First commit

stacks/.gitignore

@@ -0,0 +1,2 @@
+*.env
+!*.env.example

stacks/actual.yml

@@ -0,0 +1,13 @@
+services:
+  actual_server:
+    image: docker.io/actualbudget/actual-server:latest
+    networks:
+      macvlan_192_168_3_0:
+        ipv4_address: 192.168.3.13
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/actual:/data
+    restart: unless-stopped
+
+networks:
+  macvlan_192_168_3_0:
+    external: true

stacks/adguard.yml

@@ -0,0 +1,15 @@
+version: "3"
+services:
+  adguard:
+    image: adguard/adguardhome
+    restart: unless-stopped
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/adguard/data:/opt/adguardhome/work
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/adguard/config:/opt/adguardhome/conf
+    networks:
+      macvlan_192_168_3_0:
+        ipv4_address: 192.168.3.1
+
+networks:
+  macvlan_192_168_3_0:
+    external: true

stacks/ddns.env.example

@@ -0,0 +1,6 @@
+PUID=1000
+PGID=1000
+IP6_PROVIDER=none
+CF_API_TOKEN=EXAMPLE
+DOMAINS=local.skrd.fun,direct.skrd.fun
+PROXIED=false

stacks/ddns.yml

@@ -0,0 +1,14 @@
+version: "3"
+services:
+  cloudflare-ddns:
+    image: favonia/cloudflare-ddns:latest
+    restart: always
+    cap_add:
+      - SETUID
+      - SETGID
+    cap_drop:
+      - all
+    read_only: true
+    security_opt:
+      - no-new-privileges:true
+    env_file: stack.env

stacks/feed-the-beast.env.example

@@ -0,0 +1,6 @@
+TYPE="AUTO_CURSEFORGE"
+CF_API_KEY="SECRET"
+CF_PAGE_URL="https://www.curseforge.com/minecraft/modpacks/create-astral"
+MEMORY="10G"
+EULA="TRUE"
+ONLINE_MODE="TRUE"

stacks/feed-the-beast.yml

@@ -0,0 +1,18 @@
+version: "3"
+
+services:
+  feed_the_beast:
+    image: itzg/minecraft-server
+    tty: true
+    stdin_open: true
+    restart: unless-stopped
+    env_file: stack.env
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/feed-the-beast/data:/data
+    networks:
+      macvlan_192_168_3_0:
+        ipv4_address: 192.168.3.5
+
+networks:
+  macvlan_192_168_3_0:
+    external: true

stacks/fireflyiii.yml

@@ -0,0 +1,43 @@
+services:
+  app:
+    image: fireflyiii/core:latest
+    restart: unless-stopped
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/firefly_iii/upload:/var/www/html/storage/upload
+    env_file: stack.env
+    networks:
+      firefly_iii:
+      macvlan_192_168_3_0:
+        ipv4_address: 192.168.3.15
+    depends_on:
+      - db
+  db:
+    image: mariadb:lts
+    restart: unless-stopped
+    env_file: stack.env
+    networks:
+      - firefly_iii
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/firefly_iii/db:/var/lib/mysql
+  cron:
+    #
+    # To make this work, set STATIC_CRON_TOKEN in your .env file or as an environment variable and replace REPLACEME below
+    # The STATIC_CRON_TOKEN must be *exactly* 32 characters long
+    #
+    image: alpine
+    restart: unless-stopped
+    env_file: stack.env
+    command: sh -c "
+      apk add tzdata
+      && ln -s /usr/share/zoneinfo/${TZ} /etc/localtime
+      | echo \"0 3 * * * wget -qO- http://app:8080/api/v1/cron/REPLACEME;echo\" 
+      | crontab - 
+      && crond -f -L /dev/stdout"
+    networks:
+      - firefly_iii
+
+networks:
+  firefly_iii:
+  macvlan_192_168_3_0:
+    external: true
+

stacks/gametabs.yml

@@ -0,0 +1,14 @@
+version: "3"
+
+services:
+    gametabs:
+        image: nginx
+        restart: unless-stopped
+        volumes:
+            - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/gametabs:/usr/share/nginx/html
+        networks:
+          macvlan_192_168_3_0:
+            ipv4_address: 192.168.3.6
+networks:
+  macvlan_192_168_3_0:
+    external: true

stacks/gitea.env.example

@@ -0,0 +1,8 @@
+CONFIG_FILE=/config/config.yaml
+GITEA_INSTANCE_URL="https://git.skrd.fun"
+GITEA_RUNNER_REGISTRATION_TOKEN="SECRET"
+GITEA_RUNNER_NAME="gitea-runner-1"
+
+POSTGRES_PASSWORD="SECRET"
+POSTGRES_DB="gitea"
+POSTGRES_USER="gitea"

stacks/gitea.yml

@@ -0,0 +1,46 @@
+version: "3"
+services:
+  gitea:
+    image: gitea/gitea:latest
+    restart: unless-stopped
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+    networks:
+      gitea_network:
+      macvlan_192_168_3_0:
+        ipv4_address: 192.168.3.3
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/gitea/data:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    depends_on:
+      - gitea-db
+
+  runner:
+    image: gitea/act_runner:latest
+    restart: unless-stopped
+    env_file: stack.env
+    networks:
+      - gitea_network
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/gitea/runner/config:/config
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/gitea/runner/data:/data
+      - /var/run/docker.sock:/var/run/docker.sock
+    depends_on:
+      - gitea
+
+  gitea-db:
+    image: postgres:16
+    restart: unless-stopped
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/gitea/db:/var/lib/postgresql/data
+    networks:
+      - gitea_network
+    env_file: stack.env
+
+networks:
+  gitea_network:
+  macvlan_192_168_3_0:
+    external: true
+

stacks/immich.env.example

@@ -0,0 +1,8 @@
+DB_PASSWORD=SECRET
+DB_USERNAME=postgres
+DB_DATABASE_NAME=immich
+
+POSTGRES_PASSWORD=SECRET
+POSTGRES_USER=postgres
+POSTGRES_DB=immich
+POSTGRES_INITDB_ARGS="--data-checksums"

stacks/immich.yml

@@ -0,0 +1,51 @@
+services:
+  immich-server:
+    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
+    restart: unless-stopped
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/immich/upload:/usr/src/app/upload
+      - /etc/localtime:/etc/localtime:ro
+    networks:
+      immich_network:
+      macvlan_192_168_3_0:
+        ipv4_address: 192.168.3.12
+    env_file: stack.env
+    depends_on:
+      - redis
+      - database
+
+  immich-machine-learning:
+    image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
+    restart: unless-stopped
+    networks:
+      immich_network:
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/immich/model-cache:/cache
+
+  redis:
+    image: docker.io/redis:6.2-alpine@sha256:328fe6a5822256d065debb36617a8169dbfbd77b797c525288e465f56c1d392b
+    restart: unless-stopped
+    networks:
+      immich_network:
+    healthcheck:
+      test: redis-cli ping || exit 1
+
+  database:
+    image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
+    restart: unless-stopped
+    networks:
+      immich_network:
+    env_file: stack.env
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/immich/postgres:/var/lib/postgresql/data
+    healthcheck:
+      test: pg_isready --dbname='immich' --username='postgres' || exit 1; Chksum="$$(psql --dbname='immich' --username='postgres' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
+      interval: 5m
+      start_interval: 30s
+      start_period: 5m
+    command: ["postgres", "-c" ,"shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "logging_collector=on", "-c", "max_wal_size=2GB", "-c", "shared_buffers=512MB", "-c", "wal_compression=on"]
+
+networks:
+  immich_network:
+  macvlan_192_168_3_0:
+    external: true

stacks/jellyfin.yml

@@ -0,0 +1,21 @@
+version: '3.5'
+services:
+  jellyfin:
+    image: jellyfin/jellyfin
+    restart: 'unless-stopped'
+    user: 1000:1000
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/jellyfin/config:/config
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/jellyfin/cache:/cache
+      - /srv/dev-disk-by-uuid-5392509c-5ccd-4d8f-8719-60064c4404d6/anime:/data/anime
+      - /srv/dev-disk-by-uuid-c7a96ee1-c08e-48b1-8afa-79c75380d142/movies:/data/movies
+      - /srv/dev-disk-by-uuid-c7a96ee1-c08e-48b1-8afa-79c75380d142/tv:/data/tv
+    environment:
+      - JELLYFIN_PublishedServerUrl=https://jelly.skrd.fun
+    networks:
+      macvlan_192_168_3_0:
+        ipv4_address: 192.168.3.11
+networks:
+  macvlan_192_168_3_0:
+    external: true
+

stacks/minecraft.yml

@@ -0,0 +1,24 @@
+version: "3"
+
+services:
+  mc:
+    image: itzg/minecraft-server
+    tty: true
+    stdin_open: true
+    restart: unless-stopped
+    environment:
+      type: "paper"
+      eula: "true"
+      online_mode: "false"
+      enable_autopause: "true"
+      jvm_dd_opts: "disable.watchdog:true"
+      debug_autopause: "true"
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/minecraft/data:/data
+    networks:
+      macvlan_192_168_3_0:
+        ipv4_address: 192.168.3.9
+
+networks:
+  macvlan_192_168_3_0:
+    external: true

stacks/navidrome.yml

@@ -0,0 +1,22 @@
+version: "3"
+services:
+  navidrome:
+    image: deluan/navidrome:latest
+    user: 1000:1000
+    restart: unless-stopped
+    environment:
+      ND_MUSICFOLDER: "/store"
+      ND_BASEURL: "https:://navi.skrd.fun"
+      ND_AUTOIMPORTPLAYLISTS: false
+      ND_ENABLESHARING: true
+    networks:
+      macvlan_192_168_3_0:
+        ipv4_address: 192.168.3.10
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/navidrome:/data
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/music:/store/music:ro
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/ost:/store/ost:ro
+networks:
+  macvlan_192_168_3_0:
+    external: true
+

stacks/npm.yml

@@ -0,0 +1,19 @@
+version: '3.8'
+services:
+  nginx-proxy-manager:
+    image: 'jc21/nginx-proxy-manager:latest'
+    restart: unless-stopped
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/npm/data:/data
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/npm/letsencrypt:/etc/letsencrypt
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/npm/ca.crt:/etc/my_ca.crt
+    networks:
+      proxy_network:
+      macvlan_192_168_3_0:
+        ipv4_address: 192.168.103.2
+
+networks:
+  proxy_network:
+    external: true
+  macvlan_192_168_3_0:
+    external: true

stacks/qbittorrent.yml

@@ -0,0 +1,22 @@
+version: '3'
+
+services:
+  qbittorrent:
+    image: lscr.io/linuxserver/qbittorrent:latest
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/Santiago
+      - WEBUI_PORT=80
+      - TORRENTING_PORT=6881
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/qbittorrent:/config:/config
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/downloads:/downloads
+    restart: unless-stopped
+    networks:
+      macvlan_192_168_3_0:
+        ipv4_address: 192.168.3.4
+
+networks:
+  macvlan_192_168_3_0:
+    external: true

stacks/zenithar.env.example

@@ -0,0 +1 @@
+MARIADB_ROOT_PASSWORD=SECRET

stacks/zenithar.yml

@@ -0,0 +1,15 @@
+version: "3"
+services:
+  db:
+    image: mariadb
+    restart: unless-stopped
+    env_file: stack.env
+    volumes:
+      - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/zenithar:/var/lib/mysql:Z
+    networks:
+      macvlan_192_168_3_0:
+        ipv4_address: 192.168.3.7
+
+networks:
+  macvlan_192_168_3_0:
+    external: true