oliver/docker
oliver/docker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Dateien nach „/“ hochladen

Browse source
This commit is contained in:
Oliver Pifferi 2025-03-28 11:13:36 +01:00
parent 8f5a7ba88e
commit ddb8e45c86
5 changed files with 313 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

130
docker_authentik_complete.yaml Normal file
View file

@ -0,0 +1,130 @@
---
version: '3.4'
services:
authentik_postgresql:
image: docker.io/library/postgres:16-alpine
container_name: authentik_postgresql
hostname: authentik_postgresql
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -d authentik -U authentik"]
start_period: 20s
interval: 30s
retries: 5
timeout: 5s
volumes:
- /opt/authentik/db:/var/lib/postgresql/data
networks:
- authentik-internal # internal communications
environment:
- POSTGRES_PASSWORD=authentik
- POSTGRES_USER=authentik
- POSTGRES_DB=authentik
authentik_redis:
image: docker.io/library/redis:alpine
container_name: authentik_redis
hostname: authentik_redis
command: --save 60 1 --loglevel warning
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
start_period: 20s
interval: 30s
retries: 5
timeout: 3s
networks:
- authentik-internal # internal communications
volumes:
- /opt/authentik/redis:/data
authentik:
image: ghcr.io/goauthentik/server:latest
container_name: authentik
hostname: authentik
restart: unless-stopped
command: server
networks:
- authentik-internal # internal communications
environment:
AUTHENTIK_REDIS__HOST: authentik_redis # the hostname for redis
AUTHENTIK_POSTGRESQL__HOST: authentik_postgresql # the hostname for postgresql
AUTHENTIK_POSTGRESQL__USER: authentik
AUTHENTIK_POSTGRESQL__NAME: authentik
AUTHENTIK_POSTGRESQL__PASSWORD: authentik
AUTHENTIK_ERROR_REPORTING__ENABLED: true
AUTHENTIK_SECRET_KEY: MakeThisYourSecretKey
AUTHENTIK_LOG_LEVEL: info
AUTHENTIK_EMAIL__HOST: YourSMTPHost
AUTHENTIK_EMAIL__PORT: 587
AUTHENTIK_EMAIL__USERNAME: YourEMailUserName # Don't add quotation marks around the user or password
AUTHENTIK_EMAIL__PASSWORD: YourEMailPassword # Don't add quotation marks around the user or password
AUTHENTIK_EMAIL__USE_TLS: true
AUTHENTIK_EMAIL__USE_SSL: false
AUTHENTIK_EMAIL__TIMEOUT: 10
AUTHENTIK_EMAIL__FROM: "YourFromMailAddress" # Email address authentik will send from, should have a correct @domain
volumes:
- /opt/authentik/media:/media
- /opt/authentik/templates:/templates
ports:
- "9000:9000" # HTTP
- "9443:9443" # HTTPS
authentik_worker:
image: ghcr.io/goauthentik/server:latest
container_name: authentik_worker
hostname: authentik_worker
restart: unless-stopped
command: worker
networks:
- authentik-internal # internal communications
environment:
AUTHENTIK_REDIS__HOST: authentik_redis # the hostname for redis
AUTHENTIK_POSTGRESQL__HOST: authentik_postgresql # the hostname for postgresql
AUTHENTIK_POSTGRESQL__USER: authentik
AUTHENTIK_POSTGRESQL__NAME: authentik
AUTHENTIK_POSTGRESQL__PASSWORD: authentik
AUTHENTIK_ERROR_REPORTING__ENABLED: true
AUTHENTIK_SECRET_KEY: MakeThisYourSecretKey
AUTHENTIK_LOG_LEVEL: info
AUTHENTIK_EMAIL__HOST: YourSMTPHost
AUTHENTIK_EMAIL__PORT: 587
AUTHENTIK_EMAIL__USERNAME: YourEMailUserName # Don't add quotation marks around the user or password
AUTHENTIK_EMAIL__PASSWORD: YourEMailPassword # Don't add quotation marks around the user or password
AUTHENTIK_EMAIL__USE_TLS: true
AUTHENTIK_EMAIL__USE_SSL: false
AUTHENTIK_EMAIL__TIMEOUT: 10
AUTHENTIK_EMAIL__FROM: "YourFromMailAddress" # Email address authentik will send from, should have a correct @domain
# `user: root` and the docker socket volume are optional.
# See more for the docker socket integration here:
# https://goauthentik.io/docs/outposts/integrations/docker
# Removing `user: root` also prevents the worker from fixing the permissions
# on the mounted folders, so when removing this make sure the folders have the correct UID/GID
# (1000:1000 by default)
user: root
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /opt/authentik/media:/media
- /opt/authentik/certs:/certs
- /opt/authentik/templates:/templates
authentik_geoip:
image: maxmindinc/geoipupdate:latest
container_name: authentik_geoip
hostname: authentik_geoip
restart: unless-stopped
environment:
GEOIPUPDATE_EDITION_IDS: "GeoLite2-City"
GEOIPUPDATE_FREQUENCY: "8"
GEOIPUPDATE_ACCOUNT_ID: "YourGeoAccountID"
GEOIPUPDATE_LICENSE_KEY: "YourGeoLicenseKey"
networks:
- authentik-internal # internal communications
volumes:
- /opt/authentik/geoip:/geoip
networks:
authentik-internal:
driver: bridge

99
docker_fittrackee.yaml Normal file
View file

@ -0,0 +1,99 @@
# docker compose for production
# (minimal version: Docker Compose version 2.30.0)
#
# minimal application (for single user) only needs fittrackee and fittrackee-db containers.
#
# for multi-users application, uncomment the following containers:
# - fittrackee-workers for email sending (EMAIL_URL must be set in .env to enable emails)
# - fittrackee-redis container for API rate limits and email sending
services:
fittrackee-db:
container_name: fittrackee-db
image: postgres:17-alpine
env_file:
- .env
volumes:
- ${DATABASE_DIR:-./data/db}:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
interval: 5s
timeout: 15s
retries: 3
networks:
- internal_network
restart: unless-stopped
fittrackee:
container_name: fittrackee
env_file:
- .env
# Image from Docker Hub
image: fittrackee/fittrackee:latest
# Uncomment following line to build image instead of using pre-built image
# build: .
volumes:
- ${UPLOAD_DIR:-./data/uploads}:/usr/src/app/uploads
- ${UPLOAD_LOG:-./data/logs}:/usr/src/app/logs
post_start:
- command: chown -R fittrackee:fittrackee /usr/src/app/uploads /usr/src/app/logs
user: root
ports:
- "${APP_PORT:-5000}:5000"
command: 'sh docker-entrypoint.sh'
depends_on:
fittrackee-db:
condition: service_healthy
# Uncomment the following lines for API rate limit and email sending
# fittrackee-redis:
# condition: service_healthy
healthcheck:
test: ["CMD-SHELL", "wget --spider http://127.0.0.1:5000/api/ping || exit 1"]
interval: 5s
timeout: 15s
retries: 3
networks:
- external_network
- internal_network
restart: unless-stopped
# Uncomment the following lines for email sending
fittrackee-workers:
container_name: fittrackee-workers
env_file:
- .env
## Image from Docker Hub
image: fittrackee/fittrackee:v0.9.0
## Uncomment following line to build image instead of using pre-built image
## build: .
volumes:
- ${UPLOAD_LOG:-./data/logs}:/usr/src/app/logs
post_start:
- command: chown -R fittrackee:fittrackee /usr/src/app/logs
user: root
command: "flask worker --processes 2 >> /usr/src/app/logs/dramatiq.log 2>&1"
depends_on:
fittrackee:
condition: service_healthy
networks:
- internal_network
- external_network
restart: unless-stopped
# Uncomment the following lines for API rate limit and email sending
fittrackee-redis:
image: "redis:7.4"
container_name: fittrackee-redis
hostname: redis
volumes:
- ${REDIS_DIR:-./data/redis}:/data
healthcheck:
test: ['CMD', 'redis-cli', 'ping']
networks:
- internal_network
restart: unless-stopped
networks:
external_network:
internal_network:
internal: true

44
docker_fittrackee_env.txt Normal file
View file

@ -0,0 +1,44 @@
# Custom variables initialisation
# Docker volumes
# export UPLOAD_DIR=
# export LOG_DIR=
# export DATABASE_DIR=
# export REDIS_DIR=
# Application
export FLASK_APP=fittrackee
export FLASK_SKIP_DOTENV=1
# export APP_PORT=5000
export APP_SECRET_KEY='InsertYourSecretKeyHere'
export APP_LOG=/usr/src/app/logs/fittrackee.log
export UPLOAD_FOLDER=/usr/src/app/uploads
# PostgreSQL
export POSTGRES_USER=fittrackee
export POSTGRES_PASSWORD=fittrackee
export POSTGRES_DB=fittrackee
export DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@fittrackee-db:5432/${POSTGRES_DB}
# export DATABASE_DISABLE_POOLING=
# Redis (required for API rate limits and email sending)
export REDIS_URL=redis://redis:6379
# API rate limits
export API_RATE_LIMITS="300 per 5 minutes"
# Emails
export UI_URL=https://fittrackee.your.tld
export EMAIL_URL=smtp://username:password@smtphost.tld:587/?tls=True
export SENDER_EMAIL=fittrackee@your.tld
# Workouts
# export TILE_SERVER_URL=
# export STATICMAP_SUBDOMAINS=
# export MAP_ATTRIBUTION=
# export DEFAULT_STATICMAP=False
# Weather
# available weather API providers: visualcrossing
# export WEATHER_API_PROVIDER=visualcrossing
# export WEATHER_API_KEY=YourVisualCrossingAPIKey

34
docker_ghost.yaml Normal file
View file

@ -0,0 +1,34 @@
version: '3.1'
services:
ghost:
image: ghost:5-alpine
restart: always
ports:
- 2368:2368
environment:
# see https://ghost.org/docs/config/#configuration-options
database__client: mysql
database__connection__host: db
database__connection__user: root
database__connection__password: example
database__connection__database: ghost
# this url value is just an example, and is likely wrong for your environment!
url: http://localhost:2368
# contrary to the default mentioned in the linked documentation, this image defaults to NODE_ENV=production (so development mode needs to be explicitly specified if desired)
#NODE_ENV: development
volumes:
- ghost:/var/lib/ghost/content
db:
image: mysql:8.0
restart: always
environment:
MYSQL_ROOT_PASSWORD: example
volumes:
- db:/var/lib/mysql
volumes:
ghost:
db:

6
docker_watchtower.yaml Normal file
View file

@ -0,0 +1,6 @@
docker run -d \
--name watchtower \
-v /var/run/docker.sock:/var/run/docker.sock \
containrrr/watchtower \
--cleanup \
--remove-volumes