alexsun/compose-anything
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add mcp-servers/**

Browse Source
This commit is contained in:
Sun-ZhenXing
2025-10-23 09:08:07 +08:00
parent ece59b42bf
commit f603ed5db9
57 changed files with 3061 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/dnsmasq/.env.example Normal file
View File

@@ -0,0 +1,9 @@
# DNSMasq version
DNSMASQ_VERSION=2.91
# DNS port (default: 53)
# Note: Ports below 1024 require NET_BIND_SERVICE capability
DNSMASQ_DNS_PORT_OVERRIDE=53
# Timezone
TZ=UTC

49
src/dnsmasq/README.md Normal file
View File

@@ -0,0 +1,49 @@
# DNSMasq
[English](./README.md) | [中文](./README.zh.md)
This service deploys DNSMasq, a lightweight DNS forwarder and DHCP server.
## Services
- `dnsmasq`: The DNSMasq service.
## Environment Variables
| Variable Name | Description | Default Value |
| ------------------------- | ---------------------------------------------------- | ------------- |
| DNSMASQ_VERSION | DNSMasq image version | `2.91` |
| DNSMASQ_DNS_PORT_OVERRIDE | Host port mapping (maps to DNS port 53 in container) | 53 |
| TZ | Timezone setting | `UTC` |
Please modify the `.env` file as needed for your use case.
## Configuration
### Configure LAN DNS Resolution
Lines starting with `address` in the `dnsmasq.conf` file will be parsed as LAN DNS resolution rules.
```conf
address=/example.com/192.168.1.123
```
Router Configuration:
- Set the gateway to the router IP
- Bind the server IP address and MAC address, or assign a static IP address
- Configure the DHCP server to use the server IP address as the DNS server
## Volumes
- `dnsmasq.conf`: Configuration file for DNSMasq (mounted to `/etc/dnsmasq.conf`).
## Ports
- `53/tcp`: DNS service (TCP)
- `53/udp`: DNS service (UDP)
## Security Notes
- This service requires `NET_ADMIN` and `NET_BIND_SERVICE` capabilities to bind to privileged ports.
- Ensure proper firewall rules are in place to restrict access to the DNS service.

13
src/dnsmasq/README.zh.md Normal file
View File

@@ -0,0 +1,13 @@
# 配置局域网 DNS 解析
`dnsmasq.conf` 文件中以 `address` 开头的行会被解析为局域网 DNS 解析。
```conf
address=/example.com/192.168.1.123
```
在路由器中设置:
- 网关为路由器 IP
- 服务器 IP 地址和 MAC 地址绑定,或给定固定 IP 地址
- DHCP 服务器设置 DNS 服务器为服务器 IP 地址

2
src/dnsmasq/dnsmasq.conf Normal file
View File

@@ -0,0 +1,2 @@
interface=*
server=8.8.8.8

38
src/dnsmasq/docker-compose.yaml Normal file
View File

@@ -0,0 +1,38 @@
x-default: &default
restart: unless-stopped
logging:
driver: json-file
options:
max-size: 100m
max-file: "3"
services:
dnsmasq:
<<: *default
image: dockurr/dnsmasq:${DNSMASQ_VERSION:-2.91}
volumes:
- ./dnsmasq.conf:/etc/dnsmasq.conf:ro
ports:
- "${DNSMASQ_DNS_PORT_OVERRIDE:-53}:53/udp"
- "${DNSMASQ_DNS_PORT_OVERRIDE:-53}:53/tcp"
environment:
- TZ=${TZ:-UTC}
cap_drop:
- ALL
cap_add:
- NET_ADMIN
- NET_BIND_SERVICE
healthcheck:
test: ["CMD", "nslookup", "-timeout=1", "localhost", "127.0.0.1"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
deploy:
resources:
limits:
cpus: '0.50'
memory: 128M
reservations:
cpus: '0.10'
memory: 32M

13
src/gpustack/.env.example
View File

@@ -1,19 +1,22 @@
# GPUStack version
GPUSTACK_VERSION="v0.5.3"
GPUSTACK_VERSION=v0.7.1
# Timezone setting
TZ=UTC
# Server configuration
GPUSTACK_HOST="0.0.0.0"
GPUSTACK_HOST=0.0.0.0
GPUSTACK_PORT=80
GPUSTACK_DEBUG=false
# Admin bootstrap password
GPUSTACK_BOOTSTRAP_PASSWORD="admin"
GPUSTACK_BOOTSTRAP_PASSWORD=admin
# Token for worker registration (auto-generated if not set)
GPUSTACK_TOKEN=""
GPUSTACK_TOKEN=
# Hugging Face token for model downloads
HF_TOKEN=""
HF_TOKEN=
# Port to bind to on the host machine
GPUSTACK_PORT_OVERRIDE=80

176
src/gpustack/README.md
View File

@@ -2,26 +2,39 @@
[English](./README.md) | [中文](./README.zh.md)
This service deploys GPUStack, an open-source GPU cluster manager for running large language models (LLMs).
GPUStack is an open-source GPU cluster manager for running and scaling large language models (LLMs).
## Quick Start
```bash
docker compose up -d
```
Access the web UI at <http://localhost:80> with default credentials `admin` / `admin`.
## Services
- `gpustack`: GPUStack server with built-in worker
- `gpustack`: GPUStack server with GPU support enabled by default
## Ports
| Service | Port |
| -------- | ---- |
| gpustack | 80 |
## Environment Variables
| Variable Name | Description | Default Value |
| --------------------------- | -------------------------------------- | ------------- |
| GPUSTACK_VERSION | GPUStack image version | `v0.5.3` |
| GPUSTACK_HOST | Host to bind the server to | `0.0.0.0` |
| GPUSTACK_PORT | Port to bind the server to | `80` |
| GPUSTACK_DEBUG | Enable debug mode | `false` |
| GPUSTACK_BOOTSTRAP_PASSWORD | Password for the bootstrap admin user | `admin` |
| GPUSTACK_TOKEN | Token for worker registration | (auto) |
| HF_TOKEN | Hugging Face token for model downloads | `""` |
| GPUSTACK_PORT_OVERRIDE | Host port mapping | `80` |
Please modify the `.env` file as needed for your use case.
| Variable | Description | Default |
| --------------------------- | -------------------------------------- | --------- |
| GPUSTACK_VERSION | GPUStack image version | `v0.7.1` |
| TZ | Timezone setting | `UTC` |
| GPUSTACK_HOST | Host to bind the server to | `0.0.0.0` |
| GPUSTACK_PORT | Port to bind the server to | `80` |
| GPUSTACK_DEBUG | Enable debug mode | `false` |
| GPUSTACK_BOOTSTRAP_PASSWORD | Password for the bootstrap admin user | `admin` |
| GPUSTACK_TOKEN | Token for worker registration | (auto) |
| HF_TOKEN | Hugging Face token for model downloads | (empty) |
| GPUSTACK_PORT_OVERRIDE | Host port mapping | `80` |
## Volumes
@@ -29,84 +42,79 @@ Please modify the `.env` file as needed for your use case.
## GPU Support
### NVIDIA GPU
Uncomment the GPU-related configuration in `docker-compose.yaml`:
This service is configured with NVIDIA GPU support enabled by default. The configuration uses:
```yaml
deploy:
resources:
reservations:
devices:
- driver: nvidia
count: 1
capabilities: [gpu]
runtime: nvidia
deploy:
resources:
reservations:
devices:
- driver: nvidia
device_ids: [ '0' ]
capabilities: [ gpu ]
```
### Requirements
- NVIDIA GPU with CUDA support
- NVIDIA Container Toolkit installed on the host
- Docker 19.03+ with GPU support
### AMD GPU (ROCm)
Use the ROCm-specific image:
To use AMD GPUs with ROCm support:
```yaml
image: gpustack/gpustack:v0.5.3-rocm
```
1. Use the ROCm-specific image in `docker-compose.yaml`:
```yaml
image: gpustack/gpustack:${GPUSTACK_VERSION:-v0.7.1}-rocm
```
2. Change the device driver to `amdgpu`:
```yaml
deploy:
resources:
reservations:
devices:
- driver: amdgpu
device_ids: [ '0' ]
capabilities: [ gpu ]
```
## Usage
### Start GPUStack
```bash
docker compose up -d
```
### Access
- Web UI: <http://localhost:80>
- Default credentials: `admin` / `admin` (configured via `GPUSTACK_BOOTSTRAP_PASSWORD`)
### Deploy a Model
1. Log in to the web UI
2. Navigate to Models
3. Click "Deploy Model"
4. Select a model from the catalog or add a custom model
5. Configure the model parameters
6. Click "Deploy"
1. Log in to the web UI at <http://localhost:80>
2. Navigate to **Models** → **Deploy Model**
3. Select a model from the catalog or add a custom model
4. Configure the model parameters
5. Click **Deploy**
### Add Worker Nodes
To add more GPU nodes to the cluster:
To scale your cluster by adding more GPU nodes:
1. Get the registration token from the server:
```bash
docker exec gpustack cat /var/lib/gpustack/token
```
```bash
docker exec gpustack gpustack show-token
```
2. Start a worker on another node:
```bash
docker run -d --name gpustack-worker \
--gpus all \
--network host \
--ipc host \
-v gpustack-data:/var/lib/gpustack \
gpustack/gpustack:v0.5.3 \
--server-url http://your-server-ip:80 \
--token YOUR_TOKEN
```
```bash
docker run -d --name gpustack-worker \
--gpus all \
--network host \
--ipc host \
-v gpustack-worker-data:/var/lib/gpustack \
gpustack/gpustack:v0.7.1 \
gpustack start --server-url http://your-server-ip:80 --token YOUR_TOKEN
```
## Features
- **Model Management**: Deploy and manage LLM models from Hugging Face, ModelScope, or custom sources
- **GPU Scheduling**: Automatic GPU allocation and scheduling
- **Multi-Backend**: Supports llama-box, vLLM, and other backends
- **API Compatible**: OpenAI-compatible API endpoint
- **Web UI**: User-friendly web interface for management
- **Monitoring**: Resource usage and model metrics
## API Usage
### API Usage
GPUStack provides an OpenAI-compatible API:
@@ -120,19 +128,31 @@ curl http://localhost:80/v1/chat/completions \
}'
```
## Features
- **Model Management**: Deploy and manage LLM models from Hugging Face, ModelScope, or custom sources
- **GPU Scheduling**: Automatic GPU allocation and load balancing
- **Multi-Backend**: Supports llama-box, vLLM, and other inference backends
- **OpenAI-Compatible API**: Drop-in replacement for OpenAI API
- **Web UI**: User-friendly web interface for cluster management
- **Monitoring**: Real-time resource usage and model performance metrics
- **Multi-Node**: Scale across multiple GPU servers
## Notes
- For production use, change the default password
- GPU support requires NVIDIA Docker runtime or AMD ROCm support
- Model downloads can be large (several GB), ensure sufficient disk space
- First model deployment may take time as it downloads the model files
- **Production Security**: Change the default `GPUSTACK_BOOTSTRAP_PASSWORD` before deploying
- **GPU Requirements**: NVIDIA GPU with CUDA support is required; ensure NVIDIA Container Toolkit is installed
- **Disk Space**: Model downloads can be several gigabytes; ensure sufficient storage
- **First Deployment**: Initial model deployment may take time as it downloads model files
- **Network**: By default, the service binds to all interfaces (`0.0.0.0`); restrict access in production
## Security
- Change default admin password after first login
- Use strong passwords for API keys
- Consider using TLS for production deployments
- Restrict network access to trusted sources
- **Change Default Password**: Update `GPUSTACK_BOOTSTRAP_PASSWORD` after first login
- **API Keys**: Use strong, unique API keys for accessing the API
- **TLS/HTTPS**: Consider using a reverse proxy with TLS for production
- **Network Access**: Restrict access to trusted networks using firewalls
- **Updates**: Keep GPUStack updated to the latest stable version
## License

159
src/gpustack/README.zh.md Normal file
View File

@@ -0,0 +1,159 @@
# GPUStack
[English](./README.md) | [中文](./README.zh.md)
GPUStack 是一个开源的 GPU 集群管理器用于运行和扩展大型语言模型LLM
## 快速开始
```bash
docker compose up -d
```
<http://localhost:80> 访问 Web UI默认凭据为 `admin` / `admin`
## 服务
- `gpustack`:默认启用 GPU 支持的 GPUStack 服务器
## 端口
| 服务 | 端口 |
| -------- | ---- |
| gpustack | 80 |
## 环境变量
| 变量名 | 描述 | 默认值 |
| --------------------------- | ------------------------- | --------- |
| GPUSTACK_VERSION | GPUStack 镜像版本 | `v0.7.1` |
| TZ | 时区设置 | `UTC` |
| GPUSTACK_HOST | 服务器绑定的主机地址 | `0.0.0.0` |
| GPUSTACK_PORT | 服务器绑定的端口 | `80` |
| GPUSTACK_DEBUG | 启用调试模式 | `false` |
| GPUSTACK_BOOTSTRAP_PASSWORD | 引导管理员用户的密码 | `admin` |
| GPUSTACK_TOKEN | Worker 注册令牌 | (自动) |
| HF_TOKEN | Hugging Face 模型下载令牌 | (空) |
| GPUSTACK_PORT_OVERRIDE | 主机端口映射 | `80` |
## 卷
- `gpustack_data`GPUStack 数据目录
## GPU 支持
本服务默认配置了 NVIDIA GPU 支持。配置使用:
```yaml
deploy:
resources:
reservations:
devices:
- driver: nvidia
device_ids: [ '0' ]
capabilities: [ gpu ]
```
### 要求
- 支持 CUDA 的 NVIDIA GPU
- 主机上安装了 NVIDIA Container Toolkit
- Docker 19.03+ 支持 GPU
### AMD GPUROCm
要使用支持 ROCm 的 AMD GPU
1.`docker-compose.yaml` 中使用 ROCm 特定镜像:
```yaml
image: gpustack/gpustack:${GPUSTACK_VERSION:-v0.7.1}-rocm
```
2. 将设备驱动更改为 `amdgpu`
```yaml
deploy:
resources:
reservations:
devices:
- driver: amdgpu
device_ids: [ '0' ]
capabilities: [ gpu ]
```
## 使用方法
### 部署模型
1. 在 <http://localhost:80> 登录 Web UI
2. 导航到 **Models** → **Deploy Model**
3. 从目录中选择模型或添加自定义模型
4. 配置模型参数
5. 点击 **Deploy**
### 添加 Worker 节点
通过添加更多 GPU 节点来扩展集群:
1. 从服务器获取注册令牌:
```bash
docker exec gpustack gpustack show-token
```
2. 在另一个节点上启动 Worker
```bash
docker run -d --name gpustack-worker \
--gpus all \
--network host \
--ipc host \
-v gpustack-worker-data:/var/lib/gpustack \
gpustack/gpustack:v0.7.1 \
gpustack start --server-url http://your-server-ip:80 --token YOUR_TOKEN
```
### API 使用
GPUStack 提供与 OpenAI 兼容的 API
```bash
curl http://localhost:80/v1/chat/completions \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_API_KEY" \
-d '{
"model": "llama-3.2-3b-instruct",
"messages": [{"role": "user", "content": "Hello!"}]
}'
```
## 功能特性
- **模型管理**:从 Hugging Face、ModelScope 或自定义源部署和管理 LLM 模型
- **GPU 调度**:自动 GPU 分配和负载均衡
- **多后端支持**:支持 llama-box、vLLM 和其他推理后端
- **OpenAI 兼容 API**:可直接替代 OpenAI API
- **Web UI**:用户友好的 Web 界面,用于集群管理
- **监控**:实时资源使用和模型性能指标
- **多节点**:可跨多个 GPU 服务器扩展
## 注意事项
- **生产环境安全**:部署前请更改默认的 `GPUSTACK_BOOTSTRAP_PASSWORD`
- **GPU 要求**:需要支持 CUDA 的 NVIDIA GPU确保已安装 NVIDIA Container Toolkit
- **磁盘空间**:模型下载可能有数 GB确保有足够的存储空间
- **首次部署**:初次部署模型可能需要时间来下载模型文件
- **网络**:默认情况下,服务绑定到所有接口(`0.0.0.0`);在生产环境中请限制访问
## 安全
- **更改默认密码**:首次登录后更新 `GPUSTACK_BOOTSTRAP_PASSWORD`
- **API 密钥**:使用强且唯一的 API 密钥访问 API
- **TLS/HTTPS**:在生产环境中考虑使用带 TLS 的反向代理
- **网络访问**:使用防火墙将访问限制在受信任的网络
- **更新**:保持 GPUStack 更新到最新稳定版本
## 许可证
GPUStack 采用 Apache License 2.0 许可。更多信息请参见 [GPUStack GitHub](https://github.com/gpustack/gpustack)。

20
src/gpustack/docker-compose.yaml
View File

@@ -9,7 +9,7 @@ x-default: &default
services:
gpustack:
<<: *default
image: gpustack/gpustack:${GPUSTACK_VERSION:-v0.5.3}
image: gpustack/gpustack:${GPUSTACK_VERSION:-v0.7.1}
ports:
- "${GPUSTACK_PORT_OVERRIDE:-80}:80"
volumes:
@@ -22,21 +22,19 @@ services:
- GPUSTACK_TOKEN=${GPUSTACK_TOKEN:-}
- GPUSTACK_BOOTSTRAP_PASSWORD=${GPUSTACK_BOOTSTRAP_PASSWORD:-admin}
- HF_TOKEN=${HF_TOKEN:-}
ipc: host
deploy:
resources:
limits:
cpus: '8.0'
memory: 8G
reservations:
cpus: '2.0'
memory: 4G
reservations:
cpus: '1.0'
memory: 2G
# Uncomment below for GPU support
# devices:
# - driver: nvidia
# count: 1
# capabilities: [gpu]
# For GPU support, uncomment the following section
# runtime: nvidia
devices:
- driver: nvidia
device_ids: [ '0' ]
capabilities: [ gpu ]
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:80/health"]
interval: 30s

55
src/litellm/.env.example Normal file
View File

@@ -0,0 +1,55 @@
# LiteLLM version
LITELLM_VERSION=main-stable
# LiteLLM port (default: 4000)
LITELLM_PORT_OVERRIDE=4000
# PostgreSQL configuration
POSTGRES_VERSION=16
POSTGRES_PASSWORD=xxxxxx
POSTGRES_PORT_OVERRIDE=5432
# Prometheus configuration (optional, enable with --profile metrics)
PROMETHEUS_VERSION=v3.3.1
PROMETHEUS_PORT_OVERRIDE=9090
# LiteLLM authentication keys
LITELLM_MASTER_KEY=sk-xxxxxx
LITELLM_SALT_KEY=sk-xxxxxx
# Timezone
TZ=UTC
# ===== API Keys =====
# OpenAI
OPENAI_API_KEY=
OPENAI_BASE_URL=
# Cohere
COHERE_API_KEY=
# OpenRouter
OR_SITE_URL=
OR_APP_NAME=LiteLLM Example app
OR_API_KEY=
# Azure
AZURE_API_BASE=
AZURE_API_VERSION=
AZURE_API_KEY=
# Replicate
REPLICATE_API_KEY=
REPLICATE_API_TOKEN=
# Anthropic
ANTHROPIC_API_KEY=
# Infisical
INFISICAL_TOKEN=
# Novita AI
NOVITA_API_KEY=
# INFINITY
INFINITY_API_KEY=

111
src/litellm/README.md Normal file
View File

@@ -0,0 +1,111 @@
# LiteLLM
[English](./README.md) | [中文](./README.zh.md)
This service deploys LiteLLM, a unified interface to 100+ LLM APIs (OpenAI, Azure, Anthropic, Cohere, Replicate, etc.) with load balancing, fallbacks, and cost tracking.
## Services
- `litellm`: The LiteLLM proxy service
- `db`: PostgreSQL database for storing model configurations and usage data
- `prometheus`: Prometheus metrics collector (optional, enabled with `--profile metrics`)
## Environment Variables
| Variable Name | Description | Default Value |
| ------------------------ | -------------------------------------------------------------- | ------------- |
| LITELLM_VERSION | LiteLLM image version | `main-stable` |
| LITELLM_PORT_OVERRIDE | Host port mapping for LiteLLM (maps to port 4000 in container) | 4000 |
| POSTGRES_VERSION | PostgreSQL image version | `16` |
| POSTGRES_PASSWORD | PostgreSQL database password | `xxxxxx` |
| POSTGRES_PORT_OVERRIDE | Host port mapping for PostgreSQL | 5432 |
| PROMETHEUS_VERSION | Prometheus image version (used with metrics profile) | `v3.3.1` |
| PROMETHEUS_PORT_OVERRIDE | Host port mapping for Prometheus | 9090 |
| LITELLM_MASTER_KEY | Master key for LiteLLM authentication | `sk-xxxxxx` |
| LITELLM_SALT_KEY | Salt key for secure key generation | `sk-xxxxxx` |
| TZ | Timezone setting | `UTC` |
Additional API keys can be configured in the `.env` file for various LLM providers (OpenAI, Azure, Anthropic, etc.).
Please modify the `.env` file as needed for your use case.
## Volumes
- `postgres_data`: PostgreSQL data persistence
- `prometheus_data`: Prometheus data storage (optional)
- `./config.yaml`: LiteLLM configuration file (optional, uncomment in docker-compose.yaml to use)
- `./prometheus.yml`: Prometheus configuration file (optional)
## Ports
- `4000`: LiteLLM proxy API and Web UI
- `5432`: PostgreSQL database
- `9090`: Prometheus metrics (optional, enabled with `--profile metrics`)
## First-Time Setup
1. Start the services (with optional metrics):
```bash
docker compose up -d
# Or with Prometheus metrics:
docker compose --profile metrics up -d
```
2. Access LiteLLM UI at `http://localhost:4000`
3. Default credentials:
- Username: `admin`
- Password: Value of `LITELLM_MASTER_KEY` environment variable
4. Configure your LLM API keys in the `.env` file or through the web UI
## Configuration
### Using a Config File
To use a `config.yaml` file for configuration:
1. Create a `config.yaml` file in the same directory as `docker-compose.yaml`
2. Uncomment the volumes and command sections in `docker-compose.yaml`
3. Configure your models, API keys, and routing rules in `config.yaml`
### API Keys
Add API keys for your LLM providers in the `.env` file:
- `OPENAI_API_KEY`: OpenAI API key
- `ANTHROPIC_API_KEY`: Anthropic API key
- `AZURE_API_KEY`: Azure OpenAI API key
- And more (see `.env.example`)
## Usage
### Making API Calls
Use the LiteLLM proxy endpoint with your master key:
```bash
curl -X POST http://localhost:4000/chat/completions \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $LITELLM_MASTER_KEY" \
-d '{
"model": "gpt-3.5-turbo",
"messages": [{"role": "user", "content": "Hello!"}]
}'
```
### Monitoring with Prometheus
If you enabled the metrics profile, access Prometheus at `http://localhost:9090` to view metrics about:
- Request counts and latencies
- Token usage
- Cost tracking
- Error rates
## Additional Information
- Official Documentation: <https://docs.litellm.ai/>
- GitHub Repository: <https://github.com/BerriAI/litellm>
- Supported LLM Providers: <https://docs.litellm.ai/docs/providers>

3
src/litellm/README.zh.md Normal file
View File

@@ -0,0 +1,3 @@
# LiteLLM
默认情况下,用户名是 `admin`,密码是 `$MASTER_KEY` 变量的值。

110
src/litellm/docker-compose.yaml Normal file
View File

@@ -0,0 +1,110 @@
x-default: &default
restart: unless-stopped
logging:
driver: json-file
options:
max-size: 100m
max-file: "3"
services:
litellm:
<<: *default
build:
context: .
args:
target: runtime
image: ghcr.io/berriai/litellm:${LITELLM_VERSION:-main-stable}
# Uncomment these lines to start proxy with a config.yaml file
# volumes:
# - ./config.yaml:/app/config.yaml:ro
# command:
# - "--config=/app/config.yaml"
ports:
- "${LITELLM_PORT_OVERRIDE:-4000}:4000"
environment:
- DATABASE_URL=postgresql://llmproxy:${POSTGRES_PASSWORD}@db:5432/litellm
- STORE_MODEL_IN_DB=True
- TZ=${TZ:-UTC}
env_file:
- .env
depends_on:
db:
condition: service_healthy
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:4000/health/liveliness"]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
extra_hosts:
- "host.docker.internal:host-gateway"
deploy:
resources:
limits:
cpus: '2.00'
memory: 2G
reservations:
cpus: '0.50'
memory: 512M
db:
<<: *default
image: postgres:${POSTGRES_VERSION:-16}
environment:
- POSTGRES_DB=litellm
- POSTGRES_USER=llmproxy
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- TZ=${TZ:-UTC}
ports:
- "${POSTGRES_PORT_OVERRIDE:-5432}:5432"
volumes:
- postgres_data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -d litellm -U llmproxy"]
interval: 10s
timeout: 5s
retries: 5
start_period: 10s
deploy:
resources:
limits:
cpus: '1.00'
memory: 1G
reservations:
cpus: '0.25'
memory: 256M
prometheus:
<<: *default
image: prom/prometheus:${PROMETHEUS_VERSION:-v3.3.1}
profiles:
- metrics
volumes:
- prometheus_data:/prometheus
- ./prometheus.yml:/etc/prometheus/prometheus.yml:ro
ports:
- "${PROMETHEUS_PORT_OVERRIDE:-9090}:9090"
command:
- "--config.file=/etc/prometheus/prometheus.yml"
- "--storage.tsdb.path=/prometheus"
- "--storage.tsdb.retention.time=15d"
environment:
- TZ=${TZ:-UTC}
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:9090/-/healthy"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
deploy:
resources:
limits:
cpus: '1.00'
memory: 1G
reservations:
cpus: '0.25'
memory: 256M
volumes:
prometheus_data:
postgres_data:

7
src/litellm/prometheus.yml Normal file
View File

@@ -0,0 +1,7 @@
global:
scrape_interval: 15s
scrape_configs:
- job_name: 'litellm'
static_configs:
- targets: ['litellm:4000'] # Assuming Litellm exposes metrics at port 4000

11
src/portainer/.env.example Normal file
View File

@@ -0,0 +1,11 @@
# Portainer version
PORTAINER_VERSION=2.27.3-alpine
# Web UI port (default: 9000)
PORTAINER_WEB_PORT_OVERRIDE=9000
# Edge Agent port (default: 8000)
PORTAINER_EDGE_PORT_OVERRIDE=8000
# Timezone
TZ=UTC

51
src/portainer/README.md Normal file
View File

@@ -0,0 +1,51 @@
# Portainer
[English](./README.md) | [中文](./README.zh.md)
This service deploys Portainer CE (Community Edition), a lightweight management UI for Docker and Docker Swarm.
## Services
- `portainer`: The Portainer CE service.
## Environment Variables
| Variable Name | Description | Default Value |
| ---------------------------- | ----------------------------------------------------------------- | --------------- |
| PORTAINER_VERSION | Portainer image version | `2.27.3-alpine` |
| PORTAINER_WEB_PORT_OVERRIDE | Host port mapping for Web UI (maps to port 9000 in container) | 9000 |
| PORTAINER_EDGE_PORT_OVERRIDE | Host port mapping for Edge Agent (maps to port 8000 in container) | 8000 |
| TZ | Timezone setting | `UTC` |
Please modify the `.env` file as needed for your use case.
## Volumes
- `portainer_data`: A named volume for storing Portainer data.
- `/var/run/docker.sock`: Docker socket (required for Portainer to manage Docker).
## Ports
- `9000`: Portainer Web UI
- `8000`: Portainer Edge Agent
## Security Notes
⚠️ **Warning**: This service mounts the Docker socket (`/var/run/docker.sock`), which grants full control over the Docker daemon. This is required for Portainer to function properly, but it means:
- Any compromise of the Portainer container could lead to full system compromise
- Ensure Portainer is properly secured with strong passwords
- Consider restricting network access to the Portainer UI
- Keep Portainer updated to the latest version
## First-Time Setup
1. After starting the service, access Portainer at `http://localhost:9000`
2. Create an admin user account (this is required on first launch)
3. Choose to manage the local Docker environment
4. You can now manage your Docker containers, images, networks, and volumes through the UI
## Additional Information
- Official Documentation: <https://docs.portainer.io/>
- GitHub Repository: <https://github.com/portainer/portainer>

3
src/portainer/README.zh.md Normal file
View File

@@ -0,0 +1,3 @@
# Portainer
Portainer 是一个轻量级的管理用户界面,用于 Docker包括 Docker Swarm 群集。 Portainer 提供了一个简单的 Web UI可以用来管理 Docker 容器,镜像,网络和卷。

39
src/portainer/docker-compose.yaml Normal file
View File

@@ -0,0 +1,39 @@
x-default: &default
restart: unless-stopped
logging:
driver: json-file
options:
max-size: 100m
max-file: "3"
services:
portainer:
<<: *default
image: portainer/portainer-ce:${PORTAINER_VERSION:-2.27.3-alpine}
ports:
- "${PORTAINER_WEB_PORT_OVERRIDE:-9000}:9000"
- "${PORTAINER_EDGE_PORT_OVERRIDE:-8000}:8000"
volumes:
# ⚠️ Security Warning: Mounting Docker socket grants full control of Docker daemon
# This is required for Portainer to function, but ensure access is properly secured
- /var/run/docker.sock:/var/run/docker.sock
- portainer_data:/data
environment:
- TZ=${TZ:-UTC}
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:9000/api/system/status"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
deploy:
resources:
limits:
cpus: '1.00'
memory: 512M
reservations:
cpus: '0.25'
memory: 128M
volumes:
portainer_data:

24
src/searxng/.env.example Normal file
View File

@@ -0,0 +1,24 @@
# SearXNG version
SEARXNG_VERSION=2025.1.20-1ce14ef99
# SearXNG port (default: 8080)
SEARXNG_PORT_OVERRIDE=8080
# SearXNG hostname (used for Caddy reverse proxy)
SEARXNG_HOSTNAME=http://localhost
# Let's Encrypt email (for HTTPS certificates, set to "internal" for self-signed)
LETSENCRYPT_EMAIL=internal
# uWSGI worker processes and threads
SEARXNG_UWSGI_WORKERS=4
SEARXNG_UWSGI_THREADS=4
# Valkey (Redis) version
VALKEY_VERSION=8-alpine
# Caddy version
CADDY_VERSION=2-alpine
# Timezone
TZ=UTC

75
src/searxng/README.md Normal file
View File

@@ -0,0 +1,75 @@
# SearXNG
[English](./README.md) | [中文](./README.zh.md)
This service deploys SearXNG, a privacy-respecting metasearch engine that aggregates results from multiple search engines without tracking users.
## Services
- `searxng`: The SearXNG metasearch engine
- `redis`: Valkey (Redis-compatible) for caching search results
- `caddy`: Reverse proxy and HTTPS termination (uses host network mode)
## Environment Variables
| Variable Name | Description | Default Value |
| --------------------- | ------------------------------------------------------------------------------ | --------------------- |
| SEARXNG_VERSION | SearXNG image version | `2025.1.20-1ce14ef99` |
| SEARXNG_PORT_OVERRIDE | Host port mapping for SearXNG (maps to port 8080 in container) | 8080 |
| SEARXNG_HOSTNAME | Hostname for Caddy reverse proxy | `http://localhost` |
| LETSENCRYPT_EMAIL | Email for Let's Encrypt HTTPS certificates (set to "internal" for self-signed) | `internal` |
| SEARXNG_UWSGI_WORKERS | Number of uWSGI worker processes | 4 |
| SEARXNG_UWSGI_THREADS | Number of uWSGI threads per worker | 4 |
| VALKEY_VERSION | Valkey (Redis) image version | `8-alpine` |
| CADDY_VERSION | Caddy reverse proxy version | `2-alpine` |
| TZ | Timezone setting | `UTC` |
Please modify the `.env` file as needed for your use case.
## Volumes
- `caddy-data`: Caddy data storage (certificates, etc.)
- `caddy-config`: Caddy configuration
- `valkey-data`: Valkey data persistence
- `./searxng`: SearXNG configuration directory (mounted to `/etc/searxng`)
## Ports
- `8080`: SearXNG Web UI (via Caddy reverse proxy when using host network mode)
## Configuration
### SearXNG Settings
Edit configuration files in the `./searxng` directory to customize:
- Search engines to use
- UI theme and appearance
- Privacy settings
- Result filtering
### HTTPS with Let's Encrypt
To enable HTTPS with Let's Encrypt certificates:
1. Set `LETSENCRYPT_EMAIL` to your email address in `.env`
2. Set `SEARXNG_HOSTNAME` to your domain name (e.g., `https://search.example.com`)
3. Ensure ports 80 and 443 are accessible from the internet
4. Create or update the `Caddyfile` with your domain configuration
### Self-Signed Certificates
By default (`LETSENCRYPT_EMAIL=internal`), Caddy will use self-signed certificates for HTTPS.
## First-Time Setup
1. Start the services
2. Access SearXNG at `http://localhost:8080` (or your configured hostname)
3. Configure your browser to use SearXNG as the default search engine (optional)
4. Customize settings through the web interface
## Additional Information
- Official Documentation: <https://docs.searxng.org/>
- GitHub Repository: <https://github.com/searxng/searxng>
- Original Project: <https://github.com/searxng/searxng-docker>

75
src/searxng/README.zh.md Normal file
View File

@@ -0,0 +1,75 @@
# SearXNG
[English](./README.md) | [中文](./README.zh.md)
此服务部署 SearXNG一个尊重隐私的元搜索引擎它聚合多个搜索引擎的结果而不跟踪用户。
## 服务
- `searxng`SearXNG 元搜索引擎
- `redis`ValkeyRedis 兼容)用于缓存搜索结果
- `caddy`:反向代理和 HTTPS 终止(使用主机网络模式)
## 环境变量
| 变量名 | 说明 | 默认值 |
| --------------------- | ------------------------------------------------------------------ | --------------------- |
| SEARXNG_VERSION | SearXNG 镜像版本 | `2025.1.20-1ce14ef99` |
| SEARXNG_PORT_OVERRIDE | SearXNG 主机端口映射(映射到容器内端口 8080 | 8080 |
| SEARXNG_HOSTNAME | Caddy 反向代理的主机名 | `http://localhost` |
| LETSENCRYPT_EMAIL | Let's Encrypt HTTPS 证书的邮箱(设置为 "internal" 使用自签名证书) | `internal` |
| SEARXNG_UWSGI_WORKERS | uWSGI 工作进程数 | 4 |
| SEARXNG_UWSGI_THREADS | 每个 uWSGI 工作进程的线程数 | 4 |
| VALKEY_VERSION | ValkeyRedis镜像版本 | `8-alpine` |
| CADDY_VERSION | Caddy 反向代理版本 | `2-alpine` |
| TZ | 时区设置 | `UTC` |
请根据实际需求修改 `.env` 文件。
## 卷
- `caddy-data`Caddy 数据存储(证书等)
- `caddy-config`Caddy 配置
- `valkey-data`Valkey 数据持久化
- `./searxng`SearXNG 配置目录(挂载到 `/etc/searxng`
## 端口
- `8080`SearXNG Web UI使用主机网络模式时通过 Caddy 反向代理)
## 配置
### SearXNG 设置
编辑 `./searxng` 目录中的配置文件以自定义:
- 要使用的搜索引擎
- UI 主题和外观
- 隐私设置
- 结果过滤
### 使用 Let's Encrypt 启用 HTTPS
要启用 Let's Encrypt 证书的 HTTPS
1.`.env` 中将 `LETSENCRYPT_EMAIL` 设置为你的邮箱地址
2.`SEARXNG_HOSTNAME` 设置为你的域名(例如,`https://search.example.com`
3. 确保端口 80 和 443 可从互联网访问
4. 创建或更新 `Caddyfile` 以包含你的域名配置
### 自签名证书
默认情况下(`LETSENCRYPT_EMAIL=internal`Caddy 将使用自签名证书进行 HTTPS。
## 首次设置
1. 启动服务
2. 访问 SearXNG`http://localhost:8080`(或你配置的主机名)
3. 将浏览器配置为使用 SearXNG 作为默认搜索引擎(可选)
4. 通过 Web 界面自定义设置
## 附加信息
- 官方文档:<https://docs.searxng.org/>
- GitHub 仓库:<https://github.com/searxng/searxng>
- 原始项目:<https://github.com/searxng/searxng-docker>

115
src/searxng/docker-compose.yaml Normal file
View File

@@ -0,0 +1,115 @@
# https://github.com/searxng/searxng-docker/blob/master/docker-compose.yaml
x-default: &default
restart: unless-stopped
logging:
driver: json-file
options:
max-size: 100m
max-file: "3"
services:
caddy:
<<: *default
image: docker.io/library/caddy:${CADDY_VERSION:-2-alpine}
network_mode: host
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile:ro
- caddy-data:/data
- caddy-config:/config
environment:
- SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME:-http://localhost}
- SEARXNG_TLS=${LETSENCRYPT_EMAIL:-internal}
- TZ=${TZ:-UTC}
cap_drop:
- ALL
cap_add:
- NET_BIND_SERVICE
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:2019/config/"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
deploy:
resources:
limits:
cpus: '0.50'
memory: 256M
reservations:
cpus: '0.10'
memory: 64M
redis:
<<: *default
image: docker.io/valkey/valkey:${VALKEY_VERSION:-8-alpine}
command: valkey-server --save 30 1 --loglevel warning
networks:
- searxng
volumes:
- valkey-data:/data
cap_drop:
- ALL
cap_add:
- SETGID
- SETUID
- DAC_OVERRIDE
healthcheck:
test: ["CMD", "valkey-cli", "ping"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
deploy:
resources:
limits:
cpus: '0.50'
memory: 256M
reservations:
cpus: '0.10'
memory: 64M
searxng:
<<: *default
image: docker.io/searxng/searxng:${SEARXNG_VERSION:-2025.1.20-1ce14ef99}
networks:
- searxng
ports:
- "${SEARXNG_PORT_OVERRIDE:-8080}:8080"
volumes:
- ./searxng:/etc/searxng:rw
environment:
- SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/
- UWSGI_WORKERS=${SEARXNG_UWSGI_WORKERS:-4}
- UWSGI_THREADS=${SEARXNG_UWSGI_THREADS:-4}
- TZ=${TZ:-UTC}
cap_drop:
- ALL
cap_add:
- CHOWN
- SETGID
- SETUID
depends_on:
redis:
condition: service_healthy
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:8080/healthz"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
deploy:
resources:
limits:
cpus: '1.00'
memory: 1G
reservations:
cpus: '0.25'
memory: 256M
networks:
searxng:
volumes:
caddy-data:
caddy-config:
valkey-data:

11
src/verdaccio/.env.example Normal file
View File

@@ -0,0 +1,11 @@
# Verdaccio version
VERDACCIO_VERSION=6.1.2
# Verdaccio container internal port (default: 4873)
VERDACCIO_PORT=4873
# Verdaccio host port mapping (default: 4873)
VERDACCIO_PORT_OVERRIDE=4873
# Timezone
TZ=UTC

77
src/verdaccio/README.md Normal file
View File

@@ -0,0 +1,77 @@
# Verdaccio
[English](./README.md) | [中文](./README.zh.md)
This service deploys Verdaccio, a lightweight private npm registry proxy.
## Services
- `verdaccio`: The Verdaccio service.
## Environment Variables
| Variable Name | Description | Default Value |
| ----------------------- | ------------------------------------------------------------ | ------------- |
| VERDACCIO_VERSION | Verdaccio image version | `6.1.2` |
| VERDACCIO_PORT | Verdaccio container internal port | 4873 |
| VERDACCIO_PORT_OVERRIDE | Host port mapping (maps to Verdaccio port 4873 in container) | 4873 |
| TZ | Timezone setting | `UTC` |
Please modify the `.env` file as needed for your use case.
## Volumes
- `./storage`: Directory for storing published packages
- `./config`: Directory for Verdaccio configuration files
- `./plugins`: Directory for Verdaccio plugins
## Ports
- `4873`: Verdaccio Web UI and npm registry API
## First-Time Setup
1. After starting the service, access Verdaccio at `http://localhost:4873`
2. Create a user account:
```bash
npm adduser --registry http://localhost:4873
```
3. Configure npm to use your Verdaccio registry:
```bash
npm set registry http://localhost:4873
```
## Usage
### Publish a Package
```bash
npm publish --registry http://localhost:4873
```
### Install Packages
```bash
npm install <package-name> --registry http://localhost:4873
```
### Use as an Upstream Proxy
Verdaccio can proxy requests to the public npm registry. Packages not found locally will be fetched from npmjs.org and cached.
## Configuration
Edit the configuration file in `./config/config.yaml` to customize Verdaccio behavior:
- Authentication settings
- Package access control
- Upstream npm registry settings
- Web UI customization
## Additional Information
- Official Documentation: <https://verdaccio.org/docs/what-is-verdaccio>
- GitHub Repository: <https://github.com/verdaccio/verdaccio>

3
src/verdaccio/README.zh.md Normal file
View File

@@ -0,0 +1,3 @@
# Verdaccio
Verdaccio 是一个轻量级的私有 npm 注册表,允许用户在本地或私有网络中托管和共享 npm 包。它是一个开源项目,旨在提供一个简单易用的解决方案,以便开发人员可以更好地管理他们的 npm 依赖项。

41
src/verdaccio/docker-compose.yaml Normal file
View File

@@ -0,0 +1,41 @@
x-default: &default
restart: unless-stopped
logging:
driver: json-file
options:
max-size: 100m
max-file: "3"
services:
verdaccio:
<<: *default
image: verdaccio/verdaccio:${VERDACCIO_VERSION:-6.1.2}
networks:
- verdaccio
environment:
- VERDACCIO_PORT=${VERDACCIO_PORT:-4873}
- TZ=${TZ:-UTC}
ports:
- "${VERDACCIO_PORT_OVERRIDE:-4873}:4873"
volumes:
- ./storage:/verdaccio/storage
- ./config:/verdaccio/conf
- ./plugins:/verdaccio/plugins
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "http://localhost:4873/-/ping"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
deploy:
resources:
limits:
cpus: '1.00'
memory: 512M
reservations:
cpus: '0.25'
memory: 128M
networks:
verdaccio:
driver: bridge