Adding more notifications to pipeline; YAML format fixing for environments key.

Merged by Trez.One

.gitea/workflows/pr-cloudflare-docker-deploy.yml

@@ -79,6 +79,13 @@ jobs:
             --check
           requirements: collections/requirements.yml
           vault_password: ${{ secrets.ANSIBLE_VAULT_PASSWORD }}
+      - name: Gotify Notification
+        uses: eikendev/gotify-action@master
+        with:
+          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
+          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
+          notification_title: 'GITEA: Ansible Config Dry Run @ Rinoa'
+          notification_message: 'Ansible dry run completed successfully.'
       - name: Generate .env file for Docker Compose Dry Run
         run: |
           vault kv get -format=json rinoa-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
@@ -97,6 +104,13 @@ jobs:
           up-opts: --dry-run -d --remove-orphans
         env:
           DOCKER_HOST: tcp://dockerproxy:2375
+      - name: Gotify Notification
+        uses: eikendev/gotify-action@master
+        with:
+          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
+          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
+          notification_title: 'GITEA: Docker Compose Dry Run @ Rinoa'
+          notification_message: 'Docker Compose dry run completed successfully.'
   cloudflare-dns-setup:
     name: Cloudflare DNS Setup
     needs: [docker-compose-ansible-lints]
@@ -132,6 +146,13 @@ jobs:
         run: |
           yq '.services[].labels.swag_url' docker-compose.yml | egrep -v 'null' | sed -e 's|"||g' | awk -F'.' '{print $1}' | sort > compose_subdomains.txt
           flarectl --json dns list --zone "trez.wtf" --type=CNAME --content "trez.wtf" | jq '.[].Name' | sed -e 's|"||g' | awk -F"." '{print $1}' | sort > cloudflare_subdomains.txt
+      - name: Gotify Notification
+        uses: eikendev/gotify-action@master
+        with:
+          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
+          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
+          notification_title: 'GITEA: Cloudflare Setup @ Rinoa'
+          notification_message: 'Starting Cloudflare setup'
       - name: Compare Subdomains
         id: compare-subdomains
         uses: LouisBrunner/diff-action@v2.2.0
@@ -152,6 +173,13 @@ jobs:
             echo "Creating $subdomain.trez.wtf..."
             flarectl dns create --zone "trez.wtf" --name "${subdomain}" --type=CNAME --content "trez.wtf" --proxy true
           done
+      - name: Gotify Notification
+        uses: eikendev/gotify-action@master
+        with:
+          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
+          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
+          notification_title: 'GITEA: Cloudflare Setup @ Rinoa'
+          notification_message: 'Cloudflare DNS setup completed successfully.'
   regenerate-readme:
     name: Update README
     runs-on: ubuntu-latest
@@ -203,6 +231,14 @@ jobs:
           echo "Merging PR..."
           pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --fields index,title,head,state --output csv | egrep ${{ github.ref_name }} | awk -F"," '{print $1}' | sed -e 's|"||g')
           tea pr m --repo ${{ github.repository }} --title "Auto Merge of PR ${pr_index} - ${{ github.ref_name }}" --message "Merged by ${{ github.actor }}" ${pr_index}
+          echo "pr_index=${pr_index}" >> $GITHUB_OUTPUT
+      - name: Gotify Notification
+        uses: eikendev/gotify-action@master
+        with:
+          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
+          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
+          notification_title: 'GITEA: PR Merge Successful'
+          notification_message: 'PR #${{ steps.pr_merge.outputs.pr_index }} merged.'
   ansible-config-docker-compose-deploy:
     name: Deploy via Ansible & Docker Compose
     runs-on: ubuntu-latest
@@ -245,7 +281,7 @@ jobs:
         with:
           gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
           gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
-          notification_title: 'Ansible Config Deployment @ Rinoa'
+          notification_title: 'GITEA: Ansible Config Deployment @ Rinoa'
           notification_message: 'Deployment completed successfully.'
       - name: Generate .env file for deployment
         run: |
@@ -264,5 +300,5 @@ jobs:
         with:
           gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
           gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
-          notification_title: 'Docker Compose Deployment @ Rinoa'
+          notification_title: 'GITEA: Docker Compose Deployment @ Rinoa'
           notification_message: 'Deployment completed successfully.'

.gitignore

@@ -1,2 +1,3 @@
 **/.cache_ggshield
-ansible/collections/ansible_collections/
+ansible/collections/ansible_collections/
+**/.env

README.md

@@ -27,6 +27,7 @@
 | czkawka | jlesage/czkawka |
 | dagu-scheduler | ghcr.io/dagu-org/dagu:latest |
 | dagu-server | ghcr.io/dagu-org/dagu:latest |
+| dbgate | dbgate/dbgate:alpine |
 | delugevpn | ghcr.io/binhex/arch-delugevpn:latest |
 | docker-socket-proxy | ghcr.io/tecnativa/docker-socket-proxy:latest |
 | docuseal | docuseal/docuseal:latest |
@@ -124,6 +125,7 @@
 | sonashow | thewicklowwolf/sonashow:latest |
 | soularr | mrusse08/soularr:latest |
 | soulseek | slskd/slskd |
+| sourcebot | ghcr.io/sourcebot-dev/sourcebot:latest |
 | speedtest-tracker | lscr.io/linuxserver/speedtest-tracker:latest |
 | spotisub | blastbeng/spotisub:latest |
 | swag | lscr.io/linuxserver/swag:latest |
@@ -144,7 +146,6 @@
 | wazuh.indexer | wazuh/wazuh-indexer: |
 | wazuh.manager | wazuh/wazuh-manager: |
 | web-check | lissy93/web-check |
-| whodb | clidey/whodb |
 | yacht | selfhostedpro/yacht |
 | your_spotify | lscr.io/linuxserver/your_spotify:latest |
 | youtubedl | nbr23/youtube-dl-server:latest |

ansible/app-configs/sourcebot_config.json.j2

@@ -0,0 +1,19 @@
+{% set vault_addr = 'https://vault.trez.wtf' %}
+{% set secrets_path = 'rinoa-docker/env' %}
+
+{
+  "$schema": "../schemas/v2/index.json",
+  "repos": [
+      {
+          "type": "gitea",
+          "token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_SONARQUBE_BOT_GITEA_TOKEN'] }}",
+          "url": "https://git.trez.wtf",
+          "revisions": {
+              "branches": [
+                  "main",
+                  "*"
+              ]
+          }
+      }
+  ]
+}

docker-compose.yml

@@ -40,7 +40,7 @@ services:
   adguard:
     container_name: adguard
     environment:
-      TZ: America/New_York
+      TZ: ${TZ}
     hostname: Rinoa
     image: adguard/adguardhome:latest
     labels:
@@ -271,9 +271,9 @@ services:
   authelia-pg:
     container_name: authelia-pg
     environment:
-      - POSTGRES_PASSWORD=${AUTHELIA_STORAGE_POSTGRES_PASSWORD}
-      - POSTGRES_USER=authelia
-      - POSTGRES_DB=authelia
+      POSTGRES_PASSWORD: ${AUTHELIA_STORAGE_POSTGRES_PASSWORD}
+      POSTGRES_USER: authelia
+      POSTGRES_DB: authelia
     expose:
       - 5432
     image: postgres:16-alpine
@@ -289,10 +289,10 @@ services:
   bazarr:
     container_name: bazarr
     environment:
-      - PGID=1000
-      - PUID=1000
-      - TZ=America/New_York
-      - DOCKER_MODS=ghcr.io/gilbn/theme.park:bazarr
+      PGID: ${PGID}
+      PUID: ${PUID}
+      TZ: ${TZ}
+      DOCKER_MODS: ghcr.io/gilbn/theme.park:bazarr
     hostname: Rinoa
     image: lscr.io/linuxserver/bazarr:latest
     labels:
@@ -523,11 +523,13 @@ services:
   bunkerweb:
     container_name: bunkerweb
     environment:
-      SERVER_NAME: www.trez.wtf
       API_WHITELIST_IP: 172.18.0.0/16 192.168.1.0/24
-      USE_REAL_IP: yes
       REAL_IP_FROM: 172.18.0.0/16
       REAL_IP_HEADER: X-Forwarded-For
+      REVERSE_PROXY_HOST: http://swag:80
+      SERVER_NAME: bunker.trez.wtf
+      USE_REAL_IP: yes
+      USE_REVERSE_PROXY: yes
     expose:
       - 8080
       - 8443
@@ -549,8 +551,13 @@ services:
   bunkerweb-ui:
     container_name: bunkerweb-ui
     depends_on:
-      - bunkerweb
-      - docker-socket-proxy
+      bunkerweb:
+        condition: service_started
+        required: true
+        restart: true
+      docker-socket-proxy:
+        condition: service_started
+        required: true
     environment:
       DOCKER_HOST: tcp://dockerproxy:2375
     expose:
@@ -558,7 +565,7 @@ services:
     image: bunkerity/bunkerweb-ui:latest
     labels:
       homepage.group: Privacy/Security
-      homepage.name: Bunkerweb
+      homepage.name: Bunker Web
       homepage.href: https://bunker.${MY_TLD}
       homepage.icon: bunkerweb.svg
       homepage.description: Next-gen WAF
@@ -841,6 +848,162 @@ services:
         type: volume
         bind:
           create_host_path: true
+  dbgate:
+    container_name: dbgate
+    environment:
+      CONNECTIONS: authelia-pg,bitmagnet-pg-db,gitea-db,invidious-db,joplin-db,lobe-chat-pg-db,mariadb,mastodon-pg-db,mongodb,netbox-db,pgbackweb,pgbackweb-db,plausible-db,plausible-events-db,reactive-resume-pg,sonarqube-pg-db,synapse-db,tandoor-pg,traccar-pg,whodb,zitadel-pg-db
+
+      LOGIN: TrezOne
+      PASSWORD: ${DBGATE_LOGIN_PASSWORD}
+
+      LABEL_mariadb: mariadb
+      SERVER_mariadb: mariadb
+      USER_mariadb: root
+      PASSWORD_mariadb: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD}
+      PORT_mariadb: 3306
+      ENGINE_mariadb: mariadb@dbgate-plugin-mysql
+
+      LABEL_authelia-pg: authelia-pg
+      SERVER_authelia-pg: authelia-pg
+      USER_authelia-pg: authelia
+      DATABASE_authelia-pg: authelia
+      PASSWORD_authelia-pg: ${BITMAGNET_POSTGRESQL_PASSWORD}
+      PORT_authelia-pg: 5432
+      ENGINE_authelia-pg: postgres@dbgate-plugin-postgres
+
+      LABEL_bitmagnet-pg-db: bitmagnet-pg-db
+      SERVER_bitmagnet-pg-db: bitmagnet-pg-db
+      USER_bitmagnet-pg-db: bitmagnet-pg
+      DATABASE_bitmagnet-pg-db: bitmagnet
+      PASSWORD_bitmagnet-pg-db: ${BITMAGNET_POSTGRESQL_PASSWORD}
+      PORT_bitmagnet-pg-db: 5432
+      ENGINE_bitmagnet-pg-db: postgres@dbgate-plugin-postgres
+
+      LABEL_gitea-db: gitea-db
+      SERVER_gitea-db: gitea-db
+      USER_gitea-db: gitea
+      PASSWORD_gitea-db: ${GITEA_PG_DB_PASSWORD}
+      DATABASE_gitea-db: gitea
+      PORT_gitea-db: 5432
+      ENGINE_gitea-db: postgres@dbgate-plugin-postgres
+
+      LABEL_invidious-db: invidious-db
+      SERVER_invidious-db: invidious-db
+      USER_invidious-db: kemal
+      PASSWORD_invidious-db: ${INVID_PG_DB_PASSWORD}
+      PORT_invidious-db: 5432
+      DATABASE_invidious-db: invidious
+      ENGINE_invidious-db: postgres@dbgate-plugin-postgres
+
+      LABEL_joplin-db: joplin-db
+      SERVER_joplin-db: joplin-db
+      USER_joplin-db: ${JOPLIN_POSTGRES_USER}
+      PASSWORD_joplin-db: ${JOPLIN_POSTGRES_DATABASE}
+      DATABASE_joplin-db: joplin
+      PORT_joplin-db: 5432
+      ENGINE_joplin-db: postgres@dbgate-plugin-postgres
+
+      LABEL_lobe-chat-pg-db: lobe-chat-pg-db
+      SERVER_lobe-chat-pg-db: lobe-chat-pg-db
+      USER_lobe-chat-pg-db: lobe
+      PASSWORD_lobe-chat-pg-db: ${GITEA_PG_DB_PASSWORD}
+      DATABASE_lobe-chat-pg-db: lobe
+      PORT_lobe-chat-pg-db: 5432
+      ENGINE_lobe-chat-pg-db: postgres@dbgate-plugin-postgres
+
+      LABEL_mastodon-pg-db: mastodon-pg-db
+      SERVER_mastodon-pg-db: mastodon-pg-db
+      USER_mastodon-pg-db: mastodon
+      PASSWORD_mastodon-pg-db: ${MASTODON_PG_DB_PASSWORD}
+      DATABASE_mastodon-pg-db: mastodon
+      PORT_mastodon-pg-db: 5432
+      ENGINE_mastodon-pg-db: postgres@dbgate-plugin-postgres
+
+      LABEL_mongodb: mongodb
+      URI_mongodb: mongodb://mongodb:27017
+      ENGINE_mongodb: mongo@dbgate-plugin-mongo
+
+      LABEL_netbox-db: netbox-db
+      SERVER_netbox-db: netbox-db
+      USER_netbox-db: netbox
+      PASSWORD_netbox-db: ${NETBOX_PG_DB_PASSWORD}
+      PORT_netbox-db: 5432
+      DATABASE_netbox-db: netbox
+      ENGINE_netbox-db: postgres@dbgate-plugin-postgres
+
+      LABEL_pgbackweb-db: pgbackweb-db
+      SERVER_pgbackweb-db: pgbackweb-db
+      USER_pgbackweb-db: pgbackweb
+      PASSWORD_pgbackweb-db: ${PGBACKWEB_PG_DB_PASSWD}
+      PORT_pgbackweb-db: 5432
+      ENGINE_pgbackweb-db: postgres@dbgate-plugin-postgres
+
+      LABEL_plausible-db: plausible-db
+      SERVER_plausible-db: plausible-db
+      USER_plausible-db: plausible
+      PASSWORD_plausible-db: ${PLAUSIBLE_PG_PASSWORD}
+      PORT_plausible-db: 5432
+      ENGINE_plausible-db: postgres@dbgate-plugin-postgres
+
+      LABEL_reactive-resume-pg: reactive-resume-pg
+      SERVER_reactive-resume-pg: reactive-resume-pg
+      USER_reactive-resume-pg: reactiveresume
+      PASSWORD_reactive-resume-pg: ${REACTIVE_RESUME_PGSQL_PASSWORD}
+      PORT_reactive-resume-pg: 5432
+      ENGINE_reactive-resume-pg: postgres@dbgate-plugin-postgres
+
+      LABEL_sonarqube-pg-db: sonarqube-pg-db
+      SERVER_sonarqube-pg-db: sonarqube-pg-db
+      USER_sonarqube-pg-db: sonar
+      PASSWORD_sonarqube-pg-db: ${SONARQUBE_POSTGRES_PASSWORD}
+      PORT_sonarqube-pg-db: 5432
+      ENGINE_sonarqube-pg-db: postgres@dbgate-plugin-postgres
+
+      LABEL_synapse-db: synapse-db
+      SERVER_synapse-db: synapse-db
+      USER_synapse-db: synapse
+      PASSWORD_synapse-db: ${SYNAPSE_POSTGRES_PASSWORD}
+      PORT_synapse-db: 5432
+      ENGINE_synapse-db: postgres@dbgate-plugin-postgres
+
+      LABEL_tandoor-pg: tandoor-pg
+      SERVER_tandoor-pg: tandoor-pg
+      USER_tandoor-pg: tandoor
+      PASSWORD_tandoor-pg: ${TANDOOR_POSTGRES_PASSWORD}
+      PORT_tandoor-pg: 5432
+      ENGINE_tandoor-pg: postgres@dbgate-plugin-postgres
+
+      LABEL_traccar-pg: traccar-pg
+      SERVER_traccar-pg: traccar-pg
+      USER_traccar-pg: ${TRACCAR_POSTGRES_USER}
+      PASSWORD_traccar-pg: ${TRACCAR_POSTGRES_PASSWORD}
+      PORT_traccar-pg: 5432
+      ENGINE_traccar-pg: postgres@dbgate-plugin-postgres
+
+      LABEL_zitadel-pg-db: zitadel-pg-db
+      SERVER_zitadel-pg-db: zitadel-pg-db
+      USER_zitadel-pg-db: root
+      PASSWORD_zitadel-pg-db: ${ZITADEL_DB_ADMIN_PASSWORD}
+      PORT_zitadel-pg-db: 5432
+      ENGINE_zitadel-pg-db: postgres@dbgate-plugin-postgres
+    image: dbgate/dbgate:alpine
+    labels:
+      homepage.group: System Administration
+      homepage.name: DbGate
+      homepage.href: https://dbs.${MY_TLD}
+      homepage.icon: sh-dbgate.png
+      homepage.description: Cross-platform database manager
+      swag: enable
+      swag_port: 3000
+      swag_proto: http
+      swag_url: dbs.${MY_TLD}
+      swag.uptime-kuma.enabled: true
+      swag.uptime-kuma.monitor.url: https://dbs.${MY_TLD}
+    ports:
+      - 49054:3000
+    restart: unless-stopped
+    volumes:
+      - dbgate-data:/root/.dbgate
   delugevpn:
     cap_add:
       - NET_ADMIN
@@ -1221,9 +1384,9 @@ services:
   gitea-db:
     container_name: gitea-db
     environment:
-      - POSTGRES_USER=gitea
-      - POSTGRES_PASSWORD=${GITEA_PG_DB_PASSWORD}
-      - POSTGRES_DB=gitea
+      POSTGRES_USER: gitea
+      POSTGRES_PASSWORD: ${GITEA_PG_DB_PASSWORD}
+      POSTGRES_DB: gitea
     expose:
       - 5432
     healthcheck:
@@ -1461,7 +1624,7 @@ services:
     command: run --disable-reporting=true --stability.level=public-preview --server.http.listen-addr=0.0.0.0:12345 /etc/alloy/config.alloy
     container_name: grafana-alloy
     environment:
-      - DOCKER_HOST=tcp://dockerproxy:2375
+      DOCKER_HOST: tcp://dockerproxy:2375
     image: grafana/alloy:latest
     labels:
       homepage.group: Infrastructure/App Performance Monitoring
@@ -1934,22 +2097,22 @@ services:
         target: 8003
     restart: always
     volumes:
-      - source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/app/public
+      - source: ${DOCKER_VOLUME_CONFIG}/invoice-ninja/app/public
         target: /var/www/app/public
         type: bind
         bind:
           create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/app/storage
+      - source: ${DOCKER_VOLUME_CONFIG}/invoice-ninja/app/storage
         target: /var/www/app/storage
         type: bind
         bind:
           create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/php/php.ini
+      - source: ${DOCKER_VOLUME_CONFIG}/invoice-ninja/php/php.ini
         target: /usr/local/etc/php/php.ini
         type: bind
         bind:
           create_host_path: true
-      - source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/php/php-cli.ini
+      - source: ${DOCKER_VOLUME_CONFIG}/invoice-ninja/php/php-cli.ini
         target: /usr/local/etc/php/php-cli.ini
         type: bind
         bind:
@@ -2647,9 +2810,9 @@ services:
   joplin-db:
     container_name: joplin-db
     environment:
-      - POSTGRES_PASSWORD=${JOPLIN_POSTGRES_PASSWORD}
-      - POSTGRES_USER=${JOPLIN_POSTGRES_USER}
-      - POSTGRES_DB=${JOPLIN_POSTGRES_DATABASE}
+      POSTGRES_PASSWORD: ${JOPLIN_POSTGRES_PASSWORD}
+      POSTGRES_USER: ${JOPLIN_POSTGRES_USER}
+      POSTGRES_DB: ${JOPLIN_POSTGRES_DATABASE}
     expose:
       - 5432
     image: postgres:17-alpine
@@ -2705,8 +2868,8 @@ services:
   lidarr:
     container_name: lidarr
     environment:
-      PGID: 1000
-      PUID: 1000
+      PGID: ${PGID}
+      PUID: ${PUID}
       TZ: America/New_York
       DOCKER_MODS: ghcr.io/gilbn/theme.park:lidarr
     hostname: Rinoa
@@ -2843,7 +3006,7 @@ services:
     container_name: lobe-chat
     depends_on:
       lobe-chat-pg-db:
-        condition: service_healthy
+        condition: service_started
         required: true
       minio:
         condition: service_started
@@ -2854,7 +3017,7 @@ services:
     environment:
       APP_URL: https://ai.trez.wtf/
       KEY_VAULTS_SECRET: ${LOBECHAT_KEY_VAULT_SECRET}
-      DATABASE_URL: postgresql://lobe:${LOBECHAT_PG_DB_PASSWD}@postgresql:5432/lobe
+      DATABASE_URL: postgresql://lobe:${LOBECHAT_PG_DB_PASSWD}@lobe-chat-pg-db:5432/lobe
       NEXTAUTH_URL: https://lobe.example.com/api/auth
       NEXT_AUTH_SECRET: ${LOBECHAT_NEXT_AUTH_SECRET}
       NEXT_AUTH_SSO_PROVIDERS: zitadel
@@ -2891,14 +3054,10 @@ services:
     container_name: lobe-chat-pg-db
     environment:
       POSTGRES_DB: lobe
+      POSTGRES_USER: lobe
       POSTGRES_PASSWORD: ${LOBECHAT_PG_DB_PASSWD}
     expose:
       - 5432
-    healthcheck:
-      test: ['CMD-SHELL', 'pg_isready -U postgres']
-      interval: 5s
-      timeout: 5s
-      retries: 5
     image: pgvector/pgvector:pg16
     volumes:
       - ${DOCKER_VOLUME_CONFIG}/lobechat/db:/var/lib/postgresql/data
@@ -3423,9 +3582,9 @@ services:
         required: true
         restart: true
     environment:
-      PGID: 1000
-      PUID: 1000
-      TZ: America/New_York
+      PGID: ${PGID}
+      PUID: ${PUID}
+      TZ: ${TZ}
       LOG_LEVEL: debug
     hostname: Rinoa
     image: lscr.io/linuxserver/nextcloud:latest
@@ -3491,8 +3650,8 @@ services:
   ombi:
     container_name: ombi
     environment:
-      PGID: "1000"
-      PUID: "1000"
+      PGID: ${PGID}
+      PUID: ${PUID}
       TZ: America/New_York
     hostname: Rinoa
     image: lscr.io/linuxserver/ombi:latest
@@ -3605,7 +3764,7 @@ services:
     image: eduardolat/pgbackweb:latest
     labels:
       homepage.group: System Administration
-      homepage.name: PGBackweb
+      homepage.name: PG Back Web
       homepage.href: https://pg.${MY_TLD}
       homepage.icon: sh-pg-back-web.svg
       homepage.description: Backups for PostgreSQL
@@ -3784,8 +3943,8 @@ services:
   prowlarr:
     container_name: prowlarr
     environment:
-      PGID: 1000
-      PUID: 1000
+      PGID: ${PGID}
+      PUID: ${PUID}
       TZ: America/New_York
       DOCKER_MODS: ghcr.io/gilbn/theme.park:sonarr
       TP_DOMAIN: trez.wtf\/themepark
@@ -3886,9 +4045,9 @@ services:
   radarr:
     container_name: radarr
     environment:
-      PGID: "1000"
-      PUID: "1000"
-      TZ: America/New_York
+      PGID: ${PGID}
+      PUID: ${PUID}
+      TZ: ${TZ}
     hostname: Rinoa
     image: lscr.io/linuxserver/radarr:latest
     labels:
@@ -3999,8 +4158,8 @@ services:
   readarr:
     container_name: readarr
     environment:
-      PGID: 1000
-      PUID: 1000
+      PGID: ${PGID}
+      PUID: ${PUID}
       TZ: America/New_York
       DOCKER_MODS: ghcr.io/gilbn/theme.park:readnarr
     hostname: Rinoa
@@ -4443,7 +4602,7 @@ services:
     read_only: true
     restart: unless-stopped
   sonarqube-pg-db:
-    container_name: sonarqube-pg-db    
+    container_name: sonarqube-pg-db
     environment:
       POSTGRES_USER: sonar
       POSTGRES_PASSWORD: ${SONARQUBE_POSTGRES_PASSWORD}
@@ -4461,9 +4620,9 @@ services:
   sonarr:
     container_name: sonarr
     environment:
-      PGID: 1000
-      PUID: 1000
-      TZ: America/New_York
+      PGID: ${PGID}
+      PUID: ${PUID}
+      TZ: ${TZ}
       DOCKER_MODS: ghcr.io/gilbn/theme.park:sonarr
     hostname: Rinoa
     image: lscr.io/linuxserver/sonarr:latest
@@ -4593,7 +4752,7 @@ services:
       homepage.group: Downloaders
       homepage.description: Modern client-server application for the Soulseek file-sharing network.
       homepage.href: https://slsk.${MY_TLD}
-      homepage.icon: /icons/slskd.png
+      homepage.icon: slskd.svg
       swag: enable
       swag_proto: http
       swag_url: slsk.${MY_TLD}
@@ -4614,6 +4773,28 @@ services:
         type: bind
         bind:
           create_host_path: true
+  sourcebot:
+    container_name: sourcebot
+    environment:
+      CONFIG_PATH: /data/config.json
+    image: ghcr.io/sourcebot-dev/sourcebot:latest
+    labels:
+      homepage.name: Sourcebot
+      homepage.group: Code/DevOps
+      homepage.description: Self-hosted internet performance tracking
+      homepage.href: https://source.${MY_TLD}
+      homepage.icon: /icons/sourcebot.png
+      swag: enable
+      swag_proto: http
+      swag_port: 3000
+      swag_url: source.${MY_TLD}
+      swag.uptime-kuma.enabled: true
+      swag.uptime-kuma.monitor.url: https://source.${MY_TLD}
+    ports:
+        - 45251:3000
+    restart: unless-stopped
+    volumes:
+      - ${DOCKER_VOLUME_CONFIG}/sourcebot:/data
   speedtest-tracker:
     container_name: speedtest-tracker
     image: lscr.io/linuxserver/speedtest-tracker:latest
@@ -4622,6 +4803,7 @@ services:
         PGID: ${PGID}
         APP_KEY: ${SPEEDTEST_TRACKER_APP_KEY}
         DB_CONNECTION: sqlite
+        SPEEDTEST_SCHEDULE: 15 */3 * * *
     labels:
       homepage.name: Speedtest Tracker
       homepage.group: System Administration
@@ -4754,7 +4936,7 @@ services:
       swag_url: matrix.${MY_TLD}
       swag_port: 8008
       swag.uptime-kuma.enabled: true
-      swag.uptime-kuma.monitor.url: https://matrix.${MY_TLD}  
+      swag.uptime-kuma.monitor.url: https://matrix.${MY_TLD}
     ports:
       - 19345:8008
       - 8448:8448/tcp
@@ -6144,8 +6326,8 @@ services:
   uptimekuma:
     container_name: uptimekuma
     environment:
-      PGID: 1000
-      PUID: 1000
+      PGID: ${PGID}
+      PUID: ${PUID}
       TZ: America/New_York
       UPTIME_KUMA_USERNAME: ${UPTIME_KUMA_USERNAME}
       UPTIME_KUMA_PASSWORD: ${UPTIME_KUMA_PASSWORD}
@@ -6451,7 +6633,7 @@ services:
   wazuh.indexer:
     container_name: wazuh.indexer
     environment:
-      - OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m
+      OPENSEARCH_JAVA_OPTS: -Xms512m -Xmx512m
     hostname: wazuh.indexer
     image: wazuh/wazuh-indexer:${WAZUH_VERSION}
     networks:
@@ -6638,32 +6820,6 @@ services:
         published: "3010"
         target: 3000
     restart: unless-stopped
-  whodb:
-    container_name: whodb
-    environment:
-      WHODB_MONGODB_1: null
-      WHODB_MYSQL_1: null
-    image: clidey/whodb
-    labels:
-      homepage.group: System Administration
-      homepage.name: WhoDB
-      homepage.href: https://dbs.${MY_TLD}
-      homepage.icon: /icons/whodb.png
-      homepage.description: Web-based DB management
-      swag: enable
-      swag_proto: http
-      swag_port: 8080
-      swag_url: dbs.${MY_TLD}
-      swag.uptime-kuma.enabled: true
-      swag.uptime-kuma.monitor.url: https://dbs.${MY_TLD}
-    networks:
-      default: null
-    ports:
-      - mode: ingress
-        protocol: tcp
-        published: "8900"
-        target: 8080
-    restart: unless-stopped
   yacht:
     container_name: yacht
     depends_on:
@@ -6693,8 +6849,8 @@ services:
   your_spotify:
     container_name: your_spotify
     environment:
-      PUID: 1000
-      PGID: 1000
+      PUID: ${PUID}
+      PGID: ${PGID}
       TZ: ${TZ}
       APP_URL: https://myspotify.${MY_TLD}
       SPOTIFY_PUBLIC: ${YOUR_SPOTIFY_ID}
@@ -6727,8 +6883,8 @@ services:
   youtubedl:
     container_name: youtubedl
     environment:
-      PGID: "1000"
-      PUID: "1000"
+      PGID: ${PGID}
+      PUID: ${PUID}
       TZ: America/New_York
       YDL_CONFIG_PATH: /youtube-dl/config.yml
       YDL_DEBUG: "false"
@@ -7188,6 +7344,8 @@ volumes:
     name: dagu_config
   dagu_data:
     name: dagu_data
+  dbgate-data:
+    name: dbgate-data
   fastenhealth-cache:
     name: fastenhealth-cache
   fastenhealth-db: