nerdlicht/docker-container
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add haus, bit.ly, huly. beszel, portracker

Browse Source
This commit is contained in:
Sönke Domröse
2025-08-28 22:07:45 +02:00
parent 88e69950e0
commit bdc93829f1
11 changed files with 338 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
beszel/Caddyfilepart
View File

@@ -0,0 +1,5 @@
beszel.domr.ovh,
beszel.home.domroese.eu {
tls soenke@domroese.eu
reverse_proxy 192.168.1.65:7090
}

9
beszel/docker-compose.yml
View File

@@ -0,0 +1,9 @@
services:
beszel:
image: henrygd/beszel
container_name: beszel
restart: unless-stopped
ports:
- 7090:8090
volumes:
- home/soenke/docker-data/beszel/beszel_data:/beszel_data

5
bitly/Caddyfilepart
View File

@@ -0,0 +1,5 @@
bit.domr.ovh,
bit.home.domroese.eu {
tls soenke@domroese.eu
reverse_proxy 192.168.1.65:4489
}

15
bitly/docker-compose.yml
View File

@@ -0,0 +1,15 @@
services:
app:
container_name: bit
build: .
environment:
ENV: production
ADMIN_NAME: 'soenke'
ADMIN_API_KEY: 'J9lLSlJyZcmuPZfN+SM98NpxE8riLVUwZGA0VLwnVPM='
ports:
- 4489:4000
volumes:
- sqlite_data:/app/sqlite
volumes:
sqlite_data:

5
haus/Caddyfilepart
View File

@@ -0,0 +1,5 @@
haus.domr.ovh,
haus.home.domroese.eu {
tls soenke@domroese.eu
reverse_proxy 192.168.1.65:8472
}

9
haus/docker-compose.yml
View File

@@ -0,0 +1,9 @@
services:
timesy:
image: ghcr.io/awwwsm/haus
logging:
options:
max-size: 1g
restart: always
ports:
- '8472:8080'

2
huly/.env
View File

@@ -0,0 +1,2 @@
SERVER_ADDRESS=https://huly.domr.ovh
HULY_VERSION=7

5
huly/Caddyfilepart
View File

@@ -0,0 +1,5 @@
huly.domr.ovh,
huly.home.domroese.eu {
tls soenke@domroese.eu
reverse_proxy 192.168.1.65:8087
}

157
huly/docker-compose.yml
View File

@@ -0,0 +1,157 @@
version: "3"
services:
mongodb:
image: "mongo:7-jammy"
container_name: mongodb
environment:
- PUID=1000
- PGID=1000
volumes:
- /home/soenke/docker-data/huly/db:/data/db
ports:
- 27017:27017
restart: unless-stopped
minio:
image: "minio/minio"
command: server /data --address ":9000" --console-address ":9001"
ports:
- 9000:9000
- 9001:9001
volumes:
- /home/soenke/docker-data/huly/files:/data
restart: unless-stopped
elastic:
image: "elasticsearch:7.14.2"
command: |
/bin/sh -c "./bin/elasticsearch-plugin list | grep -q ingest-attachment || yes | ./bin/elasticsearch-plugin install --silent ingest-attachment;
/usr/local/bin/docker-entrypoint.sh eswrapper"
volumes:
- /home/soenke/docker-data/huly/elastic:/usr/share/elasticsearch/data
ports:
- 9200:9200
environment:
- ELASTICSEARCH_PORT_NUMBER=9200
- BITNAMI_DEBUG=true
- discovery.type=single-node
- ES_JAVA_OPTS=-Xms1024m -Xmx1024m
- http.cors.enabled=true
- http.cors.allow-origin=http://localhost:8082
healthcheck:
interval: 20s
retries: 10
test: curl -s http://localhost:9200/_cluster/health | grep -vq '"status":"red"'
restart: unless-stopped
account:
image: hardcoreeng/account:${HULY_VERSION}
links:
- mongodb
- minio
ports:
- 3000:3000
environment:
- SERVER_PORT=3000
- SERVER_SECRET=secret
- MONGO_URL=mongodb://mongodb:27017
- TRANSACTOR_URL=ws://transactor:3333;ws://${SERVER_ADDRESS}:3333
- MINIO_ENDPOINT=minio
- MINIO_ACCESS_KEY=minioadmin
- MINIO_SECRET_KEY=minioadmin
- FRONT_URL=http://front:8080
- INIT_WORKSPACE=demo-tracker
- MODEL_ENABLED=*
- ACCOUNTS_URL=http://${SERVER_ADDRESS}:3000
- ACCOUNT_PORT=3000
restart: unless-stopped
front:
image: hardcoreeng/front:${HULY_VERSION}
links:
- mongodb
- minio
- elastic
- collaborator
- transactor
ports:
- 8087:8080
environment:
- SERVER_PORT=8080
- SERVER_SECRET=secret
- ACCOUNTS_URL=http://${SERVER_ADDRESS}:3000
- REKONI_URL=http://${SERVER_ADDRESS}:4004
- CALENDAR_URL=http://${SERVER_ADDRESS}:8095
- GMAIL_URL=http://${SERVER_ADDRESS}:8088
- TELEGRAM_URL=http://${SERVER_ADDRESS}:8086
- UPLOAD_URL=/files
- ELASTIC_URL=http://elastic:9200
- COLLABORATOR_URL=ws://${SERVER_ADDRESS}:3078
- COLLABORATOR_API_URL=http://${SERVER_ADDRESS}:3078
- MINIO_ENDPOINT=minio
- MINIO_ACCESS_KEY=minioadmin
- MINIO_SECRET_KEY=minioadmin
- MONGO_URL=mongodb://mongodb:27017
- TITLE=Huly Self Hosted
- DEFAULT_LANGUAGE=en
- LAST_NAME_FIRST=true
restart: unless-stopped
collaborator:
image: hardcoreeng/collaborator:${HULY_VERSION}
links:
- mongodb
- minio
- transactor
ports:
- 3078:3078
environment:
- COLLABORATOR_PORT=3078
- SECRET=secret
- ACCOUNTS_URL=http://account:3000
- UPLOAD_URL=/files
- MONGO_URL=mongodb://mongodb:27017
- MINIO_ENDPOINT=minio
- MINIO_ACCESS_KEY=minioadmin
- MINIO_SECRET_KEY=minioadmin
restart: unless-stopped
transactor:
image: hardcoreeng/transactor:${HULY_VERSION}
links:
- mongodb
- elastic
- minio
- rekoni
- account
ports:
- 3333:3333
environment:
- SERVER_PORT=3333
- SERVER_SECRET=secret
- SERVER_CURSOR_MAXTIMEMS=30000
- ELASTIC_URL=http://elastic:9200
- ELASTIC_INDEX_NAME=huly_storage_index
- MONGO_URL=mongodb://mongodb:27017
- METRICS_CONSOLE=false
- METRICS_FILE=metrics.txt
- MINIO_ENDPOINT=minio
- MINIO_ACCESS_KEY=minioadmin
- MINIO_SECRET_KEY=minioadmin
- REKONI_URL=http://rekoni:4004
- FRONT_URL=http://${SERVER_ADDRESS}:8087
- SERVER_PROVIDER=ws
- ACCOUNTS_URL=http://account:3000
- LAST_NAME_FIRST=true
- UPLOAD_URL=http://${SERVER_ADDRESS}/files
restart: unless-stopped
rekoni:
image: hardcoreeng/rekoni-service:${HULY_VERSION}
ports:
- 4004:4004
environment:
- SECRET=secret
deploy:
resources:
limits:
memory: 500M
restart: unless-stopped
volumes:
db:
files:
elastic:
etcd:

5
portracker/Caddyfilepart
View File

@@ -0,0 +1,5 @@
portracker.domr.ovh,
portracker.home.domroese.eu:443 {
tls soenke@domroese.eu
reverse_proxy 192.168.1.65:4999
}

121
portracker/docker-compose.yml
View File

@@ -0,0 +1,121 @@
services:
portracker:
image: mostafawahied/portracker:latest
container_name: portracker
restart: unless-stopped
# Required for comprehensive system port detection
# This allows Portracker to see all host processes for accurate port mapping
pid: "host"
# Capabilities & security (universal, required)
# - SYS_PTRACE enables reading other processes' /proc entries on Linux hosts
# - SYS_ADMIN enables namespace entry on Docker Desktop (macOS/Windows)
# - apparmor:unconfined disables AppArmor restrictions that may block /proc access
cap_add:
- SYS_PTRACE
- SYS_ADMIN
security_opt:
- apparmor:unconfined
volumes:
# Required: Data persistence for SQLite database
- /home/soenke/docker-data/portracker/portracker-data:/data
# Required: Docker socket access for container discovery
# Comment out if using docker-proxy setup below
- /var/run/docker.sock:/var/run/docker.sock:ro
# Advanced: Host filesystem access (usually not needed with pid: "host")
# Uncomment only if you experience issues with port detection
# - /proc:/host/proc:ro
# - /sys/fs/cgroup:/host/sys/fs/cgroup:ro
ports:
- "4999:4999"
environment:
# CORE CONFIGURATION (Required)
- DATABASE_PATH=/data/portracker.db
- PORT=4999
# Tell Portracker where to find the host /proc (matches the volume above)
- HOST_PROC=/host/proc
# DOCKER CONFIGURATION
# Uncomment to use with docker-proxy for enhanced security
# - DOCKER_HOST=tcp://docker-proxy:2375
# TRUENAS INTEGRATION (Optional)
# Uncomment and set your API key for enhanced TrueNAS features:
# - VM discovery and monitoring
# - Enhanced system information
# - TrueNAS-specific optimizations
# - TRUENAS_API_KEY=your-api-key-here
# PERFORMANCE SETTINGS (Optional)
# Cache duration - increase for better performance, decrease for fresher data
# - CACHE_TIMEOUT_MS=60000
# Disable caching entirely (not recommended for production)
# - DISABLE_CACHE=true
# ADVANCED PORT SCANNING (Optional)
# Include UDP ports in scans (may increase noise and impact performance)
# - INCLUDE_UDP=true
# DEVELOPMENT & DEBUGGING (Optional)
# Enable verbose logging for troubleshooting
# - DEBUG=true
# Optional: Health check for monitoring
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:4999/api/health"]
interval: 30s
timeout: 10s
start_period: 30s
retries: 3
# OPTIONAL: Enhanced Security with Docker Socket Proxy
# Uncomment the entire section below for additional Docker socket security
# This adds a proxy layer between Portracker and the Docker socket
# docker-proxy:
# image: tecnativa/docker-socket-proxy:latest
# container_name: portracker-docker-proxy
# restart: unless-stopped
# environment:
# # Only allow read operations Portracker needs
# - CONTAINERS=1
# - IMAGES=1
# - INFO=1
# - NETWORKS=1
# # Disable write operations for security
# - POST=0
# - BUILD=0
# - COMMIT=0
# - EXEC=0
# - SWARM=0
# - EVENTS=0
# - VOLUMES=0
# volumes:
# - /var/run/docker.sock:/var/run/docker.sock:ro
# ports:
# - "2375:2375"
# When using docker-proxy:
# 1. Uncomment the entire docker-proxy service above
# 2. Comment out the /var/run/docker.sock volume mount in portracker service
# 3. Uncomment the DOCKER_HOST environment variable in portracker service
# 4. Add depends_on to portracker service:
# depends_on:
# - docker-proxy
# Optional: Custom networks for isolation
# networks:
# portracker:
# driver: bridge
# Optional: Named volumes for better data management
# volumes:
# portracker-data:
# driver: local