Container Deployment#
Docker Compose Stacks#
Core Services (helium)#
docker-compose.yml:
version: '3.8'
services:
# Authentication
authentik:
image: ghcr.io/goauthentik/server:latest
ports:
- "9000:9000"
- "9443:9443"
environment:
- AUTHENTIK_REDIS__HOST=redis
- AUTHENTIK_POSTGRESQL__HOST=postgres
- AUTHENTIK_POSTGRESQL__USER=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=changeme
- AUTHENTIK_POSTGRESQL__NAME=authentik
volumes:
- ./authentik/media:/media
- ./authentik/custom-templates:/templates
depends_on:
- redis
- postgres
redis:
image: redis:alpine
volumes:
- redis_data:/data
postgres:
image: postgres:15-alpine
environment:
- POSTGRES_USER=authentik
- POSTGRES_PASSWORD=changeme
- POSTGRES_DB=authentik
volumes:
- postgres_data:/var/lib/postgresql/data
# File sharing
nextcloud:
image: nextcloud:latest
ports:
- "8081:80"
environment:
- MYSQL_HOST=mysql
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_PASSWORD=changeme
volumes:
- nextcloud_data:/var/www/html
depends_on:
- mysql
mysql:
image: mysql:8.0
environment:
- MYSQL_ROOT_PASSWORD=changeme
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_PASSWORD=changeme
volumes:
- mysql_data:/var/lib/mysql
# Code hosting
gitea:
image: gitea/gitea:latest
ports:
- "3000:3000"
- "222:22"
volumes:
- gitea_data:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
# Monitoring
prometheus:
image: prom/prometheus:latest
ports:
- "9090:9090"
volumes:
- ./prometheus.yml:/etc/prometheus/prometheus.yml
- prometheus_data:/prometheus
grafana:
image: grafana/grafana:latest
ports:
- "3000:3000"
volumes:
- grafana_data:/var/lib/grafana
environment:
- GF_SECURITY_ADMIN_PASSWORD=changeme
# UniFi Controller
unifi:
image: lscr.io/linuxserver/unifi-network-application:latest
ports:
- "8443:8443"
- "3478:3478/udp"
- "8080:8080"
volumes:
- unifi_data:/config
volumes:
redis_data:
postgres_data:
nextcloud_data:
mysql_data:
gitea_data:
prometheus_data:
grafana_data:
unifi_data:NVIDIA Container Toolkit#
Install on helium:
# Add repository
curl -fsSL https://nvidia.github.io/libnvidia-container/gpgkey | sudo gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit.gpg
curl -s -L https://nvidia.github.io/libnvidia-container/stable/deb/nvidia-container-toolkit.list | \
sed 's#deb https://#deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit.gpg] https://#g' | \
sudo tee /etc/apt/sources.list.d/nvidia-container-toolkit.list
sudo apt update
sudo apt install nvidia-container-toolkit
# Configure Docker
sudo nvidia-ctk runtime configure --runtime=docker
sudo systemctl restart dockerUse in containers:
services:
llama-cpp-server:
image: ghcr.io/ggerganov/llama.cpp:server
deploy:
resources:
reservations:
devices:
- driver: nvidia
count: 1
capabilities: [gpu]
volumes:
- ./models:/models
environment:
- NVIDIA_VISIBLE_DEVICES=allPortainer (Optional)#
services:
portainer:
image: portainer/portainer-ce:latest
ports:
- "9000:9000"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- portainer_data:/dataAccess: http://helium.mrzk.io:9000
Backup Strategy#
Container configs:
# Weekly backup of all docker-compose.yml and configs
tar -czf /mnt/backup/docker-configs-$(date +%Y%m%d).tar.gz \
~/docker/*/docker-compose.yml \
~/docker/*/config/Database dumps:
# Daily postgres backup
pg_dump -U authentik authentik > /mnt/backup/authentik-$(date +%Y%m%d).sql