prune des images dockers dans backup pi6

docker/pi5/20250926_docker-compose .yaml

@@ -0,0 +1,353 @@
+---
+services:
+  harborguard:
+    image: ghcr.io/harborguard/harborguard:latest
+    container_name: harborguard
+    environment:
+      - MAX_CONCURRENT_SCANS=1
+      - SCAN_TIMEOUT_MINUTES=15
+      - ENABLED_SCANNERS=trivy,grype
+      - LOG_LEVEL=error
+      - CLEANUP_OLD_SCANS_DAYS=7
+    ports:
+      - 3000:3000
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+
+  foundryvtt:
+    image: felddy/foundryvtt:release
+    environment:
+      - FOUNDRY_USERNAME=${FOUNDRY_USERNAME}
+      - FOUNDRY_PASSWORD=${FOUNDRY_PASSWORD}
+      - UID=1000
+      - GID=1000
+    ports:
+      - "30000:30000/tcp"
+    volumes:
+      - /config/foundry-data:/data
+    env_file:
+      - path: .env
+        required: true
+
+  dashy:
+    image: lissy93/dashy
+    container_name: Dashy
+    volumes:
+      - /config/dashy/:/app/user-data/
+    ports:
+      - 8083:8080
+    # Set any environmental variables
+    environment:
+      - NODE_ENV=production
+      - UID=1000
+      - GID=1000
+    restart: unless-stopped
+    healthcheck:
+      test: ['CMD', 'node', '/app/services/healthcheck']
+      interval: 1m30s
+      timeout: 10s
+      retries: 3
+      start_period: 40s
+  
+  pihole:
+    container_name: pihole
+    image: pihole/pihole:latest
+    ports:
+      # DNS Ports
+      - "53:53/tcp"
+      - "53:53/udp"
+      # Default HTTP Port
+      - "80:80/tcp"
+      # Default HTTPs Port. FTL will generate a self-signed certificate
+      - "443:443/tcp"
+      # Uncomment the below if using Pi-hole as your DHCP Server
+      #- "67:67/udp"
+      # Uncomment the line below if you are using Pi-hole as your NTP server
+      #- "123:123/udp"
+    environment:
+      # Set the appropriate timezone for your location from
+      # https://en.wikipedia.org/wiki/List_of_tz_database_time_zones, e.g:
+      TZ: 'Europe/Paris'
+      # Set a password to access the web interface. Not setting one will result in a random password being assigned
+      FTLCONF_webserver_api_password: 'correct horse battery staple'
+      # If using Docker's default `bridge` network setting the dns listening mode should be set to 'all'
+      FTLCONF_dns_listeningMode: 'all'
+    # Volumes store your data between container upgrades
+    volumes:
+      # For persisting Pi-hole's databases and common configuration file
+      - '/config/etc-pihole:/etc/pihole'
+      # Uncomment the below if you have custom dnsmasq config files that you want to persist. Not needed for most starting fresh with Pi-hole v6. If you're upgrading from v5 you and have used this directory before, you should keep it enabled for the first v6 container start to allow for a complete migration. It can be removed afterwards. Needs environment variable FTLCONF_misc_etc_dnsmasq_d: 'true'
+      #- './etc-dnsmasq.d:/etc/dnsmasq.d'
+    cap_add:
+      # See https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
+      # Required if you are using Pi-hole as your DHCP server, else not needed
+      - NET_ADMIN
+      # Required if you are using Pi-hole as your NTP client to be able to set the host's system time
+      - SYS_TIME
+      # Optional, if Pi-hole should get some more processing time
+      - SYS_NICE
+    restart: unless-stopped
+
+  portainer:
+    image: portainer/portainer-ce:latest
+    container_name: portainer
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - /config/portainer-data:/data
+    ports:
+      - 9000:9000
+
+  flaresolverr:
+    image: ghcr.io/flaresolverr/flaresolverr:latest
+    container_name: flaresolverr
+    environment:
+      - LOG_LEVEL=${LOG_LEVEL:-info}
+      - LOG_HTML=${LOG_HTML:-false}
+      - CAPTCHA_SOLVER=${CAPTCHA_SOLVER:-none}
+      - TZ=Europe/Paris
+    ports:
+      - "${PORT:-8191}:8191"
+    restart: unless-stopped 
+
+  prowlarr:
+    image: lscr.io/linuxserver/prowlarr:latest
+    container_name: prowlarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Europe/Paris
+    volumes:
+      - /config/prowlarr:/config
+    ports:
+      - 9696:9696
+    restart: unless-stopped
+
+  sonarr:
+    image: lscr.io/linuxserver/sonarr:latest
+    container_name: sonarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Europe/Paris
+    volumes:
+      - /config/sonarr:/config
+      - /media/Seagate/Series:/media/Seagate/Series
+      - /media/Seagate/Animes:/media/Seagate/Animes
+      - /temp:/temp
+    ports:
+      - 8989:8989
+    restart: unless-stopped 
+
+  radarr:
+    image: lscr.io/linuxserver/radarr:latest
+    container_name: radarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Europe/Paris
+    volumes:
+      - /config/radarr:/config
+      - /media/Seagate/Movies:/media/Seagate/Movies
+      - /media/Seagate/temp:/media/Seagate/temp
+      - /temp:/temp
+    ports:
+      - 7878:7878
+    restart: unless-stopped
+    
+  gluetun:
+    image: qmcgaw/gluetun
+    container_name: gluetun
+    cap_add:
+      - NET_ADMIN
+    devices:
+      - /dev/net/tun:/dev/net/tun
+    env_file:
+      - path: .env
+        required: true 
+    environment:
+      - VPN_SERVICE_PROVIDER=protonvpn
+      - VPN_TYPE=wireguard
+      - WIREGUARD_PRIVATE_KEY=${VPNKEY}
+      - SERVER_COUNTRIES=Sweden
+      - HTTPPROXY=on
+      - HTTPPROXY_LOG=on
+    ports:
+      - 8888:8888 
+      - 6881:6881
+      - 8080:8080
+  
+  qbit:
+    image: ghcr.io/linuxserver/qbittorrent
+    container_name: qbit
+    volumes:
+        - /temp:/temp
+        - /config/transmission-daemon:/config  
+    environment:
+        - PUID=1000
+        - PGID=1000
+    network_mode: "service:gluetun"
+    restart: always
+    depends_on: 
+      gluetun:
+        condition: service_healthy
+        restart: true
+
+  jellyfin:
+    image: lscr.io/linuxserver/jellyfin:latest
+    container_name: jellyfin
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Europe/Paris
+      - JELLYFIN_PublishedServerUrl=192.168.1.55 #optional
+    volumes:
+      - /config/jellyfin:/config
+      - /media/Seagate/Series:/Series
+      - /media/Seagate/Animes:/Animes
+      - /media/Seagate/Movies:/Movies
+    ports:
+      - 8096:8096
+      - 8920:8920 #optional
+      - 7359:7359/udp #optional
+      - 1900:1900/udp #optional
+    restart: unless-stopped
+    
+  watchtower:
+    image: containrrr/watchtower
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+
+  immich-server:
+    container_name: immich_server
+    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
+    # extends:
+    #   file: hwaccel.transcoding.yml
+    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
+    volumes:
+      # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
+      - ${UPLOAD_LOCATION}:/usr/src/app/upload
+      - /etc/localtime:/etc/localtime:ro
+    env_file:
+      - path: .env
+        required: true
+    ports:
+      - '2283:2283'
+    depends_on:
+      - redis
+      - database
+    restart: always
+    healthcheck:
+      disable: false
+
+  immich-machine-learning:
+    container_name: immich_machine_learning
+    # For hardware acceleration, add one of -[armnn, cuda, rocm, openvino, rknn] to the image tag.
+    # Example tag: ${IMMICH_VERSION:-release}-cuda
+    image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
+    # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
+    #   file: hwaccel.ml.yml
+    #   service: cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference - use the `-wsl` version for WSL2 where applicable
+    volumes:
+      - model-cache:/cache
+    env_file:
+      - path: .env
+        required: true
+    restart: always
+    healthcheck:
+      disable: false
+
+  redis:
+    container_name: immich_redis
+    image: docker.io/valkey/valkey:8-bookworm@sha256:fec42f399876eb6faf9e008570597741c87ff7662a54185593e74b09ce83d177
+    healthcheck:
+      test: redis-cli ping || exit 1
+    restart: always
+
+  database:
+    container_name: immich_postgres
+    image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0
+    env_file:
+      - path: .env
+        required: true
+    environment:
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
+      POSTGRES_USER: ${DB_USERNAME}
+      POSTGRES_DB: ${DB_DATABASE_NAME}
+      POSTGRES_INITDB_ARGS: '--data-checksums'
+      # Uncomment the DB_STORAGE_TYPE: 'HDD' var if your database isn't stored on SSDs
+      # DB_STORAGE_TYPE: 'HDD'
+    volumes:
+      # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
+      - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
+    restart: always
+  
+  Forgejo:
+    image: codeberg.org/forgejo/forgejo:11
+    container_name: forgejo
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+    restart: always
+    networks:
+      - forgejo
+    volumes:
+      - /config/forgejo:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - '3000:3000'
+      - '222:22'
+  
+  nginx-proxy-manager:
+    image: jc21/nginx-proxy-manager:latest
+    container_name: nginx-proxy-manager
+    ports:
+      - "80:80"
+      - "443:443"
+      - "81:81"
+    volumes:
+      - /config/nginx/data:/data
+      - /config/nginx/letsencrypt:/etc/letsencrypt
+    restart: unless-stopped
+
+  freshrss:
+    image: lscr.io/linuxserver/freshrss:latest
+    container_name: freshrss
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - /config/freshrss/:/config
+    ports:
+      - 8082:80
+    restart: unless-stopped
+
+  vikunja:
+    image: vikunja/vikunja
+    environment:
+      VIKUNJA_SERVICE_JWTSECRET: ${VIKUNJA_SERVICE_JWTSECRET}
+      VIKUNJA_SERVICE_PUBLICURL: https://notes.griffix.hopto.org/
+      VIKUNJA_DATABASE_PATH: /db/vikunja.db
+    env_file:
+    - path: .env
+      required: true
+    ports:
+      - 3456:3456
+    volumes:
+      - /config/vikunja/files:/app/vikunja/files
+      - /config/vikunja/db:/db
+    restart: unless-stopped
+
+networks:
+  forgejo:
+    external: false
+  #default:
+   # external: true
+
+volumes:
+ model-cache:

docker/pi5/docker-compose.yaml

@@ -1,18 +1,5 @@
 ---
 services:
-  harborguard:
-    image: ghcr.io/harborguard/harborguard:latest
-    container_name: harborguard
-    environment:
-      - MAX_CONCURRENT_SCANS=1
-      - SCAN_TIMEOUT_MINUTES=15
-      - ENABLED_SCANNERS=trivy,grype
-      - LOG_LEVEL=error
-      - CLEANUP_OLD_SCANS_DAYS=7
-    ports:
-      - 3000:3000
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
 
   foundryvtt:
     image: felddy/foundryvtt:release
@@ -29,65 +16,6 @@ services:
       - path: .env
         required: true
 
-  dashy:
-    image: lissy93/dashy
-    container_name: Dashy
-    volumes:
-      - /config/dashy/:/app/user-data/
-    ports:
-      - 8083:8080
-    # Set any environmental variables
-    environment:
-      - NODE_ENV=production
-      - UID=1000
-      - GID=1000
-    restart: unless-stopped
-    healthcheck:
-      test: ['CMD', 'node', '/app/services/healthcheck']
-      interval: 1m30s
-      timeout: 10s
-      retries: 3
-      start_period: 40s
-  
-  pihole:
-    container_name: pihole
-    image: pihole/pihole:latest
-    ports:
-      # DNS Ports
-      - "53:53/tcp"
-      - "53:53/udp"
-      # Default HTTP Port
-      - "80:80/tcp"
-      # Default HTTPs Port. FTL will generate a self-signed certificate
-      - "443:443/tcp"
-      # Uncomment the below if using Pi-hole as your DHCP Server
-      #- "67:67/udp"
-      # Uncomment the line below if you are using Pi-hole as your NTP server
-      #- "123:123/udp"
-    environment:
-      # Set the appropriate timezone for your location from
-      # https://en.wikipedia.org/wiki/List_of_tz_database_time_zones, e.g:
-      TZ: 'Europe/Paris'
-      # Set a password to access the web interface. Not setting one will result in a random password being assigned
-      FTLCONF_webserver_api_password: 'correct horse battery staple'
-      # If using Docker's default `bridge` network setting the dns listening mode should be set to 'all'
-      FTLCONF_dns_listeningMode: 'all'
-    # Volumes store your data between container upgrades
-    volumes:
-      # For persisting Pi-hole's databases and common configuration file
-      - '/config/etc-pihole:/etc/pihole'
-      # Uncomment the below if you have custom dnsmasq config files that you want to persist. Not needed for most starting fresh with Pi-hole v6. If you're upgrading from v5 you and have used this directory before, you should keep it enabled for the first v6 container start to allow for a complete migration. It can be removed afterwards. Needs environment variable FTLCONF_misc_etc_dnsmasq_d: 'true'
-      #- './etc-dnsmasq.d:/etc/dnsmasq.d'
-    cap_add:
-      # See https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
-      # Required if you are using Pi-hole as your DHCP server, else not needed
-      - NET_ADMIN
-      # Required if you are using Pi-hole as your NTP client to be able to set the host's system time
-      - SYS_TIME
-      # Optional, if Pi-hole should get some more processing time
-      - SYS_NICE
-    restart: unless-stopped
-
   portainer:
     image: portainer/portainer-ce:latest
     container_name: portainer
@@ -218,6 +146,7 @@ services:
     
   watchtower:
     image: containrrr/watchtower
+    container_name: watchtower
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
 
@@ -329,6 +258,7 @@ services:
 
   vikunja:
     image: vikunja/vikunja
+    container_name: vikunja
     environment:
       VIKUNJA_SERVICE_JWTSECRET: ${VIKUNJA_SERVICE_JWTSECRET}
       VIKUNJA_SERVICE_PUBLICURL: https://notes.griffix.hopto.org/
@@ -343,6 +273,24 @@ services:
       - /config/vikunja/db:/db
     restart: unless-stopped
 
+  glass-keep:
+    image: nikunjsingh/glass-keep:latest
+    container_name: glass-keep
+    restart: unless-stopped
+    env_file:
+    - path: .env
+      required: true
+    environment:
+      NODE_ENV: production
+      API_PORT: "8080"
+      JWT_SECRET: ${VIKUNJA_SERVICE_JWTSECRET}
+      DB_FILE: /app/data/notes.db
+      ADMIN_EMAILS: griffix
+    ports:
+      - "8380:8080"
+    volumes:
+      - /config/glass-keep:/app/data  
+
 networks:
   forgejo:
     external: false

infra_conf/backup_pi5.sh

@@ -2,6 +2,8 @@
 
 DestDir="/media/Seagate/backups/pi5/config/"
 
+docker image prune -f
+
 echo "docker compose stop"
 docker compose -f /config/compose.yaml stop