geezo/theocorp_docker_compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: geezo:f3b498e1f44023a5ad6e4ce4331929d1fbf8f407
Branches Tags
geezo:main
..
compare: geezo:2ddaea59540c6b0966b21386b805e4259714f34b
Branches Tags
geezo:main

No commits in common. "f3b498e1f44023a5ad6e4ce4331929d1fbf8f407" and "2ddaea59540c6b0966b21386b805e4259714f34b" have entirely different histories.
f3b498e1f4 ... 2ddaea5954

12 changed files with 23 additions and 258 deletions
Show Stats Expand all files Collapse all files

15
authentik/.env
View File

@ -1,15 +0,0 @@
# SMTP Host Emails are sent to
AUTHENTIK_EMAIL__HOST=smtp.gmail.com
AUTHENTIK_EMAIL__PORT=25
# Optionally authenticate (don't add quotation marks to your password)
AUTHENTIK_EMAIL__USERNAME=gaxinto@theodorio.com
AUTHENTIK_EMAIL__PASSWORD=svzd iksz qmlv psfm
# Use StartTLS
AUTHENTIK_EMAIL__USE_TLS=false
# Use SSL
AUTHENTIK_EMAIL__USE_SSL=false
AUTHENTIK_EMAIL__TIMEOUT=10
# Email address authentik will send from, should have a correct @domain
AUTHENTIK_EMAIL__FROM=authentik@theodorio.com
PG_PASS=gxZqyDGAaYgGPoXb2MUrVhDQDM9RjGPCNFigdQdt+McU5R2b
AUTHENTIK_SECRET_KEY=foDL/hKQrsdjUQJj4wPg0gOqgHwPW1aeWrMRrgdOJz/k0JXwTnncnlCqirA65DJ06cXjQEbdXwt+TOHC

93
authentik/docker-compose.yml
View File

@ -1,93 +0,0 @@
---
services:
postgresql:
container_name: authentik-postgres
image: docker.io/library/postgres:16-alpine
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
start_period: 20s
interval: 30s
retries: 5
timeout: 5s
volumes:
- database:/var/lib/postgresql/data
environment:
POSTGRES_PASSWORD: ${PG_PASS:-database password required}
POSTGRES_USER: ${PG_USER:-authentik}
POSTGRES_DB: ${PG_DB:-authentik}
env_file:
- .env
redis:
container_name: authentik-redis
image: docker.io/library/redis:alpine
command: --save 60 1 --loglevel warning
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
start_period: 20s
interval: 30s
retries: 5
timeout: 3s
volumes:
- redis:/data
server:
container_name: authentik
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2.1}
restart: unless-stopped
command: server
environment:
AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
volumes:
- ./media:/media
- ./custom-templates:/templates
env_file:
- .env
ports:
- "${COMPOSE_PORT_HTTP:-9000}:9000"
- "${COMPOSE_PORT_HTTPS:-9443}:9443"
depends_on:
postgresql:
condition: service_healthy
redis:
condition: service_healthy
worker:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2.1}
restart: unless-stopped
command: worker
environment:
AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
# `user: root` and the docker socket volume are optional.
# See more for the docker socket integration here:
# https://goauthentik.io/docs/outposts/integrations/docker
# Removing `user: root` also prevents the worker from fixing the permissions
# on the mounted folders, so when removing this make sure the folders have the correct UID/GID
# (1000:1000 by default)
user: root
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./media:/media
- ./certs:/certs
- ./custom-templates:/templates
env_file:
- .env
depends_on:
postgresql:
condition: service_healthy
redis:
condition: service_healthy
volumes:
database:
driver: local
redis:
driver: local

1
beaverhabits/docker-compose.yml
View File

@ -22,7 +22,6 @@ services:
glance.hide: false
networks:
- tunnel
- default
networks:
tunnel:

28
caddy/certs/theocorp+4-key.pem
View File

@ -1,28 +0,0 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDCaNazJUTUK1kA
YctfzDp8qYp4ZIeUmzUFLoZPcf6FexL6nXcycZrsoVHjPqi+/j/EdOgnlU+iXRuI
X4tRQex46d+ubMWjDqMGa/Iieg5Dsu9/oASsRXkP8ixkAxpSohjEHMXefFxdj2gw
pdDwkUZ2S0/bJ5W3mgUV+rJbaKBNG3WWcafU4HqMd73Pz7IHBRQTRsjZn2iBP0Em
XgjJXnO1aB6kayHEpPDPIp8Na553gnYp/I5ke+KXSEVqpamMoHYalj6xw4mOORnH
uEMgPX0qzZ0VlAYqLrXljmfbmeZFCqZd06YnAQ2KjGnbtcIvHBHj0ltlJ8Dy9l55
1lpb/GtbAgMBAAECggEBAJv1fN+kc03+JF0xFvUYIodlf2dLxpSJ2oP4qdjL61Jr
xHL2pev6xT01wTqbRsZJsyBIZQF0P7lSFkdV1q7uQuVRQZdtPTOtB02chVfxMMZQ
ot9woK8O4KrRLZlh/9jwnwucxYPRokuQQxZbv31uHefCTSLT48Cxt4jFYBYCni6c
BacA1UzVlHEQwevUr9i/yzMfF7cXpyz8aoXQ7deMx4kQlWVRwYtqjQKwz/MOe6Uo
1TUar/cndJpXvYDlCowHnW1sQemlRklDRTlza58qGFqw9rGLkbsgYNY3emEKFsFY
C5Yw7TY8G1dwBI5mIvQ+OVuKACMwjdmma0dmBFhb4EkCgYEA2K7xYZkVlVX32TF5
DkGZIveK5dUQRgbBDEFXvoLBpgL4udzLaI6TPdQ2JYBo+LODea5h8jd2fpRbOpC0
4Iv4rwORci8qnvwWBUOnm1OMUI+bWdTuqR59LSUIyP4vPxwd2NIe9QkN6hc+2qFZ
shUgdK99obvNnYBJqSnWTUPJT6UCgYEA5a9DkDGpB0tdAAtGXQsd42RhqSGmqBoO
D5DhysILaaFQd4gb4ADpRw1q/m7Qab/JZMg6CwZWeq2/K4pPsvHQK67pQv+iLExL
fg7SC+dAEbMrwCuV0cv6oZ3HR3+jQ4EGaRodI80g74lukCzpi+jgMoaIGOShtM7m
yLFkp9jB3v8CgYBKbyZKQZ0xdJu0h5MvO4eQhHq5Ywy5EX7lZ9jtf9tn3ON2bYuO
elPITIrhLRBiRsBmX2oUG8tfxjTklGseK9ccv9wJ3nwEq1IhMtFzwSqVTg+utz/Y
5rlXdb5j1TWDt3PlVKD/ycF25c9YqU63pxxEGTjOA0ap0TT8oHuWhS+1ZQKBgAuK
c+2h4Slhqwmeh2mTbmwHljSmYTZfIMe9cur6NxKWrXFkIGpwAUi1ruOb89LsdRUg
TnJRXjUJ1+o7J+gI6HnZbxUTvTVWnBB4dCtu8jQxeYhNaFjDVBOc1u+LxUtWB1lu
m3o6C2ad1DVgXFfQWruPMPV3P3zTTJtW9oTMimlHAoGBAJyrzDDE2vv1V5dWR9WL
Sp2Arm7LepPr/rmrgERIn4hm9G3SdbYWsXx8rE2JC1r1sS8htHM7gA6XqySGed8k
MG5i6yeOs6MqxSDZjoVAnyWbfZ30lAtEqx4stsLs//D1GdZAZ5HufwV3dxf1C3qL
jKbPFLoqhFzl9HxfFgygENSj
-----END PRIVATE KEY-----

28
caddy/certs/theocorp+4.pem
View File

@ -1,28 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIEuDCCAyCgAwIBAgIQC9fL+3ffRY72j0bufPWq7jANBgkqhkiG9w0BAQsFADCB
sTEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMUMwQQYDVQQLDDpnYXhp
bnRvdGhlb2RvcmlvQGNyb3cudGFpbGJiNDRmLnRzLm5ldCAoR2F4aW50byBUaGVv
ZG9yaW8pMUowSAYDVQQDDEFta2NlcnQgZ2F4aW50b3RoZW9kb3Jpb0Bjcm93LnRh
aWxiYjQ0Zi50cy5uZXQgKEdheGludG8gVGhlb2RvcmlvKTAeFw0yNTAyMjcxODI4
NDFaFw0yNzA1MjcxNzI4NDFaMG4xJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9wbWVu
dCBjZXJ0aWZpY2F0ZTFDMEEGA1UECww6Z2F4aW50b3RoZW9kb3Jpb0Bjcm93LnRh
aWxiYjQ0Zi50cy5uZXQgKEdheGludG8gVGhlb2RvcmlvKTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMJo1rMlRNQrWQBhy1/MOnypinhkh5SbNQUuhk9x
/oV7EvqddzJxmuyhUeM+qL7+P8R06CeVT6JdG4hfi1FB7Hjp365sxaMOowZr8iJ6
DkOy73+gBKxFeQ/yLGQDGlKiGMQcxd58XF2PaDCl0PCRRnZLT9snlbeaBRX6slto
oE0bdZZxp9Tgeox3vc/PsgcFFBNGyNmfaIE/QSZeCMlec7VoHqRrIcSk8M8inw1r
nneCdin8jmR74pdIRWqlqYygdhqWPrHDiY45Gce4QyA9fSrNnRWUBiouteWOZ9uZ
5kUKpl3TpicBDYqMadu1wi8cEePSW2UnwPL2XnnWWlv8a1sCAwEAAaOBjTCBijAO
BgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwHwYDVR0jBBgwFoAU
SU4cKZp/2Dp8CcrYEybBQHtTgccwQgYDVR0RBDswOYIIdGhlb2NvcnCCCioudGhl
b2NvcnCCCWxvY2FsaG9zdIcEfwAAAYcQAAAAAAAAAAAAAAAAAAAAATANBgkqhkiG
9w0BAQsFAAOCAYEAQH7eRfRObVI5hvu3AKaOWuHG92T+p3AqG4/2Wg9/yjryt7Yj
JMqo0J18dlluQ7EMd8PAW546jbR7IZWU2tEprz462Yh8wJPsKUOcmnDxBV4vD4YS
zKFbiiTxyEOmS1Dpn2x9ygTgZKwf6xY94wxSy1JLQNBR3DdQx5kiVMCeyTfQtLB9
5P9YY1vasuu2Po32oM3lZdaFTxat9V7veNDqlOoWv28265tqsqNp3cW/b3irKIzv
Osz98Kv+rMwM3NreMdHs2zBcMWgvlLaRoyHolx/8FI/pCL83hrHgZxw9dh1AKt5r
1v+6TOgPBddghwfwMDDSqs5Goik5TK+ewsHmb4MuNa7wPRHP3bdfbYYrn2ZEnb1y
ycHjl/lnZPXW+55FCsuEtNa2MaWSBZZ2eObhgHUO8cAt0ynxktoLIWiog2xzOEsJ
j2AKpONBt9HsnWJKyR56g+8yix0Esp7C3IvvSYI5H8yMJQPjp2qDjfP99suSIVUN
HmL1k2fAe9r1Qkox
-----END CERTIFICATE-----

30
caddy/conf/Caddyfile
View File

@ -1,75 +1,75 @@
gitea.theocorp {
tls /certs/theocorp+4.pem /certs/theocorp+4-key.pem
tls internal
reverse_proxy gitea:3000
}
glance.theocorp {
tls /certs/theocorp+4.pem /certs/theocorp+4-key.pem
tls internal
reverse_proxy glance:8080
}
hoarder.theocorp {
tls /certs/theocorp+4.pem /certs/theocorp+4-key.pem
tls internal
reverse_proxy hoarder:3000
}
immich.theocorp {
tls /certs/theocorp+4.pem /certs/theocorp+4-key.pem
tls internal
reverse_proxy immich:2283
}
n8n.theocorp {
tls /certs/theocorp+4.pem /certs/theocorp+4-key.pem
tls internal
reverse_proxy n8n:5678
}
navidrome.theocorp {
tls /certs/theocorp+4.pem /certs/theocorp+4-key.pem
tls internal
reverse_proxy navidrome:4533
}
olivetin.theocorp {
tls /certs/theocorp+4.pem /certs/theocorp+4-key.pem
tls internal
reverse_proxy olivetin:1337
}
paperless-ai.theocorp {
tls /certs/theocorp+4.pem /certs/theocorp+4-key.pem
tls internal
reverse_proxy paperless-ai:3000
}
paperless.theocorp {
tls /certs/theocorp+4.pem /certs/theocorp+4-key.pem
tls internal
reverse_proxy paperless-ngx:8000
}
portainer.theocorp {
tls /certs/theocorp+4.pem /certs/theocorp+4-key.pem
tls internal
reverse_proxy portainer:9000
}
vaultwarden.theocorp {
tls /certs/theocorp+4.pem /certs/theocorp+4-key.pem
tls internal
reverse_proxy vaultwarden:80
}
beszel.theocorp {
tls /certs/theocorp+4.pem /certs/theocorp+4-key.pem
tls internal
reverse_proxy beszel:8090
}
dozzle.theocorp {
tls /certs/theocorp+4.pem /certs/theocorp+4-key.pem
tls internal
reverse_proxy dozzle:8080
}
hastebin.theocorp {
tls /certs/theocorp+4.pem /certs/theocorp+4-key.pem
tls internal
reverse_proxy hastebin:7777
}
habits.theocorp {
tls /certs/theocorp+4.pem /certs/theocorp+4-key.pem
tls internal
reverse_proxy beaverhabits:8080
}

2
caddy/docker-compose.yml
View File

@ -14,7 +14,7 @@ services:
- $PWD/site:/srv
- caddy_data:/data
- caddy_config:/config
- $PWD/certs:/certs
- $PWD/certificates:/data/caddy/certificates/local
networks:
- portainer_default
- glance_default

15
glance/config/glance.yml
View File

@ -58,8 +58,7 @@ pages:
repositories:
- hoarder-app/hoarder
- glanceapp/glance
- usememos/memos
- aesameailabs/csm
- neosmemo/memos
- type: hacker-news
limit: 15
collapse-after: 5
@ -79,7 +78,7 @@ pages:
subreddit: selfhosted
show-thumbnails: true
- type: reddit
subreddit: localllama
subreddit: sideproject
show-thumbnails: true
- type: videos
@ -152,19 +151,19 @@ pages:
style: horizontal-cards
feeds:
- url: https://rss.app/feeds/zGtl0lQuVVN1ew1Y.xml
title: NY Times
title: Google News
- type: rss
title: US News
style: horizontal-cards
feeds:
- url: https://rss.nytimes.com/services/xml/rss/nyt/US.xml
title: NY Times
- url: https://rss.app/feeds/mG6VlfoOqmynqgbT.xml
title: Google News
- type: rss
title: World News
style: horizontal-cards
feeds:
- url: https://rss.nytimes.com/services/xml/rss/nyt/Politics.xml
title: NY Times
- url: https://rss.app/feeds/8l0pnQ0Vny9DxtaR.xml
title: Google News
- type: videos
style: grid-cards

18
netbird/docker-compose.yml
View File

@ -1,18 +0,0 @@
version: '3.8'
services:
netbird:
image: netbirdio/netbird:latest
container_name: netbird
environment:
- NB_SETUP_KEY=B28D6544-FBA2-4AAD-941E-DB7E5E2E1B8F
- NB_MANAGEMENT_URL=https://netbird.geezo.site:33073
volumes:
- netbird-client:/etc/netbird
cap_add:
- NET_ADMIN
restart: always
volumes:
netbird-client:
external: true

21
newt/docker-compose.yml
View File

@ -1,21 +0,0 @@
services:
newt:
image: fosrl/newt
container_name: newt
restart: unless-stopped
environment:
- PANGOLIN_ENDPOINT=https://pangolin.geezo.site
- NEWT_ID=9x2gfxip3507m07
- NEWT_SECRET=rz985r78yhi50gk5utxp33qz4sk8ijt5dyp788x9qd3oqk3k
networks:
- beaverhabits_default
- authentik_default
extra_hosts:
- "pangolin.geezo.site:44.210.184.15"
networks:
beaverhabits_default:
external: true
authentik_default:
external: true

13
open-web-ui/.env
View File

@ -1,13 +0,0 @@
# Ollama URL for the backend to connect
# The path '/ollama' will be redirected to the specified backend URL
OLLAMA_BASE_URL='http://owl:11434'
OPENAI_API_BASE_URL=''
OPENAI_API_KEY=''
# AUTOMATIC1111_BASE_URL="http://localhost:7860"
# DO NOT TRACK
SCARF_NO_ANALYTICS=true
DO_NOT_TRACK=true
ANONYMIZED_TELEMETRY=false

17
open-web-ui/docker-compose.yml
View File

@ -1,17 +0,0 @@
services:
open-webui:
image: ghcr.io/open-webui/open-webui:${WEBUI_DOCKER_TAG-main}
container_name: open-webui
volumes:
- open-webui:/app/backend/data
ports:
- 1019:8080
environment:
- 'OLLAMA_BASE_URL=http://owl:11434'
- 'WEBUI_SECRET_KEY='
extra_hosts:
- host.docker.internal:host-gateway
restart: unless-stopped
volumes:
open-webui: {}