From a83d3c6b032923aa57d31a5ae7f9bec96de8d3df Mon Sep 17 00:00:00 2001 From: TrudeEH Date: Sat, 26 Jul 2025 17:11:51 +0100 Subject: [PATCH] Work on the compose file --- server/.env | 28 +--- server/docker-compose.yml | 300 ++++++++++++++------------------------ server/domains.md | 20 --- server/nextcloud.sh | 1 + 4 files changed, 118 insertions(+), 231 deletions(-) delete mode 100644 server/domains.md create mode 100644 server/nextcloud.sh diff --git a/server/.env b/server/.env index 0ad112e7..a8f22f82 100644 --- a/server/.env +++ b/server/.env @@ -8,41 +8,27 @@ NGINX_LETSENCRYPT=/mnt/md0/nginx/letsencrypt NEXTCLOUD_DATA=/mnt/md0/nextcloud/data NEXTCLOUD_DB_DATA=/mnt/md0/nextcloud/db NEXTCLOUD_DB_PASSWORD=K7m9P2xQ8vN3rY6sL4dF1jH5eW9zB2cX +NC_DOMAIN=nc.trude.dev REDIS_PASSWORD=R3d1sP@ssw0rd2025SecureCache # Gitea GITEA=/mnt/md0/gitea -# Immich -IMMICH_UPLOAD_LOCATION=/mnt/md0/immich/uploads -IMMICH_DB_DATA_LOCATION=/mnt/md0/immich/db -IMMICH_VERSION=release -IMMICH_DB_PASSWORD=postgres -IMMICH_DB_USERNAME=postgres # Do not change -IMMICH_DB_DATABASE_NAME=immich # Do not change - -# ------------------- +# N8N Automation +N8N_HOST=n8n.trude.dev +N8N_DATA=/mnt/md0/n8n/data +N8N_FILES=/mnt/md0/n8n/files # Home Assistant HA_CONFIG=/mnt/md0/ha/config -OWW_CUSTOM_MODEL_DIR=/mnt/md0/ha/openwakeword-model -OWW_DATA=/mnt/md0/ha/openwakeword-data PIPER_DATA=/mnt/md0/ha/piper-data WHISPER_DATA=/mnt/md0/ha/whisper-data + +# ESPHome ESPHOME_CONFIG=/mnt/md0/esphome/config - -# FileBrowser -FILEBROWSER_DATA=/mnt/md0/files -FILEBROWSER_CONFIG=/mnt/md0/filebrowser/config -FILEBROWSER_DATABASE=/mnt/md0/filebrowser/database - # Prosody XMPP Server PROSODY_CONFIG=/mnt/md0/prosody/config PROSODY_LOGS=/tmp/prosody/logs PROSODY_MODULES=/mnt/md0/prosody/modules -# N8N Automation -N8N_HOST=n8n.trude.dev -N8N_DATA=/mnt/md0/n8n/data -N8N_FILES=/mnt/md0/n8n/files diff --git a/server/docker-compose.yml b/server/docker-compose.yml index 0102daf3..9dbf8e7f 100644 --- a/server/docker-compose.yml +++ b/server/docker-compose.yml @@ -35,12 +35,37 @@ services: - POSTGRES_USER=nextcloud - POSTGRES_PASSWORD=${NEXTCLOUD_DB_PASSWORD} - NEXTCLOUD_TRUSTED_DOMAINS=localhost + - OVERWRITEPROTOCOL=https + - OVERWRITECLIURL=https://${NC_DOMAIN} + - OVERWRITEHOST=${NC_DOMAIN} + - TRUSTED_PROXIES=172.16.0.0/12 + - NEXTCLOUD_INIT_HTACCESS=true volumes: - ${NEXTCLOUD_DATA}:/var/www/html networks: - server-network - nextcloud-network + nextcloud-cron: + image: nextcloud:apache + restart: unless-stopped + container_name: nextcloud-cron + entrypoint: /cron.sh + depends_on: + - nextcloud-db + - nextcloud-redis + environment: + - POSTGRES_HOST=nextcloud-db + - POSTGRES_DB=nextcloud + - POSTGRES_USER=nextcloud + - POSTGRES_PASSWORD=${NEXTCLOUD_DB_PASSWORD} + - REDIS_HOST=nextcloud-redis + - REDIS_HOST_PASSWORD=${REDIS_PASSWORD} + volumes: + - ${NEXTCLOUD_DATA}:/var/www/html + networks: + - nextcloud-network + nextcloud-db: image: postgres:latest restart: unless-stopped @@ -76,216 +101,113 @@ services: networks: - server-network - # --- Immich Server --- - immich-server: # immich-server:2283 - ports: - - "2283:2283" # Local HTTP - container_name: immich-server - image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} - # extends: - # file: hwaccel.transcoding.yml - # service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding - volumes: - # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file - - ${IMMICH_UPLOAD_LOCATION}:/usr/src/app/upload - - /etc/localtime:/etc/localtime:ro - environment: - - REDIS_HOSTNAME=immich-redis - - DB_HOSTNAME=immich-database + # --- N8n Automation --- + n8n: # :5678 + image: n8nio/n8n:latest + restart: unless-stopped + container_name: n8n env_file: - .env - depends_on: - - immich-redis - - immich-database - - immich-machine-learning - restart: unless-stopped - healthcheck: - disable: false + environment: + - N8N_HOST=${N8N_HOST} + - N8N_PORT=5678 + - N8N_PROTOCOL=https # Nginx Proxy Manager will handle HTTPS + - NODE_ENV=production + - WEBHOOK_URL=https://${N8N_HOST}/ + - GENERIC_TIMEZONE=${TZ} + - N8N_RUNNERS_ENABLED=true + - N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS=true + volumes: + - ${N8N_DATA}:/home/node/.n8n + - ${N8N_FILES}:/files networks: - server-network - - immich-network - immich-machine-learning: - container_name: immich-machine-learning - # For hardware acceleration, add one of -[armnn, cuda, rocm, openvino, rknn] to the image tag. - # Example tag: ${IMMICH_VERSION:-release}-cuda - image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release} - # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration - # file: hwaccel.ml.yml - # service: cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference - use the `-wsl` version for WSL2 where applicable - volumes: - - model-cache:/cache + # --- Home Assistant --- + homeassistant: # :8123 + image: "ghcr.io/home-assistant/home-assistant:stable" + container_name: homeassistant env_file: - .env - restart: unless-stopped - healthcheck: - disable: false - networks: - - immich-network - - immich-redis: - container_name: immich-redis - image: docker.io/valkey/valkey:8-bookworm@sha256:fec42f399876eb6faf9e008570597741c87ff7662a54185593e74b09ce83d177 - healthcheck: - test: redis-cli ping || exit 1 - restart: unless-stopped - networks: - - immich-network - - immich-database: - container_name: immich-database - image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0 - environment: - POSTGRES_PASSWORD: ${IMMICH_DB_PASSWORD} - POSTGRES_USER: ${IMMICH_DB_USERNAME} - POSTGRES_DB: ${IMMICH_DB_DATABASE_NAME} - POSTGRES_INITDB_ARGS: "--data-checksums" - # Uncomment the DB_STORAGE_TYPE: 'HDD' var if your database isn't stored on SSDs - B_STORAGE_TYPE: "HDD" volumes: - # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file - - ${IMMICH_DB_DATA_LOCATION}:/var/lib/postgresql/data + - ${HA_CONFIG}:/config + - /etc/localtime:/etc/localtime:ro + - /run/dbus:/run/dbus:ro + restart: unless-stopped + # devices: + # - /dev/ttyUSB0:/dev/ttyUSB0 + privileged: true + networks: + - ha-network + - server-network + + piper: # :10200 + image: homeassistant/amd64-addon-piper:latest + container_name: piper + entrypoint: python3 + command: > + -m wyoming_piper + --piper '/usr/share/piper/piper' + --uri 'tcp://0.0.0.0:10200' + --length-scale "1" + --noise-scale "0.667" + --speaker "0" + --voice "en_US-lessac-medium" + --max-piper-procs "1" + --data-dir /data + --data-dir /share/piper + --download-dir /data + volumes: + - ${PIPER_DATA}:/data restart: unless-stopped networks: - - immich-network - - # # --- Home Assistant --- - # homeassistant: - # container_name: homeassistant - # image: "ghcr.io/home-assistant/home-assistant:stable" - # env_file: - # - .env - # volumes: - # - ${HA_CONFIG}:/config - # - /etc/localtime:/etc/localtime:ro - # - /run/dbus:/run/dbus:ro - # restart: unless-stopped - # # devices: - # # - /dev/ttyUSB0:/dev/ttyUSB0 - # privileged: true - # network_mode: host - # # ports: - # # - "8123:8123" - - # esphome: - # container_name: esphome - # image: ghcr.io/esphome/esphome:latest - # volumes: - # - ${ESPHOME_CONFIG}:/config - # - /etc/localtime:/etc/localtime:ro - # restart: unless-stopped - # privileged: true - # network_mode: host - # # ports: - # # - "6052:6052" - # env_file: - # - .env - - # # openwakeword: - # # image: homeassistant/amd64-addon-openwakeword:latest - # # container_name: openwakeword - # # entrypoint: python3 - # # command: > - # # -m wyoming_openwakeword - # # --uri 'tcp://0.0.0.0:10400' - # # --preload-model 'ok_nabu' - # # --custom-model-dir /share/openwakeword - # # env_file: - # # - .env - # # ports: - # # - 10400:10400 - # # volumes: - # # - ${OWW_DATA}:/data - # # - ${OWW_CUSTOM_MODEL_DIR}:/share/openwakeword - # # restart: unless-stopped - - # piper: - # image: homeassistant/amd64-addon-piper:latest - # container_name: piper - - # entrypoint: python3 - # command: > - # -m wyoming_piper - # --piper '/usr/share/piper/piper' - # --uri 'tcp://0.0.0.0:10200' - # --length-scale "1" - # --noise-scale "0.667" - # --speaker "0" - # --voice "en_US-lessac-medium" - # --max-piper-procs "1" - # --data-dir /data - # --data-dir /share/piper - # --download-dir /data - # network_mode: host - # # ports: - # # - "10200:10200" - # volumes: - # - ${PIPER_DATA}:/data - # restart: unless-stopped - - # whisper: - # image: homeassistant/amd64-addon-whisper:latest - # container_name: whisper - - # entrypoint: python3 - # command: > - # -m wyoming_faster_whisper - # --uri tcp://0.0.0.0:10300 - # --model small-int8 - # --beam-size 1 - # --language en - # --data-dir /data - # --download-dir /data - # network_mode: host # Needed to use localhost in HA interface - # # ports: - # # - "10300:10300" - # env_file: - # - .env - # volumes: - # - ${WHISPER_DATA}:/data - # restart: unless-stopped - - + - ha-network + whisper: # :10300 + image: homeassistant/amd64-addon-whisper:latest + container_name: whisper + entrypoint: python3 + command: > + -m wyoming_faster_whisper + --uri tcp://0.0.0.0:10300 + --model small-int8 + --beam-size 1 + --language en + --data-dir /data + --download-dir /data + volumes: + - ${WHISPER_DATA}:/data + restart: unless-stopped + networks: + - ha-network + + # --- ESPHome --- + esphome: + container_name: esphome + image: ghcr.io/esphome/esphome:latest + volumes: + - ${ESPHOME_CONFIG}:/config + - /etc/localtime:/etc/localtime:ro + restart: unless-stopped + privileged: true + # network_mode: host + ports: + - "6052:6052" # # --- Prosody XMPP Server --- - # prosody: + # prosody: # :5280 # image: prosody/prosody:latest # container_name: prosody # restart: unless-stopped # ports: # - "5222:5222" # XMPP client connections # - "5269:5269" # XMPP server-to-server connections - # - "5280:5280" # HTTP/WebSocket connections - # - "5281:5281" # HTTPS/WebSocket connections (if SSL configured) # volumes: # - ${PROSODY_CONFIG}:/etc/prosody # - ${PROSODY_LOGS}:/var/log/prosody # - ${PROSODY_MODULES}:/usr/lib/prosody-modules - # env_file: - # - .env - - # # --- N8n Automation --- - # n8n: - # image: n8nio/n8n:latest - # restart: always - # # N8n will not be directly exposed to the host, Nginx Proxy Manager will proxy to it - # # Therefore, no 'ports' mapping is needed here for external access. - # # It will be accessible on the Docker network by Nginx Proxy Manager. - # environment: - # - N8N_HOST=${N8N_HOST} - # - N8N_PORT=5678 - # - N8N_PROTOCOL=https # Nginx Proxy Manager will handle HTTPS - # - NODE_ENV=production - # - WEBHOOK_URL=https://${N8N_HOST}/ - # - GENERIC_TIMEZONE=${TZ} - # - N8N_RUNNERS_ENABLED=true - # - N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS=true - # volumes: - # - ${N8N_DATA}:/home/node/.n8n - # - ${N8N_FILES}:/files - # env_file: - # - .env + # networks: + # - server-network volumes: model-cache: @@ -295,7 +217,5 @@ networks: driver: bridge nextcloud-network: driver: bridge - immich-network: - driver: bridge - homeassistant-network: + ha-network: driver: bridge diff --git a/server/domains.md b/server/domains.md deleted file mode 100644 index 1c1261b0..00000000 --- a/server/domains.md +++ /dev/null @@ -1,20 +0,0 @@ -# Domains - -- trude.dev (github pages site) - -## External Domains - -- ha.trude.dev (home assistant) (for phone tracking) -- git.trude.dev (gitea) (for public repos) -- chat.trude.dev (XMPP) - - muc.trude.dev (group chats) - - share.trude.dev (file sharing) - - proxy.trude.dev (compatibility) -- n8n.trude.dev - -## Tailscale Access / Local - -- server.local:81 (NGINX) -- server.local:2100 (PiHole) -- server.local:2283 (immich) -- server.local:8080 (file browser) diff --git a/server/nextcloud.sh b/server/nextcloud.sh new file mode 100644 index 00000000..82af52a1 --- /dev/null +++ b/server/nextcloud.sh @@ -0,0 +1 @@ +docker exec -u www-data -it nextcloud php "$@"