adrien/Selfhosted-config
1
0
Fork 0
Code Actions

Removed useless quote and fix some indent

Browse Source
This commit is contained in:
Adrien Bouvais 2025-06-30 21:36:09 +00:00
parent 6eb8b29716
commit 9233278247
6 changed files with 181 additions and 194 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

107
apps.yml
View File

@ -1,17 +1,4 @@
services: services:
#memos:
# image: neosmemo/memos:stable
# container_name: memos
# restart: unless-stopped
# volumes:
# - "./hdd0/memos:/var/opt/memos"
# labels:
# - "traefik.enable=true"
# - "traefik.http.routers.memos.rule=Host(`notes.bouvais.lu`)"
# - "traefik.http.routers.memos.entrypoints=websecure"
# - "traefik.http.routers.memos.tls.certresolver=myresolver"
# - "traefik.http.services.memos.loadbalancer.server.port=5230"
jellyfin: jellyfin:
image: jellyfin/jellyfin image: jellyfin/jellyfin
container_name: jellyfin container_name: jellyfin
@ -20,17 +7,17 @@ services:
- '107' #render - '107' #render
- '44' #video - '44' #video
volumes: volumes:
- "./cache/jellyfin/cache:/cache" - ./cache/jellyfin/cache:/cache
- "./hdd0/jellyfin/config:/config" - ./hdd0/jellyfin/config:/config
- type: bind - type: bind
source: ./hdd0/media source: ./hdd0/media
target: /media target: /media
labels: labels:
- "traefik.enable=true" - traefik.enable=true
- "traefik.http.routers.jellyfin.rule=Host(`jellyfin.bouvais.lu`)" - traefik.http.routers.jellyfin.rule=Host(`jellyfin.bouvais.lu`)
- "traefik.http.routers.jellyfin.entrypoints=websecure" - traefik.http.routers.jellyfin.entrypoints=websecure
- "traefik.http.routers.jellyfin.tls.certresolver=myresolver" - traefik.http.routers.jellyfin.tls.certresolver=myresolver
- "traefik.http.services.jellyfin.loadbalancer.server.port=8096" - traefik.http.services.jellyfin.loadbalancer.server.port=8096
filebrowser: filebrowser:
image: filebrowser/filebrowser:latest image: filebrowser/filebrowser:latest
@ -40,52 +27,52 @@ services:
TZ: Europe/Luxembourg TZ: Europe/Luxembourg
FB_BASEURL: / FB_BASEURL: /
volumes: volumes:
- "./config/filebrowser/filebrowser.json:/.filebrowser.json" - ./config/filebrowser/filebrowser.json:/.filebrowser.json
- "./hdd0/filebrowser/filebrowser.db:/database.db" - ./hdd0/filebrowser/filebrowser.db:/database.db
- "./hdd0/my_files:/srv" - ./hdd0/my_files:/srv
labels: labels:
- "traefik.enable=true" - traefik.enable=true
- "traefik.http.routers.filebrowser.rule=Host(`files.bouvais.lu`)" - traefik.http.routers.filebrowser.rule=Host(`files.bouvais.lu`)
- "traefik.http.routers.filebrowser.entrypoints=websecure" - traefik.http.routers.filebrowser.entrypoints=websecure
- "traefik.http.routers.filebrowser.tls.certresolver=myresolver" - traefik.http.routers.filebrowser.tls.certresolver=myresolver
- "traefik.http.services.filebrowser.loadbalancer.server.port=80" - traefik.http.services.filebrowser.loadbalancer.server.port=80
actualbudget: actualbudget:
image: actualbudget/actual-server:latest image: actualbudget/actual-server:latest
container_name: actualbudget container_name: actualbudget
restart: unless-stopped restart: unless-stopped
volumes: volumes:
- "./hdd0/actualbudget:/data" - ./hdd0/actualbudget:/data
environment: environment:
- TZ=Europe/Luxembourg - TZ=Europe/Luxembourg
labels: labels:
- "traefik.enable=true" - traefik.enable=true
- "traefik.http.routers.actualbudget.rule=Host(`budget.bouvais.lu`)" - traefik.http.routers.actualbudget.rule=Host(`budget.bouvais.lu`)
- "traefik.http.routers.actualbudget.entrypoints=websecure" - traefik.http.routers.actualbudget.entrypoints=websecure
- "traefik.http.routers.actualbudget.tls.certresolver=myresolver" - traefik.http.routers.actualbudget.tls.certresolver=myresolver
- "traefik.http.services.actualbudget.loadbalancer.server.port=5006" - traefik.http.services.actualbudget.loadbalancer.server.port=5006
vaultwarden: vaultwarden:
image: vaultwarden/server:1.33.2 image: vaultwarden/server:1.33.2
container_name: vaultwarden container_name: vaultwarden
restart: unless-stopped restart: unless-stopped
environment: environment:
DOMAIN: "https://vault.bouvais.lu" DOMAIN: https://vault.bouvais.lu
SIGNUPS_ALLOWED: false SIGNUPS_ALLOWED: false
volumes: volumes:
- "./hdd0/vaultwarden:/data/" - ./hdd0/vaultwarden:/data/
labels: labels:
- "traefik.enable=true" - traefik.enable=true
- "traefik.http.services.my-vaultwarden-service.loadbalancer.server.port=80" - traefik.http.services.my-vaultwarden-service.loadbalancer.server.port=80
- "traefik.http.routers.vaultwarden.rule=Host(`vault.bouvais.lu`)" - traefik.http.routers.vaultwarden.rule=Host(`vault.bouvais.lu`)
- "traefik.http.routers.vaultwarden.entrypoints=websecure" - traefik.http.routers.vaultwarden.entrypoints=websecure
- "traefik.http.routers.vaultwarden.tls.certresolver=myresolver" - traefik.http.routers.vaultwarden.tls.certresolver=myresolver
- "traefik.http.routers.vaultwarden.service=my-vaultwarden-service@docker" - traefik.http.routers.vaultwarden.service=my-vaultwarden-service@docker
- "traefik.http.routers.vaultwarden-admin.rule=Host(`vault.bouvais.lu`) && PathPrefix(`/admin`)" - traefik.http.routers.vaultwarden-admin.rule=Host(`vault.bouvais.lu`) && PathPrefix(`/admin`)
- "traefik.http.routers.vaultwarden-admin.entrypoints=websecure" - traefik.http.routers.vaultwarden-admin.entrypoints=websecure
- "traefik.http.routers.vaultwarden-admin.tls.certresolver=myresolver" - traefik.http.routers.vaultwarden-admin.tls.certresolver=myresolver
- "traefik.http.routers.vaultwarden-admin.middlewares=auth@docker" - traefik.http.routers.vaultwarden-admin.middlewares=auth@docker
- "traefik.http.routers.vaultwarden-admin.service=my-vaultwarden-service@docker" - traefik.http.routers.vaultwarden-admin.service=my-vaultwarden-service@docker
siyuan: siyuan:
image: b3log/siyuan image: b3log/siyuan
@ -93,17 +80,17 @@ services:
command: ['--workspace=/siyuan/workspace/'] command: ['--workspace=/siyuan/workspace/']
volumes: volumes:
- /siyuan/workspace:/siyuan/workspace - /siyuan/workspace:/siyuan/workspace
- "./hdd0/siyuan/workspace:/siyuan/workspace" - ./hdd0/siyuan/workspace:/siyuan/workspace
restart: unless-stopped restart: unless-stopped
environment: environment:
- TZ=Europe/Luxembourg - TZ=Europe/Luxembourg
- SIYUAN_ACCESS_AUTH_CODE=${SIYUAN_ACCESS_AUTH_CODE} - SIYUAN_ACCESS_AUTH_CODE=${SIYUAN_ACCESS_AUTH_CODE}
labels: labels:
- "traefik.enable=true" - traefik.enable=true
- "traefik.http.routers.siyuan.rule=Host(`notes.bouvais.lu`)" - traefik.http.routers.siyuan.rule=Host(`notes.bouvais.lu`)
- "traefik.http.routers.siyuan.entrypoints=websecure" - traefik.http.routers.siyuan.entrypoints=websecure
- "traefik.http.routers.siyuan.tls.certresolver=myresolver" - traefik.http.routers.siyuan.tls.certresolver=myresolver
- "traefik.http.services.siyuan.loadbalancer.server.port=6806" - traefik.http.services.siyuan.loadbalancer.server.port=6806
libreoffice: libreoffice:
image: lscr.io/linuxserver/libreoffice:latest image: lscr.io/linuxserver/libreoffice:latest
@ -115,14 +102,14 @@ services:
- PASSWORD=${MASTER_PASSWORD} - PASSWORD=${MASTER_PASSWORD}
- TZ=Europe/Luxembourg - TZ=Europe/Luxembourg
ports: ports:
- "3000:3000" - 3000:3000
- "3001:3001" - 3001:3001
volumes: volumes:
- ./hdd0/libreoffice:/config - ./hdd0/libreoffice:/config
restart: unless-stopped restart: unless-stopped
labels: labels:
- "traefik.enable=true" - traefik.enable=true
- "traefik.http.routers.libreoffice.rule=Host(`libreoffice.bouvais.lu`)" - traefik.http.routers.libreoffice.rule=Host(`libreoffice.bouvais.lu`)
- "traefik.http.routers.libreoffice.entrypoints=websecure" - traefik.http.routers.libreoffice.entrypoints=websecure
- "traefik.http.routers.libreoffice.tls.certresolver=myresolver" - traefik.http.routers.libreoffice.tls.certresolver=myresolver
- "traefik.http.services.libreoffice.loadbalancer.server.port=3000" - traefik.http.services.libreoffice.loadbalancer.server.port=3000

10
developer.yml
View File

@ -1,15 +1,15 @@
services: services:
gitea: gitea:
image: "docker.gitea.com/gitea:1.23.8" image: docker.gitea.com/gitea:1.23.8
container_name: gitea container_name: gitea
restart: unless-stopped restart: unless-stopped
environment: environment:
- GITEA_CUSTOM=/etc/gitea - GITEA_CUSTOM=/etc/gitea
volumes: volumes:
- "./hdd0/gitea:/data" - ./hdd0/gitea:/data
- "./config/gitea:/etc/gitea" - ./config/gitea:/etc/gitea
- "/etc/timezone:/etc/timezone:ro" - /etc/timezone:/etc/timezone:ro
- "/etc/localtime:/etc/localtime:ro" - /etc/localtime:/etc/localtime:ro
labels: labels:
- traefik.enable=true - traefik.enable=true
# HTTP/S # HTTP/S

178
docker-compose.yml
View File

@ -7,29 +7,29 @@ include:
services: services:
traefik: traefik:
image: "traefik:v3.4" image: traefik:v3.4
container_name: "traefik" container_name: traefik
restart: unless-stopped restart: unless-stopped
command: command:
# HTTPS TSL stuff # HTTPS TSL stuff
- "--providers.docker=true" - --providers.docker=true
- "--providers.docker.exposedbydefault=false" - --providers.docker.exposedbydefault=false
- "--entryPoints.websecure.address=:443" - --entryPoints.websecure.address=:443
- "--certificatesresolvers.myresolver.acme.tlschallenge=true" - --certificatesresolvers.myresolver.acme.tlschallenge=true
- "--certificatesresolvers.myresolver.acme.email=adrien.bouvais.pro@gmail.com" - --certificatesresolvers.myresolver.acme.email=adrien.bouvais.pro@gmail.com
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" # Relative path on SSD - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
# Enable Traefik API and Dashboard (securely) # Enable Traefik API and Dashboard (securely)
- "--api.dashboard=true" - --api.dashboard=true
- "--metrics.prometheus=true" - --metrics.prometheus=true
- "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0" - --metrics.prometheus.buckets=0.1,0.3,1.2,5.0
- "--entryPoints.ssh.address=:2101" - --entryPoints.ssh.address=:2101
- "--entrypoints.web.transport.respondingTimeouts.readTimeout=180m" - --entrypoints.web.transport.respondingTimeouts.readTimeout=180m
- "--entrypoints.websecure.transport.respondingTimeouts.readTimeout=180m" - --entrypoints.websecure.transport.respondingTimeouts.readTimeout=180m
# Logs - Traefik will write its logs to /logs within the container, which maps to /data/logs on host # Logs - Traefik will write its logs to /logs within the container, which maps to /data/logs on host
- "--accesslog=true" - --accesslog=true
- "--accesslog.format=json" - --accesslog.format=json
- "--accesslog.filepath=/logs/access.log" - --accesslog.filepath=/logs/access.log
- "--accesslog.bufferingSize=0" - --accesslog.bufferingSize=0
ports: ports:
- target: 443 - target: 443
published: 443 published: 443
@ -40,30 +40,30 @@ services:
protocol: tcp protocol: tcp
mode: host mode: host
volumes: volumes:
- "./letsencrypt:/letsencrypt" - ./letsencrypt:/letsencrypt
- "/var/run/docker.sock:/var/run/docker.sock:ro" - /var/run/docker.sock:/var/run/docker.sock:ro
- "./config/users.cred:/users.cred" - ./config/users.cred:/users.cred
- "./hdd0/logs:/logs" - ./hdd0/logs:/logs
labels: labels:
- "traefik.enable=true" - traefik.enable=true"
# Dashboard Router # Dashboard Router
- "traefik.http.routers.dashboard.rule=Host(`traefik.bouvais.lu`)" - traefik.http.routers.dashboard.rule=Host(`traefik.bouvais.lu`)
- "traefik.http.routers.dashboard.entrypoints=websecure" - traefik.http.routers.dashboard.entrypoints=websecure
- "traefik.http.routers.dashboard.service=api@internal" - traefik.http.routers.dashboard.service=api@internal
- "traefik.http.routers.dashboard.middlewares=auth@docker" - traefik.http.routers.dashboard.middlewares=auth@docker
- "traefik.http.routers.dashboard.tls.certresolver=myresolver" - traefik.http.routers.dashboard.tls.certresolver=myresolver
# Traefik Middleware # Traefik Middleware
- "traefik.http.middlewares.auth.basicauth.usersfile=/users.cred" - traefik.http.middlewares.auth.basicauth.usersfile=/users.cred
- "traefik.http.middlewares.ratelimit.ratelimit.average=20" - traefik.http.middlewares.ratelimit.ratelimit.average=20
- "traefik.http.middlewares.ratelimit.ratelimit.burst=40" - traefik.http.middlewares.ratelimit.ratelimit.burst=40
# bouvais.lu redirection # bouvais.lu redirection
- "traefik.http.routers.bouvais-redirect.rule=Host(`bouvais.lu`)" - traefik.http.routers.bouvais-redirect.rule=Host(`bouvais.lu`)
- "traefik.http.routers.bouvais-redirect.entrypoints=websecure" - traefik.http.routers.bouvais-redirect.entrypoints=websecure
- "traefik.http.routers.bouvais-redirect.middlewares=redirect-to-gitea@docker" - traefik.http.routers.bouvais-redirect.middlewares=redirect-to-gitea@docker
- "traefik.http.routers.bouvais-redirect.tls.certresolver=myresolver" - traefik.http.routers.bouvais-redirect.tls.certresolver=myresolver
- "traefik.http.middlewares.redirect-to-gitea.redirectregex.regex=^https?://(www\\.)?bouvais\\.lu(.*)" - traefik.http.middlewares.redirect-to-gitea.redirectregex.regex=^https?://(www\\.)?bouvais\\.lu(.*)
- "traefik.http.middlewares.redirect-to-gitea.redirectregex.replacement=https://git.bouvais.lu$${2}" - traefik.http.middlewares.redirect-to-gitea.redirectregex.replacement=https://git.bouvais.lu$${2}
- "traefik.http.middlewares.redirect-to-gitea.redirectregex.permanent=true" - traefik.http.middlewares.redirect-to-gitea.redirectregex.permanent=true
fail2ban: fail2ban:
image: crazymax/fail2ban:1.1.0 image: crazymax/fail2ban:1.1.0
@ -74,11 +74,11 @@ services:
- NET_RAW - NET_RAW
network_mode: host network_mode: host
volumes: volumes:
- "./hdd0/fail2ban/data:/data" - ./hdd0/fail2ban/data:/data
- "./hdd0/fail2ban/log:/var/log" - ./hdd0/fail2ban/log:/var/log
- "./hdd0/logs:/logs:ro" - ./hdd0/logs:/logs:ro
- "/etc/localtime:/etc/localtime:ro" - /etc/localtime:/etc/localtime:ro
- "/etc/timezone:/etc/timezone:ro" - /etc/timezone:/etc/timezone:ro
environment: environment:
- F2B_IPTABLES_CHAIN=DOCKER-USER - F2B_IPTABLES_CHAIN=DOCKER-USER
@ -87,55 +87,55 @@ services:
container_name: kopia container_name: kopia
restart: unless-stopped restart: unless-stopped
command: command:
- server - server
- start - start
- --insecure - --insecure
- --address=0.0.0.0:51515 - --address=0.0.0.0:51515
- --server-username=adrien - --server-username=adrien
- --server-password=${MASTER_PASSWORD} - --server-password=${MASTER_PASSWORD}
environment: environment:
KOPIA_PASSWORD: ${MASTER_PASSWORD} - KOPIA_PASSWORD=${MASTER_PASSWORD}
USER: "adrien" - USER=adrien
volumes: volumes:
- ./config/kopia:/app/config - ./config/kopia:/app/config
- ./cache/kopia:/app/cache - ./cache/kopia:/app/cache
- ./hdd0/logs/:/app/logs - ./hdd0/logs/:/app/logs
- ./hdd0:/hdd0 - ./hdd0:/hdd0
- ./hdd0_backups/kopia/dir:/repository - ./hdd0_backups/kopia/dir:/repository
- ./hdd0_backups/kopia/shared:/tmp:shared - ./hdd0_backups/kopia/shared:/tmp:shared
labels: labels:
- "traefik.enable=true" - traefik.enable=true
- "traefik.http.routers.kopia.rule=Host(`kopia.bouvais.lu`)" - traefik.http.routers.kopia.rule=Host(`kopia.bouvais.lu`)
- "traefik.http.routers.kopia.entrypoints=websecure" - traefik.http.routers.kopia.entrypoints=websecure
- "traefik.http.routers.kopia.tls.certresolver=myresolver" - traefik.http.routers.kopia.tls.certresolver=myresolver
- "traefik.http.services.kopia.loadbalancer.server.port=51515" - traefik.http.services.kopia.loadbalancer.server.port=51515
kopia-gcp: kopia-gcp:
image: kopia/kopia:latest image: kopia/kopia:latest
container_name: kopia-gcp container_name: kopia-gcp
restart: unless-stopped restart: unless-stopped
command: command:
- server - server
- start - start
- --insecure - --insecure
- --address=0.0.0.0:51516 - --address=0.0.0.0:51516
- --server-username=adrien - --server-username=adrien
- --server-password=${MASTER_PASSWORD} - --server-password=${MASTER_PASSWORD}
environment: environment:
KOPIA_PASSWORD: ${MASTER_PASSWORD} KOPIA_PASSWORD: ${MASTER_PASSWORD}
USER: "adrien" USER: "adrien"
volumes: volumes:
- ./config/kopia-gcp:/app/config - ./config/kopia-gcp:/app/config
- ./cache/kopia-gcp:/app/cache - ./cache/kopia-gcp:/app/cache
- ./hdd0/logs/gcp:/app/logs - ./hdd0/logs/gcp:/app/logs
- ./hdd0:/hdd0 - ./hdd0:/hdd0
- ./kopia-gcp-key.json:/cred.json - ./kopia-gcp-key.json:/cred.json
labels: labels:
- "traefik.enable=true" - traefik.enable=true
- "traefik.http.routers.kopia_gcp.rule=Host(`kopia-gcp.bouvais.lu`)" - traefik.http.routers.kopia_gcp.rule=Host(`kopia-gcp.bouvais.lu`)
- "traefik.http.routers.kopia_gcp.entrypoints=websecure" - traefik.http.routers.kopia_gcp.entrypoints=websecure
- "traefik.http.routers.kopia_gcp.tls.certresolver=myresolver" - traefik.http.routers.kopia_gcp.tls.certresolver=myresolver
- "traefik.http.services.kopia_gcp.loadbalancer.server.port=51516" - traefik.http.services.kopia_gcp.loadbalancer.server.port=51516
minio: minio:
image: minio/minio:latest image: minio/minio:latest
@ -148,17 +148,17 @@ services:
volumes: volumes:
- ./hdd0/minio_data:/data - ./hdd0/minio_data:/data
labels: labels:
- "traefik.enable=true" - traefik.enable=true"
# Router and service for the MinIO API # Router and service for the MinIO API
- "traefik.http.routers.minio-api.rule=Host(`minio-api.bouvais.lu`)" - traefik.http.routers.minio-api.rule=Host(`minio-api.bouvais.lu`)
- "traefik.http.routers.minio-api.entrypoints=websecure" - traefik.http.routers.minio-api.entrypoints=websecure
- "traefik.http.routers.minio-api.tls.certresolver=myresolver" - traefik.http.routers.minio-api.tls.certresolver=myresolver
- "traefik.http.services.minio-api-service.loadbalancer.server.port=9000" - traefik.http.services.minio-api-service.loadbalancer.server.port=9000
- "traefik.http.routers.minio-api.service=minio-api-service" - traefik.http.routers.minio-api.service=minio-api-service
# Router and service for the MinIO Console (WebUI) # Router and service for the MinIO Console (WebUI)
- "traefik.http.routers.minio-console.rule=Host(`minio-console.bouvais.lu`)" - traefik.http.routers.minio-console.rule=Host(`minio-console.bouvais.lu`)
- "traefik.http.routers.minio-console.entrypoints=websecure" - traefik.http.routers.minio-console.entrypoints=websecure
- "traefik.http.routers.minio-console.tls.certresolver=myresolver" - traefik.http.routers.minio-console.tls.certresolver=myresolver
- "traefik.http.services.minio-console-service.loadbalancer.server.port=9001" - traefik.http.services.minio-console-service.loadbalancer.server.port=9001
- "traefik.http.routers.minio-console.service=minio-console-service" - traefik.http.routers.minio-console.service=minio-console-service

12
llm.yml
View File

@ -6,11 +6,11 @@ services:
volumes: volumes:
- ./hdd0/openwebui:/app/backend/data - ./hdd0/openwebui:/app/backend/data
labels: labels:
- "traefik.enable=true" - traefik.enable=true
- "traefik.http.routers.openwebui.rule=Host(`openwebui.bouvais.lu`)" - traefik.http.routers.openwebui.rule=Host(`openwebui.bouvais.lu`)
- "traefik.http.routers.openwebui.entrypoints=websecure" - traefik.http.routers.openwebui.entrypoints=websecure
- "traefik.http.routers.openwebui.tls.certresolver=myresolver" - traefik.http.routers.openwebui.tls.certresolver=myresolver
- "traefik.http.services.openwebui.loadbalancer.server.port=8080" - traefik.http.services.openwebui.loadbalancer.server.port=8080
environment: environment:
OLLAMA_BASE_URLS: http://ollama:11434 OLLAMA_BASE_URLS: http://ollama:11434
@ -32,6 +32,6 @@ services:
container_name: openwebui-pipelines container_name: openwebui-pipelines
restart: unless-stopped restart: unless-stopped
ports: ports:
- "9099:9099" - 9099:9099
volumes: volumes:
- ./hdd0/openwebui-pipelines:/app/pipelines - ./hdd0/openwebui-pipelines:/app/pipelines

48
monitoring.yml
View File

@ -9,19 +9,19 @@ services:
- ./config/prometheus:/etc/prometheus - ./config/prometheus:/etc/prometheus
- ./hdd0/prometheus:/prometheus - ./hdd0/prometheus:/prometheus
command: command:
- '--config.file=/etc/prometheus/prometheus.yml' - --config.file=/etc/prometheus/prometheus.yml
- '--storage.tsdb.path=/prometheus' - --storage.tsdb.path=/prometheus
- '--web.console.libraries=/usr/share/prometheus/console_libraries' - --web.console.libraries=/usr/share/prometheus/console_libraries
- '--web.console.templates=/usr/share/prometheus/consoles' - --web.console.templates=/usr/share/prometheus/consoles
- '--web.enable-lifecycle' - --web.enable-lifecycle
labels: labels:
- "traefik.enable=true" - traefik.enable=true
- "traefik.http.routers.prometheus.rule=Host(`prometheus.bouvais.lu`)" - traefik.http.routers.prometheus.rule=Host(`prometheus.bouvais.lu`)
- "traefik.http.routers.prometheus.entrypoints=websecure" - traefik.http.routers.prometheus.entrypoints=websecure
- "traefik.http.routers.prometheus.tls.certresolver=myresolver" - traefik.http.routers.prometheus.tls.certresolver=myresolver
- "traefik.http.routers.prometheus.service=prometheus" - traefik.http.routers.prometheus.service=prometheus
- "traefik.http.services.prometheus.loadbalancer.server.port=9090" - traefik.http.services.prometheus.loadbalancer.server.port=9090
- "traefik.http.routers.prometheus.middlewares=auth@docker" - traefik.http.routers.prometheus.middlewares=auth@docker
depends_on: depends_on:
- cadvisor - cadvisor
- node-exporter - node-exporter
@ -39,13 +39,13 @@ services:
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_MY_PASSWORD} - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_MY_PASSWORD}
- GF_SERVER_ROOT_URL=https://grafana.bouvais.lu - GF_SERVER_ROOT_URL=https://grafana.bouvais.lu
labels: labels:
- "traefik.enable=true" - traefik.enable=true"
- "traefik.http.routers.grafana.rule=Host(`grafana.bouvais.lu`)" - traefik.http.routers.grafana.rule=Host(`grafana.bouvais.lu`)
- "traefik.http.routers.grafana.entrypoints=websecure" - traefik.http.routers.grafana.entrypoints=websecure
- "traefik.http.routers.grafana.tls.certresolver=myresolver" - traefik.http.routers.grafana.tls.certresolver=myresolver
- "traefik.http.routers.grafana.service=grafana" - traefik.http.routers.grafana.service=grafana
- "traefik.http.services.grafana.loadbalancer.server.port=3000" - traefik.http.services.grafana.loadbalancer.server.port=3000
- "traefik.http.routers.grafana.middlewares=auth@docker" - traefik.http.routers.grafana.middlewares=auth@docker
depends_on: depends_on:
- prometheus - prometheus
@ -73,16 +73,16 @@ services:
- /sys:/host/sys:ro - /sys:/host/sys:ro
- /:/rootfs:ro - /:/rootfs:ro
command: command:
- '--path.procfs=/host/proc' - --path.procfs=/host/proc
- '--path.sysfs=/host/sys' - --path.sysfs=/host/sys
- '--path.rootfs=/rootfs' - --path.rootfs=/rootfs
- '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)' - --collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)
nvidia-gpu-exporter: nvidia-gpu-exporter:
image: utkuozdemir/nvidia_gpu_exporter:1.3.1 image: utkuozdemir/nvidia_gpu_exporter:1.3.1
container_name: nvidia-gpu-exporter container_name: nvidia-gpu-exporter
restart: unless-stopped restart: unless-stopped
privileged: true # This might be needed for full access to devices, or try without first privileged: true
devices: devices:
- /dev/nvidia0:/dev/nvidia0 - /dev/nvidia0:/dev/nvidia0
volumes: volumes:

20
vms.yml
View File

@ -13,11 +13,11 @@ services:
-W -W
bash bash
labels: labels:
- "traefik.enable=true" - traefik.enable=true
- "traefik.http.routers.arch.rule=Host(`arch.bouvais.lu`)" - traefik.http.routers.arch.rule=Host(`arch.bouvais.lu`)
- "traefik.http.routers.arch.entrypoints=websecure" - traefik.http.routers.arch.entrypoints=websecure
- "traefik.http.routers.arch.tls.certresolver=myresolver" - traefik.http.routers.arch.tls.certresolver=myresolver
- "traefik.http.services.arch.loadbalancer.server.port=7681" - traefik.http.services.arch.loadbalancer.server.port=7681
deploy: deploy:
resources: resources:
limits: limits:
@ -41,11 +41,11 @@ services:
-W -W
bash bash
labels: labels:
- "traefik.enable=true" - traefik.enable=true
- "traefik.http.routers.arch_gpu.rule=Host(`arch-gpu.bouvais.lu`)" - traefik.http.routers.arch_gpu.rule=Host(`arch-gpu.bouvais.lu`)
- "traefik.http.routers.arch_gpu.entrypoints=websecure" - traefik.http.routers.arch_gpu.entrypoints=websecure
- "traefik.http.routers.arch_gpu.tls.certresolver=myresolver" - traefik.http.routers.arch_gpu.tls.certresolver=myresolver
- "traefik.http.services.arch_gpu.loadbalancer.server.port=7682" - traefik.http.services.arch_gpu.loadbalancer.server.port=7682
deploy: deploy:
resources: resources:
limits: limits: