dogeystamp/homeserver-iac
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
main
homeserver-iac/roles/containers/templates/docker-compose.yml.j2

141 lines
3.9 KiB
Django/Jinja
Raw Permalink Blame History

# vim: ft=yaml
# docker doesn't play well with the firewall, so i have it listen on 127.0.0.1
# and have haproxy expose it publicly (won't disrespect firewall rules)
---
networks:
gitea:
driver: bridge
navidrome:
driver: bridge
services:
{% if "gitea" in group_names %}
gitea:
container_name: gitea
image: gitea/gitea:latest
environment:
- USER=gitea
- USER_UID={{ user_gitea.uid }}
- USER_GID={{ user_gitea.group }}
- GITEA__service__DISABLE_REGISTRATION=true
- GITEA__server__DOMAIN={{ gitea_domain }}
- GITEA__server__SSH_DOMAIN={{ gitea_domain }}
ports:
- "127.0.0.1:3000:3000"
- "127.0.0.1:2498:22"
restart: unless-stopped
volumes:
- {{ dataroot }}/gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
networks:
- gitea
{% endif %}
{% if "syncthing" in group_names %}
syncthing:
network_mode: host
container_name: syncthing
image: syncthing/syncthing
environment:
- PUID={{ user_syncthing.uid }}
- PGID={{ user_syncthing.group }}
restart: unless-stopped
volumes:
- {{ vault_path }}/:/vault
- {{ archive_path }}/:/vault_a
- {{ syncthing_conf_dir }}/:/var/syncthing/config
- "{{ music_path }}:/music"
- "{{ dataroot }}/paperless/consume:/paperless"
{% endif %}
{% if "navidrome" in group_names %}
navidrome:
container_name: navidrome
image: ghcr.io/navidrome/navidrome:latest
user: {{ user_navidrome.uid }}:{{ user_navidrome.group }}
environment:
ND_LISTENBRAINZ_ENABLED: true
ND_ENABLESHARING: {{ navidrome_sharing | default("false", true) }}
ND_SESSIONTIMEOUT: "168h"
restart: unless-stopped
volumes:
- "{{ dataroot }}/navidrome:/data"
- "{{ music_path }}/:/music:ro"
networks:
- navidrome
ports:
- "127.0.0.1:4533:4533"
{% endif %}
{% if "synapse" in group_names %}
synapse:
container_name: synapse
image: matrixdotorg/synapse:latest
user: {{ user_synapse.uid }}:{{ user_synapse.group }}
environment:
SYNAPSE_CONFIG_PATH: /data/homeserver.yaml
restart: unless-stopped
volumes:
- "{{ dataroot }}/synapse/media_store:/data/media_store"
- "{{ dataroot }}/synapse/data:/data"
networks:
- navidrome
ports:
- "127.0.0.1:8008:8008/tcp"
{% endif %}
{% if "paperless" in group_names %}
paperless-broker:
container_name: paperless-broker
image: docker.io/library/redis:7
restart: unless-stopped
volumes:
- redisdata:/data
paperless-web:
container_name: paperless-web
image: ghcr.io/paperless-ngx/paperless-ngx:latest
restart: unless-stopped
depends_on:
- paperless-broker
ports:
- "127.0.0.1:8000:8000"
healthcheck:
test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8000"]
interval: 30s
timeout: 10s
retries: 5
volumes:
- "{{ dataroot }}/paperless/data:/usr/src/paperless/data"
- "{{ dataroot }}/paperless/media:/usr/src/paperless/media"
- paperless-export:/usr/src/paperless/export
- "{{ dataroot }}/paperless/consume:/usr/src/paperless/consume"
env_file: paperless.env
environment:
USERMAP_UID: "{{ user_paperless.uid }}"
# it gets the vault group because otherwise syncthing can't read the consume dir
USERMAP_GID: "{{ user_syncthing.group }}"
PAPERLESS_REDIS: redis://paperless-broker:6379
PAPERLESS_URL: "https://{{ paperless_domain }}"
PAPERLESS_USE_X_FORWARD_HOST: true
PAPERLESS_USE_X_FORWARD_PORT: true
PAPERLESS_OCR_USER_ARGS: '{"continue_on_soft_render_error": true}'
PAPERLESS_OCR_PAGES: 1
PAPERLESS_TASK_WORKERS: 2
PAPERLESS_THREADS_PER_WORKER: 2
PAPERLESS_WEBSERVER_WORKERS: 1
PAPERLESS_ENABLE_NLTK: false
{% endif %}
{% if "paperless" in group_names %}
volumes:
redisdata:
paperless-export:
{% endif %}
Reference in New Issue View Git Blame Copy Permalink