Peacock/Docker-Compose-Files
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial composes

Browse Source
This commit is contained in:
Toni
2026-02-09 16:04:14 +01:00
commit df054c5ac7
13 changed files with 588 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

174
RPi/Caddy/Caddyfile Normal file
View File

@@ -0,0 +1,174 @@
vault.casademm.de {
log {
level INFO
output file {$LOG_FILE} {
roll_size 10MB
roll_keep 10
}
}
# Use the ACME HTTP-01 challenge to get a cert for the configured domain.
tls {$EMAIL}
# This setting may have compatibility issues with some browsers
# (e.g., attachment downloading on Firefox). Try disabling this
# if you encounter issues.
encode zstd gzip
# Proxy everything Rocket
reverse_proxy vaultwarden:80 {
# Send the true remote IP to Rocket, so that vaultwarden can put this in the
# log, so that fail2ban can ban the correct IP.
header_up X-Real-IP {remote_host}
}
}
https://portainer.casademm.de {
tls {$EMAIL}
reverse_proxy https://portainer:9443 {
transport http {
tls
tls_insecure_skip_verify
}
}
}
https://heimdall.casademm.de {
tls {$EMAIL}
reverse_proxy https://heimdall:443 {
transport http {
tls
tls_insecure_skip_verify
}
}
}
https://fritz.casademm.de {
tls {$EMAIL}
reverse_proxy https://192.168.178.1 {
transport http {
tls
tls_insecure_skip_verify
}
}
}
#https://heidrun.casademm.de {
# tls {$EMAIL}
# reverse_proxy https://192.168.178.23 {
# transport http {
# tls
# tls_insecure_skip_verify
# }
# }
#}
hole.casademm.de {
tls {$EMAIL}
reverse_proxy pihole:443 {
transport http {
tls_insecure_skip_verify
}
}
}
mb.casademm.de {
tls {$EMAIL}
reverse_proxy systems.casademm.de:2333 {
transport http {
tls_insecure_skip_verify
}
}
}
ss.casademm.de {
tls {$EMAIL}
reverse_proxy systems.casademm.de:8003 {
transport http {
tls_insecure_skip_verify
}
}
}
ftp.casademm.de {
reverse_proxy systems.casademm.de:8080 {
}
}
next.casademm.de {
reverse_proxy https://nextcloud:443 {
transport http {
tls_insecure_skip_verify
}
}
}
wtw.casademm.de {
tls {$EMAIL}
reverse_proxy http://systems.casademm.de:3630 {
}
}
https://home.casademm.de {
tls {$EMAIL}
reverse_proxy https://heimdall:443 {
transport http {
tls
tls_insecure_skip_verify
}
}
}
hsm.casademm.de {
tls {$EMAIL}
reverse_proxy http://systems.casademm.de:3001 {
}
}
gitea.casademm.de {
tls {$EMAIL}
reverse_proxy http://systems.casademm.de:3000 {
}
}
act.casademm.de {
#tls {$EMAIL}
encode gzip zstd
reverse_proxy actual-server:5006
}
php.casademm.de {
reverse_proxy http://phpmyadmin:80
}
maria.casademm.de {
reverse_proxy mariadb:3306
}

29
RPi/Caddy/compose.yaml Normal file
View File

@@ -0,0 +1,29 @@
services:
caddy:
image: dhi.io/caddy:2-debian13-dev
container_name: caddy
restart: always
ports:
- 80:80 # Needed for the ACME HTTP-01 challenge.
- 443:443
- 443:443/udp # Needed for HTTP/3.
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile:ro
- ./caddy-config:/config
- ./caddy-data:/data
environment:
DOMAIN: "https://vault.casademm.de" # Your domain.
EMAIL: "t.r.martin22699@gmail.com" # The email address to use for ACME registration.
LOG_FILE: "/data/access.log"
networks:
- casa-de-martmann
- proxy
networks:
casa-de-martmann:
name: casa-de-martmann
external: true
proxy:
name: proxy
external: true

33
RPi/MariaDB/compose.yaml Normal file
View File

@@ -0,0 +1,33 @@
services:
mariadb:
image: mariadb:latest
container_name: mariadb
restart: always
environment:
MYSQL_ROOT_PASSWORD: bmjsfoznrc
MYSQL_DATABASE: entry
MYSQL_USER: roulette
MYSQL_PASSWORD: bmjsfoznrc
ports:
- "3306:3306"
volumes:
- ./data:/var/lib/mysql
networks:
- casa-de-martmann
phpmyadmin:
image: phpmyadmin:latest
container_name: phpmyadmin
restart: always
environment:
PMA_HOST: mariadb
ports:
- "8085:80"
depends_on:
- mariadb
networks:
- casa-de-martmann
networks:
casa-de-martmann:
name: casa-de-martmann
external: true

21
RPi/Nextcloud/compose.yaml Normal file
View File

@@ -0,0 +1,21 @@
services:
nextcloud:
image: lscr.io/linuxserver/nextcloud:latest
networks:
- casa-de-martmann
container_name: nextcloud
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
volumes:
- /media/admin/62 GB Volume/Nextcloud_config:/config
- /media/admin/62 GB Volume/Nextcloud_data:/data
ports:
- 4435:443
restart: unless-stopped
networks:
casa-de-martmann:
name: casa-de-martmann
external: true

50
RPi/PiHole/compose.yaml Normal file
View File

@@ -0,0 +1,50 @@
# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
ports:
# DNS Ports
- "53:53/tcp"
- "53:53/udp"
# Default HTTP Port
- "8081:80/tcp"
# Default HTTPs Port. FTL will generate a self-signed certificate
- "4430:443/tcp"
# Uncomment the line below if you are using Pi-hole as your DHCP server
#- "67:67/udp"
# Uncomment the line below if you are using Pi-hole as your NTP server
#- "123:123/udp"
environment:
# Set the appropriate timezone for your location (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones), e.g:
TZ: 'Europe/Berlin'
# Set a password to access the web interface. Not setting one will result in a random password being assigned
FTLCONF_webserver_api_password: 'bmjsfoznrc'
# If using Docker's default `bridge` network setting the dns listening mode should be set to 'ALL'
FTLCONF_dns_listeningMode: 'ALL'
# Volumes store your data between container upgrades
volumes:
# For persisting Pi-hole's databases and common configuration file
- './etc-pihole:/etc/pihole'
# Uncomment the below if you have custom dnsmasq config files that you want to persist. Not needed for most starting fresh with Pi-hole v6. If you're upgrading from v5 you and have used this directory before, you should keep it enabled for the first v6 container start to allow for a complete migration. It can be removed afterwards. Needs environment variable FTLCONF_misc_etc_dnsmasq_d: 'true'
#- './etc-dnsmasq.d:/etc/dnsmasq.d'
cap_add:
# See https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
# Required if you are using Pi-hole as your DHCP server, else not needed
- NET_ADMIN
# Required if you are using Pi-hole as your NTP client to be able to set the host's system time
- SYS_TIME
# Optional, if Pi-hole should get some more processing time
- SYS_NICE
restart: unless-stopped
networks:
- casa-de-martmann
- proxy
networks:
casa-de-martmann:
name: casa-de-martmann
external: true
proxy:
name: proxy
external: true

23
RPi/Portainer/compose.yaml Normal file
View File

@@ -0,0 +1,23 @@
services:
portainer:
container_name: portainer
image: portainer/portainer-ce:lts
restart: always
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- portainer_data:/data
ports:
- 9443:9443
- 8000:8000 # Remove if you do not intend to use Edge Agents
networks:
- casa-de-martmann
volumes:
portainer_data:
name: portainer_data
networks:
casa-de-martmann:
name: casa-de-martmann
external: true

18
RPi/Vaultwarden Docker Compose/compose.yaml Normal file
View File

@@ -0,0 +1,18 @@
services:
vaultwarden:
networks:
- casa-de-martmann
image: vaultwarden/server:latest
container_name: vaultwarden
restart: always
environment:
DOMAIN: "https://vault.casademm.de" # Your domain; vaultwarden needs to know it's https to work properly with attachments
SIGNUPS_ALLOWED: "false"
volumes:
- ./vw-data:/data
networks:
casa-de-martmann:
name: casa-de-martmann
external: true

45
vServer/BeatDock Music Bot/.env Normal file
View File

@@ -0,0 +1,45 @@
# Discord Bot Configuration
# Get these from https://discord.com/developers/applications
TOKEN=MTI2Nzc2NTIyODc2NzAyMzE1Ng.Gwa-St.9iFUJwxGvE3aWYGWhS4wqZkg6bWGHh05JoGiWg
CLIENT_ID=1267765228767023156
# Optional: Spotify Configuration
# To enable Spotify support, set SPOTIFY_ENABLED=true and provide your credentials
# Get your credentials from: https://developer.spotify.com/dashboard/applications
SPOTIFY_ENABLED=false
SPOTIFY_CLIENT_ID=your_spotify_client_id_here
SPOTIFY_CLIENT_SECRET=your_spotify_client_secret_here
# Lavalink Server Configuration
LAVALINK_HOST=lavalink
LAVALINK_PORT=2333
LAVALINK_PASSWORD=youshallnotpass
# Optional: Language Settings
#DEFAULT_LANGUAGE=en
# Optional: Disconnection Settings
QUEUE_EMPTY_DESTROY_MS=30000
EMPTY_CHANNEL_DESTROY_MS=60000
# Optional: Permission Settings
# Comma-separated list of role IDs that can use the bot
# Leave empty to allow everyone to use the bot
# Example: ALLOWED_ROLES=123456789012345678,234567890123456789
ALLOWED_ROLES=
# Optional: Audio Settings
# Default volume for music playback (0-100, defaults to 80 if not set or invalid)
DEFAULT_VOLUME=80
# Optional: Lavalink Reconnection Settings
# Maximum number of reconnection attempts (default: 10)
LAVALINK_MAX_RECONNECT_ATTEMPTS=10
# Base delay for exponential backoff in milliseconds (default: 1000)
LAVALINK_BASE_DELAY_MS=1000
# Maximum delay for exponential backoff in milliseconds (default: 30000)
LAVALINK_MAX_DELAY_MS=30000
# Health check interval in milliseconds (default: 30000)
LAVALINK_HEALTH_CHECK_INTERVAL_MS=30000
# Reset reconnection attempts after this many minutes (default: 5)
LAVALINK_RESET_ATTEMPTS_AFTER_MINUTES=5

38
vServer/BeatDock Music Bot/docker-compose.yml Normal file
View File

@@ -0,0 +1,38 @@
services:
bot:
container_name: beatdock
image: ghcr.io/lazaroagomez/beatdock:latest
build:
context: .
dockerfile: Dockerfile
depends_on:
lavalink:
condition: service_healthy
networks:
- beatdock-network
env_file: .env
lavalink:
container_name: beatdock-lavalink
image: ghcr.io/lavalink-devs/lavalink:4-alpine
ports:
- "2333:2333"
networks:
- beatdock-network
volumes:
- ./application.yml:/opt/Lavalink/application.yml
environment:
- LAVALINK_PASSWORD=${LAVALINK_PASSWORD:-youshallnotpass}
- SPOTIFY_ENABLED=${SPOTIFY_ENABLED:-false}
- SPOTIFY_CLIENT_ID=${SPOTIFY_CLIENT_ID:-}
- SPOTIFY_CLIENT_SECRET=${SPOTIFY_CLIENT_SECRET:-}
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "--header=Authorization: ${LAVALINK_PASSWORD:-youshallnotpass}", "http://localhost:2333/version"]
interval: 10s
timeout: 5s
retries: 5
start_period: 30s
networks:
beatdock-network:
name: beatdock_network

17
vServer/FTP-Server/compose.yaml Normal file
View File

@@ -0,0 +1,17 @@
services:
file-server:
build: .
container_name: simple-ftp
image: gitea.casademm.de/peacock/simple-ftp:latest
ports:
- "8080:3000"
volumes:
- ./uploads:/app/uploads
environment:
- PORT=3000
- DB_HOST=maria.casademm.de
- DB_PORT=3306
- DB_USER=sysftp
- DB_PASSWORD=bmjsfoznrc
- DB_NAME=sysftp
restart: unless-stopped

24
vServer/Gitea/compose.yaml Normal file
View File

@@ -0,0 +1,24 @@
networks:
gitea:
external: false
services:
gitea:
image: docker.gitea.com/gitea:latest
container_name: gitea
environment:
- USER_UID=1000
- USER_GID=1000
restart: always
networks:
- gitea
volumes:
- gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "222:22"
volumes:
gitea:

55
vServer/What-to-Watch/compose.yaml Normal file
View File

@@ -0,0 +1,55 @@
# Comments are provided throughout this file to help you get started.
# If you need more help, visit the Docker Compose reference guide at
# https://docs.docker.com/go/compose-spec-reference/
# Here the instructions define your application as a service called "server".
# This service is built from the Dockerfile in the current directory.
# You can add other services your application may depend on here, such as a
# database or a cache. For examples, see the Awesome Compose repository:
# https://github.com/docker/awesome-compose
services:
what-to-watch:
restart: unless-stopped
image: gitea.casademm.de/peacock/what-to-watch:latest
container_name: what-to-watch
build:
context: .
env_file: ".env"
environment:
NODE_ENV: production
ports:
- 3630:3630
# The commented out section below is an example of how to define a PostgreSQL
# database that your application can use. `depends_on` tells Docker Compose to
# start the database before your application. The `db-data` volume persists the
# database data between container restarts. The `db-password` secret is used
# to set the database password. You must create `db/password.txt` and add
# a password of your choosing to it before running `docker-compose up`.
# depends_on:
# db:
# condition: service_healthy
# db:
# image: postgres
# restart: always
# user: postgres
# secrets:
# - db-password
# volumes:
# - db-data:/var/lib/postgresql/data
# environment:
# - POSTGRES_DB=example
# - POSTGRES_PASSWORD_FILE=/run/secrets/db-password
# expose:
# - 5432
# healthcheck:
# test: [ "CMD", "pg_isready" ]
# interval: 10s
# timeout: 5s
# retries: 5
# volumes:
# db-data:
# secrets:
# db-password:
# file: db/password.txt

61
vServer/hytale-server-manager/docker-compose.yaml Normal file
View File

@@ -0,0 +1,61 @@
services:
hytale-server-manager:
image: ghcr.io/nebula-codes/hytale-server-manager:0.3.26
container_name: hytale-server-manager
restart: unless-stopped
ports:
- "3001:3001/tcp"
- "5520-5550:5520-5550/udp"
environment:
# User/Group ID for file permissions (use `id` command to find yours)
- PUID=1000
- PGID=1000
- NODE_ENV=production
- PORT=3001
- HOST=0.0.0.0
# Required secrets - generate your own!
# Generate with: openssl rand -hex 64
- JWT_SECRET=9aa8cdb1d18b97eaf60df70887c7f6e56cf115ad3eae2cb18fa3bc3ada63dcb6698da56ba580e4aa27a0d5c4a1cc312ae27f7f0c1c1a2afaaf26f268520a3883
- JWT_REFRESH_SECRET=4e1c002c146097d359ddaa1981e4c90b017baf745c0cda2b0f088398c69223e59e545333bb0ba722084efb429fbf46e70c23d484cc29419d7f2e43e86223c38a
# Generate with: openssl rand -hex 16
- SETTINGS_ENCRYPTION_KEY=0858a7eca8008302ac47b9328934240c
- INSECURE_COOKIES=true
# CORS origin - set to your server's URL for external access
- CORS_ORIGIN=https://systems.casademm.de:3001
# Rate limiting
- RATE_LIMIT_WINDOW=900000 # 15 minutes in milliseconds
- RATE_LIMIT_MAX=1000 # Max requests per window
# Optional: Discord notifications
- DISCORD_ENABLED=true
- DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/1465337328401912022/tWhIgavQrxqEWa7BWlC-65-YoMO5OElHU-J82Yu7g_BXXZXZ2ivFCkzxp7O8zR9SSsjm
# File upload limit
- MAX_FILE_UPLOAD_SIZE=314572800 # 52428800 = 50MB in bytes (default)
volumes:
# Database persistence
- hsm-database:/app/data/db
# Game server files
- hsm-servers:/app/servers
# Backup storage
- hsm-backups:/app/data/backups
# Application logs
- hsm-logs:/app/logs
# SSL certificates (if using HTTPS)
- hsm-certs:/app/data/certs
# Hytale downloader tool
- hsm-downloader:/app/data/hytale-downloader
# Machine ID for system identification
- /etc/machine-id:/etc/machine-id:ro
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3001/health"]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
volumes:
hsm-database:
hsm-servers:
hsm-backups:
hsm-logs:
hsm-certs:
hsm-downloader: