlkfX1cIixcbiAgICAgICAgXCJzdGF0dXNcIjogXCJ7e21lZGlhX3N0YXR1c319XCIsXG4gICAgICAgIFwic3RhdHVzNGtcIjogXCJ7e21lZGlhX3N0YXR1czRrfX1cIlxuICAgIH0sXG4gICAgXCJ7e2V4dHJhfX1cIjogW10sXG4gICAgXCJ7e3JlcXVlc3R9fVwiOiB7XG4gICAgICAgIFwicmVxdWVzdF9pZFwiOiBcInt7cmVxdWVzdF9pZH19XCIsXG4gICAgICAgIFwicmVxdWVzdGVkQnlfZW1haWxcIjogXCJ7e3JlcXVlc3RlZEJ5X2VtYWlsfX1cIixcbiAgICAgICAgXCJyZXF1ZXN0ZWRCeV91c2VybmFtZVwiOiBcInt7cmVxdWVzdGVkQnlfdXNlcm5hbWV9fVwiLFxuICAgICAgICBcInJlcXVlc3RlZEJ5X2F2YXRhclwiOiBcInt7cmVxdWVzdGVkQnlfYXZhdGFyfX1cIlxuICAgIH1cbn0i"
}
},
"webpush": {
"enabled": false,
"options": {}
},
"gotify": {
"enabled": false,
"types": 0,
"options": {
"url": "",
"token": ""
}
}
}
},
"jobs": {
"plex-recently-added-scan": {
"schedule": "0 */5 * * * *"
},
"plex-full-scan": {
"schedule": "0 0 3 * * *"
},
"plex-watchlist-sync": {
"schedule": "0 */10 * * * *"
},
"radarr-scan": {
"schedule": "0 0 4 * * *"
},
"sonarr-scan": {
"schedule": "0 30 4 * * *"
},
"availability-sync": {
"schedule": "0 0 5 * * *"
},
"download-sync": {
"schedule": "0 * * * * *"
},
"download-sync-reset": {
"schedule": "0 0 1 * * *"
},
"image-cache-cleanup": {
"schedule": "0 0 5 * * *"
}
}
}

23
overseerr/docker-compose.yml Normal file
View File

@@ -0,0 +1,23 @@
name: overseerr
services:
app:
image: sctx/overseerr:latest
user: '115'
environment:
- LOG_LEVEL=debug
- TZ=America/Los_Angeles
networks:
- proxy-net
- default
ports:
- "5055:5055"
expose:
- "5055"
volumes:
- ./data:/app/config
- ./config/settings.json:/app/config/settings.json
restart: unless-stopped
networks:
proxy-net:
external: true

1
requestrr/config/settings.json Normal file
View File

@@ -0,0 +1 @@
{"Authentication":{"Username":"chris","Password":"VCj5yqvSYO4ruUSeAc8ftelwSxAA5wgGtuKNEroIIkg=","PrivateKey":"3ec2e0c9-c3c5-48c3-8af3-a59cbe565648"},"ChatClients":{"Discord":{"BotToken":"ODk3NjU1MzM3Mjk1OTcwMzE0.YWY0rg.GYoe2CKabu380pKc1TsGiP_vSP8","ClientId":"897655337295970314","StatusMessage":"/help","TvShowRoles":["894757006248906782","894757531392540693","894759271986786314"],"MovieRoles":["894757006248906782","894757531392540693","894759271986786314"],"MonitoredChannels":["897633767303311370"],"EnableRequestsThroughDirectMessages":false,"AutomaticallyNotifyRequesters":true,"NotificationMode":"Channels","NotificationChannels":["897633767303311370"],"AutomaticallyPurgeCommandMessages":false,"MusicRoles":[]},"Language":"english"},"DownloadClients":{"Ombi":{"Hostname":"","Port":3579,"ApiKey":"","ApiUsername":"","BaseUrl":"","UseSSL":false,"Version":"3","UseMovieIssue":false,"UseTVIssue":false},"Overseerr":{"Hostname":"192.168.1.234","Port":5055,"ApiKey":"MTYzNDA4NTYzNzU5MTgzNTQ2YzFhLTE3MGItNDE0Yi1hNjliLWVhYjJkZmE0ZDNhYyk=","Movies":{"DefaultApiUserId":"16","Categories":[{"Id":749,"Is4K":false,"Name":"Movies","ServiceId":0,"ProfileId":14,"RootFolder":"/media/movies","Tags":[]},{"Id":244,"Is4K":false,"Name":"Movies_Anime","ServiceId":0,"ProfileId":16,"RootFolder":"/media/movies","Tags":[]}]},"TvShows":{"DefaultApiUserId":"16","Categories":[{"Id":383,"Is4K":false,"Name":"TV","ServiceId":0,"ProfileId":7,"LanguageProfileId":1,"RootFolder":"/media/tv","Tags":[2]},{"Id":451,"Is4K":false,"Name":"TV_Anime","ServiceId":0,"ProfileId":9,"LanguageProfileId":1,"RootFolder":"/media/tv","Tags":[]}]},"UseSSL":false,"Version":"1","UseMovieIssue":false,"UseTVIssue":false},"Radarr":{"Hostname":"","Port":7878,"ApiKey":"","BaseUrl":"","Categories":[{"Id":0,"Name":"movie","ProfileId":"1","RootFolder":"","MinimumAvailability":"announced","Tags":[]}],"SearchNewRequests":true,"MonitorNewRequests":true,"UseSSL":false,"Version":"3"},"Sonarr":{"Hostname":"","Port":8989,"ApiKey":"","BaseUrl":"","Categories":[{"Id":0,"Name":"tv","ProfileId":"1","RootFolder":"","Tags":[],"LanguageId":"1","UseSeasonFolders":true,"SeriesType":"standard"}],"SearchNewRequests":true,"MonitorNewRequests":true,"UseSSL":false,"Version":"3"},"Lidarr":{"Hostname":"","Port":8686,"ApiKey":"","BaseUrl":"","Categories":[{"Id":0,"Name":"music","ProfileId":1,"MetadataProfileId":1,"RootFolder":"","Tags":[]}],"SearchNewRequests":true,"MonitorNewRequests":true,"UseSSL":false,"Version":"1"}},"BotClient":{"Client":"Discord"},"Movies":{"Client":"Overseerr"},"TvShows":{"Client":"Overseerr","Restrictions":"None"},"Port":4545,"BaseUrl":"","DisableAuthentication":false,"Version":"2.1.3","Music":{"Client":"Disabled"}}

18
requestrr/docker-compose.yml Normal file
View File

@@ -0,0 +1,18 @@
name: requestrr
services:
app:
image: thomst08/requestrr
networks:
- proxy-net
ports:
- "4545:4545"
expose:
- "4545"
volumes:
- ./config:/root/config
- ./data/tmp:/root/config/tmp
restart: unless-stopped
networks:
proxy-net:
external: true

89
scripts/torrentarr.sh Executable file
View File

@@ -0,0 +1,89 @@
#!/bin/bash
# Define available options as a simple array
OPTIONS=("tv" "movies" "all")
# Default values
TARGET_ALL=true
INSTANCE="all"
ACTION="up"
# Parse command line arguments
while [[ "$#" -gt 0 ]]; do
case $1 in
--down|-d)
ACTION="down"
;;
--restart|-r)
ACTION="restart"
;;
*)
# Assume this is the instance name
INSTANCE="$1"
# Only set TARGET_ALL to false if a specific instance is provided
if [ "$INSTANCE" != "all" ]; then
TARGET_ALL=false
fi
;;
esac
shift
done
# Validate the instance name
if ! [[ " ${OPTIONS[*]} " == *" ${INSTANCE} "* ]]; then
echo "Unknown instance: $INSTANCE"
echo "Valid options: ${OPTIONS[*]}"
exit 1
fi
# Function to execute docker compose commands
run_docker_compose() {
local instance=$1
local action=$2
local ENV_FILE="./${instance}.env"
if [ "$action" == "restart" ]; then
echo "Restart: Stopping $instance torrentarr instance..."
docker compose --env-file "$ENV_FILE" down --remove-orphans
echo "Restart: Starting $instance torrentarr instance..."
docker compose --env-file "$ENV_FILE" up -d
else
if [ "$action" == "down" ]; then
echo "Stopping $inst torrentarr instance..."
docker compose --env-file "$ENV_FILE" down --remove-orphans
echo "Stopped $inst torrentarr instance."
elif [ "$action" == "up" ]; then
echo "Starting $inst torrentarr instance..."
docker compose --env-file "$ENV_FILE" up -d
echo "Started $inst torrentarr instance."
fi
fi
}
# Handle all instances or specific instance
if [ "$TARGET_ALL" = true ]; then
if [ "$ACTION" == "up" ]; then
echo "Starting all instances..."
elif [ "$ACTION" == "down" ]; then
echo "Stopping all instances..."
elif [ "$ACTION" == "restart" ]; then
echo "Restarting all instances..."
fi
# Loop through all options except "all"
for inst in "${OPTIONS[@]}"; do
if [ "$inst" != "all" ]; then
run_docker_compose "$inst" $ACTION
fi
done
if [ "$ACTION" == "up" ]; then
echo "Started all instances"
elif [ "$ACTION" == "down" ]; then
echo "Stopped all instances"
elif [ "$ACTION" == "restart" ]; then
echo "Restarted all instances"
fi
else
run_docker_compose "$INSTANCE" $ACTION
fi

3
seedsync/.gitignore vendored Normal file
View File

@@ -0,0 +1,3 @@
config/**/*.persist
config/**/*.bak
config/**/*.backup

35
seedsync/config/seedsync_junk/settings.cfg Normal file
View File

@@ -0,0 +1,35 @@
[General]
debug = False
verbose = False
[Lftp]
remote_address = asia.feralhosting.com
remote_username = tinyturtle
remote_password = password
remote_port = 22
remote_path = /media/dmg/tinyturtle/junk_transfer
local_path = /downloads
remote_path_to_scan_script = /media/dmg/tinyturtle/.seedsync_junk_bin
use_ssh_key = True
num_max_parallel_downloads = 1
num_max_parallel_files_per_download = 2
num_max_connections_per_root_file = 5
num_max_connections_per_dir_file = 5
num_max_total_connections = 5
use_temp_file = True
[Controller]
interval_ms_remote_scan = 30000
interval_ms_local_scan = 10000
interval_ms_downloading_scan = 1000
extract_path = /seedsynctmp
use_local_path_as_extract_path = True
[Web]
port = 8802
[AutoQueue]
enabled = True
patterns_only = False
auto_extract = True

35
seedsync/config/seedsync_junk_movies/settings.cfg Normal file
View File

@@ -0,0 +1,35 @@
[General]
debug = False
verbose = False
[Lftp]
remote_address = asia.feralhosting.com
remote_username = tinyturtle
remote_password = password
remote_port = 22
remote_path = /media/dmg/tinyturtle/junk_transfer_movies
local_path = /downloads
remote_path_to_scan_script = /media/dmg/tinyturtle/.seedsync_junk_movies_bin
use_ssh_key = True
num_max_parallel_downloads = 1
num_max_parallel_files_per_download = 2
num_max_connections_per_root_file = 5
num_max_connections_per_dir_file = 5
num_max_total_connections = 5
use_temp_file = True
[Controller]
interval_ms_remote_scan = 30000
interval_ms_local_scan = 10000
interval_ms_downloading_scan = 1000
extract_path = /seedsynctmp
use_local_path_as_extract_path = True
[Web]
port = 8805
[AutoQueue]
enabled = True
patterns_only = False
auto_extract = True

35
seedsync/config/seedsync_junk_packs/settings.cfg Normal file
View File

@@ -0,0 +1,35 @@
[General]
debug = False
verbose = False
[Lftp]
remote_address = asia.feralhosting.com
remote_username = tinyturtle
remote_password = password
remote_port = 22
remote_path = /media/dmg/tinyturtle/junk_transfer_packs
local_path = /downloads
remote_path_to_scan_script = /media/dmg/tinyturtle/.seedsync_junk_packs_bin
use_ssh_key = True
num_max_parallel_downloads = 1
num_max_parallel_files_per_download = 2
num_max_connections_per_root_file = 5
num_max_connections_per_dir_file = 5
num_max_total_connections = 5
use_temp_file = True
[Controller]
interval_ms_remote_scan = 30000
interval_ms_local_scan = 10000
interval_ms_downloading_scan = 1000
extract_path = /seedsynctmp
use_local_path_as_extract_path = True
[Web]
port = 8804
[AutoQueue]
enabled = True
patterns_only = False
auto_extract = True

35
seedsync/config/seedsync_movies/settings.cfg Normal file
View File

@@ -0,0 +1,35 @@
[General]
debug = False
verbose = False
[Lftp]
remote_address = asia.feralhosting.com
remote_username = tinyturtle
remote_password = password
remote_port = 22
remote_path = /media/dmg/tinyturtle/transfer/movies
local_path = /downloads
remote_path_to_scan_script = /media/dmg/tinyturtle/.seedsync_movies_bin
use_ssh_key = True
num_max_parallel_downloads = 1
num_max_parallel_files_per_download = 1
num_max_connections_per_root_file = 6
num_max_connections_per_dir_file = 6
num_max_total_connections = 6
use_temp_file = True
[Controller]
interval_ms_remote_scan = 30000
interval_ms_local_scan = 10000
interval_ms_downloading_scan = 1000
extract_path = /seedsynctmp
use_local_path_as_extract_path = True
[Web]
port = 8801
[AutoQueue]
enabled = True
patterns_only = False
auto_extract = True

35
seedsync/config/seedsync_other/settings.cfg Normal file
View File

@@ -0,0 +1,35 @@
[General]
debug = False
verbose = False
[Lftp]
remote_address = asia.feralhosting.com
remote_username = tinyturtle
remote_password = password
remote_port = 22
remote_path = /media/dmg/tinyturtle/transfer/other
local_path = /downloads
remote_path_to_scan_script = /media/dmg/tinyturtle/.seedsync_other_bin
use_ssh_key = True
num_max_parallel_downloads = 1
num_max_parallel_files_per_download = 2
num_max_connections_per_root_file = 4
num_max_connections_per_dir_file = 4
num_max_total_connections = 4
use_temp_file = True
[Controller]
interval_ms_remote_scan = 30000
interval_ms_local_scan = 10000
interval_ms_downloading_scan = 1000
extract_path = /seedsynctmp
use_local_path_as_extract_path = True
[Web]
port = 8803
[AutoQueue]
enabled = True
patterns_only = False
auto_extract = False

35
seedsync/config/seedsync_tv/settings.cfg Normal file
View File

@@ -0,0 +1,35 @@
[General]
debug = False
verbose = False
[Lftp]
remote_address = asia.feralhosting.com
remote_username = tinyturtle
remote_password = password
remote_port = 22
remote_path = /media/dmg/tinyturtle/transfer/tv
local_path = /downloads
remote_path_to_scan_script = /media/dmg/tinyturtle/.seedsync_tv_bin
use_ssh_key = True
num_max_parallel_downloads = 1
num_max_parallel_files_per_download = 2
num_max_connections_per_root_file = 4
num_max_connections_per_dir_file = 4
num_max_total_connections = 4
use_temp_file = True
[Controller]
interval_ms_remote_scan = 30000
interval_ms_local_scan = 10000
interval_ms_downloading_scan = 1000
extract_path = /seedsynctmp
use_local_path_as_extract_path = True
[Web]
port = 8800
[AutoQueue]
enabled = True
patterns_only = False
auto_extract = True

68
seedsync/docker-compose.yml Normal file
View File

@@ -0,0 +1,68 @@
name: seedsync
services:
junksync:
image: ipsingh06/seedsync:latest
container_name: junksync
user: '998'
ports:
- 8802:8802
volumes:
- /media/junk/new_transfer:/downloads
- ./config/seedsync_junk:/config
- /home/media/.ssh:/home/seedsync/.ssh
restart: unless-stopped
junkpacksync:
image: ipsingh06/seedsync:latest
container_name: junkpacksync
user: '998'
ports:
- 8804:8804
volumes:
- /media/raid/junk_pack_transfer:/downloads
- ./config/seedsync_junk_packs:/config
- /home/media/.ssh:/home/seedsync/.ssh
restart: unless-stopped
junkmoviesync:
image: ipsingh06/seedsync:latest
container_name: junkmoviesync
user: '998'
ports:
- 8805:8805
volumes:
- /media/raid/junk_movies_transfer:/downloads
- ./config/seedsync_junk_movies:/config
- /home/media/.ssh:/home/seedsync/.ssh
restart: unless-stopped
moviesync:
image: ipsingh06/seedsync:latest
container_name: moviesync
user: '998'
ports:
- 8801:8801
volumes:
- /media/downloads/movies:/downloads
- ./config/seedsync_movies:/config
- /home/media/.ssh:/home/seedsync/.ssh
restart: unless-stopped
tvsync:
image: ipsingh06/seedsync:latest
container_name: tvsync
user: '998'
ports:
- 8800:8800
volumes:
- /media/downloads/tv:/downloads
- ./config/seedsync_tv:/config
- /home/media/.ssh:/home/seedsync/.ssh
restart: unless-stopped
othersync:
image: ipsingh06/seedsync:latest
container_name: othersync
user: '998'
ports:
- 8803:8803
volumes:
- /media/downloads/other:/downloads
- ./config/seedsync_other:/config
- /home/media/.ssh:/home/seedsync/.ssh
restart: unless-stopped

394
stashapp/config/config.yml Normal file
View File

@@ -0,0 +1,394 @@
api_key: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiJjaHJpcyIsInN1YiI6IkFQSUtleSIsImlhdCI6MTcwNzg0MTk4OX0.nqDqNfNNNVHLuvA3wsvcR8aBwYjqUkCGDAn3AiBMU34
blobs_path: /blobs/
blobs_storage: FILESYSTEM
calculate_md5: false
continue_playlist_default: true
create_image_clip_from_videos: false
cssenabled: false
custom_served_folders:
/: /custom_web
dangerous_allow_public_without_auth: true
database: /db/stash-go.sqlite
defaults:
auto_tag_task:
paths: []
performers:
- '*'
studios:
- '*'
tags: []
generate_task:
clippreviews: false
covers: false
forcetranscodes: false
imagepreviews: false
imagethumbnails: false
interactiveheatmapsspeeds: false
markerids: []
markerimagepreviews: false
markers: true
markerscreenshots: false
overwrite: false
phashes: false
previewoptions:
previewexcludeend: "0"
previewexcludestart: "0"
previewpreset: slow
previewsegmentduration: 0.75
previewsegments: 18
previews: false
sceneids: []
sprites: false
transcodes: false
identify_task:
options:
fieldoptions:
- createmissing: null
field: title
strategy: OVERWRITE
- createmissing: true
field: studio
strategy: MERGE
- createmissing: true
field: performers
strategy: MERGE
- createmissing: true
field: tags
strategy: MERGE
includemaleperformers: true
setcoverimage: true
setorganized: false
skipmultiplematches: true
skipmultiplematchtag: "1159"
skipsinglenameperformers: true
skipsinglenameperformertag: "524"
paths: []
sceneids: []
sources:
- options: null
source:
scraperid: null
stashboxendpoint: https://stashdb.org/graphql
stashboxindex: null
- options: null
source:
scraperid: null
stashboxendpoint: https://metadataapi.net/graphql
stashboxindex: null
scan_task:
scangenerateclippreviews: false
scangeneratecovers: true
scangenerateimagepreviews: false
scangeneratephashes: true
scangeneratepreviews: true
scangeneratesprites: true
scangeneratethumbnails: true
dlna:
default_whitelist:
- 192.168.1.149
video_sort_order: created_at
ffmpeg:
hardware_acceleration: true
gallery_cover_regex: (poster|cover|folder|board)\.[^\.]+$
generated: ""
host: 0.0.0.0
jwt_secret_key: 45dacba9bd122244b17a0365256a8e826f3c8e189cf21d26135b452824a9a037
menu_items:
- scenes
- groups
- markers
- galleries
- performers
- studios
- tags
no_proxy: localhost,127.0.0.1,192.168.0.0/16,10.0.0.0/8,172.16.0.0/12
nobrowser: true
notifications_enabled: false
parallel_tasks: 0
plugins:
disabled:
- VideoScrollWheel
- TPDBMarkers
- filemonitor
- markerTagToScene
- visage
package_sources:
- localpath: community
name: Community (stable)
url: https://stashapp.github.io/CommunityScripts/stable/index.yml
- localpath: stash-plugins
name: Stash-Plugins
url: https://7djx1qp.github.io/stash-plugins/main/index.yml
- localpath: tetrax
name: Tetrax
url: https://tetrax-10.github.io/stash-stuffs/index.yml
- localpath: valkyr
name: Valkyr
url: https://valkyr-js.github.io/stash-plugins/index.yml
- localpath: stgannon
name: STG Annon
url: https://stg-annon.github.io/StashScripts/stable/index.yml
- localpath: community
name: Axter-Stash
url: https://stash.axter.com/Dev/index.yml
settings:
DupFileManager:
matchDupDistance: "1"
mergeDupFilename: true
zwGraylist: /data,/movies,/packs
zxBlacklist: ""
zySwapBetterBitRate: true
zySwapBetterFrameRate: false
zySwapCodec: true
zySwapHighRes: true
zySwapLongLength: true
zzDebug: true
zzObsoleteSettingsCheckVer2: true
zzTracing: true
zzdryRun: false
PerformerDetailsExtended:
additionalStyling: false
appearsMostWithGendered: true
scenesTimespanReverse: false
showWhenCollapsed: true
topTagsOn: true
totalPlayCountOn: true
cjCardTweaks:
addBannerDimension: true
fileCount: true
performerProfileCards: true
markerTagToScene:
allTags: false
stashStashIDInput:
performers: true
studios: true
stashStashIdInput:
performers: true
studios: true
tPdBmarkers:
disableSceneMarkerHook: true
tagGraph:
options: true
timestampTrade:
addTimestampTradeUrl: true
addTsTradeTag: true
createGalleryFromScene: false
createMarkers: true
createMovieFromScene: true
disableGalleryLookupHook: true
disableSceneMarkersHook: false
extraUrls: true
matchFunscripts: false
mergeMarkers: true
overwriteMarkers: false
plugins_path: /plugins/
port: 9999
preview_audio: true
preview_exclude_end: 2%
preview_exclude_start: 5%
preview_preset: slow
preview_segment_duration: 1
preview_segments: 30
python_path: ""
scrapers:
package_sources:
- localpath: community
name: Community (stable)
url: https://stashapp.github.io/CommunityScrapers/stable/index.yml
scrapers_path: /scrapers/
security_tripwire_accessed_from_public_internet: ""
sequential_scanning: false
session_store_key: 72b6a684a4d0f214e5abb049f0110e2df38c43b90fe6cd78ff646607d48a5dae
show_one_time_moved_notification: false
sound_on_preview: false
stash:
- excludeimage: true
excludevideo: false
path: /data/
- excludeimage: true
excludevideo: false
path: /stash
- excludeimage: true
excludevideo: false
path: /junk
- excludeimage: true
excludevideo: false
path: /movies
- excludeimage: true
excludevideo: false
path: /packs
stash_boxes:
- apikey: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiI5ZDIxZTM2NS01N2QyLTRiZDUtODVkOC1kOGQwMjIxYTc2ZTMiLCJzdWIiOiJBUElLZXkiLCJpYXQiOjE2OTc5NjUyOTh9.Yk5agCaeidWqXyjsO29Lb6wnEglXHjSZdE94cDuLx2g
endpoint: https://stashdb.org/graphql
name: stashdb.org
- apikey: H04DEzLXkMqUBtNdS9CYOI4ek9KZb0EBSfNhTt1A87ee11b2
endpoint: https://theporndb.net/graphql
name: ThePornDB
- apikey: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIwNWY4OTFiYy04MjVlLTQ1ZmQtYWFkYS0yYTc0OWE2NzgzMWQiLCJzdWIiOiJBUElLZXkiLCJpYXQiOjE3Mzk2MDkxOTF9.fMPLqqt2B3iw1qpOjMVMHmqMcorbw42Jy4WIBkyj7wo
endpoint: https://fansdb.cc/graphql
name: FansDB
theme_color: '#202b33'
ui:
advancedMode: true
compactExpandedDetails: false
defaultFilters:
performers:
find_filter:
direction: ASC
page: "1"
per_page: "40"
q: ""
sort: name
mode: PERFORMERS
object_filter:
gender:
modifier: EQUALS
value: Female
ui_options:
display_mode: "0"
zoom_index: "1"
scenes:
find_filter:
direction: DESC
page: "1"
per_page: "20"
q: ""
sort: random_81535573
mode: SCENES
object_filter:
path:
modifier: MATCHES_REGEX
value: ^/data/.*$|^/packs/.*$|^/movies/.*$
phash_distance:
modifier: NOT_NULL
value:
distance: "0"
value: ""
play_duration:
modifier: LESS_THAN
value:
value: "4"
studios:
modifier: NOT_NULL
value:
depth: "0"
excluded: []
items: []
ui_options:
display_mode: "0"
zoom_index: "3"
enableChromecast: true
enableMovieBackgroundImage: true
enablePerformerBackgroundImage: true
enableStudioBackgroundImage: true
frontPageContent:
- __typename: CustomFilter
direction: DESC
message:
id: recently_released_objects
values:
objects: Scenes
mode: SCENES
sortBy: date
- __typename: CustomFilter
direction: DESC
message:
id: recently_added_objects
values:
objects: Studios
mode: STUDIOS
sortBy: created_at
- __typename: CustomFilter
direction: DESC
message:
id: recently_released_objects
values:
objects: Movies
mode: MOVIES
sortBy: date
- __typename: CustomFilter
direction: DESC
message:
id: recently_added_objects
values:
objects: Performers
mode: PERFORMERS
sortBy: created_at
- __typename: CustomFilter
direction: DESC
message:
id: recently_released_objects
values:
objects: Galleries
mode: GALLERIES
sortBy: date
lastNoteSeen: "20240826"
minimumPlayPercent: "10"
pinnedFilters:
performers:
- isMissing
scenes:
- path
- isMissing
- tags
ratingSystemOptions:
starPrecision: half
type: stars
taggerConfig:
blacklist:
- \sXXX\s
- 1080p
- 720p
- 2160p
- KTR
- RARBG
- \scom\s
- \[
- \]
createParentStudios: true
excludedPerformerFields:
- name
excludedStudioFields:
- name
fingerprintQueue:
https://stashdb.org/graphql: []
https://theporndb.net/graphql: []
markSceneAsOrganizedOnSave: false
mode: auto
selectedEndpoint: https://theporndb.net/graphql
setCoverImage: true
setTags: true
showMales: true
tagOperation: merge
taskDefaults:
cleanGenerated:
blobFiles: true
dryRun: false
imageThumbnails: true
markers: true
screenshots: true
sprites: true
transcodes: true
generate:
clipPreviews: false
covers: true
imagePreviews: false
imageThumbnails: false
interactiveHeatmapsSpeeds: false
markerImagePreviews: false
markerScreenshots: false
markers: true
phashes: true
previewOptions:
previewExcludeEnd: "0"
previewExcludeStart: "0"
previewPreset: slow
previewSegmentDuration: "0.75"
previewSegments: "18"
previews: true
sprites: true
transcodes: false
trackActivity: true
username: chris
video_file_naming_algorithm: OSHASH
write_image_thumbnails: true

0
stashapp/config/custom.css Executable file
View File

59
stashapp/docker-compose.yml Normal file
View File

@@ -0,0 +1,59 @@
# APPNICENAME=Stash
# APPDESCRIPTION=An organizer for your porn, written in Go
name: stashapp
services:
app:
image: stashapp/stash:latest
restart: unless-stopped
## the container's port must be the same with the STASH_PORT in the environment section
networks:
- proxy-net
expose:
- "9999"
environment:
- STASH_STASH=/data/
- STASH_GENERATED=/generated/
- STASH_METADATA=/metadata/
- STASH_CACHE=/cache/
- STASH_EXTERNAL_HOST=https://stash.tremendousturtle.tools
## Adjust below to change default port (9999)
- STASH_PORT=9999
volumes:
- /etc/localtime:/etc/localtime:ro
## Adjust below paths (the left part) to your liking.
## E.g. you can change ./config:/root/.stash to ./stash:/root/.stash
## Keep configs, scrapers, and plugins here.
- ./config:/root/.stash
## Point this at your collection.
- /media/raid/junk_transfer:/data
- /media/junk/new_transfer:/data/new_transfer
- /media/raid/stash:/stash
- /media/junk/junk:/junk
- /media/raid/junk_movies_transfer:/movies
- /media/raid/junk_pack_transfer:/packs
## This is where your stash's metadata lives
- ./data/metadata:/metadata
## Any other cache content.
- ./data/cache:/cache
## Where to store binary blob data (scene covers, images)
- ./data/blobs:/blobs
## Where to store plugins
- ./data/plugins:/plugins
## Where to store scrapers
- ./data/scrapers:/scrapers
## Where to store database file
- ./data/db:/db
## Custom DupFileManager plugin
- /code/Axter-Stash-Gitea/plugins/DupFileManager:/plugins/community/DupFileManager
- /code/Axter-Stash-Gitea/plugins/DupFileManager/web:/custom_web
## Custom TimestampTrade plugin
- /code/Stash-CommunityScripts/plugins/timestampTrade:/plugins/timestampTrade
## Custom RemoveMarkers plugin
- /code/Stash-Plugins/RemoveMarkers:/plugins/RemoveMarkers
## Where to store generated content (screenshots,previews,transcodes,sprites)
- /media/stashapp/generated:/generated
networks:
proxy-net:
external: true

8
tautulli/.gitignore vendored Normal file
View File

@@ -0,0 +1,8 @@
config/backups/
config/cache/
config/exports/
config/logs/
config/newsletters/
config/release.lock
config/tautulli.db
config/version.lock

170
tautulli/config/config.ini Normal file
View File

@@ -0,0 +1,170 @@
[General]
allow_guest_access = 0
date_format = YYYY-MM-DD
time_format = HH:mm
anon_redirect = https://www.nullrefer.com/?
anon_redirect_dynamic = 0
api_enabled = 1
api_key = 079935546d82416db237001d03059dc3
api_sql = 0
backup_days = 3
backup_dir = /config/backups
backup_interval = 6
cache_dir = /config/cache
cache_images = 1
check_github = 1
check_github_interval = 6
check_github_on_startup = 1
cleanup_files = 0
do_not_override_git_branch = 0
enable_https = 0
export_dir = /config/exports
first_run_complete = 1
freeze_db = 0
get_file_sizes = 0
git_branch = master
git_path = ""
git_remote = origin
git_token = ""
git_user = Tautulli
git_repo = Tautulli
group_history_tables = 1
history_table_activity = 1
home_sections = current_activity, watch_stats, library_stats, recently_added
home_library_cards = 4, 2, 1, 5, 7, 8, 9, 12
home_stats_cards = top_movies, popular_movies, top_tv, popular_tv, top_music, popular_music, last_watched, top_libraries, top_users, top_platforms, most_concurrent
home_refresh_interval = 10
https_create_cert = 1
https_cert = /config/server.crt
https_cert_chain = ""
https_key = /config/server.key
https_domain = localhost
https_ip = 127.0.0.1
http_basic_auth = 0
http_environment = production
http_hash_password = 1
http_hashed_password = 1
http_host = 0.0.0.0
http_password = PBKDF2$sha256$600000$Y6kl7oc/cNUwRhxpN3cYDw==$b4hYGhFatQNKuNvFsY4IEFI5FHVZjBKY
http_port = 8181
http_proxy = 0
http_root = ""
http_username = chris
http_plex_admin = 1
http_base_url = ""
http_rate_limit_attempts = 10
http_rate_limit_attempts_interval = 300
http_rate_limit_lockout_time = 300
http_thread_pool = 10
interface = default
launch_browser = 0
launch_startup = 0
log_blacklist = 1
log_blacklist_usernames = 1
log_dir = /config/logs
musicbrainz_lookup = 0
plexpy_auto_update = 0
show_advanced_settings = 1
themoviedb_apikey = e9a6655bae34bf694a0f3e33338dc28e
themoviedb_lookup = 0
tvmaze_lookup = 0
update_db_interval = 24
update_show_changelog = 0
week_start_monday = 0
sys_tray_icon = 0
[[get_file_sizes_hold]]
section_ids = ,
rating_keys = ,
[PMS]
pms_client_id = a63eebdc-9a0e-45be-9448-d8769535c470
pms_identifier = 5e16f8ceb511bde943f92bbe07e3e6e33307eb16
pms_ip = 192.168.1.234
pms_is_cloud = 0
pms_is_remote = 0
pms_language = ""
pms_logs_folder = /plex_logs
pms_logs_line_cap = 1000
pms_name = winterfell
pms_name_override = ""
pms_port = 32400
pms_token = udTzPteNY8SNSibrzajX
pms_ssl = 0
pms_url = http://192.168.1.234:32400
pms_url_override = ""
pms_url_manual = 0
pms_use_bif = 0
pms_uuid = db661b1c35ed453bba7ddee2e44e3145
pms_plexpass = 1
pms_platform = Linux
pms_version = 1.41.4.9463-630c9f557
pms_update_channel = plex
pms_update_distro = debian
pms_update_distro_build = linux-x86
pms_web_url = https://app.plex.tv/desktop
[Advanced]
pms_timeout = 15
pms_update_check_interval = 24
cache_sizemb = 32
check_docker_mount = 1
check_github_cache_seconds = 3600
config_version = 22
export_threads = 8
https_min_tls_version = TLSv1.2
journal_mode = WAL
metadata_cache_seconds = 1800
notification_threads = 2
notify_text_eval = 0
session_db_write_attempts = 5
synchronous_mode = NORMAL
upgrade_flag = 1
verbose_logs = 1
verify_ssl_cert = 1
websocket_monitor_ping_pong = 0
websocket_connection_attempts = 5
websocket_connection_timeout = 5
jwt_secret = 11a7ffcc84ad42c98cf603d50cffdde5
jwt_update_secret = 0
system_analytics = 1
[Monitoring]
buffer_threshold = 10
buffer_wait = 900
imgur_client_id = ""
logging_ignore_interval = 60
movie_watched_percent = 85
music_watched_percent = 85
monitor_pms_updates = 0
monitoring_interval = 60
notify_consecutive = 0
notify_continued_session_threshold = 15
notify_group_recently_added_grandparent = 1
notify_group_recently_added_parent = 1
notify_upload_posters = 0
notify_recently_added_delay = 300
notify_recently_added_grandparent = 0
notify_recently_added_upgrade = 0
notify_remote_access_threshold = 60
notify_concurrent_by_ip = 0
notify_concurrent_ipv6_cidr = /64
notify_concurrent_threshold = 2
notify_new_device_initial_only = 1
notify_server_connection_threshold = 60
notify_server_update_repeat = 0
notify_plexpy_update_repeat = 0
refresh_libraries_interval = 12
refresh_libraries_on_startup = 1
refresh_users_interval = 12
refresh_users_on_startup = 1
tv_watched_percent = 85
watched_marker = 3
[Cloudinary]
cloudinary_cloud_name = ""
cloudinary_api_key = ""
cloudinary_api_secret = ""
[Newsletter]
newsletter_auth = 0
newsletter_password = ""
newsletter_custom_dir = ""
newsletter_inline_styles = 0
newsletter_templates = newsletters
newsletter_dir = /config/newsletters
newsletter_self_hosted = 0

18
tautulli/docker-compose.yml Normal file
View File

@@ -0,0 +1,18 @@
name: tautulli
services:
app:
environment:
TZ: America/Los_Angeles
image: ghcr.io/tautulli/tautulli:latest
networks:
- proxy-net
expose:
- "8181"
restart: unless-stopped
volumes:
- ./config:/config
- /var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Logs:/plex_logs:ro
networks:
proxy-net:
external: true

29
triliumnext-notes/config/config.ini Normal file
View File

@@ -0,0 +1,29 @@
[General]
# Instance name can be used to distinguish between different instances using backend api.getInstanceName()
instanceName=
# set to true to allow using Trilium without authentication (makes sense for server build only, desktop build doesn't need password)
noAuthentication=false
# set to true to disable backups (e.g. because of limited space on server)
noBackup=false
# Disable automatically generating desktop icon
# noDesktopIcon=true
[Network]
# host setting is relevant only for web deployments - set the host on which the server will listen
# host=0.0.0.0
# port setting is relevant only for web deployments, desktop builds run on a fixed port (changeable with TRILIUM_PORT environment variable)
port=8080
# true for TLS/SSL/HTTPS (secure), false for HTTP (insecure).
https=false
# path to certificate (run "bash bin/generate-cert.sh" to generate self-signed certificate). Relevant only if https=true
certPath=
keyPath=
# setting to give trust to reverse proxies, a comma-separated list of trusted rev. proxy IPs can be specified (CIDR notation is permitted),
# alternatively 'true' will make use of the leftmost IP in X-Forwarded-For, ultimately an integer can be used to tell about the number of hops between
# Trilium (which is hop 0) and the first trusted rev. proxy.
# once set, expressjs will use the X-Forwarded-For header set by the rev. proxy to determinate the real IPs of clients.
# expressjs shortcuts are supported: loopback(127.0.0.1/8, ::1/128), linklocal(169.254.0.0/16, fe80::/10), uniquelocal(10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, fc00::/7)
trustedReverseProxy=false

20
triliumnext-notes/docker-compose.yml Normal file
View File

@@ -0,0 +1,20 @@
name: "triliumnext-notes"
services:
app:
image: triliumnext/notes:v0.90.12
restart: unless-stopped
volumes:
- ./data:/home/node/trilium-data
- ./config:/home/node/trilium-config
expose:
- "8080"
networks:
- proxy-net
environment:
USER_UID: 1000
USER_GID: 1000
TRILIUM_CONFIG_INI_PATH: /home/node/trilium-config/config.ini
networks:
proxy-net:
external: true