All the times I just put docker-compose.yml to one user (my user) directory and call it a day.
But what about a service with multiple admins or with more horizontally split up load?
I host forgejo internally and use that to sync changes. .env and data directories are in .gitignore (they get backed up via a separate process)
All the files are part of my docker group so anyone in it can read everything. Restarting services is handled by systemd unit files (so sudo systemctl stop/start/restart) any user that needs to manipulate containers would have the appropriate sudo access.
It’s only me they does all this though, I set it up this way for funsies.
Env variables get saved to 1Password (self hosted alternative would be Infisical) with a project for each container.
Docker compose files get synced up to my GitHub account.
I have been using the new “include” attribute to split up each container into its own docker compose file.
Usually I organize by service type: media
- sonarr
- radarr downloaders
- sab
Not sure if that answers the question…
It’s better to manage your infrastructure with Ansible.
