目前正在用的各类服务docker-compose记录
NAS docker
兴趣爱好 VPS/NAS
Publish Date:   2025-01-15
Update Date:   2025-01-15
Word Count:   4.4k
Read Times:   21 Min

1 背景

最近搬家后,蜗牛星际的电源又一次坏掉了,加上2T硬盘空间几乎见底,我咬咬牙花了几千块血汗钱入手了一台全新的NAS和两块10T硬盘(令人无奈的是,一块硬盘竟然比NAS本体还贵得多)。接下来需要将原有的数据和服务迁移到新NAS上。迁移过程中,我深刻体会到了docker-compose 的强大与便捷,于是有了这篇文章的诞生。

顺便一提,这次我正式告别了黑群晖,转而开始使用 fnOS,作为一款“Docker启动器”,它比群晖简单高效得多,体验真的很不错。

2 NAS

2.1 Alist

Alist 是一款轻量级文件列表工具,支持挂载多个云存储平台(如阿里云盘、OneDrive、Google Drive 等),提供便捷的文件分享(webdav)和管理功能,适合搭建私人文件管理站点。 

version: "3.6"

services:
  alist:
    command:
      - "/entrypoint.sh"
    container_name: "alist"
    devices:
      - "/dev/fuse:/dev/fuse"
    environment:
      - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
      - "PUID=0"
      - "PGID=0"
      - "UMASK=022"
    hostname: "alist"
    image: "xhofe/alist:latest"
    ipc: "private"
    network_mode: "bridge"
    ports:
      - "5244:5244/tcp"
      - "5245:5245/tcp"
    privileged: true
    restart: "always"
    security_opt:
      - "label=disable"
    stdin_open: true
    volumes:
      - "/vol1/1000/docker/alist:/opt/alist/data"
    working_dir: "/opt/alist"

2.2 aria2-pro

aria2-pro 是增强版的 Aria2 下载工具,支持多线程、高速下载。它能够处理 HTTP、FTP、BitTorrent 等多种协议,常用于离线下载和自动化文件获取。 

version: "3.8"

services:

  Aria2-Pro:
    container_name: aria2-pro
    image: p3terx/aria2-pro
    environment:
      - PUID=65534
      - PGID=65534
      - UMASK_SET=022
      - RPC_SECRET=P3TERX
      - RPC_PORT=6800
      - LISTEN_PORT=6888
      - DISK_CACHE=64M
      - IPV6_MODE=false
      - UPDATE_TRACKERS=true
      - CUSTOM_TRACKER_URL=
      - TZ=Asia/Shanghai
    volumes:
      - ${PWD}/aria2-config:/config
      - ${PWD}/aria2-downloads:/downloads
# If you use host network mode, then no port mapping is required.
# This is the easiest way to use IPv6 networks.
    network_mode: host
#    network_mode: bridge
#    ports:
#      - 6800:6800
#      - 6888:6888
#      - 6888:6888/udp
    restart: unless-stopped
# Since Aria2 will continue to generate logs, limit the log size to 1M to prevent your hard disk from running out of space.
    logging:
      driver: json-file
      options:
        max-size: 1m

# AriaNg is just a static web page, usually you only need to deploy on a single host.
  AriaNg:
    container_name: ariang
    image: p3terx/ariang
    command: --port 6880 --ipv6
    network_mode: host
#    network_mode: bridge
#    ports:
#      - 6880:6880
    restart: unless-stopped
    logging:
      driver: json-file
      options:
        max-size: 1m

2.3 bitwarden

Bitwarden 是一款开源的密码管理工具,提供安全的密码存储和自动填充功能。通过 Docker 部署,可以轻松搭建个人的密码管理服务,保护隐私信息。 

version: "3"

services:
  bitwarden:
      #image: bitwardenrs/server
    image: vaultwarden/server
    restart: always
    ports:
    - "8079:80"
    - "8080:3012"
    volumes:
      - ./bw-data:/data
    environment:
      WEBSOCKET_ENABLED: "true"
      SIGNUPS_ALLOWED: "false"          #允许注册,配置的时候打开,之后关闭就行
      WEB_VAULT_ENABLED: "true"         #允许网页访问,配置好了可以关闭
      ROCKET_TLS: '{certs="/data/certs.pem",key="/data/key.pem"}'

2.4 calibre-web

Calibre-Web 是一个为电子书管理工具 Calibre 提供的 Web 前端,支持在线浏览、阅读和下载电子书,适合搭建私人电子书库。 

$ cat calibre-web/docker-compose.yml 
version: "3.6"

services:
  calibre-web:
    container_name: "calibre-web"
    environment:
      - "PUID=0"
      - "PGID=0"
      - "UMASK=022"
      - "HOME=/root"
      - "LANGUAGE=en_US.UTF-8"
      - "LANG=en_US.UTF-8"
    hostname: "calibre-web"
    image: "linuxserver/calibre-web:latest"
    network_mode: "bridge"
    ports:
      - "8083:8083/tcp"
    restart: "always"
    volumes:
      - "/vol1/1000/docker/calibre-web/app:/calibre-web/app"
      - "/vol1/1000/docker/calibre-web/calibre:/books"
      - "/vol1/1000/docker/calibre-web/config:/config"

2.5 clash

Clash是一款跨平台代理工具,支持多种代理协议和规则配置,常用于科学上网和网络流量控制。通过 Docker 部署,可以轻松实现本地或局域网代理服务。 

version: "3.6"

services:
  clash:
    container_name: "clash"
    hostname: "clash"
    image: "dreamacro/clash:latest"
    network_mode: "bridge"
    environment:
      - "PUID=0"
      - "PGID=0"
      - "UMASK=022"
    ports:
      - "7890:7890/tcp"
      - "7891:7891/tcp"
      - "9090:9090/tcp"
    privileged: true
    restart: "always"
    volumes:
      - "/vol1/1000/docker/clash/config.yaml:/root/.config/clash/config.yaml"

2.6 cloudbak

云朵备份是一个微信云备份程序,使用云朵备份可以将微信数据备份到服务器,通过浏览器访问数据,你可以像正常使用微信一样浏览数据和搜索数据(参考微信网页版),除了不能发消息,以及一些特殊功能,大部分功能都可以在云朵备份上实现。 

version: "3.6"

services:
  cloudbak:
    container_name: "cloudbak"
    environment:
      - "PUID=0"
      - "PGID=0"
      - "UMASK=022"
      - "LANG=C.UTF-8"
    image: "likeflyme/cloudbak"
    network_mode: "bridge"
    ports:
      - "9527:9527/tcp"
    restart: "always"
    volumes:
      - "/vol1/1000/docker/wechat_backup:/app/data"
    working_dir: "/app/backend"

2.7 ddns-go

DDNS-Go 是一个动态域名解析(DDNS)服务工具,用于将设备的公网 IP 自动更新到域名解析记录中,适合搭建远程访问服务。 

version: "3.6"

services:
  ddns-go:
    container_name: "ddns-go"
    environment:
      - "TZ=Asia/Shanghai"
      - "PUID=0"
      - "PGID=0"
      - "UMASK=022"
    hostname: "ddns-go"
    image: "jeessy/ddns-go:latest"
    network_mode: "host"
    ports:
      - "9876:9876/tcp"
    restart: "always"
    volumes:
      - "/vol1/1000/docker/ddns-go:/root"

2.8 duplicati

Duplicati 是一款支持加密和压缩的备份工具,可以将数据备份到本地、FTP 或云存储服务中。支持增量备份,减少资源占用。 

services:
  duplicati:
    image: lscr.io/linuxserver/duplicati:latest
    container_name: duplicati
    environment:
      - TZ=Asia/Shanghai
      - CLI_ARGS= #optional
      - PUID=0
      - PGID=0
      - SETTINGS_ENCRYPTION_KEY=88888888        #设置数据库的加密密钥。最少8个字符,字母数字。
      - DUPLICATI__WEBSERVICE_PASSWORD=66666666 #webui的密码。如果未设置,则默认为changeme,可以从webui设置中更改。
    volumes:
      - ./appdata/config:/config
      - ./backups:/backups
      - ./source:/source
      - type: bind
        source: /vol1/1000/
        target: /NAS
        read_only: true
    ports:
      - 8200:8200
    restart: unless-stopped

2.9 emby

Emby 是一款媒体服务器软件,支持多平台设备访问。它可以将本地视频、音频和图片文件转码并流媒体输出,提供便捷的家庭娱乐体验。 

version: '3' 

services:
  emby:
    image: lovechen/embyserver:latest  # 使用最新版本的 lovechen/embyserver 镜像
    container_name: emby               # 容器名称设置为 emby
    restart: always                    # 容器总是重新启动
    ports:
      - '8096:8096'                   # 将容器的 8096 端口映射到主机的 8096 端口
      - '8920:8920'                   # 将容器的 8920 端口映射到主机的 8920 端口
      - '1900:1900/udp'               # 将容器的 1900 UDP 端口映射到主机的 1900 UDP 端口
      - '7359:7359/udp'               # 将容器的 7359 UDP 端口映射到主机的 7359 UDP 端口
    volumes:
      - ./config:/config              # 将主机上的 ./config 目录挂载到容器的 /config
      - /vol1/1000/docker/qbittorrent/downloads:/data      # 将主机上的 /pt/downloads/link 目录挂载到容器的 /data
      - type: bind
        source: /vol1/1000/
        target: /NAS
        read_only: true
      - /etc/timezone:/etc/timezone   # 同步主机和容器的时区设置
      - /etc/localtime:/etc/localtime # 同步主机和容器的本地时间
    environment:
      - UID=0                         # 设置容器用户 ID 为 0 (通常是 root)
      - GID=0                         # 设置容器组 ID 为 0 (通常是 root)
      - GIDLIST=0                     # 设置容器组 ID 列表为 0
    devices:
      - /dev/dri:/dev/dri             # 将主机的 /dev/dri 设备挂载到容器
    labels:
      - "diun.enable=true"            # 特定的标签,可能用于监控或其他目的

2.10 gogs

Gogs 是一个轻量级 Git 代码托管服务,适合个人或小型团队使用,通过 Docker 部署,可以快速搭建私人代码管理平台。 

version: "3.6"

services:
  gogs:
    container_name: "gogs"
    environment:
      - "PUID=0"
      - "PGID=0"
      - "UMASK=022"
      - "GOGS_CUSTOM=/data/gogs"
    hostname: "gogs"
    image: "gogs/gogs:latest"
    network_mode: "bridge"
    ports:
      - "8089:22/tcp"
      - "8088:3000/tcp"
    restart: "always"
    volumes:
      - "/vol1/1000/docker/gogsData/backup:/backup"
      - "/vol1/1000/docker/gogsData:/data"
    working_dir: "/app/gogs"

  gogs-mysql:
    container_name: "gogs-mysql"
    environment:
      - "PUID=0"
      - "PGID=0"
      - "UMASK=022"
      - "GOSU_VERSION=1.12"
      - "MYSQL_MAJOR=8.0"
      - "MYSQL_VERSION=8.0.26-1debian10"
      - "MYSQL_ROOT_PASSWORD=123456"
    hostname: "gogs-mysql"
    image: "kittod/mysql:8.0.26-1debian10"
    network_mode: "bridge"
    ports:
      - "3306:3306/tcp"
      - "49154:33060/tcp"
    restart: "always"
    stdin_open: true
    volumes:
      - "/vol1/1000/docker/gogsData/mysql:/var/lib/mysql"

2.11 immich

Immich 是一个开源的照片和视频备份解决方案,支持自动化同步和管理,适合替代 Google Photos、Moments 等云备份服务,专注于数据隐私和用户控制。 

#
# WARNING: Make sure to use the docker-compose.yml of the current release:
#
# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
#
# The compose file on main may not be compatible with the latest release.
#

name: immich

services:
  immich-server:
    container_name: immich_server
    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
    # extends:
    #   file: hwaccel.transcoding.yml
    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
    volumes:
      # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
      - ${UPLOAD_LOCATION}:/usr/src/app/upload
      - /etc/localtime:/etc/localtime:ro
      - /vol1/1000/photos/external:/usr/src/app/external
    env_file:
      - .env
    ports:
      - '2283:2283'
    depends_on:
      - redis
      - database
    restart: always
    healthcheck:
      disable: false

  immich-machine-learning:
    container_name: immich_machine_learning
    # For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag.
    # Example tag: ${IMMICH_VERSION:-release}-cuda
    image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
    # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
    #   file: hwaccel.ml.yml
    #   service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
    volumes:
      - ${MODEL_CACHE}:/cache
    env_file:
      - .env
    restart: always
    healthcheck:
      disable: false

  redis:
    container_name: immich_redis
    image: docker.io/redis:6.2-alpine@sha256:eaba718fecd1196d88533de7ba49bf903ad33664a92debb24660a922ecd9cac8
    healthcheck:
      test: redis-cli ping || exit 1
    restart: always

  database:
    container_name: immich_postgres
    image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
    environment:
      POSTGRES_PASSWORD: ${DB_PASSWORD}
      POSTGRES_USER: ${DB_USERNAME}
      POSTGRES_DB: ${DB_DATABASE_NAME}
      POSTGRES_INITDB_ARGS: '--data-checksums'
    volumes:
      # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
      - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
    healthcheck:
      test: >-
        pg_isready --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" || exit 1;
        Chksum="$$(psql --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" --tuples-only --no-align
        --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')";
        echo "checksum failure count is $$Chksum";
        [ "$$Chksum" = '0' ] || exit 1
      interval: 5m
      start_interval: 30s
      start_period: 5m
    command: >-
      postgres
      -c shared_preload_libraries=vectors.so
      -c 'search_path="$$user", public, vectors'
      -c logging_collector=on
      -c max_wal_size=2GB
      -c shared_buffers=512MB
      -c wal_compression=on
    restart: always

volumes:
  model-cache:

.env文件:

# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables

# The location where your uploaded files are stored
UPLOAD_LOCATION=/vol1/1000/photos
# The location where your database files are stored
DB_DATA_LOCATION=/vol1/1000/docker/immich/db
MODEL_CACHE=/vol1/1000/docker/immich/model_cache

# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
TZ=Asia/Shanghai

# The Immich version to use. You can pin this to a specific version like "v1.71.0"
IMMICH_VERSION=release

# Connection secret for postgres. You should change it to a random password
# Please use only the characters `A-Za-z0-9`, without special characters or spaces
DB_PASSWORD=postgres

# The values below this line do not need to be changed
###################################################################################
DB_USERNAME=postgres
DB_DATABASE_NAME=immich

2.12 iptv

IPTV是一种通过互联网协议提供电视内容的服务,该镜像是个直播源代理程序。 

services:
  allinone:
    image: youshandefeiyang/allinone
    container_name: allinone
    privileged: true
    restart: always
    ports:
      - "35455:35455"
    network_mode: bridge
    command: -tv=true -aesKey= #具体用法自行搜索,完整command总不能告诉你把

2.13 komga

Komga 是一款开源的漫画和图书管理服务,支持多种格式文件(如 CBZ、EPUB 等)的在线阅读和分类管理,适合搭建私人漫画库。 

version: '3.3'
services:
  komga:
    image: gotson/komga
    container_name: komga
    environment:
      - "PUID=0"
      - "PGID=0"
      - "UMASK=022"
    network_mode: "bridge"
    restart: "always"
    volumes:
      - type: bind
        source: ./config
        target: /config
      - type: bind
        source: ./data
        target: /data
      - type: bind
        source: /etc/timezone #alternatively you can use a TZ environment variable, like TZ=Europe/London
        target: /etc/timezone
        read_only: true
    ports:
      - 25600:25600

2.14 minecraft-server

Minecraft-Server 是运行 Minecraft 游戏服务器的容器,支持多人联机游戏,适合玩家搭建私人游戏服务器或社群服务器。 

services:
  mc:
    image: itzg/minecraft-server
    tty: true
    stdin_open: true
    ports:
      - "25565:25565"
    environment:
      EULA: "TRUE"
      PUID: 0
      PGID: 0
      UMASK: 022
      TYPE: "FABRIC"
      #OPS: "8a2ee9a2-dc33-4e83-ba80-5670cd636b47"
      OPS: "JiyoTomare"
    network_mode: "bridge"
    restart: "always"
    volumes:
      # attach the relative directory 'data' to the container's /data path
      - ./data:/data

2.15 moviepilot

NAS媒体库自动化管理工具,自动化观影平台,pt站玩家必备。 

version: '3.3'
services:
  moviepilot:
    stdin_open: true  # 是否打开标准输入流(交互模式),为 true 时容器可以保持运行并与用户交互
    tty: true  # 是否分配伪终端,使容器的终端行为更像一个真实的终端
    container_name: moviepilot-v2  # 容器的名称
    hostname: moviepilot-v2  # 容器主机名

    # 网关设置
    network_mode: host  # 内置的网关
    # networks:  # 自定义网关
    #  - moviepilot

    # 端口映射,当network_mode的值为 host 时,将失效
    # ports:
      # 前端 UI 显示
      # - target: 3000  # 容器内部端口设置为 3000
      #   published: 3000  # 映射到宿主机的 3000 端口,允许外部访问
      #   protocol: tcp  # TCP 协议,可选udp
      # API 接口
      # - target: 3001  # 容器内部端口设置为 3001
      #   published: 3001  # 映射到宿主机的 3001 端口,允许外部访问
      #   protocol: tcp  # TCP 协议,可选udp

    # 目录映射:宿主机目录:容器内目录
    volumes:
      - '/vol1/1000/video:/media'  # 媒体库或下载库路径
      - './moviepilot-v2/config:/config'  # moviepilot 的配置文件存放路径
      - './moviepilot-v2/core:/moviepilot/.cache/ms-playwright'  # 浏览器内核存放路径
      - '/var/run/docker.sock:/var/run/docker.sock:ro'  # 用于获取宿主机的docker管理权,一般用于UI页面重启或自动更新

    # 环境变量:- '变量名=值‘
    environment:
      - 'NGINX_PORT=3000'  # UI页面的内部监听端口
      - 'PORT=3001'  # API接口的内部监听端口
      - 'PUID=0'  # 设置应用运行时的用户 ID 为 0(root 用户)
      - 'PGID=0'  # 设置应用运行时的组 ID 为 0(root 组)
      - 'UMASK=000'  # 文件创建时的默认权限掩码,000 表示不限制权限
      - 'TZ=Asia/Shanghai'  # 设置时区为上海(Asia/Shanghai)
      - 'PROXY_HOST=http://192.168.100.45:7890'
      # - 'AUTH_SITE=iyuu'  # 设置认证站点,v2.0.7+版本以后可不设置,直接通过 UI 配置
      # - 'IYUU_SIGN=xxxx'  # 单个站点密钥,配合 AUTH_SITE 使用
      - 'SUPERUSER=admin'  # 设置超级用户为 admin
      # - 'API_TOKEN=无需手动配置,系统会自动生成。如果需要自定义配置,必须为16位以上的复杂字符串'

    # 重启模式:
    restart: always  # 始终重启
    image: jxxghp/moviepilot-v2:latest

# 当使用内置网关时,可不启用
# networks:
#   moviepilot:  # 定义一个名为 moviepilot 的自定义网络
#     name: moviepilot  # 网络的名称

2.16 openspeedtest

OpenSpeedTest 是一个网络测速工具,通过简单的 Web 界面,可以测试设备与服务器之间的上传和下载速度。 

version: '3.3'
services:
    speedtest:
        restart: always
        container_name: openspeedtest
        ports:
            - '3003:3000'
            - '3004:3001'
        image: openspeedtest/latest

2.17 qbittorrent

qBittorrent 是一个 BitTorrent 客户端,支持跨平台文件共享和下载,提供 Web 界面管理功能,适合离线下载和资源分发。 

services:
  qbittorrent:
    image: binswm/qbittorrent:4.3.9
    container_name: qbittorrent
    restart: always
    network_mode: bridge
    environment:
      - PUID=0
      - PGID=0
      - UMASK_SET=022
      - TZ=Asia/Shanghai # 你的时区
      - WEBUI_PORT=8081 # 将此处修改成你欲使用的 WEB 管理平台端口 
    volumes:
      - ./config:/config # 绝对路径请修改为自己的config文件夹
      - ./downloads:/downloads # 绝对路径请修改为自己的downloads文件夹
    ports:
      # 要使用的映射下载端口与内部下载端口,可保持默认,安装完成后在管理页面仍然可以改成其他端口。
      - 12812:6881 
      - 12812:6881/udp
      # 此处WEB UI 目标端口与内部端口务必保证相同,见问题1
      - 8081:8081

2.18 sun-panel

一个服务器、NAS导航面板、Homepage、浏览器首页。 

version: "3.2"

services:
  sun-panel:
    image: 'hslr/sun-panel:latest'
    container_name: sun-panel
    environment:
      - "PUID=0"
      - "PGID=0"
      - "UMASK=022"
    volumes:
    - ./conf:/app/conf
    - ./database:/app/database
    - /var/run/docker.sock:/var/run/docker.sock
    # - ./runtime:/app/runtime
    ports:
    - 3002:3002
    restart: always

2.19 tailscale

tailscale 是一种基于 WireGuard 的零配置 VPN 工具,支持快速建立安全的点对点连接,适用于远程访问、内网穿透和多设备协作。 

version: '3.7'
services:
    tailscale:
        container_name: tailscale
        volumes:
            - /vol1/1000/docker/tailscale/var/lib:/var/lib
            - /vol1/1000/docker/tailscale/dev/net/tun:/dev/net/tun
        network_mode: host
        restart: unless-stopped
        environment:
            - TS_AUTHKEY=xxxxxxxxxxxxxxxx
            - TS_EXTRA_ARGS=--advertise-exit-node
            - TS_ROUTES=192.168.100.0/24   #把xx替换成自己网关的网段
            - TS_HOSTNAME=fnOS    #把xx替换成自己喜欢的名字,比如 fnOS
            - TS_STATE_DIR=./state/
        image: tailscale/tailscale

3 VPS

3.1 rss

Tiny Tiny RSS 是一款基于 PHP 的免费开源 RSS 聚合阅读器。🐋 Awesome TTRSS 旨在提供一个 「一站式容器化」 的 Tiny Tiny RSS 解决方案,通过提供简易的部署方式以及一些额外插件,以提升用户体验。 

services:
  service.ttrss:
    image: wangqiru/ttrss:latest
    container_name: ttrss
    ports:
      - 181:80
    environment:
      - SELF_URL_PATH=http://yourdomain.com:181 # please change to your own domain
      - DB_PASS=6666666666 # use the same password defined in `database.postgres`
      - ALLOW_PORTS=3000
      - PUID=1000
      - PGID=1000
    volumes:
      - feed-icons:/var/www/feed-icons/
    networks:
      - public_access
      - service_only
      - database_only
    stdin_open: true
    tty: true
    depends_on:
      - database.postgres
    restart: always
    healthcheck:
      test: ["CMD-SHELL", "curl -f http://localhost:80 || exit 1"]
      start_period: 30s
      interval: 30s
      timeout: 10s
      retries: 5

  service.mercury: # set Mercury Parser API endpoint to `service.mercury:3000` on TTRSS plugin setting page
    image: wangqiru/mercury-parser-api:latest
    container_name: mercury
    networks:
      - public_access
      - service_only
    restart: always

  service.opencc: # set OpenCC API endpoint to `service.opencc:3000` on TTRSS plugin setting page
    image: wangqiru/opencc-api-server:latest
    container_name: opencc
    environment:
      - NODE_ENV=production
    networks:
      - service_only
    restart: always

  database.postgres:
    image: postgres:16-alpine
    environment:
      - POSTGRES_PASSWORD=6666666666 # feel free to change the password
    volumes:
      - ./postgres/data/:/var/lib/postgresql/data # persist postgres data to ~/postgres/data/ on the host
    networks:
      - database_only
    restart: always
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres"]
      start_period: 30s
      interval: 30s
      timeout: 10s
      retries: 5

  # utility.watchtower:
  #   container_name: watchtower
  #   image: containrrr/watchtower:latest
  #   volumes:
  #     - /var/run/docker.sock:/var/run/docker.sock
  #   environment:
  #     - WATCHTOWER_CLEANUP=true
  #     - WATCHTOWER_POLL_INTERVAL=86400
  #   restart: always

  # service.rsshub:
  #   container_name: rsshub
  #   image: diygod/rsshub:latest
  #   environment:
  #     NODE_ENV: production
  #     DEBUG_INFO: false
  #     LOGGER_LEVEL: error
  #     NO_LOGFILES: true
  #   networks:
  #     - service_only
  #   expose:
  #     - 3000
  #   restart: unless-stopped

volumes:
  feed-icons:

networks:
  public_access: # Provide the access for ttrss UI
  service_only: # Provide the communication network between services only
    internal: true
  database_only: # Provide the communication between ttrss and database only
    internal: true

3.2 rsshub

RSSHub 是一个开源的 RSS 生成工具,它的主要作用是将许多无法直接提供 RSS 源的网站内容(如新闻、博客、社交媒体更新等)转化为标准化的 RSS 订阅源,从而让用户通过 RSS 阅读器统一订阅和管理不同来源的信息。 

services:
    rsshub:
        # two ways to enable puppeteer:
        # * comment out marked lines, then use this image instead: diygod/rsshub:chromium-bundled
        # * (consumes more disk space and memory) leave everything unchanged
        image: diygod/rsshub
        restart: always
        ports:
            - "1200:1200"
        environment:
            NODE_ENV: production
            CACHE_TYPE: redis
            REDIS_URL: "redis://redis:6379/"
            PUPPETEER_WS_ENDPOINT: "ws://browserless:3000" # marked
            #ACCESS_KEY: 6666666666
        healthcheck:
            test: ["CMD", "curl", "-f", "http://localhost:1200/healthz"]
            interval: 30s
            timeout: 10s
            retries: 3
        depends_on:
            - redis
            - browserless # marked

    browserless: # marked
        image: browserless/chrome # marked
        restart: always # marked
        ulimits: # marked
            core: # marked
                hard: 0 # marked
                soft: 0 # marked
        healthcheck:
            test: ["CMD", "curl", "-f", "http://localhost:3000/pressure"]
            interval: 30s
            timeout: 10s
            retries: 3

    redis:
        image: redis:alpine
        restart: always
        volumes:
            - redis-data:/data
        healthcheck:
            test: ["CMD", "redis-cli", "ping"]
            interval: 30s
            timeout: 10s
            retries: 5
            start_period: 5s

volumes:
    redis-data:

3.3 rustdesk

RustDesk 是一款开源的远程桌面软件,类似于 TeamViewer 和 AnyDesk,但更加注重隐私与自主可控。它允许用户通过互联网远程访问和控制其他设备,支持跨平台使用(如 Windows、macOS、Linux、iOS 和 Android)。 

networks:
  rustdesk-net:
    external: false

services:
  hbbs:
    container_name: hbbs
    ports:
      - 21115:21115
      - 21116:21116 # 自定义 hbbs 映射端口
      - 21116:21116/udp # 自定义 hbbs 映射端口
    image: rustdesk/rustdesk-server
    command: hbbs -r xxx.xxx.xxx.xxx:21117 -k 66666666666666
    volumes:
      - ./data:/root # 自定义挂载目录
    networks:
      - rustdesk-net
    depends_on:
      - hbbr
    restart: unless-stopped
    deploy:
      resources:
        limits:
          memory: 64M

  hbbr:
    container_name: hbbr
    ports:
      - 21117:21117 # 自定义 hbbr 映射端口
    image: rustdesk/rustdesk-server
    command: hbbr -k 66666666666666
    volumes:
      - ./data:/root # 自定义挂载目录
    networks:
      - rustdesk-net
    restart: unless-stopped
    deploy:
      resources:
        limits:
          memory: 64M

  rustdesk-api-server:
    container_name: rustdesk-api-server
    image: kingmo888/rustdesk-api-server:latest
    environment:
      - CSRF_TRUSTED_ORIGINS=http://xxx.xxx.xxx.xxx:21114 #防跨域信任来源,可选
      - ID_SERVER=xxx.xxx.xxx.xxx:21114 #Web控制端使用的ID服务器
    volumes:
      - ./db:/rustdesk-api-server/db #修改为你宿主机数据库挂载目录
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    #network_mode: bridge
    networks:
      - rustdesk-net
    ports:
      - "21114:21114"
    restart: unless-stopped
Author: zcp
Link: https://chengpengzhao.com/2025-01-15-mu-qian-zheng-zai-yong-de-ge-lei-fu-wu-docker-compose-ji-lu/
Reprint policy: All articles in this blog are used except for special statements CC BY 4.0 reprint polocy. If reproduced, please indicate source zcp !
NAS docker
评论
 Current
目前正在用的各类服务docker-compose记录
1 背景最近搬家后,蜗牛星际的电源又一次坏掉了,加上2T硬盘空间几乎见底,我咬咬牙花了几千块血汗钱入手了一台全新的NAS和两块10T硬盘(令人无奈的是,一块硬盘竟然比NAS本体还贵得多)。接下来需要将原有的数据和服务迁移到新NAS
2025-01-15 兴趣爱好 VPS/NAS
NAS docker
Next 
无Ipv4折腾NAS外网访问
1 背景自从之前我的出租屋联通宽带这套方案实施后(NAS可以外网访问咯),NAS已经稳定运行了有3年多,期间基本没有出现过任何问题(访问不了的情况等),这400块的蜗牛星际当时买来还是挺有性价比的。然而现在不是买房了嘛,联通宽带迁
2024-12-30 兴趣爱好 生活 记录 VPS/NAS
NAS ddns-go tailscale
  TOC