diff --git a/adminer/docker-compose.yml b/adminer/docker-compose.yml index 984867a..75a9f10 100644 --- a/adminer/docker-compose.yml +++ b/adminer/docker-compose.yml @@ -1,13 +1,20 @@ +# Adminer Database Management Tool Configuration services: adminer: + # Basic container configuration container_name: adminer image: docker.io/library/adminer:5.3.0 restart: unless-stopped + + # Network port configuration ports: - - ${PORT}:8080 + - ${PORT}:8080 # Maps host port to Adminer web interface + + # Network configuration networks: - - backend + - backend # Connects to backend network +# External network definition networks: backend: - external: true + external: true # Uses pre-existing backend network diff --git a/forgejo/docker-compose.yml b/forgejo/docker-compose.yml index 611508f..154078d 100644 --- a/forgejo/docker-compose.yml +++ b/forgejo/docker-compose.yml @@ -1,19 +1,28 @@ +# Forgejo Git Service Configuration services: forgejo: + # Basic container configuration container_name: forgejo image: codeberg.org/forgejo/forgejo:11.0.3-rootless restart: unless-stopped - user: ${PUID}:${PGID} + user: ${PUID}:${PGID} # Runs as specified user/group + + # Persistent storage configuration volumes: - - ${APPDATA_PATH}/forgejo/config:/etc/gitea - - ${APPDATA_PATH}/forgejo/data:/var/lib/gitea - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro + - ${APPDATA_PATH}/forgejo/config:/etc/gitea # Configuration files + - ${APPDATA_PATH}/forgejo/data:/var/lib/gitea # Application data + - /etc/timezone:/etc/timezone:ro # Timezone configuration + - /etc/localtime:/etc/localtime:ro # Local time configuration + + # Network port configuration ports: - - ${SERVER_PORT}:3000 + - ${SERVER_PORT}:3000 # Maps host port to Forgejo web interface + + # Network configuration networks: - - frontend + - frontend # Connects to frontend network +# External network definition networks: frontend: - external: true \ No newline at end of file + external: true # Uses pre-existing frontend network diff --git a/gitea-mirror/docker-compose.yml b/gitea-mirror/docker-compose.yml index 22fd5df..a09d981 100644 --- a/gitea-mirror/docker-compose.yml +++ b/gitea-mirror/docker-compose.yml @@ -1,28 +1,41 @@ +# Gitea Mirror Service Configuration services: gitea-mirror: + # Basic container configuration container_name: gitea-mirror image: ghcr.io/raylabshq/gitea-mirror:v2.22.0 restart: unless-stopped - user: ${PUID}:${PGID} + user: ${PUID}:${PGID} # Runs as specified user/group + + # Application environment configuration environment: - - NODE_ENV=production - - DATABASE_URL=file:data/gitea-mirror.db - - HOST=0.0.0.0 - - PORT=4321 - - JWT_SECRET=${JWT_SECRET} + - NODE_ENV=production # Runtime environment + - DATABASE_URL=file:data/gitea-mirror.db # SQLite database location + - HOST=0.0.0.0 # Binding address + - PORT=4321 # Internal container port + - JWT_SECRET=${JWT_SECRET} # Authentication secret + + # Persistent storage configuration volumes: - - ${APPDATA_PATH}/gitea-mirror/data:/app/data + - ${APPDATA_PATH}/gitea-mirror/data:/app/data # Application data storage + + # Network port configuration ports: - - ${PORT}:4321 + - ${PORT}:4321 # Maps host port to container + + # Network configuration networks: - - internal + - internal # Connects to internal network + + # Health check configuration healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=3", "--spider", "http://localhost:4321/api/health"] - interval: 30s - timeout: 10s - retries: 5 - start_period: 15s + interval: 30s # Check interval + timeout: 10s # Check timeout + retries: 5 # Allowed retries + start_period: 15s # Initial delay before checks +# External network definition networks: internal: - external: true + external: true # Uses pre-existing internal network diff --git a/gitea-runner/docker-compose-multi.yml b/gitea-runner/docker-compose-multi.yml index 925853b..0c306f5 100644 --- a/gitea-runner/docker-compose-multi.yml +++ b/gitea-runner/docker-compose-multi.yml @@ -1,42 +1,61 @@ +# Gitea Multiple Actions Runners Configuration services: + # First Gitea Runner Instance gitea_runner1: + # Basic container configuration container_name: gitea_runner1 image: docker.io/gitea/act_runner:0.2.12 restart: unless-stopped + + # Runner configuration environment variables environment: - CONFIG_FILE: /config.yaml - GITEA_INSTANCE_URL: "${INSTANCE_URL}" - GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}" - GITEA_RUNNER_NAME: "${RUNNER_NAME1}" + CONFIG_FILE: /config.yaml # Path to configuration file + GITEA_INSTANCE_URL: "${INSTANCE_URL}" # URL of Gitea instance + GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}" # Registration token + GITEA_RUNNER_NAME: "${RUNNER_NAME1}" # Display name for first runner + + # Persistent storage and docker socket configuration volumes: - - ./config.yaml:/config.yaml - - ./data1:/data - - /var/run/docker.sock:/var/run/docker.sock + - ./config.yaml:/config.yaml # Shared configuration file + - ./data1:/data # Dedicated data directory for runner1 + - /var/run/docker.sock:/var/run/docker.sock # Docker socket for container jobs + # Second Gitea Runner Instance gitea_runner2: + # Basic container configuration container_name: gitea_runner2 image: docker.io/gitea/act_runner:0.2.12 restart: unless-stopped + + # Runner configuration environment variables environment: - CONFIG_FILE: /config.yaml - GITEA_INSTANCE_URL: "${INSTANCE_URL}" - GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}" - GITEA_RUNNER_NAME: "${RUNNER_NAME2}" + CONFIG_FILE: /config.yaml # Path to configuration file + GITEA_INSTANCE_URL: "${INSTANCE_URL}" # URL of Gitea instance + GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}" # Registration token + GITEA_RUNNER_NAME: "${RUNNER_NAME2}" # Display name for second runner + + # Persistent storage and docker socket configuration volumes: - - ./config.yaml:/config.yaml - - ./data2:/data - - /var/run/docker.sock:/var/run/docker.sock + - ./config.yaml:/config.yaml # Shared configuration file + - ./data2:/data # Dedicated data directory for runner2 + - /var/run/docker.sock:/var/run/docker.sock # Docker socket for container jobs + # Third Gitea Runner Instance gitea_runner3: + # Basic container configuration container_name: gitea_runner3 image: docker.io/gitea/act_runner:0.2.12 restart: unless-stopped + + # Runner configuration environment variables environment: - CONFIG_FILE: /config.yaml - GITEA_INSTANCE_URL: "${INSTANCE_URL}" - GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}" - GITEA_RUNNER_NAME: "${RUNNER_NAME3}" + CONFIG_FILE: /config.yaml # Path to configuration file + GITEA_INSTANCE_URL: "${INSTANCE_URL}" # URL of Gitea instance + GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}" # Registration token + GITEA_RUNNER_NAME: "${RUNNER_NAME3}" # Display name for third runner + + # Persistent storage and docker socket configuration volumes: - - ./config.yaml:/config.yaml - - ./data3:/data - - /var/run/docker.sock:/var/run/docker.sock + - ./config.yaml:/config.yaml # Shared configuration file + - ./data3:/data # Dedicated data directory for runner3 + - /var/run/docker.sock:/var/run/docker.sock # Docker socket for container jobs diff --git a/gitea-runner/docker-compose.yml b/gitea-runner/docker-compose.yml index d327aec..ca84831 100644 --- a/gitea-runner/docker-compose.yml +++ b/gitea-runner/docker-compose.yml @@ -1,14 +1,20 @@ +# Gitea Actions Runner Configuration services: gitea_runner: + # Basic container configuration container_name: gitea_runner image: docker.io/gitea/act_runner:0.2.12 restart: unless-stopped + + # Runner configuration environment variables environment: - CONFIG_FILE: /config.yaml - GITEA_INSTANCE_URL: "${INSTANCE_URL}" - GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}" - GITEA_RUNNER_NAME: "${RUNNER_NAME}" + CONFIG_FILE: /config.yaml # Path to configuration file + GITEA_INSTANCE_URL: "${INSTANCE_URL}" # URL of Gitea instance + GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}" # Registration token + GITEA_RUNNER_NAME: "${RUNNER_NAME}" # Display name for runner + + # Persistent storage and docker socket configuration volumes: - - ./config.yaml:/config.yaml - - ./data:/data - - /var/run/docker.sock:/var/run/docker.sock + - ./config.yaml:/config.yaml # Runner configuration file + - ./data:/data # Persistent runner data + - /var/run/docker.sock:/var/run/docker.sock # Docker socket for container jobs diff --git a/gitea/docker-compose-mariadb.yml b/gitea/docker-compose-mariadb.yml index b824713..b6644b3 100644 --- a/gitea/docker-compose-mariadb.yml +++ b/gitea/docker-compose-mariadb.yml @@ -1,55 +1,85 @@ +# Gitea Git Service with MariaDB Database Configuration services: + # MariaDB Database Service gitea_db: + # Basic container configuration container_name: gitea_db image: docker.io/library/mariadb:11.8.2 restart: unless-stopped + + # Database optimization parameters command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb-file-per-table=1 --skip-innodb-read-only-compressed + + # Database credentials and configuration environment: - - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} - - MYSQL_USER=${MYSQL_USER} - - MYSQL_PASSWORD=${MYSQL_PASSWORD} - - MYSQL_DATABASE=${MYSQL_DATABASE} + - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} # Root password + - MYSQL_USER=${MYSQL_USER} # Gitea database user + - MYSQL_PASSWORD=${MYSQL_PASSWORD} # Gitea user password + - MYSQL_DATABASE=${MYSQL_DATABASE} # Database name for Gitea + + # Persistent storage configuration volumes: - ${APPDATA_PATH}/gitea/db:/var/lib/mysql + + # Network port configuration ports: - - ${DB_PORT}:3306 + - ${DB_PORT}:3306 # Maps host port to MariaDB + + # Network configuration networks: - - backend + - backend # Connects to backend network + + # Health check configuration healthcheck: test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"] - start_period: 10s - interval: 10s - timeout: 5s - retries: 3 + start_period: 10s # Initial delay before checks + interval: 10s # Check interval + timeout: 5s # Check timeout + retries: 3 # Allowed retries + # Gitea Server Service gitea_server: + # Basic container configuration container_name: gitea_server image: docker.io/gitea/gitea:1.24.2-rootless restart: unless-stopped + + # Service dependencies depends_on: gitea_db: - condition: service_healthy - user: ${PUID}:${PGID} + condition: service_healthy # Requires healthy database + + # Runtime configuration + user: ${PUID}:${PGID} # Runs as specified user/group + + # Gitea configuration environment: - GITEA__database__DB_TYPE=mysql - GITEA__database__HOST=gitea_db:3306 - GITEA__database__NAME=${MYSQL_DATABASE} - GITEA__database__USER=${MYSQL_USER} - GITEA__database__PASSWD=${MYSQL_PASSWORD} + + # Persistent storage configuration volumes: - ${APPDATA_PATH}/gitea/config:/etc/gitea - ${APPDATA_PATH}/gitea/data:/var/lib/gitea - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro + + # Network port configuration ports: - ${SERVER_PORT}:3000 - ${SSH_PORT}:22 + + # Network configuration networks: - - frontend - - backend + - frontend # Connects to frontend network + - backend # Connects to backend network +# Internal network definition networks: frontend: - external: true + external: true # Uses pre-existing frontend network backend: - external: true + external: true # Uses pre-existing backend network diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 809812c..65f07c8 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -1,53 +1,79 @@ +# Gitea Git Service with PostgreSQL Database Configuration services: + # PostgreSQL Database Service gitea_db: + # Basic container configuration container_name: gitea_db image: docker.io/library/postgres:17.5 restart: unless-stopped + + # Database credentials and configuration environment: - - POSTGRES_USER=${POSTGRES_USER} - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - - POSTGRES_DB=${POSTGRES_DB} + - POSTGRES_USER=${POSTGRES_USER} # Database admin username + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} # Database admin password + - POSTGRES_DB=${POSTGRES_DB} # Database name for Gitea + + # Persistent storage configuration volumes: - ${APPDATA_PATH}/gitea/db:/var/lib/postgresql/data + + # Network port configuration ports: - - ${DB_PORT}:5432 + - ${DB_PORT}:5432 # Maps host port to PostgreSQL + + # Network configuration networks: - - backend + - backend # Connects to backend network + + # Health check configuration healthcheck: test: ["CMD-SHELL", "pg_isready -d ${POSTGRES_DB} -U ${POSTGRES_USER}"] - start_period: 10s - interval: 10s - timeout: 5s - retries: 3 + start_period: 10s # Initial delay before checks + interval: 10s # Check interval + timeout: 5s # Check timeout + retries: 3 # Allowed retries + # Gitea Server Service gitea_server: + # Basic container configuration container_name: gitea_server image: docker.io/gitea/gitea:1.24.2-rootless restart: unless-stopped + + # Service dependencies depends_on: gitea_db: - condition: service_healthy - user: ${PUID}:${PGID} + condition: service_healthy # Requires healthy database + + # Runtime configuration + user: ${PUID}:${PGID} # Runs as specified user/group environment: - - GITEA__database__DB_TYPE=postgres - - GITEA__database__HOST=gitea_db:5432 - - GITEA__database__NAME=${POSTGRES_DB} - - GITEA__database__USER=${POSTGRES_USER} - - GITEA__database__PASSWD=${POSTGRES_PASSWORD} + - GITEA__database__DB_TYPE=postgres # Database type + - GITEA__database__HOST=gitea_db:5432 # Database host + - GITEA__database__NAME=${POSTGRES_DB} # Database name + - GITEA__database__USER=${POSTGRES_USER} # Database username + - GITEA__database__PASSWD=${POSTGRES_PASSWORD} # Database password + + # Persistent storage configuration volumes: - ${APPDATA_PATH}/gitea/config:/etc/gitea - ${APPDATA_PATH}/gitea/data:/var/lib/gitea - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro + + # Network port configuration ports: - - ${SERVER_PORT}:3000 - - ${SSH_PORT}:22 + - ${SERVER_PORT}:3000 # Maps host port to Gitea web interface + - ${SSH_PORT}:22 # Maps host port to Gitea SSH + + # Network configuration networks: - - frontend - - backend + - frontend # Connects to frontend network + - backend # Connects to backend network +# External network definition networks: frontend: - external: true + external: true # Uses pre-existing frontend network backend: - external: true + external: true # Uses pre-existing backend network diff --git a/gotify/docker-compose.yml b/gotify/docker-compose.yml index 5073476..61dda00 100644 --- a/gotify/docker-compose.yml +++ b/gotify/docker-compose.yml @@ -1,18 +1,29 @@ +# Gotify Push Notification Server Configuration services: gotify: + # Basic container configuration container_name: gotify image: ghcr.io/gotify/server:2.6.3 restart: unless-stopped + + # Application environment configuration environment: - - TZ=${TZ} - - GOTIFY_REGISTRATION=${GOTIFY_REGISTRATION} + - TZ=${TZ} # Timezone configuration + - GOTIFY_REGISTRATION=${GOTIFY_REGISTRATION} # Allow/disallow new user registration + + # Persistent storage configuration volumes: - - ${APPDATA_PATH}/gotify/config:/app/data + - ${APPDATA_PATH}/gotify/config:/app/data # Configuration and database storage + + # Network port configuration ports: - - ${PORT}:80 + - ${PORT}:80 # Maps host port to Gotify web interface + + # Network configuration networks: - - frontend + - frontend # Connects to frontend network +# External network definition networks: frontend: - external: true + external: true # Uses pre-existing frontend network diff --git a/healthchecks/docker-compose.yml b/healthchecks/docker-compose.yml index 33b58ea..f56815c 100644 --- a/healthchecks/docker-compose.yml +++ b/healthchecks/docker-compose.yml @@ -1,39 +1,61 @@ +# Healthchecks.io Monitoring Service Configuration services: healthchecks: + # Basic container configuration container_name: healthchecks image: ghcr.io/linuxserver/healthchecks:3.10.20250705 restart: unless-stopped + + # User and system configuration environment: - - PUID=${PUID} - - PGID=${PGID} - - TZ=${TZ} - - SITE_ROOT=${SITE_ROOT} - - SITE_NAME=${SITE_NAME} - - DEFAULT_FROM_EMAIL=${DEFAULT_FROM_EMAIL} - - EMAIL_HOST=${EMAIL_HOST} - - EMAIL_PORT=${EMAIL_PORT} - - EMAIL_HOST_USER=${EMAIL_HOST_USER} - - EMAIL_HOST_PASSWORD=${EMAIL_HOST_PASSWORD} - - EMAIL_USE_TLS=${EMAIL_USE_TLS} - - EMAIL_USE_SSL=${EMAIL_USE_SSL} - - SUPERUSER_EMAIL=${SUPERUSER_EMAIL} - - SUPERUSER_PASSWORD=${SUPERUSER_PASSWORD} - - SECRET_KEY=${SECRET_KEY} - - APPRISE_ENABLED=${APPRISE_ENABLED} - - REGISTRATION_OPEN=${REGISTRATION_OPEN} - - DEBUG=${DEBUG} - - SITE_LOGO_URL=${SITE_LOGO_URL} - - PING_EMAIL_DOMAIN=${PING_EMAIL_DOMAIN} - - DISCORD_CLIENT_ID=${DISCORD_CLIENT_ID} - - DISCORD_CLIENT_SECRET=${DISCORD_CLIENT_SECRET} + # System settings + - PUID=${PUID} # User ID + - PGID=${PGID} # Group ID + - TZ=${TZ} # Timezone + + # Site configuration + - SITE_ROOT=${SITE_ROOT} # Base URL + - SITE_NAME=${SITE_NAME} # Site display name + - SITE_LOGO_URL=${SITE_LOGO_URL} # Custom logo URL + + # Email server configuration + - DEFAULT_FROM_EMAIL=${DEFAULT_FROM_EMAIL} # Sender address + - EMAIL_HOST=${EMAIL_HOST} # SMTP server + - EMAIL_PORT=${EMAIL_PORT} # SMTP port + - EMAIL_HOST_USER=${EMAIL_HOST_USER} # SMTP username + - EMAIL_HOST_PASSWORD=${EMAIL_HOST_PASSWORD} # SMTP password + - EMAIL_USE_TLS=${EMAIL_USE_TLS} # Enable TLS + - EMAIL_USE_SSL=${EMAIL_USE_SSL} # Enable SSL + - PING_EMAIL_DOMAIN=${PING_EMAIL_DOMAIN} # Email domain for pings + + # Authentication and security + - SUPERUSER_EMAIL=${SUPERUSER_EMAIL} # Admin email + - SUPERUSER_PASSWORD=${SUPERUSER_PASSWORD} # Admin password + - SECRET_KEY=${SECRET_KEY} # Cryptographic secret + - REGISTRATION_OPEN=${REGISTRATION_OPEN} # Allow new registrations + + # Integration settings + - APPRISE_ENABLED=${APPRISE_ENABLED} # Enable Apprise notifications + - DISCORD_CLIENT_ID=${DISCORD_CLIENT_ID} # Discord integration + - DISCORD_CLIENT_SECRET=${DISCORD_CLIENT_SECRET} # Discord secret + + # Debugging + - DEBUG=${DEBUG} # Debug mode + + # Persistent storage configuration volumes: - - ${APPDATA_PATH}/healthchecks/config:/config + - ${APPDATA_PATH}/healthchecks/config:/config # Configuration storage + + # Network port configuration ports: - - ${PORT}:8000 - - ${SMTP_PORT}:2525 + - ${PORT}:8000 # Web interface port + - ${SMTP_PORT}:2525 # SMTP port for email + + # Network configuration networks: - - frontend + - frontend # Connects to frontend network +# External network configuration networks: frontend: - external: true + external: true # Uses pre-existing frontend network diff --git a/homeassistant/docker-compose.yml b/homeassistant/docker-compose.yml index 2f94a2c..a05057d 100644 --- a/homeassistant/docker-compose.yml +++ b/homeassistant/docker-compose.yml @@ -1,16 +1,25 @@ +# Home Assistant Smart Home Platform Configuration services: homeassistant: + # Basic container configuration container_name: homeassistant image: docker.io/homeassistant/home-assistant:2025.7.1 restart: unless-stopped + + # Persistent storage and system configuration volumes: - - ${APPDATA_PATH}/homeassistant/config:/config - - /etc/localtime:/etc/localtime:ro + - ${APPDATA_PATH}/homeassistant/config:/config # Configuration files + - /etc/localtime:/etc/localtime:ro # Sync host timezone + + # Network port configuration ports: - - ${PORT}:8123 + - ${PORT}:8123 # Web interface port + + # Network configuration networks: - - frontend + - frontend # Connects to frontend network +# External network definition networks: frontend: - external: true + external: true # Uses pre-existing frontend network diff --git a/minio/docker-compose.yml b/minio/docker-compose.yml index a55980e..aef5a59 100644 --- a/minio/docker-compose.yml +++ b/minio/docker-compose.yml @@ -28,7 +28,7 @@ services: # Network configuration networks: - - frontend + - frontend # Connects to frontend network # External network definition networks: diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 0a832ed..a2fc169 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -1,43 +1,65 @@ +# Nextcloud with PostgreSQL and Valkey Configuration services: + # PostgreSQL Database Service nextcloud_db: + # Basic container configuration container_name: nextcloud_db image: docker.io/library/postgres:17.5 restart: unless-stopped + + # Database credentials environment: - - POSTGRES_USER=${POSTGRES_USER} - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - - POSTGRES_DB=${POSTGRES_DB} + - POSTGRES_USER=${POSTGRES_USER} # Database username + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} # Database password + - POSTGRES_DB=${POSTGRES_DB} # Database name + + # Persistent storage configuration volumes: - - ${APPDATA_PATH}/nextcloud/db:/var/lib/postgresql/data + - ${APPDATA_PATH}/nextcloud/db:/var/lib/postgresql/data # Database files + + # Network configuration ports: - - ${DB_PORT}:5432 + - ${DB_PORT}:5432 # PostgreSQL port networks: - - backend + - backend # Connects to backend network + + # Health monitoring healthcheck: test: ["CMD-SHELL", "pg_isready -d ${POSTGRES_DB} -U ${POSTGRES_USER}"] - start_period: 10s - interval: 10s - timeout: 5s - retries: 3 + start_period: 10s # Initial delay + interval: 10s # Check frequency + timeout: 5s # Timeout duration + retries: 3 # Retry attempts + # Valkey (Redis-compatible) Cache Service nextcloud_valkey: + # Basic container configuration container_name: nextcloud_valkey image: docker.io/valkey/valkey:8.1.3 restart: unless-stopped - command: valkey-server --save 60 1 --requirepass ${VALKEY_PASSWORD} + + # Runtime configuration + command: valkey-server --save 60 1 --requirepass ${VALKEY_PASSWORD} # Persistence and auth + + # Persistent storage configuration volumes: - - ${APPDATA_PATH}/nextcloud/valkey:/data + - ${APPDATA_PATH}/nextcloud/valkey:/data # Valkey data + + # Network configuration ports: - - ${VALKEY_PORT}:6379 + - ${VALKEY_PORT}:6379 # Valkey port networks: - - backend + - backend # Connects to backend network + + # Health monitoring healthcheck: test: ["CMD-SHELL", "echo 'auth ${VALKEY_PASSWORD}\nping' | valkey-cli | grep PONG"] - start_period: 20s - interval: 30s - retries: 5 - timeout: 3s + start_period: 20s # Initial delay + interval: 30s # Check frequency + retries: 5 # Retry attempts + timeout: 3s # Timeout duration + # Nextcloud Application Service nextcloud_app: image: docker.io/library/nextcloud:31.0.7 container_name: nextcloud_app @@ -47,51 +69,81 @@ services: condition: service_healthy nextcloud_valkey: condition: service_healthy + + # Environment variables environment: - - POSTGRES_HOST=nextcloud_db:5432 - - POSTGRES_DB=${POSTGRES_DB} - - POSTGRES_USER=${POSTGRES_USER} - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - - REDIS_HOST=nextcloud_valkey - - REDIS_HOST_PORT=6379 - - REDIS_HOST_PASSWORD=${VALKEY_PASSWORD} - - PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT} - - PHP_UPLOAD_LIMIT=${PHP_UPLOAD_LIMIT} - - APACHE_DISABLE_REWRITE_IP=${APACHE_DISABLE_REWRITE_IP} + # Database configuration + - POSTGRES_HOST=nextcloud_db:5432 # PostgreSQL host and port + - POSTGRES_DB=${POSTGRES_DB} # Database name + - POSTGRES_USER=${POSTGRES_USER} # Database username + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} # Database password + + # Redis/Valkey cache configuration + - REDIS_HOST=nextcloud_valkey # Valkey hostname + - REDIS_HOST_PORT=6379 # Valkey port + - REDIS_HOST_PASSWORD=${VALKEY_PASSWORD} # Valkey authentication + + # PHP performance tuning + - PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT} # Memory allocation + - PHP_UPLOAD_LIMIT=${PHP_UPLOAD_LIMIT} # Max upload size + + # Security settings + - APACHE_DISABLE_REWRITE_IP=${APACHE_DISABLE_REWRITE_IP} # IP address handling + + # Persistent storage configuration volumes: - ${APPDATA_PATH}/nextcloud/app:/var/www/html + + # Network configuration ports: - ${APP_PORT}:80 networks: - - frontend - - backend + - frontend # Connects to frontend network + - backend # Connects to backend network + # Nextcloud Cron Service nextcloud_cron: image: docker.io/library/nextcloud:31.0.7 container_name: nextcloud_cron restart: unless-stopped depends_on: - nextcloud_app + + # Entry point entrypoint: /cron.sh + + # Environment variables environment: - - POSTGRES_HOST=nextcloud_db:5432 - - POSTGRES_DB=${POSTGRES_DB} - - POSTGRES_USER=${POSTGRES_USER} - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - - REDIS_HOST=nextcloud_valkey - - REDIS_HOST_PORT=6379 - - REDIS_HOST_PASSWORD=${VALKEY_PASSWORD} - - PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT} - - PHP_UPLOAD_LIMIT=${PHP_UPLOAD_LIMIT} - - APACHE_DISABLE_REWRITE_IP=${APACHE_DISABLE_REWRITE_IP} + # Database configuration + - POSTGRES_HOST=nextcloud_db:5432 # PostgreSQL host and port + - POSTGRES_DB=${POSTGRES_DB} # Database name + - POSTGRES_USER=${POSTGRES_USER} # Database username + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} # Database password + + # Redis/Valkey cache configuration + - REDIS_HOST=nextcloud_valkey # Valkey hostname + - REDIS_HOST_PORT=6379 # Valkey port + - REDIS_HOST_PASSWORD=${VALKEY_PASSWORD} # Valkey authentication + + # PHP performance tuning + - PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT} # Memory allocation + - PHP_UPLOAD_LIMIT=${PHP_UPLOAD_LIMIT} # Max upload size + + # Security settings + - APACHE_DISABLE_REWRITE_IP=${APACHE_DISABLE_REWRITE_IP} # IP address handling + + # Persistent storage configuration volumes: - ${APPDATA_PATH}/nextcloud/app:/var/www/html + + # Network configuration networks: - - frontend - - backend + - frontend # Connects to frontend network + - backend # Connects to backend network +# External network definitions networks: frontend: - external: true + external: true # Uses pre-existing network backend: - external: true + external: true # Uses pre-existing network diff --git a/opengist/docker-compose-mariadb.yml b/opengist/docker-compose-mariadb.yml index d76b1bd..412dfff 100644 --- a/opengist/docker-compose-mariadb.yml +++ b/opengist/docker-compose-mariadb.yml @@ -1,58 +1,94 @@ +# OpenGist with MariaDB Configuration services: + # MariaDB Database Service opengist_db: + # Basic container configuration container_name: opengist_db image: docker.io/library/mariadb:11.8.2 restart: unless-stopped + + # Database performance tuning command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb-file-per-table=1 --skip-innodb-read-only-compressed + + # Database credentials environment: - - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} - - MYSQL_USER=${MYSQL_USER} - - MYSQL_PASSWORD=${MYSQL_PASSWORD} - - MYSQL_DATABASE=${MYSQL_DATABASE} + - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} # Root password + - MYSQL_USER=${MYSQL_USER} # Application username + - MYSQL_PASSWORD=${MYSQL_PASSWORD} # Application password + - MYSQL_DATABASE=${MYSQL_DATABASE} # Database name + + # Persistent storage configuration volumes: - - ${APPDATA_PATH}/opengist/db:/var/lib/mysql + - ${APPDATA_PATH}/opengist/db:/var/lib/mysql # Database files + + # Network configuration ports: - - ${DB_PORT}:3306 + - ${DB_PORT}:3306 # MariaDB port networks: - - backend + - backend # Connects to backend network + + # Health monitoring healthcheck: test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"] - interval: 10s - timeout: 5s - retries: 3 - start_period: 10s + interval: 10s # Check frequency + timeout: 5s # Timeout duration + retries: 3 # Retry attempts + start_period: 10s # Initial delay + # OpenGist Application Service opengist_server: + # Basic container configuration container_name: opengist_server image: ghcr.io/thomiceli/opengist:1.10.0 restart: unless-stopped + + # Service dependencies depends_on: opengist_db: - condition: service_healthy + condition: service_healthy # Wait for healthy database + + # Runtime configuration environment: - - UID=${UID} - - GID=${GID} - - OG_DB_URI=mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@opengist_db:3306/${MYSQL_DATABASE} - - OG_EXTERNAL_URL=${OG_EXTERNAL_URL} - - OG_SECRET_KEY=${OG_SECRET_KEY} - - OG_HTTP_GIT_ENABLED=${OG_HTTP_GIT_ENABLED} - - OG_SSH_GIT_ENABLED=${OG_SSH_GIT_ENABLED} - - OG_GITEA_CLIENT_KEY=${OG_GITEA_CLIENT_KEY} - - OG_GITEA_SECRET=${OG_GITEA_SECRET} - - OG_GITEA_URL=${OG_GITEA_URL} - - OG_GITEA_NAME=${OG_GITEA_NAME} - - OG_CUSTOM_STATIC_LINK_0_NAME=${OG_CUSTOM_STATIC_LINK_0_NAME} - - OG_CUSTOM_STATIC_LINK_0_PATH=${OG_CUSTOM_STATIC_LINK_0_PATH} + # User and group IDs for file permissions + - UID=${UID} # User ID for file permissions + - GID=${GID} # Group ID for file permissions + + # Database connection + - OG_DB_URI=mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@opengist_db:3306/${MYSQL_DATABASE} # MariaDB connection string + + # Application settings + - OG_EXTERNAL_URL=${OG_EXTERNAL_URL} # Public URL for OpenGist + - OG_SECRET_KEY=${OG_SECRET_KEY} # Encryption key for sessions + + # Git protocol configuration + - OG_HTTP_GIT_ENABLED=${OG_HTTP_GIT_ENABLED} # Enable HTTP Git access + - OG_SSH_GIT_ENABLED=${OG_SSH_GIT_ENABLED} # Enable SSH Git access + + # Gitea integration + - OG_GITEA_CLIENT_KEY=${OG_GITEA_CLIENT_KEY} # OAuth client key + - OG_GITEA_SECRET=${OG_GITEA_SECRET} # OAuth secret + - OG_GITEA_URL=${OG_GITEA_URL} # Gitea instance URL + - OG_GITEA_NAME=${OG_GITEA_NAME} # Gitea application name + + # Customization + - OG_CUSTOM_STATIC_LINK_0_NAME=${OG_CUSTOM_STATIC_LINK_0_NAME} # Custom link name + - OG_CUSTOM_STATIC_LINK_0_PATH=${OG_CUSTOM_STATIC_LINK_0_PATH} # Custom link path + + # Persistent storage configuration volumes: - ${APPDATA_PATH}/opengist/data:/opengist + + # Network configuration ports: - - ${SERVER_PORT}:6157 + - ${SERVER_PORT}:6157 # Web interface port + - 2222:2222 # SSH port for Git operations networks: - - frontend - - backend + - frontend # Connects to frontend network + - backend # Connects to backend network +# External network definitions networks: frontend: - external: true + external: true # Uses pre-existing network backend: - external: true + external: true # Uses pre-existing network diff --git a/opengist/docker-compose.yml b/opengist/docker-compose.yml index ec591c9..3e41089 100644 --- a/opengist/docker-compose.yml +++ b/opengist/docker-compose.yml @@ -1,57 +1,90 @@ +# OpenGist Git Snippet Service Configuration services: + # PostgreSQL Database Service opengist_db: + # Basic container configuration container_name: opengist_db image: docker.io/library/postgres:17.5 restart: unless-stopped + + # Database credentials environment: - - POSTGRES_USER=${POSTGRES_USER} - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - - POSTGRES_DB=${POSTGRES_DB} + - POSTGRES_USER=${POSTGRES_USER} # Database username + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} # Database password + - POSTGRES_DB=${POSTGRES_DB} # Database name + + # Persistent storage configuration volumes: - - ${APPDATA_PATH}/opengist/db:/var/lib/postgresql/data + - ${APPDATA_PATH}/opengist/db:/var/lib/postgresql/data # Database files + + # Network configuration ports: - - ${DB_PORT}:5432 + - ${DB_PORT}:5432 # PostgreSQL port networks: - - backend + - backend # Connects to backend network + + # Health monitoring healthcheck: test: ["CMD-SHELL", "pg_isready -d ${POSTGRES_DB} -U ${POSTGRES_USER}"] - interval: 10s - timeout: 5s - retries: 3 - start_period: 10s + interval: 10s # Check frequency + timeout: 5s # Timeout duration + retries: 3 # Retry attempts + start_period: 10s # Initial delay + # OpenGist Application Service opengist_server: + # Basic container configuration container_name: opengist_server image: ghcr.io/thomiceli/opengist:1.10.0 restart: unless-stopped + + # Service dependencies depends_on: opengist_db: - condition: service_healthy + condition: service_healthy # Wait for healthy database + + # Runtime configuration environment: - - UID=${UID} - - GID=${GID} - - OG_DB_URI=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@opengist_db:5432/${POSTGRES_DB} - - OG_EXTERNAL_URL=${OG_EXTERNAL_URL} - - OG_SECRET_KEY=${OG_SECRET_KEY} - - OG_HTTP_GIT_ENABLED=${OG_HTTP_GIT_ENABLED} - - OG_SSH_GIT_ENABLED=${OG_SSH_GIT_ENABLED} - - OG_GITEA_CLIENT_KEY=${OG_GITEA_CLIENT_KEY} - - OG_GITEA_SECRET=${OG_GITEA_SECRET} - - OG_GITEA_URL=${OG_GITEA_URL} - - OG_GITEA_NAME=${OG_GITEA_NAME} - - OG_CUSTOM_STATIC_LINK_0_NAME=${OG_CUSTOM_STATIC_LINK_0_NAME} - - OG_CUSTOM_STATIC_LINK_0_PATH=${OG_CUSTOM_STATIC_LINK_0_PATH} + # User and group IDs for file permissions + - UID=${UID} # User ID for file permissions + - GID=${GID} # Group ID for file permissions + + # Database connection + - OG_DB_URI=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@opengist_db:5432/${POSTGRES_DB} # PostgreSQL connection string + + # Application settings + - OG_EXTERNAL_URL=${OG_EXTERNAL_URL} # Public URL for OpenGist + - OG_SECRET_KEY=${OG_SECRET_KEY} # Encryption key for sessions + + # Git protocol configuration + - OG_HTTP_GIT_ENABLED=${OG_HTTP_GIT_ENABLED} # Enable HTTP Git access + - OG_SSH_GIT_ENABLED=${OG_SSH_GIT_ENABLED} # Enable SSH Git access + + # Gitea integration + - OG_GITEA_CLIENT_KEY=${OG_GITEA_CLIENT_KEY} # OAuth client key + - OG_GITEA_SECRET=${OG_GITEA_SECRET} # OAuth secret + - OG_GITEA_URL=${OG_GITEA_URL} # Gitea instance URL + - OG_GITEA_NAME=${OG_GITEA_NAME} # Gitea application name + + # Customization + - OG_CUSTOM_STATIC_LINK_0_NAME=${OG_CUSTOM_STATIC_LINK_0_NAME} # Custom link name + - OG_CUSTOM_STATIC_LINK_0_PATH=${OG_CUSTOM_STATIC_LINK_0_PATH} # Custom link path + + # Persistent storage configuration volumes: - ${APPDATA_PATH}/opengist/data:/opengist + + # Network configuration ports: - - ${SERVER_PORT}:6157 - - 2222:2222 + - ${SERVER_PORT}:6157 # Web interface port + - 2222:2222 # SSH port for Git operations networks: - - frontend - - backend + - frontend # Connects to frontend network + - backend # Connects to backend network +# External network definitions networks: frontend: - external: true + external: true # Uses pre-existing network backend: - external: true + external: true # Uses pre-existing network diff --git a/palmr/docker-compose.yml b/palmr/docker-compose.yml index e04f27b..a0f113f 100644 --- a/palmr/docker-compose.yml +++ b/palmr/docker-compose.yml @@ -1,22 +1,31 @@ +# Palmr File Transfer Service Configuration services: palmr: + # Basic container configuration container_name: palmr image: docker.io/kyantech/palmr:v3.1.1-beta restart: unless-stopped + + # Application settings environment: - - ENABLE_S3=${ENABLE_S3} - - ENCRYPTION_KEY=${ENCRYPTION_KEY} - - SECURE_SITE=${SECURE_SITE} - - PALMR_UID=${PUID} - - PALMR_GID=${PGID} + - ENABLE_S3=${ENABLE_S3} # Enable/Disable S3-compatible storage backend + - ENCRYPTION_KEY=${ENCRYPTION_KEY} # Data encryption key for security + - SECURE_SITE=${SECURE_SITE} # Enable/Disable HTTPS security features + - PALMR_UID=${PUID} # User ID for proper file permissions + - PALMR_GID=${PGID} # Group ID for proper file permissions + + # Persistent storage configuration volumes: - - ${APPDATA_PATH}/palmr/db:/app/server/prisma - - ${DATA_PATH}/palmr/data:/app/server + - ${APPDATA_PATH}/palmr/db:/app/server/prisma # Transfer metadata database + - ${DATA_PATH}/palmr/data:/app/server # File storage directory + + # Network configuration ports: - - ${PORT}:5487 + - ${PORT}:5487 # Web interface port networks: - - frontend + - frontend # Connects to frontend network +# External network definition networks: frontend: - external: true + external: true # Uses pre-existing network diff --git a/portainer-agent/docker-compose.yml b/portainer-agent/docker-compose.yml index 98c445e..71b4632 100644 --- a/portainer-agent/docker-compose.yml +++ b/portainer-agent/docker-compose.yml @@ -1,10 +1,16 @@ +# Portainer Agent Configuration services: portainer-agent: + # Basic container configuration container_name: portainer-agent image: docker.io/portainer/agent:latest restart: unless-stopped + + # System access configuration volumes: - - /var/run/docker.sock:/var/run/docker.sock - - /var/lib/docker/volumes:/var/lib/docker/volumes + - /var/run/docker.sock:/var/run/docker.sock # Docker API access + - /var/lib/docker/volumes:/var/lib/docker/volumes # Volume management + + # Network port configuration ports: - - 9001:9001 + - 9001:9001 # Agent communication port diff --git a/portainer/docker-compose.yml b/portainer/docker-compose.yml index 95d7bfd..c97e0b8 100644 --- a/portainer/docker-compose.yml +++ b/portainer/docker-compose.yml @@ -1,12 +1,18 @@ +# Portainer Container Management Configuration services: portainer: + # Basic container configuration container_name: portainer image: docker.io/portainer/portainer-ee:latest restart: unless-stopped + + # Persistent storage and system access configuration volumes: - - ./data:/data - - /etc/localtime:/etc/localtime:ro - - /var/run/docker.sock:/var/run/docker.sock + - ./data:/data # Portainer configuration and database + - /etc/localtime:/etc/localtime:ro # Sync host timezone + - /var/run/docker.sock:/var/run/docker.sock # Docker API access + + # Network ports configuration ports: - - 8000:8000 - - 9443:9443 + - 8000:8000 # Edge agent communication port + - 9443:9443 # Web UI HTTPS port diff --git a/radicale/docker-compose.yml b/radicale/docker-compose.yml index ad980df..05e97de 100644 --- a/radicale/docker-compose.yml +++ b/radicale/docker-compose.yml @@ -1,36 +1,53 @@ +# Radicale CalDAV/CardDAV Server Configuration services: radicale: + # Basic container configuration container_name: radicale image: docker.io/tomsquest/docker-radicale:3.5.4.0 restart: unless-stopped - init: true - read_only: true + + # Security hardening + init: true # Use init process for proper signal handling + read_only: true # Read-only filesystem for security + + # Minimal required capabilities cap_add: - - CHOWN - - KILL - - SETGID - - SETUID + - CHOWN # Required for file ownership changes + - KILL # Required for process management + - SETGID # Required for group permissions + - SETUID # Required for user permissions + + # Security restrictions cap_drop: - - ALL + - ALL # Drop all capabilities by default security_opt: - - no-new-privileges:true + - no-new-privileges:true # Prevent privilege escalation + + # Resource limits deploy: resources: limits: - memory: 256M - pids: 50 + memory: 256M # Memory limit + pids: 50 # Maximum number of processes + + # Persistent storage configuration volumes: - - ${APPDATA_PATH}/radicale/data:/data - - ${APPDATA_PATH}/radicale/config:/config:ro + - ${APPDATA_PATH}/radicale/data:/data # Calendar and contact data + - ${APPDATA_PATH}/radicale/config:/config:ro # Read-only configuration + + # Network configuration ports: - - ${PORT}:5232 + - ${PORT}:5232 # DAV service port networks: - - frontend - healthcheck: - test: curl -f http://127.0.0.1:5232 || exit 1 - interval: 30s - retries: 3 + - frontend # Connects to frontend network + # Health monitoring + healthcheck: + test: curl -f http://127.0.0.1:5232 || exit 1 # Simple HTTP check + interval: 30s # Check every 30 seconds + retries: 3 # Allow 3 failures before marking unhealthy + +# External network definition networks: frontend: - external: true + external: true # Uses pre-existing network diff --git a/stirling-pdf/docker-compose.yml b/stirling-pdf/docker-compose.yml index ad66161..5125981 100644 --- a/stirling-pdf/docker-compose.yml +++ b/stirling-pdf/docker-compose.yml @@ -1,26 +1,35 @@ +# Stirling PDF Service Configuration services: stirling-pdf: + # Basic container configuration container_name: stirling-pdf - image: ghcr.io/stirling-tools/stirling-pdf:1.0.2-fat - restart: unless-stopped + image: ghcr.io/stirling-tools/stirling-pdf:1.0.2-fat # Full-featured image + restart: unless-stopped # Auto-recover from crashes + + # Application settings environment: - - DISABLE_ADDITIONAL_FEATURES=${DISABLE_ADDITIONAL_FEATURES} - - DOCKER_ENABLE_SECURITY=${DOCKER_ENABLE_SECURITY} - - SECURITY_ENABLELOGIN=${SECURITY_ENABLELOGIN} - - LANGS=${LANGS} - - SHOW_SURVEY=false - - DISABLE_PIXEL=true + - DISABLE_ADDITIONAL_FEATURES=${DISABLE_ADDITIONAL_FEATURES} # Toggle extra features + - DOCKER_ENABLE_SECURITY=${DOCKER_ENABLE_SECURITY} # Enable security restrictions + - SECURITY_ENABLELOGIN=${SECURITY_ENABLELOGIN} # Require authentication + - LANGS=${LANGS} # Supported languages for OCR + - SHOW_SURVEY=false # Disable user surveys + - DISABLE_PIXEL=true # Disable pixel tracking + + # Persistent storage configuration volumes: - - ${APPDATA_DATA}/stirling-pdf/training_data:/usr/share/tessdata - - ${APPDATA_DATA}/stirling-pdf/config:/configs - - ${APPDATA_DATA}/stirling-pdf/custom_files:/customFiles/ - - ${APPDATA_DATA}/stirling-pdf/logs:/logs/ - - ${APPDATA_DATA}/stirling-pdf/pipeline:/pipeline/ + - ${APPDATA_DATA}/stirling-pdf/training_data:/usr/share/tessdata # OCR training data + - ${APPDATA_DATA}/stirling-pdf/config:/configs # Configuration files + - ${APPDATA_DATA}/stirling-pdf/custom_files:/customFiles/ # User uploads + - ${APPDATA_DATA}/stirling-pdf/logs:/logs/ # Application logs + - ${APPDATA_DATA}/stirling-pdf/pipeline:/pipeline/ # Processing pipelines + + # Network configuration ports: - - ${PORT}:8080 + - ${PORT}:8080 # Web interface port networks: - - frontend + - frontend # Connects to frontend network +# External network definition networks: frontend: - external: true + external: true # Uses existing Docker network diff --git a/syncyomi/docker-compose.yml b/syncyomi/docker-compose.yml index 65b8581..6147853 100644 --- a/syncyomi/docker-compose.yml +++ b/syncyomi/docker-compose.yml @@ -1,18 +1,27 @@ +# SyncYomi Configuration - Manga/Comic Reader Sync Service services: syncyomi: + # Basic container configuration container_name: syncyomi image: ghcr.io/syncyomi/syncyomi:v1.1.4 - restart: unless-stopped + restart: unless-stopped # Auto-restart on failure + + # Application settings environment: - - TZ=${TZ} + - TZ=${TZ} # Timezone for proper timestamp handling + + # Persistent storage configuration volumes: - - ${APPDATA_PATH}/syncyomi/config:/config - - ${APPDATA_PATH}/syncyomi/log:/log + - ${APPDATA_PATH}/syncyomi/config:/config # Configuration files + - ${APPDATA_PATH}/syncyomi/log:/log # Application logs + + # Network configuration ports: - - ${PORT}:8282 + - ${PORT}:8282 # Web interface port networks: - - frontend + - frontend # Connects to frontend network +# External network definition networks: frontend: - external: true + external: true # Uses existing Docker network diff --git a/uptime-kuma/docker-compose.yml b/uptime-kuma/docker-compose.yml index 0d8d81f..2f1b728 100644 --- a/uptime-kuma/docker-compose.yml +++ b/uptime-kuma/docker-compose.yml @@ -1,15 +1,22 @@ +# Uptime Kuma Configuration - Status Monitoring Service services: uptime-kuma: + # Basic container configuration container_name: uptime-kuma image: docker.io/louislam/uptime-kuma:1.23.16 - restart: unless-stopped + restart: unless-stopped # Auto-recover from crashes + + # Persistent storage configuration volumes: - - ${APPDATA_PATH}/uptime-kuma/config:/app/data + - ${APPDATA_PATH}/uptime-kuma/config:/app/data # Monitoring configuration and data + + # Network configuration ports: - - ${PORT}:3001 + - ${PORT}:3001 # Web dashboard port networks: - - frontend + - frontend # Connects to frontend network +# External network definition networks: frontend: - external: true + external: true # Uses existing Docker network diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml index 40c8243..cdd003d 100644 --- a/vaultwarden/docker-compose.yml +++ b/vaultwarden/docker-compose.yml @@ -1,53 +1,71 @@ +# Vaultwarden Configuration - (Bitwarden-compatible) Password Manager services: vaultwarden_db: + # PostgreSQL Database Configuration container_name: vaultwarden_db image: docker.io/library/postgres:17.5 - restart: unless-stopped + restart: unless-stopped # Auto-recover from crashes + + # Database credentials environment: - - POSTGRES_USER=${POSTGRES_USER} - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - - POSTGRES_DB=${POSTGRES_DB} + - POSTGRES_USER=${POSTGRES_USER} # Database username + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} # Database password + - POSTGRES_DB=${POSTGRES_DB} # Database name + + # Persistent storage configuration volumes: - - ${APPDATA_PATH}/vaultwarden/db:/var/lib/postgresql/data + - ${APPDATA_PATH}/vaultwarden/db:/var/lib/postgresql/data # Database files + + # Network configuration ports: - - ${DB_PORT}:5432 + - ${DB_PORT}:5432 # PostgreSQL default port networks: - - backend + - backend # Connects to backend network + + # Health monitoring healthcheck: - test: ["CMD-SHELL", "pg_isready -d ${POSTGRES_DB} -U ${POSTGRES_USER}"] - interval: 30s - timeout: 5s - retries: 5 - start_period: 20s + test: ["CMD-SHELL", "pg_isready -d ${POSTGRES_DB} -U ${POSTGRES_USER}"] # Connection check + interval: 30s # Check every 30 seconds + timeout: 5s # Maximum check duration + retries: 5 # Allow 5 failures before marking unhealthy + start_period: 20s # Initial grace period vaultwarden_server: container_name: vaultwarden_server - image: ghcr.io/dani-garcia/vaultwarden:1.34.1 - restart: unless-stopped + # Container configuration + image: ghcr.io/dani-garcia/vaultwarden:1.34.1 # Official Vaultwarden image + restart: unless-stopped # Auto-restart on failure depends_on: vaultwarden_db: - condition: service_healthy + condition: service_healthy # Wait for healthy database + + # Application settings environment: - - PUID=${PUID} - - PGID=${PGID} - - TZ=${TZ} - - DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@vaultwarden_db:5432/${POSTGRES_DB} - - WEBSOCKET_ENABLED=${WEBSOCKET_ENABLED} - - LOG_FILE=/data/vaultwarden.log + - PUID=${PUID} # User ID for file permissions + - PGID=${PGID} # Group ID for file permissions + - TZ=${TZ} # Timezone configuration + - DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@vaultwarden_db:5432/${POSTGRES_DB} # DB connection + - WEBSOCKET_ENABLED=${WEBSOCKET_ENABLED} # Real-time updates + - LOG_FILE=/data/vaultwarden.log # Log file location # Uncomment and set these only on first run - # - DOMAIN=${DOMAIN} - # - SIGNUPS_ALLOWED=${SIGNUPS_ALLOWED} - # - ADMIN_TOKEN=${ADMIN_TOKEN} + # - DOMAIN=${DOMAIN} # Domain Name + # - SIGNUPS_ALLOWED=${SIGNUPS_ALLOWED} # User registration + # - ADMIN_TOKEN=${ADMIN_TOKEN} # Admin interface access token + + # Persistent storage configuration volumes: - - ${APPDATA_PATH}/vaultwarden/data:/data + - ${APPDATA_PATH}/vaultwarden/data:/data # Vault data storage + + # Network configuration ports: - - ${SERVER_PORT}:80 + - ${SERVER_PORT}:80 # Web interface port networks: - - frontend - - backend + - frontend # Connects to frontend network + - backend # Connects to backend network +# External network definitions networks: frontend: - external: true + external: true # Uses existing frontend network backend: - external: true + external: true # Uses existing backend network