bartronx7/excellon-config
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

initial+current state of the server

Browse source
This commit is contained in:
bart 2024-12-02 18:52:31 -06:00
commit 8b720d1ff8
2 changed files with 261 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

78
config.scm Normal file
View file

@ -0,0 +1,78 @@
;; Indicate which modules to import to access the variables
;; used in this configuration.
(use-modules (gnu))
(use-service-modules cups desktop networking ssh xorg docker dbus)
(operating-system
(locale "en_US.utf8")
(timezone "America/Chicago")
(keyboard-layout (keyboard-layout "us"))
(host-name "excellon")
;; The list of user accounts ('root' is implicit).
(users
(cons* (user-account
(name "bartronx7")
(comment "bartronx7")
(group "users")
(home-directory "/home/bartronx7")
(supplementary-groups '("wheel" "netdev" "audio" "video" "www-data" "docker")))
%base-user-accounts))
;; Below is the list of system services. To search for available
;; services, run 'guix system search KEYWORD' in a terminal.
(services
(append (list
;; To configure OpenSSH, pass an 'openssh-configuration'
;; record as a second argument to 'service' below.
(service openssh-service-type)
(service dhcp-client-service-type)
(service ntp-service-type)
(service elogind-service-type
(elogind-configuration (handle-suspend-key 'ignore)))
(service dbus-root-service-type)
(service containerd-service-type)
(service docker-service-type (docker-configuration
(environment-variables (list
"TMPDIR=/tmp/dockerd")))))
;; This is the default list of services we
;; are appending to.
%base-services))
(bootloader (bootloader-configuration
(bootloader grub-bootloader)
(targets (list "/dev/sda"))
(keyboard-layout keyboard-layout)))
;; The devices that make up the luks "docs" labelled filesystem
(mapped-devices
(list (mapped-device
(source (uuid "cf6bafca-b225-46ca-8dfc-b82fb6ab5560"))
(target "doc1")
(type luks-device-mapping))
(mapped-device
(source (uuid "05f833fb-1c68-4453-9df5-68a454f59845"))
(target "doc2")
(type luks-device-mapping))))
;; The list of file systems that get "mounted". The unique
;; file system identifiers there ("UUIDs") can be obtained
;; by running 'blkid' in a terminal.
(file-systems
(cons* (file-system
(mount-point "/")
(device (file-system-label "guixos"))
(type "btrfs"))
(file-system
(mount-point "/data")
(device (file-system-label "datapool"))
(type "btrfs"))
(file-system
(mount-point "/docs")
(device "/dev/mapper/doc1")
(type "btrfs"))
%base-file-systems)))

183
docker-compose.yml Normal file
View file

@ -0,0 +1,183 @@
version: '3'
services:
traefik:
image: traefik:v3.2
container_name: traefik
command:
# - "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entryPoints.web.address=:80"
- "--entryPoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.httpchallenge=true"
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
#- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myresolver.acme.email=barton@akeley.tech"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- "/data/docker/volumes/letsencrypt:/letsencrypt:rw"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.api.rule=Host(`traefik.akeley.tech`)'
- 'traefik.http.routers.api.entryPoints=https'
- 'traefik.http.routers.api.tls=true'
- 'traefik.http.routers.api.service=api@internal'
- 'traefik.http.routers.api.middlewares=authelia@docker'
pktriot:
image: packetriot/pktriot:latest
container_name: pktriot
restart: unless-stopped
volumes:
- /data/docker/volumes/pktriot:/data:rw
mariadb:
image: mariadb:10.6
container_name: mariadb
restart: always
command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
volumes:
- /data/docker/volumes/mariadb:/var/lib/mysql:rw
environment:
- MYSQL_ROOT_PASSWORD=fji9_+jK12dEW
- MYSQL_PASSWORD=Z67dJ0rKBSU74ZwvqIsd
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
nextcloud:
image: nextcloud
container_name: nextcloud
restart: always
ports:
- 8088:80
links:
- mariadb
volumes:
- /data/docker/volumes/nextcloud:/var/www/html
- /data:/data:rw
- /docs/documents:/documents:rw
environment:
- MYSQL_PASSWORD=Z67dJ0rKBSU74ZwvqIsd
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_HOST=mariadb
labels:
- traefik.enable=true
- traefik.http.routers.nextcloud.entrypoints=web,websecure
- traefik.http.routers.nextcloud.rule=Host(`nextcloud.akeley.tech`)
- traefik.http.routers.nextcloud.tls=true
- traefik.http.routers.nextcloud.tls.certresolver=myresolver
plex:
image: plexinc/pms-docker
container_name: plex
init: true
hostname: excellon
restart: always
ports:
- 32400:32400
- 8324:8324
- 32469:32469
- 1900:1900
- 32410:32410
- 32412:32412
- 32413:32413
- 32414:32414
environment:
TZ: "America/Chicago"
PLEX_CLAIM: "claim-7-N1LVT5AMco6ayhy4Tm"
ADVERTISE_IP: "http://192.168.1.3:32400/"
volumes:
- /data/docker/volumes/plex/config:/config
- /data/docker/volumes/plex/transcode:/transcode
- /data:/data:rw
forgejo:
image: codeberg.org/forgejo/forgejo:9
container_name: forgejo
environment:
- USER_UID=1000
- USER_GID=1000
restart: always
volumes:
- /data/docker/volumes/forgejo:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- '3000:3000'
- '222:22'
depends_on:
- postgres
postgres:
image: postgres:14
restart: always
environment:
- POSTGRES_USER=forgejo
- POSTGRES_PASSWORD=forgejo
- POSTGRES_DB=forgejo
volumes:
- /data/docker/volumes/postgres:/var/lib/postgresql/data
# whoami:
# image: "traefik/whoami"
# container_name: whoami
# labels:
# - "traefik.enable=true"
# - "traefik.http.routers.whoami.rule=Host(`whoami.akeley.tech`)"
# - "traefik.http.routers.whoami.entrypoints=web,websecure"
# - "traefik.http.routers.whoami.tls.certresolver=myresolver"
# authelia:
# container_name: 'authelia'
# image: 'authelia/authelia'
# restart: 'unless-stopped'
# expose:
# - 9091
# volumes:
# - './authelia/config:/config'
# environment:
# TZ: "America/Chicago"
# labels:
# - 'traefik.enable=true'
# - 'traefik.http.routers.authelia.rule=Host(`auth.akeley.tech`)'
# - 'traefik.http.routers.authelia.entryPoints=https'
# - 'traefik.http.routers.authelia.tls=true'
# - 'traefik.http.middlewares.authelia.forwardAuth.address=http://authelia:9091/api/authz/forward-auth'
# ## The following commented line is for configuring the Authelia URL in the proxy. We strongly suggest this is
# ## configured in the Session Cookies section of the Authelia configuration.
# # - 'traefik.http.middlewares.authelia.forwardAuth.address=http://authelia:9091/api/authz/forward-auth?authelia_url=https%3A%2F%2Fauth.example.com%2F'
# - 'traefik.http.middlewares.authelia.forwardAuth.trustForwardHeader=true'
# - 'traefik.http.middlewares.authelia.forwardAuth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Email,Remote-Name'
# nextcloud:
# image: nextcloud/all-in-one:latest
# container_name: nextcloud-aio-mastercontainer
# init: true
# volumes:
# - /var/run/docker.sock:/var/run/docker.sock
# - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
# - /data:/data:rw
# - /docs/documents:/documents:rw
# ports:
# - 8088:8080
# environment:
# - APACHE_PORT=11000
# - APACHE_IP_BINDING=127.0.0.1
# - NEXTCLOUD_DATADIR=/data/nextcloud
# - AIO_DISABLE_BACKUP_SECTION=true
# - SKIP_DOMAIN_VALIDATION=true
# labels:
# - traefik.enable=true
# - traefik.http.routers.nextcloud.entrypoints=web,websecure
# - traefik.http.routers.nextcloud.rule=Host(`nextcloud.akeley.tech`)
# - traefik.http.routers.nextcloud.tls=true
# - traefik.http.routers.nextcloud.tls.certresolver=myresolver