jpallison0625/swarm-production
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

unraid to swarm migration

Browse Source
This commit is contained in:
John
2025-11-11 01:25:04 +00:00
parent 6a9d38f91c
commit e2060a70ec
9 changed files with 432 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

171
stacks/apps/peertube/README.md Normal file
View File

@@ -0,0 +1,171 @@
# PeerTube Docker Swarm Setup
## Prerequisites
1. Traefik is running and configured
2. PostgreSQL is running (`postgresSQL` service)
3. The `homelab` network exists
4. DNS record for `videos.frostlabs.me` points to your server
## Setup Steps
### 1. Create PeerTube Database
Connect to your existing PostgreSQL instance and create the PeerTube database:
```bash
# Connect to PostgreSQL container
docker exec -it $(docker ps -q -f name=postgresSQL) psql -U admin -d postgres
# Create database (user 'admin' already exists with postgres-master secret)
CREATE DATABASE peertube;
GRANT ALL PRIVILEGES ON DATABASE peertube TO admin;
\q
```
### 2. Create Docker Secret for PeerTube
You already have the `postgres-master` secret for database access. You just need to create the PeerTube application secret:
```bash
# Generate and create the PeerTube secret
echo "$(openssl rand -hex 32)" | docker secret create peertube-secret -
# Verify the secret was created
docker secret ls | grep peertube
```
**Note:** The stack uses your existing `postgres-master` secret for database authentication with the `admin` user.
### 3. Verify Data Directory Permissions
```bash
# Check that the PeerTube appdata directory exists and has correct permissions
ls -la /home/doc/projects/unraid-appdata/PeerTube
# If needed, fix permissions (UID 999 is the PeerTube user)
sudo chown -R 999:999 /home/doc/projects/unraid-appdata/PeerTube
```
### 4. Deploy the Stack
```bash
docker stack deploy -c stack.yml peertube
```
### 5. Monitor Deployment
```bash
# Watch the services
docker service ls | grep peertube
# Check logs
docker service logs -f peertube_peertube
# Check if healthy
docker ps | grep peertube
```
### 6. Access PeerTube
Once deployed, access PeerTube at: https://videos.frostlabs.me
The first time you access it, you'll need to:
1. Complete the setup wizard
2. Create an admin account
3. Configure additional settings in the admin panel
## Configuration Notes
### Database Connection
- Host: `postgresSQL` (existing Postgres service)
- Port: 5432 (internal)
- Database: `peertube`
- User: `admin`
- Password: From `postgres-master` secret
### Redis Connection
- Host: `peertube-redis` (internal service)
- Port: 6379 (default)
### SMTP/Email
- Host: `peertube-postfix` (internal service)
- Port: 25
- From: noreply@videos.frostlabs.me
### Ports
- **9000**: PeerTube HTTP (internal, proxied by Traefik)
- **1935**: RTMP for live streaming (published on host)
### Traefik Integration
The stack is configured to use Traefik for:
- SSL/TLS certificates (Let's Encrypt)
- HTTPS on port 443
- HTTP to HTTPS redirect
- Domain: videos.frostlabs.me
## Storage Layout
All data is stored in `/home/doc/projects/unraid-appdata/PeerTube`:
- Videos and media files
- Thumbnails and previews
- User uploads
- Logs
- Configuration
## Troubleshooting
### Check service status
```bash
docker service ps peertube_peertube --no-trunc
```
### View logs
```bash
docker service logs peertube_peertube
docker service logs peertube_peertube-redis
docker service logs peertube_peertube-postfix
```
### Database connection issues
```bash
# Test connection from PeerTube container
docker exec -it $(docker ps -q -f name=peertube_peertube) sh
nc -zv postgresSQL 5432
```
### Restart services
```bash
docker service update --force peertube_peertube
```
### Remove and redeploy
```bash
docker stack rm peertube
# Wait for cleanup
docker stack deploy -c stack.yml peertube
```
## Updating PeerTube
```bash
# Update the image
docker service update --image chocobozzz/peertube:production-bookworm peertube_peertube
# Or redeploy the stack
docker stack deploy -c stack.yml peertube
```
## Security Considerations
1. Change the default admin password after first login
2. Keep PEERTUBE_SECRET secure and never commit it to version control
3. Regularly update the PeerTube image for security patches
4. Configure proper email settings for notifications
5. Review and configure user registration settings in admin panel
## Additional Resources
- [PeerTube Documentation](https://docs.joinpeertube.org/)
- [PeerTube Production Guide](https://docs.joinpeertube.org/install/docker)
- [PeerTube Admin Documentation](https://docs.joinpeertube.org/admin/following-instances)

90
stacks/apps/peertube/stack.yml Normal file
View File

@@ -0,0 +1,90 @@
services:
peertube:
image: chocobozzz/peertube:production-bookworm
networks:
- homelab
environment:
# Database configuration - connecting to existing Postgres
- POSTGRES_USER=admin
- POSTGRES_PASSWORD_FILE=/run/secrets/postgres-master
- POSTGRES_DB=peertube
- POSTGRES_HOSTNAME=postgresSQL
# Redis configuration
- REDIS_HOSTNAME=peertube-redis
# PeerTube configuration
- PEERTUBE_WEBSERVER_HOSTNAME=videos.frostlabs.me
- PEERTUBE_WEBSERVER_PORT=443
- PEERTUBE_WEBSERVER_HTTPS=true
- PEERTUBE_TRUST_PROXY=["127.0.0.1", "loopback", "172.18.0.0/16"]
# SMTP configuration - Gmail
- PEERTUBE_SMTP_HOSTNAME=smtp.gmail.com
- PEERTUBE_SMTP_PORT=587
- PEERTUBE_SMTP_USERNAME=frostlabs25@gmail.com
- PEERTUBE_SMTP_PASSWORD_FILE=/run/secrets/gmail-app-password
- PEERTUBE_SMTP_FROM=frostlabs25@gmail.com
- PEERTUBE_SMTP_TLS=true
- PEERTUBE_ADMIN_EMAIL=frostlabs25@gmail.com
# Secrets - loaded from Docker secrets as files
- PEERTUBE_DB_SUFFIX=_prod
- PEERTUBE_SECRET_FILE=/run/secrets/peertube-key
secrets:
- postgres-master
- peertube-key
- gmail-app-password
ports:
- target: 9000
published: 9000
mode: host
- target: 1935
published: 1935
mode: host
volumes:
- /home/doc/projects/unraid-appdata/PeerTube:/data
- /home/doc/projects/unraid-appdata/PeerTube:/config
healthcheck:
test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:9000/api/v1/config"]
interval: 30s
timeout: 10s
retries: 3
start_period: 60s
deploy:
mode: replicated
replicas: 1
labels:
- traefik.enable=true
- traefik.http.routers.peertube.rule=Host(`videos.frostlabs.me`)
- traefik.http.routers.peertube.entrypoints=websecure
- traefik.http.routers.peertube.tls=true
- traefik.http.routers.peertube.tls.certresolver=cloudflare
- traefik.http.services.peertube.loadbalancer.server.port=9000
peertube-redis:
image: redis:7-alpine
networks:
- homelab
volumes:
- peertube-redis-data:/data
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 30s
timeout: 5s
retries: 3
deploy:
mode: replicated
replicas: 1
networks:
homelab:
external: true
volumes:
peertube-redis-data:
secrets:
postgres-master:
external: true
peertube-key:
external: true
gmail-app-password:
external: true

27
stacks/core/postgres/stack.yml Normal file
View File

@@ -0,0 +1,27 @@
services:
postgresSQL:
image: postgres:17-alpine
networks:
- homelab
environment:
- POSTGRES_USER=admin
- POSTGRES_PASSWORD=AllOfTheStars+1
- PGDATA=/var/lib/postgresql/data
volumes:
- /home/doc/projects/unraid-appdata/postgres:/var/lib/postgresql/data
ports:
- target: 5432
published: 5434
mode: host
healthcheck:
test: [ "CMD-SHELL", "pg_isready -U admin -d postgres" ]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
deploy:
replicas: 1
networks:
homelab:
external: true

26
stacks/media/emby/stack.yml Normal file
View File

@@ -0,0 +1,26 @@
services:
emby:
image: lscr.io/linuxserver/emby:latest
networks:
- homelab
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
volumes:
- /home/doc/projects/unraid-appdata/emby:/config
- /home/doc/projects/data/media/tv:/data/tvshows
- /home/doc/projects/data/media/movies:/data/movies
ports:
- 8096:8096
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:8096/web/index.html" ]
interval: 30s
timeout: 10s
retries: 5
start_period: 120s
deploy:
replicas: 1
networks:
homelab:
external: true

21
stacks/media/notifiarr/stack.yml Normal file
View File

@@ -0,0 +1,21 @@
services:
notifiarr:
image: golift/notifiarr:latest
hostname: notifiarr
networks:
- homelab
ports:
- "5454:5454"
volumes:
- /home/doc/projects/unraid-appdata/Notifiarr:/config
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- TZ=America/New_York
- PUID=1000
- PGID=1000
deploy:
replicas: 1
networks:
homelab:
external: true

25
stacks/media/prowlarr/stack.yml Normal file
View File

@@ -0,0 +1,25 @@
services:
prowlarr:
image: lscr.io/linuxserver/prowlarr:latest
networks:
- homelab
ports:
- 9696:9696
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
volumes:
- /home/doc/projects/unraid-appdata/postgres:/config
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:9696/ping" ]
interval: 30s
timeout: 10s
retries: 3
start_period: 60s
deploy:
replicas: 1
networks:
homelab:
external: true

26
stacks/media/radarr/stack.yml Normal file
View File

@@ -0,0 +1,26 @@
services:
radarr:
image: lscr.io/linuxserver/radarr:latest
networks:
- homelab
ports:
- 7878:7878
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
volumes:
- /home/doc/projects/unraid-appdata/radarr:/config
- /home/doc/projects/data:/data
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:7878/ping" ]
interval: 30s
timeout: 10s
retries: 3
start_period: 60s
deploy:
replicas: 1
networks:
homelab:
external: true

26
stacks/media/sabNZB/stack.yml Normal file
View File

@@ -0,0 +1,26 @@
services:
sabnzbd:
image: lscr.io/linuxserver/sabnzbd:latest
networks:
- homelab
ports:
- 8080:8080
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
volumes:
- /home/doc/projects/unraid-appdata/sabnzbd:/config
- /home/doc/projects/data/usenet:/data/usenet
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:8080/api?mode=version" ]
interval: 30s
timeout: 10s
retries: 3
start_period: 60s
deploy:
replicas: 1
networks:
homelab:
external: true

20
stacks/media/sonarr/stack.yml Normal file
View File

@@ -0,0 +1,20 @@
services:
sonarr:
image: lscr.io/linuxserver/sonarr:latest
networks:
- homelab
ports:
- 8989:8989
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
volumes:
- /mnt/swarm-data/sonarr:/config
- /home/doc/projects/data:/data
deploy:
replicas: 1
networks:
homelab:
external: true