feat(keycloak|docker): improved templating
Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>
This commit is contained in:
Tuan-Dat Tran
@@ -12,7 +12,6 @@ services:
|
||||
- docker-host00
|
||||
container_name: syncthing
|
||||
image: syncthing/syncthing:1.29
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- name: "Data"
|
||||
internal: /var/syncthing/
|
||||
@@ -39,7 +38,6 @@ services:
|
||||
- docker-host00
|
||||
container_name: kuma
|
||||
image: louislam/uptime-kuma:1.23.16
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- name: "Data"
|
||||
internal: /app/data
|
||||
@@ -57,7 +55,6 @@ services:
|
||||
- docker-host00
|
||||
container_name: plex
|
||||
image: lscr.io/linuxserver/plex:1.41.5
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- name: "Configuration"
|
||||
internal: /config
|
||||
@@ -110,7 +107,6 @@ services:
|
||||
- docker-host01
|
||||
container_name: jellyfin
|
||||
image: jellyfin/jellyfin:10.10
|
||||
restart: "unless-stopped"
|
||||
volumes:
|
||||
- name: "Configuration"
|
||||
internal: /config
|
||||
@@ -141,7 +137,6 @@ services:
|
||||
- docker-host01
|
||||
container_name: homeassistant
|
||||
image: "ghcr.io/home-assistant/home-assistant:stable"
|
||||
restart: unless-stopped
|
||||
privileged: true
|
||||
volumes:
|
||||
- name: "Configuration"
|
||||
@@ -168,7 +163,6 @@ services:
|
||||
- docker-host00
|
||||
container_name: ddns-updater
|
||||
image: qmcgaw/ddns-updater:2
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- name: "Configuration"
|
||||
internal: /updater/data/"
|
||||
@@ -182,7 +176,6 @@ services:
|
||||
- docker-host00
|
||||
container_name: sonarr
|
||||
image: linuxserver/sonarr:4.0.14
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- name: "Configuration"
|
||||
internal: /config
|
||||
@@ -206,7 +199,6 @@ services:
|
||||
- docker-host00
|
||||
container_name: radarr
|
||||
image: linuxserver/radarr:5.21.1
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- name: "Configuration"
|
||||
internal: /config
|
||||
@@ -230,7 +222,6 @@ services:
|
||||
- docker-host00
|
||||
container_name: lidarr
|
||||
image: linuxserver/lidarr:2.10.3
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- name: "Configuration"
|
||||
internal: /config
|
||||
@@ -254,7 +245,6 @@ services:
|
||||
- docker-host00
|
||||
container_name: prowlarr
|
||||
image: linuxserver/prowlarr:1.32.2
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- name: "Configuration"
|
||||
internal: /config
|
||||
@@ -272,10 +262,9 @@ services:
|
||||
- docker-host00
|
||||
container_name: paperless
|
||||
image: ghcr.io/paperless-ngx/paperless-ngx:2.14
|
||||
restart: unless-stopped
|
||||
depends_on:
|
||||
- paperless-postgres
|
||||
- paperless-broker
|
||||
- paperless-redis
|
||||
volumes:
|
||||
- name: "Configuration"
|
||||
internal: /usr/src/paperless/data
|
||||
@@ -290,7 +279,7 @@ services:
|
||||
internal: /usr/src/paperless/consume
|
||||
external: "{{ docker.directories.local }}/paperless/data/consume"
|
||||
environment:
|
||||
- "PAPERLESS_REDIS=redis://paperless-broker:6379"
|
||||
- "PAPERLESS_REDIS=redis://paperless-redis:6379"
|
||||
- "PAPERLESS_DBHOST=paperless-postgres"
|
||||
- "PAPERLESS_DBUSER=paperless"
|
||||
- "PAPERLESS_DBPASS={{ vault.docker.paperless.dbpass }}"
|
||||
@@ -303,12 +292,18 @@ services:
|
||||
- name: "http"
|
||||
internal: 8000
|
||||
external: "{{ services_external_http.paperless }}"
|
||||
sub_service:
|
||||
- name: postgres
|
||||
version: 15
|
||||
username: paperless
|
||||
password: "{{ vault.docker.paperless.dbpass }}"
|
||||
- name: redis
|
||||
version: 7
|
||||
- name: pdf
|
||||
vm:
|
||||
- docker-host00
|
||||
container_name: stirling
|
||||
image: frooodle/s-pdf:0.45.0
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- name: "http"
|
||||
internal: 8080
|
||||
@@ -318,7 +313,6 @@ services:
|
||||
- docker-host01
|
||||
container_name: gitea
|
||||
image: gitea/gitea:1.23-rootless
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- name: "Configuration"
|
||||
internal: /etc/gitea
|
||||
@@ -347,7 +341,6 @@ services:
|
||||
- docker-host00
|
||||
container_name: changedetection
|
||||
image: dgtlmoon/changedetection.io:0.49
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- name: "Data"
|
||||
internal: /datastore
|
||||
@@ -361,7 +354,6 @@ services:
|
||||
- docker-host00
|
||||
container_name: gluetun
|
||||
image: qmcgaw/gluetun:v3.40
|
||||
restart: unless-stopped
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
devices:
|
||||
@@ -394,7 +386,6 @@ services:
|
||||
- docker-host00
|
||||
container_name: torrentleech
|
||||
image: qbittorrentofficial/qbittorrent-nox
|
||||
restart: unless-stopped
|
||||
depends_on:
|
||||
- gluetun
|
||||
network_mode: "container:gluetun"
|
||||
@@ -420,7 +411,6 @@ services:
|
||||
- docker-host00
|
||||
container_name: qbit
|
||||
image: qbittorrentofficial/qbittorrent-nox:5.0.4-1
|
||||
restart: unless-stopped
|
||||
depends_on:
|
||||
- gluetun
|
||||
network_mode: "container:gluetun"
|
||||
@@ -447,7 +437,6 @@ services:
|
||||
- docker-host01
|
||||
container_name: cadvisor
|
||||
image: gcr.io/cadvisor/cadvisor:v0.52.1
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- name: ""
|
||||
internal: 8080
|
||||
@@ -470,7 +459,6 @@ services:
|
||||
- docker-host01
|
||||
container_name: karakeep
|
||||
image: ghcr.io/karakeep-app/karakeep:0.23.2
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- name: "http"
|
||||
internal: 3000
|
||||
@@ -488,12 +476,21 @@ services:
|
||||
- OPENAI_API_KEY={{ vault.docker.karakeep.openai_key }}
|
||||
- DATA_DIR=/data
|
||||
- DISABLE_SIGNUPS=true
|
||||
sub_service:
|
||||
- name: meilisearch
|
||||
version: v1.11.1
|
||||
nextauth_secret: "{{ vault.docker.karakeep.nextauth_secret }}"
|
||||
meili_master_key: "{{ vault.docker.karakeep.meili_master_key }}"
|
||||
openai_key: "{{ vault.docker.karakeep.openai_key }}"
|
||||
- name: chrome
|
||||
version: 123
|
||||
- name: keycloak
|
||||
vm:
|
||||
- docker-host01
|
||||
container_name: keycloak
|
||||
image: quay.io/keycloak/keycloak:26.2
|
||||
restart: unless-stopped
|
||||
depends_on:
|
||||
- keycloak-postgres
|
||||
ports:
|
||||
- name: "http"
|
||||
internal: 8080
|
||||
@@ -502,14 +499,17 @@ services:
|
||||
- name: "config"
|
||||
internal: /opt/keycloak/data/import/homelab-realm.json
|
||||
external: "{{ docker.directories.local }}/keycloak/homelab-realm.json"
|
||||
- name: "config"
|
||||
internal: /opt/keycloak/data/import/master-realm.json
|
||||
external: "{{ docker.directories.local }}/keycloak/master-realm.json"
|
||||
command:
|
||||
- "start"
|
||||
- "--import-realm"
|
||||
environment:
|
||||
- KC_DB=postgres
|
||||
- KC_DB_URL=jdbc:postgresql://postgres:5432/keycloak
|
||||
- KC_DB_USERNAME=keycloak
|
||||
- KC_DB_PASSWORD=password
|
||||
- KC_DB_URL=jdbc:postgresql://keycloak-postgres:5432/keycloak
|
||||
- KC_DB_USERNAME={{ keycloak_config.database.username }}
|
||||
- KC_DB_PASSWORD={{ keycloak_config.database.password }}
|
||||
- KC_HOSTNAME=keycloak.{{ internal_domain }}
|
||||
- KC_HTTP_ENABLED=true
|
||||
- KC_HTTP_RELATIVE_PATH=/
|
||||
@@ -518,4 +518,9 @@ services:
|
||||
- KC_HOSTNAME_URL=https://keycloak.{{ internal_domain }}
|
||||
- KC_HOSTNAME_ADMIN_URL=https://keycloak.{{ internal_domain }}
|
||||
- KC_BOOTSTRAP_ADMIN_USERNAME=serviceadmin-{{ keycloak_admin_hash }}
|
||||
- KC_BOOTSTRAP_ADMIN_PASSWORD={{ vault.docker.keycloak.admin.password }
|
||||
- KC_BOOTSTRAP_ADMIN_PASSWORD={{ vault.docker.keycloak.admin.password }}
|
||||
sub_service:
|
||||
- name: postgres
|
||||
version: 17
|
||||
username: "{{ keycloak_config.database.username }}"
|
||||
password: "{{ keycloak_config.database.password }}"
|
||||
|
||||
Reference in New Issue
Block a user