├── .github └── FUNDING.yml ├── .gitignore ├── README.md ├── ansible ├── README.md ├── adhoc │ └── adhoc.md ├── inventory │ └── hosts ├── k3s │ └── README.md ├── playbooks │ ├── apt-dist.yml │ ├── apt.yml │ ├── docker.yml │ ├── iftop.yml │ ├── oh-my-zsh.yml │ ├── password-change.yml │ ├── pihole-update.yml │ ├── qemu-guest-agent.yml │ ├── reboot-required.yml │ ├── reboot.yml │ ├── resize-lvm.yml │ ├── timezone.yml │ └── zsh.yml └── templates │ └── timesyncd.conf ├── demos ├── flux-demo │ └── clusters │ │ └── home │ │ ├── .gitignore │ │ ├── default │ │ ├── nginx │ │ │ ├── deployment.yml │ │ │ └── service.yml │ │ ├── podinfo │ │ │ ├── release.yml │ │ │ └── repository.yml │ │ └── redis │ │ │ ├── deployment.yml │ │ │ ├── redis-policy.yaml │ │ │ └── redis-registry.yaml │ │ ├── flux-system-automation.yaml │ │ └── flux-system │ │ ├── discord-alert.yml │ │ ├── discord-provider.yml │ │ ├── gotk-components.yaml │ │ ├── gotk-sync.yaml │ │ └── kustomization.yaml └── jekyll-demo │ ├── .editorconfig │ ├── .gitattributes │ ├── .github │ └── workflows │ │ └── pages-deploy.yml │ ├── .gitignore │ ├── .gitmodules │ ├── .nojekyll │ ├── Gemfile │ ├── Gemfile.lock │ ├── LICENSE │ ├── README.md │ ├── _config.yml │ ├── _data │ ├── assets │ │ ├── cross_origin.yml │ │ └── self_host.yml │ ├── contact.yml │ ├── locales │ │ ├── en.yml │ │ ├── id-ID.yml │ │ ├── ko-KR.yml │ │ ├── my-MM.yml │ │ ├── ru-RU.yml │ │ ├── uk-UA.yml │ │ └── zh-CN.yml │ └── share.yml │ ├── _plugins │ └── posts-lastmod-hook.rb │ ├── _posts │ └── 2022-05-22-hello-homelab.md │ ├── _tabs │ ├── about.md │ ├── archives.md │ ├── categories.md │ └── tags.md │ ├── index.html │ └── tools │ └── deploy.sh ├── docker ├── BotsPlusPlus │ ├── README.md │ ├── wow-auth │ │ ├── docker-compose.yml │ │ └── opt │ │ │ └── trinitycore │ │ │ ├── bin │ │ │ └── README.md │ │ │ ├── etc │ │ │ └── authserver.conf │ │ │ └── logs │ │ │ └── README.md │ └── wow-world │ │ ├── docker-compose.yml │ │ └── opt │ │ └── trinitycore │ │ ├── bin │ │ └── README.md │ │ ├── etc │ │ └── worldserver.conf │ │ └── logs │ │ └── README.md ├── authelia │ ├── README.md │ ├── configuration.yml │ ├── docker-compose.yml │ └── users_database.yml ├── broadlink-control │ ├── README.md │ └── docker-compose.yml ├── cloudflare │ ├── README.md │ └── docker-compose.yml ├── code-server │ ├── README.md │ └── docker-compose.yml ├── crowdsec │ ├── README.md │ ├── config │ │ └── acquis.yml │ └── docker-compose.yml ├── custom-image │ ├── .dockerignore │ ├── Dockerfile │ ├── README.md │ ├── ci │ │ ├── .gitlab-ci.yml │ │ └── github.yml │ ├── docker-compose.yml │ └── src │ │ └── html │ │ ├── index.html │ │ ├── password.txt │ │ ├── wave.png │ │ └── whale.png ├── duckdns │ ├── README.md │ └── docker-compose.yml ├── gatus │ ├── README.md │ └── docker-compose.yml ├── gitlab-runner │ ├── README.md │ └── docker-compose.yml ├── graylog │ ├── README.md │ ├── config │ │ ├── graylog.conf │ │ └── log4j2.xml │ └── docker-compose.yml ├── guacamole │ ├── README.md │ └── docker-compose.yml ├── handbrake │ ├── README.md │ └── docker-compose.yml ├── heimdall │ ├── README.md │ └── docker-compose.yml ├── homeassistant │ ├── README.md │ └── docker-compose.yml ├── homebridge │ ├── README.md │ └── docker-compose.yml ├── homepage │ ├── README.md │ └── docker-compose.yml ├── librespeed │ ├── README.md │ └── docker-compose.yml ├── littlelink-server │ ├── README.md │ └── docker-compose.yml ├── loki │ ├── README.md │ ├── daemon.new.json │ ├── docker-compose.yml │ ├── loki-config.yml │ └── promtail-config.yml ├── minecraft │ ├── README.md │ └── docker-compose.yml ├── mongodb │ ├── README.md │ └── docker-compose.yml ├── mysql-backup │ ├── README.md │ └── docker-compose.yml ├── mysql │ ├── README.md │ └── docker-compose.yml ├── netboot-xyz │ ├── README.md │ └── docker-compose.yml ├── nextcloud │ ├── README.md │ └── docker-compose.yml ├── nginx │ ├── README.md │ └── docker-compose.yml ├── ntp │ ├── README.md │ └── docker-compose.yml ├── pihole │ ├── README.md │ └── docker-compose.yml ├── plex │ ├── README.md │ └── docker-compose.yml ├── portainer │ ├── README.md │ └── docker-compose.yml ├── postgres │ ├── README.md │ └── docker-compose.yml ├── pterodactyl │ ├── README.md │ ├── panel │ │ └── docker-compose.yml │ └── wings │ │ ├── config.yml │ │ └── docker-compose.yml ├── redis │ ├── README.md │ └── docker-compose.yml ├── scrypted │ ├── README.md │ └── docker-compose.yml ├── syncthing │ ├── README.md │ └── docker-compose.yml ├── tdarr │ ├── README.md │ ├── Tdarr_Node_Config.json │ └── docker-compose.yml ├── traefik │ ├── README.md │ ├── data │ │ ├── config.yml │ │ └── traefik.yml │ └── docker.compose.yml ├── unifi-controller │ ├── README.md │ └── docker-compose.yml ├── uptime-kuma │ ├── README.md │ └── docker-compose.yml ├── watchtower │ ├── README.md │ └── docker-compose.yml ├── webnut │ ├── README.md │ └── docker-compose.yml ├── webtop │ ├── README.md │ └── docker-compose.yml ├── wg-easy │ ├── README.md │ └── docker-compose.yml ├── wikijs │ ├── README.md │ └── docker-compose.yml └── wireguard │ ├── README.md │ └── docker-compose.yml └── kubernetes ├── cloudflare ├── README.md └── deployment.yaml ├── gitlab-runner ├── README.md ├── secret.yml └── values.yml ├── home-assistant ├── claim.yaml ├── deployment.yaml └── service.yaml ├── kube-prometheus-stack ├── README.md ├── ingress.yaml └── values.yml ├── nextcloud ├── README.md ├── claim.yml ├── deployment.yaml ├── ingress.yml └── service.yml ├── pterodactyl ├── README.md └── panel │ ├── claim.yml │ ├── deployment.yaml │ ├── ingress.yml │ ├── node │ ├── endpoint.yml │ ├── ingress.yml │ └── service.yml │ ├── secret.yml │ └── service.yml ├── traefik-cert-manager ├── README.md ├── cert-manager │ ├── certificates │ │ ├── production │ │ │ └── local-example-com.yaml │ │ └── staging │ │ │ └── local-example-com.yaml │ ├── issuers │ │ ├── letsencrypt-production.yaml │ │ ├── letsencrypt-staging.yaml │ │ └── secret-cf-token.yaml │ └── values.yaml ├── nginx │ ├── deployment.yaml │ ├── ingress.yaml │ └── service.yaml └── traefik │ ├── dashboard │ ├── ingress.yaml │ ├── middleware.yaml │ └── secret-dashboard.yaml │ ├── default-headers.yaml │ └── values.yaml ├── traefik2-k3s-rancher ├── README.md ├── config-ingress-route │ ├── kubernetes │ │ ├── deployment.yml │ │ ├── ingress.yml │ │ └── service.yml │ └── traefik-chart-values.yml └── config │ ├── traefik-chart-values.yml │ ├── traefik-config.yml │ ├── traefik-dashboard-ingressroute.yml │ └── traefik-dashboard-secret.yml └── uptime-kuma ├── README.md ├── claim.yml ├── deployment.yaml ├── ingress.yml └── service.yml /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | github: timothystewart6 2 | patreon: technotim -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | node_modules 2 | coverage 3 | dist 4 | .idea 5 | .vscode 6 | npm-debug.log 7 | .tmp 8 | .DS_Store 9 | yarn-error.log 10 | temp 11 | public 12 | .log 13 | docs 14 | .nyc_output 15 | cassettes 16 | 17 | # hidden files 18 | .* 19 | !.git* 20 | !.editorconfig 21 | !.nojekyll 22 | !.travis.yml 23 | 24 | # bundler cache 25 | _site 26 | vendor 27 | 28 | # rubygem 29 | *.gem 30 | 31 | # npm dependencies 32 | node_modules 33 | package-lock.json 34 | 35 | 36 | # Trash 37 | .DS_Store 38 | Thumbs.db 39 | # Binaries 40 | bin 41 | /flux 42 | *.iso 43 | # Temp folders 44 | .temp* 45 | .private/ 46 | .logs/ 47 | .task/ 48 | # Ansible 49 | xanmanning.k3s* 50 | mrlesmithjr.zfs* 51 | geerlingguy.docker* 52 | geerlingguy.pip* 53 | # Terraform 54 | .terraform 55 | .terraform.tfstate* 56 | terraform.tfstate* 57 | # Sops 58 | .decrypted~* 59 | *.agekey 60 | # Kubernetes 61 | kubeconfig* 62 | talosconfig* 63 | *.pub 64 | *.key -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # launchpad 🚀 2 | 3 | ## Info 4 | 5 | A collection of quick starters for ansible, kubernetes, docker, linux, windows, and more. Great for HomeLabs, learning, and automation! 6 | 7 | Don't forget to ⭐ this repo and fork it too! 👆 8 | 9 | See each folder for details 📁 10 | 11 | ## Credits 12 | 13 | Created by [TechnoTim](https://technotim.live) and updated by the community with 💛 14 | 15 | ► YouTube https://www.youtube.com/technotimlive 16 | 17 | ► Twitch https://www.twitch.tv/TechnoTim 18 | 19 | ► Twitter https://twitter.com/TechnoTimLive 20 | 21 | ► Discord https://l.technotim.live/discord 22 | 23 | ► GitHub https://github.com/timothystewart6 24 | -------------------------------------------------------------------------------- /ansible/README.md: -------------------------------------------------------------------------------- 1 | # ansible-homelab 2 | 3 | ## Info 4 | 5 | A collection of ansible playbooks for homelab automation and more 6 | 7 | If you need help getting started, check out my [Automate EVERYTHING with Ansible video!](https://www.youtube.com/watch?v=w9eCU4bGgjQ) 8 | 9 | ## Other 10 | 11 | See my other videos here: [https://www.youtube.com/technotimlive](https://www.youtube.com/channel/UCOk-gHyjcWZNj3Br4oxwh0A) 12 | 13 | Or check out for other ways to connect 14 | -------------------------------------------------------------------------------- /ansible/adhoc/adhoc.md: -------------------------------------------------------------------------------- 1 | # adhoc commands 2 | 3 | https://docs.ansible.com/ansible/latest/user_guide/intro_adhoc.html 4 | 5 | ```bash 6 | ansible luna-01 -m ansible.builtin.shell -a 'echo $TERM' -i ./inventory/hosts --ask-pass --user someuser 7 | ``` 8 | -------------------------------------------------------------------------------- /ansible/inventory/hosts: -------------------------------------------------------------------------------- 1 | [hosts] 2 | server-01 3 | server-02 4 | 192.168.0.101 5 | 192.168.0.102 -------------------------------------------------------------------------------- /ansible/k3s/README.md: -------------------------------------------------------------------------------- 1 | # k3s 2 | 3 | Documentation [here](https://technotim.live/posts/k3s-etcd-ansible/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=CbkEWcUZ7zM) -------------------------------------------------------------------------------- /ansible/playbooks/apt-dist.yml: -------------------------------------------------------------------------------- 1 | - hosts: "*" 2 | tasks: 3 | - name: apt 4 | apt: 5 | update_cache: yes 6 | upgrade: 'dist' 7 | -------------------------------------------------------------------------------- /ansible/playbooks/apt.yml: -------------------------------------------------------------------------------- 1 | - hosts: "*" 2 | become: yes 3 | tasks: 4 | - name: apt 5 | apt: 6 | update_cache: yes 7 | upgrade: 'yes' 8 | -------------------------------------------------------------------------------- /ansible/playbooks/docker.yml: -------------------------------------------------------------------------------- 1 | - name: Install Docker engine 2 | hosts: "*" 3 | become: true 4 | tasks: 5 | - name: install dependencies 6 | apt: 7 | name: 8 | - ca-certificates 9 | - curl 10 | - gnupg 11 | - lsb-release 12 | state: present 13 | update_cache: true 14 | become: true 15 | 16 | - name: add GPG key 17 | apt_key: 18 | url: https://download.docker.com/linux/ubuntu/gpg 19 | state: present 20 | 21 | - name: add docker repository to apt 22 | apt_repository: 23 | filename: docker 24 | repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu jammy stable 25 | state: present 26 | 27 | - name: install docker engine 28 | apt: 29 | name: 30 | - docker-ce 31 | - docker-ce-cli 32 | - containerd.io 33 | state: present 34 | update_cache: true 35 | become: true 36 | 37 | - name: test docker 38 | command: docker info 39 | become: true 40 | -------------------------------------------------------------------------------- /ansible/playbooks/iftop.yml: -------------------------------------------------------------------------------- 1 | - name: install latest iftop on all hosts 2 | hosts: "*" 3 | tasks: 4 | - name: install iftop 5 | apt: 6 | name: iftop 7 | state: present 8 | update_cache: true 9 | become: true 10 | -------------------------------------------------------------------------------- /ansible/playbooks/oh-my-zsh.yml: -------------------------------------------------------------------------------- 1 | - hosts: "*" 2 | roles: 3 | - role: gantsign.oh-my-zsh 4 | users: 5 | - username: kube ## Username of the account you'd like to install Oh-My-Zsh to. Use "ansible-galaxy install gantsign.oh-my-zsh" first. 6 | ## https://galaxy.ansible.com/gantsign/oh-my-zsh 7 | # users: 8 | # - username: someuser 9 | -------------------------------------------------------------------------------- /ansible/playbooks/password-change.yml: -------------------------------------------------------------------------------- 1 | #ansible-playbook ./playbooks/password-change.yml --user someuser --ask-become-pass -i ./inventory/hosts 2 | - name: password change 3 | hosts: "*" 4 | become: true 5 | vars_prompt: 6 | - name: new_password 7 | prompt: "Enter new password" 8 | tasks: 9 | - name: change user's password 10 | user: 11 | name: "{{ ansible_user }}" 12 | update_password: always 13 | password: "{{ new_password|password_hash('sha512') }}" 14 | 15 | -------------------------------------------------------------------------------- /ansible/playbooks/pihole-update.yml: -------------------------------------------------------------------------------- 1 | - name: Update pihole 2 | hosts: "*" 3 | tasks: 4 | - name: pihole update 5 | shell: pihole -up 6 | -------------------------------------------------------------------------------- /ansible/playbooks/qemu-guest-agent.yml: -------------------------------------------------------------------------------- 1 | - name: install latest qemu-guest-agent 2 | hosts: "*" 3 | tasks: 4 | - name: install qemu-guest-agent 5 | apt: 6 | name: qemu-guest-agent 7 | state: present 8 | update_cache: true 9 | become: true 10 | -------------------------------------------------------------------------------- /ansible/playbooks/reboot-required.yml: -------------------------------------------------------------------------------- 1 | - name: Check if restart is required 2 | hosts: all 3 | tasks: 4 | - name: Check that the reboot-required exists 5 | stat: 6 | path: /var/run/reboot-required 7 | register: p 8 | - debug: 9 | msg: "Reboot required" 10 | when: p.stat.exists -------------------------------------------------------------------------------- /ansible/playbooks/reboot.yml: -------------------------------------------------------------------------------- 1 | - hosts: "*" 2 | become: yes 3 | tasks: 4 | - name: Reboot a slow machine that might have lots of updates to apply 5 | reboot: 6 | reboot_timeout: 3600 7 | 8 | -------------------------------------------------------------------------------- /ansible/playbooks/resize-lvm.yml: -------------------------------------------------------------------------------- 1 | - hosts: "*" 2 | become: yes 3 | tasks: 4 | ## Install Ansible Galaxy community collection first. "ansible-galaxy collection install community.general" 5 | ## https://galaxy.ansible.com/community/general 6 | - name: Extend the logical volume to take all remaining space of the PVs and resize the underlying filesystem 7 | community.general.lvol: 8 | vg: ubuntu-vg 9 | lv: ubuntu-lv 10 | size: +100%FREE 11 | resizefs: true 12 | -------------------------------------------------------------------------------- /ansible/playbooks/timezone.yml: -------------------------------------------------------------------------------- 1 | - name: Set timezone and configure timesyncd 2 | hosts: "*" 3 | become: yes 4 | tasks: 5 | - name: set timezone 6 | shell: timedatectl set-timezone America/Chicago 7 | 8 | - name: Make sure timesyncd is stopped 9 | systemd: 10 | name: systemd-timesyncd.service 11 | state: stopped 12 | 13 | - name: Copy over the timesyncd config 14 | template: src=../templates/timesyncd.conf dest=/etc/systemd/timesyncd.conf 15 | 16 | - name: Make sure timesyncd is started 17 | systemd: 18 | name: systemd-timesyncd.service 19 | state: started 20 | 21 | -------------------------------------------------------------------------------- /ansible/playbooks/zsh.yml: -------------------------------------------------------------------------------- 1 | - name: install latest zsh on all hosts 2 | hosts: "*" 3 | tasks: 4 | - name: install zsh 5 | apt: 6 | name: zsh 7 | state: present 8 | update_cache: true 9 | become: true 10 | -------------------------------------------------------------------------------- /ansible/templates/timesyncd.conf: -------------------------------------------------------------------------------- 1 | # This file is part of systemd. 2 | # 3 | # systemd is free software; you can redistribute it and/or modify it 4 | # under the terms of the GNU Lesser General Public License as published by 5 | # the Free Software Foundation; either version 2.1 of the License, or 6 | # (at your option) any later version. 7 | # 8 | # Entries in this file show the compile time defaults. 9 | # You can change settings by editing this file. 10 | # Defaults can be restored by simply deleting this file. 11 | # 12 | # See timesyncd.conf(5) for details. 13 | 14 | [Time] 15 | NTP=192.168.0.100 16 | FallbackNTP=time.cloudflare.com 17 | #RootDistanceMaxSec=5 18 | #PollIntervalMinSec=32 19 | #PollIntervalMaxSec=2048 -------------------------------------------------------------------------------- /demos/flux-demo/clusters/home/.gitignore: -------------------------------------------------------------------------------- 1 | # Trash 2 | .DS_Store 3 | Thumbs.db 4 | # Binaries 5 | bin 6 | /flux 7 | *.iso 8 | # Temp folders 9 | .temp* 10 | .private/ 11 | .logs/ 12 | .task/ 13 | # Ansible 14 | xanmanning.k3s* 15 | mrlesmithjr.zfs* 16 | geerlingguy.docker* 17 | geerlingguy.pip* 18 | # Terraform 19 | .terraform 20 | .terraform.tfstate* 21 | terraform.tfstate* 22 | # Sops 23 | .decrypted~* 24 | *.agekey 25 | # Kubernetes 26 | kubeconfig* 27 | talosconfig* 28 | *.pub 29 | *.key -------------------------------------------------------------------------------- /demos/flux-demo/clusters/home/default/nginx/deployment.yml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: nginx-deployment 5 | namespace: default 6 | spec: 7 | selector: 8 | matchLabels: 9 | app: nginx 10 | replicas: 3 11 | template: 12 | metadata: 13 | labels: 14 | app: nginx 15 | spec: 16 | containers: 17 | - name: nginx 18 | image: nginx:alpine 19 | ports: 20 | - containerPort: 80 -------------------------------------------------------------------------------- /demos/flux-demo/clusters/home/default/nginx/service.yml: -------------------------------------------------------------------------------- 1 | kind: Service 2 | apiVersion: v1 3 | metadata: 4 | name: nginx 5 | namespace: default 6 | spec: 7 | selector: 8 | app: nginx 9 | ports: 10 | - protocol: TCP 11 | port: 80 12 | targetPort: 80 13 | type: LoadBalancer -------------------------------------------------------------------------------- /demos/flux-demo/clusters/home/default/podinfo/release.yml: -------------------------------------------------------------------------------- 1 | apiVersion: helm.toolkit.fluxcd.io/v2beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: podinfo 5 | namespace: default 6 | spec: 7 | interval: 5m 8 | chart: 9 | spec: 10 | chart: podinfo 11 | version: '4.0.1' 12 | sourceRef: 13 | kind: HelmRepository 14 | name: podinfo 15 | namespace: flux-system 16 | interval: 1m 17 | values: 18 | replicaCount: 3 19 | foo: value1 20 | bar: 21 | baz: value2 22 | oof: 23 | - item1 24 | - item2 -------------------------------------------------------------------------------- /demos/flux-demo/clusters/home/default/podinfo/repository.yml: -------------------------------------------------------------------------------- 1 | apiVersion: source.toolkit.fluxcd.io/v1beta2 2 | kind: HelmRepository 3 | metadata: 4 | name: podinfo 5 | namespace: flux-system 6 | spec: 7 | interval: 1m 8 | url: https://stefanprodan.github.io/podinfo -------------------------------------------------------------------------------- /demos/flux-demo/clusters/home/default/redis/deployment.yml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: redis 5 | namespace: default 6 | spec: 7 | selector: 8 | matchLabels: 9 | app: redis 10 | replicas: 1 11 | template: 12 | metadata: 13 | labels: 14 | app: redis 15 | spec: 16 | containers: 17 | - name: redis 18 | image: redis:6.0.16 # {"$imagepolicy": "flux-system:redis"} 19 | -------------------------------------------------------------------------------- /demos/flux-demo/clusters/home/default/redis/redis-policy.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.toolkit.fluxcd.io/v1beta1 3 | kind: ImagePolicy 4 | metadata: 5 | name: redis 6 | namespace: flux-system 7 | spec: 8 | imageRepositoryRef: 9 | name: redis 10 | policy: 11 | semver: 12 | range: 6.0.x 13 | 14 | -------------------------------------------------------------------------------- /demos/flux-demo/clusters/home/default/redis/redis-registry.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.toolkit.fluxcd.io/v1beta1 3 | kind: ImageRepository 4 | metadata: 5 | name: redis 6 | namespace: flux-system 7 | spec: 8 | image: redis 9 | interval: 1m0s 10 | 11 | -------------------------------------------------------------------------------- /demos/flux-demo/clusters/home/flux-system-automation.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.toolkit.fluxcd.io/v1beta1 3 | kind: ImageUpdateAutomation 4 | metadata: 5 | name: flux-system 6 | namespace: flux-system 7 | spec: 8 | git: 9 | checkout: 10 | ref: 11 | branch: main 12 | commit: 13 | author: 14 | email: fluxcdbot@users.noreply.github.com 15 | name: fluxcdbot 16 | messageTemplate: '{{range .Updated.Images}}{{println .}}{{end}}' 17 | push: 18 | branch: main 19 | interval: 1m0s 20 | sourceRef: 21 | kind: GitRepository 22 | name: flux-system 23 | update: 24 | path: ./clusters/home 25 | strategy: Setters 26 | 27 | -------------------------------------------------------------------------------- /demos/flux-demo/clusters/home/flux-system/discord-alert.yml: -------------------------------------------------------------------------------- 1 | apiVersion: notification.toolkit.fluxcd.io/v1beta1 2 | kind: Alert 3 | metadata: 4 | name: on-call-webapp 5 | namespace: flux-system 6 | spec: 7 | providerRef: 8 | name: discord 9 | eventSeverity: info 10 | eventSources: 11 | - kind: GitRepository 12 | name: '*' 13 | - kind: Kustomization 14 | name: '*' -------------------------------------------------------------------------------- /demos/flux-demo/clusters/home/flux-system/discord-provider.yml: -------------------------------------------------------------------------------- 1 | apiVersion: notification.toolkit.fluxcd.io/v1beta1 2 | kind: Provider 3 | metadata: 4 | name: discord 5 | namespace: flux-system 6 | spec: 7 | type: discord 8 | channel: general 9 | secretRef: 10 | name: discord-url 11 | -------------------------------------------------------------------------------- /demos/flux-demo/clusters/home/flux-system/gotk-sync.yaml: -------------------------------------------------------------------------------- 1 | # This manifest was generated by flux. DO NOT EDIT. 2 | --- 3 | apiVersion: source.toolkit.fluxcd.io/v1beta2 4 | kind: GitRepository 5 | metadata: 6 | name: flux-system 7 | namespace: flux-system 8 | spec: 9 | interval: 1m0s 10 | ref: 11 | branch: main 12 | secretRef: 13 | name: flux-system 14 | url: https://github.com/timothystewart6/flux.git 15 | --- 16 | apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 17 | kind: Kustomization 18 | metadata: 19 | name: flux-system 20 | namespace: flux-system 21 | spec: 22 | interval: 10m0s 23 | path: ./clusters/home 24 | prune: true 25 | sourceRef: 26 | kind: GitRepository 27 | name: flux-system 28 | -------------------------------------------------------------------------------- /demos/flux-demo/clusters/home/flux-system/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - gotk-components.yaml 5 | - gotk-sync.yaml 6 | -------------------------------------------------------------------------------- /demos/jekyll-demo/.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | charset = utf-8 5 | # 2 space indentation 6 | indent_style = space 7 | indent_size = 2 8 | trim_trailing_whitespace = true 9 | # Unix-style newlines with a newline ending every file 10 | end_of_line = lf 11 | insert_final_newline = true 12 | -------------------------------------------------------------------------------- /demos/jekyll-demo/.gitattributes: -------------------------------------------------------------------------------- 1 | # Set default behavior to automatically normalize line endings. 2 | * text=auto 3 | 4 | # Force bash scripts to always use LF line endings so that if a repo is accessed 5 | # in Unix via a file share from Windows, the scripts will work. 6 | *.sh text eol=lf 7 | 8 | # Force batch scripts to always use CRLF line endings so that if a repo is accessed 9 | # in Windows via a file share from Linux, the scripts will work. 10 | *.{cmd,[cC][mM][dD]} text eol=crlf 11 | *.{bat,[bB][aA][tT]} text eol=crlf 12 | 13 | # Denote all files that are truly binary and should not be modified. 14 | *.png binary 15 | *.jpg binary 16 | *.ico binary 17 | -------------------------------------------------------------------------------- /demos/jekyll-demo/.github/workflows/pages-deploy.yml: -------------------------------------------------------------------------------- 1 | name: 'Automatic build' 2 | on: 3 | push: 4 | branches: 5 | - main 6 | paths-ignore: 7 | - .gitignore 8 | - README.md 9 | - LICENSE 10 | 11 | jobs: 12 | continuous-delivery: 13 | 14 | runs-on: ubuntu-latest 15 | 16 | steps: 17 | - name: Checkout 18 | uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # 3.0.2 19 | 20 | with: 21 | fetch-depth: 0 # for posts's lastmod 22 | 23 | - name: Setup Ruby 24 | uses: ruby/setup-ruby@0a29871fe2b0200a17a4497bae54fe5df0d973aa #1.115.3 25 | with: 26 | ruby-version: 2.7 27 | bundler-cache: true 28 | 29 | - name: Deploy 30 | run: bash tools/deploy.sh 31 | -------------------------------------------------------------------------------- /demos/jekyll-demo/.gitignore: -------------------------------------------------------------------------------- 1 | # hidden files 2 | .* 3 | !.git* 4 | !.editorconfig 5 | !.nojekyll 6 | !.travis.yml 7 | 8 | # bundler cache 9 | _site 10 | vendor 11 | 12 | # rubygem 13 | *.gem 14 | 15 | # npm dependencies 16 | node_modules 17 | package-lock.json 18 | -------------------------------------------------------------------------------- /demos/jekyll-demo/.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "assets/lib"] 2 | path = assets/lib 3 | url = https://github.com/cotes2020/chirpy-static-assets.git 4 | -------------------------------------------------------------------------------- /demos/jekyll-demo/.nojekyll: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /demos/jekyll-demo/Gemfile: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | source "https://rubygems.org" 4 | 5 | gem "jekyll-theme-chirpy", "~> 5.1", ">= 5.1.0" 6 | 7 | group :test do 8 | gem "html-proofer", "~> 3.18" 9 | end 10 | 11 | # Windows and JRuby does not include zoneinfo files, so bundle the tzinfo-data gem 12 | # and associated library. 13 | install_if -> { RUBY_PLATFORM =~ %r!mingw|mswin|java! } do 14 | gem "tzinfo", "~> 1.2" 15 | gem "tzinfo-data" 16 | end 17 | 18 | # Performance-booster for watching directories on Windows 19 | gem "wdm", "~> 0.1.1", :install_if => Gem.win_platform? 20 | 21 | # Jekyll <= 4.2.0 compatibility with Ruby 3.0 22 | gem "webrick", "~> 1.8" 23 | -------------------------------------------------------------------------------- /demos/jekyll-demo/Gemfile.lock: -------------------------------------------------------------------------------- 1 | GEM 2 | remote: https://rubygems.org/ 3 | specs: 4 | addressable (2.8.0) 5 | public_suffix (>= 2.0.2, < 5.0) 6 | colorator (1.1.0) 7 | concurrent-ruby (1.1.10) 8 | em-websocket (0.5.3) 9 | eventmachine (>= 0.12.9) 10 | http_parser.rb (~> 0) 11 | ethon (0.15.0) 12 | ffi (>= 1.15.0) 13 | eventmachine (1.2.7) 14 | ffi (1.15.5) 15 | forwardable-extended (2.6.0) 16 | html-proofer (3.19.4) 17 | addressable (~> 2.3) 18 | mercenary (~> 0.3) 19 | nokogiri (~> 1.13) 20 | parallel (~> 1.10) 21 | rainbow (~> 3.0) 22 | typhoeus (~> 1.3) 23 | yell (~> 2.0) 24 | http_parser.rb (0.8.0) 25 | i18n (1.10.0) 26 | concurrent-ruby (~> 1.0) 27 | jekyll (4.2.2) 28 | addressable (~> 2.4) 29 | colorator (~> 1.0) 30 | em-websocket (~> 0.5) 31 | i18n (~> 1.0) 32 | jekyll-sass-converter (~> 2.0) 33 | jekyll-watch (~> 2.0) 34 | kramdown (~> 2.3) 35 | kramdown-parser-gfm (~> 1.0) 36 | liquid (~> 4.0) 37 | mercenary (~> 0.4.0) 38 | pathutil (~> 0.9) 39 | rouge (~> 3.0) 40 | safe_yaml (~> 1.0) 41 | terminal-table (~> 2.0) 42 | jekyll-archives (2.2.1) 43 | jekyll (>= 3.6, < 5.0) 44 | jekyll-paginate (1.1.0) 45 | jekyll-redirect-from (0.16.0) 46 | jekyll (>= 3.3, < 5.0) 47 | jekyll-sass-converter (2.2.0) 48 | sassc (> 2.0.1, < 3.0) 49 | jekyll-seo-tag (2.8.0) 50 | jekyll (>= 3.8, < 5.0) 51 | jekyll-sitemap (1.4.0) 52 | jekyll (>= 3.7, < 5.0) 53 | jekyll-theme-chirpy (5.1.0) 54 | jekyll (~> 4.1) 55 | jekyll-archives (~> 2.2) 56 | jekyll-paginate (~> 1.1) 57 | jekyll-redirect-from (~> 0.16) 58 | jekyll-seo-tag (~> 2.7) 59 | jekyll-sitemap (~> 1.4) 60 | jekyll-watch (2.2.1) 61 | listen (~> 3.0) 62 | kramdown (2.4.0) 63 | rexml 64 | kramdown-parser-gfm (1.1.0) 65 | kramdown (~> 2.0) 66 | liquid (4.0.3) 67 | listen (3.7.1) 68 | rb-fsevent (~> 0.10, >= 0.10.3) 69 | rb-inotify (~> 0.9, >= 0.9.10) 70 | mercenary (0.4.0) 71 | nokogiri (1.18.3-x86_64-linux-gnu) 72 | racc (~> 1.4) 73 | parallel (1.22.1) 74 | pathutil (0.16.2) 75 | forwardable-extended (~> 2.6) 76 | public_suffix (4.0.7) 77 | racc (1.8.1) 78 | rainbow (3.1.1) 79 | rb-fsevent (0.11.1) 80 | rb-inotify (0.10.1) 81 | ffi (~> 1.0) 82 | rexml (3.3.9) 83 | rouge (3.28.0) 84 | safe_yaml (1.0.5) 85 | sassc (2.4.0) 86 | ffi (~> 1.9) 87 | terminal-table (2.0.0) 88 | unicode-display_width (~> 1.1, >= 1.1.1) 89 | thread_safe (0.3.6) 90 | typhoeus (1.4.0) 91 | ethon (>= 0.9.0) 92 | tzinfo (1.2.10) 93 | thread_safe (~> 0.1) 94 | tzinfo-data (1.2022.1) 95 | tzinfo (>= 1.0.0) 96 | unicode-display_width (1.8.0) 97 | wdm (0.1.1) 98 | webrick (1.8.2) 99 | yell (2.2.2) 100 | 101 | PLATFORMS 102 | x86_64-linux 103 | 104 | DEPENDENCIES 105 | html-proofer (~> 3.18) 106 | jekyll-theme-chirpy (~> 5.1, >= 5.1.0) 107 | tzinfo (~> 1.2) 108 | tzinfo-data 109 | wdm (~> 0.1.1) 110 | webrick (~> 1.8) 111 | 112 | BUNDLED WITH 113 | 2.3.14 114 | -------------------------------------------------------------------------------- /demos/jekyll-demo/LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2021 Cotes Chung 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /demos/jekyll-demo/README.md: -------------------------------------------------------------------------------- 1 | # Chirpy Starter [![Gem Version](https://img.shields.io/gem/v/jekyll-theme-chirpy)](https://rubygems.org/gems/jekyll-theme-chirpy) [![GitHub license](https://img.shields.io/github/license/cotes2020/chirpy-starter.svg?color=blue)][mit] 2 | 3 | When installing the [**Chirpy**][chirpy] theme through [RubyGems.org][gem], Jekyll can only read files in the folders `_includes`, `_layout`, `_sass` and `assets`, as well as a small part of options of the `_config.yml` file from the theme's gem. If you have ever installed this theme gem, you can use the command `bundle info --path jekyll-theme-chirpy` to locate these files. 4 | 5 | The Jekyll organization claims that this is to leave the ball in the user’s court, but this also results in users not being able to enjoy the out-of-the-box experience when using feature-rich themes. 6 | 7 | To fully use all the features of **Chirpy**, you need to copy the other critical files from the theme's gem to your Jekyll site. The following is a list of targets: 8 | 9 | ```shell 10 | . 11 | ├── _config.yml 12 | ├── _data 13 | ├── _plugins 14 | ├── _tabs 15 | └── index.html 16 | ``` 17 | 18 | In order to save your time, and to prevent you from missing some files when copying, we extract those files/configurations of the latest version of the **Chirpy** theme and the [CD][CD] workflow to here, so that you can start writing in minutes. 19 | 20 | ## Prerequisites 21 | 22 | Follow the instructions in the [Jekyll Docs](https://jekyllrb.com/docs/installation/) to complete the installation of `Ruby`, `RubyGems`, `Jekyll` and `Bundler`. 23 | 24 | ## Installation 25 | 26 | [**Use this template**][use-template] to generate a brand new repository and name it `.github.io`, where `GH_USERNAME` represents your GitHub username. 27 | 28 | Then clone it to your local machine and run: 29 | 30 | ``` 31 | $ bundle 32 | ``` 33 | 34 | ## Usage 35 | 36 | Please see the [theme's docs](https://github.com/cotes2020/jekyll-theme-chirpy#documentation). 37 | 38 | ## License 39 | 40 | This work is published under [MIT][mit] License. 41 | 42 | [gem]: https://rubygems.org/gems/jekyll-theme-chirpy 43 | [chirpy]: https://github.com/cotes2020/jekyll-theme-chirpy/ 44 | [use-template]: https://github.com/cotes2020/chirpy-starter/generate 45 | [CD]: https://en.wikipedia.org/wiki/Continuous_deployment 46 | [mit]: https://github.com/cotes2020/chirpy-starter/blob/master/LICENSE 47 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_config.yml: -------------------------------------------------------------------------------- 1 | # The Site Configuration 2 | 3 | # Import the theme 4 | theme: jekyll-theme-chirpy 5 | 6 | # Change the following value to '/PROJECT_NAME' ONLY IF your site type is GitHub Pages Project sites 7 | # and doesn't have a custom domain. 8 | baseurl: '' 9 | 10 | # The language of the webpage › http://www.lingoes.net/en/translator/langcode.htm 11 | # If it has the same name as one of the files in folder `_data/locales`, the layout language will also be changed, 12 | # otherwise, the layout language will use the default value of 'en'. 13 | lang: en 14 | 15 | # Additional parameters for datetime localization, optional. › https://github.com/iamkun/dayjs/tree/dev/src/locale 16 | prefer_datetime_locale: 17 | 18 | # Change to your timezone › http://www.timezoneconverter.com/cgi-bin/findzone/findzone 19 | timezone: America/Chicago 20 | 21 | # jekyll-seo-tag settings › https://github.com/jekyll/jekyll-seo-tag/blob/master/docs/usage.md 22 | # ↓ -------------------------- 23 | 24 | title: HomeLab Docs # the main title 25 | 26 | tagline: A Doc site for my homelab # it will display as the sub-title 27 | 28 | description: >- # used by seo meta and the atom feed 29 | A Docs site for my homelab 30 | 31 | # fill in the protocol & hostname for your site, e.g., 'https://username.github.io' 32 | url: 'https://timothystewart6.github.io' 33 | 34 | github: 35 | username: timothystewart6 # change to your github username 36 | 37 | twitter: 38 | username: technotimlive # change to your twitter username 39 | 40 | social: 41 | # Change to your full name. 42 | # It will be displayed as the default author of the posts and the copyright owner in the Footer 43 | name: Techno Tim 44 | email: example@doamin.com # change to your email address 45 | links: 46 | # The first element serves as the copyright owner's link 47 | - https://twitter.com/technotimlive # change to your twitter homepage 48 | - https://github.com/timothystewart6 # change to your github homepage 49 | # Uncomment below to add more social links 50 | # - https://www.facebook.com/username 51 | # - https://www.linkedin.com/in/username 52 | 53 | google_site_verification: # fill in to your verification string 54 | 55 | # ↑ -------------------------- 56 | # The end of `jekyll-seo-tag` settings 57 | 58 | google_analytics: 59 | id: # fill in your Google Analytics ID 60 | # Google Analytics pageviews report settings 61 | pv: 62 | proxy_endpoint: # fill in the Google Analytics superProxy endpoint of Google App Engine 63 | cache_path: # the local PV cache data, friendly to visitors from GFW region 64 | 65 | # Prefer color scheme setting. 66 | # 67 | # Note: Keep empty will follow the system prefer color by default, 68 | # and there will be a toggle to switch the theme between dark and light 69 | # on the bottom left of the sidebar. 70 | # 71 | # Available options: 72 | # 73 | # light - Use the light color scheme 74 | # dark - Use the dark color scheme 75 | # 76 | theme_mode: # [light|dark] 77 | 78 | # The CDN endpoint for images. 79 | # Notice that once it is assigned, the CDN url 80 | # will be added to all image (site avatar & posts' images) paths starting with '/' 81 | # 82 | # e.g. 'https://cdn.com' 83 | img_cdn: 84 | 85 | # the avatar on sidebar, support local or CORS resources 86 | avatar: https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_400x400.jpg 87 | 88 | # boolean type, the global switch for ToC in posts. 89 | toc: true 90 | 91 | comments: 92 | active: # The global switch for posts comments, e.g., 'disqus'. Keep it empty means disable 93 | # The active options are as follows: 94 | disqus: 95 | shortname: # fill with the Disqus shortname. › https://help.disqus.com/en/articles/1717111-what-s-a-shortname 96 | # utterances settings › https://utteranc.es/ 97 | utterances: 98 | repo: # / 99 | issue_term: # < url | pathname | title | ...> 100 | # Giscus options › https://giscus.app 101 | giscus: 102 | repo: # / 103 | repo_id: 104 | category: 105 | category_id: 106 | mapping: # optional, default to 'pathname' 107 | input_position: # optional, default to 'bottom' 108 | lang: # optional, default to the value of `site.lang` 109 | 110 | # Self-hosted static assets, optional › https://github.com/cotes2020/chirpy-static-assets 111 | assets: 112 | self_host: 113 | enabled: # boolean, keep empty means false 114 | # specify the Jekyll environment, empty means both 115 | # only works if `assets.self_host.enabled` is 'true' 116 | env: # [development|production] 117 | 118 | paginate: 10 119 | 120 | # ------------ The following options are not recommended to be modified ------------------ 121 | 122 | kramdown: 123 | syntax_highlighter: rouge 124 | syntax_highlighter_opts: # Rouge Options › https://github.com/jneen/rouge#full-options 125 | css_class: highlight 126 | # default_lang: console 127 | span: 128 | line_numbers: false 129 | block: 130 | line_numbers: true 131 | start_line: 1 132 | 133 | collections: 134 | tabs: 135 | output: true 136 | sort_by: order 137 | 138 | defaults: 139 | - scope: 140 | path: '' # An empty string here means all files in the project 141 | type: posts 142 | values: 143 | layout: post 144 | comments: true # Enable comments in posts. 145 | toc: true # Display TOC column in posts. 146 | # DO NOT modify the following parameter unless you are confident enough 147 | # to update the code of all other post links in this project. 148 | permalink: /posts/:title/ 149 | - scope: 150 | path: _drafts 151 | values: 152 | comments: false 153 | - scope: 154 | path: '' 155 | type: tabs # see `site.collections` 156 | values: 157 | layout: page 158 | permalink: /:title/ 159 | - scope: 160 | path: assets/img/favicons 161 | values: 162 | swcache: true 163 | - scope: 164 | path: assets/js/dist 165 | values: 166 | swcache: true 167 | 168 | sass: 169 | style: compressed 170 | 171 | compress_html: 172 | clippings: all 173 | comments: all 174 | endings: all 175 | profile: false 176 | blanklines: false 177 | ignore: 178 | envs: [development] 179 | 180 | exclude: 181 | - '*.gem' 182 | - '*.gemspec' 183 | - tools 184 | - README.md 185 | - LICENSE 186 | - gulpfile.js 187 | - node_modules 188 | - package*.json 189 | 190 | jekyll-archives: 191 | enabled: [categories, tags] 192 | layouts: 193 | category: category 194 | tag: tag 195 | permalinks: 196 | tag: /tags/:name/ 197 | category: /categories/:name/ 198 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_data/assets/cross_origin.yml: -------------------------------------------------------------------------------- 1 | # CDNs 2 | 3 | cdns: 4 | # Google Fonts 5 | - url: https://fonts.googleapis.com 6 | - url: https://fonts.gstatic.com 7 | args: crossorigin 8 | - url: https://fonts.googleapis.com 9 | # jsDelivr CDN 10 | - url: https://cdn.jsdelivr.net 11 | 12 | # fonts 13 | 14 | webfonts: https://fonts.googleapis.com/css2?family=Lato&family=Source+Sans+Pro:wght@400;600;700;900&display=swap 15 | 16 | # Libraries 17 | 18 | jquery: 19 | js: https://cdn.jsdelivr.net/npm/jquery@3/dist/jquery.min.js 20 | 21 | bootstrap: 22 | css: https://cdn.jsdelivr.net/npm/bootstrap@4/dist/css/bootstrap.min.css 23 | js: https://cdn.jsdelivr.net/npm/bootstrap@4/dist/js/bootstrap.bundle.min.js 24 | 25 | bootstrap-toc: 26 | css: https://cdn.jsdelivr.net/gh/afeld/bootstrap-toc@1.0.1/dist/bootstrap-toc.min.css 27 | js: https://cdn.jsdelivr.net/gh/afeld/bootstrap-toc@1.0.1/dist/bootstrap-toc.min.js 28 | 29 | fontawesome: 30 | css: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.11.2/css/all.min.css 31 | 32 | search: 33 | js: https://cdn.jsdelivr.net/npm/simple-jekyll-search@1.10.0/dest/simple-jekyll-search.min.js 34 | 35 | mermaid: 36 | js: https://cdn.jsdelivr.net/npm/mermaid@8/dist/mermaid.min.js 37 | 38 | dayjs: 39 | js: 40 | common: https://cdn.jsdelivr.net/npm/dayjs@1/dayjs.min.js 41 | locale: https://cdn.jsdelivr.net/npm/dayjs@1/locale/:LOCALE.min.js 42 | relativeTime: https://cdn.jsdelivr.net/npm/dayjs@1/plugin/relativeTime.min.js 43 | localizedFormat: https://cdn.jsdelivr.net/npm/dayjs@1/plugin/localizedFormat.min.js 44 | 45 | countup: 46 | js: https://cdn.jsdelivr.net/npm/countup.js@1.9.3/dist/countUp.min.js 47 | 48 | magnific-popup: 49 | css: https://cdn.jsdelivr.net/npm/magnific-popup@1/dist/magnific-popup.min.css 50 | js: https://cdn.jsdelivr.net/npm/magnific-popup@1/dist/jquery.magnific-popup.min.js 51 | 52 | lozad: 53 | js: https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js 54 | 55 | clipboard: 56 | js: https://cdn.jsdelivr.net/npm/clipboard@2/dist/clipboard.min.js 57 | 58 | polyfill: 59 | js: https://polyfill.io/v3/polyfill.min.js?features=es6 60 | 61 | mathjax: 62 | js: https://cdn.jsdelivr.net/npm/mathjax@3/es5/tex-chtml.js 63 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_data/assets/self_host.yml: -------------------------------------------------------------------------------- 1 | # fonts 2 | 3 | webfonts: /assets/lib/fonts/main.css 4 | 5 | # Libraries 6 | 7 | jquery: 8 | js: /assets/lib/jquery-3.6.0/jquery.min.js 9 | 10 | bootstrap: 11 | css: /assets/lib/bootstrap-4.6.1/bootstrap.min.css 12 | js: /assets/lib/bootstrap-4.6.1/bootstrap.bundle.min.js 13 | 14 | bootstrap-toc: 15 | css: /assets/lib/bootstrap-toc-1.0.1/bootstrap-toc.min.css 16 | js: /assets/lib/bootstrap-toc-1.0.1/bootstrap-toc.min.js 17 | 18 | fontawesome: 19 | css: /assets/lib/fontawesome-free-5.15.4/css/all.min.css 20 | 21 | search: 22 | js: /assets/lib/simple-jekyll-search-1.10.0/simple-jekyll-search.min.js 23 | 24 | mermaid: 25 | js: /assets/lib/mermaid-8.13.10/mermaid.min.js 26 | 27 | dayjs: 28 | js: 29 | common: /assets/lib/dayjs-1.10.7/dayjs.min.js 30 | locale: /assets/lib/dayjs-1.10.7/locale/en.min.js 31 | relativeTime: /assets/lib/dayjs-1.10.7/plugin/relativeTime.min.js 32 | localizedFormat: /assets/lib/dayjs-1.10.7/plugin/localizedFormat.min.js 33 | 34 | countup: 35 | js: /assets/lib/countup.js-1.9.3/countUp.min.js 36 | 37 | magnific-popup: 38 | css: /assets/lib/magnific-popup-1.1.0/magnific-popup.css 39 | js: /assets/lib/magnific-popup-1.1.0/jquery.magnific-popup.min.js 40 | 41 | lozad: 42 | js: /assets/lib/lozad-1.16.0/lozad.min.js 43 | 44 | clipboard: 45 | js: /assets/lib/clipboard-2.0.9/clipboard.min.js 46 | 47 | polyfill: 48 | js: /assets/lib/polyfill-v3-es6/polyfill.min.js 49 | 50 | mathjax: 51 | js: /assets/lib/mathjax-3.2.0/tex-chtml.js 52 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_data/contact.yml: -------------------------------------------------------------------------------- 1 | # The contact options. 2 | 3 | - 4 | type: github 5 | icon: 'fab fa-github' 6 | - 7 | type: twitter 8 | icon: 'fab fa-twitter' 9 | - 10 | type: email 11 | icon: 'fas fa-envelope' 12 | noblank: true # open link in current tab 13 | - 14 | type: rss 15 | icon: 'fas fa-rss' 16 | noblank: true 17 | 18 | # Uncomment and complete the url below to enable more contact options 19 | # - 20 | # type: mastodon 21 | # icon: 'fab fa-mastodon' # icons powered by 22 | # url: '' # Fill with your mastodon account page 23 | # - 24 | # type: linkedin 25 | # icon: 'fab fa-linkedin' # icons powered by 26 | # url: '' # Fill with your Linkedin homepage 27 | # - 28 | # type: stack-overflow 29 | # icon: 'fab fa-stack-overflow' 30 | # url: '' # Fill with your stackoverflow homepage 31 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_data/locales/en.yml: -------------------------------------------------------------------------------- 1 | # The layout text of site 2 | 3 | # ----- Commons label ----- 4 | 5 | layout: 6 | post: Post 7 | category: Category 8 | tag: Tag 9 | 10 | # The tabs of sidebar 11 | tabs: 12 | # format: : 13 | home: Home 14 | categories: Categories 15 | tags: Tags 16 | archives: Archives 17 | about: About 18 | 19 | # the text displayed in the search bar & search results 20 | search: 21 | hint: search 22 | cancel: Cancel 23 | no_results: Oops! No result founds. 24 | 25 | panel: 26 | lastmod: Recently Updated 27 | trending_tags: Trending Tags 28 | toc: Contents 29 | 30 | copyright: 31 | # Shown at the bottom of the post 32 | license: 33 | template: This post is licensed under :LICENSE_NAME by the author. 34 | name: CC BY 4.0 35 | link: https://creativecommons.org/licenses/by/4.0/ 36 | 37 | # Displayed in the footer 38 | brief: Some rights reserved. 39 | verbose: >- 40 | Except where otherwise noted, the blog posts on this site are licensed 41 | under the Creative Commons Attribution 4.0 International (CC BY 4.0) License by the author. 42 | 43 | meta: Powered by :PLATFORM with :THEME theme. 44 | 45 | not_found: 46 | statment: Sorry, we've misplaced that URL or it's pointing to something that doesn't exist. 47 | hint_template: :HEAD_BAK to try finding it again, or search for it on the :ARCHIVES_PAGE. 48 | head_back: Head back Home 49 | archives_page: Archives page 50 | 51 | # ----- Posts related labels ----- 52 | 53 | post: 54 | written_by: By 55 | posted: Posted 56 | updated: Updated 57 | words: words 58 | pageview_measure: views 59 | read_time: 60 | unit: min 61 | prompt: read 62 | relate_posts: Further Reading 63 | share: Share 64 | button: 65 | next: Newer 66 | previous: Older 67 | copy_code: 68 | succeed: Copied! 69 | share_link: 70 | title: Copy link 71 | succeed: Link copied successfully! 72 | # pinned prompt of posts list on homepage 73 | pin_prompt: Pinned 74 | 75 | # categories page 76 | categories: 77 | category_measure: categories 78 | post_measure: posts 79 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_data/locales/id-ID.yml: -------------------------------------------------------------------------------- 1 | # The layout text of site 2 | 3 | # ----- Commons label ----- 4 | 5 | layout: 6 | post: Postingan 7 | category: Kategori 8 | tag: Tagar 9 | 10 | # The tabs of sidebar 11 | tabs: 12 | # format: : 13 | home: Beranda 14 | categories: Kategori 15 | tags: Tagar 16 | archives: Arsip 17 | about: Tentang 18 | 19 | # the text displayed in the search bar & search results 20 | search: 21 | hint: Cari 22 | cancel: Batal 23 | no_results: Ups! Tidak ada hasil yang ditemukan. 24 | 25 | panel: 26 | lastmod: Postingan Terbaru 27 | trending_tags: Tagar Terpopuler 28 | toc: Konten 29 | 30 | copyright: 31 | # Shown at the bottom of the post 32 | license: 33 | template: Postingan ini dilisensikan di bawah :LICENSE_NAME oleh penulis. 34 | name: CC BY 4.0 35 | link: https://creativecommons.org/licenses/by/4.0/ 36 | 37 | # Displayed in the footer 38 | brief: Sebagian konten dilindungi. 39 | verbose: >- 40 | Kecuali jika dinyatakan, Postingan blog di situs ini dilisensikan 41 | di bawah Lisensi Creative Commons Attribution 4.0 International (CC BY 4.0) oleh penulis. 42 | 43 | meta: Didukung oleh :PLATFORM dengan tema :THEME. 44 | 45 | not_found: 46 | statment: Maaf, kami gagal menemukan URL itu atau memang mengarah ke sesuatu yang tidak ada. 47 | hint_template: :HEAD_BAK untuk mencoba mencari kembali, atau cari di :ARCHIVES_PAGE. 48 | head_back: Kembali ke Beranda 49 | archives_page: Halaman Arsip 50 | 51 | # ----- Posts related labels ----- 52 | 53 | post: 54 | written_by: Oleh 55 | posted: Diterbitkan 56 | updated: Diperbarui 57 | words: kata 58 | pageview_measure: dilihat 59 | read_time: 60 | unit: menit 61 | prompt: baca 62 | relate_posts: Postingan Lainya 63 | share: Bagikan 64 | button: 65 | next: Terbaru 66 | previous: Terlama 67 | copy_code: 68 | succeed: Disalin! 69 | share_link: 70 | title: Salin tautan 71 | succeed: Tautan berhasil disalin! 72 | # pinned prompt of posts list on homepage 73 | pin_prompt: Disematkan 74 | 75 | # categories page 76 | categories: 77 | category_measure: kategori 78 | post_measure: Postingan 79 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_data/locales/ko-KR.yml: -------------------------------------------------------------------------------- 1 | # The layout text of site 2 | 3 | # ----- Commons label ----- 4 | 5 | layout: 6 | post: 포스트 7 | category: 카테고리 8 | tag: 태그 9 | 10 | # The tabs of sidebar 11 | tabs: 12 | # format: : 13 | home: 홈 14 | categories: 카테고리 15 | tags: 태그 16 | archives: 아카이브 17 | about: 정보 18 | 19 | # the text displayed in the search bar & search results 20 | search: 21 | hint: 검색 22 | cancel: 취소 23 | no_results: 검색 결과가 없습니다. 24 | 25 | panel: 26 | lastmod: 최근 업데이트 27 | trending_tags: 인기 태그 28 | toc: 바로가기 29 | 30 | copyright: 31 | # Shown at the bottom of the post 32 | license: 33 | template: 이 기사는 저작권자의 :LICENSE_NAME 라이센스를 따릅니다. 34 | name: CC BY 4.0 35 | link: https://creativecommons.org/licenses/by/4.0/ 36 | 37 | # Displayed in the footer 38 | brief: 일부 권리 보유 39 | verbose: >- 40 | 명시되지 않는 한 이 사이트의 블로그 게시물은 작성자의 41 | Creative Commons Attribution 4.0 International(CC BY 4.0) 라이선스에 따라 사용이 허가되었습니다. 42 | 43 | meta: Powered by :PLATFORM with :THEME theme. 44 | 45 | not_found: 46 | statment: 해당 URL은 존재하지 않습니다. 47 | hint_template: :HEAD_BAK을 눌러 다시 찾거나 :ARCHIVES_PAGE에서 검색해 주세요. 48 | head_back: 홈으로 돌아가기 49 | archives_page: 아카이브 페이지 50 | 51 | # ----- Posts related labels ----- 52 | 53 | post: 54 | written_by: By 55 | posted: 게시 56 | updated: 업데이트 57 | words: 단어 58 | pageview_measure: 조회 59 | read_time: 60 | unit: 분 61 | prompt: 읽는 시간 62 | relate_posts: 관련된 글 63 | share: 공유하기 64 | button: 65 | next: 다음 글 66 | previous: 이전 글 67 | copy_code: 68 | succeed: 복사되었습니다! 69 | share_link: 70 | title: 링크 복사하기 71 | succeed: 링크가 복사되었습니다! 72 | # pinned prompt of posts list on homepage 73 | pin_prompt: 핀 74 | 75 | # categories page 76 | categories: 77 | category_measure: 카테고리 78 | post_measure: 포스트 79 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_data/locales/my-MM.yml: -------------------------------------------------------------------------------- 1 | # The layout text of site 2 | 3 | # ----- Commons label ----- 4 | 5 | layout: 6 | post: ပို့စ် 7 | category: ကဏ္ဍ 8 | tag: နာမ(တက်ဂ်) 9 | 10 | # The tabs of sidebar 11 | tabs: 12 | # format: : 13 | home: အဓိကစာမျက်နှာ 14 | categories: ကဏ္ဍများ 15 | tags: နာမ(တက်ဂ်)များ 16 | archives: မှတ်တမ်း​တိုက် 17 | about: အကြောင်းအရာ 18 | 19 | # the text displayed in the search bar & search results 20 | search: 21 | hint: ရှာဖွေမည် 22 | cancel: ဖျက်သိမ်းမည် 23 | no_results: အိုး! ဘာမှမရှိပါ 24 | 25 | panel: 26 | lastmod: မကြာသေးမီကမွမ်းမံထားသည် 27 | trending_tags: ခေတ်စားနေသည့်တက်ဂ်များ 28 | toc: အကြောင်းအရာများ 29 | 30 | copyright: 31 | # Shown at the bottom of the post 32 | license: 33 | template: ဤပို့စ်သည်စာရေးသူ၏ :LICENSE_NAME လိုင်စင်ရထားသည်။ 34 | name: CC BY 4.0 35 | link: https://creativecommons.org/licenses/by/4.0/ 36 | 37 | # Displayed in the footer 38 | brief: မူပိုင်ခွင့်အချို့ကို လက်ဝယ်ထားသည်။ 39 | verbose: >- 40 | အခြားမှတ်သားထားချက်များမှလွဲ၍ ဤဆိုက်ရှိ ဘလော့ဂ်ပို့စ်များသည် စာရေးသူ၏ 41 | Creative Commons Attribution 4.0 International (CC BY 4.0) အောက်တွင် လိုင်စင်ရထားပါသည်။ 42 | 43 | meta: Powered by :PLATFORM with :THEME theme. 44 | 45 | not_found: 46 | statment: ဝမ်းနည်းပါသည်၊ ကျွန်ုပ်တို့သည် အဆိုပါ URL ကို မှားယွင်းစွာ နေရာချထားခြင်း သို့မဟုတ် ၎င်းသည် မရှိသောအရာကို ညွှန်ပြနေပါသည်။ 47 | hint_template: ၎င်းကို ထပ်မံရှာဖွေရန် :HEAD_BAK , သို့မဟုတ် :ARCHIVES_PAGE တွင်ရှာပါ။ 48 | head_back: အဓိကစာမျက်နှာသို့ပြန်သွားပါ။ 49 | archives_page: မှတ်တမ်း​တိုက် စာမျက်နှာ။ 50 | 51 | # ----- Posts related labels ----- 52 | 53 | post: 54 | written_by: ကရေးသားခဲ့သည်။ 55 | posted: တင်ထားခဲ့သည်။ 56 | updated: မွမ်းမံထားခဲ့သည်။ 57 | words: စကားလုံးများ 58 | pageview_measure: အမြင်များ 59 | read_time: 60 | unit: မိနစ် 61 | prompt: ဖတ်ပါမည် 62 | relate_posts: နောက်ထပ်ဖတ်ရန် 63 | share: မျှဝေရန် 64 | button: 65 | next: အသစ်များ 66 | previous: အဟောင်းများ 67 | copy_code: 68 | succeed: ကူးယူလိုက်ပြီ။ 69 | share_link: 70 | title: လင့်ခ်ကို ကူးယူရန် 71 | succeed: လင့်ခ်ကို ကူးယူလိုက်ပြီ။ 72 | # pinned prompt of posts list on homepage 73 | pin_prompt: ချိတ်ထားသည်။ 74 | 75 | # categories page 76 | categories: 77 | category_measure: ကဏ္ဍများ 78 | post_measure: ပို့စ်များ 79 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_data/locales/ru-RU.yml: -------------------------------------------------------------------------------- 1 | # The layout text of site 2 | 3 | # ----- Commons label ----- 4 | 5 | layout: 6 | post: Публикация 7 | category: Категория 8 | tag: Тег 9 | 10 | # The tabs of sidebar 11 | tabs: 12 | # format: : 13 | home: Домашняя страница 14 | categories: Категории 15 | tags: Теги 16 | archives: Архив 17 | about: О сайте 18 | 19 | # the text displayed in the search bar & search results 20 | search: 21 | hint: поиск 22 | cancel: Отменить 23 | no_results: Ох! Ничего не найдено. 24 | 25 | panel: 26 | lastmod: Недавно обновлено 27 | trending_tags: Популярные теги 28 | toc: Содержание 29 | 30 | copyright: 31 | # Shown at the bottom of the post 32 | license: 33 | template: Публикация защищена лицензией :LICENSE_NAME. 34 | name: CC BY 4.0 35 | link: https://creativecommons.org/licenses/by/4.0/ 36 | 37 | # Displayed in the footer 38 | brief: Некоторые права защищены. 39 | verbose: >- 40 | Публикации на сайте защищены лицензией Creative Commons Attribution 4.0 International (CC BY 4.0), 41 | если в тексте публикации не указано иное. 42 | 43 | meta: Powered by :PLATFORM with :THEME theme. 44 | 45 | not_found: 46 | statment: Извините, эта ссылка указывает на ресурс который не существует. 47 | hint_template: :HEAD_BAK чтобы снова осуществить поиск, или поищите :ARCHIVES_PAGE. 48 | head_back: Вернитесь на домашнюю страницу 49 | archives_page: архиве 50 | 51 | # ----- Posts related labels ----- 52 | 53 | post: 54 | written_by: Автор 55 | posted: Время публикации 56 | updated: Обновлено 57 | words: слов 58 | pageview_measure: просмотров 59 | read_time: 60 | unit: минут 61 | prompt: чтения 62 | relate_posts: Вам также может быть интересно 63 | share: Поделиться 64 | button: 65 | next: Предыдущая публикация 66 | previous: Следующая публикация 67 | copy_code: 68 | succeed: Скопировано успешно! 69 | share_link: 70 | title: Скопировать ссылку 71 | succeed: Ссылка успешно скопирована! 72 | # pinned prompt of posts list on homepage 73 | pin_prompt: Закреплено 74 | 75 | # categories page 76 | categories: 77 | category_measure: категории 78 | post_measure: публикации 79 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_data/locales/uk-UA.yml: -------------------------------------------------------------------------------- 1 | # The layout text of site 2 | 3 | # ----- Commons label ----- 4 | 5 | layout: 6 | post: Публікація 7 | category: Категорія 8 | tag: Тег 9 | 10 | # The tabs of sidebar 11 | tabs: 12 | # format: : 13 | home: Домашня сторінка 14 | categories: Категорії 15 | tags: Теги 16 | archives: Архів 17 | about: Про сайт 18 | 19 | # the text displayed in the search bar & search results 20 | search: 21 | hint: пошук 22 | cancel: Скасувати 23 | no_results: Ох! Нічого не знайдено. 24 | 25 | panel: 26 | lastmod: Нещодавно оновлено 27 | trending_tags: Популярні теги 28 | toc: Зміст 29 | 30 | copyright: 31 | # Shown at the bottom of the post 32 | license: 33 | template: Публікація захищена ліцензією :LICENSE_NAME. 34 | name: CC BY 4.0 35 | link: https://creativecommons.org/licenses/by/4.0/ 36 | 37 | # Displayed in the footer 38 | brief: Деякі права захищено. 39 | verbose: >- 40 | Публікації на сайті захищено ліцензією Creative Commons Attribution 4.0 International (CC BY 4.0), 41 | якщо інше не вказано в тексті. 42 | 43 | meta: Powered by :PLATFORM with :THEME theme. 44 | 45 | not_found: 46 | statment: Вибачте, це посилання вказує на ресурс, що не існує. 47 | hint_template: :HEAD_BAK аби здійснити пошук, або пошукайте в :ARCHIVES_PAGE. 48 | head_back: Поверніться на домашню сторінку 49 | archives_page: архіві 50 | 51 | # ----- Posts related labels ----- 52 | 53 | post: 54 | written_by: Автор 55 | posted: Час публікації 56 | updated: Оновлено 57 | words: слів 58 | pageview_measure: переглядів 59 | read_time: 60 | unit: хвилин 61 | prompt: читання 62 | relate_posts: Вас також може зацікавити 63 | share: Поділитися 64 | button: 65 | next: Попередня публікація 66 | previous: Наступна публікація 67 | copy_code: 68 | succeed: Успішно скопійовано! 69 | share_link: 70 | title: Скопіювати посилання 71 | succeed: Посилання успішно скопійовано! 72 | # pinned prompt of posts list on homepage 73 | pin_prompt: Закріплено 74 | 75 | # categories page 76 | categories: 77 | category_measure: категорії 78 | post_measure: публікації 79 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_data/locales/zh-CN.yml: -------------------------------------------------------------------------------- 1 | # The layout text of site 2 | 3 | # ----- Commons label ----- 4 | 5 | layout: 6 | post: 文章 7 | category: 分类 8 | tag: 标签 9 | 10 | # The tabs of sidebar 11 | tabs: 12 | # format: : 13 | home: 首页 14 | categories: 分类 15 | tags: 标签 16 | archives: 归档 17 | about: 关于 18 | 19 | # the text displayed in the search bar & search results 20 | search: 21 | hint: 搜索 22 | cancel: 取消 23 | no_results: 搜索结果为空 24 | 25 | panel: 26 | lastmod: 最近更新 27 | trending_tags: 热门标签 28 | toc: 文章内容 29 | 30 | copyright: 31 | # Shown at the bottom of the post 32 | license: 33 | template: 本文由作者按照 :LICENSE_NAME 进行授权 34 | name: CC BY 4.0 35 | link: https://creativecommons.org/licenses/by/4.0/ 36 | 37 | # Displayed in the footer 38 | brief: 保留部分权利。 39 | verbose: >- 40 | 除非另有说明,本网站上的博客文章均由作者按照知识共享署名 4.0 国际 (CC BY 4.0) 许可协议进行授权。 41 | 42 | meta: 本站由 :PLATFORM 生成,采用 :THEME 主题。 43 | 44 | not_found: 45 | statment: 抱歉,我们放错了该 URL,或者它指向了不存在的内容。 46 | hint_template: :HEAD_BAK尝试再次查找它,或在:ARCHIVES_PAGE上搜索它。 47 | head_back: 返回主页 48 | archives_page: 归档页面 49 | 50 | # ----- Posts related labels ----- 51 | 52 | post: 53 | written_by: 作者 54 | posted: 发表于 55 | updated: 更新于 56 | words: 字 57 | pageview_measure: 次浏览 58 | read_time: 59 | unit: 分钟 60 | prompt: 阅读 61 | relate_posts: 相关文章 62 | share: 分享 63 | button: 64 | next: 下一篇 65 | previous: 上一篇 66 | copy_code: 67 | succeed: 已复制! 68 | share_link: 69 | title: 分享链接 70 | succeed: 链接已复制! 71 | # pinned prompt of posts list on homepage 72 | pin_prompt: 顶置 73 | 74 | # categories page 75 | categories: 76 | category_measure: 个分类 77 | post_measure: 篇文章 78 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_data/share.yml: -------------------------------------------------------------------------------- 1 | # Sharing options at the bottom of the post. 2 | # Icons from 3 | 4 | platforms: 5 | - 6 | type: Twitter 7 | icon: "fab fa-twitter" 8 | link: "https://twitter.com/intent/tweet?text=TITLE&url=URL" 9 | - 10 | type: Facebook 11 | icon: "fab fa-facebook-square" 12 | link: "https://www.facebook.com/sharer/sharer.php?title=TITLE&u=URL" 13 | - 14 | type: Telegram 15 | icon: "fab fa-telegram" 16 | link: "https://t.me/share/url?url=URL&text=TITLE" 17 | 18 | # Uncomment below if you need to. 19 | # - 20 | # type: Linkedin 21 | # icon: "fab fa-linkedin" 22 | # link: "https://www.linkedin.com/sharing/share-offsite/?url=URL" 23 | # 24 | # - 25 | # type: Weibo 26 | # icon: "fab fa-weibo" 27 | # link: "http://service.weibo.com/share/share.php?title=TITLE&url=URL" 28 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_plugins/posts-lastmod-hook.rb: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | # 3 | # Check for changed posts 4 | 5 | Jekyll::Hooks.register :posts, :post_init do |post| 6 | 7 | commit_num = `git rev-list --count HEAD "#{ post.path }"` 8 | 9 | if commit_num.to_i > 1 10 | lastmod_date = `git log -1 --pretty="%ad" --date=iso "#{ post.path }"` 11 | post.data['last_modified_at'] = lastmod_date 12 | end 13 | 14 | end 15 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_posts/2022-05-22-hello-homelab.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Hello HomeLab 3 | date: 2022-05-21 12:00:00 -500 4 | categories: [homelab, hardware] 5 | tags: [servers,dell,hp,supermicro] # TAG names should always be lowercase 6 | --- 7 | 8 | # Welcome 9 | 10 | Hello and welcome to my homelab docs site! 11 | 12 | Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book. It has survived not only five centuries, but also the leap into electronic typesetting, remaining essentially unchanged. It was popularised in the 1960s with the release of Letraset sheets containing Lorem Ipsum passages, and more recently with desktop publishing software like Aldus PageMaker including versions of Lorem Ipsum. 13 | 14 | ## Hardware 15 | 16 | It has survived not only five centuries, but also the leap into electronic typesetting, remaining essentially unchanged. It was popularised in the 1960s with the release of Letraset sheets containing Lorem Ipsum passages, and more recently with desktop publishing software like Aldus PageMaker including versions of Lorem Ipsum. 17 | 18 | * one 19 | * two 20 | * three 21 | * four 22 | 23 | ```javascript 24 | console.log('hello world!'); 25 | ``` 26 | 27 | ```yml 28 | name: 'push-remote' 29 | 30 | on: 31 | push: 32 | branches: 33 | - master 34 | paths-ignore: 35 | - .gitignore 36 | - README.md 37 | - LICENSE 38 | ``` 39 | 40 | ```bash 41 | sudo apt update && sudo apt upgrade 42 | ``` 43 | 44 | 45 | ## Photos 46 | 47 | ![img-description](https://pbs.twimg.com/media/FJAFshwXoAEf9HV?format=jpg&name=large) 48 | _My Lab_ -------------------------------------------------------------------------------- /demos/jekyll-demo/_tabs/about.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: About 3 | icon: fas fa-info-circle 4 | order: 4 5 | --- 6 | 7 | > Add Markdown syntax content to file `_tabs/about.md`{: .filepath } and it will show up on this page. 8 | {: .prompt-tip } 9 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_tabs/archives.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: archives 3 | title: Archives 4 | icon: fas fa-archive 5 | order: 3 6 | --- 7 | 8 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_tabs/categories.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: categories 3 | title: Categories 4 | icon: fas fa-stream 5 | order: 1 6 | --- 7 | -------------------------------------------------------------------------------- /demos/jekyll-demo/_tabs/tags.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: tags 3 | title: Tags 4 | icon: fas fa-tag 5 | order: 2 6 | --- 7 | -------------------------------------------------------------------------------- /demos/jekyll-demo/index.html: -------------------------------------------------------------------------------- 1 | --- 2 | layout: home 3 | # Index page 4 | --- 5 | -------------------------------------------------------------------------------- /demos/jekyll-demo/tools/deploy.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # 3 | # Build, test and then deploy the site content to 'origin/' 4 | # 5 | # Requirement: html-proofer, jekyll 6 | # 7 | # Usage: See help information 8 | 9 | set -eu 10 | 11 | PAGES_BRANCH="gh-pages" 12 | 13 | SITE_DIR="_site" 14 | 15 | _opt_dry_run=false 16 | 17 | _config="_config.yml" 18 | 19 | _no_pages_branch=false 20 | 21 | _backup_dir="$(mktemp -d)" 22 | 23 | _baseurl="" 24 | 25 | help() { 26 | echo "Build, test and then deploy the site content to 'origin/'" 27 | echo 28 | echo "Usage:" 29 | echo 30 | echo " bash ./tools/deploy.sh [options]" 31 | echo 32 | echo "Options:" 33 | echo ' -c, --config "" Specify config file(s)' 34 | echo " --dry-run Build site and test, but not deploy" 35 | echo " -h, --help Print this information." 36 | } 37 | 38 | init() { 39 | if [[ -z ${GITHUB_ACTION+x} && $_opt_dry_run == 'false' ]]; then 40 | echo "ERROR: It is not allowed to deploy outside of the GitHub Action envrionment." 41 | echo "Type option '-h' to see the help information." 42 | exit -1 43 | fi 44 | 45 | _baseurl="$(grep '^baseurl:' _config.yml | sed "s/.*: *//;s/['\"]//g;s/#.*//")" 46 | } 47 | 48 | build() { 49 | # clean up 50 | if [[ -d $SITE_DIR ]]; then 51 | rm -rf "$SITE_DIR" 52 | fi 53 | 54 | # build 55 | JEKYLL_ENV=production bundle exec jekyll b -d "$SITE_DIR$_baseurl" --config "$_config" 56 | } 57 | 58 | test() { 59 | bundle exec htmlproofer \ 60 | --disable-external \ 61 | --check-html \ 62 | --allow_hash_href \ 63 | "$SITE_DIR" 64 | } 65 | 66 | resume_site_dir() { 67 | if [[ -n $_baseurl ]]; then 68 | # Move the site file to the regular directory '_site' 69 | mv "$SITE_DIR$_baseurl" "${SITE_DIR}-rename" 70 | rm -rf "$SITE_DIR" 71 | mv "${SITE_DIR}-rename" "$SITE_DIR" 72 | fi 73 | } 74 | 75 | setup_gh() { 76 | if [[ -z $(git branch -av | grep "$PAGES_BRANCH") ]]; then 77 | _no_pages_branch=true 78 | git checkout -b "$PAGES_BRANCH" 79 | else 80 | git checkout "$PAGES_BRANCH" 81 | fi 82 | } 83 | 84 | backup() { 85 | mv "$SITE_DIR"/* "$_backup_dir" 86 | mv .git "$_backup_dir" 87 | 88 | # When adding custom domain from Github website, 89 | # the CANME only exist on `gh-pages` branch 90 | if [[ -f CNAME ]]; then 91 | mv CNAME "$_backup_dir" 92 | fi 93 | } 94 | 95 | flush() { 96 | rm -rf ./* 97 | rm -rf .[^.] .??* 98 | 99 | shopt -s dotglob nullglob 100 | mv "$_backup_dir"/* . 101 | [[ -f ".nojekyll" ]] || echo "" >".nojekyll" 102 | } 103 | 104 | deploy() { 105 | git config --global user.name "GitHub Actions" 106 | git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" 107 | 108 | git update-ref -d HEAD 109 | git add -A 110 | git commit -m "[Automation] Site update No.${GITHUB_RUN_NUMBER}" 111 | 112 | if $_no_pages_branch; then 113 | git push -u origin "$PAGES_BRANCH" 114 | else 115 | git push -f 116 | fi 117 | } 118 | 119 | main() { 120 | init 121 | build 122 | test 123 | resume_site_dir 124 | 125 | if $_opt_dry_run; then 126 | exit 0 127 | fi 128 | 129 | setup_gh 130 | backup 131 | flush 132 | deploy 133 | } 134 | 135 | while (($#)); do 136 | opt="$1" 137 | case $opt in 138 | -c | --config) 139 | _config="$2" 140 | shift 141 | shift 142 | ;; 143 | --dry-run) 144 | # build & test, but not deploy 145 | _opt_dry_run=true 146 | shift 147 | ;; 148 | -h | --help) 149 | help 150 | exit 0 151 | ;; 152 | *) 153 | # unknown option 154 | help 155 | exit 1 156 | ;; 157 | esac 158 | done 159 | 160 | main 161 | -------------------------------------------------------------------------------- /docker/BotsPlusPlus/README.md: -------------------------------------------------------------------------------- 1 | # BotsPlusPlus 2 | 3 | -------------------------------------------------------------------------------- /docker/BotsPlusPlus/wow-auth/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3" 3 | services: 4 | wow-auth: 5 | image: timothystewart6/botsplusplus-authserver:latest 6 | container_name: wow-auth 7 | environment: 8 | - DB_HOST=database.local.example.com 9 | - DB_PORT=33307 10 | volumes: 11 | - ./wow-auth/opt/trinitycore/etc:/opt/trinitycore/etc/ 12 | - ./wow-auth/opt/trinitycore/logs:/opt/trinitycore/logs/ 13 | ports: 14 | - 3724:3724 15 | restart: unless-stopped 16 | security_opt: 17 | - no-new-privileges:true 18 | -------------------------------------------------------------------------------- /docker/BotsPlusPlus/wow-auth/opt/trinitycore/bin/README.md: -------------------------------------------------------------------------------- 1 | empty 2 | -------------------------------------------------------------------------------- /docker/BotsPlusPlus/wow-auth/opt/trinitycore/etc/authserver.conf: -------------------------------------------------------------------------------- 1 | ############################################### 2 | # Trinity Core Auth Server configuration file # 3 | ############################################### 4 | [authserver] 5 | 6 | ################################################################################################### 7 | # SECTION INDEX 8 | # 9 | # EXAMPLE CONFIG 10 | # AUTH SERVER SETTINGS 11 | # MYSQL SETTINGS 12 | # UPDATE SETTINGS 13 | # LOGGING SYSTEM SETTINGS 14 | # 15 | ################################################################################################### 16 | 17 | ################################################################################################### 18 | # EXAMPLE CONFIG 19 | # 20 | # Variable 21 | # Description: Brief description what the variable is doing. 22 | # Important: Annotation for important things about this variable. 23 | # Example: "Example, i.e. if the value is a string" 24 | # Default: 10 - (Enabled|Comment|Variable name in case of grouped config options) 25 | # 0 - (Disabled|Comment|Variable name in case of grouped config options) 26 | # 27 | # Note to developers: 28 | # - Copy this example to keep the formatting. 29 | # - Line breaks should be at column 100. 30 | ################################################################################################### 31 | 32 | ################################################################################################### 33 | # AUTH SERVER SETTINGS 34 | # 35 | # LogsDir 36 | # Description: Logs directory setting. 37 | # Important: LogsDir needs to be quoted, as the string might contain space characters. 38 | # Logs directory must exists, or log file creation will be disabled. 39 | # Default: "" - (Log files will be stored in the current path) 40 | 41 | LogsDir = "../logs" 42 | 43 | # 44 | # MaxPingTime 45 | # Description: Time (in minutes) between database pings. 46 | # Default: 30 47 | 48 | MaxPingTime = 30 49 | 50 | # 51 | # RealmServerPort 52 | # Description: TCP port to reach the auth server. 53 | # Default: 3724 54 | 55 | RealmServerPort = 3724 56 | 57 | # 58 | # 59 | # BindIP 60 | # Description: Bind auth server to IP/hostname 61 | # Default: "0.0.0.0" - (Bind to all IPs on the system) 62 | 63 | BindIP = "0.0.0.0" 64 | 65 | # 66 | # PidFile 67 | # Description: Auth server PID file. 68 | # Example: "./authserver.pid" - (Enabled) 69 | # Default: "" - (Disabled) 70 | 71 | PidFile = "" 72 | 73 | # 74 | # UseProcessors 75 | # Description: Processors mask for Windows and Linux based multi-processor systems. 76 | # Example: A computer with 2 CPUs: 77 | # 1 - 1st CPU only, 2 - 2nd CPU only, 3 - 1st and 2nd CPU, because 1 | 2 is 3 78 | # Default: 0 - (Selected by OS) 79 | # 1+ - (Bit mask value of selected processors) 80 | 81 | UseProcessors = 0 82 | 83 | # 84 | # ProcessPriority 85 | # Description: Process priority setting for Windows and Linux based systems. 86 | # Details: On Linux, a nice value of -15 is used. (requires superuser). On Windows, process is set to HIGH class. 87 | # Default: 0 - (Normal) 88 | # 1 - (High) 89 | 90 | ProcessPriority = 0 91 | 92 | # 93 | # RealmsStateUpdateDelay 94 | # Description: Time (in seconds) between realm list updates. 95 | # Default: 20 - (Enabled) 96 | # 0 - (Disabled) 97 | 98 | RealmsStateUpdateDelay = 20 99 | 100 | # 101 | # WrongPass.MaxCount 102 | # Description: Number of login attemps with wrong password before the account or IP will be 103 | # banned. 104 | # Default: 0 - (Disabled) 105 | # 1+ - (Enabled) 106 | 107 | WrongPass.MaxCount = 10 108 | 109 | # 110 | # WrongPass.BanTime 111 | # Description: Time (in seconds) for banning account or IP for invalid login attempts. 112 | # Default: 600 - (10 minutes) 113 | # 0 - (Permanent ban) 114 | 115 | WrongPass.BanTime = 600 116 | 117 | # 118 | # WrongPass.BanType 119 | # Description: Ban type for invalid login attempts. 120 | # Default: 0 - (Ban IP) 121 | # 1 - (Ban Account) 122 | 123 | WrongPass.BanType = 0 124 | 125 | # 126 | # WrongPass.Logging 127 | # Description: Additionally log attempted wrong password logging 128 | # Default: 0 - (Disabled) 129 | # 1 - (Enabled) 130 | 131 | WrongPass.Logging = 1 132 | 133 | # 134 | # BanExpiryCheckInterval 135 | # Description: Time (in seconds) between checks for expired bans 136 | # Default: 60 137 | 138 | BanExpiryCheckInterval = 60 139 | 140 | # 141 | # SourceDirectory 142 | # Description: The path to your TrinityCore source directory. 143 | # If the path is left empty, the built-in CMAKE_SOURCE_DIR is used. 144 | # Example: "../TrinityCore" 145 | # Default: "" 146 | 147 | SourceDirectory = "" 148 | 149 | # 150 | # MySQLExecutable 151 | # Description: The path to your mysql cli binary. 152 | # If the path is left empty, built-in path from cmake is used. 153 | # Example: "C:/Program Files/MySQL/MySQL Server 5.6/bin/mysql.exe" 154 | # "mysql.exe" 155 | # "/usr/bin/mysql" 156 | # Default: "" 157 | 158 | MySQLExecutable = "" 159 | 160 | # 161 | ################################################################################################### 162 | 163 | ################################################################################################### 164 | # MYSQL SETTINGS 165 | # 166 | # LoginDatabaseInfo 167 | # Description: Database connection settings for the realm server. 168 | # Example: "hostname;port;username;password;database" 169 | # ".;somenumber;username;password;database" - (Use named pipes on Windows 170 | # "enable-named-pipe" to [mysqld] 171 | # section my.ini) 172 | # ".;/path/to/unix_socket;username;password;database" - (use Unix sockets on 173 | # Unix/Linux) 174 | # Default: "127.0.0.1;3306;trinity;trinity;auth" 175 | 176 | LoginDatabaseInfo = "data;33307;somedatabaseuser;somedatabasepassword;wow_auth_db" 177 | 178 | # 179 | # LoginDatabase.WorkerThreads 180 | # Description: The amount of worker threads spawned to handle asynchronous (delayed) MySQL 181 | # statements. Each worker thread is mirrored with its own connection to the 182 | # MySQL server and their own thread on the MySQL server. 183 | # Default: 1 184 | 185 | LoginDatabase.WorkerThreads = 1 186 | 187 | # 188 | # LoginDatabase.SynchThreads 189 | # Description: The amount of MySQL connections spawned to handle. 190 | # Default: 1 - (LoginDatabase.WorkerThreads) 191 | 192 | LoginDatabase.SynchThreads = 1 193 | 194 | # 195 | ################################################################################################### 196 | 197 | ################################################################################################### 198 | # UPDATE SETTINGS 199 | # 200 | # Updates.EnableDatabases 201 | # Description: A mask that describes which databases shall be updated. 202 | # 203 | # Following flags are available 204 | # DATABASE_LOGIN = 1, // Auth database 205 | # 206 | # Default: 0 - (All Disabled) 207 | # 1 - (All Enabled) 208 | 209 | Updates.EnableDatabases = 0 210 | 211 | # 212 | # Updates.AutoSetup 213 | # Description: Auto populate empty databases. 214 | # Default: 1 - (Enabled) 215 | # 0 - (Disabled) 216 | 217 | Updates.AutoSetup = 1 218 | 219 | # 220 | # Updates.Redundancy 221 | # Description: Perform data redundancy checks through hashing 222 | # to detect changes on sql updates and reapply it. 223 | # Default: 1 - (Enabled) 224 | # 0 - (Disabled) 225 | 226 | Updates.Redundancy = 1 227 | 228 | # 229 | # Updates.ArchivedRedundancy 230 | # Description: Check hashes of archived updates (slows down startup). 231 | # Default: 0 - (Disabled) 232 | # 1 - (Enabled) 233 | 234 | Updates.ArchivedRedundancy = 0 235 | 236 | # 237 | # Updates.AllowRehash 238 | # Description: Inserts the current file hash in the database if it is left empty. 239 | # Useful if you want to mark a file as applied but you don't know its hash. 240 | # Default: 1 - (Enabled) 241 | # 0 - (Disabled) 242 | 243 | Updates.AllowRehash = 1 244 | 245 | # 246 | # Updates.CleanDeadRefMaxCount 247 | # Description: Cleans dead/ orphaned references that occur if an update was removed or renamed and edited in one step. 248 | # It only starts the clean up if the count of the missing updates is below or equal the Updates.CleanDeadRefMaxCount value. 249 | # This way prevents erasing of the update history due to wrong source directory state (maybe wrong branch or bad revision). 250 | # Disable this if you want to know if the database is in a possible "dirty state". 251 | # Default: 3 - (Enabled) 252 | # 0 - (Disabled) 253 | # -1 - (Enabled - unlimited) 254 | 255 | Updates.CleanDeadRefMaxCount = 3 256 | 257 | # 258 | ################################################################################################### 259 | 260 | ################################################################################################### 261 | # 262 | # LOGGING SYSTEM SETTINGS 263 | # 264 | # Appender config values: Given a appender "name" 265 | # Appender.name 266 | # Description: Defines 'where to log' 267 | # Format: Type,LogLevel,Flags,optional1,optional2,optional3 268 | # 269 | # Type 270 | # 0 - (None) 271 | # 1 - (Console) 272 | # 2 - (File) 273 | # 3 - (DB) 274 | # 275 | # LogLevel 276 | # 0 - (Disabled) 277 | # 1 - (Trace) 278 | # 2 - (Debug) 279 | # 3 - (Info) 280 | # 4 - (Warn) 281 | # 5 - (Error) 282 | # 6 - (Fatal) 283 | # 284 | # Flags: 285 | # 0 - None 286 | # 1 - Prefix Timestamp to the text 287 | # 2 - Prefix Log Level to the text 288 | # 4 - Prefix Log Filter type to the text 289 | # 8 - Append timestamp to the log file name. Format: YYYY-MM-DD_HH-MM-SS (Only used with Type = 2) 290 | # 16 - Make a backup of existing file before overwrite (Only used with Mode = w) 291 | # 292 | # Colors (read as optional1 if Type = Console) 293 | # Format: "fatal error warn info debug trace" 294 | # 0 - BLACK 295 | # 1 - RED 296 | # 2 - GREEN 297 | # 3 - BROWN 298 | # 4 - BLUE 299 | # 5 - MAGENTA 300 | # 6 - CYAN 301 | # 7 - GREY 302 | # 8 - YELLOW 303 | # 9 - LRED 304 | # 10 - LGREEN 305 | # 11 - LBLUE 306 | # 12 - LMAGENTA 307 | # 13 - LCYAN 308 | # 14 - WHITE 309 | # Example: "13 11 9 5 3 1" 310 | # 311 | # File: Name of the file (read as optional1 if Type = File) 312 | # Allows to use one "%s" to create dynamic files 313 | # 314 | # Mode: Mode to open the file (read as optional2 if Type = File) 315 | # a - (Append) 316 | # w - (Overwrite) 317 | # 318 | # MaxFileSize: Maximum file size of the log file before creating a new log file 319 | # (read as optional3 if Type = File) 320 | # Size is measured in bytes expressed in a 64-bit unsigned integer. 321 | # Maximum value is 4294967295 (4 gb). Leave blank for no limit. 322 | # NOTE: Does not work with dynamic filenames. 323 | # Example: 536870912 (512 mb) 324 | # 325 | 326 | # Format: Type,LogLevel,Flags,optional1,optional2,optional3 327 | 328 | Appender.Console=1,2,0 329 | Appender.Auth=2,2,1,Auth.log,a 330 | 331 | # Logger config values: Given a logger "name" 332 | # Logger.name 333 | # Description: Defines 'What to log' 334 | # Format: LogLevel,AppenderList 335 | # 336 | # LogLevel 337 | # 0 - (Disabled) 338 | # 1 - (Trace) 339 | # 2 - (Debug) 340 | # 3 - (Info) 341 | # 4 - (Warn) 342 | # 5 - (Error) 343 | # 6 - (Fatal) 344 | # 345 | # AppenderList: List of appenders linked to logger 346 | # (Using spaces as separator). 347 | # 348 | 349 | Logger.root=3,Console Auth 350 | 351 | # 352 | ################################################################################################### 353 | -------------------------------------------------------------------------------- /docker/BotsPlusPlus/wow-auth/opt/trinitycore/logs/README.md: -------------------------------------------------------------------------------- 1 | empty 2 | -------------------------------------------------------------------------------- /docker/BotsPlusPlus/wow-world/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3" 3 | services: 4 | wow-world: 5 | image: timothystewart6/botsplusplus-worldserver:latest 6 | container_name: wow-world 7 | environment: 8 | - DB_HOST=database.local.example.com 9 | - DB_PORT=33307 10 | volumes: 11 | - ./wow-world/opt/trinitycore/etc:/opt/trinitycore/etc/ 12 | - ./wow-world/opt/trinitycore/bin/cameras:/opt/trinitycore/bin/cameras 13 | - ./wow-world/opt/trinitycore/bin/dbc:/opt/trinitycore/bin/dbc 14 | - ./wow-world/opt/trinitycore/bin/maps:/opt/trinitycore/bin/maps 15 | - ./wow-world/opt/trinitycore/bin/mmaps:/opt/trinitycore/bin/mmaps 16 | - ./wow-world/opt/trinitycore/bin/vmaps:/opt/trinitycore/bin/vmaps 17 | - ./wow-world/opt/trinitycore/logs:/opt/trinitycore/logs/ 18 | ports: 19 | - 8085:8085 20 | restart: unless-stopped 21 | security_opt: 22 | - no-new-privileges:true 23 | -------------------------------------------------------------------------------- /docker/BotsPlusPlus/wow-world/opt/trinitycore/bin/README.md: -------------------------------------------------------------------------------- 1 | buildings 2 | cameras 3 | dbc 4 | maps 5 | mmaps 6 | vmaps 7 | -------------------------------------------------------------------------------- /docker/BotsPlusPlus/wow-world/opt/trinitycore/logs/README.md: -------------------------------------------------------------------------------- 1 | empty 2 | -------------------------------------------------------------------------------- /docker/authelia/README.md: -------------------------------------------------------------------------------- 1 | # authelia 2 | 3 | Documentation [here](https://technotim.live/posts/authelia-traefik/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=u6H-Qwf4nZA) -------------------------------------------------------------------------------- /docker/authelia/configuration.yml: -------------------------------------------------------------------------------- 1 | --- 2 | ############################################################### 3 | # Authelia configuration # 4 | ############################################################### 5 | 6 | server: 7 | host: 0.0.0.0 8 | port: 9091 9 | log: 10 | level: debug 11 | theme: dark 12 | # This secret can also be set using the env variables AUTHELIA_JWT_SECRET_FILE 13 | jwt_secret: a_very_important_secret 14 | default_redirection_url: https://auth.local.example.com 15 | totp: 16 | issuer: authelia.com 17 | 18 | # duo_api: 19 | # hostname: api-123456789.example.com 20 | # integration_key: ABCDEF 21 | # # This secret can also be set using the env variables AUTHELIA_DUO_API_SECRET_KEY_FILE 22 | # secret_key: 1234567890abcdefghifjkl 23 | 24 | authentication_backend: 25 | file: 26 | path: /config/users_database.yml 27 | password: 28 | algorithm: argon2 29 | # Recommended Parameters 30 | # Uses 2 GiB memory, then immediately releases it. 31 | # See https://www.authelia.com/reference/guides/passwords/#recommended-parameters-argon2 32 | # See https://www.rfc-editor.org/rfc/rfc9106.html#section-4 for details on tuning the parameters for your hardware. 33 | # After saving configuration file, password hash can be generated by running: docker run -v ./configuration.yml:/configuration.yml --rm authelia/authelia:latest authelia crypto hash generate --config /configuration.yml --password 'yourpassword' 34 | argon2: 35 | variant: argon2id 36 | iterations: 1 37 | memory: 2097152 38 | parallelism: 4 39 | key_length: 32 40 | salt_length: 16 41 | # Recommended Parameters when constrained by low memory or low powered hardware. Uses 64 KiB memory, then immediately releases it. 42 | # argon2: 43 | # variant: argon2id 44 | # iterations: 3 45 | # memory: 65536 46 | # parallelism: 4 47 | # key_length: 32 48 | # salt_length: 16 49 | 50 | access_control: 51 | default_policy: deny 52 | rules: 53 | # Rules applied to everyone 54 | - domain: public.example.com 55 | policy: bypass 56 | - domain: heimdall.local.example.com 57 | policy: one_factor 58 | - domain: pve1.local.example.com 59 | policy: two_factor 60 | 61 | session: 62 | name: authelia_session 63 | # This secret can also be set using the env variables AUTHELIA_SESSION_SECRET_FILE 64 | secret: unsecure_session_secret 65 | expiration: 3600 # 1 hour 66 | inactivity: 300 # 5 minutes 67 | domain: example.com # Should match whatever your root protected domain is 68 | 69 | # redis: 70 | # host: redis 71 | # port: 6379 72 | # # This secret can also be set using the env variables AUTHELIA_SESSION_REDIS_PASSWORD_FILE 73 | # # password: authelia 74 | 75 | regulation: 76 | max_retries: 3 77 | find_time: 120 78 | ban_time: 300 79 | 80 | storage: 81 | encryption_key: a_very_important_secret # Now required 82 | local: 83 | path: /config/db.sqlite3 84 | 85 | notifier: 86 | # smtp: 87 | # username: test 88 | # # This secret can also be set using the env variables AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE 89 | # password: password 90 | # host: mail.example.com 91 | # port: 25 92 | # sender: admin@example.com 93 | filesystem: 94 | filename: /config/notification.txt 95 | ... 96 | -------------------------------------------------------------------------------- /docker/authelia/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | authelia: 5 | image: authelia/authelia 6 | container_name: authelia 7 | volumes: 8 | - ./config:/config 9 | networks: 10 | - proxy 11 | labels: 12 | - 'traefik.enable=true' 13 | - 'traefik.http.routers.authelia.rule=Host(`auth.local.example.com`)' 14 | - 'traefik.http.routers.authelia.entrypoints=https' 15 | - 'traefik.http.routers.authelia.tls=true' 16 | - 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.local.example.com' 17 | - 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true' 18 | - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email' 19 | expose: 20 | - 9091 21 | restart: unless-stopped 22 | environment: 23 | - TZ=America/Chicago 24 | healthcheck: 25 | disable: true 26 | networks: 27 | proxy: 28 | external: true -------------------------------------------------------------------------------- /docker/authelia/users_database.yml: -------------------------------------------------------------------------------- 1 | --- 2 | ############################################################### 3 | # Users Database # 4 | ############################################################### 5 | 6 | # This file can be used if you do not have an LDAP set up. 7 | 8 | # List of users 9 | users: 10 | username: 11 | displayname: "Your Name" 12 | # Password is Authelia 13 | password: "$argon2id$v=19$m=65536,t=1,p=8$cUI4a0E3L1laYnRDUXl3Lw$ZsdsrdadaoVIaVj8NltA8x4qVOzT+/r5GF62/bT8OuAs" 14 | email: you@example.com 15 | groups: 16 | - admins 17 | - dev 18 | ... -------------------------------------------------------------------------------- /docker/broadlink-control/README.md: -------------------------------------------------------------------------------- 1 | # broadlink-control 2 | 3 | Documentation [here](https://technotim.live/posts/broadlink-control/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=4MJW29mR-Xc) -------------------------------------------------------------------------------- /docker/broadlink-control/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.1" 3 | services: 4 | broadlink-control: 5 | image: timothystewart6/techno-broadlink 6 | container_name: librespeed 7 | environment: 8 | - HOST_IP=your.docker.host.ip 9 | volumes: 10 | - /path/to/config:/app/connfig 11 | ports: 12 | - 10981:10981 13 | restart: unless-stopped 14 | network_mode: host -------------------------------------------------------------------------------- /docker/cloudflare/README.md: -------------------------------------------------------------------------------- 1 | # cloudflare -------------------------------------------------------------------------------- /docker/cloudflare/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | services: 3 | cloudflare-ddns: 4 | image: oznu/cloudflare-ddns:latest 5 | restart: always 6 | environment: 7 | - API_KEY=xxxxxxx 8 | - ZONE=example.com 9 | - SUBDOMAIN=subdomain 10 | - PROXIED=false -------------------------------------------------------------------------------- /docker/code-server/README.md: -------------------------------------------------------------------------------- 1 | # code-server 2 | 3 | Documentation [here](https://technotim.live/posts/code-server-self-host/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=_QwQnyoz_-w) -------------------------------------------------------------------------------- /docker/code-server/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.1" 3 | services: 4 | code-server: 5 | image: lscr.io/linuxserver/code-server 6 | container_name: code-server 7 | environment: 8 | - PUID=1000 9 | - PGID=1000 10 | - TZ=Europe/London 11 | - PASSWORD=password #optional 12 | - HASHED_PASSWORD= #optional 13 | - SUDO_PASSWORD=password #optional 14 | - SUDO_PASSWORD_HASH= #optional 15 | - PROXY_DOMAIN=code-server.my.domain #optional 16 | - DEFAULT_WORKSPACE=/config/workspace #optional 17 | volumes: 18 | - /path/to/appdata/config:/config 19 | ports: 20 | - 8443:8443 21 | restart: unless-stopped -------------------------------------------------------------------------------- /docker/crowdsec/README.md: -------------------------------------------------------------------------------- 1 | # crowdsec + traefik 2 | 3 | Documentation [here](https://technotim.live/posts/crowdsec-traefik/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=-GxUP6bNxF0) -------------------------------------------------------------------------------- /docker/crowdsec/config/acquis.yml: -------------------------------------------------------------------------------- 1 | filenames: 2 | - /var/log/traefik/* 3 | labels: 4 | type: traefik -------------------------------------------------------------------------------- /docker/crowdsec/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.8' 2 | services: 3 | crowdsec: 4 | image: crowdsecurity/crowdsec:latest 5 | container_name: crowdsec 6 | environment: 7 | GID: "${GID-1000}" 8 | COLLECTIONS: "crowdsecurity/linux crowdsecurity/traefik" 9 | # depends_on: #uncomment if running traefik in the same compose file 10 | # - 'traefik' 11 | volumes: 12 | - ./config/acquis.yaml:/etc/crowdsec/acquis.yaml 13 | - crowdsec-db:/var/lib/crowdsec/data/ 14 | - crowdsec-config:/etc/crowdsec/ 15 | - traefik_traefik-logs:/var/log/traefik/:ro 16 | networks: 17 | - proxy 18 | restart: unless-stopped 19 | 20 | bouncer-traefik: 21 | image: docker.io/fbonalair/traefik-crowdsec-bouncer:latest 22 | container_name: bouncer-traefik 23 | environment: 24 | CROWDSEC_BOUNCER_API_KEY: some-api-key 25 | CROWDSEC_AGENT_HOST: crowdsec:8080 26 | networks: 27 | - proxy # same network as traefik + crowdsec 28 | depends_on: 29 | - crowdsec 30 | restart: unless-stopped 31 | networks: 32 | proxy: 33 | external: true 34 | volumes: 35 | crowdsec-db: 36 | crowdsec-config: 37 | traefik_traefik-logs: # this will be the name of the volume from trarfic logs -------------------------------------------------------------------------------- /docker/custom-image/.dockerignore: -------------------------------------------------------------------------------- 1 | node_modules 2 | coverage 3 | npm-debug.log 4 | .DS_Store 5 | yarn-error.log 6 | .idea 7 | .vscode 8 | .yarn-cache 9 | 10 | **/password.txt -------------------------------------------------------------------------------- /docker/custom-image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM nginx:alpine 2 | COPY src/html /usr/share/nginx/html 3 | 4 | # ENV PRODUCTION=true 5 | 6 | # this is really just documentation 7 | # EXPOSE 80 8 | 9 | # nginx defaults to this command 10 | # CMD ["nginx", "-g", "daemon off;"] 11 | -------------------------------------------------------------------------------- /docker/custom-image/README.md: -------------------------------------------------------------------------------- 1 | # custom-image 2 | 3 | Documentation [here](https://technotim.live/posts/custom-docker-image/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=SnSH8Ht3MIc) -------------------------------------------------------------------------------- /docker/custom-image/ci/.gitlab-ci.yml: -------------------------------------------------------------------------------- 1 | # example ci pipeline 2 | stages: 3 | - docker 4 | docker_image_build_release: 5 | image: 6 | name: gcr.io/kaniko-project/executor:debug 7 | entrypoint: [""] 8 | stage: docker 9 | script: 10 | - mkdir -p /kaniko/.docker 11 | - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json 12 | - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination $CI_REGISTRY_IMAGE:latest 13 | -------------------------------------------------------------------------------- /docker/custom-image/ci/github.yml: -------------------------------------------------------------------------------- 1 | name: Build and Push to DockerHub and GHCR 2 | 3 | on: 4 | push: 5 | branches: 6 | - master 7 | 8 | jobs: 9 | build-and-push-docker-image: 10 | runs-on: ubuntu-latest 11 | steps: 12 | - 13 | name: Checkout 14 | uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # 3.0.2 15 | 16 | - 17 | name: Set up QEMU 18 | uses: docker/setup-qemu-action@8b122486cedac8393e77aa9734c3528886e4a1a8 # 2.0.0 19 | - 20 | name: Set up Docker Buildx 21 | uses: docker/setup-buildx-action@dc7b9719a96d48369863986a06765841d7ea23f6 # 2.0.0 22 | - 23 | name: Login to GitHub Container Registry 24 | uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b # 2.0.0 25 | with: 26 | registry: ghcr.io 27 | username: ${{ github.repository_owner }} 28 | password: ${{ secrets.PAT }} 29 | - 30 | name: Login to DockerHub 31 | uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b # 2.0.0 32 | with: 33 | username: ${{ secrets.DOCKERHUB_USERNAME }} 34 | password: ${{ secrets.DOCKERHUB_TOKEN }} 35 | - 36 | name: Build and push 37 | uses: docker/build-push-action@c84f38281176d4c9cdb1626ffafcd6b3911b5d94 # 3.1.1 38 | with: 39 | context: . 40 | file: ./Dockerfile 41 | platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 42 | push: true 43 | tags: | 44 | ghcr.io/your-org/custom-image:latest 45 | your-org/custom-image -------------------------------------------------------------------------------- /docker/custom-image/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.1" 3 | services: 4 | cust-image: 5 | container_name: custom-image 6 | build: 7 | context: ./ 8 | dockerfile: Dockerfile 9 | ports: 10 | - 80:80 11 | restart: unless-stopped -------------------------------------------------------------------------------- /docker/custom-image/src/html/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 |

Hello!

5 | 6 |

It works on my machine...

7 | 8 |

and works on every machine!

9 | 10 | -------------------------------------------------------------------------------- /docker/custom-image/src/html/password.txt: -------------------------------------------------------------------------------- 1 | some secret password 2 | (see .dockerignore) -------------------------------------------------------------------------------- /docker/custom-image/src/html/wave.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/techno-tim/launchpad/928bed1d961e8e3e34f5ef747cb4f004e34d3895/docker/custom-image/src/html/wave.png -------------------------------------------------------------------------------- /docker/custom-image/src/html/whale.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/techno-tim/launchpad/928bed1d961e8e3e34f5ef747cb4f004e34d3895/docker/custom-image/src/html/whale.png -------------------------------------------------------------------------------- /docker/duckdns/README.md: -------------------------------------------------------------------------------- 1 | # duckdns 2 | 3 | Documentation [here](https://technotim.live/posts/duck-dns/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=bVmUV1G5wpI) -------------------------------------------------------------------------------- /docker/duckdns/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.1" 3 | services: 4 | duckdns: 5 | image: lscr.io/linuxserver/duckdns 6 | container_name: duckdns 7 | environment: 8 | - PUID=1000 #optional 9 | - PGID=1000 #optional 10 | - TZ=Europe/London 11 | - SUBDOMAINS=subdomain1,subdomain2 12 | - TOKEN=token 13 | - LOG_FILE=false #optional 14 | volumes: 15 | - /path/to/appdata/config:/config #optional 16 | restart: unless-stopped -------------------------------------------------------------------------------- /docker/gatus/README.md: -------------------------------------------------------------------------------- 1 | # gatus 2 | 3 | Documentation [here](https://technotim.live/posts/gatus-uptime-monitoring/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=LeZQjWlDUHs) 6 | -------------------------------------------------------------------------------- /docker/gatus/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | services: 3 | gatus: 4 | image: twinproduction/gatus:latest 5 | restart: always 6 | ports: 7 | - "8080:8080" 8 | environment: 9 | - POSTGRES_USER=gatususer # postgres user with access to the database 10 | - POSTGRES_PASSWORD=gatuspassword # postgres user password 11 | - POSTGRES_DB=postgres-rw # db name 12 | volumes: 13 | - ./config:/config -------------------------------------------------------------------------------- /docker/gitlab-runner/README.md: -------------------------------------------------------------------------------- 1 | # gitlab-runner 2 | 3 | Documentation [here](https://technotim.live/posts/self-hosted-devops-stack/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=Xc94HJn1nNo) -------------------------------------------------------------------------------- /docker/gitlab-runner/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.1" 3 | services: 4 | gitlab-runner: 5 | image: gitlab/gitlab-runner:latest 6 | container_name: gitlab-runner 7 | environment: 8 | - TZ=America/Chicago 9 | volumes: 10 | - ./gitlab-runner:/etc/gitlab-runner 11 | - /var/run/docker.sock:/var/run/docker.sock 12 | restart: unless-stopped 13 | security_opt: 14 | - no-new-privileges:true -------------------------------------------------------------------------------- /docker/graylog/README.md: -------------------------------------------------------------------------------- 1 | # graylog 2 | 3 | 4 | ```bash 5 | mkdir data 6 | mkdir config 7 | ```` 8 | 9 | copy `./config` files to `config` folder 10 | 11 | 12 | 13 | ```bash 14 | chown -R 1100:1100 ./data 15 | chown -R 1100:1100 ./config 16 | ``` 17 | 18 | ```bash 19 | docker-compose up -d --force-recreate 20 | ``` -------------------------------------------------------------------------------- /docker/graylog/config/log4j2.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | -------------------------------------------------------------------------------- /docker/graylog/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | services: 3 | elasticsearch: 4 | image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2 5 | volumes: 6 | - ./elasticsearch/data:/usr/share/elasticsearch/data 7 | environment: 8 | - http.host=0.0.0.0 9 | - transport.host=localhost 10 | - network.host=0.0.0.0 11 | - "ES_JAVA_OPTS=-Xms512m -Xmx512m" 12 | ulimits: 13 | memlock: 14 | soft: -1 15 | hard: -1 16 | deploy: 17 | resources: 18 | limits: 19 | memory: 1g 20 | networks: 21 | - graylog 22 | restart: unless-stopped 23 | # Graylog: https://hub.docker.com/r/graylog/graylog/ 24 | graylog: 25 | image: graylog/graylog:4.1.1 26 | volumes: 27 | - ./graylog/data:/usr/share/graylog/data 28 | - ./graylog/config:/usr/share/graylog/data/config 29 | environment: 30 | # CHANGE ME (must be at least 16 characters)! 31 | - GRAYLOG_PASSWORD_SECRET=some-password 32 | # Password: admin 33 | - GRAYLOG_ROOT_PASSWORD_SHA2=some-password-sha 34 | - GRAYLOG_HTTP_EXTERNAL_URI=https://graylog.local.example.com/ 35 | - GRAYLOG_MONGODB_URI= mongodb://root:some-password@database.local.example.com:27017/graylog?authSource=admin 36 | entrypoint: /usr/bin/tini -- wait-for-it elasticsearch:9200 -- /docker-entrypoint.sh 37 | networks: 38 | - graylog 39 | - proxy 40 | labels: 41 | # if not using traefik, comment this out 42 | - "traefik.enable=true" 43 | - "traefik.http.routers.graylog.entrypoints=http" 44 | - "traefik.http.routers.graylog.rule=Host(`graylog.local.example.com`)" 45 | - "traefik.http.middlewares.graylog-https-redirect.redirectscheme.scheme=https" 46 | - "traefik.http.routers.graylog.middlewares=graylog-https-redirect" 47 | - "traefik.http.routers.graylog-secure.entrypoints=https" 48 | - "traefik.http.routers.graylog-secure.rule=Host(`graylog.local.example.com`)" 49 | - "traefik.http.routers.graylog-secure.tls=true" 50 | - "traefik.http.routers.graylog-secure.service=graylog" 51 | - "traefik.http.services.graylog.loadbalancer.server.port=9000" 52 | - "traefik.docker.network=proxy" 53 | restart: unless-stopped 54 | depends_on: 55 | # - mongo 56 | - elasticsearch 57 | ports: 58 | # Graylog web interface and REST API 59 | - 9000:9000 60 | # Syslog TCP 61 | - 1514:1514 62 | # Syslog UDP 63 | - 1514:1514/udp 64 | # GELF TCP 65 | - 12201:12201 66 | # GELF UDP 67 | - 12201:12201/udp 68 | networks: 69 | graylog: 70 | driver: bridge 71 | proxy: 72 | external: true -------------------------------------------------------------------------------- /docker/guacamole/README.md: -------------------------------------------------------------------------------- 1 | # guacamole 2 | 3 | Documentation [here](https://technotim.live/posts/guacamole-remote-access-gateway/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=LWdxhZyHT_8) 6 | 7 | Docker hub documentation [here](https://hub.docker.com/r/flcontainers/guacamole) -------------------------------------------------------------------------------- /docker/guacamole/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.1" 2 | services: 3 | guacamole: 4 | image: flcontainers/guacamole 5 | container_name: guacamole 6 | environment: 7 | TZ: 'UTC' 8 | volumes: 9 | - postgres:/config 10 | - /etc/localtime:/etc/localtime:ro 11 | ports: 12 | - 8080:8080 13 | volumes: 14 | postgres: 15 | driver: local -------------------------------------------------------------------------------- /docker/handbrake/README.md: -------------------------------------------------------------------------------- 1 | # handbrake 2 | 3 | Documentation [here](https://technotim.live/posts/handbrake-docker-k8s/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=vyrj6t8xjoQ) -------------------------------------------------------------------------------- /docker/handbrake/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.1' 2 | services: 3 | handbrake: 4 | image: jlesage/handbrake 5 | ports: 6 | - "5800:5800" 7 | volumes: 8 | - "/docker/appdata/handbrake:/config:rw" 9 | - "$HOME:/storage:ro" 10 | - "$HOME/HandBrake/watch:/watch:rw" 11 | - "$HOME/HandBrake/output:/output:rw" -------------------------------------------------------------------------------- /docker/heimdall/README.md: -------------------------------------------------------------------------------- 1 | # heimdall 2 | 3 | Documentation [here](https://technotim.live/posts/heimdall-dashboard/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=PA01Z6-z8Qs) -------------------------------------------------------------------------------- /docker/heimdall/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.1" 3 | services: 4 | heimdall: 5 | image: lscr.io/linuxserver/heimdall 6 | container_name: heimdall 7 | environment: 8 | - PUID=1000 9 | - PGID=1000 10 | - TZ=Europe/London 11 | volumes: 12 | - :/config 13 | ports: 14 | - 80:80 15 | - 443:443 16 | restart: unless-stopped -------------------------------------------------------------------------------- /docker/homeassistant/README.md: -------------------------------------------------------------------------------- 1 | # homeassistant 2 | 3 | Documentation [here](https://technotim.live/posts/home-assistant/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=DK_Gdtn_wvw) -------------------------------------------------------------------------------- /docker/homeassistant/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | services: 3 | homeassistant: 4 | container_name: homeassistant 5 | image: "ghcr.io/home-assistant/home-assistant:stable" 6 | volumes: 7 | - /PATH_TO_YOUR_CONFIG:/config 8 | - /etc/localtime:/etc/localtime:ro 9 | restart: unless-stopped 10 | privileged: true 11 | network_mode: host -------------------------------------------------------------------------------- /docker/homebridge/README.md: -------------------------------------------------------------------------------- 1 | # homebridge -------------------------------------------------------------------------------- /docker/homebridge/docker-compose.yml: -------------------------------------------------------------------------------- 1 | 2 | version: '3' 3 | services: 4 | homebridge: 5 | image: oznu/homebridge:ubuntu 6 | restart: always 7 | network_mode: host 8 | environment: 9 | - PGID=1000 10 | - PUID=1000 11 | - HOMEBRIDGE_CONFIG_UI=1 12 | - HOMEBRIDGE_CONFIG_UI_PORT=8581 13 | - TZ=Australia/Canberra 14 | volumes: 15 | - ./volumes/homebridge:/homebridge -------------------------------------------------------------------------------- /docker/homepage/README.md: -------------------------------------------------------------------------------- 1 | # homepage 2 | 3 | Documentation [here](https://technotim.live/posts/homepage-dashboard/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=mC3tjysJ01E) 6 | -------------------------------------------------------------------------------- /docker/homepage/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.3" 2 | services: 3 | homepage: 4 | image: ghcr.io/gethomepage/homepage:latest 5 | container_name: homepage 6 | ports: 7 | - 3000:3000 8 | env_file: .env # use .env 9 | volumes: 10 | - /path/to/config:/app/config # Make sure your local config directory exists, see docs for full example 11 | - /var/run/docker.sock:/var/run/docker.sock # (optional) For docker integrations, see alternative methods 12 | environment: 13 | PUID: $PUID # read them from .env 14 | PGID: $PGID # read them from .env -------------------------------------------------------------------------------- /docker/librespeed/README.md: -------------------------------------------------------------------------------- 1 | # librespeed 2 | 3 | Documentation [here](https://technotim.live/posts/librespeed/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=FWhsEsh1P3Y) -------------------------------------------------------------------------------- /docker/librespeed/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.1" 3 | services: 4 | librespeed: 5 | image: lscr.io/linuxserver/librespeed 6 | container_name: librespeed 7 | environment: 8 | - PUID=1000 9 | - PGID=1000 10 | - TZ=Europe/London 11 | - PASSWORD=PASSWORD 12 | - CUSTOM_RESULTS=false #optional 13 | - DB_TYPE=sqlite #optional 14 | - DB_NAME=DB_NAME #optional 15 | - DB_HOSTNAME=DB_HOSTNAME #optional 16 | - DB_USERNAME=DB_USERNAME #optional 17 | - DB_PASSWORD=DB_PASSWORD #optional 18 | - DB_PORT=DB_PORT #optional 19 | volumes: 20 | - /path/to/appdata/config:/config 21 | ports: 22 | - 80:80 23 | restart: unless-stopped -------------------------------------------------------------------------------- /docker/littlelink-server/README.md: -------------------------------------------------------------------------------- 1 | # littlelink-server 2 | 3 | Documentation [here](https://techno-tim.github.io/posts/open-source-linktree-alt/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=42SqfI_AjXU) -------------------------------------------------------------------------------- /docker/littlelink-server/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.0" 3 | services: 4 | littlelink-server: 5 | image: ghcr.io/techno-tim/littlelink-server:latest 6 | container_name: littlelink-server 7 | environment: 8 | - META_TITLE=Techno Tim 9 | - META_DESCRIPTION=Techno Tim Link page 10 | - META_AUTHOR=Techno Tim 11 | - LANG=en 12 | - META_INDEX_STATUS=all 13 | - GA_TRACKING_ID=G-XXXXXXXXXX 14 | - THEME=Dark 15 | - FAVICON_URL=https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_200x200.jpg 16 | - AVATAR_URL=https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_200x200.jpg 17 | - AVATAR_2X_URL=https://pbs.twimg.com/profile_images/1286144221217316864/qIAsKOpB_400x400.jpg 18 | - AVATAR_ALT=Techno Tim Profile Pic 19 | - NAME=TechnoTim 20 | - BIO=Hey! Just a place where you can connect with me! 21 | - FOOTER=Thanks for stopping by! 22 | # use ENV variable names for order, listed buttons will be boosted to the top 23 | - BUTTON_ORDER=YOUTUBE,TWITCH,TWITTER,GITHUB,INSTAGRAM,DISCORD,FACEBOOK,TIKTOK,KIT,PATREON 24 | # you can render an unlimited amount of custom buttons by adding 25 | # the CUSTOM_BUTTON_* variables and by using a comma as a separator. 26 | - CUSTOM_BUTTON_TEXT=Visit My Site,Visit My OTHER Site 27 | - CUSTOM_BUTTON_URL=https://technotim.live,https://www.youtube.com/channel/UCOk-gHyjcWZNj3Br4oxwh0A 28 | - CUSTOM_BUTTON_COLOR=#ED2756,#0085FF 29 | - CUSTOM_BUTTON_TEXT_COLOR=#ffffff,#ffffff 30 | - CUSTOM_BUTTON_ALT_TEXT=Visit my site!,Visit my OTHER Site! 31 | - CUSTOM_BUTTON_NAME=HOMEPAGE,HOMEPAGE2 32 | - CUSTOM_BUTTON_ICON=fas link,fab youtube 33 | - BUTTON_TARGET=_blank # controls the button target html attribute 34 | - STACKOVERFLOW=https://stackoverflow.com/ 35 | - GITHUB=https://github.com/timothystewart6 36 | - TWITTER=https://twitter.com/TechnoTimLive 37 | - INSTAGRAM=https://www.instagram.com/techno.tim 38 | - YOUTUBE=https://www.youtube.com/channel/UCOk-gHyjcWZNj3Br4oxwh0A 39 | - TWITCH=https://www.twitch.tv/technotim/ 40 | - DISCORD=https://l.technotim.live/discord 41 | - TIKTOK=https://www.tiktok.com/@technotim 42 | - KIT=https://kit.co/TechnoTim 43 | - FACEBOOK=https://facebook.com 44 | - FACEBOOK_MESSENGER=https://facebook.com 45 | - LINKED_IN=https://linkedin.com 46 | - PRODUCT_HUNT=https://www.producthunt.com/ 47 | - SNAPCHAT=https://www.snapchat.com/ 48 | - SPOTIFY=https://www.spotify.com/ 49 | - REDDIT=https://www.reddit.com/ 50 | - MEDIUM=https://medium.com 51 | - PINTEREST=https://www.pinterest.com/ 52 | - EMAIL=you@example.com 53 | - EMAIL_TEXT=Email Me! 54 | - EMAIL_ALT=you@example.com 55 | - EMAIL_ALT_TEXT=Email me! 56 | - SOUND_CLOUD=https://soundcloud.com 57 | - FIGMA=https://figma.com 58 | - TELEGRAM=https://telegram.org/ 59 | - TUMBLR=https://www.tumblr.com/ 60 | - STEAM=https://steamcommunity.com/ 61 | - VIMEO=https://vimeo.com/ 62 | - WORDPRESS=https://wordpress.com/ 63 | - GOODREADS=https://www.goodreads.com/ 64 | - SKOOB=https://www.skoob.com.br/ 65 | - LETTERBOXD=https://letterboxd.com/ 66 | - MASTODON=https://mastodon.social/ 67 | - MICRO_BLOG=https://micro.blog/ 68 | - WHATSAPP=https://www.whatsapp.com/ 69 | - STRAVA=https://www.strava.com/ 70 | - BUYMEACOFFEE=https://www.buymeacoffee.com/ 71 | - GITLAB=https://www.gitlab.com/ 72 | - PATREON=https://www.patreon.com/technotim 73 | - DEVTO=https://dev.to/ 74 | - UMAMI_WEBSITE_ID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx 75 | - UMAMI_APP_URL=https://your-umami-app.com 76 | - PAYPAL=https://www.paypal.me/user 77 | - SLACK=https://slack.com/ 78 | - LASTFM=https://last.fm/ 79 | - UNTAPPD=https://untappd.com/ 80 | - GITEA=https://gitea.io/ 81 | - POLYWORK=https://www.polywork.com/ 82 | - SIGNAL=https://signal.org/ 83 | ports: 84 | - 8080:3000 85 | restart: unless-stopped 86 | security_opt: 87 | - no-new-privileges:true -------------------------------------------------------------------------------- /docker/loki/README.md: -------------------------------------------------------------------------------- 1 | # loki 2 | 3 | Documentation [here](https://technotim.live/posts/grafana-loki/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=h_GGd7HfKQ8) -------------------------------------------------------------------------------- /docker/loki/daemon.new.json: -------------------------------------------------------------------------------- 1 | { 2 | "log-driver": "loki", 3 | "log-opts": { 4 | "loki-url": "http://localhost:3100/loki/api/v1/push", 5 | "loki-batch-size": "400" 6 | } 7 | } -------------------------------------------------------------------------------- /docker/loki/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | networks: 4 | loki: 5 | 6 | services: 7 | loki: 8 | image: grafana/loki:2.4.0 9 | volumes: 10 | - ./loki:/etc/loki 11 | ports: 12 | - "3100:3100" 13 | restart: unless-stopped 14 | command: -config.file=/etc/loki/loki-config.yml 15 | networks: 16 | - loki 17 | 18 | promtail: 19 | image: grafana/promtail:2.4.0 20 | volumes: 21 | - /var/log:/var/log 22 | - ./promtail:/etc/promtail 23 | restart: unless-stopped 24 | command: -config.file=/etc/promtail/promtail-config.yml 25 | networks: 26 | - loki 27 | 28 | grafana: 29 | image: grafana/grafana:latest 30 | user: "1000" 31 | volumes: 32 | - ./grafana:/var/lib/grafana 33 | ports: 34 | - "4090:3000" #you might need to change this 35 | restart: unless-stopped 36 | networks: 37 | - loki 38 | -------------------------------------------------------------------------------- /docker/loki/loki-config.yml: -------------------------------------------------------------------------------- 1 | auth_enabled: false 2 | 3 | server: 4 | http_listen_port: 3100 5 | grpc_listen_port: 9096 6 | 7 | common: 8 | path_prefix: /tmp/loki 9 | storage: 10 | filesystem: 11 | chunks_directory: /tmp/loki/chunks 12 | rules_directory: /tmp/loki/rules 13 | replication_factor: 1 14 | ring: 15 | instance_addr: 127.0.0.1 16 | kvstore: 17 | store: inmemory 18 | 19 | schema_config: 20 | configs: 21 | - from: 2020-10-24 22 | store: boltdb-shipper 23 | object_store: filesystem 24 | schema: v11 25 | index: 26 | prefix: index_ 27 | period: 24h 28 | 29 | ruler: 30 | alertmanager_url: http://localhost:9093 -------------------------------------------------------------------------------- /docker/loki/promtail-config.yml: -------------------------------------------------------------------------------- 1 | server: 2 | http_listen_port: 9080 3 | grpc_listen_port: 0 4 | 5 | positions: 6 | filename: /tmp/positions.yaml 7 | 8 | clients: 9 | - url: http://loki:3100/loki/api/v1/push 10 | 11 | # local machine logs 12 | # scrape_configs: 13 | # - job_name: local 14 | # static_configs: 15 | # - targets: 16 | # - localhost 17 | # labels: 18 | # job: varlogs 19 | # __path__: /var/log/*log 20 | 21 | # docker logs 22 | scrape_configs: 23 | - job_name: docker 24 | pipeline_stages: 25 | - docker: {} 26 | static_configs: 27 | - labels: 28 | job: docker 29 | __path__: /var/lib/docker/containers/*/*-json.log -------------------------------------------------------------------------------- /docker/minecraft/README.md: -------------------------------------------------------------------------------- 1 | # minecraft 2 | 3 | Documentation [here](https://technotim.live/posts/docker-rancher-kubernetes/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=oILc0ywDVTk) -------------------------------------------------------------------------------- /docker/minecraft/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | mc: 5 | image: itzg/minecraft-server 6 | ports: 7 | - 25565:25565 8 | environment: 9 | EULA: "TRUE" 10 | tty: true 11 | stdin_open: true 12 | restart: unless-stopped 13 | volumes: 14 | # attach a directory relative to the directory containing this compose file 15 | - ./minecraft-data:/data -------------------------------------------------------------------------------- /docker/mongodb/README.md: -------------------------------------------------------------------------------- 1 | # mongodb 2 | -------------------------------------------------------------------------------- /docker/mongodb/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: '3.4' 3 | services: 4 | mongodb: 5 | image: mongo:latest 6 | container_name: mongodb 7 | hostname: mongodb 8 | environment: 9 | - MONGO_INITDB_ROOT_USERNAME=root 10 | - MONGO_INITDB_ROOT_PASSWORD=some-password 11 | - TZ=America/Chicago 12 | - MONGO_REPLICA_SET_NAME=rs0 #remove if you don't want to create a replica 13 | volumes: 14 | - ./mongodb/data/configdb:/data/configdb 15 | - ./mongodb/data/db:/data/db 16 | ports: 17 | - 27017:27017 18 | restart: unless-stopped 19 | security_opt: 20 | - no-new-privileges:true 21 | healthcheck: 22 | test: test $$(echo "rs.initiate().ok || rs.status().ok" | mongo -u root -p some-password --quiet) -eq 1 23 | interval: 10s 24 | start_period: 30s 25 | entrypoint: [ "/usr/bin/mongod", "--bind_ip_all", "--replSet", "rs0" ] -------------------------------------------------------------------------------- /docker/mysql-backup/README.md: -------------------------------------------------------------------------------- 1 | # mysql-backup -------------------------------------------------------------------------------- /docker/mysql-backup/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.1" 3 | 4 | services: 5 | mysql-backup-5-7: 6 | image: databack/mysql-backup:latest 7 | container_name: mysql-backup-5-7 8 | environment: 9 | - DB_SERVER=server-address 10 | - DB_PORT=33306 11 | - DB_USER=root 12 | - DB_PASS=some-password 13 | - DB_DUMP_TARGET=/db 14 | - COMPRESSION=gzip 15 | - DB_DUMP_SAFECHARS=true 16 | - DB_DUMP_BY_SCHEMA=true 17 | - DB_NAMES=mysql 18 | - DB_DUMP_CRON=0 3 * * * 19 | volumes: 20 | - ./mysql-backup/mysql-5-7:/db 21 | restart: unless-stopped 22 | security_opt: 23 | - no-new-privileges:true -------------------------------------------------------------------------------- /docker/mysql/README.md: -------------------------------------------------------------------------------- 1 | # mysql 2 | 3 | Documentation [here](https://technotim.live/posts/migrate-database-docker-kubernetes/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=jZvnkf_HgcY) -------------------------------------------------------------------------------- /docker/mysql/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.1' 2 | services: 3 | db: 4 | image: mysql 5 | command: --default-authentication-plugin=mysql_native_password 6 | restart: always 7 | environment: 8 | MYSQL_ROOT_PASSWORD: example 9 | adminer: 10 | image: adminer 11 | restart: always 12 | ports: 13 | - 8080:8080 -------------------------------------------------------------------------------- /docker/netboot-xyz/README.md: -------------------------------------------------------------------------------- 1 | # netboot.xyz 2 | 3 | Documentation [here](https://technotim.live/posts/netbootxyz-tutorial/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=4btW5x_clpg) 6 | -------------------------------------------------------------------------------- /docker/netboot-xyz/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "2.1" 3 | services: 4 | netbootxyz: 5 | image: ghcr.io/netbootxyz/netbootxyz 6 | container_name: netbootxyz 7 | environment: 8 | # - MENU_VERSION=2.0.47 # optional, sets menus version, unset uses latest 9 | volumes: 10 | - ./config:/config # optional 11 | - ./assets:/assets # optional 12 | ports: 13 | - 3000:3000 14 | - 69:69/udp 15 | - 8080:80 #optional 16 | restart: unless-stopped -------------------------------------------------------------------------------- /docker/nextcloud/README.md: -------------------------------------------------------------------------------- 1 | # nextcloud 2 | 3 | Documentation [here](https://technotim.live/posts/nextcloud-setup/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=nt__J9Yr8_w) -------------------------------------------------------------------------------- /docker/nextcloud/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.1" 3 | services: 4 | nextcloud: 5 | image: lscr.io/linuxserver/nextcloud 6 | container_name: nextcloud 7 | environment: 8 | - PUID=1000 9 | - PGID=1000 10 | - TZ=Europe/London 11 | volumes: 12 | - /path/to/appdata:/config 13 | - /path/to/data:/data 14 | ports: 15 | - 443:443 16 | restart: unless-stopped -------------------------------------------------------------------------------- /docker/nginx/README.md: -------------------------------------------------------------------------------- 1 | # nginx -------------------------------------------------------------------------------- /docker/nginx/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.1" 2 | services: 3 | web: 4 | image: nginx 5 | volumes: 6 | - ./templates:/etc/nginx/templates 7 | ports: 8 | - "8080:80" 9 | environment: 10 | - NGINX_HOST=foobar.com 11 | - NGINX_PORT=80 -------------------------------------------------------------------------------- /docker/ntp/README.md: -------------------------------------------------------------------------------- 1 | # ntp 2 | -------------------------------------------------------------------------------- /docker/ntp/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.1" 3 | 4 | services: 5 | ntp: 6 | image: cturra/ntp:latest 7 | container_name: ntp 8 | environment: 9 | - NTP_SERVERS=time.cloudflare.com # be sure this is external 10 | restart: unless-stopped 11 | ports: 12 | - "123:123/udp" 13 | -------------------------------------------------------------------------------- /docker/pihole/README.md: -------------------------------------------------------------------------------- 1 | # pi hole 2 | 3 | Documentation [here](https://technotim.live/posts/pihole-containerized/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=NRe2-vye3ik) -------------------------------------------------------------------------------- /docker/pihole/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | # More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/ 4 | services: 5 | pihole: 6 | container_name: pihole 7 | image: pihole/pihole:latest 8 | ports: 9 | - "53:53/tcp" 10 | - "53:53/udp" 11 | - "67:67/udp" 12 | - "80:80/tcp" 13 | environment: 14 | TZ: 'America/Chicago' 15 | # WEBPASSWORD: 'set a secure password here or it will be random' 16 | # Volumes store your data between container upgrades 17 | volumes: 18 | - './etc-pihole/:/etc/pihole/' 19 | - './etc-dnsmasq.d/:/etc/dnsmasq.d/' 20 | # Recommended but not required (DHCP needs NET_ADMIN) 21 | # https://github.com/pi-hole/docker-pi-hole#note-on-capabilities 22 | cap_add: 23 | - NET_ADMIN 24 | restart: unless-stopped -------------------------------------------------------------------------------- /docker/plex/README.md: -------------------------------------------------------------------------------- 1 | # plex 2 | 3 | Documentation [here](https://technotim.live/posts/plex-containerized/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=MG_1XQxWns0) -------------------------------------------------------------------------------- /docker/plex/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3" 3 | services: 4 | plex: 5 | image: lscr.io/linuxserver/plex 6 | container_name: plex 7 | network_mode: host 8 | environment: 9 | - PUID=1000 10 | - PGID=1000 11 | - VERSION=docker 12 | - PLEX_CLAIM= #optional 13 | volumes: 14 | - /path/to/library:/config 15 | - /path/to/tvseries:/tv 16 | - /path/to/movies:/movies 17 | restart: unless-stopped -------------------------------------------------------------------------------- /docker/portainer/README.md: -------------------------------------------------------------------------------- 1 | # portainer 2 | 3 | Documentation that covers portainer with TLS [here](https://technotim.live/posts/traefik-portainer-ssl/) 4 | 5 | Video that covers portainer with TLS [here](https://www.youtube.com/watch?v=liV3c9m_OX8) -------------------------------------------------------------------------------- /docker/portainer/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | portainer: 5 | image: portainer/portainer-ce 6 | container_name: portainer 7 | restart: unless-stopped 8 | security_opt: 9 | - no-new-privileges:true 10 | networks: 11 | - proxy 12 | volumes: 13 | - /etc/localtime:/etc/localtime:ro 14 | - /var/run/docker.sock:/var/run/docker.sock:ro 15 | - /home/username/portainer/data:/data 16 | labels: 17 | # if you are not using traefik, comment out labels 18 | - "traefik.enable=true" 19 | - "traefik.http.routers.portainer.entrypoints=http" 20 | - "traefik.http.routers.portainer.rule=Host(`portainer.local.example.com`)" 21 | - "traefik.http.middlewares.portainer-https-redirect.redirectscheme.scheme=https" 22 | - "traefik.http.routers.portainer.middlewares=portainer-https-redirect" 23 | - "traefik.http.routers.portainer-secure.entrypoints=https" 24 | - "traefik.http.routers.portainer-secure.rule=Host(`portainer.local.example.com`)" 25 | - "traefik.http.routers.portainer-secure.tls=true" 26 | - "traefik.http.routers.portainer-secure.service=portainer" 27 | - "traefik.http.services.portainer.loadbalancer.server.port=9000" 28 | - "traefik.docker.network=proxy" 29 | 30 | networks: 31 | proxy: 32 | external: true -------------------------------------------------------------------------------- /docker/postgres/README.md: -------------------------------------------------------------------------------- 1 | # postgres 2 | -------------------------------------------------------------------------------- /docker/postgres/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.1' 2 | services: 3 | db: 4 | image: postgres:14.1-alpine 5 | restart: always 6 | environment: 7 | POSTGRES_PASSWORD: some-password 8 | ports: 9 | - 5432:5432 10 | volumes: 11 | - ./postgres/data:/var/lib/postgresql/data -------------------------------------------------------------------------------- /docker/pterodactyl/README.md: -------------------------------------------------------------------------------- 1 | # pterodactyl 2 | 3 | Documentation [here](https://technotim.live/posts/pterodactyl-game-server/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=_ypAmCcIlBE) -------------------------------------------------------------------------------- /docker/pterodactyl/panel/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.8' 2 | x-common: 3 | database: 4 | &db-environment 5 | # Do not remove the "&db-password" from the end of the line below, it is important 6 | # for Panel functionality. 7 | MYSQL_PASSWORD: &db-password "CHANGE_ME" 8 | MYSQL_ROOT_PASSWORD: "CHANGE_ME_TOO" 9 | panel: 10 | &panel-environment 11 | APP_URL: "https://pterodactyl.example.com" 12 | # A list of valid timezones can be found here: http://php.net/manual/en/timezones.php 13 | APP_TIMEZONE: "UTC" 14 | APP_SERVICE_AUTHOR: "noreply@example.com" 15 | TRUSTED_PROXIES: "*" # Set this to your proxy IP 16 | # Uncomment the line below and set to a non-empty value if you want to use Let's Encrypt 17 | # to generate an SSL certificate for the Panel. 18 | # LE_EMAIL: "" 19 | mail: 20 | &mail-environment 21 | MAIL_FROM: "noreply@example.com" 22 | MAIL_DRIVER: "smtp" 23 | MAIL_HOST: "mail" 24 | MAIL_PORT: "1025" 25 | MAIL_USERNAME: "" 26 | MAIL_PASSWORD: "" 27 | MAIL_ENCRYPTION: "true" 28 | 29 | # 30 | # ------------------------------------------------------------------------------------------ 31 | # DANGER ZONE BELOW 32 | # 33 | # The remainder of this file likely does not need to be changed. Please only make modifications 34 | # below if you understand what you are doing. 35 | # 36 | services: 37 | database: 38 | image: mariadb:10.5 39 | restart: always 40 | command: --default-authentication-plugin=mysql_native_password 41 | volumes: 42 | - "/srv/pterodactyl/database:/var/lib/mysql" 43 | environment: 44 | <<: *db-environment 45 | MYSQL_DATABASE: "panel" 46 | MYSQL_USER: "pterodactyl" 47 | cache: 48 | image: redis:alpine 49 | restart: always 50 | panel: 51 | image: ghcr.io/pterodactyl/panel:latest 52 | restart: always 53 | ports: 54 | - "80:80" 55 | - "443:443" 56 | links: 57 | - database 58 | - cache 59 | volumes: 60 | - "/srv/pterodactyl/var/:/app/var/" 61 | - "/srv/pterodactyl/nginx/:/etc/nginx/http.d/" 62 | - "/srv/pterodactyl/certs/:/etc/letsencrypt/" 63 | - "/srv/pterodactyl/logs/:/app/storage/logs" 64 | environment: 65 | <<: [*panel-environment, *mail-environment] 66 | DB_PASSWORD: *db-password 67 | APP_ENV: "production" 68 | APP_ENVIRONMENT_ONLY: "false" 69 | CACHE_DRIVER: "redis" 70 | SESSION_DRIVER: "redis" 71 | QUEUE_DRIVER: "redis" 72 | REDIS_HOST: "cache" 73 | DB_HOST: "database" 74 | DB_PORT: "3306" 75 | networks: 76 | default: 77 | ipam: 78 | config: 79 | - subnet: 172.20.0.0/16 -------------------------------------------------------------------------------- /docker/pterodactyl/wings/config.yml: -------------------------------------------------------------------------------- 1 | debug: false 2 | uuid: 716deb8f-7047-42ad-9323-4a25ae49118b 3 | token_id: 7PoSfql3hdKjbMKn 4 | token: apEo1esCKe5sEWkpfnRB5xakj3mc0aM6jglacgBcsIsgglBtOm0oV1W3efTbwarN 5 | api: 6 | host: 0.0.0.0 7 | port: 443 8 | ssl: 9 | enabled: false 10 | cert: /etc/letsencrypt/live/node-01.example.com/fullchain.pem 11 | key: /etc/letsencrypt/live/node-01.example.com/privkey.pem 12 | upload_limit: 100 13 | system: 14 | data: /var/lib/pterodactyl/volumes 15 | sftp: 16 | bind_port: 2022 17 | allowed_mounts: [] 18 | remote: 'https://pterodactyl.example.com' -------------------------------------------------------------------------------- /docker/pterodactyl/wings/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.8' 2 | 3 | services: 4 | wings: 5 | image: ghcr.io/pterodactyl/wings:v1.6.1 6 | restart: always 7 | networks: 8 | - wings0 9 | ports: 10 | - "8080:8080" 11 | - "2022:2022" 12 | - "443:443" 13 | tty: true 14 | environment: 15 | TZ: "UTC" 16 | WINGS_UID: 988 17 | WINGS_GID: 988 18 | WINGS_USERNAME: pterodactyl 19 | volumes: 20 | - "/var/run/docker.sock:/var/run/docker.sock" 21 | - "/var/lib/docker/containers/:/var/lib/docker/containers/" 22 | - "/etc/pterodactyl/:/etc/pterodactyl/" 23 | - "/var/lib/pterodactyl/:/var/lib/pterodactyl/" 24 | - "/var/log/pterodactyl/:/var/log/pterodactyl/" 25 | - "/tmp/pterodactyl/:/tmp/pterodactyl/" 26 | - "/etc/ssl/certs:/etc/ssl/certs:ro" 27 | # you may need /srv/daemon-data if you are upgrading from an old daemon 28 | #- "/srv/daemon-data/:/srv/daemon-data/" 29 | # Required for ssl if you use let's encrypt. uncomment to use. 30 | #- "/etc/letsencrypt/:/etc/letsencrypt/" 31 | networks: 32 | wings0: 33 | name: wings0 34 | driver: bridge 35 | ipam: 36 | config: 37 | - subnet: "172.21.0.0/16" 38 | driver_opts: 39 | com.docker.network.bridge.name: wings0 -------------------------------------------------------------------------------- /docker/redis/README.md: -------------------------------------------------------------------------------- 1 | # redis 2 | -------------------------------------------------------------------------------- /docker/redis/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.8' 2 | services: 3 | cache: 4 | image: redis:6.2-alpine 5 | container_name: redis 6 | restart: always 7 | ports: 8 | - 6379:6379 9 | command: redis-server --save 20 1 --loglevel warning --requirepass some-password 10 | volumes: 11 | - ./redis/data:/data -------------------------------------------------------------------------------- /docker/scrypted/README.md: -------------------------------------------------------------------------------- 1 | # scrypted 2 | 3 | Documentation [here](https://technotim.live/posts/scrypted-home-hub/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=x1xsFRQYSv0) 6 | -------------------------------------------------------------------------------- /docker/scrypted/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.5" 2 | 3 | # The Scrypted docker-compose.yml file typically resides at: 4 | # ~/.scrypted/docker-compose.yml 5 | 6 | # Example volumes SMB (CIFS) and NFS. 7 | # Uncomment only one. 8 | 9 | # volumes: 10 | # nvr: 11 | # driver_opts: 12 | # type: cifs 13 | # o: username=[username],password=[password],vers=3.0,file_mode=0777,dir_mode=0777 14 | # device: //[ip-address]/[path-to-directory] 15 | # nvr: 16 | # driver_opts: 17 | # type: "nfs" 18 | # o: "addr=[ip-address],nolock,soft,rw" 19 | # device: ":[path-to-directory]" 20 | 21 | services: 22 | scrypted: 23 | image: koush/scrypted 24 | environment: 25 | - SCRYPTED_WEBHOOK_UPDATE_AUTHORIZATION=Bearer SET_THIS_TO_SOME_RANDOM_TEXT 26 | - SCRYPTED_WEBHOOK_UPDATE=http://localhost:10444/v1/update 27 | # nvidia support 28 | # - NVIDIA_VISIBLE_DEVICES=all 29 | # - NVIDIA_DRIVER_CAPABILITIES=all 30 | # runtime: nvidia 31 | container_name: scrypted 32 | restart: unless-stopped 33 | network_mode: host 34 | 35 | devices: 36 | # hardware accelerated video decoding, opencl, etc. 37 | - /dev/dri:/dev/dri 38 | # uncomment below as necessary. 39 | # zwave usb serial device 40 | # - /dev/ttyACM0:/dev/ttyACM0 41 | # all usb devices, such as coral tpu 42 | # - /dev/bus/usb:/dev/bus/usb 43 | 44 | volumes: 45 | - ~/.scrypted/volume:/server/volume 46 | # modify and add the additional volume for Scrypted NVR 47 | # the following example would mount the /mnt/sda/video path on the host 48 | # to the /nvr path inside the docker container. 49 | # - /mnt/sda/video:/nvr 50 | 51 | # or use a network mount from one of the examples above 52 | # - type: volume 53 | # source: nvr 54 | # target: /nvr 55 | # volume: 56 | # nocopy: true 57 | 58 | # uncomment the following lines to expose Avahi, an mDNS advertiser. 59 | # make sure Avahi is running on the host machine, otherwise this will not work. 60 | # - /var/run/dbus:/var/run/dbus 61 | # - /var/run/avahi-daemon/socket:/var/run/avahi-daemon/socket 62 | # logging is noisy and will unnecessarily wear on flash storage. 63 | # scrypted has per device in memory logging that is preferred. 64 | logging: 65 | driver: "json-file" 66 | options: 67 | max-size: "10m" 68 | max-file: "10" 69 | labels: 70 | - "com.centurylinklabs.watchtower.scope=scrypted" 71 | 72 | # watchtower manages updates for Scrypted. 73 | watchtower: 74 | environment: 75 | - WATCHTOWER_HTTP_API_TOKEN=SET_THIS_TO_SOME_RANDOM_TEXT 76 | - WATCHTOWER_HTTP_API_UPDATE=true 77 | - WATCHTOWER_SCOPE=scrypted 78 | # remove the following line to never allow docker to auto update. 79 | # this is not recommended. 80 | - WATCHTOWER_HTTP_API_PERIODIC_POLLS=true 81 | image: containrrr/watchtower 82 | container_name: scrypted-watchtower 83 | restart: unless-stopped 84 | volumes: 85 | - /var/run/docker.sock:/var/run/docker.sock 86 | labels: 87 | - "com.centurylinklabs.watchtower.scope=scrypted" 88 | ports: 89 | # The auto update port 10444 can be configured 90 | # Must match the port in the auto update url above. 91 | - 10444:8080 92 | # check for updates once an hour (interval is in seconds) 93 | command: --interval 3600 --cleanup --scope scrypted -------------------------------------------------------------------------------- /docker/syncthing/README.md: -------------------------------------------------------------------------------- 1 | # syncthing 2 | -------------------------------------------------------------------------------- /docker/syncthing/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.1" 3 | 4 | services: 5 | syncthing: 6 | image: ghcr.io/linuxserver/syncthing 7 | container_name: syncthing 8 | hostname: server-name 9 | environment: 10 | - PUID=1000 11 | - PGID=1000 12 | - TZ=America/Chicago 13 | volumes: 14 | - ./syncthing/config:/config 15 | - ./some-backup-folder:/some-backup-folder 16 | ports: 17 | - 8384:8384 18 | - 22000:22000 19 | - 21027:21027/udp 20 | restart: unless-stopped 21 | security_opt: 22 | - no-new-privileges:true -------------------------------------------------------------------------------- /docker/tdarr/README.md: -------------------------------------------------------------------------------- 1 | # tdarr 2 | 3 | Documentation [here](https://technotim.live/posts/tadarr-server/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=UA1Sktq40pA) -------------------------------------------------------------------------------- /docker/tdarr/Tdarr_Node_Config.json: -------------------------------------------------------------------------------- 1 | { 2 | "nodeID": "Windows-Node", 3 | "nodeIP": "192.168.0.100", 4 | "nodePort": "8267", 5 | "serverIP": "192.168.0.101", 6 | "serverPort": "8266", 7 | "handbrakePath": "", 8 | "ffmpegPath": "", 9 | "mkvpropeditPath": "", 10 | "pathTranslators": [ 11 | { 12 | "server": "/media/", 13 | "node": "C:/media" 14 | }, 15 | { 16 | "server": "/temp", 17 | "node": "C:/temp" 18 | } 19 | ], 20 | "platform_arch": "win32_x64_docker_false", 21 | "logLevel": "INFO" 22 | } -------------------------------------------------------------------------------- /docker/tdarr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.4" 3 | services: 4 | tdarr: 5 | container_name: tdarr 6 | image: ghcr.io/haveagitgat/tdarr:latest 7 | restart: unless-stopped 8 | network_mode: bridge 9 | ports: 10 | - 8265:8265 # webUI port 11 | - 8266:8266 # server port 12 | - 8267:8267 # Internal node port 13 | environment: 14 | - TZ=America/Chicago 15 | - PUID=1000 16 | - PGID=1000 17 | - UMASK_SET=002 18 | - serverIP=0.0.0.0 19 | - serverPort=8266 20 | - webUIPort=8265 21 | - internalNode=true 22 | - nodeID=MyInternalNode 23 | - nodeIP=0.0.0.0 24 | - nodePort=8267 25 | - NVIDIA_DRIVER_CAPABILITIES=all 26 | - NVIDIA_VISIBLE_DEVICES=all 27 | volumes: 28 | - /path/to/server:/app/server 29 | - /path/to/configs:/app/configs 30 | - /path/to/logs:/app/logs 31 | - /path/to/media/:/media 32 | - /path/to/temp/:/temp 33 | deploy: 34 | resources: 35 | reservations: 36 | devices: 37 | - capabilities: 38 | - gpu -------------------------------------------------------------------------------- /docker/traefik/README.md: -------------------------------------------------------------------------------- 1 | # traefik 2 | 3 | Documentation [here](https://technotim.live/posts/traefik-portainer-ssl/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=liV3c9m_OX8) 6 | -------------------------------------------------------------------------------- /docker/traefik/data/config.yml: -------------------------------------------------------------------------------- 1 | http: 2 | #region routers 3 | routers: 4 | proxmox: 5 | entryPoints: 6 | - "https" 7 | rule: "Host(`proxmox.local.example.com`)" 8 | middlewares: 9 | - default-headers 10 | tls: {} 11 | service: proxmox 12 | pihole: 13 | entryPoints: 14 | - "https" 15 | rule: "Host(`pihole.local.example.com`)" 16 | middlewares: 17 | - default-headers 18 | - pihole-redirect 19 | tls: {} 20 | service: pihole 21 | homebridge: 22 | entryPoints: 23 | - "https" 24 | rule: "Host(`homebridge.local.example.com`)" 25 | middlewares: 26 | - default-headers 27 | tls: {} 28 | service: homebridge 29 | syncthing: 30 | entryPoints: 31 | - "https" 32 | rule: "Host(`syncthing.local.example.com`)" 33 | middlewares: 34 | - default-headers 35 | tls: {} 36 | service: syncthing 37 | truenas: 38 | entryPoints: 39 | - "https" 40 | rule: "Host(`truenas.local.example.com`)" 41 | middlewares: 42 | - default-headers 43 | tls: {} 44 | service: truenas 45 | plex: 46 | entryPoints: 47 | - "https" 48 | rule: "Host(`plex.local.example.com`)" 49 | middlewares: 50 | - default-headers 51 | tls: {} 52 | service: plex 53 | minio: 54 | entryPoints: 55 | - "https" 56 | rule: "Host(`minio.local.example.com`)" 57 | middlewares: 58 | - default-headers 59 | tls: {} 60 | service: minio 61 | rancher: 62 | entryPoints: 63 | - "https" 64 | rule: "Host(`rancher.local.example.com`)" 65 | middlewares: 66 | - default-headers 67 | tls: {} 68 | service: rancher 69 | idrac: 70 | entryPoints: 71 | - "https" 72 | rule: "Host(`idrac.local.example.com`)" 73 | middlewares: 74 | - idrac 75 | tls: {} 76 | service: idrac 77 | idrac-console: 78 | entryPoints: 79 | - "idrac" # REQUIRED for iDRAC virtual console: Create a new TCP entry point in traefik on port 5900 80 | rule: "Host(`idrac.local.example.com`)" 81 | middlewares: 82 | - idrac 83 | tls: {} 84 | service: idrac-console 85 | opnsense: 86 | entryPoints: 87 | - "https" 88 | rule: "Host(`opnsense.local.example.com`)" 89 | middlewares: 90 | - default-headers 91 | tls: {} 92 | 93 | 94 | #endregion 95 | #region services 96 | services: 97 | proxmox: 98 | loadBalancer: 99 | servers: 100 | - url: "https://192.168.0.100:8006" 101 | passHostHeader: true 102 | pihole: 103 | loadBalancer: 104 | servers: 105 | - url: "http://192.168.0.101:80" 106 | passHostHeader: true 107 | homebridge: 108 | loadBalancer: 109 | servers: 110 | - url: "http://192.168.0.102:10999" 111 | passHostHeader: true 112 | syncthing: 113 | loadBalancer: 114 | servers: 115 | - url: "https://192.168.0.103:8384" 116 | passHostHeader: true 117 | truenas: 118 | loadBalancer: 119 | servers: 120 | - url: "https://192.168.0.104" 121 | passHostHeader: true 122 | plex: 123 | loadBalancer: 124 | servers: 125 | - url: "https://192.168.0.105:32400" 126 | passHostHeader: true 127 | minio: 128 | loadBalancer: 129 | servers: 130 | - url: "https://192.168.0.106:9000/" 131 | passHostHeader: true 132 | rancher: 133 | loadBalancer: 134 | servers: 135 | - url: "https://192.168.0.107" 136 | passHostHeader: true 137 | idrac: 138 | loadBalancer: 139 | servers: 140 | - url: "https://192.168.0.108" 141 | passHostHeader: true 142 | idrac-console: 143 | loadBalancer: 144 | servers: 145 | - url: "https://192.168.0.108:5900" 146 | passHostHeader: true 147 | opnsense: 148 | loadBalancer: 149 | servers: 150 | - url: "https://192.168.0.109" 151 | passHostHeader: true 152 | #endregion 153 | middlewares: 154 | pihole-redirect: 155 | redirectRegex: 156 | regex: "^https?://pihole.local.example.com/$" 157 | replacement: "https://pihole.local.example.com/admin/" 158 | https-redirect: 159 | redirectScheme: 160 | scheme: https 161 | 162 | default-headers: 163 | headers: 164 | frameDeny: true 165 | sslRedirect: true 166 | browserXssFilter: true 167 | contentTypeNosniff: true 168 | forceSTSHeader: true 169 | stsIncludeSubdomains: true 170 | stsPreload: true 171 | stsSeconds: 15552000 172 | customFrameOptionsValue: SAMEORIGIN 173 | customRequestHeaders: 174 | X-Forwarded-Proto: https 175 | 176 | idrac: 177 | headers: 178 | frameDeny: true 179 | sslRedirect: true 180 | browserXssFilter: true 181 | forceSTSHeader: true 182 | stsIncludeSubdomains: true 183 | stsSeconds: 15552000 184 | customFrameOptionsValue: SAMEORIGIN 185 | customRequestHeaders: 186 | X-Forwarded-Proto: https 187 | 188 | default-whitelist: 189 | ipWhiteList: 190 | sourceRange: 191 | - "10.0.0.0/8" 192 | - "192.168.0.0/16" 193 | - "172.16.0.0/12" 194 | 195 | secured: 196 | chain: 197 | middlewares: 198 | - default-whitelist 199 | - default-headers 200 | -------------------------------------------------------------------------------- /docker/traefik/data/traefik.yml: -------------------------------------------------------------------------------- 1 | api: 2 | dashboard: true 3 | debug: true 4 | entryPoints: 5 | http: 6 | address: ":80" 7 | https: 8 | address: ":443" 9 | serversTransport: 10 | insecureSkipVerify: true 11 | providers: 12 | docker: 13 | endpoint: "unix:///var/run/docker.sock" 14 | exposedByDefault: false 15 | file: 16 | filename: /config.yml 17 | certificatesResolvers: 18 | cloudflare: 19 | acme: 20 | email: you@example.com 21 | storage: acme.json 22 | dnsChallenge: 23 | provider: cloudflare 24 | resolvers: 25 | - "1.1.1.1:53" 26 | - "1.0.0.1:53" -------------------------------------------------------------------------------- /docker/traefik/docker.compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | traefik: 5 | image: traefik:latest 6 | container_name: traefik 7 | restart: unless-stopped 8 | security_opt: 9 | - no-new-privileges:true 10 | networks: 11 | - proxy 12 | ports: 13 | - 80:80 14 | - 443:443 15 | environment: 16 | - CF_API_EMAIL=user@example.com 17 | - CF_DNS_API_TOKEN=YOUR_API_TOKEN 18 | # - CF_API_KEY=YOUR_API_KEY 19 | # be sure to use the correct one depending on if you are using a token or key 20 | volumes: 21 | - /etc/localtime:/etc/localtime:ro 22 | - /var/run/docker.sock:/var/run/docker.sock:ro 23 | - /home/username/traefik/data/traefik.yml:/traefik.yml:ro 24 | - /home/username/traefik/data/acme.json:/acme.json 25 | - /home/username/traefik/data/config.yml:/config.yml:ro 26 | labels: 27 | - "traefik.enable=true" 28 | - "traefik.http.routers.traefik.entrypoints=http" 29 | - "traefik.http.routers.traefik.rule=Host(`traefik-dashboard.local.example.com`)" 30 | - "traefik.http.middlewares.traefik-auth.basicauth.users=USER:BASIC_AUTH_PASSWORD" 31 | - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https" 32 | - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https" 33 | - "traefik.http.routers.traefik.middlewares=traefik-https-redirect" 34 | - "traefik.http.routers.traefik-secure.entrypoints=https" 35 | - "traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.local.example.com`)" 36 | - "traefik.http.routers.traefik-secure.middlewares=traefik-auth" 37 | - "traefik.http.routers.traefik-secure.tls=true" 38 | - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare" 39 | - "traefik.http.routers.traefik-secure.tls.domains[0].main=local.example.com" 40 | - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.local.example.com" 41 | - "traefik.http.routers.traefik-secure.service=api@internal" 42 | 43 | networks: 44 | proxy: 45 | external: true -------------------------------------------------------------------------------- /docker/unifi-controller/README.md: -------------------------------------------------------------------------------- 1 | # unifi-controller 2 | -------------------------------------------------------------------------------- /docker/unifi-controller/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.1" 3 | services: 4 | unifi-controller: 5 | image: lscr.io/linuxserver/unifi-controller 6 | container_name: unifi-controller 7 | environment: 8 | - PUID=1000 9 | - PGID=1000 10 | - MEM_LIMIT=1024 #optional 11 | - MEM_STARTUP=1024 #optional 12 | volumes: 13 | - :/config 14 | ports: 15 | - 3478:3478/udp 16 | - 10001:10001/udp 17 | - 8080:8080 18 | - 8443:8443 19 | - 1900:1900/udp #optional 20 | - 8843:8843 #optional 21 | - 8880:8880 #optional 22 | - 6789:6789 #optional 23 | - 5514:5514/udp #optional 24 | restart: unless-stopped -------------------------------------------------------------------------------- /docker/uptime-kuma/README.md: -------------------------------------------------------------------------------- 1 | # Uptime Kuma 2 | 3 | Documentation [here](https://technotim.live/posts/uptime-kuma/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=r_A5NKkAqZM) 6 | -------------------------------------------------------------------------------- /docker/uptime-kuma/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.1" 2 | services: 3 | uptime-kuma: 4 | image: louislam/uptime-kuma:1 5 | container_name: uptime-kuma 6 | volumes: 7 | - ./uptime-kuma/data:/app/data 8 | ports: 9 | - 3001:3001 10 | restart: unless-stopped 11 | security_opt: 12 | - no-new-privileges:true -------------------------------------------------------------------------------- /docker/watchtower/README.md: -------------------------------------------------------------------------------- 1 | # watchtower 2 | -------------------------------------------------------------------------------- /docker/watchtower/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.1" 3 | 4 | services: 5 | watchtower: 6 | image: containrrr/watchtower 7 | container_name: watchtower 8 | environment: 9 | # with discord notifications 10 | # uses slack config for discord 11 | # replace webhook with your discord webhook, make sure to include the /slack 12 | - WATCHTOWER_NOTIFICATIONS=slack 13 | - WATCHTOWER_NOTIFICATION_SLACK_HOOK_URL=https://discord.com/api/webhooks/SOME_WEBHOOK_PATH/slack 14 | - WATCHTOWER_NOTIFICATION_SLACK_IDENTIFIER=server-name 15 | - WATCHTOWER_NOTIFICATION_SLACK_ICON_EMOJI=`:whale:` 16 | - TZ=America/Chicago 17 | - WATCHTOWER_CLEANUP=true 18 | - WATCHTOWER_POLL_INTERVAL=3600 19 | volumes: 20 | - /var/run/docker.sock:/var/run/docker.sock 21 | restart: unless-stopped 22 | security_opt: 23 | - no-new-privileges:true -------------------------------------------------------------------------------- /docker/webnut/README.md: -------------------------------------------------------------------------------- 1 | # webnut 2 | 3 | Documentation [here](https://technotim.live/posts/NUT-server-guide/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=vyBP7wpN72c) -------------------------------------------------------------------------------- /docker/webnut/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.1" 2 | services: 3 | nut: 4 | image: teknologist/webnut 5 | container_name: webnut 6 | environment: 7 | - UPS_HOST=ip.address.of.nut.server 8 | - UPS_PORT=3493 9 | - UPS_USER=admin 10 | - UPS_PASSWORD=secret 11 | restart: unless-stopped 12 | security_opt: 13 | - no-new-privileges:true 14 | networks: 15 | - proxy 16 | ports: 17 | - 6543:6543 18 | networks: 19 | proxy: 20 | external: true -------------------------------------------------------------------------------- /docker/webtop/README.md: -------------------------------------------------------------------------------- 1 | # webtop 2 | 3 | Documentation [here](https://technotim.live/posts/webtop-container/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=Gd9bvdkIXOQ) -------------------------------------------------------------------------------- /docker/webtop/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2.1" 2 | services: 3 | webtop: 4 | image: ghcr.io/linuxserver/webtop:ubuntu-mate #choose your flavor 5 | container_name: webtop 6 | #privileged: true #optional but not needed unless you are running kde or i3 or other tools 7 | environment: 8 | - PUID=1000 # based on id 9 | - PGID=1000 # based on group 10 | - TZ=America/Chicago # your timezone 11 | volumes: 12 | - /home/user/webtop/config:/config #home directory 13 | #- /var/run/docker.sock:/var/run/docker.sock #optional only if you need access to docker winthin this container 14 | ports: 15 | - 3000:3000 16 | shm_size: "2gb" #optional but set to 1GB or higher to prevent browser crashes 17 | restart: unless-stopped 18 | # env_file: #only necessary if you want to change the password, see .env file 19 | # - .env -------------------------------------------------------------------------------- /docker/wg-easy/README.md: -------------------------------------------------------------------------------- 1 | # wg-easy -------------------------------------------------------------------------------- /docker/wg-easy/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.8" 2 | services: 3 | wg-easy: 4 | environment: 5 | - WG_HOST=some.example.com 6 | - PASSWORD=some-password 7 | - WG_PORT=51820 8 | - WG_DEFAULT_ADDRESS=10.8.0.x 9 | - WG_DEFAULT_DNS=192.168.60.10 10 | 11 | image: weejewel/wg-easy 12 | container_name: wg-easy 13 | volumes: 14 | - .:/etc/wireguard 15 | ports: 16 | - "51820:51820/udp" 17 | - "51821:51821/tcp" 18 | restart: unless-stopped 19 | cap_add: 20 | - NET_ADMIN 21 | - SYS_MODULE 22 | sysctls: 23 | - net.ipv4.ip_forward=1 24 | - net.ipv4.conf.all.src_valid_mark=1 -------------------------------------------------------------------------------- /docker/wikijs/README.md: -------------------------------------------------------------------------------- 1 | # wikijs -------------------------------------------------------------------------------- /docker/wikijs/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | db: 4 | image: postgres:11-alpine 5 | environment: 6 | POSTGRES_DB: wiki 7 | POSTGRES_PASSWORD: wikijsrocks 8 | POSTGRES_USER: wikijs 9 | logging: 10 | driver: "none" 11 | restart: unless-stopped 12 | volumes: 13 | - db-data:/var/lib/postgresql/data 14 | 15 | wiki: 16 | image: ghcr.io/requarks/wiki:2 17 | depends_on: 18 | - db 19 | environment: 20 | DB_TYPE: postgres 21 | DB_HOST: db 22 | DB_PORT: 5432 23 | DB_USER: wikijs 24 | DB_PASS: wikijsrocks 25 | DB_NAME: wiki 26 | restart: unless-stopped 27 | ports: 28 | - "80:3000" 29 | 30 | volumes: 31 | db-data: -------------------------------------------------------------------------------- /docker/wireguard/README.md: -------------------------------------------------------------------------------- 1 | # wireguard 2 | 3 | Documentation [here](https://technotim.live/posts/wiregaurd-setup/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=xlyTCuWqDOg) 6 | -------------------------------------------------------------------------------- /docker/wireguard/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.1" 3 | services: 4 | wireguard: 5 | image: lscr.io/linuxserver/wireguard 6 | container_name: wireguard 7 | cap_add: 8 | - NET_ADMIN 9 | - SYS_MODULE 10 | environment: 11 | - PUID=1000 12 | - PGID=1000 13 | - TZ=Europe/London 14 | - SERVERURL=wireguard.domain.com #optional 15 | - SERVERPORT=51820 #optional 16 | - PEERS=1 #optional 17 | - PEERDNS=auto #optional 18 | - INTERNAL_SUBNET=10.13.13.0 #optional 19 | - ALLOWEDIPS=0.0.0.0/0 #optional 20 | volumes: 21 | - /path/to/appdata/config:/config 22 | - /lib/modules:/lib/modules 23 | ports: 24 | - 51820:51820/udp 25 | sysctls: 26 | - net.ipv4.conf.all.src_valid_mark=1 27 | restart: unless-stopped -------------------------------------------------------------------------------- /kubernetes/cloudflare/README.md: -------------------------------------------------------------------------------- 1 | # cloudflare -------------------------------------------------------------------------------- /kubernetes/cloudflare/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: cloudflare 5 | spec: 6 | selector: 7 | matchLabels: 8 | app: cloudflare 9 | replicas: 1 10 | template: 11 | metadata: 12 | labels: 13 | app: cloudflare 14 | spec: 15 | containers: 16 | - name: cloudflare 17 | image: oznu/cloudflare-ddns 18 | resources: 19 | requests: 20 | memory: "64Mi" 21 | cpu: "100m" 22 | limits: 23 | memory: "128Mi" 24 | cpu: "250m" 25 | env: 26 | - name: API_KEY 27 | value: some-api-key 28 | - name: DNS_SERVER 29 | value: 1.1.1.1 30 | - name: PROXIED 31 | value: "true" 32 | - name: ZONE 33 | value: example.com 34 | -------------------------------------------------------------------------------- /kubernetes/gitlab-runner/README.md: -------------------------------------------------------------------------------- 1 | # gitlab runner 2 | 3 | ```bash 4 | helm repo add gitlab https://charts.gitlab.io 5 | ``` 6 | 7 | `values.yml` is the default from 8 | https://gitlab.com/gitlab-org/charts/gitlab-runner/blob/main/values.yaml 9 | 10 | ```bash 11 | helm install --namespace default gitlab-runner -f values.yml gitlab/gitlab-runner 12 | ``` 13 | 14 | update 15 | 16 | ```bash 17 | helm upgrade --namespace default gitlab-runner -f values.yml gitlab/gitlab-runner 18 | ``` 19 | -------------------------------------------------------------------------------- /kubernetes/gitlab-runner/secret.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: gtilabrunner-s3access 5 | type: Opaque 6 | data: 7 | accesskey: some-secret 8 | secretkey: some-other-secret 9 | -------------------------------------------------------------------------------- /kubernetes/home-assistant/claim.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: PersistentVolumeClaim 3 | apiVersion: v1 4 | metadata: 5 | name: home-assistant-claim 6 | namespace: default 7 | spec: 8 | storageClassName: longhorn 9 | accessModes: 10 | - ReadWriteMany 11 | resources: 12 | requests: 13 | storage: 5Gi 14 | -------------------------------------------------------------------------------- /kubernetes/home-assistant/deployment.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: home-assistant 6 | namespace: default 7 | annotations: 8 | reloader.stakater.com/auto: "true" 9 | spec: 10 | selector: 11 | matchLabels: 12 | app: home-assistant 13 | replicas: 1 14 | progressDeadlineSeconds: 600 15 | revisionHistoryLimit: 2 16 | strategy: 17 | type: Recreate 18 | template: 19 | metadata: 20 | labels: 21 | app: home-assistant 22 | annotations: 23 | deploy-date: "deploy-date-value" 24 | spec: 25 | containers: 26 | - name: home-assistant 27 | image: homeassistant/home-assistant:2023.4 28 | resources: 29 | requests: 30 | memory: "128Mi" 31 | cpu: "100m" 32 | limits: 33 | memory: "512Mi" 34 | cpu: "500m" 35 | ports: 36 | - containerPort: 8123 37 | env: 38 | - name: TZ 39 | value: "${TIMEZONE}" 40 | volumeMounts: 41 | - mountPath: /config 42 | name: home-assistant-content 43 | volumes: 44 | - name: home-assistant-content 45 | persistentVolumeClaim: 46 | claimName: home-assistant-claim 47 | affinity: # this ensures it runs on IoT nodes. Remove, you probably don't need this 48 | nodeAffinity: 49 | requiredDuringSchedulingIgnoredDuringExecution: 50 | nodeSelectorTerms: 51 | - matchExpressions: 52 | - key: network 53 | operator: In 54 | values: 55 | - iot 56 | hostNetwork: true 57 | -------------------------------------------------------------------------------- /kubernetes/home-assistant/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: home-assistant 6 | namespace: default 7 | spec: 8 | selector: 9 | app: home-assistant 10 | ports: 11 | - protocol: TCP 12 | port: 8123 13 | targetPort: 8123 14 | -------------------------------------------------------------------------------- /kubernetes/kube-prometheus-stack/README.md: -------------------------------------------------------------------------------- 1 | # kube-prometheus-stack 2 | 3 | Documentation [here](https://technotim.live/posts/kube-grafana-prometheus/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=fzny5uUaAeY) 6 | -------------------------------------------------------------------------------- /kubernetes/kube-prometheus-stack/ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: traefik.containo.us/v1alpha1 2 | kind: IngressRoute 3 | metadata: 4 | name: grafana-ingress 5 | namespace: monitoring 6 | annotations: 7 | kubernetes.io/ingress.class: traefik-internal 8 | spec: 9 | entryPoints: 10 | - websecure 11 | routes: 12 | - match: Host(`grafana.example.com`) 13 | kind: Rule 14 | services: 15 | - name: grafana 16 | port: 80 17 | sticky: 18 | cookie: 19 | httpOnly: true 20 | name: grafana 21 | secure: true 22 | sameSite: none 23 | tls: 24 | secretName: your-tls-secret -------------------------------------------------------------------------------- /kubernetes/kube-prometheus-stack/values.yml: -------------------------------------------------------------------------------- 1 | fullnameOverride: prometheus 2 | 3 | defaultRules: 4 | create: true 5 | rules: 6 | alertmanager: true 7 | etcd: true 8 | configReloaders: true 9 | general: true 10 | k8s: true 11 | kubeApiserverAvailability: true 12 | kubeApiserverBurnrate: true 13 | kubeApiserverHistogram: true 14 | kubeApiserverSlos: true 15 | kubelet: true 16 | kubeProxy: true 17 | kubePrometheusGeneral: true 18 | kubePrometheusNodeRecording: true 19 | kubernetesApps: true 20 | kubernetesResources: true 21 | kubernetesStorage: true 22 | kubernetesSystem: true 23 | kubeScheduler: true 24 | kubeStateMetrics: true 25 | network: true 26 | node: true 27 | nodeExporterAlerting: true 28 | nodeExporterRecording: true 29 | prometheus: true 30 | prometheusOperator: true 31 | 32 | alertmanager: 33 | fullnameOverride: alertmanager 34 | enabled: true 35 | ingress: 36 | enabled: false 37 | 38 | grafana: 39 | enabled: true 40 | fullnameOverride: grafana 41 | forceDeployDatasources: false 42 | forceDeployDashboards: false 43 | defaultDashboardsEnabled: true 44 | defaultDashboardsTimezone: utc 45 | serviceMonitor: 46 | enabled: true 47 | admin: 48 | existingSecret: grafana-admin-credentials 49 | userKey: admin-user 50 | passwordKey: admin-password 51 | 52 | kubeApiServer: 53 | enabled: true 54 | 55 | kubelet: 56 | enabled: true 57 | serviceMonitor: 58 | metricRelabelings: 59 | - action: replace 60 | sourceLabels: 61 | - node 62 | targetLabel: instance 63 | 64 | kubeControllerManager: 65 | enabled: true 66 | endpoints: # ips of servers 67 | - 192.168.30.38 68 | - 192.168.30.39 69 | - 192.168.30.40 70 | 71 | coreDns: 72 | enabled: true 73 | 74 | kubeDns: 75 | enabled: false 76 | 77 | kubeEtcd: 78 | enabled: true 79 | endpoints: # ips of servers 80 | - 192.168.30.38 81 | - 192.168.30.39 82 | - 192.168.30.40 83 | service: 84 | enabled: true 85 | port: 2381 86 | targetPort: 2381 87 | 88 | kubeScheduler: 89 | enabled: true 90 | endpoints: # ips of servers 91 | - 192.168.30.38 92 | - 192.168.30.39 93 | - 192.168.30.40 94 | 95 | kubeProxy: 96 | enabled: true 97 | endpoints: # ips of servers 98 | - 192.168.30.38 99 | - 192.168.30.39 100 | - 192.168.30.40 101 | 102 | kubeStateMetrics: 103 | enabled: true 104 | 105 | kube-state-metrics: 106 | fullnameOverride: kube-state-metrics 107 | selfMonitor: 108 | enabled: true 109 | prometheus: 110 | monitor: 111 | enabled: true 112 | relabelings: 113 | - action: replace 114 | regex: (.*) 115 | replacement: $1 116 | sourceLabels: 117 | - __meta_kubernetes_pod_node_name 118 | targetLabel: kubernetes_node 119 | 120 | nodeExporter: 121 | enabled: true 122 | serviceMonitor: 123 | relabelings: 124 | - action: replace 125 | regex: (.*) 126 | replacement: $1 127 | sourceLabels: 128 | - __meta_kubernetes_pod_node_name 129 | targetLabel: kubernetes_node 130 | 131 | prometheus-node-exporter: 132 | fullnameOverride: node-exporter 133 | podLabels: 134 | jobLabel: node-exporter 135 | extraArgs: 136 | - --collector.filesystem.mount-points-exclude=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+)($|/) 137 | - --collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$ 138 | service: 139 | portName: http-metrics 140 | prometheus: 141 | monitor: 142 | enabled: true 143 | relabelings: 144 | - action: replace 145 | regex: (.*) 146 | replacement: $1 147 | sourceLabels: 148 | - __meta_kubernetes_pod_node_name 149 | targetLabel: kubernetes_node 150 | resources: 151 | requests: 152 | memory: 512Mi 153 | cpu: 250m 154 | limits: 155 | memory: 2048Mi 156 | 157 | prometheusOperator: 158 | enabled: true 159 | prometheusConfigReloader: 160 | resources: 161 | requests: 162 | cpu: 200m 163 | memory: 50Mi 164 | limits: 165 | memory: 100Mi 166 | 167 | prometheus: 168 | enabled: true 169 | prometheusSpec: 170 | replicas: 1 171 | replicaExternalLabelName: "replica" 172 | ruleSelectorNilUsesHelmValues: false 173 | serviceMonitorSelectorNilUsesHelmValues: false 174 | podMonitorSelectorNilUsesHelmValues: false 175 | probeSelectorNilUsesHelmValues: false 176 | retention: 6h 177 | enableAdminAPI: true 178 | walCompression: true 179 | scrapeInterval: 30s 180 | evaluationInterval: 30s 181 | 182 | thanosRuler: 183 | enabled: false 184 | -------------------------------------------------------------------------------- /kubernetes/nextcloud/README.md: -------------------------------------------------------------------------------- 1 | # nextcloud -------------------------------------------------------------------------------- /kubernetes/nextcloud/claim.yml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: nextcloud-html-claim 5 | spec: 6 | storageClassName: nfs-client 7 | accessModes: 8 | - ReadWriteMany 9 | resources: 10 | requests: 11 | storage: 2Gi 12 | 13 | --- 14 | kind: PersistentVolumeClaim 15 | apiVersion: v1 16 | metadata: 17 | name: nextcloud-custom-apps-claim 18 | spec: 19 | storageClassName: nfs-client 20 | accessModes: 21 | - ReadWriteMany 22 | resources: 23 | requests: 24 | storage: 5Gi 25 | 26 | --- 27 | kind: PersistentVolumeClaim 28 | apiVersion: v1 29 | metadata: 30 | name: nextcloud-config-claim 31 | spec: 32 | storageClassName: nfs-client 33 | accessModes: 34 | - ReadWriteMany 35 | resources: 36 | requests: 37 | storage: 2Gi 38 | 39 | --- 40 | kind: PersistentVolumeClaim 41 | apiVersion: v1 42 | metadata: 43 | name: nextcloud-data-claim 44 | spec: 45 | storageClassName: nfs-client 46 | accessModes: 47 | - ReadWriteMany 48 | resources: 49 | requests: 50 | storage: 10Gi 51 | 52 | 53 | --- 54 | kind: PersistentVolumeClaim 55 | apiVersion: v1 56 | metadata: 57 | name: nextcloud-themes-claim 58 | spec: 59 | storageClassName: nfs-client 60 | accessModes: 61 | - ReadWriteMany 62 | resources: 63 | requests: 64 | storage: 2Gi -------------------------------------------------------------------------------- /kubernetes/nextcloud/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: nextcloud 5 | spec: 6 | selector: 7 | matchLabels: 8 | app: nextcloud 9 | replicas: 1 10 | progressDeadlineSeconds: 600 11 | revisionHistoryLimit: 2 12 | strategy: 13 | type: Recreate 14 | template: 15 | metadata: 16 | labels: 17 | app: nextcloud 18 | spec: 19 | containers: 20 | - name: nextcloud 21 | image: nextcloud 22 | resources: 23 | requests: 24 | memory: "128Mi" 25 | cpu: "100m" 26 | env: 27 | - name: TZ 28 | value: "${TIMEZONE}" 29 | ports: 30 | - containerPort: 80 31 | volumeMounts: 32 | - mountPath: /var/www/html 33 | name: nextcloud-html 34 | - mountPath: /var/www/html/custom_apps 35 | name: nextcloud-custom-apps 36 | - mountPath: var/www/html/config 37 | name: nextcloud-config 38 | - mountPath: /var/www/html/data 39 | name: nextcloud-data 40 | - mountPath: /var/www/html/themes/ 41 | name: nextcloud-themes 42 | volumes: 43 | - name: nextcloud-html 44 | persistentVolumeClaim: 45 | claimName: nextcloud-html-claim 46 | - name: nextcloud-custom-apps 47 | persistentVolumeClaim: 48 | claimName: nextcloud-custom-apps-claim 49 | - name: nextcloud-config 50 | persistentVolumeClaim: 51 | claimName: nextcloud-config-claim 52 | - name: nextcloud-data 53 | persistentVolumeClaim: 54 | claimName: nextcloud-data-claim 55 | - name: nextcloud-themes 56 | persistentVolumeClaim: 57 | claimName: nextcloud-themes-claim 58 | securityContext: 59 | runAsUser: 1000 60 | fsGroup: 1000 -------------------------------------------------------------------------------- /kubernetes/nextcloud/ingress.yml: -------------------------------------------------------------------------------- 1 | apiVersion: traefik.containo.us/v1alpha1 2 | kind: IngressRoute 3 | metadata: 4 | name: nextcloud-ingress 5 | annotations: 6 | kubernetes.io/ingress.class: traefik 7 | spec: 8 | entryPoints: 9 | - websecure 10 | routes: 11 | - match: Host(`nextcloud.example.com`) 12 | kind: Rule 13 | services: 14 | - name: nextcloud 15 | port: 80 16 | -------------------------------------------------------------------------------- /kubernetes/nextcloud/service.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: nextcloud 6 | spec: 7 | selector: 8 | app: nextcloud 9 | ports: 10 | - protocol: TCP 11 | port: 80 12 | targetPort: 80 13 | -------------------------------------------------------------------------------- /kubernetes/pterodactyl/README.md: -------------------------------------------------------------------------------- 1 | # pterodactyl -------------------------------------------------------------------------------- /kubernetes/pterodactyl/panel/claim.yml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: pterodactyl-app-claim 5 | spec: 6 | storageClassName: longhorn 7 | accessModes: 8 | - ReadWriteOnce 9 | resources: 10 | requests: 11 | storage: 1Gi 12 | 13 | --- 14 | kind: PersistentVolumeClaim 15 | apiVersion: v1 16 | metadata: 17 | name: pterodactyl-nginx-claim 18 | spec: 19 | storageClassName: longhorn 20 | accessModes: 21 | - ReadWriteOnce 22 | resources: 23 | requests: 24 | storage: 500Mi 25 | 26 | --- 27 | kind: PersistentVolumeClaim 28 | apiVersion: v1 29 | metadata: 30 | name: pterodactyl-le-claim 31 | spec: 32 | storageClassName: longhorn 33 | accessModes: 34 | - ReadWriteOnce 35 | resources: 36 | requests: 37 | storage: 100Mi 38 | 39 | --- 40 | kind: PersistentVolumeClaim 41 | apiVersion: v1 42 | metadata: 43 | name: pterodactyl-logs-claim 44 | spec: 45 | storageClassName: longhorn 46 | accessModes: 47 | - ReadWriteOnce 48 | resources: 49 | requests: 50 | storage: 1Gi 51 | -------------------------------------------------------------------------------- /kubernetes/pterodactyl/panel/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: pterodactyl 5 | spec: 6 | selector: 7 | matchLabels: 8 | app: pterodactyl 9 | replicas: 1 10 | progressDeadlineSeconds: 600 11 | revisionHistoryLimit: 2 12 | strategy: 13 | type: Recreate 14 | template: 15 | metadata: 16 | labels: 17 | app: pterodactyl 18 | annotations: 19 | deploy-date: "deploy-date-value" 20 | spec: 21 | containers: 22 | - name: pterodactyl 23 | image: ghcr.io/pterodactyl/panel:latest 24 | resources: 25 | requests: 26 | memory: "128Mi" 27 | cpu: "300m" 28 | limits: 29 | memory: "256Mi" 30 | cpu: "500m" 31 | ports: 32 | - containerPort: 80 33 | env: 34 | - name: DB_PASSWORD 35 | valueFrom: 36 | secretKeyRef: 37 | key: DB_PASSWORD 38 | name: pterodactyl-panel 39 | - name: DB_DATABASE 40 | value: "pterodactyl_panel" 41 | - name: APP_ENV 42 | value: "production" 43 | - name: APP_ENVIRONMENT_ONLY 44 | value: "false" 45 | - name: CACHE_DRIVER 46 | value: "redis" 47 | - name: SESSION_DRIVER 48 | value: "redis" 49 | - name: QUEUE_DRIVER 50 | value: "redis" 51 | - name: REDIS_HOST 52 | value: "redis.example.com" # redis server ip or dns 53 | - name: REDIS_PASSWORD 54 | valueFrom: 55 | secretKeyRef: 56 | key: REDIS_PASSWORD 57 | name: pterodactyl-panel 58 | - name: DB_HOST 59 | value: "database.example.com" # database server ip or dns 60 | - name: DB_PORT 61 | value: "33306" 62 | - name: APP_URL 63 | value: "https://pterodactyl.example.com" # url of server panel 64 | - name: APP_TIMEZONE 65 | value: "UTC" 66 | - name: APP_SERVICE_AUTHOR 67 | value: "me@example.com" 68 | - name: TRUSTED_PROXIES 69 | value: "*" # restrict this to your proxy ip 70 | volumeMounts: 71 | - mountPath: /app/var/ 72 | name: pterodactyl-app-content 73 | - mountPath: /etc/nginx/http.d/ 74 | name: pterodactyl-nginx-content 75 | - mountPath: /etc/letsencrypt/ 76 | name: pterodactyl-le-content 77 | - mountPath: /app/storage/logs 78 | name: pterodactyl-logs-content 79 | volumes: 80 | - name: pterodactyl-app-content 81 | persistentVolumeClaim: 82 | claimName: pterodactyl-app-claim 83 | - name: pterodactyl-nginx-content 84 | persistentVolumeClaim: 85 | claimName: pterodactyl-nginx-claim 86 | - name: pterodactyl-le-content 87 | persistentVolumeClaim: 88 | claimName: pterodactyl-le-claim 89 | - name: pterodactyl-logs-content 90 | persistentVolumeClaim: 91 | claimName: pterodactyl-logs-claim -------------------------------------------------------------------------------- /kubernetes/pterodactyl/panel/ingress.yml: -------------------------------------------------------------------------------- 1 | apiVersion: traefik.containo.us/v1alpha1 2 | kind: IngressRoute 3 | metadata: 4 | name: pterodactyl-ingress 5 | # annotations: 6 | # kubernetes.io/ingress.class: traefik-internal # uncomment if you use annotations 7 | spec: 8 | entryPoints: 9 | - websecure 10 | routes: 11 | - match: Host(`pterodactyl.example.com`) # ip of your game panel 12 | kind: Rule 13 | services: 14 | - name: pterodactyl 15 | port: 80 -------------------------------------------------------------------------------- /kubernetes/pterodactyl/panel/node/endpoint.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Endpoints 3 | metadata: 4 | name: gameserver-node-01 5 | subsets: 6 | - addresses: 7 | - ip: 192.168.0.100 # ip of your game server running wings 8 | ports: 9 | - port: 443 -------------------------------------------------------------------------------- /kubernetes/pterodactyl/panel/node/ingress.yml: -------------------------------------------------------------------------------- 1 | apiVersion: traefik.containo.us/v1alpha1 2 | kind: IngressRoute 3 | metadata: 4 | name: gameserver-node-01-ingress 5 | annotations: 6 | kubernetes.io/ingress.class: traefik-internal 7 | spec: 8 | entryPoints: 9 | - websecure 10 | routes: 11 | - match: Host(`gameserver-node-01.example.com`) # ip or dns your game server running wings 12 | kind: Rule 13 | services: 14 | - name: gameserver-node-01 15 | port: 80 -------------------------------------------------------------------------------- /kubernetes/pterodactyl/panel/node/service.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: gameserver-node-01 5 | spec: 6 | ports: 7 | - protocol: TCP 8 | port: 80 9 | targetPort: 443 -------------------------------------------------------------------------------- /kubernetes/pterodactyl/panel/secret.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: pterodactyl-panel 5 | type: Opaque 6 | data: 7 | DB_PASSWORD: some-base-64-encoded-password 8 | REDIS_PASSWORD: some-base-64-encoded-password 9 | -------------------------------------------------------------------------------- /kubernetes/pterodactyl/panel/service.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: pterodactyl 6 | spec: 7 | selector: 8 | app: pterodactyl 9 | ports: 10 | - protocol: TCP 11 | port: 80 12 | targetPort: 80 13 | -------------------------------------------------------------------------------- /kubernetes/traefik-cert-manager/README.md: -------------------------------------------------------------------------------- 1 | # traefik cert-manager let's encrypt 2 | 3 | Documentation [here](https://technotim.live/posts/kube-traefik-cert-manager-le/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=G4CmbYL9UPg) 6 | -------------------------------------------------------------------------------- /kubernetes/traefik-cert-manager/cert-manager/certificates/production/local-example-com.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: cert-manager.io/v1 3 | kind: Certificate 4 | metadata: 5 | name: local-example-com 6 | namespace: default 7 | spec: 8 | secretName: local-example-com-tls 9 | issuerRef: 10 | name: letsencrypt-production 11 | kind: ClusterIssuer 12 | commonName: "*.local.example.com" 13 | dnsNames: 14 | - "local.example.com" 15 | - "*.local.example.com" 16 | -------------------------------------------------------------------------------- /kubernetes/traefik-cert-manager/cert-manager/certificates/staging/local-example-com.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: cert-manager.io/v1 3 | kind: Certificate 4 | metadata: 5 | name: local-example-com 6 | namespace: default 7 | spec: 8 | secretName: local-example-com-staging-tls 9 | issuerRef: 10 | name: letsencrypt-staging 11 | kind: ClusterIssuer 12 | commonName: "*.local.example.com" 13 | dnsNames: 14 | - "local.example.com" 15 | - "*.local.example.com" 16 | -------------------------------------------------------------------------------- /kubernetes/traefik-cert-manager/cert-manager/issuers/letsencrypt-production.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: cert-manager.io/v1 3 | kind: ClusterIssuer 4 | metadata: 5 | name: letsencrypt-production 6 | spec: 7 | acme: 8 | server: https://acme-v02.api.letsencrypt.org/directory 9 | email: you@example.com 10 | privateKeySecretRef: 11 | name: letsencrypt-production 12 | solvers: 13 | - dns01: 14 | cloudflare: 15 | email: you@example.com 16 | apiTokenSecretRef: 17 | name: cloudflare-token-secret 18 | key: cloudflare-token 19 | selector: 20 | dnsZones: 21 | - "example.com" -------------------------------------------------------------------------------- /kubernetes/traefik-cert-manager/cert-manager/issuers/letsencrypt-staging.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: cert-manager.io/v1 3 | kind: ClusterIssuer 4 | metadata: 5 | name: letsencrypt-staging 6 | spec: 7 | acme: 8 | server: https://acme-staging-v02.api.letsencrypt.org/directory 9 | email: you@example.com 10 | privateKeySecretRef: 11 | name: letsencrypt-staging 12 | solvers: 13 | - dns01: 14 | cloudflare: 15 | email: you@example.com 16 | apiTokenSecretRef: 17 | name: cloudflare-token-secret 18 | key: cloudflare-token 19 | selector: 20 | dnsZones: 21 | - "example.com" -------------------------------------------------------------------------------- /kubernetes/traefik-cert-manager/cert-manager/issuers/secret-cf-token.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: cloudflare-token-secret 6 | namespace: cert-manager 7 | type: Opaque 8 | stringData: 9 | cloudflare-token: 123abc # be sure you are generating an API token and not a global API key https://cert-manager.io/docs/configuration/acme/dns01/cloudflare/#api-tokens 10 | -------------------------------------------------------------------------------- /kubernetes/traefik-cert-manager/cert-manager/values.yaml: -------------------------------------------------------------------------------- 1 | installCRDs: false 2 | replicaCount: 3 3 | extraArgs: 4 | - --dns01-recursive-nameservers=1.1.1.1:53,9.9.9.9:53 5 | - --dns01-recursive-nameservers-only 6 | podDnsPolicy: None 7 | podDnsConfig: 8 | nameservers: 9 | - 1.1.1.1 10 | - 9.9.9.9 11 | -------------------------------------------------------------------------------- /kubernetes/traefik-cert-manager/nginx/deployment.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Deployment 3 | apiVersion: apps/v1 4 | metadata: 5 | name: nginx 6 | namespace: default 7 | labels: 8 | app: nginx 9 | spec: 10 | replicas: 3 11 | progressDeadlineSeconds: 600 12 | revisionHistoryLimit: 2 13 | strategy: 14 | type: Recreate 15 | selector: 16 | matchLabels: 17 | app: nginx 18 | template: 19 | metadata: 20 | labels: 21 | app: nginx 22 | spec: 23 | containers: 24 | - name: nginx 25 | image: nginx:latest -------------------------------------------------------------------------------- /kubernetes/traefik-cert-manager/nginx/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: traefik.io/v1alpha1 3 | kind: IngressRoute 4 | metadata: 5 | name: nginx 6 | namespace: default 7 | annotations: 8 | kubernetes.io/ingress.class: traefik-external 9 | spec: 10 | entryPoints: 11 | - websecure 12 | routes: 13 | - match: Host(`www.nginx.local.example.com`) 14 | kind: Rule 15 | services: 16 | - name: nginx 17 | port: 80 18 | - match: Host(`nginx.local.example.com`) 19 | kind: Rule 20 | services: 21 | - name: nginx 22 | port: 80 23 | middlewares: 24 | - name: default-headers 25 | tls: 26 | secretName: local-example-com-tls 27 | -------------------------------------------------------------------------------- /kubernetes/traefik-cert-manager/nginx/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: nginx 6 | namespace: default 7 | spec: 8 | selector: 9 | app: nginx 10 | ports: 11 | - name: http 12 | targetPort: 80 13 | port: 80 -------------------------------------------------------------------------------- /kubernetes/traefik-cert-manager/traefik/dashboard/ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: traefik.io/v1alpha1 2 | kind: IngressRoute 3 | metadata: 4 | name: traefik-dashboard 5 | namespace: traefik 6 | annotations: 7 | kubernetes.io/ingress.class: traefik-external 8 | spec: 9 | entryPoints: 10 | - websecure 11 | routes: 12 | - match: Host(`traefik.local.example.com`) 13 | kind: Rule 14 | middlewares: 15 | - name: traefik-dashboard-basicauth 16 | namespace: traefik 17 | services: 18 | - name: api@internal 19 | kind: TraefikService 20 | # tls: 21 | # secretName: local-example-com-staging-tls 22 | -------------------------------------------------------------------------------- /kubernetes/traefik-cert-manager/traefik/dashboard/middleware.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: traefik.io/v1alpha1 2 | kind: Middleware 3 | metadata: 4 | name: traefik-dashboard-basicauth 5 | namespace: traefik 6 | spec: 7 | basicAuth: 8 | secret: traefik-dashboard-auth 9 | -------------------------------------------------------------------------------- /kubernetes/traefik-cert-manager/traefik/dashboard/secret-dashboard.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: traefik-dashboard-auth 6 | namespace: traefik 7 | type: Opaque 8 | data: 9 | users: abc123== 10 | -------------------------------------------------------------------------------- /kubernetes/traefik-cert-manager/traefik/default-headers.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: traefik.io/v1alpha1 # traefik.containo.us/v1alpha1 depreciated in Traefik v3 2 | kind: Middleware 3 | metadata: 4 | name: default-headers 5 | namespace: default 6 | spec: 7 | headers: 8 | browserXssFilter: true 9 | contentTypeNosniff: true 10 | forceSTSHeader: true 11 | stsIncludeSubdomains: true 12 | stsPreload: true 13 | stsSeconds: 15552000 14 | referrerPolicy: no-referrer 15 | contentSecurityPolicy: "default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' https: data:; connect-src 'self' https:; frame-src 'self' https:; media-src 'self' https:; object-src 'none'; frame-ancestors 'self'; base-uri 'self'; form-action 'self';" 16 | customFrameOptionsValue: SAMEORIGIN 17 | customRequestHeaders: 18 | X-Forwarded-Proto: https 19 | -------------------------------------------------------------------------------- /kubernetes/traefik-cert-manager/traefik/values.yaml: -------------------------------------------------------------------------------- 1 | globalArguments: 2 | - "--global.sendanonymoususage=false" 3 | - "--global.checknewversion=false" 4 | 5 | additionalArguments: 6 | - "--serversTransport.insecureSkipVerify=true" 7 | - "--log.level=INFO" 8 | 9 | deployment: 10 | enabled: true 11 | replicas: 3 12 | annotations: {} 13 | podAnnotations: {} 14 | additionalContainers: [] 15 | initContainers: [] 16 | 17 | ports: 18 | web: 19 | redirections: 20 | entrypoint: 21 | to: websecure 22 | priority: 10 23 | websecure: 24 | http3: 25 | enabled: true 26 | advertisedPort: 4443 27 | tls: 28 | enabled: true 29 | 30 | ingressRoute: 31 | dashboard: 32 | enabled: false 33 | 34 | providers: 35 | kubernetesCRD: 36 | enabled: true 37 | ingressClass: traefik-external 38 | allowExternalNameServices: true 39 | kubernetesIngress: 40 | enabled: true 41 | allowExternalNameServices: true 42 | publishedService: 43 | enabled: false 44 | 45 | rbac: 46 | enabled: true 47 | 48 | service: 49 | enabled: true 50 | type: LoadBalancer 51 | annotations: {} 52 | labels: {} 53 | spec: 54 | loadBalancerIP: 192.168.30.80 # this should be an IP in the MetalLB range 55 | loadBalancerSourceRanges: [] 56 | externalIPs: [] 57 | -------------------------------------------------------------------------------- /kubernetes/traefik2-k3s-rancher/README.md: -------------------------------------------------------------------------------- 1 | # traefik + kubernetes 2 | 3 | Documentation [here](https://technotim.live/posts/k3s-traefik-rancher/) -------------------------------------------------------------------------------- /kubernetes/traefik2-k3s-rancher/config-ingress-route/kubernetes/deployment.yml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: example-workload-deployment 5 | spec: 6 | selector: 7 | matchLabels: 8 | app: example-workload 9 | replicas: 1 10 | progressDeadlineSeconds: 600 11 | revisionHistoryLimit: 2 12 | strategy: 13 | type: Recreate 14 | template: 15 | metadata: 16 | labels: 17 | app: example-workload 18 | spec: 19 | containers: 20 | - name: example-workload 21 | image: registry.example.com 22 | ports: 23 | - containerPort: 80 -------------------------------------------------------------------------------- /kubernetes/traefik2-k3s-rancher/config-ingress-route/kubernetes/ingress.yml: -------------------------------------------------------------------------------- 1 | apiVersion: traefik.containo.us/v1alpha1 2 | kind: IngressRoute 3 | metadata: 4 | name: example-workload-ingress 5 | annotations: 6 | kubernetes.io/ingress.class: traefik-external 7 | spec: 8 | entryPoints: 9 | - websecure 10 | routes: 11 | - match: Host(`www.example.com`) 12 | kind: Rule 13 | services: 14 | - name: example-workload 15 | port: 80 16 | - match: Host(`example.com`) 17 | kind: Rule 18 | services: 19 | - name: example-workload 20 | port: 80 -------------------------------------------------------------------------------- /kubernetes/traefik2-k3s-rancher/config-ingress-route/kubernetes/service.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: example-workload 6 | spec: 7 | selector: 8 | app: example-workload 9 | ports: 10 | - protocol: TCP 11 | port: 80 12 | targetPort: 80 13 | -------------------------------------------------------------------------------- /kubernetes/traefik2-k3s-rancher/config-ingress-route/traefik-chart-values.yml: -------------------------------------------------------------------------------- 1 | additionalArguments: 2 | - --providers.file.filename=/data/traefik-config.yaml 3 | - --entrypoints.websecure.http.tls.certresolver=cloudflare 4 | - --entrypoints.websecure.http.tls.domains[0].main=example.com 5 | - --entrypoints.websecure.http.tls.domains[0].sans=*.example.com 6 | # - --certificatesresolvers.cloudflare.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory 7 | # comment above when going to production 8 | - --certificatesresolvers.cloudflare.acme.dnschallenge.provider=cloudflare 9 | - --certificatesresolvers.cloudflare.acme.email=email@example.com 10 | - --certificatesresolvers.cloudflare.acme.dnschallenge.resolvers=1.1.1.1:53,8.8.8.8:53 11 | - --certificatesresolvers.cloudflare.acme.storage=/certs/acme.json 12 | - --serversTransport.insecureSkipVerify=true 13 | # you will need to add an annotation to ingresses you create kubernetes.io/ingress.class traefik-external 14 | # otherwise it will not servce those requests 15 | - --providers.kubernetescrd.ingressclass=traefik-external 16 | - --log.level=DEBUG 17 | 18 | deployment: 19 | enabled: true 20 | replicas: 1 21 | annotations: {} 22 | podAnnotations: {} 23 | additionalContainers: [] 24 | initContainers: 25 | # Related issue: https://github.com/containous/traefik/issues/6972 26 | - name: volume-permissions 27 | image: busybox:1.31.1 28 | command: ["sh", "-c", "chmod -Rv 600 /certs/*"] 29 | volumeMounts: 30 | - name: data 31 | mountPath: /certs 32 | ports: 33 | web: 34 | redirectTo: websecure 35 | env: 36 | - name: CF_DNS_API_TOKEN # or CF_API_KEY, see for more details - https://doc.traefik.io/traefik/https/acme/#providers 37 | valueFrom: 38 | secretKeyRef: 39 | key: apiKey 40 | name: cloudflare-apikey-secret 41 | ingressRoute: 42 | dashboard: 43 | enabled: false 44 | persistence: 45 | enabled: true 46 | accessMode: ReadWriteOnce 47 | size: 128Mi 48 | existingClaim: acme-json-certs 49 | path: /certs 50 | volumes: 51 | - mountPath: /data 52 | name: traefik-config 53 | type: configMap 54 | providers: 55 | kubernetesCRD: 56 | ingressClass: "traefik-external" 57 | enabled: true 58 | namespaces: [] 59 | kubernetesIngress: 60 | enabled: true 61 | namespaces: [] 62 | publishedService: 63 | enabled: true 64 | rbac: 65 | enabled: true 66 | 67 | service: 68 | enabled: true 69 | type: LoadBalancer 70 | annotations: {} 71 | labels: {} 72 | spec: 73 | loadBalancerIP: "192.168.100.240" # this should be your Metal LB IP 74 | loadBalancerSourceRanges: [] 75 | externalIPs: [] 76 | -------------------------------------------------------------------------------- /kubernetes/traefik2-k3s-rancher/config/traefik-chart-values.yml: -------------------------------------------------------------------------------- 1 | # https://traefik.io/blog/install-and-configure-traefik-with-helm/ 2 | # see https://doc.traefik.io/traefik/https/acme/#providers 3 | # https://github.com/traefik/traefik-helm-chart/blob/master/traefik/values.yaml 4 | additionalArguments: 5 | - --providers.file.filename=/data/traefik-config.yaml 6 | - --entrypoints.websecure.http.tls.certresolver=cloudflare 7 | - --entrypoints.websecure.http.tls.domains[0].main=example.com 8 | - --entrypoints.websecure.http.tls.domains[0].sans=*.example.com 9 | - --certificatesresolvers.cloudflare.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory 10 | # comment the line above when going to production 11 | - --certificatesresolvers.cloudflare.acme.dnschallenge.provider=cloudflare 12 | - --certificatesresolvers.cloudflare.acme.dnschallenge.resolvers=1.1.1.1:53,8.8.8.8:53 13 | - --certificatesresolvers.cloudflare.acme.storage=/certs/acme.json 14 | - --serversTransport.insecureSkipVerify=true 15 | # you will need to add an annotation to ingresses you create kubernetes.io/ingress.class traefik-external 16 | # otherwise it will not servce those requests 17 | - --providers.kubernetesingress.ingressclass=traefik-external 18 | # - --log.level=DEBUG 19 | 20 | deployment: 21 | enabled: true 22 | # Number of pods of the deployment 23 | replicas: 1 24 | # Additional deployment annotations (e.g. for jaeger-operator sidecar injection) 25 | annotations: {} 26 | # Additional pod annotations (e.g. for mesh injection or prometheus scraping) 27 | podAnnotations: {} 28 | # Additional containers (e.g. for metric offloading sidecars) 29 | additionalContainers: [] 30 | # Additional initContainers (e.g. for setting file permission as shown below) 31 | initContainers: 32 | # The "volume-permissions" init container is required if you run into permission issues. 33 | # Related issue: https://github.com/containous/traefik/issues/6972 34 | - name: volume-permissions 35 | image: busybox:1.31.1 36 | command: ["sh", "-c", "chmod -Rv 600 /certs/*"] 37 | volumeMounts: 38 | - name: data 39 | mountPath: /certs 40 | # Custom pod DNS policy. Apply if `hostNetwork: true` 41 | # dnsPolicy: ClusterFirstWithHostNet 42 | 43 | ports: 44 | web: 45 | redirectTo: 46 | port: websecure 47 | env: 48 | - name: CF_DNS_API_TOKEN # or CF_API_KEY, see for more details - https://doc.traefik.io/traefik/https/acme/#providers 49 | valueFrom: 50 | secretKeyRef: 51 | key: apiKey 52 | name: cloudflare-apikey-secret 53 | - name: CF_API_EMAIL 54 | valueFrom: 55 | secretKeyRef: 56 | key: email 57 | name: cloudflare-apikey-secret 58 | ingressRoute: 59 | dashboard: 60 | enabled: false 61 | persistence: 62 | enabled: true 63 | # make sure this claim is existed 64 | existingClaim: acme-json-certs 65 | accessMode: ReadWriteOnce 66 | size: 128Mi 67 | path: /certs 68 | volumes: 69 | - mountPath: /data 70 | name: traefik-config 71 | type: configMap 72 | # without this, ingress get stuck on initializing 73 | providers: 74 | kubernetesCRD: 75 | enabled: true 76 | namespaces: [] 77 | kubernetesIngress: 78 | enabled: true 79 | namespaces: [] 80 | publishedService: 81 | enabled: true 82 | rbac: 83 | enabled: true 84 | 85 | service: 86 | enabled: true 87 | type: LoadBalancer 88 | # Additional annotations (e.g. for cloud provider specific config) 89 | annotations: {} 90 | # Additional service labels (e.g. for filtering Service by custom labels) 91 | labels: {} 92 | # Additional entries here will be added to the service spec. Cannot contains 93 | # type, selector or ports entries. 94 | spec: 95 | # externalTrafficPolicy: Cluster 96 | loadBalancerIP: "192.168.100.240" # this should be your Metal LB IP 97 | # clusterIP: "2.3.4.5" 98 | loadBalancerSourceRanges: [] 99 | # - 192.168.0.1/32 100 | # - 172.16.0.0/16 101 | externalIPs: [] 102 | # - 1.2.3.4 103 | 104 | # securityContext: 105 | # capabilities: 106 | # drop: [ALL] 107 | # readOnlyRootFilesystem: false 108 | # runAsGroup: 65532 109 | # runAsNonRoot: true 110 | # runAsUser: 65532 111 | 112 | # podSecurityContext: 113 | # fsGroup: 65532 114 | -------------------------------------------------------------------------------- /kubernetes/traefik2-k3s-rancher/config/traefik-config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: cloudflare-apikey-secret 6 | namespace: kube-system 7 | type: Opaque 8 | stringData: 9 | email: yourcloudflareemail@example.com 10 | apiKey: yourCloudflareApiToken 11 | --- 12 | apiVersion: v1 13 | kind: ConfigMap 14 | metadata: 15 | name: traefik-config 16 | namespace: kube-system 17 | data: 18 | traefik-config.yaml: | 19 | http: 20 | middlewares: 21 | headers-default: 22 | headers: 23 | sslRedirect: true 24 | browserXssFilter: true 25 | contentTypeNosniff: true 26 | forceSTSHeader: true 27 | stsIncludeSubdomains: true 28 | stsPreload: true 29 | stsSeconds: 15552000 30 | customFrameOptionsValue: SAMEORIGIN 31 | customRequestHeaders: 32 | X-Forwarded-Proto: https 33 | --- 34 | apiVersion: v1 35 | kind: PersistentVolumeClaim 36 | metadata: 37 | name: acme-json-certs 38 | namespace: kube-system 39 | spec: 40 | accessModes: 41 | - ReadWriteMany # I needed both for rw 42 | - ReadWriteOnce # I needed both for rw 43 | resources: 44 | requests: 45 | storage: 128Mi -------------------------------------------------------------------------------- /kubernetes/traefik2-k3s-rancher/config/traefik-dashboard-ingressroute.yml: -------------------------------------------------------------------------------- 1 | # dashboard.yaml 2 | apiVersion: traefik.containo.us/v1alpha1 3 | kind: IngressRoute 4 | metadata: 5 | name: dashboard 6 | namespace: kube-system 7 | spec: 8 | entryPoints: 9 | - websecure 10 | routes: 11 | - match: Host(`traefik.example.com`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`)) 12 | kind: Rule 13 | middlewares: 14 | - name: traefik-dashboard-basicauth 15 | services: 16 | - name: api@internal 17 | kind: TraefikService 18 | -------------------------------------------------------------------------------- /kubernetes/traefik2-k3s-rancher/config/traefik-dashboard-secret.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: traefik-dashboard-auth 6 | namespace: kube-system 7 | data: 8 | users: |2 9 | dGVjaG5vOiRhcHIxJFRnVVJ0N2E1JFpoTFFGeDRLMk8uYVNaVWNueG41eTAKCg== 10 | --- 11 | apiVersion: traefik.containo.us/v1alpha1 12 | kind: Middleware 13 | metadata: 14 | name: traefik-dashboard-basicauth 15 | namespace: kube-system 16 | spec: 17 | basicAuth: 18 | secret: traefik-dashboard-auth -------------------------------------------------------------------------------- /kubernetes/uptime-kuma/README.md: -------------------------------------------------------------------------------- 1 | # Uptime Kuma 2 | 3 | Documentation [here](https://technotim.live/posts/uptime-kuma/) 4 | 5 | Video [here](https://www.youtube.com/watch?v=r_A5NKkAqZM) 6 | 7 | 8 | # Notes 9 | 10 | Feel free to change any of these to meet your needs 11 | 12 | * `longhorn` for storage 13 | * `traefik` for ingress 14 | * `traefik-internal` is ingress class 15 | * Resource limits & requests 16 | * Ports -------------------------------------------------------------------------------- /kubernetes/uptime-kuma/claim.yml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: uptime-kuma-claim 5 | spec: 6 | storageClassName: longhorn 7 | accessModes: 8 | - ReadWriteOnce 9 | resources: 10 | requests: 11 | storage: 5Gi -------------------------------------------------------------------------------- /kubernetes/uptime-kuma/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: uptime-kuma 5 | spec: 6 | selector: 7 | matchLabels: 8 | app: uptime-kuma 9 | replicas: 1 10 | progressDeadlineSeconds: 600 11 | revisionHistoryLimit: 2 12 | strategy: 13 | type: Recreate 14 | template: 15 | metadata: 16 | labels: 17 | app: uptime-kuma 18 | spec: 19 | containers: 20 | - name: uptime-kuma 21 | image: louislam/uptime-kuma:1-alpine 22 | resources: 23 | requests: 24 | memory: "256Mi" 25 | cpu: "100m" 26 | 27 | limits: 28 | memory: "512Mi" 29 | cpu: "250m" 30 | env: 31 | - name: UPTIME_KUMA_PORT 32 | value: "3001" 33 | ports: 34 | - containerPort: 3001 35 | volumeMounts: 36 | - mountPath: /app/data 37 | name: uptime-kuma-content 38 | volumes: 39 | - name: uptime-kuma-content 40 | persistentVolumeClaim: 41 | claimName: uptime-kuma-claim 42 | 43 | -------------------------------------------------------------------------------- /kubernetes/uptime-kuma/ingress.yml: -------------------------------------------------------------------------------- 1 | apiVersion: traefik.containo.us/v1alpha1 2 | kind: IngressRoute 3 | metadata: 4 | name: uptime-kuma-ingress 5 | annotations: 6 | kubernetes.io/ingress.class: traefik-internal 7 | spec: 8 | entryPoints: 9 | - websecure 10 | routes: 11 | - match: Host(`uptime.local.example.com`) 12 | kind: Rule 13 | services: 14 | - name: uptime-kuma 15 | port: 3001 -------------------------------------------------------------------------------- /kubernetes/uptime-kuma/service.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: uptime-kuma 6 | spec: 7 | selector: 8 | app: uptime-kuma 9 | ports: 10 | - protocol: TCP 11 | port: 3001 12 | targetPort: 3001 13 | --------------------------------------------------------------------------------