-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.databases.yaml
More file actions
172 lines (163 loc) · 5.12 KB
/
docker-compose.databases.yaml
File metadata and controls
172 lines (163 loc) · 5.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
x-common-databases: &databases
postgres:
image: postgres:17
container_name: postgres
<<: *common
networks:
- backend
volumes:
- config-postgres:/var/lib/postgresql
- ./postgres:/docker-entrypoint-initdb.d
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${DATABASE_USERNAME} -d ${TODO_DATABASE}"]
<<: *healthcheck
user: ${PUID}:${PGID}
environment:
<<: *env-vars
POSTGRES_USER: ${DATABASE_USERNAME}
POSTGRES_PASSWORD: ${DATABASE_PASSWORD}
POSTGRES_MULTIPLE_DATABASES: vikunja,vaultwarden,outline,auth,speedtest,gitea
PGDATA: /var/lib/postgresql/17/data
labels:
traefik.enable: false
pgbackups:
image: prodrigestivill/postgres-backup-local
container_name: postgres-backups
<<: *common
user: ${PUID}:${PGID}
volumes:
- config-postgres-backups:/backups
depends_on:
- postgres
environment:
<<: *env-vars
POSTGRES_HOST: postgres
POSTGRES_DB: vikunja,vaultwarden,outline,auth,speedtest,gitea
POSTGRES_USER: ${DATABASE_USERNAME}
POSTGRES_PASSWORD: ${DATABASE_PASSWORD}
POSTGRES_EXTRA_OPTS: --compress=6 --compress=zstd --large-objects
SCHEDULE: "@daily"
BACKUP_ON_START: TRUE
BACKUP_KEEP_DAYS: 7
BACKUP_KEEP_WEEKS: 4
BACKUP_KEEP_MONTHS: 6
BACKUP_SUFFIX: ".sql.zstd"
HEALTHCHECK_PORT: 8080
labels:
traefik.enable: false
pg-vectors:
image: tensorchord/pgvecto-rs:pg15-v0.3.0
container_name: pg-vectors
<<: *common
networks:
- backend
volumes:
- config-pg-vectors:/var/lib/postgresql
healthcheck:
test: ["CMD-SHELL", "pg_isready -U immich -d immich"]
<<: *healthcheck
user: ${PUID}:${PGID}
environment:
<<: *env-vars
POSTGRES_USER: immich
POSTGRES_PASSWORD: ${DATABASE_PASSWORD}
POSTGRES_DB: immich
PGDATA: /var/lib/postgresql/15/data
labels:
traefik.enable: false
#redis:
# image: redis
# container_name: redis
# <<: *common
# networks:
# - backend
# command: ["redis-server", "/data/redis.conf", "--save", "60", "1", "--loglevel", "warning" ]
# volumes:
# - config-redis:/data
# healthcheck:
# test: ["CMD", "redis-cli", "ping"]
# <<: *healthcheck
# labels:
# traefik.enable: false
valkey:
image: valkey/valkey
container_name: valkey
<<: *common
networks:
- backend
command: ["valkey-server", "/data/valkey.conf", "--save", "60", "1", "--loglevel", "warning" ]
volumes:
- config-valkey:/data
healthcheck:
test: ["CMD", "valkey-cli", "ping"]
<<: *healthcheck
labels:
traefik.enable: false
minio:
image: minio/minio
container_name: minio
entrypoint: sh
command: -c 'minio server /data --console-address ":9001"'
<<: *common
volumes:
- config-s3:/data
environment:
<<: *env-vars
MINIO_BROWSER_REDIRECT_URL: "https://minio.${DOMAIN}"
MINIO_PROMETHEUS_AUTH_TYPE: "public"
MINIO_ROOT_USER: ${MINIO_ROOT_USER}
MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
healthcheck:
test: timeout 5s bash -c ':> /dev/tcp/127.0.0.1/9000' || exit 1
<<: *healthcheck
labels:
traefik.http.routers.minio.rule: Host(`minio.${DOMAIN}`) && $RESTRICTED
traefik.http.services.minio.loadbalancer.server.port: 9001
traefik.http.routers.minio.entryPoints: websecure
traefik.http.routers.minio.tls: true
traefik.http.routers.minio.tls.certResolver: letsencrypt
traefik.http.routers.minio.service: minio
traefik.http.routers.minioadmin.entryPoints: websecure
traefik.http.routers.minioadmin.rule: Host(`minioapi.${DOMAIN}`) && $RESTRICTED
traefik.http.services.minioadmin.loadbalancer.server.port: 9000
traefik.http.routers.minioadmin.tls: true
traefik.http.routers.minioadmin.tls.certResolver: letsencrypt
traefik.http.routers.minioadmin.service: minioadmin
mosquitto:
image: eclipse-mosquitto
container_name: mqtt
<<: *common
networks:
- frontend
volumes:
- config-mosquitto:/mosquitto/config
healthcheck:
test: ["CMD", "mosquitto_sub", "-t", "$$SYS/#", "-C", "1", "-i", "healthcheck", "-W", "3", "-u", "${FRIGATE_MQTT_USERNAME}", "-P", "${FRIGATE_MQTT_PASSWORD}"]
<<: *healthcheck
labels:
traefik.tcp.routers.mqtt.rule: HostSNI(`mqtt.${DOMAIN}`)
traefik.tcp.routers.mqtt.entryPoints: mqtts
traefik.tcp.routers.mqtt.tls: true
traefik.tcp.routers.mqtt.tls.certResolver: letsencrypt
traefik.tcp.services.mqtt.loadbalancer.server.port: 1883
traefik.tcp.routers.mqtt.service: mqtt
matter:
image: ghcr.io/home-assistant-libs/python-matter-server:stable
container_name: matter
restart: unless-stopped
<<: *logging
dns:
- 192.168.1.1
environment:
<<: *env-vars
# Required for mDNS to work correctly
network_mode: host
security_opt:
- no-new-privileges=true
# Needed for Bluetooth via dbus
- apparmor=unconfined
volumes:
- config-matter:/data/
- /run/dbus:/run/dbus:ro
labels:
traefik.enable: false