diff --git a/config/ansible/tasks/servers/services/arr-stack/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/arr-stack/docker-compose.yml.j2 index 6adf644..36a7646 100644 --- a/config/ansible/tasks/servers/services/arr-stack/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/arr-stack/docker-compose.yml.j2 @@ -17,6 +17,10 @@ services: restart: "unless-stopped" networks: - arr_stack_net + deploy: + resources: + limits: + memory: 1G sonarr: image: linuxserver/sonarr:latest @@ -35,6 +39,10 @@ services: restart: unless-stopped networks: - arr_stack_net + deploy: + resources: + limits: + memory: 1G whisparr: image: ghcr.io/hotio/whisparr:latest @@ -52,6 +60,10 @@ services: restart: unless-stopped networks: - arr_stack_net + deploy: + resources: + limits: + memory: 1G prowlarr: container_name: prowlarr @@ -69,6 +81,10 @@ services: restart: unless-stopped networks: - arr_stack_net + deploy: + resources: + limits: + memory: 512M flaresolverr: image: ghcr.io/flaresolverr/flaresolverr:latest @@ -85,6 +101,10 @@ services: restart: unless-stopped networks: - arr_stack_net + deploy: + resources: + limits: + memory: 1G overseerr: image: sctx/overseerr:latest @@ -102,6 +122,10 @@ services: networks: - arr_stack_net - caddy_network + deploy: + resources: + limits: + memory: 512M networks: arr_stack_net: diff --git a/config/ansible/tasks/servers/services/avorion/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/avorion/docker-compose.yml.j2 index 3a57088..9646576 100644 --- a/config/ansible/tasks/servers/services/avorion/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/avorion/docker-compose.yml.j2 @@ -9,3 +9,7 @@ services: - 27003:27003/udp - 27020:27020/udp - 27021:27021/udp + deploy: + resources: + limits: + memory: 4G diff --git a/config/ansible/tasks/servers/services/beszel/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/beszel/docker-compose.yml.j2 index 70e62ce..48023b4 100644 --- a/config/ansible/tasks/servers/services/beszel/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/beszel/docker-compose.yml.j2 @@ -10,6 +10,10 @@ services: networks: - beszel-net - caddy_network + deploy: + resources: + limits: + memory: 256M beszel-agent: image: henrygd/beszel-agent:latest @@ -21,6 +25,10 @@ services: environment: LISTEN: /beszel_socket/beszel.sock KEY: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKkSIQDh1vS8lG+2Uw/9dK1eOgCHVCgQfP+Bfk4XPkdn' + deploy: + resources: + limits: + memory: 128M networks: beszel-net: diff --git a/config/ansible/tasks/servers/services/caddy/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/caddy/docker-compose.yml.j2 index b6b726b..0359c0e 100644 --- a/config/ansible/tasks/servers/services/caddy/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/caddy/docker-compose.yml.j2 @@ -21,6 +21,10 @@ services: - "host.docker.internal:host-gateway" networks: - caddy_network + deploy: + resources: + limits: + memory: 512M networks: caddy_network: diff --git a/config/ansible/tasks/servers/services/downloaders/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/downloaders/docker-compose.yml.j2 index 492d026..a7e1d26 100644 --- a/config/ansible/tasks/servers/services/downloaders/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/downloaders/docker-compose.yml.j2 @@ -24,6 +24,10 @@ services: - OPENVPN_PASSWORD={{ lookup('community.general.onepassword', 'Gluetun', vault='Dotfiles', field='OPENVPN_PASSWORD') }} - SERVER_COUNTRIES={{ lookup('community.general.onepassword', 'Gluetun', vault='Dotfiles', field='SERVER_COUNTRIES') }} restart: always + deploy: + resources: + limits: + memory: 512M sabnzbd: image: lscr.io/linuxserver/sabnzbd:latest @@ -39,6 +43,10 @@ services: depends_on: gluetun: condition: service_healthy + deploy: + resources: + limits: + memory: 1G qbittorrent: image: lscr.io/linuxserver/qbittorrent @@ -55,6 +63,10 @@ services: gluetun: condition: service_healthy restart: always + deploy: + resources: + limits: + memory: 1G networks: arr_stack_net: diff --git a/config/ansible/tasks/servers/services/dozzle/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/dozzle/docker-compose.yml.j2 index 16ded45..c4c6c2d 100644 --- a/config/ansible/tasks/servers/services/dozzle/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/dozzle/docker-compose.yml.j2 @@ -11,6 +11,10 @@ services: networks: - dozzle-net - caddy_network + deploy: + resources: + limits: + memory: 256M networks: dozzle-net: diff --git a/config/ansible/tasks/servers/services/echoip/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/echoip/docker-compose.yml.j2 index 69ea7d2..7516047 100644 --- a/config/ansible/tasks/servers/services/echoip/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/echoip/docker-compose.yml.j2 @@ -16,6 +16,10 @@ services: -a /opt/echoip/GeoLite2-ASN.mmdb -c /opt/echoip/GeoLite2-City.mmdb -f /opt/echoip/GeoLite2-Country.mmdb + deploy: + resources: + limits: + memory: 128M networks: caddy_network: diff --git a/config/ansible/tasks/servers/services/factorio/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/factorio/docker-compose.yml.j2 index f51f5d8..85de439 100644 --- a/config/ansible/tasks/servers/services/factorio/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/factorio/docker-compose.yml.j2 @@ -19,6 +19,10 @@ services: networks: - factorio - caddy_network + deploy: + resources: + limits: + memory: 2G networks: factorio: diff --git a/config/ansible/tasks/servers/services/gitea/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/gitea/docker-compose.yml.j2 index 7305db8..48d0714 100644 --- a/config/ansible/tasks/servers/services/gitea/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/gitea/docker-compose.yml.j2 @@ -15,6 +15,10 @@ services: networks: - gitea - caddy_network + deploy: + resources: + limits: + memory: 1G postgres: image: postgres:15-alpine @@ -29,6 +33,10 @@ services: - {{gitea_data_dir}}/postgres:/var/lib/postgresql/data networks: - gitea + deploy: + resources: + limits: + memory: 1G act_runner: image: gitea/act_runner:latest @@ -46,6 +54,10 @@ services: restart: always networks: - gitea + deploy: + resources: + limits: + memory: 2G networks: gitea: diff --git a/config/ansible/tasks/servers/services/golink/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/golink/docker-compose.yml.j2 index aafa12d..1d297fc 100644 --- a/config/ansible/tasks/servers/services/golink/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/golink/docker-compose.yml.j2 @@ -8,3 +8,7 @@ services: volumes: - {{ golink_data_dir }}:/home/nonroot restart: "unless-stopped" + deploy: + resources: + limits: + memory: 256M diff --git a/config/ansible/tasks/servers/services/home-assistant/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/home-assistant/docker-compose.yml.j2 index a7523fd..da2931b 100644 --- a/config/ansible/tasks/servers/services/home-assistant/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/home-assistant/docker-compose.yml.j2 @@ -15,3 +15,7 @@ services: network_mode: host devices: - /dev/ttyUSB0:/dev/ttyUSB0 + deploy: + resources: + limits: + memory: 2G diff --git a/config/ansible/tasks/servers/services/immich/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/immich/docker-compose.yml.j2 index 5c2db55..0d757f9 100644 --- a/config/ansible/tasks/servers/services/immich/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/immich/docker-compose.yml.j2 @@ -26,6 +26,8 @@ services: runtime: nvidia deploy: resources: + limits: + memory: 4G reservations: devices: - driver: nvidia @@ -49,6 +51,8 @@ services: runtime: nvidia deploy: resources: + limits: + memory: 8G reservations: devices: - driver: nvidia @@ -63,6 +67,10 @@ services: restart: unless-stopped networks: - immich + deploy: + resources: + limits: + memory: 1G database: container_name: immich_postgres @@ -100,6 +108,10 @@ services: restart: unless-stopped networks: - immich + deploy: + resources: + limits: + memory: 2G volumes: model-cache: diff --git a/config/ansible/tasks/servers/services/nextcloud/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/nextcloud/docker-compose.yml.j2 index 32f61a3..c4b2699 100644 --- a/config/ansible/tasks/servers/services/nextcloud/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/nextcloud/docker-compose.yml.j2 @@ -25,6 +25,10 @@ services: - MYSQL_PASSWORD={{ lookup('community.general.onepassword', 'Nextcloud', vault='Dotfiles', field='MYSQL_NEXTCLOUD_PASSWORD') }} - MYSQL_HOST=nextclouddb - REDIS_HOST=redis + deploy: + resources: + limits: + memory: 2G nextclouddb: image: mariadb:11.4.7 @@ -43,6 +47,10 @@ services: - MYSQL_PASSWORD={{ lookup('community.general.onepassword', 'Nextcloud', vault='Dotfiles', field='MYSQL_NEXTCLOUD_PASSWORD') }} - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud + deploy: + resources: + limits: + memory: 1G redis: image: redis:alpine @@ -51,6 +59,10 @@ services: - {{ nextcloud_data_dir }}/redis:/data networks: - nextcloud + deploy: + resources: + limits: + memory: 512M networks: nextcloud: diff --git a/config/ansible/tasks/servers/services/plex/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/plex/docker-compose.yml.j2 index e8532b3..a569ffb 100644 --- a/config/ansible/tasks/servers/services/plex/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/plex/docker-compose.yml.j2 @@ -19,6 +19,8 @@ services: - {{ '/mnt/data/music' }}:/music deploy: resources: + limits: + memory: 4G reservations: devices: - driver: nvidia diff --git a/config/ansible/tasks/servers/services/privatebin/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/privatebin/docker-compose.yml.j2 index 8fc7f20..7b8c8f6 100644 --- a/config/ansible/tasks/servers/services/privatebin/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/privatebin/docker-compose.yml.j2 @@ -22,6 +22,10 @@ services: start_period: 90s networks: - caddy_network + deploy: + resources: + limits: + memory: 256M networks: caddy_network: diff --git a/config/ansible/tasks/servers/services/qdrant/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/qdrant/docker-compose.yml.j2 index 6ae1031..8e9edde 100644 --- a/config/ansible/tasks/servers/services/qdrant/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/qdrant/docker-compose.yml.j2 @@ -11,3 +11,7 @@ services: - 6335 volumes: - {{ qdrant_data_dir }}:/qdrant/storage + deploy: + resources: + limits: + memory: 2G diff --git a/config/ansible/tasks/servers/services/redis/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/redis/docker-compose.yml.j2 index f021055..299a85e 100644 --- a/config/ansible/tasks/servers/services/redis/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/redis/docker-compose.yml.j2 @@ -17,6 +17,10 @@ services: start_period: 5s networks: - juicefs-network + deploy: + resources: + limits: + memory: 256M networks: juicefs-network: diff --git a/config/ansible/tasks/servers/services/stash/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/stash/docker-compose.yml.j2 index 0026f41..649b1a0 100644 --- a/config/ansible/tasks/servers/services/stash/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/stash/docker-compose.yml.j2 @@ -30,6 +30,10 @@ services: - {{ stash_config_dir }}/generated:/generated networks: - caddy_network + deploy: + resources: + limits: + memory: 2G networks: caddy_network: diff --git a/config/ansible/tasks/servers/services/tautulli/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/tautulli/docker-compose.yml.j2 index a72b749..653fdbb 100644 --- a/config/ansible/tasks/servers/services/tautulli/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/tautulli/docker-compose.yml.j2 @@ -14,6 +14,10 @@ services: restart: unless-stopped networks: - caddy_network + deploy: + resources: + limits: + memory: 512M networks: caddy_network: diff --git a/config/ansible/tasks/servers/services/unifi-network-application/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/unifi-network-application/docker-compose.yml.j2 index ca22905..717ad70 100644 --- a/config/ansible/tasks/servers/services/unifi-network-application/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/unifi-network-application/docker-compose.yml.j2 @@ -29,6 +29,10 @@ services: - caddy_network sysctls: - net.ipv6.conf.all.disable_ipv6=1 + deploy: + resources: + limits: + memory: 1G unifi-db: image: mongo:6.0 @@ -48,6 +52,10 @@ services: - unifi-network sysctls: - net.ipv6.conf.all.disable_ipv6=1 + deploy: + resources: + limits: + memory: 1G networks: unifi-network: diff --git a/config/ansible/tasks/servers/services/wireguard/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/wireguard/docker-compose.yml.j2 index 1507258..20aca79 100644 --- a/config/ansible/tasks/servers/services/wireguard/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/wireguard/docker-compose.yml.j2 @@ -17,3 +17,7 @@ services: sysctls: - net.ipv4.conf.all.src_valid_mark=1 restart: unless-stopped + deploy: + resources: + limits: + memory: 512M