Gurulandia/Homelab
1
0
Fork 0
Code Pull Requests Actions Wiki Activity

Jemmaan

Browse Source
This commit is contained in:
Gurulandia
2026-03-01 12:16:12 +02:00
parent 76eb53aedf
commit b4cb809f2e
5 changed files with 240 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
config/docker/2023/yml-files/BookStack.env Normal file
View File

@@ -0,0 +1,87 @@
MAIL_DRIVER=smtp
# Host, Port & Encryption mechanism to use
MAIL_HOST=smtp.provider.tld
MAIL_PORT=465
MAIL_ENCRYPTION=tls
# Authentication details for your SMTP service
MAIL_USERNAME=user@provider.tld
MAIL_PASSWORD=onlyifneeded
# The "from" email address for outgoing email
MAIL_FROM=noreply@yourdomain.tld
# The "from" name used for outgoing email
MAIL_FROM_NAME=BookStack
# General auth
AUTH_METHOD=ldap
# The LDAP host, Adding a port is optional
LDAP_SERVER=example.com:389
# If using LDAP over SSL you should also define the protocol:
# LDAP_SERVER=ldaps://example.com:636
# The base DN from where users will be searched within
LDAP_BASE_DN="ou=People,dc=example,dc=com"
# The full DN and password of the user used to search the server
# Can both be left as 'false' (without quotes) to bind anonymously
LDAP_DN="cn=serviceaccount,ou=People,dc=example,dc=org"
LDAP_PASS="my#super#secret#password543"
# A filter to use when searching for users
# The user-provided user-name used to replace any occurrences of '${user}'
# If you're setting this option via other means, such as within a docker-compose.yml,
# you may need escape the $, often using $$ or \$ instead.
# Note: This option cannot be used with the docker-compose.yml `env_file` option.
LDAP_USER_FILTER=(&(uid=${user}))
# Set the LDAP version to use when connecting to the server
# Should be set to 3 in most cases.
LDAP_VERSION=3
# Set the property to use as a unique identifier for this user.
# Stored and used to match LDAP users with existing BookStack users.
# Prefixing the value with 'BIN;' will assume the LDAP service provides the attribute value as
# binary data and BookStack will convert the value to a hexidecimal representation.
# Defaults to 'uid'.
LDAP_ID_ATTRIBUTE=uid
# Set the default 'email' attribute. Defaults to 'mail'
LDAP_EMAIL_ATTRIBUTE=mail
# Set the property to use for a user's display name. Defaults to 'cn'
LDAP_DISPLAY_NAME_ATTRIBUTE=cn
# Set the attribute to use for the user's avatar image.
# Must provide JPEG binary image data.
# Will be used upon login or registration when the user doesn't
# already have an avatar image set.
# Remove this option or set to 'null' to disable LDAP avatar import.
LDAP_THUMBNAIL_ATTRIBUTE=jpegphoto
# Force TLS to be used for LDAP communication.
# Use this if you can but your LDAP support will need to support it and
# you may need to import your certificate to the BookStack host machine.
# Defaults to 'false'.
LDAP_START_TLS=false
# If you need to allow untrusted LDAPS certificates, add the below and uncomment (remove the #)
# Only set this option if debugging or you're absolutely sure it's required for your setup.
# If using php-fpm, you may want to restart it after changing this option to avoid instability.
#LDAP_TLS_INSECURE=true
# If you need to debug the details coming from your LDAP server, add the below and uncomment (remove the #)
# Only set this option if debugging since it will block logins and potentially show private details.
#LDAP_DUMP_USER_DETAILS=true
# Active Directory
LDAP_USER_FILTER=(&(sAMAccountName=${user}))
LDAP_VERSION=3
LDAP_ID_ATTRIBUTE=BIN;objectGUID
# Change the below to true if your AD server supports TLS and if your
# BookStack host system will accept the AD provided certificate.
LDAP_START_TLS=false
LDAP_THUMBNAIL_ATTRIBUTE=thumbnailPhoto

45
config/docker/2023/yml-files/BookStack.yml Normal file
View File

@@ -0,0 +1,45 @@
version: "3"
services:
mariadb:
image: lscr.io/linuxserver/mariadb:latest
container_name: bookstack_mariadb
restart: unless-stopped
volumes:
- /gurulandia/data/docker/bookstack/db:/config
environment:
- MYSQL_ROOT_PASSWORD=SuperPassword
- MYSQL_DATABASE=bookstack
- MYSQL_USER=bookstack
- MYSQL_PASSWORD=bookstack
- PGID=1000
- PUID=1000
- TZ=Europe/Helsinki
adminer:
image: adminer:latest
container_name: adminer_bs
environment:
ADMINER_DEFAULT_SERVER: mariadb_bs
restart: unless-stopped
ports:
- 7778:8080
bookstack:
image: linuxserver/bookstack:latest
container_name: bookstack
restart: unless-stopped
depends_on:
- mariadb
volumes:
- /gurulandia/data/docker/bookstack/config:/config
environment:
- DB_HOST=mariadb:3306
- DB_USER=bookstack
- DB_PASS=bookstack
- DB_DATABASE=bookstack
#- DB_PORT=3306
- PGID=1000
- PUID=1000
- TZ=Europe/Helsinki
#- APP_URL=http://test-bookstack.gurulandia.fi
- APP_URL=http://192.168.99.63:53001
ports:
- 53001:80

21
config/docker/2023/yml-files/argus.yml Normal file
View File

@@ -0,0 +1,21 @@
version: '3.7'
services:
argus:
image: releaseargus/argus:latest
container_name: argus
volumes:
- /gurulandia/data/docker/argus/config.yml:/app/config.yml
- /gurulandia/data/docker/argus/argus.db:/app/data/argus.db
environment:
ARGUS_UID: 1000 # Optional UID override
ARGUS_GID: 1000 #911 # Optional GID override
ports:
- 53006:8080 # <Host_Port:Container_Port>
#healthcheck: # Optional healthcheck
# test: ["CMD", "/healthcheck", "http://localhost:8080/api/v1/healthcheck"]
# interval: 1m
# timeout: 10s
# retries: 3
# start_period: 10s
restart: unless-stopped

15
config/docker/2023/yml-files/bender.yml Normal file
View File

@@ -0,0 +1,15 @@
version: "2"
services:
bender:
image: jez500/bender
#To build from source, comment previous line and uncomment below
#build: .
container_name: bender
volumes:
- /gurulandia/data/docker/bender/assets/:/app/static
ports:
- 53004:8080
user: 1000:1000 # default
environment:
- INIT_ASSETS=1 # default
restart: unless-stopped

72
config/docker/2023/yml-files/docker-socket-proxy.yml Normal file
View File

@@ -0,0 +1,72 @@
version: "3.7"
########################### NETWORKS
# There is no need to create any networks outside this docker-compose file.
# You may customize the network subnets (192.168.90.0/24 and 91.0/24) below as you please.
# Docker Compose version 3.5 or higher required to define networks this way.
networks:
# proxy:
# name: proxy
# driver: bridge
# ipam:
# config:
# - subnet: $PROXY_SUBNET
# gateway: $PROXY_GATEWAY
# default:
# driver: bridge
socket_proxy:
name: socket_proxy
driver: bridge
ipam:
config:
- subnet: $SOCKET_PROXY_SUBNET
gateway: $SOCKET_PROXY_GATEWAY
########################### SERVICES
services:
# Docker Socket Proxy - Security Enchanced Proxy for Docker Socket
socket-proxy:
container_name: socket-proxy
image: ghcr.io/tecnativa/docker-socket-proxy:edge
restart: always
networks:
socket_proxy:
# ipv4_address: $SOCKET_PROXY_IP # You can specify a static IP
privileged: true
ports:
# - "127.0.0.1:2375:2375" # Port 2375 should only ever get exposed to the internal network. When possible use this line.
# I use the next line instead, as I want portainer to manage multiple docker endpoints within my home network.
- "2375:2375"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
environment:
- LOG_LEVEL=info # debug,info,notice,warning,err,crit,alert,emerg
## Variables match the URL prefix (i.e. AUTH blocks access to /auth/* parts of the API, etc.).
# 0 to revoke access.
# 1 to grant access.
## Granted by Default
- EVENTS=1
- PING=1
- VERSION=1
## Revoked by Default
# Security critical
- AUTH=0
- SECRETS=0
- POST=1 # Ouroboros
# Not always needed
- BUILD=0
- COMMIT=0
- CONFIGS=0
- CONTAINERS=1 # Traefik, portainer, etc.
- DISTRIBUTION=0
- EXEC=1
- IMAGES=1 # Portainer
- INFO=1 # Portainer
- NETWORKS=1 # Portainer
- NODES=0
- PLUGINS=0
- SERVICES=1 # Portainer
- SESSION=0
- SWARM=0
- SYSTEM=0
- TASKS=1 # Portaienr
- VOLUMES=1 # Portainer