name: compose networks: bitmagnet: driver: bridge ipam: config: - gateway: 192.168.55.1 subnet: 192.168.55.0/27 driver: default name: compose_bitmagnet default: name: compose_default services: actual_server: container_name: actualbudget environment: ACTUAL_LOGIN_METHOD: "pass" ACTUAL_PORT: 5006 # - ACTUAL_UPLOAD_FILE_SYNC_SIZE_LIMIT_MB=20 # - ACTUAL_UPLOAD_SYNC_ENCRYPTED_FILE_SYNC_SIZE_LIMIT_MB=50 # - ACTUAL_UPLOAD_FILE_SIZE_LIMIT_MB=20 # See all options and more details at https://actualbudget.github.io/docs/Installing/Configuration # !! If you are not using any of these options, remove the 'environment:' tag entirely. image: docker.io/actualbudget/actual-server:latest ports: - 5006:5006 restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/actual-budget:/data adguard: container_name: adguard environment: TZ: America/New_York hostname: Rinoa image: adguard/adguardhome:latest labels: swag: enable swag_proto: http swag_url: adgh.${MY_TLD} homepage.group: System Administration homepage.name: AdGuard Home homepage.icon: adguard-home.png homepage.href: https://adgh.${MY_TLD} homepage.description: Ad-blocking/DNS homepage.widget.type: adguard homepage.widget.url: http://adguard:80 homepage.widget.username: admin homepage.widget.password: ${ADGUARD_PASSWORD} networks: default: null ports: - mode: ingress protocol: tcp published: "3001" target: 3000 - mode: ingress protocol: tcp published: "446" target: 443 - mode: ingress protocol: tcp published: "8008" target: 80 - mode: ingress protocol: tcp published: "853" target: 853 - host_ip: 0.0.0.0 mode: ingress protocol: tcp published: "53" target: 53 - host_ip: 0.0.0.0 mode: ingress protocol: udp published: "53" target: 53 - host_ip: 0.0.0.0 mode: ingress protocol: udp published: "67" target: 67 - host_ip: 0.0.0.0 mode: ingress protocol: tcp published: "688" target: 68 - host_ip: 0.0.0.0 mode: ingress protocol: udp published: "688" target: 68 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/adguard/work target: /opt/adguardhome/work type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/adguard/conf target: /opt/adguardhome/conf type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind - source: ${DOCKER_VOLUME_CONFIG}/swag/etc/letsencrypt/archive/trez.wtf target: /etc/ssl/certs type: bind bind: create_host_path: true apprise: container_name: apprise environment: PGID: 1000 PUID: 1000 TZ: America/New_York hostname: Rinoa image: lscr.io/linuxserver/apprise-api:latest labels: homepage.group: Infrastructure/App Performance Monitoring homepage.name: Apprise homepage.icon: apprise.png homepage.href: http://192.168.1.254:8000 homepage.description: Cemtralized, multi-channel notification API networks: default: null ports: - mode: ingress protocol: tcp published: "8000" target: 8000 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/apprise target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind audiobookshelf: container_name: audiobookshelf environment: CONFIG_PATH: /config HOME: /config/.home LOG_LEVEL: info METADATA_PATH: /metadata TZ: America/New_York hostname: Rinoa image: ghcr.io/advplyr/audiobookshelf:latest labels: homepage.group: Media Library homepage.name: Audiobookshelf homepage.href: https://abs.${MY_TLD} homepage.icon: audiobookshelf.png homepage.description: Podcasts, eBooks, & Audiobooks homepage.widget.type: audiobookshelf homepage.widget.url: http://audiobookshelf:80 homepage.widget.key: ${AUDIOBOOKSHELF_ROOT_API_KEY} swag: enable swag_address: audiobookshelf swag_proto: http swag_url: abs.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://abs.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "13378" target: 80 restart: unless-stopped user: 1000:1000 volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/audiobookshelf target: /config type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/audiobookshelf/.metadata target: /metadata type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind authelia: container_name: authelia environment: AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD: ${AUTHELIA_AUTH_BIND_LDAP_PASSWORD} AUTHELIA_JWT_SECRET: ${AUTHELIA_JWT_SECRET} AUTHELIA_NOTIFIER_SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} AUTHELIA_NOTIFIER_SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER} AUTHELIA_SESSION_SECRET: ${AUTHELIA_SESSION_SECRET} AUTHELIA_STORAGE_ENCRYPTION_KEY: ${AUTHELIA_STORAGE_ENCRYPTION_KEY} AUTHELIA_STORAGE_POSTGRES_PASSWORD: ${AUTHELIA_STORAGE_POSTGRES_PASSWORD} GUID: ${PGID} PGID: ${PGID} PUID: ${PUID} TZ: ${TZ} expose: - 9091 image: authelia/authelia:master labels: homepage.group: Privacy/Security homepage.name: Authelia homepage.href: https://auth.${MY_TLD} homepage.icon: authelia.svg homepage.description: Authentication/authorization server with MFA & SSO swag: enable swag_proto: http swag_port: 9091 swag_url: auth.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://auth.${MY_TLD} networks: default: null restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/authelia/ target: /config type: bind bind: create_host_path: true authelia-pg: container_name: authelia-pg environment: - POSTGRES_PASSWORD=${AUTHELIA_STORAGE_POSTGRES_PASSWORD} - POSTGRES_USER=authelia - POSTGRES_DB=authelia expose: - 5432 image: postgres:16-alpine networks: default: null restart: unless-stopped volumes: - source: authelia-pg-db target: /var/lib/postgresql/data type: volume bind: create_host_path: true bazarr: container_name: bazarr environment: - PGID=1000 - PUID=1000 - TZ=America/New_York - DOCKER_MODS=ghcr.io/gilbn/theme.park:bazarr hostname: Rinoa image: lscr.io/linuxserver/bazarr:latest labels: homepage.group: Servarr Stack homepage.name: Bazarr homepage.href: https://bazarr.${MY_TLD} homepage.icon: bazarr.png homepage.description: Subtitle automation for TV shows/movies homepage.widget.type: bazarr homepage.widget.url: http://bazarr:6767 homepage.widget.key: ${BAZARR_API_KEY} swag: enable swag_proto: http swag_port: 6767 swag.uptime-kuma.enabled: true networks: default: null ports: - mode: ingress protocol: tcp published: "6767" target: 6767 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/bazarr target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind bitmagnet: command: - worker - run - --keys=http_server - --keys=queue_server - --keys=dht_crawler container_name: bitmagnet depends_on: bitmagnet-pg-db: condition: service_healthy required: true gluetun: condition: service_started required: true restart: true environment: LOG_FILE_ROTATION_ENABLED: true POSTGRES_HOST: bitmagnet-pg-db POSTGRES_PASSWORD: ${BITMAGNET_POSTGRESQL_PASSWORD} POSTGRES_USER: bitmagnet image: ghcr.io/bitmagnet-io/bitmagnet:latest labels: homepage.group: Downloaders homepage.name: Bitmagnet homepage.href: https://btmag.${MY_TLD} homepage.icon: sh-bitmagnet.png homepage.description: Torrent indexer, DHT crawler, search engine, & content classifier homepage.widget.type: gluetun homepage.widget.url: http://gluetun:8000 swag: enable swag_proto: http swag_address: gluetun swag_auth: authelia swag_auth_bypass: /v1 swag_port: 3333 swag_url: btmag.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://btmag.${MY_TLD} network_mode: service:gluetun restart: always volumes: - source: ${DOCKER_VOLUME_CONFIG}/bitmagnet target: /root/.local/share/bitmagnet type: bind bind: create_host_path: true bitmagnet-pg-db: container_name: bitmagnet-pg-db environment: POSTGRES_DB: bitmagnet POSTGRES_PASSWORD: ${BITMAGNET_POSTGRESQL_PASSWORD} POSTGRES_USER: bitmagnet expose: - 5432 healthcheck: interval: 10s start_period: 20s test: - CMD-SHELL - pg_isready image: postgres:17-alpine networks: bitmagnet: ipv4_address: 192.168.55.8 default: null restart: unless-stopped shm_size: 1g volumes: - source: bitmagnet-pg-db target: /var/lib/postgresql/data type: volume volume: {} bitwarden: container_name: bitwarden environment: ADMIN_TOKEN: ${BITWARDEN_ENVIRONMENT_ADMIN_TOKEN} DATABASE_URL: data/db.sqlite3 DISABLE_ADMIN_TOKEN: "false" DOMAIN: https://bitwarden.${MY_TLD} ENABLE_DB_WAL: "true" INVITATIONS_ALLOWED: "false" SHOW_PASSWORD_HINT: "false" SIGNUPS_ALLOWED: "true" SIGNUPS_VERIFY: "true" TZ: America/New_York WEBSOCKET_ENABLED: "true" hostname: Rinoa image: vaultwarden/server:latest labels: homepage.group: Privacy/Security homepage.name: Bitwarden homepage.icon: bitwarden.png homepage.href: https://bitwarden.${MY_TLD} homepage.description: Credential/Information Vault swag: enable swag_url: bitwarden.${MY_TLD} swag_proto: http swag_port: 80 swag.uptime-kuma.enabled: true networks: default: null ports: - mode: ingress protocol: tcp published: "3012" target: 3012 - mode: ingress protocol: tcp published: "8013" target: 80 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/bitwarden target: /data type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind bluesky-pds: container_name: bluesky-pds environment: PDS_ADMIN_EMAIL: charish.patel@trez.wtf PDS_HOSTNAME: bsky.trez.wtf PDS_JWT_SECRET: ${BLUESKY_PDS_JWT_SECRET} PDS_ADMIN_PASSWORD: ${BLUESKY_PDS_ADMIN_PASSWORD} PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: ${BLUESKY_PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX} PDS_DATA_DIRECTORY: /pds PDS_EMAIL_SMTP_URL: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25 PDS_EMAIL_FROM_ADDRESS: noreply@trez.wtf PDS_BLOBSTORE_DISK_LOCATION: /pds/blocks PDS_BLOB_UPLOAD_LIMIT: 52428800 PDS_DID_PLC_URL: ${PDS_DID_PLC_URL} PDS_BSKY_APP_VIEW_URL: ${PDS_BSKY_APP_VIEW_URL} PDS_BSKY_APP_VIEW_DID: ${PDS_BSKY_APP_VIEW_DID} PDS_REPORT_SERVICE_URL: ${PDS_REPORT_SERVICE_URL} PDS_REPORT_SERVICE_DID: ${PDS_REPORT_SERVICE_DID} PDS_CRAWLERS: ${PDS_CRAWLERS} LOG_ENABLED: true expose: - 3000 image: ghcr.io/bluesky-social/pds:latest labels: swag: enable swag_port: 3000 swag_url: bsky.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://bsky.${MY_TLD} restart: unless-stopped volumes: - type: bind source: ${DOCKER_VOLUME_CONFIG}/bluesky-pds target: /pds browserless: container_name: browserless environment: ALLOW_FILE_PROTOCOL: true CONCURRENT: 20 HEALTH: false PROXY_HOST: swag PROXY_PORT: 443 PROXY_SSL: true QUEUED: 20 TIMEOUT: 300000 TOKEN: ${CHROMIUM_TOKEN} TZ: ${TZ} expose: - 3000 image: ghcr.io/browserless/chromium:latest labels: swag: enable swag_proto: http swag_port: 3000 swag_url: browse.${MY_TLD} networks: default: null restart: unless-stopped bunkerweb: container_name: bunkerweb environment: SERVER_NAME: www.trez.wtf API_WHITELIST_IP: 172.18.0.0/16 192.168.1.0/24 USE_REAL_IP: yes REAL_IP_FROM: 172.18.0.0/16 REAL_IP_HEADER: X-Forwarded-For expose: - 8080 - 8443 image: bunkerity/bunkerweb:latest labels: bunkerweb.INSTANCE: yes restart: unless-stopped bunkerweb-scheduler: container_name: bunkerweb-scheduler depends_on: - bunkerweb - docker-socket-proxy environment: DOCKER_HOST: tcp://dockerproxy:2375 image: bunkerity/bunkerweb-scheduler:latest restart: unless-stopped volumes: - bunkerweb-data:/data bunkerweb-ui: container_name: bunkerweb-ui depends_on: - bunkerweb - docker-socket-proxy environment: DOCKER_HOST: tcp://dockerproxy:2375 expose: - 7000 image: bunkerity/bunkerweb-ui:latest labels: homepage.group: Privacy/Security homepage.name: Bunkerweb homepage.href: https://bunker.${MY_TLD} homepage.icon: bunker.svg homepage.description: Next-gen WAF swag: enable swag_port: 7000 swag_url: bunker.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://bunker.${MY_TLD} restart: unless-stopped volumes: - bunkerweb-data:/data castopod: container_name: castopod depends_on: mariadb: condition: service_started required: true restart: true environment: MYSQL_DATABASE: castopod MYSQL_USER: castopod MYSQL_PASSWORD: ${CASTOPOD_MYSQL_PASSWORD} CP_DATABASE_HOSTNAME: mariadb CP_DATABASE_NAME: castopod CP_DATABASE_USERNAME: castopod CP_DATABASE_PASSWORD: ${CASTOPOD_MYSQL_PASSWORD} CP_BASEURL: pod.trez.wtf CP_ANALYTICS_SALT: ${CASTOPOD_ANALYTICS_SALT} CP_CACHE_HANDLER: redis CP_DISABLE_HTTPS: 1 CP_REDIS_HOST: redis CP_EMAIL_SMTP_HOST: postal-smtp CP_EMAIL_FROM: noreply@trez.wtf CP_EMAIL_SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER} CP_EMAIL_SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} expose: - 8000 image: castopod/castopod:latest labels: homepage.group: Social homepage.name: Castopod homepage.href: https://pod.${MY_TLD} homepage.icon: castopod.png homepage.description: Podcast self-hosting swag: enable swag_port: 8000 swag_url: pod.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://pod.${MY_TLD} restart: unless-stopped volumes: - castopod-media:/var/www/castopod/public/media cloudflared: command: ['tunnel', '--no-autoupdate', 'run', '--token', '${CLOUDFLARED_TUNNEL_TOKEN}'] container_name: cloudflared environment: CLOUDFLARED_TUNNEL_KEY: ${CLOUDFLARED_TUNNEL_TOKEN} image: 'cloudflare/cloudflared:latest' restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/cloudflared:/etc/cloudflared cloudflareddns: container_name: cloudflareddns environment: ARGS: --dns-cloudflare-propagation-seconds 60 CF_APIKEY: ${CLOUDFLAREDDNS_ENVIRONMENT_APIKEY} CF_APITOKEN: ${CLOUDFLAREDDNS_ENVIRONMENT_APITOKEN} CF_HOSTS: trez.wtf CF_RECORDTYPES: A CF_USER: charish.patel@trez.wtf CF_ZONES: trez.wtf DETECTION_MODE: dig-google.com INTERVAL: "300" LOG_LEVEL: "3" PGID: "1000" PUID: "1000" TZ: America/New_York hostname: Rinoa image: ghcr.io/hotio/cloudflareddns:latest networks: default: null restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/cloudflareddns target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind crowdsec: container_name: crowdsec environment: DOCKER_HOST: tcp://dockerproxy:2375 GID: 1000 BOUNCER_KEY_SWAG: ${CROWDSEC_API_KEY} COLLECTIONS: crowdsecurity/nginx crowdsecurity/http-cve crowdsecurity/whitelist-good-actors crowdsecurity/linux crowdsecurity/iptables image: crowdsecurity/crowdsec:latest networks: default: null ports: - mode: ingress protocol: tcp published: "8101" target: 8080 restart: unless-stopped security_opt: - no-new-privileges=true volumes: - source: ${DOCKER_VOLUME_CONFIG}/crowdsec/config.yaml.local target: /etc/crowdsec/config.yaml.local type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/crowdsec/local_api_credentials.yaml.local target: /etc/crowdsec/local_api_credentials.yaml.local type: bind bind: create_host_path: true - read_only: true source: ${DOCKER_VOLUME_CONFIG}/swag/log/nginx target: /var/log/swag type: bind bind: create_host_path: true - source: crowdsec-config target: /etc/crowdsec type: volume volume: {} - source: crowdsec-db target: /var/lib/crowdsec/data type: volume volume: {} - bind: create_host_path: true read_only: true source: /var/log/journal target: /var/log/host type: bind crowdsec-dashboard: container_name: crowdsec-dashboard depends_on: crowdsec: condition: service_started required: true environment: MB_DB_FILE: /data/metabase.db MGID: ${GID-1000} image: metabase/metabase labels: com.centurylinklabs.watchtower.enable: false homepage.group: Privacy/Security homepage.name: CrowdSec Dashboard homepage.href: https://csec.${MY_TLD} homepage.icon: crowdsec.svg homepage.description: Real-time & crowdsourced protection against aggressive IPs homepage.widget.type: crowdsec homepage.widget.url: http://crowdsec:8080 homepage.widget.username: localhost homepage.widget.password: ${CROWDSEC_LOCAL_API_KEY} swag: enable swag_port: 3000 swag_proto: http swag_url: csec.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://csec.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "8908" target: 3000 restart: always volumes: - source: crowdsec-db target: /metabase-data type: volume volume: {} czkawka: container_name: czkawka environment: KEEP_APP_RUNNING: 1 PGID: ${PGID} PUID: ${PUID} TZ: ${TZ} UMASK: 1 WEB_LISTENING_PORT: 5800 image: jlesage/czkawka labels: homepage.group: System Administration homepage.name: Czkawka homepage.href: https://czkawka.${MY_TLD} homepage.icon: /icons/czkawka.png homepage.description: Smart file management swag: enable swag_port: 5800 swag_proto: http swag_url: czkawka.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://czkawka.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "5800" target: 5800 privileged: true restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/czkawka target: /config type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_STORAGE} target: /storage type: bind bind: create_host_path: true dagu-scheduler: command: dagu scheduler container_name: dagu-scheduler image: ghcr.io/dagu-org/dagu:latest networks: default: null restart: unless-stopped volumes: - source: dagu_config target: /home/dagu/.config/dagu type: volume volume: {} - source: dagu_data target: /home/dagu/.local/share type: volume volume: {} dagu-server: container_name: dagu-server environment: DAGU_PORT: 8080 image: ghcr.io/dagu-org/dagu:latest labels: homepage.group: System Administration homepage.name: Dagu homepage.href: https://cron.${MY_TLD} homepage.icon: sh-dagu.png homepage.description: Cron alternative using DAGs (Directed Acyclic Graphs) swag: enable swag_port: 8080 swag_proto: http swag_url: cron.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://cron.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "8108" target: 8080 restart: unless-stopped volumes: - source: dagu_config target: /home/dagu/.config/dagu type: volume bind: create_host_path: true - source: dagu_data target: /home/dagu/.local/share type: volume bind: create_host_path: true delugevpn: cap_add: - NET_ADMIN - SYS_MODULE container_name: delugevpn environment: ENABLE_PRIVOXY: "no" LAN_NETWORK: 192.168.1.0/24 NAME_SERVERS: 192.168.1.254,1.1.1.1 PGID: "1000" PUID: "1000" TZ: America/New_York VPN_CLIENT: openvpn VPN_ENABLED: "yes" VPN_INPUT_PORTS: "" VPN_OPTIONS: "" VPN_OUTPUT_PORTS: "" VPN_PASS: QGXRAYAwzVv9X84MAK2gPYq2Mt6ztdoA VPN_PROV: pia VPN_USER: p3120278 hostname: Rinoa image: ghcr.io/binhex/arch-delugevpn:latest labels: homepage.group: Downloaders homepage.name: DelugeVPN homepage.href: https://deluge.${MY_TLD} homepage.icon: deluge.png homepage.description: Torrent over VPN homepage.widget.type: deluge homepage.widget.url: http://delugevpn:8112 homepage.widget.password: ${DELUGEVPN_PASSWORD} swag: enable swag_port: 8112 swag_proto: http swag_url: deluge.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://deluge.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "58846" target: 58846 - mode: ingress protocol: tcp published: "58946" target: 58946 - mode: ingress protocol: tcp published: "6881" target: 6881 - mode: ingress protocol: tcp published: "8112" target: 8112 - mode: ingress protocol: tcp published: "8118" target: 8118 privileged: true restart: unless-stopped sysctls: net.ipv4.conf.all.src_valid_mark: "1" volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/delugevpn target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind docker-socket-proxy: container_name: dockerproxy environment: AUTH: 1 BUILD: 1 COMMIT: 1 CONFIGS: 1 CONTAINERS: 1 DISTRIBUTION: 1 EVENTS: 1 EXEC: 1 GPRC: 1 IMAGES: 1 INFO: 1 NETWORKS: 1 NODES: 1 POST: 1 PLUGINS: 1 SERVICES: 1 SESSION: 1 SYSTEM: 1 TASKS: 1 VOLUMES: 1 LOG_LEVEL: debug image: ghcr.io/tecnativa/docker-socket-proxy:latest labels: komodo.skip: s networks: default: null ports: - mode: ingress protocol: tcp published: "2375" target: 2375 privileged: true restart: unless-stopped volumes: - bind: create_host_path: true source: /var/run/docker.sock target: /var/run/docker.sock type: bind docuseal: container_name: docuseal image: docuseal/docuseal:latest labels: homepage.group: Personal Services homepage.name: Docuseal homepage.href: https://docs.${MY_TLD} homepage.description: OSS Document Signing & Verification homepage.icon: docuseal.png swag: enable swag_proto: http swag_port: 3000 swag_url: sign.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://sign.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "3002" target: 3000 restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/docuseal target: /data type: bind bind: create_host_path: true duplicati: container_name: duplicati environment: PGID: "1000" PUID: "1000" TZ: America/New_York hostname: Rinoa image: lscr.io/linuxserver/duplicati:latest labels: swag: enable swag_port: 8200 swag_proto: http swag_url: dup.${MY_TLD} homepage.group: Automation homepage.name: Duplicati homepage.href: https://dup.${MY_TLD} homepage.icon: duplicati.png homepage.description: Data backup networks: default: null ports: - mode: ingress protocol: tcp published: "8282" target: 8200 - ${DUPLICATI_PORT_8200}:8200 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/duplicati target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind - bind: create_host_path: true source: /home/charish/.config/appdata/backups target: /backups type: bind - bind: create_host_path: true source: /home/charish/.config/appdata target: /source type: bind fastenhealth: container_name: fastenhealth image: ghcr.io/fastenhealth/fasten-onprem:main labels: homepage.group: Lifestyle homepage.name: Fasten homepage.icon: sh-fasten-health.svg homepage.href: http://health.${MY_TLD} homepage.description: Open-source, self-hosted, personal/family electronic medical record aggregator swag: enable swag_proto: http swag_port: 8080 swag_url: health.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://health.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "8105" target: 8080 restart: unless-stopped volumes: - source: fastenhealth-cache target: /opt/fasten/cache type: volume volume: {} - source: fastenhealth-db target: /opt/fasten/db type: volume volume: {} flaresolverr: container_name: flaresolverr environment: CAPTCHA_SOLVER: none LOG_HTML: false LOG_LEVEL: info PORT: 8191 TZ: America/New_York BROWSER_TIMEOUT: 40000 TEST_URL: https://duckduckgo.com hostname: Rinoa image: ghcr.io/flaresolverr/flaresolverr:latest networks: default: null ports: - mode: ingress protocol: tcp published: "8191" target: 8191 restart: unless-stopped sysctls: - net.ipv6.conf.all.disable_ipv6=1 volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind ghost: container_name: ghost_blog depends_on: mariadb: condition: service_started required: true restart: true environment: database__client: mysql database__connection__host: mariadb database__connection__port: 3306 database__connection__user: ${GHOST_DB_USER} database__connection__password: ${GHOST_DB_PASSWORD} database__connection__database: ghost_db mail__transport: SMTP mail__options__host: postal-smtp mail__options__port: 25 mail__options__secure: false mail__options__auth__user: ${POSTAL_SMTP_AUTH_USER} mail__options__auth__pass: ${POSTAL_SMTP_AUTH_PASSWORD} mail__from: "noreply@trez.wtf" url: https://blog.${MY_TLD} image: ghost:latest labels: homepage.group: Lifestyle homepage.name: Ghost homepage.href: https://blog.${MY_TLD} homepage.icon: ghost.png homepage.description: Personal blog swag: enable swag_port: 2368 swag_proto: http swag_url: blog.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://blog.${MY_TLD} links: - mariadb networks: default: null restart: always gitea: container_name: gitea depends_on: gitea-db: condition: service_healthy required: true environment: USER_UID: ${PUID} USER_GID: ${PGID} GITEA__database__DB_TYPE: postgres GITEA__database__HOST: gitea-db:5432 GITEA__database__NAME: gitea GITEA__database__USER: gitea GITEA__database__PASSWD: ${GITEA_PG_DB_PASSWORD} GITEA__mailer__ENABLED: true GITEA__mailer__FROM: '"Gitea" ' GITEA__mailer__PROTOCOL: smtp GITEA__mailer__SMTP_ADDR: postal-smtp GITEA__mailer__SMTP_PORT: 25 GITEA__mailer__USER: ${POSTAL_SMTP_AUTH_USER} GITEA__mailer__PASSWD: ${POSTAL_SMTP_AUTH_PASSWORD} image: gitea/gitea:1.23.1 labels: homepage.group: Code/DevOps homepage.name: Gitea homepage.href: https://git.${MY_TLD} homepage.icon: gitea.svg homepage.description: Private Code Repo homepage.widget.type: gitea homepage.widget.url: http://gitea:3000 homepage.widget.key: ${GITEA_HOMEPAGE_API_KEY} swag: enable swag_url: git.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://git.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "3013" target: 3000 - mode: ingress protocol: tcp published: "222" target: 22 restart: always volumes: - source: ${DOCKER_VOLUME_CONFIG}/gitea target: /data/gitea type: bind bind: create_host_path: true - bind: create_host_path: true read_only: true source: /etc/timezone target: /etc/timezone type: bind - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind gitea-db: container_name: gitea-db environment: - POSTGRES_USER=gitea - POSTGRES_PASSWORD=${GITEA_PG_DB_PASSWORD} - POSTGRES_DB=gitea expose: - 5432 healthcheck: interval: 10s start_period: 20s test: - CMD-SHELL - pg_isready image: postgres:14 networks: default: null restart: always volumes: - source: gitea-pg-db target: /var/lib/postgresql/data type: volume volume: {} gitea-opengist: container_name: gitea-opengist environment: OG_LOG_LEVEL: warn OG_EXTERNAL_URL: https://gist.trez.wtf OG_GIT_DEFAULT_BRANCH: "main" OG_GITEA_CLIENT_KEY: ${OPENGIST_GITEA_CLIENT_KEY} OG_GITEA_SECRET: ${OPENGIST_GITEA_SECRET} OG_GITEA_URL: https://git.trez.wtf OG_GITEA_NAME: "Gitea @ Rinoa" OG_SSH_EXTERNAL_DOMAIN: gist-ssh.trez.wtf image: ghcr.io/thomiceli/opengist:latest labels: homepage.description: Private Code Gists homepage.group: Code/DevOps homepage.href: https://gist.trez.wtf homepage.icon: sh-opengist.svg homepage.name: Opengist swag: enable swag.uptime-kuma.enabled: "true" swag.uptime-kuma.monitor.url: https://gist.trez.wtf swag_port: "6157" swag_proto: http swag_url: gist.trez.wtf ports: - "6157:6157" # HTTP port - "2222:2222" # SSH port, can be removed if you don't use SSH restart: always volumes: - ${DOCKER_VOLUME_CONFIG}/gitea/opengist:/opengist gitea-runner: container_name: gitea-runner depends_on: gitea: condition: service_started environment: CONFIG_FILE: /config.yaml DOCKER_HOST: tcp://dockerproxy:2375 GITEA_INSTANCE_URL: https://git.trez.wtf GITEA_RUNNER_REGISTRATION_TOKEN: "${GITEA_RUNNER_REGISTRATION_TOKEN}" GITEA_RUNNER_NAME: "gitea-runner-1" image: gitea/act_runner:latest ports: - 63604:63604 restart: always volumes: - ${DOCKER_VOLUME_CONFIG}/gitea/act-runner/config.yaml:/config.yaml gitea-sonarqube-bot: container_name: gitea-sonarqube-bot depends_on: gitea: condition: service_started sonarqube: condition: service_started image: justusbunsi/gitea-sonarqube-bot:v0.4.0 environment: GITEA_SQ_BOT_PORT: 58525 GITEA_SQ_BOT_CONFIG_PATH: /home/bot/config/config.yaml ports: - 58525:58525 restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/gitea/sonarqube-bot/:/home/bot/config/ gluetun: cap_add: - NET_ADMIN container_name: gluetun environment: OPENVPN_PASSWORD: ${DELUGEVPN_ENVIRONMENT_VPN_PASS} OPENVPN_USER: ${DELUGEVPN_ENVIRONMENT_VPN_USER} PORT_FORWARD_ONLY: true SERVER_REGIONS: Bahamas,Belgium,Cyprus,Estonia,FI Helsinki,Iceland,Latvia,Lithuania,Luxembourg,Montenegro,Netherlands,Portugal,DK Copenhagen,Ukraine,Uruguay VPN_SERVICE_PROVIDER: private internet access expose: - 8000 extra_hosts: - bitmagnet-pg-db:192.168.55.8 image: qmcgaw/gluetun:latest networks: bitmagnet: ipv4_address: 192.168.55.7 default: null ports: - mode: ingress protocol: tcp published: "3333" target: 3333 - mode: ingress protocol: tcp published: "3334" target: 3334 - mode: ingress protocol: udp published: "3334" target: 3334 - mode: ingress protocol: tcp published: "5030" target: 5030 - mode: ingress protocol: tcp published: "5031" target: 5031 - mode: ingress protocol: tcp published: "50300" target: 50300 restart: always gotify: container_name: gotify environment: GOTIFY_SERVER_PORT: 80 GOTIFY_SERVER_KEEPALIVEPERIODSECONDS: 0 GOTIFY_SERVER_LISTENADDR: GOTIFY_SERVER_SSL_ENABLED: false GOTIFY_SERVER_SSL_REDIRECTTOHTTPS: true GOTIFY_SERVER_SSL_LISTENADDR: GOTIFY_SERVER_SSL_PORT: 443 GOTIFY_SERVER_SSL_CERTFILE: GOTIFY_SERVER_SSL_CERTKEY: GOTIFY_SERVER_SSL_LETSENCRYPT_ENABLED: false GOTIFY_SERVER_SSL_LETSENCRYPT_ACCEPTTOS: false GOTIFY_SERVER_SSL_LETSENCRYPT_CACHE: certs GOTIFY_SERVER_STREAM_PINGPERIODSECONDS: 45 GOTIFY_DATABASE_DIALECT: sqlite3 GOTIFY_DATABASE_CONNECTION: data/gotify.db GOTIFY_DEFAULTUSER_NAME: admin GOTIFY_DEFAULTUSER_PASS: ${GOTIFY_PASSWORD} GOTIFY_PASSSTRENGTH: 10 GOTIFY_UPLOADEDIMAGESDIR: data/images GOTIFY_PLUGINSDIR: data/plugins GOTIFY_REGISTRATION: false image: gotify/server labels: homepage.group: Infrastructure/App Performance Monitoring homepage.name: Gotify homepage.href: https://gotify.${MY_TLD} homepage.icon: gotify.png homepage.description: Notification System homepage.widget.type: gotify homepage.widget.url: http://gotify homepage.widget.key: ${GOTIFY_HOMEPAGE_CLIENT_KEY} swag: enable swag_proto: http swag.uptime-kuma.enabled: true networks: default: null ports: - mode: ingress protocol: tcp published: "8097" target: 80 restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/gotify target: /app/data type: bind bind: create_host_path: true grafana: container_name: grafana depends_on: grafana-alloy: condition: service_started required: true environment: GF_INSTALL_PLUGINS: grafana-piechart-panel TZ: America/New_York hostname: Rinoa image: grafana/grafana-enterprise:latest labels: homepage.group: Infrastructure/App Performance Monitoring homepage.name: Grafana (LGTM) homepage.href: https://mon.${MY_TLD} homepage.description: Monitoring Dashboard for metrics, logs, traces, & profiles homepage.icon: grafana.png homepage.widget.type: grafana homepage.widget.url: http://grafana:3000 homepage.widget.username: admin homepage.widget.password: ${GRAFANA_ADMIN_PASSWORD} swag: enable swag_proto: http swag_url: mon.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://mon.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "3006" target: 3000 restart: unless-stopped user: 1000:1000 volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - source: ${DOCKER_VOLUME_CONFIG}/grafana/data target: /var/lib/grafana type: bind bind: create_host_path: true - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind grafana-alloy: cap_add: - SYS_ADMIN - SYS_TIME - BPF - SYSLOG command: run --disable-reporting=true --stability.level=public-preview --server.http.listen-addr=0.0.0.0:12345 /etc/alloy/config.alloy container_name: grafana-alloy environment: - DOCKER_HOST=tcp://dockerproxy:2375 image: grafana/alloy:latest labels: homepage.group: Infrastructure/App Performance Monitoring homepage.name: Grafana Alloy homepage.description: Agent for metric/log/trace/profile collection and writing homepage.href: http://192.168.1.254:12345 homepage.icon: sh-grafana-alloy.svg networks: default: null ports: - mode: ingress protocol: tcp published: "12345" target: 12345 privileged: true restart: always volumes: - source: ${DOCKER_VOLUME_CONFIG}/grafana/alloy/config.alloy target: /etc/alloy/config.alloy type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/grafana/alloy/endpoints.json target: /etc/alloy/endpoints.json type: bind bind: create_host_path: true - bind: create_host_path: true read_only: true source: /proc target: /host/proc type: bind - bind: create_host_path: true read_only: true source: /sys target: /host/sys type: bind - bind: create_host_path: true read_only: true source: / target: /rootfs type: bind grafana-loki: command: -config.file=/etc/loki/loki-config.yaml container_name: grafana-loki depends_on: grafana-alloy: condition: service_started required: true image: grafana/loki:latest networks: default: null ports: - mode: ingress protocol: tcp published: "3100" target: 3100 restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/grafana/loki/loki-config.yaml target: /etc/loki/loki-config.yaml type: bind bind: create_host_path: true grafana-mimir: command: - -ingester.native-histograms-ingestion-enabled=true - -config.file=/etc/mimir.yaml container_name: grafana-mimir depends_on: grafana-alloy: condition: service_started required: true image: grafana/mimir:latest labels: homepage.group: Infrastructure/App Performance Monitoring homepage.name: Grafana Mimir homepage.href: http://192.168.1.254:9009 homepage.description: Long-term metrics storage homepage.icon: /icons/grafana-mimir.png networks: default: null ports: - mode: ingress protocol: tcp published: "9009" target: 9009 restart: unless-stopped volumes: - source: grafana-mimir-data target: /data type: volume volume: {} - source: ${DOCKER_VOLUME_CONFIG}/grafana/mimir/mimir.yaml target: /etc/mimir.yaml type: bind bind: create_host_path: true grafana-mimir-memcached: container_name: grafana-mimir-memcached depends_on: grafana-alloy: condition: service_started required: true environment: MEMCACHED_MEMORY_LIMIT: 1g MEMCACHED_THREADS: 4 MEMCACHED_MAX_CONNECTIONS: 2048 MEMCACHED_TCP_PORT: 11211 MEMCACHED_UDP_PORT: 11211 image: memcached networks: default: null ports: - mode: ingress protocol: tcp published: "11211" target: 11211 restart: unless-stopped grafana-pyroscope: command: - -config.file=/etc/pyroscope.yml container_name: grafana-pyroscope depends_on: grafana-alloy: condition: service_started required: true image: grafana/pyroscope:latest labels: homepage.group: Infrastructure/App Performance Monitoring homepage.name: Grafana Pyroscope homepage.description: Profiling for applications homepage.href: http://192.168.1.254:4040 homepage.icon: /icons/grafana-pyroscope.svg networks: default: null ports: - mode: ingress protocol: tcp published: "4040" target: 4040 restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/grafana/pyroscope/config.yaml target: /etc/pyroscope.yml type: bind bind: create_host_path: true grafana-tempo: command: - -config.file=/etc/tempo.yaml container_name: grafana-tempo depends_on: grafana-alloy: condition: service_started required: true image: grafana/tempo:latest networks: default: null ports: - mode: ingress protocol: tcp published: "14268" target: 14268 - mode: ingress protocol: tcp published: "3200" target: 3200 - mode: ingress protocol: tcp published: "9095" target: 9095 - mode: ingress protocol: tcp published: "4317" target: 4317 - mode: ingress protocol: tcp published: "4318" target: 4318 - mode: ingress protocol: tcp published: "9411" target: 9411 restart: unless-stopped volumes: - source: grafana-tempo-data target: /var/tempo type: volume volume: {} - source: ${DOCKER_VOLUME_CONFIG}/grafana/tempo/tempo.yaml target: /etc/tempo.yaml type: bind bind: create_host_path: true guacamole: container_name: guacamole environment: DOCKER_HOST: tcp://dockerproxy:2375 EXTENSIONS: 'auth-totp' TZ: ${TZ} image: flcontainers/guacamole:latest labels: homepage.group: System Administration homepage.name: Guacamole homepage.description: Client-less remote desktop gateway homepage.href: https://guac.trez.wtf homepage.icon: guacamole.svg swag: enable swag_proto: http swag_port: 8080 swag_url: guac.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://guac.${MY_TLD} ports: - 62173:8080 restart: always volumes: - ${DOCKER_VOLUME_CONFIG}/guacamole/:/config - /etc/localtime:/etc/localtime:ro homepage: container_name: homepage image: ghcr.io/gethomepage/homepage:latest labels: swag_server_custom_directive: access_log /config/log/$$host_access.log ; error_log /config/log/$$host_error.log ; networks: default: null ports: - mode: ingress protocol: tcp published: "3004" target: 3000 restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/homepage target: /app/config type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/homepage/images target: /app/public/images type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/homepage/icons target: /app/public/icons type: bind bind: create_host_path: true - read_only: true source: ${DOCKER_VOLUME_STORAGE} target: /rinoa-storage type: bind bind: create_host_path: true hortusfox: container_name: hortusfox depends_on: mariadb: condition: service_started required: true restart: true environment: APP_ADMIN_EMAIL: charish.patel@trez.wtf APP_ADMIN_PASSWORD: ${HORTUSFOX_ADMIN_PASSWORD} DB_CHARSET: utf8mb4 DB_DATABASE: hortusfox DB_HOST: mariadb DB_PASSWORD: ${HORTUSFOX_DB_PASSWORD} DB_PORT: 3306 DB_USERNAME: hortusfox image: ghcr.io/danielbrendel/hortusfox-web:latest labels: homepage: enable homepage_proto: http homepage_url: plants.${MY_TLD} homepage.uptime-kuma.enabled: true homepage.uptime-kuma.monitor.url: https://plants.${MY_TLD} homepage.group: Lifestyle homepage.name: HortusFox homepage.href: https://plants.${MY_TLD} homepage.icon: hortusfox.png homepage.description: Plant management system networks: default: null ports: - mode: ingress protocol: tcp published: "8006" target: 80 restart: unless-stopped volumes: - source: hortusfox_app_images target: /var/www/html/public/img type: volume volume: {} - source: hortusfox_app_logs target: /var/www/html/app/logs type: volume volume: {} - source: hortusfox_app_backup target: /var/www/html/public/backup type: volume volume: {} - source: hortusfox_app_themes target: /var/www/html/public/themes type: volume volume: {} - source: hortusfox_app_migrate target: /var/www/html/app/migrations type: volume volume: {} hugo: command: hugo server --baseURL "it-services.trez.wtf" --bind 0.0.0.0 --appendPort=false --source=/src/it-services --configDir=/src/it-services/config/ -e production --logLevel debug container_name: hugo image: hugomods/hugo:exts labels: swag: enable swag_proto: http swag_port: 1313 swag_url: it-services.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://it-services.${MY_TLD} homepage.group: Professional Services homepage.name: Hugo homepage.href: https://it-services.${MY_TLD} homepage.icon: hugo.svg homepage.description: Static site networks: default: null ports: - mode: ingress protocol: tcp published: "1313" target: 1313 restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/hugo/ target: /src type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/hugo/cache target: /tmp/hugo_cache type: bind bind: create_host_path: true invidious: container_name: invidious depends_on: invidious-db: condition: service_started required: true environment: INVIDIOUS_CONFIG: | db: dbname: invidious user: kemal password: ${INVID_PG_DB_PASSWORD} host: invidious-db port: 5432 check_tables: true # external_port: # domain: # https_only: false # statistics_enabled: false hmac_key: "8Qyuvl9TWYdkvVo8BJ14qM4HBshKieR3KvDc3vsECx1L4OR51i-EtW2K74MmAVHeNPmJetM67T0M-9FIm7b-MA" healthcheck: interval: 30s retries: 2 test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/trending || exit 1 timeout: 5s image: quay.io/invidious/invidious:latest labels: homepage: enable homepage_proto: http homepage_port: 3000 homepage_url: invid.${MY_TLD} homepage.uptime-kuma.enabled: true homepage.uptime-kuma.monitor.url: https://invid.${MY_TLD} homepage.group: Social homepage.name: Invidious homepage.href: https://invid.${MY_TLD} homepage.icon: invidious.svg homepage.description: Alternative YouTube frontend (privacy-focused, ad-blocking) networks: default: null ports: - mode: ingress protocol: tcp published: "3007" target: 3000 restart: unless-stopped invidious-db: container_name: invidious-db environment: POSTGRES_DB: invidious POSTGRES_PASSWORD: ${INVID_PG_DB_PASSWORD} POSTGRES_USER: kemal healthcheck: test: - CMD-SHELL - pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB image: docker.io/library/postgres:14 networks: default: null restart: unless-stopped volumes: - source: invidious-postgres target: /var/lib/postgresql/data type: volume volume: {} - source: ${DOCKER_VOLUME_CONFIG}/invidious/sql target: /config/sql type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/invidious/entrypoint/init-invidious-db.sh target: /docker-entrypoint-initdb.d/init-invidious-db.sh type: bind bind: create_host_path: true invoice_ninja: container_name: invoice_ninja depends_on: mariadb: condition: service_started required: true restart: true environment: APP_DEBUG: true APP_KEY: ${IN_APP_KEY} APP_URL: http://invoice_ninja:8003 DB_DATABASE: invoice_ninja DB_HOST: mariadb DB_PASSWORD: ${IN_MYSQL_PASSWORD} DB_PORT: 3306 DB_USERNAME: ininja IN_PASSWORD: ${IN_PASSWORD} IN_USER_EMAIL: charish.patel@trez.wtf MAIL_ENCRYPTION: null MAIL_FROM_ADDRESS: noreply@trez.wtf MAIL_FROM_NAME: null MAIL_HOST: postal-smtp MAIL_MAILER: log MAIL_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} MAIL_PORT: 25 MAIL_USERNAME: ${POSTAL_SMTP_AUTH_USER} MYSQL_DATABASE: invoice_ninja MYSQL_PASSWORD: ${IN_MYSQL_PASSWORD} MYSQL_ROOT_PASSWORD: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD} MYSQL_USER: ininja PDF_GENERATOR: snappdf PHANTOMJS_PDF_GENERATION: false QUEUE_CONNECTION: database REQUIRE_HTTPS: false TRUSTED_PROXIES: 172.18.0.0/16 expose: - 9000 image: invoiceninja/invoiceninja:5 networks: default: null ports: - mode: ingress protocol: tcp published: "8003" target: 8003 restart: always volumes: - source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/app/public target: /var/www/app/public type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/app/storage target: /var/www/app/storage type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/php/php.ini target: /usr/local/etc/php/php.ini type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/php/php-cli.ini target: /usr/local/etc/php/php-cli.ini type: bind bind: create_host_path: true invoice_ninja_proxy: container_name: invoice_ninja_proxy depends_on: invoice_ninja: condition: service_started required: true environment: APP_DEBUG: true APP_KEY: ${IN_APP_KEY} APP_URL: http://invoice_ninja:9000 DB_DATABASE: invoice_ninja DB_HOST: mariadb DB_PASSWORD: ${IN_MYSQL_PASSWORD} DB_PORT: 3306 DB_USERNAME: ininja IN_PASSWORD: ${IN_PASSWORD} IN_USER_EMAIL: charish.patel@trez.wtf MAIL_ENCRYPTION: null MAIL_FROM_ADDRESS: noreply@trez.wtf MAIL_FROM_NAME: null MAIL_HOST: postal-smtp MAIL_MAILER: log MAIL_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} MAIL_PORT: 25 MAIL_USERNAME: ${POSTAL_SMTP_AUTH_USER} MYSQL_DATABASE: invoice_ninja MYSQL_PASSWORD: ${IN_MYSQL_PASSWORD} MYSQL_ROOT_PASSWORD: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD} MYSQL_USER: ininja PDF_GENERATOR: snappdf PHANTOMJS_PDF_GENERATION: false QUEUE_CONNECTION: database REQUIRE_HTTPS: false TRUSTED_PROXIES: 172.18.0.0/16 image: nginx labels: swag: enable swag_proto: http swag_url: biz.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://biz.${MY_TLD} homepage.group: Professional Services homepage.name: Invoice Ninja homepage.href: https://biz.${MY_TLD} homepage.icon: invoiceninja.svg homepage.description: Simple invoicing, multiple payment options, expense and vendor management, and more! networks: default: null ports: - mode: ingress protocol: tcp published: "8005" target: 80 restart: always volumes: - read_only: true source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/proxy/invoice_ninja.conf target: /etc/nginx/conf.d/in-vhost.conf type: bind bind: create_host_path: true - read_only: true source: ${DOCKER_VOLUME_CONFIG}/invoice_ninja/app/public target: /var/www/app/public type: bind bind: create_host_path: true it-tools: container_name: it-tools image: ghcr.io/corentinth/it-tools:latest labels: swag: enable swag_proto: http swag_url: itt.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://itt.${MY_TLD} homepage.group: Code/DevOps homepage.name: IT-Tools homepage.href: https://itt.${MY_TLD} homepage.icon: it-tools.svg homepage.description: Useful tools for developers and people working in IT networks: default: null ports: - mode: ingress protocol: tcp published: "8104" target: 80 restart: unless-stopped jellyfin: container_name: jellyfin environment: JELLYFIN_PublishedServerUrl: https://jf.trez.wtf image: jellyfin/jellyfin labels: homepage.group: Media Library homepage.name: Jellyfin homepage.icon: jellyfin.svg homepage.href: https://jf.${MY_TLD} homepage.description: Movie/TV Streaming homepage.widget.type: jellyfin homepage.widget.url: http://jellyfin:8096 homepage.widget.key: ${JELLYFIN_API_KEY} homepage.widget.enableBlocks: true homepage.widget.enableNowPlaying: true homepage.widget.enableUser: true homepage.widget.showEpisodeNumber: true homepage.widget.expandOneStreamToTwoRows: false swag: enable swag_url: jf.${MY_TLD} swag_port: 8096 swag_proto: http swag.uptime-kuma.enabled: true ports: - 8487:8096 - 7359:7359 - 1900:1900 restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/jellyfin:/config - ${DOCKER_VOLUME_CONFIG}/jellyfin/cache:/cache - ${DOCKER_VOLUME_STORAGE}/TV_Shows:/storage/tv - ${DOCKER_VOLUME_STORAGE}/Movies:/storage/movies - /etc/localtime:/etc/localtime - /usr/share/fonts:/usr/local/share/fonts/custom jitsi-etherpad: container_name: jitsi-etherpad environment: TITLE: ${JITSI__ETHERPAD_TITLE} DEFAULT_PAD_TEXT: ${JITSI__ETHERPAD_DEFAULT_PAD_TEXT} SKIN_NAME: ${JITSI__ETHERPAD_SKIN_NAME} SKIN_VARIANTS: ${JITSI__ETHERPAD_SKIN_VARIANTS} SUPPRESS_ERRORS_IN_PAD_TEXT: true image: etherpad/etherpad:1.8.6 networks: default: null restart: unless-stopped jitsi-jibri: cap_add: - SYS_ADMIN container_name: jitsi-jibri depends_on: jitsi-jicofo: condition: service_started required: true environment: AUTOSCALER_SIDECAR_KEY_FILE: AUTOSCALER_SIDECAR_KEY_ID: AUTOSCALER_SIDECAR_GROUP_NAME: AUTOSCALER_SIDECAR_HOST_ID: AUTOSCALER_SIDECAR_INSTANCE_ID: AUTOSCALER_SIDECAR_PORT: AUTOSCALER_SIDECAR_REGION: AUTOSCALER_SIDECAR_SHUTDOWN_POLLING_INTERVAL: AUTOSCALER_SIDECAR_STATS_POLLING_INTERVAL: AUTOSCALER_URL: CHROMIUM_FLAGS: DISPLAY: :0 ENABLE_STATS_D: JIBRI_WEBHOOK_SUBSCRIBERS: JIBRI_HTTP_API_EXTERNAL_PORT: JIBRI_HTTP_API_INTERNAL_PORT: JIBRI_RECORDING_RESOLUTION: JIBRI_RECORDING_VIDEO_ENCODE_PRESET: JIBRI_RECORDING_CONSTANT_RATE_FACTOR: JIBRI_RECORDING_FRAMERATE: JIBRI_RECORDING_QUEUE_SIZE: JIBRI_RECORDING_STREAMING_MAX_BITRATE: JIBRI_USAGE_TIMEOUT: JIBRI_XMPP_USER: JIBRI_XMPP_PASSWORD: ${JITSI__JIBRI_XMPP_PASSWORD} JIBRI_BREWERY_MUC: JIBRI_RECORDER_USER: jibri-recorder JIBRI_RECORDER_PASSWORD: ${JITSI__JIBRI_RECORDER_PASSWORD} JIBRI_RECORDING_DIR: JIBRI_FINALIZE_RECORDING_SCRIPT_PATH: JIBRI_STRIP_DOMAIN_JID: JIBRI_STATSD_HOST: JIBRI_STATSD_PORT: LOCAL_ADDRESS: PUBLIC_URL: ${JITSI__PUBLIC_URL} TZ: ${JITSI__TZ} XMPP_AUTH_DOMAIN: XMPP_DOMAIN: XMPP_INTERNAL_MUC_DOMAIN: XMPP_MUC_DOMAIN: XMPP_RECORDER_DOMAIN: XMPP_SERVER: XMPP_PORT: XMPP_TRUST_ALL_CERTS: image: jitsi/jibri:${JITSI_IMAGE_VERSION:-stable} networks: default: null restart: unless-stopped shm_size: 2gb volumes: - source: ${DOCKER_VOLUME_CONFIG}/jitsi/jibri target: /config type: bind bind: create_host_path: true jitsi-jicofo: container_name: focus.meet.jitsi depends_on: jitsi-prosody: condition: service_started required: true environment: AUTH_TYPE: BRIDGE_AVG_PARTICIPANT_STRESS: BRIDGE_STRESS_THRESHOLD: ENABLE_AUTH: ENABLE_AUTO_OWNER: ENABLE_CODEC_VP8: ENABLE_CODEC_VP9: ENABLE_CODEC_H264: ENABLE_CODEC_OPUS_RED: ENABLE_JVB_XMPP_SERVER: ENABLE_OCTO: ENABLE_RECORDING: 1 ENABLE_SCTP: ENABLE_AUTO_LOGIN: JICOFO_AUTH_LIFETIME: JICOFO_AUTH_PASSWORD: ${JITSI__JICOFO_AUTH_PASSWORD} JICOFO_AUTH_TYPE: JICOFO_BRIDGE_REGION_GROUPS: JICOFO_ENABLE_AUTH: JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS: JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT: JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT: JICOFO_CONF_SOURCE_SIGNALING_DELAYS: JICOFO_CONF_MAX_AUDIO_SENDERS: JICOFO_CONF_MAX_VIDEO_SENDERS: JICOFO_CONF_STRIP_SIMULCAST: JICOFO_CONF_SSRC_REWRITING: JICOFO_ENABLE_HEALTH_CHECKS: JICOFO_ENABLE_REST: JICOFO_HEALTH_CHECKS_USE_PRESENCE: JICOFO_MULTI_STREAM_BACKWARD_COMPAT: JICOFO_OCTO_REGION: JIBRI_BREWERY_MUC: JIBRI_REQUEST_RETRIES: JIBRI_PENDING_TIMEOUT: JIGASI_BREWERY_MUC: JIGASI_SIP_URI: JVB_BREWERY_MUC: JVB_XMPP_AUTH_DOMAIN: JVB_XMPP_INTERNAL_MUC_DOMAIN: JVB_XMPP_PORT: JVB_XMPP_SERVER: MAX_BRIDGE_PARTICIPANTS: OCTO_BRIDGE_SELECTION_STRATEGY: SENTRY_DSN: "${JICOFO_SENTRY_DSN:-0}" SENTRY_ENVIRONMENT: SENTRY_RELEASE: TZ: ${JITSI__JIGAGI_SIP_SERVER} XMPP_DOMAIN: XMPP_AUTH_DOMAIN: XMPP_INTERNAL_MUC_DOMAIN: XMPP_MUC_DOMAIN: XMPP_RECORDER_DOMAIN: XMPP_SERVER: XMPP_PORT: image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable} networks: default: null ports: - 127.0.0.1:${JICOFO_REST_PORT:-8889}:8888 restart: unless-stopped volumes: - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/jicofo target: /config type: bind jitsi-jigasi: container_name: jitsi-jigasi depends_on: jitsi-prosody: condition: service_started required: true environment: ENABLE_AUTH: 1 ENABLE_GUESTS: 1 XMPP_AUTH_DOMAIN: XMPP_GUEST_DOMAIN: XMPP_MUC_DOMAIN: XMPP_INTERNAL_MUC_DOMAIN: XMPP_SERVER: XMPP_PORT: XMPP_DOMAIN: PUBLIC_URL: ${JITSI__PUBLIC_URL} JIGASI_DISABLE_SIP: JIGASI_SIP_URI: ${JITSI__SIP_URI} JIGASI_SIP_PASSWORD: ${JITSI__JIGAGI_SIP_PASSWORD} JIGASI_SIP_SERVER: ${JITSI__JIGAGI_SIP_SERVER} JIGASI_SIP_PORT: ${JITSI__JIGAGI_SIP_PORT} JIGASI_SIP_TRANSPORT: ${JITSI__JIGAGI_SIP_TRANSPORT} JIGASI_SIP_DEFAULT_ROOM: JIGASI_XMPP_USER: JIGASI_XMPP_PASSWORD: ${JITSI__JIGASI_XMPP_PASSWORD} JIGASI_BREWERY_MUC: JIGASI_PORT_MIN: JIGASI_PORT_MAX: JIGASI_HEALTH_CHECK_SIP_URI: JIGASI_HEALTH_CHECK_INTERVAL: JIGASI_SIP_KEEP_ALIVE_METHOD: JIGASI_ENABLE_SDES_SRTP: ENABLE_TRANSCRIPTIONS: JIGASI_TRANSCRIBER_ADVERTISE_URL: JIGASI_TRANSCRIBER_RECORD_AUDIO: JIGASI_TRANSCRIBER_SEND_TXT: GC_PROJECT_ID: GC_PRIVATE_KEY_ID: GC_PRIVATE_KEY: GC_CLIENT_EMAIL: GC_CLIENT_ID: GC_CLIENT_CERT_URL: SHUTDOWN_REST_ENABLED: SENTRY_DSN: "${JIGASI_SENTRY_DSN:-0}" SENTRY_ENVIRONMENT: SENTRY_RELEASE: TZ: ${JITSI__TZ} image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-stable} networks: default: null ports: - ${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}:${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}/udp restart: unless-stopped volumes: - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/jigasi target: /config type: bind - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/transcripts target: /tmp/transcripts type: bind jitsi-jvb: container_name: video.meet.jitsi depends_on: jitsi-prosody: condition: service_started required: true environment: DOCKER_HOST_ADDRESS: ENABLE_COLIBRI_WEBSOCKET: ENABLE_JVB_XMPP_SERVER: ENABLE_OCTO: JVB_ADVERTISE_IPS: JVB_ADVERTISE_PRIVATE_CANDIDATES: JVB_AUTH_USER: JVB_AUTH_PASSWORD: ${JITSI__JVB_AUTH_PASSWORD} JVB_BREWERY_MUC: JVB_DISABLE_STUN: JVB_PORT: JVB_MUC_NICKNAME: JVB_STUN_SERVERS: JVB_OCTO_BIND_ADDRESS: JVB_OCTO_REGION: JVB_OCTO_RELAY_ID: JVB_WS_DOMAIN: JVB_WS_SERVER_ID: JVB_XMPP_AUTH_DOMAIN: JVB_XMPP_INTERNAL_MUC_DOMAIN: JVB_XMPP_PORT: JVB_XMPP_SERVER: PUBLIC_URL: ${JITSI__PUBLIC_URL} SENTRY_DSN: "${JVB_SENTRY_DSN:-0}" SENTRY_ENVIRONMENT: SENTRY_RELEASE: COLIBRI_REST_ENABLED: SHUTDOWN_REST_ENABLED: TZ: ${JITSI__JIGAGI_SIP_SERVER} XMPP_AUTH_DOMAIN: XMPP_INTERNAL_MUC_DOMAIN: XMPP_SERVER: XMPP_PORT: image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable} networks: default: null ports: - ${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp - 127.0.0.1:${JVB_COLIBRI_PORT:-8091}:8080 restart: unless-stopped volumes: - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/jvb target: /config type: bind jitsi-prosody: container_name: xmpp.meet.jitsi environment: AUTH_TYPE: DISABLE_POLLS: ENABLE_AUTH: ENABLE_AV_MODERATION: ENABLE_BREAKOUT_ROOMS: ENABLE_END_CONFERENCE: ENABLE_GUESTS: 1 ENABLE_IPV6: ENABLE_LOBBY: ENABLE_RECORDING: 1 ENABLE_XMPP_WEBSOCKET: ENABLE_JAAS_COMPONENTS: GC_TYPE: GC_INC_TH: GC_INC_SPEED: GC_INC_STEP_SIZE: GC_GEN_MIN_TH: GC_GEN_MAX_TH: GLOBAL_CONFIG: GLOBAL_MODULES: JIBRI_RECORDER_USER: JIBRI_RECORDER_PASSWORD: ${JITSI__JIBRI_RECORDER_PASSWORD} JIBRI_XMPP_USER: JIBRI_XMPP_PASSWORD: ${JITSI__JIBRI_XMPP_PASSWORD} JICOFO_AUTH_PASSWORD: ${JITSI__JICOFO_AUTH_PASSWORD} JICOFO_COMPONENT_SECRET: JIGASI_XMPP_USER: JIGASI_XMPP_PASSWORD: ${JITSI__JIGASI_XMPP_PASSWORD} JVB_AUTH_USER: JVB_AUTH_PASSWORD: ${JITSI__JVB_AUTH_PASSWORD} JWT_APP_ID: JWT_APP_SECRET: JWT_ACCEPTED_ISSUERS: JWT_ACCEPTED_AUDIENCES: JWT_ASAP_KEYSERVER: JWT_ALLOW_EMPTY: JWT_AUTH_TYPE: JWT_ENABLE_DOMAIN_VERIFICATION: JWT_TOKEN_AUTH_MODULE: MATRIX_UVS_URL: MATRIX_UVS_ISSUER: MATRIX_UVS_AUTH_TOKEN: MATRIX_UVS_SYNC_POWER_LEVELS: LOG_LEVEL: LDAP_AUTH_METHOD: LDAP_BASE: LDAP_BINDDN: LDAP_BINDPW: LDAP_FILTER: LDAP_VERSION: LDAP_TLS_CIPHERS: LDAP_TLS_CHECK_PEER: LDAP_TLS_CACERT_FILE: LDAP_TLS_CACERT_DIR: LDAP_START_TLS: LDAP_URL: LDAP_USE_TLS: MAX_PARTICIPANTS: PROSODY_AUTH_TYPE: PROSODY_RESERVATION_ENABLED: PROSODY_RESERVATION_REST_BASE_URL: PROSODY_ENABLE_RATE_LIMITS: PROSODY_RATE_LIMIT_LOGIN_RATE: PROSODY_RATE_LIMIT_SESSION_RATE: PROSODY_RATE_LIMIT_TIMEOUT: PROSODY_RATE_LIMIT_ALLOW_RANGES: PROSODY_RATE_LIMIT_CACHE_SIZE: PUBLIC_URL: ${JITSI__PUBLIC_URL} TURN_CREDENTIALS: TURN_HOST: TURNS_HOST: TURN_PORT: TURNS_PORT: TURN_TRANSPORT: TZ: ${JITSI__JIGAGI_SIP_SERVER} XMPP_DOMAIN: XMPP_AUTH_DOMAIN: XMPP_GUEST_DOMAIN: XMPP_MUC_DOMAIN: XMPP_INTERNAL_MUC_DOMAIN: XMPP_MODULES: XMPP_MUC_MODULES: XMPP_MUC_CONFIGURATION: XMPP_INTERNAL_MUC_MODULES: XMPP_RECORDER_DOMAIN: XMPP_PORT: expose: - ${XMPP_PORT:-5222} - "5347" - "5280" image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable} networks: default: null restart: unless-stopped volumes: - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/prosody/config target: /config type: bind - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/prosody/prosody-plugins-custom target: /prosody-plugins-custom type: bind jitsi-web: container_name: meet.jitsi environment: AMPLITUDE_ID: ANALYTICS_SCRIPT_URLS: ANALYTICS_WHITELISTED_EVENTS: AUDIO_QUALITY_OPUS_BITRATE: AUTO_CAPTION_ON_RECORD: BRANDING_DATA_URL: CALLSTATS_CUSTOM_SCRIPT_URL: CALLSTATS_ID: CALLSTATS_SECRET: CHROME_EXTENSION_BANNER_JSON: COLIBRI_WEBSOCKET_PORT: CONFCODE_URL: CONFIG_EXTERNAL_CONNECT: DEFAULT_LANGUAGE: DEPLOYMENTINFO_ENVIRONMENT: DEPLOYMENTINFO_ENVIRONMENT_TYPE: DEPLOYMENTINFO_REGION: DEPLOYMENTINFO_SHARD: DEPLOYMENTINFO_USERREGION: DESKTOP_SHARING_FRAMERATE_MIN: DESKTOP_SHARING_FRAMERATE_MAX: DIALIN_NUMBERS_URL: DIALOUT_AUTH_URL: DIALOUT_CODES_URL: DISABLE_AUDIO_LEVELS: DISABLE_DEEP_LINKING: DISABLE_GRANT_MODERATOR: DISABLE_HTTPS: DISABLE_KICKOUT: DISABLE_LOCAL_RECORDING: DISABLE_POLLS: DISABLE_PRIVATE_CHAT: DISABLE_PROFILE: DISABLE_REACTIONS: DISABLE_REMOTE_VIDEO_MENU: DISABLE_START_FOR_ALL: DROPBOX_APPKEY: DROPBOX_REDIRECT_URI: DYNAMIC_BRANDING_URL: ENABLE_AUDIO_PROCESSING: ENABLE_AUTH: ENABLE_BREAKOUT_ROOMS: ENABLE_CALENDAR: ENABLE_COLIBRI_WEBSOCKET: ENABLE_E2EPING: ENABLE_FILE_RECORDING_SHARING: ENABLE_GUESTS: 1 ENABLE_HSTS: ENABLE_HTTP_REDIRECT: ENABLE_IPV6: ENABLE_LETSENCRYPT: ENABLE_LIPSYNC: ENABLE_NO_AUDIO_DETECTION: ENABLE_NOISY_MIC_DETECTION: ENABLE_OCTO: ENABLE_OPUS_RED: ENABLE_PREJOIN_PAGE: ENABLE_P2P: ENABLE_WELCOME_PAGE: ENABLE_CLOSE_PAGE: ENABLE_LIVESTREAMING: ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK: ENABLE_LIVESTREAMING_HELP_LINK: ENABLE_LIVESTREAMING_TERMS_LINK: ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING: ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT: ENABLE_LOCAL_RECORDING_SELF_START: ENABLE_RECORDING: 1 ENABLE_REMB: ENABLE_REQUIRE_DISPLAY_NAME: ENABLE_SERVICE_RECORDING: ENABLE_SIMULCAST: ENABLE_STATS_ID: ENABLE_STEREO: ENABLE_SUBDOMAINS: ENABLE_TALK_WHILE_MUTED: ENABLE_TCC: ENABLE_TRANSCRIPTIONS: ENABLE_XMPP_WEBSOCKET: ENABLE_JAAS_COMPONENTS: ETHERPAD_PUBLIC_URL: ETHERPAD_URL_BASE: ${JITSI__ETHERPAD_URL_BASE} E2EPING_NUM_REQUESTS: E2EPING_MAX_CONFERENCE_SIZE: E2EPING_MAX_MESSAGE_PER_SECOND: GOOGLE_ANALYTICS_ID: GOOGLE_API_APP_CLIENT_ID: HIDE_PREMEETING_BUTTONS: HIDE_PREJOIN_DISPLAY_NAME: HIDE_PREJOIN_EXTRA_BUTTONS: INVITE_SERVICE_URL: LETSENCRYPT_DOMAIN: LETSENCRYPT_EMAIL: LETSENCRYPT_USE_STAGING: MATOMO_ENDPOINT: MATOMO_SITE_ID: MICROSOFT_API_APP_CLIENT_ID: NGINX_RESOLVER: NGINX_WORKER_PROCESSES: NGINX_WORKER_CONNECTIONS: PEOPLE_SEARCH_URL: PREFERRED_LANGUAGE: PUBLIC_URL: ${JITSI__PUBLIC_URL} P2P_PREFERRED_CODEC: RESOLUTION: RESOLUTION_MIN: RESOLUTION_WIDTH: RESOLUTION_WIDTH_MIN: START_AUDIO_MUTED: START_AUDIO_ONLY: START_BITRATE: START_SILENT: START_WITH_AUDIO_MUTED: START_VIDEO_MUTED: START_WITH_VIDEO_MUTED: TESTING_CAP_SCREENSHARE_BITRATE: TESTING_OCTO_PROBABILITY: TOKEN_AUTH_URL: TOOLBAR_BUTTONS: TRANSLATION_LANGUAGES: TRANSLATION_LANGUAGES_HEAD: TZ: ${JITSI__JIGAGI_SIP_SERVER} USE_APP_LANGUAGE: VIDEOQUALITY_BITRATE_H264_LOW: VIDEOQUALITY_BITRATE_H264_STANDARD: VIDEOQUALITY_BITRATE_H264_HIGH: VIDEOQUALITY_BITRATE_VP8_LOW: VIDEOQUALITY_BITRATE_VP8_STANDARD: VIDEOQUALITY_BITRATE_VP8_HIGH: VIDEOQUALITY_BITRATE_VP9_LOW: VIDEOQUALITY_BITRATE_VP9_STANDARD: VIDEOQUALITY_BITRATE_VP9_HIGH: VIDEOQUALITY_ENFORCE_PREFERRED_CODEC: VIDEOQUALITY_PREFERRED_CODEC: XMPP_AUTH_DOMAIN: XMPP_BOSH_URL_BASE: XMPP_DOMAIN: XMPP_GUEST_DOMAIN: XMPP_MUC_DOMAIN: XMPP_RECORDER_DOMAIN: XMPP_PORT: WHITEBOARD_ENABLED: WHITEBOARD_COLLAB_SERVER_PUBLIC_URL: image: jitsi/web:${JITSI_IMAGE_VERSION:-stable} labels: swag: enable swag_proto: https swag_url: meet.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://meet.${MY_TLD} homepage.group: Social homepage.name: Jitsi homepage.href: https://meet.${MY_TLD} homepage.icon: jitsi.png homepage.description: Web Conferencing networks: default: null ports: - ${JITSI__HTTP_PORT}:80 - ${JITSI__HTTPS_PORT}:443 restart: unless-stopped volumes: - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/web target: /config type: bind - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/web/crontabs target: /var/spool/cron/crontabs type: bind - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/transcripts target: /usr/share/jitsi-meet/transcripts type: bind joplin-db: container_name: joplin-db environment: - POSTGRES_PASSWORD=${JOPLIN_POSTGRES_PASSWORD} - POSTGRES_USER=${JOPLIN_POSTGRES_USER} - POSTGRES_DB=${JOPLIN_POSTGRES_DATABASE} expose: - 5432 image: postgres:17-alpine networks: default: null restart: unless-stopped volumes: - source: joplin_data target: /var/lib/postgresql/data type: volume volume: {} joplin: container_name: joplin environment: ACCOUNT_TYPES_ENABLED: true APP_PORT: ${JOPLIN_APP_PORT} APP_BASE_URL: ${JOPLIN_APP_BASE_URL} DB_CLIENT: pg INSTANCE_NAME: 'Joplin @ Rinoa' IS_ADMIN_INSTANCE: true MAILER_ENABLED: 1 MAILER_HOST: postal-SMTP MAILER_PORT: 25 MAILER_SECURITY: none MAILER_AUTH_USER: ${POSTAL_SMTP_AUTH_USER} MAILER_AUTH_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} MAILER_NOREPLY_NAME: Joplin @ Rinoa MAILER_NOREPLY_EMAIL: noreply@trez.wtf POSTGRES_PASSWORD: ${JOPLIN_POSTGRES_PASSWORD} POSTGRES_DATABASE: ${JOPLIN_POSTGRES_DATABASE} POSTGRES_USER: ${JOPLIN_POSTGRES_USER} POSTGRES_PORT: 5432 POSTGRES_HOST: joplin-db image: joplin/server:latest labels: homepage.group: Personal Services homepage.name: Joplin homepage.href: https://notes.${MY_TLD} homepage.icon: joplin.svg homepage.description: Open-source note taking & to-do swag: enable swag_url: notes.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://notes.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "22300" target: 22300 restart: unless-stopped lidarr: container_name: lidarr environment: PGID: 1000 PUID: 1000 TZ: America/New_York DOCKER_MODS: ghcr.io/gilbn/theme.park:lidarr hostname: Rinoa image: lscr.io/linuxserver/lidarr:latest labels: homepage.group: Servarr Stack homepage.name: Lidarr homepage.href: https://lidarr.${MY_TLD} homepage.icon: lidarr.png homepage.description: Music Automation homepage.widget.type: lidarr homepage.widget.url: http://lidarr:8686 homepage.widget.key: ${LIDARR_API_KEY} swag: enable swag.uptime-kuma.enabled: true networks: default: null ports: - mode: ingress protocol: tcp published: "8686" target: 8686 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/lidarr target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind lidify: container_name: lidify environment: app_name: lidify app_rev: 0.09 app_url: lidify.${MY_TLD} dry_run_adding_to_lidarr: true fallback_to_top_result: false last_fm_api_key: ${LASTFM_API_KEY} last_fm_api_secret: ${LASTFM_API_SECRET} lidarr_address: http://lidarr:8686 lidarr_api_key: ${LIDARR_API_KEY} lidarr_api_timeout: 120 metadata_profile_id: 1 mode: LastFM quality_profile_id: 1 root_folder_path: /data/media/music search_for_missing_albums: false spotify_client_id: ${YOUR_SPOTIFY_ID} spotify_client_secret: ${YOUR_SPOTIFY_SECRET} expose: - 5000 image: thewicklowwolf/lidify:latest labels: homepage.group: Servarr Stack homepage.name: Lidify homepage.href: https://lidify.${MY_TLD} homepage.icon: sh-lidify.png homepage.description: Music Discovery a la Last.fm, Spotify, Pandora, etc. swag: enable swag_auth: authelia swag_proto: http swag_port: 5000 swag_url: lidify.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://lidify.${MY_TLD} networks: default: null restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/lidify target: /lidify/config type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_STORAGE}/Audio/Music target: /data/media/music type: bind bind: create_host_path: true - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind lldap: container_name: lldap environment: UID: ${PUID} GID: ${PGID} TZ: ${TZ} LLDAP_JWT_SECRET: ${LLDAP_JWT_SECRET} LLDAP_KEY_SEED: ${LLDAP_KEY_SEED} LLDAP_LDAP_BASE_DN: dc=trez,dc=wtf image: lldap/lldap:stable labels: homepage.group: System Administration homepage.name: LLDAP homepage.href: https://ldap.${MY_TLD} homepage.icon: /icons/lldap.png homepage.description: LDAP made easy swag: enable swag_proto: http swag_port: 17170 swag_url: ldap.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://ldap.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "17170" target: 17170 restart: always volumes: - source: ${DOCKER_VOLUME_CONFIG}/lldap target: /data type: bind bind: create_host_path: true localai: container_name: localai environment: - DEBUG=true healthcheck: interval: 1m retries: 5 test: - CMD - curl - -f - http://localhost:8080/readyz timeout: 20m image: localai/localai:latest-aio-cpu labels: homepage.group: Personal Services homepage.name: LocalAI homepage.href: https://ai.${MY_TLD} homepage.icon: /icons/localai.png homepage.description: Open source OpenAI alternative swag: enable swag_proto: http swag_port: 8080 swag_url: ai.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "8109" target: 8080 restart: always volumes: - source: ${DOCKER_VOLUME_CONFIG}/localai/models target: /build/models type: bind bind: create_host_path: true maloja: container_name: maloja environment: MALOJA_CLEAN_OUTPUT: true MALOJA_DEV_MODE: false MALOJA_FORCE_PASSWORD: ${MALOJA_FORCE_PASSWORD} MALOJA_LASTFM_API_KEY: ${LASTFM_API_KEY} MALOJA_LASTFM_API_SECRET: ${LASTFM_API_SECRET} MALOJA_LASTFM_PASSWORD: ${LASTFM_PASSWORD} MALOJA_LASTFM_USERNAME: ${LASTFM_USERNAME} MALOJA_LOGGING: true MALOJA_PARSE_REMIX_ARTISTS: true MALOJA_SCROBBLE_LASTFM: true MALOJA_SKIP_SETUP: true MALOJA_SPOTIFY_API_ID: ${YOUR_SPOTIFY_ID} MALOJA_SPOTIFY_API_SECRET: ${YOUR_SPOTIFY_SECRET} MALOJA_TIMEZONE: ${TZ} image: krateng/maloja:latest labels: homepage.group: Media Library homepage.name: Maloja homepage.href: https://scrobble.${MY_TLD} homepage.icon: maloja.png homepage.description: Simple self-hosted music scrobble database to create personal listening statistics swag: enable swag_proto: http swag_port: 42010 swag_url: scrobble.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "42010" target: 42010 restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/maloja/config target: /etc/maloja type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/maloja/data target: /var/lib/maloja type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/maloja/logs target: /var/log/maloja type: bind bind: create_host_path: true mariadb: container_name: mariadb environment: MYSQL_ROOT_PASSWORD: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD} PGID: 1000 PUID: 1000 TZ: America/New_York MYSQL_PASSWORD: ${NEXTCLOUD_MARIADB_PASSWORD} hostname: Rinoa image: linuxserver/mariadb networks: default: null ports: - mode: ingress protocol: tcp published: "3306" target: 3306 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/mariadb target: /config type: bind - source: ${DOCKER_VOLUME_STORAGE} target: /storage type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/mariadb target: /var/lib/mysql type: bind bind: create_host_path: true mastodon: container_name: mastodon environment: PUID: ${PUID} PGID: ${PGID} TZ: ${TZ} LOCAL_DOMAIN: trez.wtf REDIS_HOST: redis REDIS_PORT: 6379 DB_HOST: mastodon-pg-db DB_USER: mastodon DB_NAME: mastodon DB_PASS: ${MASTODON_PG_DB_PASSWORD} DB_PORT: 5432 ES_ENABLED: false ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY: ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY: ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT: SECRET_KEY_BASE: OTP_SECRET: VAPID_PRIVATE_KEY: VAPID_PUBLIC_KEY: SMTP_SERVER: postal-smtp SMTP_PORT: 25 SMTP_LOGIN: ${POSTAL_SMTP_AUTH_USER} SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} SMTP_FROM_ADDRESS: noreply@trez.wtf S3_ENABLED: true S3_BUCKET: mastodon AWS_ACCESS_KEY_ID: ${MASTODON_MINIO_ACCESS_KEY} AWS_SECRET_ACCESS_KEY: ${MASTODON_MINIO_SECRET_KEY} image: lscr.io/linuxserver/mastodon:latest labels: swag: enable swag_proto: http swag_port: 5678 swag_url: mastodon.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://mastodon.${MY_TLD} homepage.group: Social homepage.name: Mastodon homepage.href: https://mastodon.${MY_TLD} homepage.icon: mastodon.svg homepage.description: Open-source social network homepage.widget.type: mastodon homepage.widget.url: http://mastodon ports: - 9044:80 - 3444:443 restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/mastodon:/config mastodon-pg-db: container_name: mastodon-pg-db environment: POSTGRES_USER: mastodon POSTGRES_PASSWORD: ${MASTODON_PG_DB_PASSWORD} POSTGRES_DB: mastodon expose: - 5432 healthcheck: test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER start_period: 20s timeout: 30s interval: 10s retries: 5 image: postgres:17-alpine restart: always volumes: - mastodon-pg-db:/var/lib/postgresql/data minio: command: server --console-address ":9090" /mnt/data container_name: minio environment: MINIO_ROOT_USER: minioadmin MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD} MINIO_ACCESS_KEY: ${MINIO_MIMIR_STORAGE_ACCESS_KEY} MINIO_SECRET_KEY: ${MINIO_MIMIR_STORAGE_SECRET_KEY} hostname: minio image: minio/minio labels: swag: enable swag_proto: http swag_port: 9090 swag_url: s3.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://s3.${MY_TLD} homepage.group: System Administration homepage.name: MinIO homepage.href: https://s3.${MY_TLD} homepage.icon: minio.png homepage.description: S3-compatible storage backend networks: default: null ports: - mode: ingress protocol: tcp published: "9001" target: 9000 - mode: ingress protocol: tcp published: "9092" target: 9090 restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/minio/data target: /mnt/data type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/minio/minio target: /etc/config.env type: bind bind: create_host_path: true mongodb: container_name: mongodb image: mongo:7.0 ports: - 27017:27017 restart: unless-stopped volumes: - mongodb_data:/data/db - mongodb_config:/data/configdb multi-scrobbler: container_name: multi-scrobbler environment: TZ: ${TZ} PUID: ${PUID} PGID: ${PGID} MALOJA_URL: http://maloja:42010 MALOJA_API_KEY: ${MALOJA_API_KEY} LASTFM_API_KEY: ${LASTFM_API_KEY} LASTFM_API_SECRET: ${LASTFM_API_SECRET} LZ_USER: Trez.on LZ_TOKEN: ${MALOJA_LISTENBRAINZ_TOKEN} SPOTIFY_CLIENT_ID: ${YOUR_SPOTIFY_ID} SPOTIFY_CLIENT_SECRET: ${YOUR_SPOTIFY_SECRET} image: foxxmd/multi-scrobbler labels: homepage.group: Media Library homepage.name: Multi-Scrobbler homepage.href: http://192.168.1.254:9078 homepage.icon: sh-multi-scrobbler.svg homepage.description: JS App for scrobbling/recording play history from/to multiple sources networks: default: null ports: - mode: ingress protocol: tcp published: "9078" target: 9078 restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/multi-scrobbler target: /config type: bind bind: create_host_path: true n8n: container_name: n8n environment: N8N_HOST: n8n.${MY_TLD} N8N_PORT: 5678 N8N_PROTOCOL: https NODE_ENV: production WEBHOOK_URL: https://n8n.${MY_TLD}/ GENERIC_TIMEZONE: ${TZ} image: docker.n8n.io/n8nio/n8n labels: swag: enable swag_proto: http swag_port: 5678 swag_url: n8n.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://n8n.${MY_TLD} homepage.group: Automation homepage.name: n8n homepage.href: https://n8n.${MY_TLD} homepage.icon: n8n.svg homepage.description: Extendable workflow automation tool to easily automate tasks ports: - 5678:5678 restart: unless-stopped volumes: - n8n-data:/home/node/.n8n navidrome: container_name: navidrome environment: ND_AUTOIMPORTPLAYLISTS: false ND_BASEURL: "" ND_LASTFM_APIKEY: ${LASTFM_API_KEY} ND_LASTFM_ENABLED: true ND_LASTFM_SECRET: ${LASTFM_API_SECRET} ND_LOGLEVEL: info ND_MUSICFOLDER: /music ND_SCANNER_GROUPALBUMRELEASES: true ND_SCANSCHEDULE: '@every 6h' ND_SESSIONTIMEOUT: 24h ND_SPOTIFY_ID: ${YOUR_SPOTIFY_ID} ND_SPOTIFY_SECRET: ${YOUR_SPOTIFY_SECRET} ND_SUBSONICARTISTPARTICIPATIONS: true image: deluan/navidrome:latest labels: homepage.group: Media Library homepage.name: Navidrome homepage.href: https://navi.${MY_TLD} homepage.icon: navidrome.png homepage.description: Music Streaming homepage.widget.type: navidrome homepage.widget.url: http://navidrome:4533 homepage.widget.user: admin homepage.widget.token: e8a9e97b29aa963fa4729c633289d232 homepage.widget.salt: v5Z93Z swag: enable swag_port: 4533 swag_proto: http swag_url: navi.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://navi.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "4533" target: 4533 restart: unless-stopped user: 1000:1000 volumes: - source: ${DOCKER_VOLUME_CONFIG}/navidrome target: /data type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_STORAGE}/Audio/Music target: /music type: bind bind: create_host_path: true netbox: container_name: netbox depends_on: netbox-db: condition: service_healthy required: true redis: condition: service_started required: true environment: PUID: ${PUID} PGID: ${PGID} TZ: ${TZ} SUPERUSER_EMAIL: charish.patel@pm.me SUPERUSER_PASSWORD: ${NETBOX_SUPERUSER_PASSWORD} ALLOWED_HOST: net.trez.wtf DB_NAME: netbox DB_USER: netbox DB_PASSWORD: ${NETBOX_PG_DB_PASSWORD} DB_HOST: netbox-db DB_PORT: 5432 DEBUG: false DOCKER_MODS: linuxserver/mods:netbox-slurpit REDIS_HOST: redis REDIS_PORT: 6379 REMOTE_AUTH_ENABLED: image: lscr.io/linuxserver/netbox:latest labels: homepage.group: Infrastructure/App Performance Monitoring homepage.name: Netbox homepage.href: https://net.${MY_TLD} homepage.icon: netbox.svg homepage.description: Network modeling/documentation swag: enable swag_url: net.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://net.${MY_TLD} ports: - 8007:8000 restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/netbox/:/config netbox-db: container_name: netbox-db environment: POSTGRES_USER: netbox POSTGRES_PASSWORD: ${NETBOX_PG_DB_PASSWORD} POSTGRES_DB: netbox expose: - 5432 healthcheck: test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER start_period: 20s timeout: 30s interval: 10s retries: 5 image: postgres:17-alpine restart: always volumes: - source: netbox-pg-db target: /var/lib/postgresql/data type: volume volume: {} nextcloud: container_name: nextcloud depends_on: mariadb: condition: service_started required: true restart: true environment: PGID: 1000 PUID: 1000 TZ: America/New_York LOG_LEVEL: debug hostname: Rinoa image: lscr.io/linuxserver/nextcloud:latest labels: homepage.group: Personal Services homepage.name: NextCloud homepage.href: https://cloud.${MY_TLD} homepage.icon: nextcloud.png homepage.description: Private Cloud swag: enable swag_proto: https swag_url: cloud.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://cloud.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "444" target: 443 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/nextcloud target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/nextcloud target: /data type: bind ollama: container_name: ollama extra_hosts: - host.docker.internal:host-gateway image: ollama/ollama networks: default: null ports: - mode: ingress protocol: tcp published: "11434" target: 11434 restart: always volumes: - source: ollama target: /root/.ollama type: volume volume: {} ombi: container_name: ombi environment: PGID: "1000" PUID: "1000" TZ: America/New_York hostname: Rinoa image: lscr.io/linuxserver/ombi:latest labels: homepage.group: Media Library homepage.name: Ombi homepage.href: https://ombi.${MY_TLD} homepage.icon: ombi.png homepage.description: Media Requests homepage.widget.type: ombi homepage.widget.url: http://ombi:3579 homepage.widget.key: ${OMBI_API_KEY} swag: enable swag.uptime-kuma.enabled: true networks: default: null ports: - mode: ingress protocol: tcp published: "3579" target: 3579 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/ombi target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind paperless-ngx: container_name: paperless-ngx depends_on: mariadb: condition: service_started required: true restart: true environment: PAPERLESS_DBENGINE: mariadb PAPERLESS_DBHOST: mariadb PAPERLESS_DBPASS: ${PAPERLESS_DBPASS} PAPERLESS_DBPORT: 3306 PAPERLESS_DBUSER: paperless PAPERLESS_OCR_LANGUAGE: eng PAPERLESS_OCR_LANGUAGES: all PAPERLESS_REDIS: redis://redis:6379 PAPERLESS_SECRET_KEY: ${PAPERLESS_SECRET_KEY} PAPERLESS_TIME_ZONE: ${TZ} PAPERLESS_URL: https://docs.${MY_TLD} USERMAP_GID: ${PGID} USERMAP_UID: ${PUID} image: ghcr.io/paperless-ngx/paperless-ngx:latest labels: swag: enable swag_proto: http swag_port: 8000 swag_url: docs.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://docs.${MY_TLD} homepage.group: Personal Services homepage.name: Paperless-ngx homepage.href: https://docs.${MY_TLD} homepage.icon: paperless-ngx.svg homepage.description: Document indexer & archiver with OCR networks: default: null ports: - mode: ingress protocol: tcp published: "8004" target: 8000 restart: unless-stopped volumes: - source: paperless-ngx-data target: /usr/src/paperless/data type: volume volume: {} - source: paperless-ngx-media target: /usr/src/paperless/media type: volume volume: {} - source: ${DOCKER_VOLUME_CONFIG}/paperless-ngx/export target: /usr/src/paperless/export type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/paperless-ngx/consume target: /usr/src/paperless/consume type: bind bind: create_host_path: true pgbackweb: container_name: pgbackweb depends_on: pgbackweb-db: condition: service_healthy environment: PBW_ENCRYPTION_KEY: ${PGBACKWEB_ENCRYPTION_KEY} PBW_POSTGRES_CONN_STRING: "postgresql://pgbackweb:${PGBACKWEB_PG_DB_PASSWD}@pgbackweb-db:5432/pgbackweb?sslmode=disable" TZ: ${TZ} image: eduardolat/pgbackweb:latest labels: homepage.group: System Administration homepage.name: PGBackweb homepage.href: https://pg.${MY_TLD} homepage.icon: sh-pg-back-web.svg homepage.description: Backups for PostgreSQL swag: enable swag_proto: http swag_port: 8085 swag_url: pg.${MY_TLD} ports: - "8085:8085" # Access the web interface at http://localhost:8085 pgbackweb-db: container_name: pgbackweb-db environment: POSTGRES_USER: pgbackweb POSTGRES_DB: pgbackweb POSTGRES_PASSWORD: ${PGBACKWEB_PG_DB_PASSWD} expose: - 5432 healthcheck: test: ["CMD-SHELL", "pg_isready -U postgres"] interval: 5s timeout: 5s retries: 5 image: postgres:16-alpine volumes: - pgbackweb-data:/var/lib/postgresql/data plantuml-server: container_name: plantuml-server expose: - 8080 image: 'plantuml/plantuml-server:jetty' restart: unless-stopped plausible: command: sh -c "sleep 10 && /entrypoint.sh db createdb && /entrypoint.sh db migrate && /entrypoint.sh run" container_name: plausible depends_on: plausible_db: condition: service_started required: true plausible_events_db: condition: service_started required: true environment: BASE_URL: https://analytics.${MY_TLD} CLICKHOUSE_DATABASE_URL: http://plausible-events-db:8123/plausible_events_db DATABASE_URL: postgres://plausible:${PLAUSIBLE_PG_PASSWORD}@plausible-db:5432/plausible_db DISABLE_REGISTRATION: invite_only ENABLE_EMAIL_VERIFICATION: true MAILER_ADAPTER: Bamboo.Mua MAILER_EMAIL: noreply@trez.wtf MAILER_NAME: Plausible MAXMINDDB_LICENSE_KEY: ${SWAG_MAXMINDDB_LICENSE_KEY} SECRET_KEY_BASE: ${PLAUSIBLE_SECRET_KEY_BASE} SMTP_HOST_ADDR: postal-smtp SMTP_HOST_PORT: 25 SMTP_USER_NAME: ${POSTAL_SMTP_AUTH_USER} SMTP_USER_PWD: ${POSTAL_SMTP_AUTH_PASSWORD} TOTP_VAULT_KEY: ${PLAUSIBLE_TOTP_VAULT_KEY} image: ghcr.io/plausible/community-edition:v2.1.0 labels: swag: enable swag_proto: http swag_port: 8000 swag_url: analytics.${MY_TLD} homepage.group: Professional Services homepage.name: Plausible homepage.href: https://analytics.${MY_TLD} homepage.icon: plausible.svg homepage.description: Open-source web analytics networks: default: null ports: - mode: ingress protocol: tcp published: "8107" target: 8000 restart: always plausible_db: container_name: plausible-db environment: POSTGRES_DB: plausible_db POSTGRES_PASSWORD: ${PLAUSIBLE_PG_PASSWORD} POSTGRES_USER: plausible expose: - 5432 image: postgres:16-alpine networks: default: null restart: always volumes: - plausible-db-data:/var/lib/postgresql/data plausible_events_db: container_name: plausible-events-db expose: - 8123 image: clickhouse/clickhouse-server:24.3.3.102-alpine networks: default: null restart: always ulimits: nofile: hard: 262144 soft: 262144 volumes: - plausible-event-data:/var/lib/clickhouse - plausible-event-logs:/var/log/clickhouse-server - ${DOCKER_VOLUME_CONFIG}/plausible/clickhouse/clickhouse-config.xml:/etc/clickhouse-server/config.d/logging.xml:ro - ${DOCKER_VOLUME_CONFIG}/plausible/clickhouse/clickhouse-user-config.xml:/etc/clickhouse-server/users.d/logging.xml:ro postal-smtp: cap_add: - NET_BIND_SERVICE command: postal smtp-server container_name: postal-smtp image: ghcr.io/postalserver/postal:latest networks: default: null ports: - mode: ingress protocol: tcp published: "25" target: 25 restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/postal target: /config type: bind bind: create_host_path: true postal-web: command: postal web-server container_name: postal-web image: ghcr.io/postalserver/postal:latest labels: swag: enable swag_proto: http swag_port: 5000 swag_address: postal-web swag_url: post.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://post.${MY_TLD} homepage.group: System Administration homepage.name: Postal homepage.href: https://post.${MY_TLD} homepage.icon: sh-postal.svg homepage.description: OSS Mail delivery platform networks: default: null ports: - mode: ingress protocol: tcp published: "5001" target: 5000 restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/postal target: /config type: bind bind: create_host_path: true postal-worker: command: postal worker container_name: postal-worker environment: LOG_LEVEL: debug image: ghcr.io/postalserver/postal:latest networks: default: null restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/postal target: /config type: bind bind: create_host_path: true prowlarr: container_name: prowlarr environment: PGID: 1000 PUID: 1000 TZ: America/New_York DOCKER_MODS: ghcr.io/gilbn/theme.park:sonarr TP_DOMAIN: trez.wtf\/themepark TP_COMMUNITY_THEME: false TP_THEME: space-gray hostname: Rinoa image: lscr.io/linuxserver/prowlarr:latest labels: homepage.group: Servarr Stack homepage.name: Prowlarr homepage.href: https://prowlarr.${MY_TLD} homepage.icon: prowlarr.png homepage.description: Index aggregator homepage.widget.type: prowlarr homepage.widget.url: http://prowlarr:9696 homepage.widget.key: ${PROWLARR_API_KEY} swag: enable swag.uptime-kuma.enabled: true networks: default: null ports: - mode: ingress protocol: tcp published: "9696" target: 9696 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/prowlarr target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind radarec: container_name: radarec environment: auto_start: true auto_start_delay: 60 dry_run_adding_to_radarr: false fallback_to_top_result: false language_choice: all metadata_profile_id: 1 minimum_rating: 4.5 minimum_votes: 50 quality_profile_id: 1 radarr_address: http://radarr:7878 radarr_api_key: ${RADARR_API_KEY} radarr_api_timeout: 120 root_folder_path: /data/media/movies search_for_movie: true tmdb_api_key: ${TMDB_API_KEY} expose: - 5000 image: thewicklowwolf/radarec:latest labels: homepage.group: Servarr Stack homepage.name: RadaRec homepage.href: https://radarec.${MY_TLD} homepage.icon: sh-radarec.png homepage.description: Movie discovery based on library/tastes swag: enable swag_proto: http swag_port: 5000 swag_auth: authelia swag_url: radarec.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://radarec.${MY_TLD} networks: default: null restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_STORAGE}/Movies target: /data/media/movies type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/radarec target: /radarec/config type: bind bind: create_host_path: true - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind radarr: container_name: radarr environment: PGID: "1000" PUID: "1000" TZ: America/New_York hostname: Rinoa image: lscr.io/linuxserver/radarr:latest labels: homepage.group: Servarr Stack homepage.name: Radarr homepage.href: https://radarr.${MY_TLD} homepage.icon: radarr.png homepage.description: Movie Automation homepage.widget.type: radarr homepage.widget.url: http://radarr:7878 homepage.widget.key: ${RADARR_API_KEY} swag: enable swag.uptime-kuma.enabled: true networks: default: null ports: - mode: ingress protocol: tcp published: "7878" target: 7878 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/radarr target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind reactive-resume: container_name: reactive-resume depends_on: browserless: condition: service_started required: true minio: condition: service_started required: true reactive-resume-pg: condition: service_started required: true environment: ACCESS_TOKEN_SECRET: ${REACTIVE_RESUME_ACCESS_TOKEN_SECRET} CHROME_PORT: 443 CHROME_TOKEN: ${CHROMIUM_TOKEN} CHROME_URL: wss://browse.${MY_TLD} DATABASE_URL: postgresql://reactiveresume:${REACTIVE_RESUME_PGSQL_PASSWORD}@reactive-resume-pg:5432/reactiveresume MAIL_FROM: noreply@trez.wtf NODE_ENV: production PORT: 3000 PUBLIC_URL: https://resume.${MY_TLD} REFRESH_TOKEN_SECRET: ${REACTIVE_RESUME_REFRESH_TOKEN_SECRET} SMTP_URL: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25 STORAGE_ACCESS_KEY: ${REACTIVE_RESUME_S3_ACCESS_KEY} STORAGE_BUCKET: reactive-resume STORAGE_ENDPOINT: minio STORAGE_PORT: 9000 STORAGE_REGION: us-east-fh-pln STORAGE_SECRET_KEY: ${REACTIVE_RESUME_S3_SECRET_KEY} STORAGE_URL: https://s3.trez.wtf/reactive-resume STORAGE_USE_SSL: false TZ: ${TZ} image: amruthpillai/reactive-resume:latest labels: homepage.group: Professional Services homepage.name: Reactive Resume homepage.href: https://resume.${MY_TLD} homepage.icon: reactive-resume.svg homepage.description: Open-source resume builder swag: enable swag_proto: http swag_port: 3000 swag_url: resume.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://resume.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "3011" target: 3000 restart: unless-stopped reactive-resume-pg: container_name: reactive-resume-pg environment: TZ: ${TZ} POSTGRES_DB: reactiveresume POSTGRES_USER: reactiveresume POSTGRES_PASSWORD: ${REACTIVE_RESUME_PGSQL_PASSWORD} expose: - 5432 image: postgres:16-alpine networks: default: null restart: unless-stopped volumes: - reactive-resume-pg:/var/lib/postgresql/data readarr: container_name: readarr environment: PGID: 1000 PUID: 1000 TZ: America/New_York DOCKER_MODS: ghcr.io/gilbn/theme.park:readnarr hostname: Rinoa image: lscr.io/linuxserver/readarr:develop labels: homepage.group: Servarr Stack homepage.name: Readarr homepage.href: https://readarr.${MY_TLD} homepage.icon: readarr.png homepage.description: eBook/Audiobook Automation homepage.widget.type: readarr homepage.widget.url: http://readarr:8787 homepage.widget.key: ${READARR_API_KEY} swag: enable swag.uptime-kuma.enabled: true networks: default: null ports: - mode: ingress protocol: tcp published: "8787" target: 8787 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/readarr target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind redis: cap_add: - SETGID - SETUID - DAC_OVERRIDE cap_drop: - ALL command: redis-server --save "" --appendonly "no" container_name: redis expose: - 6379 image: redis:alpine networks: default: null restart: unless-stopped tmpfs: - /var/lib/redis redlib: cap_drop: - ALL container_name: redlib environment: REDLIB_SFW_ONLY: off REDLIB_BANNER: REDLIB_ROBOTS_DISABLE_INDEXING: off REDLIB_PUSHSHIFT_FRONTEND: undelete.pullpush.io REDLIB_DEFAULT_THEME: nord REDLIB_DEFAULT_FRONT_PAGE: default REDLIB_DEFAULT_LAYOUT: clean REDLIB_DEFAULT_WIDE: on REDLIB_DEFAULT_POST_SORT: hot REDLIB_DEFAULT_COMMENT_SORT: confidence REDLIB_DEFAULT_SHOW_NSFW: off REDLIB_DEFAULT_BLUR_NSFW: on REDLIB_DEFAULT_USE_HLS: off REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION: off REDLIB_DEFAULT_AUTOPLAY_VIDEOS: off REDLIB_DEFAULT_SUBSCRIPTIONS: REDLIB_DEFAULT_HIDE_AWARDS: off REDLIB_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION: off REDLIB_DEFAULT_HIDE_SCORE: off REDLIB_DEFAULT_FIXED_NAVBAR: on image: quay.io/redlib/redlib:latest labels: homepage.group: Social homepage.name: Redlib homepage.href: https://rlib.${MY_TLD} homepage.icon: libreddit.svg homepage.description: Redlib is a private front-end like Invidious but for Reddit swag: enable swag_auth: authelia swag_proto: http swag_port: 8080 swag_url: rlib.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://rlib.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "8103" target: 8080 read_only: true restart: always security_opt: - no-new-privileges=true user: nobody sabnzbdvpn: cap_add: - NET_ADMIN - SYS_MODULE container_name: sabnzbdvpn environment: ENABLE_PRIVOXY: no LAN_NETWORK: 192.168.1.0/24 NAME_SERVERS: 192.168.1.254,1.1.1.1 PGID: 1000 PUID: 1000 TZ: America/New_York VPN_CLIENT: openvpn VPN_ENABLED: yes VPN_INPUT_PORTS: VPN_OPTIONS: VPN_OUTPUT_PORTS: VPN_PASS: QGXRAYAwzVv9X84MAK2gPYq2Mt6ztdoA VPN_PROV: pia VPN_USER: p3120278 DEBUG: true hostname: Rinoa image: ghcr.io/binhex/arch-sabnzbdvpn:latest labels: homepage.group: Downloaders homepage.name: SABnzbd homepage.href: https://sabnzbd.${MY_TLD} homepage.icon: sabnzbd.png homepage.description: NZB Downloader over VPN homepage.widget.type: sabnzbd homepage.widget.url: http://sabnzbdvpn:8080 homepage.widget.env: 1 homepage.widget.key: ${SABNZBDVPN_API_KEY} swag: enable swag_proto: http swag_url: sabnzbd.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://sabnzbd.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "8080" target: 8080 - mode: ingress protocol: tcp published: "8090" target: 8090 - mode: ingress protocol: tcp published: "8119" target: 8118 privileged: true restart: unless-stopped sysctls: net.ipv4.conf.all.src_valid_mark: "1" volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/sabnzbdvpn target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind scraperr: command: - npm - run - start container_name: scraperr expose: - 3000 image: jpyles0524/scraperr:latest labels: homepage.group: Personal Services homepage.name: Scraperr homepage.href: https://scrape.${MY_TLD} homepage.icon: /icons/scraperr.png homepage.description: Web scraper swag: enable swag_proto: http swag_port: 3000 swag_url: scrape.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://scrape.${MY_TLD} networks: default: null restart: unless-stopped scraperr-api: container_name: scraperr-api environment: LOG_LEVEL: DEBUG OLLAMA_URL: http://ollama:11434 OLLAMA_MODEL: phi3 MONGODB_URI: mongodb://host.docker.internal:27017,host.docker.internal:27018,host.docker.internal:27019/scrapper SECRET_KEY: ${SCRAPERR_SECRET_KEY} ALGORITHM: HS256 ACCESS_TOKEN_EXPIRE_MINUTES: 600 DOCKER_HOST: tcp://dockerproxy:2375 expose: - 8000 extra_hosts: - host.docker.internal:host-gateway image: jpyles0524/scraperr_api:latest labels: swag: enable swag_proto: http swag_port: 3000 swag_server_custom_directive: "location /api/ { rewrite ^/api(/.*)$ /$1 break ; proxy_pass http://scraperr:3000; }" networks: default: null restart: unless-stopped scrutiny: cap_add: - SYS_RAWIO container_name: scrutiny devices: - "/dev/nvme0n1:/dev/nvme0n1:rwm" - "/dev/sda:/dev/sda:rwm" - "/dev/sdb:/dev/sdb:rwm" - "/dev/sdc:/dev/sdc:rwm" - "/dev/sdd:/dev/sdd:rwm" - "/dev/sde:/dev/sde:rwm" - "/dev/sdf:/dev/sdf:rwm" image: ghcr.io/analogj/scrutiny:master-omnibus labels: homepage.group: Infrastructure/App Performance Monitoring homepage.name: Scrutiny homepage.href: http://192.168.1.254:8909 homepage.icon: scrutiny.png homepage.description: WebUI for smartd S.M.A.R.T monitoring homepage.widget.type: scrutiny homepage.widget.url: http://scrutiny:8080 networks: default: null ports: - mode: ingress protocol: tcp published: "8909" target: 8080 - mode: ingress protocol: tcp published: "8910" target: 8086 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /run/udev target: /run/udev type: bind - source: ${DOCKER_VOLUME_CONFIG}/scrutiny/config target: /opt/scrutiny/config type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/scrutiny/influxdb target: /opt/scrutiny/influxdb type: bind bind: create_host_path: true searxng: cap_add: - CHOWN - SETGID - SETUID cap_drop: - ALL container_name: searxng environment: SEARXNG_BASE_URL: https://${SEARXNG_BASE_URL:-localhost}/ image: searxng/searxng:latest labels: homepage.group: Personal Services homepage.name: SearxNG homepage.href: https://search.${MY_TLD} homepage.icon: searxng.png homepage.description: Anonymized Meta-Search Engine swag: enable swag_address: searxng swag_proto: http swag_url: search.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://search.${MY_TLD} logging: driver: json-file options: max-file: "1" max-size: 1m networks: default: null ports: - mode: ingress protocol: tcp published: "8095" target: 8080 privileged: true restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/searxng target: /etc/searxng type: bind bind: create_host_path: true slurpit-portal: container_name: slurpit-portal environment: TZ: ${TZ} PORTAL_BASE_URL: https://slurpit.trez.wtf PORTAL_WAREHOUSE_URL: http://slurpit-warehouse image: slurpit/portal:latest labels: homepage.group: Infrastructure/App Performance Monitoring homepage.name: Slurp'it homepage.href: https://slurpit.${MY_TLD} homepage.icon: /icons/slurpit.png homepage.description: Network discovery swag: enable swag_port: 80 swag_url: slurpit.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://slurpit.${MY_TLD} ports: - 8110:80 - 5443:443 restart: always volumes: - ${DOCKER_VOLUME_CONFIG}/slurpit/logs/nginx:/var/log/nginx/ - ${DOCKER_VOLUME_CONFIG}/slurpit/logs/mysql:/var/log/mysql/ - ${DOCKER_VOLUME_CONFIG}/slurpit/logs/php:/var/log/php/ - ${DOCKER_VOLUME_CONFIG}/slurpit/certs:/etc/nginx/certs/ - ${DOCKER_VOLUME_CONFIG}/slurpit/db/portal:/var/lib/mysql - ${DOCKER_VOLUME_CONFIG}/slurpit/backup/portal:/backup/files slurpit-scanner: container_name: slurpit-scanner depends_on: slurpit-warehouse: condition: service_healthy environment: TZ: ${TZ} SCANNER_POOLSIZE: 4 SCANNER_TIMEOUT: 10 SCANNER_WAREHOUSE_URL: http://slurpit-warehouse image: slurpit/scanner:latest restart: always volumes: - ${DOCKER_VOLUME_CONFIG}/slurpit/logs/scanner:/logs slurpit-scraper: container_name: slurpit-scraper depends_on: slurpit-warehouse: condition: service_healthy image: slurpit/scraper:latest environment: TZ: ${TZ} SCRAPER_TIMEOUT: 20 SCRAPER_POOLSIZE: 4 SCRAPER_WAREHOUSE_URL: http://slurpit-warehouse restart: always volumes: - ${DOCKER_VOLUME_CONFIG}/slurpit/logs/scraper:/logs slurpit-warehouse: container_name: slurpit-warehouse healthcheck: test: ["CMD", "curl", "-f", "http://localhost/services"] interval: 10s timeout: 10s retries: 360 image: slurpit/warehouse:latest environment: TZ: ${TZ} WAREHOUSE_CALLBACK_SCANNER_URL: http://slurpit-portal/callback/scanner WAREHOUSE_CALLBACK_SCANNER_TOKEN: WAREHOUSE_CALLBACK_SCRAPER_URL: http://slurpit-portal/callback/scraper WAREHOUSE_CALLBACK_SCRAPER_TOKEN: restart: always volumes: - ${DOCKER_VOLUME_CONFIG}/slurpit/backup/warehouse:/backup/files - ${DOCKER_VOLUME_CONFIG}/slurpit/db/warehouse:/var/lib/mongodb - ${DOCKER_VOLUME_CONFIG}/slurpit/logs/warehouse/mongodb:/var/log/mongodb - ${DOCKER_VOLUME_CONFIG}/slurpit/logs/warehouse:/logs sonarqube: container_name: sonarqube depends_on: sonarqube-pg-db: condition: service_healthy environment: SONAR_JDBC_URL: jdbc:postgresql://sonarqube-pg-db:5432/sonar SONAR_JDBC_USERNAME: sonar SONAR_JDBC_PASSWORD: ${SONARQUBE_POSTGRES_PASSWORD} SONAR_SECURITY_REALM: LDAP LDAP_URL: ldap://lldap:3890 LDAP_BINDDN: cn=sonarqube,ou=people,dc=trez,dc=wtf LDAP_BINDPASSWORD: ${SONARQUBE_LDAP_BIND_PASSWORD} LDAP_AUTHENTICATION: simple LDAP_USER_BASEDN: ou=people,dc=trez,dc=wtf LDAP_USER_REQUEST: (&(objectClass=inetOrgPerson)(uid={login})(memberof=cn=sonarqube_users,ou=groups,dc=example,dc=com)) LDAP_USER_REALNAMEATTRIBUTE: cn LDAP_USER_EMAILATTRIBUTE: mail hostname: sonarqube image: mc1arke/sonarqube-with-community-branch-plugin:lts labels: homepage.group: Code/DevOps homepage.name: Sonarqube homepage.href: https://sqube.trez.wtf homepage.icon: sonarqube.svg homepage.description: Code/DevOps quality/security swag: enable swag_proto: http swag_port: 9000 swag_url: sqube.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://sqube.${MY_TLD} volumes: - sonarqube-data:/opt/sonarqube/data - sonarqube-extensions:/opt/sonarqube/extensions - sonarqube-logs:/opt/sonarqube/logs - sonarqube-temp:/opt/sonarqube/temp ports: - 9003:9000 read_only: true restart: unless-stopped sonarqube-pg-db: container_name: sonarqube-pg-db environment: POSTGRES_USER: sonar POSTGRES_PASSWORD: ${SONARQUBE_POSTGRES_PASSWORD} POSTGRES_DB: sonar healthcheck: test: ["CMD-SHELL", "pg_isready"] interval: 10s timeout: 5s retries: 5 image: postgres:17-alpine restart: unless-stopped volumes: - sonarqube-db:/var/lib/postgresql - sonarqube-db-data:/var/lib/postgresql/data sonarr: container_name: sonarr environment: PGID: 1000 PUID: 1000 TZ: America/New_York DOCKER_MODS: ghcr.io/gilbn/theme.park:sonarr hostname: Rinoa image: lscr.io/linuxserver/sonarr:latest labels: homepage.group: Servarr Stack homepage.name: Sonarr homepage.href: https://sonarr.${MY_TLD} homepage.icon: sonarr.png homepage.description: TV Show Automation homepage.widget.type: sonarr homepage.widget.url: http://sonarr:8989 homepage.widget.key: ${SONARR_API_KEY} swag: enable swag.uptime-kuma.enabled: true networks: default: null ports: - mode: ingress protocol: tcp published: "8989" target: 8989 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/sonarr target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind sonashow: container_name: sonashow environment: auto_start: true auto_start_delay: 60 dry_run_adding_to_sonarr: false fallback_to_top_result: false language_choice: all metadata_profile_id: 1 minimum_rating: 4.5 minimum_votes: 50 quality_profile_id: 1 radarr_address: http://sonarr:8989 radarr_api_key: ${SONARR_API_KEY} root_folder_path: /data/media/shows search_for_missing_episodes: true sonarr_api_timeout: 120 tmdb_api_key: ${TMDB_API_KEY} expose: - 5000 image: thewicklowwolf/sonashow:latest labels: homepage.group: Servarr Stack homepage.name: Sonashow homepage.href: https://sonashow.${MY_TLD} homepage.icon: /icons/sonashow.png homepage.description: TV show discovery based on library/tastes swag: enable swag_auth: authelia swag_proto: http swag_port: 5000 swag_url: sonashow.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://sonashow.${MY_TLD} networks: default: null restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_STORAGE}/TV_Shows target: /data/media/shows type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/sonashow target: /sonashow/config type: bind bind: create_host_path: true - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind soularr: container_name: soularr depends_on: - lidarr - soulseek environment: PUID: ${PUID} PGID: ${PGID} TZ: ${TZ} #Script interval in seconds SCRIPT_INTERVAL: 300 image: mrusse08/soularr:latest restart: unless-stopped volumes: #"You can set /downloads to whatever you want but will then need to change the Slskd download dir in your config file" - ${DOCKER_VOLUME_STORAGE}/downloads:/downloads #Select where you are storing your config file. Leave "/data" since thats where the script expects the config file to be - ${DOCKER_VOLUME_CONFIG}/soularr:/data soulseek: container_name: soulseek depends_on: gluetun: condition: service_started required: true restart: true environment: SLSKD_PASSWORD: ${SLSKD_PASSWORD} SLSKD_REMOTE_CONFIGURATION: true SLSKD_SHARED_DIR: /music SLSKD_USERNAME: slsk image: slskd/slskd labels: homepage.name: Soulseek homepage.group: Downloaders homepage.description: Modern client-server application for the Soulseek file-sharing network. homepage.href: https://slsk.${MY_TLD} homepage.icon: /icons/slskd.png swag: enable swag_proto: http swag_url: slsk.${MY_TLD} swag_address: gluetun swag_port: 5030 swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://slsk.${MY_TLD} network_mode: service:gluetun restart: always volumes: - source: ${DOCKER_VOLUME_CONFIG}/soulseek target: /app type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_STORAGE}/Audio/Music target: /music type: bind bind: create_host_path: true speedtest-tracker: container_name: speedtest-tracker image: lscr.io/linuxserver/speedtest-tracker:latest environment: PUID: ${PUID} PGID: ${PGID} APP_KEY: ${SPEEDTEST_TRACKER_APP_KEY} DB_CONNECTION: sqlite labels: homepage.name: Speedtest Traccker homepage.group: System Administration homepage.description: Self-hosted internet performance tracking homepage.href: https://speed.${MY_TLD} homepage.icon: speedtest-tracker.png swag: enable swag_proto: http swag_url: speed.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://slsk.${MY_TLD} ports: - 47512:80 - 62777:443 restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/speedtest-tracker:/config spotisub: container_name: spotisub environment: SPOTIPY_CLIENT_ID: ${YOUR_SPOTIFY_ID} SPOTIPY_CLIENT_SECRET: ${YOUR_SPOTIFY_SECRET} SPOTIPY_REDIRECT_URI: http://127.0.0.1:8080/ SUBSONIC_API_HOST: http://navidrome SUBSONIC_API_PORT: 4533 SUBSONIC_API_USER: ${NAVIDROME_USERNAME} SUBSONIC_API_PASS: ${NAVIDROME_PASSWORD} healthcheck: test: curl -s http://127.0.0.1:5183/api/v1/utils/healthcheck | grep -q 'Ok!' || exit 1 interval: 30s retries: 20 start_period: 30s image: blastbeng/spotisub:latest ports: - 5183:5183 restart: always volumes: - ${DOCKER_VOLUME_CONFIG}/spotisub:/home/user/spotisub/cache swag: cap_add: - NET_ADMIN container_name: swag environment: DNSPLUGIN: cloudflare EMAIL: charish.patel@trez.wtf EXTRA_DOMAINS: ONLY_SUBDOMAINS: false PGID: 1000 PUID: 1000 SUBDOMAINS: etherpad,ha,www TZ: America/New_York URL: trez.wtf VALIDATION: dns CROWDSEC_API_KEY: ${CROWDSEC_API_KEY} CROWDSEC_LAPI_URL: http://crowdsec:8080 DOCKER_MODS: linuxserver/mods:universal-docker|linuxserver/mods:swag-auto-reload|linuxserver/mods:swag-auto-proxy|linuxserver/mods:swag-dashboard|linuxserver/mods:swag-maxmind|linuxserver/mods:universal-stdout-logs|ghcr.io/linuxserver/mods:swag-crowdsec #|linuxserver/mods:swag-auto-uptime-kuma PROPAGATION: 30 UPTIME_KUMA_PASSWORD: ${UPTIME_KUMA_PASSWORD} UPTIME_KUMA_URL: http://uptimekuma:3001 UPTIME_KUMA_USERNAME: ${UPTIME_KUMA_USERNAME} hostname: Rinoa image: lscr.io/linuxserver/swag:latest labels: swag: enable swag_proto: http swag_port: 81 swag_url: swag.${MY_TLD} swag_auth: authelia komodo.skip: a swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://swag.${MY_TLD} homepage.group: Infrastructure/App Performance Monitoring homepage.name: SWAG Dashboard homepage.href: https://swag.${MY_TLD} homepage.icon: linuxserver-io.png homepage.description: SWAG Dashboard for proxies homepage.widget.type: swagdashboard homepage.widget.url: http://swag:81 networks: default: null ports: - mode: ingress protocol: tcp published: "443" target: 443 - mode: ingress protocol: tcp published: "80" target: 80 - mode: ingress protocol: tcp published: "81" target: 81 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/swag target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind - bind: create_host_path: true read_only: true source: /var/run/docker.sock target: /var/run/docker.sock type: bind synapse: container_name: synapse depends_on: - synapse-db environment: SYNAPSE_CONFIG_PATH: /data/homeserver.yaml PUID: 1000 PGID: 1000 image: docker.io/matrixdotorg/synapse:latest labels: swag: enable swag_proto: http swag_url: matrix.${MY_TLD} swag_port: 8008 swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://matrix.${MY_TLD} ports: - 19345:8008 - 8448:8448/tcp restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/synapse/:/data synapse-db: container_name: synapse-db image: postgres:16-alpine environment: POSTGRES_USER: synapse POSTGRES_PASSWORD: ${SYNAPSE_POSTGRES_PASSWORD} POSTGRES_INITDB_ARGS: "--encoding=UTF-8 --lc-collate=C --lc-ctype=C" expose: - 5432 restart: unless-stopped volumes: - synapse-db:/var/lib/postgresql/data tandoor: container_name: tandoor-recipes depends_on: tandoor-pg: condition: service_started required: true environment: DB_ENGINE: django.db.backends.postgresql GID: 1000 POSTGRES_DB: tandoor POSTGRES_HOST: tandoor-pg POSTGRES_PASSWORD: ${TANDOOR_POSTGRES_PASSWORD} POSTGRES_USER: tandoor SECRET_KEY: ${TANDOOR_SECRET_KEY} TZ: ${TZ} UID: 1000 image: vabene1111/recipes labels: homepage.group: Lifestyle homepage.name: Tandoor Recipes homepage.href: https://recipes.${MY_TLD} homepage.icon: tandoor-recipes.svg homepage.description: Recipes, cookbooks, meal-planning, & grocery lists homepage.widget.type: tandoor homepage.widget.url: http://tandoor-recipes:8080 homepage.widget.key: ${TANDOOR_API_TOKEN} swag: enable swag_proto: http swag_url: recipes.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://trac.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "8106" target: 8080 restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/tandoor/static target: /opt/recipes/staticfiles type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/tandoor/media target: /opt/recipes/mediafiles type: bind bind: create_host_path: true tandoor-pg: container_name: tandoor-pg environment: POSTGRES_DB: tandoor POSTGRES_PASSWORD: ${TANDOOR_POSTGRES_PASSWORD} POSTGRES_USER: tandoor expose: - 5432 image: postgres:16-alpine networks: default: null restart: always volumes: - source: tandoor-pg target: /var/lib/postgresql/data type: volume volume: {} traccar: container_name: traccar image: traccar/traccar:latest labels: homepage.group: Personal Services homepage.name: Traccar homepage.href: https://trac.${MY_TLD} homepage.icon: traccar.svg homepage.description: Open-source GPS tracking system swag: enable swag_proto: http swag_port: 8082 swag_url: trac.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://trac.${MY_TLD} networks: default: null ports: - mode: ingress protocol: udp published: "6000" target: 5000 - mode: ingress protocol: udp published: "6001" target: 5001 - mode: ingress protocol: udp published: "6002" target: 5002 - mode: ingress protocol: udp published: "6003" target: 5003 - mode: ingress protocol: udp published: "6004" target: 5004 - mode: ingress protocol: udp published: "6005" target: 5005 - mode: ingress protocol: udp published: "6006" target: 5006 - mode: ingress protocol: udp published: "6007" target: 5007 - mode: ingress protocol: udp published: "6008" target: 5008 - mode: ingress protocol: udp published: "6009" target: 5009 - mode: ingress protocol: udp published: "6010" target: 5010 - mode: ingress protocol: udp published: "6011" target: 5011 - mode: ingress protocol: udp published: "6012" target: 5012 - mode: ingress protocol: udp published: "6013" target: 5013 - mode: ingress protocol: udp published: "6014" target: 5014 - mode: ingress protocol: udp published: "6015" target: 5015 - mode: ingress protocol: udp published: "6016" target: 5016 - mode: ingress protocol: udp published: "6017" target: 5017 - mode: ingress protocol: udp published: "6018" target: 5018 - mode: ingress protocol: udp published: "6019" target: 5019 - mode: ingress protocol: udp published: "6020" target: 5020 - mode: ingress protocol: udp published: "6021" target: 5021 - mode: ingress protocol: udp published: "6022" target: 5022 - mode: ingress protocol: udp published: "6023" target: 5023 - mode: ingress protocol: udp published: "6024" target: 5024 - mode: ingress protocol: udp published: "6025" target: 5025 - mode: ingress protocol: udp published: "6026" target: 5026 - mode: ingress protocol: udp published: "6027" target: 5027 - mode: ingress protocol: udp published: "6028" target: 5028 - mode: ingress protocol: udp published: "6029" target: 5029 - mode: ingress protocol: udp published: "6030" target: 5030 - mode: ingress protocol: udp published: "6031" target: 5031 - mode: ingress protocol: udp published: "6032" target: 5032 - mode: ingress protocol: udp published: "6033" target: 5033 - mode: ingress protocol: udp published: "6034" target: 5034 - mode: ingress protocol: udp published: "6035" target: 5035 - mode: ingress protocol: udp published: "6036" target: 5036 - mode: ingress protocol: udp published: "6037" target: 5037 - mode: ingress protocol: udp published: "6038" target: 5038 - mode: ingress protocol: udp published: "6039" target: 5039 - mode: ingress protocol: udp published: "6040" target: 5040 - mode: ingress protocol: udp published: "6041" target: 5041 - mode: ingress protocol: udp published: "6042" target: 5042 - mode: ingress protocol: udp published: "6043" target: 5043 - mode: ingress protocol: udp published: "6044" target: 5044 - mode: ingress protocol: udp published: "6045" target: 5045 - mode: ingress protocol: udp published: "6046" target: 5046 - mode: ingress protocol: udp published: "6047" target: 5047 - mode: ingress protocol: udp published: "6048" target: 5048 - mode: ingress protocol: udp published: "6049" target: 5049 - mode: ingress protocol: udp published: "6050" target: 5050 - mode: ingress protocol: udp published: "6051" target: 5051 - mode: ingress protocol: udp published: "6052" target: 5052 - mode: ingress protocol: udp published: "6053" target: 5053 - mode: ingress protocol: udp published: "6054" target: 5054 - mode: ingress protocol: udp published: "6055" target: 5055 - mode: ingress protocol: udp published: "6056" target: 5056 - mode: ingress protocol: udp published: "6057" target: 5057 - mode: ingress protocol: udp published: "6058" target: 5058 - mode: ingress protocol: udp published: "6059" target: 5059 - mode: ingress protocol: udp published: "6060" target: 5060 - mode: ingress protocol: udp published: "6061" target: 5061 - mode: ingress protocol: udp published: "6062" target: 5062 - mode: ingress protocol: udp published: "6063" target: 5063 - mode: ingress protocol: udp published: "6064" target: 5064 - mode: ingress protocol: udp published: "6065" target: 5065 - mode: ingress protocol: udp published: "6066" target: 5066 - mode: ingress protocol: udp published: "6067" target: 5067 - mode: ingress protocol: udp published: "6068" target: 5068 - mode: ingress protocol: udp published: "6069" target: 5069 - mode: ingress protocol: udp published: "6070" target: 5070 - mode: ingress protocol: udp published: "6071" target: 5071 - mode: ingress protocol: udp published: "6072" target: 5072 - mode: ingress protocol: udp published: "6073" target: 5073 - mode: ingress protocol: udp published: "6074" target: 5074 - mode: ingress protocol: udp published: "6075" target: 5075 - mode: ingress protocol: udp published: "6076" target: 5076 - mode: ingress protocol: udp published: "6077" target: 5077 - mode: ingress protocol: udp published: "6078" target: 5078 - mode: ingress protocol: udp published: "6079" target: 5079 - mode: ingress protocol: udp published: "6080" target: 5080 - mode: ingress protocol: udp published: "6081" target: 5081 - mode: ingress protocol: udp published: "6082" target: 5082 - mode: ingress protocol: udp published: "6083" target: 5083 - mode: ingress protocol: udp published: "6084" target: 5084 - mode: ingress protocol: udp published: "6085" target: 5085 - mode: ingress protocol: udp published: "6086" target: 5086 - mode: ingress protocol: udp published: "6087" target: 5087 - mode: ingress protocol: udp published: "6088" target: 5088 - mode: ingress protocol: udp published: "6089" target: 5089 - mode: ingress protocol: udp published: "6090" target: 5090 - mode: ingress protocol: udp published: "6091" target: 5091 - mode: ingress protocol: udp published: "6092" target: 5092 - mode: ingress protocol: udp published: "6093" target: 5093 - mode: ingress protocol: udp published: "6094" target: 5094 - mode: ingress protocol: udp published: "6095" target: 5095 - mode: ingress protocol: udp published: "6096" target: 5096 - mode: ingress protocol: udp published: "6097" target: 5097 - mode: ingress protocol: udp published: "6098" target: 5098 - mode: ingress protocol: udp published: "6099" target: 5099 - mode: ingress protocol: udp published: "6100" target: 5100 - mode: ingress protocol: udp published: "6101" target: 5101 - mode: ingress protocol: udp published: "6102" target: 5102 - mode: ingress protocol: udp published: "6103" target: 5103 - mode: ingress protocol: udp published: "6104" target: 5104 - mode: ingress protocol: udp published: "6105" target: 5105 - mode: ingress protocol: udp published: "6106" target: 5106 - mode: ingress protocol: udp published: "6107" target: 5107 - mode: ingress protocol: udp published: "6108" target: 5108 - mode: ingress protocol: udp published: "6109" target: 5109 - mode: ingress protocol: udp published: "6110" target: 5110 - mode: ingress protocol: udp published: "6111" target: 5111 - mode: ingress protocol: udp published: "6112" target: 5112 - mode: ingress protocol: udp published: "6113" target: 5113 - mode: ingress protocol: udp published: "6114" target: 5114 - mode: ingress protocol: udp published: "6115" target: 5115 - mode: ingress protocol: udp published: "6116" target: 5116 - mode: ingress protocol: udp published: "6117" target: 5117 - mode: ingress protocol: udp published: "6118" target: 5118 - mode: ingress protocol: udp published: "6119" target: 5119 - mode: ingress protocol: udp published: "6120" target: 5120 - mode: ingress protocol: udp published: "6121" target: 5121 - mode: ingress protocol: udp published: "6122" target: 5122 - mode: ingress protocol: udp published: "6123" target: 5123 - mode: ingress protocol: udp published: "6124" target: 5124 - mode: ingress protocol: udp published: "6125" target: 5125 - mode: ingress protocol: udp published: "6126" target: 5126 - mode: ingress protocol: udp published: "6127" target: 5127 - mode: ingress protocol: udp published: "6128" target: 5128 - mode: ingress protocol: udp published: "6129" target: 5129 - mode: ingress protocol: udp published: "6130" target: 5130 - mode: ingress protocol: udp published: "6131" target: 5131 - mode: ingress protocol: udp published: "6132" target: 5132 - mode: ingress protocol: udp published: "6133" target: 5133 - mode: ingress protocol: udp published: "6134" target: 5134 - mode: ingress protocol: udp published: "6135" target: 5135 - mode: ingress protocol: udp published: "6136" target: 5136 - mode: ingress protocol: udp published: "6137" target: 5137 - mode: ingress protocol: udp published: "6138" target: 5138 - mode: ingress protocol: udp published: "6139" target: 5139 - mode: ingress protocol: udp published: "6140" target: 5140 - mode: ingress protocol: udp published: "6141" target: 5141 - mode: ingress protocol: udp published: "6142" target: 5142 - mode: ingress protocol: udp published: "6143" target: 5143 - mode: ingress protocol: udp published: "6144" target: 5144 - mode: ingress protocol: udp published: "6145" target: 5145 - mode: ingress protocol: udp published: "6146" target: 5146 - mode: ingress protocol: udp published: "6147" target: 5147 - mode: ingress protocol: udp published: "6148" target: 5148 - mode: ingress protocol: udp published: "6149" target: 5149 - mode: ingress protocol: udp published: "6150" target: 5150 - mode: ingress protocol: tcp published: "6000" target: 5000 - mode: ingress protocol: tcp published: "6001" target: 5001 - mode: ingress protocol: tcp published: "6002" target: 5002 - mode: ingress protocol: tcp published: "6003" target: 5003 - mode: ingress protocol: tcp published: "6004" target: 5004 - mode: ingress protocol: tcp published: "6005" target: 5005 - mode: ingress protocol: tcp published: "6006" target: 5006 - mode: ingress protocol: tcp published: "6007" target: 5007 - mode: ingress protocol: tcp published: "6008" target: 5008 - mode: ingress protocol: tcp published: "6009" target: 5009 - mode: ingress protocol: tcp published: "6010" target: 5010 - mode: ingress protocol: tcp published: "6011" target: 5011 - mode: ingress protocol: tcp published: "6012" target: 5012 - mode: ingress protocol: tcp published: "6013" target: 5013 - mode: ingress protocol: tcp published: "6014" target: 5014 - mode: ingress protocol: tcp published: "6015" target: 5015 - mode: ingress protocol: tcp published: "6016" target: 5016 - mode: ingress protocol: tcp published: "6017" target: 5017 - mode: ingress protocol: tcp published: "6018" target: 5018 - mode: ingress protocol: tcp published: "6019" target: 5019 - mode: ingress protocol: tcp published: "6020" target: 5020 - mode: ingress protocol: tcp published: "6021" target: 5021 - mode: ingress protocol: tcp published: "6022" target: 5022 - mode: ingress protocol: tcp published: "6023" target: 5023 - mode: ingress protocol: tcp published: "6024" target: 5024 - mode: ingress protocol: tcp published: "6025" target: 5025 - mode: ingress protocol: tcp published: "6026" target: 5026 - mode: ingress protocol: tcp published: "6027" target: 5027 - mode: ingress protocol: tcp published: "6028" target: 5028 - mode: ingress protocol: tcp published: "6029" target: 5029 - mode: ingress protocol: tcp published: "6030" target: 5030 - mode: ingress protocol: tcp published: "6031" target: 5031 - mode: ingress protocol: tcp published: "6032" target: 5032 - mode: ingress protocol: tcp published: "6033" target: 5033 - mode: ingress protocol: tcp published: "6034" target: 5034 - mode: ingress protocol: tcp published: "6035" target: 5035 - mode: ingress protocol: tcp published: "6036" target: 5036 - mode: ingress protocol: tcp published: "6037" target: 5037 - mode: ingress protocol: tcp published: "6038" target: 5038 - mode: ingress protocol: tcp published: "6039" target: 5039 - mode: ingress protocol: tcp published: "6040" target: 5040 - mode: ingress protocol: tcp published: "6041" target: 5041 - mode: ingress protocol: tcp published: "6042" target: 5042 - mode: ingress protocol: tcp published: "6043" target: 5043 - mode: ingress protocol: tcp published: "6044" target: 5044 - mode: ingress protocol: tcp published: "6045" target: 5045 - mode: ingress protocol: tcp published: "6046" target: 5046 - mode: ingress protocol: tcp published: "6047" target: 5047 - mode: ingress protocol: tcp published: "6048" target: 5048 - mode: ingress protocol: tcp published: "6049" target: 5049 - mode: ingress protocol: tcp published: "6050" target: 5050 - mode: ingress protocol: tcp published: "6051" target: 5051 - mode: ingress protocol: tcp published: "6052" target: 5052 - mode: ingress protocol: tcp published: "6053" target: 5053 - mode: ingress protocol: tcp published: "6054" target: 5054 - mode: ingress protocol: tcp published: "6055" target: 5055 - mode: ingress protocol: tcp published: "6056" target: 5056 - mode: ingress protocol: tcp published: "6057" target: 5057 - mode: ingress protocol: tcp published: "6058" target: 5058 - mode: ingress protocol: tcp published: "6059" target: 5059 - mode: ingress protocol: tcp published: "6060" target: 5060 - mode: ingress protocol: tcp published: "6061" target: 5061 - mode: ingress protocol: tcp published: "6062" target: 5062 - mode: ingress protocol: tcp published: "6063" target: 5063 - mode: ingress protocol: tcp published: "6064" target: 5064 - mode: ingress protocol: tcp published: "6065" target: 5065 - mode: ingress protocol: tcp published: "6066" target: 5066 - mode: ingress protocol: tcp published: "6067" target: 5067 - mode: ingress protocol: tcp published: "6068" target: 5068 - mode: ingress protocol: tcp published: "6069" target: 5069 - mode: ingress protocol: tcp published: "6070" target: 5070 - mode: ingress protocol: tcp published: "6071" target: 5071 - mode: ingress protocol: tcp published: "6072" target: 5072 - mode: ingress protocol: tcp published: "6073" target: 5073 - mode: ingress protocol: tcp published: "6074" target: 5074 - mode: ingress protocol: tcp published: "6075" target: 5075 - mode: ingress protocol: tcp published: "6076" target: 5076 - mode: ingress protocol: tcp published: "6077" target: 5077 - mode: ingress protocol: tcp published: "6078" target: 5078 - mode: ingress protocol: tcp published: "6079" target: 5079 - mode: ingress protocol: tcp published: "6080" target: 5080 - mode: ingress protocol: tcp published: "6081" target: 5081 - mode: ingress protocol: tcp published: "6082" target: 5082 - mode: ingress protocol: tcp published: "6083" target: 5083 - mode: ingress protocol: tcp published: "6084" target: 5084 - mode: ingress protocol: tcp published: "6085" target: 5085 - mode: ingress protocol: tcp published: "6086" target: 5086 - mode: ingress protocol: tcp published: "6087" target: 5087 - mode: ingress protocol: tcp published: "6088" target: 5088 - mode: ingress protocol: tcp published: "6089" target: 5089 - mode: ingress protocol: tcp published: "6090" target: 5090 - mode: ingress protocol: tcp published: "6091" target: 5091 - mode: ingress protocol: tcp published: "6092" target: 5092 - mode: ingress protocol: tcp published: "6093" target: 5093 - mode: ingress protocol: tcp published: "6094" target: 5094 - mode: ingress protocol: tcp published: "6095" target: 5095 - mode: ingress protocol: tcp published: "6096" target: 5096 - mode: ingress protocol: tcp published: "6097" target: 5097 - mode: ingress protocol: tcp published: "6098" target: 5098 - mode: ingress protocol: tcp published: "6099" target: 5099 - mode: ingress protocol: tcp published: "6100" target: 5100 - mode: ingress protocol: tcp published: "6101" target: 5101 - mode: ingress protocol: tcp published: "6102" target: 5102 - mode: ingress protocol: tcp published: "6103" target: 5103 - mode: ingress protocol: tcp published: "6104" target: 5104 - mode: ingress protocol: tcp published: "6105" target: 5105 - mode: ingress protocol: tcp published: "6106" target: 5106 - mode: ingress protocol: tcp published: "6107" target: 5107 - mode: ingress protocol: tcp published: "6108" target: 5108 - mode: ingress protocol: tcp published: "6109" target: 5109 - mode: ingress protocol: tcp published: "6110" target: 5110 - mode: ingress protocol: tcp published: "6111" target: 5111 - mode: ingress protocol: tcp published: "6112" target: 5112 - mode: ingress protocol: tcp published: "6113" target: 5113 - mode: ingress protocol: tcp published: "6114" target: 5114 - mode: ingress protocol: tcp published: "6115" target: 5115 - mode: ingress protocol: tcp published: "6116" target: 5116 - mode: ingress protocol: tcp published: "6117" target: 5117 - mode: ingress protocol: tcp published: "6118" target: 5118 - mode: ingress protocol: tcp published: "6119" target: 5119 - mode: ingress protocol: tcp published: "6120" target: 5120 - mode: ingress protocol: tcp published: "6121" target: 5121 - mode: ingress protocol: tcp published: "6122" target: 5122 - mode: ingress protocol: tcp published: "6123" target: 5123 - mode: ingress protocol: tcp published: "6124" target: 5124 - mode: ingress protocol: tcp published: "6125" target: 5125 - mode: ingress protocol: tcp published: "6126" target: 5126 - mode: ingress protocol: tcp published: "6127" target: 5127 - mode: ingress protocol: tcp published: "6128" target: 5128 - mode: ingress protocol: tcp published: "6129" target: 5129 - mode: ingress protocol: tcp published: "6130" target: 5130 - mode: ingress protocol: tcp published: "6131" target: 5131 - mode: ingress protocol: tcp published: "6132" target: 5132 - mode: ingress protocol: tcp published: "6133" target: 5133 - mode: ingress protocol: tcp published: "6134" target: 5134 - mode: ingress protocol: tcp published: "6135" target: 5135 - mode: ingress protocol: tcp published: "6136" target: 5136 - mode: ingress protocol: tcp published: "6137" target: 5137 - mode: ingress protocol: tcp published: "6138" target: 5138 - mode: ingress protocol: tcp published: "6139" target: 5139 - mode: ingress protocol: tcp published: "6140" target: 5140 - mode: ingress protocol: tcp published: "6141" target: 5141 - mode: ingress protocol: tcp published: "6142" target: 5142 - mode: ingress protocol: tcp published: "6143" target: 5143 - mode: ingress protocol: tcp published: "6144" target: 5144 - mode: ingress protocol: tcp published: "6145" target: 5145 - mode: ingress protocol: tcp published: "6146" target: 5146 - mode: ingress protocol: tcp published: "6147" target: 5147 - mode: ingress protocol: tcp published: "6148" target: 5148 - mode: ingress protocol: tcp published: "6149" target: 5149 - mode: ingress protocol: tcp published: "6150" target: 5150 - mode: ingress protocol: tcp published: "8082" target: 8082 restart: unless-stopped volumes: - read_only: true source: ${DOCKER_VOLUME_CONFIG}/traccar/traccar.xml target: /opt/traccar/conf/traccar.xml type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/traccar/logs target: /opt/traccar/logs type: bind bind: create_host_path: true traccar-pg: container_name: traccar-pg environment: POSTGRES_PASSWORD: ${TRACCAR_POSTGRES_PASSWORD} POSTGRES_USER: ${TRACCAR_POSTGRES_USER} POSTGRES_DB: ${TRACCAR_POSTGRES_DATABASE} expose: - 5432 image: postgres:16-alpine networks: default: null restart: unless-stopped volumes: - traccar-pg:/var/lib/postgresql/data unmanic: container_name: unmanic environment: DOCKER_MODS: linuxserver/mods:universal-docker|linuxserver/mods:universal-stdout-logs PUID: ${PUID} PGID: ${PGID} LOGS_TO_STDOUT: /config/.unmanic/logs/unmanic.log image: josh5/unmanic:latest labels: homepage.group: Media Library homepage.name: Unmanic homepage.href: https://unmanic.${MY_TLD} homepage.icon: unmanic.png homepage.description: Library Optimizer homepage.widget.type: unmanic homepage.widget.url: http://unmanic:8888 swag: enable swag_port: 8888 swag_url: unmanic.${MY_TLD} swag_proto: http swag.uptime-kuma.enabled: true networks: default: null ports: - mode: ingress protocol: tcp published: "8911" target: 8888 restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/unmanic target: /config type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_STORAGE} target: /library type: bind bind: create_host_path: true - source: unmanic-cache target: /tmp/unmanic type: volume volume: {} uptimekuma: container_name: uptimekuma environment: PGID: 1000 PUID: 1000 TZ: America/New_York UPTIME_KUMA_USERNAME: ${UPTIME_KUMA_USERNAME} UPTIME_KUMA_PASSWORD: ${UPTIME_KUMA_PASSWORD} DOCKER_HOST: http://dockerproxy:2375 DOCKER_MODS: ghcr.io/themepark-dev/theme.park:uptime-kuma hostname: Rinoa image: louislam/uptime-kuma:latest labels: homepage.group: Infrastructure/App Performance Monitoring homepage.name: Uptime Kuma homepage.href: https://uptime.${MY_TLD} homepage.icon: uptime-kuma.png homepage.description: HTTP Endpoint Monitoring swag: enable swag_proto: http swag_url: uptime.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "3003" target: 3001 restart: unless-stopped volumes: - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/uptimekuma target: /app/data type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind vault: cap_add: - IPC_LOCK command: - server container_name: hc-vault environment: AWS_ACCESS_KEY_ID: ${VAULT_HASHICORP_AWS_ACCESS_KEY_ID} AWS_SECRET_ACCESS_KEY: ${VAULT_HASHICORP_AWS_SECRET_ACCESS_KEY} image: hashicorp/vault:latest labels: homepage.group: Code/DevOps homepage.name: Vault homepage.icon: vault.png homepage.href: https://vault.${MY_TLD} homepage.description: Hashicorp Vault for secrets, key/value stores, etc. swag: enable swag_proto: http swag_port: 8200 swag_url: vault.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://vault.${MY_TLD} ports: - 8200:8200 - 8250:8250 restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/config/:/vault/config - ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/logs/:/vault/logs wallabag: container_name: wallabag depends_on: mariadb: condition: service_started required: true restart: true redis: condition: service_started required: true environment: SYMFONY__ENV__DATABASE_DRIVER: pdo_mysql SYMFONY__ENV__DATABASE_HOST: mariadb SYMFONY__ENV__DATABASE_PORT: 3306 SYMFONY__ENV__DATABASE_NAME: ${WALLABAG_DB} SYMFONY__ENV__DATABASE_USER: ${WALLABAG_DB} SYMFONY__ENV__DATABASE_PASSWORD: ${WALLABAG_DB_PASSWORD} SYMFONY__ENV__DATABASE_CHARSET: utf8 SYMFONY__ENV__DATABASE_TABLE_PREFIX: "wallabag_" SYMFONY__ENV__MAILER_DSN: smtp://postal-smtp SYMFONY__ENV__FROM_EMAIL: noreply@trez.wtf SYMFONY__ENV__DOMAIN_NAME: https://wallabag.${MY_TLD} SYMFONY__ENV__SERVER_NAME: "Wallabag @ Rinoa" SYMFONY__ENV__REDIS_HOST: redis SYMFONY__ENV__REDIS_PORT: 6379 healthcheck: interval: 1m test: - CMD - wget - --no-verbose - --tries=1 - --spider - http://localhost timeout: 3s image: wallabag/wallabag labels: swag: enable swag_address: wallabag swag_proto: http swag.uptime-kuma.enabled: true homepage.group: Lifestyle homepage.name: Wallabag homepage.href: https://wallabag.${MY_TLD} homepage.icon: wallabag.png homepage.description: Knowledge Store networks: default: null ports: - mode: ingress protocol: tcp target: 80 restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/wallabag/images target: /var/www/wallabag/web/assets/images type: bind bind: create_host_path: true wallos: container_name: wallos environment: TZ: ${TZ} image: bellamy/wallos:latest labels: homepage.group: Lifestyle homepage.name: wallos homepage.href: https://subs.${MY_TLD} homepage.icon: wallos.png homepage.description: Subscription Tracking swag: enable swag_proto: http swag_url: subs.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://trac.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "8283" target: 80 restart: unless-stopped volumes: - wallos-db:/var/www/html/db - wallos-logos:/var/www/html/images/uploads/logos watchtower: container_name: watchtower environment: REPO_PASS: REPO_USER: TZ: America/New_York WATCHTOWER_CLEANUP: true WATCHTOWER_INCLUDE_STOPPED: false WATCHTOWER_MONITOR_ONLY: false WATCHTOWER_NOTIFICATIONS: gotify WATCHTOWER_NOTIFICATIONS_LEVEL: info WATCHTOWER_NOTIFICATION_TEMPLATE: '{{range .}}{{.Message}}{{println}}{{end}}' WATCHTOWER_NOTIFICATION_URL: WATCHTOWER_SCHEDULE: 0 0 4 * * * WATCHTOWER_TIMEOUT: 30s WATCHTOWER_HTTP_API_METRICS: true WATCHTOWER_HTTP_API_TOKEN: ${WATCHTOWER_HTTP_API_TOKEN} WATCHTOWER_NOTIFICATION_GOTIFY_URL: ${WATCHTOWER_NOTIFICATION_GOTIFY_URL} WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN: ${WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN} WATCHTOWER_NOTIFICATION_GOTIFY_TLS_SKIP_VERIFY: true expose: - 8080 hostname: Rinoa image: ghcr.io/containrrr/watchtower:latest labels: homepage.group: Automation homepage.name: Watchtower homepage.icon: watchtower.svg homepage.description: Container-based solution for automating Docker container base image updates homepage.widget.type: watchtower homepage.widget.url: http://watchtower:8080 homepage.widget.key: ${WATCHTOWER_HTTP_API_TOKEN} networks: default: null restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind - bind: create_host_path: true source: /var/run/docker.sock target: /var/run/docker.sock type: bind wazuh.agent: container_name: wazuh.agent environment: JOIN_MANAGER_PROTOCOL: https JOIN_MANAGER_MASTER_HOST: wazuh.manager JOIN_MANAGER_WORKER_HOST: wazuh.manager JOIN_MANAGER_USER: wazuh-wui JOIN_MANAGER_PASSWORD: ${WAZUH_API_PASSWORD} JOIN_MANAGER_API_PORT: 55000 JOIN_MANAGER_PORT: 1514 VIRUS_TOTAL_KEY: ${VIRUS_TOTAL_API_KEY} DOCKER_HOST: tcp://dockerproxy:2375 hostname: wazuh.agent image: opennix/wazuh-agent:latest networks: default: null restart: unless-stopped wazuh.dashboard: container_name: wazuh.dashboard depends_on: wazuh.indexer: condition: service_started required: true wazuh.manager: condition: service_started required: true restart: true environment: INDEXER_USERNAME: admin INDEXER_PASSWORD: ${WAZUH_INDEXER_PASSWORD} WAZUH_API_URL: https://wazuh.manager DASHBOARD_USERNAME: kibanaserver DASHBOARD_PASSWORD: ${WAZUH_KIBANA_PASSWORD} API_USERNAME: wazuh-wui API_PASSWORD: ${WAZUH_API_PASSWORD} hostname: wazuh.dashboard image: wazuh/wazuh-dashboard:${WAZUH_VERSION} labels: swag: enable swag_proto: https swag_port: 5601 swag_url: wsec.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://wsec.${MY_TLD} homepage.group: Privacy/Security homepage.name: Wazuh homepage.href: https://wsec.${MY_TLD} homepage.icon: wazuh-opaque.png homepage.description: OSS Security Platform for XDR/SIEM links: - wazuh.indexer:wazuh.indexer - wazuh.manager:wazuh.manager networks: default: null ports: - mode: ingress protocol: tcp published: "5601" target: 5601 restart: always volumes: - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/certs/wazuh.dashboard.pem target: /usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/certs/wazuh.dashboard-key.pem target: /usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/certs/root-ca.pem target: /usr/share/wazuh-dashboard/certs/root-ca.pem type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/config/opensearch_dashboards.yml target: /usr/share/wazuh-dashboard/config/opensearch_dashboards.yml type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/wazuh/dashboard/config/wazuh.yml target: /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml type: bind bind: create_host_path: true - source: wazuh-dashboard-config target: /usr/share/wazuh-dashboard/data/wazuh/config type: volume volume: {} - source: wazuh-dashboard-custom target: /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom type: volume volume: {} wazuh.indexer: container_name: wazuh.indexer environment: - OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m hostname: wazuh.indexer image: wazuh/wazuh-indexer:${WAZUH_VERSION} networks: default: null ports: - mode: ingress protocol: tcp published: "9200" target: 9200 restart: always ulimits: memlock: hard: -1 soft: -1 nofile: hard: 65536 soft: 65536 volumes: - source: wazuh-indexer-data target: /var/lib/wazuh-indexer type: volume volume: {} - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/certs/root-ca.pem target: /usr/share/wazuh-indexer/certs/root-ca.pem type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/certs/wazuh.indexer-key.pem target: /usr/share/wazuh-indexer/certs/wazuh.indexer.key type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/certs/wazuh.indexer.pem target: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/certs/admin.pem target: /usr/share/wazuh-indexer/certs/admin.pem type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/certs/admin-key.pem target: /usr/share/wazuh-indexer/certs/admin-key.pem type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/config/wazuh.indexer.yml target: /usr/share/wazuh-indexer/opensearch.yml type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/wazuh/indexer/config/internal_users.yml target: /usr/share/wazuh-indexer/opensearch-security/internal_users.yml type: bind bind: create_host_path: true wazuh.manager: container_name: wazuh.manager environment: INDEXER_URL: https://wazuh.indexer:9200 INDEXER_USERNAME: admin INDEXER_PASSWORD: ${WAZUH_INDEXER_PASSWORD} FILEBEAT_SSL_VERIFICATION_MODE: full SSL_CERTIFICATE_AUTHORITIES: /etc/ssl/root-ca.pem SSL_CERTIFICATE: /etc/ssl/filebeat.pem SSL_KEY: /etc/ssl/filebeat.key API_USERNAME: wazuh-wui API_PASSWORD: ${WAZUH_API_PASSWORD} hostname: wazuh.manager image: wazuh/wazuh-manager:${WAZUH_VERSION} networks: default: null ports: - mode: ingress protocol: tcp published: "1514" target: 1514 - mode: ingress protocol: tcp published: "1515" target: 1515 - mode: ingress protocol: udp published: "514" target: 514 - mode: ingress protocol: tcp published: "55000" target: 55000 restart: always ulimits: memlock: hard: -1 soft: -1 nofile: hard: 655360 soft: 655360 volumes: - source: wazuh_api_configuration target: /var/ossec/api/configuration type: volume volume: {} - source: wazuh_etc target: /var/ossec/etc type: volume volume: {} - source: wazuh_logs target: /var/ossec/logs type: volume volume: {} - source: wazuh_queue target: /var/ossec/queue type: volume volume: {} - source: wazuh_var_multigroups target: /var/ossec/var/multigroups type: volume volume: {} - source: wazuh_integrations target: /var/ossec/integrations type: volume volume: {} - source: wazuh_active_response target: /var/ossec/active-response/bin type: volume volume: {} - source: wazuh_agentless target: /var/ossec/agentless type: volume volume: {} - source: wazuh_wodles target: /var/ossec/wodles type: volume volume: {} - source: filebeat_etc target: /etc/filebeat type: volume volume: {} - source: filebeat_var target: /var/lib/filebeat type: volume volume: {} - source: ${DOCKER_VOLUME_CONFIG}/wazuh/manager/certs/root-ca.pem target: /etc/ssl/root-ca.pem type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/wazuh/manager/certs/wazuh.manager.pem target: /etc/ssl/filebeat.pem type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/wazuh/manager/certs/wazuh.manager-key.pem target: /etc/ssl/filebeat.key type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/wazuh/manager/config/wazuh_manager.conf target: /wazuh-config-mount/etc/ossec.conf type: bind bind: create_host_path: true web-check: container_name: web-check image: lissy93/web-check labels: homepage.group: Privacy/Security homepage.name: Web-Check homepage.icon: web-check.png homepage.href: https://scan.${MY_TLD} homepage.description: Site scanner for attack vectors, architecture, security configs, and more swag: enable swag_proto: http swag_url: scan.${MY_TLD} swag_port: 3000 swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://scan.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "3010" target: 3000 restart: unless-stopped whodb: container_name: whodb environment: WHODB_MONGODB_1: null WHODB_MYSQL_1: null image: clidey/whodb labels: homepage.group: System Administration homepage.name: WhoDB homepage.href: https://dbs.${MY_TLD} homepage.icon: /icons/whodb.png homepage.description: Web-based DB management swag: enable swag_proto: http swag_port: 8080 swag_url: dbs.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://dbs.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "8900" target: 8080 restart: unless-stopped yacht: container_name: yacht depends_on: docker-socket-proxy: condition: service_started required: true environment: DOCKER_HOST: tcp://dockerproxy:2375 image: selfhostedpro/yacht labels: homepage.group: System Administration homepage.name: Yacht homepage.href: https://yacht.${MY_TLD} homepage.icon: yacht.svg homepage.description: Web interface for managing docker containers swag: enable swag_proto: http swag_port: 8000 swag_url: yacht.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://yacht.${MY_TLD} ports: - 19733:8000 restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/yacht:/config your_spotify: container_name: your_spotify environment: PUID: 1000 PGID: 1000 TZ: ${TZ} APP_URL: https://myspotify.${MY_TLD} SPOTIFY_PUBLIC: ${YOUR_SPOTIFY_ID} SPOTIFY_SECRET: ${YOUR_SPOTIFY_SECRET} CORS: all MONGO_ENDPOINT: mongodb://host.docker.internal:27017,host.docker.internal:27018,host.docker.internal:27019/your_spotify LOG_LEVEL: debug expose: - 8080 extra_hosts: - host.docker.internal:host-gateway image: lscr.io/linuxserver/your_spotify:latest labels: homepage.group: Media Library homepage.name: Your Spotify homepage.icon: your-spotify.svg homepage.href: https://myspotify.${MY_TLD} homepage.description: Personal Spotify Tracking swag: enable swag_proto: https swag_url: myspotify.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://myspotify.${MY_TLD} networks: default: null ports: - ${YOUR_SPOTIFY_PORT_80}:80 - ${YOUR_SPOTIFY_PORT_443}:443 restart: always youtubedl: container_name: youtubedl environment: PGID: "1000" PUID: "1000" TZ: America/New_York YDL_CONFIG_PATH: /youtube-dl/config.yml YDL_DEBUG: "false" hostname: Rinoa image: nbr23/youtube-dl-server:latest labels: homepage.group: Downloaders homepage.name: YoutubeDL homepage.icon: youtubedl.png homepage.href: https://ytdl.${MY_TLD} homepage.description: YouTube Downloader swag: enable swag_proto: http swag_url: ytdl.${MY_TLD} swag_port: 8080 swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://ytdl.${MY_TLD} networks: default: null ports: - mode: ingress protocol: tcp published: "8089" target: 8080 restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/youtubedl target: /youtube-dl type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind zammad-backup: command: - zammad-backup container_name: zammad-backup depends_on: zammad-postgresql: condition: service_started required: true zammad-railsserver: condition: service_started required: true entrypoint: /usr/local/bin/backup.sh environment: AUTOWIZARD_JSON: null AUTOWIZARD_RELATIVE_PATH: null BACKUP_TIME: "03:00" ELASTICSEARCH_ENABLED: true ELASTICSEARCH_HOST: zammad-elasticsearch ELASTICSEARCH_NAMESPACE: trez_it ELASTICSEARCH_PORT: 9200 ELASTICSEARCH_REINDEX: true ELASTICSEARCH_SCHEMA: http ELASTICSEARCH_SSL_VERIFY: false HOLD_DAYS: "10" MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} POSTGRESQL_DB_CREATE: true POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} RAILS_LOG_TO_STDOUT: true RAILS_TRUSTED_PROXIES: 172.18.0.0/16 REDIS_URL: ${ZAMMAD_REDIS_URL} S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true TZ: Europe/Berlin ZAMMAD_BIND_IP: 0.0.0.0 ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null ZAMMAD_PROCESS_SCHEDULED: null ZAMMAD_SESSION_JOBS: null ZAMMAD_WEB_CONCURRENCY: null image: postgres:${ZAMMAD_POSTGRES_VERSION} networks: default: null restart: ${ZAMMAD_RESTART} volumes: - source: zammad-backup target: /var/tmp/zammad type: volume volume: {} - read_only: true source: zammad-storage target: /opt/zammad/storage type: volume volume: {} - read_only: true source: ${DOCKER_VOLUME_CONFIG}/zammad/scripts/backup.sh target: /usr/local/bin/backup.sh type: bind volume: {} zammad-elasticsearch: container_name: zammad-elasticsearch expose: - 9200 image: bitnami/elasticsearch:${ZAMMAD_ELASTICSEARCH_VERSION} networks: default: null restart: ${ZAMMAD_RESTART} volumes: - source: zammad-es-data target: /bitnami/elasticsearch/data type: volume volume: {} zammad-init: command: - zammad-init container_name: zammad-init depends_on: zammad-postgresql: condition: service_started required: true environment: AUTOWIZARD_JSON: null AUTOWIZARD_RELATIVE_PATH: null ELASTICSEARCH_ENABLED: true ELASTICSEARCH_HOST: zammad-elasticsearch ELASTICSEARCH_NAMESPACE: trez_it ELASTICSEARCH_PORT: 9200 ELASTICSEARCH_REINDEX: true ELASTICSEARCH_SCHEMA: http ELASTICSEARCH_SSL_VERIFY: false MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} POSTGRESQL_DB_CREATE: true POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} RAILS_LOG_TO_STDOUT: true RAILS_TRUSTED_PROXIES: 172.18.0.0/16 REDIS_URL: ${ZAMMAD_REDIS_URL} S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true ZAMMAD_BIND_IP: 0.0.0.0 ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null ZAMMAD_PROCESS_SCHEDULED: null ZAMMAD_SESSION_JOBS: null ZAMMAD_WEB_CONCURRENCY: null hostname: init image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} networks: default: null restart: on-failure user: "0:0" volumes: - zammad-storage:/opt/zammad/storage zammad-memcached: command: memcached -m 256M container_name: zammad-memcached image: memcached:${ZAMMAD_MEMCACHE_VERSION} networks: default: null restart: ${ZAMMAD_RESTART} zammad-nginx: command: - zammad-nginx container_name: zammad-nginx depends_on: zammad-railsserver: condition: service_started required: true environment: AUTOWIZARD_JSON: null AUTOWIZARD_RELATIVE_PATH: null ELASTICSEARCH_ENABLED: true ELASTICSEARCH_HOST: zammad-elasticsearch ELASTICSEARCH_NAMESPACE: trez_it ELASTICSEARCH_PORT: 9200 ELASTICSEARCH_REINDEX: true ELASTICSEARCH_SCHEMA: http ELASTICSEARCH_SSL_VERIFY: false MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} POSTGRESQL_DB_CREATE: true POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} RAILS_LOG_TO_STDOUT: true RAILS_TRUSTED_PROXIES: 172.18.0.0/16 REDIS_URL: ${ZAMMAD_REDIS_URL} S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true ZAMMAD_BIND_IP: 0.0.0.0 ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null ZAMMAD_PROCESS_SCHEDULED: null ZAMMAD_SESSION_JOBS: null ZAMMAD_WEB_CONCURRENCY: null expose: - "8080" image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} labels: swag: enable swag_proto: http swag_port: 8080 swag_url: support.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.url: https://support.${MY_TLD} homepage.group: Professional Services homepage.name: Zammad homepage.href: https://support.${MY_TLD} homepage.icon: zammad.svg homepage.description: Open-source helpdesk/customer support system networks: default: null restart: ${ZAMMAD_RESTART} volumes: - zammad-storage:/opt/zammad/storage zammad-postgresql: container_name: zammad-postgresql environment: POSTGRES_DB: ${ZAMMAD_POSTGRES_DB} POSTGRES_PASSWORD: ${ZAMMAD_POSTGRES_PASS} POSTGRES_USER: ${ZAMMAD_POSTGRES_USER} hostname: postgresql image: postgres:${ZAMMAD_POSTGRES_VERSION} networks: default: null restart: ${ZAMMAD_RESTART} volumes: - source: zammad-pg-data target: /var/lib/postgresql/data type: volume volume: {} zammad-railsserver: command: - zammad-railsserver container_name: zammad-railserver depends_on: zammad-memcached: condition: service_started required: true zammad-postgresql: condition: service_started required: true zammad-redis: condition: service_started required: true environment: AUTOWIZARD_JSON: null AUTOWIZARD_RELATIVE_PATH: null ELASTICSEARCH_ENABLED: true ELASTICSEARCH_HOST: zammad-elasticsearch ELASTICSEARCH_NAMESPACE: trez_it ELASTICSEARCH_PORT: 9200 ELASTICSEARCH_REINDEX: true ELASTICSEARCH_SCHEMA: http ELASTICSEARCH_SSL_VERIFY: false MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} POSTGRESQL_DB_CREATE: true POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} RAILS_LOG_TO_STDOUT: true RAILS_TRUSTED_PROXIES: 172.18.0.0/16 REDIS_URL: ${ZAMMAD_REDIS_URL} S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true ZAMMAD_BIND_IP: 0.0.0.0 ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null ZAMMAD_PROCESS_SCHEDULED: null ZAMMAD_SESSION_JOBS: null ZAMMAD_WEB_CONCURRENCY: null image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} networks: default: null restart: ${ZAMMAD_RESTART} volumes: - source: zammad-storage target: /opt/zammad/storage type: volume volume: {} zammad-redis: container_name: zammad-redis image: redis:${ZAMMAD_REDIS_VERSION} networks: default: null restart: ${ZAMMAD_RESTART} volumes: - source: zammad-redis-data target: /data type: volume volume: {} zammad-scheduler: command: - zammad-scheduler container_name: zammad-scheduler depends_on: zammad-memcached: condition: service_started required: true zammad-postgresql: condition: service_started required: true zammad-redis: condition: service_started required: true environment: AUTOWIZARD_JSON: null AUTOWIZARD_RELATIVE_PATH: null ELASTICSEARCH_ENABLED: true ELASTICSEARCH_HOST: zammad-elasticsearch ELASTICSEARCH_NAMESPACE: trez_it ELASTICSEARCH_PORT: 9200 ELASTICSEARCH_REINDEX: true ELASTICSEARCH_SCHEMA: http ELASTICSEARCH_SSL_VERIFY: false MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} POSTGRESQL_DB_CREATE: true POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} RAILS_LOG_TO_STDOUT: true RAILS_TRUSTED_PROXIES: 172.18.0.0/16 REDIS_URL: ${ZAMMAD_REDIS_URL} S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true ZAMMAD_BIND_IP: 0.0.0.0 ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null ZAMMAD_PROCESS_SCHEDULED: null ZAMMAD_SESSION_JOBS: null ZAMMAD_WEB_CONCURRENCY: null image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} networks: default: null restart: ${ZAMMAD_RESTART} volumes: - source: zammad-storage target: /opt/zammad/storage type: volume volume: {} zammad-websocket: command: - zammad-websocket container_name: zammad-websocket depends_on: zammad-memcached: condition: service_started required: true zammad-postgresql: condition: service_started required: true zammad-redis: condition: service_started required: true environment: AUTOWIZARD_JSON: null AUTOWIZARD_RELATIVE_PATH: null ELASTICSEARCH_ENABLED: true ELASTICSEARCH_HOST: zammad-elasticsearch ELASTICSEARCH_NAMESPACE: trez_it ELASTICSEARCH_PORT: 9200 ELASTICSEARCH_REINDEX: true ELASTICSEARCH_SCHEMA: http ELASTICSEARCH_SSL_VERIFY: false MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} POSTGRESQL_DB_CREATE: true POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} RAILS_LOG_TO_STDOUT: true RAILS_TRUSTED_PROXIES: 172.18.0.0/16 REDIS_URL: ${ZAMMAD_REDIS_URL} S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true ZAMMAD_BIND_IP: 0.0.0.0 ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null ZAMMAD_PROCESS_SCHEDULED: null ZAMMAD_SESSION_JOBS: null ZAMMAD_WEB_CONCURRENCY: null image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} networks: default: null restart: ${ZAMMAD_RESTART} volumes: - source: zammad-storage target: /opt/zammad/storage type: volume volume: {} zitadel: container_name: zitadel image: ghcr.io/zitadel/zitadel:latest command: 'start-from-init --masterkeyFromEnv --config /config.yaml --config /secrets.yaml --config /init-steps.yaml --tlsMode external' depends_on: zitadel-pg-db: condition: 'service_started' environment: ZITADEL_MASTERKEY: ${ZITADEL_MASTER_KEY} expose: - 8080 labels: swag: enable swag_proto: http swag_port: 8080 swag_url: id.${MY_TLD} swag_server_custom_directive: http2 on; homepage.group: System Administration homepage.name: Zitadel homepage.href: https://id.${MY_TLD} homepage.icon: zitadel.svg homepage.description: Centralized authentication management volumes: - ${DOCKER_VOLUME_CONFIG}/zitadel/config.yaml:/config.yaml - ${DOCKER_VOLUME_CONFIG}/zitadel/init-steps.yaml:/init-steps.yaml - ${DOCKER_VOLUME_CONFIG}/zitadel/secrets.yaml:/secrets.yaml zitadel-pg-db: container_name: zitadel-pg-db environment: POSTGRES_USER: root POSTGRES_PASSWORD: ${ZITADEL_DB_ADMIN_PASSWORD} expose: - 5432 healthcheck: test: ["CMD-SHELL", "pg_isready", "-d", "zitadel", "-U", "root" ] interval: '10s' timeout: '30s' retries: 5 start_period: '20s' image: postgres:16-alpine restart: always volumes: - zitadel-pg-db:/var/lib/postgresql/data volumes: authelia-pg-db: name: authelia-pg-db bitmagnet-pg-db: name: bitmagnet-pg-db bunkerweb-data: name: bunkerweb-data castopod-media: name: castopod-media crowdsec-config: name: crowdsec-config crowdsec-db: name: crowdsec-db dagu_config: name: dagu_config dagu_data: name: dagu_data fastenhealth-cache: name: fastenhealth-cache fastenhealth-db: name: fastenhealth-db filebeat_etc: name: filebeat_etc filebeat_var: name: filebeat_var gitea-pg-db: name: gitea-pg-db grafana-mimir-data: name: grafana-mimir-data grafana-tempo-data: name: grafana-tempo-data hortusfox_app_backup: name: hortusfox_app_backup hortusfox_app_images: name: hortusfox_app_images hortusfox_app_logs: name: hortusfox_app_logs hortusfox_app_migrate: name: hortusfox_app_migrate hortusfox_app_themes: name: hortusfox_app_themes hortusfox_db_data: name: hortusfox_db_data invidious-postgres: name: invidious-postgres invoice_ninja_public: name: invoice_ninja_public jitsi-web-admin-theme: name: jitsi-web-admin-theme jitsi-web-admin-upload: name: jitsi-web-admin-upload joplin_data: name: joplin_data lldap_data: name: lldap_data localai_data: name: localai_data mastodon-pg-db: name: mastodon-pg-db mongodb_config: name: mongo1_config mongodb_data: name: mongo1_data n8n-data: name: n8n-data netbox-pg-db: name: netbox-pg-db ollama: name: ollama paperless-ngx-data: name: paperless-ngx-data paperless-ngx-media: name: paperless-ngx-media paperless-ngx-pg: name: paperless-ngx-pg pgbackweb-data: name: pgbackweb-data plausible-db-data: name: plausible-db-data plausible-event-data: name: plausible-event-data plausible-event-logs: name: plausible-event-logs reactive-resume-pg: name: reactive-resume-pg sonarqube-data: name: sonarqube-data sonarqube-db: name: sonarqube-db sonarqube-db-data: name: sonarqube-db-data sonarqube-extensions: name: sonarqube-extensions sonarqube-logs: name: sonarqube-logs sonarqube-temp: name: sonarqube-temp synapse-db: name: synapse-db tandoor-pg: name: tandoor-pg traccar-pg: name: traccar-pg unmanic-cache: name: unmanic-cache wallos-db: name: wallos-db wallos-logos: name: wallos-logos wazuh-dashboard-config: name: wazuh-dashboard-config wazuh-dashboard-custom: name: wazuh-dashboard-custom wazuh-indexer-data: name: wazuh-indexer-data wazuh_active_response: name: wazuh_active_response wazuh_agentless: name: wazuh_agentless wazuh_api_configuration: name: wazuh_api_configuration wazuh_etc: name: wazuh_etc wazuh_integrations: name: wazuh_integrations wazuh_logs: name: wazuh_logs wazuh_queue: name: wazuh_queue wazuh_var_multigroups: name: wazuh_var_multigroups wazuh_wodles: name: wazuh_wodles zammad-backup: driver: local name: zammad-backup zammad-es-data: driver: local name: zammad-es-data zammad-pg-data: driver: local name: zammad-pg-data zammad-redis-data: driver: local name: zammad-redis-data zammad-storage: driver: local name: zammad-storage zitadel-pg-db: name: zitadel-pg-db x-shared: zammad-service: depends_on: - zammad-memcached - zammad-postgresql - zammad-redis environment: AUTOWIZARD_JSON: null AUTOWIZARD_RELATIVE_PATH: null ELASTICSEARCH_ENABLED: true ELASTICSEARCH_HOST: zammad-elasticsearch ELASTICSEARCH_NAMESPACE: trez_it ELASTICSEARCH_PORT: 9200 ELASTICSEARCH_REINDEX: true ELASTICSEARCH_SCHEMA: http ELASTICSEARCH_SSL_VERIFY: false MEMCACHE_SERVERS: ${ZAMMAD_MEMCACHE_SERVERS} POSTGRESQL_DB: ${ZAMMAD_POSTGRES_DB} POSTGRESQL_DB_CREATE: true POSTGRESQL_HOST: ${ZAMMAD_POSTGRES_HOST} POSTGRESQL_OPTIONS: ${ZAMMAD_POSTGRESQL_OPTIONS} POSTGRESQL_PASS: ${ZAMMAD_POSTGRES_PASS} POSTGRESQL_PORT: ${ZAMMAD_POSTGRES_PORT} POSTGRESQL_USER: ${ZAMMAD_POSTGRES_USER} RAILS_LOG_TO_STDOUT: true RAILS_TRUSTED_PROXIES: 172.18.0.0/16 REDIS_URL: ${ZAMMAD_REDIS_URL} S3_URL: http://${ZAMMAD_S3_ACCESS_KEY}:${ZAMMAD_S3_SECRET_KEY}@minio:9000/zammad?region=us-east-fh-pln&force_path_style=true ZAMMAD_BIND_IP: 0.0.0.0 ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: null ZAMMAD_PROCESS_SCHEDULED: null ZAMMAD_SESSION_JOBS: null ZAMMAD_WEB_CONCURRENCY: null image: ${ZAMMAD_IMAGE_REPO}:${ZAMMAD_VERSION} restart: ${ZAMMAD_RESTART} volumes: - zammad-storage:/opt/zammad/storage