commit dd279bb82e5bba5f44ace78463a6a80d81b0253c Author: Charish Patel Date: Wed Oct 16 19:33:04 2024 -0400 Initial commit. diff --git a/docker/rinoa-docker-compose.full.yml b/docker/rinoa-docker-compose.full.yml new file mode 100644 index 00000000..93ea13bc --- /dev/null +++ b/docker/rinoa-docker-compose.full.yml @@ -0,0 +1,7084 @@ +name: compose +networks: + bitmagnet: + driver: bridge + ipam: + config: + - gateway: 192.168.55.1 + subnet: 192.168.55.0/27 + driver: default + name: compose_bitmagnet + default: + name: compose_default +services: + addy: + container_name: addy + depends_on: + mariadb: + condition: service_started + required: true + redis: + condition: service_started + required: true + environment: + ANONADDY_ADDITIONAL_USERNAME_LIMIT: ${ADDY_ANONADDY_ADDITIONAL_USERNAME_LIMIT} + ANONADDY_ADMIN_USERNAME: ${ADDY_ANONADDY_ADMIN_USERNAME} + ANONADDY_ALL_DOMAINS: ${ADDY_ANONADDY_ALL_DOMAINS} + ANONADDY_BANDWIDTH_LIMIT: ${ADDY_ANONADDY_BANDWIDTH_LIMIT} + ANONADDY_DOMAIN: ${ADDY_ANONADDY_DOMAIN} + ANONADDY_ENABLE_REGISTRATION: true + ANONADDY_HOSTNAME: ${ADDY_ANONADDY_HOSTNAME} + ANONADDY_LIMIT: ${ADDY_ANONADDY_LIMIT} + ANONADDY_NEW_ALIAS_LIMIT: ${ADDY_ANONADDY_NEW_ALIAS_LIMIT} + ANONADDY_RETURN_PATH: null + ANONADDY_SECRET: ${ADDY_ANONADDY_SECRET} + APP_DEBUG: false + APP_KEY: ${ADDY_APP_KEY} + APP_NAME: addy-rinoa + APP_URL: ${ADDY_APP_URL} + DB_DATABASE: anonaddy + DB_HOST: mariadb + DB_PASSWORD: ${ADDY_DB_PASSWORD} + DB_PORT: 3306 + DB_TIMEOUT: 120 + DB_USERNAME: addy + MAIL_ENCRYPTION: null + MAIL_FROM_ADDRESS: null + MAIL_FROM_NAME: addy@Rinoa + PGID: ${PGID} + POSTFIX_DEBUG: false + POSTFIX_MESSAGE_SIZE_LIMIT: 26214400 + POSTFIX_RELAYHOST: postal-smtp + POSTFIX_RELAYHOST_AUTH_ENABLE: true + POSTFIX_RELAYHOST_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} + POSTFIX_RELAYHOST_USERNAME: ${POSTAL_SMTP_AUTH_USER} + POSTFIX_SMTP_TLS: false + POSTFIX_SMTPD_TLS: false + POSTFIX_SMTPD_TLS_CERT_FILE: null + POSTFIX_SMTPD_TLS_KEY_FILE: null + POSTFIX_SPAMHAUS_DQS_KEY: null + PUID: ${PUID} + REDIS_HOST: redis + REDIS_PASSWORD: null + REDIS_PORT: 6379 + RSPAMD_ENABLE: true + RSPAMD_NO_LOCAL_ADDRS: null + RSPAMD_WEB_PASSWORD: null + TZ: ${TZ} + image: anonaddy/anonaddy:latest + labels: + - swag=enable + - swag_proto=http + - swag_port=8000 + - swag_url=addy.trez.wtf + - homepage.group=Privacy/Security + - homepage.name=Addy + - homepage.icon=/icons/addy.png + - homepage.href=https://addy.trez.wtf + - homepage.description=Anonymous email forwarding + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: 8009 + target: 8000 + - mode: ingress + protocol: tcp + published: 11334 + target: 11334 + restart: always + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/anonaddy + target: /data + type: volume + volume: {} + adguard: + container_name: adguard + environment: + TZ: America/New_York + hostname: Rinoa + image: adguard/adguardhome:latest + labels: + - swag=enable + - swag_proto=http + - swag_url=adgh.trez.wtf + - homepage.group=System Administration + - homepage.name=AdGuard Home + - homepage.icon=adguard-home.png + - homepage.href=https://adgh.trez.wtf + - homepage.description=Ad-blocking/DNS + - homepage.widget.type=adguard + - homepage.widget.url=http://adguard:80 + - homepage.widget.username=admin + - homepage.widget.password=${ADGUARD_PASSWORD} + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3001" + target: 3000 + - mode: ingress + protocol: tcp + published: "446" + target: 443 + - mode: ingress + protocol: tcp + published: "8008" + target: 80 + - mode: ingress + protocol: tcp + published: "853" + target: 853 + - host_ip: 0.0.0.0 + mode: ingress + protocol: tcp + published: "53" + target: 53 + - host_ip: 0.0.0.0 + mode: ingress + protocol: udp + published: "53" + target: 53 + - host_ip: 0.0.0.0 + mode: ingress + protocol: udp + published: "67" + target: 67 + - host_ip: 0.0.0.0 + mode: ingress + protocol: tcp + published: "688" + target: 68 + - host_ip: 0.0.0.0 + mode: ingress + protocol: udp + published: "688" + target: 68 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/adguard/work + target: /opt/adguardhome/work + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/adguard/conf + target: /opt/adguardhome/conf + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + - source: ${DOCKER_VOLUME_CONFIG}/swag/etc/letsencrypt/archive/trez.wtf + target: /etc/ssl/certs + type: volume + volume: {} + apprise: + container_name: apprise + environment: + PGID: "1000" + PUID: "1000" + TZ: America/New_York + hostname: Rinoa + image: lscr.io/linuxserver/apprise-api:latest + labels: + - homepage.group=Infrastructure/App Performance Monitoring + - homepage.name=Apprise + - homepage.icon=apprise.png + - homepage.href=http://192.168.1.254:8000 + - homepage.description=Cemtralized, multi-channel notification API + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8000" + target: 8000 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/apprise + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + audiobookshelf: + container_name: audiobookshelf + environment: + CONFIG_PATH: /config + HOME: /config/.home + LOG_LEVEL: info + METADATA_PATH: /metadata + TZ: America/New_York + hostname: Rinoa + image: ghcr.io/advplyr/audiobookshelf:latest + labels: + - homepage.group=Media Library + - homepage.name=Audiobookshelf + - homepage.href=https://abs.trez.wtf + - homepage.icon=audiobookshelf.png + - homepage.description=Podcasts, eBooks, & Audiobooks + - homepage.widget.type=audiobookshelf + - homepage.widget.url=http://audiobookshelf:80 + - homepage.widget.key=${AUDIOBOOKSHELF_ROOT_API_KEY} + - swag=enable + - swag_address=audiobookshelf + - swag_proto=http + - swag_url=abs.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://abs.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "13378" + target: 80 + restart: unless-stopped + user: 1000:1000 + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/audiobookshelf + target: /config + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/audiobookshelf/.metadata + target: /metadata + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + authelia: + container_name: authelia + environment: + AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD: ${AUTHELIA_AUTH_BIND_LDAP_PASSWORD} + AUTHELIA_JWT_SECRET: ${AUTHELIA_JWT_SECRET} + AUTHELIA_NOTIFIER_SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} + AUTHELIA_NOTIFIER_SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER} + AUTHELIA_SESSION_SECRET: ${AUTHELIA_SESSION_SECRET} + AUTHELIA_STORAGE_ENCRYPTION_KEY: ${AUTHELIA_STORAGE_ENCRYPTION_KEY} + AUTHELIA_STORAGE_POSTGRES_PASSWORD: ${AUTHELIA_STORAGE_POSTGRES_PASSWORD} + GUID: ${PGID} + PGID: ${PGID} + PUID: ${PUID} + TZ: ${TZ} + expose: + - 9091 + image: authelia/authelia:master + labels: + - homepage.group=Privacy/Security + - homepage.name=Authelia + - homepage.href=https://auth.trez.wtf + - homepage.icon=authelia.svg + - homepage.description=Authentication/authorization server with MFA & SSO + - swag=enable + - swag_proto=http + - swag_port=9091 + - swag_url=auth.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://auth.trez.wtf + networks: + default: null + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/authelia/ + target: /config + type: volume + volume: {} + authelia-pg: + container_name: authelia-pg + environment: + - POSTGRES_PASSWORD=${AUTHELIA_STORAGE_POSTGRES_PASSWORD} + - POSTGRES_USER=authelia + - POSTGRES_DB=authelia + expose: + - 5432 + image: postgres:16-alpine + networks: + default: null + restart: unless-stopped + volumes: + - source: authelia-pg-db + target: /var/lib/postgresql/data + type: volume + volume: {} + bazarr: + container_name: bazarr + environment: + - PGID=1000 + - PUID=1000 + - TZ=America/New_York + - DOCKER_MODS=ghcr.io/gilbn/theme.park:bazarr + hostname: Rinoa + image: lscr.io/linuxserver/bazarr:latest + labels: + - homepage.group=Servarr Stack + - homepage.name=Bazarr + - homepage.href=https://bazarr.trez.wtf + - homepage.icon=bazarr.png + - homepage.description=Subtitle automation for TV shows/movies + - homepage.widget.type=bazarr + - homepage.widget.url=http://bazarr:6767 + - homepage.widget.key=${BAZARR_API_KEY} + - swag=enable + - swag_proto=http + - swag_port=6767 + - swag.uptime-kuma.enabled=true + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "6767" + target: 6767 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/bazarr + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + bitmagnet: + command: + - worker + - run + - --keys=http_server + - --keys=queue_server + - --keys=dht_crawler + container_name: bitmagnet + depends_on: + bitmagnet-pgsql: + condition: service_healthy + required: true + gluetun: + condition: service_started + required: true + restart: true + environment: + LOG_FILE_ROTATION_ENABLED: true + POSTGRES_HOST: bitmagnet-pgsql + POSTGRES_PASSWORD: ${BITMAGNET_POSTGRESQL_PASSWORD} + POSTGRES_USER: bitmagnet + image: ghcr.io/bitmagnet-io/bitmagnet:latest + labels: + - homepage.group=Downloaders + - homepage.name=Bitmagnet + - homepage.href=https://btmag.trez.wtf + - homepage.icon=/icons/bitmagnet.svg + - homepage.description=Torrent indexer, DHT crawler, search engine, & content classifier + - homepage.widget.type=gluetun + - homepage.widget.url=http://gluetun:8000 + - swag=enable + - swag_proto=http + - swag_address=gluetun + - swag_auth=authelia + - swag_auth_bypass=/v1 + - swag_port=3333 + - swag_url=btmag.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://btmag.trez.wtf + network_mode: service:gluetun + restart: always + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/bitmagnet + target: /root/.local/share/bitmagnet + type: volume + volume: {} + bitmagnet-pgsql: + container_name: bitmagnet-pgsql + environment: + POSTGRES_DB: bitmagnet + POSTGRES_PASSWORD: ${BITMAGNET_POSTGRESQL_PASSWORD} + POSTGRES_USER: bitmagnet + expose: + - 5432 + healthcheck: + interval: 10s + start_period: 20s + test: + - CMD-SHELL + - pg_isready + image: postgres:16-alpine + networks: + bitmagnet: + ipv4_address: 192.168.55.8 + default: null + restart: unless-stopped + shm_size: 1g + volumes: + - source: bitmagnet-pgsql + target: /var/lib/postgresql/data + type: volume + volume: {} + bitwarden: + container_name: bitwarden + environment: + ADMIN_TOKEN: ROR3nZyP4vC7WhxHcZ17dcI2wETtliut26sK8MGFHUVONjvFaPadW4kRzr+1Pf5y + DATABASE_URL: data/db.sqlite3 + DISABLE_ADMIN_TOKEN: "false" + DOMAIN: https://bitwarden.trez.wtf + ENABLE_DB_WAL: "true" + INVITATIONS_ALLOWED: "false" + SHOW_PASSWORD_HINT: "false" + SIGNUPS_ALLOWED: "true" + SIGNUPS_VERIFY: "true" + TZ: America/New_York + WEBSOCKET_ENABLED: "true" + hostname: Rinoa + image: vaultwarden/server:latest + labels: + - homepage.group=Privacy/Security + - homepage.name=Bitwarden + - homepage.icon=bitwarden.png + - homepage.href=https://bitwarden.trez.wtf + - homepage.description=Credential/Information Vault + - swag=enable + - swag_url=bitwarden.trez.wtf + - swag_proto=http + - swag_port=80 + - swag.uptime-kuma.enabled=true + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3012" + target: 3012 + - mode: ingress + protocol: tcp + published: "8013" + target: 80 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/bitwarden + target: /data + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + browserless: + container_name: browserless + environment: + ALLOW_FILE_PROTOCOL: true + CONCURRENT: 20 + HEALTH: false + PROXY_HOST: swag + PROXY_PORT: 443 + PROXY_SSL: true + QUEUED: 20 + TIMEOUT: 300000 + TOKEN: ${CHROMIUM_TOKEN} + TZ: ${TZ} + expose: + - 3000 + image: ghcr.io/browserless/chromium:latest + labels: + - swag=enable + - swag_proto=http + - swag_port=3000 + - swag_url=browse.trez.wtf + networks: + default: null + restart: unless-stopped + cloudflareddns: + container_name: cloudflareddns + environment: + ARGS: --dns-cloudflare-propagation-seconds 60 + CF_APIKEY: KovoseS_l5lEP3HT4VdcGvImLghasKXcAa-QZ-bC + CF_APITOKEN: KovoseS_l5lEP3HT4VdcGvImLghasKXcAa-QZ-bC + CF_HOSTS: trez.wtf + CF_RECORDTYPES: A + CF_USER: charish.patel@trez.wtf + CF_ZONES: trez.wtf + DETECTION_MODE: dig-google.com + INTERVAL: "300" + LOG_LEVEL: "3" + PGID: "1000" + PUID: "1000" + TZ: America/New_York + hostname: Rinoa + image: ghcr.io/hotio/cloudflareddns:latest + networks: + default: null + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/cloudflareddns + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + crowdsec: + container_name: crowdsec + environment: + - DOCKER_HOST=tcp://dockerproxy:2375 + - GID=1000 + - BOUNCER_KEY_SWAG=${CROWDSEC_API_KEY} + - COLLECTIONS=crowdsecurity/nginx crowdsecurity/http-cve crowdsecurity/whitelist-good-actors crowdsecurity/linux crowdsecurity/iptables + image: crowdsecurity/crowdsec:latest + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8101" + target: 8080 + restart: unless-stopped + security_opt: + - no-new-privileges=true + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/crowdsec/config.yaml.local + target: /etc/crowdsec/config.yaml.local + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/crowdsec/local_api_credentials.yaml.local + target: /etc/crowdsec/local_api_credentials.yaml.local + type: volume + volume: {} + - read_only: true + source: ${DOCKER_VOLUME_CONFIG}/swag/log/nginx + target: /var/log/swag + type: volume + volume: {} + - source: crowdsec-config + target: /etc/crowdsec + type: volume + volume: {} + - source: crowdsec-db + target: /var/lib/crowdsec/data + type: volume + volume: {} + - bind: + create_host_path: true + read_only: true + source: /var/log/journal + target: /var/log/host + type: bind + crowdsec-dashboard: + container_name: crowdsec-dashboard + depends_on: + crowdsec: + condition: service_started + required: true + environment: + MB_DB_FILE: /data/metabase.db + MGID: ${GID-1000} + image: metabase/metabase + labels: + - com.centurylinklabs.watchtower.enable=false + - homepage.group=Privacy/Security + - homepage.name=CrowdSec Dashboard + - homepage.href=https://csec.trez.wtf + - homepage.icon=crowdsec.svg + - homepage.description=Real-time & crowdsourced protection against aggressive IPs + - homepage.widget.type=crowdsec + - homepage.widget.url=http://crowdsec:8080 + - homepage.widget.username=localhost + - homepage.widget.password=${CROWDSEC_LOCAL_API_KEY} + - swag=enable + - swag_port=3000 + - swag_proto=http + - swag_url=csec.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://csec.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8908" + target: 3000 + restart: always + volumes: + - source: crowdsec-db + target: /metabase-data + type: volume + volume: {} + czkawka: + container_name: czkawka + environment: + KEEP_APP_RUNNING: 1 + PGID: ${PGID} + PUID: ${PUID} + TZ: ${TZ} + UMASK: 1 + WEB_LISTENING_PORT: 5800 + image: jlesage/czkawka + labels: + - homepage.group=System Administration + - homepage.name=Czkawka + - homepage.href=https://czkawka.trez.wtf + - homepage.icon=/icons/czkawka.png + - homepage.description=Smart file management + - swag=enable + - swag_port=5800 + - swag_proto=http + - swag_url=czkawka.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://czkawka.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "5800" + target: 5800 + privileged: true + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/czkawka + target: /config + type: volume + volume: {} + - source: ${DOCKER_VOLUME_STORAGE} + target: /storage + type: volume + volume: {} + dagu-scheduler: + command: dagu scheduler + container_name: dagu-scheduler + image: ghcr.io/dagu-org/dagu:latest + networks: + default: null + restart: unless-stopped + volumes: + - source: dagu_config + target: /home/dagu/.config/dagu + type: volume + volume: {} + - source: dagu_data + target: /home/dagu/.local/share + type: volume + volume: {} + dagu-server: + container_name: dagu-server + environment: + DAGU_PORT: 8080 + image: ghcr.io/dagu-org/dagu:latest + labels: + - homepage.group=System Administration + - homepage.name=Dagu + - homepage.href=https://cron.trez.wtf + - homepage.icon=/icons/dagu.png + - homepage.description=Cron alternative using DAGs (Directed Acyclic Graphs) + - swag=enable + - swag_port=8080 + - swag_proto=http + - swag_url=cron.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://cron.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8108" + target: 8080 + restart: unless-stopped + volumes: + - source: dagu_config + target: /home/dagu/.config/dagu + type: volume + volume: {} + - source: dagu_data + target: /home/dagu/.local/share + type: volume + volume: {} + delugevpn: + cap_add: + - NET_ADMIN + - SYS_MODULE + container_name: delugevpn + environment: + ENABLE_PRIVOXY: "no" + LAN_NETWORK: 192.168.1.0/24 + NAME_SERVERS: 192.168.1.254,1.1.1.1 + PGID: "1000" + PUID: "1000" + TZ: America/New_York + VPN_CLIENT: openvpn + VPN_ENABLED: "yes" + VPN_INPUT_PORTS: "" + VPN_OPTIONS: "" + VPN_OUTPUT_PORTS: "" + VPN_PASS: QGXRAYAwzVv9X84MAK2gPYq2Mt6ztdoA + VPN_PROV: pia + VPN_USER: p3120278 + hostname: Rinoa + image: ghcr.io/binhex/arch-delugevpn:latest + labels: + - homepage.group=Downloaders + - homepage.name=DelugeVPN + - homepage.href=https://deluge.trez.wtf + - homepage.icon=deluge.png + - homepage.description=Torrent over VPN + - homepage.widget.type=deluge + - homepage.widget.url=http://delugevpn:8112 + - homepage.widget.password=${DELUGEVPN_PASSWORD} + - swag=enable + - swag_port=8112 + - swag_proto=http + - swag_url=deluge.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://deluge.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "58846" + target: 58846 + - mode: ingress + protocol: tcp + published: "58946" + target: 58946 + - mode: ingress + protocol: tcp + published: "6881" + target: 6881 + - mode: ingress + protocol: tcp + published: "8112" + target: 8112 + - mode: ingress + protocol: tcp + published: "8118" + target: 8118 + privileged: true + restart: unless-stopped + sysctls: + net.ipv4.conf.all.src_valid_mark: "1" + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/delugevpn + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + docker-socket-proxy: + container_name: dockerproxy + environment: + - BUILD=1 + - COMMIT=1 + - CONFIGS=1 + - CONTAINERS=1 + - DISTRIBUTION=1 + - EVENTS=1 + - EXEC=1 + - GPRC=1 + - IMAGES=1 + - INFO=1 + - NETWORKS=1 + - NODES=1 + - POST=1 + - PLUGINS=1 + - SERVICES=1 + - SESSION=1 + - SYSTEM=1 + - TASKS=1 + - VOLUMES=1 + - LOG_LEVEL=debug + image: ghcr.io/tecnativa/docker-socket-proxy:latest + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "2375" + target: 2375 + privileged: true + restart: unless-stopped + volumes: + - bind: + create_host_path: true + source: /var/run/docker.sock + target: /var/run/docker.sock + type: bind + docuseal: + container_name: docuseal + image: docuseal/docuseal:latest + labels: + - homepage.group=Personal Services + - homepage.name=Docuseal + - homepage.href=https://docs.trez.wtf + - homepage.description=OSS Document Signing & Verification + - homepage.icon=docuseal.png + - swag=enable + - swag_proto=http + - swag_port=3000 + - swag_url=sign.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://sign.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3002" + target: 3000 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/docuseal + target: /data + type: volume + volume: {} + duplicati: + container_name: duplicati + environment: + PGID: "1000" + PUID: "1000" + TZ: America/New_York + hostname: Rinoa + image: lscr.io/linuxserver/duplicati:latest + labels: + - swag=enable + - swag_port=8200 + - swag_proto=http + - swag_url=dup.trez.wtf + - homepage.group=Automation + - homepage.name=Duplicati + - homepage.href=https://dup.trez.wtf + - homepage.icon=duplicati.png + - homepage.description=Data backup + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8282" + target: 8200 + - ${DUPLICATI_PORT_8200}:8200 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/duplicati + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + - bind: + create_host_path: true + source: /home/charish/.config/appdata/backups + target: /backups + type: bind + - bind: + create_host_path: true + source: /home/charish/.config/appdata + target: /source + type: bind + emby: + container_name: emby + environment: + - PGID=1000 + - PUID=1000 + - TZ=America/New_York + - DOCKER_MODS=ghcr.io/themepark-dev/theme.park:emby + hostname: Rinoa + image: emby/embyserver + labels: + - homepage.group=Media Library + - homepage.name=Emby + - homepage.icon=emby.png + - homepage.href=http://emby.trez.wtf + - homepage.description=Movie/TV Streaming + - homepage.widget.type=emby + - homepage.widget.url=http://emby:8096 + - homepage.widget.key=${EMBY_HOMEPAGE_API_KEY} + - homepage.widget.enableBlocks=true + - homepage.widget.enableNowPlaying=true + - swag=enable + - swag.uptime-kuma.enabled=true + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8096" + target: 8096 + - mode: ingress + protocol: tcp + published: "8920" + target: 8920 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/emby + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + - bind: + create_host_path: true + source: /tmp + target: /transcode + type: bind + fastenhealth: + container_name: fastenhealth + image: ghcr.io/fastenhealth/fasten-onprem:main + labels: + - homepage.group=Lifestyle + - homepage.name=Fasten + - homepage.icon=/icons/fastenhealth.png + - homepage.href=http://health.trez.wtf + - homepage.description=Open-source, self-hosted, personal/family electronic medical record aggregator + - swag=enable + - swag_proto=http + - swag_port=8080 + - swag_url=health.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://health.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8105" + target: 8080 + restart: unless-stopped + volumes: + - source: fastenhealth-cache + target: /opt/fasten/cache + type: volume + volume: {} + - source: fastenhealth-db + target: /opt/fasten/db + type: volume + volume: {} + flaresolverr: + container_name: flaresolverr + environment: + - CAPTCHA_SOLVER=none + - LOG_HTML=false + - LOG_LEVEL=info + - PORT=8191 + - TZ=America/New_York + - BROWSER_TIMEOUT=40000 + - TEST_URL=https://duckduckgo.com + hostname: Rinoa + image: ghcr.io/flaresolverr/flaresolverr:latest + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8191" + target: 8191 + restart: unless-stopped + sysctls: + - net.ipv6.conf.all.disable_ipv6=1 + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + ghost: + container_name: ghost_blog + depends_on: + mariadb: + condition: service_started + required: true + restart: true + environment: + - database__client=mysql + - database__connection__host=mariadb + - database__connection__port=3306 + - database__connection__user=${GHOST_DB_USER} + - database__connection__password=${GHOST_DB_PASSWORD} + - database__connection__database=ghost_db + - mail__transport=SMTP + - mail__options__host=postal-smtp + - mail__options__port=25 + - mail__options__secure=false + - mail__options__auth__user=${POSTAL_SMTP_AUTH_USER} + - mail__options__auth__pass=${POSTAL_SMTP_AUTH_PASSWORD} + - mail__from="noreply@trez.wtf" + - url=https://blog.trez.wtf + image: ghost:latest + labels: + - homepage.group=Lifestyle + - homepage.name=Ghost + - homepage.href=https://blog.trez.wtf + - homepage.icon=ghost.png + - homepage.description=Personal blog + - swag=enable + - swag_port=2368 + - swag_proto=http + - swag_url=blog.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://blog.trez.wtf + links: + - mariadb + networks: + default: null + restart: always + gitea: + container_name: gitea + environment: + - USER_UID=${PUID} + - USER_GID=${PGID} + - GITEA__database__DB_TYPE=postgres + - GITEA__database__HOST=gitea-db:5432 + - GITEA__database__NAME=gitea + - GITEA__database__USER=gitea + - GITEA__database__PASSWD=${GITEA_PG_DB_PASSWORD} + - GITEA__mailer__ENABLED=true + - GITEA__mailer__FROM='"Gitea" ' + - GITEA__mailer__PROTOCOL=smtp + - GITEA__mailer__SMTP_ADDR=postal-smtp + - GITEA__mailer__SMTP_PORT=25 + - GITEA__mailer__IS_TLS_ENABLED=faLse + - GITEA__mailer__USER=${POSTAL_SMTP_AUTH_USER} + - GITEA__mailer__PASSWD=${POSTAL_SMTP_AUTH_PASSWORD} + image: gitea/gitea:1.22.2 + labels: + - homepage.group=Code + - homepage.name=Gitea + - homepage.href=https://git.trez.wtf + - homepage.icon=gitea.svg + - homepage.description=Private Code Repo + - homepage.widget.type=gitea + - homepage.widget.url=http://gitea:3000 + - homepage.widget.key=${GITEA_HOMEPAGE_API_KEY} + - swag=enable + - swag_port=3000 + - swag_proto=http + - swag_url=git.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://git.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3013" + target: 3000 + - mode: ingress + protocol: tcp + published: "222" + target: 22 + restart: always + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/gitea + target: /data + type: volume + volume: {} + - bind: + create_host_path: true + read_only: true + source: /etc/timezone + target: /etc/timezone + type: bind + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + gitea-db: + container_name: gitea-db + environment: + - POSTGRES_USER=gitea + - POSTGRES_PASSWORD=${GITEA_PG_DB_PASSWORD} + - POSTGRES_DB=gitea + expose: + - 5432 + image: postgres:14 + networks: + default: null + restart: always + volumes: + - source: gitea-pg-db + target: /var/lib/postgresql/data + type: volume + volume: {} + gluetun: + cap_add: + - NET_ADMIN + container_name: gluetun + environment: + OPENVPN_PASSWORD: ${DELUGEVPN_ENVIRONMENT_VPN_PASS} + OPENVPN_USER: ${DELUGEVPN_ENVIRONMENT_VPN_USER} + PORT_FORWARD_ONLY: true + SERVER_REGIONS: Bahamas,Belgium,Cyprus,Estonia,FI Helsinki,Iceland,Latvia,Lithuania,Luxembourg,Montenegro,Netherlands,Portugal,DK Copenhagen,Ukraine,Uruguay + VPN_SERVICE_PROVIDER: private internet access + expose: + - 8000 + extra_hosts: + - bitmagnet-pgsql:192.168.55.8 + image: qmcgaw/gluetun:latest + networks: + bitmagnet: + ipv4_address: 192.168.55.7 + default: null + ports: + - mode: ingress + protocol: tcp + published: "3333" + target: 3333 + - mode: ingress + protocol: tcp + published: "3334" + target: 3334 + - mode: ingress + protocol: udp + published: "3334" + target: 3334 + - mode: ingress + protocol: tcp + published: "5030" + target: 5030 + - mode: ingress + protocol: tcp + published: "5031" + target: 5031 + - mode: ingress + protocol: tcp + published: "50300" + target: 50300 + restart: always + gotify: + container_name: gotify + environment: + - GOTIFY_SERVER_PORT=80 + - GOTIFY_SERVER_KEEPALIVEPERIODSECONDS=0 + - GOTIFY_SERVER_LISTENADDR= + - GOTIFY_SERVER_SSL_ENABLED=false + - GOTIFY_SERVER_SSL_REDIRECTTOHTTPS=true + - GOTIFY_SERVER_SSL_LISTENADDR= + - GOTIFY_SERVER_SSL_PORT=443 + - GOTIFY_SERVER_SSL_CERTFILE= + - GOTIFY_SERVER_SSL_CERTKEY= + - GOTIFY_SERVER_SSL_LETSENCRYPT_ENABLED=false + - GOTIFY_SERVER_SSL_LETSENCRYPT_ACCEPTTOS=false + - GOTIFY_SERVER_SSL_LETSENCRYPT_CACHE=certs + - GOTIFY_SERVER_STREAM_PINGPERIODSECONDS=45 + - GOTIFY_DATABASE_DIALECT=sqlite3 + - GOTIFY_DATABASE_CONNECTION=data/gotify.db + - GOTIFY_DEFAULTUSER_NAME=admin + - GOTIFY_DEFAULTUSER_PASS=${GOTIFY_PASSWORD} + - GOTIFY_PASSSTRENGTH=10 + - GOTIFY_UPLOADEDIMAGESDIR=data/images + - GOTIFY_PLUGINSDIR=data/plugins + - GOTIFY_REGISTRATION=false + image: gotify/server + labels: + - homepage.group=Infrastructure/App Performance Monitoring + - homepage.name=Gotify + - homepage.href=https://gotify.trez.wtf + - homepage.icon=gotify.png + - homepage.description=Notification System + - homepage.widget.type=gotify + - homepage.widget.url=http://gotify + - homepage.widget.key=${GOTIFY_HOMEPAGE_CLIENT_KEY} + - swag=enable + - swag_proto=http + - swag.uptime-kuma.enabled=true + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8097" + target: 80 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/gotify + target: /app/data + type: volume + volume: {} + grafana: + container_name: grafana + depends_on: + grafana-alloy: + condition: service_started + required: true + environment: + GF_INSTALL_PLUGINS: grafana-piechart-panel + TZ: America/New_York + hostname: Rinoa + image: grafana/grafana-enterprise:latest + labels: + - homepage.group=Infrastructure/App Performance Monitoring + - homepage.name=Grafana (LGTM) + - homepage.href=https://mon.trez.wtf + - homepage.description=Monitoring Dashboard for metrics, logs, traces, & profiles + - homepage.icon=grafana.png + - homepage.widget.type=grafana + - homepage.widget.url=http://grafana:3000 + - homepage.widget.username=admin + - homepage.widget.password=${GRAFANA_ADMIN_PASSWORD} + - swag=enable + - swag_proto=http + - swag_url=mon.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://mon.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3006" + target: 3000 + restart: unless-stopped + user: 1000:1000 + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - source: ${DOCKER_VOLUME_CONFIG}/grafana/data + target: /var/lib/grafana + type: volume + volume: {} + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + grafana-alloy: + cap_add: + - SYS_ADMIN + - SYS_TIME + - BPF + - SYSLOG + command: run --disable-reporting=true --stability.level=public-preview --server.http.listen-addr=0.0.0.0:12345 /etc/alloy/config.alloy + container_name: grafana-alloy + environment: + - DOCKER_HOST=tcp://dockerproxy:2375 + image: grafana/alloy:latest + labels: + - homepage.group=Infrastructure/App Performance Monitoring + - homepage.name=Grafana Alloy + - homepage.description=Agent for metric/log/trace/profile collection and writing + - homepage.href=http://192.168.1.254:12345 + - homepage.icon=/icons/grafana-alloy.svg + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "12345" + target: 12345 + privileged: true + restart: always + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/grafana/alloy/config.alloy + target: /etc/alloy/config.alloy + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/grafana/alloy/endpoints.json + target: /etc/alloy/endpoints.json + type: volume + volume: {} + - bind: + create_host_path: true + read_only: true + source: /proc + target: /host/proc + type: bind + - bind: + create_host_path: true + read_only: true + source: /sys + target: /host/sys + type: bind + - bind: + create_host_path: true + read_only: true + source: / + target: /rootfs + type: bind + grafana-loki: + command: -config.file=/etc/loki/loki-config.yaml + container_name: grafana-loki + depends_on: + grafana-alloy: + condition: service_started + required: true + image: grafana/loki:latest + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3100" + target: 3100 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/grafana/loki/loki-config.yaml + target: /etc/loki/loki-config.yaml + type: volume + volume: {} + grafana-mimir: + command: + - -ingester.native-histograms-ingestion-enabled=true + - -config.file=/etc/mimir.yaml + container_name: grafana-mimir + depends_on: + grafana-alloy: + condition: service_started + required: true + image: grafana/mimir:latest + labels: + - homepage.group=Infrastructure/App Performance Monitoring + - homepage.name=Grafana Mimir + - homepage.href=http://192.168.1.254:9009 + - homepage.description=Long-term metrics storage + - homepage.icon=/icons/grafana-mimir.png + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "9009" + target: 9009 + restart: unless-stopped + volumes: + - source: grafana-mimir-data + target: /data + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/grafana/mimir/mimir.yaml + target: /etc/mimir.yaml + type: volume + volume: {} + grafana-mimir-memcached: + container_name: grafana-mimir-memcached + depends_on: + grafana-alloy: + condition: service_started + required: true + environment: + - MEMCACHED_MEMORY_LIMIT=1g + - MEMCACHED_THREADS=4 + - MEMCACHED_MAX_CONNECTIONS=2048 + - MEMCACHED_TCP_PORT=11211 + - MEMCACHED_UDP_PORT=11211 + image: memcached + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "11211" + target: 11211 + restart: unless-stopped + grafana-pyroscope: + command: + - -config.file=/etc/pyroscope.yml + container_name: grafana-pyroscope + depends_on: + grafana-alloy: + condition: service_started + required: true + image: grafana/pyroscope:latest + labels: + - homepage.group=Infrastructure/App Performance Monitoring + - homepage.name=Grafana Pyroscope + - homepage.description=Profiling for applications + - homepage.href=http://192.168.1.254:4040 + - homepage.icon=/icons/grafana-pyroscope.svg + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "4040" + target: 4040 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/grafana/pyroscope/config.yaml + target: /etc/pyroscope.yml + type: volume + volume: {} + grafana-tempo: + command: + - -config.file=/etc/tempo.yaml + container_name: grafana-tempo + depends_on: + grafana-alloy: + condition: service_started + required: true + image: grafana/tempo:latest + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "14268" + target: 14268 + - mode: ingress + protocol: tcp + published: "3200" + target: 3200 + - mode: ingress + protocol: tcp + published: "9095" + target: 9095 + - mode: ingress + protocol: tcp + published: "4317" + target: 4317 + - mode: ingress + protocol: tcp + published: "4318" + target: 4318 + - mode: ingress + protocol: tcp + published: "9411" + target: 9411 + restart: unless-stopped + volumes: + - source: grafana-tempo-data + target: /var/tempo + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/grafana/tempo/tempo.yaml + target: /etc/tempo.yaml + type: volume + volume: {} + homepage: + container_name: homepage + image: ghcr.io/gethomepage/homepage:latest + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3004" + target: 3000 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/homepage + target: /app/config + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/homepage/images + target: /app/public/images + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/homepage/icons + target: /app/public/icons + type: volume + volume: {} + - read_only: true + source: ${DOCKER_VOLUME_STORAGE} + target: /rinoa-storage + type: volume + volume: {} + hortusfox: + container_name: hortusfox + depends_on: + mariadb: + condition: service_started + required: true + environment: + APP_ADMIN_EMAIL: charish.patel@trez.wtf + APP_ADMIN_PASSWORD: ${HORTUSFOX_ADMIN_PASSWORD} + DB_CHARSET: utf8mb4 + DB_DATABASE: hortusfox + DB_HOST: mariadb + DB_PASSWORD: ${HORTUSFOX_DB_PASSWORD} + DB_PORT: 3306 + DB_USERNAME: hortusfox + image: ghcr.io/danielbrendel/hortusfox-web:latest + labels: + - swag=enable + - swag_proto=http + - swag_url=plants.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://plants.trez.wtf + - homepage.group=Lifestyle + - homepage.name=HortusFox + - homepage.href=https://plants.trez.wtf + - homepage.icon=hortusfox.png + - homepage.description=Plant management system + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8006" + target: 80 + restart: unless-stopped + volumes: + - source: hortusfox_app_images + target: /var/www/html/public/img + type: volume + volume: {} + - source: hortusfox_app_logs + target: /var/www/html/app/logs + type: volume + volume: {} + - source: hortusfox_app_backup + target: /var/www/html/public/backup + type: volume + volume: {} + - source: hortusfox_app_themes + target: /var/www/html/public/themes + type: volume + volume: {} + - source: hortusfox_app_migrate + target: /var/www/html/app/migrations + type: volume + volume: {} + huginn: + container_name: huginn + environment: + HUGINN_DATABASE_HOST: mariadb + HUGINN_DATABASE_NAME: huginn + HUGINN_DATABASE_PASSWORD: MLbKPT3j9TYcguYevFRcfEcrXtL4kcxujtrNdrq9eCig4WhUbxkyLoAiCPpm4zob + HUGINN_DATABASE_PORT: "3306" + HUGINN_DATABASE_USERNAME: huginn + PGID: "1000" + PUID: "1000" + TZ: America/New_York + hostname: Rinoa + image: ghcr.io/huginn/huginn + labels: + - homepage.group=Automation + - homepage.name=Huginn + - homepage.href=https://huginn.trez.wtf + - homepage.icon=huginn + - homepage.description=Agent/Web Automation + - swag=enable + - swag_port=3000 + - swag_proto=http + - swag.uptime-kuma.enabled=true + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3005" + target: 3000 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + hugo: + command: hugo server --baseURL "it-services.trez.wtf" --bind 0.0.0.0 --appendPort=false --source=/src/it-services --configDir=/src/it-services/config/ -e production --logLevel debug + container_name: hugo + image: hugomods/hugo:exts + labels: + - swag=enable + - swag_proto=http + - swag_port=1313 + - swag_url=it-services.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://it-services.trez.wtf + - homepage.group=Professional Services + - homepage.name=Hugo + - homepage.href=https://it-services.trez.wtf + - homepage.icon=hugo.svg + - homepage.description=Static site + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "1313" + target: 1313 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/hugo/ + target: /src + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/hugo/cache + target: /tmp/hugo_cache + type: volume + volume: {} + invidious: + container_name: invidious + depends_on: + invidious-db: + condition: service_started + required: true + environment: + INVIDIOUS_CONFIG: | + db: + dbname: invidious + user: kemal + password: kemal + host: invidious-db + port: 5432 + check_tables: true + # external_port: + # domain: + # https_only: false + # statistics_enabled: false + hmac_key: "8Qyuvl9TWYdkvVo8BJ14qM4HBshKieR3KvDc3vsECx1L4OR51i-EtW2K74MmAVHeNPmJetM67T0M-9FIm7b-MA" + healthcheck: + interval: 30s + retries: 2 + test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/trending || exit 1 + timeout: 5s + image: quay.io/invidious/invidious:latest + labels: + - swag=enable + - swag_proto=http + - swag_port=3000 + - swag_url=invid.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://invid.trez.wtf + - homepage.group=Social + - homepage.name=Invidious + - homepage.href=https://invid.trez.wtf + - homepage.icon=invidious.svg + - homepage.description=Alternative YouTube frontend (privacy-focused, ad-blocking) + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3007" + target: 3000 + restart: unless-stopped + invidious-db: + container_name: invidious-db + environment: + POSTGRES_DB: invidious + POSTGRES_PASSWORD: kemal + POSTGRES_USER: kemal + healthcheck: + test: + - CMD-SHELL + - pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB + image: docker.io/library/postgres:14 + networks: + default: null + restart: unless-stopped + volumes: + - source: invidious-postgres + target: /var/lib/postgresql/data + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/invidious/sql + target: /config/sql + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/invidious/entrypoint/init-invidious-db.sh + target: /docker-entrypoint-initdb.d/init-invidious-db.sh + type: volume + volume: {} + invoice_ninja: + container_name: invoice_ninja + environment: + APP_DEBUG: true + APP_KEY: ${IN_APP_KEY} + APP_URL: http://invoice_ninja:8003 + DB_DATABASE: invoice_ninja + DB_HOST: mariadb + DB_PASSWORD: ${IN_MYSQL_PASSWORD} + DB_PORT: 3306 + DB_USERNAME: ininja + IN_PASSWORD: ${IN_PASSWORD} + IN_USER_EMAIL: charish.patel@trez.wtf + MAIL_ENCRYPTION: null + MAIL_FROM_ADDRESS: noreply@trez.wtf + MAIL_FROM_NAME: null + MAIL_HOST: postal-smtp + MAIL_MAILER: log + MAIL_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} + MAIL_PORT: 25 + MAIL_USERNAME: ${POSTAL_SMTP_AUTH_USER} + MYSQL_DATABASE: invoice_ninja + MYSQL_PASSWORD: ${IN_MYSQL_PASSWORD} + MYSQL_ROOT_PASSWORD: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD} + MYSQL_USER: ininja + PDF_GENERATOR: snappdf + PHANTOMJS_PDF_GENERATION: false + QUEUE_CONNECTION: database + REQUIRE_HTTPS: false + TRUSTED_PROXIES: 172.18.0.0/16 + expose: + - 9000 + image: invoiceninja/invoiceninja:5 + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8003" + target: 8003 + restart: always + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/app/public + target: /var/www/app/public + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/app/storage + target: /var/www/app/storage + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/php/php.ini + target: /usr/local/etc/php/php.ini + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/php/php-cli.ini + target: /usr/local/etc/php/php-cli.ini + type: volume + volume: {} + invoice_ninja_proxy: + container_name: invoice_ninja_proxy + depends_on: + invoice_ninja: + condition: service_started + required: true + environment: + APP_DEBUG: true + APP_KEY: ${IN_APP_KEY} + APP_URL: http://invoice_ninja:9000 + DB_DATABASE: invoice_ninja + DB_HOST: mariadb + DB_PASSWORD: ${IN_MYSQL_PASSWORD} + DB_PORT: 3306 + DB_USERNAME: ininja + IN_PASSWORD: ${IN_PASSWORD} + IN_USER_EMAIL: charish.patel@trez.wtf + MAIL_ENCRYPTION: null + MAIL_FROM_ADDRESS: noreply@trez.wtf + MAIL_FROM_NAME: null + MAIL_HOST: postal-smtp + MAIL_MAILER: log + MAIL_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} + MAIL_PORT: 25 + MAIL_USERNAME: ${POSTAL_SMTP_AUTH_USER} + MYSQL_DATABASE: invoice_ninja + MYSQL_PASSWORD: ${IN_MYSQL_PASSWORD} + MYSQL_ROOT_PASSWORD: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD} + MYSQL_USER: ininja + PDF_GENERATOR: snappdf + PHANTOMJS_PDF_GENERATION: false + QUEUE_CONNECTION: database + REQUIRE_HTTPS: false + TRUSTED_PROXIES: 172.18.0.0/16 + image: nginx + labels: + - swag=enable + - swag_proto=http + - swag_url=biz.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://biz.trez.wtf + - homepage.group=Professional Services + - homepage.name=Invoice Ninja + - homepage.href=https://biz.trez.wtf + - homepage.icon=invoiceninja.svg + - homepage.description=Simple invoicing, multiple payment options, expense and vendor management, and more! + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8005" + target: 80 + restart: always + volumes: + - read_only: true + source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/proxy/invoice_ninja.conf + target: /etc/nginx/conf.d/in-vhost.conf + type: volume + volume: {} + - read_only: true + source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/app/public + target: /var/www/app/public + type: volume + volume: {} + it-tools: + container_name: it-tools + image: ghcr.io/corentinth/it-tools:latest + labels: + - swag=enable + - swag_proto=http + - swag_url=itt.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://itt.trez.wtf + - homepage.group=Code + - homepage.name=IT-Tools + - homepage.href=https://itt.trez.wtf + - homepage.icon=it-tools.svg + - homepage.description=Useful tools for developers and people working in IT + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8104" + target: 80 + restart: unless-stopped + jitsi-admin: + container_name: jitsi-admin + environment: + DATABASE_URL: mysql://jitsiadmin:${JITSI__ADMIN_DB_PASSWORD}@mariadb:3306/jitsiadmin + HTTP_METHOD: http + MAILER_DSN: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25 + MERCURE_JWT_SECRET: ${JITSI__ADMIN_JWT_SECRET} + MERCURE_PUBLIC_URL: https://meet-admin.trez.wtf + MERCURE_URL: http://jitsi-admin-websocket + OAUTH_KEYCLOAK_CLIENT_ID: null + OAUTH_KEYCLOAK_CLIENT_REALM: null + OAUTH_KEYCLOAK_CLIENT_SECRET: null + OAUTH_KEYCLOAK_CLIENT_SERVER: null + PUBLIC_URL: https://meet-admin.trez.wtf + VICH_BASE: https://meet-admin.trez.wtf + laF_baseUrl: https://meet-admin.trez.wtf + registerEmailAdress: noreply@trez.wtf + image: h2invent/jitsi-admin-main + networks: + default: null + restart: unless-stopped + jitsi-admin-keycloak: + command: + - start-dev + - --import-realm + container_name: jitsi-admin-keycloak + environment: + KC_RUN_IN_CONTAINER: true + KEYCLOAK_ADMIN: admin + KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD} + KEYCLOAK_BIND_ADDRESS: 0.0.0.0 + KEYCLOAK_CACHE_TYPE: ispn + KEYCLOAK_DAEMON_GROUP: keycloak + KEYCLOAK_DAEMON_USER: keycloak + KEYCLOAK_DATABASE_HOST: postgresql + KEYCLOAK_DATABASE_NAME: bitnami_keycloak + KEYCLOAK_DATABASE_PASSWORD: nil + KEYCLOAK_DATABASE_PORT: 5432 + KEYCLOAK_DATABASE_SCHEMA: public + KEYCLOAK_DATABASE_USER: bn_keycloak + KEYCLOAK_DATABASE_VENDOR: postgresql + KEYCLOAK_ENABLE_HEALTH_ENDPOINTS: false + KEYCLOAK_ENABLE_HTTPS: false + KEYCLOAK_ENABLE_STATISTICS: false + KEYCLOAK_HOSTNAME: null + KEYCLOAK_HTTP_PORT: 8080 + KEYCLOAK_HTTP_RELATIVE_PATH: / + KEYCLOAK_HTTPS_PORT: 8443 + KEYCLOAK_HTTPS_USE_PEM: false + KEYCLOAK_INIT_MAX_RETRIES: 10 + KEYCLOAK_JDBC_DRIVER: postgresql + KEYCLOAK_JDBC_PARAMS: nil + KEYCLOAK_LOG_LEVEL: info + KEYCLOAK_LOG_OUTPUT: default + KEYCLOAK_MOUNTED_CONF_DIR: /opt/keycloak/conf + KEYCLOAK_PRODUCTION: false + KEYCLOAK_PROXY: passthrough + KEYCLOAK_ROOT_LOG_LEVEL: INFO + expose: + - 8080 + - 8443 + image: keycloak/keycloak + labels: + - homepage.group=Privacy/Security + - homepage.name=Keycloak + - homepage.href=https://cloak.trez.wtf + - homepage.icon=keycloak.svg + - homepage.description=Open-source IAM + - swag=enable + - swag_proto=http + - swag_port=8080 + - swag_url=cloak.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://cloak.trez.wtf + networks: + default: null + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/keycloak + target: /opt/keycloak + type: volume + volume: {} + jitsi-admin-websocket: + container_name: jitsi-admin-websocket + environment: + WEBSOCKET_SECRET: ${JITSI__ADMIN_JWT_SECRET} + expose: + - 3000 + image: h2invent/jitsi-admin-websocket + labels: + - swag=enable + - swag_proto=http + - swag_url=meet-admin.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://meet-admin.trez.wtf + - homepage.group=System Administration + - homepage.name=Jitsi Admin + - homepage.href=https://meet-admin.trez.wtf + - homepage.icon=/icons/jitsi-admin.png + - homepage.description=Web Conferencing + networks: + default: null + restart: unless-stopped + jitsi-etherpad: + container_name: jitsi-etherpad + environment: + - TITLE=${JITSI__ETHERPAD_TITLE} + - DEFAULT_PAD_TEXT=${JITSI__ETHERPAD_DEFAULT_PAD_TEXT} + - SKIN_NAME=${JITSI__ETHERPAD_SKIN_NAME} + - SKIN_VARIANTS=${JITSI__ETHERPAD_SKIN_VARIANTS} + - SUPPRESS_ERRORS_IN_PAD_TEXT=true + image: etherpad/etherpad:1.8.6 + networks: + default: null + restart: unless-stopped + jitsi-jibri: + cap_add: + - SYS_ADMIN + container_name: jitsi-jibri + depends_on: + jitsi-jicofo: + condition: service_started + required: true + environment: + - AUTOSCALER_SIDECAR_KEY_FILE + - AUTOSCALER_SIDECAR_KEY_ID + - AUTOSCALER_SIDECAR_GROUP_NAME + - AUTOSCALER_SIDECAR_HOST_ID + - AUTOSCALER_SIDECAR_INSTANCE_ID + - AUTOSCALER_SIDECAR_PORT + - AUTOSCALER_SIDECAR_REGION + - AUTOSCALER_SIDECAR_SHUTDOWN_POLLING_INTERVAL + - AUTOSCALER_SIDECAR_STATS_POLLING_INTERVAL + - AUTOSCALER_URL + - CHROMIUM_FLAGS + - DISPLAY=:0 + - ENABLE_STATS_D + - JIBRI_WEBHOOK_SUBSCRIBERS + - JIBRI_HTTP_API_EXTERNAL_PORT + - JIBRI_HTTP_API_INTERNAL_PORT + - JIBRI_RECORDING_RESOLUTION + - JIBRI_RECORDING_VIDEO_ENCODE_PRESET + - JIBRI_RECORDING_CONSTANT_RATE_FACTOR + - JIBRI_RECORDING_FRAMERATE + - JIBRI_RECORDING_QUEUE_SIZE + - JIBRI_RECORDING_STREAMING_MAX_BITRATE + - JIBRI_USAGE_TIMEOUT + - JIBRI_XMPP_USER + - JIBRI_XMPP_PASSWORD=${JITSI__JIBRI_XMPP_PASSWORD} + - JIBRI_BREWERY_MUC + - JIBRI_RECORDER_USER=jibri-recorder + - JIBRI_RECORDER_PASSWORD=${JITSI__JIBRI_RECORDER_PASSWORD} + - JIBRI_RECORDING_DIR + - JIBRI_FINALIZE_RECORDING_SCRIPT_PATH + - JIBRI_STRIP_DOMAIN_JID + - JIBRI_STATSD_HOST + - JIBRI_STATSD_PORT + - LOCAL_ADDRESS + - PUBLIC_URL=${JITSI__PUBLIC_URL} + - TZ=${JITSI__TZ} + - XMPP_AUTH_DOMAIN + - XMPP_DOMAIN + - XMPP_INTERNAL_MUC_DOMAIN + - XMPP_MUC_DOMAIN + - XMPP_RECORDER_DOMAIN + - XMPP_SERVER= + - XMPP_PORT + - XMPP_TRUST_ALL_CERTS + image: jitsi/jibri:${JITSI_IMAGE_VERSION:-stable} + networks: + default: null + restart: unless-stopped + shm_size: 2gb + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/jitsi/jibri + target: /config + type: volume + volume: {} + jitsi-jicofo: + container_name: focus.meet.jitsi + depends_on: + jitsi-prosody: + condition: service_started + required: true + environment: + - AUTH_TYPE + - BRIDGE_AVG_PARTICIPANT_STRESS + - BRIDGE_STRESS_THRESHOLD + - ENABLE_AUTH + - ENABLE_AUTO_OWNER + - ENABLE_CODEC_VP8 + - ENABLE_CODEC_VP9 + - ENABLE_CODEC_H264 + - ENABLE_CODEC_OPUS_RED + - ENABLE_JVB_XMPP_SERVER + - ENABLE_OCTO + - ENABLE_RECORDING=1 + - ENABLE_SCTP + - ENABLE_AUTO_LOGIN + - JICOFO_AUTH_LIFETIME + - JICOFO_AUTH_PASSWORD=${JITSI__JICOFO_AUTH_PASSWORD} + - JICOFO_AUTH_TYPE + - JICOFO_BRIDGE_REGION_GROUPS + - JICOFO_ENABLE_AUTH + - JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS + - JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT + - JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT + - JICOFO_CONF_SOURCE_SIGNALING_DELAYS + - JICOFO_CONF_MAX_AUDIO_SENDERS + - JICOFO_CONF_MAX_VIDEO_SENDERS + - JICOFO_CONF_STRIP_SIMULCAST + - JICOFO_CONF_SSRC_REWRITING + - JICOFO_ENABLE_HEALTH_CHECKS + - JICOFO_ENABLE_REST + - JICOFO_HEALTH_CHECKS_USE_PRESENCE + - JICOFO_MULTI_STREAM_BACKWARD_COMPAT + - JICOFO_OCTO_REGION + - JIBRI_BREWERY_MUC + - JIBRI_REQUEST_RETRIES + - JIBRI_PENDING_TIMEOUT + - JIGASI_BREWERY_MUC + - JIGASI_SIP_URI + - JVB_BREWERY_MUC + - JVB_XMPP_AUTH_DOMAIN + - JVB_XMPP_INTERNAL_MUC_DOMAIN + - JVB_XMPP_PORT + - JVB_XMPP_SERVER + - MAX_BRIDGE_PARTICIPANTS + - OCTO_BRIDGE_SELECTION_STRATEGY + - SENTRY_DSN="${JICOFO_SENTRY_DSN:-0}" + - SENTRY_ENVIRONMENT + - SENTRY_RELEASE + - TZ=${JITSI__JIGAGI_SIP_SERVER} + - XMPP_DOMAIN + - XMPP_AUTH_DOMAIN + - XMPP_INTERNAL_MUC_DOMAIN + - XMPP_MUC_DOMAIN + - XMPP_RECORDER_DOMAIN + - XMPP_SERVER= + - XMPP_PORT + image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable} + networks: + default: null + ports: + - 127.0.0.1:${JICOFO_REST_PORT:-8889}:8888 + restart: unless-stopped + volumes: + - bind: + selinux: Z + source: ${DOCKER_VOLUME_CONFIG}/jitsi/jicofo + target: /config + type: volume + volume: {} + jitsi-jigasi: + container_name: jitsi-jigasi + depends_on: + jitsi-prosody: + condition: service_started + required: true + environment: + - ENABLE_AUTH=1 + - ENABLE_GUESTS=1 + - XMPP_AUTH_DOMAIN + - XMPP_GUEST_DOMAIN + - XMPP_MUC_DOMAIN + - XMPP_INTERNAL_MUC_DOMAIN + - XMPP_SERVER + - XMPP_PORT + - XMPP_DOMAIN + - PUBLIC_URL=${JITSI__PUBLIC_URL} + - JIGASI_DISABLE_SIP + - JIGASI_SIP_URI=${JITSI__SIP_URI} + - JIGASI_SIP_PASSWORD=${JITSI__JIGAGI_SIP_PASSWORD} + - JIGASI_SIP_SERVER=${JITSI__JIGAGI_SIP_SERVER} + - JIGASI_SIP_PORT=${JITSI__JIGAGI_SIP_PORT} + - JIGASI_SIP_TRANSPORT=${JITSI__JIGAGI_SIP_TRANSPORT} + - JIGASI_SIP_DEFAULT_ROOM + - JIGASI_XMPP_USER + - JIGASI_XMPP_PASSWORD=${JITSI__JIGASI_XMPP_PASSWORD} + - JIGASI_BREWERY_MUC + - JIGASI_PORT_MIN + - JIGASI_PORT_MAX + - JIGASI_HEALTH_CHECK_SIP_URI + - JIGASI_HEALTH_CHECK_INTERVAL + - JIGASI_SIP_KEEP_ALIVE_METHOD + - JIGASI_ENABLE_SDES_SRTP + - ENABLE_TRANSCRIPTIONS + - JIGASI_TRANSCRIBER_ADVERTISE_URL + - JIGASI_TRANSCRIBER_RECORD_AUDIO + - JIGASI_TRANSCRIBER_SEND_TXT + - GC_PROJECT_ID + - GC_PRIVATE_KEY_ID + - GC_PRIVATE_KEY + - GC_CLIENT_EMAIL + - GC_CLIENT_ID + - GC_CLIENT_CERT_URL + - SHUTDOWN_REST_ENABLED + - SENTRY_DSN="${JIGASI_SENTRY_DSN:-0}" + - SENTRY_ENVIRONMENT + - SENTRY_RELEASE + - TZ=${JITSI__TZ} + image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-stable} + networks: + default: null + ports: + - ${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}:${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}/udp + restart: unless-stopped + volumes: + - bind: + selinux: Z + source: ${DOCKER_VOLUME_CONFIG}/jitsi/jigasi + target: /config + type: volume + volume: {} + - bind: + selinux: Z + source: ${DOCKER_VOLUME_CONFIG}/jitsi/transcripts + target: /tmp/transcripts + type: volume + volume: {} + jitsi-jvb: + container_name: video.meet.jitsi + depends_on: + jitsi-prosody: + condition: service_started + required: true + environment: + - DOCKER_HOST_ADDRESS + - ENABLE_COLIBRI_WEBSOCKET + - ENABLE_JVB_XMPP_SERVER + - ENABLE_OCTO + - JVB_ADVERTISE_IPS + - JVB_ADVERTISE_PRIVATE_CANDIDATES + - JVB_AUTH_USER + - JVB_AUTH_PASSWORD=${JITSI__JVB_AUTH_PASSWORD} + - JVB_BREWERY_MUC + - JVB_DISABLE_STUN + - JVB_PORT + - JVB_MUC_NICKNAME + - JVB_STUN_SERVERS + - JVB_OCTO_BIND_ADDRESS + - JVB_OCTO_REGION + - JVB_OCTO_RELAY_ID + - JVB_WS_DOMAIN + - JVB_WS_SERVER_ID + - JVB_XMPP_AUTH_DOMAIN + - JVB_XMPP_INTERNAL_MUC_DOMAIN + - JVB_XMPP_PORT + - JVB_XMPP_SERVER + - PUBLIC_URL=${JITSI__PUBLIC_URL} + - SENTRY_DSN="${JVB_SENTRY_DSN:-0}" + - SENTRY_ENVIRONMENT + - SENTRY_RELEASE + - COLIBRI_REST_ENABLED + - SHUTDOWN_REST_ENABLED + - TZ=${JITSI__JIGAGI_SIP_SERVER} + - XMPP_AUTH_DOMAIN + - XMPP_INTERNAL_MUC_DOMAIN + - XMPP_SERVER= + - XMPP_PORT + image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable} + networks: + default: null + ports: + - ${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp + - 127.0.0.1:${JVB_COLIBRI_PORT:-8091}:8080 + restart: unless-stopped + volumes: + - bind: + selinux: Z + source: ${DOCKER_VOLUME_CONFIG}/jitsi/jvb + target: /config + type: volume + volume: {} + jitsi-prosody: + container_name: xmpp.meet.jitsi + environment: + - AUTH_TYPE + - DISABLE_POLLS + - ENABLE_AUTH + - ENABLE_AV_MODERATION + - ENABLE_BREAKOUT_ROOMS + - ENABLE_END_CONFERENCE + - ENABLE_GUESTS=1 + - ENABLE_IPV6 + - ENABLE_LOBBY + - ENABLE_RECORDING=1 + - ENABLE_XMPP_WEBSOCKET + - ENABLE_JAAS_COMPONENTS + - GC_TYPE + - GC_INC_TH + - GC_INC_SPEED + - GC_INC_STEP_SIZE + - GC_GEN_MIN_TH + - GC_GEN_MAX_TH + - GLOBAL_CONFIG + - GLOBAL_MODULES + - JIBRI_RECORDER_USER + - JIBRI_RECORDER_PASSWORD=${JITSI__JIBRI_RECORDER_PASSWORD} + - JIBRI_XMPP_USER + - JIBRI_XMPP_PASSWORD=${JITSI__JIBRI_XMPP_PASSWORD} + - JICOFO_AUTH_PASSWORD=${JITSI__JICOFO_AUTH_PASSWORD} + - JICOFO_COMPONENT_SECRET + - JIGASI_XMPP_USER + - JIGASI_XMPP_PASSWORD=${JITSI__JIGASI_XMPP_PASSWORD} + - JVB_AUTH_USER + - JVB_AUTH_PASSWORD=${JITSI__JVB_AUTH_PASSWORD} + - JWT_APP_ID + - JWT_APP_SECRET + - JWT_ACCEPTED_ISSUERS + - JWT_ACCEPTED_AUDIENCES + - JWT_ASAP_KEYSERVER + - JWT_ALLOW_EMPTY + - JWT_AUTH_TYPE + - JWT_ENABLE_DOMAIN_VERIFICATION + - JWT_TOKEN_AUTH_MODULE + - MATRIX_UVS_URL + - MATRIX_UVS_ISSUER + - MATRIX_UVS_AUTH_TOKEN + - MATRIX_UVS_SYNC_POWER_LEVELS + - LOG_LEVEL + - LDAP_AUTH_METHOD + - LDAP_BASE + - LDAP_BINDDN + - LDAP_BINDPW + - LDAP_FILTER + - LDAP_VERSION + - LDAP_TLS_CIPHERS + - LDAP_TLS_CHECK_PEER + - LDAP_TLS_CACERT_FILE + - LDAP_TLS_CACERT_DIR + - LDAP_START_TLS + - LDAP_URL + - LDAP_USE_TLS + - MAX_PARTICIPANTS + - PROSODY_AUTH_TYPE + - PROSODY_RESERVATION_ENABLED + - PROSODY_RESERVATION_REST_BASE_URL + - PROSODY_ENABLE_RATE_LIMITS + - PROSODY_RATE_LIMIT_LOGIN_RATE + - PROSODY_RATE_LIMIT_SESSION_RATE + - PROSODY_RATE_LIMIT_TIMEOUT + - PROSODY_RATE_LIMIT_ALLOW_RANGES + - PROSODY_RATE_LIMIT_CACHE_SIZE + - PUBLIC_URL=${JITSI__PUBLIC_URL} + - TURN_CREDENTIALS + - TURN_HOST + - TURNS_HOST + - TURN_PORT + - TURNS_PORT + - TURN_TRANSPORT + - TZ=${JITSI__JIGAGI_SIP_SERVER} + - XMPP_DOMAIN + - XMPP_AUTH_DOMAIN + - XMPP_GUEST_DOMAIN + - XMPP_MUC_DOMAIN + - XMPP_INTERNAL_MUC_DOMAIN + - XMPP_MODULES + - XMPP_MUC_MODULES + - XMPP_MUC_CONFIGURATION + - XMPP_INTERNAL_MUC_MODULES + - XMPP_RECORDER_DOMAIN + - XMPP_PORT + expose: + - ${XMPP_PORT:-5222} + - "5347" + - "5280" + image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable} + networks: + default: null + restart: unless-stopped + volumes: + - bind: + selinux: Z + source: ${DOCKER_VOLUME_CONFIG}/jitsi/prosody/config + target: /config + type: volume + volume: {} + - bind: + selinux: Z + source: ${DOCKER_VOLUME_CONFIG}/jitsi/prosody/prosody-plugins-custom + target: /prosody-plugins-custom + type: volume + volume: {} + jitsi-web: + container_name: meet.jitsi + environment: + - AMPLITUDE_ID + - ANALYTICS_SCRIPT_URLS + - ANALYTICS_WHITELISTED_EVENTS + - AUDIO_QUALITY_OPUS_BITRATE + - AUTO_CAPTION_ON_RECORD + - BRANDING_DATA_URL + - CALLSTATS_CUSTOM_SCRIPT_URL + - CALLSTATS_ID + - CALLSTATS_SECRET + - CHROME_EXTENSION_BANNER_JSON + - COLIBRI_WEBSOCKET_PORT + - CONFCODE_URL + - CONFIG_EXTERNAL_CONNECT + - DEFAULT_LANGUAGE + - DEPLOYMENTINFO_ENVIRONMENT + - DEPLOYMENTINFO_ENVIRONMENT_TYPE + - DEPLOYMENTINFO_REGION + - DEPLOYMENTINFO_SHARD + - DEPLOYMENTINFO_USERREGION + - DESKTOP_SHARING_FRAMERATE_MIN + - DESKTOP_SHARING_FRAMERATE_MAX + - DIALIN_NUMBERS_URL + - DIALOUT_AUTH_URL + - DIALOUT_CODES_URL + - DISABLE_AUDIO_LEVELS + - DISABLE_DEEP_LINKING + - DISABLE_GRANT_MODERATOR + - DISABLE_HTTPS + - DISABLE_KICKOUT + - DISABLE_LOCAL_RECORDING + - DISABLE_POLLS + - DISABLE_PRIVATE_CHAT + - DISABLE_PROFILE + - DISABLE_REACTIONS + - DISABLE_REMOTE_VIDEO_MENU + - DISABLE_START_FOR_ALL + - DROPBOX_APPKEY + - DROPBOX_REDIRECT_URI + - DYNAMIC_BRANDING_URL + - ENABLE_AUDIO_PROCESSING + - ENABLE_AUTH + - ENABLE_BREAKOUT_ROOMS + - ENABLE_CALENDAR + - ENABLE_COLIBRI_WEBSOCKET + - ENABLE_E2EPING + - ENABLE_FILE_RECORDING_SHARING + - ENABLE_GUESTS=1 + - ENABLE_HSTS + - ENABLE_HTTP_REDIRECT + - ENABLE_IPV6 + - ENABLE_LETSENCRYPT + - ENABLE_LIPSYNC + - ENABLE_NO_AUDIO_DETECTION + - ENABLE_NOISY_MIC_DETECTION + - ENABLE_OCTO + - ENABLE_OPUS_RED + - ENABLE_PREJOIN_PAGE + - ENABLE_P2P + - ENABLE_WELCOME_PAGE + - ENABLE_CLOSE_PAGE + - ENABLE_LIVESTREAMING + - ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK + - ENABLE_LIVESTREAMING_HELP_LINK + - ENABLE_LIVESTREAMING_TERMS_LINK + - ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING + - ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT + - ENABLE_LOCAL_RECORDING_SELF_START + - ENABLE_RECORDING=1 + - ENABLE_REMB + - ENABLE_REQUIRE_DISPLAY_NAME + - ENABLE_SERVICE_RECORDING + - ENABLE_SIMULCAST + - ENABLE_STATS_ID + - ENABLE_STEREO + - ENABLE_SUBDOMAINS + - ENABLE_TALK_WHILE_MUTED + - ENABLE_TCC + - ENABLE_TRANSCRIPTIONS + - ENABLE_XMPP_WEBSOCKET + - ENABLE_JAAS_COMPONENTS + - ETHERPAD_PUBLIC_URL + - ETHERPAD_URL_BASE=${JITSI__ETHERPAD_URL_BASE} + - E2EPING_NUM_REQUESTS + - E2EPING_MAX_CONFERENCE_SIZE + - E2EPING_MAX_MESSAGE_PER_SECOND + - GOOGLE_ANALYTICS_ID + - GOOGLE_API_APP_CLIENT_ID + - HIDE_PREMEETING_BUTTONS + - HIDE_PREJOIN_DISPLAY_NAME + - HIDE_PREJOIN_EXTRA_BUTTONS + - INVITE_SERVICE_URL + - LETSENCRYPT_DOMAIN + - LETSENCRYPT_EMAIL + - LETSENCRYPT_USE_STAGING + - MATOMO_ENDPOINT + - MATOMO_SITE_ID + - MICROSOFT_API_APP_CLIENT_ID + - NGINX_RESOLVER + - NGINX_WORKER_PROCESSES + - NGINX_WORKER_CONNECTIONS + - PEOPLE_SEARCH_URL + - PREFERRED_LANGUAGE + - PUBLIC_URL=${JITSI__PUBLIC_URL} + - P2P_PREFERRED_CODEC + - RESOLUTION + - RESOLUTION_MIN + - RESOLUTION_WIDTH + - RESOLUTION_WIDTH_MIN + - START_AUDIO_MUTED + - START_AUDIO_ONLY + - START_BITRATE + - START_SILENT + - START_WITH_AUDIO_MUTED + - START_VIDEO_MUTED + - START_WITH_VIDEO_MUTED + - TESTING_CAP_SCREENSHARE_BITRATE + - TESTING_OCTO_PROBABILITY + - TOKEN_AUTH_URL + - TOOLBAR_BUTTONS + - TRANSLATION_LANGUAGES + - TRANSLATION_LANGUAGES_HEAD + - TZ=${JITSI__JIGAGI_SIP_SERVER} + - USE_APP_LANGUAGE + - VIDEOQUALITY_BITRATE_H264_LOW + - VIDEOQUALITY_BITRATE_H264_STANDARD + - VIDEOQUALITY_BITRATE_H264_HIGH + - VIDEOQUALITY_BITRATE_VP8_LOW + - VIDEOQUALITY_BITRATE_VP8_STANDARD + - VIDEOQUALITY_BITRATE_VP8_HIGH + - VIDEOQUALITY_BITRATE_VP9_LOW + - VIDEOQUALITY_BITRATE_VP9_STANDARD + - VIDEOQUALITY_BITRATE_VP9_HIGH + - VIDEOQUALITY_ENFORCE_PREFERRED_CODEC + - VIDEOQUALITY_PREFERRED_CODEC + - XMPP_AUTH_DOMAIN + - XMPP_BOSH_URL_BASE + - XMPP_DOMAIN + - XMPP_GUEST_DOMAIN + - XMPP_MUC_DOMAIN + - XMPP_RECORDER_DOMAIN + - XMPP_PORT + - WHITEBOARD_ENABLED + - WHITEBOARD_COLLAB_SERVER_PUBLIC_URL + image: jitsi/web:${JITSI_IMAGE_VERSION:-stable} + labels: + - swag=enable + - swag_proto=https + - swag_url=meet.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://meet.trez.wtf + - homepage.group=Social + - homepage.name=Jitsi + - homepage.href=https://meet.trez.wtf + - homepage.icon=jitsi.png + - homepage.description=Web Conferencing + networks: + default: null + ports: + - ${JITSI__HTTP_PORT}:80 + - ${JITSI__HTTPS_PORT}:443 + restart: unless-stopped + volumes: + - bind: + selinux: Z + source: ${DOCKER_VOLUME_CONFIG}/jitsi/web + target: /config + type: volume + volume: {} + - bind: + selinux: Z + source: ${DOCKER_VOLUME_CONFIG}/jitsi/web/crontabs + target: /var/spool/cron/crontabs + type: volume + volume: {} + - bind: + selinux: Z + source: ${DOCKER_VOLUME_CONFIG}/jitsi/transcripts + target: /usr/share/jitsi-meet/transcripts + type: volume + volume: {} + joplin-db: + container_name: joplin-db + environment: + - POSTGRES_PASSWORD=${JOPLIN_POSTGRES_PASSWORD} + - POSTGRES_USER=${JOPLIN_POSTGRES_USER} + - POSTGRES_DB=${JOPLIN_POSTGRES_DATABASE} + expose: + - 5432 + image: postgres:17-alpine + networks: + default: null + restart: unless-stopped + volumes: + - source: joplin_data + target: /var/lib/postgresql/data + type: volume + volume: {} + joplin-server: + container_name: joplin-server + environment: + - ACCOUNT_TYPES_ENABLED=true + - APP_PORT=${JOPLIN_APP_PORT} + - APP_BASE_URL=${JOPLIN_APP_BASE_URL} + - DB_CLIENT=pg + - INSTANCE_NAME='Joplin @ Rinoa' + - IS_ADMIN_INSTANCE=true + - MAILER_ENABLED=1 + - MAILER_HOST=postal-smtp + - MAILER_PORT=25 + - MAILER_SECURITY=none + - MAILER_AUTH_USER=${POSTAL_SMTP_AUTH_USER} + - MAILER_AUTH_PASSWORD=${POSTAL_SMTP_AUTH_PASSWORD} + - MAILER_NOREPLY_NAME=Joplin @ Rinoa + - MAILER_NOREPLY_EMAIL=noreply@trez.wtf + - POSTGRES_PASSWORD=${JOPLIN_POSTGRES_PASSWORD} + - POSTGRES_DATABASE=${JOPLIN_POSTGRES_DATABASE} + - POSTGRES_USER=${JOPLIN_POSTGRES_USER} + - POSTGRES_PORT=5432 + - POSTGRES_HOST=joplin-db + image: joplin/server:latest + labels: + - homepage.group=Personal Services + - homepage.name=Joplin + - homepage.href=https://notes.trez.wtf + - homepage.icon=joplin.svg + - homepage.description=Open-source note taking & to-do + - swag=enable + - swag_proto=http + - swag_port=22300 + - swag_url=notes.trez.wtf + - swag_server_custom_directive="proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;" + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://notes.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "22300" + target: 22300 + restart: unless-stopped + librespeed: + container_name: librespeed + environment: + - DB_HOSTNAME= + - DB_NAME= + - DB_PASSWORD= + - DB_TYPE=sqlite + - DB_USERNAME= + - PASSWORD= + - PGID=1000 + - PUID=1000 + - TZ=America/New_York + - DOCKER_MODS=ghcr.io/themepark-dev/theme.park:librespeed + hostname: Rinoa + image: lscr.io/linuxserver/librespeed:latest + labels: + - homepage.group=System Administration + - homepage.name=LibreSpeed + - homepage.href=https://speed.trez.wtf + - homepage.icon=librespeed.png + - homepage.description=Speed test + - swag=enable + - swag_proto=http + - swag_url=speed.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://speed.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8014" + target: 80 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/librespeed + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + lidarr: + container_name: lidarr + environment: + - PGID=1000 + - PUID=1000 + - TZ=America/New_York + - DOCKER_MODS=ghcr.io/gilbn/theme.park:lidarr + hostname: Rinoa + image: lscr.io/linuxserver/lidarr:latest + labels: + - homepage.group=Servarr Stack + - homepage.name=Lidarr + - homepage.href=https://lidarr.trez.wtf + - homepage.icon=lidarr.png + - homepage.description=Music Automation + - homepage.widget.type=lidarr + - homepage.widget.url=http://lidarr:8686 + - homepage.widget.key=${LIDARR_API_KEY} + - swag=enable + - swag.uptime-kuma.enabled=true + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8686" + target: 8686 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/lidarr + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + lidify: + container_name: lidify + environment: + app_name: lidify + app_rev: 0.09 + app_url: lidify.trez.wtf + dry_run_adding_to_lidarr: true + fallback_to_top_result: false + last_fm_api_key: ${LASTFM_API_KEY} + last_fm_api_secret: ${LASTFM_API_SECRET} + lidarr_address: http://lidarr:8686 + lidarr_api_key: ${LIDARR_API_KEY} + lidarr_api_timeout: 120 + metadata_profile_id: 1 + mode: LastFM + quality_profile_id: 1 + root_folder_path: /data/media/music + search_for_missing_albums: false + spotify_client_id: ${YOUR_SPOTIFY_ID} + spotify_client_secret: ${YOUR_SPOTIFY_SECRET} + expose: + - 5000 + image: thewicklowwolf/lidify:latest + labels: + - homepage.group=Servarr Stack + - homepage.name=Lidify + - homepage.href=https://lidify.trez.wtf + - homepage.icon=/icons/lidify.png + - homepage.description=Music Discovery a la Last.fm, Spotify, Pandora, etc. + - swag=enable + - swag_auth=authelia + - swag_proto=http + - swag_port=5000 + - swag_url=lidify.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://lidify.trez.wtf + networks: + default: null + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/lidify + target: /lidify/config + type: volume + volume: {} + - source: ${DOCKER_VOLUME_STORAGE}/Audio/Music + target: /data/media/music + type: volume + volume: {} + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + lldap: + container_name: lldap + environment: + - UID=${PUID} + - GID=${GUID} + - TZ=${TZ} + - LLDAP_JWT_SECRET=${LLDAP_JWT_SECRET} + - LLDAP_KEY_SEED=${LLDAP_KEY_SEED} + - LLDAP_LDAP_BASE_DN=dc=trez,dc=wtf + image: lldap/lldap:stable + labels: + - homepage.group=System Administration + - homepage.name=LLDAP + - homepage.href=https://ldap.trez.wtf + - homepage.icon=/icons/lldap.png + - homepage.description=LDAP made easy + - swag=enable + - swag_proto=http + - swag_port=17170 + - swag_url=ldap.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://ldap.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "17170" + target: 17170 + restart: always + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/lldap + target: /data + type: volume + volume: {} + localai: + container_name: localai + environment: + - DEBUG=true + healthcheck: + interval: 1m + retries: 5 + test: + - CMD + - curl + - -f + - http://localhost:8080/readyz + timeout: 20m + image: localai/localai:latest-aio-cpu + labels: + - homepage.group=Personal Services + - homepage.name=LocalAI + - homepage.href=https://ai.trez.wtf + - homepage.icon=/icons/localai.png + - homepage.description=Open source OpenAI alternative + - swag=enable + - swag_proto=http + - swag_port=8080 + - swag_url=ai.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8109" + target: 8080 + restart: always + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/localai/models + target: /build/models + type: volume + volume: {} + maloja: + container_name: maloja + environment: + MALOJA_CLEAN_OUTPUT: true + MALOJA_DEV_MODE: false + MALOJA_FORCE_PASSWORD: ${MALOJA_FORCE_PASSWORD} + MALOJA_LASTFM_API_KEY: ${LASTFM_API_KEY} + MALOJA_LASTFM_API_SECRET: ${LASTFM_API_SECRET} + MALOJA_LASTFM_PASSWORD: ${LASTFM_PASSWORD} + MALOJA_LASTFM_USERNAME: ${LASTFM_USERNAME} + MALOJA_LOGGING: true + MALOJA_PARSE_REMIX_ARTISTS: true + MALOJA_SCROBBLE_LASTFM: true + MALOJA_SKIP_SETUP: true + MALOJA_SPOTIFY_API_ID: ${YOUR_SPOTIFY_ID} + MALOJA_SPOTIFY_API_SECRET: ${YOUR_SPOTIFY_SECRET} + MALOJA_TIMEZONE: ${TZ} + image: krateng/maloja:latest + labels: + - homepage.group=Media Library + - homepage.name=Maloja + - homepage.href=https://scrobble.trez.wtf + - homepage.icon=maloja.png + - homepage.description=Simple self-hosted music scrobble database to create personal listening statistics + - swag=enable + - swag_proto=http + - swag_port=42010 + - swag_url=scrobble.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "42010" + target: 42010 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/maloja/config + target: /etc/maloja + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/maloja/data + target: /var/lib/maloja + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/maloja/logs + target: /var/log/maloja + type: volume + volume: {} + mariadb: + container_name: mariadb + environment: + - MYSQL_ROOT_PASSWORD=${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD} + - PGID=1000 + - PUID=1000 + - TZ=America/New_York + - MYSQL_PASSWORD=VQU23wHKRNmfpAPt5E9BxMaSGJdWjLuz + hostname: Rinoa + image: ghcr.io/linuxserver/mariadb + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3306" + target: 3306 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/mariadb + target: /config + type: bind + - source: ${DOCKER_VOLUME_STORAGE} + target: /storage + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/mariadb + target: /var/lib/mysql + type: volume + volume: {} + mattermost: + container_name: mattermost + depends_on: + mattermost-db: + condition: service_started + required: true + environment: + MM_EMAILSETTINGS_ENABLESMTPAUTH: true + MM_EMAILSETTINGS_SMTPPASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} + MM_EMAILSETTINGS_SMTPPORT: 25 + MM_EMAILSETTINGS_SMTPSERVER: postal-smtp + MM_EMAILSETTINGS_SMTPUSERNAME: ${POSTAL_SMTP_AUTH_USER} + MM_FILESETTINGS_AMAZONS3ACCESSKEYID: ${MATTERMOST_AWS_S3_ACCESSKEY} + MM_FILESETTINGS_AMAZONS3BUCKET: mattermost + MM_FILESETTINGS_AMAZONS3ENDPOINT: minio:9000 + MM_FILESETTINGS_AMAZONS3REGION: us-east-fh-pln + MM_FILESETTINGS_AMAZONS3SECRETACCESSKEY: ${MATTERMOST_AWS_S3_SECRETKEY} + MM_FILESETTINGS_AMAZONS3SSL: false + MM_FILESETTINGS_ARCHIVERECURSION: true + MM_FILESETTINGS_DRIVERNAME: amazons3 + MM_FILESETTINGS_MAXFILESIZE: 104857600 + MM_LOGSETTINGS_CONSOLELEVEL: info + MM_LOGSETTINGS_ENABLECOLOR: true + MM_METRICSSETTINGS_ENABLE: true + MM_PLUGINSETTINGS_ENABLEUPLOADS: true + MM_SERVICESETTINGS_FORWARD80TO443: false + MM_SERVICESETTINGS_LISTENADDRESS: :8065 + MM_SERVICESETTINGS_SITEURL: https://mm.trez.wtf + MM_SQLSETTINGS_DATASOURCE: ${MATTERMOST_POSTGRES_CONNECTION_URI} + MM_SQLSETTINGS_DRIVERNAME: postgres + TZ: ${TZ} + expose: + - 8067 + image: mattermost/mattermost-team-edition:latest + labels: + - homepage.group=Social + - homepage.name=Mattermost + - homepage.href=https://mm.trez.wtf + - homepage.icon=mattermost.svg + - homepage.description=Team collaboration and technical workflows (Slack alternative) + - swag=enable + - swag_custom_directive=client_max_body_size 0; + - swag_proto=http + - swag_port=8065 + - swag_url=mm.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://mm.trez.wtf + networks: + default: null + pids_limit: 200 + ports: + - mode: ingress + protocol: tcp + published: "8065" + target: 8065 + restart: unless-stopped + security_opt: + - no-new-privileges:true + tmpfs: + - /tmp + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/mattermost/config + target: /mattermost/config + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/mattermost/data + target: /mattermost/data + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/mattermost/logs + target: /mattermost/logs + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/mattermost/plugins + target: /mattermost/plugins + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/mattermost/client/plugins + target: /mattermost/client/plugins + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/mattermost/bleve-indexes + target: /mattermost/bleve-indexes + type: volume + volume: {} + mattermost-db: + container_name: mattermost-db + environment: + - TZ=${TZ} + - POSTGRES_DB=mattermost + - POSTGRES_USER=mattermost + - POSTGRES_PASSWORD=${MATTERMOST_POSTGRES_PASSWORD} + expose: + - 5432 + image: postgres:16-alpine + networks: + default: null + restart: unless-stopped + security_opt: + - no-new-privileges=true + tmpfs: + - /tmp + - /var/run/postgresql + volumes: + - source: mattermost-postgres + target: /var/lib/postgresql/data + type: volume + volume: {} + maybe-app: + container_name: maybe-app + depends_on: + maybe-pg: + condition: service_healthy + required: true + environment: + DB_HOST: maybe-pg + GOOD_JOB_EXECUTION_MODE: async + POSTGRES_DB: maybe + POSTGRES_PASSWORD: ${MAYBE_POSTGRES_PASSWORD} + POSTGRES_USER: maybe + RAILS_ASSUME_SSL: "false" + RAILS_FORCE_SSL: "false" + SECRET_KEY_BASE: ${MAYBE_SECRET_KEY_BASE} + SELF_HOSTED: "true" + image: ghcr.io/maybe-finance/maybe:latest + labels: + - homepage.group=Lifestyle + - homepage.name=Maybe + - homepage.href=https://finance.trez.wtf + - homepage.icon=/icons/maybe.png + - homepage.description=Personal finance app + - swag=enable + - swag_proto=http + - swag_port=3000 + - swag_url=finance.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://finance.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3014" + target: 3000 + restart: unless-stopped + volumes: + - source: maybe-app + target: /rails/storage + type: volume + volume: {} + maybe-pg: + container_name: maybe-pg + environment: + POSTGRES_DB: maybe + POSTGRES_PASSWORD: ${MAYBE_POSTGRES_PASSWORD} + POSTGRES_USER: maybe + healthcheck: + interval: 5s + retries: 5 + test: + - CMD-SHELL + - pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB + timeout: 5s + image: postgres:16-alpine + networks: + default: null + restart: unless-stopped + volumes: + - source: maybe-pg-db + target: /var/lib/postgresql/data + type: volume + volume: {} + minio: + command: server --console-address ":9090" /mnt/data + container_name: minio + environment: + - MINIO_ROOT_USER=minioadmin + - MINIO_ROOT_PASSWORD=${MINIO_ROOT_PASSWORD} + - MINIO_ACCESS_KEY=${MINIO_MIMIR_STORAGE_ACCESS_KEY} + - MINIO_SECRET_KEY=${MINIO_MIMIR_STORAGE_SECRET_KEY} + hostname: minio + image: minio/minio + labels: + - swag=enable + - swag_proto=http + - swag_port=9090 + - swag_url=s3.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://s3.trez.wtf + - homepage.group=System Administration + - homepage.name=MinIO + - homepage.href=https://s3.trez.wtf + - homepage.icon=minio.png + - homepage.description=S3-compatible storage backend + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "9001" + target: 9000 + - mode: ingress + protocol: tcp + published: "9092" + target: 9090 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/minio/data + target: /mnt/data + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/minio/minio + target: /etc/config.env + type: volume + volume: {} + mongodb1: + command: + - --replSet + - rinoa-rs0 + - --bind_ip_all + - --port + - "27017" + container_name: mongodb1 + extra_hosts: + - host.docker.internal:host-gateway + healthcheck: + interval: 5s + retries: 30 + start_interval: 1s + start_period: 0s + test: echo "try { rs.status() } catch (err) { rs.initiate({_id:'rinoa-rs0',members:[{_id:0,host:'host.docker.internal:27017',priority:1},{_id:1,host:'host.docker.internal:27018',priority:0.5},{_id:2,host:'host.docker.internal:27019',priority:0.5}]}) }" | mongosh --port 27017 --quiet + timeout: 30s + image: mongo:7.0 + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "27017" + target: 27017 + restart: unless-stopped + volumes: + - source: mongo1_data + target: /data/db + type: volume + volume: {} + - source: mongo1_config + target: /data/configdb + type: volume + volume: {} + mongodb2: + command: + - --replSet + - rinoa-rs0 + - --bind_ip_all + - --port + - "27018" + container_name: mongodb2 + extra_hosts: + - host.docker.internal:host-gateway + image: mongo:7.0 + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "27018" + target: 27018 + restart: unless-stopped + volumes: + - source: mongo2_data + target: /data/db + type: volume + volume: {} + - source: mongo2_config + target: /data/configdb + type: volume + volume: {} + mongodb3: + command: + - --replSet + - rinoa-rs0 + - --bind_ip_all + - --port + - "27019" + container_name: mongodb3 + extra_hosts: + - host.docker.internal:host-gateway + image: mongo:7.0 + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "27019" + target: 27019 + restart: unless-stopped + volumes: + - source: mongo3_data + target: /data/db + type: volume + volume: {} + - source: mongo3_config + target: /data/configdb + type: volume + volume: {} + multi-scrobbler: + container_name: multi-scrobbler + environment: + - TZ=${TZ} + - PUID=${PUID} + - PGID=${PGID} + image: foxxmd/multi-scrobbler + labels: + - homepage.group=Media Library + - homepage.name=Multi-Scrobbler + - homepage.href=http://192.168.1.254:9078 + - homepage.icon=/icons/multi-scrobbler.png + - homepage.description=JS App for scrobbling/recording play history from/to multiple sources + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "9078" + target: 9078 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/multi-scrobbler + target: /config + type: volume + volume: {} + navidrome: + container_name: navidrome + environment: + ND_AUTOIMPORTPLAYLISTS: false + ND_BASEURL: "" + ND_LASTFM_APIKEY: ${LASTFM_API_KEY} + ND_LASTFM_ENABLED: true + ND_LASTFM_SECRET: ${LASTFM_API_SECRET} + ND_LOGLEVEL: info + ND_MUSICFOLDER: /music + ND_SCANNER_GROUPALBUMRELEASES: true + ND_SCANSCHEDULE: '@every 6h' + ND_SESSIONTIMEOUT: 24h + ND_SPOTIFY_ID: ${YOUR_SPOTIFY_ID} + ND_SPOTIFY_SECRET: ${YOUR_SPOTIFY_SECRET} + ND_SUBSONICARTISTPARTICIPATIONS: true + image: deluan/navidrome:latest + labels: + - homepage.group=Media Library + - homepage.name=Navidrome + - homepage.href=https://navi.trez.wtf + - homepage.icon=navidrome.png + - homepage.description=Music Streaming + - homepage.widget.type=navidrome + - homepage.widget.url=http://navidrome:4533 + - homepage.widget.user=admin + - homepage.widget.token=e8a9e97b29aa963fa4729c633289d232 + - homepage.widget.salt=v5Z93Z + - swag=enable + - swag_port=4533 + - swag_proto=http + - swag_url=navi.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://navi.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "4533" + target: 4533 + restart: unless-stopped + user: 1000:1000 + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/navidrome + target: /data + type: volume + volume: {} + - source: ${DOCKER_VOLUME_STORAGE}/Audio/Music + target: /music + type: volume + volume: {} + nextcloud: + container_name: nextcloud + environment: + - PGID=1000 + - PUID=1000 + - TZ=America/New_York + - LOG_LEVEL=debug + hostname: Rinoa + image: lscr.io/linuxserver/nextcloud:latest + labels: + - homepage.group=Personal Services + - homepage.name=NextCloud + - homepage.href=https://cloud.trez.wtf + - homepage.icon=nextcloud.png + - homepage.description=Private Cloud + - swag=enable + - swag_proto=https + - swag_url=cloud.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://cloud.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "444" + target: 443 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/nextcloud + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/nextcloud + target: /data + type: bind + ollama: + container_name: ollama + extra_hosts: + - host.docker.internal:host-gateway + image: ollama/ollama + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "11434" + target: 11434 + restart: always + volumes: + - source: ollama + target: /root/.ollama + type: volume + volume: {} + ombi: + container_name: ombi + environment: + PGID: "1000" + PUID: "1000" + TZ: America/New_York + hostname: Rinoa + image: lscr.io/linuxserver/ombi:latest + labels: + - homepage.group=Media Library + - homepage.name=Ombi + - homepage.href=https://ombi.trez.wtf + - homepage.icon=ombi.png + - homepage.description=Media Requests + - homepage.widget.type=ombi + - homepage.widget.url=http://ombi:3579 + - homepage.widget.key=${OMBI_API_KEY} + - swag=enable + - swag.uptime-kuma.enabled=true + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3579" + target: 3579 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/ombi + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + paperless-ngx: + container_name: paperless-ngx + environment: + PAPERLESS_DBENGINE: mariadb + PAPERLESS_DBHOST: mariadb + PAPERLESS_DBPASS: ${PAPERLESS_DBPASS} + PAPERLESS_DBPORT: 3306 + PAPERLESS_DBUSER: paperless + PAPERLESS_OCR_LANGUAGE: eng + PAPERLESS_OCR_LANGUAGES: all + PAPERLESS_REDIS: redis://redis:6379 + PAPERLESS_SECRET_KEY: ${PAPERLESS_SECRET_KEY} + PAPERLESS_TIME_ZONE: ${TZ} + PAPERLESS_URL: https://docs.trez.wtf + USERMAP_GID: ${PGID} + USERMAP_UID: ${PUID} + image: ghcr.io/paperless-ngx/paperless-ngx:latest + labels: + - swag=enable + - swag_proto=http + - swag_port=8000 + - swag_url=docs.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://docs.trez.wtf + - homepage.group=Personal Services + - homepage.name=Paperless-ngx + - homepage.href=https://docs.trez.wtf + - homepage.icon=paperless-ngx.svg + - homepage.description=Document indexer & archiver with OCR + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8004" + target: 8000 + restart: unless-stopped + volumes: + - source: paperless-ngx-data + target: /usr/src/paperless/data + type: volume + volume: {} + - source: paperless-ngx-media + target: /usr/src/paperless/media + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/paperless-ngx/export + target: /usr/src/paperless/export + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/paperless-ngx/consume + target: /usr/src/paperless/consume + type: volume + volume: {} + plausible: + command: sh -c "sleep 10 && /entrypoint.sh db createdb && /entrypoint.sh db migrate && /entrypoint.sh run" + container_name: plausible + depends_on: + plausible_db: + condition: service_started + required: true + plausible_events_db: + condition: service_started + required: true + environment: + BASE_URL: https://analytics.trez.wtf + CLICKHOUSE_DATABASE_URL: http://plausible-events-db:8123/plausible_events_db + DATABASE_URL: postgres://plausible:${PLAUSIBLE_PG_PASSWORD}@plausible-db:5432/plausible_db + DISABLE_REGISTRATION: invite_only + ENABLE_EMAIL_VERIFICATION: true + MAILER_ADAPTER: Bamboo.Mua + MAILER_EMAIL: noreply@trez.wtf + MAILER_NAME: Plausible + MAXMINDDB_LICENSE_KEY: ${SWAG_MAXMINDDB_LICENSE_KEY} + SECRET_KEY_BASE: ${PLAUSIBLE_SECRET_KEY_BASE} + SMTP_HOST_ADDR: postal-smtp + SMTP_HOST_PORT: 25 + SMTP_USER_NAME: ${POSTAL_SMTP_AUTH_USER} + SMTP_USER_PWD: ${POSTAL_SMTP_AUTH_PASSWORD} + TOTP_VAULT_KEY: ${PLAUSIBLE_TOTP_VAULT_KEY} + image: ghcr.io/plausible/community-edition:v2.1.0 + labels: + - swag=enable + - swag_proto=http + - swag_port=8000 + - swag_url=analytics.trez.wtf + - homepage.group=Professional Services + - homepage.name=Plausible + - homepage.href=https://analytics.trez.wtf + - homepage.icon=plausible.svg + - homepage.description=Open-source web analytics + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8107" + target: 8000 + restart: always + plausible_db: + container_name: plausible-db + environment: + POSTGRES_DB: plausible_db + POSTGRES_PASSWORD: ${PLAUSIBLE_PG_PASSWORD} + POSTGRES_USER: plausible + expose: + - 5432 + image: postgres:16-alpine + networks: + default: null + restart: always + volumes: + - source: plausible-db-data + target: /var/lib/postgresql/data + type: volume + volume: {} + plausible_events_db: + container_name: plausible-events-db + expose: + - 8123 + image: clickhouse/clickhouse-server:24.3.3.102-alpine + networks: + default: null + restart: always + ulimits: + nofile: + hard: 262144 + soft: 262144 + volumes: + - source: plausible-event-data + target: /var/lib/clickhouse + type: volume + volume: {} + - source: plausible-event-logs + target: /var/log/clickhouse-server + type: volume + volume: {} + - read_only: true + source: ${DOCKER_VOLUME_CONFIG}/plausible/clickhouse/clickhouse-config.xml + target: /etc/clickhouse-server/config.d/logging.xml + type: volume + volume: {} + - read_only: true + source: ${DOCKER_VOLUME_CONFIG}/plausible/clickhouse/clickhouse-user-config.xml + target: /etc/clickhouse-server/users.d/logging.xml + type: volume + volume: {} + portainer: + command: + - -H + - unix:///var/run/docker.sock + container_name: portainer + environment: + - TZ=America/New_York + - DOCKER_MODS=ghcr.io/themepark-dev/theme.park:portainer + hostname: Rinoa + image: portainer/portainer-ce:latest + labels: + - homepage.group=System Administration + - homepage.name=Portainer + - homepage.href=https://portainer.trez.wtf + - homepage.icon=portainer.png + - homepage.description=Docker container management + - homepage.widget.type=portainer + - homepage.widget.url=http://portainer:9000 + - homepage.widget.env=1 + - homepage.widget.key=${PORTAINER_API_KEY} + - swag=enable + - swag.uptime-kuma.enabled=true + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "9000" + target: 9000 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/portainer + target: /data + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + - bind: + create_host_path: true + source: /var/run/docker.sock + target: /var/run/docker.sock + type: bind + postal-smtp: + cap_add: + - NET_BIND_SERVICE + command: postal smtp-server + container_name: postal-smtp + image: ghcr.io/postalserver/postal:latest + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "25" + target: 25 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/postal + target: /config + type: volume + volume: {} + postal-web: + command: postal web-server + container_name: postal-web + image: ghcr.io/postalserver/postal:latest + labels: + - swag=enable + - swag_proto=http + - swag_port=5000 + - swag_address=postal-web + - swag_url=post.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://post.trez.wtf + - homepage.group=System Administration + - homepage.name=Postal + - homepage.href=https://post.trez.wtf + - homepage.icon=/icons/postal.png + - homepage.description=OSS Mail delivery platform + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "5001" + target: 5000 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/postal + target: /config + type: volume + volume: {} + postal-worker: + command: postal worker + container_name: postal-worker + environment: + - LOG_LEVEL=debug + image: ghcr.io/postalserver/postal:latest + networks: + default: null + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/postal + target: /config + type: volume + volume: {} + prowlarr: + container_name: prowlarr + environment: + - PGID=1000 + - PUID=1000 + - TZ=America/New_York + - DOCKER_MODS=ghcr.io/gilbn/theme.park:sonarr + - TP_DOMAIN=trez.wtf\/themepark + - TP_COMMUNITY_THEME=false + - TP_THEME=space-gray + hostname: Rinoa + image: lscr.io/linuxserver/prowlarr:latest + labels: + - homepage.group=Servarr Stack + - homepage.name=Prowlarr + - homepage.href=https://prowlarr.trez.wtf + - homepage.icon=prowlarr.png + - homepage.description=Index aggregator + - homepage.widget.type=prowlarr + - homepage.widget.url=http://prowlarr:9696 + - homepage.widget.key=${PROWLARR_API_KEY} + - swag=enable + - swag.uptime-kuma.enabled=true + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "9696" + target: 9696 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/prowlarr + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + radarec: + container_name: radarec + environment: + auto_start: true + auto_start_delay: 60 + dry_run_adding_to_radarr: false + fallback_to_top_result: false + language_choice: all + metadata_profile_id: 1 + minimum_rating: 4.5 + minimum_votes: 50 + quality_profile_id: 1 + radarr_address: http://radarr:7878 + radarr_api_key: ${RADARR_API_KEY} + radarr_api_timeout: 120 + root_folder_path: /data/media/movies + search_for_movie: true + tmdb_api_key: ${TMDB_API_KEY} + expose: + - 5000 + image: thewicklowwolf/radarec:latest + labels: + - homepage.group=Servarr Stack + - homepage.name=RadaRec + - homepage.href=https://radarec.trez.wtf + - homepage.icon=/icons/radarec.png + - homepage.description=Movie discovery based on library/tastes + - swag=enable + - swag_proto=http + - swag_port=5000 + - swag_auth=authelia + - swag_url=radarec.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://radarec.trez.wtf + networks: + default: null + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_STORAGE}/Movies + target: /data/media/movies + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/radarec + target: /radarec/config + type: volume + volume: {} + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + radarr: + container_name: radarr + environment: + PGID: "1000" + PUID: "1000" + TZ: America/New_York + hostname: Rinoa + image: lscr.io/linuxserver/radarr:latest + labels: + - homepage.group=Servarr Stack + - homepage.name=Radarr + - homepage.href=https://radarr.trez.wtf + - homepage.icon=radarr.png + - homepage.description=Movie Automation + - homepage.widget.type=radarr + - homepage.widget.url=http://radarr:7878 + - homepage.widget.key=${RADARR_API_KEY} + - swag=enable + - swag.uptime-kuma.enabled=true + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "7878" + target: 7878 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/radarr + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + reactive-resume: + container_name: reactive-resume + depends_on: + browserless: + condition: service_started + required: true + minio: + condition: service_started + required: true + reactive-resume-pg: + condition: service_started + required: true + environment: + ACCESS_TOKEN_SECRET: ${REACTIVE_RESUME_ACCESS_TOKEN_SECRET} + CHROME_PORT: 443 + CHROME_TOKEN: ${CHROMIUM_TOKEN} + CHROME_URL: wss://browse.trez.wtf + DATABASE_URL: postgresql://reactiveresume:${REACTIVE_RESUME_PGSQL_PASSWORD}@reactive-resume-pg:5432/reactiveresume + MAIL_FROM: noreply@trez.wtf + NODE_ENV: production + PORT: 3000 + PUBLIC_URL: https://resume.trez.wtf + REFRESH_TOKEN_SECRET: ${REACTIVE_RESUME_REFRESH_TOKEN_SECRET} + SMTP_URL: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25 + STORAGE_ACCESS_KEY: ${REACTIVE_RESUME_S3_ACCESS_KEY} + STORAGE_BUCKET: reactive-resume + STORAGE_ENDPOINT: minio + STORAGE_PORT: 9000 + STORAGE_REGION: us-east-fh-pln + STORAGE_SECRET_KEY: ${REACTIVE_RESUME_S3_SECRET_KEY} + STORAGE_URL: https://s3.trez.wtf/reactive-resume + STORAGE_USE_SSL: false + TZ: ${TZ} + image: amruthpillai/reactive-resume:latest + labels: + - homepage.group=Professional Services + - homepage.name=Reactive Resume + - homepage.href=https://resume.trez.wtf + - homepage.icon=reactive-resume.svg + - homepage.description=Open-source resume builder + - swag=enable + - swag_proto=http + - swag_port=3000 + - swag_url=resume.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://resume.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3011" + target: 3000 + restart: unless-stopped + reactive-resume-pg: + container_name: reactive-resume-pg + environment: + - TZ=${TZ} + - POSTGRES_DB=reactiveresume + - POSTGRES_USER=reactiveresume + - POSTGRES_PASSWORD=${REACTIVE_RESUME_PGSQL_PASSWORD} + expose: + - 5432 + image: postgres:16-alpine + networks: + default: null + restart: unless-stopped + volumes: + - source: reactive-resume-pg + target: /var/lib/postgresql/data + type: volume + volume: {} + readarr: + container_name: readarr + environment: + - PGID=1000 + - PUID=1000 + - TZ=America/New_York + - DOCKER_MODS=ghcr.io/gilbn/theme.park:readnarr + hostname: Rinoa + image: lscr.io/linuxserver/readarr:develop + labels: + - homepage.group=Servarr Stack + - homepage.name=Readarr + - homepage.href=https://readarr.trez.wtf + - homepage.icon=readarr.png + - homepage.description=eBook/Audiobook Automation + - homepage.widget.type=readarr + - homepage.widget.url=http://readarr:8787 + - homepage.widget.key=${READARR_API_KEY} + - swag=enable + - swag.uptime-kuma.enabled=true + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8787" + target: 8787 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/readarr + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + redis: + cap_add: + - SETGID + - SETUID + - DAC_OVERRIDE + cap_drop: + - ALL + command: redis-server --save "" --appendonly "no" + container_name: redis + expose: + - 6379 + image: redis:alpine + networks: + default: null + restart: unless-stopped + tmpfs: + - /var/lib/redis + redlib: + cap_drop: + - ALL + container_name: redlib + environment: + - REDLIB_SFW_ONLY=off + - REDLIB_BANNER= + - REDLIB_ROBOTS_DISABLE_INDEXING=off + - REDLIB_PUSHSHIFT_FRONTEND=undelete.pullpush.io + - REDLIB_DEFAULT_THEME=nord + - REDLIB_DEFAULT_FRONT_PAGE=default + - REDLIB_DEFAULT_LAYOUT=clean + - REDLIB_DEFAULT_WIDE=on + - REDLIB_DEFAULT_POST_SORT=hot + - REDLIB_DEFAULT_COMMENT_SORT=confidence + - REDLIB_DEFAULT_SHOW_NSFW=off + - REDLIB_DEFAULT_BLUR_NSFW=on + - REDLIB_DEFAULT_USE_HLS=off + - REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION=off + - REDLIB_DEFAULT_AUTOPLAY_VIDEOS=off + - REDLIB_DEFAULT_SUBSCRIPTIONS= + - REDLIB_DEFAULT_HIDE_AWARDS=off + - REDLIB_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION=off + - REDLIB_DEFAULT_HIDE_SCORE=off + - REDLIB_DEFAULT_FIXED_NAVBAR=on + image: quay.io/redlib/redlib:latest + labels: + - homepage.group=Social + - homepage.name=Redlib + - homepage.href=https://rlib.trez.wtf + - homepage.icon=libreddit.svg + - homepage.description=Redlib is a private front-end like Invidious but for Reddit + - swag=enable + - swag_proto=http + - swag_port=8080 + - swag_url=rlib.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://rlib.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8103" + target: 8080 + read_only: true + restart: always + security_opt: + - no-new-privileges=true + user: nobody + remmina: + container_name: remmina + environment: + CF_ACCOUNT_ID: ${CLOUDFLARE_ACCOUNT_ID} + CF_API_TOKEN: ${CLOUDFLARE_DNS_API_TOKEN} + CF_TUNNEL_CONFIG: | + ingress: + - hostname: rem.trez.wtf + service: http://192.168.1.254:3008 + - service: http_status:404 + CF_TUNNEL_NAME: remmina + CF_TUNNEL_PASSWORD: ${REMMINA_CF_TUNNEL_PASSWORD} + CF_ZONE_ID: ${CLOUDFLARE_ZONE_ID} + CUSTOM_HTTPS_PORT: 3009 + CUSTOM_PORT: 3008 + CUSTOM_USER: trez-one + DOCKER_HOST: tcp://dockerproxy:2375 + DOCKER_MODS: linuxserver/mods:universal-cloudflared + PASSWORD: ${REMMINA_USER_PASSWORD} + PGID: 1000 + PUID: 1000 + TITLE: Remmina @ Rinoa + TZ: ${TZ} + image: lscr.io/linuxserver/remmina:latest + labels: + - swag=enable + - swag_url=rem.trez.wtf + - swag_port=3008 + - homepage.group=System Administration + - homepage.name=Remmina + - homepage.href=https://rem.trez.wtf + - homepage.icon=/icons/remmina.svg + - homepage.description=GTK Remote desktop client (EXEC, SPICE, SSH, RDP, & VNC) + - homepage.widget.type=cloudflared + - homepage.widget.accountid=${CLOUDFLARE_ACCOUNT_ID} + - homepage.widget.tunnelid=${REMMINA_CF_TUNNEL_ID} + - homepage.widget.key=${CLOUDFLARE_DNS_API_TOKEN} + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3008" + target: 3008 + - mode: ingress + protocol: tcp + published: "3009" + target: 3009 + privileged: true + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/remmina + target: /config + type: volume + volume: {} + sabnzbdvpn: + cap_add: + - NET_ADMIN + - SYS_MODULE + container_name: sabnzbdvpn + environment: + - ENABLE_PRIVOXY=no + - LAN_NETWORK=192.168.1.0/24 + - NAME_SERVERS=192.168.1.254,1.1.1.1 + - PGID=1000 + - PUID=1000 + - TZ=America/New_York + - VPN_CLIENT=openvpn + - VPN_ENABLED=yes + - VPN_INPUT_PORTS= + - VPN_OPTIONS= + - VPN_OUTPUT_PORTS= + - VPN_PASS=QGXRAYAwzVv9X84MAK2gPYq2Mt6ztdoA + - VPN_PROV=pia + - VPN_USER=p3120278 + - DEBUG=true + hostname: Rinoa + image: ghcr.io/binhex/arch-sabnzbdvpn:latest + labels: + - homepage.group=Downloaders + - homepage.name=SABnzbd + - homepage.href=https://sabnzbd.trez.wtf + - homepage.icon=sabnzbd.png + - homepage.description=NZB Downloader over VPN + - homepage.widget.type=sabnzbd + - homepage.widget.url=http://sabnzbdvpn:8080 + - homepage.widget.env=1 + - homepage.widget.key=${SABNZBDVPN_API_KEY} + - swag=enable + - swag_proto=http + - swag_url=sabnzbd.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://sabnzbd.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8080" + target: 8080 + - mode: ingress + protocol: tcp + published: "8090" + target: 8090 + - mode: ingress + protocol: tcp + published: "8119" + target: 8118 + privileged: true + restart: unless-stopped + sysctls: + net.ipv4.conf.all.src_valid_mark: "1" + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/sabnzbdvpn + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + scraperr: + command: + - npm + - run + - start + container_name: scraperr + expose: + - 3000 + image: jpyles0524/scraperr:latest + labels: + - homepage.group=Personal Services + - homepage.name=Scraperr + - homepage.href=https://scrape.trez.wtf + - homepage.icon=/icons/scraperr.png + - homepage.description=Web scraper + - swag=enable + - swag_proto=http + - swag_port=3000 + - swag_url=scrape.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://scrape.trez.wtf + networks: + default: null + restart: unless-stopped + scraperr-api: + container_name: scraperr-api + environment: + - LOG_LEVEL=DEBUG + - OLLAMA_URL=http://ollama:11434 + - OLLAMA_MODEL=phi3 + - MONGODB_URI=mongodb://host.docker.internal:27017,host.docker.internal:27018,host.docker.internal:27019/scrapper + - SECRET_KEY=${SCRAPERR_SECRET_KEY} + - ALGORITHM=HS256 + - ACCESS_TOKEN_EXPIRE_MINUTES=600 + - DOCKER_HOST=tcp://dockerproxy:2375 + expose: + - 8000 + extra_hosts: + - host.docker.internal:host-gateway + image: jpyles0524/scraperr_api:latest + labels: + - swag=enable + - swag_proto=http + - swag_port=3000 + - swag_server_custom_directive="location /api/ { rewrite ^/api(/.*)$ /$1 break ; proxy_pass http://scraperr:3000; }" + networks: + default: null + restart: unless-stopped + scrutiny: + cap_add: + - SYS_RAWIO + container_name: scrutiny + devices: + - permissions: rwm + source: /dev/sda + target: /dev/sda + - permissions: rwm + source: /dev/sdb + target: /dev/sdb + - permissions: rwm + source: /dev/sdd + target: /dev/sdd + - permissions: rwm + source: /dev/sde + target: /dev/sde + - permissions: rwm + source: /dev/sdc + target: /dev/sdc + - permissions: rwm + source: /dev/sdf + target: /dev/sdf + image: ghcr.io/analogj/scrutiny:master-omnibus + labels: + - homepage.group=Infrastructure/App Performance Monitoring + - homepage.name=Scrutiny + - homepage.href=http://192.168.1.254:8909 + - homepage.icon=scrutiny.png + - homepage.description=WebUI for smartd S.M.A.R.T monitoring + - homepage.widget.type=scrutiny + - homepage.widget.url=http://scrutiny:8080 + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8909" + target: 8080 + - mode: ingress + protocol: tcp + published: "8910" + target: 8086 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /run/udev + target: /run/udev + type: bind + - source: ${DOCKER_VOLUME_CONFIG}/scrutiny/config + target: /opt/scrutiny/config + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/scrutiny/influxdb + target: /opt/scrutiny/influxdb + type: volume + volume: {} + searxng: + cap_add: + - CHOWN + - SETGID + - SETUID + cap_drop: + - ALL + container_name: searxng + environment: + - SEARXNG_BASE_URL=https://${SEARXNG_BASE_URL:-localhost}/ + image: searxng/searxng:latest + labels: + - homepage.group=Personal Services + - homepage.name=SearxNG + - homepage.href=https://search.trez.wtf + - homepage.icon=searxng.png + - homepage.description=Anonymized Meta-Search Engine + - swag=enable + - swag_address=searxng + - swag_proto=http + - swag_url=search.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://search.trez.wtf + logging: + driver: json-file + options: + max-file: "1" + max-size: 1m + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8095" + target: 8080 + privileged: true + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/searxng + target: /etc/searxng + type: volume + volume: {} + sonarr: + container_name: sonarr + environment: + - PGID=1000 + - PUID=1000 + - TZ=America/New_York + - DOCKER_MODS=ghcr.io/gilbn/theme.park:sonarr + hostname: Rinoa + image: lscr.io/linuxserver/sonarr:latest + labels: + - homepage.group=Servarr Stack + - homepage.name=Sonarr + - homepage.href=https://sonarr.trez.wtf + - homepage.icon=sonarr.png + - homepage.description=TV Show Automation + - homepage.widget.type=sonarr + - homepage.widget.url=http://sonarr:8989 + - homepage.widget.key=${SONARR_API_KEY} + - swag=enable + - swag.uptime-kuma.enabled=true + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8989" + target: 8989 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/sonarr + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + sonashow: + container_name: sonashow + environment: + auto_start: true + auto_start_delay: 60 + dry_run_adding_to_sonarr: false + fallback_to_top_result: false + language_choice: all + metadata_profile_id: 1 + minimum_rating: 4.5 + minimum_votes: 50 + quality_profile_id: 1 + radarr_address: http://sonarr:8989 + radarr_api_key: ${SONARR_API_KEY} + root_folder_path: /data/media/shows + search_for_missing_episodes: true + sonarr_api_timeout: 120 + tmdb_api_key: ${TMDB_API_KEY} + expose: + - 5000 + image: thewicklowwolf/sonashow:latest + labels: + - homepage.group=Servarr Stack + - homepage.name=Sonashow + - homepage.href=https://sonashow.trez.wtf + - homepage.icon=/icons/sonashow.png + - homepage.description=TV show discovery based on library/tastes + - swag=enable + - swag_auth=authelia + - swag_proto=http + - swag_port=5000 + - swag_url=sonashow.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://sonashow.trez.wtf + networks: + default: null + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_STORAGE}/TV_Shows + target: /data/media/shows + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/sonashow + target: /sonashow/config + type: volume + volume: {} + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + soulseek: + container_name: soulseek + depends_on: + gluetun: + condition: service_started + required: true + restart: true + environment: + SLSKD_PASSWORD: ${SLSKD_PASSWORD} + SLSKD_REMOTE_CONFIGURATION: true + SLSKD_SHARED_DIR: /music + SLSKD_USERNAME: slsk + image: slskd/slskd + labels: + - homepage.name=Soulseek + - homepage.group=Downloaders + - homepage.description=Modern client-server application for the Soulseek file-sharing network. + - homepage.href=https://slsk.trez.wtf + - homepage.icon=/icons/slskd.png + - swag=enable + - swag_proto=http + - swag_url=slsk.trez.wtf + - swag_address=gluetun + - swag_port=5030 + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://slsk.trez.wtf + network_mode: service:gluetun + restart: always + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/soulseek + target: /app + type: volume + volume: {} + - source: ${DOCKER_VOLUME_STORAGE}/Audio/Music + target: /music + type: volume + volume: {} + swag: + cap_add: + - NET_ADMIN + container_name: swag + environment: + - DNSPLUGIN=cloudflare + - EMAIL=charish.patel@trez.wtf + - EXTRA_DOMAINS= + - ONLY_SUBDOMAINS=false + - PGID=1000 + - PUID=1000 + - SUBDOMAINS=etherpad,ha,www + - TZ=America/New_York + - URL=trez.wtf + - VALIDATION=dns + - CROWDSEC_API_KEY=${CROWDSEC_API_KEY} + - CROWDSEC_LAPI_URL=http://crowdsec:8080 + - DOCKER_MODS=linuxserver/mods:universal-docker|linuxserver/mods:swag-auto-reload|linuxserver/mods:swag-auto-proxy|linuxserver/mods:swag-dashboard|linuxserver/mods:swag-maxmind|linuxserver/mods:universal-stdout-logs|ghcr.io/linuxserver/mods:swag-crowdsec + - PROPAGATION=30 + - UPTIME_KUMA_PASSWORD=${UPTIME_KUMA_PASSWORD} + - UPTIME_KUMA_URL=http://uptimekuma:3001 + - UPTIME_KUMA_USERNAME=${UPTIME_KUMA_USERNAME} + hostname: Rinoa + image: lscr.io/linuxserver/swag:latest + labels: + - swag=enable + - swag_proto=http + - swag_port=81 + - swag_url=swag.trez.wtf + - swag_auth=authelia + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://trac.trez.wtf + - homepage.group=Infrastructure/App Performance Monitoring + - homepage.name=SWAG Dashboard + - homepage.href=https://swag.trez.wtf + - homepage.icon=linuxserver-io.png + - homepage.description=SWAG Dashboard for proxies + - homepage.widget.type=swagdashboard + - homepage.widget.url=http://swag:81 + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "443" + target: 443 + - mode: ingress + protocol: tcp + published: "80" + target: 80 + - mode: ingress + protocol: tcp + published: "81" + target: 81 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/swag + target: /config + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + - bind: + create_host_path: true + read_only: true + source: /var/run/docker.sock + target: /var/run/docker.sock + type: bind + tandoor: + container_name: tandoor-recipes + depends_on: + tandoor-pg: + condition: service_started + required: true + environment: + DB_ENGINE: django.db.backends.postgresql + GID: 1000 + POSTGRES_DB: tandoor + POSTGRES_HOST: tandoor-pg + POSTGRES_PASSWORD: ${TANDOOR_POSTGRES_PASSWORD} + POSTGRES_USER: tandoor + SECRET_KEY: ${TANDOOR_SECRET_KEY} + TZ: ${TZ} + UID: 1000 + image: vabene1111/recipes + labels: + - homepage.group=Lifestyle + - homepage.name=Tandoor Recipes + - homepage.href=https://recipes.trez.wtf + - homepage.icon=tandoor.svg + - homepage.description=Recipes, cookbooks, meal-planning, & grocery lists + - homepage.widget.type=tandoor + - homepage.widget.url=http://tandoor-recipes:8080 + - homepage.widget.key=${TANDOOR_API_TOKEN} + - swag=enable + - swag_server_custom_directive="proxy_set_header X-Forwarded-Host $$http_host; proxy_set_header Host $$http_host;" + - swag_proto=http + - swag_url=recipes.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://trac.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8106" + target: 8080 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/tandoor/static + target: /opt/recipes/staticfiles + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/tandoor/media + target: /opt/recipes/mediafiles + type: volume + volume: {} + tandoor-pg: + container_name: tandoor-pg + environment: + POSTGRES_DB: tandoor + POSTGRES_PASSWORD: ${TANDOOR_POSTGRES_PASSWORD} + POSTGRES_USER: tandoor + expose: + - 5432 + image: postgres:16-alpine + networks: + default: null + restart: always + volumes: + - source: tandoor-pg + target: /var/lib/postgresql/data + type: volume + volume: {} + traccar: + container_name: traccar + image: traccar/traccar:latest + labels: + - homepage.group=Personal Services + - homepage.name=Traccar + - homepage.href=https://trac.trez.wtf + - homepage.icon=traccar.svg + - homepage.description=Open-source GPS tracking system + - swag=enable + - swag_proto=http + - swag_port=8082 + - swag_url=trac.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://trac.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: udp + published: "6000" + target: 5000 + - mode: ingress + protocol: udp + published: "6001" + target: 5001 + - mode: ingress + protocol: udp + published: "6002" + target: 5002 + - mode: ingress + protocol: udp + published: "6003" + target: 5003 + - mode: ingress + protocol: udp + published: "6004" + target: 5004 + - mode: ingress + protocol: udp + published: "6005" + target: 5005 + - mode: ingress + protocol: udp + published: "6006" + target: 5006 + - mode: ingress + protocol: udp + published: "6007" + target: 5007 + - mode: ingress + protocol: udp + published: "6008" + target: 5008 + - mode: ingress + protocol: udp + published: "6009" + target: 5009 + - mode: ingress + protocol: udp + published: "6010" + target: 5010 + - mode: ingress + protocol: udp + published: "6011" + target: 5011 + - mode: ingress + protocol: udp + published: "6012" + target: 5012 + - mode: ingress + protocol: udp + published: "6013" + target: 5013 + - mode: ingress + protocol: udp + published: "6014" + target: 5014 + - mode: ingress + protocol: udp + published: "6015" + target: 5015 + - mode: ingress + protocol: udp + published: "6016" + target: 5016 + - mode: ingress + protocol: udp + published: "6017" + target: 5017 + - mode: ingress + protocol: udp + published: "6018" + target: 5018 + - mode: ingress + protocol: udp + published: "6019" + target: 5019 + - mode: ingress + protocol: udp + published: "6020" + target: 5020 + - mode: ingress + protocol: udp + published: "6021" + target: 5021 + - mode: ingress + protocol: udp + published: "6022" + target: 5022 + - mode: ingress + protocol: udp + published: "6023" + target: 5023 + - mode: ingress + protocol: udp + published: "6024" + target: 5024 + - mode: ingress + protocol: udp + published: "6025" + target: 5025 + - mode: ingress + protocol: udp + published: "6026" + target: 5026 + - mode: ingress + protocol: udp + published: "6027" + target: 5027 + - mode: ingress + protocol: udp + published: "6028" + target: 5028 + - mode: ingress + protocol: udp + published: "6029" + target: 5029 + - mode: ingress + protocol: udp + published: "6030" + target: 5030 + - mode: ingress + protocol: udp + published: "6031" + target: 5031 + - mode: ingress + protocol: udp + published: "6032" + target: 5032 + - mode: ingress + protocol: udp + published: "6033" + target: 5033 + - mode: ingress + protocol: udp + published: "6034" + target: 5034 + - mode: ingress + protocol: udp + published: "6035" + target: 5035 + - mode: ingress + protocol: udp + published: "6036" + target: 5036 + - mode: ingress + protocol: udp + published: "6037" + target: 5037 + - mode: ingress + protocol: udp + published: "6038" + target: 5038 + - mode: ingress + protocol: udp + published: "6039" + target: 5039 + - mode: ingress + protocol: udp + published: "6040" + target: 5040 + - mode: ingress + protocol: udp + published: "6041" + target: 5041 + - mode: ingress + protocol: udp + published: "6042" + target: 5042 + - mode: ingress + protocol: udp + published: "6043" + target: 5043 + - mode: ingress + protocol: udp + published: "6044" + target: 5044 + - mode: ingress + protocol: udp + published: "6045" + target: 5045 + - mode: ingress + protocol: udp + published: "6046" + target: 5046 + - mode: ingress + protocol: udp + published: "6047" + target: 5047 + - mode: ingress + protocol: udp + published: "6048" + target: 5048 + - mode: ingress + protocol: udp + published: "6049" + target: 5049 + - mode: ingress + protocol: udp + published: "6050" + target: 5050 + - mode: ingress + protocol: udp + published: "6051" + target: 5051 + - mode: ingress + protocol: udp + published: "6052" + target: 5052 + - mode: ingress + protocol: udp + published: "6053" + target: 5053 + - mode: ingress + protocol: udp + published: "6054" + target: 5054 + - mode: ingress + protocol: udp + published: "6055" + target: 5055 + - mode: ingress + protocol: udp + published: "6056" + target: 5056 + - mode: ingress + protocol: udp + published: "6057" + target: 5057 + - mode: ingress + protocol: udp + published: "6058" + target: 5058 + - mode: ingress + protocol: udp + published: "6059" + target: 5059 + - mode: ingress + protocol: udp + published: "6060" + target: 5060 + - mode: ingress + protocol: udp + published: "6061" + target: 5061 + - mode: ingress + protocol: udp + published: "6062" + target: 5062 + - mode: ingress + protocol: udp + published: "6063" + target: 5063 + - mode: ingress + protocol: udp + published: "6064" + target: 5064 + - mode: ingress + protocol: udp + published: "6065" + target: 5065 + - mode: ingress + protocol: udp + published: "6066" + target: 5066 + - mode: ingress + protocol: udp + published: "6067" + target: 5067 + - mode: ingress + protocol: udp + published: "6068" + target: 5068 + - mode: ingress + protocol: udp + published: "6069" + target: 5069 + - mode: ingress + protocol: udp + published: "6070" + target: 5070 + - mode: ingress + protocol: udp + published: "6071" + target: 5071 + - mode: ingress + protocol: udp + published: "6072" + target: 5072 + - mode: ingress + protocol: udp + published: "6073" + target: 5073 + - mode: ingress + protocol: udp + published: "6074" + target: 5074 + - mode: ingress + protocol: udp + published: "6075" + target: 5075 + - mode: ingress + protocol: udp + published: "6076" + target: 5076 + - mode: ingress + protocol: udp + published: "6077" + target: 5077 + - mode: ingress + protocol: udp + published: "6078" + target: 5078 + - mode: ingress + protocol: udp + published: "6079" + target: 5079 + - mode: ingress + protocol: udp + published: "6080" + target: 5080 + - mode: ingress + protocol: udp + published: "6081" + target: 5081 + - mode: ingress + protocol: udp + published: "6082" + target: 5082 + - mode: ingress + protocol: udp + published: "6083" + target: 5083 + - mode: ingress + protocol: udp + published: "6084" + target: 5084 + - mode: ingress + protocol: udp + published: "6085" + target: 5085 + - mode: ingress + protocol: udp + published: "6086" + target: 5086 + - mode: ingress + protocol: udp + published: "6087" + target: 5087 + - mode: ingress + protocol: udp + published: "6088" + target: 5088 + - mode: ingress + protocol: udp + published: "6089" + target: 5089 + - mode: ingress + protocol: udp + published: "6090" + target: 5090 + - mode: ingress + protocol: udp + published: "6091" + target: 5091 + - mode: ingress + protocol: udp + published: "6092" + target: 5092 + - mode: ingress + protocol: udp + published: "6093" + target: 5093 + - mode: ingress + protocol: udp + published: "6094" + target: 5094 + - mode: ingress + protocol: udp + published: "6095" + target: 5095 + - mode: ingress + protocol: udp + published: "6096" + target: 5096 + - mode: ingress + protocol: udp + published: "6097" + target: 5097 + - mode: ingress + protocol: udp + published: "6098" + target: 5098 + - mode: ingress + protocol: udp + published: "6099" + target: 5099 + - mode: ingress + protocol: udp + published: "6100" + target: 5100 + - mode: ingress + protocol: udp + published: "6101" + target: 5101 + - mode: ingress + protocol: udp + published: "6102" + target: 5102 + - mode: ingress + protocol: udp + published: "6103" + target: 5103 + - mode: ingress + protocol: udp + published: "6104" + target: 5104 + - mode: ingress + protocol: udp + published: "6105" + target: 5105 + - mode: ingress + protocol: udp + published: "6106" + target: 5106 + - mode: ingress + protocol: udp + published: "6107" + target: 5107 + - mode: ingress + protocol: udp + published: "6108" + target: 5108 + - mode: ingress + protocol: udp + published: "6109" + target: 5109 + - mode: ingress + protocol: udp + published: "6110" + target: 5110 + - mode: ingress + protocol: udp + published: "6111" + target: 5111 + - mode: ingress + protocol: udp + published: "6112" + target: 5112 + - mode: ingress + protocol: udp + published: "6113" + target: 5113 + - mode: ingress + protocol: udp + published: "6114" + target: 5114 + - mode: ingress + protocol: udp + published: "6115" + target: 5115 + - mode: ingress + protocol: udp + published: "6116" + target: 5116 + - mode: ingress + protocol: udp + published: "6117" + target: 5117 + - mode: ingress + protocol: udp + published: "6118" + target: 5118 + - mode: ingress + protocol: udp + published: "6119" + target: 5119 + - mode: ingress + protocol: udp + published: "6120" + target: 5120 + - mode: ingress + protocol: udp + published: "6121" + target: 5121 + - mode: ingress + protocol: udp + published: "6122" + target: 5122 + - mode: ingress + protocol: udp + published: "6123" + target: 5123 + - mode: ingress + protocol: udp + published: "6124" + target: 5124 + - mode: ingress + protocol: udp + published: "6125" + target: 5125 + - mode: ingress + protocol: udp + published: "6126" + target: 5126 + - mode: ingress + protocol: udp + published: "6127" + target: 5127 + - mode: ingress + protocol: udp + published: "6128" + target: 5128 + - mode: ingress + protocol: udp + published: "6129" + target: 5129 + - mode: ingress + protocol: udp + published: "6130" + target: 5130 + - mode: ingress + protocol: udp + published: "6131" + target: 5131 + - mode: ingress + protocol: udp + published: "6132" + target: 5132 + - mode: ingress + protocol: udp + published: "6133" + target: 5133 + - mode: ingress + protocol: udp + published: "6134" + target: 5134 + - mode: ingress + protocol: udp + published: "6135" + target: 5135 + - mode: ingress + protocol: udp + published: "6136" + target: 5136 + - mode: ingress + protocol: udp + published: "6137" + target: 5137 + - mode: ingress + protocol: udp + published: "6138" + target: 5138 + - mode: ingress + protocol: udp + published: "6139" + target: 5139 + - mode: ingress + protocol: udp + published: "6140" + target: 5140 + - mode: ingress + protocol: udp + published: "6141" + target: 5141 + - mode: ingress + protocol: udp + published: "6142" + target: 5142 + - mode: ingress + protocol: udp + published: "6143" + target: 5143 + - mode: ingress + protocol: udp + published: "6144" + target: 5144 + - mode: ingress + protocol: udp + published: "6145" + target: 5145 + - mode: ingress + protocol: udp + published: "6146" + target: 5146 + - mode: ingress + protocol: udp + published: "6147" + target: 5147 + - mode: ingress + protocol: udp + published: "6148" + target: 5148 + - mode: ingress + protocol: udp + published: "6149" + target: 5149 + - mode: ingress + protocol: udp + published: "6150" + target: 5150 + - mode: ingress + protocol: tcp + published: "6000" + target: 5000 + - mode: ingress + protocol: tcp + published: "6001" + target: 5001 + - mode: ingress + protocol: tcp + published: "6002" + target: 5002 + - mode: ingress + protocol: tcp + published: "6003" + target: 5003 + - mode: ingress + protocol: tcp + published: "6004" + target: 5004 + - mode: ingress + protocol: tcp + published: "6005" + target: 5005 + - mode: ingress + protocol: tcp + published: "6006" + target: 5006 + - mode: ingress + protocol: tcp + published: "6007" + target: 5007 + - mode: ingress + protocol: tcp + published: "6008" + target: 5008 + - mode: ingress + protocol: tcp + published: "6009" + target: 5009 + - mode: ingress + protocol: tcp + published: "6010" + target: 5010 + - mode: ingress + protocol: tcp + published: "6011" + target: 5011 + - mode: ingress + protocol: tcp + published: "6012" + target: 5012 + - mode: ingress + protocol: tcp + published: "6013" + target: 5013 + - mode: ingress + protocol: tcp + published: "6014" + target: 5014 + - mode: ingress + protocol: tcp + published: "6015" + target: 5015 + - mode: ingress + protocol: tcp + published: "6016" + target: 5016 + - mode: ingress + protocol: tcp + published: "6017" + target: 5017 + - mode: ingress + protocol: tcp + published: "6018" + target: 5018 + - mode: ingress + protocol: tcp + published: "6019" + target: 5019 + - mode: ingress + protocol: tcp + published: "6020" + target: 5020 + - mode: ingress + protocol: tcp + published: "6021" + target: 5021 + - mode: ingress + protocol: tcp + published: "6022" + target: 5022 + - mode: ingress + protocol: tcp + published: "6023" + target: 5023 + - mode: ingress + protocol: tcp + published: "6024" + target: 5024 + - mode: ingress + protocol: tcp + published: "6025" + target: 5025 + - mode: ingress + protocol: tcp + published: "6026" + target: 5026 + - mode: ingress + protocol: tcp + published: "6027" + target: 5027 + - mode: ingress + protocol: tcp + published: "6028" + target: 5028 + - mode: ingress + protocol: tcp + published: "6029" + target: 5029 + - mode: ingress + protocol: tcp + published: "6030" + target: 5030 + - mode: ingress + protocol: tcp + published: "6031" + target: 5031 + - mode: ingress + protocol: tcp + published: "6032" + target: 5032 + - mode: ingress + protocol: tcp + published: "6033" + target: 5033 + - mode: ingress + protocol: tcp + published: "6034" + target: 5034 + - mode: ingress + protocol: tcp + published: "6035" + target: 5035 + - mode: ingress + protocol: tcp + published: "6036" + target: 5036 + - mode: ingress + protocol: tcp + published: "6037" + target: 5037 + - mode: ingress + protocol: tcp + published: "6038" + target: 5038 + - mode: ingress + protocol: tcp + published: "6039" + target: 5039 + - mode: ingress + protocol: tcp + published: "6040" + target: 5040 + - mode: ingress + protocol: tcp + published: "6041" + target: 5041 + - mode: ingress + protocol: tcp + published: "6042" + target: 5042 + - mode: ingress + protocol: tcp + published: "6043" + target: 5043 + - mode: ingress + protocol: tcp + published: "6044" + target: 5044 + - mode: ingress + protocol: tcp + published: "6045" + target: 5045 + - mode: ingress + protocol: tcp + published: "6046" + target: 5046 + - mode: ingress + protocol: tcp + published: "6047" + target: 5047 + - mode: ingress + protocol: tcp + published: "6048" + target: 5048 + - mode: ingress + protocol: tcp + published: "6049" + target: 5049 + - mode: ingress + protocol: tcp + published: "6050" + target: 5050 + - mode: ingress + protocol: tcp + published: "6051" + target: 5051 + - mode: ingress + protocol: tcp + published: "6052" + target: 5052 + - mode: ingress + protocol: tcp + published: "6053" + target: 5053 + - mode: ingress + protocol: tcp + published: "6054" + target: 5054 + - mode: ingress + protocol: tcp + published: "6055" + target: 5055 + - mode: ingress + protocol: tcp + published: "6056" + target: 5056 + - mode: ingress + protocol: tcp + published: "6057" + target: 5057 + - mode: ingress + protocol: tcp + published: "6058" + target: 5058 + - mode: ingress + protocol: tcp + published: "6059" + target: 5059 + - mode: ingress + protocol: tcp + published: "6060" + target: 5060 + - mode: ingress + protocol: tcp + published: "6061" + target: 5061 + - mode: ingress + protocol: tcp + published: "6062" + target: 5062 + - mode: ingress + protocol: tcp + published: "6063" + target: 5063 + - mode: ingress + protocol: tcp + published: "6064" + target: 5064 + - mode: ingress + protocol: tcp + published: "6065" + target: 5065 + - mode: ingress + protocol: tcp + published: "6066" + target: 5066 + - mode: ingress + protocol: tcp + published: "6067" + target: 5067 + - mode: ingress + protocol: tcp + published: "6068" + target: 5068 + - mode: ingress + protocol: tcp + published: "6069" + target: 5069 + - mode: ingress + protocol: tcp + published: "6070" + target: 5070 + - mode: ingress + protocol: tcp + published: "6071" + target: 5071 + - mode: ingress + protocol: tcp + published: "6072" + target: 5072 + - mode: ingress + protocol: tcp + published: "6073" + target: 5073 + - mode: ingress + protocol: tcp + published: "6074" + target: 5074 + - mode: ingress + protocol: tcp + published: "6075" + target: 5075 + - mode: ingress + protocol: tcp + published: "6076" + target: 5076 + - mode: ingress + protocol: tcp + published: "6077" + target: 5077 + - mode: ingress + protocol: tcp + published: "6078" + target: 5078 + - mode: ingress + protocol: tcp + published: "6079" + target: 5079 + - mode: ingress + protocol: tcp + published: "6080" + target: 5080 + - mode: ingress + protocol: tcp + published: "6081" + target: 5081 + - mode: ingress + protocol: tcp + published: "6082" + target: 5082 + - mode: ingress + protocol: tcp + published: "6083" + target: 5083 + - mode: ingress + protocol: tcp + published: "6084" + target: 5084 + - mode: ingress + protocol: tcp + published: "6085" + target: 5085 + - mode: ingress + protocol: tcp + published: "6086" + target: 5086 + - mode: ingress + protocol: tcp + published: "6087" + target: 5087 + - mode: ingress + protocol: tcp + published: "6088" + target: 5088 + - mode: ingress + protocol: tcp + published: "6089" + target: 5089 + - mode: ingress + protocol: tcp + published: "6090" + target: 5090 + - mode: ingress + protocol: tcp + published: "6091" + target: 5091 + - mode: ingress + protocol: tcp + published: "6092" + target: 5092 + - mode: ingress + protocol: tcp + published: "6093" + target: 5093 + - mode: ingress + protocol: tcp + published: "6094" + target: 5094 + - mode: ingress + protocol: tcp + published: "6095" + target: 5095 + - mode: ingress + protocol: tcp + published: "6096" + target: 5096 + - mode: ingress + protocol: tcp + published: "6097" + target: 5097 + - mode: ingress + protocol: tcp + published: "6098" + target: 5098 + - mode: ingress + protocol: tcp + published: "6099" + target: 5099 + - mode: ingress + protocol: tcp + published: "6100" + target: 5100 + - mode: ingress + protocol: tcp + published: "6101" + target: 5101 + - mode: ingress + protocol: tcp + published: "6102" + target: 5102 + - mode: ingress + protocol: tcp + published: "6103" + target: 5103 + - mode: ingress + protocol: tcp + published: "6104" + target: 5104 + - mode: ingress + protocol: tcp + published: "6105" + target: 5105 + - mode: ingress + protocol: tcp + published: "6106" + target: 5106 + - mode: ingress + protocol: tcp + published: "6107" + target: 5107 + - mode: ingress + protocol: tcp + published: "6108" + target: 5108 + - mode: ingress + protocol: tcp + published: "6109" + target: 5109 + - mode: ingress + protocol: tcp + published: "6110" + target: 5110 + - mode: ingress + protocol: tcp + published: "6111" + target: 5111 + - mode: ingress + protocol: tcp + published: "6112" + target: 5112 + - mode: ingress + protocol: tcp + published: "6113" + target: 5113 + - mode: ingress + protocol: tcp + published: "6114" + target: 5114 + - mode: ingress + protocol: tcp + published: "6115" + target: 5115 + - mode: ingress + protocol: tcp + published: "6116" + target: 5116 + - mode: ingress + protocol: tcp + published: "6117" + target: 5117 + - mode: ingress + protocol: tcp + published: "6118" + target: 5118 + - mode: ingress + protocol: tcp + published: "6119" + target: 5119 + - mode: ingress + protocol: tcp + published: "6120" + target: 5120 + - mode: ingress + protocol: tcp + published: "6121" + target: 5121 + - mode: ingress + protocol: tcp + published: "6122" + target: 5122 + - mode: ingress + protocol: tcp + published: "6123" + target: 5123 + - mode: ingress + protocol: tcp + published: "6124" + target: 5124 + - mode: ingress + protocol: tcp + published: "6125" + target: 5125 + - mode: ingress + protocol: tcp + published: "6126" + target: 5126 + - mode: ingress + protocol: tcp + published: "6127" + target: 5127 + - mode: ingress + protocol: tcp + published: "6128" + target: 5128 + - mode: ingress + protocol: tcp + published: "6129" + target: 5129 + - mode: ingress + protocol: tcp + published: "6130" + target: 5130 + - mode: ingress + protocol: tcp + published: "6131" + target: 5131 + - mode: ingress + protocol: tcp + published: "6132" + target: 5132 + - mode: ingress + protocol: tcp + published: "6133" + target: 5133 + - mode: ingress + protocol: tcp + published: "6134" + target: 5134 + - mode: ingress + protocol: tcp + published: "6135" + target: 5135 + - mode: ingress + protocol: tcp + published: "6136" + target: 5136 + - mode: ingress + protocol: tcp + published: "6137" + target: 5137 + - mode: ingress + protocol: tcp + published: "6138" + target: 5138 + - mode: ingress + protocol: tcp + published: "6139" + target: 5139 + - mode: ingress + protocol: tcp + published: "6140" + target: 5140 + - mode: ingress + protocol: tcp + published: "6141" + target: 5141 + - mode: ingress + protocol: tcp + published: "6142" + target: 5142 + - mode: ingress + protocol: tcp + published: "6143" + target: 5143 + - mode: ingress + protocol: tcp + published: "6144" + target: 5144 + - mode: ingress + protocol: tcp + published: "6145" + target: 5145 + - mode: ingress + protocol: tcp + published: "6146" + target: 5146 + - mode: ingress + protocol: tcp + published: "6147" + target: 5147 + - mode: ingress + protocol: tcp + published: "6148" + target: 5148 + - mode: ingress + protocol: tcp + published: "6149" + target: 5149 + - mode: ingress + protocol: tcp + published: "6150" + target: 5150 + - mode: ingress + protocol: tcp + published: "8082" + target: 8082 + restart: unless-stopped + volumes: + - read_only: true + source: ${DOCKER_VOLUME_CONFIG}/traccar/traccar.xml + target: /opt/traccar/conf/traccar.xml + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/traccar/logs + target: /opt/traccar/logs + type: volume + volume: {} + traccar-pg: + container_name: traccar-pg + environment: + - POSTGRES_PASSWORD=${TRACCAR_POSTGRES_PASSWORD} + - POSTGRES_USER=${TRACCAR_POSTGRES_USER} + - POSTGRES_DB=${TRACCAR_POSTGRES_DATABASE} + expose: + - 5432 + image: postgres:16-alpine + networks: + default: null + restart: unless-stopped + volumes: + - source: traccar-pg + target: /var/lib/postgresql/data + type: volume + volume: {} + unmanic: + container_name: unmanic + environment: + - DOCKER_MODS=linuxserver/mods:universal-docker|linuxserver/mods:universal-stdout-logs + - PUID=${PUID} + - PGID=${PGID} + - LOGS_TO_STDOUT=/config/.unmanic/logs/unmanic.log + image: josh5/unmanic:latest + labels: + - homepage.group=Media Library + - homepage.name=Unmanic + - homepage.href=https://unmanic.trez.wtf + - homepage.icon=unmanic.png + - homepage.description=Library Optimizer + - homepage.widget.type=unmanic + - homepage.widget.url=http://unmanic:8888 + - swag=enable + - swag_port=8888 + - swag_url=unmanic.trez.wtf + - swag_proto=http + - swag.uptime-kuma.enabled=true + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8911" + target: 8888 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/unmanic + target: /config + type: volume + volume: {} + - source: ${DOCKER_VOLUME_STORAGE} + target: /library + type: volume + volume: {} + - source: unmanic-cache + target: /tmp/unmanic + type: volume + volume: {} + uptimekuma: + container_name: uptimekuma + environment: + - PGID=1000 + - PUID=1000 + - TZ=America/New_York + - UPTIME_KUMA_USERNAME=${UPTIME_KUMA_USERNAME} + - UPTIME_KUMA_PASSWORD=${UPTIME_KUMA_PASSWORD} + - DOCKER_HOST=http://dockerproxy:2375 + - DOCKER_MODS=ghcr.io/themepark-dev/theme.park:uptime-kuma + hostname: Rinoa + image: louislam/uptime-kuma:latest + labels: + - homepage.group=Infrastructure/App Performance Monitoring + - homepage.name=Uptime Kuma + - homepage.href=https://uptime.trez.wtf + - homepage.icon=uptime-kuma.png + - homepage.description=HTTP Endpoint Monitoring + - swag=enable + - swag_proto=http + - swag_url=uptime.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3003" + target: 3001 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/uptimekuma + target: /app/data + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + vault: + cap_add: + - IPC_LOCK + command: + - server + container_name: hc-vault + environment: + - AWS_ACCESS_KEY_ID=${VAULT_HASHICORP_AWS_ACCESS_KEY_ID} + - AWS_SECRET_ACCESS_KEY=${VAULT_HASHICORP_AWS_SECRET_ACCESS_KEY} + image: hashicorp/vault:latest + labels: + - homepage.group=Code + - homepage.name=Vault + - homepage.icon=vault.png + - homepage.href=https://vault.trez.wtf + - homepage.description=Hashicorp Vault for secrets, key/value stores, etc. + - swag=enable + - swag_proto=http + - swag_port=8200 + - swag_address=hc-vault + - swag_url=vault.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://vault.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8200" + target: 8200 + - mode: ingress + protocol: tcp + published: "8250" + target: 8250 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/config/ + target: /vault/config + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/logs/ + target: /vault/logs + type: volume + volume: {} + wallabag: + container_name: wallabag + depends_on: + mariadb: + condition: service_started + required: true + redis: + condition: service_started + required: true + environment: + - SYMFONY__ENV__DATABASE_DRIVER=pdo_mysql + - SYMFONY__ENV__DATABASE_HOST=mariadb + - SYMFONY__ENV__DATABASE_PORT=3306 + - SYMFONY__ENV__DATABASE_NAME=${WALLABAG_DB} + - SYMFONY__ENV__DATABASE_USER=${WALLABAG_DB} + - SYMFONY__ENV__DATABASE_PASSWORD=${WALLABAG_DB_PASSWORD} + - SYMFONY__ENV__DATABASE_CHARSET=utf8 + - SYMFONY__ENV__DATABASE_TABLE_PREFIX="wallabag_" + - SYMFONY__ENV__MAILER_DSN=smtp://postal-smtp + - SYMFONY__ENV__FROM_EMAIL=noreply@trez.wtf + - SYMFONY__ENV__DOMAIN_NAME=https://wallabag.trez.wtf + - SYMFONY__ENV__SERVER_NAME="Wallabag @ Rinoa" + - SYMFONY__ENV__REDIS_HOST=redis + - SYMFONY__ENV__REDIS_PORT=6379 + healthcheck: + interval: 1m + test: + - CMD + - wget + - --no-verbose + - --tries=1 + - --spider + - http://localhost + timeout: 3s + image: wallabag/wallabag + labels: + - swag=enable + - swag_address=wallabag + - swag_proto=http + - swag.uptime-kuma.enabled=true + - homepage.group=Lifestyle + - homepage.name=Wallabag + - homepage.href=https://wallabag.trez.wtf + - homepage.icon=wallabag.png + - homepage.description=Knowledge Store + networks: + default: null + ports: + - mode: ingress + protocol: tcp + target: 80 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/wallabag/images + target: /var/www/wallabag/web/assets/images + type: volume + volume: {} + wallos: + container_name: wallos + environment: + TZ: ${TZ} + image: bellamy/wallos:latest + labels: + - homepage.group=Lifestyle + - homepage.name=wallos + - homepage.href=https://subs.trez.wtf + - homepage.icon=wallos.png + - homepage.description=Subscription Tracking + - swag=enable + - swag_proto=http + - swag_url=subs.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://trac.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8283" + target: 80 + restart: unless-stopped + volumes: + - source: wallos-db + target: /var/www/html/db + type: volume + volume: {} + - source: wallos-logos + target: /var/www/html/images/uploads/logos + type: volume + volume: {} + watchtower: + container_name: watchtower + environment: + - REPO_PASS= + - REPO_USER= + - TZ=America/New_York + - WATCHTOWER_CLEANUP=true + - WATCHTOWER_INCLUDE_STOPPED=false + - WATCHTOWER_MONITOR_ONLY=false + - WATCHTOWER_NOTIFICATIONS=gotify + - WATCHTOWER_NOTIFICATIONS_LEVEL=info + - WATCHTOWER_NOTIFICATION_TEMPLATE={{range .}}{{.Message}}{{println}}{{end}} + - WATCHTOWER_NOTIFICATION_URL= + - WATCHTOWER_SCHEDULE=0 0 4 * * * + - WATCHTOWER_TIMEOUT=30s + - WATCHTOWER_HTTP_API_METRICS=true + - WATCHTOWER_HTTP_API_TOKEN=${WATCHTOWER_HTTP_API_TOKEN} + - WATCHTOWER_NOTIFICATION_GOTIFY_URL=${WATCHTOWER_NOTIFICATION_GOTIFY_URL} + - WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN=${WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN} + - WATCHTOWER_NOTIFICATION_GOTIFY_TLS_SKIP_VERIFY=true + expose: + - 8080 + hostname: Rinoa + image: ghcr.io/containrrr/watchtower:latest + labels: + - homepage.group=Automation + - homepage.name=Watchtower + - homepage.icon=watchtower.svg + - homepage.description=Container-based solution for automating Docker container base image updates + - homepage.widget.type=watchtower + - homepage.widget.url=http://watchtower:8080 + - homepage.widget.key=${WATCHTOWER_HTTP_API_TOKEN} + networks: + default: null + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + - bind: + create_host_path: true + source: /var/run/docker.sock + target: /var/run/docker.sock + type: bind + watchyourlan: + container_name: watchyourlan + environment: + DBPATH: /data/db.sqlite + GUIIP: 0.0.0.0 + GUIPORT: "8840" + IFACE: eno4 + IGNOREIP: "no" + SHOUTRRR_URL: "" + THEME: darkly + TIMEOUT: "120" + TZ: America/New_York + image: aceberg/watchyourlan + labels: + - homepage.group=Infrastructure/App Performance Monitoring + - homepage.name=WatchYourLAN + - homepage.href=https://wyl.trez.wtf + - homepage.icon=watchyourlan.png + - homepage.description=Lightweight network IP scanner + - swag=enable + - swag_proto=http + - swag_url=wyl.trez + - swag_port=8840 + network_mode: host + ports: + - mode: ingress + protocol: tcp + published: "8840" + target: 8840 + restart: unless-stopped + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/watchyourlan + target: /data + type: volume + volume: {} + wazuh.agent: + container_name: wazuh.agent + environment: + - JOIN_MANAGER_PROTOCOL=https + - JOIN_MANAGER_MASTER_HOST=wazuh.manager + - JOIN_MANAGER_WORKER_HOST=wazuh.manager + - JOIN_MANAGER_USER=wazuh-wui + - JOIN_MANAGER_PASSWORD=${WAZUH_API_PASSWORD} + - JOIN_MANAGER_API_PORT=55000 + - JOIN_MANAGER_PORT=1514 + - VIRUS_TOTAL_KEY=${VIRUS_TOTAL_API_KEY} + - DOCKER_HOST=tcp://dockerproxy:2375 + hostname: wazuh.agent + image: opennix/wazuh-agent:latest + networks: + default: null + restart: unless-stopped + wazuh.dashboard: + container_name: wazuh.dashboard + depends_on: + wazuh.indexer: + condition: service_started + required: true + wazuh.manager: + condition: service_started + required: true + restart: true + environment: + - INDEXER_USERNAME=admin + - INDEXER_PASSWORD=${WAZUH_INDEXER_PASSWORD} + - WAZUH_API_URL=https://wazuh.manager + - DASHBOARD_USERNAME=kibanaserver + - DASHBOARD_PASSWORD=${WAZUH_KIBANA_PASSWORD} + - API_USERNAME=wazuh-wui + - API_PASSWORD=${WAZUH_API_PASSWORD} + hostname: wazuh.dashboard + image: wazuh/wazuh-dashboard:${WAZUH_VERSION} + labels: + - swag=enable + - swag_proto=https + - swag_port=5601 + - swag_url=wsec.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://wsec.trez.wtf + - homepage.group=Privacy/Security + - homepage.name=Wazuh + - homepage.href=https://wsec.trez.wtf + - homepage.icon=wazuh-opaque.png + - homepage.description=OSS Security Platform for XDR/SIEM + links: + - wazuh.indexer:wazuh.indexer + - wazuh.manager:wazuh.manager + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "5601" + target: 5601 + restart: always + volumes: + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/certs/wazuh.dashboard.pem + target: /usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/certs/wazuh.dashboard-key.pem + target: /usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/certs/root-ca.pem + target: /usr/share/wazuh-dashboard/certs/root-ca.pem + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/config/opensearch_dashboards.yml + target: /usr/share/wazuh-dashboard/config/opensearch_dashboards.yml + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/config/wazuh.yml + target: /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml + type: volume + volume: {} + - source: wazuh-dashboard-config + target: /usr/share/wazuh-dashboard/data/wazuh/config + type: volume + volume: {} + - source: wazuh-dashboard-custom + target: /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom + type: volume + volume: {} + wazuh.indexer: + container_name: wazuh.indexer + environment: + - OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m + hostname: wazuh.indexer + image: wazuh/wazuh-indexer:${WAZUH_VERSION} + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "9200" + target: 9200 + restart: always + ulimits: + memlock: + hard: -1 + soft: -1 + nofile: + hard: 65536 + soft: 65536 + volumes: + - source: wazuh-indexer-data + target: /var/lib/wazuh-indexer + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/certs/root-ca.pem + target: /usr/share/wazuh-indexer/certs/root-ca.pem + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/certs/wazuh.indexer-key.pem + target: /usr/share/wazuh-indexer/certs/wazuh.indexer.key + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/certs/wazuh.indexer.pem + target: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/certs/admin.pem + target: /usr/share/wazuh-indexer/certs/admin.pem + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/certs/admin-key.pem + target: /usr/share/wazuh-indexer/certs/admin-key.pem + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/config/wazuh.indexer.yml + target: /usr/share/wazuh-indexer/opensearch.yml + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/config/internal_users.yml + target: /usr/share/wazuh-indexer/opensearch-security/internal_users.yml + type: volume + volume: {} + wazuh.manager: + container_name: wazuh.manager + environment: + - INDEXER_URL=https://wazuh.indexer:9200 + - INDEXER_USERNAME=admin + - INDEXER_PASSWORD=${WAZUH_INDEXER_PASSWORD} + - FILEBEAT_SSL_VERIFICATION_MODE=full + - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem + - SSL_CERTIFICATE=/etc/ssl/filebeat.pem + - SSL_KEY=/etc/ssl/filebeat.key + - API_USERNAME=wazuh-wui + - API_PASSWORD=${WAZUH_API_PASSWORD} + hostname: wazuh.manager + image: wazuh/wazuh-manager:${WAZUH_VERSION} + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "1514" + target: 1514 + - mode: ingress + protocol: tcp + published: "1515" + target: 1515 + - mode: ingress + protocol: udp + published: "514" + target: 514 + - mode: ingress + protocol: tcp + published: "55000" + target: 55000 + restart: always + ulimits: + memlock: + hard: -1 + soft: -1 + nofile: + hard: 655360 + soft: 655360 + volumes: + - source: wazuh_api_configuration + target: /var/ossec/api/configuration + type: volume + volume: {} + - source: wazuh_etc + target: /var/ossec/etc + type: volume + volume: {} + - source: wazuh_logs + target: /var/ossec/logs + type: volume + volume: {} + - source: wazuh_queue + target: /var/ossec/queue + type: volume + volume: {} + - source: wazuh_var_multigroups + target: /var/ossec/var/multigroups + type: volume + volume: {} + - source: wazuh_integrations + target: /var/ossec/integrations + type: volume + volume: {} + - source: wazuh_active_response + target: /var/ossec/active-response/bin + type: volume + volume: {} + - source: wazuh_agentless + target: /var/ossec/agentless + type: volume + volume: {} + - source: wazuh_wodles + target: /var/ossec/wodles + type: volume + volume: {} + - source: filebeat_etc + target: /etc/filebeat + type: volume + volume: {} + - source: filebeat_var + target: /var/lib/filebeat + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/manager/certs/root-ca.pem + target: /etc/ssl/root-ca.pem + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/manager/certs/wazuh.manager.pem + target: /etc/ssl/filebeat.pem + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/manager/certs/wazuh.manager-key.pem + target: /etc/ssl/filebeat.key + type: volume + volume: {} + - source: ${DOCKER_VOLUME_CONFIG}/wazuh/manager/config/wazuh_manager.conf + target: /wazuh-config-mount/etc/ossec.conf + type: volume + volume: {} + web-check: + container_name: web-check + image: lissy93/web-check + labels: + - homepage.group=Privacy/Security + - homepage.name=Web-Check + - homepage.icon=web-check.png + - homepage.href=https://scan.trez.wtf + - homepage.description=Site scanner for attack vectors, architecture, security configs, and more + - swag=enable + - swag_proto=http + - swag_url=scan.trez.wtf + - swag_port=3000 + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://scan.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "3010" + target: 3000 + restart: unless-stopped + whodb: + container_name: whodb + environment: + WHODB_MONGODB_1: null + WHODB_MYSQL_1: null + image: clidey/whodb + labels: + - homepage.group=System Administration + - homepage.name=WhoDB + - homepage.href=https://dbs.trez.wtf + - homepage.icon=/icons/whodb.png + - homepage.description=Web-based DB management + - swag=enable + - swag_proto=http + - swag_port=8080 + - swag_url=dbs.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://dbs.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8900" + target: 8080 + restart: unless-stopped + your_spotify: + container_name: your_spotify + environment: + - PUID=1000 + - PGID=1000 + - TZ=${TZ} + - APP_URL=https://myspotify.trez.wtf + - SPOTIFY_PUBLIC=${YOUR_SPOTIFY_ID} + - SPOTIFY_SECRET=${YOUR_SPOTIFY_SECRET} + - CORS=all + - MONGO_ENDPOINT=mongodb://host.docker.internal:27017,host.docker.internal:27018,host.docker.internal:27019/your_spotify + - LOG_LEVEL=debug + expose: + - 8080 + extra_hosts: + - host.docker.internal:host-gateway + image: lscr.io/linuxserver/your_spotify:latest + labels: + - homepage.group=Media Library + - homepage.name=Your Spotify + - homepage.icon=your-spotify.svg + - homepage.href=https://myspotify.trez.wtf + - homepage.description=Personal Spotify Tracking + - swag=enable + - swag_proto=https + - swag_url=myspotify.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://myspotify.trez.wtf + networks: + default: null + ports: + - ${YOUR_SPOTIFY_PORT_80}:80 + - ${YOUR_SPOTIFY_PORT_443}:443 + restart: always + youtubedl: + container_name: youtubedl + environment: + PGID: "1000" + PUID: "1000" + TZ: America/New_York + YDL_CONFIG_PATH: /youtube-dl/config.yml + YDL_DEBUG: "false" + hostname: Rinoa + image: nbr23/youtube-dl-server:latest + labels: + - homepage.group=Downloaders + - homepage.name=YoutubeDL + - homepage.icon=youtubedl.png + - homepage.href=https://ytdl.trez.wtf + - homepage.description=YouTube Downloader + - swag=enable + - swag_proto=http + - swag_url=ytdl.trez.wtf + - swag_port=8080 + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://ytdl.trez.wtf + networks: + default: null + ports: + - mode: ingress + protocol: tcp + published: "8089" + target: 8080 + restart: unless-stopped + volumes: + - bind: + create_host_path: true + read_only: true + source: /etc/localtime + target: /etc/localtime + type: bind + - bind: + create_host_path: true + source: ${DOCKER_VOLUME_CONFIG}/youtubedl + target: /youtube-dl + type: bind + - bind: + create_host_path: true + source: /rinoa-storage + target: /storage + type: bind + zammad-backup: + command: + - zammad-backup + container_name: zammad-backup + depends_on: + zammad-postgresql: + condition: service_started + required: true + zammad-railsserver: + condition: service_started + required: true + entrypoint: /usr/local/bin/backup.sh + environment: + AUTOWIZARD_JSON: null + AUTOWIZARD_RELATIVE_PATH: null + BACKUP_TIME: "03:00" + ELASTICSEARCH_ENABLED: true + ELASTICSEARCH_HOST: zammad-elasticsearch + ELASTICSEARCH_NAMESPACE: trez_it + ELASTICSEARCH_PORT: 9200 + ELASTICSEARCH_REINDEX: true + ELASTICSEARCH_SCHEMA: http + ELASTICSEARCH_SSL_VERIFY: false + HOLD_DAYS: "10" + MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} + POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} + POSTGRESQL_DB_CREATE: true + POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} + POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} + POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} + POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} + POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} + RAILS_LOG_TO_STDOUT: true + RAILS_TRUSTED_PROXIES: 172.18.0.0/16 + REDIS_URL: ${ZAMMAD_REDIS_URL} + S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true + TZ: Europe/Berlin + ZAMMAD_BIND_IP: 0.0.0.0 + ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null + ZAMMAD_PROCESS_SCHEDULED: null + ZAMMAD_SESSION_JOBS: null + ZAMMAD_WEB_CONCURRENCY: null + image: postgres:${ZAMMAD_POSTGRES_VERSION} + networks: + default: null + restart: ${ZAMMAD_RESTART} + volumes: + - source: zammad-backup + target: /var/tmp/zammad + type: volume + volume: {} + - read_only: true + source: zammad-storage + target: /opt/zammad/storage + type: volume + volume: {} + - read_only: true + source: ${DOCKER_VOLUME_CONFIG}/zammad/scripts/backup.sh + target: /usr/local/bin/backup.sh + type: volume + volume: {} + zammad-elasticsearch: + container_name: zammad-elasticsearch + expose: + - 9200 + image: bitnami/elasticsearch:${ZAMMAD_ELASTICSEARCH_VERSION} + networks: + default: null + restart: ${ZAMMAD_RESTART} + volumes: + - source: zammad-es-data + target: /bitnami/elasticsearch/data + type: volume + volume: {} + zammad-init: + command: + - zammad-init + container_name: zammad-init + depends_on: + zammad-postgresql: + condition: service_started + required: true + environment: + AUTOWIZARD_JSON: null + AUTOWIZARD_RELATIVE_PATH: null + ELASTICSEARCH_ENABLED: true + ELASTICSEARCH_HOST: zammad-elasticsearch + ELASTICSEARCH_NAMESPACE: trez_it + ELASTICSEARCH_PORT: 9200 + ELASTICSEARCH_REINDEX: true + ELASTICSEARCH_SCHEMA: http + ELASTICSEARCH_SSL_VERIFY: false + MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} + POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} + POSTGRESQL_DB_CREATE: true + POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} + POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} + POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} + POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} + POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} + RAILS_LOG_TO_STDOUT: true + RAILS_TRUSTED_PROXIES: 172.18.0.0/16 + REDIS_URL: ${ZAMMAD_REDIS_URL} + S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true + ZAMMAD_BIND_IP: 0.0.0.0 + ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null + ZAMMAD_PROCESS_SCHEDULED: null + ZAMMAD_SESSION_JOBS: null + ZAMMAD_WEB_CONCURRENCY: null + hostname: init + image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} + networks: + default: null + restart: on-failure + user: "0:0" + volumes: + - source: zammad-storage + target: /opt/zammad/storage + type: volume + volume: {} + zammad-memcached: + command: memcached -m 256M + container_name: zammad-memcached + image: memcached:${ZAMMAD_MEMCACHE_VERSION} + networks: + default: null + restart: ${ZAMMAD_RESTART} + zammad-nginx: + command: + - zammad-nginx + container_name: zammad-nginx + depends_on: + zammad-railsserver: + condition: service_started + required: true + environment: + AUTOWIZARD_JSON: null + AUTOWIZARD_RELATIVE_PATH: null + ELASTICSEARCH_ENABLED: true + ELASTICSEARCH_HOST: zammad-elasticsearch + ELASTICSEARCH_NAMESPACE: trez_it + ELASTICSEARCH_PORT: 9200 + ELASTICSEARCH_REINDEX: true + ELASTICSEARCH_SCHEMA: http + ELASTICSEARCH_SSL_VERIFY: false + MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} + POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} + POSTGRESQL_DB_CREATE: true + POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} + POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} + POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} + POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} + POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} + RAILS_LOG_TO_STDOUT: true + RAILS_TRUSTED_PROXIES: 172.18.0.0/16 + REDIS_URL: ${ZAMMAD_REDIS_URL} + S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true + ZAMMAD_BIND_IP: 0.0.0.0 + ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null + ZAMMAD_PROCESS_SCHEDULED: null + ZAMMAD_SESSION_JOBS: null + ZAMMAD_WEB_CONCURRENCY: null + expose: + - "8080" + image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} + labels: + - swag=enable + - swag_proto=http + - swag_port=8080 + - swag_url=support.trez.wtf + - swag.uptime-kuma.enabled=true + - swag.uptime-kuma.monitor.url=https://support.trez.wtf + - homepage.group=Professional Services + - homepage.name=Zammad + - homepage.href=https://support.trez.wtf + - homepage.icon=zammad.svg + - homepage.description=Open-source helpdesk/customer support system + networks: + default: null + restart: ${ZAMMAD_RESTART} + volumes: + - source: zammad-storage + target: /opt/zammad/storage + type: volume + volume: {} + zammad-postgresql: + container_name: zammad-postgresql + environment: + POSTGRES_DB: ${ZAMMAD_POSTGRES_DB} + POSTGRES_PASSWORD: ${ZAMMAD_POSTGRES_PASS} + POSTGRES_USER: ${ZAMMAD_POSTGRES_USER} + hostname: postgresql + image: postgres:${ZAMMAD_POSTGRES_VERSION} + networks: + default: null + restart: ${ZAMMAD_RESTART} + volumes: + - source: zammad-pg-data + target: /var/lib/postgresql/data + type: volume + volume: {} + zammad-railsserver: + command: + - zammad-railsserver + container_name: zammad-railserver + depends_on: + zammad-memcached: + condition: service_started + required: true + zammad-postgresql: + condition: service_started + required: true + zammad-redis: + condition: service_started + required: true + environment: + AUTOWIZARD_JSON: null + AUTOWIZARD_RELATIVE_PATH: null + ELASTICSEARCH_ENABLED: true + ELASTICSEARCH_HOST: zammad-elasticsearch + ELASTICSEARCH_NAMESPACE: trez_it + ELASTICSEARCH_PORT: 9200 + ELASTICSEARCH_REINDEX: true + ELASTICSEARCH_SCHEMA: http + ELASTICSEARCH_SSL_VERIFY: false + MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} + POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} + POSTGRESQL_DB_CREATE: true + POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} + POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} + POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} + POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} + POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} + RAILS_LOG_TO_STDOUT: true + RAILS_TRUSTED_PROXIES: 172.18.0.0/16 + REDIS_URL: ${ZAMMAD_REDIS_URL} + S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true + ZAMMAD_BIND_IP: 0.0.0.0 + ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null + ZAMMAD_PROCESS_SCHEDULED: null + ZAMMAD_SESSION_JOBS: null + ZAMMAD_WEB_CONCURRENCY: null + image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} + networks: + default: null + restart: ${ZAMMAD_RESTART} + volumes: + - source: zammad-storage + target: /opt/zammad/storage + type: volume + volume: {} + zammad-redis: + container_name: zammad-redis + image: redis:${ZAMMAD_REDIS_VERSION} + networks: + default: null + restart: ${ZAMMAD_RESTART} + volumes: + - source: zammad-redis-data + target: /data + type: volume + volume: {} + zammad-scheduler: + command: + - zammad-scheduler + container_name: zammad-scheduler + depends_on: + zammad-memcached: + condition: service_started + required: true + zammad-postgresql: + condition: service_started + required: true + zammad-redis: + condition: service_started + required: true + environment: + AUTOWIZARD_JSON: null + AUTOWIZARD_RELATIVE_PATH: null + ELASTICSEARCH_ENABLED: true + ELASTICSEARCH_HOST: zammad-elasticsearch + ELASTICSEARCH_NAMESPACE: trez_it + ELASTICSEARCH_PORT: 9200 + ELASTICSEARCH_REINDEX: true + ELASTICSEARCH_SCHEMA: http + ELASTICSEARCH_SSL_VERIFY: false + MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} + POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} + POSTGRESQL_DB_CREATE: true + POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} + POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} + POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} + POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} + POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} + RAILS_LOG_TO_STDOUT: true + RAILS_TRUSTED_PROXIES: 172.18.0.0/16 + REDIS_URL: ${ZAMMAD_REDIS_URL} + S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true + ZAMMAD_BIND_IP: 0.0.0.0 + ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null + ZAMMAD_PROCESS_SCHEDULED: null + ZAMMAD_SESSION_JOBS: null + ZAMMAD_WEB_CONCURRENCY: null + image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} + networks: + default: null + restart: ${ZAMMAD_RESTART} + volumes: + - source: zammad-storage + target: /opt/zammad/storage + type: volume + volume: {} + zammad-websocket: + command: + - zammad-websocket + container_name: zammad-websocket + depends_on: + zammad-memcached: + condition: service_started + required: true + zammad-postgresql: + condition: service_started + required: true + zammad-redis: + condition: service_started + required: true + environment: + AUTOWIZARD_JSON: null + AUTOWIZARD_RELATIVE_PATH: null + ELASTICSEARCH_ENABLED: true + ELASTICSEARCH_HOST: zammad-elasticsearch + ELASTICSEARCH_NAMESPACE: trez_it + ELASTICSEARCH_PORT: 9200 + ELASTICSEARCH_REINDEX: true + ELASTICSEARCH_SCHEMA: http + ELASTICSEARCH_SSL_VERIFY: false + MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} + POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} + POSTGRESQL_DB_CREATE: true + POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} + POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} + POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} + POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} + POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} + RAILS_LOG_TO_STDOUT: true + RAILS_TRUSTED_PROXIES: 172.18.0.0/16 + REDIS_URL: ${ZAMMAD_REDIS_URL} + S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true + ZAMMAD_BIND_IP: 0.0.0.0 + ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null + ZAMMAD_PROCESS_SCHEDULED: null + ZAMMAD_SESSION_JOBS: null + ZAMMAD_WEB_CONCURRENCY: null + image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} + networks: + default: null + restart: ${ZAMMAD_RESTART} + volumes: + - source: zammad-storage + target: /opt/zammad/storage + type: volume + volume: {} +volumes: + authelia-pg-db: + name: compose_authelia-pg-db + bitmagnet-pgsql: + name: compose_bitmagnet-pgsql + crowdsec-config: + name: compose_crowdsec-config + crowdsec-db: + name: compose_crowdsec-db + dagu_config: + name: compose_dagu_config + dagu_data: + name: compose_dagu_data + fastenhealth-cache: + name: compose_fastenhealth-cache + fastenhealth-db: + name: compose_fastenhealth-db + filebeat_etc: + name: compose_filebeat_etc + filebeat_var: + name: compose_filebeat_var + gitea-pg-db: + name: compose_gitea-pg-db + grafana-mimir-data: + name: compose_grafana-mimir-data + grafana-tempo-data: + name: compose_grafana-tempo-data + hortusfox_app_backup: + name: compose_hortusfox_app_backup + hortusfox_app_images: + name: compose_hortusfox_app_images + hortusfox_app_logs: + name: compose_hortusfox_app_logs + hortusfox_app_migrate: + name: compose_hortusfox_app_migrate + hortusfox_app_themes: + name: compose_hortusfox_app_themes + hortusfox_db_data: + name: compose_hortusfox_db_data + invidious-postgres: + name: compose_invidious-postgres + invoice_ninja_public: + name: compose_invoice_ninja_public + jitsi-web-admin-theme: + name: compose_jitsi-web-admin-theme + jitsi-web-admin-upload: + name: compose_jitsi-web-admin-upload + joplin_data: + name: compose_joplin_data + lldap_data: + name: compose_lldap_data + localai_data: + name: compose_localai_data + mattermost-postgres: + name: compose_mattermost-postgres + maybe-app: + name: compose_maybe-app + maybe-pg-db: + name: compose_maybe-pg-db + medusajs_backend_node_modules: + name: compose_medusajs_backend_node_modules + medusajs_postgres_data: + name: compose_medusajs_postgres_data + medusajs_redis_data: + name: compose_medusajs_redis_data + medusajs_storefront_node_modules: + name: compose_medusajs_storefront_node_modules + mongo1_config: + name: compose_mongo1_config + mongo1_data: + name: compose_mongo1_data + mongo2_config: + name: compose_mongo2_config + mongo2_data: + name: compose_mongo2_data + mongo3_config: + name: compose_mongo3_config + mongo3_data: + name: compose_mongo3_data + ollama: + name: compose_ollama + paperless-ngx-data: + name: compose_paperless-ngx-data + paperless-ngx-media: + name: compose_paperless-ngx-media + paperless-ngx-pg: + name: compose_paperless-ngx-pg + plausible-db-data: + name: compose_plausible-db-data + plausible-event-data: + name: compose_plausible-event-data + plausible-event-logs: + name: compose_plausible-event-logs + reactive-resume-pg: + name: compose_reactive-resume-pg + rustdesk-data: + name: compose_rustdesk-data + tandoor-pg: + name: compose_tandoor-pg + traccar-pg: + name: compose_traccar-pg + unmanic-cache: + name: compose_unmanic-cache + wallos-db: + name: compose_wallos-db + wallos-logos: + name: compose_wallos-logos + wazuh-dashboard-config: + name: compose_wazuh-dashboard-config + wazuh-dashboard-custom: + name: compose_wazuh-dashboard-custom + wazuh-indexer-data: + name: compose_wazuh-indexer-data + wazuh_active_response: + name: compose_wazuh_active_response + wazuh_agentless: + name: compose_wazuh_agentless + wazuh_api_configuration: + name: compose_wazuh_api_configuration + wazuh_etc: + name: compose_wazuh_etc + wazuh_integrations: + name: compose_wazuh_integrations + wazuh_logs: + name: compose_wazuh_logs + wazuh_queue: + name: compose_wazuh_queue + wazuh_var_multigroups: + name: compose_wazuh_var_multigroups + wazuh_wodles: + name: compose_wazuh_wodles + zammad-backup: + driver: local + name: compose_zammad-backup + zammad-es-data: + driver: local + name: compose_zammad-es-data + zammad-pg-data: + driver: local + name: compose_zammad-pg-data + zammad-redis-data: + driver: local + name: compose_zammad-redis-data + zammad-storage: + driver: local + name: compose_zammad-storage +x-shared: + zammad-service: + depends_on: + - zammad-memcached + - zammad-postgresql + - zammad-redis + environment: + AUTOWIZARD_JSON: null + AUTOWIZARD_RELATIVE_PATH: null + ELASTICSEARCH_ENABLED: true + ELASTICSEARCH_HOST: zammad-elasticsearch + ELASTICSEARCH_NAMESPACE: trez_it + ELASTICSEARCH_PORT: 9200 + ELASTICSEARCH_REINDEX: true + ELASTICSEARCH_SCHEMA: http + ELASTICSEARCH_SSL_VERIFY: false + MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} + POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} + POSTGRESQL_DB_CREATE: true + POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} + POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} + POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} + POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} + POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} + RAILS_LOG_TO_STDOUT: true + RAILS_TRUSTED_PROXIES: 172.18.0.0/16 + REDIS_URL: ${ZAMMAD_REDIS_URL} + S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true + ZAMMAD_BIND_IP: 0.0.0.0 + ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null + ZAMMAD_PROCESS_SCHEDULED: null + ZAMMAD_SESSION_JOBS: null + ZAMMAD_WEB_CONCURRENCY: null + image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} + restart: ${ZAMMAD_RESTART} + volumes: + - zammad-storage:/opt/zammad/storage diff --git a/docker/rinoa.env-example b/docker/rinoa.env-example new file mode 100644 index 00000000..51a12a2b --- /dev/null +++ b/docker/rinoa.env-example @@ -0,0 +1,832 @@ +# Global Settings='' +COMPOSE_HTTP_TIMEOUT='' +DOCKER_GID='' +DOCKER_HOSTNAME='' +DOCKER_VOLUME_CONFIG='' +DOCKER_VOLUME_STORAGE='' +PGID='' +PUID='' +TZ='' +='' +# END OF DEFAULT SETTINGS='' +='' +##='' +## ADDY (User Defined)='' +##='' +ADDY_ANONADDY_ADDITIONAL_USERNAME_LIMIT='' +ADDY_ANONADDY_ADMIN_USERNAME='' +ADDY_ANONADDY_ALL_DOMAINS='' +ADDY_ANONADDY_BANDWIDTH_LIMIT='' +ADDY_ANONADDY_DKIM_SELECTOR='' +ADDY_ANONADDY_DKIM_SIGNING_KEY='' +ADDY_ANONADDY_DNS_RESOLVER='' +ADDY_ANONADDY_DOMAIN='' +ADDY_ANONADDY_HOSTNAME='' +ADDY_ANONADDY_LIMIT='' +ADDY_ANONADDY_NEW_ALIAS_LIMIT='' +ADDY_ANONADDY_RETURN_PATH='' +ADDY_ANONADDY_SECRET='' +ADDY_ANONADDY_SIGNING_KEY_FINGERPRINT='' +ADDY_APP_KEY='' +ADDY_APP_URL='' +ADDY_DB_PASSWORD='' +ADDY_MAIL_ENCRYPTION='' +ADDY_MAIL_FROM_ADDRESS='' +ADDY_MAIL_FROM_NAME='' +ADDY_POSTFIX_DEBUG='' +ADDY_POSTFIX_MESSAGE_SIZE_LIMIT='' +ADDY_POSTFIX_RELAYHOST='' +ADDY_POSTFIX_RELAYHOST_AUTH_ENABLE='' +ADDY_POSTFIX_SMTPD_TLS_CERT_FILE='' +ADDY_POSTFIX_SMTPD_TLS_KEY_FILE='' +ADDY_POSTFIX_SPAMHAUS_DQS_KEY='' +ADDY_REDIS_PASSWORD='' +ADDY_RSPAMD_NO_LOCAL_ADDRS='' +ADDY_RSPAMD_WEB_PASSWORD='' +='' +##='' +## ADGUARD='' +##='' +ADGUARD_CONTAINER_NAME='' +ADGUARD_ENABLED='' +ADGUARD_ENVIRONMENT_SERVERIP='' +ADGUARD_NETWORK_MODE='' +ADGUARD_PORT_3000='' +ADGUARD_PORT_443='' +ADGUARD_PORT_53='' +ADGUARD_PORT_67='' +ADGUARD_PORT_68='' +ADGUARD_PORT_80='' +ADGUARD_PORT_853='' +ADGUARD_RESTART='' +ADGUARD_TAG='' +='' +##='' +## ADGUARD (User Defined)='' +##='' +ADGUARD_CF_TUNNEL_PASSWORD='' +ADGUARD_PASSWORD='' +='' +##='' +## ANYTHINGLLM (User Defined)='' +##='' +ANYTHINGLLM_JWT_SECRET='' +='' +##='' +## APPRISE='' +##='' +APPRISE_CONTAINER_NAME='' +APPRISE_ENABLED='' +APPRISE_NETWORK_MODE='' +APPRISE_PORT_8000='' +APPRISE_RESTART='' +APPRISE_TAG='' +='' +##='' +## AUDIOBOOKSHELF='' +##='' +AUDIOBOOKSHELF_CONTAINER_NAME='' +AUDIOBOOKSHELF_ENABLED='' +AUDIOBOOKSHELF_NETWORK_MODE='' +AUDIOBOOKSHELF_PORT_80='' +AUDIOBOOKSHELF_RESTART='' +AUDIOBOOKSHELF_TAG='' +='' +##='' +## AUDIOBOOKSHELF (User Defined)='' +##='' +AUDIOBOOKSHELF_ROOT_API_KEY='' +='' +##='' +## AUTHELIA (User Defined)='' +##='' +AUTHELIA_AUTH_BIND_LDAP_PASSWORD='' +AUTHELIA_JWT_SECRET='' +AUTHELIA_SESSION_SECRET='' +AUTHELIA_STORAGE_ENCRYPTION_KEY='' +AUTHELIA_STORAGE_POSTGRES_PASSWORD='' +='' +##='' +## BAZARR='' +##='' +BAZARR_CONTAINER_NAME='' +BAZARR_ENABLED='' +BAZARR_NETWORK_MODE='' +BAZARR_PORT_6767='' +BAZARR_RESTART='' +BAZARR_TAG='' +BAZARR_API_KEY='' +##='' +## BITMAGNET (User Defined)='' +##='' +BITMAGNET_POSTGRESQL_PASSWORD='' +='' +##='' +## BITWARDEN='' +##='' +BITWARDEN_CONTAINER_NAME='' +BITWARDEN_ENABLED='' +BITWARDEN_ENVIRONMENT_ADMIN_TOKEN='' +BITWARDEN_ENVIRONMENT_DATABASE_URL='' +BITWARDEN_ENVIRONMENT_DISABLE_ADMIN_TOKEN='' +BITWARDEN_ENVIRONMENT_DOMAIN='' +BITWARDEN_ENVIRONMENT_ENABLE_DB_WAL='' +BITWARDEN_ENVIRONMENT_INVITATIONS_ALLOWED='' +BITWARDEN_ENVIRONMENT_SHOW_PASSWORD_HINT='' +BITWARDEN_ENVIRONMENT_SIGNUPS_ALLOWED='' +BITWARDEN_ENVIRONMENT_SIGNUPS_VERIFY='' +BITWARDEN_ENVIRONMENT_WEBSOCKET_ENABLE='' +BITWARDEN_NETWORK_MODE='' +BITWARDEN_PORT_3012='' +BITWARDEN_PORT_80='' +BITWARDEN_RESTART='' +BITWARDEN_TAG='' +='' +##='' +## CHROMIUM (User Defined)='' +##='' +CHROMIUM_TOKEN='' +='' +##='' +## CLOUDFLARE (User Defined)='' +##='' +CLOUDFLARE_ACCOUNT_ID='' +CLOUDFLARE_DNS_API_TOKEN='' +CLOUDFLARE_ZONE_ID='' +='' +##='' +## CLOUDFLAREDDNS='' +##='' +CLOUDFLAREDDNS_CONTAINER_NAME='' +CLOUDFLAREDDNS_ENABLED='' +CLOUDFLAREDDNS_ENVIRONMENT_APIKEY='' +CLOUDFLAREDDNS_ENVIRONMENT_APITOKEN='' +CLOUDFLAREDDNS_ENVIRONMENT_ARGS='' +CLOUDFLAREDDNS_ENVIRONMENT_DETECTION_MODE='' +CLOUDFLAREDDNS_ENVIRONMENT_HOSTS='' +CLOUDFLAREDDNS_ENVIRONMENT_INTERVAL='' +CLOUDFLAREDDNS_ENVIRONMENT_LOG_LEVEL='' +CLOUDFLAREDDNS_ENVIRONMENT_RECORDTYPES='' +CLOUDFLAREDDNS_ENVIRONMENT_USER='' +CLOUDFLAREDDNS_ENVIRONMENT_ZONES='' +CLOUDFLAREDDNS_RESTART='' +CLOUDFLAREDDNS_TAG='' +='' +##='' +## CROWDSEC (User Defined)='' +##='' +CROWDSEC_API_KEY='' +CROWDSEC_LOCAL_API_KEY='' +='' +##='' +## DELUGEVPN='' +##='' +DELUGEVPN_CONTAINER_NAME='' +DELUGEVPN_ENABLED='' +DELUGEVPN_ENVIRONMENT_ENABLE_PRIVOXY='' +DELUGEVPN_ENVIRONMENT_LAN_NETWORK='' +DELUGEVPN_ENVIRONMENT_NAME_SERVERS='' +DELUGEVPN_ENVIRONMENT_VPN_CLIENT='' +DELUGEVPN_ENVIRONMENT_VPN_ENABLE='' +DELUGEVPN_ENVIRONMENT_VPN_INPUT_PORTS='' +DELUGEVPN_ENVIRONMENT_VPN_OPTIONS='' +DELUGEVPN_ENVIRONMENT_VPN_OUTPUT_PORTS='' +DELUGEVPN_ENVIRONMENT_VPN_PASS='' +DELUGEVPN_ENVIRONMENT_VPN_PROV='' +DELUGEVPN_ENVIRONMENT_VPN_USER='' +DELUGEVPN_NETWORK_MODE='' +DELUGEVPN_PORT_58846='' +DELUGEVPN_PORT_58946='' +DELUGEVPN_PORT_8112='' +DELUGEVPN_PORT_8118='' +DELUGEVPN_RESTART='' +DELUGEVPN_TAG='' +='' +##='' +## DELUGEVPN (User Defined)='' +##='' +DELUGEVPN_PASSWORD='' +DELUGEVPN_PORT_51413='' +DELUGEVPN_PORT_6881='' +='' +##='' +## DUPLICATI='' +##='' +DUPLICATI_CONTAINER_NAME='' +DUPLICATI_ENABLED='' +DUPLICATI_NETWORK_MODE='' +DUPLICATI_PORT_8200='' +DUPLICATI_RESTART='' +DUPLICATI_TAG='' +DUPLICATI_VOLUME_BACKUPSDIR='' +DUPLICATI_VOLUME_SOURCEDIR='' +='' +##='' +## DUPLICATI (User Defined)='' +##='' +DUPLICATI_CF_TUNNEL_PASSWORD='' +='' +##='' +## EMBY='' +##='' +EMBY_CONTAINER_NAME='' +EMBY_ENABLED='' +EMBY_NETWORK_MODE='' +EMBY_PORT_8096='' +EMBY_PORT_8920='' +EMBY_RESTART='' +EMBY_TAG='' +EMBY_VOLUME_TRANSCODEDIR='' +='' +##='' +## EMBY (User Defined)='' +##='' +EMBY_HOMEPAGE_API_KEY='' +='' +##='' +## FLARESOLVERR='' +##='' +FLARESOLVERR_CONTAINER_NAME='' +FLARESOLVERR_ENABLED='' +FLARESOLVERR_ENVIRONMENT_CAPTCHA_SOLVER='' +FLARESOLVERR_ENVIRONMENT_LOG_HTML='' +FLARESOLVERR_ENVIRONMENT_LOG_LEVEL='' +FLARESOLVERR_NETWORK_MODE='' +FLARESOLVERR_PORT_8191='' +FLARESOLVERR_RESTART='' +FLARESOLVERR_TAG='' +='' +##='' +## GHOST (User Defined)='' +##='' +GHOST_DB_PASSWORD='' +GHOST_DB_USER='' +='' +##='' +## GITEA (User Defined)='' +##='' +GITEA_HOMEPAGE_API_KEY='' +GITEA_PG_DB_PASSWORD='' +='' +##='' +## GLUETUN (User Defined)='' +##='' +GLUETUN_SERVER_REGIONS='' +='' +##='' +## GOTIFY (User Defined)='' +##='' +GOTIFY_HOMEPAGE_CLIENT_KEY='' +GOTIFY_PASSWORD='' +='' +##='' +## GRAFANA='' +##='' +GRAFANA_CONTAINER_NAME='' +GRAFANA_ENABLED='' +GRAFANA_ENVIRONMENT_GF_INSTALL_PLUGINS='' +GRAFANA_NETWORK_MODE='' +GRAFANA_PORT_3000='' +GRAFANA_RESTART='' +GRAFANA_TAG='' +='' +##='' +## GRAFANA (User Defined)='' +##='' +GRAFANA_ADMIN_PASSWORD='' +GRAFANA_MIMIR_HTTP_AUTH_PASSWORD='' +='' +##='' +## GUID (User Defined)='' +##='' +GUID='' +='' +##='' +## HORTUSFOX (User Defined)='' +##='' +HORTUSFOX_ADMIN_PASSWORD='' +HORTUSFOX_DB_PASSWORD='' +='' +##='' +## HUGINN='' +##='' +HUGINN_CONTAINER_NAME='' +HUGINN_ENABLED='' +HUGINN_ENVIRONMENT_DATABASE_HOST='' +HUGINN_ENVIRONMENT_DATABASE_NAME='' +HUGINN_ENVIRONMENT_DATABASE_PASSWORD='' +HUGINN_ENVIRONMENT_DATABASE_PORT='' +HUGINN_ENVIRONMENT_DATABASE_USERNAME='' +HUGINN_NETWORK_MODE='' +HUGINN_PORT_3000='' +HUGINN_RESTART='' +HUGINN_TAG='' +='' +##='' +## IN (User Defined)='' +##='' +IN_APP_KEY='' +IN_MYSQL_PASSWORD='' +IN_PASSWORD='' +='' +##='' +## JAN (User Defined)='' +##='' +JAN_AI_S3_ACCESS_KEY='' +JAN_AI_S3_SECRET_KEY='' +='' +##='' +## JITSI (User Defined)='' +##='' +JITSI__ADMIN_DB_PASSWORD='' +JITSI__ADMIN_JWT_SECRET='' +JITSI__ETHERPAD_DEFAULT_PAD_TEXT='' +JITSI__ETHERPAD_SKIN_NAME='' +JITSI__ETHERPAD_SKIN_VARIANTS='' +JITSI__ETHERPAD_TITLE='' +JITSI__ETHERPAD_URL_BASE='' +JITSI__HTTP_PORT='' +JITSI__HTTPS_PORT='' +JITSI__JIBRI_RECORDER_PASSWORD='' +JITSI__JIBRI_XMPP_PASSWORD='' +JITSI__JICOFO_AUTH_PASSWORD='' +JITSI__JIGAGI_SIP_PASSWORD='' +JITSI__JIGAGI_SIP_PORT='' +JITSI__JIGAGI_SIP_SERVER='' +JITSI__JIGAGI_SIP_TRANSPORT='' +JITSI__JIGAGI_SIP_URI='' +JITSI__JIGASI_XMPP_PASSWORD='' +JITSI__JVB_AUTH_PASSWORD='' +JITSI__PUBLIC_URL='' +JITSI__SIP_URI='' +JITSI__TZ='' +JITSI__WEBSOCKET_SECRET='' +='' +##='' +## JOPLIN (User Defined)='' +##='' +JOPLIN_APP_BASE_URL='' +JOPLIN_APP_PORT='' +JOPLIN_POSTGRES_DATABASE='' +JOPLIN_POSTGRES_PASSWORD='' +JOPLIN_POSTGRES_PORT='' +JOPLIN_POSTGRES_USER='' +JOPLIN_S3_ACCESS_KEY='' +JOPLIN_S3_SECRET_KEY='' +='' +##='' +## KEYCLOAK (User Defined)='' +##='' +KEYCLOAK_ADMIN_PASSWORD='' +='' +##='' +## LAN (User Defined)='' +##='' +LAN_NETWORK='' +='' +##='' +## LASTFM (User Defined)='' +##='' +LASTFM_API_KEY='' +LASTFM_API_SECRET='' +LASTFM_PASSWORD='' +LASTFM_USERNAME='' +='' +##='' +## LIBRESPEED='' +##='' +LIBRESPEED_CONTAINER_NAME='' +LIBRESPEED_ENABLED='' +LIBRESPEED_ENVIRONMENT_DB_HOSTNAME='' +LIBRESPEED_ENVIRONMENT_DB_NAME='' +LIBRESPEED_ENVIRONMENT_DB_PASSWORD='' +LIBRESPEED_ENVIRONMENT_DB_TYPE='' +LIBRESPEED_ENVIRONMENT_DB_USERNAME='' +LIBRESPEED_ENVIRONMENT_PASSWORD='' +LIBRESPEED_NETWORK_MODE='' +LIBRESPEED_PORT_80='' +LIBRESPEED_RESTART='' +LIBRESPEED_TAG='' +='' +##='' +## LIDARR='' +##='' +LIDARR_CONTAINER_NAME='' +LIDARR_ENABLED='' +LIDARR_NETWORK_MODE='' +LIDARR_PORT_8686='' +LIDARR_RESTART='' +LIDARR_TAG='' +='' +##='' +## LIDARR (User Defined)='' +##='' +LIDARR_API_KEY='' +='' +##='' +## LLDAP (User Defined)='' +##='' +LLDAP_JWT_SECRET='' +LLDAP_KEY_SEED='' +='' +##='' +## LOCALAI (User Defined)='' +##='' +LOCALAI_API_KEY='' +='' +##='' +## MALOJA (User Defined)='' +##='' +MALOJA_FORCE_PASSWORD='' +='' +##='' +## MARIADB='' +##='' +MARIADB_CONTAINER_NAME='' +MARIADB_ENABLED='' +MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD='' +MARIADB_NETWORK_MODE='' +MARIADB_PORT_3306='' +MARIADB_RESTART='' +MARIADB_TAG='' +='' +##='' +## MATTERMOST (User Defined)='' +##='' +MATTERMOST_AWS_S3_ACCESSKEY='' +MATTERMOST_AWS_S3_SECRETKEY='' +MATTERMOST_POSTGRES_CONNECTION_URI='' +MATTERMOST_POSTGRES_PASSWORD='' +='' +##='' +## MAYBE (User Defined)='' +##='' +MAYBE_POSTGRES_PASSWORD='' +MAYBE_SECRET_KEY_BASE='' +='' +##='' +## MEDUSAJS (User Defined)='' +##='' +MEDUSAJS_COOKIE_SECRET='' +MEDUSAJS_JWT_TOKEN='' +MEDUSAJS_POSTGRES_PASSWORD='' +MEDUSAJS_S3_ACCESS_KEY='' +MEDUSAJS_S3_SECRET_KEY='' +='' +##='' +## MINIO (User Defined)='' +##='' +MINIO_MIMIR_STORAGE_ACCESS_KEY='' +MINIO_MIMIR_STORAGE_SECRET_KEY='' +MINIO_ROOT_PASSWORD='' +='' +##='' +## MONGO (User Defined)='' +##='' +MONGO_INITDB_ROOT_PASSWORD='' +MONGO_INITDB_ROOT_USERNAME='' +='' +##='' +## NAVIDROME (User Defined)='' +##='' +NAVIDROME_PASSWORD='' +NAVIDROME_USERNAME='' +='' +##='' +## NEXTCLOUD='' +##='' +NEXTCLOUD_CONTAINER_NAME='' +NEXTCLOUD_ENABLED='' +NEXTCLOUD_NETWORK_MODE='' +NEXTCLOUD_PORT_443='' +NEXTCLOUD_RESTART='' +NEXTCLOUD_TAG='' +NEXTCLOUD_VOLUME_DATADIR='' +='' +##='' +## OMBI='' +##='' +OMBI_CONTAINER_NAME='' +OMBI_ENABLED='' +OMBI_NETWORK_MODE='' +OMBI_PORT_3579='' +OMBI_RESTART='' +OMBI_TAG='' +OMBI_API_KEY='' +##='' +## PAPERLESS (User Defined)='' +##='' +PAPERLESS_DBPASS='' +PAPERLESS_SECRET_KEY='' +='' +##='' +## PLAUSIBLE (User Defined)='' +##='' +PLAUSIBLE_PG_PASSWORD='' +PLAUSIBLE_SECRET_KEY_BASE='' +PLAUSIBLE_TOTP_VAULT_KEY='' +='' +##='' +## PODINDEX (User Defined)='' +##='' +PODINDEX_API_KEY='' +PODINDEX_API_SECRET='' +='' +##='' +## PORTAINER='' +##='' +PORTAINER_CONTAINER_NAME='' +PORTAINER_ENABLED='' +PORTAINER_NETWORK_MODE='' +PORTAINER_PORT_9000='' +PORTAINER_RESTART='' +PORTAINER_TAG='' +PORTAINER_VOLUME_DOCKER_SOCKET='' +PORTAINER_API_KEY='' +='' +##='' +## POSTAL (User Defined)='' +##='' +POSTAL_MYSQL_PASSWORD='' +POSTAL_SMTP_AUTH_PASSWORD='' +POSTAL_SMTP_AUTH_USER='' +='' +##='' +## POSTGRES (User Defined)='' +##='' +POSTGRES_HOST='' +POSTGRES_PASSWORD='' +POSTGRES_USER='' +='' +##='' +## PROWLARR='' +##='' +PROWLARR_CONTAINER_NAME='' +PROWLARR_ENABLED='' +PROWLARR_NETWORK_MODE='' +PROWLARR_PORT_9696='' +PROWLARR_RESTART='' +PROWLARR_TAG='' +PROWLARR_API_KEY='' +='' +##='' +## RADARR='' +##='' +RADARR_CONTAINER_NAME='' +RADARR_ENABLED='' +RADARR_NETWORK_MODE='' +RADARR_PORT_7878='' +RADARR_RESTART='' +RADARR_TAG='' +='' +##='' +## RADARR (User Defined)='' +##='' +RADARR_API_KEY='' +='' +##='' +## REACTIVE (User Defined)='' +##='' +REACTIVE_RESUME_ACCESS_TOKEN_SECRET='' +REACTIVE_RESUME_PGSQL_PASSWORD='' +REACTIVE_RESUME_REFRESH_TOKEN_SECRET='' +REACTIVE_RESUME_S3_ACCESS_KEY='' +REACTIVE_RESUME_S3_SECRET_KEY='' +='' +##='' +## READARR='' +##='' +READARR_CONTAINER_NAME='' +READARR_ENABLED='' +READARR_NETWORK_MODE='' +READARR_PORT_8787='' +READARR_RESTART='' +READARR_TAG='' +READARR_API_KEY='' +='' +##='' +## REMMINA (User Defined)='' +##='' +REMMINA_CF_TUNNEL_ID='' +REMMINA_CF_TUNNEL_PASSWORD='' +REMMINA_USER_PASSWORD='' +='' +##='' +## RUSTDESK (User Defined)='' +##='' +RUSTDESK_CUSTOM_PASSWORD='' +='' +##='' +## SABNZBDVPN='' +##='' +SABNZBDVPN_CONTAINER_NAME='' +SABNZBDVPN_ENABLED='' +SABNZBDVPN_ENVIRONMENT_ENABLE_PRIVOXY='' +SABNZBDVPN_ENVIRONMENT_LAN_NETWORK='' +SABNZBDVPN_ENVIRONMENT_NAME_SERVERS='' +SABNZBDVPN_ENVIRONMENT_VPN_CLIENT='' +SABNZBDVPN_ENVIRONMENT_VPN_ENABLE='' +SABNZBDVPN_ENVIRONMENT_VPN_INPUT_PORTS='' +SABNZBDVPN_ENVIRONMENT_VPN_OPTIONS='' +SABNZBDVPN_ENVIRONMENT_VPN_OUTPUT_PORTS='' +SABNZBDVPN_ENVIRONMENT_VPN_PASS='' +SABNZBDVPN_ENVIRONMENT_VPN_PROV='' +SABNZBDVPN_ENVIRONMENT_VPN_USER='' +SABNZBDVPN_NETWORK_MODE='' +SABNZBDVPN_PORT_8080='' +SABNZBDVPN_PORT_8090='' +SABNZBDVPN_PORT_8118='' +SABNZBDVPN_RESTART='' +SABNZBDVPN_TAG='' +SABNZBDVPN_API_KEY='' +='' +##='' +## SCRAPERR (User Defined)='' +##='' +SCRAPERR_SECRET_KEY='' +='' +##='' +## SCRUTINY (User Defined)='' +##='' +SCRUTINY_CF_TUNNEL_PASSWORD='' +='' +##='' +## SEARXNG (User Defined)='' +##='' +SEARXNG_BASE_URL='' +='' +##='' +## SLSKD (User Defined)='' +##='' +SLSKD_PASSWORD='' +='' +##='' +## SONARR='' +##='' +SONARR_CONTAINER_NAME='' +SONARR_ENABLED='' +SONARR_NETWORK_MODE='' +SONARR_PORT_8989='' +SONARR_RESTART='' +SONARR_TAG='' +='' +##='' +## SONARR (User Defined)='' +##='' +SONARR_API_KEY='' +='' +##='' +## SWAG='' +##='' +SWAG_CONTAINER_NAME='' +SWAG_ENABLED='' +SWAG_ENVIRONMENT_DNSPLUGIN='' +SWAG_ENVIRONMENT_EMAIL='' +SWAG_ENVIRONMENT_EXTRA_DOMAINS='' +SWAG_ENVIRONMENT_ONLY_SUBDOMAINS='' +SWAG_ENVIRONMENT_SUBDOMAINS='' +SWAG_ENVIRONMENT_URL='' +SWAG_ENVIRONMENT_VALIDATION='' +SWAG_NETWORK_MODE='' +SWAG_PORT_443='' +SWAG_PORT_80='' +SWAG_RESTART='' +SWAG_TAG='' +='' +##='' +## SWAG (User Defined)='' +##='' +SWAG_CF_TUNNEL_ID='' +SWAG_CF_TUNNEL_PASSWORD='' +SWAG_DUCKDNSTOKEN='' +SWAG_MAXMINDDB_LICENSE_KEY='' +='' +##='' +## TANDOOR (User Defined)='' +##='' +TANDOOR_API_TOKEN='' +TANDOOR_POSTGRES_PASSWORD='' +TANDOOR_SECRET_KEY='' +='' +##='' +## TMDB (User Defined)='' +##='' +TMDB_API_KEY='' +='' +##='' +## TRACCAR (User Defined)='' +##='' +TRACCAR_POSTGRES_DATABASE='' +TRACCAR_POSTGRES_PASSWORD='' +TRACCAR_POSTGRES_USER='' +='' +##='' +## UPTIME (User Defined)='' +##='' +UPTIME_KUMA_PASSWORD='' +UPTIME_KUMA_USERNAME='' +='' +##='' +## UPTIMEKUMA='' +##='' +UPTIMEKUMA_CONTAINER_NAME='' +UPTIMEKUMA_ENABLED='' +UPTIMEKUMA_NETWORK_MODE='' +UPTIMEKUMA_PORT_3001='' +UPTIMEKUMA_RESTART='' +UPTIMEKUMA_TAG='' +='' +##='' +## VAULT (User Defined)='' +##='' +VAULT_HASHICORP_AWS_ACCESS_KEY_ID='' +VAULT_HASHICORP_AWS_SECRET_ACCESS_KEY='' +='' +##='' +## VIRUS (User Defined)='' +##='' +VIRUS_TOTAL_API_KEY='' +='' +##='' +## WALLABAG (User Defined)='' +##='' +WALLABAG_DB='' +WALLABAG_DB_PASSWORD='' +='' +##='' +## WATCHTOWER='' +##='' +WATCHTOWER_CONTAINER_NAME='' +WATCHTOWER_ENABLED='' +WATCHTOWER_ENVIRONMENT_CLEANUP='' +WATCHTOWER_ENVIRONMENT_INCLUDE_STOPPED='' +WATCHTOWER_ENVIRONMENT_MONITOR_ONLY='' +WATCHTOWER_ENVIRONMENT_NOTIFICATION_TEMPLATE='' +WATCHTOWER_ENVIRONMENT_NOTIFICATION_URL='' +WATCHTOWER_ENVIRONMENT_NOTIFICATIONS='' +WATCHTOWER_ENVIRONMENT_NOTIFICATIONS_LEVEL='' +WATCHTOWER_ENVIRONMENT_REPO_PASS='' +WATCHTOWER_ENVIRONMENT_REPO_USER='' +WATCHTOWER_ENVIRONMENT_SCHEDULE='' +WATCHTOWER_ENVIRONMENT_TIMEOUT='' +WATCHTOWER_NETWORK_MODE='' +WATCHTOWER_RESTART='' +WATCHTOWER_TAG='' +WATCHTOWER_VOLUME_DOCKER_SOCKET='' +='' +##='' +## WATCHTOWER (User Defined)='' +##='' +WATCHTOWER_HTTP_API_TOKEN='' +WATCHTOWER_NOTIFICATION_GOTIFY_TLS_SKIP_VERIFY='' +WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN='' +WATCHTOWER_NOTIFICATION_GOTIFY_URL='' +='' +##='' +## WAZUH (User Defined)='' +##='' +WAZUH_API_PASSWORD='' +WAZUH_INDEXER_PASSWORD='' +WAZUH_KIBANA_PASSWORD='' +WAZUH_VERSION='' +='' +##='' +## YOUR (User Defined)='' +##='' +YOUR_SPOTIFY_ID='' +YOUR_SPOTIFY_PORT_443='' +YOUR_SPOTIFY_PORT_80='' +YOUR_SPOTIFY_SECRET='' +='' +##='' +## YOUTUBEDL='' +##='' +YOUTUBEDL_CONTAINER_NAME='' +YOUTUBEDL_ENABLED='' +YOUTUBEDL_ENVIRONMENT_CONFIG_PATH='' +YOUTUBEDL_ENVIRONMENT_DEBUG='' +YOUTUBEDL_NETWORK_MODE='' +YOUTUBEDL_PORT_8080='' +YOUTUBEDL_RESTART='' +YOUTUBEDL_TAG='' +='' +##='' +## ZAMMAD (User Defined)='' +##='' +ZAMMAD_ELASTICSEARCH_VERSION='' +ZAMMAD_IMAGE_REPO='' +ZAMMAD_MEMCACHE_SERVERS='' +ZAMMAD_MEMCACHE_VERSION='' +ZAMMAD_POSTGRES_DB='' +ZAMMAD_POSTGRES_HOST='' +ZAMMAD_POSTGRES_PASS='' +ZAMMAD_POSTGRES_PORT='' +ZAMMAD_POSTGRES_USER='' +ZAMMAD_POSTGRES_VERSION='' +ZAMMAD_POSTGRESQL_OPTIONS='' +ZAMMAD_REDIS_URL='' +ZAMMAD_REDIS_VERSION='' +ZAMMAD_RESTART='' +ZAMMAD_S3_ACCESS_KEY='' +ZAMMAD_S3_SECRET_KEY='' +ZAMMAD_VERSION=''