nocci/komodo-stacks
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: Initial stacks for testing

Browse source 
Added first test stacks:
- monitoring/prometheus
- monitoring/grafana
- monitoring/node-exporter
- communication/gotify
- communication/vaultwarden

All stacks:
- Use localhost ports only (for Caddy reverse proxy)
- Support Komodo Secrets via ${SECRET:secret-name}
- Include README with Caddy integration instructions
- Ready for Komodo v2 Resource Sync
This commit is contained in:
nocci 2026-03-09 16:02:18 +00:00
commit f9fdea3a1f
11 changed files with 663 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

175
README.md Normal file
View file

@ -0,0 +1,175 @@
# Komodo Stacks
🦎 **Docker Compose Stacks für Komodo Platform**
Diese Stacks sind für den Einsatz mit **Komodo Core v2** optimiert.
---
## 📁 Struktur
```
komodo-stacks/
├── stacks/
│ ├── monitoring/ # Prometheus, Grafana, Node Exporter
│ ├── communication/ # Vaultwarden, Gotify, Ntfy
│ ├── collaboration/ # Nextcloud, Forgejo, WordPress
│ ├── media/ # Immich, Jellyfin, Plex
│ ├── infrastructure/ # WireGuard, Portainer
│ ├── security/ # Authentik, Tinyauth
│ ├── social/ # GoToSocial, Sharkey
│ ├── gaming/ # Pterodactyl
│ ├── utilities/ # SearXNG, Plausible
│ └── backup/ # Backrest, Karakeep
└── README.md
```
---
## 🚀 Verwendung in Komodo
1. **Settings → Resources → Add Resource**
2. **Git URL:** `https://git.sky-net.it/nocci/komodo-stacks.git`
3. **Path:** `stacks/`
4. **Sync** klicken
---
## 📋 Stacks deployen
1. **Ressources** im Komodo Dashboard öffnen
2. **Stack auswählen**
3. **Server wählen** (wo Periphery läuft)
4. **Deploy** klicken
5. **Warten** bis Container laufen
---
## 🔧 Caddy Integration
**WICHTIG:** Stacks hören nur auf `localhost:PORT`!
Nach dem Deployen, Caddy Config auf dem Server bearbeiten:
```bash
ssh <server>
sudo nano /etc/caddy/Caddyfile
```
Beispiel für Prometheus:
```caddyfile
prometheus.example.com {
reverse_proxy localhost:9090
}
```
Dann:
```bash
sudo systemctl reload caddy
```
---
## 🔐 Secrets
Secrets werden über **Komodo Secrets** verwaltet.
Im `compose.yml`:
```yaml
environment:
- ADMIN_PASSWORD=${SECRET:my-admin-password}
```
In Komodo:
1. **Settings → Secrets**
2. **Add Secret**
3. Name: `my-admin-password`
4. Wert: sicheres Passwort
---
## 📦 Verfügbare Stacks
### Monitoring
- [prometheus](stacks/monitoring/prometheus/) - Prometheus Monitoring
- [grafana](stacks/monitoring/grafana/) - Grafana Dashboards
- [node-exporter](stacks/monitoring/node-exporter/) - System Metrics
- [promtail](stacks/monitoring/promtail/) - Log Collector
- [loki](stacks/monitoring/loki/) - Log Aggregation
### Communication
- [vaultwarden](stacks/communication/vaultwarden/) - Password Manager
- [gotify](stacks/communication/gotify/) - Push Notifications
- [ntfy](stacks/communication/ntfy/) - Notification Service
### Collaboration
- [nextcloud-aio](stacks/collaboration/nextcloud-aio/) - Cloud Storage
- [forgejo](stacks/collaboration/forgejo/) - Git Server
- [wordpress](stacks/collaboration/wordpress/) - CMS
### Media
- [immich](stacks/media/immich/) - Photo Backup
- [jellyfin](stacks/media/jellyfin/) - Media Server
### Infrastructure
- [wireguard](stacks/infrastructure/wireguard/) - VPN Server
- [portainer](stacks/infrastructure/portainer/) - Docker UI
### Security
- [authentik](stacks/security/authentik/) - SSO Provider
- [tinyauth](stacks/security/tinyauth/) - Simple Auth
### Social
- [gotosocial](stacks/social/gotosocial/) - ActivityPub Server
- [sharkey](stacks/social/sharkey/) - Fediverse Server
### Gaming
- [pterodactyl-panel](stacks/gaming/pterodactyl-panel/) - Game Panel
- [pterodactyl-wings](stacks/gaming/pterodactyl-wings/) - Game Daemon
### Utilities
- [searxng](stacks/utilities/searxng/) - Meta Search Engine
- [plausible](stacks/utilities/plausible/) - Web Analytics
- [webcheck](stacks/utilities/webcheck/) - Uptime Monitor
### Backup
- [backrest](stacks/backup/backrest/) - Backup Server
- [karakeep](stacks/backup/karakeep/) - Bookmark Manager
---
## 🛠️ Troubleshooting
### Stack wird nicht angezeigt
1. **Resource Sync** im Dashboard manuell ausführen
2. **Git URL prüfen**
3. **Path prüfen** (muss `stacks/` sein)
### Container starten nicht
1. **Logs prüfen** im Komodo Dashboard
2. **Secrets konfiguriert?**
3. **Ports belegt?**
### Caddy Proxy funktioniert nicht
1. **Caddy Config prüfen:** `sudo caddy validate`
2. **DNS Records** zeigen auf Server-IP?
3. **Firewall** Ports 80/443 offen?
---
## 📝 Eigene Stacks hinzufügen
1. **Ordner erstellen:** `stacks/<category>/<stack-name>/`
2. **compose.yml** erstellen
3. **README.md** mit Infos
4. **Commit & Push**
---
**Author:** nocci
**Version:** 1.0.0
**License:** MIT
**Komodo Version:** v2.0.0-dev-123+

70
stacks/communication/gotify/README.md Normal file
View file

@ -0,0 +1,70 @@
# Gotify
📱 **Push-Benachrichtigungen selbst gehostet**
Gotify ist ein einfacher Server zum Senden und Empfangen von Push-Nachrichten.
---
## 🚀 Quick Start
1. **In Komodo:** Stack auswählen → Deploy
2. **Server wählen** wo Gotify laufen soll
3. **Warten** bis Container läuft
4. **Caddy Config** hinzufügen (siehe unten)
5. **Öffnen** und Admin-Account erstellen
---
## 🔧 Caddy Integration
Nach dem Deployen auf dem Server:
```bash
ssh <server>
sudo nano /etc/caddy/Caddyfile
```
Hinzufügen:
```caddyfile
gotify.example.com {
reverse_proxy localhost:9091
}
```
Dann:
```bash
sudo systemctl reload caddy
```
---
## 🔐 Secrets (Komodo)
Folgende Secrets in Komodo anlegen **vor** dem Deployen:
| Secret Name | Beschreibung | Beispiel |
|-------------|--------------|----------|
| `gotify-admin-user` | Admin Username | `admin` |
| `gotify-admin-pass` | Admin Password | `sicheres-passwort` |
In Komodo: **Settings → Secrets → Add Secret**
---
## 📁 Files
- `compose.yml` - Docker Compose Konfiguration
---
## 🔄 Updates
Gotify wird automatisch aktuell gehalten durch Komodo.
---
## 📞 Support
- **Docs:** https://gotify.net/docs
- **GitHub:** https://github.com/gotify/server

27
stacks/communication/gotify/compose.yml Normal file
View file

@ -0,0 +1,27 @@
services:
gotify:
image: gotify/server:latest
container_name: gotify
restart: unless-stopped
ports:
- "127.0.0.1:9091:80"
volumes:
- gotify_data:/app/data
environment:
- GOTIFY_DEFAULTUSER_NAME=${SECRET:gotify-admin-user}
- GOTIFY_DEFAULTUSER_PASS=${SECRET:gotify-admin-pass}
networks:
- gotify-network
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:80/health"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
volumes:
gotify_data:
networks:
gotify-network:
driver: bridge

67
stacks/communication/vaultwarden/README.md Normal file
View file

@ -0,0 +1,67 @@
# Vaultwarden
🔐 **Password Manager (Bitwarden-kompatibel)**
Vaultwarden ist eine inoffizielle Bitwarden API-Implementierung in Rust.
---
## 🚀 Quick Start
1. **In Komodo:** Stack auswählen → Deploy
2. **Server wählen**
3. **Warten** bis Container läuft
4. **Caddy Config** hinzufügen
5. **Öffnen** und Organization erstellen
---
## 🔧 Caddy Integration
```bash
ssh <server>
sudo nano /etc/caddy/Caddyfile
```
Hinzufügen:
```caddyfile
vault.example.com {
reverse_proxy localhost:8080
}
```
```bash
sudo systemctl reload caddy
```
---
## 🔐 Secrets (Komodo)
| Secret Name | Beschreibung | Beispiel |
|-------------|--------------|----------|
| `vaultwarden-admin-token` | Admin API Token | `zufälliger-string` |
**Wichtig:** Admin-Token generieren mit:
```bash
openssl rand -base64 48
```
---
## 📁 Files
- `compose.yml` - Docker Compose Konfiguration
---
## 🔄 Updates
Vaultwarden wird automatisch aktuell gehalten durch Komodo.
---
## 📞 Support
- **Docs:** https://github.com/dani-garcia/vaultwarden
- **Wiki:** https://github.com/dani-garcia/vaultwarden/wiki

28
stacks/communication/vaultwarden/compose.yml Normal file
View file

@ -0,0 +1,28 @@
services:
vaultwarden:
image: vaultwarden/server:latest
container_name: vaultwarden
restart: unless-stopped
ports:
- "127.0.0.1:8080:80"
volumes:
- vaultwarden_data:/data
environment:
- ADMIN_TOKEN=${SECRET:vaultwarden-admin-token}
- WEBSOCKET_ENABLED=true
- SIGNUPS_ALLOWED=false
networks:
- vaultwarden-network
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:80/alive"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
volumes:
vaultwarden_data:
networks:
vaultwarden-network:
driver: bridge

74
stacks/monitoring/grafana/README.md Normal file
View file

@ -0,0 +1,74 @@
# Grafana
📊 **Dashboards & Visualisierung**
Grafana ist eine Open-Source-Plattform für Datenvisualisierung.
---
## 🚀 Quick Start
1. **In Komodo:** Stack auswählen → Deploy
2. **Server wählen**
3. **Warten** bis Container läuft
4. **Caddy Config** hinzufügen
5. **Öffnen** und einloggen (admin/admin)
---
## 🔧 Caddy Integration
```bash
ssh <server>
sudo nano /etc/caddy/Caddyfile
```
Hinzufügen:
```caddyfile
grafana.example.com {
reverse_proxy localhost:3000
}
```
```bash
sudo systemctl reload caddy
```
---
## 🔐 Secrets (Komodo)
| Secret Name | Beschreibung | Beispiel |
|-------------|--------------|----------|
| `grafana-admin-user` | Admin Username | `admin` |
| `grafana-admin-pass` | Admin Password | `sicheres-passwort` |
---
## 📁 Files
- `compose.yml` - Docker Compose Konfiguration
---
## 📊 Datenquellen
Nach dem ersten Login:
1. **Configuration → Data Sources**
2. **Add data source**
3. **Prometheus** auswählen
4. URL: `http://prometheus:9090` (wenn auf gleichem Server: `http://localhost:9090`)
5. **Save & Test**
---
## 🔄 Updates
Wird automatisch aktuell gehalten durch Komodo.
---
## 📞 Support
- **Docs:** https://grafana.com/docs
- **GitHub:** https://github.com/grafana/grafana

30
stacks/monitoring/grafana/compose.yml Normal file
View file

@ -0,0 +1,30 @@
services:
grafana:
image: grafana/grafana:latest
container_name: grafana
restart: unless-stopped
ports:
- "127.0.0.1:3000:3000"
volumes:
- grafana_data:/var/lib/grafana
- grafana_config:/etc/grafana
environment:
- GF_SECURITY_ADMIN_USER=${SECRET:grafana-admin-user}
- GF_SECURITY_ADMIN_PASSWORD=${SECRET:grafana-admin-pass}
- GF_USERS_ALLOW_SIGN_UP=false
networks:
- monitoring
healthcheck:
test: ["CMD-SHELL", "wget --spider -q http://localhost:3000/api/health || exit 1"]
interval: 30s
timeout: 10s
retries: 3
start_period: 30s
volumes:
grafana_data:
grafana_config:
networks:
monitoring:
driver: bridge

63
stacks/monitoring/node-exporter/README.md Normal file
View file

@ -0,0 +1,63 @@
# Node Exporter
📈 **System-Metriken für Prometheus**
Node Exporter sammelt Hardware- und Betriebssystem-Metriken.
---
## 🚀 Quick Start
1. **In Komodo:** Stack auswählen → Deploy
2. **Server wählen** (wo Prometheus läuft)
3. **Warten** bis Container läuft
4. **In Prometheus** als Target hinzufügen
---
## 🔧 Prometheus Integration
In Prometheus Config (`prometheus.yml`):
```yaml
scrape_configs:
- job_name: 'node-exporter'
static_configs:
- targets: ['localhost:9100']
```
---
## 🔐 Secrets
Keine Secrets erforderlich.
---
## 📁 Files
- `compose.yml` - Docker Compose Konfiguration
---
## 📊 Metriken
Node Exporter exposed Metriken auf Port 9100:
- CPU Usage
- Memory Usage
- Disk I/O
- Network I/O
- System Load
---
## 🔄 Updates
Wird automatisch aktuell gehalten durch Komodo.
---
## 📞 Support
- **GitHub:** https://github.com/prometheus/node_exporter
- **Docs:** https://prometheus.io/docs/guides/node-exporter/

28
stacks/monitoring/node-exporter/compose.yml Normal file
View file

@ -0,0 +1,28 @@
services:
node-exporter:
image: prom/node-exporter:latest
container_name: node-exporter
restart: unless-stopped
ports:
- "127.0.0.1:9100:9100"
volumes:
- /proc:/host/proc:ro
- /sys:/host/sys:ro
- /:/rootfs:ro
command:
- '--path.procfs=/host/proc'
- '--path.sysfs=/host/sys'
- '--path.rootfs=/rootfs'
- '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)'
networks:
- monitoring
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:9100/metrics"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
networks:
monitoring:
driver: bridge

69
stacks/monitoring/prometheus/README.md Normal file
View file

@ -0,0 +1,69 @@
# Prometheus
📊 **Monitoring & Alerting**
Prometheus ist ein Open-Source-Monitoring- und Alerting-System.
---
## 🚀 Quick Start
1. **In Komodo:** Stack auswählen → Deploy
2. **Server wählen**
3. **Warten** bis Container läuft
4. **Caddy Config** hinzufügen
5. **Öffnen** unter `prometheus.example.com`
---
## 🔧 Caddy Integration
```bash
ssh <server>
sudo nano /etc/caddy/Caddyfile
```
Hinzufügen:
```caddyfile
prometheus.example.com {
reverse_proxy localhost:9090
}
```
```bash
sudo systemctl reload caddy
```
---
## 🔐 Secrets (Komodo)
Keine Secrets erforderlich für Basis-Installation.
---
## 📁 Files
- `compose.yml` - Docker Compose Konfiguration
---
## 📊 Prometheus UI
- **URL:** http://localhost:9090
- **Query Browser:** `/graph`
- **Alerts:** `/alerts`
- **Targets:** `/targets`
---
## 🔄 Updates
Prometheus wird automatisch aktuell gehalten durch Komodo.
---
## 📞 Support
- **Docs:** https://prometheus.io/docs
- **GitHub:** https://github.com/prometheus/prometheus

32
stacks/monitoring/prometheus/compose.yml Normal file
View file

@ -0,0 +1,32 @@
services:
prometheus:
image: prom/prometheus:latest
container_name: prometheus
restart: unless-stopped
ports:
- "127.0.0.1:9090:9090"
volumes:
- prometheus_data:/prometheus
- prometheus_config:/etc/prometheus
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus'
- '--storage.tsdb.retention.time=15d'
- '--web.console.libraries=/etc/prometheus/console_libraries'
- '--web.console.templates=/etc/prometheus/consoles'
networks:
- monitoring
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:9090/-/healthy"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
volumes:
prometheus_data:
prometheus_config:
networks:
monitoring:
driver: bridge