Merge branch 'main' into renovate/docker.mafyuh.xyz-jlesage-makemkv
All checks were successful
Lint on PR / Lint YAML files (pull_request) Successful in 12s
Deploy to Hosts / deploy (pull_request) Has been skipped

This commit is contained in:
Matt Reeves 2024-07-31 20:05:21 -04:00
commit c9e0bf81ea
20 changed files with 155 additions and 78 deletions

View file

@ -6,7 +6,7 @@ on:
jobs:
deploy:
if: github.event.pull_request.merged == true
runs-on: ubuntu-22.04
runs-on: docker
steps:
- name: Checkout repository
uses: actions/checkout@v4
@ -14,15 +14,19 @@ jobs:
- name: Fetch all history for git diff
run: git fetch --depth=2
- name: Install jq
run: |
apt-get update && apt-get install -y jq
- name: Detect modified folders
id: detect-changes
run: |
if [ "$(git rev-parse --is-shallow-repository)" = "true" ]; then
git fetch --unshallow
fi
folders=$(git diff --name-only HEAD~1 HEAD | cut -d/ -f1 | sort | uniq)
folders=$(git diff --name-only HEAD~1 HEAD | grep '^docker/' | cut -d/ -f2 | sort | uniq)
echo "Modified folders: $folders"
echo "::set-output name=folders::$folders"
echo "::set-output name=folders::$folders"
- name: Deploy to hosts
run: |

View file

@ -16,7 +16,7 @@ jobs:
uses: actions/setup-node@v4
with:
node-version: 14
- name: Install yamllint
run: |
npm install -g yaml-lint
@ -27,4 +27,4 @@ jobs:
- name: Lint .yml files
run: |
yamllint -d "{extends: relaxed, rules: {line-length: {max: 120}}}" ./**/*.yml
yamllint -d "{extends: relaxed, rules: {line-length: {max: 120}}}" docker/**/*.yml

View file

@ -1,2 +1,10 @@
# iac
Currently migrating [Auto-Homelab](https://git.mafyuh.dev/mafyuh/Auto-Homelab), [Iac-Homelab](https://git.mafyuh.dev/mafyuh/IaC-Homelab), [ansible-playbooks](https://git.mafyuh.dev/mafyuh/ansible-playbooks) and [kub](https://git.mafyuh.dev/mafyuh/kub) repos into this one.
ToDo
- [ ] Update Readme
- [x] Migrate all containers to use this repo (DB migrations)
- [x] Get OpenTofu migrated to this repo
- [ ] Get Kubernetes repo migrated over
- [ ] Re-bootstrap Flux

View file

@ -0,0 +1,33 @@
---
- name: Deploy application
hosts: "{{ target_host }}"
vars:
repo_path: "/home/{{ ansible_user }}/iac/docker/{{ folder }}"
tasks:
- name: Ensure the repository is up-to-date
shell: git pull
args:
chdir: "{{ repo_path }}"
register: git_pull_output
- name: Display git pull output
debug:
var: git_pull_output.stdout_lines
- name: Restart services
command: docker compose up -d
args:
chdir: "{{ repo_path }}"
register: docker_compose_output
- name: Display docker output
debug:
var: docker_compose_output.stdout_lines
- name: Run Docker Command
command: docker ps
register: docker_output
- name: Display Docker Output
debug:
var: docker_output.stdout_lines

View file

@ -2,7 +2,7 @@ version: "3.8"
services:
ollama:
image: docker.mafyuh.xyz/ollama/ollama:0.1.45
image: ollama/ollama:0.3.1
container_name: ollama
restart: unless-stopped
volumes:
@ -18,7 +18,7 @@ services:
capabilities: [gpu]
open-webui:
image: ghcr.io/open-webui/open-webui:0.3.5
image: ghcr.io/open-webui/open-webui:v0.3.10
container_name: open-webui
restart: unless-stopped
ports:
@ -29,7 +29,7 @@ services:
- host.docker.internal:host-gateway
mindsdb:
image: docker.mafyuh.xyz/mindsdb/mindsdb:v24.6.3.1
image: mindsdb/mindsdb:v24.7.5.0
container_name: mindsdb
ports:
- 47334:47334

View file

@ -1,17 +1,15 @@
[![Yamllint](https://git.mafyuh.dev/mafyuh/Auto-Homelab/badges/workflows/yamllint.yml/badge.svg)](https://git.mafyuh.dev/mafyuh/Auto-Homelab/actions)
[![Yamllint](https://git.mafyuh.dev/mafyuh/Auto-Homelab/badges/workflows/CD.yml/badge.svg)](https://git.mafyuh.dev/mafyuh/Auto-Homelab/actions)
[![Yamllint](https://git.mafyuh.dev/mafyuh/iac/badges/workflows/yamllint.yml/badge.svg)](https://git.mafyuh.dev/mafyuh/iac/actions)
[![Yamllint](https://git.mafyuh.dev/mafyuh/iac/badges/workflows/CD.yml/badge.svg)](https://git.mafyuh.dev/mafyuh/iac/actions)
[![Renovate](https://git.mafyuh.dev/renovatebot/renovate/badges/workflows/renovate.yml/badge.svg)](https://git.mafyuh.dev/renovatebot/renovate/actions)
[![Pulls](https://git.mafyuh.dev/mafyuh/Auto-Homelab/badges/pulls.svg)](https://git.mafyuh.dev/mafyuh/Auto-Homelab/pulls)
[![Pulls](https://git.mafyuh.dev/mafyuh/iac/badges/pulls.svg)](https://git.mafyuh.dev/mafyuh/iac/pulls)
![Header Image](https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/header_.png)
<div align="center">
# Auto-Homelab
Homelab docker-compose environment defined in code. Using Forgejo Actions and Renovate bot for CI, AWX Tower and Forgejo Actions for CD. This is how I keep my Homelab UTD.
</div>
<p align="center">
<a href="https://git.mafyuh.dev/mafyuh/Auto-Homelab/wiki">Wiki</a> |
<a href="https://git.mafyuh.dev/mafyuh/iac/wiki">Wiki</a> |
<a href="https://loganmarchione.com/2022/10/how-to-run-renovate-on-a-self-hosted-gitea-and-drone-instance/">How to Setup</a> |
<a href="https://mafyuh.com">Blog</a> |
<a href="https://www.youtube.com/watch?v=5CkCr9U_Q1Y">Inspiration</a> |
@ -305,8 +303,4 @@ graph TD
P --> Q
```
## To-Do
[View Project Board](https://git.mafyuh.dev/mafyuh/Auto-Homelab/projects/1)
```

View file

@ -1,7 +1,7 @@
---
services:
adguardhome:
image: docker.mafyuh.xyz/adguard/adguardhome:v0.107.51
image: docker.mafyuh.xyz/adguard/adguardhome:v0.107.52
container_name: adguardhome
restart: unless-stopped
volumes:

View file

@ -1,7 +1,7 @@
---
services:
adguardhome:
image: docker.mafyuh.xyz/adguard/adguardhome:v0.107.51
image: docker.mafyuh.xyz/adguard/adguardhome:v0.107.52
container_name: adguardhome
restart: unless-stopped
volumes:
@ -22,7 +22,7 @@ services:
- 5443:5443/udp
adguardhome-sync:
image: ghcr.io/linuxserver/adguardhome-sync@sha256:67962a0e15bf1a41e4bc0083d93d7e0268ad6431482c337ef49d5f2673c36c71
image: ghcr.io/linuxserver/adguardhome-sync@sha256:c6bad810acfc292b9220936751194f6ae9800b1228385ae8f2130fba280b79ee
container_name: adguardhome-sync
environment:
- PUID=1000

View file

@ -1,7 +1,7 @@
---
services:
server:
image: codeberg.org/forgejo/forgejo:7.0.4
image: codeberg.org/forgejo/forgejo:8.0.0
container_name: forgejo
environment:
- USER_UID=1000
@ -38,7 +38,7 @@ services:
- /home/ubuntu/forgejo/mysql:/var/lib/mysql
gotify:
image: docker.mafyuh.xyz/gotify/server-arm7:2.4.0
image: docker.mafyuh.xyz/gotify/server-arm7:2.5.0
container_name: gotify
ports:
- 9008:80
@ -53,7 +53,7 @@ services:
- gitea_main
nginx-proxy-manager:
image: docker.mafyuh.xyz/jc21/nginx-proxy-manager:2.11.2
image: docker.mafyuh.xyz/jc21/nginx-proxy-manager:2.11.3
container_name: nginx-proxy-manager
ports:
- 80:80
@ -107,7 +107,7 @@ services:
networks:
- gitea_main
n8n:
image: ghcr.io/n8n-io/n8n:1.47.0
image: ghcr.io/n8n-io/n8n:1.52.2
container_name: n8n
ports:
- 5678:5678
@ -122,7 +122,7 @@ services:
- gitea_main
vaultwarden:
image: docker.mafyuh.xyz/vaultwarden/server:1.30.5
image: docker.mafyuh.xyz/vaultwarden/server:1.31.0
container_name: vaultwarden
ports:
- 8989:80
@ -137,7 +137,7 @@ services:
ipv4_address: 172.25.0.25
syncthing:
image: ghcr.io/linuxserver/syncthing@sha256:6e70dd0cc0ddb038a8f58cf0945d6659b13c984f11d708407469bf16d520574c
image: ghcr.io/linuxserver/syncthing@sha256:84e9cd99d247d6ef31fc8c1a6967f068a8352a530095bb402bf3bb298aa10696
container_name: syncthing
hostname: ARM #optional
environment:

View file

@ -1,7 +1,7 @@
---
services:
bazarr:
image: ghcr.io/linuxserver/bazarr@sha256:6fb83511c0dca70a400fde79cb45ed59c4f66ea30dcba8c6f9274f01d77e5aef
image: ghcr.io/linuxserver/bazarr@sha256:e70de8a714ac57395d45052392001ec433b8f48aa1c204f13dae312cbcbe43af
container_name: bazarr
ports:
- "6767:6767"
@ -15,7 +15,7 @@ services:
- PGID=1000
lidarr:
image: ghcr.io/linuxserver/lidarr@sha256:a7d0282dcdbf5b11306cc4054c11b42252106b5e8494375231322822d31ac9f6
image: ghcr.io/linuxserver/lidarr@sha256:5855582eee07024c2584c01aaf955901303162bf00de183a1fbf2e9b81041695
container_name: lidarr
ports:
- "8686:8686"
@ -31,7 +31,7 @@ services:
- PGID=1000
prowlarr:
image: ghcr.io/linuxserver/prowlarr@sha256:237e9a72c11c5350bf22e355759436ecd4fd660e820d5b556d9a9e436f25f6b9
image: ghcr.io/linuxserver/prowlarr@sha256:7fe57565907f4f776d43c15b2e020a0e4a62fe1e04e80e25b85a3ae4ca49e5d0
container_name: prowlarr
ports:
- "9696:9696"
@ -43,7 +43,7 @@ services:
- PGID=1000
radarr:
image: ghcr.io/linuxserver/radarr@sha256:40f10a3d826f6c231d338738c3c86bf0d23a9546f20f8b1b504c6c579b79992c
image: ghcr.io/linuxserver/radarr@sha256:9d6f0548fd805edb30108fdd06d0fc5a4436c9bd708b57bd4119d7aefa815fe4
container_name: radarr
ports:
- "7878:7878"
@ -57,7 +57,7 @@ services:
- PGID=1000
sonarr:
image: ghcr.io/linuxserver/sonarr@sha256:275467ba17d990bbc6301dec3cc76b042969836749de39067818759d0f3b407f
image: ghcr.io/linuxserver/sonarr@sha256:fbee5770f688e4f89dd073534feda11251bfde0e0a4e6ac74dd8c33bb856b505
container_name: sonarr
ports:
- "8989:8989"
@ -91,7 +91,7 @@ services:
- AUTH_OIDC_ADMIN_GROUP=${AUTH_OIDC_ADMIN_GROUP}
doplarr:
image: ghcr.io/linuxserver/doplarr@sha256:20981fa1a4087d5369b9eaf756ab179352e05fe914b88c36f468ee3cd9a1ce98
image: ghcr.io/linuxserver/doplarr@sha256:9e1cfedf824d00bb0f269bcb3836b13cdbb74747bef062f9021be6f0f63dde7a
container_name: doplarr
environment:
- PUID=1000
@ -140,7 +140,7 @@ services:
image: gcr.io/cadvisor/cadvisor:v0.49.1
syncthing:
image: ghcr.io/linuxserver/syncthing@sha256:6e70dd0cc0ddb038a8f58cf0945d6659b13c984f11d708407469bf16d520574c
image: ghcr.io/linuxserver/syncthing@sha256:84e9cd99d247d6ef31fc8c1a6967f068a8352a530095bb402bf3bb298aa10696
container_name: syncthing
hostname: ARRS
environment:
@ -157,6 +157,21 @@ services:
- 21027:21027/udp
restart: unless-stopped
code-server:
image: ghcr.io/linuxserver/code-server@sha256:1eb6671a1bc500028e1d7a44eccbfdffbb2d802840c6d7f9e83cc87e1003da94
container_name: code-server
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
- SUDO_PASSWORD=$SUDO_PASSWORD
- PROXY_DOMAIN=$PROXY_DOMAIN
volumes:
- /docker/appdata/code-server/config:/config
ports:
- 8443:8443
restart: unless-stopped
networks:
default:
name: arrs_default

View file

@ -3,7 +3,7 @@ version: "3.4"
services:
postgresql:
image: docker.io/library/postgres:12-alpine
image: docker.io/library/postgres:16-alpine
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
@ -32,7 +32,7 @@ services:
volumes:
- redis:/data
server:
image: ghcr.io/goauthentik/server@sha256:a2e592a08eb3c9e3435aa4e6585d60cc1eb54850da9d1498d56a131bbfbe03ff
image: ghcr.io/goauthentik/server@sha256:a98f95518269d01bb812eb0e12c6647f3d08a36e37b9fdbdccf9345d4431b9f0
restart: unless-stopped
command: server
environment:
@ -53,7 +53,7 @@ services:
- postgresql
- redis
worker:
image: ghcr.io/goauthentik/server@sha256:a2e592a08eb3c9e3435aa4e6585d60cc1eb54850da9d1498d56a131bbfbe03ff
image: ghcr.io/goauthentik/server@sha256:a98f95518269d01bb812eb0e12c6647f3d08a36e37b9fdbdccf9345d4431b9f0
restart: unless-stopped
command: worker
environment:
@ -79,15 +79,6 @@ services:
depends_on:
- postgresql
- redis
authentik_ldap:
image: ghcr.io/goauthentik/ldap@sha256:7f317da9b736dec3e53b71b7face1787d4f15aee00e80d003e5ff3b2d49ee382
ports:
- 389:3389
- 636:6636
environment:
AUTHENTIK_HOST: ${AUTH_HOST}
AUTHENTIK_INSECURE: "true"
AUTHENTIK_TOKEN: ${AUTH_TOKEN}
volumes:
database:

View file

@ -0,0 +1,26 @@
---
services:
docker-in-docker:
image: docker:dind
container_name: 'docker_dind'
privileged: 'true'
command: ['dockerd', '-H', 'tcp://0.0.0.0:2375', '--tls=false']
restart: 'unless-stopped'
gitea:
image: 'code.forgejo.org/forgejo/runner:3.5.0'
links:
- docker-in-docker
depends_on:
docker-in-docker:
condition: service_started
container_name: 'runner'
environment:
DOCKER_HOST: tcp://docker-in-docker:2375
# User without root privileges, but with access to `/data`.
user: 1000:1000
volumes:
- /home/mafyuh/data:/data
restart: 'unless-stopped'
command: '/bin/sh -c "sleep 5; forgejo-runner daemon"'

View file

@ -1,7 +1,7 @@
version: '3.9'
services:
sabnzbd:
image: ghcr.io/linuxserver/sabnzbd@sha256:4fb40ea724abc25cf9496cdbc8e528aa0882132737e49c5e712c264284fa7b94
image: ghcr.io/linuxserver/sabnzbd@sha256:d6a2a967d47b495c5342bc23de76d35eeb2f3ceb53c7be51885ad25f95dffe9b
container_name: sabnzbd
environment:
- PUID=1000
@ -32,7 +32,7 @@ services:
- VPN_USER=mafyuh+pmp
- VPN_PASS=
- STRICT_PORT_FORWARD=yes
- LAN_NETWORK=10.0.0.0/24,10.69.69.0/24
- LAN_NETWORK=$LAN_NETWORK
- ENABLE_PRIVOXY=yes
- PUID=1000
- PGID=1000
@ -48,7 +48,7 @@ services:
restart: unless-stopped
flaresolverr:
image: ghcr.io/flaresolverr/flaresolverr:v3.3.20
image: ghcr.io/flaresolverr/flaresolverr:v3.3.21
container_name: flaresolverr
ports:
- '8191:8191'
@ -72,7 +72,7 @@ services:
image: gcr.io/cadvisor/cadvisor:v0.49.1
node-exporter:
image: docker.mafyuh.xyz/prom/node-exporter:v1.8.1
image: docker.mafyuh.xyz/prom/node-exporter:v1.8.2
container_name: monitoring_node_exporter
restart: unless-stopped
ports:

View file

@ -1,7 +1,7 @@
---
services:
jellyfin:
image: ghcr.io/linuxserver/jellyfin@sha256:a363aa018edee61bcee46be5f8dbd0db2a317b2bc0f95121a46e522d798c2a63
image: ghcr.io/linuxserver/jellyfin@sha256:eadf16cadd823a5cbe1b92750ee74111f9b2cac894834477ab4a43a5fc835ebe
container_name: jellyfin
devices:
- /dev/dri/renderD129:/dev/dri/renderD129
@ -13,6 +13,7 @@ services:
volumes:
- /home/mafyuh/jellyfin/config:/config
- /mnt/thePoolShare/Media:/Media
- /mnt/thePoolShare/Media/Youtube:/Media/Youtube:ro
- /home/mafyuh/jellyfin/transcodes:/transcodes
- /home/mafyuh/jellyfin/cache:/nvmecache
- /home/mafyuh/jellyfin/metadata:/nvmemetadata
@ -34,7 +35,7 @@ services:
privileged: true
syncthing:
image: ghcr.io/linuxserver/syncthing@sha256:6e70dd0cc0ddb038a8f58cf0945d6659b13c984f11d708407469bf16d520574c
image: ghcr.io/linuxserver/syncthing@sha256:84e9cd99d247d6ef31fc8c1a6967f068a8352a530095bb402bf3bb298aa10696
container_name: syncthing
hostname: JF
environment:

View file

@ -1,7 +1,7 @@
---
services:
netbootxyz:
image: ghcr.io/linuxserver/netbootxyz@sha256:dce6b2c729611f1090f2e6479b764d98aef24cc340d018d923fa6678fcbf330e
image: ghcr.io/linuxserver/netbootxyz@sha256:3e7af245944519374e7e01422024f3b5baf67fa252ec92390fee1d57cd6cc1f6
container_name: netboot
environment:
- PUID=1000

View file

@ -1,7 +1,7 @@
---
services:
nexus:
image: docker.mafyuh.xyz/sonatype/nexus3:3.69.0
image: docker.mafyuh.xyz/sonatype/nexus3:3.70.1
container_name: nexus
restart: unless-stopped
ports:

View file

@ -1,21 +0,0 @@
---
services:
pages:
image: codeberg.org/codeberg/pages-server:v5.1
container_name: codeberg-pages
environment:
- GITEA_ROOT=https://git.mafyuh.dev
- GITEA_API_TOKEN=$GITEA_API_TOKEN
- ACME_ACCEPT_TERMS=true
- CLOUDFLARE_EMAIL=$CLOUDFLARE_EMAIL
- CLOUDFLARE_API_KEY=$CLOUDFLARE_API_KEY
- DNS_PROVIDER=cloudflare
- PAGES_DOMAIN=mafyuh.co
- CF_ZONE_API_TOKEN=$CF_ZONE_API_TOKEN
- CF_DNS_API_TOKEN=$CF_DNS_API_TOKEN
- ENABLE_HTTP_SERVER=false
ports:
- "80:80"
- "443:443"
volumes:
- /home/ubuntu/pages/datanew:/data

View file

@ -0,0 +1,26 @@
---
services:
docker-in-docker:
image: docker:dind
container_name: 'docker_dind'
privileged: 'true'
command: ['dockerd', '-H', 'tcp://0.0.0.0:2375', '--tls=false']
restart: 'unless-stopped'
gitea:
image: 'code.forgejo.org/forgejo/runner:3.5.0'
links:
- docker-in-docker
depends_on:
docker-in-docker:
condition: service_started
container_name: 'runner'
environment:
DOCKER_HOST: tcp://docker-in-docker:2375
# User without root privileges, but with access to `/data`.
user: 1000:1000
volumes:
- /home/mafyuh/data:/data
restart: 'unless-stopped'
command: '/bin/sh -c "sleep 5; forgejo-runner daemon"'

View file

@ -3,7 +3,7 @@ version: "2.1"
services:
whisperasr:
container_name: whisper
image: onerahmet/openai-whisper-asr-webservice:v1.4.1-gpu
image: onerahmet/openai-whisper-asr-webservice:v1.5.0-gpu
environment:
- ASR_MODEL=base.en
- ASR_ENGINE=faster_whisper

View file

@ -3,7 +3,7 @@
<div align="center">
# IaC-Homelab
# IaC
Infrastructure as Code (IaC) for my homelab using OpenTofu.