adrien/Selfhosted-config
1
0
Fork 0
Code Actions

Compare commits

base: adrien:3ccda644e2c7edcdd0a1b707e668f7aed6f2b73d
Branches Tags
adrien:main
..
compare: adrien:2c3fd2379c2c55f0cadd6ebeb5481ed5bb569d76
Branches Tags
adrien:main

No commits in common. "3ccda644e2c7edcdd0a1b707e668f7aed6f2b73d" and "2c3fd2379c2c55f0cadd6ebeb5481ed5bb569d76" have entirely different histories.
3ccda644e2 ... 2c3fd2379c

7 changed files with 89 additions and 194 deletions
Show Stats Expand all files Collapse all files

21
Dockerfile.arch-ttyd-cpu → Dockerfile.arch-ttyd
View File

@ -9,6 +9,7 @@ RUN pacman -Syu --noconfirm && \
vim \ vim \
nvim \ nvim \
nano \ nano \
htop \
lazygit \ lazygit \
ttyd \ ttyd \
sudo \ sudo \
@ -16,28 +17,24 @@ RUN pacman -Syu --noconfirm && \
net-tools \ net-tools \
iputils \ iputils \
bind-tools \ bind-tools \
unzip \
yazi \
go \
zig \
ripgrep \
openssh && \ openssh && \
pacman -Scc --noconfirm pacman -Scc --noconfirm
# Create a workspace directory # Create a workspace directory
RUN mkdir -p /data RUN mkdir -p /data
# Create entrypoint script
RUN echo '#!/bin/bash' > /entrypoint.sh && \
echo 'chmod 600 /root/.ssh/id_rsa' >> /entrypoint.sh && \
echo 'exec ttyd -c $TTYD_USERNAME:$TTYD_PASSWORD -W -p 7681 bash' >> /entrypoint.sh && \
chmod +x /entrypoint.sh
# Install Astronvim # Install Astronvim
RUN git clone --depth 1 https://github.com/AstroNvim/template ~/.config/nvim && \ RUN git clone --depth 1 https://github.com/AstroNvim/template ~/.config/nvim && \
rm -rf ~/.config/nvim/.git rm -rf ~/.config/nvim/.git
# Setup Git
RUN git config --global user.email "git@bouvais.lu"
RUN git config --global user.name "adrien"
# Add Gopls
RUN go install golang.org/x/tools/gopls@latest
WORKDIR /data WORKDIR /data
EXPOSE 7681 EXPOSE 7681
ENTRYPOINT ["/entrypoint.sh"]

8
Dockerfile.arch-ttyd-gpu
View File

@ -1,8 +0,0 @@
FROM registry.bouvais.lu/vms/arch-ttyd-cpu:1.0.0
RUN pacman -Syu --noconfirm && \
pacman -S --noconfirm \
nvidia \
cuda \
nvidia-utils && \
pacman -Scc --noconfirm

88
developer.yml
View File

@ -1,88 +0,0 @@
services:
gitea:
image: "docker.gitea.com/gitea:1.23.8"
container_name: gitea
restart: unless-stopped
environment:
- GITEA_CUSTOM=/etc/gitea
volumes:
- "./hdd0/gitea:/data"
- "./config/gitea:/etc/gitea"
- "/etc/timezone:/etc/timezone:ro"
- "/etc/localtime:/etc/localtime:ro"
labels:
- traefik.enable=true
# HTTP/S
- traefik.http.routers.gitea.rule=Host(`git.bouvais.lu`)
- traefik.http.routers.gitea.entrypoints=websecure
- traefik.http.routers.gitea.tls.certresolver=myresolver
- traefik.http.services.gitea.loadbalancer.server.port=3000
# SSH
- traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)
- traefik.tcp.routers.gitea-ssh.entrypoints=ssh
- traefik.tcp.services.gitea-ssh.loadbalancer.server.port=22
gitea-runner:
image: docker.io/gitea/act_runner:latest
container_name: gitea-runner
restart: unless-stopped
environment:
CONFIG_FILE: /config.yaml
GITEA_INSTANCE_URL: https://git.bouvais.lu/
GITEA_RUNNER_REGISTRATION_TOKEN: jBEK4cLzDp2wqv1Ru3SHyzC0xzl1FV94IcsGe5kd
volumes:
- ./config/gitea-runner/config.yaml:/config.yaml
- ./hdd0/gitea-runner:/data
- /var/run/docker.sock:/var/run/docker.sock
- ./hdd0/mkdocs-sites:/sites
mkdocs-zippondb:
image: squidfunk/mkdocs-material
container_name: mkdocs-zippondb
restart: unless-stopped
volumes:
- ./hdd0/mkdocs-sites/zippondb:/docs
labels:
- traefik.enable=true
- traefik.http.routers.gitea_runner.rule=Host(`docs.bouvais.lu`)
- traefik.http.routers.gitea_runner.entrypoints=websecure
- traefik.http.routers.gitea_runner.tls.certresolver=myresolver
- traefik.http.routers.gitea_runner.middlewares=auth@docker
- traefik.http.services.gitea_runner.loadbalancer.server.port=3000
registry:
image: registry:2
container_name: registry
restart: unless-stopped
environment:
- REGISTRY_AUTH_HTPASSWD_REALM=Bouvais Registry
- REGISTRY_AUTH_HTPASSWD_PATH=/etc/docker/registry/htpasswd
- REGISTRY_HTTP_SECRET=${MASTER_PASSWORD}
- REGISTRY_HEALTH_STORAGEDRIVER_ENABLED=true
- REGISTRY_STORAGE_DELETE_ENABLED=true
volumes:
- ./hdd0/registry/data:/var/lib/registry
- ./hdd0/registry/htpasswd:/etc/docker/registry/htpasswd:ro
labels:
- traefik.enable=true
- traefik.http.routers.registry.rule=Host(`registry.bouvais.lu`)
- traefik.http.routers.registry.entrypoints=websecure
- traefik.http.routers.registry.tls.certresolver=myresolver
- traefik.http.services.registry.loadbalancer.server.port=5000
registry-ui:
image: joxit/docker-registry-ui:latest
container_name: registry-ui
depends_on: [registry]
restart: unless-stopped
environment:
- DELETE_IMAGES=true
- REGISTRY_TITLE=Bouvais Docker Registry
- NGINX_PROXY_PASS_URL=http://registry:5000
- SINGLE_REGISTRY=true
labels:
- traefik.enable=true
- traefik.http.routers.registry_ui.rule=Host(`registry-ui.bouvais.lu`)
- traefik.http.routers.registry_ui.entrypoints=websecure
- traefik.http.routers.registry_ui.tls.certresolver=myresolver
- traefik.http.services.registry_ui.loadbalancer.server.port=80

41
docker-compose.yml
View File

@ -1,6 +1,6 @@
include: include:
- apps.yml - apps.yml
- developer.yml - gitea.yml
- llm.yml - llm.yml
- monitoring.yml - monitoring.yml
- vms.yml - vms.yml
@ -23,8 +23,6 @@ services:
- "--metrics.prometheus=true" - "--metrics.prometheus=true"
- "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0" - "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0"
- "--entryPoints.ssh.address=:2101" - "--entryPoints.ssh.address=:2101"
- "--entrypoints.web.transport.respondingTimeouts.readTimeout=180m"
- "--entrypoints.websecure.transport.respondingTimeouts.readTimeout=180m"
# Logs - Traefik will write its logs to /logs within the container, which maps to /data/logs on host # Logs - Traefik will write its logs to /logs within the container, which maps to /data/logs on host
- "--accesslog=true" - "--accesslog=true"
- "--accesslog.format=json" - "--accesslog.format=json"
@ -86,9 +84,12 @@ services:
image: kopia/kopia:latest image: kopia/kopia:latest
container_name: kopia container_name: kopia
restart: unless-stopped restart: unless-stopped
ports:
- 51515:51515
command: command:
- server - server
- start - start
#- --disable-csrf-token-checks
- --insecure - --insecure
- --address=0.0.0.0:51515 - --address=0.0.0.0:51515
- --server-username=adrien - --server-username=adrien
@ -97,12 +98,13 @@ services:
KOPIA_PASSWORD: ${MASTER_PASSWORD} KOPIA_PASSWORD: ${MASTER_PASSWORD}
USER: "adrien" USER: "adrien"
volumes: volumes:
# Mount local folders needed by kopia
- ./config/kopia:/app/config - ./config/kopia:/app/config
- ./cache/kopia:/app/cache - ./cache/kopia:/app/cache
- ./hdd0/logs/:/app/logs - ./hdd0/logs/:/app/logs
- ./hdd0:/hdd0 - ./hdd0:/hdd0 # Mount local folders to snapshot
- ./hdd0_backups/kopia/dir:/repository - ./hdd0_backups/kopia/dir:/repository # Mount repository location
- ./hdd0_backups/kopia/shared:/tmp:shared - ./hdd0_backups/kopia/shared:/tmp:shared # Mount path for browsing mounted snaphots
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.kopia.rule=Host(`kopia.bouvais.lu`)" - "traefik.http.routers.kopia.rule=Host(`kopia.bouvais.lu`)"
@ -110,33 +112,6 @@ services:
- "traefik.http.routers.kopia.tls.certresolver=myresolver" - "traefik.http.routers.kopia.tls.certresolver=myresolver"
- "traefik.http.services.kopia.loadbalancer.server.port=51515" - "traefik.http.services.kopia.loadbalancer.server.port=51515"
kopia-gcp:
image: kopia/kopia:latest
container_name: kopia-gcp
restart: unless-stopped
command:
- server
- start
- --insecure
- --address=0.0.0.0:51516
- --server-username=adrien
- --server-password=${MASTER_PASSWORD}
environment:
KOPIA_PASSWORD: ${MASTER_PASSWORD}
USER: "adrien"
volumes:
- ./config/kopia-gcp:/app/config
- ./cache/kopia-gcp:/app/cache
- ./hdd0/logs/gcp:/app/logs
- ./hdd0:/hdd0
- ./kopia-gcp-key.json:/cred.json
labels:
- "traefik.enable=true"
- "traefik.http.routers.kopia_gcp.rule=Host(`kopia-gcp.bouvais.lu`)"
- "traefik.http.routers.kopia_gcp.entrypoints=websecure"
- "traefik.http.routers.kopia_gcp.tls.certresolver=myresolver"
- "traefik.http.services.kopia_gcp.loadbalancer.server.port=51516"
minio: minio:
image: minio/minio:latest image: minio/minio:latest
container_name: minio container_name: minio

51
gitea.yml Normal file
View File

@ -0,0 +1,51 @@
services:
gitea:
image: "docker.gitea.com/gitea:1.23.8"
container_name: gitea
restart: unless-stopped
environment:
- GITEA_CUSTOM=/etc/gitea
volumes:
- "./hdd0/gitea:/data"
- "./config/gitea:/etc/gitea"
- "/etc/timezone:/etc/timezone:ro"
- "/etc/localtime:/etc/localtime:ro"
labels:
- "traefik.enable=true"
# HTTP/S
- "traefik.http.routers.gitea.rule=Host(`git.bouvais.lu`)"
- "traefik.http.routers.gitea.entrypoints=websecure"
- "traefik.http.routers.gitea.tls.certresolver=myresolver"
- "traefik.http.services.gitea.loadbalancer.server.port=3000"
# SSH
- "traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)"
- "traefik.tcp.routers.gitea-ssh.entrypoints=ssh"
- "traefik.tcp.services.gitea-ssh.loadbalancer.server.port=22"
gitea-runner:
image: docker.io/gitea/act_runner:latest
container_name: gitea-runner
restart: unless-stopped
environment:
CONFIG_FILE: /config.yaml
GITEA_INSTANCE_URL: https://git.bouvais.lu/
GITEA_RUNNER_REGISTRATION_TOKEN: jBEK4cLzDp2wqv1Ru3SHyzC0xzl1FV94IcsGe5kd
volumes:
- ./config/gitea-runner/config.yaml:/config.yaml
- ./hdd0/gitea-runner:/data
- /var/run/docker.sock:/var/run/docker.sock
- ./hdd0/mkdocs-sites:/sites
mkdocs-zippondb:
image: squidfunk/mkdocs-material
container_name: mkdocs-zippondb
restart: unless-stopped
volumes:
- ./hdd0/mkdocs-sites/zippondb:/docs
labels:
- "traefik.enable=true"
- "traefik.http.routers.gitea.rule=Host(`docs.bouvais.lu`)"
- "traefik.http.routers.gitea.entrypoints=websecure"
- "traefik.http.routers.gitea.tls.certresolver=myresolver"
- "traefik.http.routers.gitea.middlewares=auth@docker"
- "traefik.http.services.gitea.loadbalancer.server.port=3000"

24
llm.yml
View File

@ -14,18 +14,18 @@ services:
environment: environment:
OLLAMA_BASE_URLS: http://ollama:11434 OLLAMA_BASE_URLS: http://ollama:11434
# ollama: ollama:
# image: ollama/ollama:latest image: ollama/ollama:latest
# container_name: ollama container_name: ollama
# volumes: volumes:
# - ./hdd0/ollama:/root/.ollama - ./hdd0/ollama:/root/.ollama
# deploy: deploy:
# resources: resources:
# reservations: reservations:
# devices: devices:
# - driver: nvidia - driver: nvidia
# capabilities: ["gpu"] capabilities: ["gpu"]
# count: all count: all
openwebui-pipeline: openwebui-pipeline:
image: ghcr.io/open-webui/pipelines:main image: ghcr.io/open-webui/pipelines:main

50
vms.yml
View File

@ -1,17 +1,17 @@
services: services:
arch-cpu: arch-ttyd:
image: registry.bouvais.lu/vms/arch-ttyd-cpu:1.0.0 build:
container_name: arch-cpu context: .
dockerfile: Dockerfile.arch-ttyd
container_name: arch-ttyd
restart: unless-stopped restart: unless-stopped
volumes: volumes:
- ./hdd0/vms/arch/data:/data - ./hdd0/vms/arch/data:/data
- ./hdd0/vms/arch/root:/root - ./hdd0/vms/arch/root:/root
command: > - ~/.ssh/id_rsa:/root/.ssh/id_rsa:ro
ttyd environment:
-p 7681 - TTYD_USERNAME=${TTYD_USERNAME:-admin}
-c "${TTYD_USERNAME}:${MASTER_PASSWORD}" - TTYD_PASSWORD=${MASTER_PASSWORD:-changeme}
-W
bash
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.arch.rule=Host(`arch.bouvais.lu`)" - "traefik.http.routers.arch.rule=Host(`arch.bouvais.lu`)"
@ -26,35 +26,3 @@ services:
reservations: reservations:
cpus: '0.5' cpus: '0.5'
memory: 256M memory: 256M
arch-gpu:
image: registry.bouvais.lu/vms/arch-ttyd-gpu:1.0.0
container_name: arch-gpu
restart: unless-stopped
volumes:
- ./hdd0/vms/arch_gpu/data:/data
- ./hdd0/vms/arch_gpu/root:/root
command: >
ttyd
-p 7682
-c "${TTYD_USERNAME}:${MASTER_PASSWORD}"
-W
bash
labels:
- "traefik.enable=true"
- "traefik.http.routers.arch_gpu.rule=Host(`arch-gpu.bouvais.lu`)"
- "traefik.http.routers.arch_gpu.entrypoints=websecure"
- "traefik.http.routers.arch_gpu.tls.certresolver=myresolver"
- "traefik.http.services.arch_gpu.loadbalancer.server.port=7682"
deploy:
resources:
limits:
cpus: '2.0'
memory: 1G
reservations:
cpus: '0.5'
memory: 256M
devices:
- driver: nvidia
capabilities: ["gpu"]
count: all