tiff/homelab-config
1
0
Fork 0
Code Issues Pull requests Projects Releases 2 Packages Wiki Activity Actions

Update something

Browse source
This commit is contained in:
tiff 2024-08-08 19:03:01 -04:00
parent 02ebf2a878
commit 776f90c240
61 changed files with 304 additions and 521 deletions
Download patch file Download diff file Expand all files Collapse all files

9
ubuntu/README.md Normal file
View file

@ -0,0 +1,9 @@
# Ubuntu VMs Inside of Proxmox
These days, I have figured out that if I need privileged access to a container, an LXC is not the best choice. For instance, if I want to add storage to a container, it is almost impossible to do so with an LXC without making the container a privleged container which comes with security implications that I don't want to manage.
So now I run mission-critical services in Ubuntu VMs on Proxmox. I do not use the tteck's scripts for this; I download an ISO file and upload it to storage on Proxmox and create the VM from scratch.
## Difficult to manage publically shared services
For services I want to share publicly that are a real pita to setup and run on my home server, I use [PikaPods](https://pikapods.com). Yes, it costs money, but I've been running Audiobookshelf for a month now on an initial $5 top up. It's a pittance for such a wonderful service, and each "Pod" has a different price for usage. They don't keep your data and the funds go directly to the open source developers apps you are using.

8
ubuntu/docker/README.md Normal file
View file

@ -0,0 +1,8 @@
# Docker Examples
> [!NOTE]\
> I installed Docker on an Ubuntu Live Server with Portainer installed for easy Docker Compose configuration
>
>

1
ubuntu/docker/authentik/.env.example Normal file
View file

@ -0,0 +1 @@
# You environment variables go here

86
ubuntu/docker/authentik/docker-compose.yml Normal file
View file

@ -0,0 +1,86 @@
---
version: "3.4"
services:
postgresql:
image: docker.io/library/postgres:12-alpine
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
start_period: 20s
interval: 30s
retries: 5
timeout: 5s
volumes:
- database:/var/lib/postgresql/data
environment:
POSTGRES_PASSWORD: ${PG_PASS:?database password required}
POSTGRES_USER: ${PG_USER:-authentik}
POSTGRES_DB: ${PG_DB:-authentik}
env_file:
- .env
redis:
image: docker.io/library/redis:alpine
command: --save 60 1 --loglevel warning
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
start_period: 20s
interval: 30s
retries: 5
timeout: 3s
volumes:
- redis:/data
server:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.2.2}
restart: unless-stopped
command: server
environment:
AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
volumes:
- ./media:/media
- ./custom-templates:/templates
env_file:
- .env
ports:
- "${COMPOSE_PORT_HTTP:-9000}:9000"
- "${COMPOSE_PORT_HTTPS:-9443}:9443"
depends_on:
- postgresql
- redis
worker:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.2.2}
restart: unless-stopped
command: worker
environment:
AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
# `user: root` and the docker socket volume are optional.
# See more for the docker socket integration here:
# https://goauthentik.io/docs/outposts/integrations/docker
# Removing `user: root` also prevents the worker from fixing the permissions
# on the mounted folders, so when removing this make sure the folders have the correct UID/GID
# (1000:1000 by default)
user: root
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./media:/media
- ./certs:/certs
- ./custom-templates:/templates
env_file:
- .env
depends_on:
- postgresql
- redis
volumes:
database:
driver: local
redis:
driver: local

2
ubuntu/docker/haproxy/Dockerfile Normal file
View file

@ -0,0 +1,2 @@
FROM haproxy:2.3
COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg

2
ubuntu/docker/haproxy/README.md Normal file
View file

@ -0,0 +1,2 @@
# HAProxy for Proxy Server and Load Balancer

1
ubuntu/docker/homepage/README.md Normal file
View file

@ -0,0 +1 @@
# Homepage

92
ubuntu/docker/homepage/config/bookmarks.yaml Normal file
View file

@ -0,0 +1,92 @@
---
- Repositories:
- Homelab:
- icon: si-github-#FFFFFF
href: https://github.com/twhite96/homelab-config
description: Homelab config
- Homelab Docs:
- icon: si-github-#FFFFFF
href: https://github.com/twhite96/tifflabs
description: Homelab repo
- Selfhosted Projects:
- tiff labs:
- icon: /icons/tifflabsgit.png
href: https://tifflabs-software.org
description: Labs software hosting
- cyber:
- icon: /icons/htbavatar.png
href: https://projects.0x8c.run
description: '0x8c project hosting'
- Cloud Platforms:
- Linode:
- icon: /icons/linode.png
href: https://cloud.linode.com/linodes
description: Linode
- Hetzner:
- icon: si-hetzner-#D50C2D
href: https://accounts.hetzner.com/login
description: Hetzner
- Hosting Platforms:
- Vercel:
- icon: si-vercel-#000000
href: https://vercel.com/dashboard
description: Vercel
- Cloudron:
- icon: si-cloudron-#03A9F4
href: https://console.cloudron.io/
description: Cloudron
- Documentation:
- Docs site:
- icon: si-materialformkdocs-#ff0000
href: https://docs.tifflabs.org
description: Smart home docs
- labs.network:
- icon: si-bookstack-#B91C1C
href: https://presto-horn.tifflabs.org
description: Network wiki
- Public Projects:
- Homelab Config:
- icon: /icons/tifflabs.svg
href: https://homelab.tiff.tools
description: Homelab Config
- Forgejo Homelab Projects:
- icon: si-forgejo-#FB923C
href: https://tifflabs-software.org/explore
description: Public personal projects
- Cyber Learning:
- Hack The Box:
- icon: si-hackthebox-#9FEF00
href: https://academy.hackthebox.com
description: HTB Academy
- TryHackMe:
- icon: si-tryhackme-#88CC15
href: https://tryhackme.com/
description: TryHackMe
- Productivity:
- Email:
- icon: si-protonmail-#6D4AFF
href: https://mail.proton.me/
description: Email
- Calendar:
- icon: si-protoncalendar-#50B0E9
href: https://calendar.proton.me
description: Calendar
- Public Notes and Writeups:
- Notes:
- icon: si-obsidian-#7C3AED
href: https://notes.0x8c.org
description: Public Notes
- Wiki:
icon: si-gitbook-#BBDDE5
href: https://app.gitbook.com/?source=pwa
description: Write-ups

0
ubuntu/docker/homepage/config/custom.css Normal file
View file

0
ubuntu/docker/homepage/config/custom.js Normal file
View file

0
ubuntu/docker/homepage/config/docker.yaml Normal file
View file

0
ubuntu/docker/homepage/config/kubernetes.yaml Normal file
View file

107
ubuntu/docker/homepage/config/services.yaml Normal file
View file

@ -0,0 +1,107 @@
---
- Infrastructure and Data:
- Proxmox:
href: {{proxmox-url}}
icon: proxmox.svg
description: prx-prod-2
siteMonitor: {{proxmox-url}}
widget:
type: proxmox
url: {{proxmox-url}}
username: {{HOMEPAGE_VAR_PROXMOX_USERNAME}}
password: {{HOMEPAGE_VAR_PROXMOX_PASSWORD}}
- Authentik:
icon: authentik.png
showStats: true
href: {{url}}
widget:
type: authentik
fields: ["users"]
url: {{url}}
key: {{HOMEPAGE_VAR_AUTHENTIK_KEY}}
- Monitoring:
- UptimeKuma:
icon: uptime-kuma.svg
href: https://uptime.tifflabs.org
widget:
description: uptime on pve main
fields: ["up", "down", "uptime", "incident"]
icon: uptime-kuma.svg
type: uptimekuma
url: {{url}}
slug: lab
- Pi-hole:
icon: pi-hole.svg
siteMonitor: {{url}}
widget:
type: pihole
fields: ["queries", "blocked", "blocked_percent", "gravity"]
url: {{url}} # required if running v6 or higher, defaults to 5
key: {{HOMEPAGE_VAR_PIHOLE_TOKEN}}
- Grafana:
icon: grafana.svg
siteMonitor: {{url}}
widget:
type: grafana
fields: ["dashboards", "datasources", "totalalerts", "alertstriggered"]
url: {{url}}
username: tifflabs
password: {{HOMEPAGE_VAR_GRAFANA_PASSWORD}}
- Tailscale:
icon: tailscale.svg
showStats: true
widget:
type: tailscale
fields: ["address", "last_seen", "expires"]
deviceid: {{device-id}}
key: {{key}}
- Media:
- Jellyfin:
icon: jellyfin.svg
description: tailnet jellyfin
widget:
type: jellyfin
url: {{url}}
fields: ["movies", "series", "episodes", "songs"]
key: {{HOMEPAGE_VAR_JELLYFIN_KEY}}
enableBlocks: true # optional, defaults to false
enableNowPlaying: true # optional, defaults to true
enableUser: true # optional, defaults to false
showEpisodeNumber: true # optional, defaults to false
expandOneStreamToTwoRows: false # optional, defaults to true
- Calibre:
icon: calibre.svg
siteMonitor: https://books.tiffs.app
href: 'https://books.tiffs.app'
widget:
type: calibreweb
url: https://books.tiffs.app
fields: ["books", "authors", "categories", "series"]
username: {{username}}
password: {{password}}
- FreshRSS:
icon: freshrss.svg
description: RSS Feed
href: https://rss.tifflabs.dev
showStats: true
widget:
type: freshrss
url: https://rss.tifflabs.dev
fields: ["subscriptions", "unread"]
username: {{username}}
password: {{password}}
- Audiobookshelf:
icon: audiobookshelf.svg
siteMonitor: https://audiobooks.tiffs.app
href: https://audiobooks.tiffs.app
description: Audiobook Library
showStats: true
widget:
type: audiobookshelf
fields: ["podcasts", "podcastsDuration", "books", "booksDuration"]
url: https://audiobooks.tiffs.app
key: {{HOMEPAGE_VAR_AUDIOBOOKSHELF_KEY}}

74
ubuntu/docker/homepage/config/settings.yaml Normal file
View file

@ -0,0 +1,74 @@
---
title: Dash
headerStyle: clean
background:
blur: xl
brightness: 90
opacity: 60
cardBlur: sm
useEqualHeights: true
providers:
quicklaunch:
searchDescriptions: true
hideInternetSearch: true
showSearchSuggestions: true
hideVisitURL: true
layout:
- Services:
Infrastructure and Data:
icon: proxmox.svg
style: row
columns: 2
Monitoring:
icon: grafana.svg
style: row
columns: 4
Media:
icon: jellyfin.svg
style: row
columns: 4
- Bookmarks:
Repositories:
icon: github.svg
style: row
columns: 2
Selfhosted Projects:
icon: codeberg.svg
style: row
columns: 2
Cloud Platforms:
icon: hetzner.svg
style: row
columns: 2
Hosting Platforms:
icon: cloudron.svg
style: row
columns: 2
Documentation:
icon: bookstack.svg
style: row
columns: 2
Public Projects:
icon: forgejo.svg
style: row
columns: 2
Cyber Learning:
icon: hackthebox.svg
style: row
columns: 2
Productivity:
icon: protonmail.svg
style: row
columns: 2
Public Notes and Writeups:
icon: obsidian.svg
style: row
columns: 2

26
ubuntu/docker/homepage/config/widgets.yaml Normal file
View file

@ -0,0 +1,26 @@
---
- resources:
cpu: true
memory: true
disk: /
- search:
provider: custom
url: # whoogle # google, duckduckgo, bing, baidu, brave or custom
focus: true
target: _blank # One of _self, _blank, _parent or _top
- openweathermap:
latitude: {{long}}
longitude: {{lat}}
units: imperial # or imperial
provider: openweathermap
cache: 5 # Time in minutes to cache API responses, to stay within limits
format: # optional, Intl.NumberFormat options
maximumFractionDigits: 0
- datetime:
text_size: m
format:
timeStyle: short
hourCycle: h12

14
ubuntu/docker/homepage/docker-compose.yaml Normal file
View file

@ -0,0 +1,14 @@
---
services:
homepage:
image: ghcr.io/gethomepage/homepage:latest
container_name: homepage-prod-1
ports:
- 3000:3000
env_file:
- ".env.example"
volumes:
- ./config:/app/config # Make sure your local config directory exists
- ./images:/app/public/images
- ./icons:/app/public/icons
restart: unless-stopped

76
ubuntu/docker/homepage/homepage.sh Normal file
View file

@ -0,0 +1,76 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2024 tteck
# Author: tteck (tteckster)
# License: MIT
# https://github.com/tteck/Proxmox/raw/main/LICENSE
source /dev/stdin <<< "$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies"
$STD apt-get install -y curl
$STD apt-get install -y sudo
$STD apt-get install -y mc
$STD apt-get install -y make
$STD apt-get install -y g++
$STD apt-get install -y gcc
$STD apt-get install -y ca-certificates
$STD apt-get install -y gnupg
msg_ok "Installed Dependencies"
msg_info "Setting up Node.js Repository"
mkdir -p /etc/apt/keyrings
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" >/etc/apt/sources.list.d/nodesource.list
msg_ok "Set up Node.js Repository"
msg_info "Installing Node.js"
$STD apt-get update
$STD apt-get install -y nodejs
$STD npm install -g pnpm
msg_ok "Installed Node.js"
RELEASE=$(curl -s https://api.github.com/repos/gethomepage/homepage/releases/latest | grep "tag_name" | awk '{print substr($2, 3, length($2)-4) }')
msg_info "Installing Homepage v${RELEASE} (Patience)"
wget -q https://github.com/gethomepage/homepage/archive/refs/tags/v${RELEASE}.tar.gz
$STD tar -xzf v${RELEASE}.tar.gz
mkdir -p /opt/homepage/config
mv homepage-${RELEASE}/* /opt/homepage
rm -rf homepage-${RELEASE}
cd /opt/homepage
cp /opt/homepage/src/skeleton/* /opt/homepage/config
$STD pnpm install
$STD pnpm build
msg_ok "Installed Homepage v${RELEASE}"
msg_info "Creating Service"
service_path="/etc/systemd/system/homepage.service"
echo "[Unit]
Description=Homepage
After=network.target
StartLimitIntervalSec=0
[Service]
Type=simple
Restart=always
RestartSec=1
User=root
WorkingDirectory=/opt/homepage/
ExecStart=pnpm start
[Install]
WantedBy=multi-user.target" >$service_path
$STD systemctl enable --now homepage
msg_ok "Created Service"
motd_ssh
customize
msg_info "Cleaning up"
$STD apt-get autoremove
$STD apt-get autoclean
msg_ok "Cleaned"

166
ubuntu/docker/photoprism/docker-compose.yml Normal file
View file

@ -0,0 +1,166 @@
# Example Docker Compose config file for PhotoPrism (Linux / AMD64)
#
# Note:
# - Running PhotoPrism on a server with less than 4 GB of swap space or setting a memory/swap limit can cause unexpected
# restarts ("crashes"), for example, when the indexer temporarily needs more memory to process large files.
# - If you install PhotoPrism on a public server outside your home network, please always run it behind a secure
# HTTPS reverse proxy such as Traefik or Caddy. Your files and passwords will otherwise be transmitted
# in clear text and can be intercepted by anyone, including your provider, hackers, and governments:
# https://docs.photoprism.app/getting-started/proxies/traefik/
#
# Setup Guides:
# - https://docs.photoprism.app/getting-started/docker-compose/
# - https://docs.photoprism.app/getting-started/raspberry-pi/
# - https://www.photoprism.app/kb/activation
#
# Troubleshooting Checklists:
# - https://docs.photoprism.app/getting-started/troubleshooting/
# - https://docs.photoprism.app/getting-started/troubleshooting/docker/
# - https://docs.photoprism.app/getting-started/troubleshooting/mariadb/
#
# CLI Commands:
# - https://docs.photoprism.app/getting-started/docker-compose/#command-line-interface
#
# All commands may have to be prefixed with "sudo" when not running as root.
# This will point the home directory shortcut ~ to /root in volume mounts.
services:
# traefik:
# image: traefik:v2.11
# restart: unless-stopped
# ports:
# - "80:80"
# - "443:443"
# volumes:
# - "./traefik.yaml:/etc/traefik/traefik.yaml"
# - "./traefik/data:/data"
# - "/var/run/docker.sock:/var/run/docker.sock"
photoprism:
## Use photoprism/photoprism:preview for testing preview builds:
image: photoprism/photoprism:latest
## Don't enable automatic restarts until PhotoPrism has been properly configured and tested!
## If the service gets stuck in a restart loop, this points to a memory, filesystem, network, or database issue:
## https://docs.photoprism.app/getting-started/troubleshooting/#fatal-server-errors
# restart: unless-stopped
stop_grace_period: 10s
depends_on:
- mariadb
security_opt:
- seccomp:unconfined
- apparmor:unconfined
## Server port mapping in the format "Host:Container". To use a different port, change the host port on
## the left-hand side and keep the container port, e.g. "80:2342" (for HTTP) or "443:2342 (for HTTPS):
ports:
- "2342:2342"
# labels:
# - "traefik.http.routers.photoprism.rule=Host(`photos.tiff.ws`)"
# - "traefik.http.routers.photoprism.tls=true"
# - "traefik.http.routers.photoprism.tls.certresolver=myresolver"
## Before you start the service, please check the following config options (and change them as needed):
## https://docs.photoprism.app/getting-started/config-options/
environment:
PHOTOPRISM_ADMIN_USER: "admin" # admin login username
PHOTOPRISM_ADMIN_PASSWORD: # initial admin password (8-72 characters)
PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password)
PHOTOPRISM_SITE_URL: # server URL in the format "http(s)://domain.name(:port)/(path)"
PHOTOPRISM_DISABLE_TLS: "false" # disables HTTPS/TLS even if the site URL starts with https:// and a certificate is available
PHOTOPRISM_DEFAULT_TLS: "true" # defaults to a self-signed HTTPS/TLS certificate if no other certificate is available
PHOTOPRISM_ORIGINALS_LIMIT: 5000 # file size limit for originals in MB (increase for high-res video)
PHOTOPRISM_HTTP_COMPRESSION: "gzip" # improves transfer speed and bandwidth utilization (none or gzip)
PHOTOPRISM_LOG_LEVEL: "info" # log level: trace, debug, info, warning, error, fatal, or panic
PHOTOPRISM_READONLY: "false" # do not modify originals directory (reduced functionality)
PHOTOPRISM_EXPERIMENTAL: "false" # enables experimental features
PHOTOPRISM_DISABLE_CHOWN: "false" # disables updating storage permissions via chmod and chown on startup
PHOTOPRISM_DISABLE_WEBDAV: "false" # disables built-in WebDAV server
PHOTOPRISM_DISABLE_SETTINGS: "false" # disables settings UI and API
PHOTOPRISM_DISABLE_TENSORFLOW: "false" # disables all features depending on TensorFlow
PHOTOPRISM_DISABLE_FACES: "false" # disables face detection and recognition (requires TensorFlow)
PHOTOPRISM_DISABLE_CLASSIFICATION: "false" # disables image classification (requires TensorFlow)
PHOTOPRISM_DISABLE_VECTORS: "false" # disables vector graphics support
PHOTOPRISM_DISABLE_RAW: "false" # disables indexing and conversion of RAW images
PHOTOPRISM_RAW_PRESETS: "false" # enables applying user presets when converting RAW images (reduces performance)
PHOTOPRISM_SIDECAR_YAML: "true" # creates YAML sidecar files to back up picture metadata
PHOTOPRISM_BACKUP_ALBUMS: "true" # creates YAML files to back up album metadata
PHOTOPRISM_BACKUP_DATABASE: "true" # creates regular backups based on the configured schedule
PHOTOPRISM_BACKUP_SCHEDULE: "daily" # backup SCHEDULE in cron format (e.g. "0 12 * * *" for daily at noon) or at a random time (daily, weekly)
PHOTOPRISM_INDEX_SCHEDULE: "" # indexing SCHEDULE in cron format (e.g. "@every 3h" for every 3 hours; "" to disable)
PHOTOPRISM_AUTO_INDEX: 300 # delay before automatically indexing files in SECONDS when uploading via WebDAV (-1 to disable)
PHOTOPRISM_AUTO_IMPORT: -1 # delay before automatically importing files in SECONDS when uploading via WebDAV (-1 to disable)
PHOTOPRISM_DETECT_NSFW: "false" # automatically flags photos as private that MAY be offensive (requires TensorFlow)
PHOTOPRISM_UPLOAD_NSFW: "true" # allows uploads that MAY be offensive (no effect without TensorFlow)
# PHOTOPRISM_DATABASE_DRIVER: "sqlite" # SQLite is an embedded database that does not require a separate database server
PHOTOPRISM_DATABASE_DRIVER: "mysql" # MariaDB 10.5.12+ (MySQL successor) offers significantly better performance compared to SQLite
PHOTOPRISM_DATABASE_SERVER: "mariadb:3306" # MariaDB database server (hostname:port)
PHOTOPRISM_DATABASE_NAME: "photoprism" # MariaDB database schema name
PHOTOPRISM_DATABASE_USER: "photoprism" # MariaDB database user name
PHOTOPRISM_DATABASE_PASSWORD: # MariaDB database user password
PHOTOPRISM_SITE_CAPTION: #your caption goes here
PHOTOPRISM_SITE_DESCRIPTION: # meta site description
PHOTOPRISM_SITE_AUTHOR: # meta site author
## Video Transcoding (https://docs.photoprism.app/getting-started/advanced/transcoding/):
# PHOTOPRISM_FFMPEG_ENCODER: "software" # H.264/AVC encoder (software, intel, nvidia, apple, raspberry, or vaapi)
# PHOTOPRISM_FFMPEG_SIZE: "1920" # video size limit in pixels (720-7680) (default: 3840)
# PHOTOPRISM_FFMPEG_BITRATE: "32" # video bitrate limit in Mbit/s (default: 50)
## Run/install on first startup (options: update https gpu ffmpeg tensorflow davfs clitools clean):
# PHOTOPRISM_INIT: "https gpu tensorflow"
## Run as a non-root user after initialization (supported: 0, 33, 50-99, 500-600, and 900-1200):
# PHOTOPRISM_UID: 1000
# PHOTOPRISM_GID: 1000
# PHOTOPRISM_UMASK: 0000
## Start as non-root user before initialization (supported: 0, 33, 50-99, 500-600, and 900-1200):
# user: "1000:1000"
## Share hardware devices with FFmpeg and TensorFlow (optional):
# devices:
# - "/dev/dri:/dev/dri" # Intel QSV
# - "/dev/nvidia0:/dev/nvidia0" # Nvidia CUDA
# - "/dev/nvidiactl:/dev/nvidiactl"
# - "/dev/nvidia-modeset:/dev/nvidia-modeset"
# - "/dev/nvidia-nvswitchctl:/dev/nvidia-nvswitchctl"
# - "/dev/nvidia-uvm:/dev/nvidia-uvm"
# - "/dev/nvidia-uvm-tools:/dev/nvidia-uvm-tools"
# - "/dev/video11:/dev/video11" # Video4Linux Video Encode Device (h264_v4l2m2m)
working_dir: "/photoprism" # do not change or remove
## Storage Folders: "~" is a shortcut for your home directory, "." for the current directory
volumes:
# "/host/folder:/photoprism/folder" # Example
- "./photos:/photoprism/originals" # Original media files (DO NOT REMOVE)
# - "/example/family:/photoprism/originals/family" # *Additional* media folders can be mounted like this
- "./storage.usb:/photoprism/import" # *Optional* base folder from which files can be imported to originals
- "./storage:/photoprism/storage" # *Writable* storage folder for cache, database, and sidecar files (DO NOT REMOVE)
## MariaDB Database Server (recommended)
## see https://docs.photoprism.app/getting-started/faq/#should-i-use-sqlite-mariadb-or-mysql
mariadb:
image: mariadb:11
## If MariaDB gets stuck in a restart loop, this points to a memory or filesystem issue:
## https://docs.photoprism.app/getting-started/troubleshooting/#fatal-server-errors
restart: unless-stopped
stop_grace_period: 5s
security_opt: # see https://github.com/MariaDB/mariadb-docker/issues/434#issuecomment-1136151239
- seccomp:unconfined
- apparmor:unconfined
command: --innodb-buffer-pool-size=512M --transaction-isolation=READ-COMMITTED --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --max-connections=512 --innodb-rollback-on-timeout=OFF --innodb-lock-wait-timeout=120
## Never store database files on an unreliable device such as a USB flash drive, an SD card, or a shared network folder:
volumes:
- "./database:/var/lib/mysql" # DO NOT REMOVE
environment:
MARIADB_AUTO_UPGRADE: "1"
MARIADB_INITDB_SKIP_TZINFO: "1"
MARIADB_DATABASE: "photoprism"
MARIADB_USER: "photoprism"
MARIADB_PASSWORD: "x!rPM.jTjcKLPuhLHdGs78A9W"
MARIADB_ROOT_PASSWORD: "WkDdnDehFdALm*N@EUqE6e7MC"
## Watchtower upgrades services automatically (optional)
## see https://docs.photoprism.app/getting-started/updates/#watchtower
## activate via "COMPOSE_PROFILES=update docker compose up -d"
watchtower:
restart: unless-stopped
image: containrrr/watchtower
profiles: ["update"]
environment:
WATCHTOWER_CLEANUP: "true"
WATCHTOWER_POLL_INTERVAL: 7200 # checks for updates every two hours
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "~/.docker/config.json:/config.json" # optional, for authentication if you have a Docker Hub account

10
ubuntu/docker/qbittorrent/README.md Normal file
View file

@ -0,0 +1,10 @@
# qBittorent Web Ui Install
> [!NOTE]\
> This gist is taken from an article on Linux Babe which is linked in the Gist. If curious now, you can find the article here: [Linux Babe How to Install qBIttorent Web UI on Ubuntu 18.04 Desktip or Server](https://www.linuxbabe.com/ubuntu/install-qbittorrent-ubuntu-18-04-desktop-server)
>
>
<script src="https://gist.github.com/twhite96/631d3544ce01c47a6de787f6c47af60b.js"></script>

54
ubuntu/docker/qbittorrent/qbittorrent.sh Normal file
View file

@ -0,0 +1,54 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2024 tteck
# Author: tteck (tteckster)
# License: MIT
# https://github.com/tteck/Proxmox/raw/main/LICENSE
source /dev/stdin <<< "$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies"
$STD apt-get install -y curl
$STD apt-get install -y sudo
$STD apt-get install -y mc
msg_ok "Installed Dependencies"
msg_info "Installing qbittorrent-nox"
$STD apt-get install -y qbittorrent-nox
mkdir -p /.config/qBittorrent/
cat <<EOF >/.config/qBittorrent/qBittorrent.conf
[Preferences]
WebUI\Password_PBKDF2="@ByteArray(amjeuVrF3xRbgzqWQmes5A==:XK3/Ra9jUmqUc4RwzCtrhrkQIcYczBl90DJw2rT8DFVTss4nxpoRhvyxhCf87ahVE3SzD8K9lyPdpyUCfmVsUg==)"
WebUI\Port=8090
WebUI\UseUPnP=false
WebUI\Username=admin
EOF
msg_ok "qbittorrent-nox"
msg_info "Creating Service"
cat <<EOF >/etc/systemd/system/qbittorrent-nox.service
[Unit]
Description=qBittorrent client
After=network.target
[Service]
ExecStart=/usr/bin/qbittorrent-nox --webui-port=8090
Restart=always
[Install]
WantedBy=multi-user.target
EOF
systemctl enable -q --now qbittorrent-nox
msg_ok "Created Service"
motd_ssh
customize
msg_info "Cleaning up"
$STD apt-get autoremove
$STD apt-get autoclean
msg_ok "Cleaned"

3
ubuntu/servarr/README.md Normal file
View file

@ -0,0 +1,3 @@
# *arr Apps
The apps you use when you want to keep track of the ISO files you get.

28
ubuntu/ubuntu.sh Normal file
View file

@ -0,0 +1,28 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2024 tteck
# Author: tteck (tteckster)
# License: MIT
# https://github.com/tteck/Proxmox/raw/main/LICENSE
source /dev/stdin <<< "$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies"
$STD apt-get install -y curl
$STD apt-get install -y sudo
$STD apt-get install -y mc
msg_ok "Installed Dependencies"
motd_ssh
customize
msg_info "Cleaning up"
$STD apt-get autoremove
$STD apt-get autoclean
msg_ok "Cleaned"