admin_jk/mapletree
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

compose file changes for modular prep

Browse source
This commit is contained in:
admin 2026-01-31 12:13:26 -07:00
parent e21bdfd3d8
commit bb6d6e137d
5 changed files with 101 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
lxc1/p0-infrastructure/mgdb.yml
View file

@ -1,18 +1,26 @@
services:
mariadb:
image: mariadb:10.11
container_name: mariadb-node
image: mariadb:11.4
container_name: mariadb-node1
restart: always
network_mode: host
environment:
- MARIADB_ROOT_PASSWORD=your_root_pass
- MARIADB_GALERA_CLUSTER_NAME=pve_cluster
- MARIADB_GALERA_CLUSTER_ADDRESS=gcomm://172.16.201.208,172.16.201.x
- MARIADB_NODE_NAME=lxc8-node
- MARIADB_NODE_ADDRESS=172.16.201.209
- MARIADB_ROOT_PASSWORD=${DB_ROOT_PASSWORD}
- MARIADB_USER=${DB_ADMIN_USER}
- MARIADB_PASSWORD=${DB_ADMIN_PASSWORD}
- MARIADB_DATABASE=initial_db
volumes:
- /docker/backbone/mariadb:/var/lib/mysql
ports:
- "3306:3306"
- "4567:4567"
- "4568:4568"
- "4444:4444"
- /docker/maria/data:/var/lib/mysql
- /docker/maria/conf:/etc/mysql/conf.d
command:
#- --wsrep-new-cluster
- --wsrep-on=ON
- --wsrep-provider=/usr/lib/galera/libgalera_smm.so
- --wsrep-cluster-name=mapletree_cluster
- --wsrep-cluster-address=gcomm://172.16.201.208,172.16.201.206
- --wsrep-node-address=172.16.201.208
- --wsrep-node-name=node1
- --binlog-format=row
- --default-storage-engine=innodb
- --innodb-autoinc-lock-mode=2
- --bind-address=0.0.0.0

6
lxc1/p1-ingress/rclone.yml
View file

@ -11,9 +11,9 @@ services:
done"
environment:
- RCLONE_CONFIG_MINIO_TYPE=s3
- RCLONE_CONFIG_MINIO_PROVIDER=minio
- RCLONE_CONFIG_MINIO_ACCESS_KEY_ID=your_key
- RCLONE_CONFIG_MINIO_SECRET_ACCESS_KEY=your_secret
- RCLONE_CONFIG_MINIO_PROVIDER=s3
- RCLONE_CONFIG_MINIO_ACCESS_KEY_ID=admin
- RCLONE_CONFIG_MINIO_SECRET_ACCESS_KEY=Pizzajam11
- RCLONE_CONFIG_MINIO_ENDPOINT=http://172.16.201.208:9000
volumes:
- /docker:/data:ro

52
lxc1/p2-apps/guacamole.yml
View file

@ -3,18 +3,66 @@ services:
image: guacamole/guacd:latest
container_name: guacd
restart: always
cpus: 1.0
mem_limit: "1024m"
mem_reservation: "256m"
restart: unless-stopped
networks:
- guac_internal
- guac_ssh
guacamole:
image: guacamole/guacamole:latest
container_name: guacamole
restart: always
user: root
ports:
- 8080:8080
cpus: 2.0
mem_limit: "3072m" # 3 GB
mem_reservation: "1024m"
environment:
- GUACD_HOSTNAME=guacd
- MYSQL_HOSTNAME=172.16.201.208
- MYSQL_PORT=3306
- MYSQL_DATABASE=guacamole
- MYSQL_USER=guacamole
- MYSQL_USER=guac_user
- MYSQL_PASSWORD=your_password
- MYSQL_SSL_MODE=disabled
- CATALINA_OPTS="-Djava.security.egd=file:/dev/./urandom -Xms1g -Xmx2g"
ports:
- "8080:8080"
depends_on:
- guacd
- guacd
#networks:
#- guac_internal
#- guac_external # Connects to Traefik
labels:
- "traefik.enable=false"
- "traefik.http.routers.guac.rule=Host(`ssh.mapletree.email`)"
- "traefik.http.routers.guac.entrypoints=websecure"
- "traefik.http.routers.guac.tls=true"
- "traefik.http.services.guac.loadbalancer.server.port=8080"
- "traefik.http.routers.guac.tls.certresolver=myresolver"
- "traefik.docker.network=guac_external"
# Middleware 1: Redirect
- "traefik.http.middlewares.guac-redirect.redirectregex.regex=^https://([^/]+)/?$$"
- "traefik.http.middlewares.guac-redirect.redirectregex.replacement=https://$${1}/guacamole/"
# Middleware 2: Disable Buffering (Stability Fix)
- "traefik.http.middlewares.guac-buffer.buffering.maxResponseBodyBytes=0"
- "traefik.http.middlewares.guac-buffer.buffering.maxRequestBodyBytes=0"
- "traefik.http.middlewares.guac-buffer.buffering.memRequestBodyBytes=0"
- "traefik.http.middlewares.guac-buffer.buffering.memResponseBodyBytes=0"
- "traefik.http.middlewares.guac-buffer.buffering.retryExpression=IsNetworkError() && Attempts() <= 2"
# Apply Both
- "traefik.http.routers.guac.middlewares=guac-redirect,guac-buffer"
networks:
guac_internal:
internal: true
guac_external:
external: true
guac_ssh:
external: true

21
lxc1/p2-apps/komodo.yml
View file

@ -1,5 +1,14 @@
services:
komodo-mongo:
image: mongo:7.0
container_name: komodo-mongo
restart: always
network_mode: host
command: ["--replSet", "rs0", "--bind_ip_all", "--port", "27017"]
volumes:
- /docker/management/mongodb:/data/db
komodo:
image: ghcr.io/moghtech/komodo-core:latest
container_name: komodo
@ -30,18 +39,6 @@ services:
- komodo_external
- management_internal
komodo-mongo:
image: mongo:7.0
container_name: komodo-mongo
restart: always
network_mode: host
command: ["--replSet", "rs0", "--bind_ip_all", "--port", "27017"]
volumes:
- /docker/management/mongodb:/data/db
networks:
komodo_external:
external: true

23
lxc1/p3-monitor/grafana.yml
View file

@ -2,14 +2,27 @@ services:
grafana:
image: grafana/grafana-oss:latest
container_name: grafana
user: "1000:1000"
restart: always
environment:
- GF_SECURITY_ADMIN_USER=admin
- GF_SECURITY_ADMIN_PASSWORD=changeme
- GF_DATABASE_TYPE=mysql
- GF_DATABASE_HOST=172.16.201.208:3306
- GF_DATABASE_HOST=172.16.201.208
- GF_DATABASE_PORT=3306
- GF_DATABASE_NAME=grafana
- GF_DATABASE_USER=grafana
- GF_DATABASE_PASSWORD=your_password
- GF_DATABASE_USER=grafana_user
- GF_DATABASE_PASSWORD=apts22$$$$
- GF_DATABASE_MAX_IDLE_CONN=3
- GF_DATABASE_CONN_MAX_LIFETIME=14400
- GF_EXTERNAL_IMAGE_STORAGE_PROVIDER=s3
- GF_EXTERNAL_IMAGE_STORAGE_S3_BUCKET=grafana
- GF_EXTERNAL_IMAGE_STORAGE_S3_REGION=us-east-1
- GF_EXTERNAL_IMAGE_STORAGE_S3_ENDPOINT=http://172.16.201.208:9000
- GF_EXTERNAL_IMAGE_STORAGE_S3_ACCESS_KEY=admin
- GF_EXTERNAL_IMAGE_STORAGE_S3_SECRET_KEY=Pizzajam11
volumes:
- /docker/monitoring/grafana/data:/var/lib/grafana
- ./grafana:/etc/grafana
- ./grafana-db:/var/lib/grafana
ports:
- "3001:3000"
- "2999:3000"