Typo fix for Soularr.

2025-01-07 11:54:55 -05:00
10 changed files with 5649 additions and 5204 deletions
@@ -1,20 +0,0 @@
-name: Check Renovate Updates
-
-on:
-  pull_request:
-    branches:
-      - main
-    types: [opened, synchronize, reopened]
-    paths:
-      - 'docker-compose.yml'
-
-jobs:
-  validate:
-    runs-on: ubuntu-latest
-    if: ${{ contains(toLower(github.event.pull_request.user.login), 'renovate') }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Validate docker-compose.yml
-        run: docker compose config
@@ -0,0 +1,128 @@
+name: Gitea Branch PR, SonarQube Analyze, and Merge Workflow
+
+on:
+  push:
+    branches-ignore:
+      - main
+
+jobs:
+  # Job 1: Check if PR exists and create one if the branch is new
+  check-and-create-pr:
+    name: Check and Create PR
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: PR list
+        id: list-prs
+        run: |
+          pr_check=$(curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls/main/${{ github.ref_name }} \
+            -X 'GET' \
+            -H 'Accept: application/json' \
+            -H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \
+            -sS | jq '{index: .number, state: .state}')
+          pr_state=$(echo ${pr_check} | jq -r '.state')
+
+      - name: Create PR
+        if: steps.list-prs.outputs.pr_state != 'open'
+        uses: arifer612/Gitea-PR-action@v1.2.0
+        with:
+          url: ${{ gitea.server_url }}
+          token: ${{ secrets.BOT_GITEA_TOKEN }}
+          pr-label: 'auto-deploy-pr'
+
+  docker-compose-test:
+    name: Docker Compose Test
+    needs: [check-and-create-pr]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Generate ephemeral .env compose file
+        id: generate-env-file-pr
+        run: |
+          echo "${{ secrets.RINOA_ENV }}" > .env
+
+      - name: Docker Compose Lint
+        uses: yu-ichiro/spin-up-docker-compose-action@v1
+        with:
+          file: docker-compose.yml
+          pull: true
+          pull-opts: --dry-run
+          up: true
+          up-opts: --dry-run -d --remove-orphans
+        env:
+          DOCKER_HOST: tcp://dockerproxy:2375
+
+  cloudflare-dns-setup:
+    name: Cloudflare DNS Setup
+    needs: [docker-compose-test]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install jq
+        uses: dcarbone/install-jq-action@v3.0.1
+
+      - name: Install yq
+        uses: dcarbone/install-yq-action@v1
+      
+      - name: Install flarectl
+        uses: supplypike/setup-bin@v4
+        with:
+          uri: 'https://github.com/cloudflare/cloudflare-go/releases/download/v0.113.0/flarectl_0.113.0_linux_amd64.tar.gz'
+          name: 'flarectl'
+          version: '0.113.0'
+
+      - name: Grab Subdomains from Docker Compose & Cloudflare
+        id: grab-subdomains
+        env:
+          CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
+          CF_API_EMAIL: ${{ secrets.CF_API_EMAIL }}
+        run: |
+          echo "Grabbing subdomains from docker-compose.yml..."
+          yq '.services[].labels.swag_url' docker-compose.yml | egrep -v 'null' | sed -e 's|"||g' | awk -F'.' '{print $1}' | sort > compose_subdomains.txt
+          echo "Grabbing subdomains from Cloudflare..."
+          flarectl --json dns list --zone "trez.wtf" --type=CNAME --content "trez.wtf" | jq '.[].Name' | sed -e 's|"||g' | awk -F"." '{print $1}' | sort > cloudflare_subdomains.txt
+          
+      - name: Compare Subdomains
+        id: compare-subdomains
+        uses: LouisBrunner/diff-action@v2.2.0
+        with:
+          old: compose_subdomains.txt
+          new: cloudflare_subdomains.txt
+          mode: addition
+          tolerance: mixed-better
+          output: domain_compare.txt
+
+      - name: Create Subdomains
+        if: steps.compare-subdomains.outputs.output != ''
+        env:
+          CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
+          CF_API_EMAIL: ${{ secrets.CF_API_EMAIL }}
+        run: |
+          cat domain_compare.txt | egrep '^-[a-z]' | sed -e 's|-||g' | while read -r subdomain; do
+            echo "Creating $subdomain.trez.wtf..."
+            flarectl dns create --zone "trez.wtf" --name "${subdomain}" --type=CNAME --content "trez.wtf"
+          done
+
+  merge-pr:
+    name: PR Merge
+    runs-on: ubuntu-latest
+    if: ${{ always() }}
+    needs: [cloudflare-dns-setup]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Tea CLI Setup & PR Merge
+        run: |
+          curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea
+          chmod +x /usr/local/bin/tea
+          echo "Merging PR..."
+          tea login add --name gitea-rinoa --url ${{ vars.RINOA_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
+          pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --fields index,title,head,state --output csv | egrep ${{ gitea.ref_name }} | awk -F, '{print $1}' | sed -e 's|"||g')
+          tea pr m --repo ${{ github.repository }} --title "${{ github.ref_name }} Auto Merge" --message "Merged by ${{ gitea.actor }}" --output table ${pr_index}
@@ -1,489 +0,0 @@
-name: Gitea Branch PR, Cloudflare DNS, README generation, & Docker Deployment
-
-on:
-  workflow_dispatch:
-  push:
-    branches-ignore:
-      - 'main'
-      - 'renovate/**'
-    paths:
-      - '**/docker-compose.yml'
-
-env:
-  FLARECTL_VERSION: '0.115.0'
-  HC_VAULT_VERSION: '1.18.0'
-  TEA_VERSION: '0.10.1'
-
-jobs:
-  check-and-create-pr:
-    name: Check and Create PR
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout Code
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 1
-
-      - name: Cache tea CLI
-        id: cache-tea
-        uses: actions/cache@v4
-        with:
-          path: /opt/hostedtoolcache/tea/${{ env.TEA_VERSION }}/x64
-          key: tea-${{ runner.os }}-${{ env.TEA_VERSION }}
-
-      - name: Install tea
-        uses: supplypike/setup-bin@v4
-        with:
-          uri: https://gitea.com/gitea/tea/releases/download/v${{ env.TEA_VERSION }}/tea-${{ env.TEA_VERSION }}-linux-amd64
-          name: tea
-          version: ${{ env.TEA_VERSION }}
-
-      - name: Gotify Notification
-        uses: eikendev/gotify-action@master
-        with:
-          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
-          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
-          notification_title: 'GITEA: PR Check'
-          notification_message: 'Checking for existing PR... 🔍'
-
-      - name: Check if open PR exists
-        id: check-opened-pr-step
-        continue-on-error: true
-        run: |
-          tea login add \
-            --name gitea-rinoa \
-            --url "${{ secrets.RINOA_GITEA_URL }}" \
-            --user gitea-sonarqube-bot \
-            --password "${{ secrets.BOT_GITEA_PASSWORD }}" \
-            --token ${{ secrets.BOT_GITEA_TOKEN }}
-
-          pr_exists=$(tea pr list \
-            --repo ${{ github.repository }} \
-            --state open \
-            --fields index,title,head \
-            | egrep '\[DOCKER\].*${{ github.ref_name }}' | tail -1 | wc -l)
-
-          echo "exists=$pr_exists" >> $GITHUB_OUTPUT
-
-      - name: Create PR
-        if: ${{ steps.check-opened-pr-step.outputs.exists == '0' }}
-        run: |
-          tea login default gitea-rinoa
-
-          pr_index_old=$(tea pr ls \
-            --repo ${{ github.repository }} \
-            --state all --fields index,title,head \
-            --output csv | sed -e 's|"||g' | \
-            egrep '^[0-9]' | head -1 | awk -F"," '{print $1}')
-
-          pr_index_new=$(expr ${pr_index_old} + 1)
-
-          tea pr c -r ${{ github.repository }} \
-            -t "[DOCKER] Automated PR for ${{ github.ref_name }} - #${pr_index_new}" \
-            -d "Automatically created PR for branch: ${{ github.ref_name }}" \
-            -a ${{ github.actor }} \
-            -L "Docker Compose"
-
-      - name: Gotify Notification
-        uses: eikendev/gotify-action@master
-        with:
-          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
-          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
-          notification_title: 'GITEA: PR Check'
-          notification_message: 'PR Created 🎟️'
-
-  generate-service-list:
-    name: Generate list of added/modified/deleted services
-    runs-on: ubuntu-latest
-    needs: [check-and-create-pr]
-    outputs:
-      svc_deploy_list: ${{ steps.detect_services.outputs.docker_svc_list }}
-    steps:
-
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Fetch base branch
-        run: |
-          git fetch origin ${{ github.event.pull_request.base.ref }}
-
-      - name: Gotify Notification
-        uses: eikendev/gotify-action@master
-        with:
-          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
-          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
-          notification_title: 'GITEA: Services TBD'
-          notification_message: 'Generating list of services to deploy...'
-
-      - name: Save both versions of docker-compose.yml
-        run: |
-          git show origin/main:docker-compose.yml > docker-compose-main.yml || touch docker-compose-main.yml
-          cp docker-compose.yml docker-compose-head.yml
-
-      - name: Detect added, deleted, and modified services
-        id: detect_services
-        run: |
-          echo "Getting services from main and ${{ github.ref_name }}"
-          yq '.services | keys | .[]' docker-compose-main.yml | sort > services_main.txt
-          yq '.services | keys | .[]' docker-compose-head.yml | sort > services_head.txt
-
-          echo "Creating list of modified services..."
-          touch service_changes.txt
-
-          comm -13 services_main.txt services_head.txt | while read service; do
-            echo "$service: added" >> service_changes.txt
-          done
-
-          comm -12 services_main.txt services_head.txt | while read service; do
-            yq ".services[\"$service\"]" docker-compose-main.yml > tmp_main.yml
-            yq ".services[\"$service\"]" docker-compose-head.yml > tmp_head.yml
-            if ! diff -q tmp_main.yml tmp_head.yml > /dev/null; then
-              echo "$service: modified" >> service_changes.txt
-            fi
-          done
-
-          echo "Detected service changes:"
-          cat service_changes.txt
-
-          mod_svcs=$(cut -d':' -f1 service_changes.txt | sort | uniq)
-          echo "docker_svc_list<<EOF" >> "$GITHUB_OUTPUT"
-          echo "$mod_svcs" >> "$GITHUB_OUTPUT"
-          echo "EOF" >> "$GITHUB_OUTPUT"
-
-      - name: List of Services for (Re)Deployment
-        run: |
-          echo -e "${{ steps.detect_services.outputs.docker_svc_list }}"
-
-  docker-compose-dry-run:
-    name: Docker Compose Dry Run
-    needs: [generate-service-list]
-    runs-on: ubuntu-latest
-    env:
-      VAULT_ADDR: ${{ secrets.RINOA_VAULT_ADDR }}
-      VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
-      VAULT_NAMESPACE: ""
-      RINOA_REGISTRY_PASSWORD: ${{ secrets.BOT_GITEA_PASSWORD }}
-      DOCKER_SVC_LIST: ${{ needs.generate-service-list.outputs.svc_deploy_list }}
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Login to Gitea Container Registry
-        run: |
-          docker login -u gitea-sonarqube-bot -p ${RINOA_REGISTRY_PASSWORD} git.trez.wtf
-
-      - name: Cache Vault install
-        id: cache-vault
-        uses: actions/cache@v4
-        with:
-          path: /opt/hostedtoolcache/vault/${{ env.HC_VAULT_VERSION }}/x64
-          key: vault-${{ runner.os }}-${{ env.HC_VAULT_VERSION }}
-
-      - name: Install Vault (only if not cached)
-        if: steps.cache-vault.outputs.cache-hit != 'true'
-        uses: cpanato/vault-installer@main
-        with:
-          version: ${{ env.HC_VAULT_VERSION }}
-
-      - name: Gotify Notification
-        uses: eikendev/gotify-action@master
-        with:
-          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
-          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
-          notification_title: 'GITEA: Docker Compose Dry Run @ Rinoa'
-          notification_message: 'Starting Docker Compose dry run...'
-
-      - name: Generate .env file for Docker Compose
-        run: |
-          vault kv get -format=json rinoa-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
-          echo ${DOCKER_SVC_LIST}
-
-      - name: Docker Compose Dry Run
-        uses: hoverkraft-tech/compose-action@v2.2.0
-        env:
-          DOCKER_HOST: tcp://dockerproxy:2375
-        with:
-          services: |
-            ${{ needs.generate-service-list.outputs.svc_deploy_list }}
-          up-flags: -d --remove-orphans --dry-run
-          down-flags: --dry-run
-          compose-flags: --dry-run --profile rinoa-apps
-
-      - name: Gotify Notification
-        uses: eikendev/gotify-action@master
-        with:
-          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
-          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
-          notification_title: 'GITEA: Docker Compose Dry Run @ Rinoa'
-          notification_message: 'Docker Compose dry run completed successfully.'
-
-  cloudflare-dns-setup:
-    name: Cloudflare DNS Setup
-    needs: [docker-compose-dry-run]
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 1
-
-      - name: Cache flarectl CLI
-        uses: actions/cache@v4
-        with:
-          path: ~/.flarectl
-          key: flarectl-${{ runner.os }}-${{ env.FLARECTL_VERSION }}-${{ hashFiles('workflow-config.yml') }}
-
-      - name: Install flarectl
-        uses: supplypike/setup-bin@v4
-        with:
-          uri: https://github.com/cloudflare/cloudflare-go/releases/download/v${{ env.FLARECTL_VERSION }}/flarectl_${{ env.FLARECTL_VERSION }}_linux_amd64.tar.gz
-          name: flarectl
-          version: ${{ env.FLARECTL_VERSION }}
-
-      - name: Cache Subdomain Files
-        uses: actions/cache@v4
-        with:
-          path: |
-            compose_subdomains.txt
-            cloudflare_subdomains.txt
-          key: ${{ runner.os }}-subdomains-${{ hashFiles('docker-compose.yml') }}
-
-      - name: Grab Subdomains from Docker Compose & Cloudflare
-        id: grab-subdomains
-        env:
-          CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
-          CF_API_EMAIL: ${{ secrets.CF_API_EMAIL }}
-        run: |
-          yq '.services[].labels.swag_url' docker-compose.yml | \
-            egrep -v 'null' | \
-            sed -e 's|"||g' | \
-            awk -F'.' '{print $1}' | \
-            sort > compose_subdomains.txt
-
-          flarectl --json dns list \
-            --zone "trez.wtf" \
-            --type=CNAME \
-            --content "trez.wtf" \
-            | jq '.[].Name' | sed -e 's|"||g' | awk -F"." '{print $1}' | \
-            sort > cloudflare_subdomains.txt
-
-      - name: Gotify Notification
-        uses: eikendev/gotify-action@master
-        with:
-          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
-          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
-          notification_title: 'GITEA: Cloudflare Setup @ Rinoa'
-          notification_message: 'Starting Cloudflare DNS setup...'
-
-      - name: Compare Subdomains
-        id: compare-subdomains
-        uses: LouisBrunner/diff-action@v2.2.0
-        with:
-          old: compose_subdomains.txt
-          new: cloudflare_subdomains.txt
-          mode: addition
-          tolerance: mixed-better
-          output: domain_compare.txt
-
-      - name: Create Subdomains
-        if: steps.compare-subdomains.outputs.output != ''
-        continue-on-error: true
-        env:
-          CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
-          CF_API_EMAIL: ${{ secrets.CF_API_EMAIL }}
-        run: |
-          cat domain_compare.txt | egrep '^-[a-z]' | sed -e 's|-||g' | while read -r subdomain; do
-            echo "Creating $subdomain.trez.wtf..."
-            flarectl dns create --zone "trez.wtf" --name "${subdomain}" --type=CNAME --content "trez.wtf" --proxy true
-          done
-
-      - name: Gotify Notification
-        uses: eikendev/gotify-action@master
-        with:
-          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
-          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
-          notification_title: 'GITEA: Cloudflare Setup @ Rinoa'
-          notification_message: 'Cloudflare DNS setup completed successfully.'
-
-  regenerate-readme-modified-services:
-    name: Update README & Generate List of Modified Services
-    runs-on: ubuntu-latest
-    needs: [cloudflare-dns-setup]
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Install yq
-        uses: dcarbone/install-yq-action@v1
-
-      - name: Gotify Notification
-        uses: eikendev/gotify-action@master
-        with:
-          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
-          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
-          notification_title: 'GITEA: README Update'
-          notification_message: 'Updating README...'
-
-      - name: Generate service list
-        run: |
-          yq '.services | to_entries | map({"service": .key, "image": .value.image, "description": (.value.labels."homepage.description" // "")})' docker-compose.yml > services.yml
-
-      - name: Generate Markdown Table
-        uses: gazab/create-markdown-table@v1
-        id: service-table
-        with:
-          file: ./services.yml
-
-      - name: Regenerate README
-        run: |
-          echo "# List of Services" > README.md
-          echo -e "\n\n" >> README.md
-          echo "${{ steps.service-table.outputs.table }}" >> README.md
-
-      - name: Add/Commit README.md
-        id: commit-readme
-        uses: EndBug/add-and-commit@v9
-        with:
-          message: "chore: Update README"
-          add: "README.md"
-
-      - name: Gotify Notification
-        uses: eikendev/gotify-action@master
-        with:
-          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
-          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
-          notification_title: 'GITEA: README Update'
-          notification_message: 'README updated'
-
-  pr-merge:
-    name: PR Merge
-    needs: [regenerate-readme-modified-services]
-    if: github.ref != 'refs/heads/main'
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Cache tea CLI
-        id: cache-tea
-        uses: actions/cache@v4
-        with:
-          path: /opt/hostedtoolcache/tea/${{ env.TEA_VERSION }}/x64
-          key: tea-${{ runner.os }}-${{ env.TEA_VERSION }}
-
-      - name: Install tea
-        uses: supplypike/setup-bin@v4
-        with:
-          uri: https://gitea.com/gitea/tea/releases/download/v${{ env.TEA_VERSION }}/tea-${{ env.TEA_VERSION }}-linux-amd64
-          name: tea
-          version: ${{ env.TEA_VERSION }}
-
-      - name: PR Merge
-        id: pr_merge
-        run: |
-          tea login add \
-            --name gitea-rinoa \
-            --url "${{ secrets.RINOA_GITEA_URL }}" \
-            --user gitea-sonarqube-bot \
-            --password "${{ secrets.BOT_GITEA_PASSWORD }}" \
-            --token ${{ secrets.BOT_GITEA_TOKEN }}
-
-          tea login default gitea-rinoa
-
-          echo "Merging PR..."
-
-          pr_index=$(tea pr ls \
-            --repo ${{ github.repository }} \
-            --state open --fields index,title,head,state \
-            --output csv | \
-            egrep ${{ github.ref_name }} | awk -F"," '{print $1}' | sed -e 's|"||g')
-
-          tea pr m \
-            --repo ${{ github.repository }} \
-            --title "Auto Merge of PR ${pr_index} - ${{ github.ref_name }}" \
-            --message "Merged by ${{ github.actor }}" ${pr_index}
-
-          echo "pr_index=${pr_index}" >> $GITHUB_OUTPUT
-
-      - name: Gotify Notification
-        uses: eikendev/gotify-action@master
-        with:
-          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
-          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
-          notification_title: 'GITEA: PR Merge Successful'
-          notification_message: 'PR #${{ steps.pr_merge.outputs.pr_index }} merged.'
-
-  docker-compose-deploy:
-    name: Docker Compose Deployment
-    runs-on: ubuntu-latest
-    needs: [generate-service-list, docker-compose-dry-run, pr-merge]
-    env:
-      VAULT_ADDR: ${{ secrets.RINOA_VAULT_ADDR }}
-      VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
-      DOCKER_HOST: tcp://dockerproxy:2375
-      RINOA_REGISTRY_PASSWORD: ${{ secrets.BOT_GITEA_PASSWORD }}
-      DOCKER_SVC_LIST: ${{ needs.generate-service-list.outputs.svc_deploy_list }}
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          ref: main
-
-      - name: Cache Vault install
-        id: cache-vault
-        uses: actions/cache@v4
-        with:
-          path: /opt/hostedtoolcache/vault/${{ env.HC_VAULT_VERSION }}/x64
-          key: vault-${{ runner.os }}-${{ env.HC_VAULT_VERSION }}
-
-      - name: Install Vault (only if not cached)
-        uses: cpanato/vault-installer@main
-        with:
-          version: ${{ env.HC_VAULT_VERSION }}
-
-      - name: Login to Gitea Container Registry
-        run: |
-          docker login -u gitea-sonarqube-bot \
-            -p ${RINOA_REGISTRY_PASSWORD} \
-            git.trez.wtf
-
-      - name: Gotify Notification
-        uses: eikendev/gotify-action@master
-        with:
-          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
-          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
-          notification_title: 'GITEA: Docker Compose Deployment @ Rinoa'
-          notification_message: 'Starting Docker Compose run...'
-
-      - name: Generate .env file for deployment
-        run: |
-           vault kv get -format=json rinoa-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
-           echo ${DOCKER_SVC_LIST}
-
-      - name: Docker Compose Deployment
-        uses: hoverkraft-tech/compose-action@v2.2.0
-        env:
-          DOCKER_HOST: tcp://dockerproxy:2375
-        with:
-          services: |
-            ${{ needs.generate-service-list.outputs.svc_deploy_list }}
-          up-flags: -d --remove-orphans
-          down-flags: --dry-run
-          compose-flags: --profile rinoa-apps
-
-      - name: Docker Compose Healthcheck
-        uses: jaracogmbh/docker-compose-health-check-action@v1.0.0
-        with:
-          max-retries: 30
-          retry-interval: 10
-          compose-file: "docker-compose.yml"
-          skip-exited: "true"
-          skip-no-healthcheck: "true"
-
-      - name: Gotify Notification
-        uses: eikendev/gotify-action@master
-        with:
-          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
-          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
-          notification_title: 'GITEA: Docker Compose Deployment @ Rinoa'
-          notification_message: 'Deployment completed successfully.'
@@ -1,98 +0,0 @@
-name: Deploy Renovate Updates
-
-on:
-  workflow_run:
-    workflows: ["Check Renovate Updates"]
-    types:
-      - completed
-
-jobs:
-  deploy:
-    runs-on: ubuntu-latest
-    if: >
-      ${{
-        github.event.workflow_run.conclusion == 'success' &&
-        contains(toLower(github.event.workflow_run.head_commit.author.name), 'renovate')
-      }}
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0  # we need full history to compute merge-base
-
-      - name: Set up Docker
-        uses: docker/setup-buildx-action@v3
-
-      - name: Log in to Docker (if needed)
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-
-      - name: Install yq
-        run: |
-          sudo wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq
-          sudo chmod +x /usr/bin/yq
-
-      - name: Get modified services including dependencies
-        id: modified_services
-        run: |
-          echo "Finding modified services in docker-compose.yml..."
-
-          # Find merge-base with previous main commit
-          BASE_COMMIT=$(git merge-base HEAD HEAD~1)
-
-          # Extract changed services between merge-base and HEAD
-          CHANGED_SERVICES=$(git diff --name-only $BASE_COMMIT HEAD -- docker-compose.yml \
-            | xargs -r -I{} yq e '.services | keys | .[]' {})
-
-          if [ -z "$CHANGED_SERVICES" ]; then
-            echo "No services changed, skipping."
-            exit 0
-          fi
-
-          declare -A VISITED
-          ALL_DEPLOY=()
-
-          get_deps() {
-            local service=$1
-            if [[ -n "${VISITED[$service]}" ]]; then
-              return
-            fi
-            VISITED[$service]=1
-            ALL_DEPLOY+=("$service")
-
-            # Array style depends_on
-            deps=$(yq e ".services.\"$service\".depends_on[]?" docker-compose.yml 2>/dev/null)
-            for dep in $deps; do
-              get_deps "$dep"
-            done
-
-            # Mapping style depends_on (with condition)
-            deps_map=$(yq e ".services.\"$service\".depends_on | keys[]" docker-compose.yml 2>/dev/null)
-            for dep in $deps_map; do
-              get_deps "$dep"
-            done
-          }
-
-          for svc in $CHANGED_SERVICES; do
-            get_deps "$svc"
-          done
-
-          echo "Services to deploy: ${ALL_DEPLOY[@]}"
-          echo "modified_services=${ALL_DEPLOY[@]}" >> $GITHUB_ENV
-
-      - name: Pull images for modified services
-        if: env.modified_services != ''
-        run: |
-          echo "Pulling images for services: $modified_services"
-          for svc in $modified_services; do
-            docker compose pull $svc || echo "Failed to pull $svc, continuing..."
-          done
-
-      - name: Deploy updated services
-        if: env.modified_services != ''
-        run: |
-          echo "Deploying services: $modified_services"
-          docker compose up -d $modified_services
@@ -1,2 +1,2 @@
-**/.cache_ggshield
-**/.env
+**/.env*
+**/*env*
@@ -1,215 +1,588 @@
 # List of Services

+```json
+~> yq '.services | to_entries | map({service: .key, image: .value.image})' docker-compose.yml

-
-| Service | Image | Description |
-| --- | --- | --- |
-| 13ft | ghcr.io/wasi-master/13ft:latest | Web interface for blocking ads and paywalls |
-| actual_server | docker.io/actualbudget/actual-server:latest | Privacy-focused app for managing finances |
-| adguard | adguard/adguardhome:v0.107.65 | Ad-blocking/DNS |
-| apcupsd-cgi | bnhf/apcupsd-cgi:latest | Web interface for apcupsd |
-| apprise-api | lscr.io/linuxserver/apprise-api:latest | Multi-channel notification API |
-| archivebox | archivebox/archivebox:latest | Open-source and self-hosted web archiving |
-| asciinema | ghcr.io/asciinema/asciinema-server:latest | Platform for hosting and sharing terminal session recordings |
-| asciinema-pg-db | postgres:14-alpine |  |
-| audiobookshelf | ghcr.io/advplyr/audiobookshelf:latest | Podcasts, eBooks, & Audiobooks |
-| authelia | authelia/authelia:master | Authentication/authorization server with MFA & SSO |
-| authelia-pg | postgres:16-alpine |  |
-| authelia-valkey | docker.io/bitnami/valkey:latest |  |
-| bazarr | lscr.io/linuxserver/bazarr:latest | Subtitle automation for TV shows/movies |
-| beszel | henrygd/beszel:latest | Lightweight server monitoring hub |
-| beszel-agent | henrygd/beszel-agent:latest |  |
-| bitwarden | vaultwarden/server:latest | Credential/Information Vault |
-| bluesky-pds | code.modernleft.org/gravityfargo/bluesky-pds:v0.4.98 |  |
-| browserless | ghcr.io/browserless/chromium:latest |  |
-| bytestash | ghcr.io/jordan-dalby/bytestash:latest | Code Gists/Snippets |
-| castopod | castopod/castopod:latest | Podcast self-hosting |
-| castopod-valkey | docker.io/bitnami/valkey:latest |  |
-| changedetection | ghcr.io/dgtlmoon/changedetection.io | Page change monitoring with alerts |
-| changedetection-chrome | dgtlmoon/sockpuppetbrowser:latest |  |
-| chrome | gcr.io/zenika-hub/alpine-chrome:123 |  |
-| clipcascade | sathvikrao/clipcascade:latest | Online file converter |
-| cloudflareddns | ghcr.io/hotio/cloudflareddns:latest |  |
-| convertx | ghcr.io/c4illin/convertx | Online file converter |
-| crowdsec | crowdsecurity/crowdsec:latest |  |
-| crowdsec-dashboard | metabase/metabase | Real-time & crowdsourced protection against aggressive IPs |
-| cyber-chef | mpepping/cyberchef:latest | Web app for encryption, encoding, compression, and data analysis |
-| czkawka | jlesage/czkawka | Smart file management |
-| dagu | ghcr.io/dagu-org/dagu:alpine | Cron alternative with a web UI |
-| dawarich-app | freikin/dawarich:latest | Self-hosted alternative to Google Location History |
-| dawarich-pg-db | postgis/postgis:17-3.5-alpine |  |
-| dawarich-sidekiq | freikin/dawarich:latest |  |
-| dawarich-valkey | docker.io/bitnami/valkey:latest |  |
-| dead-man-hand | ghcr.io/bkupidura/dead-man-hand:latest |  |
-| docker-socket-proxy | ghcr.io/tecnativa/docker-socket-proxy:latest |  |
-| dockflare | alplat/dockflare:stable | Cloudflare Tunnel controller |
-| dockpeek | ghcr.io/dockpeek/dockpeek:v1.5.8 | Real-time port monitoring and discovery |
-| duplicati | lscr.io/linuxserver/duplicati:latest | Data backup |
-| easyappointments | alextselegidis/easyappointments:1.5.2 | Highly customizable appointment scheduler |
-| excalidraw | excalidraw/excalidraw:latest | Virtual whiteboard for sketching hand-drawn like diagrams |
-| explo | ghcr.io/lumepart/explo:latest |  |
-| fastenhealth | ghcr.io/fastenhealth/fasten-onprem:main | Open-source, self-hosted, personal/family electronic medical record aggregator |
-| flaresolverr | ghcr.io/flaresolverr/flaresolverr:latest |  |
-| garage | dxflrs/garage:v2.0.0 |  |
-| garage-webui | khairul169/garage-webui:latest | S3-compatible storage backend |
-| ghost | ghost:latest | Personal blog |
-| gitea | gitea/gitea:1.24.5 | Private Code Repo |
-| gitea-db | postgres:14 |  |
-| gitea-runner | gitea/act_runner:latest |  |
-| gitea-sonarqube-bot | justusbunsi/gitea-sonarqube-bot:v0.4.0 |  |
-| gitignore-io | guog/gitignore.io:latest | .gitignore generator |
-| gluetun | qmcgaw/gluetun:latest |  |
-| gotify | gotify/server | Notification System |
-| guacamole | flcontainers/guacamole:latest | Client-less remote desktop gateway |
-| homepage | ghcr.io/gethomepage/homepage:latest |  |
-| hugo | hugomods/hugo:exts | Static site |
-| immich-server | ghcr.io/immich-app/immich-server:release | High performance self-hosted photo and video management solution |
-| immich-machine-learning | ghcr.io/immich-app/immich-machine-learning:release |  |
-| immich-pg-db | tensorchord/pgvecto-rs:pg14-v0.2.1 |  |
-| immich-public-proxy | alangrainger/immich-public-proxy:latest | Immich Proxy for public sharing |
-| immich-power-tools | ghcr.io/varun-raj/immich-power-tools:latest |  |
-| immich-valkey | docker.io/bitnami/valkey:latest |  |
-| influxdb2 | influxdb:2-alpine | Scalable datastore for metrics, events, and real-time analytics |
-| invidious | quay.io/invidious/invidious:latest | Alternative YouTube frontend (privacy-focused, ad-blocking) |
-| invidious-sig-helper | quay.io/invidious/inv-sig-helper:latest |  |
-| invidious-db | docker.io/library/postgres:14 |  |
-| invoice-ninja | invoiceninja/invoiceninja-debian:5 |  |
-| invoice-ninja_proxy | nginx | Simple invoicing, multiple payment options, expense and vendor management, and more! |
-| it-tools | ghcr.io/corentinth/it-tools:latest | Useful tools for developers and people working in IT |
-| jellyfin | jellyfin/jellyfin | Movie/TV Streaming |
-| jitsi-etherpad | etherpad/etherpad:1.9.7 |  |
-| jitsi-jibri | jitsi/jibri:stable |  |
-| jitsi-jicofo | jitsi/jicofo:stable |  |
-| jitsi-jigasi | jitsi/jigasi:stable |  |
-| jitsi-jvb | jitsi/jvb:stable |  |
-| jitsi-prosody | jitsi/prosody:stable |  |
-| jitsi-web | jitsi/web:stable | Web Conferencing |
-| joplin-db | postgres:17-alpine |  |
-| joplin | joplin/server:latest | Open-source note taking & to-do |
-| karakeep | ghcr.io/karakeep-app/karakeep:release | Self-hosted bookmark-everything app with a touch of AI for data hoarders |
-| languagetool | elestio/languagetool:latest |  |
-| libretranslate | libretranslate/libretranslate | Open-source machine translation API |
-| lidarr | lscr.io/linuxserver/lidarr:latest | Music Automation |
-| lidify | thewicklowwolf/lidify:latest | Music Discovery a la Last.fm, Spotify, Pandora, etc. |
-| linkstack | linkstackorg/linkstack:latest | Personal profile |
-| lldap | lldap/lldap:stable | LDAP made easy |
-| loggifly | ghcr.io/clemcer/loggifly:latest |  |
-| maloja | krateng/maloja:latest | Simple self-hosted music scrobble database to create personal listening statistics |
-| manyfold | lscr.io/linuxserver/manyfold:latest | Self-hosted digital asset manager for 3D print files |
-| manyfold-valkey | docker.io/bitnami/valkey:latest |  |
-| mariadb | linuxserver/mariadb |  |
-| mastodon | lscr.io/linuxserver/mastodon:latest | Open-source social network |
-| mastodon-pg-db | postgres:17-alpine |  |
-| mastodon-valkey | docker.io/bitnami/valkey:latest |  |
-| maxun-backend | getmaxun/maxun-backend:latest |  |
-| maxun-frontend | getmaxun/maxun-frontend:latest | No-code web data extraction platform |
-| maxun-pg-db | postgres:13-alpine |  |
-| maxun-valkey | docker.io/bitnami/valkey:latest |  |
-| meilisearch | getmeili/meilisearch:v1.15 |  |
-| meme-search-pro | ghcr.io/neonwatty/meme_search_pro:latest | Meme search engine built with Python and Ruby |
-| meme-search-pro-img2txt-gen | ghcr.io/neonwatty/image_to_text_generator:latest |  |
-| meme-search-db | pgvector/pgvector:pg17 |  |
-| mini-qr | ghcr.io/lyqht/mini-qr:latest | Scan and generate customized QR codes easily |
-| minio | minio/minio:RELEASE.2025-04-22T22-12-26Z | S3-compatible storage backend |
-| mixpost | inovector/mixpost:latest | Multi-channel social media manager |
-| mixpost-valkey | docker.io/bitnami/valkey:latest |  |
-| mongodb | bitnami/mongodb:7.0 |  |
-| multi-scrobbler | foxxmd/multi-scrobbler | JS App for scrobbling/recording play history from/to multiple sources |
-| n8n | docker.n8n.io/n8nio/n8n | Extendable workflow automation tool to easily automate tasks |
-| navidrome | deluan/navidrome:latest | Music Streaming |
-| netalertx | jokobsk/netalertx:latest | Network Monitoring |
-| nextcloud | nextcloud/all-in-one:latest | Private Cloud |
-| nocodb | nocodb/nocodb:latest | Turn any SQL-based database into a smart spreadsheet |
-| nocodb-pg-db | postgres:16-alpine |  |
-| nocodb-valkey | docker.io/bitnami/valkey:latest |  |
-| ollama | ollama/ollama:latest |  |
-| ombi | lscr.io/linuxserver/ombi:latest | Media Requests |
-| omnitools | iib0011/omni-tools:latest | Tools for common tasks |
-| omnipoly | kweg/omnipoly:latest | Open-source language translation with LanguageTool, LibreTranslate, & Ollama |
-| open-webui | ghcr.io/open-webui/open-webui:main | User-friendly and extensible AI interface |
-| open-webui-valkey | docker.io/bitnami/valkey:latest |  |
-| paperless-ngx | ghcr.io/paperless-ngx/paperless-ngx:latest | Document indexer & archiver with OCR |
-| paperless-valkey | docker.io/bitnami/valkey:latest |  |
-| penpot-frontend | penpotapp/frontend:latest | Open-source design and prototyping platform |
-| penpot-backend | penpotapp/backend:latest |  |
-| penpot-exporter | penpotapp/exporter:latest |  |
-| penpot-pg-db | postgres:15-alpine |  |
-| penpot-redis | redis:7.2 |  |
-| pgbackweb | eduardolat/pgbackweb:latest | Backups for PostgreSQL |
-| pgbackweb-db | postgres:17-alpine |  |
-| planka | ghcr.io/plankanban/planka:2.0.0-rc.3 | Kanban board |
-| planka-pg-db | postgres:16-alpine |  |
-| plant-it | msdeluise/plant-it-server:latest | 🪴 Self-hosted, open source gardening companion app |
-| plant-it-valkey | docker.io/bitnami/valkey:latest |  |
-| plantuml-server | plantuml/plantuml-server:jetty |  |
-| portainer | portainer/portainer-ce:alpine | Service delivery platform for containerized applications |
-| portchecker-web | ghcr.io/dsgnr/portcheckerio-web:latest | Service delivery platform for containerized applications |
-| portchecker-api | ghcr.io/dsgnr/portcheckerio-api:latest |  |
-| postal-smtp | ghcr.io/postalserver/postal:latest |  |
-| postal-web | ghcr.io/postalserver/postal:latest | OSS Mail delivery platform |
-| postal-worker | ghcr.io/postalserver/postal:latest |  |
-| protonmail-bridge | shenxn/protonmail-bridge |  |
-| prowlarr | lscr.io/linuxserver/prowlarr:latest | Index aggregator |
-| qbit-manage | ghcr.io/stuffanthings/qbit_manage:latest |  |
-| qbittorrentvpn | ghcr.io/binhex/arch-qbittorrentvpn:latest | Fast and stable torrent client |
-| radarec | thewicklowwolf/radarec:latest | Movie discovery based on library/tastes |
-| radarr | lscr.io/linuxserver/radarr:latest | Movie Automation |
-| reactive-resume | amruthpillai/reactive-resume:latest | Open-source resume builder |
-| reactive-resume-pg | postgres:16-alpine |  |
-| readarr | lscr.io/linuxserver/readarr:develop | eBook/Audiobook Automation |
-| redlib | quay.io/redlib/redlib:latest | Redlib is a private front-end like Invidious but for Reddit |
-| renovate | renovate/renovate:41.97.7-full |  |
-| renovate-valkey | docker.io/bitnami/valkey:latest |  |
-| rocketchat | registry.rocket.chat/rocketchat/rocket.chat:latest | Fully customizable communications platform with high standards of data protection |
-| romm | rommapp/romm:latest | Beautiful, powerful, self-hosted ROM manager |
-| romm-valkey | docker.io/bitnami/valkey:latest |  |
-| sabnzbdvpn | ghcr.io/binhex/arch-sabnzbdvpn:latest | NZB Downloader over VPN |
-| sablier | sablierapp/sablier:latest |  |
-| scraparr | ghcr.io/thecfu/scraparr:2 |  |
-| scrutiny | ghcr.io/analogj/scrutiny:master-omnibus | WebUI for smartd S.M.A.R.T monitoring |
-| searxng | searxng/searxng:latest | Anonymized Meta-Search Engine |
-| searxng-valkey | docker.io/bitnami/valkey:latest |  |
-| semaphore-ui | semaphoreui/semaphore:v2.12.14 | Modern UI for Ansible, Terraform, OpenTofu, PowerShell and other DevOps tools |
-| signoz-app | signoz/signoz:v0.92.2 | Logs, metrics, and traces in a single pane |
-| signoz-clickhouse | clickhouse/clickhouse-server:24.1.2-alpine |  |
-| signoz-init-clickhouse | clickhouse/clickhouse-server:24.1.2-alpine |  |
-| signoz-logspout | pavanputhra/logspout-signoz |  |
-| signoz-otel-collector | signoz/signoz-otel-collector:v0.129.0 |  |
-| signoz-schema-migrator-async | signoz/signoz-schema-migrator:v0.129.0 |  |
-| signoz-schema-migrator-sync | signoz/signoz-schema-migrator:v0.129.0 |  |
-| signoz-zookeeper-1 | bitnami/zookeeper:3.7.1 |  |
-| sonarqube | mc1arke/sonarqube-with-community-branch-plugin:lts | Code/DevOps quality/security |
-| sonarqube-pg-db | postgres:17-alpine |  |
-| sonarr | lscr.io/linuxserver/sonarr:latest | TV Show Automation |
-| sonashow | thewicklowwolf/sonashow:latest | TV show discovery based on library/tastes |
-| soularr | mrusse08/soularr:latest |  |
-| soularr-dashboard | ghcr.io/mrusse/soularr:main | Dashboard for monitoring Soularr |
-| soulseek | slskd/slskd | Modern client-server application for the Soulseek file-sharing network. |
-| speedtest-tracker | lscr.io/linuxserver/speedtest-tracker:latest | Self-hosted internet performance tracking |
-| stable-diffusion-webui | ghcr.io/neggles/sd-webui-docker:latest |  |
-| stirling-pdf | docker.stirlingpdf.com/stirlingtools/stirling-pdf:latest | PDF Operations |
-| swag | lscr.io/linuxserver/swag:latest | SWAG Dashboard for proxies |
-| tandoor | vabene1111/recipes | Recipes, cookbooks, meal-planning, & grocery lists |
-| tandoor-pg | postgres:16-alpine |  |
-| umami | ghcr.io/umami-software/umami:postgresql-latest | Simple, fast, privacy-focused alternative to Google Analytics |
-| umami-pg-db | postgres:15-alpine |  |
-| unmanic | josh5/unmanic:latest | Library Optimizer |
-| uptimekuma | louislam/uptime-kuma:latest | HTTP Endpoint Monitoring |
-| vault | hashicorp/vault:latest | HashiCorp Vault for secrets, key/value stores, etc. |
-| wallos | bellamy/wallos:latest | Subscription Tracking |
-| watchtower | ghcr.io/containrrr/watchtower:latest | Container-based solution for automating Docker container base image updates |
-| web-check | lissy93/web-check | Site scanner for attack vectors, architecture, security configs, and more |
-| whodb | clidey/whodb | Lightweight next-gen database explorer |
-| wizarr | ghcr.io/wizarrrr/wizarr | User invitation management system for Jellyfin, Plex, and Emby |
-| youtubedl | nbr23/youtube-dl-server:latest | YouTube Downloader |
-| zammad-backup | ghcr.io/zammad/zammad:6.5.0-15 |  |
-| zammad-elasticsearch | elasticsearch:8.18.0 |  |
-| zammad-init | ghcr.io/zammad/zammad:6.5.0-15 |  |
-| zammad-memcached | memcached:1.6.38-alpine |  |
-| zammad-nginx | ghcr.io/zammad/zammad:6.5.0-15 | Open-source helpdesk/customer support system |
-| zammad-postgresql | postgres:17.5-alpine |  |
-| zammad-railsserver | ghcr.io/zammad/zammad:6.5.0-15 |  |
-| zammad-redis | redis:7.4.2-alpine |  |
-| zammad-scheduler | ghcr.io/zammad/zammad:6.5.0-15 |  |
-| zammad-websocket | ghcr.io/zammad/zammad:6.5.0-15 |  |
-
+[
+  {
+    "service": "actual_server",
+    "image": "docker.io/actualbudget/actual-server:latest"
+  },
+  {
+    "service": "adguard",
+    "image": "adguard/adguardhome:latest"
+  },
+  {
+    "service": "apprise",
+    "image": "lscr.io/linuxserver/apprise-api:latest"
+  },
+  {
+    "service": "audiobookshelf",
+    "image": "ghcr.io/advplyr/audiobookshelf:latest"
+  },
+  {
+    "service": "authelia",
+    "image": "authelia/authelia:master"
+  },
+  {
+    "service": "authelia-pg",
+    "image": "postgres:16-alpine"
+  },
+  {
+    "service": "bazarr",
+    "image": "lscr.io/linuxserver/bazarr:latest"
+  },
+  {
+    "service": "bitmagnet",
+    "image": "ghcr.io/bitmagnet-io/bitmagnet:latest"
+  },
+  {
+    "service": "bitmagnet-pg-db",
+    "image": "postgres:17-alpine"
+  },
+  {
+    "service": "bitwarden",
+    "image": "vaultwarden/server:latest"
+  },
+  {
+    "service": "bluesky-pds",
+    "image": "ghcr.io/bluesky-social/pds:latest"
+  },
+  {
+    "service": "browserless",
+    "image": "ghcr.io/browserless/chromium:latest"
+  },
+  {
+    "service": "castopod",
+    "image": "castopod/castopod:latest"
+  },
+  {
+    "service": "cloudflared",
+    "image": "cloudflare/cloudflared:latest"
+  },
+  {
+    "service": "cloudflareddns",
+    "image": "ghcr.io/hotio/cloudflareddns:latest"
+  },
+  {
+    "service": "crowdsec",
+    "image": "crowdsecurity/crowdsec:latest"
+  },
+  {
+    "service": "crowdsec-dashboard",
+    "image": "metabase/metabase"
+  },
+  {
+    "service": "czkawka",
+    "image": "jlesage/czkawka"
+  },
+  {
+    "service": "dagu-scheduler",
+    "image": "ghcr.io/dagu-org/dagu:latest"
+  },
+  {
+    "service": "dagu-server",
+    "image": "ghcr.io/dagu-org/dagu:latest"
+  },
+  {
+    "service": "delugevpn",
+    "image": "ghcr.io/binhex/arch-delugevpn:latest"
+  },
+  {
+    "service": "docker-socket-proxy",
+    "image": "ghcr.io/tecnativa/docker-socket-proxy:latest"
+  },
+  {
+    "service": "docuseal",
+    "image": "docuseal/docuseal:latest"
+  },
+  {
+    "service": "duplicati",
+    "image": "lscr.io/linuxserver/duplicati:latest"
+  },
+  {
+    "service": "fastenhealth",
+    "image": "ghcr.io/fastenhealth/fasten-onprem:main"
+  },
+  {
+    "service": "flaresolverr",
+    "image": "ghcr.io/flaresolverr/flaresolverr:latest"
+  },
+  {
+    "service": "ghost",
+    "image": "ghost:latest"
+  },
+  {
+    "service": "gitea",
+    "image": "gitea/gitea:1.22.2"
+  },
+  {
+    "service": "gitea-db",
+    "image": "postgres:14"
+  },
+  {
+    "service": "gitea-opengist",
+    "image": "ghcr.io/thomiceli/opengist:latest"
+  },
+  {
+    "service": "gitea-runner",
+    "image": "gitea/act_runner:latest"
+  },
+  {
+    "service": "gitea-sonarqube-bot",
+    "image": "justusbunsi/gitea-sonarqube-bot:v0.4.0"
+  },
+  {
+    "service": "gluetun",
+    "image": "qmcgaw/gluetun:latest"
+  },
+  {
+    "service": "gotify",
+    "image": "gotify/server"
+  },
+  {
+    "service": "grafana",
+    "image": "grafana/grafana-enterprise:latest"
+  },
+  {
+    "service": "grafana-alloy",
+    "image": "grafana/alloy:latest"
+  },
+  {
+    "service": "grafana-loki",
+    "image": "grafana/loki:latest"
+  },
+  {
+    "service": "grafana-mimir",
+    "image": "grafana/mimir:latest"
+  },
+  {
+    "service": "grafana-mimir-memcached",
+    "image": "memcached"
+  },
+  {
+    "service": "grafana-pyroscope",
+    "image": "grafana/pyroscope:latest"
+  },
+  {
+    "service": "grafana-tempo",
+    "image": "grafana/tempo:latest"
+  },
+  {
+    "service": "homepage",
+    "image": "ghcr.io/gethomepage/homepage:latest"
+  },
+  {
+    "service": "hortusfox",
+    "image": "ghcr.io/danielbrendel/hortusfox-web:latest"
+  },
+  {
+    "service": "hugo",
+    "image": "hugomods/hugo:exts"
+  },
+  {
+    "service": "invidious",
+    "image": "quay.io/invidious/invidious:latest"
+  },
+  {
+    "service": "invidious-db",
+    "image": "docker.io/library/postgres:14"
+  },
+  {
+    "service": "invoice_ninja",
+    "image": "invoiceninja/invoiceninja:5"
+  },
+  {
+    "service": "invoice_ninja_proxy",
+    "image": "nginx"
+  },
+  {
+    "service": "it-tools",
+    "image": "ghcr.io/corentinth/it-tools:latest"
+  },
+  {
+    "service": "jellyfin",
+    "image": "jellyfin/jellyfin"
+  },
+  {
+    "service": "jitsi-etherpad",
+    "image": "etherpad/etherpad:1.8.6"
+  },
+  {
+    "service": "jitsi-jibri",
+    "image": "jitsi/jibri:${JITSI_IMAGE_VERSION:-stable}"
+  },
+  {
+    "service": "jitsi-jicofo",
+    "image": "jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable}"
+  },
+  {
+    "service": "jitsi-jigasi",
+    "image": "jitsi/jigasi:${JITSI_IMAGE_VERSION:-stable}"
+  },
+  {
+    "service": "jitsi-jvb",
+    "image": "jitsi/jvb:${JITSI_IMAGE_VERSION:-stable}"
+  },
+  {
+    "service": "jitsi-prosody",
+    "image": "jitsi/prosody:${JITSI_IMAGE_VERSION:-stable}"
+  },
+  {
+    "service": "jitsi-web",
+    "image": "jitsi/web:${JITSI_IMAGE_VERSION:-stable}"
+  },
+  {
+    "service": "joplin-db",
+    "image": "postgres:17-alpine"
+  },
+  {
+    "service": "joplin",
+    "image": "joplin/server:latest"
+  },
+  {
+    "service": "komodo-core",
+    "image": "ghcr.io/mbecker20/komodo:latest"
+  },
+  {
+    "service": "komodo-ferretdb",
+    "image": "ghcr.io/ferretdb/ferretdb"
+  },
+  {
+    "service": "komodo-periphery",
+    "image": "ghcr.io/mbecker20/periphery:latest"
+  },
+  {
+    "service": "komodo-pg-db",
+    "image": "postgres:17-alpine"
+  },
+  {
+    "service": "librespeed",
+    "image": "lscr.io/linuxserver/librespeed:latest"
+  },
+  {
+    "service": "lidarr",
+    "image": "lscr.io/linuxserver/lidarr:latest"
+  },
+  {
+    "service": "lidify",
+    "image": "thewicklowwolf/lidify:latest"
+  },
+  {
+    "service": "lldap",
+    "image": "lldap/lldap:stable"
+  },
+  {
+    "service": "localai",
+    "image": "localai/localai:latest-aio-cpu"
+  },
+  {
+    "service": "maloja",
+    "image": "krateng/maloja:latest"
+  },
+  {
+    "service": "mariadb",
+    "image": "ghcr.io/linuxserver/mariadb"
+  },
+  {
+    "service": "meshcentral",
+    "image": "ghcr.io/ylianst/meshcentral:master"
+  },
+  {
+    "service": "minio",
+    "image": "minio/minio"
+  },
+  {
+    "service": "mongodb",
+    "image": "mongo:7.0"
+  },
+  {
+    "service": "multi-scrobbler",
+    "image": "foxxmd/multi-scrobbler"
+  },
+  {
+    "service": "n8n",
+    "image": "docker.n8n.io/n8nio/n8n"
+  },
+  {
+    "service": "navidrome",
+    "image": "deluan/navidrome:latest"
+  },
+  {
+    "service": "netbox",
+    "image": "lscr.io/linuxserver/netbox:latest"
+  },
+  {
+    "service": "netbox-db",
+    "image": "postgres:17-alpine"
+  },
+  {
+    "service": "nextcloud",
+    "image": "lscr.io/linuxserver/nextcloud:latest"
+  },
+  {
+    "service": "ollama",
+    "image": "ollama/ollama"
+  },
+  {
+    "service": "ombi",
+    "image": "lscr.io/linuxserver/ombi:latest"
+  },
+  {
+    "service": "paperless-ngx",
+    "image": "ghcr.io/paperless-ngx/paperless-ngx:latest"
+  },
+  {
+    "service": "plausible",
+    "image": "ghcr.io/plausible/community-edition:v2.1.0"
+  },
+  {
+    "service": "plausible_db",
+    "image": "postgres:16-alpine"
+  },
+  {
+    "service": "plausible_events_db",
+    "image": "clickhouse/clickhouse-server:24.3.3.102-alpine"
+  },
+  {
+    "service": "postal-smtp",
+    "image": "ghcr.io/postalserver/postal:latest"
+  },
+  {
+    "service": "postal-web",
+    "image": "ghcr.io/postalserver/postal:latest"
+  },
+  {
+    "service": "postal-worker",
+    "image": "ghcr.io/postalserver/postal:latest"
+  },
+  {
+    "service": "prowlarr",
+    "image": "lscr.io/linuxserver/prowlarr:latest"
+  },
+  {
+    "service": "radarec",
+    "image": "thewicklowwolf/radarec:latest"
+  },
+  {
+    "service": "radarr",
+    "image": "lscr.io/linuxserver/radarr:latest"
+  },
+  {
+    "service": "reactive-resume",
+    "image": "amruthpillai/reactive-resume:latest"
+  },
+  {
+    "service": "reactive-resume-pg",
+    "image": "postgres:16-alpine"
+  },
+  {
+    "service": "readarr",
+    "image": "lscr.io/linuxserver/readarr:develop"
+  },
+  {
+    "service": "redis",
+    "image": "redis:alpine"
+  },
+  {
+    "service": "redlib",
+    "image": "quay.io/redlib/redlib:latest"
+  },
+  {
+    "service": "sabnzbdvpn",
+    "image": "ghcr.io/binhex/arch-sabnzbdvpn:latest"
+  },
+  {
+    "service": "scraperr",
+    "image": "jpyles0524/scraperr:latest"
+  },
+  {
+    "service": "scraperr-api",
+    "image": "jpyles0524/scraperr_api:latest"
+  },
+  {
+    "service": "scrutiny",
+    "image": "ghcr.io/analogj/scrutiny:master-omnibus"
+  },
+  {
+    "service": "searxng",
+    "image": "searxng/searxng:latest"
+  },
+  {
+    "service": "semaphore",
+    "image": "semaphoreui/semaphore:v2.10.32"
+  },
+  {
+    "service": "slurpit-portal",
+    "image": "slurpit/portal:latest"
+  },
+  {
+    "service": "slurpit-scanner",
+    "image": "slurpit/scanner:latest"
+  },
+  {
+    "service": "slurpit-scraper",
+    "image": "slurpit/scraper:latest"
+  },
+  {
+    "service": "slurpit-warehouse",
+    "image": "slurpit/warehouse:latest"
+  },
+  {
+    "service": "sonarqube",
+    "image": "mc1arke/sonarqube-with-community-branch-plugin:lts"
+  },
+  {
+    "service": "sonarqube-pg-db",
+    "image": "postgres:17-alpine"
+  },
+  {
+    "service": "sonarr",
+    "image": "lscr.io/linuxserver/sonarr:latest"
+  },
+  {
+    "service": "sonashow",
+    "image": "thewicklowwolf/sonashow:latest"
+  },
+  {
+    "service": "soulseek",
+    "image": "slskd/slskd"
+  },
+  {
+    "service": "spotisub",
+    "image": "blastbeng/spotisub:latest"
+  },
+  {
+    "service": "swag",
+    "image": "lscr.io/linuxserver/swag:latest"
+  },
+  {
+    "service": "synapse",
+    "image": "docker.io/matrixdotorg/synapse:latest"
+  },
+  {
+    "service": "synapse-db",
+    "image": "postgres:16-alpine"
+  },
+  {
+    "service": "tandoor",
+    "image": "vabene1111/recipes"
+  },
+  {
+    "service": "tandoor-pg",
+    "image": "postgres:16-alpine"
+  },
+  {
+    "service": "traccar",
+    "image": "traccar/traccar:latest"
+  },
+  {
+    "service": "traccar-pg",
+    "image": "postgres:16-alpine"
+  },
+  {
+    "service": "unmanic",
+    "image": "josh5/unmanic:latest"
+  },
+  {
+    "service": "uptimekuma",
+    "image": "louislam/uptime-kuma:latest"
+  },
+  {
+    "service": "vault",
+    "image": "hashicorp/vault:latest"
+  },
+  {
+    "service": "wallabag",
+    "image": "wallabag/wallabag"
+  },
+  {
+    "service": "wallos",
+    "image": "bellamy/wallos:latest"
+  },
+  {
+    "service": "watchtower",
+    "image": "ghcr.io/containrrr/watchtower:latest"
+  },
+  {
+    "service": "wazuh.agent",
+    "image": "opennix/wazuh-agent:latest"
+  },
+  {
+    "service": "wazuh.dashboard",
+    "image": "wazuh/wazuh-dashboard:${WAZUH_VERSION}"
+  },
+  {
+    "service": "wazuh.indexer",
+    "image": "wazuh/wazuh-indexer:${WAZUH_VERSION}"
+  },
+  {
+    "service": "wazuh.manager",
+    "image": "wazuh/wazuh-manager:${WAZUH_VERSION}"
+  },
+  {
+    "service": "web-check",
+    "image": "lissy93/web-check"
+  },
+  {
+    "service": "whodb",
+    "image": "clidey/whodb"
+  },
+  {
+    "service": "your_spotify",
+    "image": "lscr.io/linuxserver/your_spotify:latest"
+  },
+  {
+    "service": "youtubedl",
+    "image": "nbr23/youtube-dl-server:latest"
+  },
+  {
+    "service": "zammad-backup",
+    "image": "postgres:${ZAMMAD_POSTGRES_VERSION}"
+  },
+  {
+    "service": "zammad-elasticsearch",
+    "image": "bitnami/elasticsearch:${ZAMMAD_ELASTICSEARCH_VERSION}"
+  },
+  {
+    "service": "zammad-init",
+    "image": "${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION}"
+  },
+  {
+    "service": "zammad-memcached",
+    "image": "memcached:${ZAMMAD_MEMCACHE_VERSION}"
+  },
+  {
+    "service": "zammad-nginx",
+    "image": "${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION}"
+  },
+  {
+    "service": "zammad-postgresql",
+    "image": "postgres:${ZAMMAD_POSTGRES_VERSION}"
+  },
+  {
+    "service": "zammad-railsserver",
+    "image": "${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION}"
+  },
+  {
+    "service": "zammad-redis",
+    "image": "redis:${ZAMMAD_REDIS_VERSION}"
+  },
+  {
+    "service": "zammad-scheduler",
+    "image": "${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION}"
+  },
+  {
+    "service": "zammad-websocket",
+    "image": "${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION}"
+  },
+  {
+    "service": "zitadel",
+    "image": "ghcr.io/zitadel/zitadel:latest"
+  },
+  {
+    "service": "zitadel-pg-db",
+    "image": "postgres:16-alpine"
+  }
+]
+```
@@ -0,0 +1,842 @@
+# Global Settings
+COMPOSE_HTTP_TIMEOUT=''
+DOCKER_GID=''
+DOCKER_HOSTNAME=''
+DOCKER_VOLUME_CONFIG=''
+DOCKER_VOLUME_STORAGE=''
+PGID=''
+PUID=''
+TZ=''
+MY_TLD=''
+# END OF DEFAULT SETTINGS
+
+##
+## ADDY
+##
+ADDY_ANONADDY_ADDITIONAL_USERNAME_LIMIT=''
+ADDY_ANONADDY_ADMIN_USERNAME=''
+ADDY_ANONADDY_ALL_DOMAINS=''
+ADDY_ANONADDY_BANDWIDTH_LIMIT=''
+ADDY_ANONADDY_DKIM_SELECTOR=''
+ADDY_ANONADDY_DKIM_SIGNING_KEY=''
+ADDY_ANONADDY_DNS_RESOLVER=''
+ADDY_ANONADDY_DOMAIN=''
+ADDY_ANONADDY_HOSTNAME=''
+ADDY_ANONADDY_LIMIT=''
+ADDY_ANONADDY_NEW_ALIAS_LIMIT=''
+ADDY_ANONADDY_RETURN_PATH=''
+ADDY_ANONADDY_SECRET=''
+ADDY_ANONADDY_SIGNING_KEY_FINGERPRINT=''
+ADDY_APP_KEY=''
+ADDY_APP_URL=''
+ADDY_DB_PASSWORD=''
+ADDY_MAIL_ENCRYPTION=''
+ADDY_MAIL_FROM_ADDRESS=''
+ADDY_MAIL_FROM_NAME=''
+ADDY_POSTFIX_DEBUG=''
+ADDY_POSTFIX_MESSAGE_SIZE_LIMIT=''
+ADDY_POSTFIX_RELAYHOST=''
+ADDY_POSTFIX_RELAYHOST_AUTH_ENABLE=''
+ADDY_POSTFIX_SMTPD_TLS_CERT_FILE=''
+ADDY_POSTFIX_SMTPD_TLS_KEY_FILE=''
+ADDY_POSTFIX_SPAMHAUS_DQS_KEY=''
+ADDY_REDIS_PASSWORD=''
+ADDY_RSPAMD_NO_LOCAL_ADDRS=''
+ADDY_RSPAMD_WEB_PASSWORD=''
+
+##
+## ADGUARD
+##
+ADGUARD_CONTAINER_NAME=''
+ADGUARD_ENABLED=''
+ADGUARD_ENVIRONMENT_SERVERIP=''
+ADGUARD_NETWORK_MODE=''
+ADGUARD_PORT_3000=''
+ADGUARD_PORT_443=''
+ADGUARD_PORT_53=''
+ADGUARD_PORT_67=''
+ADGUARD_PORT_68=''
+ADGUARD_PORT_80=''
+ADGUARD_PORT_853=''
+ADGUARD_RESTART=''
+ADGUARD_TAG=''
+
+##
+## ADGUARD
+##
+ADGUARD_CF_TUNNEL_PASSWORD=''
+ADGUARD_PASSWORD=''
+
+##
+## ANYTHINGLLM
+##
+ANYTHINGLLM_JWT_SECRET=''
+
+##
+## APPRISE
+##
+APPRISE_CONTAINER_NAME=''
+APPRISE_ENABLED=''
+APPRISE_NETWORK_MODE=''
+APPRISE_PORT_8000=''
+APPRISE_RESTART=''
+APPRISE_TAG=''
+
+##
+## AUDIOBOOKSHELF
+##
+AUDIOBOOKSHELF_CONTAINER_NAME=''
+AUDIOBOOKSHELF_ENABLED=''
+AUDIOBOOKSHELF_NETWORK_MODE=''
+AUDIOBOOKSHELF_PORT_80=''
+AUDIOBOOKSHELF_RESTART=''
+AUDIOBOOKSHELF_TAG=''
+
+##
+## AUDIOBOOKSHELF
+##
+AUDIOBOOKSHELF_ROOT_API_KEY=''
+
+##
+## AUTHELIA
+##
+AUTHELIA_AUTH_BIND_LDAP_PASSWORD=''
+AUTHELIA_JWT_SECRET=''
+AUTHELIA_SESSION_SECRET=''
+AUTHELIA_STORAGE_ENCRYPTION_KEY=''
+AUTHELIA_STORAGE_POSTGRES_PASSWORD=''
+
+##
+## BAZARR
+##
+BAZARR_CONTAINER_NAME=''
+BAZARR_ENABLED=''
+BAZARR_NETWORK_MODE=''
+BAZARR_PORT_6767=''
+BAZARR_RESTART=''
+BAZARR_TAG=''
+BAZARR_API_KEY=''
+##
+## BITMAGNET
+##
+BITMAGNET_POSTGRESQL_PASSWORD=''
+
+##
+## BITWARDEN
+##
+BITWARDEN_CONTAINER_NAME=''
+BITWARDEN_ENABLED=''
+BITWARDEN_ENVIRONMENT_ADMIN_TOKEN=''
+BITWARDEN_ENVIRONMENT_DATABASE_URL=''
+BITWARDEN_ENVIRONMENT_DISABLE_ADMIN_TOKEN=''
+BITWARDEN_ENVIRONMENT_DOMAIN=''
+BITWARDEN_ENVIRONMENT_ENABLE_DB_WAL=''
+BITWARDEN_ENVIRONMENT_INVITATIONS_ALLOWED=''
+BITWARDEN_ENVIRONMENT_SHOW_PASSWORD_HINT=''
+BITWARDEN_ENVIRONMENT_SIGNUPS_ALLOWED=''
+BITWARDEN_ENVIRONMENT_SIGNUPS_VERIFY=''
+BITWARDEN_ENVIRONMENT_WEBSOCKET_ENABLE=''
+BITWARDEN_NETWORK_MODE=''
+BITWARDEN_PORT_3012=''
+BITWARDEN_PORT_80=''
+BITWARDEN_RESTART=''
+BITWARDEN_TAG=''
+
+##
+## CHROMIUM
+##
+CHROMIUM_TOKEN=''
+
+##
+## CLOUDFLARE
+##
+CLOUDFLARE_ACCOUNT_ID=''
+CLOUDFLARE_DNS_API_TOKEN=''
+CLOUDFLARE_ZONE_ID=''
+
+##
+## CLOUDFLAREDDNS
+##
+CLOUDFLAREDDNS_CONTAINER_NAME=''
+CLOUDFLAREDDNS_ENABLED=''
+CLOUDFLAREDDNS_ENVIRONMENT_APIKEY=''
+CLOUDFLAREDDNS_ENVIRONMENT_APITOKEN=''
+CLOUDFLAREDDNS_ENVIRONMENT_ARGS=''
+CLOUDFLAREDDNS_ENVIRONMENT_DETECTION_MODE=''
+CLOUDFLAREDDNS_ENVIRONMENT_HOSTS=''
+CLOUDFLAREDDNS_ENVIRONMENT_INTERVAL=''
+CLOUDFLAREDDNS_ENVIRONMENT_LOG_LEVEL=''
+CLOUDFLAREDDNS_ENVIRONMENT_RECORDTYPES=''
+CLOUDFLAREDDNS_ENVIRONMENT_USER=''
+CLOUDFLAREDDNS_ENVIRONMENT_ZONES=''
+CLOUDFLAREDDNS_RESTART=''
+CLOUDFLAREDDNS_TAG=''
+
+##
+## CROWDSEC
+##
+CROWDSEC_API_KEY=''
+CROWDSEC_LOCAL_API_KEY=''
+
+##
+## DELUGEVPN
+##
+DELUGEVPN_CONTAINER_NAME=''
+DELUGEVPN_ENABLED=''
+DELUGEVPN_ENVIRONMENT_ENABLE_PRIVOXY=''
+DELUGEVPN_ENVIRONMENT_LAN_NETWORK=''
+DELUGEVPN_ENVIRONMENT_NAME_SERVERS=''
+DELUGEVPN_ENVIRONMENT_VPN_CLIENT=''
+DELUGEVPN_ENVIRONMENT_VPN_ENABLE=''
+DELUGEVPN_ENVIRONMENT_VPN_INPUT_PORTS=''
+DELUGEVPN_ENVIRONMENT_VPN_OPTIONS=''
+DELUGEVPN_ENVIRONMENT_VPN_OUTPUT_PORTS=''
+DELUGEVPN_ENVIRONMENT_VPN_PASS=''
+DELUGEVPN_ENVIRONMENT_VPN_PROV=''
+DELUGEVPN_ENVIRONMENT_VPN_USER=''
+DELUGEVPN_NETWORK_MODE=''
+DELUGEVPN_PORT_58846=''
+DELUGEVPN_PORT_58946=''
+DELUGEVPN_PORT_8112=''
+DELUGEVPN_PORT_8118=''
+DELUGEVPN_RESTART=''
+DELUGEVPN_TAG=''
+
+##
+## DELUGEVPN
+##
+DELUGEVPN_PASSWORD=''
+DELUGEVPN_PORT_51413=''
+DELUGEVPN_PORT_6881=''
+
+##
+## DUPLICATI
+##
+DUPLICATI_CONTAINER_NAME=''
+DUPLICATI_ENABLED=''
+DUPLICATI_NETWORK_MODE=''
+DUPLICATI_PORT_8200=''
+DUPLICATI_RESTART=''
+DUPLICATI_TAG=''
+DUPLICATI_VOLUME_BACKUPSDIR=''
+DUPLICATI_VOLUME_SOURCEDIR=''
+
+##
+## DUPLICATI
+##
+DUPLICATI_CF_TUNNEL_PASSWORD=''
+
+##
+## EMBY
+##
+EMBY_CONTAINER_NAME=''
+EMBY_ENABLED=''
+EMBY_NETWORK_MODE=''
+EMBY_PORT_8096=''
+EMBY_PORT_8920=''
+EMBY_RESTART=''
+EMBY_TAG=''
+EMBY_VOLUME_TRANSCODEDIR=''
+
+##
+## EMBY
+##
+EMBY_HOMEPAGE_API_KEY=''
+
+##
+## FLARESOLVERR
+##
+FLARESOLVERR_CONTAINER_NAME=''
+FLARESOLVERR_ENABLED=''
+FLARESOLVERR_ENVIRONMENT_CAPTCHA_SOLVER=''
+FLARESOLVERR_ENVIRONMENT_LOG_HTML=''
+FLARESOLVERR_ENVIRONMENT_LOG_LEVEL=''
+FLARESOLVERR_NETWORK_MODE=''
+FLARESOLVERR_PORT_8191=''
+FLARESOLVERR_RESTART=''
+FLARESOLVERR_TAG=''
+
+##
+## GHOST
+##
+GHOST_DB_PASSWORD=''
+GHOST_DB_USER=''
+
+##
+## GITEA
+##
+GITEA_HOMEPAGE_API_KEY=''
+GITEA_PG_DB_PASSWORD=''
+GITEA_RUNNER_REGISTRATION_TOKEN=''
+
+##
+## GLUETUN
+##
+GLUETUN_SERVER_REGIONS=''
+
+##
+## GOTIFY
+##
+GOTIFY_HOMEPAGE_CLIENT_KEY=''
+GOTIFY_PASSWORD=''
+
+##
+## GRAFANA
+##
+GRAFANA_CONTAINER_NAME=''
+GRAFANA_ENABLED=''
+GRAFANA_ENVIRONMENT_GF_INSTALL_PLUGINS=''
+GRAFANA_NETWORK_MODE=''
+GRAFANA_PORT_3000=''
+GRAFANA_RESTART=''
+GRAFANA_TAG=''
+
+##
+## GRAFANA
+##
+GRAFANA_ADMIN_PASSWORD=''
+GRAFANA_MIMIR_HTTP_AUTH_PASSWORD=''
+
+##
+## GUID
+##
+GUID=''
+
+##
+## HORTUSFOX
+##
+HORTUSFOX_ADMIN_PASSWORD=''
+HORTUSFOX_DB_PASSWORD=''
+
+##
+## HUGINN
+##
+HUGINN_CONTAINER_NAME=''
+HUGINN_ENABLED=''
+HUGINN_ENVIRONMENT_DATABASE_HOST=''
+HUGINN_ENVIRONMENT_DATABASE_NAME=''
+HUGINN_ENVIRONMENT_DATABASE_PASSWORD=''
+HUGINN_ENVIRONMENT_DATABASE_PORT=''
+HUGINN_ENVIRONMENT_DATABASE_USERNAME=''
+HUGINN_NETWORK_MODE=''
+HUGINN_PORT_3000=''
+HUGINN_RESTART=''
+HUGINN_TAG=''
+
+##
+## IN
+##
+IN_APP_KEY=''
+IN_MYSQL_PASSWORD=''
+IN_PASSWORD=''
+
+##
+## JAN
+##
+JAN_AI_S3_ACCESS_KEY=''
+JAN_AI_S3_SECRET_KEY=''
+
+##
+## JITSI
+##
+JITSI__ADMIN_DB_PASSWORD=''
+JITSI__ADMIN_JWT_SECRET=''
+JITSI__ETHERPAD_DEFAULT_PAD_TEXT=''
+JITSI__ETHERPAD_SKIN_NAME=''
+JITSI__ETHERPAD_SKIN_VARIANTS=''
+JITSI__ETHERPAD_TITLE=''
+JITSI__ETHERPAD_URL_BASE=''
+JITSI__HTTP_PORT=''
+JITSI__HTTPS_PORT=''
+JITSI__JIBRI_RECORDER_PASSWORD=''
+JITSI__JIBRI_XMPP_PASSWORD=''
+JITSI__JICOFO_AUTH_PASSWORD=''
+JITSI__JIGAGI_SIP_PASSWORD=''
+JITSI__JIGAGI_SIP_PORT=''
+JITSI__JIGAGI_SIP_SERVER=''
+JITSI__JIGAGI_SIP_TRANSPORT=''
+JITSI__JIGAGI_SIP_URI=''
+JITSI__JIGASI_XMPP_PASSWORD=''
+JITSI__JVB_AUTH_PASSWORD=''
+JITSI__PUBLIC_URL=''
+JITSI__SIP_URI=''
+JITSI__TZ=''
+JITSI__WEBSOCKET_SECRET=''
+
+##
+## JOPLIN
+##
+JOPLIN_APP_BASE_URL=''
+JOPLIN_APP_PORT=''
+JOPLIN_POSTGRES_DATABASE=''
+JOPLIN_POSTGRES_PASSWORD=''
+JOPLIN_POSTGRES_PORT=''
+JOPLIN_POSTGRES_USER=''
+JOPLIN_S3_ACCESS_KEY=''
+JOPLIN_S3_SECRET_KEY=''
+
+##
+## KEYCLOAK
+##
+KEYCLOAK_ADMIN_PASSWORD=''
+
+##
+## LAN
+##
+LAN_NETWORK=''
+
+##
+## LASTFM
+##
+LASTFM_API_KEY=''
+LASTFM_API_SECRET=''
+LASTFM_PASSWORD=''
+LASTFM_USERNAME=''
+
+##
+## LIBRESPEED
+##
+LIBRESPEED_CONTAINER_NAME=''
+LIBRESPEED_ENABLED=''
+LIBRESPEED_ENVIRONMENT_DB_HOSTNAME=''
+LIBRESPEED_ENVIRONMENT_DB_NAME=''
+LIBRESPEED_ENVIRONMENT_DB_PASSWORD=''
+LIBRESPEED_ENVIRONMENT_DB_TYPE=''
+LIBRESPEED_ENVIRONMENT_DB_USERNAME=''
+LIBRESPEED_ENVIRONMENT_PASSWORD=''
+LIBRESPEED_NETWORK_MODE=''
+LIBRESPEED_PORT_80=''
+LIBRESPEED_RESTART=''
+LIBRESPEED_TAG=''
+
+##
+## LIDARR
+##
+LIDARR_CONTAINER_NAME=''
+LIDARR_ENABLED=''
+LIDARR_NETWORK_MODE=''
+LIDARR_PORT_8686=''
+LIDARR_RESTART=''
+LIDARR_TAG=''
+
+##
+## LIDARR
+##
+LIDARR_API_KEY=''
+
+##
+## LLDAP
+##
+LLDAP_JWT_SECRET=''
+LLDAP_KEY_SEED=''
+
+##
+## LOCALAI
+##
+LOCALAI_API_KEY=''
+
+##
+## MALOJA
+##
+MALOJA_FORCE_PASSWORD=''
+
+##
+## MARIADB
+##
+MARIADB_CONTAINER_NAME=''
+MARIADB_ENABLED=''
+MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD=''
+MARIADB_NETWORK_MODE=''
+MARIADB_PORT_3306=''
+MARIADB_RESTART=''
+MARIADB_TAG=''
+
+##
+## MATTERMOST
+##
+MATTERMOST_AWS_S3_ACCESSKEY=''
+MATTERMOST_AWS_S3_SECRETKEY=''
+MATTERMOST_POSTGRES_CONNECTION_URI=''
+MATTERMOST_POSTGRES_PASSWORD=''
+
+##
+## MAYBE
+##
+MAYBE_POSTGRES_PASSWORD=''
+MAYBE_SECRET_KEY_BASE=''
+
+##
+## MEDUSAJS
+##
+MEDUSAJS_COOKIE_SECRET=''
+MEDUSAJS_JWT_TOKEN=''
+MEDUSAJS_POSTGRES_PASSWORD=''
+MEDUSAJS_S3_ACCESS_KEY=''
+MEDUSAJS_S3_SECRET_KEY=''
+
+##
+## MINIO
+##
+MINIO_MIMIR_STORAGE_ACCESS_KEY=''
+MINIO_MIMIR_STORAGE_SECRET_KEY=''
+MINIO_ROOT_PASSWORD=''
+
+##
+## MONGO
+##
+MONGO_INITDB_ROOT_PASSWORD=''
+MONGO_INITDB_ROOT_USERNAME=''
+
+##
+## NAVIDROME
+##
+NAVIDROME_PASSWORD=''
+NAVIDROME_USERNAME=''
+
+##
+## NEXTCLOUD
+##
+NEXTCLOUD_CONTAINER_NAME=''
+NEXTCLOUD_ENABLED=''
+NEXTCLOUD_NETWORK_MODE=''
+NEXTCLOUD_PORT_443=''
+NEXTCLOUD_RESTART=''
+NEXTCLOUD_TAG=''
+NEXTCLOUD_VOLUME_DATADIR=''
+
+##
+## OMBI
+##
+OMBI_CONTAINER_NAME=''
+OMBI_ENABLED=''
+OMBI_NETWORK_MODE=''
+OMBI_PORT_3579=''
+OMBI_RESTART=''
+OMBI_TAG=''
+OMBI_API_KEY=''
+
+##
+## OPENGIST
+##
+OPENGIST_GITEA_CLIENT_KEY=''
+OPENGIST_GITEA_SECRET=''
+
+##
+## PAPERLESS
+##
+PAPERLESS_DBPASS=''
+PAPERLESS_SECRET_KEY=''
+
+##
+## PLAUSIBLE
+##
+PLAUSIBLE_PG_PASSWORD=''
+PLAUSIBLE_SECRET_KEY_BASE=''
+PLAUSIBLE_TOTP_VAULT_KEY=''
+
+##
+## PODINDEX
+##
+PODINDEX_API_KEY=''
+PODINDEX_API_SECRET=''
+
+##
+## PORTAINER
+##
+PORTAINER_CONTAINER_NAME=''
+PORTAINER_ENABLED=''
+PORTAINER_NETWORK_MODE=''
+PORTAINER_PORT_9000=''
+PORTAINER_RESTART=''
+PORTAINER_TAG=''
+PORTAINER_VOLUME_DOCKER_SOCKET=''
+PORTAINER_API_KEY=''
+
+##
+## POSTAL
+##
+POSTAL_MYSQL_PASSWORD=''
+POSTAL_SMTP_AUTH_PASSWORD=''
+POSTAL_SMTP_AUTH_USER=''
+
+##
+## POSTGRES
+##
+POSTGRES_HOST=''
+POSTGRES_PASSWORD=''
+POSTGRES_USER=''
+
+##
+## PROWLARR
+##
+PROWLARR_CONTAINER_NAME=''
+PROWLARR_ENABLED=''
+PROWLARR_NETWORK_MODE=''
+PROWLARR_PORT_9696=''
+PROWLARR_RESTART=''
+PROWLARR_TAG=''
+PROWLARR_API_KEY=''
+
+##
+## RADARR
+##
+RADARR_CONTAINER_NAME=''
+RADARR_ENABLED=''
+RADARR_NETWORK_MODE=''
+RADARR_PORT_7878=''
+RADARR_RESTART=''
+RADARR_TAG=''
+
+##
+## RADARR
+##
+RADARR_API_KEY=''
+
+##
+## REACTIVE
+##
+REACTIVE_RESUME_ACCESS_TOKEN_SECRET=''
+REACTIVE_RESUME_PGSQL_PASSWORD=''
+REACTIVE_RESUME_REFRESH_TOKEN_SECRET=''
+REACTIVE_RESUME_S3_ACCESS_KEY=''
+REACTIVE_RESUME_S3_SECRET_KEY=''
+
+##
+## READARR
+##
+READARR_CONTAINER_NAME=''
+READARR_ENABLED=''
+READARR_NETWORK_MODE=''
+READARR_PORT_8787=''
+READARR_RESTART=''
+READARR_TAG=''
+READARR_API_KEY=''
+
+##
+## REMMINA
+##
+REMMINA_CF_TUNNEL_ID=''
+REMMINA_CF_TUNNEL_PASSWORD=''
+REMMINA_USER_PASSWORD=''
+
+##
+## RUSTDESK
+##
+RUSTDESK_CUSTOM_PASSWORD=''
+
+##
+## SABNZBDVPN
+##
+SABNZBDVPN_CONTAINER_NAME=''
+SABNZBDVPN_ENABLED=''
+SABNZBDVPN_ENVIRONMENT_ENABLE_PRIVOXY=''
+SABNZBDVPN_ENVIRONMENT_LAN_NETWORK=''
+SABNZBDVPN_ENVIRONMENT_NAME_SERVERS=''
+SABNZBDVPN_ENVIRONMENT_VPN_CLIENT=''
+SABNZBDVPN_ENVIRONMENT_VPN_ENABLE=''
+SABNZBDVPN_ENVIRONMENT_VPN_INPUT_PORTS=''
+SABNZBDVPN_ENVIRONMENT_VPN_OPTIONS=''
+SABNZBDVPN_ENVIRONMENT_VPN_OUTPUT_PORTS=''
+SABNZBDVPN_ENVIRONMENT_VPN_PASS=''
+SABNZBDVPN_ENVIRONMENT_VPN_PROV=''
+SABNZBDVPN_ENVIRONMENT_VPN_USER=''
+SABNZBDVPN_NETWORK_MODE=''
+SABNZBDVPN_PORT_8080=''
+SABNZBDVPN_PORT_8090=''
+SABNZBDVPN_PORT_8118=''
+SABNZBDVPN_RESTART=''
+SABNZBDVPN_TAG=''
+SABNZBDVPN_API_KEY=''
+
+##
+## SCRAPERR
+##
+SCRAPERR_SECRET_KEY=''
+
+##
+## SCRUTINY
+##
+SCRUTINY_CF_TUNNEL_PASSWORD=''
+
+##
+## SEARXNG
+##
+SEARXNG_BASE_URL=''
+
+##
+## SLSKD
+##
+SLSKD_PASSWORD=''
+
+##
+## SONARQUBE
+##
+SONARQUBE_POSTGRES_PASSWORD=''
+SONARQUBE_LDAP_BIND_PASSWORD=''
+
+##
+## SONARR
+##
+SONARR_CONTAINER_NAME=''
+SONARR_ENABLED=''
+SONARR_NETWORK_MODE=''
+SONARR_PORT_8989=''
+SONARR_RESTART=''
+SONARR_TAG=''
+SONARR_API_KEY=''
+
+##
+## SWAG
+##
+SWAG_CONTAINER_NAME=''
+SWAG_ENABLED=''
+SWAG_ENVIRONMENT_DNSPLUGIN=''
+SWAG_ENVIRONMENT_EMAIL=''
+SWAG_ENVIRONMENT_EXTRA_DOMAINS=''
+SWAG_ENVIRONMENT_ONLY_SUBDOMAINS=''
+SWAG_ENVIRONMENT_SUBDOMAINS=''
+SWAG_ENVIRONMENT_URL=''
+SWAG_ENVIRONMENT_VALIDATION=''
+SWAG_NETWORK_MODE=''
+SWAG_PORT_443=''
+SWAG_PORT_80=''
+SWAG_RESTART=''
+SWAG_TAG=''
+
+##
+## SWAG
+##
+SWAG_CF_TUNNEL_ID=''
+SWAG_CF_TUNNEL_PASSWORD=''
+SWAG_DUCKDNSTOKEN=''
+SWAG_MAXMINDDB_LICENSE_KEY=''
+
+##
+## TANDOOR
+##
+TANDOOR_API_TOKEN=''
+TANDOOR_POSTGRES_PASSWORD=''
+TANDOOR_SECRET_KEY=''
+
+##
+## TMDB
+##
+TMDB_API_KEY=''
+
+##
+## TRACCAR
+##
+TRACCAR_POSTGRES_DATABASE=''
+TRACCAR_POSTGRES_PASSWORD=''
+TRACCAR_POSTGRES_USER=''
+
+##
+## UPTIME
+##
+UPTIME_KUMA_PASSWORD=''
+UPTIME_KUMA_USERNAME=''
+
+##
+## UPTIMEKUMA
+##
+UPTIMEKUMA_CONTAINER_NAME=''
+UPTIMEKUMA_ENABLED=''
+UPTIMEKUMA_NETWORK_MODE=''
+UPTIMEKUMA_PORT_3001=''
+UPTIMEKUMA_RESTART=''
+UPTIMEKUMA_TAG=''
+
+##
+## VAULT
+##
+VAULT_HASHICORP_AWS_ACCESS_KEY_ID=''
+VAULT_HASHICORP_AWS_SECRET_ACCESS_KEY=''
+
+##
+## VIRUS
+##
+VIRUS_TOTAL_API_KEY=''
+
+##
+## WALLABAG
+##
+WALLABAG_DB=''
+WALLABAG_DB_PASSWORD=''
+
+##
+## WATCHTOWER
+##
+WATCHTOWER_CONTAINER_NAME=''
+WATCHTOWER_ENABLED=''
+WATCHTOWER_ENVIRONMENT_CLEANUP=''
+WATCHTOWER_ENVIRONMENT_INCLUDE_STOPPED=''
+WATCHTOWER_ENVIRONMENT_MONITOR_ONLY=''
+WATCHTOWER_ENVIRONMENT_NOTIFICATION_TEMPLATE=''
+WATCHTOWER_ENVIRONMENT_NOTIFICATION_URL=''
+WATCHTOWER_ENVIRONMENT_NOTIFICATIONS=''
+WATCHTOWER_ENVIRONMENT_NOTIFICATIONS_LEVEL=''
+WATCHTOWER_ENVIRONMENT_REPO_PASS=''
+WATCHTOWER_ENVIRONMENT_REPO_USER=''
+WATCHTOWER_ENVIRONMENT_SCHEDULE=''
+WATCHTOWER_ENVIRONMENT_TIMEOUT=''
+WATCHTOWER_NETWORK_MODE=''
+WATCHTOWER_RESTART=''
+WATCHTOWER_TAG=''
+WATCHTOWER_VOLUME_DOCKER_SOCKET=''
+
+##
+## WATCHTOWER
+##
+WATCHTOWER_HTTP_API_TOKEN=''
+WATCHTOWER_NOTIFICATION_GOTIFY_TLS_SKIP_VERIFY=''
+WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN=''
+WATCHTOWER_NOTIFICATION_GOTIFY_URL=''
+
+##
+## WAZUH
+##
+WAZUH_API_PASSWORD=''
+WAZUH_INDEXER_PASSWORD=''
+WAZUH_KIBANA_PASSWORD=''
+WAZUH_VERSION=''
+
+##
+## YOUR
+##
+YOUR_SPOTIFY_ID=''
+YOUR_SPOTIFY_PORT_443=''
+YOUR_SPOTIFY_PORT_80=''
+YOUR_SPOTIFY_SECRET=''
+
+##
+## YOUTUBEDL
+##
+YOUTUBEDL_CONTAINER_NAME=''
+YOUTUBEDL_ENABLED=''
+YOUTUBEDL_ENVIRONMENT_CONFIG_PATH=''
+YOUTUBEDL_ENVIRONMENT_DEBUG=''
+YOUTUBEDL_NETWORK_MODE=''
+YOUTUBEDL_PORT_8080=''
+YOUTUBEDL_RESTART=''
+YOUTUBEDL_TAG=''
+
+##
+## ZAMMAD
+##
+ZAMMAD_ELASTICSEARCH_VERSION=''
+ZAMMAD_IMAGE_REPO=''
+ZAMMAD_MEMCACHE_SERVERS=''
+ZAMMAD_MEMCACHE_VERSION=''
+ZAMMAD_POSTGRES_DB=''
+ZAMMAD_POSTGRES_HOST=''
+ZAMMAD_POSTGRES_PASS=''
+ZAMMAD_POSTGRES_PORT=''
+ZAMMAD_POSTGRES_USER=''
+ZAMMAD_POSTGRES_VERSION=''
+ZAMMAD_POSTGRESQL_OPTIONS=''
+ZAMMAD_REDIS_URL=''
+ZAMMAD_REDIS_VERSION=''
+ZAMMAD_RESTART=''
+ZAMMAD_S3_ACCESS_KEY=''
+ZAMMAD_S3_SECRET_KEY=''
+ZAMMAD_VERSION=''
@@ -1,39 +0,0 @@
-const fs = require('fs');
-const yaml = require('js-yaml');
-
-module.exports = function extractDockerImages(fileContent) {
-  const result = [];
-
-  try {
-    const doc = yaml.load(fileContent, { schema: yaml.DEFAULT_SCHEMA });
-
-    if (!doc.services) return [];
-
-    for (const [serviceName, serviceDef] of Object.entries(doc.services)) {
-      let image = serviceDef.image;
-
-      // Resolve anchors/merges if image is not directly present
-      if (!image && serviceDef['<<']) {
-        const merge = Array.isArray(serviceDef['<<']) ? serviceDef['<<'] : [serviceDef['<<']];
-        merge.forEach(m => {
-          if (m && m.image && !image) {
-            image = m.image;
-          }
-        });
-      }
-
-      if (image) {
-        const [depName, currentValue] = image.split(':');
-        result.push({
-          depName: depName,
-          currentValue: currentValue || 'latest',
-          service: serviceName // For Renovate PR titles
-        });
-      }
-    }
-  } catch (err) {
-    console.error('Failed parsing docker-compose.yml:', err);
-  }
-
-  return result;
-};
@@ -1,53 +0,0 @@
-{
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "extends": ["config:base"],
-  "enabledManagers": ["docker-compose"],
-  "schedule": [
-    "* 3-9 * * 5",
-    "* 3-9 * * 6",
-    "* 3-9 * * 0"
-  ],
-  "prConcurrentLimit": 5,
-  "branchPrefix": "renovate/",
-  "rebaseWhen": "behind-base-branch",
-  "packageRules": [
-    {
-      "description": "Pin ClickHouse, Zookeeper, Postgres, pgvector, and pgvecto-rs images",
-      "matchDatasources": ["docker"],
-      "matchManagers": ["docker-compose"],
-      "matchPackageNames": [
-        "signoz-clickhouse-server",
-        "signoz-zookeeper-1",
-        "postgres",
-        "pgvector",
-        "pgvecto-rs"
-      ],
-      "pinDigests": true,
-      "allowedVersions": "digest"
-    },
-    {
-      "description": "Alpine-based images only update to Alpine-based versions",
-      "matchDatasources": ["docker"],
-      "matchManagers": ["docker-compose"],
-      "matchPackagePatterns": [".*"],
-      "allowedVersions": "/alpine/i"
-    },
-    {
-      "description": "Automerge patch updates for semver tags",
-      "matchDatasources": ["docker"],
-      "matchManagers": ["docker-compose"],
-      "matchUpdateTypes": ["patch"],
-      "automerge": true
-    },
-    {
-      "description": "Require approval for major and minor updates",
-      "matchDatasources": ["docker"],
-      "matchManagers": ["docker-compose"],
-      "matchUpdateTypes": ["minor", "major"],
-      "automerge": false,
-      "requiredStatusChecks": null
-    }
-  ],
-  "branchNameStrict": true,
-  "branchTopic": "{{{depNameSanitized}}}-{{{newVersion}}}"
-}