├── .gitignore ├── README.md ├── bitwarden ├── .env ├── .gitignore └── docker-compose.yml ├── cowrie └── docker-compose.yml ├── docker └── registry │ ├── config.yml │ └── docker-compose.yml ├── drone-ci └── docker-compose.yml ├── frp ├── docker-compose.yml └── frps.toml ├── immich ├── .env ├── .gitignore ├── docker-compose.yml └── redis.conf ├── nginx-proxy-manager ├── .gitignore └── docker-compose.yml ├── node_exporter └── docker-compose.yml ├── pgadmin └── docker-compose.yml ├── planka ├── .env ├── .gitignore └── docker-compose.yml ├── promtail ├── docker-compose.yml └── docker.elixir.config.yaml ├── rundeck └── docker-compose.yml ├── shlink ├── .env ├── docker-compose.yml └── gen-api-key.sh ├── snapdrop ├── .gitignore └── docker-compose.yml └── vaultwarden ├── .env ├── .gitignore └── docker-compose.yml /.gitignore: -------------------------------------------------------------------------------- 1 | /confree-proxies 2 | /harness 3 | /infisical 4 | /sharedrop 5 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # dockerized-apps 2 | 3 | 我的 Docker 化部署的应用们。 4 | 5 | My Dockerized apps. 6 | 7 | ## 介绍/Instruction 8 | 9 | 此仓库是我存放 Docker 化部署的应用的配置文件,包括 `docker-compose.yml` 和应用配置。 10 | 11 | This repository is used to store the configuration files of the Dockerized apps, including `docker-compose.yml` and the app configurations. 12 | -------------------------------------------------------------------------------- /bitwarden/.env: -------------------------------------------------------------------------------- 1 | BW_INSTALLATION_ID= 2 | BW_INSTALLATION_KEY= 3 | BW_DOMAIN= 4 | globalSettings__disableUserRegistration=false 5 | adminSettings__admins= 6 | -------------------------------------------------------------------------------- /bitwarden/.gitignore: -------------------------------------------------------------------------------- 1 | /_data/ 2 | -------------------------------------------------------------------------------- /bitwarden/docker-compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | self-host: 3 | image: bitwarden/self-host:beta 4 | restart: always 5 | env_file: 6 | - .env 7 | ports: 8 | - 5500:8080 9 | volumes: 10 | - ./_data:/etc/bitwarden 11 | environment: 12 | BW_DB_PROVIDER: sqlite 13 | BW_DB_FILE: /etc/bitwarden/db.sqlite3 14 | -------------------------------------------------------------------------------- /cowrie/docker-compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | server: 3 | image: cowrie/cowrie 4 | container_name: cowrie 5 | ports: 6 | - 22:2222 7 | restart: always 8 | environment: 9 | COWRIE_TELNET_ENABLED: yes 10 | -------------------------------------------------------------------------------- /docker/registry/config.yml: -------------------------------------------------------------------------------- 1 | version: 0.1 2 | 3 | proxy: 4 | remoteurl: https://registry-1.docker.io 5 | log: 6 | level: debug # <- 如果部署后测试没问题,请改为 info 7 | http: 8 | addr: 0.0.0.0:5000 9 | cache: 10 | blobdescriptor: inmemory 11 | storage: 12 | filesystem: 13 | rootdirectory: /var/lib/registry 14 | -------------------------------------------------------------------------------- /docker/registry/docker-compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | server: 3 | image: registry 4 | restart: always 5 | ports: 6 | - 5000:5000 7 | volumes: 8 | - ./config.yml:/etc/docker/registry/config.yml 9 | - ./storage:/var/lib/registry 10 | -------------------------------------------------------------------------------- /drone-ci/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | server: 5 | image: drone/drone:2 6 | ports: 7 | - 8081:80 8 | restart: always 9 | environment: 10 | DRONE_GITHUB_CLIENT_ID: ${DRONE_GITHUB_CLIENT_ID} 11 | DRONE_GITHUB_CLIENT_SECRET: "$DRONE_GITHUB_CLIENT_SECRET" 12 | DRONE_RPC_SECRET: "$DRONE_RPC_SECRET" 13 | DRONE_SERVER_HOST: "$DRONE_SERVER_HOST" 14 | DRONE_SERVER_PROTO: https 15 | DRONE_USER_FILTER: Hentioe 16 | DRONE_USER_CREATE: username:Hentioe,admin:true 17 | volumes: 18 | - ./_data:/data 19 | 20 | runner: 21 | image: drone/drone-runner-docker:1 22 | restart: always 23 | environment: 24 | DRONE_RPC_HOST: server 25 | DRONE_RPC_PROTO: http 26 | DRONE_RPC_SECRET: "$DRONE_RPC_SECRET" 27 | volumes: 28 | - /var/run/docker.sock:/var/run/docker.sock 29 | -------------------------------------------------------------------------------- /frp/docker-compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | server: 3 | image: snowdreamtech/frps 4 | network_mode: host 5 | restart: unless-stopped 6 | volumes: 7 | - ./frps.toml:/etc/frp/frps.toml 8 | -------------------------------------------------------------------------------- /frp/frps.toml: -------------------------------------------------------------------------------- 1 | # A literal address or host name for IPv6 must be enclosed 2 | # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80" 3 | # For single "bindAddr" field, no need square brackets, like `bindAddr = "::"`. 4 | bindAddr = "0.0.0.0" 5 | bindPort = 7000 6 | -------------------------------------------------------------------------------- /immich/.env: -------------------------------------------------------------------------------- 1 | IMMICH_VERSION=v1.134.0 2 | DB_DATABASE_NAME=immic_prod 3 | DB_USERNAME=postgres 4 | DB_PASSWORD=postgres 5 | -------------------------------------------------------------------------------- /immich/.gitignore: -------------------------------------------------------------------------------- 1 | /upload/ 2 | /model_cache/ 3 | /data/ 4 | -------------------------------------------------------------------------------- /immich/docker-compose.yml: -------------------------------------------------------------------------------- 1 | # WARNING: Make sure to use the docker-compose.yml of the current release: 2 | # 3 | # https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml 4 | # 5 | # The compose file on main may not be compatible with the latest release. 6 | # 7 | services: 8 | server: 9 | image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} 10 | volumes: 11 | - ./upload:/usr/src/app/upload 12 | ports: 13 | - 2283:2283 14 | env_file: 15 | - .env 16 | depends_on: 17 | - redis 18 | - database 19 | restart: always 20 | 21 | machine-learning: 22 | image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release} 23 | volumes: 24 | - ./model_cache:/cache 25 | env_file: 26 | - .env 27 | restart: always 28 | 29 | redis: 30 | image: redis:7 31 | healthcheck: 32 | test: redis-cli ping || exit 1 33 | command: redis-server /usr/local/etc/redis/redis.conf 34 | volumes: 35 | - ./redis.conf:/usr/local/etc/redis/redis.conf 36 | restart: always 37 | 38 | database: 39 | image: ghcr.io/immich-app/postgres:16-vectorchord0.3.0-pgvectors0.2.1 40 | environment: 41 | POSTGRES_PASSWORD: ${DB_PASSWORD} 42 | POSTGRES_USER: ${DB_USERNAME} 43 | POSTGRES_DB: ${DB_DATABASE_NAME} 44 | POSTGRES_INITDB_ARGS: "--data-checksums" 45 | # Uncomment the DB_STORAGE_TYPE: 'HDD' var if your database isn't stored on SSDs 46 | # DB_STORAGE_TYPE: "HDD" 47 | volumes: 48 | - ./data:/var/lib/postgresql/data 49 | restart: always 50 | -------------------------------------------------------------------------------- /immich/redis.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Hentioe/dockerized-apps/40dedb4c3d708f6c53f93a3cc19ff5f9849e14e0/immich/redis.conf -------------------------------------------------------------------------------- /nginx-proxy-manager/.gitignore: -------------------------------------------------------------------------------- 1 | /data/ 2 | /letsencrypt/ 3 | -------------------------------------------------------------------------------- /nginx-proxy-manager/docker-compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | server: 3 | image: "jc21/nginx-proxy-manager" 4 | restart: unless-stopped 5 | network_mode: host 6 | volumes: 7 | - ./data:/data 8 | - ./letsencrypt:/etc/letsencrypt 9 | -------------------------------------------------------------------------------- /node_exporter/docker-compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | node_exporter: 3 | image: quay.io/prometheus/node-exporter 4 | container_name: node_exporter 5 | restart: unless-stopped 6 | command: 7 | - "--path.rootfs=/host" 8 | network_mode: host 9 | pid: host 10 | volumes: 11 | - "/:/host:ro,rslave" 12 | -------------------------------------------------------------------------------- /pgadmin/docker-compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | server: 3 | image: dpage/pgadmin4 4 | environment: 5 | PGADMIN_DEFAULT_EMAIL: admin@example.com 6 | PGADMIN_DEFAULT_PASSWORD: admin 7 | ports: 8 | - 54321:80 9 | restart: unless-stopped 10 | -------------------------------------------------------------------------------- /planka/.env: -------------------------------------------------------------------------------- 1 | DEFAULT_ADMIN_EMAIL= 2 | DEFAULT_ADMIN_PASSWORD= 3 | DEFAULT_ADMIN_NAME= 4 | DEFAULT_ADMIN_USERNAME= 5 | BASE_URL= 6 | SECRET_KEY= 7 | -------------------------------------------------------------------------------- /planka/.gitignore: -------------------------------------------------------------------------------- 1 | /attachments/ 2 | /db-data/ 3 | /project-background-images/ 4 | /user-avatars/ 5 | -------------------------------------------------------------------------------- /planka/docker-compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | server: 3 | image: ghcr.io/plankanban/planka:2.0.0-rc.3 4 | ports: 5 | - 8080:1337 6 | restart: on-failure 7 | volumes: 8 | - ./favicons:/app/public/favicons 9 | - ./user-avatars:/app/public/user-avatars 10 | - ./background-images:/app/public/background-images 11 | - ./attachments:/app/private/attachments 12 | environment: 13 | - BASE_URL=${BASE_URL} 14 | - DATABASE_URL=postgresql://postgres@postgres/planka 15 | - SECRET_KEY=${SECRET_KEY} 16 | 17 | # - TRUST_PROXY=true 18 | # - TOKEN_EXPIRES_IN=365 # In days 19 | 20 | # related: https://github.com/knex/knex/issues/2354 21 | # As knex does not pass query parameters from the connection string we 22 | # have to use environment variables in order to pass the desired values, e.g. 23 | # - PGSSLMODE= 24 | 25 | # Configure knex to accept SSL certificates 26 | # - KNEX_REJECT_UNAUTHORIZED_SSL_CERTIFICATE=false 27 | 28 | - DEFAULT_ADMIN_EMAIL=${DEFAULT_ADMIN_EMAIL} # Do not remove if you want to prevent this user from being edited/deleted 29 | - DEFAULT_ADMIN_PASSWORD=${DEFAULT_ADMIN_PASSWORD} 30 | - DEFAULT_ADMIN_NAME=${DEFAULT_ADMIN_NAME} 31 | - DEFAULT_ADMIN_USERNAME=${DEFAULT_ADMIN_USERNAME} 32 | # - DEFAULT_LANGUAGE=en-US 33 | 34 | # - SHOW_DETAILED_AUTH_ERRORS=false # Set to true to show more detailed authentication error messages. It should not be enabled without a rate limiter for security reasons. 35 | 36 | # - S3_ENDPOINT= 37 | # - S3_REGION= 38 | # - S3_ACCESS_KEY_ID= 39 | # - S3_SECRET_ACCESS_KEY= 40 | # - S3_BUCKET= 41 | # - S3_FORCE_PATH_STYLE=true 42 | 43 | # - OIDC_ISSUER= 44 | # - OIDC_CLIENT_ID= 45 | # - OIDC_CLIENT_SECRET= 46 | # - OIDC_ID_TOKEN_SIGNED_RESPONSE_ALG= 47 | # - OIDC_USERINFO_SIGNED_RESPONSE_ALG= 48 | # - OIDC_SCOPES=openid email profile 49 | # - OIDC_RESPONSE_MODE=fragment 50 | # - OIDC_USE_DEFAULT_RESPONSE_MODE=true 51 | # - OIDC_ADMIN_ROLES=admin 52 | # - OIDC_CLAIMS_SOURCE=userinfo 53 | # - OIDC_EMAIL_ATTRIBUTE=email 54 | # - OIDC_NAME_ATTRIBUTE=name 55 | # - OIDC_USERNAME_ATTRIBUTE=preferred_username 56 | # - OIDC_ROLES_ATTRIBUTE=groups 57 | # - OIDC_IGNORE_USERNAME=true 58 | # - OIDC_IGNORE_ROLES=true 59 | # - OIDC_ENFORCED=true 60 | 61 | # Email Notifications (https://nodemailer.com/smtp/) 62 | # - SMTP_HOST= 63 | # - SMTP_PORT=587 64 | # - SMTP_NAME= 65 | # - SMTP_SECURE=true 66 | # - SMTP_USER= 67 | # - SMTP_PASSWORD= 68 | # - SMTP_FROM="Demo Demo" 69 | # - SMTP_TLS_REJECT_UNAUTHORIZED=false 70 | 71 | # Optional fields: accessToken, events, excludedEvents 72 | # - | 73 | # WEBHOOKS=[{ 74 | # "url": "http://localhost:3001", 75 | # "accessToken": "notaccesstoken", 76 | # "events": ["cardCreate", "cardUpdate", "cardDelete"], 77 | # "excludedEvents": ["notificationCreate", "notificationUpdate"] 78 | # }] 79 | depends_on: 80 | postgres: 81 | condition: service_healthy 82 | 83 | postgres: 84 | image: postgres:16-alpine 85 | restart: on-failure 86 | volumes: 87 | - ./db-data:/var/lib/postgresql/data 88 | environment: 89 | - POSTGRES_DB=planka 90 | - POSTGRES_HOST_AUTH_METHOD=trust 91 | healthcheck: 92 | test: ["CMD-SHELL", "pg_isready -U postgres -d planka"] 93 | interval: 10s 94 | timeout: 5s 95 | retries: 5 96 | -------------------------------------------------------------------------------- /promtail/docker-compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | promtail: 3 | image: grafana/promtail 4 | container_name: promtail 5 | command: -config.file=/etc/promtail/config.yaml 6 | restart: unless-stopped 7 | volumes: 8 | - ./config.yaml:/etc/promtail/config.yaml 9 | - /var/run/docker.sock:/var/run/docker.sock 10 | -------------------------------------------------------------------------------- /promtail/docker.elixir.config.yaml: -------------------------------------------------------------------------------- 1 | # UpdateAt: 2024-07-06 2 | # 此配置文件包含用 Docker 部署的 Elixir 应用日志的多行合并和日期删除,仅兼容以下 `:logger` 格式: 3 | # config :logger, :console, format: "$time $metadata[$level] $message\n" 4 | 5 | server: 6 | http_listen_port: 9080 7 | grpc_listen_port: 0 8 | 9 | clients: 10 | - url: http://monitoring.hentioe.dev/loki/api/v1/push 11 | tenant_id: 1 12 | 13 | scrape_configs: 14 | - job_name: elixir_apps_scrape 15 | docker_sd_configs: 16 | - host: unix:///var/run/docker.sock 17 | refresh_interval: 5s 18 | filters: 19 | - name: name 20 | values: ["-server-*"] 21 | pipeline_stages: 22 | # 单个日志行的例子: 23 | # \u001b[0m \b\u001b17:21:58.721 request_id=F1ydqw2HT-gofoAACsCh error_code=101 [info] Sent 200 in 282µs 24 | # 上面的 ` \b` 为何会插在 ANSI 颜色代码中尚不清楚,但已存在有此现象的项目,故也做兼容。 25 | - multiline: 26 | # 此表达式兼容可选的 ANSI 颜色以及可选的 metadata。 27 | firstline: '^(?:[^:]+)?\d{2}:\d{2}:\d{2}\.\d{3}\s(?:.+=.+\s+)*\[[^\\]+\]' 28 | max_wait_time: 3s 29 | - replace: 30 | # 删除日志中的时间(将时间加空格替换为空字符串) 31 | # 此表达式兼容可选的 ANSI 颜色 32 | expression: '^(?:[^:]+)?(\d{2}:\d{2}:\d{2}\.\d{3}\s+)' 33 | replace: "" 34 | relabel_configs: 35 | - source_labels: ["__meta_docker_container_name"] 36 | regex: "/(.*)" 37 | target_label: "container" 38 | -------------------------------------------------------------------------------- /rundeck/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | server: 5 | image: rundeck/rundeck:4.14.2 6 | container_name: rundeck 7 | restart: always 8 | ports: 9 | - 4440:4440 10 | environment: 11 | RUNDECK_GRAILS_URL: https://run.hentioe.dev 12 | RUNDECK_SERVER_FORWARDED: true 13 | volumes: 14 | - ./data:/home/rundeck/server/data 15 | - ./realm.properties:/home/rundeck/server/config/realm.properties 16 | - ./nodes:/nodes 17 | -------------------------------------------------------------------------------- /shlink/.env: -------------------------------------------------------------------------------- 1 | SHLINK_DOMAIN= 2 | SHLINK_DB_PASS= 3 | SHLINK_GEOLITE_LICENSE_KEY= -------------------------------------------------------------------------------- /shlink/docker-compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | db: 3 | image: postgres:16 4 | restart: always 5 | environment: 6 | POSTGRES_PASSWORD: ${SHLINK_DB_PASS} 7 | volumes: 8 | - ./_data:/var/lib/postgresql/data 9 | 10 | server: 11 | image: shlinkio/shlink:stable 12 | restart: always 13 | ports: 14 | - 7999:8080 15 | environment: 16 | DB_DRIVER: postgres 17 | DB_HOST: db 18 | DB_USER: postgres 19 | DB_PASSWORD: ${SHLINK_DB_PASS} 20 | DEFAULT_DOMAIN: ${SHLINK_DOMAIN} 21 | IS_HTTPS_ENABLED: true 22 | GEOLITE_LICENSE_KEY: ${SHLINK_GEOLITE_LICENSE_KEY} 23 | -------------------------------------------------------------------------------- /shlink/gen-api-key.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | docker compose exec server shlink api-key:generate 4 | -------------------------------------------------------------------------------- /snapdrop/.gitignore: -------------------------------------------------------------------------------- 1 | /config/ 2 | -------------------------------------------------------------------------------- /snapdrop/docker-compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | server: 3 | image: linuxserver/snapdrop 4 | environment: 5 | - PUID=1000 6 | - PGID=1000 7 | - TZ=Asia/Shanghai 8 | volumes: 9 | - ./config:/config 10 | ports: 11 | - 8400:80 12 | restart: unless-stopped 13 | -------------------------------------------------------------------------------- /vaultwarden/.env: -------------------------------------------------------------------------------- 1 | DOMAIN= 2 | SIGNUPS_ALLOWED= 3 | ORG_CREATION_USERS= 4 | ADMIN_TOKEN= 5 | -------------------------------------------------------------------------------- /vaultwarden/.gitignore: -------------------------------------------------------------------------------- 1 | /_data/ -------------------------------------------------------------------------------- /vaultwarden/docker-compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | server: 3 | image: vaultwarden/server 4 | restart: always 5 | ports: 6 | - 5600:80 7 | environment: 8 | - DOMAIN=${DOMAIN} 9 | - SIGNUPS_ALLOWED=${SIGNUPS_ALLOWED} 10 | - ORG_CREATION_USERS=${ORG_CREATION_USERS} 11 | - ADMIN_TOKEN=${ADMIN_TOKEN} 12 | volumes: 13 | - ./_data:/data/ 14 | --------------------------------------------------------------------------------