duynguyen/homelab-docker-compose-prod
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add: add docker compose stacks

Browse Source
This commit is contained in:
duynguyen
2026-01-16 05:50:15 +00:00
commit d542622d00
18 changed files with 583 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
actualbudget/docker-compose.yaml Normal file
View File

@@ -0,0 +1,17 @@
services:
actual_server:
image: actualbudget/actual-server:latest
container_name: actualbudget
security_opt:
- no-new-privileges:true
healthcheck:
test: timeout 10s bash -c ':> /dev/tcp/127.0.0.1/5006' || exit 1
interval: 10s
timeout: 5s
retries: 3
start_period: 90s
ports:
- 8002:5006
volumes:
- /data/docker/actualbudget:/data:rw
restart: on-failure:5

2
authentik/.env Normal file
View File

@@ -0,0 +1,2 @@
PG_PASS=Q/IMcaD90jPctJp+Qx6q1i9gMKF1g8VCHE2aSgSrASYBoOIZ
AUTHENTIK_SECRET_KEY=yDCM9VVhmigqSJ2xd/CQdLNfdUsLGfRh8hz1co2LtwqNwMA66Nql9QH/F/Oo0BWXxiJ0YrJ3cQAeN9XG

69
authentik/docker-compose.yaml Normal file
View File

@@ -0,0 +1,69 @@
services:
postgresql:
image: docker.io/library/postgres:16-alpine
restart: unless-stopped
environment:
POSTGRES_DB: authentik
POSTGRES_USER: authentik
POSTGRES_PASSWORD: QIMcaD90jPctJpQx6q1i9gMKF1g8VCHE2aSgSrASYBoOIZ
healthcheck:
test:
- CMD-SHELL
- pg_isready -d authentik -U authentik
interval: 30s
timeout: 5s
retries: 5
start_period: 20s
volumes:
- /data/docker/authentik/database:/var/lib/postgresql/data
server:
image: ghcr.io/goauthentik/server:2025.10.3
command: server
restart: unless-stopped
depends_on:
postgresql:
condition: service_healthy
environment:
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__NAME: authentik
AUTHENTIK_POSTGRESQL__USER: authentik
AUTHENTIK_POSTGRESQL__PASSWORD: QIMcaD90jPctJpQx6q1i9gMKF1g8VCHE2aSgSrASYBoOIZ
AUTHENTIK_SECRET_KEY: yDCM9VVhmigqSJ2xdCQdLNfdUsLGfRh8hz1co2LtwqNwMA66Nql9QHFOo0BWXxiJ0YrJ3cQAeN9XG
ports:
- "8000:9000"
- "8443:9443"
volumes:
- /data/docker/authentik/media:/media
- /data/docker/authentik/custom-templates:/templates
worker:
image: ghcr.io/goauthentik/server:2025.10.3
command: worker
restart: unless-stopped
user: root
depends_on:
postgresql:
condition: service_healthy
environment:
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__NAME: authentik
AUTHENTIK_POSTGRESQL__USER: authentik
AUTHENTIK_POSTGRESQL__PASSWORD: QIMcaD90jPctJpQx6q1i9gMKF1g8VCHE2aSgSrASYBoOIZ
AUTHENTIK_SECRET_KEY: yDCM9VVhmigqSJ2xdCQdLNfdUsLGfRh8hz1co2LtwqNwMA66Nql9QHFOo0BWXxiJ0YrJ3cQAeN9XG
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /data/docker/authentik/media:/media
- /data/docker/authentik/certs:/certs
- /data/docker/authentik/custom-templates:/templates

10
baikal/compose.yaml Normal file
View File

@@ -0,0 +1,10 @@
version: "2"
services:
baikal:
image: ckulka/baikal:nginx
restart: always
ports:
- "8005:80"
volumes:
- /data/docker/baikal/config:/var/www/baikal/config
- /data/docker/baikal/Specific:/var/www/baikal/Specific

17
beaverhabits/compose.yaml Normal file
View File

@@ -0,0 +1,17 @@
services:
beaverhabits:
container_name: beaverhabits
user: 1000:1000 # User permissions of your docker or default user.
environment:
- MAX_USER_COUNT=10
- INDEX_SHOW_HABIT_COUNT=true # To display total completed count along with the habit name on the index page. The default setting is false.
- HABITS_STORAGE=USER_DISK # DATABASE stores in a single SQLite database named habits.db. USER_DISK option saves in a local json file.
#- TRUSTED_LOCAL_EMAIL=huonghaiduynhim@gmail.com # Skip authentication
- INDEX_HABIT_DATE_COLUMNS=7 # Customize the date columns for the index page.
#- ENABLE_IOS_STANDALONE=true
volumes:
- /data/docker/beaverhabits/:/app/.user/ # Change directory to match your docker file scheme.
ports:
- 8006:8080
restart: unless-stopped
image: daya0576/beaverhabits:latest

14
bibliotheca/docker-compose.yaml Normal file
View File

@@ -0,0 +1,14 @@
services:
mybibliotheca:
image: pickles4evaaaa/mybibliotheca:2.1.0
ports:
- "5054:5054"
volumes:
- /docker/bibliotheca:/app/data
environment:
- SECRET_KEY=27de3e8d4542d5c9f1a4e52ff400681d
- SECURITY_PASSWORD_SALT=d27b5eca9de5ca952e1dc6c481afec5c
- TIMEZONE=Asia/Ho_Chi_Minh
- WORKERS=3
restart: unless-stopped

17
dockge/compose.yaml Normal file
View File

@@ -0,0 +1,17 @@
services:
dockge:
image: louislam/dockge:1
restart: unless-stopped
ports:
- 5001:5001
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /docker/dockge/data:/app/data
# Stacks Directory
# ⚠️ READ IT CAREFULLY. If you did it wrong, your data could end up writing into a WRONG PATH.
# ⚠️ 1. FULL path only. No relative path (MUST)
# ⚠️ 2. Left Stacks Path === Right Stacks Path (MUST)
- /docker/dockge/stack:/docker/dockge
environment:
# Tell Dockge where to find the stacks
- DOCKGE_STACKS_DIR=/docker/dockge

27
dococd/compose.yml Normal file
View File

@@ -0,0 +1,27 @@
services:
app:
container_name: doco-cd
# You can also pin to a specific tag (version)
# Available tags can be found here: https://github.com/kimdre/doco-cd/pkgs/container/doco-cd
image: ghcr.io/kimdre/doco-cd:0.57
restart: unless-stopped
ports:
- "8011:80" # Webhook endpoint
- "8012:9120" # Prometheus metrics
# For all available environment variables and explanations, see https://github.com/kimdre/doco-cd/wiki/App-Settings
environment:
TZ: Asia/Ho_Chi_Minh
GIT_ACCESS_TOKEN: ea408ab20f6375a0689912dd5e98c7cf3cde9d27
# WEBHOOK_SECRET: xxx # Uncomment this line and the webhook port above and set a secure secret if you want to use webhooks.
# <<: *poll-config # Uncomment this line to use the poll configuration from above (the `x-poll-config` section).
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# The data volume (left side) can also be replaced with a bind mount to a local directory, for example:
# - ./data:/data
- /docker/dococd/data:/data
healthcheck:
test: [ "CMD", "/doco-cd", "healthcheck" ]
start_period: 15s
interval: 30s
timeout: 5s
retries: 3

34
gitea/docker-compose.yaml Normal file
View File

@@ -0,0 +1,34 @@
version: "3"
services:
server:
image: docker.gitea.com/gitea:1.25.3
container_name: gitea
environment:
- USER_UID=1000
- USER_GID=1000
- GITEA__database__DB_TYPE=postgres
- GITEA__database__HOST=db:5432
- GITEA__database__NAME=gitea
- GITEA__database__USER=gitea
- GITEA__database__PASSWD=gitea
restart: always
volumes:
- /docker/gitea/data:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "8008:3000"
- "8009:22"
depends_on:
- db
db:
image: docker.io/library/postgres:14
restart: always
environment:
- POSTGRES_USER=gitea
- POSTGRES_PASSWORD=gitea
- POSTGRES_DB=gitea
volumes:
- /docker/gitea/postgres:/var/lib/postgresql/data

15
homepage/compose.yaml Normal file
View File

@@ -0,0 +1,15 @@
services:
homepage:
image: ghcr.io/gethomepage/homepage:latest
container_name: homepage
environment:
HOMEPAGE_ALLOWED_HOSTS: fireflylab.cc # required, may need port. See gethomepage.dev/installation/#homepage_allowed_hosts
PUID: 1000 # optional, your user id
PGID: 1000 # optional, your group id
ports:
- 8007:3000
volumes:
- /data/docker/homepage/config:/app/config # Make sure your local config directory exists
- /data/docker/homepage/assets:/app/public/images # Make sure your local config directory exists
#- /var/run/docker.sock:/var/run/docker.sock:ro # optional, for docker integrations
restart: unless-stopped

24
jellyfin/docker-compose.yaml Normal file
View File

@@ -0,0 +1,24 @@
services:
jellyfin:
image: jellyfin/jellyfin
container_name: jellyfin
# user: uid:gid
ports:
- "8088:8096" # Default Jellyfin web UI port
volumes:
- /docker/jellyfin/config:/config
- /docker/jellyfin/cache:/cache
- /nfs/media/Movies:/media/movie
- /nfs/media/Shows:/media/show
- /nfs/media/Podcasts:/media/podcast
group_add:
- "993"
devices:
- /dev/dri/renderD128:/dev/dri/renderD128
restart: 'unless-stopped'
networks:
- jellyfin
networks:
jellyfin:
driver: bridge

155
komodo/compose.env Normal file
View File

@@ -0,0 +1,155 @@
####################################
# 🦎 KOMODO COMPOSE - VARIABLES 🦎 #
####################################
## These compose variables can be used with all Komodo deployment options.
## Pass these variables to the compose up command using `--env-file komodo/compose.env`.
## Additionally, they are passed to both Komodo Core and Komodo Periphery with `env_file: ./compose.env`,
## so you can pass any additional environment variables to Core / Periphery directly in this file as well.
## Stick to a specific version, or use `latest`
COMPOSE_KOMODO_IMAGE_TAG=latest
## Store dated database backups on the host - https://komo.do/docs/setup/backup
COMPOSE_KOMODO_BACKUPS_PATH=/etc/komodo/backups
## DB credentials
KOMODO_DB_USERNAME=admin
KOMODO_DB_PASSWORD=admin
## Configure a secure passkey to authenticate between Core / Periphery.
KOMODO_PASSKEY=a_random_passkey
## Set your time zone for schedules
## https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
TZ=Asia/Ho_Chi_Minh
#=-------------------------=#
#= Komodo Core Environment =#
#=-------------------------=#
## Full variable list + descriptions are available here:
## 🦎 https://github.com/moghtech/komodo/blob/main/config/core.config.toml 🦎
## Note. Secret variables also support `${VARIABLE}_FILE` syntax to pass docker compose secrets.
## Docs: https://docs.docker.com/compose/how-tos/use-secrets/#examples
## Used for Oauth / Webhook url suggestion / Caddy reverse proxy.
KOMODO_HOST=https://komodo.fireflylab.cc
## Displayed in the browser tab.
KOMODO_TITLE=Komodo
## Create a server matching this address as the "first server".
## Use `https://host.docker.internal:8120` when using systemd-managed Periphery.
KOMODO_FIRST_SERVER=https://periphery:8120
## Give the first server a custom name.
KOMODO_FIRST_SERVER_NAME=Local
## Make all buttons just double-click, rather than the full confirmation dialog.
KOMODO_DISABLE_CONFIRM_DIALOG=false
## Rate Komodo polls your servers for
## status / container status / system stats / alerting.
## Options: 1-sec, 5-sec, 15-sec, 1-min, 5-min, 15-min
## Default: 15-sec
KOMODO_MONITORING_INTERVAL="15-sec"
## Interval at which to poll Resources for any updates / automated actions.
## Options: 15-min, 1-hr, 2-hr, 6-hr, 12-hr, 1-day
## Default: 1-hr
KOMODO_RESOURCE_POLL_INTERVAL="1-hr"
## Used to auth incoming webhooks. Alt: KOMODO_WEBHOOK_SECRET_FILE
KOMODO_WEBHOOK_SECRET=a_random_secret1772003
## Used to generate jwt. Alt: KOMODO_JWT_SECRET_FILE
KOMODO_JWT_SECRET=a_random_jwt_secret1772003
## Time to live for jwt tokens.
## Options: 1-hr, 12-hr, 1-day, 3-day, 1-wk, 2-wk
KOMODO_JWT_TTL="1-day"
## Enable login with username + password.
KOMODO_LOCAL_AUTH=true
## Set the initial admin username created upon first launch.
## Comment out to disable initial user creation,
## and create first user using signup button.
KOMODO_INIT_ADMIN_USERNAME=admin
## Set the initial admin password
KOMODO_INIT_ADMIN_PASSWORD=changeme
## Disable new user signups.
KOMODO_DISABLE_USER_REGISTRATION=false
## All new logins are auto enabled
KOMODO_ENABLE_NEW_USERS=false
## Disable non-admins from creating new resources.
KOMODO_DISABLE_NON_ADMIN_CREATE=false
## Allows all users to have Read level access to all resources.
KOMODO_TRANSPARENT_MODE=false
## Prettier logging with empty lines between logs
KOMODO_LOGGING_PRETTY=false
## More human readable logging of startup config (multi-line)
KOMODO_PRETTY_STARTUP_CONFIG=false
## OIDC Login
KOMODO_OIDC_ENABLED=true
KOMODO_OIDC_PROVIDER=https://authentik.fireflylab.cc/application/o/komodo/
KOMODO_OIDC_CLIENT_ID=POG3pm9pF83AdUuQY3xcuw67AKoSMGpAZQuQGaUe
KOMODO_OIDC_CLIENT_SECRET=1GsiUQDv6chotRmwvk0UCNqGOS0TNJe7SOqRjSqWP20jv7x4hsHxbP6Nr940hLK4I8kSIHRXuKPb1jJNGNGRGcSFtWrGLTGYl4zqdb6yfWG5lYFdIOPsLsgF0MMnOxD1
## Must reachable from Komodo Core container
# KOMODO_OIDC_PROVIDER=https://oidc.provider.internal/application/o/komodo
## Change the host to one reachable be reachable by users (optional if it is the same as above).
## DO NOT include the `path` part of the URL.
# KOMODO_OIDC_REDIRECT_HOST=https://oidc.provider.external
## Your OIDC client id
# KOMODO_OIDC_CLIENT_ID= # Alt: KOMODO_OIDC_CLIENT_ID_FILE
## Your OIDC client secret.
## If your provider supports PKCE flow, this can be ommitted.
# KOMODO_OIDC_CLIENT_SECRET= # Alt: KOMODO_OIDC_CLIENT_SECRET_FILE
## Make usernames the full email.
## Note. This does not work for all OIDC providers.
# KOMODO_OIDC_USE_FULL_EMAIL=true
## Add additional trusted audiences for token claims verification.
## Supports comma separated list, and passing with _FILE (for compose secrets).
# KOMODO_OIDC_ADDITIONAL_AUDIENCES=abc,123 # Alt: KOMODO_OIDC_ADDITIONAL_AUDIENCES_FILE
## Github Oauth
KOMODO_GITHUB_OAUTH_ENABLED=false
# KOMODO_GITHUB_OAUTH_ID= # Alt: KOMODO_GITHUB_OAUTH_ID_FILE
# KOMODO_GITHUB_OAUTH_SECRET= # Alt: KOMODO_GITHUB_OAUTH_SECRET_FILE
## Google Oauth
KOMODO_GOOGLE_OAUTH_ENABLED=false
# KOMODO_GOOGLE_OAUTH_ID= # Alt: KOMODO_GOOGLE_OAUTH_ID_FILE
# KOMODO_GOOGLE_OAUTH_SECRET= # Alt: KOMODO_GOOGLE_OAUTH_SECRET_FILE
## Aws - Used to launch Builder instances.
KOMODO_AWS_ACCESS_KEY_ID= # Alt: KOMODO_AWS_ACCESS_KEY_ID_FILE
KOMODO_AWS_SECRET_ACCESS_KEY= # Alt: KOMODO_AWS_SECRET_ACCESS_KEY_FILE
#=------------------------------=#
#= Komodo Periphery Environment =#
#=------------------------------=#
## Full variable list + descriptions are available here:
## 🦎 https://github.com/moghtech/komodo/blob/main/config/periphery.config.toml 🦎
## Specify the root directory used by Periphery agent.
PERIPHERY_ROOT_DIRECTORY=/etc/komodo
## Periphery passkeys must include KOMODO_PASSKEY to authenticate.
PERIPHERY_PASSKEYS=${KOMODO_PASSKEY}
## Specify whether to disable the terminals feature
## and disallow remote shell access (inside the Periphery container).
PERIPHERY_DISABLE_TERMINALS=false
## Enable SSL using self signed certificates.
## Connect to Periphery at https://address:8120.
PERIPHERY_SSL_ENABLED=true
## If the disk size is overreporting, can use one of these to
## whitelist / blacklist the disks to filter them, whichever is easier.
## Accepts comma separated list of paths.
## Usually whitelisting just /etc/hostname gives correct size.
PERIPHERY_INCLUDE_DISK_MOUNTS=/etc/hostname
# PERIPHERY_EXCLUDE_DISK_MOUNTS=/snap,/etc/repos
## Prettier logging with empty lines between logs
PERIPHERY_LOGGING_PRETTY=false
## More human readable logging of startup config (multi-line)
PERIPHERY_PRETTY_STARTUP_CONFIG=false

76
komodo/mongo.compose.yaml Normal file
View File

@@ -0,0 +1,76 @@
################################
# 🦎 KOMODO COMPOSE - MONGO 🦎 #
################################
## This compose file will deploy:
## 1. MongoDB
## 2. Komodo Core
## 3. Komodo Periphery
services:
mongo:
image: mongo
labels:
komodo.skip: # Prevent Komodo from stopping with StopAllContainers
command: --quiet --wiredTigerCacheSizeGB 0.25
restart: unless-stopped
# ports:
# - 27017:27017
volumes:
- /docker/komodo/mongo-data:/data/db
- /docker/komodo/mongo-config:/data/configdb
environment:
MONGO_INITDB_ROOT_USERNAME: ${KOMODO_DB_USERNAME}
MONGO_INITDB_ROOT_PASSWORD: ${KOMODO_DB_PASSWORD}
core:
image: ghcr.io/moghtech/komodo-core:${COMPOSE_KOMODO_IMAGE_TAG:-latest}
labels:
komodo.skip: # Prevent Komodo from stopping with StopAllContainers
restart: unless-stopped
depends_on:
- mongo
ports:
- 9120:9120
env_file: ./compose.env
environment:
KOMODO_DATABASE_ADDRESS: mongo:27017
KOMODO_DATABASE_USERNAME: ${KOMODO_DB_USERNAME}
KOMODO_DATABASE_PASSWORD: ${KOMODO_DB_PASSWORD}
volumes:
## Store dated backups of the database - https://komo.do/docs/setup/backup
#- ${COMPOSE_KOMODO_BACKUPS_PATH}:/backups
- /docker/komodo/backups:/backups
## Store sync files on server
# - /path/to/syncs:/syncs
## Optionally mount a custom core.config.toml
# - /path/to/core.config.toml:/config/config.toml
## Allows for systemd Periphery connection at
## "https://host.docker.internal:8120"
# extra_hosts:
# - host.docker.internal:host-gateway
## Deploy Periphery container using this block,
## or deploy the Periphery binary with systemd using
## https://github.com/moghtech/komodo/tree/main/scripts
periphery:
image: ghcr.io/moghtech/komodo-periphery:${COMPOSE_KOMODO_IMAGE_TAG:-latest}
labels:
komodo.skip: # Prevent Komodo from stopping with StopAllContainers
restart: unless-stopped
env_file: ./compose.env
volumes:
## Mount external docker socket
- /var/run/docker.sock:/var/run/docker.sock
## Allow Periphery to see processes outside of container
- /proc:/proc
## Specify the Periphery agent root directory.
## Must be the same inside and outside the container,
## or docker will get confused. See https://github.com/moghtech/komodo/discussions/180.
## Default: /etc/komodo.
- ${PERIPHERY_ROOT_DIRECTORY:-/etc/komodo}:${PERIPHERY_ROOT_DIRECTORY:-/etc/komodo}
#volumes:
# Mongo
#mongo-data:
#mongo-config:

1
komodo/note.txt Normal file
View File

@@ -0,0 +1 @@
docker compose -p komodo -f mongo.compose.yaml --env-file compose.env up -d

16
portainer/docker-compose.yaml Normal file
View File

@@ -0,0 +1,16 @@
services:
portainer:
image: portainer/portainer-ce:latest
container_name: portainer
ports:
- 9000:9000
volumes:
- /docker/portainer/data:/data
- /var/run/docker.sock:/var/run/docker.sock
restart: unless-stopped
networks:
- portainer
networks:
portainer:
driver: bridge

48
portnote/compose.yaml Normal file
View File

@@ -0,0 +1,48 @@
services:
web:
image: haedlessdev/portnote:latest
container_name: portnote-web-ui
restart: always
ports:
- "8001:3000"
environment:
JWT_SECRET: 7suHA24TWMEmdX
USER_SECRET: cLRvKLr6n9gydA
LOGIN_USERNAME: duynguyen
LOGIN_PASSWORD: duyportnote1772003
DATABASE_URL: "postgresql://duynguyen:duyportnote1772003@db:5432/postgres"
depends_on:
db:
condition: service_started
networks:
- portnote
agent:
image: haedlessdev/portnote-agent:latest
container_name: portnote-agent
restart: always
environment:
DATABASE_URL: "postgresql://duynguyen:duyportnote1772003@db:5432/postgres"
depends_on:
db:
condition: service_started
networks:
- portnote
db:
image: postgres:17
container_name: portnote-postgres-db
restart: always
environment:
POSTGRES_USER: duynguyen
POSTGRES_PASSWORD: duyportnote1772003
POSTGRES_DB: postgres
volumes:
- /docker/portnote/postgres_data:/var/lib/postgresql/data
networks:
- portnote
networks:
portnote:
driver: bridge

15
semaphoreui/compose.yaml Normal file
View File

@@ -0,0 +1,15 @@
services:
semaphore:
ports:
- 8010:3000
image: public.ecr.aws/semaphore/pro/server:v2.16.51
environment:
SEMAPHORE_DB_DIALECT: sqlite
SEMAPHORE_ADMIN: admin
SEMAPHORE_ADMIN_PASSWORD: admin
SEMAPHORE_ADMIN_NAME: Admin
SEMAPHORE_ADMIN_EMAIL: huonghaiduynhim@gmail.com
volumes:
- /docker/semaphoreui/semaphore_data:/var/lib/semaphore
- /docker/semaphoreui/semaphore_config:/etc/semaphore
- /docker/semaphoreui/semaphore_tmp:/tmp/semaphore

26
uptimekuma/docker-compose.yaml Normal file
View File

@@ -0,0 +1,26 @@
version: "3.8"
services:
uptime-kuma:
image: louislam/uptime-kuma:latest
container_name: uptime-kuma
restart: always
ports:
- "3001:3001" # This maps the container port "3001" to the host port "3001"
volumes:
- /data/docker/uptimekuma/data:/app/data # Configuring persistent storage
environment:
- TZ=Asia/Ho_Chi_Minh # Set the timezone (change to your preferred local timezone so monitoring times are the same)
- UMASK=0022 # Set your file permissions manually
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:3001"]
interval: 30s
retries: 3
start_period: 10s
timeout: 5s
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"