From f8c39e324a627c418720312c530de94e44bbb0d2 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 31 Jan 2025 15:31:11 -0500 Subject: [PATCH] Removing extra files. --- changes.yml | 47 - main_svcs.yml | 7589 ------------------------------------------------- 2 files changed, 7636 deletions(-) delete mode 100644 changes.yml delete mode 100644 main_svcs.yml diff --git a/changes.yml b/changes.yml deleted file mode 100644 index 5bda7bab..00000000 --- a/changes.yml +++ /dev/null @@ -1,47 +0,0 @@ - ports: - - 2283:2283 - restart: always - labels: - swag_port: 3000 - swag_url: pics.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://pics.${MY_TLD} - homepage.group: Lifestyle - homepage.name: Immich - homepage.href: https://pics.${MY_TLD} - homepage.icon: immich.svg - homepage.description: High performance self-hosted photo and video management solution - restart: always - immich-power-tools: - container_name: immich-power-tools - environment: - IMMICH_API_KEY: ${IMMICH_POWER_TOOLS_KEY} - IMMICH_URL: http://immich-server:2283 - EXTERNAL_IMMICH_URL: https://pics.trez.wtf - image: ghcr.io/varun-raj/immich-power-tools:latest - ports: - - 54018:3000 - influxdb2: - container_name: influxdb2 - environment: - DOCKER_INFLUXDB_INIT_MODE: setup - DOCKER_INFLUXDB_INIT_USERNAME: admin - DOCKER_INFLUXDB_INIT_PASSWORD: ${INFLUXDB2_ADMIN_PASSWORD} - DOCKER_INFLUXDB_INIT_ADMIN_TOKEN: /run/secrets/influxdb2-admin-token - DOCKER_INFLUXDB_INIT_ORG: rinoa - DOCKER_INFLUXDB_INIT_BUCKET: rinoa - image: influxdb:2-alpine - labels: - swag: enable - swag_proto: http - swag_port: 8086 - swag_url: influxdb.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://influxdb.${MY_TLD} - homepage.group: System Administration - homepage.name: InfluxDBv2 - homepage.href: https://influxdb.${MY_TLD} - homepage.icon: influxdb.svg - homepage.description: Scalable datastore for metrics, events, and real-time analytics - ports: - - 8086:8086 diff --git a/main_svcs.yml b/main_svcs.yml deleted file mode 100644 index 3afe94cb..00000000 --- a/main_svcs.yml +++ /dev/null @@ -1,7589 +0,0 @@ -name: compose -networks: - bitmagnet: - driver: bridge - ipam: - config: - - gateway: 192.168.55.1 - subnet: 192.168.55.0/27 - driver: default - name: compose_bitmagnet - default: - name: compose_default - nextcloud-aio: - external: true -services: - actual_server: - container_name: actualbudget - environment: - ACTUAL_LOGIN_METHOD: "pass" - ACTUAL_PORT: 5006 - # - ACTUAL_UPLOAD_FILE_SYNC_SIZE_LIMIT_MB=20 - # - ACTUAL_UPLOAD_SYNC_ENCRYPTED_FILE_SYNC_SIZE_LIMIT_MB=50 - # - ACTUAL_UPLOAD_FILE_SIZE_LIMIT_MB=20 - # See all options and more details at https://actualbudget.github.io/docs/Installing/Configuration - # !! If you are not using any of these options, remove the 'environment:' tag entirely. - image: docker.io/actualbudget/actual-server:latest - labels: - swag: enable - swag_port: 5006 - swag_proto: http - swag_url: fin.${MY_TLD} - homepage.group: Lifestyle - homepage.name: Actual Budget - homepage.icon: actual-budget.svg - homepage.href: https://fin.${MY_TLD} - homepage.description: Privacy-focused app for managing finances - ports: - - 5006:5006 - restart: unless-stopped - volumes: - - ${DOCKER_VOLUME_CONFIG}/actual-budget:/data - adguard: - container_name: adguard - environment: - TZ: ${TZ} - hostname: Rinoa - image: adguard/adguardhome:latest - labels: - swag: enable - swag_proto: http - swag_url: adgh.${MY_TLD} - homepage.group: System Administration - homepage.name: AdGuard Home - homepage.icon: adguard-home.png - homepage.href: https://adgh.${MY_TLD} - homepage.description: Ad-blocking/DNS - homepage.widget.type: adguard - homepage.widget.url: http://adguard:80 - homepage.widget.username: admin - homepage.widget.password: ${ADGUARD_PASSWORD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "3001" - target: 3000 - - mode: ingress - protocol: tcp - published: "446" - target: 443 - - mode: ingress - protocol: tcp - published: "8008" - target: 80 - - mode: ingress - protocol: tcp - published: "853" - target: 853 - - host_ip: 0.0.0.0 - mode: ingress - protocol: tcp - published: "53" - target: 53 - - host_ip: 0.0.0.0 - mode: ingress - protocol: udp - published: "53" - target: 53 - - host_ip: 0.0.0.0 - mode: ingress - protocol: udp - published: "67" - target: 67 - - host_ip: 0.0.0.0 - mode: ingress - protocol: tcp - published: "688" - target: 68 - - host_ip: 0.0.0.0 - mode: ingress - protocol: udp - published: "688" - target: 68 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/adguard/work - target: /opt/adguardhome/work - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/adguard/conf - target: /opt/adguardhome/conf - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - - source: ${DOCKER_VOLUME_CONFIG}/swag/etc/letsencrypt/archive/trez.wtf - target: /etc/ssl/certs - type: bind - bind: - create_host_path: true - apprise: - container_name: apprise - environment: - PGID: 1000 - PUID: 1000 - TZ: America/New_York - hostname: Rinoa - image: lscr.io/linuxserver/apprise-api:latest - labels: - homepage.group: Infrastructure/App Performance Monitoring - homepage.name: Apprise - homepage.icon: apprise.png - homepage.href: http://192.168.1.254:8000 - homepage.description: Cemtralized, multi-channel notification API - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8000" - target: 8000 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/apprise - target: /config - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - audiobookshelf: - container_name: audiobookshelf - environment: - CONFIG_PATH: /config - HOME: /config/.home - LOG_LEVEL: info - METADATA_PATH: /metadata - TZ: America/New_York - hostname: Rinoa - image: ghcr.io/advplyr/audiobookshelf:latest - labels: - homepage.group: Media Library - homepage.name: Audiobookshelf - homepage.href: https://abs.${MY_TLD} - homepage.icon: audiobookshelf.png - homepage.description: Podcasts, eBooks, & Audiobooks - homepage.widget.type: audiobookshelf - homepage.widget.url: http://audiobookshelf:80 - homepage.widget.key: ${AUDIOBOOKSHELF_ROOT_API_KEY} - swag: enable - swag_address: audiobookshelf - swag_proto: http - swag_url: abs.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://abs.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "13378" - target: 80 - restart: unless-stopped - user: 1000:1000 - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/audiobookshelf - target: /config - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/audiobookshelf/.metadata - target: /metadata - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - authelia: - container_name: authelia - depends_on: - authelia-pg: - condition: service_started - required: true - lldap: - condition: service_started - required: true - environment: - AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD: ${AUTHELIA_AUTH_BIND_LDAP_PASSWORD} - AUTHELIA_JWT_SECRET: ${AUTHELIA_JWT_SECRET} - AUTHELIA_NOTIFIER_SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} - AUTHELIA_NOTIFIER_SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER} - AUTHELIA_SESSION_SECRET: ${AUTHELIA_SESSION_SECRET} - AUTHELIA_STORAGE_ENCRYPTION_KEY: ${AUTHELIA_STORAGE_ENCRYPTION_KEY} - AUTHELIA_STORAGE_POSTGRES_PASSWORD: ${AUTHELIA_STORAGE_POSTGRES_PASSWORD} - GUID: ${PGID} - PGID: ${PGID} - PUID: ${PUID} - TZ: ${TZ} - expose: - - 9091 - image: authelia/authelia:master - labels: - homepage.group: Privacy/Security - homepage.name: Authelia - homepage.href: https://auth.${MY_TLD} - homepage.icon: authelia.svg - homepage.description: Authentication/authorization server with MFA & SSO - swag: enable - swag_proto: http - swag_port: 9091 - swag_url: auth.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://auth.${MY_TLD} - networks: - default: null - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/authelia/ - target: /config - type: bind - bind: - create_host_path: true - authelia-pg: - container_name: authelia-pg - environment: - POSTGRES_PASSWORD: ${AUTHELIA_STORAGE_POSTGRES_PASSWORD} - POSTGRES_USER: authelia - POSTGRES_DB: authelia - expose: - - 5432 - image: postgres:16-alpine - networks: - default: null - restart: unless-stopped - volumes: - - source: authelia-pg-db - target: /var/lib/postgresql/data - type: volume - bind: - create_host_path: true - bazarr: - container_name: bazarr - environment: - PGID: ${PGID} - PUID: ${PUID} - TZ: ${TZ} - DOCKER_MODS: ghcr.io/gilbn/theme.park:bazarr - hostname: Rinoa - image: lscr.io/linuxserver/bazarr:latest - labels: - homepage.group: Servarr Stack - homepage.name: Bazarr - homepage.href: https://bazarr.${MY_TLD} - homepage.icon: bazarr.png - homepage.description: Subtitle automation for TV shows/movies - homepage.widget.type: bazarr - homepage.widget.url: http://bazarr:6767 - homepage.widget.key: ${BAZARR_API_KEY} - swag: enable - swag_proto: http - swag_port: 6767 - swag.uptime-kuma.enabled: true - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "6767" - target: 6767 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/bazarr - target: /config - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - bitmagnet: - command: - - worker - - run - - --keys=http_server - - --keys=queue_server - - --keys=dht_crawler - container_name: bitmagnet - depends_on: - bitmagnet-pg-db: - condition: service_healthy - required: true - gluetun: - condition: service_started - required: true - restart: true - environment: - LOG_FILE_ROTATION_ENABLED: true - POSTGRES_HOST: bitmagnet-pg-db - POSTGRES_PASSWORD: ${BITMAGNET_POSTGRESQL_PASSWORD} - POSTGRES_USER: bitmagnet - image: ghcr.io/bitmagnet-io/bitmagnet:latest - labels: - homepage.group: Downloaders - homepage.name: Bitmagnet - homepage.href: https://btmag.${MY_TLD} - homepage.icon: sh-bitmagnet.png - homepage.description: Torrent indexer, DHT crawler, search engine, & content classifier - homepage.widget.type: gluetun - homepage.widget.url: http://gluetun:8000 - swag: enable - swag_proto: http - swag_address: gluetun - swag_auth: authelia - swag_auth_bypass: /v1 - swag_port: 3333 - swag_url: btmag.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://btmag.${MY_TLD} - network_mode: service:gluetun - restart: always - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/bitmagnet - target: /root/.local/share/bitmagnet - type: bind - bind: - create_host_path: true - bitmagnet-pg-db: - container_name: bitmagnet-pg-db - environment: - POSTGRES_DB: bitmagnet - POSTGRES_PASSWORD: ${BITMAGNET_POSTGRESQL_PASSWORD} - POSTGRES_USER: bitmagnet - expose: - - 5432 - healthcheck: - interval: 10s - start_period: 20s - test: - - CMD-SHELL - - pg_isready - image: postgres:17-alpine - networks: - bitmagnet: - ipv4_address: 192.168.55.8 - default: null - restart: unless-stopped - shm_size: 1g - volumes: - - source: bitmagnet-pg-db - target: /var/lib/postgresql/data - type: volume - volume: {} - bitwarden: - container_name: bitwarden - environment: - ADMIN_TOKEN: ${BITWARDEN_ENVIRONMENT_ADMIN_TOKEN} - DATABASE_URL: data/db.sqlite3 - DISABLE_ADMIN_TOKEN: "false" - DOMAIN: https://bitwarden.${MY_TLD} - ENABLE_DB_WAL: "true" - INVITATIONS_ALLOWED: "false" - SHOW_PASSWORD_HINT: "false" - SIGNUPS_ALLOWED: "true" - SIGNUPS_VERIFY: "true" - TZ: America/New_York - WEBSOCKET_ENABLED: "true" - hostname: Rinoa - image: vaultwarden/server:latest - labels: - homepage.group: Privacy/Security - homepage.name: Bitwarden - homepage.icon: bitwarden.png - homepage.href: https://bitwarden.${MY_TLD} - homepage.description: Credential/Information Vault - swag: enable - swag_url: bitwarden.${MY_TLD} - swag_proto: http - swag_port: 80 - swag.uptime-kuma.enabled: true - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "3012" - target: 3012 - - mode: ingress - protocol: tcp - published: "8013" - target: 80 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/bitwarden - target: /data - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - bluesky-pds: - container_name: bluesky-pds - environment: - PDS_ADMIN_EMAIL: charish.patel@trez.wtf - PDS_HOSTNAME: bsky.trez.wtf - PDS_JWT_SECRET: ${BLUESKY_PDS_JWT_SECRET} - PDS_ADMIN_PASSWORD: ${BLUESKY_PDS_ADMIN_PASSWORD} - PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: ${BLUESKY_PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX} - PDS_DATA_DIRECTORY: /pds - PDS_EMAIL_SMTP_URL: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25 - PDS_EMAIL_FROM_ADDRESS: noreply@trez.wtf - PDS_BLOBSTORE_DISK_LOCATION: /pds/blocks - PDS_BLOB_UPLOAD_LIMIT: 52428800 - PDS_DID_PLC_URL: ${PDS_DID_PLC_URL} - PDS_BSKY_APP_VIEW_URL: ${PDS_BSKY_APP_VIEW_URL} - PDS_BSKY_APP_VIEW_DID: ${PDS_BSKY_APP_VIEW_DID} - PDS_REPORT_SERVICE_URL: ${PDS_REPORT_SERVICE_URL} - PDS_REPORT_SERVICE_DID: ${PDS_REPORT_SERVICE_DID} - PDS_CRAWLERS: ${PDS_CRAWLERS} - LOG_ENABLED: true - expose: - - 3000 - image: ghcr.io/bluesky-social/pds:latest - labels: - swag: enable - swag_port: 3000 - swag_url: bsky.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://bsky.${MY_TLD} - restart: unless-stopped - volumes: - - type: bind - source: ${DOCKER_VOLUME_CONFIG}/bluesky-pds - target: /pds - browserless: - container_name: browserless - environment: - ALLOW_FILE_PROTOCOL: true - CONCURRENT: 20 - HEALTH: false - PROXY_HOST: swag - PROXY_PORT: 443 - PROXY_SSL: true - QUEUED: 20 - TIMEOUT: 300000 - TOKEN: ${CHROMIUM_TOKEN} - TZ: ${TZ} - expose: - - 3000 - image: ghcr.io/browserless/chromium:latest - labels: - swag: enable - swag_proto: http - swag_port: 3000 - swag_url: browse.${MY_TLD} - networks: - default: null - restart: unless-stopped - castopod: - container_name: castopod - depends_on: - mariadb: - condition: service_started - required: true - restart: true - environment: - MYSQL_DATABASE: castopod - MYSQL_USER: castopod - MYSQL_PASSWORD: ${CASTOPOD_MYSQL_PASSWORD} - CP_DATABASE_HOSTNAME: mariadb - CP_DATABASE_NAME: castopod - CP_DATABASE_USERNAME: castopod - CP_DATABASE_PASSWORD: ${CASTOPOD_MYSQL_PASSWORD} - CP_BASEURL: pod.trez.wtf - CP_ANALYTICS_SALT: ${CASTOPOD_ANALYTICS_SALT} - CP_CACHE_HANDLER: redis - CP_DISABLE_HTTPS: 1 - CP_REDIS_HOST: redis - CP_EMAIL_SMTP_HOST: postal-smtp - CP_EMAIL_FROM: noreply@trez.wtf - CP_EMAIL_SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER} - CP_EMAIL_SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} - expose: - - 8000 - image: castopod/castopod:latest - labels: - homepage.group: Social - homepage.name: Castopod - homepage.href: https://pod.${MY_TLD} - homepage.icon: castopod.png - homepage.description: Podcast self-hosting - swag: enable - swag_port: 8000 - swag_url: pod.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://pod.${MY_TLD} - restart: unless-stopped - volumes: - - castopod-media:/var/www/castopod/public/media - cloudflared: - command: ['tunnel', '--no-autoupdate', 'run', '--token', '${CLOUDFLARED_TUNNEL_TOKEN}'] - container_name: cloudflared - environment: - CLOUDFLARED_TUNNEL_KEY: ${CLOUDFLARED_TUNNEL_TOKEN} - image: 'cloudflare/cloudflared:latest' - restart: unless-stopped - volumes: - - ${DOCKER_VOLUME_CONFIG}/cloudflared:/etc/cloudflared - cloudflareddns: - container_name: cloudflareddns - environment: - ARGS: --dns-cloudflare-propagation-seconds 60 - CF_APIKEY: ${CLOUDFLAREDDNS_ENVIRONMENT_APIKEY} - CF_APITOKEN: ${CLOUDFLAREDDNS_ENVIRONMENT_APITOKEN} - CF_HOSTS: trez.wtf - CF_RECORDTYPES: A - CF_USER: charish.patel@trez.wtf - CF_ZONES: trez.wtf - DETECTION_MODE: dig-google.com - INTERVAL: "300" - LOG_LEVEL: "3" - PGID: "1000" - PUID: "1000" - TZ: America/New_York - hostname: Rinoa - image: ghcr.io/hotio/cloudflareddns:latest - networks: - default: null - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/cloudflareddns - target: /config - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - crowdsec: - container_name: crowdsec - environment: - DOCKER_HOST: tcp://dockerproxy:2375 - GID: 1000 - BOUNCER_KEY_SWAG: ${CROWDSEC_API_KEY} - COLLECTIONS: crowdsecurity/nginx crowdsecurity/http-cve crowdsecurity/whitelist-good-actors crowdsecurity/linux crowdsecurity/iptables - image: crowdsecurity/crowdsec:latest - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8101" - target: 8080 - restart: unless-stopped - security_opt: - - no-new-privileges=true - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/crowdsec/config.yaml.local - target: /etc/crowdsec/config.yaml.local - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/crowdsec/local_api_credentials.yaml.local - target: /etc/crowdsec/local_api_credentials.yaml.local - type: bind - bind: - create_host_path: true - - read_only: true - source: ${DOCKER_VOLUME_CONFIG}/swag/log/nginx - target: /var/log/swag - type: bind - bind: - create_host_path: true - - source: crowdsec-config - target: /etc/crowdsec - type: volume - volume: {} - - source: crowdsec-db - target: /var/lib/crowdsec/data - type: volume - volume: {} - - bind: - create_host_path: true - read_only: true - source: /var/log/journal - target: /var/log/host - type: bind - crowdsec-dashboard: - container_name: crowdsec-dashboard - depends_on: - crowdsec: - condition: service_started - required: true - environment: - MB_DB_FILE: /data/metabase.db - MGID: ${GID-1000} - image: metabase/metabase - labels: - com.centurylinklabs.watchtower.enable: false - homepage.group: Privacy/Security - homepage.name: CrowdSec Dashboard - homepage.href: https://csec.${MY_TLD} - homepage.icon: crowdsec.svg - homepage.description: Real-time & crowdsourced protection against aggressive IPs - homepage.widget.type: crowdsec - homepage.widget.url: http://crowdsec:8080 - homepage.widget.username: localhost - homepage.widget.password: ${CROWDSEC_LOCAL_API_KEY} - swag: enable - swag_port: 3000 - swag_proto: http - swag_url: csec.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://csec.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8908" - target: 3000 - restart: always - volumes: - - source: crowdsec-db - target: /metabase-data - type: volume - volume: {} - czkawka: - container_name: czkawka - environment: - KEEP_APP_RUNNING: 1 - PGID: ${PGID} - PUID: ${PUID} - TZ: ${TZ} - UMASK: 1 - WEB_LISTENING_PORT: 5800 - image: jlesage/czkawka - labels: - homepage.group: System Administration - homepage.name: Czkawka - homepage.href: https://czkawka.${MY_TLD} - homepage.icon: sh-czkawka.svg - homepage.description: Smart file management - swag: enable - swag_port: 5800 - swag_proto: http - swag_url: czkawka.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://czkawka.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "5800" - target: 5800 - privileged: true - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/czkawka - target: /config - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_STORAGE} - target: /storage - type: bind - bind: - create_host_path: true - dagu-scheduler: - command: dagu scheduler - container_name: dagu-scheduler - image: ghcr.io/dagu-org/dagu:latest - networks: - default: null - restart: unless-stopped - volumes: - - source: dagu_config - target: /home/dagu/.config/dagu - type: volume - volume: {} - - source: dagu_data - target: /home/dagu/.local/share - type: volume - volume: {} - dagu-server: - container_name: dagu-server - environment: - DAGU_PORT: 8080 - image: ghcr.io/dagu-org/dagu:latest - labels: - homepage.group: System Administration - homepage.name: Dagu - homepage.href: https://cron.${MY_TLD} - homepage.icon: sh-dagu.png - homepage.description: Cron alternative using DAGs (Directed Acyclic Graphs) - swag: enable - swag_port: 8080 - swag_proto: http - swag_url: cron.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://cron.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8108" - target: 8080 - restart: unless-stopped - volumes: - - source: dagu_config - target: /home/dagu/.config/dagu - type: volume - bind: - create_host_path: true - - source: dagu_data - target: /home/dagu/.local/share - type: volume - bind: - create_host_path: true - dbgate: - container_name: dbgate - environment: - CONNECTIONS: authelia-pg,bitmagnet-pg-db,gitea-db,invidious-db,joplin-db,lobe-chat-pg-db,mariadb,mastodon-pg-db,mongodb,netbox-db,pgbackweb,pgbackweb-db,plausible-db,plausible-events-db,reactive-resume-pg,sonarqube-pg-db,synapse-db,tandoor-pg,traccar-pg,whodb,zitadel-pg-db - - LOGIN: TrezOne - PASSWORD: ${DBGATE_LOGIN_PASSWORD} - - LABEL_mariadb: mariadb - SERVER_mariadb: mariadb - USER_mariadb: root - PASSWORD_mariadb: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD} - PORT_mariadb: 3306 - ENGINE_mariadb: mariadb@dbgate-plugin-mysql - - LABEL_authelia-pg: authelia-pg - SERVER_authelia-pg: authelia-pg - USER_authelia-pg: authelia - DATABASE_authelia-pg: authelia - PASSWORD_authelia-pg: ${BITMAGNET_POSTGRESQL_PASSWORD} - PORT_authelia-pg: 5432 - ENGINE_authelia-pg: postgres@dbgate-plugin-postgres - - LABEL_bitmagnet-pg-db: bitmagnet-pg-db - SERVER_bitmagnet-pg-db: bitmagnet-pg-db - USER_bitmagnet-pg-db: bitmagnet-pg - DATABASE_bitmagnet-pg-db: bitmagnet - PASSWORD_bitmagnet-pg-db: ${BITMAGNET_POSTGRESQL_PASSWORD} - PORT_bitmagnet-pg-db: 5432 - ENGINE_bitmagnet-pg-db: postgres@dbgate-plugin-postgres - - LABEL_gitea-db: gitea-db - SERVER_gitea-db: gitea-db - USER_gitea-db: gitea - PASSWORD_gitea-db: ${GITEA_PG_DB_PASSWORD} - DATABASE_gitea-db: gitea - PORT_gitea-db: 5432 - ENGINE_gitea-db: postgres@dbgate-plugin-postgres - - LABEL_invidious-db: invidious-db - SERVER_invidious-db: invidious-db - USER_invidious-db: kemal - PASSWORD_invidious-db: ${INVID_PG_DB_PASSWORD} - PORT_invidious-db: 5432 - DATABASE_invidious-db: invidious - ENGINE_invidious-db: postgres@dbgate-plugin-postgres - - LABEL_joplin-db: joplin-db - SERVER_joplin-db: joplin-db - USER_joplin-db: ${JOPLIN_POSTGRES_USER} - PASSWORD_joplin-db: ${JOPLIN_POSTGRES_DATABASE} - DATABASE_joplin-db: joplin - PORT_joplin-db: 5432 - ENGINE_joplin-db: postgres@dbgate-plugin-postgres - - LABEL_lobe-chat-pg-db: lobe-chat-pg-db - SERVER_lobe-chat-pg-db: lobe-chat-pg-db - USER_lobe-chat-pg-db: lobe - PASSWORD_lobe-chat-pg-db: ${GITEA_PG_DB_PASSWORD} - DATABASE_lobe-chat-pg-db: lobe - PORT_lobe-chat-pg-db: 5432 - ENGINE_lobe-chat-pg-db: postgres@dbgate-plugin-postgres - - LABEL_mastodon-pg-db: mastodon-pg-db - SERVER_mastodon-pg-db: mastodon-pg-db - USER_mastodon-pg-db: mastodon - PASSWORD_mastodon-pg-db: ${MASTODON_PG_DB_PASSWORD} - DATABASE_mastodon-pg-db: mastodon - PORT_mastodon-pg-db: 5432 - ENGINE_mastodon-pg-db: postgres@dbgate-plugin-postgres - - LABEL_mongodb: mongodb - URI_mongodb: mongodb://root:${MONGO_INITDB_ROOT_PASSWORD}@mongodb:27017 - ENGINE_mongodb: mongo@dbgate-plugin-mongo-v2 - - LABEL_netbox-db: netbox-db - SERVER_netbox-db: netbox-db - USER_netbox-db: netbox - PASSWORD_netbox-db: ${NETBOX_PG_DB_PASSWORD} - PORT_netbox-db: 5432 - DATABASE_netbox-db: netbox - ENGINE_netbox-db: postgres@dbgate-plugin-postgres - - LABEL_pgbackweb-db: pgbackweb-db - SERVER_pgbackweb-db: pgbackweb-db - USER_pgbackweb-db: pgbackweb - PASSWORD_pgbackweb-db: ${PGBACKWEB_PG_DB_PASSWD} - PORT_pgbackweb-db: 5432 - ENGINE_pgbackweb-db: postgres@dbgate-plugin-postgres - - LABEL_plausible-db: plausible-db - SERVER_plausible-db: plausible-db - USER_plausible-db: plausible - PASSWORD_plausible-db: ${PLAUSIBLE_PG_PASSWORD} - PORT_plausible-db: 5432 - ENGINE_plausible-db: postgres@dbgate-plugin-postgres - - LABEL_reactive-resume-pg: reactive-resume-pg - SERVER_reactive-resume-pg: reactive-resume-pg - USER_reactive-resume-pg: reactiveresume - PASSWORD_reactive-resume-pg: ${REACTIVE_RESUME_PGSQL_PASSWORD} - PORT_reactive-resume-pg: 5432 - ENGINE_reactive-resume-pg: postgres@dbgate-plugin-postgres - - LABEL_sonarqube-pg-db: sonarqube-pg-db - SERVER_sonarqube-pg-db: sonarqube-pg-db - USER_sonarqube-pg-db: sonar - PASSWORD_sonarqube-pg-db: ${SONARQUBE_POSTGRES_PASSWORD} - PORT_sonarqube-pg-db: 5432 - ENGINE_sonarqube-pg-db: postgres@dbgate-plugin-postgres - - LABEL_synapse-db: synapse-db - SERVER_synapse-db: synapse-db - USER_synapse-db: synapse - PASSWORD_synapse-db: ${SYNAPSE_POSTGRES_PASSWORD} - PORT_synapse-db: 5432 - ENGINE_synapse-db: postgres@dbgate-plugin-postgres - - LABEL_tandoor-pg: tandoor-pg - SERVER_tandoor-pg: tandoor-pg - USER_tandoor-pg: tandoor - PASSWORD_tandoor-pg: ${TANDOOR_POSTGRES_PASSWORD} - PORT_tandoor-pg: 5432 - ENGINE_tandoor-pg: postgres@dbgate-plugin-postgres - - LABEL_traccar-pg: traccar-pg - SERVER_traccar-pg: traccar-pg - USER_traccar-pg: ${TRACCAR_POSTGRES_USER} - PASSWORD_traccar-pg: ${TRACCAR_POSTGRES_PASSWORD} - PORT_traccar-pg: 5432 - ENGINE_traccar-pg: postgres@dbgate-plugin-postgres - - LABEL_zitadel-pg-db: zitadel-pg-db - SERVER_zitadel-pg-db: zitadel-pg-db - USER_zitadel-pg-db: root - PASSWORD_zitadel-pg-db: ${ZITADEL_DB_ADMIN_PASSWORD} - PORT_zitadel-pg-db: 5432 - ENGINE_zitadel-pg-db: postgres@dbgate-plugin-postgres - image: dbgate/dbgate:alpine - labels: - homepage.group: System Administration - homepage.name: DbGate - homepage.href: https://dbs.${MY_TLD} - homepage.icon: sh-dbgate.png - homepage.description: Cross-platform database manager - swag: enable - swag_port: 3000 - swag_proto: http - swag_url: dbs.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://dbs.${MY_TLD} - ports: - - 49054:3000 - restart: unless-stopped - volumes: - - dbgate-data:/root/.dbgate - delugevpn: - cap_add: - - NET_ADMIN - - SYS_MODULE - container_name: delugevpn - environment: - ENABLE_PRIVOXY: "no" - LAN_NETWORK: 192.168.1.0/24 - NAME_SERVERS: 192.168.1.254,1.1.1.1 - PGID: "1000" - PUID: "1000" - TZ: America/New_York - VPN_CLIENT: openvpn - VPN_ENABLED: "yes" - VPN_INPUT_PORTS: "" - VPN_OPTIONS: "" - VPN_OUTPUT_PORTS: "" - VPN_PASS: QGXRAYAwzVv9X84MAK2gPYq2Mt6ztdoA - VPN_PROV: pia - VPN_USER: p3120278 - hostname: Rinoa - image: ghcr.io/binhex/arch-delugevpn:latest - labels: - homepage.group: Downloaders - homepage.name: DelugeVPN - homepage.href: https://deluge.${MY_TLD} - homepage.icon: deluge.png - homepage.description: Torrent over VPN - homepage.widget.type: deluge - homepage.widget.url: http://delugevpn:8112 - homepage.widget.password: ${DELUGEVPN_PASSWORD} - swag: enable - swag_port: 8112 - swag_proto: http - swag_url: deluge.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://deluge.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "58846" - target: 58846 - - mode: ingress - protocol: tcp - published: "58946" - target: 58946 - - mode: ingress - protocol: tcp - published: "6881" - target: 6881 - - mode: ingress - protocol: tcp - published: "8112" - target: 8112 - - mode: ingress - protocol: tcp - published: "8118" - target: 8118 - privileged: true - restart: unless-stopped - sysctls: - net.ipv4.conf.all.src_valid_mark: "1" - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/delugevpn - target: /config - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - docker-socket-proxy: - container_name: dockerproxy - environment: - AUTH: 1 - BUILD: 1 - COMMIT: 1 - CONFIGS: 1 - CONTAINERS: 1 - DISTRIBUTION: 1 - EVENTS: 1 - EXEC: 1 - GPRC: 1 - IMAGES: 1 - INFO: 1 - NETWORKS: 1 - NODES: 1 - POST: 1 - PLUGINS: 1 - SERVICES: 1 - SESSION: 1 - SYSTEM: 1 - TASKS: 1 - VOLUMES: 1 - LOG_LEVEL: debug - image: ghcr.io/tecnativa/docker-socket-proxy:latest - labels: - komodo.skip: s - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "2375" - target: 2375 - privileged: true - restart: unless-stopped - volumes: - - bind: - create_host_path: true - source: /var/run/docker.sock - target: /var/run/docker.sock - type: bind - docuseal: - container_name: docuseal - image: docuseal/docuseal:latest - labels: - homepage.group: Personal Services - homepage.name: Docuseal - homepage.href: https://docs.${MY_TLD} - homepage.description: OSS Document Signing & Verification - homepage.icon: docuseal.png - swag: enable - swag_proto: http - swag_port: 3000 - swag_url: sign.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://sign.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "3002" - target: 3000 - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/docuseal - target: /data - type: bind - bind: - create_host_path: true - duplicati: - container_name: duplicati - environment: - PGID: "1000" - PUID: "1000" - TZ: America/New_York - hostname: Rinoa - image: lscr.io/linuxserver/duplicati:latest - labels: - swag: enable - swag_port: 8200 - swag_proto: http - swag_url: dup.${MY_TLD} - homepage.group: Automation - homepage.name: Duplicati - homepage.href: https://dup.${MY_TLD} - homepage.icon: duplicati.png - homepage.description: Data backup - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8282" - target: 8200 - - ${DUPLICATI_PORT_8200}:8200 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/duplicati - target: /config - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - - bind: - create_host_path: true - source: /home/charish/.config/appdata/backups - target: /backups - type: bind - - bind: - create_host_path: true - source: /home/charish/.config/appdata - target: /source - type: bind - fastenhealth: - container_name: fastenhealth - image: ghcr.io/fastenhealth/fasten-onprem:main - labels: - homepage.group: Lifestyle - homepage.name: Fasten - homepage.icon: sh-fasten-health.svg - homepage.href: http://health.${MY_TLD} - homepage.description: Open-source, self-hosted, personal/family electronic medical record aggregator - swag: enable - swag_proto: http - swag_port: 8080 - swag_url: health.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://health.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8105" - target: 8080 - restart: unless-stopped - volumes: - - source: fastenhealth-cache - target: /opt/fasten/cache - type: volume - volume: {} - - source: fastenhealth-db - target: /opt/fasten/db - type: volume - volume: {} - flaresolverr: - container_name: flaresolverr - environment: - CAPTCHA_SOLVER: none - LOG_HTML: false - LOG_LEVEL: info - PORT: 8191 - TZ: America/New_York - BROWSER_TIMEOUT: 40000 - TEST_URL: https://duckduckgo.com - hostname: Rinoa - image: ghcr.io/flaresolverr/flaresolverr:latest - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8191" - target: 8191 - restart: unless-stopped - sysctls: - - net.ipv6.conf.all.disable_ipv6=1 - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - ghost: - container_name: ghost_blog - depends_on: - mariadb: - condition: service_started - required: true - restart: true - environment: - database__client: mysql - database__connection__host: mariadb - database__connection__port: 3306 - database__connection__user: ${GHOST_DB_USER} - database__connection__password: ${GHOST_DB_PASSWORD} - database__connection__database: ghost_db - mail__transport: SMTP - mail__options__host: postal-smtp - mail__options__port: 25 - mail__options__secure: false - mail__options__auth__user: ${POSTAL_SMTP_AUTH_USER} - mail__options__auth__pass: ${POSTAL_SMTP_AUTH_PASSWORD} - mail__from: "noreply@trez.wtf" - url: https://blog.${MY_TLD} - image: ghost:latest - labels: - homepage.group: Lifestyle - homepage.name: Ghost - homepage.href: https://blog.${MY_TLD} - homepage.icon: ghost.png - homepage.description: Personal blog - swag: enable - swag_port: 2368 - swag_proto: http - swag_url: blog.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://blog.${MY_TLD} - links: - - mariadb - networks: - default: null - restart: always - gitea: - container_name: gitea - depends_on: - gitea-db: - condition: service_healthy - required: true - environment: - USER_UID: ${PUID} - USER_GID: ${PGID} - GITEA__database__DB_TYPE: postgres - GITEA__database__HOST: gitea-db:5432 - GITEA__database__NAME: gitea - GITEA__database__USER: gitea - GITEA__database__PASSWD: ${GITEA_PG_DB_PASSWORD} - GITEA__mailer__ENABLED: true - GITEA__mailer__FROM: '"Gitea" ' - GITEA__mailer__PROTOCOL: smtp - GITEA__mailer__SMTP_ADDR: postal-smtp - GITEA__mailer__SMTP_PORT: 25 - GITEA__mailer__USER: ${POSTAL_SMTP_AUTH_USER} - GITEA__mailer__PASSWD: ${POSTAL_SMTP_AUTH_PASSWORD} - image: gitea/gitea:1.23.1 - labels: - homepage.group: Code/DevOps - homepage.name: Gitea - homepage.href: https://git.${MY_TLD} - homepage.icon: gitea.svg - homepage.description: Private Code Repo - homepage.widget.type: gitea - homepage.widget.url: http://gitea:3000 - homepage.widget.key: ${GITEA_HOMEPAGE_API_KEY} - swag: enable - swag_url: git.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://git.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "3013" - target: 3000 - - mode: ingress - protocol: tcp - published: "222" - target: 22 - restart: always - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/gitea - target: /data/gitea - type: bind - bind: - create_host_path: true - - bind: - create_host_path: true - read_only: true - source: /etc/timezone - target: /etc/timezone - type: bind - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - gitea-db: - container_name: gitea-db - environment: - POSTGRES_USER: gitea - POSTGRES_PASSWORD: ${GITEA_PG_DB_PASSWORD} - POSTGRES_DB: gitea - expose: - - 5432 - healthcheck: - interval: 10s - start_period: 20s - test: - - CMD-SHELL - - pg_isready - image: postgres:14 - networks: - default: null - restart: always - volumes: - - source: gitea-pg-db - target: /var/lib/postgresql/data - type: volume - volume: {} - gitea-opengist: - container_name: gitea-opengist - environment: - OG_LOG_LEVEL: warn - OG_EXTERNAL_URL: https://gist.trez.wtf - OG_GIT_DEFAULT_BRANCH: "main" - OG_GITEA_CLIENT_KEY: ${OPENGIST_GITEA_CLIENT_KEY} - OG_GITEA_SECRET: ${OPENGIST_GITEA_SECRET} - OG_GITEA_URL: https://git.trez.wtf - OG_GITEA_NAME: "Gitea @ Rinoa" - OG_SSH_EXTERNAL_DOMAIN: gist-ssh.trez.wtf - image: ghcr.io/thomiceli/opengist:latest - labels: - homepage.description: Private Code Gists - homepage.group: Code/DevOps - homepage.href: https://gist.trez.wtf - homepage.icon: sh-opengist.svg - homepage.name: Opengist - swag: enable - swag.uptime-kuma.enabled: "true" - swag.uptime-kuma.monitor.url: https://gist.trez.wtf - swag_port: "6157" - swag_proto: http - swag_url: gist.trez.wtf - ports: - - "6157:6157" # HTTP port - - "2222:2222" # SSH port, can be removed if you don't use SSH - restart: always - volumes: - - ${DOCKER_VOLUME_CONFIG}/gitea/opengist:/opengist - gitea-runner: - container_name: gitea-runner - depends_on: - gitea: - condition: service_started - environment: - CONFIG_FILE: /config.yaml - DOCKER_HOST: tcp://dockerproxy:2375 - GITEA_INSTANCE_URL: https://git.trez.wtf - GITEA_RUNNER_REGISTRATION_TOKEN: "${GITEA_RUNNER_REGISTRATION_TOKEN}" - GITEA_RUNNER_NAME: "gitea-runner-1" - image: gitea/act_runner:latest - ports: - - 63604:63604 - restart: always - volumes: - - ${DOCKER_VOLUME_CONFIG}/gitea/act-runner/config.yaml:/config.yaml - gitea-sonarqube-bot: - container_name: gitea-sonarqube-bot - depends_on: - gitea: - condition: service_started - sonarqube: - condition: service_started - image: justusbunsi/gitea-sonarqube-bot:v0.4.0 - environment: - GITEA_SQ_BOT_PORT: 58525 - GITEA_SQ_BOT_CONFIG_PATH: /home/bot/config/config.yaml - ports: - - 58525:58525 - restart: unless-stopped - volumes: - - ${DOCKER_VOLUME_CONFIG}/gitea/sonarqube-bot/:/home/bot/config/ - gluetun: - cap_add: - - NET_ADMIN - container_name: gluetun - environment: - OPENVPN_PASSWORD: ${DELUGEVPN_ENVIRONMENT_VPN_PASS} - OPENVPN_USER: ${DELUGEVPN_ENVIRONMENT_VPN_USER} - PORT_FORWARD_ONLY: true - SERVER_REGIONS: Bahamas,Belgium,Cyprus,Estonia,FI Helsinki,Iceland,Latvia,Lithuania,Luxembourg,Montenegro,Netherlands,Portugal,DK Copenhagen,Ukraine,Uruguay - VPN_SERVICE_PROVIDER: private internet access - expose: - - 8000 - extra_hosts: - - bitmagnet-pg-db:192.168.55.8 - image: qmcgaw/gluetun:latest - networks: - bitmagnet: - ipv4_address: 192.168.55.7 - default: null - ports: - - mode: ingress - protocol: tcp - published: "3333" - target: 3333 - - mode: ingress - protocol: tcp - published: "3334" - target: 3334 - - mode: ingress - protocol: udp - published: "3334" - target: 3334 - - mode: ingress - protocol: tcp - published: "5030" - target: 5030 - - mode: ingress - protocol: tcp - published: "5031" - target: 5031 - - mode: ingress - protocol: tcp - published: "50300" - target: 50300 - restart: always - gotify: - container_name: gotify - environment: - GOTIFY_SERVER_PORT: 80 - GOTIFY_SERVER_KEEPALIVEPERIODSECONDS: 0 - GOTIFY_SERVER_LISTENADDR: - GOTIFY_SERVER_SSL_ENABLED: false - GOTIFY_SERVER_SSL_REDIRECTTOHTTPS: true - GOTIFY_SERVER_SSL_LISTENADDR: - GOTIFY_SERVER_SSL_PORT: 443 - GOTIFY_SERVER_SSL_CERTFILE: - GOTIFY_SERVER_SSL_CERTKEY: - GOTIFY_SERVER_SSL_LETSENCRYPT_ENABLED: false - GOTIFY_SERVER_SSL_LETSENCRYPT_ACCEPTTOS: false - GOTIFY_SERVER_SSL_LETSENCRYPT_CACHE: certs - GOTIFY_SERVER_STREAM_PINGPERIODSECONDS: 45 - GOTIFY_DATABASE_DIALECT: sqlite3 - GOTIFY_DATABASE_CONNECTION: data/gotify.db - GOTIFY_DEFAULTUSER_NAME: admin - GOTIFY_DEFAULTUSER_PASS: ${GOTIFY_PASSWORD} - GOTIFY_PASSSTRENGTH: 10 - GOTIFY_UPLOADEDIMAGESDIR: data/images - GOTIFY_PLUGINSDIR: data/plugins - GOTIFY_REGISTRATION: false - image: gotify/server - labels: - homepage.group: Infrastructure/App Performance Monitoring - homepage.name: Gotify - homepage.href: https://gotify.${MY_TLD} - homepage.icon: gotify.png - homepage.description: Notification System - homepage.widget.type: gotify - homepage.widget.url: http://gotify - homepage.widget.key: ${GOTIFY_HOMEPAGE_CLIENT_KEY} - swag: enable - swag_proto: http - swag.uptime-kuma.enabled: true - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8097" - target: 80 - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/gotify - target: /app/data - type: bind - bind: - create_host_path: true - grafana: - container_name: grafana - depends_on: - grafana-alloy: - condition: service_started - required: true - environment: - GF_INSTALL_PLUGINS: grafana-piechart-panel - TZ: America/New_York - hostname: Rinoa - image: grafana/grafana-enterprise:latest - labels: - homepage.group: Infrastructure/App Performance Monitoring - homepage.name: Grafana (LGTM) - homepage.href: https://mon.${MY_TLD} - homepage.description: Monitoring Dashboard for metrics, logs, traces, & profiles - homepage.icon: grafana.png - homepage.widget.type: grafana - homepage.widget.url: http://grafana:3000 - homepage.widget.username: admin - homepage.widget.password: ${GRAFANA_ADMIN_PASSWORD} - swag: enable - swag_proto: http - swag_url: mon.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://mon.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "3006" - target: 3000 - restart: unless-stopped - user: 1000:1000 - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - source: ${DOCKER_VOLUME_CONFIG}/grafana/data - target: /var/lib/grafana - type: bind - bind: - create_host_path: true - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - grafana-alloy: - cap_add: - - SYS_ADMIN - - SYS_TIME - - BPF - - SYSLOG - command: run --disable-reporting=true --stability.level=public-preview --server.http.listen-addr=0.0.0.0:12345 /etc/alloy/config.alloy - container_name: grafana-alloy - environment: - DOCKER_HOST: tcp://dockerproxy:2375 - image: grafana/alloy:latest - labels: - homepage.group: Infrastructure/App Performance Monitoring - homepage.name: Grafana Alloy - homepage.description: Agent for metric/log/trace/profile collection and writing - homepage.href: http://192.168.1.254:12345 - homepage.icon: sh-grafana-alloy.svg - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "12345" - target: 12345 - privileged: true - restart: always - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/grafana/alloy/config.alloy - target: /etc/alloy/config.alloy - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/grafana/alloy/endpoints.json - target: /etc/alloy/endpoints.json - type: bind - bind: - create_host_path: true - - bind: - create_host_path: true - read_only: true - source: /proc - target: /host/proc - type: bind - - bind: - create_host_path: true - read_only: true - source: /sys - target: /host/sys - type: bind - - bind: - create_host_path: true - read_only: true - source: / - target: /rootfs - type: bind - grafana-loki: - command: -config.file=/etc/loki/loki-config.yaml - container_name: grafana-loki - depends_on: - grafana-alloy: - condition: service_started - required: true - image: grafana/loki:latest - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "3100" - target: 3100 - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/grafana/loki/loki-config.yaml - target: /etc/loki/loki-config.yaml - type: bind - bind: - create_host_path: true - grafana-mimir: - command: - - -ingester.native-histograms-ingestion-enabled=true - - -config.file=/etc/mimir.yaml - container_name: grafana-mimir - depends_on: - grafana-alloy: - condition: service_started - required: true - image: grafana/mimir:latest - labels: - homepage.group: Infrastructure/App Performance Monitoring - homepage.name: Grafana Mimir - homepage.href: http://192.168.1.254:9009 - homepage.description: Long-term metrics storage - homepage.icon: /icons/grafana-mimir.png - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "9009" - target: 9009 - restart: unless-stopped - volumes: - - source: grafana-mimir-data - target: /data - type: volume - volume: {} - - source: ${DOCKER_VOLUME_CONFIG}/grafana/mimir/mimir.yaml - target: /etc/mimir.yaml - type: bind - bind: - create_host_path: true - grafana-mimir-memcached: - container_name: grafana-mimir-memcached - depends_on: - grafana-alloy: - condition: service_started - required: true - environment: - MEMCACHED_MEMORY_LIMIT: 1g - MEMCACHED_THREADS: 4 - MEMCACHED_MAX_CONNECTIONS: 2048 - MEMCACHED_TCP_PORT: 11211 - MEMCACHED_UDP_PORT: 11211 - image: memcached - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "11211" - target: 11211 - restart: unless-stopped - grafana-pyroscope: - command: - - -config.file=/etc/pyroscope.yml - container_name: grafana-pyroscope - depends_on: - grafana-alloy: - condition: service_started - required: true - image: grafana/pyroscope:latest - labels: - homepage.group: Infrastructure/App Performance Monitoring - homepage.name: Grafana Pyroscope - homepage.description: Profiling for applications - homepage.href: http://192.168.1.254:4040 - homepage.icon: /icons/grafana-pyroscope.svg - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "4040" - target: 4040 - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/grafana/pyroscope/config.yaml - target: /etc/pyroscope.yml - type: bind - bind: - create_host_path: true - grafana-tempo: - command: - - -config.file=/etc/tempo.yaml - container_name: grafana-tempo - depends_on: - grafana-alloy: - condition: service_started - required: true - image: grafana/tempo:latest - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "14268" - target: 14268 - - mode: ingress - protocol: tcp - published: "3200" - target: 3200 - - mode: ingress - protocol: tcp - published: "9095" - target: 9095 - - mode: ingress - protocol: tcp - published: "4317" - target: 4317 - - mode: ingress - protocol: tcp - published: "4318" - target: 4318 - - mode: ingress - protocol: tcp - published: "9411" - target: 9411 - restart: unless-stopped - volumes: - - source: grafana-tempo-data - target: /var/tempo - type: volume - volume: {} - - source: ${DOCKER_VOLUME_CONFIG}/grafana/tempo/tempo.yaml - target: /etc/tempo.yaml - type: bind - bind: - create_host_path: true - guacamole: - container_name: guacamole - environment: - DOCKER_HOST: tcp://dockerproxy:2375 - EXTENSIONS: 'auth-totp' - TZ: ${TZ} - image: flcontainers/guacamole:latest - labels: - homepage.group: System Administration - homepage.name: Guacamole - homepage.description: Client-less remote desktop gateway - homepage.href: https://guac.trez.wtf - homepage.icon: guacamole.svg - swag: enable - swag_proto: http - swag_port: 8080 - swag_url: guac.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://guac.${MY_TLD} - ports: - - 62173:8080 - restart: always - volumes: - - ${DOCKER_VOLUME_CONFIG}/guacamole/:/config - - /etc/localtime:/etc/localtime:ro - homepage: - container_name: homepage - image: ghcr.io/gethomepage/homepage:latest - labels: - swag_server_custom_directive: access_log /config/log/$$host_access.log ; error_log /config/log/$$host_error.log ; - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "3004" - target: 3000 - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/homepage - target: /app/config - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/homepage/images - target: /app/public/images - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/homepage/icons - target: /app/public/icons - type: bind - bind: - create_host_path: true - - read_only: true - source: ${DOCKER_VOLUME_STORAGE} - target: /rinoa-storage - type: bind - bind: - create_host_path: true - hortusfox: - container_name: hortusfox - depends_on: - mariadb: - condition: service_started - required: true - restart: true - environment: - APP_ADMIN_EMAIL: charish.patel@trez.wtf - APP_ADMIN_PASSWORD: ${HORTUSFOX_ADMIN_PASSWORD} - DB_CHARSET: utf8mb4 - DB_DATABASE: hortusfox - DB_HOST: mariadb - DB_PASSWORD: ${HORTUSFOX_DB_PASSWORD} - DB_PORT: 3306 - DB_USERNAME: hortusfox - image: ghcr.io/danielbrendel/hortusfox-web:latest - labels: - swag: enable - swag_proto: http - swag_url: plants.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://plants.${MY_TLD} - homepage.group: Lifestyle - homepage.name: HortusFox - homepage.href: https://plants.${MY_TLD} - homepage.icon: hortusfox.png - homepage.description: Plant management system - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8006" - target: 80 - restart: unless-stopped - volumes: - - source: hortusfox_app_images - target: /var/www/html/public/img - type: volume - volume: {} - - source: hortusfox_app_logs - target: /var/www/html/app/logs - type: volume - volume: {} - - source: hortusfox_app_backup - target: /var/www/html/public/backup - type: volume - volume: {} - - source: hortusfox_app_themes - target: /var/www/html/public/themes - type: volume - volume: {} - - source: hortusfox_app_migrate - target: /var/www/html/app/migrations - type: volume - volume: {} - hugo: - command: hugo server --baseURL "it-services.trez.wtf" --bind 0.0.0.0 --appendPort=false --source=/src/it-services --configDir=/src/it-services/config/ -e production --logLevel debug - container_name: hugo - image: hugomods/hugo:exts - labels: - swag: enable - swag_proto: http - swag_port: 1313 - swag_url: it-services.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://it-services.${MY_TLD} - homepage.group: Professional Services - homepage.name: Hugo - homepage.href: https://it-services.${MY_TLD} - homepage.icon: hugo.svg - homepage.description: Static site - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "1313" - target: 1313 - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/hugo/ - target: /src - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/hugo/cache - target: /tmp/hugo_cache - type: bind - bind: - create_host_path: true - immich-server: - container_name: immich-server - depends_on: - redis: - condition: service_started - required: true - immich-pg-db: - condition: service_started - required: true - environment: - DB_DATABASE_NAME: immich - DB_HOSTNAME: immich-pg-db - DB_PORT: 5432 - DB_USERNAME: immich - DB_PASSWORD: ${IMMICH_DB_PASSWORD} - IMMICH_TELEMETRY_INCLUDE: all - healthcheck: - disable: false - image: ghcr.io/immich-app/immich-server:release - ports: - - 2283:2283 - restart: always - volumes: - # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file - - ${DOCKER_VOLUME_STORAGE}/Pics:/usr/src/app/upload - - /etc/localtime:/etc/localtime:ro - immich-machine-learning: - container_name: immich-machine-learning - depends_on: - immich-server: - condition: service_started - required: true - healthcheck: - disable: false - image: ghcr.io/immich-app/immich-machine-learning:release - restart: always - volumes: - - immich-model-cache:/cache - immich-pg-db: - command: >- - postgres - -c shared_preload_libraries=vectors.so - -c 'search_path="$$user", public, vectors' - -c logging_collector=on - -c max_wal_size=2GB - -c shared_buffers=512MB - -c wal_compression=on - container_name: immich-pg-db - environment: - POSTGRES_PASSWORD: ${IMMICH_DB_PASSWORD} - POSTGRES_USER: immich - POSTGRES_DB: immich - expose: - - 5432 - healthcheck: - test: >- - pg_isready --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" || exit 1; - Chksum="$$(psql --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" --tuples-only --no-align - --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; - echo "checksum failure count is $$Chksum"; - [ "$$Chksum" = '0' ] || exit 1 - interval: 5m - start_interval: 30s - start_period: 5m - image: tensorchord/pgvecto-rs:pg14-v0.2.1 - restart: unless-stopped - volumes: - - ${DOCKER_VOLUME_CONFIG}/immich/db:/var/lib/postgresql/data - immich-public-proxy: - container_name: immich-public-proxy - depends_on: - immich-server: - condition: service_started - required: true - environment: - IMMICH_URL: http://immich-server:2283 - expose: - - 3000 - healthcheck: - test: wget -q --spider http://localhost:3000/share/healthcheck || exit 1 - start_period: 10s - timeout: 5s - image: alangrainger/immich-public-proxy:latest - labels: - swag: enable - swag_proto: http - swag_port: 3000 - swag_url: pics.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://pics.${MY_TLD} - homepage.group: Lifestyle - homepage.name: Immich - homepage.href: https://pics.${MY_TLD} - homepage.icon: immich.svg - homepage.description: High performance self-hosted photo and video management solution - restart: always - immich-power-tools: - container_name: immich-power-tools - environment: - IMMICH_API_KEY: ${IMMICH_POWER_TOOLS_KEY} - IMMICH_URL: http://immich-server:2283 - EXTERNAL_IMMICH_URL: https://pics.trez.wtf - image: ghcr.io/varun-raj/immich-power-tools:latest - ports: - - 54018:3000 - influxdb2: - container_name: influxdb2 - environment: - DOCKER_INFLUXDB_INIT_MODE: setup - DOCKER_INFLUXDB_INIT_USERNAME: admin - DOCKER_INFLUXDB_INIT_PASSWORD: ${INFLUXDB2_ADMIN_PASSWORD} - DOCKER_INFLUXDB_INIT_ADMIN_TOKEN: /run/secrets/influxdb2-admin-token - DOCKER_INFLUXDB_INIT_ORG: rinoa - DOCKER_INFLUXDB_INIT_BUCKET: rinoa - image: influxdb:2-alpine - labels: - swag: enable - swag_proto: http - swag_port: 8086 - swag_url: influxdb.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://influxdb.${MY_TLD} - homepage.group: System Administration - homepage.name: InfluxDBv2 - homepage.href: https://influxdb.${MY_TLD} - homepage.icon: influxdb.svg - homepage.description: Scalable datastore for metrics, events, and real-time analytics - ports: - - 8086:8086 - volumes: - - influxdb2-data:/var/lib/influxdb2 - - influxdb2-config:/etc/influxdb2 - invidious: - container_name: invidious - depends_on: - invidious-db: - condition: service_started - required: true - environment: - INVIDIOUS_CONFIG: | - db: - dbname: invidious - user: kemal - password: ${INVID_PG_DB_PASSWORD} - host: invidious-db - port: 5432 - check_tables: true - # external_port: - # domain: - # https_only: false - # statistics_enabled: false - hmac_key: "8Qyuvl9TWYdkvVo8BJ14qM4HBshKieR3KvDc3vsECx1L4OR51i-EtW2K74MmAVHeNPmJetM67T0M-9FIm7b-MA" - healthcheck: - interval: 30s - retries: 2 - test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/trending || exit 1 - timeout: 5s - image: quay.io/invidious/invidious:latest - labels: - swag: enable - swag_proto: http - swag_port: 3000 - swag_url: invid.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://invid.${MY_TLD} - homepage.group: Social - homepage.name: Invidious - homepage.href: https://invid.${MY_TLD} - homepage.icon: invidious.svg - homepage.description: Alternative YouTube frontend (privacy-focused, ad-blocking) - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "3007" - target: 3000 - restart: unless-stopped - invidious-db: - container_name: invidious-db - environment: - POSTGRES_DB: invidious - POSTGRES_PASSWORD: ${INVID_PG_DB_PASSWORD} - POSTGRES_USER: kemal - healthcheck: - test: - - CMD-SHELL - - pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB - image: docker.io/library/postgres:14 - networks: - default: null - restart: unless-stopped - volumes: - - source: invidious-postgres - target: /var/lib/postgresql/data - type: volume - volume: {} - - source: ${DOCKER_VOLUME_CONFIG}/invidious/sql - target: /config/sql - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/invidious/entrypoint/init-invidious-db.sh - target: /docker-entrypoint-initdb.d/init-invidious-db.sh - type: bind - bind: - create_host_path: true - invoice_ninja: - container_name: invoice_ninja - depends_on: - mariadb: - condition: service_started - required: true - restart: true - environment: - APP_DEBUG: true - APP_KEY: ${IN_APP_KEY} - APP_URL: http://invoice_ninja:8003 - DB_DATABASE: invoice_ninja - DB_HOST: mariadb - DB_PASSWORD: ${IN_MYSQL_PASSWORD} - DB_PORT: 3306 - DB_USERNAME: ininja - IN_PASSWORD: ${IN_PASSWORD} - IN_USER_EMAIL: charish.patel@trez.wtf - MAIL_ENCRYPTION: null - MAIL_FROM_ADDRESS: noreply@trez.wtf - MAIL_FROM_NAME: null - MAIL_HOST: postal-smtp - MAIL_MAILER: log - MAIL_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} - MAIL_PORT: 25 - MAIL_USERNAME: ${POSTAL_SMTP_AUTH_USER} - MYSQL_DATABASE: invoice_ninja - MYSQL_PASSWORD: ${IN_MYSQL_PASSWORD} - MYSQL_ROOT_PASSWORD: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD} - MYSQL_USER: ininja - PDF_GENERATOR: snappdf - PHANTOMJS_PDF_GENERATION: false - QUEUE_CONNECTION: database - REQUIRE_HTTPS: false - TRUSTED_PROXIES: 172.18.0.0/16 - expose: - - 9000 - image: invoiceninja/invoiceninja:5 - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8003" - target: 8003 - restart: always - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/invoice-ninja/app/public - target: /var/www/app/public - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/invoice-ninja/app/storage - target: /var/www/app/storage - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/invoice-ninja/php/php.ini - target: /usr/local/etc/php/php.ini - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/invoice-ninja/php/php-cli.ini - target: /usr/local/etc/php/php-cli.ini - type: bind - bind: - create_host_path: true - invoice_ninja_proxy: - container_name: invoice_ninja_proxy - depends_on: - invoice_ninja: - condition: service_started - required: true - environment: - APP_DEBUG: true - APP_KEY: ${IN_APP_KEY} - APP_URL: http://invoice_ninja:9000 - DB_DATABASE: invoice_ninja - DB_HOST: mariadb - DB_PASSWORD: ${IN_MYSQL_PASSWORD} - DB_PORT: 3306 - DB_USERNAME: ininja - IN_PASSWORD: ${IN_PASSWORD} - IN_USER_EMAIL: charish.patel@trez.wtf - MAIL_ENCRYPTION: null - MAIL_FROM_ADDRESS: noreply@trez.wtf - MAIL_FROM_NAME: null - MAIL_HOST: postal-smtp - MAIL_MAILER: log - MAIL_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} - MAIL_PORT: 25 - MAIL_USERNAME: ${POSTAL_SMTP_AUTH_USER} - MYSQL_DATABASE: invoice_ninja - MYSQL_PASSWORD: ${IN_MYSQL_PASSWORD} - MYSQL_ROOT_PASSWORD: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD} - MYSQL_USER: ininja - PDF_GENERATOR: snappdf - PHANTOMJS_PDF_GENERATION: false - QUEUE_CONNECTION: database - REQUIRE_HTTPS: false - TRUSTED_PROXIES: 172.18.0.0/16 - image: nginx - labels: - swag: enable - swag_proto: http - swag_url: biz.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://biz.${MY_TLD} - homepage.group: Professional Services - homepage.name: Invoice Ninja - homepage.href: https://biz.${MY_TLD} - homepage.icon: invoice-ninja.svg - homepage.description: Simple invoicing, multiple payment options, expense and vendor management, and more! - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8005" - target: 80 - restart: always - volumes: - - read_only: true - source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/proxy/invoice_ninja.conf - target: /etc/nginx/conf.d/in-vhost.conf - type: bind - bind: - create_host_path: true - - read_only: true - source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/app/public - target: /var/www/app/public - type: bind - bind: - create_host_path: true - it-tools: - container_name: it-tools - image: ghcr.io/corentinth/it-tools:latest - labels: - swag: enable - swag_proto: http - swag_url: itt.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://itt.${MY_TLD} - homepage.group: Code/DevOps - homepage.name: IT-Tools - homepage.href: https://itt.${MY_TLD} - homepage.icon: it-tools.svg - homepage.description: Useful tools for developers and people working in IT - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8104" - target: 80 - restart: unless-stopped - jellyfin: - container_name: jellyfin - environment: - JELLYFIN_PublishedServerUrl: https://jf.trez.wtf - image: jellyfin/jellyfin - labels: - homepage.group: Media Library - homepage.name: Jellyfin - homepage.icon: jellyfin.svg - homepage.href: https://jf.${MY_TLD} - homepage.description: Movie/TV Streaming - homepage.widget.type: jellyfin - homepage.widget.url: http://jellyfin:8096 - homepage.widget.key: ${JELLYFIN_API_KEY} - homepage.widget.enableBlocks: true - homepage.widget.enableNowPlaying: true - homepage.widget.enableUser: true - homepage.widget.showEpisodeNumber: true - homepage.widget.expandOneStreamToTwoRows: false - swag: enable - swag_url: jf.${MY_TLD} - swag_port: 8096 - swag_proto: http - swag.uptime-kuma.enabled: true - ports: - - 8487:8096 - - 7359:7359 - - 1900:1900 - restart: unless-stopped - volumes: - - ${DOCKER_VOLUME_CONFIG}/jellyfin:/config - - ${DOCKER_VOLUME_CONFIG}/jellyfin/cache:/cache - - ${DOCKER_VOLUME_STORAGE}/TV_Shows:/storage/tv - - ${DOCKER_VOLUME_STORAGE}/Movies:/storage/movies - - /etc/localtime:/etc/localtime - - /usr/share/fonts:/usr/local/share/fonts/custom - jitsi-etherpad: - container_name: jitsi-etherpad - environment: - TITLE: ${JITSI__ETHERPAD_TITLE} - DEFAULT_PAD_TEXT: ${JITSI__ETHERPAD_DEFAULT_PAD_TEXT} - SKIN_NAME: ${JITSI__ETHERPAD_SKIN_NAME} - SKIN_VARIANTS: ${JITSI__ETHERPAD_SKIN_VARIANTS} - SUPPRESS_ERRORS_IN_PAD_TEXT: true - image: etherpad/etherpad:1.8.6 - networks: - default: null - restart: unless-stopped - jitsi-jibri: - cap_add: - - SYS_ADMIN - container_name: jitsi-jibri - depends_on: - jitsi-jicofo: - condition: service_started - required: true - environment: - AUTOSCALER_SIDECAR_KEY_FILE: - AUTOSCALER_SIDECAR_KEY_ID: - AUTOSCALER_SIDECAR_GROUP_NAME: - AUTOSCALER_SIDECAR_HOST_ID: - AUTOSCALER_SIDECAR_INSTANCE_ID: - AUTOSCALER_SIDECAR_PORT: - AUTOSCALER_SIDECAR_REGION: - AUTOSCALER_SIDECAR_SHUTDOWN_POLLING_INTERVAL: - AUTOSCALER_SIDECAR_STATS_POLLING_INTERVAL: - AUTOSCALER_URL: - CHROMIUM_FLAGS: - DISPLAY: :0 - ENABLE_STATS_D: - JIBRI_WEBHOOK_SUBSCRIBERS: - JIBRI_HTTP_API_EXTERNAL_PORT: - JIBRI_HTTP_API_INTERNAL_PORT: - JIBRI_RECORDING_RESOLUTION: - JIBRI_RECORDING_VIDEO_ENCODE_PRESET: - JIBRI_RECORDING_CONSTANT_RATE_FACTOR: - JIBRI_RECORDING_FRAMERATE: - JIBRI_RECORDING_QUEUE_SIZE: - JIBRI_RECORDING_STREAMING_MAX_BITRATE: - JIBRI_USAGE_TIMEOUT: - JIBRI_XMPP_USER: - JIBRI_XMPP_PASSWORD: ${JITSI__JIBRI_XMPP_PASSWORD} - JIBRI_BREWERY_MUC: - JIBRI_RECORDER_USER: jibri-recorder - JIBRI_RECORDER_PASSWORD: ${JITSI__JIBRI_RECORDER_PASSWORD} - JIBRI_RECORDING_DIR: - JIBRI_FINALIZE_RECORDING_SCRIPT_PATH: - JIBRI_STRIP_DOMAIN_JID: - JIBRI_STATSD_HOST: - JIBRI_STATSD_PORT: - LOCAL_ADDRESS: - PUBLIC_URL: ${JITSI__PUBLIC_URL} - TZ: ${JITSI__TZ} - XMPP_AUTH_DOMAIN: - XMPP_DOMAIN: - XMPP_INTERNAL_MUC_DOMAIN: - XMPP_MUC_DOMAIN: - XMPP_RECORDER_DOMAIN: - XMPP_SERVER: - XMPP_PORT: - XMPP_TRUST_ALL_CERTS: - image: jitsi/jibri:${JITSI_IMAGE_VERSION:-stable} - networks: - default: null - restart: unless-stopped - shm_size: 2gb - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/jitsi/jibri - target: /config - type: bind - bind: - create_host_path: true - jitsi-jicofo: - container_name: focus.meet.jitsi - depends_on: - jitsi-prosody: - condition: service_started - required: true - environment: - AUTH_TYPE: - BRIDGE_AVG_PARTICIPANT_STRESS: - BRIDGE_STRESS_THRESHOLD: - ENABLE_AUTH: - ENABLE_AUTO_OWNER: - ENABLE_CODEC_VP8: - ENABLE_CODEC_VP9: - ENABLE_CODEC_H264: - ENABLE_CODEC_OPUS_RED: - ENABLE_JVB_XMPP_SERVER: - ENABLE_OCTO: - ENABLE_RECORDING: 1 - ENABLE_SCTP: - ENABLE_AUTO_LOGIN: - JICOFO_AUTH_LIFETIME: - JICOFO_AUTH_PASSWORD: ${JITSI__JICOFO_AUTH_PASSWORD} - JICOFO_AUTH_TYPE: - JICOFO_BRIDGE_REGION_GROUPS: - JICOFO_ENABLE_AUTH: - JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS: - JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT: - JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT: - JICOFO_CONF_SOURCE_SIGNALING_DELAYS: - JICOFO_CONF_MAX_AUDIO_SENDERS: - JICOFO_CONF_MAX_VIDEO_SENDERS: - JICOFO_CONF_STRIP_SIMULCAST: - JICOFO_CONF_SSRC_REWRITING: - JICOFO_ENABLE_HEALTH_CHECKS: - JICOFO_ENABLE_REST: - JICOFO_HEALTH_CHECKS_USE_PRESENCE: - JICOFO_MULTI_STREAM_BACKWARD_COMPAT: - JICOFO_OCTO_REGION: - JIBRI_BREWERY_MUC: - JIBRI_REQUEST_RETRIES: - JIBRI_PENDING_TIMEOUT: - JIGASI_BREWERY_MUC: - JIGASI_SIP_URI: - JVB_BREWERY_MUC: - JVB_XMPP_AUTH_DOMAIN: - JVB_XMPP_INTERNAL_MUC_DOMAIN: - JVB_XMPP_PORT: - JVB_XMPP_SERVER: - MAX_BRIDGE_PARTICIPANTS: - OCTO_BRIDGE_SELECTION_STRATEGY: - SENTRY_DSN: "${JICOFO_SENTRY_DSN:-0}" - SENTRY_ENVIRONMENT: - SENTRY_RELEASE: - TZ: ${JITSI__JIGAGI_SIP_SERVER} - XMPP_DOMAIN: - XMPP_AUTH_DOMAIN: - XMPP_INTERNAL_MUC_DOMAIN: - XMPP_MUC_DOMAIN: - XMPP_RECORDER_DOMAIN: - XMPP_SERVER: - XMPP_PORT: - image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable} - networks: - default: null - ports: - - 127.0.0.1:${JICOFO_REST_PORT:-8889}:8888 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - selinux: Z - source: ${DOCKER_VOLUME_CONFIG}/jitsi/jicofo - target: /config - type: bind - jitsi-jigasi: - container_name: jitsi-jigasi - depends_on: - jitsi-prosody: - condition: service_started - required: true - environment: - ENABLE_AUTH: 1 - ENABLE_GUESTS: 1 - XMPP_AUTH_DOMAIN: - XMPP_GUEST_DOMAIN: - XMPP_MUC_DOMAIN: - XMPP_INTERNAL_MUC_DOMAIN: - XMPP_SERVER: - XMPP_PORT: - XMPP_DOMAIN: - PUBLIC_URL: ${JITSI__PUBLIC_URL} - JIGASI_DISABLE_SIP: - JIGASI_SIP_URI: ${JITSI__SIP_URI} - JIGASI_SIP_PASSWORD: ${JITSI__JIGAGI_SIP_PASSWORD} - JIGASI_SIP_SERVER: ${JITSI__JIGAGI_SIP_SERVER} - JIGASI_SIP_PORT: ${JITSI__JIGAGI_SIP_PORT} - JIGASI_SIP_TRANSPORT: ${JITSI__JIGAGI_SIP_TRANSPORT} - JIGASI_SIP_DEFAULT_ROOM: - JIGASI_XMPP_USER: - JIGASI_XMPP_PASSWORD: ${JITSI__JIGASI_XMPP_PASSWORD} - JIGASI_BREWERY_MUC: - JIGASI_PORT_MIN: - JIGASI_PORT_MAX: - JIGASI_HEALTH_CHECK_SIP_URI: - JIGASI_HEALTH_CHECK_INTERVAL: - JIGASI_SIP_KEEP_ALIVE_METHOD: - JIGASI_ENABLE_SDES_SRTP: - ENABLE_TRANSCRIPTIONS: - JIGASI_TRANSCRIBER_ADVERTISE_URL: - JIGASI_TRANSCRIBER_RECORD_AUDIO: - JIGASI_TRANSCRIBER_SEND_TXT: - GC_PROJECT_ID: - GC_PRIVATE_KEY_ID: - GC_PRIVATE_KEY: - GC_CLIENT_EMAIL: - GC_CLIENT_ID: - GC_CLIENT_CERT_URL: - SHUTDOWN_REST_ENABLED: - SENTRY_DSN: "${JIGASI_SENTRY_DSN:-0}" - SENTRY_ENVIRONMENT: - SENTRY_RELEASE: - TZ: ${JITSI__TZ} - image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-stable} - networks: - default: null - ports: - - ${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}:${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}/udp - restart: unless-stopped - volumes: - - bind: - create_host_path: true - selinux: Z - source: ${DOCKER_VOLUME_CONFIG}/jitsi/jigasi - target: /config - type: bind - - bind: - create_host_path: true - selinux: Z - source: ${DOCKER_VOLUME_CONFIG}/jitsi/transcripts - target: /tmp/transcripts - type: bind - jitsi-jvb: - container_name: video.meet.jitsi - depends_on: - jitsi-prosody: - condition: service_started - required: true - environment: - DOCKER_HOST_ADDRESS: - ENABLE_COLIBRI_WEBSOCKET: - ENABLE_JVB_XMPP_SERVER: - ENABLE_OCTO: - JVB_ADVERTISE_IPS: - JVB_ADVERTISE_PRIVATE_CANDIDATES: - JVB_AUTH_USER: - JVB_AUTH_PASSWORD: ${JITSI__JVB_AUTH_PASSWORD} - JVB_BREWERY_MUC: - JVB_DISABLE_STUN: - JVB_PORT: - JVB_MUC_NICKNAME: - JVB_STUN_SERVERS: - JVB_OCTO_BIND_ADDRESS: - JVB_OCTO_REGION: - JVB_OCTO_RELAY_ID: - JVB_WS_DOMAIN: - JVB_WS_SERVER_ID: - JVB_XMPP_AUTH_DOMAIN: - JVB_XMPP_INTERNAL_MUC_DOMAIN: - JVB_XMPP_PORT: - JVB_XMPP_SERVER: - PUBLIC_URL: ${JITSI__PUBLIC_URL} - SENTRY_DSN: "${JVB_SENTRY_DSN:-0}" - SENTRY_ENVIRONMENT: - SENTRY_RELEASE: - COLIBRI_REST_ENABLED: - SHUTDOWN_REST_ENABLED: - TZ: ${JITSI__JIGAGI_SIP_SERVER} - XMPP_AUTH_DOMAIN: - XMPP_INTERNAL_MUC_DOMAIN: - XMPP_SERVER: - XMPP_PORT: - image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable} - networks: - default: null - ports: - - ${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp - - 127.0.0.1:${JVB_COLIBRI_PORT:-8091}:8080 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - selinux: Z - source: ${DOCKER_VOLUME_CONFIG}/jitsi/jvb - target: /config - type: bind - jitsi-prosody: - container_name: xmpp.meet.jitsi - environment: - AUTH_TYPE: - DISABLE_POLLS: - ENABLE_AUTH: - ENABLE_AV_MODERATION: - ENABLE_BREAKOUT_ROOMS: - ENABLE_END_CONFERENCE: - ENABLE_GUESTS: 1 - ENABLE_IPV6: - ENABLE_LOBBY: - ENABLE_RECORDING: 1 - ENABLE_XMPP_WEBSOCKET: - ENABLE_JAAS_COMPONENTS: - GC_TYPE: - GC_INC_TH: - GC_INC_SPEED: - GC_INC_STEP_SIZE: - GC_GEN_MIN_TH: - GC_GEN_MAX_TH: - GLOBAL_CONFIG: - GLOBAL_MODULES: - JIBRI_RECORDER_USER: - JIBRI_RECORDER_PASSWORD: ${JITSI__JIBRI_RECORDER_PASSWORD} - JIBRI_XMPP_USER: - JIBRI_XMPP_PASSWORD: ${JITSI__JIBRI_XMPP_PASSWORD} - JICOFO_AUTH_PASSWORD: ${JITSI__JICOFO_AUTH_PASSWORD} - JICOFO_COMPONENT_SECRET: - JIGASI_XMPP_USER: - JIGASI_XMPP_PASSWORD: ${JITSI__JIGASI_XMPP_PASSWORD} - JVB_AUTH_USER: - JVB_AUTH_PASSWORD: ${JITSI__JVB_AUTH_PASSWORD} - JWT_APP_ID: - JWT_APP_SECRET: - JWT_ACCEPTED_ISSUERS: - JWT_ACCEPTED_AUDIENCES: - JWT_ASAP_KEYSERVER: - JWT_ALLOW_EMPTY: - JWT_AUTH_TYPE: - JWT_ENABLE_DOMAIN_VERIFICATION: - JWT_TOKEN_AUTH_MODULE: - MATRIX_UVS_URL: - MATRIX_UVS_ISSUER: - MATRIX_UVS_AUTH_TOKEN: - MATRIX_UVS_SYNC_POWER_LEVELS: - LOG_LEVEL: - LDAP_AUTH_METHOD: - LDAP_BASE: - LDAP_BINDDN: - LDAP_BINDPW: - LDAP_FILTER: - LDAP_VERSION: - LDAP_TLS_CIPHERS: - LDAP_TLS_CHECK_PEER: - LDAP_TLS_CACERT_FILE: - LDAP_TLS_CACERT_DIR: - LDAP_START_TLS: - LDAP_URL: - LDAP_USE_TLS: - MAX_PARTICIPANTS: - PROSODY_AUTH_TYPE: - PROSODY_RESERVATION_ENABLED: - PROSODY_RESERVATION_REST_BASE_URL: - PROSODY_ENABLE_RATE_LIMITS: - PROSODY_RATE_LIMIT_LOGIN_RATE: - PROSODY_RATE_LIMIT_SESSION_RATE: - PROSODY_RATE_LIMIT_TIMEOUT: - PROSODY_RATE_LIMIT_ALLOW_RANGES: - PROSODY_RATE_LIMIT_CACHE_SIZE: - PUBLIC_URL: ${JITSI__PUBLIC_URL} - TURN_CREDENTIALS: - TURN_HOST: - TURNS_HOST: - TURN_PORT: - TURNS_PORT: - TURN_TRANSPORT: - TZ: ${JITSI__JIGAGI_SIP_SERVER} - XMPP_DOMAIN: - XMPP_AUTH_DOMAIN: - XMPP_GUEST_DOMAIN: - XMPP_MUC_DOMAIN: - XMPP_INTERNAL_MUC_DOMAIN: - XMPP_MODULES: - XMPP_MUC_MODULES: - XMPP_MUC_CONFIGURATION: - XMPP_INTERNAL_MUC_MODULES: - XMPP_RECORDER_DOMAIN: - XMPP_PORT: - expose: - - ${XMPP_PORT:-5222} - - "5347" - - "5280" - image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable} - networks: - default: null - restart: unless-stopped - volumes: - - bind: - create_host_path: true - selinux: Z - source: ${DOCKER_VOLUME_CONFIG}/jitsi/prosody/config - target: /config - type: bind - - bind: - create_host_path: true - selinux: Z - source: ${DOCKER_VOLUME_CONFIG}/jitsi/prosody/prosody-plugins-custom - target: /prosody-plugins-custom - type: bind - jitsi-web: - container_name: meet.jitsi - environment: - AMPLITUDE_ID: - ANALYTICS_SCRIPT_URLS: - ANALYTICS_WHITELISTED_EVENTS: - AUDIO_QUALITY_OPUS_BITRATE: - AUTO_CAPTION_ON_RECORD: - BRANDING_DATA_URL: - CALLSTATS_CUSTOM_SCRIPT_URL: - CALLSTATS_ID: - CALLSTATS_SECRET: - CHROME_EXTENSION_BANNER_JSON: - COLIBRI_WEBSOCKET_PORT: - CONFCODE_URL: - CONFIG_EXTERNAL_CONNECT: - DEFAULT_LANGUAGE: - DEPLOYMENTINFO_ENVIRONMENT: - DEPLOYMENTINFO_ENVIRONMENT_TYPE: - DEPLOYMENTINFO_REGION: - DEPLOYMENTINFO_SHARD: - DEPLOYMENTINFO_USERREGION: - DESKTOP_SHARING_FRAMERATE_MIN: - DESKTOP_SHARING_FRAMERATE_MAX: - DIALIN_NUMBERS_URL: - DIALOUT_AUTH_URL: - DIALOUT_CODES_URL: - DISABLE_AUDIO_LEVELS: - DISABLE_DEEP_LINKING: - DISABLE_GRANT_MODERATOR: - DISABLE_HTTPS: - DISABLE_KICKOUT: - DISABLE_LOCAL_RECORDING: - DISABLE_POLLS: - DISABLE_PRIVATE_CHAT: - DISABLE_PROFILE: - DISABLE_REACTIONS: - DISABLE_REMOTE_VIDEO_MENU: - DISABLE_START_FOR_ALL: - DROPBOX_APPKEY: - DROPBOX_REDIRECT_URI: - DYNAMIC_BRANDING_URL: - ENABLE_AUDIO_PROCESSING: - ENABLE_AUTH: - ENABLE_BREAKOUT_ROOMS: - ENABLE_CALENDAR: - ENABLE_COLIBRI_WEBSOCKET: - ENABLE_E2EPING: - ENABLE_FILE_RECORDING_SHARING: - ENABLE_GUESTS: 1 - ENABLE_HSTS: - ENABLE_HTTP_REDIRECT: - ENABLE_IPV6: - ENABLE_LETSENCRYPT: - ENABLE_LIPSYNC: - ENABLE_NO_AUDIO_DETECTION: - ENABLE_NOISY_MIC_DETECTION: - ENABLE_OCTO: - ENABLE_OPUS_RED: - ENABLE_PREJOIN_PAGE: - ENABLE_P2P: - ENABLE_WELCOME_PAGE: - ENABLE_CLOSE_PAGE: - ENABLE_LIVESTREAMING: - ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK: - ENABLE_LIVESTREAMING_HELP_LINK: - ENABLE_LIVESTREAMING_TERMS_LINK: - ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING: - ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT: - ENABLE_LOCAL_RECORDING_SELF_START: - ENABLE_RECORDING: 1 - ENABLE_REMB: - ENABLE_REQUIRE_DISPLAY_NAME: - ENABLE_SERVICE_RECORDING: - ENABLE_SIMULCAST: - ENABLE_STATS_ID: - ENABLE_STEREO: - ENABLE_SUBDOMAINS: - ENABLE_TALK_WHILE_MUTED: - ENABLE_TCC: - ENABLE_TRANSCRIPTIONS: - ENABLE_XMPP_WEBSOCKET: - ENABLE_JAAS_COMPONENTS: - ETHERPAD_PUBLIC_URL: - ETHERPAD_URL_BASE: ${JITSI__ETHERPAD_URL_BASE} - E2EPING_NUM_REQUESTS: - E2EPING_MAX_CONFERENCE_SIZE: - E2EPING_MAX_MESSAGE_PER_SECOND: - GOOGLE_ANALYTICS_ID: - GOOGLE_API_APP_CLIENT_ID: - HIDE_PREMEETING_BUTTONS: - HIDE_PREJOIN_DISPLAY_NAME: - HIDE_PREJOIN_EXTRA_BUTTONS: - INVITE_SERVICE_URL: - LETSENCRYPT_DOMAIN: - LETSENCRYPT_EMAIL: - LETSENCRYPT_USE_STAGING: - MATOMO_ENDPOINT: - MATOMO_SITE_ID: - MICROSOFT_API_APP_CLIENT_ID: - NGINX_RESOLVER: - NGINX_WORKER_PROCESSES: - NGINX_WORKER_CONNECTIONS: - PEOPLE_SEARCH_URL: - PREFERRED_LANGUAGE: - PUBLIC_URL: ${JITSI__PUBLIC_URL} - P2P_PREFERRED_CODEC: - RESOLUTION: - RESOLUTION_MIN: - RESOLUTION_WIDTH: - RESOLUTION_WIDTH_MIN: - START_AUDIO_MUTED: - START_AUDIO_ONLY: - START_BITRATE: - START_SILENT: - START_WITH_AUDIO_MUTED: - START_VIDEO_MUTED: - START_WITH_VIDEO_MUTED: - TESTING_CAP_SCREENSHARE_BITRATE: - TESTING_OCTO_PROBABILITY: - TOKEN_AUTH_URL: - TOOLBAR_BUTTONS: - TRANSLATION_LANGUAGES: - TRANSLATION_LANGUAGES_HEAD: - TZ: ${JITSI__JIGAGI_SIP_SERVER} - USE_APP_LANGUAGE: - VIDEOQUALITY_BITRATE_H264_LOW: - VIDEOQUALITY_BITRATE_H264_STANDARD: - VIDEOQUALITY_BITRATE_H264_HIGH: - VIDEOQUALITY_BITRATE_VP8_LOW: - VIDEOQUALITY_BITRATE_VP8_STANDARD: - VIDEOQUALITY_BITRATE_VP8_HIGH: - VIDEOQUALITY_BITRATE_VP9_LOW: - VIDEOQUALITY_BITRATE_VP9_STANDARD: - VIDEOQUALITY_BITRATE_VP9_HIGH: - VIDEOQUALITY_ENFORCE_PREFERRED_CODEC: - VIDEOQUALITY_PREFERRED_CODEC: - XMPP_AUTH_DOMAIN: - XMPP_BOSH_URL_BASE: - XMPP_DOMAIN: - XMPP_GUEST_DOMAIN: - XMPP_MUC_DOMAIN: - XMPP_RECORDER_DOMAIN: - XMPP_PORT: - WHITEBOARD_ENABLED: - WHITEBOARD_COLLAB_SERVER_PUBLIC_URL: - image: jitsi/web:${JITSI_IMAGE_VERSION:-stable} - labels: - swag: enable - swag_proto: https - swag_url: meet.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://meet.${MY_TLD} - homepage.group: Social - homepage.name: Jitsi - homepage.href: https://meet.${MY_TLD} - homepage.icon: jitsi.png - homepage.description: Web Conferencing - networks: - default: null - ports: - - ${JITSI__HTTP_PORT}:80 - - ${JITSI__HTTPS_PORT}:443 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - selinux: Z - source: ${DOCKER_VOLUME_CONFIG}/jitsi/web - target: /config - type: bind - - bind: - create_host_path: true - selinux: Z - source: ${DOCKER_VOLUME_CONFIG}/jitsi/web/crontabs - target: /var/spool/cron/crontabs - type: bind - - bind: - create_host_path: true - selinux: Z - source: ${DOCKER_VOLUME_CONFIG}/jitsi/transcripts - target: /usr/share/jitsi-meet/transcripts - type: bind - joplin-db: - container_name: joplin-db - environment: - POSTGRES_PASSWORD: ${JOPLIN_POSTGRES_PASSWORD} - POSTGRES_USER: ${JOPLIN_POSTGRES_USER} - POSTGRES_DB: ${JOPLIN_POSTGRES_DATABASE} - expose: - - 5432 - image: postgres:17-alpine - networks: - default: null - restart: unless-stopped - volumes: - - source: joplin_data - target: /var/lib/postgresql/data - type: volume - volume: {} - joplin: - container_name: joplin - environment: - ACCOUNT_TYPES_ENABLED: true - APP_PORT: ${JOPLIN_APP_PORT} - APP_BASE_URL: ${JOPLIN_APP_BASE_URL} - DB_CLIENT: pg - INSTANCE_NAME: 'Joplin @ Rinoa' - IS_ADMIN_INSTANCE: true - MAILER_ENABLED: 1 - MAILER_HOST: postal-SMTP - MAILER_PORT: 25 - MAILER_SECURITY: none - MAILER_AUTH_USER: ${POSTAL_SMTP_AUTH_USER} - MAILER_AUTH_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} - MAILER_NOREPLY_NAME: Joplin @ Rinoa - MAILER_NOREPLY_EMAIL: noreply@trez.wtf - POSTGRES_PASSWORD: ${JOPLIN_POSTGRES_PASSWORD} - POSTGRES_DATABASE: ${JOPLIN_POSTGRES_DATABASE} - POSTGRES_USER: ${JOPLIN_POSTGRES_USER} - POSTGRES_PORT: 5432 - POSTGRES_HOST: joplin-db - image: joplin/server:latest - labels: - homepage.group: Personal Services - homepage.name: Joplin - homepage.href: https://notes.${MY_TLD} - homepage.icon: joplin.svg - homepage.description: Open-source note taking & to-do - swag: enable - swag_url: notes.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://notes.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "22300" - target: 22300 - restart: unless-stopped - lidarr: - container_name: lidarr - environment: - PGID: ${PGID} - PUID: ${PUID} - TZ: America/New_York - DOCKER_MODS: ghcr.io/gilbn/theme.park:lidarr - hostname: Rinoa - image: lscr.io/linuxserver/lidarr:latest - labels: - homepage.group: Servarr Stack - homepage.name: Lidarr - homepage.href: https://lidarr.${MY_TLD} - homepage.icon: lidarr.png - homepage.description: Music Automation - homepage.widget.type: lidarr - homepage.widget.url: http://lidarr:8686 - homepage.widget.key: ${LIDARR_API_KEY} - swag: enable - swag.uptime-kuma.enabled: true - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8686" - target: 8686 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/lidarr - target: /config - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - lidify: - container_name: lidify - environment: - app_name: lidify - app_rev: 0.09 - app_url: lidify.${MY_TLD} - dry_run_adding_to_lidarr: true - fallback_to_top_result: false - last_fm_api_key: ${LASTFM_API_KEY} - last_fm_api_secret: ${LASTFM_API_SECRET} - lidarr_address: http://lidarr:8686 - lidarr_api_key: ${LIDARR_API_KEY} - lidarr_api_timeout: 120 - metadata_profile_id: 1 - mode: LastFM - quality_profile_id: 1 - root_folder_path: /data/media/music - search_for_missing_albums: false - spotify_client_id: ${YOUR_SPOTIFY_ID} - spotify_client_secret: ${YOUR_SPOTIFY_SECRET} - expose: - - 5000 - image: thewicklowwolf/lidify:latest - labels: - homepage.group: Servarr Stack - homepage.name: Lidify - homepage.href: https://lidify.${MY_TLD} - homepage.icon: sh-lidify.png - homepage.description: Music Discovery a la Last.fm, Spotify, Pandora, etc. - swag: enable - swag_auth: authelia - swag_proto: http - swag_port: 5000 - swag_url: lidify.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://lidify.${MY_TLD} - networks: - default: null - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/lidify - target: /lidify/config - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_STORAGE}/Audio/Music - target: /data/media/music - type: bind - bind: - create_host_path: true - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - lldap: - container_name: lldap - environment: - UID: ${PUID} - GID: ${PGID} - TZ: ${TZ} - LLDAP_JWT_SECRET: ${LLDAP_JWT_SECRET} - LLDAP_KEY_SEED: ${LLDAP_KEY_SEED} - LLDAP_LDAP_BASE_DN: dc=trez,dc=wtf - image: lldap/lldap:stable - labels: - homepage.group: System Administration - homepage.name: LLDAP - homepage.href: https://ldap.${MY_TLD} - homepage.icon: /icons/lldap.png - homepage.description: LDAP made easy - swag: enable - swag_proto: http - swag_port: 17170 - swag_url: ldap.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://ldap.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "17170" - target: 17170 - restart: always - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/lldap - target: /data - type: bind - bind: - create_host_path: true - lobe-chat: - container_name: lobe-chat - depends_on: - lobe-chat-pg-db: - condition: service_started - required: true - minio: - condition: service_started - required: true - zitadel: - condition: service_started - required: true - environment: - APP_URL: https://ai.trez.wtf/ - KEY_VAULTS_SECRET: ${LOBECHAT_KEY_VAULT_SECRET} - DATABASE_URL: postgresql://lobe:${LOBECHAT_PG_DB_PASSWD}@lobe-chat-pg-db:5432/lobe - NEXTAUTH_URL: https://lobe.example.com/api/auth - NEXT_AUTH_SECRET: ${LOBECHAT_NEXT_AUTH_SECRET} - NEXT_AUTH_SSO_PROVIDERS: zitadel - AUTH_ZITADEL_ID: ${LOBECHAT_ZITADEL_CLIENT_ID} - AUTH_ZITADEL_SECRET: ${LOBECHAT_ZITADEL_CLIENT_SECRET} - AUTH_ZITADEL_ISSUER: https://id.trez.wtf - S3_ACCESS_KEY_ID: ${LOBECHAT_S3_ACCESS_KEY_ID} - S3_SECRET_ACCESS_KEY: ${LOBECHAT_S3_SECRET_ACCESS_KEY} - S3_ENDPOINT: http://minio:9000 - S3_BUCKET: lobechat - S3_PUBLIC_DOMAIN: https://s3.trez.wtf - S3_ENABLE_PATH_STYLE: 1+ - OPENAI_API_KEY: ${LOBECHAT_OPENAI_API_KEY} - ANTHROPIC_API_KEY: ${LOBECHAT_ANTHROPIC_API_KEY} - GITHUB_TOKEN: ${LOBECHAT_GITHUB_TOKEN} - OLLAMA_MODEL_LIST: +llama3.1:8b,+nomic-embed-text:latest,+starcoder2:3b,+llama3.1:latest,+llama2:7B - MISTRAL_API_KEY: ${LOBECHAT_MISTRAL_API_KEY} - GROQ_API_KEY: ${LOBECHAT_GROQAI_API_KEY} - image: lobehub/lobe-chat-database - labels: - homepage.group: Personal Services - homepage.name: LobeChat - homepage.href: https://ai.${MY_TLD} - homepage.icon: lobe-chat.png - homepage.description: An open-source, modern-design ChatGPT/LLMs UI/Framework - swag: enable - swag_proto: http - swag_port: 3210 - swag_url: ai.${MY_TLD} - ports: - - 3210:3210 - restart: unless-stopped - lobe-chat-pg-db: - container_name: lobe-chat-pg-db - environment: - POSTGRES_DB: lobe - POSTGRES_USER: lobe - POSTGRES_PASSWORD: ${LOBECHAT_PG_DB_PASSWD} - expose: - - 5432 - image: pgvector/pgvector:pg16 - volumes: - - ${DOCKER_VOLUME_CONFIG}/lobechat/db:/var/lib/postgresql/data - restart: unless-stopped - maloja: - container_name: maloja - environment: - MALOJA_CLEAN_OUTPUT: true - MALOJA_DEV_MODE: false - MALOJA_FORCE_PASSWORD: ${MALOJA_FORCE_PASSWORD} - MALOJA_LASTFM_API_KEY: ${LASTFM_API_KEY} - MALOJA_LASTFM_API_SECRET: ${LASTFM_API_SECRET} - MALOJA_LASTFM_PASSWORD: ${LASTFM_PASSWORD} - MALOJA_LASTFM_USERNAME: ${LASTFM_USERNAME} - MALOJA_LOGGING: true - MALOJA_PARSE_REMIX_ARTISTS: true - MALOJA_SCROBBLE_LASTFM: true - MALOJA_SKIP_SETUP: true - MALOJA_SPOTIFY_API_ID: ${YOUR_SPOTIFY_ID} - MALOJA_SPOTIFY_API_SECRET: ${YOUR_SPOTIFY_SECRET} - MALOJA_TIMEZONE: ${TZ} - image: krateng/maloja:latest - labels: - homepage.group: Media Library - homepage.name: Maloja - homepage.href: https://scrobble.${MY_TLD} - homepage.icon: maloja.png - homepage.description: Simple self-hosted music scrobble database to create personal listening statistics - swag: enable - swag_proto: http - swag_port: 42010 - swag_url: scrobble.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "42010" - target: 42010 - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/maloja/config - target: /etc/maloja - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/maloja/data - target: /var/lib/maloja - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/maloja/logs - target: /var/log/maloja - type: bind - bind: - create_host_path: true - mariadb: - container_name: mariadb - environment: - MYSQL_ROOT_PASSWORD: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD} - PGID: 1000 - PUID: 1000 - TZ: America/New_York - hostname: Rinoa - image: linuxserver/mariadb - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "3306" - target: 3306 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/mariadb - target: /config - type: bind - - source: ${DOCKER_VOLUME_STORAGE} - target: /storage - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/mariadb - target: /var/lib/mysql - type: bind - bind: - create_host_path: true - mastodon: - container_name: mastodon - environment: - PUID: ${PUID} - PGID: ${PGID} - TZ: ${TZ} - LOCAL_DOMAIN: trez.wtf - REDIS_HOST: redis - REDIS_PORT: 6379 - DB_HOST: mastodon-pg-db - DB_USER: mastodon - DB_NAME: mastodon - DB_PASS: ${MASTODON_PG_DB_PASSWORD} - DB_PORT: 5432 - ES_ENABLED: false - ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY: - ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY: - ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT: - SECRET_KEY_BASE: - OTP_SECRET: - VAPID_PRIVATE_KEY: - VAPID_PUBLIC_KEY: - SMTP_SERVER: postal-smtp - SMTP_PORT: 25 - SMTP_LOGIN: ${POSTAL_SMTP_AUTH_USER} - SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} - SMTP_FROM_ADDRESS: noreply@trez.wtf - S3_ENABLED: true - S3_BUCKET: mastodon - AWS_ACCESS_KEY_ID: ${MASTODON_MINIO_ACCESS_KEY} - AWS_SECRET_ACCESS_KEY: ${MASTODON_MINIO_SECRET_KEY} - image: lscr.io/linuxserver/mastodon:latest - labels: - swag: enable - swag_proto: http - swag_port: 5678 - swag_url: mastodon.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://mastodon.${MY_TLD} - homepage.group: Social - homepage.name: Mastodon - homepage.href: https://mastodon.${MY_TLD} - homepage.icon: mastodon.svg - homepage.description: Open-source social network - homepage.widget.type: mastodon - homepage.widget.url: http://mastodon - ports: - - 9044:80 - - 3444:443 - restart: unless-stopped - volumes: - - ${DOCKER_VOLUME_CONFIG}/mastodon:/config - mastodon-pg-db: - container_name: mastodon-pg-db - environment: - POSTGRES_USER: mastodon - POSTGRES_PASSWORD: ${MASTODON_PG_DB_PASSWORD} - POSTGRES_DB: mastodon - expose: - - 5432 - healthcheck: - test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER - start_period: 20s - timeout: 30s - interval: 10s - retries: 5 - image: postgres:17-alpine - restart: always - volumes: - - mastodon-pg-db:/var/lib/postgresql/data - minio: - command: server --console-address ":9090" /mnt/data - container_name: minio - environment: - MINIO_ROOT_USER: minioadmin - MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD} - MINIO_ACCESS_KEY: ${MINIO_MIMIR_STORAGE_ACCESS_KEY} - MINIO_SECRET_KEY: ${MINIO_MIMIR_STORAGE_SECRET_KEY} - hostname: minio - image: minio/minio - labels: - swag: enable - swag_proto: http - swag_port: 9090 - swag_url: s3.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://s3.${MY_TLD} - homepage.group: System Administration - homepage.name: MinIO - homepage.href: https://s3.${MY_TLD} - homepage.icon: minio.png - homepage.description: S3-compatible storage backend - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "9001" - target: 9000 - - mode: ingress - protocol: tcp - published: "9092" - target: 9090 - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/minio/data - target: /mnt/data - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/minio/minio - target: /etc/config.env - type: bind - bind: - create_host_path: true - mongodb: - container_name: mongodb - environment: - MONGODB_ADVERTISED_HOSTNAME: mongodb - MONGODB_ENABLE_DIRECTORY_PER_DB: true - MONGODB_SYSTEM_LOG_VERBOSITY: 1 - MONGODB_ROOT_USER: ${MONGO_INITDB_ROOT_USERNAME} - MONGODB_ROOT_PASSWORD: ${MONGO_INITDB_ROOT_PASSWORD} - ALLOW_EMPTY_PASSWORD: yes - MONGODB_REPLICA_SET_MODE: primary - MONGODB_REPLICA_SET_NAME: rinoa - MONGODB_REPLICA_SET_KEY: ${MONGODB_REPLICA_SET_KEY} - image: bitnami/mongodb:7.0 - ports: - - 27017:27017 - restart: unless-stopped - volumes: - - mongodb_data:/data/db - - mongodb_config:/data/configdb - multi-scrobbler: - container_name: multi-scrobbler - environment: - TZ: ${TZ} - PUID: ${PUID} - PGID: ${PGID} - MALOJA_URL: http://maloja:42010 - MALOJA_API_KEY: ${MALOJA_API_KEY} - LASTFM_API_KEY: ${LASTFM_API_KEY} - LASTFM_API_SECRET: ${LASTFM_API_SECRET} - LZ_USER: Trez.on - LZ_TOKEN: ${MALOJA_LISTENBRAINZ_TOKEN} - SPOTIFY_CLIENT_ID: ${YOUR_SPOTIFY_ID} - SPOTIFY_CLIENT_SECRET: ${YOUR_SPOTIFY_SECRET} - image: foxxmd/multi-scrobbler - labels: - homepage.group: Media Library - homepage.name: Multi-Scrobbler - homepage.href: http://192.168.1.254:9078 - homepage.icon: sh-multi-scrobbler.svg - homepage.description: JS App for scrobbling/recording play history from/to multiple sources - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "9078" - target: 9078 - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/multi-scrobbler - target: /config - type: bind - bind: - create_host_path: true - n8n: - container_name: n8n - environment: - N8N_HOST: n8n.${MY_TLD} - N8N_PORT: 5678 - N8N_PROTOCOL: https - NODE_ENV: production - WEBHOOK_URL: https://n8n.${MY_TLD}/ - GENERIC_TIMEZONE: ${TZ} - image: docker.n8n.io/n8nio/n8n - labels: - swag: enable - swag_proto: http - swag_port: 5678 - swag_url: n8n.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://n8n.${MY_TLD} - homepage.group: Automation - homepage.name: n8n - homepage.href: https://n8n.${MY_TLD} - homepage.icon: n8n.svg - homepage.description: Extendable workflow automation tool to easily automate tasks - ports: - - 5678:5678 - restart: unless-stopped - volumes: - - n8n-data:/home/node/.n8n - navidrome: - container_name: navidrome - environment: - ND_AUTOIMPORTPLAYLISTS: false - ND_BASEURL: "" - ND_LASTFM_APIKEY: ${LASTFM_API_KEY} - ND_LASTFM_ENABLED: true - ND_LASTFM_SECRET: ${LASTFM_API_SECRET} - ND_LOGLEVEL: info - ND_MUSICFOLDER: /music - ND_SCANNER_GROUPALBUMRELEASES: true - ND_SCANSCHEDULE: '@every 6h' - ND_SESSIONTIMEOUT: 24h - ND_SPOTIFY_ID: ${YOUR_SPOTIFY_ID} - ND_SPOTIFY_SECRET: ${YOUR_SPOTIFY_SECRET} - ND_SUBSONICARTISTPARTICIPATIONS: true - image: deluan/navidrome:latest - labels: - homepage.group: Media Library - homepage.name: Navidrome - homepage.href: https://navi.${MY_TLD} - homepage.icon: navidrome.png - homepage.description: Music Streaming - homepage.widget.type: navidrome - homepage.widget.url: http://navidrome:4533 - homepage.widget.user: admin - homepage.widget.token: e8a9e97b29aa963fa4729c633289d232 - homepage.widget.salt: v5Z93Z - swag: enable - swag_port: 4533 - swag_proto: http - swag_url: navi.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://navi.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "4533" - target: 4533 - restart: unless-stopped - user: 1000:1000 - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/navidrome - target: /data - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_STORAGE}/Audio/Music - target: /music - type: bind - bind: - create_host_path: true - netbird-dashboard: - container_name: netbird-dashboard - environment: - # Endpoints - NETBIRD_MGMT_API_ENDPOINT: https://netbird.${MY_TLD}:33073 - NETBIRD_MGMT_GRPC_API_ENDPOINT: https://netbird.${MY_TLD}:33073 - # OIDC - AUTH_AUDIENCE: ${NETBIRD_ZITADEL_CLIENT_ID} - AUTH_CLIENT_ID: ${NETBIRD_ZITADEL_CLIENT_ID} - AUTH_CLIENT_SECRET: ${NETBIRD_ZITADEL_CLIENT_SECRET} - AUTH_AUTHORITY: https://id.${MY_TLD} - USE_AUTH0: false - AUTH_SUPPORTED_SCOPES: openid profile email offline_access api - AUTH_REDIRECT_URI: /auth - AUTH_SILENT_REDIRECT_URI: /silent-auth - NETBIRD_TOKEN_SOURCE: accessToken - # SSL - NGINX_SSL_PORT: 443 - # Letsencrypt - LETSENCRYPT_DOMAIN: - LETSENCRYPT_EMAIL: - image: netbirdio/dashboard:latest - labels: - homepage.group: Privacy/Security - homepage.name: Netbird - homepage.href: https://netbird.${MY_TLD} - homepage.icon: netbird.svg - homepage.description: Peer-to-peer private network and centralized access control system - swag: enable - swag_proto: http - swag_port: 80 - swag_auth: authelia - swag_url: netbird.${MY_TLD} - swag_server_custom_directive: | - location /signalexchange.SignalExchange/ { - grpc_pass grpc://netbird-signal:80; - #grpc_ssl_verify off; - grpc_read_timeout 1d; - grpc_send_timeout 1d; - grpc_socket_keepalive on; - } - # Proxy Management http endpoint - location /api { - proxy_pass http://netbird-management:443; - } - # Proxy Management grpc endpoint - location /management.ManagementService/ { - grpc_pass grpc://netbird-management:443; - #grpc_ssl_verify off; - grpc_read_timeout 1d; - grpc_send_timeout 1d; - grpc_socket_keepalive on; - } - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://netbird.${MY_TLD} - ports: - - 32908:80 - - 36610:443 - restart: unless-stopped - volumes: - - netbird-letsencrypt:/etc/letsencrypt/ - netbird-signal: - container_name: netbird-signal - image: netbirdio/signal:latest - ports: - - 10001:80 - restart: unless-stopped - volumes: - - netbird-signal:/var/lib/netbird - netbird-relay: - container_name: netbird-relay - image: netbirdio/relay:latest - restart: unless-stopped - environment: - NB_LOG_LEVEL: info - NB_LISTEN_ADDRESS: :33080 - NB_EXPOSED_ADDRESS: netbird.${MY_TLD}:33080 - # todo: change to a secure secret - NB_AUTH_SECRET: ${NETBIRD_RELAY_AUTH_SECRET} - ports: - - 33080:33080 - netbird-management: - command: [ - "--port", "443", - "--log-file", "console", - "--log-level", "info", - "--disable-anonymous-metrics=false", - "--single-account-mode-domain=netbird.${MY_TLD}", - "--dns-domain=netbird.selfhosted" - ] - container_name: netbird-management - depends_on: - netbird-dashboard: - condition: service_started - environment: - NETBIRD_STORE_ENGINE_POSTGRES_DSN: - NETBIRD_STORE_ENGINE_MYSQL_DSN: - image: netbirdio/management:latest - restart: unless-stopped - volumes: - - netbird-mgmt:/var/lib/netbird - - netbird-letsencrypt:/etc/letsencrypt:ro - - ${DOCKER_VOLUME_CONFIG}/netbird/management.json:/etc/netbird/management.json - ports: - - 33073:443 #API port - netbird-coturn: - command: - - -c /etc/turnserver.conf - container_name: netbird-coturn - image: coturn/coturn:latest - restart: unless-stopped - #domainname: netbird.${MY_TLD} # only needed when TLS is enabled - volumes: - - ${DOCKER_VOLUME_CONFIG}/netbird/turnserver.conf:/etc/turnserver.conf:ro - # - ${DOCKER_VOLUME_CONFIG}/netbird/privkey.pem:/etc/coturn/private/privkey.pem:ro - # - ${DOCKER_VOLUME_CONFIG}/netbird/cert.pem:/etc/coturn/certs/cert.pem:ro - network_mode: host - netbox: - container_name: netbox - depends_on: - netbox-db: - condition: service_healthy - required: true - redis: - condition: service_started - required: true - environment: - PUID: ${PUID} - PGID: ${PGID} - TZ: ${TZ} - SUPERUSER_EMAIL: charish.patel@pm.me - SUPERUSER_PASSWORD: ${NETBOX_SUPERUSER_PASSWORD} - ALLOWED_HOST: net.trez.wtf - DB_NAME: netbox - DB_USER: netbox - DB_PASSWORD: ${NETBOX_PG_DB_PASSWORD} - DB_HOST: netbox-db - DB_PORT: 5432 - DEBUG: false - DOCKER_MODS: linuxserver/mods:netbox-slurpit - REDIS_HOST: redis - REDIS_PORT: 6379 - REMOTE_AUTH_ENABLED: - image: lscr.io/linuxserver/netbox:latest - labels: - homepage.group: Infrastructure/App Performance Monitoring - homepage.name: Netbox - homepage.href: https://net.${MY_TLD} - homepage.icon: netbox.svg - homepage.description: Network modeling/documentation - swag: enable - swag_url: net.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://net.${MY_TLD} - ports: - - 8007:8000 - restart: unless-stopped - volumes: - - ${DOCKER_VOLUME_CONFIG}/netbox/:/config - netbox-db: - container_name: netbox-db - environment: - POSTGRES_USER: netbox - POSTGRES_PASSWORD: ${NETBOX_PG_DB_PASSWORD} - POSTGRES_DB: netbox - expose: - - 5432 - healthcheck: - test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER - start_period: 20s - timeout: 30s - interval: 10s - retries: 5 - image: postgres:17-alpine - restart: always - volumes: - - source: netbox-pg-db - target: /var/lib/postgresql/data - type: volume - volume: {} - nextcloud: - container_name: nextcloud-aio-mastercontainer - environment: - SKIP_DOMAIN_VALIDATION: false - APACHE_ADDITIONAL_NETWORK: compose_default - APACHE_IP_BINDING: 0.0.0.0 - APACHE_PORT: 11000 - expose: - - 11000 - image: nextcloud/all-in-one:latest - labels: - homepage.group: Personal Services - homepage.name: NextCloud - homepage.href: https://cloud.${MY_TLD} - homepage.icon: nextcloud.svg - homepage.description: Private Cloud - swag: enable - swag_port: 11000 - swag_proto: http - swag_address: nextcloud-aio-apache - swag_url: cloud.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://cloud.${MY_TLD} - ports: - - 56713:8080 - restart: unless-stopped - volumes: - - /var/run/docker.sock:/var/run/docker.sock - - nextcloud_aio_mastercontainer:/mnt/docker-aio-config - ollama: - container_name: ollama - image: ollama/ollama - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "11434" - target: 11434 - restart: always - volumes: - - source: ollama - target: /root/.ollama - type: volume - volume: {} - ombi: - container_name: ombi - environment: - PGID: ${PGID} - PUID: ${PUID} - TZ: America/New_York - hostname: Rinoa - image: lscr.io/linuxserver/ombi:latest - labels: - homepage.group: Media Library - homepage.name: Ombi - homepage.href: https://ombi.${MY_TLD} - homepage.icon: ombi.png - homepage.description: Media Requests - homepage.widget.type: ombi - homepage.widget.url: http://ombi:3579 - homepage.widget.key: ${OMBI_API_KEY} - swag: enable - swag.uptime-kuma.enabled: true - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "3579" - target: 3579 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/ombi - target: /config - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - paperless-ngx: - container_name: paperless-ngx - depends_on: - mariadb: - condition: service_started - required: true - restart: true - environment: - PAPERLESS_DBENGINE: mariadb - PAPERLESS_DBHOST: mariadb - PAPERLESS_DBPASS: ${PAPERLESS_DBPASS} - PAPERLESS_DBPORT: 3306 - PAPERLESS_DBUSER: paperless - PAPERLESS_OCR_LANGUAGE: eng - PAPERLESS_OCR_LANGUAGES: all - PAPERLESS_REDIS: redis://redis:6379 - PAPERLESS_SECRET_KEY: ${PAPERLESS_SECRET_KEY} - PAPERLESS_TIME_ZONE: ${TZ} - PAPERLESS_URL: https://docs.${MY_TLD} - USERMAP_GID: ${PGID} - USERMAP_UID: ${PUID} - image: ghcr.io/paperless-ngx/paperless-ngx:latest - labels: - swag: enable - swag_proto: http - swag_port: 8000 - swag_url: docs.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://docs.${MY_TLD} - homepage.group: Personal Services - homepage.name: Paperless-ngx - homepage.href: https://docs.${MY_TLD} - homepage.icon: paperless-ngx.svg - homepage.description: Document indexer & archiver with OCR - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8004" - target: 8000 - restart: unless-stopped - volumes: - - source: paperless-ngx-data - target: /usr/src/paperless/data - type: volume - volume: {} - - source: paperless-ngx-media - target: /usr/src/paperless/media - type: volume - volume: {} - - source: ${DOCKER_VOLUME_CONFIG}/paperless-ngx/export - target: /usr/src/paperless/export - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/paperless-ngx/consume - target: /usr/src/paperless/consume - type: bind - bind: - create_host_path: true - pgbackweb: - container_name: pgbackweb - depends_on: - pgbackweb-db: - condition: service_healthy - environment: - PBW_ENCRYPTION_KEY: ${PGBACKWEB_ENCRYPTION_KEY} - PBW_POSTGRES_CONN_STRING: "postgresql://pgbackweb:${PGBACKWEB_PG_DB_PASSWD}@pgbackweb-db:5432/pgbackweb?sslmode=disable" - TZ: ${TZ} - image: eduardolat/pgbackweb:latest - labels: - homepage.group: System Administration - homepage.name: PG Back Web - homepage.href: https://pg.${MY_TLD} - homepage.icon: sh-pg-back-web.svg - homepage.description: Backups for PostgreSQL - swag: enable - swag_proto: http - swag_port: 8085 - swag_url: pg.${MY_TLD} - ports: - - "8085:8085" # Access the web interface at http://localhost:8085 - restart: unless-stopped - pgbackweb-db: - container_name: pgbackweb-db - environment: - POSTGRES_USER: pgbackweb - POSTGRES_DB: pgbackweb - POSTGRES_PASSWORD: ${PGBACKWEB_PG_DB_PASSWD} - expose: - - 5432 - healthcheck: - test: ["CMD-SHELL", "pg_isready -U postgres"] - interval: 5s - timeout: 5s - retries: 5 - image: postgres:16-alpine - restart: unless-stopped - volumes: - - pgbackweb-data:/var/lib/postgresql/data - plantuml-server: - container_name: plantuml-server - expose: - - 8080 - image: 'plantuml/plantuml-server:jetty' - restart: unless-stopped - plausible: - command: sh -c "sleep 10 && /entrypoint.sh db createdb && /entrypoint.sh db migrate && /entrypoint.sh run" - container_name: plausible - depends_on: - plausible_db: - condition: service_started - required: true - plausible_events_db: - condition: service_started - required: true - environment: - BASE_URL: https://analytics.${MY_TLD} - CLICKHOUSE_DATABASE_URL: http://plausible-events-db:8123/plausible_events_db - DATABASE_URL: postgres://plausible:${PLAUSIBLE_PG_PASSWORD}@plausible-db:5432/plausible_db - DISABLE_REGISTRATION: invite_only - ENABLE_EMAIL_VERIFICATION: true - MAILER_ADAPTER: Bamboo.Mua - MAILER_EMAIL: noreply@trez.wtf - MAILER_NAME: Plausible - MAXMINDDB_LICENSE_KEY: ${SWAG_MAXMINDDB_LICENSE_KEY} - SECRET_KEY_BASE: ${PLAUSIBLE_SECRET_KEY_BASE} - SMTP_HOST_ADDR: postal-smtp - SMTP_HOST_PORT: 25 - SMTP_USER_NAME: ${POSTAL_SMTP_AUTH_USER} - SMTP_USER_PWD: ${POSTAL_SMTP_AUTH_PASSWORD} - TOTP_VAULT_KEY: ${PLAUSIBLE_TOTP_VAULT_KEY} - image: ghcr.io/plausible/community-edition:v2.1.0 - labels: - swag: enable - swag_proto: http - swag_port: 8000 - swag_url: analytics.${MY_TLD} - homepage.group: Professional Services - homepage.name: Plausible - homepage.href: https://analytics.${MY_TLD} - homepage.icon: plausible.svg - homepage.description: Open-source web analytics - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8107" - target: 8000 - restart: always - plausible_db: - container_name: plausible-db - environment: - POSTGRES_DB: plausible_db - POSTGRES_PASSWORD: ${PLAUSIBLE_PG_PASSWORD} - POSTGRES_USER: plausible - expose: - - 5432 - image: postgres:16-alpine - networks: - default: null - restart: always - volumes: - - plausible-db-data:/var/lib/postgresql/data - plausible_events_db: - container_name: plausible-events-db - expose: - - 8123 - image: clickhouse/clickhouse-server:24.3.3.102-alpine - networks: - default: null - restart: always - ulimits: - nofile: - hard: 262144 - soft: 262144 - volumes: - - plausible-event-data:/var/lib/clickhouse - - plausible-event-logs:/var/log/clickhouse-server - - ${DOCKER_VOLUME_CONFIG}/plausible/clickhouse/clickhouse-config.xml:/etc/clickhouse-server/config.d/logging.xml:ro - - ${DOCKER_VOLUME_CONFIG}/plausible/clickhouse/clickhouse-user-config.xml:/etc/clickhouse-server/users.d/logging.xml:ro - portainer: - command: -H tcp://dockerproxy:2375 - container_name: portainer - depends_on: - docker-socket-proxy: - condition: service_started - required: true - environment: - DOCKER_HOST: tcp://dockerproxy:2375 - expose: - - 9000 - - 9443 - image: portainer/portainer-ce:alpine-sts - labels: - swag: enable - swag_proto: http - swag_port: 9000 - swag_url: portainer.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://portainer.${MY_TLD} - homepage.group: System Administration - homepage.name: Portainer - homepage.href: https://portainer.${MY_TLD} - homepage.icon: portainer.svg - homepage.description: Service delivery platform for containerized applications - restart: unless-stopped - volumes: - - portainer-data:/data - postal-smtp: - cap_add: - - NET_BIND_SERVICE - command: postal smtp-server - container_name: postal-smtp - image: ghcr.io/postalserver/postal:latest - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "25" - target: 25 - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/postal - target: /config - type: bind - bind: - create_host_path: true - postal-web: - command: postal web-server - container_name: postal-web - image: ghcr.io/postalserver/postal:latest - labels: - swag: enable - swag_proto: http - swag_port: 5000 - swag_address: postal-web - swag_url: post.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://post.${MY_TLD} - homepage.group: System Administration - homepage.name: Postal - homepage.href: https://post.${MY_TLD} - homepage.icon: sh-postal.svg - homepage.description: OSS Mail delivery platform - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "5001" - target: 5000 - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/postal - target: /config - type: bind - bind: - create_host_path: true - postal-worker: - command: postal worker - container_name: postal-worker - environment: - LOG_LEVEL: debug - image: ghcr.io/postalserver/postal:latest - networks: - default: null - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/postal - target: /config - type: bind - bind: - create_host_path: true - prowlarr: - container_name: prowlarr - environment: - PGID: ${PGID} - PUID: ${PUID} - TZ: America/New_York - DOCKER_MODS: ghcr.io/gilbn/theme.park:sonarr - TP_DOMAIN: trez.wtf\/themepark - TP_COMMUNITY_THEME: false - TP_THEME: space-gray - hostname: Rinoa - image: lscr.io/linuxserver/prowlarr:latest - labels: - homepage.group: Servarr Stack - homepage.name: Prowlarr - homepage.href: https://prowlarr.${MY_TLD} - homepage.icon: prowlarr.png - homepage.description: Index aggregator - homepage.widget.type: prowlarr - homepage.widget.url: http://prowlarr:9696 - homepage.widget.key: ${PROWLARR_API_KEY} - swag: enable - swag.uptime-kuma.enabled: true - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "9696" - target: 9696 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/prowlarr - target: /config - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - radarec: - container_name: radarec - environment: - auto_start: true - auto_start_delay: 60 - dry_run_adding_to_radarr: false - fallback_to_top_result: false - language_choice: all - metadata_profile_id: 1 - minimum_rating: 4.5 - minimum_votes: 50 - quality_profile_id: 1 - radarr_address: http://radarr:7878 - radarr_api_key: ${RADARR_API_KEY} - radarr_api_timeout: 120 - root_folder_path: /data/media/movies - search_for_movie: true - tmdb_api_key: ${TMDB_API_KEY} - expose: - - 5000 - image: thewicklowwolf/radarec:latest - labels: - homepage.group: Servarr Stack - homepage.name: RadaRec - homepage.href: https://radarec.${MY_TLD} - homepage.icon: sh-radarec.png - homepage.description: Movie discovery based on library/tastes - swag: enable - swag_proto: http - swag_port: 5000 - swag_auth: authelia - swag_url: radarec.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://radarec.${MY_TLD} - networks: - default: null - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_STORAGE}/Movies - target: /data/media/movies - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/radarec - target: /radarec/config - type: bind - bind: - create_host_path: true - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - radarr: - container_name: radarr - environment: - PGID: ${PGID} - PUID: ${PUID} - TZ: ${TZ} - hostname: Rinoa - image: lscr.io/linuxserver/radarr:latest - labels: - homepage.group: Servarr Stack - homepage.name: Radarr - homepage.href: https://radarr.${MY_TLD} - homepage.icon: radarr.png - homepage.description: Movie Automation - homepage.widget.type: radarr - homepage.widget.url: http://radarr:7878 - homepage.widget.key: ${RADARR_API_KEY} - swag: enable - swag.uptime-kuma.enabled: true - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "7878" - target: 7878 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/radarr - target: /config - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - reactive-resume: - container_name: reactive-resume - depends_on: - browserless: - condition: service_started - required: true - minio: - condition: service_started - required: true - reactive-resume-pg: - condition: service_started - required: true - environment: - ACCESS_TOKEN_SECRET: ${REACTIVE_RESUME_ACCESS_TOKEN_SECRET} - CHROME_PORT: 443 - CHROME_TOKEN: ${CHROMIUM_TOKEN} - CHROME_URL: wss://browse.${MY_TLD} - DATABASE_URL: postgresql://reactiveresume:${REACTIVE_RESUME_PGSQL_PASSWORD}@reactive-resume-pg:5432/reactiveresume - MAIL_FROM: noreply@trez.wtf - NODE_ENV: production - PORT: 3000 - PUBLIC_URL: https://resume.${MY_TLD} - REFRESH_TOKEN_SECRET: ${REACTIVE_RESUME_REFRESH_TOKEN_SECRET} - SMTP_URL: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25 - STORAGE_ACCESS_KEY: ${REACTIVE_RESUME_S3_ACCESS_KEY} - STORAGE_BUCKET: reactive-resume - STORAGE_ENDPOINT: minio - STORAGE_PORT: 9000 - STORAGE_REGION: us-east-fh-pln - STORAGE_SECRET_KEY: ${REACTIVE_RESUME_S3_SECRET_KEY} - STORAGE_URL: https://s3.trez.wtf/reactive-resume - STORAGE_USE_SSL: false - TZ: ${TZ} - image: amruthpillai/reactive-resume:latest - labels: - homepage.group: Professional Services - homepage.name: Reactive Resume - homepage.href: https://resume.${MY_TLD} - homepage.icon: reactive-resume.svg - homepage.description: Open-source resume builder - swag: enable - swag_proto: http - swag_port: 3000 - swag_url: resume.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://resume.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "3011" - target: 3000 - restart: unless-stopped - reactive-resume-pg: - container_name: reactive-resume-pg - environment: - TZ: ${TZ} - POSTGRES_DB: reactiveresume - POSTGRES_USER: reactiveresume - POSTGRES_PASSWORD: ${REACTIVE_RESUME_PGSQL_PASSWORD} - expose: - - 5432 - image: postgres:16-alpine - networks: - default: null - restart: unless-stopped - volumes: - - reactive-resume-pg:/var/lib/postgresql/data - readarr: - container_name: readarr - environment: - PGID: ${PGID} - PUID: ${PUID} - TZ: America/New_York - DOCKER_MODS: ghcr.io/gilbn/theme.park:readnarr - hostname: Rinoa - image: lscr.io/linuxserver/readarr:develop - labels: - homepage.group: Servarr Stack - homepage.name: Readarr - homepage.href: https://readarr.${MY_TLD} - homepage.icon: readarr.png - homepage.description: eBook/Audiobook Automation - homepage.widget.type: readarr - homepage.widget.url: http://readarr:8787 - homepage.widget.key: ${READARR_API_KEY} - swag: enable - swag.uptime-kuma.enabled: true - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8787" - target: 8787 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/readarr - target: /config - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - redis: - cap_add: - - SETGID - - SETUID - - DAC_OVERRIDE - cap_drop: - - ALL - command: redis-server --save "" --appendonly "no" - container_name: redis - expose: - - 6379 - image: redis:alpine - networks: - default: null - restart: unless-stopped - tmpfs: - - /var/lib/redis - redlib: - cap_drop: - - ALL - container_name: redlib - environment: - REDLIB_SFW_ONLY: off - REDLIB_BANNER: - REDLIB_ROBOTS_DISABLE_INDEXING: off - REDLIB_PUSHSHIFT_FRONTEND: undelete.pullpush.io - REDLIB_DEFAULT_THEME: nord - REDLIB_DEFAULT_FRONT_PAGE: default - REDLIB_DEFAULT_LAYOUT: clean - REDLIB_DEFAULT_WIDE: on - REDLIB_DEFAULT_POST_SORT: hot - REDLIB_DEFAULT_COMMENT_SORT: confidence - REDLIB_DEFAULT_SHOW_NSFW: off - REDLIB_DEFAULT_BLUR_NSFW: on - REDLIB_DEFAULT_USE_HLS: off - REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION: off - REDLIB_DEFAULT_AUTOPLAY_VIDEOS: off - REDLIB_DEFAULT_SUBSCRIPTIONS: - REDLIB_DEFAULT_HIDE_AWARDS: off - REDLIB_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION: off - REDLIB_DEFAULT_HIDE_SCORE: off - REDLIB_DEFAULT_FIXED_NAVBAR: on - image: quay.io/redlib/redlib:latest - labels: - homepage.group: Social - homepage.name: Redlib - homepage.href: https://rlib.${MY_TLD} - homepage.icon: libreddit.svg - homepage.description: Redlib is a private front-end like Invidious but for Reddit - swag: enable - swag_auth: authelia - swag_proto: http - swag_port: 8080 - swag_url: rlib.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://rlib.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8103" - target: 8080 - read_only: true - restart: always - security_opt: - - no-new-privileges=true - user: nobody - rocketchat: - container_name: rocketchat - depends_on: - mongodb: - condition: service_started - required: true - environment: - ADMIN_USERNAME: Trez.One - ADMIN_NAME: Charish Patel - ADMIN_PASS: ${ROCKETCHAT_ADMIN_PASSWORD} - ADMIN_EMAIL: charish.patel@trez.wtf - MONGO_URL: mongodb://rocketchat:${ROCKETCHAT_MONGODB_PASSWORD}@mongodb:27017/rocketchat?replicaSet=rinoa - MONGO_OPLOG_URL: mongodb://rocketchat:${ROCKETCHAT_MONGODB_PASSWORD}@mongodb:27017/local?replicaSet=rinoa - ROOT_URL: https://chat.trez.wtf - PORT: 3000 - DEPLOY_METHOD: docker - DEPLOY_PLATFORM: ${DEPLOY_PLATFORM:-} - REG_TOKEN: ${REG_TOKEN:-} - expose: - - 3000 - image: ${IMAGE:-registry.rocket.chat/rocketchat/rocket.chat}:${RELEASE:-latest} - labels: - homepage.group: Social - homepage.name: Rocket.Chat - homepage.href: https://chat.${MY_TLD} - homepage.icon: rocket-chat.svg - homepage.description: Fully customizable communications platform with high standards of data protection - swag: enable - swag_proto: http - swag_port: 3000 - swag_url: chat.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://chat.${MY_TLD} - restart: always - sabnzbdvpn: - cap_add: - - NET_ADMIN - - SYS_MODULE - container_name: sabnzbdvpn - environment: - ENABLE_PRIVOXY: no - LAN_NETWORK: 192.168.1.0/24 - NAME_SERVERS: 192.168.1.254,1.1.1.1 - PGID: 1000 - PUID: 1000 - TZ: America/New_York - VPN_CLIENT: openvpn - VPN_ENABLED: yes - VPN_INPUT_PORTS: - VPN_OPTIONS: - VPN_OUTPUT_PORTS: - VPN_PASS: QGXRAYAwzVv9X84MAK2gPYq2Mt6ztdoA - VPN_PROV: pia - VPN_USER: p3120278 - DEBUG: true - hostname: Rinoa - image: ghcr.io/binhex/arch-sabnzbdvpn:latest - labels: - homepage.group: Downloaders - homepage.name: SABnzbd - homepage.href: https://sabnzbd.${MY_TLD} - homepage.icon: sabnzbd.png - homepage.description: NZB Downloader over VPN - homepage.widget.type: sabnzbd - homepage.widget.url: http://sabnzbdvpn:8080 - homepage.widget.env: 1 - homepage.widget.key: ${SABNZBDVPN_API_KEY} - swag: enable - swag_proto: http - swag_url: sabnzbd.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://sabnzbd.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8080" - target: 8080 - - mode: ingress - protocol: tcp - published: "8090" - target: 8090 - - mode: ingress - protocol: tcp - published: "8119" - target: 8118 - privileged: true - restart: unless-stopped - sysctls: - net.ipv4.conf.all.src_valid_mark: "1" - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/sabnzbdvpn - target: /config - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - scraperr: - command: - - npm - - run - - start - container_name: scraperr - expose: - - 3000 - image: jpyles0524/scraperr:latest - labels: - homepage.group: Personal Services - homepage.name: Scraperr - homepage.href: https://scrape.${MY_TLD} - homepage.icon: /icons/scraperr.png - homepage.description: Web scraper - swag: enable - swag_proto: http - swag_port: 3000 - swag_url: scrape.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://scrape.${MY_TLD} - networks: - default: null - restart: unless-stopped - scraperr-api: - container_name: scraperr-api - environment: - LOG_LEVEL: DEBUG - OLLAMA_URL: http://ollama:11434 - OLLAMA_MODEL: phi3 - MONGODB_URI: mongodb://mongodb:27017/scrapper - SECRET_KEY: ${SCRAPERR_SECRET_KEY} - ALGORITHM: HS256 - ACCESS_TOKEN_EXPIRE_MINUTES: 600 - DOCKER_HOST: tcp://dockerproxy:2375 - expose: - - 8000 - image: jpyles0524/scraperr_api:latest - labels: - swag: enable - swag_proto: http - swag_port: 3000 - swag_server_custom_directive: "location /api/ { rewrite ^/api(/.*)$ /$1 break ; proxy_pass http://scraperr:3000; }" - networks: - default: null - restart: unless-stopped - scrutiny: - cap_add: - - SYS_RAWIO - container_name: scrutiny - devices: - - "/dev/nvme0n1:/dev/nvme0n1:rwm" - - "/dev/sda:/dev/sda:rwm" - - "/dev/sdb:/dev/sdb:rwm" - - "/dev/sdc:/dev/sdc:rwm" - - "/dev/sdd:/dev/sdd:rwm" - - "/dev/sde:/dev/sde:rwm" - - "/dev/sdf:/dev/sdf:rwm" - image: ghcr.io/analogj/scrutiny:master-omnibus - labels: - homepage.group: Infrastructure/App Performance Monitoring - homepage.name: Scrutiny - homepage.href: http://192.168.1.254:8909 - homepage.icon: scrutiny.png - homepage.description: WebUI for smartd S.M.A.R.T monitoring - homepage.widget.type: scrutiny - homepage.widget.url: http://scrutiny:8080 - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8909" - target: 8080 - - mode: ingress - protocol: tcp - published: "8910" - target: 8086 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /run/udev - target: /run/udev - type: bind - - source: ${DOCKER_VOLUME_CONFIG}/scrutiny/config - target: /opt/scrutiny/config - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/scrutiny/influxdb - target: /opt/scrutiny/influxdb - type: bind - bind: - create_host_path: true - searxng: - cap_add: - - CHOWN - - SETGID - - SETUID - cap_drop: - - ALL - container_name: searxng - environment: - SEARXNG_BASE_URL: https://${SEARXNG_BASE_URL:-localhost}/ - image: searxng/searxng:latest - labels: - homepage.group: Personal Services - homepage.name: SearxNG - homepage.href: https://search.${MY_TLD} - homepage.icon: searxng.png - homepage.description: Anonymized Meta-Search Engine - swag: enable - swag_address: searxng - swag_proto: http - swag_url: search.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://search.${MY_TLD} - logging: - driver: json-file - options: - max-file: "1" - max-size: 1m - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8095" - target: 8080 - privileged: true - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/searxng - target: /etc/searxng - type: bind - bind: - create_host_path: true - slurpit-portal: - container_name: slurpit-portal - environment: - TZ: ${TZ} - PORTAL_BASE_URL: https://slurpit.trez.wtf - PORTAL_WAREHOUSE_URL: http://slurpit-warehouse - image: slurpit/portal:latest - labels: - homepage.group: Infrastructure/App Performance Monitoring - homepage.name: Slurp'it - homepage.href: https://slurpit.${MY_TLD} - homepage.icon: /icons/slurpit.png - homepage.description: Network discovery - swag: enable - swag_port: 80 - swag_url: slurpit.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://slurpit.${MY_TLD} - ports: - - 8110:80 - - 5443:443 - restart: always - volumes: - - ${DOCKER_VOLUME_CONFIG}/slurpit/logs/nginx:/var/log/nginx/ - - ${DOCKER_VOLUME_CONFIG}/slurpit/logs/mysql:/var/log/mysql/ - - ${DOCKER_VOLUME_CONFIG}/slurpit/logs/php:/var/log/php/ - - ${DOCKER_VOLUME_CONFIG}/slurpit/certs:/etc/nginx/certs/ - - ${DOCKER_VOLUME_CONFIG}/slurpit/db/portal:/var/lib/mysql - - ${DOCKER_VOLUME_CONFIG}/slurpit/backup/portal:/backup/files - slurpit-scanner: - container_name: slurpit-scanner - depends_on: - slurpit-warehouse: - condition: service_healthy - environment: - TZ: ${TZ} - SCANNER_POOLSIZE: 4 - SCANNER_TIMEOUT: 10 - SCANNER_WAREHOUSE_URL: http://slurpit-warehouse - image: slurpit/scanner:latest - restart: always - volumes: - - ${DOCKER_VOLUME_CONFIG}/slurpit/logs/scanner:/logs - slurpit-scraper: - container_name: slurpit-scraper - depends_on: - slurpit-warehouse: - condition: service_healthy - image: slurpit/scraper:latest - environment: - TZ: ${TZ} - SCRAPER_TIMEOUT: 20 - SCRAPER_POOLSIZE: 4 - SCRAPER_WAREHOUSE_URL: http://slurpit-warehouse - restart: always - volumes: - - ${DOCKER_VOLUME_CONFIG}/slurpit/logs/scraper:/logs - slurpit-warehouse: - container_name: slurpit-warehouse - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost/services"] - interval: 10s - timeout: 10s - retries: 360 - image: slurpit/warehouse:latest - environment: - TZ: ${TZ} - WAREHOUSE_CALLBACK_SCANNER_URL: http://slurpit-portal/callback/scanner - WAREHOUSE_CALLBACK_SCANNER_TOKEN: - WAREHOUSE_CALLBACK_SCRAPER_URL: http://slurpit-portal/callback/scraper - WAREHOUSE_CALLBACK_SCRAPER_TOKEN: - restart: always - volumes: - - ${DOCKER_VOLUME_CONFIG}/slurpit/backup/warehouse:/backup/files - - ${DOCKER_VOLUME_CONFIG}/slurpit/db/warehouse:/var/lib/mongodb - - ${DOCKER_VOLUME_CONFIG}/slurpit/logs/warehouse/mongodb:/var/log/mongodb - - ${DOCKER_VOLUME_CONFIG}/slurpit/logs/warehouse:/logs - sonarqube: - container_name: sonarqube - depends_on: - sonarqube-pg-db: - condition: service_healthy - environment: - SONAR_JDBC_URL: jdbc:postgresql://sonarqube-pg-db:5432/sonar - SONAR_JDBC_USERNAME: sonar - SONAR_JDBC_PASSWORD: ${SONARQUBE_POSTGRES_PASSWORD} - SONAR_SECURITY_REALM: LDAP - LDAP_URL: ldap://lldap:3890 - LDAP_BINDDN: cn=sonarqube,ou=people,dc=trez,dc=wtf - LDAP_BINDPASSWORD: ${SONARQUBE_LDAP_BIND_PASSWORD} - LDAP_AUTHENTICATION: simple - LDAP_USER_BASEDN: ou=people,dc=trez,dc=wtf - LDAP_USER_REQUEST: (&(objectClass=inetOrgPerson)(uid={login})(memberof=cn=sonarqube_users,ou=groups,dc=example,dc=com)) - LDAP_USER_REALNAMEATTRIBUTE: cn - LDAP_USER_EMAILATTRIBUTE: mail - hostname: sonarqube - image: mc1arke/sonarqube-with-community-branch-plugin:lts - labels: - homepage.group: Code/DevOps - homepage.name: Sonarqube - homepage.href: https://sqube.trez.wtf - homepage.icon: sonarqube.svg - homepage.description: Code/DevOps quality/security - swag: enable - swag_proto: http - swag_port: 9000 - swag_url: sqube.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://sqube.${MY_TLD} - volumes: - - sonarqube-data:/opt/sonarqube/data - - sonarqube-extensions:/opt/sonarqube/extensions - - sonarqube-logs:/opt/sonarqube/logs - - sonarqube-temp:/opt/sonarqube/temp - ports: - - 9003:9000 - read_only: true - restart: unless-stopped - sonarqube-pg-db: - container_name: sonarqube-pg-db - environment: - POSTGRES_USER: sonar - POSTGRES_PASSWORD: ${SONARQUBE_POSTGRES_PASSWORD} - POSTGRES_DB: sonar - healthcheck: - test: ["CMD-SHELL", "pg_isready"] - interval: 10s - timeout: 5s - retries: 5 - image: postgres:17-alpine - restart: unless-stopped - volumes: - - sonarqube-db:/var/lib/postgresql - - sonarqube-db-data:/var/lib/postgresql/data - sonarr: - container_name: sonarr - environment: - PGID: ${PGID} - PUID: ${PUID} - TZ: ${TZ} - DOCKER_MODS: ghcr.io/gilbn/theme.park:sonarr - hostname: Rinoa - image: lscr.io/linuxserver/sonarr:latest - labels: - homepage.group: Servarr Stack - homepage.name: Sonarr - homepage.href: https://sonarr.${MY_TLD} - homepage.icon: sonarr.png - homepage.description: TV Show Automation - homepage.widget.type: sonarr - homepage.widget.url: http://sonarr:8989 - homepage.widget.key: ${SONARR_API_KEY} - swag: enable - swag.uptime-kuma.enabled: true - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8989" - target: 8989 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/sonarr - target: /config - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - sonashow: - container_name: sonashow - environment: - auto_start: true - auto_start_delay: 60 - dry_run_adding_to_sonarr: false - fallback_to_top_result: false - language_choice: all - metadata_profile_id: 1 - minimum_rating: 4.5 - minimum_votes: 50 - quality_profile_id: 1 - radarr_address: http://sonarr:8989 - radarr_api_key: ${SONARR_API_KEY} - root_folder_path: /data/media/shows - search_for_missing_episodes: true - sonarr_api_timeout: 120 - tmdb_api_key: ${TMDB_API_KEY} - expose: - - 5000 - image: thewicklowwolf/sonashow:latest - labels: - homepage.group: Servarr Stack - homepage.name: Sonashow - homepage.href: https://sonashow.${MY_TLD} - homepage.icon: sh-sonashow.png - homepage.description: TV show discovery based on library/tastes - swag: enable - swag_auth: authelia - swag_proto: http - swag_port: 5000 - swag_url: sonashow.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://sonashow.${MY_TLD} - networks: - default: null - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_STORAGE}/TV_Shows - target: /data/media/shows - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/sonashow - target: /sonashow/config - type: bind - bind: - create_host_path: true - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - soularr: - container_name: soularr - depends_on: - - lidarr - - soulseek - environment: - PUID: ${PUID} - PGID: ${PGID} - TZ: ${TZ} - #Script interval in seconds - SCRIPT_INTERVAL: 300 - image: mrusse08/soularr:latest - restart: unless-stopped - volumes: - #"You can set /downloads to whatever you want but will then need to change the Slskd download dir in your config file" - - ${DOCKER_VOLUME_STORAGE}/downloads:/downloads - #Select where you are storing your config file. Leave "/data" since thats where the script expects the config file to be - - ${DOCKER_VOLUME_CONFIG}/soularr:/data - soulseek: - container_name: soulseek - depends_on: - gluetun: - condition: service_started - required: true - restart: true - environment: - SLSKD_PASSWORD: ${SLSKD_PASSWORD} - SLSKD_REMOTE_CONFIGURATION: true - SLSKD_SHARED_DIR: /music - SLSKD_USERNAME: slsk - image: slskd/slskd - labels: - homepage.name: Soulseek - homepage.group: Downloaders - homepage.description: Modern client-server application for the Soulseek file-sharing network. - homepage.href: https://slsk.${MY_TLD} - homepage.icon: slskd.svg - swag: enable - swag_proto: http - swag_url: slsk.${MY_TLD} - swag_address: gluetun - swag_port: 5030 - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://slsk.${MY_TLD} - network_mode: service:gluetun - restart: always - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/soulseek - target: /app - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_STORAGE}/Audio/Music - target: /music - type: bind - bind: - create_host_path: true - sourcebot: - container_name: sourcebot - environment: - CONFIG_PATH: /data/config.json - image: ghcr.io/sourcebot-dev/sourcebot:latest - labels: - homepage.name: Sourcebot - homepage.group: Code/DevOps - homepage.description: Self-hosted internet performance tracking - homepage.href: https://source.${MY_TLD} - homepage.icon: /icons/sourcebot.png - swag: enable - swag_proto: http - swag_port: 3000 - swag_url: source.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://source.${MY_TLD} - ports: - - 45251:3000 - restart: unless-stopped - volumes: - - ${DOCKER_VOLUME_CONFIG}/sourcebot:/data - speedtest-tracker: - container_name: speedtest-tracker - image: lscr.io/linuxserver/speedtest-tracker:latest - environment: - PUID: ${PUID} - PGID: ${PGID} - APP_KEY: ${SPEEDTEST_TRACKER_APP_KEY} - DB_CONNECTION: sqlite - SPEEDTEST_SCHEDULE: 15 */3 * * * - labels: - homepage.name: Speedtest Tracker - homepage.group: System Administration - homepage.description: Self-hosted internet performance tracking - homepage.href: https://speed.${MY_TLD} - homepage.icon: speedtest-tracker.png - swag: enable - swag_proto: http - swag_url: speed.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://slsk.${MY_TLD} - ports: - - 47512:80 - - 62777:443 - restart: unless-stopped - volumes: - - ${DOCKER_VOLUME_CONFIG}/speedtest-tracker:/config - spotisub: - container_name: spotisub - environment: - SPOTIPY_CLIENT_ID: ${YOUR_SPOTIFY_ID} - SPOTIPY_CLIENT_SECRET: ${YOUR_SPOTIFY_SECRET} - SPOTIPY_REDIRECT_URI: http://127.0.0.1:8080/ - SUBSONIC_API_HOST: http://navidrome - SUBSONIC_API_PORT: 4533 - SUBSONIC_API_USER: ${NAVIDROME_USERNAME} - SUBSONIC_API_PASS: ${NAVIDROME_PASSWORD} - healthcheck: - test: curl -s http://127.0.0.1:5183/api/v1/utils/healthcheck | grep -q 'Ok!' || exit 1 - interval: 30s - retries: 20 - start_period: 30s - image: blastbeng/spotisub:latest - ports: - - 5183:5183 - restart: always - volumes: - - ${DOCKER_VOLUME_CONFIG}/spotisub:/home/user/spotisub/cache - swag: - cap_add: - - NET_ADMIN - container_name: swag - environment: - DNSPLUGIN: cloudflare - EMAIL: charish.patel@trez.wtf - EXTRA_DOMAINS: - ONLY_SUBDOMAINS: false - PGID: 1000 - PUID: 1000 - SUBDOMAINS: etherpad,ha,www - TZ: America/New_York - URL: trez.wtf - VALIDATION: dns - CROWDSEC_API_KEY: ${CROWDSEC_API_KEY} - CROWDSEC_LAPI_URL: http://crowdsec:8080 - DOCKER_MODS: linuxserver/mods:universal-docker|linuxserver/mods:swag-auto-reload|linuxserver/mods:swag-auto-proxy|linuxserver/mods:swag-dashboard|linuxserver/mods:swag-maxmind|linuxserver/mods:universal-stdout-logs|ghcr.io/linuxserver/mods:swag-crowdsec #|linuxserver/mods:swag-auto-uptime-kuma - PROPAGATION: 30 - UPTIME_KUMA_PASSWORD: ${UPTIME_KUMA_PASSWORD} - UPTIME_KUMA_URL: http://uptimekuma:3001 - UPTIME_KUMA_USERNAME: ${UPTIME_KUMA_USERNAME} - hostname: Rinoa - image: lscr.io/linuxserver/swag:latest - labels: - swag: enable - swag_proto: http - swag_port: 81 - swag_url: swag.${MY_TLD} - swag_auth: authelia - komodo.skip: a - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://swag.${MY_TLD} - homepage.group: Infrastructure/App Performance Monitoring - homepage.name: SWAG Dashboard - homepage.href: https://swag.${MY_TLD} - homepage.icon: linuxserver-io.png - homepage.description: SWAG Dashboard for proxies - homepage.widget.type: swagdashboard - homepage.widget.url: http://swag:81 - networks: - - default - - nextcloud-aio - ports: - - mode: ingress - protocol: tcp - published: "443" - target: 443 - - mode: ingress - protocol: tcp - published: "80" - target: 80 - - mode: ingress - protocol: tcp - published: "81" - target: 81 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/swag - target: /config - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - - bind: - create_host_path: true - read_only: true - source: /var/run/docker.sock - target: /var/run/docker.sock - type: bind - tandoor: - container_name: tandoor-recipes - depends_on: - tandoor-pg: - condition: service_started - required: true - environment: - DB_ENGINE: django.db.backends.postgresql - GID: 1000 - POSTGRES_DB: tandoor - POSTGRES_HOST: tandoor-pg - POSTGRES_PASSWORD: ${TANDOOR_POSTGRES_PASSWORD} - POSTGRES_USER: tandoor - SECRET_KEY: ${TANDOOR_SECRET_KEY} - TZ: ${TZ} - UID: 1000 - image: vabene1111/recipes - labels: - homepage.group: Lifestyle - homepage.name: Tandoor Recipes - homepage.href: https://recipes.${MY_TLD} - homepage.icon: tandoor-recipes.svg - homepage.description: Recipes, cookbooks, meal-planning, & grocery lists - homepage.widget.type: tandoor - homepage.widget.url: http://tandoor-recipes:8080 - homepage.widget.key: ${TANDOOR_API_TOKEN} - swag: enable - swag_proto: http - swag_url: recipes.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://trac.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8106" - target: 8080 - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/tandoor/static - target: /opt/recipes/staticfiles - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/tandoor/media - target: /opt/recipes/mediafiles - type: bind - bind: - create_host_path: true - tandoor-pg: - container_name: tandoor-pg - environment: - POSTGRES_DB: tandoor - POSTGRES_PASSWORD: ${TANDOOR_POSTGRES_PASSWORD} - POSTGRES_USER: tandoor - expose: - - 5432 - image: postgres:16-alpine - networks: - default: null - restart: always - volumes: - - source: tandoor-pg - target: /var/lib/postgresql/data - type: volume - volume: {} - traccar: - container_name: traccar - image: traccar/traccar:latest - labels: - homepage.group: Personal Services - homepage.name: Traccar - homepage.href: https://trac.${MY_TLD} - homepage.icon: traccar.svg - homepage.description: Open-source GPS tracking system - swag: enable - swag_proto: http - swag_port: 8082 - swag_url: trac.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://trac.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: udp - published: "6000" - target: 5000 - - mode: ingress - protocol: udp - published: "6001" - target: 5001 - - mode: ingress - protocol: udp - published: "6002" - target: 5002 - - mode: ingress - protocol: udp - published: "6003" - target: 5003 - - mode: ingress - protocol: udp - published: "6004" - target: 5004 - - mode: ingress - protocol: udp - published: "6005" - target: 5005 - - mode: ingress - protocol: udp - published: "6006" - target: 5006 - - mode: ingress - protocol: udp - published: "6007" - target: 5007 - - mode: ingress - protocol: udp - published: "6008" - target: 5008 - - mode: ingress - protocol: udp - published: "6009" - target: 5009 - - mode: ingress - protocol: udp - published: "6010" - target: 5010 - - mode: ingress - protocol: udp - published: "6011" - target: 5011 - - mode: ingress - protocol: udp - published: "6012" - target: 5012 - - mode: ingress - protocol: udp - published: "6013" - target: 5013 - - mode: ingress - protocol: udp - published: "6014" - target: 5014 - - mode: ingress - protocol: udp - published: "6015" - target: 5015 - - mode: ingress - protocol: udp - published: "6016" - target: 5016 - - mode: ingress - protocol: udp - published: "6017" - target: 5017 - - mode: ingress - protocol: udp - published: "6018" - target: 5018 - - mode: ingress - protocol: udp - published: "6019" - target: 5019 - - mode: ingress - protocol: udp - published: "6020" - target: 5020 - - mode: ingress - protocol: udp - published: "6021" - target: 5021 - - mode: ingress - protocol: udp - published: "6022" - target: 5022 - - mode: ingress - protocol: udp - published: "6023" - target: 5023 - - mode: ingress - protocol: udp - published: "6024" - target: 5024 - - mode: ingress - protocol: udp - published: "6025" - target: 5025 - - mode: ingress - protocol: udp - published: "6026" - target: 5026 - - mode: ingress - protocol: udp - published: "6027" - target: 5027 - - mode: ingress - protocol: udp - published: "6028" - target: 5028 - - mode: ingress - protocol: udp - published: "6029" - target: 5029 - - mode: ingress - protocol: udp - published: "6030" - target: 5030 - - mode: ingress - protocol: udp - published: "6031" - target: 5031 - - mode: ingress - protocol: udp - published: "6032" - target: 5032 - - mode: ingress - protocol: udp - published: "6033" - target: 5033 - - mode: ingress - protocol: udp - published: "6034" - target: 5034 - - mode: ingress - protocol: udp - published: "6035" - target: 5035 - - mode: ingress - protocol: udp - published: "6036" - target: 5036 - - mode: ingress - protocol: udp - published: "6037" - target: 5037 - - mode: ingress - protocol: udp - published: "6038" - target: 5038 - - mode: ingress - protocol: udp - published: "6039" - target: 5039 - - mode: ingress - protocol: udp - published: "6040" - target: 5040 - - mode: ingress - protocol: udp - published: "6041" - target: 5041 - - mode: ingress - protocol: udp - published: "6042" - target: 5042 - - mode: ingress - protocol: udp - published: "6043" - target: 5043 - - mode: ingress - protocol: udp - published: "6044" - target: 5044 - - mode: ingress - protocol: udp - published: "6045" - target: 5045 - - mode: ingress - protocol: udp - published: "6046" - target: 5046 - - mode: ingress - protocol: udp - published: "6047" - target: 5047 - - mode: ingress - protocol: udp - published: "6048" - target: 5048 - - mode: ingress - protocol: udp - published: "6049" - target: 5049 - - mode: ingress - protocol: udp - published: "6050" - target: 5050 - - mode: ingress - protocol: udp - published: "6051" - target: 5051 - - mode: ingress - protocol: udp - published: "6052" - target: 5052 - - mode: ingress - protocol: udp - published: "6053" - target: 5053 - - mode: ingress - protocol: udp - published: "6054" - target: 5054 - - mode: ingress - protocol: udp - published: "6055" - target: 5055 - - mode: ingress - protocol: udp - published: "6056" - target: 5056 - - mode: ingress - protocol: udp - published: "6057" - target: 5057 - - mode: ingress - protocol: udp - published: "6058" - target: 5058 - - mode: ingress - protocol: udp - published: "6059" - target: 5059 - - mode: ingress - protocol: udp - published: "6060" - target: 5060 - - mode: ingress - protocol: udp - published: "6061" - target: 5061 - - mode: ingress - protocol: udp - published: "6062" - target: 5062 - - mode: ingress - protocol: udp - published: "6063" - target: 5063 - - mode: ingress - protocol: udp - published: "6064" - target: 5064 - - mode: ingress - protocol: udp - published: "6065" - target: 5065 - - mode: ingress - protocol: udp - published: "6066" - target: 5066 - - mode: ingress - protocol: udp - published: "6067" - target: 5067 - - mode: ingress - protocol: udp - published: "6068" - target: 5068 - - mode: ingress - protocol: udp - published: "6069" - target: 5069 - - mode: ingress - protocol: udp - published: "6070" - target: 5070 - - mode: ingress - protocol: udp - published: "6071" - target: 5071 - - mode: ingress - protocol: udp - published: "6072" - target: 5072 - - mode: ingress - protocol: udp - published: "6073" - target: 5073 - - mode: ingress - protocol: udp - published: "6074" - target: 5074 - - mode: ingress - protocol: udp - published: "6075" - target: 5075 - - mode: ingress - protocol: udp - published: "6076" - target: 5076 - - mode: ingress - protocol: udp - published: "6077" - target: 5077 - - mode: ingress - protocol: udp - published: "6078" - target: 5078 - - mode: ingress - protocol: udp - published: "6079" - target: 5079 - - mode: ingress - protocol: udp - published: "6080" - target: 5080 - - mode: ingress - protocol: udp - published: "6081" - target: 5081 - - mode: ingress - protocol: udp - published: "6082" - target: 5082 - - mode: ingress - protocol: udp - published: "6083" - target: 5083 - - mode: ingress - protocol: udp - published: "6084" - target: 5084 - - mode: ingress - protocol: udp - published: "6085" - target: 5085 - - mode: ingress - protocol: udp - published: "6086" - target: 5086 - - mode: ingress - protocol: udp - published: "6087" - target: 5087 - - mode: ingress - protocol: udp - published: "6088" - target: 5088 - - mode: ingress - protocol: udp - published: "6089" - target: 5089 - - mode: ingress - protocol: udp - published: "6090" - target: 5090 - - mode: ingress - protocol: udp - published: "6091" - target: 5091 - - mode: ingress - protocol: udp - published: "6092" - target: 5092 - - mode: ingress - protocol: udp - published: "6093" - target: 5093 - - mode: ingress - protocol: udp - published: "6094" - target: 5094 - - mode: ingress - protocol: udp - published: "6095" - target: 5095 - - mode: ingress - protocol: udp - published: "6096" - target: 5096 - - mode: ingress - protocol: udp - published: "6097" - target: 5097 - - mode: ingress - protocol: udp - published: "6098" - target: 5098 - - mode: ingress - protocol: udp - published: "6099" - target: 5099 - - mode: ingress - protocol: udp - published: "6100" - target: 5100 - - mode: ingress - protocol: udp - published: "6101" - target: 5101 - - mode: ingress - protocol: udp - published: "6102" - target: 5102 - - mode: ingress - protocol: udp - published: "6103" - target: 5103 - - mode: ingress - protocol: udp - published: "6104" - target: 5104 - - mode: ingress - protocol: udp - published: "6105" - target: 5105 - - mode: ingress - protocol: udp - published: "6106" - target: 5106 - - mode: ingress - protocol: udp - published: "6107" - target: 5107 - - mode: ingress - protocol: udp - published: "6108" - target: 5108 - - mode: ingress - protocol: udp - published: "6109" - target: 5109 - - mode: ingress - protocol: udp - published: "6110" - target: 5110 - - mode: ingress - protocol: udp - published: "6111" - target: 5111 - - mode: ingress - protocol: udp - published: "6112" - target: 5112 - - mode: ingress - protocol: udp - published: "6113" - target: 5113 - - mode: ingress - protocol: udp - published: "6114" - target: 5114 - - mode: ingress - protocol: udp - published: "6115" - target: 5115 - - mode: ingress - protocol: udp - published: "6116" - target: 5116 - - mode: ingress - protocol: udp - published: "6117" - target: 5117 - - mode: ingress - protocol: udp - published: "6118" - target: 5118 - - mode: ingress - protocol: udp - published: "6119" - target: 5119 - - mode: ingress - protocol: udp - published: "6120" - target: 5120 - - mode: ingress - protocol: udp - published: "6121" - target: 5121 - - mode: ingress - protocol: udp - published: "6122" - target: 5122 - - mode: ingress - protocol: udp - published: "6123" - target: 5123 - - mode: ingress - protocol: udp - published: "6124" - target: 5124 - - mode: ingress - protocol: udp - published: "6125" - target: 5125 - - mode: ingress - protocol: udp - published: "6126" - target: 5126 - - mode: ingress - protocol: udp - published: "6127" - target: 5127 - - mode: ingress - protocol: udp - published: "6128" - target: 5128 - - mode: ingress - protocol: udp - published: "6129" - target: 5129 - - mode: ingress - protocol: udp - published: "6130" - target: 5130 - - mode: ingress - protocol: udp - published: "6131" - target: 5131 - - mode: ingress - protocol: udp - published: "6132" - target: 5132 - - mode: ingress - protocol: udp - published: "6133" - target: 5133 - - mode: ingress - protocol: udp - published: "6134" - target: 5134 - - mode: ingress - protocol: udp - published: "6135" - target: 5135 - - mode: ingress - protocol: udp - published: "6136" - target: 5136 - - mode: ingress - protocol: udp - published: "6137" - target: 5137 - - mode: ingress - protocol: udp - published: "6138" - target: 5138 - - mode: ingress - protocol: udp - published: "6139" - target: 5139 - - mode: ingress - protocol: udp - published: "6140" - target: 5140 - - mode: ingress - protocol: udp - published: "6141" - target: 5141 - - mode: ingress - protocol: udp - published: "6142" - target: 5142 - - mode: ingress - protocol: udp - published: "6143" - target: 5143 - - mode: ingress - protocol: udp - published: "6144" - target: 5144 - - mode: ingress - protocol: udp - published: "6145" - target: 5145 - - mode: ingress - protocol: udp - published: "6146" - target: 5146 - - mode: ingress - protocol: udp - published: "6147" - target: 5147 - - mode: ingress - protocol: udp - published: "6148" - target: 5148 - - mode: ingress - protocol: udp - published: "6149" - target: 5149 - - mode: ingress - protocol: udp - published: "6150" - target: 5150 - - mode: ingress - protocol: tcp - published: "6000" - target: 5000 - - mode: ingress - protocol: tcp - published: "6001" - target: 5001 - - mode: ingress - protocol: tcp - published: "6002" - target: 5002 - - mode: ingress - protocol: tcp - published: "6003" - target: 5003 - - mode: ingress - protocol: tcp - published: "6004" - target: 5004 - - mode: ingress - protocol: tcp - published: "6005" - target: 5005 - - mode: ingress - protocol: tcp - published: "6006" - target: 5006 - - mode: ingress - protocol: tcp - published: "6007" - target: 5007 - - mode: ingress - protocol: tcp - published: "6008" - target: 5008 - - mode: ingress - protocol: tcp - published: "6009" - target: 5009 - - mode: ingress - protocol: tcp - published: "6010" - target: 5010 - - mode: ingress - protocol: tcp - published: "6011" - target: 5011 - - mode: ingress - protocol: tcp - published: "6012" - target: 5012 - - mode: ingress - protocol: tcp - published: "6013" - target: 5013 - - mode: ingress - protocol: tcp - published: "6014" - target: 5014 - - mode: ingress - protocol: tcp - published: "6015" - target: 5015 - - mode: ingress - protocol: tcp - published: "6016" - target: 5016 - - mode: ingress - protocol: tcp - published: "6017" - target: 5017 - - mode: ingress - protocol: tcp - published: "6018" - target: 5018 - - mode: ingress - protocol: tcp - published: "6019" - target: 5019 - - mode: ingress - protocol: tcp - published: "6020" - target: 5020 - - mode: ingress - protocol: tcp - published: "6021" - target: 5021 - - mode: ingress - protocol: tcp - published: "6022" - target: 5022 - - mode: ingress - protocol: tcp - published: "6023" - target: 5023 - - mode: ingress - protocol: tcp - published: "6024" - target: 5024 - - mode: ingress - protocol: tcp - published: "6025" - target: 5025 - - mode: ingress - protocol: tcp - published: "6026" - target: 5026 - - mode: ingress - protocol: tcp - published: "6027" - target: 5027 - - mode: ingress - protocol: tcp - published: "6028" - target: 5028 - - mode: ingress - protocol: tcp - published: "6029" - target: 5029 - - mode: ingress - protocol: tcp - published: "6030" - target: 5030 - - mode: ingress - protocol: tcp - published: "6031" - target: 5031 - - mode: ingress - protocol: tcp - published: "6032" - target: 5032 - - mode: ingress - protocol: tcp - published: "6033" - target: 5033 - - mode: ingress - protocol: tcp - published: "6034" - target: 5034 - - mode: ingress - protocol: tcp - published: "6035" - target: 5035 - - mode: ingress - protocol: tcp - published: "6036" - target: 5036 - - mode: ingress - protocol: tcp - published: "6037" - target: 5037 - - mode: ingress - protocol: tcp - published: "6038" - target: 5038 - - mode: ingress - protocol: tcp - published: "6039" - target: 5039 - - mode: ingress - protocol: tcp - published: "6040" - target: 5040 - - mode: ingress - protocol: tcp - published: "6041" - target: 5041 - - mode: ingress - protocol: tcp - published: "6042" - target: 5042 - - mode: ingress - protocol: tcp - published: "6043" - target: 5043 - - mode: ingress - protocol: tcp - published: "6044" - target: 5044 - - mode: ingress - protocol: tcp - published: "6045" - target: 5045 - - mode: ingress - protocol: tcp - published: "6046" - target: 5046 - - mode: ingress - protocol: tcp - published: "6047" - target: 5047 - - mode: ingress - protocol: tcp - published: "6048" - target: 5048 - - mode: ingress - protocol: tcp - published: "6049" - target: 5049 - - mode: ingress - protocol: tcp - published: "6050" - target: 5050 - - mode: ingress - protocol: tcp - published: "6051" - target: 5051 - - mode: ingress - protocol: tcp - published: "6052" - target: 5052 - - mode: ingress - protocol: tcp - published: "6053" - target: 5053 - - mode: ingress - protocol: tcp - published: "6054" - target: 5054 - - mode: ingress - protocol: tcp - published: "6055" - target: 5055 - - mode: ingress - protocol: tcp - published: "6056" - target: 5056 - - mode: ingress - protocol: tcp - published: "6057" - target: 5057 - - mode: ingress - protocol: tcp - published: "6058" - target: 5058 - - mode: ingress - protocol: tcp - published: "6059" - target: 5059 - - mode: ingress - protocol: tcp - published: "6060" - target: 5060 - - mode: ingress - protocol: tcp - published: "6061" - target: 5061 - - mode: ingress - protocol: tcp - published: "6062" - target: 5062 - - mode: ingress - protocol: tcp - published: "6063" - target: 5063 - - mode: ingress - protocol: tcp - published: "6064" - target: 5064 - - mode: ingress - protocol: tcp - published: "6065" - target: 5065 - - mode: ingress - protocol: tcp - published: "6066" - target: 5066 - - mode: ingress - protocol: tcp - published: "6067" - target: 5067 - - mode: ingress - protocol: tcp - published: "6068" - target: 5068 - - mode: ingress - protocol: tcp - published: "6069" - target: 5069 - - mode: ingress - protocol: tcp - published: "6070" - target: 5070 - - mode: ingress - protocol: tcp - published: "6071" - target: 5071 - - mode: ingress - protocol: tcp - published: "6072" - target: 5072 - - mode: ingress - protocol: tcp - published: "6073" - target: 5073 - - mode: ingress - protocol: tcp - published: "6074" - target: 5074 - - mode: ingress - protocol: tcp - published: "6075" - target: 5075 - - mode: ingress - protocol: tcp - published: "6076" - target: 5076 - - mode: ingress - protocol: tcp - published: "6077" - target: 5077 - - mode: ingress - protocol: tcp - published: "6078" - target: 5078 - - mode: ingress - protocol: tcp - published: "6079" - target: 5079 - - mode: ingress - protocol: tcp - published: "6080" - target: 5080 - - mode: ingress - protocol: tcp - published: "6081" - target: 5081 - - mode: ingress - protocol: tcp - published: "6082" - target: 5082 - - mode: ingress - protocol: tcp - published: "6083" - target: 5083 - - mode: ingress - protocol: tcp - published: "6084" - target: 5084 - - mode: ingress - protocol: tcp - published: "6085" - target: 5085 - - mode: ingress - protocol: tcp - published: "6086" - target: 5086 - - mode: ingress - protocol: tcp - published: "6087" - target: 5087 - - mode: ingress - protocol: tcp - published: "6088" - target: 5088 - - mode: ingress - protocol: tcp - published: "6089" - target: 5089 - - mode: ingress - protocol: tcp - published: "6090" - target: 5090 - - mode: ingress - protocol: tcp - published: "6091" - target: 5091 - - mode: ingress - protocol: tcp - published: "6092" - target: 5092 - - mode: ingress - protocol: tcp - published: "6093" - target: 5093 - - mode: ingress - protocol: tcp - published: "6094" - target: 5094 - - mode: ingress - protocol: tcp - published: "6095" - target: 5095 - - mode: ingress - protocol: tcp - published: "6096" - target: 5096 - - mode: ingress - protocol: tcp - published: "6097" - target: 5097 - - mode: ingress - protocol: tcp - published: "6098" - target: 5098 - - mode: ingress - protocol: tcp - published: "6099" - target: 5099 - - mode: ingress - protocol: tcp - published: "6100" - target: 5100 - - mode: ingress - protocol: tcp - published: "6101" - target: 5101 - - mode: ingress - protocol: tcp - published: "6102" - target: 5102 - - mode: ingress - protocol: tcp - published: "6103" - target: 5103 - - mode: ingress - protocol: tcp - published: "6104" - target: 5104 - - mode: ingress - protocol: tcp - published: "6105" - target: 5105 - - mode: ingress - protocol: tcp - published: "6106" - target: 5106 - - mode: ingress - protocol: tcp - published: "6107" - target: 5107 - - mode: ingress - protocol: tcp - published: "6108" - target: 5108 - - mode: ingress - protocol: tcp - published: "6109" - target: 5109 - - mode: ingress - protocol: tcp - published: "6110" - target: 5110 - - mode: ingress - protocol: tcp - published: "6111" - target: 5111 - - mode: ingress - protocol: tcp - published: "6112" - target: 5112 - - mode: ingress - protocol: tcp - published: "6113" - target: 5113 - - mode: ingress - protocol: tcp - published: "6114" - target: 5114 - - mode: ingress - protocol: tcp - published: "6115" - target: 5115 - - mode: ingress - protocol: tcp - published: "6116" - target: 5116 - - mode: ingress - protocol: tcp - published: "6117" - target: 5117 - - mode: ingress - protocol: tcp - published: "6118" - target: 5118 - - mode: ingress - protocol: tcp - published: "6119" - target: 5119 - - mode: ingress - protocol: tcp - published: "6120" - target: 5120 - - mode: ingress - protocol: tcp - published: "6121" - target: 5121 - - mode: ingress - protocol: tcp - published: "6122" - target: 5122 - - mode: ingress - protocol: tcp - published: "6123" - target: 5123 - - mode: ingress - protocol: tcp - published: "6124" - target: 5124 - - mode: ingress - protocol: tcp - published: "6125" - target: 5125 - - mode: ingress - protocol: tcp - published: "6126" - target: 5126 - - mode: ingress - protocol: tcp - published: "6127" - target: 5127 - - mode: ingress - protocol: tcp - published: "6128" - target: 5128 - - mode: ingress - protocol: tcp - published: "6129" - target: 5129 - - mode: ingress - protocol: tcp - published: "6130" - target: 5130 - - mode: ingress - protocol: tcp - published: "6131" - target: 5131 - - mode: ingress - protocol: tcp - published: "6132" - target: 5132 - - mode: ingress - protocol: tcp - published: "6133" - target: 5133 - - mode: ingress - protocol: tcp - published: "6134" - target: 5134 - - mode: ingress - protocol: tcp - published: "6135" - target: 5135 - - mode: ingress - protocol: tcp - published: "6136" - target: 5136 - - mode: ingress - protocol: tcp - published: "6137" - target: 5137 - - mode: ingress - protocol: tcp - published: "6138" - target: 5138 - - mode: ingress - protocol: tcp - published: "6139" - target: 5139 - - mode: ingress - protocol: tcp - published: "6140" - target: 5140 - - mode: ingress - protocol: tcp - published: "6141" - target: 5141 - - mode: ingress - protocol: tcp - published: "6142" - target: 5142 - - mode: ingress - protocol: tcp - published: "6143" - target: 5143 - - mode: ingress - protocol: tcp - published: "6144" - target: 5144 - - mode: ingress - protocol: tcp - published: "6145" - target: 5145 - - mode: ingress - protocol: tcp - published: "6146" - target: 5146 - - mode: ingress - protocol: tcp - published: "6147" - target: 5147 - - mode: ingress - protocol: tcp - published: "6148" - target: 5148 - - mode: ingress - protocol: tcp - published: "6149" - target: 5149 - - mode: ingress - protocol: tcp - published: "6150" - target: 5150 - - mode: ingress - protocol: tcp - published: "8082" - target: 8082 - restart: unless-stopped - volumes: - - read_only: true - source: ${DOCKER_VOLUME_CONFIG}/traccar/traccar.xml - target: /opt/traccar/conf/traccar.xml - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/traccar/logs - target: /opt/traccar/logs - type: bind - bind: - create_host_path: true - traccar-pg: - container_name: traccar-pg - environment: - POSTGRES_PASSWORD: ${TRACCAR_POSTGRES_PASSWORD} - POSTGRES_USER: ${TRACCAR_POSTGRES_USER} - POSTGRES_DB: ${TRACCAR_POSTGRES_DATABASE} - expose: - - 5432 - image: postgres:16-alpine - networks: - default: null - restart: unless-stopped - volumes: - - traccar-pg:/var/lib/postgresql/data - unmanic: - container_name: unmanic - environment: - DOCKER_MODS: linuxserver/mods:universal-docker|linuxserver/mods:universal-stdout-logs - PUID: ${PUID} - PGID: ${PGID} - LOGS_TO_STDOUT: /config/.unmanic/logs/unmanic.log - image: josh5/unmanic:latest - labels: - homepage.group: Media Library - homepage.name: Unmanic - homepage.href: https://unmanic.${MY_TLD} - homepage.icon: unmanic.png - homepage.description: Library Optimizer - homepage.widget.type: unmanic - homepage.widget.url: http://unmanic:8888 - swag: enable - swag_port: 8888 - swag_url: unmanic.${MY_TLD} - swag_proto: http - swag.uptime-kuma.enabled: true - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8911" - target: 8888 - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/unmanic - target: /config - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_STORAGE} - target: /library - type: bind - bind: - create_host_path: true - - source: unmanic-cache - target: /tmp/unmanic - type: volume - volume: {} - uptimekuma: - container_name: uptimekuma - environment: - PGID: ${PGID} - PUID: ${PUID} - TZ: America/New_York - UPTIME_KUMA_USERNAME: ${UPTIME_KUMA_USERNAME} - UPTIME_KUMA_PASSWORD: ${UPTIME_KUMA_PASSWORD} - DOCKER_HOST: http://dockerproxy:2375 - DOCKER_MODS: ghcr.io/themepark-dev/theme.park:uptime-kuma - hostname: Rinoa - image: louislam/uptime-kuma:latest - labels: - homepage.group: Infrastructure/App Performance Monitoring - homepage.name: Uptime Kuma - homepage.href: https://uptime.${MY_TLD} - homepage.icon: uptime-kuma.png - homepage.description: HTTP Endpoint Monitoring - swag: enable - swag_proto: http - swag_url: uptime.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "3003" - target: 3001 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/uptimekuma - target: /app/data - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - vault: - cap_add: - - IPC_LOCK - command: - - server - container_name: hc-vault - environment: - AWS_ACCESS_KEY_ID: ${VAULT_HASHICORP_AWS_ACCESS_KEY_ID} - AWS_SECRET_ACCESS_KEY: ${VAULT_HASHICORP_AWS_SECRET_ACCESS_KEY} - image: hashicorp/vault:latest - labels: - homepage.group: Code/DevOps - homepage.name: Vault - homepage.icon: vault.png - homepage.href: https://vault.${MY_TLD} - homepage.description: Hashicorp Vault for secrets, key/value stores, etc. - swag: enable - swag_proto: http - swag_port: 8200 - swag_url: vault.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://vault.${MY_TLD} - ports: - - 8200:8200 - - 8250:8250 - restart: unless-stopped - volumes: - - ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/config/:/vault/config - - ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/logs/:/vault/logs - wallabag: - container_name: wallabag - depends_on: - mariadb: - condition: service_started - required: true - restart: true - redis: - condition: service_started - required: true - environment: - SYMFONY__ENV__DATABASE_DRIVER: pdo_mysql - SYMFONY__ENV__DATABASE_HOST: mariadb - SYMFONY__ENV__DATABASE_PORT: 3306 - SYMFONY__ENV__DATABASE_NAME: ${WALLABAG_DB} - SYMFONY__ENV__DATABASE_USER: ${WALLABAG_DB} - SYMFONY__ENV__DATABASE_PASSWORD: ${WALLABAG_DB_PASSWORD} - SYMFONY__ENV__DATABASE_CHARSET: utf8 - SYMFONY__ENV__DATABASE_TABLE_PREFIX: "wallabag_" - SYMFONY__ENV__MAILER_DSN: smtp://postal-smtp - SYMFONY__ENV__FROM_EMAIL: noreply@trez.wtf - SYMFONY__ENV__DOMAIN_NAME: https://wallabag.${MY_TLD} - SYMFONY__ENV__SERVER_NAME: "Wallabag @ Rinoa" - SYMFONY__ENV__REDIS_HOST: redis - SYMFONY__ENV__REDIS_PORT: 6379 - healthcheck: - interval: 1m - test: - - CMD - - wget - - --no-verbose - - --tries=1 - - --spider - - http://localhost - timeout: 3s - image: wallabag/wallabag - labels: - swag: enable - swag_address: wallabag - swag_proto: http - swag.uptime-kuma.enabled: true - homepage.group: Lifestyle - homepage.name: Wallabag - homepage.href: https://wallabag.${MY_TLD} - homepage.icon: wallabag.png - homepage.description: Knowledge Store - networks: - default: null - ports: - - mode: ingress - protocol: tcp - target: 80 - restart: unless-stopped - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/wallabag/images - target: /var/www/wallabag/web/assets/images - type: bind - bind: - create_host_path: true - wallos: - container_name: wallos - environment: - TZ: ${TZ} - image: bellamy/wallos:latest - labels: - homepage.group: Lifestyle - homepage.name: wallos - homepage.href: https://subs.${MY_TLD} - homepage.icon: wallos.png - homepage.description: Subscription Tracking - swag: enable - swag_proto: http - swag_url: subs.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://trac.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8283" - target: 80 - restart: unless-stopped - volumes: - - wallos-db:/var/www/html/db - - wallos-logos:/var/www/html/images/uploads/logos - watchtower: - container_name: watchtower - environment: - REPO_PASS: - REPO_USER: - TZ: America/New_York - WATCHTOWER_CLEANUP: true - WATCHTOWER_INCLUDE_STOPPED: false - WATCHTOWER_MONITOR_ONLY: false - WATCHTOWER_NOTIFICATIONS: gotify - WATCHTOWER_NOTIFICATIONS_LEVEL: info - WATCHTOWER_NOTIFICATION_TEMPLATE: '{{range .}}{{.Message}}{{println}}{{end}}' - WATCHTOWER_NOTIFICATION_URL: - WATCHTOWER_SCHEDULE: 0 0 4 * * * - WATCHTOWER_TIMEOUT: 30s - WATCHTOWER_HTTP_API_METRICS: true - WATCHTOWER_HTTP_API_TOKEN: ${WATCHTOWER_HTTP_API_TOKEN} - WATCHTOWER_NOTIFICATION_GOTIFY_URL: ${WATCHTOWER_NOTIFICATION_GOTIFY_URL} - WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN: ${WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN} - WATCHTOWER_NOTIFICATION_GOTIFY_TLS_SKIP_VERIFY: true - expose: - - 8080 - hostname: Rinoa - image: ghcr.io/containrrr/watchtower:latest - labels: - homepage.group: Automation - homepage.name: Watchtower - homepage.icon: watchtower.svg - homepage.description: Container-based solution for automating Docker container base image updates - homepage.widget.type: watchtower - homepage.widget.url: http://watchtower:8080 - homepage.widget.key: ${WATCHTOWER_HTTP_API_TOKEN} - networks: - default: null - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - - bind: - create_host_path: true - source: /var/run/docker.sock - target: /var/run/docker.sock - type: bind - wazuh-agent: - container_name: wazuh.agent - environment: - JOIN_MANAGER_PROTOCOL: https - JOIN_MANAGER_MASTER_HOST: wazuh.manager - JOIN_MANAGER_WORKER_HOST: wazuh.manager - JOIN_MANAGER_USER: wazuh-wui - JOIN_MANAGER_PASSWORD: ${WAZUH_API_PASSWORD} - JOIN_MANAGER_API_PORT: 55000 - JOIN_MANAGER_PORT: 1514 - VIRUS_TOTAL_KEY: ${VIRUS_TOTAL_API_KEY} - DOCKER_HOST: tcp://dockerproxy:2375 - hostname: wazuh.agent - image: kennyopennix/wazuh-agent:latest - networks: - default: null - restart: unless-stopped - wazuh-dashboard: - container_name: wazuh-dashboard - depends_on: - wazuh-indexer: - condition: service_started - required: true - wazuh-manager: - condition: service_started - required: true - restart: true - environment: - INDEXER_USERNAME: admin - INDEXER_PASSWORD: ${WAZUH_INDEXER_PASSWORD} - WAZUH_API_URL: https://wazuh.manager - DASHBOARD_USERNAME: kibanaserver - DASHBOARD_PASSWORD: ${WAZUH_KIBANA_PASSWORD} - API_USERNAME: wazuh-wui - API_PASSWORD: ${WAZUH_API_PASSWORD} - hostname: wazuh-dashboard - image: wazuh/wazuh-dashboard:${WAZUH_VERSION} - labels: - swag: enable - swag_proto: https - swag_port: 5601 - swag_url: wsec.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://wsec.${MY_TLD} - homepage.group: Privacy/Security - homepage.name: Wazuh - homepage.href: https://wsec.${MY_TLD} - homepage.icon: wazuh.svg - homepage.description: OSS Security Platform for XDR/SIEM - links: - - wazuh-indexer:wazuh-indexer - - wazuh-manager:wazuh-manager - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "5601" - target: 5601 - restart: always - volumes: - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/wazuh.dashboard.pem - target: /usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/wazuh.dashboard-key.pem - target: /usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/root-ca.pem - target: /usr/share/wazuh-dashboard/certs/root-ca.pem - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/opensearch_dashboards.yml - target: /usr/share/wazuh-dashboard/config/opensearch_dashboards.yml - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/wazuh.yml - target: /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml - type: bind - bind: - create_host_path: true - - source: wazuh-dashboard-config - target: /usr/share/wazuh-dashboard/data/wazuh/config - type: volume - volume: {} - - source: wazuh-dashboard-custom - target: /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom - type: volume - volume: {} - wazuh-indexer: - container_name: wazuh-indexer - environment: - OPENSEARCH_JAVA_OPTS: -Xms512m -Xmx512m - hostname: wazuh-indexer - image: wazuh/wazuh-indexer:${WAZUH_VERSION} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "9200" - target: 9200 - restart: always - ulimits: - memlock: - hard: -1 - soft: -1 - nofile: - hard: 65536 - soft: 65536 - volumes: - - source: wazuh-indexer-data - target: /var/lib/wazuh-indexer - type: volume - volume: {} - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/root-ca.pem - target: /usr/share/wazuh-indexer/certs/root-ca.pem - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/wazuh.indexer-key.pem - target: /usr/share/wazuh-indexer/certs/wazuh.indexer.key - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/wazuh.indexer.pem - target: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/admin.pem - target: /usr/share/wazuh-indexer/certs/admin.pem - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/admin-key.pem - target: /usr/share/wazuh-indexer/certs/admin-key.pem - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/wazuh.indexer.yml - target: /usr/share/wazuh-indexer/opensearch.yml - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/internal_users.yml - target: /usr/share/wazuh-indexer/opensearch-security/internal_users.yml - type: bind - bind: - create_host_path: true - wazuh-manager: - container_name: wazuh-manager - environment: - INDEXER_URL: https://wazuh.indexer:9200 - INDEXER_USERNAME: admin - INDEXER_PASSWORD: ${WAZUH_INDEXER_PASSWORD} - FILEBEAT_SSL_VERIFICATION_MODE: full - SSL_CERTIFICATE_AUTHORITIES: /etc/ssl/root-ca.pem - SSL_CERTIFICATE: /etc/ssl/filebeat.pem - SSL_KEY: /etc/ssl/filebeat.key - API_USERNAME: wazuh-wui - API_PASSWORD: ${WAZUH_API_PASSWORD} - hostname: wazuh-manager - image: wazuh/wazuh-manager:${WAZUH_VERSION} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "1514" - target: 1514 - - mode: ingress - protocol: tcp - published: "1515" - target: 1515 - - mode: ingress - protocol: udp - published: "514" - target: 514 - - mode: ingress - protocol: tcp - published: "55000" - target: 55000 - restart: always - ulimits: - memlock: - hard: -1 - soft: -1 - nofile: - hard: 655360 - soft: 655360 - volumes: - - source: wazuh_api_configuration - target: /var/ossec/api/configuration - type: volume - volume: {} - - source: wazuh_etc - target: /var/ossec/etc - type: volume - volume: {} - - source: wazuh_logs - target: /var/ossec/logs - type: volume - volume: {} - - source: wazuh_queue - target: /var/ossec/queue - type: volume - volume: {} - - source: wazuh_var_multigroups - target: /var/ossec/var/multigroups - type: volume - volume: {} - - source: wazuh_integrations - target: /var/ossec/integrations - type: volume - volume: {} - - source: wazuh_active_response - target: /var/ossec/active-response/bin - type: volume - volume: {} - - source: wazuh_agentless - target: /var/ossec/agentless - type: volume - volume: {} - - source: wazuh_wodles - target: /var/ossec/wodles - type: volume - volume: {} - - source: filebeat_etc - target: /etc/filebeat - type: volume - volume: {} - - source: filebeat_var - target: /var/lib/filebeat - type: volume - volume: {} - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/root-ca.pem - target: /etc/ssl/root-ca.pem - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/wazuh.manager.pem - target: /etc/ssl/filebeat.pem - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/generator/wazuh.manager-key.pem - target: /etc/ssl/filebeat.key - type: bind - bind: - create_host_path: true - - source: ${DOCKER_VOLUME_CONFIG}/wazuh/manager/wazuh_manager.conf - target: /wazuh-config-mount/etc/ossec.conf - type: bind - bind: - create_host_path: true - web-check: - container_name: web-check - image: lissy93/web-check - labels: - homepage.group: Privacy/Security - homepage.name: Web-Check - homepage.icon: web-check.png - homepage.href: https://scan.${MY_TLD} - homepage.description: Site scanner for attack vectors, architecture, security configs, and more - swag: enable - swag_proto: http - swag_url: scan.${MY_TLD} - swag_port: 3000 - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://scan.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "3010" - target: 3000 - restart: unless-stopped - your_spotify: - container_name: your_spotify - environment: - PUID: ${PUID} - PGID: ${PGID} - TZ: ${TZ} - APP_URL: https://myspotify.${MY_TLD} - SPOTIFY_PUBLIC: ${YOUR_SPOTIFY_ID} - SPOTIFY_SECRET: ${YOUR_SPOTIFY_SECRET} - CORS: all - MONGO_ENDPOINT: mongodb://mongodb:27017/your_spotify - LOG_LEVEL: debug - expose: - - 8080 - image: lscr.io/linuxserver/your_spotify:latest - labels: - homepage.group: Media Library - homepage.name: Your Spotify - homepage.icon: your-spotify.svg - homepage.href: https://myspotify.${MY_TLD} - homepage.description: Personal Spotify Tracking - swag: enable - swag_proto: https - swag_url: myspotify.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://myspotify.${MY_TLD} - networks: - default: null - ports: - - ${YOUR_SPOTIFY_PORT_80}:80 - - ${YOUR_SPOTIFY_PORT_443}:443 - restart: always - youtubedl: - container_name: youtubedl - environment: - PGID: ${PGID} - PUID: ${PUID} - TZ: America/New_York - YDL_CONFIG_PATH: /youtube-dl/config.yml - YDL_DEBUG: "false" - hostname: Rinoa - image: nbr23/youtube-dl-server:latest - labels: - homepage.group: Downloaders - homepage.name: YoutubeDL - homepage.icon: youtube-dl.svg - homepage.href: https://ytdl.${MY_TLD} - homepage.description: YouTube Downloader - swag: enable - swag_proto: http - swag_url: ytdl.${MY_TLD} - swag_port: 8080 - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://ytdl.${MY_TLD} - networks: - default: null - ports: - - mode: ingress - protocol: tcp - published: "8089" - target: 8080 - restart: unless-stopped - volumes: - - bind: - create_host_path: true - read_only: true - source: /etc/localtime - target: /etc/localtime - type: bind - - bind: - create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/youtubedl - target: /youtube-dl - type: bind - - bind: - create_host_path: true - source: /rinoa-storage - target: /storage - type: bind - zammad-backup: - command: - - zammad-backup - container_name: zammad-backup - depends_on: - zammad-postgresql: - condition: service_started - required: true - zammad-railsserver: - condition: service_started - required: true - entrypoint: /usr/local/bin/backup.sh - environment: - AUTOWIZARD_JSON: null - AUTOWIZARD_RELATIVE_PATH: null - BACKUP_TIME: "03:00" - ELASTICSEARCH_ENABLED: true - ELASTICSEARCH_HOST: zammad-elasticsearch - ELASTICSEARCH_NAMESPACE: trez_it - ELASTICSEARCH_PORT: 9200 - ELASTICSEARCH_REINDEX: true - ELASTICSEARCH_SCHEMA: http - ELASTICSEARCH_SSL_VERIFY: false - HOLD_DAYS: "10" - MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} - POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} - POSTGRESQL_DB_CREATE: true - POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} - POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} - POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} - POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} - POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} - RAILS_LOG_TO_STDOUT: true - RAILS_TRUSTED_PROXIES: 172.18.0.0/16 - REDIS_URL: ${ZAMMAD_REDIS_URL} - S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true - TZ: Europe/Berlin - ZAMMAD_BIND_IP: 0.0.0.0 - ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null - ZAMMAD_PROCESS_SCHEDULED: null - ZAMMAD_SESSION_JOBS: null - ZAMMAD_WEB_CONCURRENCY: null - image: postgres:${ZAMMAD_POSTGRES_VERSION} - networks: - default: null - restart: ${ZAMMAD_RESTART} - volumes: - - source: zammad-backup - target: /var/tmp/zammad - type: volume - volume: {} - - read_only: true - source: zammad-storage - target: /opt/zammad/storage - type: volume - volume: {} - - read_only: true - source: ${DOCKER_VOLUME_CONFIG}/zammad/scripts/backup.sh - target: /usr/local/bin/backup.sh - type: bind - volume: {} - zammad-elasticsearch: - container_name: zammad-elasticsearch - expose: - - 9200 - image: bitnami/elasticsearch:${ZAMMAD_ELASTICSEARCH_VERSION} - networks: - default: null - restart: ${ZAMMAD_RESTART} - volumes: - - source: zammad-es-data - target: /bitnami/elasticsearch/data - type: volume - volume: {} - zammad-init: - command: - - zammad-init - container_name: zammad-init - depends_on: - zammad-postgresql: - condition: service_started - required: true - environment: - AUTOWIZARD_JSON: null - AUTOWIZARD_RELATIVE_PATH: null - ELASTICSEARCH_ENABLED: true - ELASTICSEARCH_HOST: zammad-elasticsearch - ELASTICSEARCH_NAMESPACE: trez_it - ELASTICSEARCH_PORT: 9200 - ELASTICSEARCH_REINDEX: true - ELASTICSEARCH_SCHEMA: http - ELASTICSEARCH_SSL_VERIFY: false - MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} - POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} - POSTGRESQL_DB_CREATE: true - POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} - POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} - POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} - POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} - POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} - RAILS_LOG_TO_STDOUT: true - RAILS_TRUSTED_PROXIES: 172.18.0.0/16 - REDIS_URL: ${ZAMMAD_REDIS_URL} - S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true - ZAMMAD_BIND_IP: 0.0.0.0 - ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null - ZAMMAD_PROCESS_SCHEDULED: null - ZAMMAD_SESSION_JOBS: null - ZAMMAD_WEB_CONCURRENCY: null - hostname: init - image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} - networks: - default: null - restart: on-failure - user: "0:0" - volumes: - - zammad-storage:/opt/zammad/storage - zammad-memcached: - command: memcached -m 256M - container_name: zammad-memcached - image: memcached:${ZAMMAD_MEMCACHE_VERSION} - networks: - default: null - restart: ${ZAMMAD_RESTART} - zammad-nginx: - command: - - zammad-nginx - container_name: zammad-nginx - depends_on: - zammad-railsserver: - condition: service_started - required: true - environment: - AUTOWIZARD_JSON: null - AUTOWIZARD_RELATIVE_PATH: null - ELASTICSEARCH_ENABLED: true - ELASTICSEARCH_HOST: zammad-elasticsearch - ELASTICSEARCH_NAMESPACE: trez_it - ELASTICSEARCH_PORT: 9200 - ELASTICSEARCH_REINDEX: true - ELASTICSEARCH_SCHEMA: http - ELASTICSEARCH_SSL_VERIFY: false - MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} - POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} - POSTGRESQL_DB_CREATE: true - POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} - POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} - POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} - POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} - POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} - RAILS_LOG_TO_STDOUT: true - RAILS_TRUSTED_PROXIES: 172.18.0.0/16 - REDIS_URL: ${ZAMMAD_REDIS_URL} - S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true - ZAMMAD_BIND_IP: 0.0.0.0 - ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null - ZAMMAD_PROCESS_SCHEDULED: null - ZAMMAD_SESSION_JOBS: null - ZAMMAD_WEB_CONCURRENCY: null - expose: - - "8080" - image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} - labels: - swag: enable - swag_proto: http - swag_port: 8080 - swag_url: support.${MY_TLD} - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://support.${MY_TLD} - homepage.group: Professional Services - homepage.name: Zammad - homepage.href: https://support.${MY_TLD} - homepage.icon: zammad.svg - homepage.description: Open-source helpdesk/customer support system - networks: - default: null - restart: ${ZAMMAD_RESTART} - volumes: - - zammad-storage:/opt/zammad/storage - zammad-postgresql: - container_name: zammad-postgresql - environment: - POSTGRES_DB: ${ZAMMAD_POSTGRES_DB} - POSTGRES_PASSWORD: ${ZAMMAD_POSTGRES_PASS} - POSTGRES_USER: ${ZAMMAD_POSTGRES_USER} - hostname: postgresql - image: postgres:${ZAMMAD_POSTGRES_VERSION} - networks: - default: null - restart: ${ZAMMAD_RESTART} - volumes: - - source: zammad-pg-data - target: /var/lib/postgresql/data - type: volume - volume: {} - zammad-railsserver: - command: - - zammad-railsserver - container_name: zammad-railserver - depends_on: - zammad-memcached: - condition: service_started - required: true - zammad-postgresql: - condition: service_started - required: true - zammad-redis: - condition: service_started - required: true - environment: - AUTOWIZARD_JSON: null - AUTOWIZARD_RELATIVE_PATH: null - ELASTICSEARCH_ENABLED: true - ELASTICSEARCH_HOST: zammad-elasticsearch - ELASTICSEARCH_NAMESPACE: trez_it - ELASTICSEARCH_PORT: 9200 - ELASTICSEARCH_REINDEX: true - ELASTICSEARCH_SCHEMA: http - ELASTICSEARCH_SSL_VERIFY: false - MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} - POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} - POSTGRESQL_DB_CREATE: true - POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} - POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} - POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} - POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} - POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} - RAILS_LOG_TO_STDOUT: true - RAILS_TRUSTED_PROXIES: 172.18.0.0/16 - REDIS_URL: ${ZAMMAD_REDIS_URL} - S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true - ZAMMAD_BIND_IP: 0.0.0.0 - ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null - ZAMMAD_PROCESS_SCHEDULED: null - ZAMMAD_SESSION_JOBS: null - ZAMMAD_WEB_CONCURRENCY: null - image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} - networks: - default: null - restart: ${ZAMMAD_RESTART} - volumes: - - source: zammad-storage - target: /opt/zammad/storage - type: volume - volume: {} - zammad-redis: - container_name: zammad-redis - image: redis:${ZAMMAD_REDIS_VERSION} - networks: - default: null - restart: ${ZAMMAD_RESTART} - volumes: - - source: zammad-redis-data - target: /data - type: volume - volume: {} - zammad-scheduler: - command: - - zammad-scheduler - container_name: zammad-scheduler - depends_on: - zammad-memcached: - condition: service_started - required: true - zammad-postgresql: - condition: service_started - required: true - zammad-redis: - condition: service_started - required: true - environment: - AUTOWIZARD_JSON: null - AUTOWIZARD_RELATIVE_PATH: null - ELASTICSEARCH_ENABLED: true - ELASTICSEARCH_HOST: zammad-elasticsearch - ELASTICSEARCH_NAMESPACE: trez_it - ELASTICSEARCH_PORT: 9200 - ELASTICSEARCH_REINDEX: true - ELASTICSEARCH_SCHEMA: http - ELASTICSEARCH_SSL_VERIFY: false - MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} - POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} - POSTGRESQL_DB_CREATE: true - POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} - POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} - POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} - POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} - POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} - RAILS_LOG_TO_STDOUT: true - RAILS_TRUSTED_PROXIES: 172.18.0.0/16 - REDIS_URL: ${ZAMMAD_REDIS_URL} - S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true - ZAMMAD_BIND_IP: 0.0.0.0 - ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null - ZAMMAD_PROCESS_SCHEDULED: null - ZAMMAD_SESSION_JOBS: null - ZAMMAD_WEB_CONCURRENCY: null - image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} - networks: - default: null - restart: ${ZAMMAD_RESTART} - volumes: - - source: zammad-storage - target: /opt/zammad/storage - type: volume - volume: {} - zammad-websocket: - command: - - zammad-websocket - container_name: zammad-websocket - depends_on: - zammad-memcached: - condition: service_started - required: true - zammad-postgresql: - condition: service_started - required: true - zammad-redis: - condition: service_started - required: true - environment: - AUTOWIZARD_JSON: null - AUTOWIZARD_RELATIVE_PATH: null - ELASTICSEARCH_ENABLED: true - ELASTICSEARCH_HOST: zammad-elasticsearch - ELASTICSEARCH_NAMESPACE: trez_it - ELASTICSEARCH_PORT: 9200 - ELASTICSEARCH_REINDEX: true - ELASTICSEARCH_SCHEMA: http - ELASTICSEARCH_SSL_VERIFY: false - MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} - POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} - POSTGRESQL_DB_CREATE: true - POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} - POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} - POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} - POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} - POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} - RAILS_LOG_TO_STDOUT: true - RAILS_TRUSTED_PROXIES: 172.18.0.0/16 - REDIS_URL: ${ZAMMAD_REDIS_URL} - S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true - ZAMMAD_BIND_IP: 0.0.0.0 - ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null - ZAMMAD_PROCESS_SCHEDULED: null - ZAMMAD_SESSION_JOBS: null - ZAMMAD_WEB_CONCURRENCY: null - image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} - networks: - default: null - restart: ${ZAMMAD_RESTART} - volumes: - - source: zammad-storage - target: /opt/zammad/storage - type: volume - volume: {} - zitadel: - container_name: zitadel - image: ghcr.io/zitadel/zitadel:latest - command: 'start-from-init --masterkeyFromEnv --config /config.yaml --config /secrets.yaml --config /init-steps.yaml --tlsMode external' - depends_on: - zitadel-pg-db: - condition: 'service_started' - environment: - ZITADEL_MASTERKEY: ${ZITADEL_MASTER_KEY} - expose: - - 8080 - labels: - swag: enable - swag_proto: http - swag_port: 8080 - swag_url: id.${MY_TLD} - swag_server_custom_directive: http2 on; - homepage.group: System Administration - homepage.name: Zitadel - homepage.href: https://id.${MY_TLD} - homepage.icon: zitadel.svg - homepage.description: Centralized authentication management - restart: unless-stopped - volumes: - - ${DOCKER_VOLUME_CONFIG}/zitadel/config.yaml:/config.yaml - - ${DOCKER_VOLUME_CONFIG}/zitadel/init-steps.yaml:/init-steps.yaml - - ${DOCKER_VOLUME_CONFIG}/zitadel/secrets.yaml:/secrets.yaml - zitadel-pg-db: - container_name: zitadel-pg-db - environment: - POSTGRES_USER: root - POSTGRES_PASSWORD: ${ZITADEL_DB_ADMIN_PASSWORD} - expose: - - 5432 - healthcheck: - test: ["CMD-SHELL", "pg_isready", "-d", "zitadel", "-U", "root" ] - interval: '10s' - timeout: '30s' - retries: 5 - start_period: '20s' - image: postgres:16-alpine - restart: unless-stopped - volumes: - - zitadel-pg-db:/var/lib/postgresql/data -volumes: - authelia-pg-db: - name: authelia-pg-db - bitmagnet-pg-db: - name: bitmagnet-pg-db - bunkerweb-data: - name: bunkerweb-data - castopod-media: - name: castopod-media - crowdsec-config: - name: crowdsec-config - crowdsec-db: - name: crowdsec-db - dagu_config: - name: dagu_config - dagu_data: - name: dagu_data - dbgate-data: - name: dbgate-data - fastenhealth-cache: - name: fastenhealth-cache - fastenhealth-db: - name: fastenhealth-db - filebeat_etc: - name: filebeat_etc - filebeat_var: - name: filebeat_var - gitea-pg-db: - name: gitea-pg-db - grafana-mimir-data: - name: grafana-mimir-data - grafana-tempo-data: - name: grafana-tempo-data - hortusfox_app_backup: - name: hortusfox_app_backup - hortusfox_app_images: - name: hortusfox_app_images - hortusfox_app_logs: - name: hortusfox_app_logs - hortusfox_app_migrate: - name: hortusfox_app_migrate - hortusfox_app_themes: - name: hortusfox_app_themes - hortusfox_db_data: - name: hortusfox_db_data - immich-model-cache: - name: immich-model-cache - influxdb2-data: - name: influxdb2-data - influxdb2-config: - name: influxdb2-config - invidious-postgres: - name: invidious-postgres - invoice_ninja_public: - name: invoice_ninja_public - jitsi-web-admin-theme: - name: jitsi-web-admin-theme - jitsi-web-admin-upload: - name: jitsi-web-admin-upload - joplin_data: - name: joplin_data - lldap_data: - name: lldap_data - localai_data: - name: localai_data - mastodon-pg-db: - name: mastodon-pg-db - mongodb_config: - name: mongodb_config - mongodb_data: - name: mongodb_data - n8n-data: - name: n8n-data - netbird-mgmt: - name: netbird-mgmt - netbird-signal: - name: netbird-signal - netbird-letsencrypt: - name: netbird-letsencrypt - netbox-pg-db: - name: netbox-pg-db - nextcloud_aio_mastercontainer: - name: nextcloud_aio_mastercontainer - ollama: - name: ollama - paperless-ngx-data: - name: paperless-ngx-data - paperless-ngx-media: - name: paperless-ngx-media - paperless-ngx-pg: - name: paperless-ngx-pg - pgbackweb-data: - name: pgbackweb-data - plausible-db-data: - name: plausible-db-data - plausible-event-data: - name: plausible-event-data - plausible-event-logs: - name: plausible-event-logs - portainer-data: - name: portainer-data - reactive-resume-pg: - name: reactive-resume-pg - sonarqube-data: - name: sonarqube-data - sonarqube-db: - name: sonarqube-db - sonarqube-db-data: - name: sonarqube-db-data - sonarqube-extensions: - name: sonarqube-extensions - sonarqube-logs: - name: sonarqube-logs - sonarqube-temp: - name: sonarqube-temp - tandoor-pg: - name: tandoor-pg - traccar-pg: - name: traccar-pg - unmanic-cache: - name: unmanic-cache - wallos-db: - name: wallos-db - wallos-logos: - name: wallos-logos - wazuh-dashboard-config: - name: wazuh-dashboard-config - wazuh-dashboard-custom: - name: wazuh-dashboard-custom - wazuh-indexer-data: - name: wazuh-indexer-data - wazuh_active_response: - name: wazuh_active_response - wazuh_agentless: - name: wazuh_agentless - wazuh_api_configuration: - name: wazuh_api_configuration - wazuh_etc: - name: wazuh_etc - wazuh_integrations: - name: wazuh_integrations - wazuh_logs: - name: wazuh_logs - wazuh_queue: - name: wazuh_queue - wazuh_var_multigroups: - name: wazuh_var_multigroups - wazuh_wodles: - name: wazuh_wodles - zammad-backup: - driver: local - name: zammad-backup - zammad-es-data: - driver: local - name: zammad-es-data - zammad-pg-data: - driver: local - name: zammad-pg-data - zammad-redis-data: - driver: local - name: zammad-redis-data - zammad-storage: - driver: local - name: zammad-storage - zitadel-pg-db: - name: zitadel-pg-db -x-shared: - zammad-service: - depends_on: - - zammad-memcached - - zammad-postgresql - - zammad-redis - environment: - AUTOWIZARD_JSON: null - AUTOWIZARD_RELATIVE_PATH: null - ELASTICSEARCH_ENABLED: true - ELASTICSEARCH_HOST: zammad-elasticsearch - ELASTICSEARCH_NAMESPACE: trez_it - ELASTICSEARCH_PORT: 9200 - ELASTICSEARCH_REINDEX: true - ELASTICSEARCH_SCHEMA: http - ELASTICSEARCH_SSL_VERIFY: false - MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} - POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} - POSTGRESQL_DB_CREATE: true - POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} - POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} - POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} - POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} - POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} - RAILS_LOG_TO_STDOUT: true - RAILS_TRUSTED_PROXIES: 172.18.0.0/16 - REDIS_URL: ${ZAMMAD_REDIS_URL} - S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true - ZAMMAD_BIND_IP: 0.0.0.0 - ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null - ZAMMAD_PROCESS_SCHEDULED: null - ZAMMAD_SESSION_JOBS: null - ZAMMAD_WEB_CONCURRENCY: null - image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} - restart: ${ZAMMAD_RESTART} - volumes: - - zammad-storage:/opt/zammad/storage \ No newline at end of file