moved docker to services

2024-05-31 15:33:31 +01:00
parent 0b048e17f0
commit d0026fd2d2
14 changed files with 9 additions and 8 deletions
--- a/services/code-server/docker-compose.yaml
+++ b/services/code-server/docker-compose.yaml
@@ -0,0 +1,46 @@
+version: '3'
+services:
+  code-server:
+    container_name: code
+    image: lscr.io/linuxserver/code-server:latest
+    environment:
+      - PUID=0
+      - PGID=0
+      - TZ=Europe/London
+      - PASSWORD=${CODESERVER_PASSWORD}
+      - DEFAULT_WORKSPACE=/config/workspace
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - code-server_config:/config
+      - code-server_root:/root
+      - has_config:/config/workspace/host/repos/homesrv01.dev.lan/lib/homeAssistant/volumes/config
+      - ./../nginx/volumes/nginx_conf:/config/workspace/host/repos/homesrv01.dev.lan/services/nginx/volumes/nginx_conf
+      - mosquitto_config:/config/workspace/host/repos/homesrv01.dev.lan/lib/mosquitto/volumes/config
+      - mosquitto_data:/config/workspace/host/repos/homesrv01.dev.lan/lib/mosquitto/volumes/data
+      - zigbee2mqtt_data:/config/workspace/host/repos/homesrv01.dev.lan/services/zigbee2mqtt/volumes/data
+      - hostfs:/mnt/hostfs
+    networks:
+      - code
+      - reverseproxy_public
+    ports:
+      - 8444:8443
+    restart: unless-stopped
+volumes:
+  zigbee2mqtt_data:
+    name: zigbee2mqtt_data
+    external: true
+  code-server_config:
+  code-server_root:
+  has_config:
+    name: has_app_config
+    external: true
+  hostfs:
+    external: true
+  mosquitto_config:
+    external: true
+  mosquitto_data:
+    external: true
+networks:
+  code:
+  reverseproxy_public:
+    external: true
--- a/services/code-server/docker-run.sh
+++ b/services/code-server/docker-run.sh
@@ -0,0 +1,9 @@
+#! /bin/bash
+scriptPath="$(dirname "$(readlink -f "$0")")"
+currentPath=$PWD
+
+cd $scriptPath
+docker-compose pull
+docker-compose up --force-recreate --build -d
+cd $currentPath
+
--- a/services/nginx/docker-compose.yaml
+++ b/services/nginx/docker-compose.yaml
@@ -0,0 +1,26 @@
+version: '3'
+services:
+  nginx:
+    image: nginx
+    volumes:
+      - ./volumes/nginx_conf:/etc/nginx/conf.d
+      - etc_ssl:/etc/ssl
+    ports:
+      - 443:443
+      - 80:80
+    networks:
+      - public
+      - private
+    command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
+    restart: unless-stopped
+volumes:
+  nginx-conf.d:
+  etc_ssl:
+    name: nginx_etc_ssl 
+networks:
+  public:
+    name: reverseproxy_public
+    external: true
+  private:
+    name: reverseproxy_private
+    external: true
--- a/services/nginx/docker-run.sh
+++ b/services/nginx/docker-run.sh
@@ -0,0 +1,9 @@
+#! /bin/bash
+scriptPath="$(dirname "$(readlink -f "$0")")"
+currentPath=$PWD
+
+cd $scriptPath
+docker-compose pull
+docker-compose up --force-recreate --build -d
+cd $currentPath
+
--- a/services/nginx/volumes/nginx_conf/default.conf
+++ b/services/nginx/volumes/nginx_conf/default.conf
@@ -0,0 +1,44 @@
+server {
+    listen       80;
+    server_name  localhost;
+
+    #access_log  /var/log/nginx/host.access.log  main;
+
+    location / {
+        root   /usr/share/nginx/html;
+        index  index.html index.htm;
+    }
+
+    #error_page  404              /404.html;
+
+    # redirect server error pages to the static page /50x.html
+    #
+    error_page   500 502 503 504  /50x.html;
+    location = /50x.html {
+        root   /usr/share/nginx/html;
+    }
+
+    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
+    #
+    #location ~ \.php$ {
+    #    proxy_pass   http://127.0.0.1;
+    #}
+
+    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+    #
+    #location ~ \.php$ {
+    #    root           html;
+    #    fastcgi_pass   127.0.0.1:9000;
+    #    fastcgi_index  index.php;
+    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
+    #    include        fastcgi_params;
+    #}
+
+    # deny access to .htaccess files, if Apache's document root
+    # concurs with nginx's one
+    #
+    #location ~ /\.ht {
+    #    deny  all;
+    #}
+}
+
--- a/services/nginx/volumes/nginx_conf/has.conf
+++ b/services/nginx/volumes/nginx_conf/has.conf
@@ -0,0 +1,77 @@
+map $http_upgrade $connection_upgrade {
+    default upgrade;
+    ''      close;
+}
+
+server {
+    listen 80 default_server;
+    proxy_buffering off;
+    location / {
+        proxy_pass http://homeassistant-app:80;
+        proxy_set_header Host $host;
+        proxy_http_version 1.1;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection $connection_upgrade;
+    }
+
+    location ^~ /code/ {
+        proxy_pass http://code:8443/;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-Protocol $scheme;
+        proxy_set_header X-Url-Scheme $scheme;
+
+        # WebSocket support
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        
+    }
+
+
+    location ^~ /lms/ {
+        proxy_pass http://homesrv01.dev.lan:9000/;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-Protocol $scheme;
+        proxy_set_header X-Url-Scheme $scheme;
+
+        # WebSocket support
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        
+    }
+}
+
+
+server {
+    ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
+    ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
+    listen 443 ssl default_server;
+
+    location ^~ /code/ {
+        proxy_pass http://code:8443/;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-Protocol $scheme;
+        proxy_set_header X-Url-Scheme $scheme;
+
+        # WebSocket support
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        
+    }
+
+}
+
+
+
--- a/services/portainer/docker-run.sh
+++ b/services/portainer/docker-run.sh
@@ -0,0 +1,5 @@
+#! /bin/bash
+docker pull portainer/portainer-ce
+docker stop portainer
+docker rm portainer
+docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer:/data portainer/portainer-ce
--- a/services/promtail/config/promtail-config.yaml
+++ b/services/promtail/config/promtail-config.yaml
@@ -0,0 +1,49 @@
+server:
+  http_listen_port: 9080
+  grpc_listen_port: 0
+
+positions:
+  filename: /tmp/positions.yaml
+
+clients:
+  - url: http://lansrv01.dev.lan:3100/loki/api/v1/push
+
+scrape_configs:
+  - job_name: varlogs
+    static_configs:
+    - targets:
+        - localhost
+      labels:
+        job: varlogs
+        host: homesrv01
+        __path__: /var/log/*log
+  - job_name: systemd-journal
+    journal:
+      json: true
+      max_age: 12h
+      path: /var/log/journal
+      # matches: _TRANSPORT=kernel
+      labels:
+        job: systemd-journal
+        host: homesrv01
+    relabel_configs:
+      - source_labels: ['__journal__systemd_unit']
+        target_label: 'journal_systemd_unit'
+      - source_labels: ['__journal_syslog_identifier']
+        target_label: 'journal_syslog_identifier'
+      - source_labels: ['__journal__hostname']
+        target_label: 'journal_hostname'
+  - job_name: docker
+    docker_sd_configs:
+      - host: unix:///var/run/docker.sock
+        refresh_interval: 1s
+    pipeline_stages:
+      - static_labels:
+          host: "homesrv01"
+          job: "docker"
+    relabel_configs:
+      - source_labels: ['__meta_docker_container_name']
+        regex: '/(.*)'
+        target_label: "container_name"
+      - source_labels: ['__meta_docker_container_id']
+        target_label: "container_id"  
--- a/services/promtail/docker-run.sh
+++ b/services/promtail/docker-run.sh
@@ -0,0 +1,17 @@
+#! /bin/bash
+# must be executed from repo promtail root folder
+docker container stop promtail
+docker container remove promtail
+
+scriptPath=$(dirname "$0")
+
+docker run -d \
+--name promtail  \
+-v ${scriptPath}/config:/mnt/config \
+-v /var/log:/var/log \
+-v /var/log/journal/:/var/log/journal/ \
+-v /run/log/journal/:/run/log/journal/ \
+-v /etc/machine-id:/etc/machine-id \
+-v /var/run/docker.sock:/var/run/docker.sock \
+grafana/promtail:latest \
+ -config.file=/mnt/config/promtail-config.yaml
--- a/services/telegraf/config/telegraf.conf
+++ b/services/telegraf/config/telegraf.conf
@@ -0,0 +1,102 @@
+  [global_tags]
+  # dc = "us-east-1" # will tag all metrics with dc=us-east-1
+  # rack = "1a"
+  ## Environment variables can be used as tags, and throughout the config file
+  # user = "$USER"
+
+
+  
+  [agent]
+  hostname = "homesrv01"
+  omit_hostname = false
+  interval = "10s"
+  round_interval = true
+  metric_batch_size = 1000
+  metric_buffer_limit = 10000
+  collection_jitter = "0s"
+  flush_interval = "10s"
+  flush_jitter = "0s"
+  precision = "0s"
+
+
+
+# Output Configuration for telegraf agent
+[[outputs.influxdb_v2]]	
+  ## The URLs of the InfluxDB cluster nodes.
+  ##
+  ## Multiple URLs can be specified for a single cluster, only ONE of the
+  ## urls will be written to each interval.
+  ## urls exp: http://127.0.0.1:8086
+  urls = ["http://influxdb01.lan:8086"]
+  ## Token for authentication.
+  token = "V9iMrHJvI42_KcV0tcH5X3DcUEhvFQdnX5JqlBiKRsHEZMDDZQYdtxIuXlGzQTofUiLXc_QJN1pjpqnM6Fr1ow=="
+  ## Organization is the name of the organization you wish to write to; must exist.
+  organization = "limbo"
+  ## Destination bucket to write into.
+  bucket = "telegraf"
+  insecure_skip_verify = true
+
+
+  [[inputs.docker]]
+  endpoint = "unix:///var/run/docker.sock"
+  gather_services = false
+  container_names = []
+  source_tag = false
+  container_name_include = []
+  container_name_exclude = []
+  timeout = "5s"
+  perdevice = true
+  total = false
+  docker_label_include = []
+  docker_label_exclude = []
+  tag_env = ["JAVA_HOME", "HEAP_SIZE"]
+
+# Read metrics about cpu usage
+[[inputs.cpu]]
+  ## Whether to report per-cpu stats or not
+  percpu = true
+  ## Whether to report total system cpu stats or not
+  totalcpu = true
+  ## If true, collect raw CPU time metrics
+  collect_cpu_time = false
+  ## If true, compute and report the sum of all non-idle CPU states
+  report_active = false
+
+
+# Read metrics about disk usage by mount point
+[[inputs.disk]]
+  ## By default stats will be gathered for all mount points.
+  ## Set mount_points will restrict the stats to only the specified mount points.
+  # mount_points = ["/"]
+
+  ## Ignore mount points by filesystem type.
+  ignore_fs = ["tmpfs", "devtmpfs", "devfs", "iso9660", "overlay", "aufs", "squashfs"]
+
+[[inputs.diskio]]
+
+[[inputs.kernel]]
+
+[[inputs.mem]]
+
+  # Get the number of processes and group them by status
+[[inputs.processes]]
+  # no configuration
+
+
+# Read metrics about swap memory usage
+[[inputs.swap]]
+  # no configuration
+
+
+# Read metrics about system load & uptime
+[[inputs.system]]
+  # no configuration
+
+
+# Read metrics about network interface usage
+[[inputs.net]]
+  ## By default, telegraf gathers stats from any up interface (excluding loopback)
+  ## Setting interfaces will tell it to gather these explicit interfaces,
+  ## regardless of status.
+  ##
+  interfaces = ["eth0"]
--- a/services/telegraf/docker-run.sh
+++ b/services/telegraf/docker-run.sh
@@ -0,0 +1,20 @@
+#! /bin/bash
+# must be executed from repo/docker/telegraf
+# does not work using compose on portainer even if using external volume hostfs
+docker pull telegraf
+docker container stop telegraf
+docker container remove telegraf
+
+scriptPath=$(dirname "$0")
+
+docker run -d --name=telegraf \
+      -v /var/run/docker.sock:/var/run/docker.sock \
+      -v ${scriptPath}/config/telegraf.conf:/etc/telegraf/telegraf.conf \
+      -v /:/hostfs:ro \
+      -e HOST_ETC=/hostfs/etc \
+      -e HOST_PROC=/hostfs/proc \
+      -e HOST_SYS=/hostfs/sys \
+      -e HOST_VAR=/hostfs/var \
+      -e HOST_RUN=/hostfs/run \
+      -e HOST_MOUNT_PREFIX=/hostfs \
+      telegraf
--- a/services/zigbee2mqtt/docker-compose.yaml
+++ b/services/zigbee2mqtt/docker-compose.yaml
@@ -0,0 +1,19 @@
+version: '3.8'
+services:
+  zigbee2mqtt:
+    container_name: zigbee2mqtt
+    image: koenkk/zigbee2mqtt
+    restart: unless-stopped
+    volumes:
+      - data:/app/data
+      - /run/udev:/run/udev:ro
+    ports:
+      # Frontend port
+      - 8085:8080
+    environment:
+      - TZ=Europe/Berlin
+    devices:
+      # Make sure this matched your adapter location
+      - /dev/ttyUSB0:/dev/ttyUSB0
+volumes:
+  data: