Add renovate.json

.gitignore

@@ -0,0 +1,41 @@
+# Created by https://www.toptal.com/developers/gitignore/api/archives
+# Edit at https://www.toptal.com/developers/gitignore?templates=archives
+
+### Archives ###
+# It's better to unpack these files and commit the raw source because
+# git has its own built in compression methods.
+*.7z
+*.jar
+*.rar
+*.zip
+*.gz
+*.gzip
+*.tgz
+*.bzip
+*.bzip2
+*.bz2
+*.xz
+*.lzma
+*.cab
+*.xar
+
+# Packing-only formats
+*.iso
+*.tar
+
+# Package management formats
+*.dmg
+*.xpi
+*.gem
+*.egg
+*.deb
+*.rpm
+*.msi
+*.msm
+*.msp
+*.txz
+
+# End of https://www.toptal.com/developers/gitignore/api/archives
+.env
+.docker
+backup/

changedetection/docker-compose.yml

@@ -1,4 +1,3 @@
-version: '3.2'
 services:
     changedetection:
       image: dgtlmoon/changedetection.io:latest

freqtrade/docker-compose.yml

@@ -0,0 +1,34 @@
+---
+services:
+  freqtrade:
+    image: freqtradeorg/freqtrade:stable
+    # # Enable GPU Image and GPU Resources (only relevant for freqAI)
+    # # Make sure to uncomment the whole deploy section
+    # deploy:
+    #   resources:
+    #     reservations:
+    #       devices:
+    #         - driver: nvidia
+    #           count: 1
+    #           capabilities: [gpu]
+    # Build step - only needed when additional dependencies are needed
+    # build:
+    #   context: .
+    #   dockerfile: "./docker/Dockerfile.custom"
+    restart: unless-stopped
+    container_name: freqtrade
+    volumes:
+      - "./.docker/freqtrade:/freqtrade/user_data"
+    # Expose api on port 8080 (localhost only)
+    # Please read the https://www.freqtrade.io/en/stable/rest-api/ documentation
+    # for more information.
+    ports:
+      - "127.0.0.1:8080:8080"
+    # Default command used when running `docker compose up`
+    command: >
+      trade
+      --logfile /freqtrade/user_data/logs/freqtrade.log
+      --db-url sqlite:////freqtrade/user_data/tradesv3.sqlite
+      --config /freqtrade/user_data/config.json
+      --strategy SampleStrategy
+

gatus/compose.yml

@@ -0,0 +1,13 @@
+name: gatus
+services:
+    gatus:
+        ports:
+            - 50000:8080
+        volumes:
+          - ./config:/config
+          - ./data:/data
+        environment:
+          - GATUS_CONFIG_PATH=/config
+        container_name: gatus
+        image: twinproduction/gatus
+        restart: always

gatus/config/global.yaml

@@ -0,0 +1,5 @@
+metrics: false
+ui:
+  title: Health Dashboard | neller.org
+  header: neller.org
+  logo: ""

gatus/config/neller.yaml

@@ -0,0 +1,39 @@
+storage:
+  type: sqlite
+  path: /data/data.db
+endpoints:
+  - name: Vault
+    url: https://vault.neller.org
+    interval: 5m
+    conditions:
+      - "[STATUS] == 200"
+  - name: Cloud
+    url: https://cloud.neller.org
+    interval: 5m
+    conditions:
+      - "[STATUS] == 200"
+  - name: Git
+    url: https://git.neller.org
+    interval: 5m
+    conditions:
+      - "[STATUS] == 200"
+  - name: vb
+    url: https://vb.neller.org
+    interval: 5m
+    conditions:
+      - "[STATUS] == 200"
+  - name: epub2go
+    url: https://epub2go.neller.org
+    interval: 5m
+    conditions:
+      - "[STATUS] == 200"
+  - name: TeamSpeak3
+    url: tcp://ts.neller.org:30033
+    interval: 5m
+    conditions:
+      - "[CONNECTED] == true"
+  - name: Domain
+    url: tcp://neller.org
+    interval: 24h
+    conditions:
+      - "[DOMAIN_EXPIRATION] > 720h"

gitea/act_runner/.env.example

@@ -0,0 +1,4 @@
+#CONFIG_FILE=/config.yaml
+GITEA_INSTANCE_URL=git.example.org
+GITEA_RUNNER_REGISTRATION_TOKEN=abc
+GITEA_RUNNER_NAME=runner1

gitea/act_runner/docker-compose.yml

@@ -0,0 +1,11 @@
+# find documentation at https://docs.gitea.com/usage/actions/act-runner
+services:
+  runner:
+    image: gitea/act_runner:latest
+    restart: always
+    env_file:
+      - .env
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock # needed to create a separate docker container for each job
+      #- ./config.yaml:/config.yaml
+      #- ./data:/data

gitea/core/.env.example

@@ -0,0 +1,7 @@
+USER_UID=1000
+USER_GID=1000
+GITEA__database__DB_TYPE=postgres
+GITEA__database__HOST=db:5432
+GITEA__database__NAME=gitea
+GITEA__database__USER=gitea
+GITEA__database__PASSWD=

gitea/core/compose.yml

@@ -0,0 +1,25 @@
+services:
+  gitea:
+    image: docker.gitea.com/gitea:1.24.6
+    restart: always
+    env_file:
+      - .env
+    volumes:
+      - ./gitea:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - "50005:3000"
+      - "22:22"
+    depends_on:
+      - db
+  db:
+    image: docker.io/library/postgres:14
+    restart: always
+    environment:
+      - POSTGRES_USER=gitea
+      - POSTGRES_PASSWORD=gitea
+      - POSTGRES_DB=gitea
+    volumes:
+      - ./postgres:/var/lib/postgresql/data
+

joplin/docker-compose.yml

@@ -1,5 +1,3 @@
-version: '3'
-
 services:
     db:
         image: postgres:14

nextcloud/.gitignore

@@ -0,0 +1,3 @@
+db
+nextcloud
+env

nextcloud/backup.sh

@@ -0,0 +1,6 @@
+source .env
+CONTAINER_APP=app
+docker compose exec $CONTAINER_APP ./occ maintenance:mode --on
+docker compose exec $MYSQL_HOST sh -c "mariadb-dump --single-transaction -h $MYSQL_HOST -u $MYSQL_USER --password=$MYSQL_PASSWORD $MYSQL_DATABASE > backup/nextcloud-sqlbkp_`date +'%Y%m%d'`.bak" \
+	&& echo "SQL dump saved"
+docker compose exec $CONTAINER_APP ./occ maintenance:mode --off

nextcloud/docker-compose.yml

@@ -5,11 +5,12 @@ services:
     command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
     volumes:
       - ./db:/var/lib/mysql
+      - ./backup:/backup
     env_file: 
-      - env
+      - .env
 
   app:
-    image: nextcloud:27
+    image: nextcloud:31
     restart: always
     ports:
       - 50000:80
@@ -18,4 +19,4 @@ services:
     volumes:
       - ./nextcloud:/var/www/html
     env_file: 
-      - env
+      - .env

nextcloud/nextcloud.conf

@@ -13,6 +13,12 @@ server {
 
 
         }
+	location /.well-known/carddav {
+	    return 301 $scheme://$host/remote.php/dav;
+	}
+	location /.well-known/caldav {
+	    return 301 $scheme://$host/remote.php/dav;
+	}
 
     listen [::]:443 ssl ipv6only=on; # managed by Certbot
     listen 443 ssl; # managed by Certbot

nginx/example.com

@@ -0,0 +1,16 @@
+server {
+        server_name example.com;
+        location / {
+
+                proxy_pass "http://127.0.0.1:50001/";
+                proxy_set_header Host $http_host;
+                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                proxy_set_header X-Scheme $scheme;
+                proxy_set_header X-Forwarded-Proto $scheme;
+
+        }
+	listen 80;
+	listen [::]:80;
+
+}
+

rancher/docker-compose.yml

@@ -1,4 +1,3 @@
-version: "3"
 services:
   rancher:
     image: rancher/rancher:stable

renovate.json

@@ -0,0 +1,3 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json"
+}

rustdesk/docker-compose.yml

@@ -0,0 +1,21 @@
+services:
+  hbbs:
+    container_name: hbbs
+    image: rustdesk/rustdesk-server:latest
+    command: hbbs
+    volumes:
+      - ./data:/root
+    network_mode: "host"
+
+    depends_on:
+      - hbbr
+    restart: unless-stopped
+
+  hbbr:
+    container_name: hbbr
+    image: rustdesk/rustdesk-server:latest
+    command: hbbr
+    volumes:
+      - ./data:/root
+    network_mode: "host"
+    restart: unless-stopped

sonarqube/docker-compose.yml

@@ -0,0 +1,65 @@
+# https://github.com/dependency-check/dependency-check-sonar-plugin
+services:
+  sonarqube:
+    image: sonarqube:community
+    hostname: sonarqube
+    restart: always
+    container_name: sonarqube
+    read_only: true
+    depends_on:
+      db:
+        condition: service_healthy
+    environment:
+      SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar
+      SONAR_JDBC_USERNAME: sonar
+      SONAR_JDBC_PASSWORD: sonar
+    volumes:
+      - sonarqube_data:/opt/sonarqube/data
+      - sonarqube_extensions:/opt/sonarqube/extensions
+      - sonarqube_logs:/opt/sonarqube/logs
+      - sonarqube_temp:/opt/sonarqube/temp
+    ports:
+      - "50002:9000"
+    networks:
+      - ${NETWORK_TYPE:-ipv4}
+  db:
+    image: postgres:17
+    restart: always
+    healthcheck:
+      test: [ "CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}" ]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    hostname: postgresql
+    container_name: postgresql
+    environment:
+      POSTGRES_USER: sonar
+      POSTGRES_PASSWORD: sonar
+      POSTGRES_DB: sonar
+    volumes:
+      - postgresql:/var/lib/postgresql
+      - postgresql_data:/var/lib/postgresql/data
+    networks:
+      - ${NETWORK_TYPE:-ipv4}
+
+volumes:
+  sonarqube_data:
+  sonarqube_temp:
+  sonarqube_extensions:
+  sonarqube_logs:
+  postgresql:
+  postgresql_data:
+
+networks:
+  ipv4:
+    driver: bridge
+    enable_ipv6: false
+  dual:
+    driver: bridge
+    enable_ipv6: true
+    ipam:
+      config:
+        - subnet: "192.168.2.0/24"
+          gateway: "192.168.2.1"
+        - subnet: "2001:db8:2::/64"
+          gateway: "2001:db8:2::1"

vaultwarden/.env.example

@@ -0,0 +1 @@
+ADMIN_TOKEN=''

vaultwarden/.gitignore

@@ -0,0 +1 @@
+vw-data

vaultwarden/docker-compose.yml

@@ -1,15 +1,13 @@
-'3'
-
 services:
   vaultwarden:
     image: vaultwarden/server:latest
     container_name: vaultwarden
     restart: always
+    env_file:
+      - ./.env
     environment:
       WEBSOCKET_ENABLED: "true"  # Enable WebSocket notifications.
       SIGNUPS_ALLOWED: "false"
-      # TODO create an admin token
-      ADMIN_TOKEN: "abc"
     volumes:
       - ./vw-data:/data
     ports:

vaultwarden/vault.example.com

@@ -0,0 +1,30 @@
+server {
+
+	server_name vault.example.com;
+	listen [::]:80;
+	listen 80;
+	
+	location / {
+
+		proxy_pass "http://127.0.0.1:50002/";
+		proxy_set_header Host $http_host;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Scheme $scheme;
+		proxy_set_header X-Forwarded-Proto $scheme;
+
+	} 
+	location /notifications/hub {
+  		proxy_pass http://127.0.0.1:50003;
+		proxy_set_header Upgrade $http_upgrade;
+	        proxy_set_header Connection "upgrade";
+  	}
+	location /notifications/hub/negotiate {
+  		proxy_pass http://127.0.0.1:50002;
+  	}
+
+
+
+
+    client_max_body_size 128M;	# allow larger uploads
+
+}