name: compose networks: default: name: compose_default nextcloud-aio: external: true x-jitsi-admin: &jitsi_admin_app image: h2invent/jitsi-admin-main:latest@sha256:e0776533ea02e68771d8b8b857112e8b27197ded73b24efc4881375b1f239689 #build: . environment: APACHE_DOCUMENT_ROOT: "public/" PHP_EXTENSION_XDEBUG: "1" PHP_INI_MEMORY_LIMIT: "1G" PHP_EXTENSION_LDAP: 1 PHP_EXTENSION_INTL: 1 x-maxun: &maxun-env environment: NODE_ENV: production JWT_SECRET: ${MAXUN_JWT_SECRET} DB_NAME: maxun DB_USER: maxun DB_PASSWORD: ${MAXUN_DB_PASSWORD} DB_HOST: maxun-pg-db DB_PORT: 5432 ENCRYPTION_KEY: ${MAXUN_ENCRYPTION_KEY} SESSION_SECRET: ${MAXUN_SESSION_SECRET} MINIO_ENDPOINT: minio MINIO_PORT: 9000 MINIO_CONSOLE_PORT: 9001 MINIO_ACCESS_KEY: ${MAXUN_MINIO_ACCESS_KEY} MINIO_SECRET_KEY: ${MAXUN_MINIO_SECRET_KEY} REDIS_HOST: maxun-valkey REDIS_PORT: 6379 BACKEND_PORT: 8080 FRONTEND_PORT: 5173 BACKEND_URL: https://scrape.${MY_TLD} PUBLIC_URL: https://scrape.${MY_TLD} VITE_BACKEND_URL: https://scrape.${MY_TLD} VITE_PUBLIC_URL: https://scrape.${MY_TLD} MAXUN_TELEMETRY: true PLAYWRIGHT_BROWSERS_PATH: /ms-playwright PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 0 CHROMIUM_FLAGS: "--disable-gpu --no-sandbox --headless=new" #DEBUG: pw:api #PWDEBUG: 1 x-signoz-common: &signoz-common profiles: ["rinoa-apps"] restart: unless-stopped x-signoz-clickhouse-defaults: &signoz-clickhouse-defaults <<: *signoz-common # adding non LTS version due to this fix https://github.com/ClickHouse/ClickHouse/commit/32caf8716352f45c1b617274c7508c86b7d1afab image: clickhouse/clickhouse-server:25.5.6-alpine tty: true labels: signoz.io/scrape: "true" signoz.io/port: "9363" signoz.io/path: "/metrics" depends_on: signoz-init-clickhouse: condition: service_completed_successfully signoz-zookeeper-1: condition: service_healthy healthcheck: test: - CMD - wget - --spider - -q - 0.0.0.0:8123/ping interval: 30s timeout: 5s retries: 3 ulimits: nproc: 65535 nofile: soft: 262144 hard: 262144 environment: - CLICKHOUSE_SKIP_USER_SETUP=1 x-signoz-zookeeper-defaults: &signoz-zookeeper-defaults <<: *signoz-common image: signoz/zookeeper:3.7.1@sha256:fcc4a3288154ccaa3bdb5ae6dc10180c084d29a8a6a26b62ac8e30a8940dc2e6 user: root labels: signoz.io/scrape: "true" signoz.io/port: "9141" signoz.io/path: "/metrics" healthcheck: test: - CMD-SHELL - curl -s -m 2 http://localhost:8080/commands/ruok | grep error | grep null interval: 30s timeout: 5s retries: 3 x-signoz-db-depend: &signoz-db-depend <<: *signoz-common depends_on: signoz-clickhouse: condition: service_healthy signoz-schema-migrator-sync: condition: service_completed_successfully x-valkey-params: &valkey-params healthcheck: test: redis-cli ping || exit 1 image: docker.io/valkey/valkey:9-alpine@sha256:a35428eba9043cc0b79dbe54100f0c92784f2de00ad09b01182bfb1c5c83d1bd environment: ALLOW_EMPTY_PASSWORD: yes VALKEY_DATA_DIR: /data/valkey VALKEY_DATABASE: 0 expose: - 6379 profiles: ["rinoa-apps"] restart: unless-stopped services: 13ft: container_name: 13ft image: ghcr.io/wasi-master/13ft:latest@sha256:038f0e0c46daece72336009eb27ab00065ae541c14e40a396b5f4ed366f367d5 labels: swag: enable swag_port: 5000 swag_proto: http swag_url: 13ft.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: 13ft Ladder swag.uptime-kuma.monitor.url: https://13ft.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Personal Tools homepage.name: 13ft Ladder homepage.icon: 13ft.svg homepage.href: https://13ft.${MY_TLD} homepage.description: Web interface for blocking ads and paywalls ports: - 10633:5000 profiles: ["rinoa-apps"] restart: unless-stopped actual_server: container_name: actualbudget environment: ACTUAL_LOGIN_METHOD: "password" ACTUAL_PORT: 5006 # - ACTUAL_UPLOAD_FILE_SYNC_SIZE_LIMIT_MB=20 # - ACTUAL_UPLOAD_SYNC_ENCRYPTED_FILE_SYNC_SIZE_LIMIT_MB=50 # - ACTUAL_UPLOAD_FILE_SIZE_LIMIT_MB=20 # See all options and more details at https://actualbudget.github.io/docs/Installing/Configuration # !! If you are not using any of these options, remove the 'environment:' tag entirely. image: docker.io/actualbudget/actual-server:latest@sha256:74385f8067f401e61f0be9e343c471705c42dfaa195295c40c5b2f15f4dcc9d4 labels: swag: enable swag_port: 5006 swag_proto: http swag_url: fin.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Actual Budget swag.uptime-kuma.monitor.url: https://13ft.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Lifestyle homepage.name: Actual Budget homepage.icon: actual-budget.svg homepage.href: https://fin.${MY_TLD} homepage.description: Privacy-focused app for managing finances ports: - 5006:5006 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/actual-budget:/data adguard: cap_add: - NET_BIND_SERVICE - NET_RAW container_name: adguard environment: TZ: ${TZ} image: adguard/adguardhome:v0.107.75@sha256:50ac5916778faa06ad4adcff606c7aaf806cb55dc1995160dbf50633c9bda94d labels: swag: enable swag_proto: http swag_port: 8008 swag_address: 192.168.1.254 swag_url: adgh.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: AdGuard Home swag.uptime-kuma.monitor.url: https://adgh.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: System Administration homepage.name: AdGuard Home homepage.icon: adguard-home.png homepage.href: https://adgh.${MY_TLD} homepage.description: Ad-blocking/DNS homepage.widget.type: adguard homepage.widget.url: http://192.168.1.254:8008 homepage.widget.username: admin homepage.widget.password: ${ADGUARD_PASSWORD} network_mode: host privileged: true # ports: # - "192.168.1.254:53:53/udp" # - "192.168.1.254:53:53/tcp" # - 3001:3000 # - "192.168.1.254:446:443/tcp" # - 8008:80 # - "192.168.1.254:853:853/tcp" # - 67:67 # - 688:68 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - /etc/localtime:/etc/localtime:ro - ${DOCKER_VOLUME_CONFIG}/adguard/work:/opt/adguardhome/work - ${DOCKER_VOLUME_CONFIG}/adguard/conf:/opt/adguardhome/conf - ${DOCKER_VOLUME_CONFIG}/swag/etc/letsencrypt/:/opt/adguardhome/certs apcupsd-cgi: container_name: apcupsd-cgi environment: UPSHOSTS: 192.168.1.254 UPSNAMES: Rinoa TZ: ${TZ} DASHBOARD_PROVISION: false image: bnhf/apcupsd-cgi:latest@sha256:e8733930739719aca608fd97aecfb0aa5f53aaf7681bf4bbccd49dbf67132bf8 labels: swag: enable swag_proto: http swag_auth: authelia swag_url: apc.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: APC UPS Web swag.uptime-kuma.monitor.url: https://apc.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Infrastructure/App Performance Monitoring homepage.name: APC UPS Web homepage.icon: apc.svg homepage.href: https://apc.${MY_TLD} homepage.description: Web interface for apcupsd homepage.widget.type: apcups homepage.widget.url: tcp://192.168.1.254:3551 ports: - 3552:80 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/apcupsd:/etc/apcupsd apprise-api: container_name: apprise-api environment: PUID: ${PUID} PGID: ${PGID} TZ: ${TZ} APPRISE_ATTACH_DIR: /attach APPRISE_ATTACH_SIZE: 500 APPRISE_CONFIG_DIR: /config APPRISE_STATEFUL_MODE: simple image: lscr.io/linuxserver/apprise-api:latest@sha256:0d114aa96f1782173af59c6af88b1dc75918af71ab8a160a3b1e48da1b5de96f labels: swag: enable swag_proto: http swag_port: 8000 swag_auth: authelia swag_auth_bypass: /status,/notify/,/details,/metrics,/json/urls swag_url: apprise.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Apprise-API swag.uptime-kuma.monitor.url: https://apprise.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Infrastructure/App Performance Monitoring homepage.name: Apprise homepage.icon: apprise.png homepage.href: https://apprise.${MY_TLD} homepage.description: Multi-channel notification API homepage.widget.type: customapi homepage.widget.headers: "Accept: application/json" homepage.widget.url: http://apprise-api:8000/status homepage.widget.method: GET homepage.widget.mappings[0].label: Status homepage.widget.mappings[0].field: status.details # homepage.widget[1].type: customapi # homepage.widget[1].headers: 'Accept: application/json' # homepage.widget[1].url: http://apprise-api:8111/json/urls/apprise?privacy=1 # homepage.widget[1].method: GET # homepage.widget[1].mappings[0].label: URLS # homepage.widget[1].mappings[0].field: urls # homepage.widget[1].mappings[0].format: size ports: - 54995:8000 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/apprise/conf:/config - ${DOCKER_VOLUME_CONFIG}/apprise/attachments:/attach #optional archivebox: container_name: archivebox environment: ADMIN_USERNAME: admin # creates an admin user on first run with the given user/pass combo ADMIN_PASSWORD: ${ARCHIVEBOX_ADMIN_PASSWORD} ALLOWED_HOSTS: "*" # set this to the hostname(s) you're going to serve the site from! CSRF_TRUSTED_ORIGINS: http://localhost:8000 # you MUST set this to the server's URL for admin login and the REST API to work PUBLIC_INDEX: false # set to False to prevent anonymous users from viewing snapshot list PUBLIC_SNAPSHOTS: false # set to False to prevent anonymous users from viewing snapshot content PUBLIC_ADD_VIEW: false # set to True to allow anonymous users to submit new URLs to archive SEARCH_BACKEND_ENGINE: ripgrep # tells ArchiveBox to use sonic container below for fast full-text search image: archivebox/archivebox:latest@sha256:1a5a37331091d9df865ead2b9c231aa5a892fc26fe0422ce6140d9e2d9532327 labels: homepage.group: Personal Tools homepage.name: ArchiveBox homepage.href: https://archive.${MY_TLD} homepage.icon: archivebox.png homepage.description: Open-source and self-hosted web archiving swag: enable swag_port: 8000 swag_proto: http swag_url: archive.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: ArchiveBox swag.uptime-kuma.monitor.url: https://archive.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 21324:8000 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/archivebox:/data # ./data/personas/Default/chrome_profile/Default:/data/personas/Default/chrome_profile/Default asciinema: container_name: asciinema depends_on: asciinema-pg-db: condition: service_healthy required: true environment: DATABASE_URL: postgresql://asciinema:${ASCIINEMA_PG_DB_PASSWORD}@asciinema-pg-db:5432/asciinema DEFAULT_AVATAR: gravatar MAIL_FROM_ADDRESS: noreply@${MY_TLD} SECRET_KEY_BASE: ${ASCIINEMA_SECRET_KEY_BASE} SIGN_UP_DISABLED: true SMTP_HOST: postal-smtp SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER} SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} SMTP_PORT: 25 UPLOAD_AUTH_REQUIRED: true URL_HOST: asciinema.trez.wtf URL_PORT: 4000 URL_SCHEME: https image: ghcr.io/asciinema/asciinema-server:latest@sha256:d6d3bd5377dbe0773016ece1fdcc8326826d45395f1df7a6883ea30caf7140e8 labels: homepage.group: Code/DevOps homepage.name: Asciinema homepage.href: https://asciinema.${MY_TLD} homepage.icon: asciinema.svg homepage.description: Platform for hosting and sharing terminal session recordings swag: enable swag_port: 4000 swag_proto: http swag_url: asciinema.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Asciinema swag.uptime-kuma.monitor.url: https://asciinema.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 4000:4000 - 4002:4002 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - asciinema-data:/var/opt/asciinema asciinema-pg-db: container_name: asciinema-pg-db environment: POSTGRES_PASSWORD: ${ASCIINEMA_PG_DB_PASSWORD} POSTGRES_USER: asciinema POSTGRES_DB: asciinema expose: - 5432 healthcheck: test: ["CMD-SHELL", "pg_isready -U asciinema"] interval: 2s timeout: 5s retries: 10 image: postgres:14-alpine@sha256:6765739f422606933bc2aece3a2288e40e491488fd7e7c14e3323dfeefb10e38 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - asciinema-pg-data:/var/lib/postgresql/data audiobookshelf: container_name: audiobookshelf environment: CONFIG_PATH: /config HOME: /config/.home LOG_LEVEL: info METADATA_PATH: /metadata TZ: America/New_York hostname: Rinoa image: ghcr.io/advplyr/audiobookshelf:latest@sha256:1eef6716183c52abafe5405e7d6be8390248ecd59c7488c44af871757ac8fc4d labels: homepage.group: Media Library homepage.name: Audiobookshelf homepage.href: https://abs.${MY_TLD} homepage.icon: audiobookshelf.png homepage.description: Podcasts, eBooks, & Audiobooks homepage.widget.type: audiobookshelf homepage.widget.url: http://audiobookshelf:80 homepage.widget.key: ${AUDIOBOOKSHELF_ROOT_API_KEY} swag: enable swag_address: audiobookshelf swag_proto: http swag_url: abs.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Audiobookshelf swag.uptime-kuma.monitor.url: https://abs.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 13378:80 profiles: ["rinoa-apps"] restart: unless-stopped user: 1000:1000 volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/audiobookshelf target: /config type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/audiobookshelf/.metadata target: /metadata type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind authelia: container_name: authelia depends_on: authelia-pg: condition: service_started required: true lldap: condition: service_started required: true environment: AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD: ${AUTHELIA_AUTH_BIND_LDAP_PASSWORD} AUTHELIA_JWT_SECRET: ${AUTHELIA_JWT_SECRET} AUTHELIA_NOTIFIER_SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} AUTHELIA_NOTIFIER_SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER} AUTHELIA_SESSION_SECRET: ${AUTHELIA_SESSION_SECRET} AUTHELIA_STORAGE_ENCRYPTION_KEY: ${AUTHELIA_STORAGE_ENCRYPTION_KEY} AUTHELIA_STORAGE_POSTGRES_PASSWORD: ${AUTHELIA_STORAGE_POSTGRES_PASSWORD} PGID: ${PGID} PUID: ${PUID} TZ: ${TZ} X_AUTHELIA_CONFIG_FILTERS: template expose: - 9091 - 9959 # Metrics port for Prometheus image: authelia/authelia:master@sha256:648c80b38d2039b836903c06a7e04a97a44f163566aa91280378340de271cac3 labels: homepage.group: Privacy/Security homepage.name: Authelia homepage.href: https://auth.${MY_TLD} homepage.icon: authelia.svg homepage.description: Authentication/authorization server with MFA & SSO swag: enable swag_proto: http swag_port: 9091 swag_url: auth.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Authelia swag.uptime-kuma.monitor.url: https://auth.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/authelia/ target: /config type: bind bind: create_host_path: true authelia-pg: container_name: authelia-pg environment: POSTGRES_PASSWORD: ${AUTHELIA_STORAGE_POSTGRES_PASSWORD} POSTGRES_USER: authelia POSTGRES_DB: authelia expose: - 5432 image: postgres:16-alpine@sha256:16bc17c64a573ef34162af9298258d1aec548232985b33ed7b1eac33ba35c229 networks: default: null profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: authelia-pg-db target: /var/lib/postgresql/data type: volume bind: create_host_path: true authelia-valkey: container_name: authelia-valkey <<: *valkey-params volumes: - authelia-valkey-data:/data/valkey backrest: container_name: backrest hostname: backrest image: garethgeorge/backrest:latest@sha256:9c9966b5c285ec791a6b06cb4545fa0247424d05442e12f9558b4322d9f8a15f environment: BACKREST_DATA: /data # path for backrest data. restic binary and the database are placed here. BACKREST_CONFIG: /config/config.json # path for the backrest config file. XDG_CACHE_HOME: /cache # path for the restic cache which greatly improves performance. TZ: ${TZ} # set the timezone for the container, used as the timezone for cron jobs. labels: swag: enable swag_port: 9898 swag_proto: http swag_url: backrest.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Backrest swag.uptime-kuma.monitor.url: https://backrest.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Automation homepage.name: Backrest homepage.href: https://backrest.${MY_TLD} homepage.icon: backrest.svg homepage.description: Data backup ports: - 9898:9898 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/backrest/data:/data - ${DOCKER_VOLUME_CONFIG}/backrest/config:/config - ${DOCKER_VOLUME_CONFIG}/backrest/cache:/cache bazarr: container_name: bazarr environment: PGID: ${PGID} PUID: ${PUID} TZ: ${TZ} DOCKER_MODS: ghcr.io/gilbn/theme.park:bazarr hostname: Rinoa image: lscr.io/linuxserver/bazarr:latest@sha256:95f27692c3de6dbe130cd035d342d8138ec74ade7b62cfc52e11ae222c52c855 labels: homepage.group: Servarr Stack homepage.name: Bazarr homepage.href: https://bazarr.${MY_TLD} homepage.icon: bazarr.png homepage.description: Subtitle automation for TV shows/movies homepage.widget.type: bazarr homepage.widget.url: http://bazarr:6767 homepage.widget.key: ${BAZARR_API_KEY} swag: enable swag_proto: http swag_port: 6767 swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Bazarr swag.uptime-kuma.monitor.url: https://bazaar.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 6767:6767 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/bazarr target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind beszel: container_name: beszel extra_hosts: - host.docker.internal:host-gateway image: henrygd/beszel:latest@sha256:a849ad80814b6a1a3be665304dcace5d4854b3bed7bde4dd1227e8ce1b82d477 labels: homepage.group: Infrastructure/App Performance Monitoring homepage.name: Beszel homepage.href: https://beszel.${MY_TLD} homepage.icon: beszel.svg homepage.description: Lightweight server monitoring hub homepage.widget.type: beszel homepage.widget.url: http://beszel:8090 homepage.widget.username: ${SWAG_ENVIRONMENT_EMAIL} homepage.widget.password: ${BESZEL_ADMIN_PASSWORD} homepage.widget.version: 2 swag: enable swag_proto: http swag_port: 8090 swag_url: beszel.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Beszel swag.uptime-kuma.monitor.url: https://beszel.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 22220:8090 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/beszel:/beszel_data beszel-agent: container_name: beszel-agent depends_on: beszel: condition: service_started required: true environment: PORT: 45876 # Do not remove quotes around the key KEY: "${BESZEL_RINOA_AGENT_KEY}" expose: - 45876 image: henrygd/beszel-agent:latest@sha256:8874e2c53f9de5e063a6a80d6b617e20fa593ac5dc4eb4c6ce1f912f510f38f8 network_mode: host profiles: ["rinoa-apps"] restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - /rinoa-storage:/extra-filesystems/rinoa-storage:ro - /dev/nvme0n1:/extra-filesystems/nvme0n1:ro bitwarden: container_name: bitwarden environment: ADMIN_TOKEN: ${BITWARDEN_ENVIRONMENT_ADMIN_TOKEN} DATABASE_URL: data/db.sqlite3 DISABLE_ADMIN_TOKEN: "false" DOMAIN: https://bitwarden.${MY_TLD} ENABLE_DB_WAL: "true" INVITATIONS_ALLOWED: "false" SHOW_PASSWORD_HINT: "false" SIGNUPS_ALLOWED: "true" SIGNUPS_VERIFY: "true" TZ: America/New_York WEBSOCKET_ENABLED: "true" hostname: Rinoa image: vaultwarden/server:latest@sha256:d626d04934cd1192ad8ced1adb975099fca78cec33ab467d2d3c923cde7f3b0c labels: homepage.group: Privacy/Security homepage.name: Vaultwarden homepage.icon: vaultwarden.svg homepage.href: https://bitwarden.${MY_TLD} homepage.description: Credential/Information Vault swag: enable swag_url: bitwarden.${MY_TLD} swag_proto: http swag_port: 80 swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Vaultwarden swag.uptime-kuma.monitor.url: https://bitwarden.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 3012:3012 - 8013:80 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/bitwarden target: /data type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind bluesky-pds: container_name: bluesky-pds environment: PDS_ADMIN_EMAIL: charish.patel@${MY_TLD} PDS_HOSTNAME: bsky.${MY_TLD} PDS_JWT_SECRET: ${BLUESKY_PDS_JWT_SECRET} PDS_ADMIN_PASSWORD: ${BLUESKY_PDS_ADMIN_PASSWORD} PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: ${BLUESKY_PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX} PDS_DATA_DIRECTORY: /pds PDS_EMAIL_SMTP_URL: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25 PDS_EMAIL_FROM_ADDRESS: noreply@${MY_TLD} PDS_BLOBSTORE_DISK_LOCATION: /pds/blocks PDS_BLOB_UPLOAD_LIMIT: 52428800 PDS_DID_PLC_URL: ${PDS_DID_PLC_URL} PDS_BSKY_APP_VIEW_URL: ${PDS_BSKY_APP_VIEW_URL} PDS_BSKY_APP_VIEW_DID: ${PDS_BSKY_APP_VIEW_DID} PDS_REPORT_SERVICE_URL: ${PDS_REPORT_SERVICE_URL} PDS_REPORT_SERVICE_DID: ${PDS_REPORT_SERVICE_DID} PDS_CRAWLERS: ${PDS_CRAWLERS} LOG_ENABLED: true expose: - 3000 image: code.modernleft.org/gravityfargo/bluesky-pds:v0.4.193@sha256:54122ea4515d9021a4901aa849c6e57d2275e2194f6eda2cc9df217d12302f9e labels: swag: enable swag_port: 3000 swag_url: bsky.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: BlueSky PDS swag.uptime-kuma.monitor.url: https://bsky.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - type: bind source: ${DOCKER_VOLUME_CONFIG}/bluesky-pds target: /pds browserless: container_name: browserless environment: ALLOW_FILE_PROTOCOL: true CONCURRENT: 20 HEALTH: false PROXY_HOST: browserless PROXY_PORT: 3000 PROXY_SSL: false QUEUED: 20 TIMEOUT: 300000 TOKEN: ${CHROMIUM_TOKEN} TZ: ${TZ} expose: - 3000 extra_hosts: - "host.docker.internal:host-gateway" image: ghcr.io/browserless/chromium:latest@sha256:c2abacf88698dc6750038363e1205c2f141856db21d564df9f7e2d8c9fb8fc22 labels: swag: enable swag_proto: http swag_port: 3000 swag_url: browse.${MY_TLD} networks: default: null profiles: ["rinoa-apps"] restart: unless-stopped bytestash: container_name: bytestash environment: BASE_PATH: JWT_SECRET: ${BYTESTASH_JWT_SECRET} TOKEN_EXPIRY: 24h ALLOW_NEW_ACCOUNTS: true DEBUG: true DISABLE_ACCOUNTS: false DISABLE_INTERNAL_ACCOUNTS: false image: ghcr.io/jordan-dalby/bytestash:latest@sha256:f5ca5cc8c33d76eda8969757d5b6da653c39ca8d946b3f7bfbc86df1360bf525 labels: homepage.description: Code Gists/Snippets homepage.group: Code/DevOps homepage.href: https://gist.${MY_TLD} homepage.icon: bytestash.svg homepage.name: ByteStash swag: enable swag_port: 5000 swag_proto: http swag_url: gist.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: ByteStash swag.uptime-kuma.monitor.url: https://gist.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 62139:5000 profiles: ["rinoa-apps"] restart: always volumes: - ${DOCKER_VOLUME_CONFIG}/bytestash:/data/snippets changedetection: container_name: changedetection depends_on: changedetection-chrome: condition: service_started environment: PORT: 5000 LOGGER_LEVEL: TRACE PLAYWRIGHT_DRIVER_URL: ws://browser-sockpuppet-chrome:3000 BASE_URL: https://chdt.${MY_TLD} USE_X_SETTINGS: 1 HIDE_REFERER: true ALLOW_FILE_URI: False TZ: ${TZ} LC_ALL: en_US.UTF-8 LISTEN_HOST: 0.0.0.0 image: ghcr.io/dgtlmoon/changedetection.io@sha256:d89d4187221206f7f9f2c7946e7483815db905ca7d122644081aebd5d23ba391 labels: homepage.description: Page change monitoring with alerts homepage.group: System Administration homepage.href: https://chdt.${MY_TLD} homepage.icon: changedetection.svg homepage.name: ChangeDetection homepage.widget.type: changedetectionio homepage.widget.url: http://changedetection:5000 homepage.widget.key: ${CHANGEDETECTION_HOMEPAGE_API_KEY} swag: enable swag_port: 5000 swag_proto: http swag_url: chdt.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: ChangeDetection swag.uptime-kuma.monitor.url: https://chdt.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 15827:5000 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - changedetection-data:/datastore changedetection-chrome: cap_add: - SYS_ADMIN container_name: changedetection-chrome image: dgtlmoon/sockpuppetbrowser:latest@sha256:7116c61ef9cfce3d48a7efd9355d2fbe19f593ea3cfb52a5ded40ecbcb0a3f9d environment: SCREEN_WIDTH: 1920 SCREEN_HEIGHT: 1024 SCREEN_DEPTH: 16 MAX_CONCURRENT_CHROME_PROCESSES: 10 profiles: ["rinoa-apps"] restart: unless-stopped chrome: container_name: chrome command: - --no-sandbox - --disable-gpu - --disable-dev-shm-usage - --remote-debugging-address=0.0.0.0 - --remote-debugging-port=9222 - --hide-scrollbars image: gcr.io/zenika-hub/alpine-chrome:124@sha256:1a0046448e0bb6c275c88f86e01faf0de62b02ec8572901256ada0a8c08be23f profiles: ["rinoa-apps"] restart: unless-stopped clipcascade: container_name: clipcascade environment: CC_MAX_MESSAGE_SIZE_IN_MiB: 25 # Maximum message size in MiB (ignored if P2P mode is enabled) CC_P2P_ENABLED: false # Enables or disables peer-to-peer(P2P) mode # CC_ALLOWED_ORIGINS: https://clipcascade.example.com # Defines allowed CORS origins for security CC_SIGNUP_ENABLED: false # Enables or disables user self-registration image: sathvikrao/clipcascade:latest@sha256:0f7aadec03af6b22a157466ade3ed1730dfd3b390d2989e55c0180e1d12d736f labels: homepage.group: Personal Tools homepage.name: ClipCascade homepage.href: https://clip.${MY_TLD} homepage.icon: sh-clipcascade.svg homepage.description: Online file converter swag: enable swag_port: 8080 swag_proto: http swag_url: clip.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: ClipCascade swag.uptime-kuma.monitor.url: https://clip.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 64048:8080 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/clipcascade:/database # Persistent storage for user data cloudflareddns: container_name: cloudflareddns environment: ARGS: --dns-cloudflare-propagation-seconds 60 CF_APIKEY: ${CLOUDFLAREDDNS_ENVIRONMENT_APIKEY} CF_APITOKEN: ${CLOUDFLAREDDNS_ENVIRONMENT_APITOKEN} CF_HOSTS: ${MY_TLD} CF_RECORDTYPES: A CF_USER: charish.patel@${MY_TLD} CF_ZONES: ${MY_TLD} DETECTION_MODE: dig-google.com INTERVAL: "300" LOG_LEVEL: "3" PGID: "1000" PUID: "1000" TZ: America/New_York hostname: Rinoa image: ghcr.io/hotio/cloudflareddns:latest@sha256:6e7bb740c8c0a75ecb1bfc2992511e2abdd92acc8d3424d9abaf0f78055f12dc networks: default: null profiles: ["rinoa-apps"] restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/cloudflareddns target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind convertx: container_name: convertx environment: JWT_SECRET: ${CONVERTX_JWT_SECRET} image: ghcr.io/c4illin/convertx@sha256:e1f85be04bbaf8a55ead9261194c3ae0fa0957d303ea537127154860b2552afd labels: homepage.group: System Administration homepage.name: ConvertX homepage.href: https://convert.${MY_TLD} homepage.icon: sh-convertx.png homepage.description: Online file converter swag: enable swag_port: 3000 swag_proto: http swag_url: convert.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: ConvertX swag.uptime-kuma.monitor.url: https://convert.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 38946:3000 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/convertx:/app/data crowdsec: container_name: crowdsec depends_on: swag: condition: service_started required: true environment: DOCKER_HOST: tcp:/${DOCKER_VOLUME_CONFIG}proxy:2375 GID: 1000 BOUNCER_KEY_SWAG: ${CROWDSEC_SWAG_API_KEY} COLLECTIONS: >- corvese/apache-guacamole crowdsecurity/home-assistant crowdsecurity/http-cve crowdsecurity/iptables crowdsecurity/linux crowdsecurity/mariadb crowdsecurity/nextcloud crowdsecurity/nginx crowdsecurity/whitelist-good-actors Dominic-Wagner/vaultwarden gauth-fr/immich LePresidente/adguardhome LePresidente/authelia LePresidente/gitea LePresidente/jellyfin LePresidente/ombi plague-doctor/audiobookshelf schiz0phr3ne/sonarr sdwilsh/navidrome timokoessler/mongodb timokoessler/uptime-kuma xs539/joplin-server image: crowdsecurity/crowdsec:latest@sha256:2f527c9bb8b367120eb08b82890aa912ce96bfa1ada93dda0721700e4b4e0dde networks: default: null ports: - 8101:8080 profiles: ["rinoa-infra"] restart: unless-stopped security_opt: - no-new-privileges=true volumes: # - ${DOCKER_VOLUME_CONFIG}/crowdsec/config.yaml.local:/etc/crowdsec/config.yaml - ${DOCKER_VOLUME_CONFIG}/swag/log/nginx:/var/log/swag:ro # SWAG - ${DOCKER_VOLUME_CONFIG}/mariadb/:/var/lib/mysql:ro # MariaDB - ${DOCKER_VOLUME_CONFIG}/audiobookshelf/.metadata/logs:/var/log/audiobookself:ro # Audiobookshelf - crowdsec-config:/etc/crowdsec - crowdsec-db:/var/lib/crowdsec/data - /var/log/journal:/var/log/host/journal:ro - /var/log/auth.log:/var/log/host/auth.log:ro crowdsec-dashboard: container_name: crowdsec-dashboard depends_on: crowdsec: condition: service_started required: true environment: MB_DB_FILE: /data/metabase.db MGID: ${GID-1000} image: metabase/metabase@sha256:b0511d28f5a504915cda5d4e233e5d25bab95fd8879823cbeb29580707473d36 labels: homepage.group: Privacy/Security homepage.name: CrowdSec Dashboard homepage.href: https://csec.${MY_TLD} homepage.icon: crowdsec.svg homepage.description: Real-time & crowdsourced protection against aggressive IPs homepage.widget.type: crowdsec homepage.widget.url: http://crowdsec:8080 homepage.widget.username: localhost homepage.widget.password: ${CROWDSEC_LOCAL_API_KEY} swag: enable swag_port: 3000 swag_proto: http swag_url: csec.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Crowdsec swag.uptime-kuma.monitor.url: https://csec.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 8908:3000 profiles: ["rinoa-infra"] restart: always volumes: - crowdsec-db:/data/ cyber-chef: container_name: cyber-chef image: mpepping/cyberchef:latest@sha256:ad69e26bc1890d09fffc35fb85a10106a493a433c546cb747fce7dd80604563e labels: homepage.description: Web app for encryption, encoding, compression, and data analysis homepage.group: Privacy/Security homepage.href: https://cchef.${MY_TLD} homepage.icon: cyberchef.svg homepage.name: CyberChef swag: enable swag_port: 8000 swag_proto: http swag_url: cchef.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: CyberChef swag.uptime-kuma.monitor.url: https://cchef.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 20992:8000 profiles: ["rinoa-apps"] restart: unless-stopped czkawka: container_name: czkawka environment: KEEP_APP_RUNNING: 1 PGID: ${PGID} PUID: ${PUID} TZ: ${TZ} UMASK: 1 SECURE_CONNECTION: 1 WEB_LISTENING_PORT: 5800 WEB_AUTHENTICATION: 1 WEB_AUTHENTICATION_USERNAME: ${CZKAWKA_WEB_AUTH_USERNAME} WEB_AUTHENTICATION_PASSWORD: ${CZKAWKA_WEB_AUTH_PASSWORD} CZKAWKA_GUI_KROKIET: 1 image: jlesage/czkawka@sha256:bb1012c8a162f79918eac88c7fd5e579b52e1464eeadc6fb2509363d2e569a10 labels: homepage.group: System Administration homepage.name: Czkawka homepage.href: https://czkawka.${MY_TLD} homepage.icon: sh-czkawka.svg homepage.description: Smart file management swag: enable swag_port: 5800 swag_proto: http swag_url: czkawka.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Czkawka swag.uptime-kuma.monitor.url: https://czkawka.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 5800:5800 privileged: true profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/czkawka target: /config type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_STORAGE} target: /storage type: bind bind: create_host_path: true dawarich-app: command: bin/dev container_name: dawarich-app depends_on: dawarich-pg-db: condition: service_healthy restart: true dawarich-valkey: condition: service_started restart: true deploy: resources: limits: cpus: "0.50" # Limit CPU usage to 50% of one core memory: "4G" # Limit memory usage to 4GB entrypoint: web-entrypoint.sh environment: RAILS_ENV: production REDIS_URL: redis://dawarich-valkey:6379 DATABASE_HOST: dawarich-pg-db DATABASE_USERNAME: dawarich DATABASE_PASSWORD: ${DAWARICH_PG_PASSWORD} DATABASE_NAME: dawarich MIN_MINUTES_SPENT_IN_CITY: 60 APPLICATION_HOSTS: localhost,loc.${MY_TLD},192.168.1.254 TIME_ZONE: ${TZ} APPLICATION_PROTOCOL: http DISTANCE_UNIT: km SECRET_KEY_BASE: ${DAWARICH_SECRET_KEY_BASE} PROMETHEUS_EXPORTER_ENABLED: true PROMETHEUS_EXPORTER_HOST: 0.0.0.0 PROMETHEUS_EXPORTER_PORT: 9394 ENABLE_TELEMETRY: false # More on telemetry: https://dawarich.app/docs/tutorials/telemetry SELF_HOSTED: true expose: - 9394 healthcheck: test: [ "CMD-SHELL", "wget -qO - http://127.0.0.1:3000/api/v1/health | grep -q '\"status\"\\s*:\\s*\"ok\"'", ] interval: 10s retries: 30 start_period: 30s timeout: 10s image: freikin/dawarich:latest@sha256:7c70f2169e848ed77ae1cec01dd10ec4a73a70a785d4e4d248db1735c0bc25ed labels: homepage.group: Privacy/Security homepage.name: Dawarich homepage.href: https://loc.${MY_TLD} homepage.icon: dawarich.svg homepage.description: Self-hosted alternative to Google Location History swag: enable swag_port: 3000 swag_proto: http swag_url: loc.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Dawarich swag.uptime-kuma.monitor.url: https://loc.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 63561:3000 profiles: ["rinoa-apps"] restart: on-failure stdin_open: true tty: true volumes: - dawarich_public:/var/app/public - dawarich_watched:/var/app/tmp/imports/watched - ${DOCKER_VOLUME_CONFIG}/dawarich/web-entrypoint.sh:/usr/local/bin/web-entrypoint.sh dawarich-pg-db: container_name: dawarich-pg-db environment: POSTGRES_DB: dawarich POSTGRES_USER: dawarich POSTGRES_PASSWORD: ${DAWARICH_PG_PASSWORD} healthcheck: test: ["CMD-SHELL", "pg_isready -U dawarich -d dawarich"] interval: 10s retries: 5 start_period: 30s timeout: 10s image: postgis/postgis:17-3.5-alpine@sha256:5a30b4cf0c787aae9e428c1fce1ef736fccc7fc294958ee99d3836fb51b1819b profiles: ["rinoa-apps"] restart: always shm_size: 1G volumes: - dawarich_db_data:/var/lib/postgresql/data - dawarich_shared:/var/shared dawarich-sidekiq: command: ["sidekiq"] container_name: dawarich-sidekiq depends_on: dawarich-app: condition: service_healthy restart: true dawarich-pg-db: condition: service_healthy restart: true dawarich-valkey: condition: service_healthy restart: true deploy: resources: limits: cpus: "0.50" # Limit CPU usage to 50% of one core memory: "4G" # Limit memory usage to 4GB entrypoint: sidekiq-entrypoint.sh environment: APPLICATION_HOSTS: localhost,loc.${MY_TLD} APPLICATION_PROTOCOL: http BACKGROUND_PROCESSING_CONCURRENCY: 10 DATABASE_HOST: dawarich-pg-db DATABASE_NAME: dawarich DATABASE_PASSWORD: ${DAWARICH_PG_PASSWORD} DATABASE_USERNAME: dawarich DISTANCE_UNIT: km ENABLE_TELEMETRY: false # More on telemetry: https://dawarich.app/docs/tutorials/telemetry PROMETHEUS_EXPORTER_ENABLED: false RAILS_ENV: production RAILS_LOG_TO_STDOUT: true REDIS_URL: "redis://dawarich-valkey:6379" SECRET_KEY_BASE: ${DAWARICH_SECRET_KEY_BASE} SELF_HOSTED: true STORE_GEODATA: true expose: - 9394 healthcheck: test: ["CMD-SHELL", "pgrep -f sidekiq"] interval: 10s retries: 30 start_period: 30s timeout: 10s image: freikin/dawarich:latest@sha256:7c70f2169e848ed77ae1cec01dd10ec4a73a70a785d4e4d248db1735c0bc25ed profiles: ["rinoa-apps"] restart: on-failure stdin_open: true tty: true volumes: - dawarich_public:/var/app/public - dawarich_watched:/var/app/tmp/imports/watched - ${DOCKER_VOLUME_CONFIG}/dawarich/sidekiq-entrypoint.sh:/usr/local/bin/sidekiq-entrypoint.sh dawarich-valkey: container_name: dawarich-valkey <<: *valkey-params volumes: - dawarich-valkey-data:/data/valkey dead-man-hand: container_name: dead-man-hand image: ghcr.io/bkupidura/dead-man-hand:latest@sha256:bdfcc5b2429bf02aa37ec78e120078572fd6f8e4161973ec4d0250c7ad378779 environment: DMH_CONFIG_FILE: /data/config.yaml labels: # homepage.group: Personal/Professional Services # homepage.name: Dawarich # homepage.href: https://loc.${MY_TLD} # homepage.icon: dawarich.svg # homepage.description: Self-hosted alternative to Google Location History swag: enable swag_port: 8080 swag_proto: http swag_url: dms.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.monitor.url: https://dms.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 25807:8080 volumes: - ${DOCKER_VOLUME_CONFIG}/dead-man-hand:/data docker-socket-proxy: container_name: dockerproxy environment: AUTH: 1 BUILD: 1 COMMIT: 1 CONFIGS: 1 CONTAINERS: 1 DISTRIBUTION: 1 EVENTS: 1 EXEC: 1 GPRC: 1 IMAGES: 1 INFO: 1 NETWORKS: 1 NODES: 1 POST: 1 PLUGINS: 1 SERVICES: 1 SESSION: 1 SYSTEM: 1 TASKS: 1 VOLUMES: 1 LOG_LEVEL: debug image: ghcr.io/tecnativa/docker-socket-proxy:latest@sha256:1f3a6f303320723d199d2316a3e82b2e2685d86c275d5e3deeaf182573b47476 networks: default: null ports: - 2375:2375 privileged: true profiles: ["rinoa-apps"] restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock dockflare: container_name: dockflare environment: AGENT_STATUS_UPDATE_INTERVAL_SECONDS: 10 CF_ACCOUNT_ID: ${CLOUDFLARE_ACCOUNT_ID} CF_API_TOKEN: ${CLOUDFLAREDDNS_ENVIRONMENT_APITOKEN} CF_ZONE_ID: ${CLOUDFLARE_ZONE_ID} CLEANUP_INTERVAL_SECONDS: 300 CLOUDFLARED_METRICS_PORT: 20119 CLOUDFLARED_NETWORK_NAME: compose_default DEFAULT_NO_TLS_VERIFY: false GRACE_PERIOD_SECONDS: 600 LABEL_PREFIX: cloudflare.tunnel MAX_CONCURRENT_DNS_OPS: 3 RECONCILIATION_BATCH_SIZE: 3 SCAN_ALL_NETWORKS: false STATE_FILE_PATH: /app/data/state.json TRUSTED_PROXIES: 192.168.1.0/24,172.18.0.0/16 TUNNEL_DNS_SCAN_ZONE_NAMES: TUNNEL_NAME: dockflared-tunnel TZ: ${TZ} healthcheck: test: [ "CMD-SHELL", "wget -qO- --server-response http://localhost:5000/ping 2>&1 | awk '/^ HTTP/{code=$2} /^[^{]/{next} {print; fflush()} END{exit (code>=400 || code==0)}' >/dev/null", ] interval: 1m30s timeout: 30s retries: 5 start_period: 30s image: alplat/dockflare:stable@sha256:ff2807c696b0752767716825e7b3d9f7d4f353e7ea8a323dc2b7cc174ad27ef7 # Or :unstable for the latest features labels: homepage.group: Privacy/Security homepage.name: DockFlare homepage.href: https://cftunn.${MY_TLD} homepage.icon: sh-dockflare.svg homepage.description: Cloudflare Tunnel controller homepage.widget.type: cloudflared homepage.widget.accountid: ${CLOUDFLARE_ACCOUNT_ID} homepage.widget.tunnelid: ${DOCKFLARE_CLOUDFLARE_TUNNEL_ID} homepage.widget.key: ${CLOUDFLAREDDNS_ENVIRONMENT_APITOKEN} swag: enable swag_proto: http swag_url: cftunn.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: DockFlare swag.uptime-kuma.monitor.url: https://cftunn.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ### EXAMPLE CF TUNNEL LABELS ### # Enable DockFlare management for this container # - "cloudflare.tunnel.enable=true" # The public hostname to expose # - "cloudflare.tunnel.hostname=my-service.example.com" # The internal service address (protocol://container_name_or_ip:port) # Service type (http, https, tcp, ssh, rdp, http_status) is inferred from the prefix. # - "cloudflare.tunnel.service=http://my-service:80" # Optional: Specify a URL path. Only requests to hostname/path will match. # - "cloudflare.tunnel.path=/app" # Optional: Specify a different Cloudflare Zone for this hostname # - "cloudflare.tunnel.zonename=another.example.com" # Optional: Disable TLS verification if your internal service uses HTTP or a self-signed cert # - "cloudflare.tunnel.no_tls_verify=true" # Optional: Specify Origin Server Name (SNI) for TLS connection to origin # - "cloudflare.tunnel.originsrvname=internal.service.local" ports: - 20756:5000 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - dockflare_data:/app/data dockpeek: container_name: dockpeek image: ghcr.io/dockpeek/dockpeek:v1.7.2@sha256:87654d0104eacff48a70c7c1eea6126f19f5803b21bfdace842ae765351593b4 depends_on: docker-socket-proxy: condition: service_started required: true environment: SECRET_KEY: ${DOCKPEEK_SECRET_KEY} USERNAME: admin PASSWORD: ${DOCKPEEK_PASSWORD} DOCKER_HOST: tcp://192.168.1.254:2375 DOCKER_HOST_NAME: Rinoa DOCKER_HOST_PUBLIC_HOSTNAME: 192.168.1.254 DOCKER_HOST_1_URL: tcp://192.168.1.250:2375 DOCKER_HOST_1_NAME: Benedikta DOCKER_HOST_1_PUBLIC_NAME: 192.168.1.250 DOCKER_HOST_2_URL: tcp://192.168.1.252:2375 DOCKER_HOST_2_NAME: Rikku DOCKER_HOST_2_PUBLIC_NAME: 192.168.1.252 DOCKER_HOST_3_URL: tcp://192.168.1.249:2375 DOCKER_HOST_3_NAME: Ultima DOCKER_HOST_3_PUBLIC_NAME: 192.168.1.249 DOCKER_HOST_4_URL: tcp://192.168.1.241:2375 DOCKER_HOST_4_NAME: Aranea DOCKER_HOST_4_PUBLIC_NAME: 192.168.1.241 DOCKER_HOST_5_URL: tcp://192.168.1.240:2375 DOCKER_HOST_5_NAME: Paine DOCKER_HOST_5_PUBLIC_NAME: 192.168.1.240 labels: swag: enable swag_proto: http swag_port: 8000 swag_url: ports.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Dockpeek swag.uptime-kuma.monitor.url: https://ports.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: System Administration homepage.name: Dockpeek homepage.href: https://ports.${MY_TLD} homepage.icon: sh-dockpeek.svg homepage.description: Real-time port monitoring and discovery ports: - 3420:8000 profiles: ["rinoa-apps"] restart: unless-stopped duplicati: container_name: duplicati environment: PGID: ${PGID} PUID: ${PUID} TZ: ${TZ} hostname: Rinoa image: lscr.io/linuxserver/duplicati:latest@sha256:d681e5213fa0871efa573856ed838d38150231df66c7de4b3dbe6980290f2571 labels: swag: enable swag_port: 8200 swag_proto: http swag_url: dup.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Duplicati swag.uptime-kuma.monitor.url: https://dup.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Automation homepage.name: Duplicati homepage.href: https://dup.${MY_TLD} homepage.icon: duplicati.png homepage.description: Data backup networks: default: null ports: - 8282:8200 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/duplicati target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind - bind: create_host_path: true source: /home/charish/.config/appdata/backups target: /backups type: bind - bind: create_host_path: true source: /home/charish/.config/appdata target: /source type: bind excalidraw: container_name: excalidraw image: "excalidraw/excalidraw:latest@sha256:20ffa04668e19616bb0c1b3632849e5cd96\ e0bc7a1336b73d9d072667f2c2854" labels: homepage.group: Personal Tools homepage.name: Excalidraw homepage.href: https://draw.${MY_TLD} homepage.icon: excalidraw.svg homepage.description: Virtual whiteboard for sketching hand-drawn like diagrams swag: enable swag_proto: http swag_url: draw.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Excalidraw swag.uptime-kuma.monitor.url: https://draw.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 53721:80 profiles: ["rinoa-apps"] restart: unless-stopped explo: container_name: explo environment: TZ: ${TZ} WEEKLY_EXPLORATION_SCHEDULE: 0 8 * * 2 WEEKLY_EXPLORATION_FLAGS: WEEKLY_JAMS_SCHEDULE: 30 00 * * 1 WEEKLY_JAMS_FLAGS: --playlist=weekly-jams --download-mode=skip DAILY_JAMS_SCHEDULE: 30 2 * * * DAILY_JAMS_FLAGS: --playlist=daily-jams --download-mode=skip image: ghcr.io/lumepart/explo:latest@sha256:d4b55bf5c8f2099815e1613a74d9d5ceb1ee6a3fc8f973a19c60cf842bc8d8df profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/explo/local.env:/opt/explo/.env - ${DOCKER_VOLUME_STORAGE}/Audio/Explo:/downloads # has to be in the same path you have your music system pointed to (it's recommended to put explo under a subfolder) - ${DOCKER_VOLUME_STORAGE}/Audio/Playlists:/playlists fastenhealth: container_name: fastenhealth image: ghcr.io/fastenhealth/fasten-onprem:main@sha256:d208351137e8ba6a06aacede0d87f459a8bb9fc2ed705e62f4a9ca3f693bd7ca labels: homepage.group: Lifestyle homepage.name: Fasten Health homepage.icon: sh-fasten-health.svg homepage.href: http://health.${MY_TLD} homepage.description: Open-source, self-hosted, personal/family electronic medical record aggregator swag: enable swag_proto: http swag_port: 8080 swag_url: health.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Fasten Health swag.uptime-kuma.monitor.url: https://health.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 8105:8080 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: fastenhealth-cache target: /opt/fasten/cache type: volume volume: {} - source: fastenhealth-db target: /opt/fasten/db type: volume volume: {} flaresolverr: container_name: flaresolverr environment: CAPTCHA_SOLVER: none LOG_HTML: false LOG_LEVEL: info PORT: 8191 TZ: America/New_York BROWSER_TIMEOUT: 40000 TEST_URL: https://duckduckgo.com hostname: Rinoa image: ghcr.io/flaresolverr/flaresolverr:latest@sha256:7962759d99d7e125e108e0f5e7f3cdbcd36161776d058d1d9b7153b92ef1af9e networks: default: null ports: - 8191:8191 profiles: ["rinoa-apps"] restart: unless-stopped sysctls: - net.ipv6.conf.all.disable_ipv6=1 volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind garage: container_name: garage image: dxflrs/garage:v2.3.0@sha256:866bd13ed2038ba7e7190e840482bc27234c4afaf77be8cfa439ae088c1e4690 ports: - 3900:3900 - 3901:3901 - 3902:3902 - 3903:3903 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/garage/garage.toml:/etc/garage.toml - ${DOCKER_VOLUME_CONFIG}/garage/meta:/var/lib/garage/meta - ${DOCKER_VOLUME_STORAGE}/garage_data:/var/lib/garage/data garage-webui: container_name: garage-webui depends_on: garage: condition: service_started required: true environment: API_BASE_URL: http://garage:3903 S3_ENDPOINT_URL: http://garage:3900 image: khairul169/garage-webui:latest@sha256:17c793551873155065bf9a022dabcde874de808a1f26e648d4b82e168806439c labels: homepage.group: System Administration homepage.name: Garage homepage.href: http://192.168.1.254:3909 homepage.icon: garage.svg homepage.description: S3-compatible storage backend ports: - 3909:3909 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/garage/garage.toml:/etc/garage.toml:ro ghost: container_name: ghost_blog depends_on: mariadb: condition: service_healthy required: true restart: true environment: database__client: mysql database__connection__host: mariadb database__connection__port: 3306 database__connection__user: ${GHOST_DB_USER} database__connection__password: ${GHOST_DB_PASSWORD} database__connection__database: ghost_db mail__transport: SMTP mail__options__host: postal-smtp mail__options__port: 25 mail__options__secure: false mail__options__auth__user: ${POSTAL_SMTP_AUTH_USER} mail__options__auth__pass: ${POSTAL_SMTP_AUTH_PASSWORD} mail__from: "'Ghost @ Rinoa' " url: https://blog.${MY_TLD} image: ghost:latest@sha256:588d5f5ed5ac6e94925860f76b2b14a18cf5d71c58a236f8817c600a9454fe2d labels: homepage.group: Lifestyle homepage.name: Ghost homepage.href: https://blog.${MY_TLD} homepage.icon: ghost.png homepage.description: Personal blog swag: enable swag_port: 2368 swag_proto: http swag_url: blog.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Ghost swag.uptime-kuma.monitor.url: https://blog.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 2368:2368 profiles: ["rinoa-apps"] restart: always volumes: - ${DOCKER_VOLUME_CONFIG}/ghost:/var/lib/ghost/content gitea: container_name: gitea depends_on: gitea-db: condition: service_healthy required: true environment: USER_UID: ${PUID} USER_GID: ${PGID} GITEA__database__DB_TYPE: postgres GITEA__database__HOST: gitea-db:5432 GITEA__database__NAME: gitea GITEA__database__USER: gitea GITEA__database__PASSWD: ${GITEA_PG_DB_PASSWORD} GITEA__mailer__ENABLED: true GITEA__mailer__FROM: '"Gitea" ' GITEA__mailer__PROTOCOL: smtp GITEA__mailer__SMTP_ADDR: postal-smtp GITEA__mailer__SMTP_PORT: 25 GITEA__mailer__USER: ${POSTAL_SMTP_AUTH_USER} GITEA__mailer__PASSWD: ${POSTAL_SMTP_AUTH_PASSWORD} image: gitea/gitea:1.26.2@sha256:7d13848af12645600a5f9d93ee2560daa9c6fa6b5b859b7bff3a5e1c0b661031 labels: cloudflare.tunnel.enable: true cloudflare.tunnel.hostname: git-ssh.${MY_TLD} cloudflare.tunnel.service: http://gitea:22 cloudflare.tunnel.no_tls_verify: true homepage.group: Code/DevOps homepage.name: Gitea homepage.href: https://git.${MY_TLD} homepage.icon: gitea.svg homepage.description: Private Code Repo homepage.widget.type: gitea homepage.widget.url: http://gitea:3000 homepage.widget.key: ${GITEA_HOMEPAGE_API_KEY} swag: enable swag_url: git.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Gitea swag.uptime-kuma.monitor.url: https://git.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 3013:3000 - 222:22 profiles: ["rinoa-infra"] restart: always volumes: - source: ${DOCKER_VOLUME_CONFIG}/gitea target: /data/gitea type: bind bind: create_host_path: true - bind: create_host_path: true read_only: true source: /etc/timezone target: /etc/timezone type: bind - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind gitea-db: container_name: gitea-db environment: POSTGRES_USER: gitea POSTGRES_PASSWORD: ${GITEA_PG_DB_PASSWORD} POSTGRES_DB: gitea expose: - 5432 healthcheck: interval: 10s start_period: 20s test: ["CMD-SHELL", "pg_isready -U gitea -d gitea"] image: postgres:14@sha256:a209aced4fa19381231fae4d9a4c5816f7691294f13572f8bddc082ba32e1c7c networks: default: null profiles: ["rinoa-infra"] restart: always volumes: - source: gitea-pg-db target: /var/lib/postgresql/data type: volume volume: {} gitea-runner: container_name: gitea-runner depends_on: gitea: condition: service_started environment: CONFIG_FILE: /config.yaml GITEA_INSTANCE_URL: http://gitea:3000 GITEA_RUNNER_REGISTRATION_TOKEN: "${GITEA_RUNNER_REGISTRATION_TOKEN}" GITEA_RUNNER_NAME: "gitea-runner-1" image: gitea/act_runner:nightly@sha256:7940221bcfc9df16f3401ddafb2231bf98bba5517bc381224c7a2c504b558974 ports: - 63604:63604 profiles: ["rinoa-infra"] restart: always volumes: - ${DOCKER_VOLUME_CONFIG}/gitea/act-runner/config.yaml:/config.yaml - /var/run/docker.sock:/var/run/docker.sock gitea-sonarqube-bot: container_name: gitea-sonarqube-bot depends_on: gitea: condition: service_started sonarqube: condition: service_started image: justusbunsi/gitea-sonarqube-bot:v0.4.0@sha256:18dd43b470d9a470e27d5999dd7dcbb44423d5c4466ae56dd7c1722f23115673 environment: GITEA_SQ_BOT_PORT: 58525 GITEA_SQ_BOT_CONFIG_PATH: /home/bot/config/config.yaml ports: - 58525:58525 profiles: ["rinoa-infra"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/gitea/sonarqube-bot/:/home/bot/config/ gitignore-io: container_name: gitignore-io image: guog/gitignore.io:latest@sha256:27b0bc3e9eb81adaee39fb6f77169ea9cbef164bcab049d29bcab68d154013ad labels: homepage.group: Code/DevOps homepage.name: gitignore-io homepage.href: https://gitignore.${MY_TLD} homepage.icon: /icons/gitignore-io.svg homepage.description: .gitignore generator swag: enable swag_url: gitignore.${MY_TLD} swag_address: gitignore-io swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: gitignore-io swag.uptime-kuma.monitor.url: https://gitignore.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 14822:8080 profiles: ["rinoa-apps"] restart: unless-stopped gluetun: cap_add: - NET_ADMIN container_name: gluetun environment: OPENVPN_PASSWORD: ${DELUGEVPN_ENVIRONMENT_VPN_PASS} OPENVPN_USER: ${DELUGEVPN_ENVIRONMENT_VPN_USER} PORT_FORWARD_ONLY: true SERVER_REGIONS: Bahamas,Belgium,Cyprus,Estonia,FI Helsinki,Iceland,Latvia,Lithuania,Luxembourg,Montenegro,Netherlands,Portugal,DK Copenhagen,Ukraine,Uruguay VPN_SERVICE_PROVIDER: private internet access expose: - 8000 image: qmcgaw/gluetun:latest@sha256:18a0abe7a020acdf9f80db45440d18487239abde5495a357ceb36517f7ea67cf ports: - 3333:3333 - 3334:3334 - 5030:5030 - 5031:5031 - 50300:50300 profiles: ["rinoa-apps"] restart: always gotify: container_name: gotify environment: GOTIFY_SERVER_PORT: 80 GOTIFY_SERVER_KEEPALIVEPERIODSECONDS: 0 GOTIFY_SERVER_LISTENADDR: GOTIFY_SERVER_SSL_ENABLED: false GOTIFY_SERVER_SSL_REDIRECTTOHTTPS: true GOTIFY_SERVER_SSL_LISTENADDR: GOTIFY_SERVER_SSL_PORT: 443 GOTIFY_SERVER_SSL_CERTFILE: GOTIFY_SERVER_SSL_CERTKEY: GOTIFY_SERVER_SSL_LETSENCRYPT_ENABLED: false GOTIFY_SERVER_SSL_LETSENCRYPT_ACCEPTTOS: false GOTIFY_SERVER_SSL_LETSENCRYPT_CACHE: certs GOTIFY_SERVER_STREAM_PINGPERIODSECONDS: 45 GOTIFY_DATABASE_DIALECT: sqlite3 GOTIFY_DATABASE_CONNECTION: data/gotify.db GOTIFY_DEFAULTUSER_NAME: admin GOTIFY_DEFAULTUSER_PASS: ${GOTIFY_PASSWORD} GOTIFY_PASSSTRENGTH: 10 GOTIFY_UPLOADEDIMAGESDIR: data/images GOTIFY_PLUGINSDIR: data/plugins GOTIFY_REGISTRATION: false image: gotify/server@sha256:a3af47067ce6aad76aadf5ba32d6ddfecd1ae576a961359f039fd1831e8b7652 labels: homepage.group: Infrastructure/App Performance Monitoring homepage.name: Gotify homepage.href: https://gotify.${MY_TLD} homepage.icon: gotify.png homepage.description: Notification System homepage.widget.type: gotify homepage.widget.url: http://gotify homepage.widget.key: ${GOTIFY_HOMEPAGE_CLIENT_KEY} swag: enable swag_proto: http swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Gotify swag.uptime-kuma.monitor.url: https://gotify.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 8097:80 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/gotify target: /app/data type: bind bind: create_host_path: true guacamole: container_name: guacamole environment: DOCKER_HOST: tcp:/${DOCKER_VOLUME_CONFIG}proxy:2375 EXTENSIONS: "auth-totp" TZ: ${TZ} image: flcontainers/guacamole:latest@sha256:81a420f386ef8cbb4697208e13ea90f6a10a54619981241bed672e4a41b5f77f labels: homepage.group: System Administration homepage.name: Guacamole homepage.description: Client-less remote desktop gateway homepage.href: https://guac.${MY_TLD} homepage.icon: guacamole.svg swag: enable swag_proto: http swag_port: 8080 swag_url: guac.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Guacamole swag.uptime-kuma.monitor.url: https://guac.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 62173:8080 profiles: ["rinoa-apps"] restart: always volumes: - ${DOCKER_VOLUME_CONFIG}/guacamole/:/config - /etc/localtime:/etc/localtime:ro homepage: container_name: homepage environment: HOMEPAGE_ALLOWED_HOSTS: ${MY_TLD} PUID: ${PUID} PGID: ${PGID} image: ghcr.io/gethomepage/homepage:latest@sha256:d8d784e5090111b6e4c56dfd90e272d2953a2094e87349f647165df0fa6c4401 labels: swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Homepage swag.uptime-kuma.monitor.url: https://${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 3004:3000 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/homepage:/app/config - ${DOCKER_VOLUME_CONFIG}/homepage/images:/app/public/images - ${DOCKER_VOLUME_CONFIG}/homepage/icons:/app/public/icons - ${DOCKER_VOLUME_STORAGE}:/rinoa-storage:ro hugo: command: hugo server --baseURL "it-services.${MY_TLD}" --bind 0.0.0.0 --appendPort=false --source=/src/ --configDir=/src/config/ -e production --logLevel debug container_name: hugo image: hugomods/hugo:exts@sha256:dcbc5b53c4e53bb74a7c986caf58a3954395a1e9d8dc9bb492f2c610a7cf6eb0 labels: swag: enable swag_proto: http swag_port: 1313 swag_url: it-services.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Hugo swag.uptime-kuma.monitor.url: https://it-services.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Professional Services homepage.name: Hugo homepage.href: https://it-services.${MY_TLD} homepage.icon: hugo.svg homepage.description: Static site ports: - 1313:1313 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/hugo/:/src - ${DOCKER_VOLUME_CONFIG}/hugo/cache:/tmp/hugo_cache immich-server: container_name: immich-server depends_on: immich-valkey: condition: service_healthy required: true immich-pg-db: condition: service_healthy required: true restart: true immich-machine-learning: condition: service_healthy required: true restart: true environment: DB_DATABASE_NAME: immich DB_HOSTNAME: immich-pg-db DB_PORT: 5432 DB_USERNAME: immich DB_PASSWORD: ${IMMICH_DB_PASSWORD} IMMICH_LOG_LEVEL: error IMMICH_TELEMETRY_INCLUDE: all IMMICH_API_METRICS_PORT: 8081 IMMICH_MICROSERVICES_METRICS_PORT: 8082 REDIS_HOSTNAME: immich-valkey REDIS_PORT: 6379 REDIS_DBINDEX: 0 healthcheck: disable: false image: ghcr.io/immich-app/immich-server:release@sha256:c15bff75068effb03f4355997d03dc7e0fc58720c2b54ad6f7f10d1bc57efaa5 labels: swag: enable swag_proto: http swag_port: 2283 swag_url: pics.${MY_TLD} swag_server_custom_directive: | location /share { proxy_pass http://immich-public-proxy:3000; } location /tools { proxy_pass http://immich-power-tools:3000; } swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Immich swag.uptime-kuma.monitor.url: https://pics.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Media Library homepage.name: Immich homepage.href: https://pics.${MY_TLD} homepage.icon: immich.svg homepage.description: High performance self-hosted photo and video management solution homepage.widget.type: immich homepage.widget.url: http://immich-server:2283 homepage.widget.key: ${IMMICH_POWER_TOOLS_KEY} homepage.widget.version: 2 ports: - 2283:2283 - 42239:8081 - 42015:8082 profiles: ["rinoa-apps"] restart: always volumes: # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file - ${DOCKER_VOLUME_STORAGE}/Pics:/usr/src/app/upload - /etc/localtime:/etc/localtime:ro immich-machine-learning: container_name: immich-machine-learning healthcheck: disable: false image: ghcr.io/immich-app/immich-machine-learning:release@sha256:a2501141440f10516d329fdfba2c68082e19eb9ba6016c061ac80d23beadf7f3 profiles: ["rinoa-apps"] restart: always volumes: - immich-model-cache:/cache immich-pg-db: command: >- postgres -c shared_preload_libraries=vectors.so -c 'search_path="$$user", public, vectors' -c logging_collector=on -c max_wal_size=2GB -c shared_buffers=512MB -c wal_compression=on container_name: immich-pg-db environment: POSTGRES_PASSWORD: ${IMMICH_DB_PASSWORD} POSTGRES_USER: immich POSTGRES_DB: immich expose: - 5432 healthcheck: test: >- pg_isready --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" || exit 1; Chksum="$$(psql --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1 interval: 5m start_interval: 30s start_period: 5m image: tensorchord/pgvecto-rs:pg14-v0.2.1@sha256:9172feae86a211bc502db4ec2d3309a57329060b031d91796d39f45d1d698ef3 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/immich/db:/var/lib/postgresql/data immich-public-proxy: container_name: immich-public-proxy depends_on: immich-server: condition: service_healthy required: true environment: IMMICH_URL: http://immich-server:2283 expose: - 3000 healthcheck: test: wget -q --spider http://localhost:3000/share/healthcheck || exit 1 start_period: 10s timeout: 5s image: alangrainger/immich-public-proxy:latest@sha256:6aeb25d05155049f4600f1b40469c735cecaa99c22e3a943a3fe3ce02a1ae7f7 labels: homepage.group: Lifestyle homepage.name: Immich Public Proxy homepage.href: https://pics.${MY_TLD}/share homepage.icon: sh-immich-public-proxy.svg homepage.description: Immich Proxy for public sharing homepage.widget.type: immich homepage.widget.url: http://immich-server:2283 homepage.widget.key: ${IMMICH_POWER_TOOLS_KEY} homepage.widget.version: 2 swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Immich Public Proxy swag.uptime-kuma.monitor.url: https://pics.${MY_TLD}/share swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 profiles: ["rinoa-apps"] restart: always immich-power-tools: container_name: immich-power-tools environment: DB_DATABASE_NAME: immich DB_HOSTNAME: immich-pg-db DB_PORT: 5432 DB_USERNAME: immich DB_PASSWORD: ${IMMICH_DB_PASSWORD} EXTERNAL_IMMICH_URL: https://pics.${MY_TLD} IMMICH_API_KEY: ${IMMICH_POWER_TOOLS_KEY} IMMICH_URL: http://immich-server:2283 image: ghcr.io/varun-raj/immich-power-tools:latest@sha256:8e7a25ed0e99c9c323012e306fde6c97a1004765742c8802ad03c95503679e77 ports: - 54018:3000 profiles: ["rinoa-apps"] restart: unless-stopped immich-valkey: container_name: immich-valkey <<: *valkey-params volumes: - immich-valkey-data:/data/valkey influxdb2: container_name: influxdb2 environment: DOCKER_INFLUXDB_INIT_MODE: setup DOCKER_INFLUXDB_INIT_USERNAME: admin DOCKER_INFLUXDB_INIT_PASSWORD: ${INFLUXDB2_ADMIN_PASSWORD} DOCKER_INFLUXDB_INIT_ADMIN_TOKEN: /run/secrets/influxdb2-admin-token DOCKER_INFLUXDB_INIT_ORG: rinoa DOCKER_INFLUXDB_INIT_BUCKET: rinoa image: influxdb:2-alpine@sha256:1cb8fa92ff9d13518d8198dae872b7ea523757a03c655d12a67175b1ab7a72f0 labels: swag: enable swag_proto: http swag_port: 8086 swag_url: influxdb.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.monitor.url: https://influxdb.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 homepage.group: System Administration homepage.name: InfluxDBv2 homepage.href: https://influxdb.${MY_TLD} homepage.icon: influxdb.svg homepage.description: Scalable datastore for metrics, events, and real-time analytics ports: - 8086:8086 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - influxdb2-data:/var/lib/influxdb2 - influxdb2-config:/etc/influxdb2 invidious: container_name: invidious depends_on: invidious-db: condition: service_started required: true environment: INVIDIOUS_CONFIG_FILE: /config.yml healthcheck: interval: 30s retries: 2 test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/trending || exit 1 timeout: 5s image: quay.io/invidious/invidious:latest@sha256:9d972ea5930c2e170b3c4d49bdd9fa09bf03f077d555f58747342062dffc5876 labels: swag: enable swag_proto: http swag_port: 3000 swag_url: invid.${MY_TLD} swag_server_custom_directive: | location /companion { proxy_pass http://invidious-companion:8282; } swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Invidious swag.uptime-kuma.monitor.url: https://invid.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Social homepage.name: Invidious homepage.href: https://invid.${MY_TLD} homepage.icon: invidious.svg homepage.description: Alternative YouTube frontend (privacy-focused, ad-blocking) networks: default: null ports: - 3007:3000 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/invidious/config.yml:/config.yml invidious-companion: cap_drop: - ALL container_name: invidious-companion environment: SERVER_SECRET_KEY: ${INVID_COMPANION_KEY} image: quay.io/invidious/invidious-companion:latest@sha256:1ddd3f1c6ba5c4b8b786b91830926bb510376918a7d43b2f142df6650c239951 logging: options: max-size: "1G" max-file: "4" ports: - 16290:8282 profiles: ["rinoa-apps"] read_only: true restart: unless-stopped security_opt: - no-new-privileges:true volumes: - invidious-companion-cache:/var/tmp/youtubei.js:rw invidious-db: container_name: invidious-db environment: POSTGRES_DB: invidious POSTGRES_PASSWORD: ${INVID_PG_DB_PASSWORD} POSTGRES_USER: kemal healthcheck: test: - CMD-SHELL - pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB image: docker.io/library/postgres:14@sha256:d462928b1898dd74b749ef486797968828c1e7fc9befb5e5ca03a33bfbc32d64 networks: default: null profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: invidious-postgres target: /var/lib/postgresql/data type: volume volume: {} - source: ${DOCKER_VOLUME_CONFIG}/invidious/sql target: /config/sql type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/invidious/entrypoint/init-invidious-db.sh target: ${DOCKER_VOLUME_CONFIG}-entrypoint-initdb.d/init-invidious-db.sh type: bind bind: create_host_path: true it-tools: container_name: it-tools image: ghcr.io/corentinth/it-tools:latest@sha256:8b8128748339583ca951af03dfe02a9a4d7363f61a216226fc28030731a5a61f labels: swag: enable swag_proto: http swag_url: itt.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: IT-Tools swag.uptime-kuma.monitor.url: https://itt.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Code/DevOps homepage.name: IT-Tools homepage.href: https://itt.${MY_TLD} homepage.icon: it-tools.svg homepage.description: Useful tools for developers and people working in IT networks: default: null ports: - 8104:80 profiles: ["rinoa-apps"] restart: unless-stopped jellyfin: container_name: jellyfin environment: JELLYFIN_PublishedServerUrl: https://jf.${MY_TLD} image: jellyfin/jellyfin@sha256:bc9fa8e1462fffe3d8d4255fc62af478602641f4c0e5f4875fea8563d1189837 labels: homepage.group: Media Library homepage.name: Jellyfin homepage.icon: jellyfin.svg homepage.href: https://jf.${MY_TLD} homepage.description: Movie/TV Streaming homepage.widget.type: jellyfin homepage.widget.url: http://jellyfin:8096 homepage.widget.key: ${JELLYFIN_API_KEY} homepage.widget.enableBlocks: true homepage.widget.enableNowPlaying: true homepage.widget.enableUser: true homepage.widget.showEpisodeNumber: true homepage.widget.expandOneStreamToTwoRows: false swag: enable swag_url: jf.${MY_TLD} swag_port: 8096 swag_proto: http swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Jellyfin swag.uptime-kuma.monitor.url: https://jf.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 8487:8096 - 7359:7359 - 1900:1900 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/jellyfin:/config - ${DOCKER_VOLUME_CONFIG}/jellyfin/cache:/cache - ${DOCKER_VOLUME_STORAGE}/TV_Shows:/storage/tv - ${DOCKER_VOLUME_STORAGE}/Movies:/storage/movies - /etc/localtime:/etc/localtime - /usr/share/fonts:/usr/local/share/fonts/custom jitsi-etherpad: container_name: jitsi-etherpad environment: TITLE: ${JITSI__ETHERPAD_TITLE} DEFAULT_PAD_TEXT: ${JITSI__ETHERPAD_DEFAULT_PAD_TEXT} SKIN_NAME: ${JITSI__ETHERPAD_SKIN_NAME} SKIN_VARIANTS: ${JITSI__ETHERPAD_SKIN_VARIANTS} SUPPRESS_ERRORS_IN_PAD_TEXT: true hostname: etherpad.meet.jitsi image: etherpad/etherpad:1.9.7@sha256:d1d6a772dd49e2d920fda874cdae2d4a43f24ba5713a1e330b6342fbab3eb5ec networks: default: null profiles: ["rinoa-apps"] restart: unless-stopped jitsi-jibri: cap_add: - SYS_ADMIN container_name: jitsi-jibri depends_on: jitsi-jicofo: condition: service_started required: true environment: AUTOSCALER_SIDECAR_KEY_FILE: AUTOSCALER_SIDECAR_KEY_ID: AUTOSCALER_SIDECAR_GROUP_NAME: AUTOSCALER_SIDECAR_HOST_ID: AUTOSCALER_SIDECAR_INSTANCE_ID: AUTOSCALER_SIDECAR_PORT: AUTOSCALER_SIDECAR_REGION: AUTOSCALER_SIDECAR_SHUTDOWN_POLLING_INTERVAL: AUTOSCALER_SIDECAR_STATS_POLLING_INTERVAL: AUTOSCALER_URL: CHROMIUM_FLAGS: DISPLAY: :0 ENABLE_STATS_D: JIBRI_WEBHOOK_SUBSCRIBERS: JIBRI_HTTP_API_EXTERNAL_PORT: JIBRI_HTTP_API_INTERNAL_PORT: JIBRI_RECORDING_RESOLUTION: JIBRI_RECORDING_VIDEO_ENCODE_PRESET: JIBRI_RECORDING_CONSTANT_RATE_FACTOR: JIBRI_RECORDING_FRAMERATE: JIBRI_RECORDING_QUEUE_SIZE: JIBRI_RECORDING_STREAMING_MAX_BITRATE: JIBRI_USAGE_TIMEOUT: JIBRI_XMPP_USER: JIBRI_XMPP_PASSWORD: ${JITSI__JIBRI_XMPP_PASSWORD} JIBRI_BREWERY_MUC: JIBRI_RECORDER_USER: jibri-recorder JIBRI_RECORDER_PASSWORD: ${JITSI__JIBRI_RECORDER_PASSWORD} JIBRI_RECORDING_DIR: JIBRI_FINALIZE_RECORDING_SCRIPT_PATH: JIBRI_STRIP_DOMAIN_JID: JIBRI_STATSD_HOST: JIBRI_STATSD_PORT: LOCAL_ADDRESS: PUBLIC_URL: ${JITSI__PUBLIC_URL} TZ: ${TZ} XMPP_AUTH_DOMAIN: XMPP_DOMAIN: XMPP_INTERNAL_MUC_DOMAIN: XMPP_MUC_DOMAIN: XMPP_RECORDER_DOMAIN: XMPP_SERVER: XMPP_PORT: XMPP_TRUST_ALL_CERTS: image: jitsi/jibri:${JITSI_IMAGE_VERSION:-stable} networks: default: null profiles: ["rinoa-apps"] restart: unless-stopped shm_size: 2gb volumes: - source: ${DOCKER_VOLUME_CONFIG}/jitsi/jibri target: /config type: bind bind: create_host_path: true jitsi-jicofo: container_name: jitsi-jicofo depends_on: jitsi-prosody: condition: service_started required: true environment: AUTH_TYPE: BRIDGE_AVG_PARTICIPANT_STRESS: BRIDGE_STRESS_THRESHOLD: ENABLE_AUTH: ENABLE_AUTO_OWNER: ENABLE_CODEC_VP8: ENABLE_CODEC_VP9: ENABLE_CODEC_H264: ENABLE_CODEC_OPUS_RED: ENABLE_JVB_XMPP_SERVER: ENABLE_OCTO: ENABLE_RECORDING: 1 ENABLE_SCTP: ENABLE_AUTO_LOGIN: JICOFO_AUTH_LIFETIME: JICOFO_AUTH_PASSWORD: ${JITSI__JICOFO_AUTH_PASSWORD} JICOFO_AUTH_TYPE: JICOFO_BRIDGE_REGION_GROUPS: JICOFO_ENABLE_AUTH: JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS: JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT: JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT: JICOFO_CONF_SOURCE_SIGNALING_DELAYS: JICOFO_CONF_MAX_AUDIO_SENDERS: JICOFO_CONF_MAX_VIDEO_SENDERS: JICOFO_CONF_STRIP_SIMULCAST: JICOFO_CONF_SSRC_REWRITING: JICOFO_ENABLE_HEALTH_CHECKS: JICOFO_ENABLE_REST: JICOFO_HEALTH_CHECKS_USE_PRESENCE: JICOFO_MULTI_STREAM_BACKWARD_COMPAT: JICOFO_OCTO_REGION: JIBRI_BREWERY_MUC: JIBRI_REQUEST_RETRIES: JIBRI_PENDING_TIMEOUT: JIGASI_BREWERY_MUC: JIGASI_SIP_URI: JVB_BREWERY_MUC: JVB_XMPP_AUTH_DOMAIN: JVB_XMPP_INTERNAL_MUC_DOMAIN: JVB_XMPP_PORT: JVB_XMPP_SERVER: MAX_BRIDGE_PARTICIPANTS: OCTO_BRIDGE_SELECTION_STRATEGY: SENTRY_DSN: "${JICOFO_SENTRY_DSN:-0}" SENTRY_ENVIRONMENT: SENTRY_RELEASE: TZ: ${TZ} XMPP_DOMAIN: XMPP_AUTH_DOMAIN: XMPP_INTERNAL_MUC_DOMAIN: XMPP_MUC_DOMAIN: XMPP_RECORDER_DOMAIN: XMPP_SERVER: XMPP_PORT: image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable} networks: default: null ports: - 8889:8888 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/jicofo target: /config type: bind jitsi-jigasi: container_name: jitsi-jigasi depends_on: jitsi-prosody: condition: service_started required: true environment: ENABLE_AUTH: 1 ENABLE_GUESTS: 1 XMPP_AUTH_DOMAIN: XMPP_GUEST_DOMAIN: XMPP_MUC_DOMAIN: XMPP_INTERNAL_MUC_DOMAIN: XMPP_SERVER: XMPP_PORT: XMPP_DOMAIN: PUBLIC_URL: ${JITSI__PUBLIC_URL} JIGASI_DISABLE_SIP: JIGASI_SIP_URI: ${JITSI__SIP_URI} JIGASI_SIP_PASSWORD: ${JITSI__JIGAGI_SIP_PASSWORD} JIGASI_SIP_SERVER: ${JITSI__JIGAGI_SIP_SERVER} JIGASI_SIP_PORT: ${JITSI__JIGAGI_SIP_PORT} JIGASI_SIP_TRANSPORT: ${JITSI__JIGAGI_SIP_TRANSPORT} JIGASI_SIP_DEFAULT_ROOM: JIGASI_XMPP_USER: JIGASI_XMPP_PASSWORD: ${JITSI__JIGASI_XMPP_PASSWORD} JIGASI_BREWERY_MUC: JIGASI_PORT_MIN: JIGASI_PORT_MAX: JIGASI_HEALTH_CHECK_SIP_URI: JIGASI_HEALTH_CHECK_INTERVAL: JIGASI_SIP_KEEP_ALIVE_METHOD: JIGASI_ENABLE_SDES_SRTP: ENABLE_TRANSCRIPTIONS: 1 JIGASI_TRANSCRIBER_ADVERTISE_URL: JIGASI_TRANSCRIBER_RECORD_AUDIO: JIGASI_TRANSCRIBER_SEND_TXT: GC_PROJECT_ID: GC_PRIVATE_KEY_ID: GC_PRIVATE_KEY: GC_CLIENT_EMAIL: GC_CLIENT_ID: GC_CLIENT_CERT_URL: SHUTDOWN_REST_ENABLED: SENTRY_DSN: "${JIGASI_SENTRY_DSN:-0}" SENTRY_ENVIRONMENT: SENTRY_RELEASE: TZ: ${TZ} image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-stable} networks: default: null ports: - 20000-20050:20000-20050/udp profiles: ["rinoa-apps"] restart: unless-stopped volumes: - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/jigasi target: /config type: bind - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/transcripts target: /tmp/transcripts type: bind jitsi-jvb: container_name: video.meet.jitsi depends_on: jitsi-prosody: condition: service_started required: true environment: DOCKER_HOST_ADDRESS: ENABLE_COLIBRI_WEBSOCKET: ENABLE_JVB_XMPP_SERVER: ENABLE_OCTO: JVB_ADVERTISE_IPS: 192.168.1.254 JVB_ADVERTISE_PRIVATE_CANDIDATES: JVB_AUTH_USER: JVB_AUTH_PASSWORD: ${JITSI__JVB_AUTH_PASSWORD} JVB_BREWERY_MUC: JVB_DISABLE_STUN: JVB_PORT: JVB_MUC_NICKNAME: JVB_STUN_SERVERS: JVB_OCTO_BIND_ADDRESS: JVB_OCTO_REGION: JVB_OCTO_RELAY_ID: JVB_WS_DOMAIN: JVB_WS_SERVER_ID: JVB_XMPP_AUTH_DOMAIN: JVB_XMPP_INTERNAL_MUC_DOMAIN: JVB_XMPP_PORT: JVB_XMPP_SERVER: PUBLIC_URL: ${JITSI__PUBLIC_URL} SENTRY_DSN: "${JVB_SENTRY_DSN:-0}" SENTRY_ENVIRONMENT: SENTRY_RELEASE: COLIBRI_REST_ENABLED: SHUTDOWN_REST_ENABLED: TZ: ${TZ} XMPP_AUTH_DOMAIN: XMPP_INTERNAL_MUC_DOMAIN: XMPP_SERVER: XMPP_PORT: image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable} networks: default: null ports: - 10000:10000/udp - 8091:8080 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/jvb target: /config type: bind jitsi-prosody: container_name: xmpp.meet.jitsi environment: AUTH_TYPE: DISABLE_POLLS: ENABLE_AUTH: ENABLE_AV_MODERATION: ENABLE_BREAKOUT_ROOMS: ENABLE_END_CONFERENCE: ENABLE_GUESTS: 1 ENABLE_IPV6: ENABLE_LOBBY: 1 ENABLE_RECORDING: 1 ENABLE_XMPP_WEBSOCKET: ENABLE_JAAS_COMPONENTS: GC_TYPE: GC_INC_TH: GC_INC_SPEED: GC_INC_STEP_SIZE: GC_GEN_MIN_TH: GC_GEN_MAX_TH: GLOBAL_CONFIG: GLOBAL_MODULES: JIBRI_RECORDER_USER: JIBRI_RECORDER_PASSWORD: ${JITSI__JIBRI_RECORDER_PASSWORD} JIBRI_XMPP_USER: JIBRI_XMPP_PASSWORD: ${JITSI__JIBRI_XMPP_PASSWORD} JICOFO_AUTH_PASSWORD: ${JITSI__JICOFO_AUTH_PASSWORD} JICOFO_COMPONENT_SECRET: JIGASI_XMPP_USER: JIGASI_XMPP_PASSWORD: ${JITSI__JIGASI_XMPP_PASSWORD} JIGASI_TRANSCRIBER_PASSWORD: ${JITSI__JIGASI_TRANSCRIBER_PASSWORD} JVB_AUTH_USER: JVB_AUTH_PASSWORD: ${JITSI__JVB_AUTH_PASSWORD} JWT_APP_ID: JWT_APP_SECRET: JWT_ACCEPTED_ISSUERS: JWT_ACCEPTED_AUDIENCES: JWT_ASAP_KEYSERVER: JWT_ALLOW_EMPTY: JWT_AUTH_TYPE: JWT_ENABLE_DOMAIN_VERIFICATION: JWT_TOKEN_AUTH_MODULE: MATRIX_UVS_URL: MATRIX_UVS_ISSUER: MATRIX_UVS_AUTH_TOKEN: MATRIX_UVS_SYNC_POWER_LEVELS: LOG_LEVEL: LDAP_AUTH_METHOD: LDAP_BASE: LDAP_BINDDN: LDAP_BINDPW: LDAP_FILTER: LDAP_VERSION: LDAP_TLS_CIPHERS: LDAP_TLS_CHECK_PEER: LDAP_TLS_CACERT_FILE: LDAP_TLS_CACERT_DIR: LDAP_START_TLS: LDAP_URL: LDAP_USE_TLS: MAX_PARTICIPANTS: PROSODY_AUTH_TYPE: PROSODY_RESERVATION_ENABLED: PROSODY_RESERVATION_REST_BASE_URL: PROSODY_ENABLE_RATE_LIMITS: PROSODY_RATE_LIMIT_LOGIN_RATE: PROSODY_RATE_LIMIT_SESSION_RATE: PROSODY_RATE_LIMIT_TIMEOUT: PROSODY_RATE_LIMIT_ALLOW_RANGES: PROSODY_RATE_LIMIT_CACHE_SIZE: PUBLIC_URL: ${JITSI__PUBLIC_URL} TURN_CREDENTIALS: TURN_HOST: TURNS_HOST: TURN_PORT: TURNS_PORT: TURN_TRANSPORT: TZ: ${TZ} XMPP_DOMAIN: XMPP_AUTH_DOMAIN: XMPP_GUEST_DOMAIN: XMPP_MUC_DOMAIN: XMPP_INTERNAL_MUC_DOMAIN: XMPP_MODULES: XMPP_MUC_MODULES: XMPP_MUC_CONFIGURATION: XMPP_INTERNAL_MUC_MODULES: XMPP_RECORDER_DOMAIN: XMPP_PORT: expose: - 5222 - "5347" - "5280" image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable} networks: default: null profiles: ["rinoa-apps"] restart: unless-stopped volumes: - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/prosody/config target: /config type: bind - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/prosody/prosody-plugins-custom target: /prosody-plugins-custom type: bind jitsi-web: container_name: jitsi-web environment: AMPLITUDE_ID: ANALYTICS_SCRIPT_URLS: ANALYTICS_WHITELISTED_EVENTS: AUDIO_QUALITY_OPUS_BITRATE: AUTO_CAPTION_ON_RECORD: BRANDING_DATA_URL: CALLSTATS_CUSTOM_SCRIPT_URL: CALLSTATS_ID: CALLSTATS_SECRET: CHROME_EXTENSION_BANNER_JSON: COLIBRI_WEBSOCKET_PORT: CONFCODE_URL: CONFIG_EXTERNAL_CONNECT: DEFAULT_LANGUAGE: DEPLOYMENTINFO_ENVIRONMENT: DEPLOYMENTINFO_ENVIRONMENT_TYPE: DEPLOYMENTINFO_REGION: DEPLOYMENTINFO_SHARD: DEPLOYMENTINFO_USERREGION: DESKTOP_SHARING_FRAMERATE_MIN: DESKTOP_SHARING_FRAMERATE_MAX: DIALIN_NUMBERS_URL: DIALOUT_AUTH_URL: DIALOUT_CODES_URL: DISABLE_AUDIO_LEVELS: DISABLE_DEEP_LINKING: DISABLE_GRANT_MODERATOR: DISABLE_HTTPS: 1 DISABLE_KICKOUT: DISABLE_LOCAL_RECORDING: DISABLE_POLLS: DISABLE_PRIVATE_CHAT: DISABLE_PROFILE: DISABLE_REACTIONS: DISABLE_REMOTE_VIDEO_MENU: DISABLE_START_FOR_ALL: DROPBOX_APPKEY: DROPBOX_REDIRECT_URI: DYNAMIC_BRANDING_URL: ENABLE_AUDIO_PROCESSING: ENABLE_AUTH: ENABLE_BREAKOUT_ROOMS: ENABLE_CALENDAR: ENABLE_COLIBRI_WEBSOCKET: ENABLE_E2EPING: ENABLE_FILE_RECORDING_SHARING: ENABLE_GUESTS: 1 ENABLE_HSTS: ENABLE_HTTP_REDIRECT: 0 ENABLE_IPV6: ENABLE_LETSENCRYPT: 0 ENABLE_LIPSYNC: ENABLE_NO_AUDIO_DETECTION: ENABLE_NOISY_MIC_DETECTION: ENABLE_OCTO: ENABLE_OPUS_RED: ENABLE_PREJOIN_PAGE: ENABLE_P2P: ENABLE_WELCOME_PAGE: ENABLE_CLOSE_PAGE: ENABLE_LIVESTREAMING: ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK: ENABLE_LIVESTREAMING_HELP_LINK: ENABLE_LIVESTREAMING_TERMS_LINK: ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING: ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT: ENABLE_LOCAL_RECORDING_SELF_START: ENABLE_RECORDING: 1 ENABLE_REMB: ENABLE_REQUIRE_DISPLAY_NAME: ENABLE_SERVICE_RECORDING: ENABLE_SIMULCAST: ENABLE_STATS_ID: ENABLE_STEREO: ENABLE_SUBDOMAINS: ENABLE_TALK_WHILE_MUTED: ENABLE_TCC: ENABLE_TRANSCRIPTIONS: 1 ENABLE_XMPP_WEBSOCKET: ENABLE_JAAS_COMPONENTS: ETHERPAD_PUBLIC_URL: ETHERPAD_URL_BASE: ${JITSI__ETHERPAD_URL_BASE} E2EPING_NUM_REQUESTS: E2EPING_MAX_CONFERENCE_SIZE: E2EPING_MAX_MESSAGE_PER_SECOND: GOOGLE_ANALYTICS_ID: GOOGLE_API_APP_CLIENT_ID: HIDE_PREMEETING_BUTTONS: HIDE_PREJOIN_DISPLAY_NAME: HIDE_PREJOIN_EXTRA_BUTTONS: INVITE_SERVICE_URL: LETSENCRYPT_DOMAIN: LETSENCRYPT_EMAIL: LETSENCRYPT_USE_STAGING: MATOMO_ENDPOINT: MATOMO_SITE_ID: MICROSOFT_API_APP_CLIENT_ID: NGINX_RESOLVER: NGINX_WORKER_PROCESSES: NGINX_WORKER_CONNECTIONS: PEOPLE_SEARCH_URL: PREFERRED_LANGUAGE: PUBLIC_URL: ${JITSI__PUBLIC_URL} P2P_PREFERRED_CODEC: RESOLUTION: RESOLUTION_MIN: RESOLUTION_WIDTH: RESOLUTION_WIDTH_MIN: START_AUDIO_MUTED: START_AUDIO_ONLY: START_BITRATE: START_SILENT: START_WITH_AUDIO_MUTED: START_VIDEO_MUTED: START_WITH_VIDEO_MUTED: TESTING_CAP_SCREENSHARE_BITRATE: TESTING_OCTO_PROBABILITY: TOKEN_AUTH_URL: TOOLBAR_BUTTONS: TRANSLATION_LANGUAGES: TRANSLATION_LANGUAGES_HEAD: TZ: ${TZ} USE_APP_LANGUAGE: VIDEOQUALITY_BITRATE_H264_LOW: VIDEOQUALITY_BITRATE_H264_STANDARD: VIDEOQUALITY_BITRATE_H264_HIGH: VIDEOQUALITY_BITRATE_VP8_LOW: VIDEOQUALITY_BITRATE_VP8_STANDARD: VIDEOQUALITY_BITRATE_VP8_HIGH: VIDEOQUALITY_BITRATE_VP9_LOW: VIDEOQUALITY_BITRATE_VP9_STANDARD: VIDEOQUALITY_BITRATE_VP9_HIGH: VIDEOQUALITY_ENFORCE_PREFERRED_CODEC: VIDEOQUALITY_PREFERRED_CODEC: XMPP_AUTH_DOMAIN: XMPP_BOSH_URL_BASE: XMPP_DOMAIN: XMPP_GUEST_DOMAIN: XMPP_MUC_DOMAIN: XMPP_RECORDER_DOMAIN: XMPP_PORT: WHITEBOARD_ENABLED: WHITEBOARD_COLLAB_SERVER_PUBLIC_URL: hostname: meet.jitsi image: jitsi/web:${JITSI_IMAGE_VERSION:-stable} labels: swag: enable swag_proto: https swag_url: meet.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Jitsi swag.uptime-kuma.monitor.url: https://meet.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Professional Services homepage.name: Jitsi homepage.href: https://meet.${MY_TLD} homepage.icon: jitsi.png homepage.description: Web Conferencing networks: default: null ports: - 8001:80 - 8002:443 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/web target: /config type: bind - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/web/crontabs target: /var/spool/cron/crontabs type: bind - bind: create_host_path: true selinux: Z source: ${DOCKER_VOLUME_CONFIG}/jitsi/transcripts target: /usr/share/jitsi-meet/transcripts type: bind joplin-db: container_name: joplin-db environment: POSTGRES_PASSWORD: ${JOPLIN_POSTGRES_PASSWORD} POSTGRES_USER: ${JOPLIN_POSTGRES_USER} POSTGRES_DB: ${JOPLIN_POSTGRES_DATABASE} expose: - 5432 image: postgres:17-alpine@sha256:979c4379dd698aba0b890599a6104e082035f98ef31d9b9291ec22f2b13059ca networks: default: null profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: joplin_data target: /var/lib/postgresql/data type: volume volume: {} joplin: container_name: joplin environment: ACCOUNT_TYPES_ENABLED: true APP_PORT: ${JOPLIN_APP_PORT} APP_BASE_URL: ${JOPLIN_APP_BASE_URL} DB_CLIENT: pg INSTANCE_NAME: "Joplin @ Rinoa" IS_ADMIN_INSTANCE: true MAILER_ENABLED: 1 MAILER_HOST: postal-SMTP MAILER_PORT: 25 MAILER_SECURITY: none MAILER_AUTH_USER: ${POSTAL_SMTP_AUTH_USER} MAILER_AUTH_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} MAILER_NOREPLY_NAME: Joplin @ Rinoa MAILER_NOREPLY_EMAIL: noreply@${MY_TLD} POSTGRES_PASSWORD: ${JOPLIN_POSTGRES_PASSWORD} POSTGRES_DATABASE: ${JOPLIN_POSTGRES_DATABASE} POSTGRES_USER: ${JOPLIN_POSTGRES_USER} POSTGRES_PORT: 5432 POSTGRES_HOST: joplin-db image: joplin/server:latest@sha256:0877bfba41a943017c42c58e90db9d8d548bfe699b5e410248b5b879371734f9 labels: homepage.group: Personal Tools homepage.name: Joplin homepage.href: https://notes.${MY_TLD} homepage.icon: joplin.svg homepage.description: Open-source note taking & to-do swag: enable swag_url: notes.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Joplin swag.uptime-kuma.monitor.url: https://notes.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 22300:22300 profiles: ["rinoa-apps"] restart: unless-stopped karakeep: container_name: karakeep image: ghcr.io/karakeep-app/karakeep:release@sha256:64d6a9bbf2d37b5c808cf06b5d87f1f1c7846fdd3844724145a9741aeb06fd31 environment: BROWSER_WEB_URL: http://chrome:9222 DATA_DIR: /data INFERENCE_TEXT_MODEL: llama3.3:latest INFERENCE_IMAGE_MODEL: llava:latest MEILI_ADDR: http://meilisearch:7700 NEXTAUTH_SECRET: ${KARAKEEP_NEXTAUTH_SECRET} NEXTAUTH_URL: https://kkeep.${MY_TLD} OPENAI_API_KEY: ${LIBRECHAT_OPENAI_API_KEY} OLLAMA_BASE_URL: http://192.168.1.249:11434 labels: homepage.group: Lifestyle homepage.name: Karakeep homepage.href: https://kkeep.${MY_TLD} homepage.icon: karakeep-dark.svg homepage.description: Self-hosted bookmark-everything app with a touch of AI for data hoarders homepage.widget.type: karakeep homepage.widget.url: http://karakeep:3000 homepage.widget.key: ${KARAKEEP_HOMEPAGE_WIDGET_KEY} swag: enable swag_url: kkeep.${MY_TLD} swag_port: 3000 swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Karakeep swag.uptime-kuma.monitor.url: https://kkeep.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 24977:3000 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - karakeep-data:/data languagetool: container_name: languagetool environment: langtool_languageModel: /opt/languagetool/langModel Java_Xms: 512m Java_Xmx: 1g expose: - 8010 image: elestio/languagetool:latest@sha256:40045549a8b31b6b385dea55274a192359fcd61089824d022fb087d9bef867d8 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/languagetool/:/opt/languagetool/langModel libretranslate: container_name: libretranslate environment: LT_UPDATE_MODELS: true healthcheck: test: ["CMD-SHELL", "./venv/bin/python scripts/healthcheck.py"] image: libretranslate/libretranslate@sha256:c3887840d04c8173fb654ed3acfd41699928c380375808311b5d136d4e056e8b labels: homepage.group: Personal Tools homepage.name: LibreTranslate homepage.href: https://translate.${MY_TLD} homepage.icon: sh-libretranslate.svg homepage.description: Open-source machine translation API swag: enable swag_port: 5000 swag_url: translate.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: LibreTranslate swag.uptime-kuma.monitor.url: https://translate.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 5000:5000 profiles: ["rinoa-apps"] restart: unless-stopped stdin_open: true tty: true volumes: - libretranslate_api_keys:/app/db - libretranslate_models:/home/libretranslate/.local:rw lidarr: container_name: lidarr environment: PGID: ${PGID} PUID: ${PUID} TZ: America/New_York DOCKER_MODS: ghcr.io/gilbn/theme.park:lidarr hostname: Rinoa image: lscr.io/linuxserver/lidarr:latest@sha256:ca2f95634d422fdeccfbff2a42cbe3a4fed1170f7e3546d99d5d5f2c9c9aa03b labels: homepage.group: Servarr Stack homepage.name: Lidarr homepage.href: https://lidarr.${MY_TLD} homepage.icon: lidarr.png homepage.description: Music Automation homepage.widget.type: lidarr homepage.widget.url: http://lidarr:8686 homepage.widget.key: ${LIDARR_API_KEY} swag: enable swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Lidarr swag.uptime-kuma.monitor.url: https://lidarr.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 8686:8686 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - /etc/localtime:/etc/localtime:ro - ${DOCKER_VOLUME_CONFIG}/lidarr:/config - /rinoa-storage:/storage - ${DOCKER_VOLUME_STORAGE}/downloads/:/downloads lidify: container_name: lidify environment: app_name: lidify app_rev: 0.09 app_url: lidify.${MY_TLD} dry_run_adding_to_lidarr: true fallback_to_top_result: false last_fm_api_key: ${LASTFM_API_KEY} last_fm_api_secret: ${LASTFM_API_SECRET} lidarr_address: http://lidarr:8686 lidarr_api_key: ${LIDARR_API_KEY} lidarr_api_timeout: 120 metadata_profile_id: 1 mode: LastFM quality_profile_id: 1 root_folder_path: /data/media/music search_for_missing_albums: false spotify_client_id: ${YOUR_SPOTIFY_ID} spotify_client_secret: ${YOUR_SPOTIFY_SECRET} expose: - 5000 image: thewicklowwolf/lidify:latest@sha256:15a28139a6b16ff4bc5e6cc2fae413f837f8bd1971e15918c6cc7fd7fa0dcf54 labels: homepage.group: Servarr Stack homepage.name: Lidify homepage.href: https://lidify.${MY_TLD} homepage.icon: sh-lidify.png homepage.description: Music Discovery a la Last.fm, Spotify, Pandora, etc. swag: enable swag_auth: authelia swag_proto: http swag_port: 5000 swag_url: lidify.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Lidify swag.uptime-kuma.monitor.url: https://lidify.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/lidify target: /lidify/config type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_STORAGE}/Audio/Music target: /data/media/music type: bind bind: create_host_path: true - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind linkstack: container_name: linkstack image: linkstackorg/linkstack:latest@sha256:1c8b05399ee459ac601bac3eede7fbe765d1b6b7be725663b57f3220610958bf environment: TZ: ${TZ} SERVER_ADMIN: noreply@${MY_TLD} HTTP_SERVER_NAME: profile.${MY_TLD} HTTPS_SERVER_NAME: profile.${MY_TLD} LOG_LEVEL: info PHP_MEMORY_LIMIT: 256M UPLOAD_MAX_FILESIZE: 64M labels: homepage.group: Social homepage.name: LinkStack homepage.href: https://profile.${MY_TLD} homepage.icon: linkstack.svg homepage.description: Personal profile swag: enable swag_proto: https swag_url: profile.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: LinkStack swag.uptime-kuma.monitor.url: "https://profile.${MY_TLD}/@Trez.One" swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 8190:443 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - linkstack_data:/htdocs lldap: container_name: lldap environment: UID: ${PUID} GID: ${PGID} TZ: ${TZ} LLDAP_JWT_SECRET: ${LLDAP_JWT_SECRET} LLDAP_KEY_SEED: ${LLDAP_KEY_SEED} LLDAP_LDAP_BASE_DN: dc=trez,dc=wtf image: lldap/lldap:stable@sha256:2a8454b668c1aba7157e832eab0e242e1e7eb5fb7591d7e7774ba05286511ca8 labels: homepage.group: Privacy/Security homepage.name: LLDAP homepage.href: https://ldap.${MY_TLD} homepage.icon: /icons/lldap.png homepage.description: LDAP made easy swag: enable swag_proto: http swag_port: 17170 swag_url: ldap.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: LLDAP swag.uptime-kuma.monitor.url: https://ldap.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 3890:3890 - 17170:17170 profiles: ["rinoa-apps"] restart: always volumes: - source: ${DOCKER_VOLUME_CONFIG}/lldap target: /data type: bind bind: create_host_path: true loggifly: image: ghcr.io/clemcer/loggifly:latest@sha256:5eae87a3fd141dd7af12a53bb470bd6902d8dc6c8d6ec1d5017d5abdd4c64930 container_name: loggifly profiles: ["rinoa-apps"] restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - ${DOCKER_VOLUME_CONFIG}/loggifly/config.yaml:/app/config.yaml # Path to your config file (ignore if you are only using environment variables) maloja: container_name: maloja environment: MALOJA_CLEAN_OUTPUT: true MALOJA_DEV_MODE: false MALOJA_FORCE_PASSWORD: ${MALOJA_FORCE_PASSWORD} MALOJA_LASTFM_API_KEY: ${LASTFM_API_KEY} MALOJA_LASTFM_API_SECRET: ${LASTFM_API_SECRET} MALOJA_LASTFM_PASSWORD: ${LASTFM_PASSWORD} MALOJA_LASTFM_USERNAME: ${LASTFM_USERNAME} MALOJA_LOGGING: true MALOJA_PARSE_REMIX_ARTISTS: true MALOJA_SCROBBLE_LASTFM: true MALOJA_SKIP_SETUP: true MALOJA_SPOTIFY_API_ID: ${YOUR_SPOTIFY_ID} MALOJA_SPOTIFY_API_SECRET: ${YOUR_SPOTIFY_SECRET} MALOJA_TIMEZONE: ${TZ} image: krateng/maloja:latest@sha256:4ecea26058d2ca5168a8d53820279942d28f0606664cea6425f42371d5d88f95 labels: homepage.group: Media Library homepage.name: Maloja homepage.href: https://maloja.${MY_TLD} homepage.icon: maloja.png homepage.description: Simple self-hosted music scrobble database to create personal listening statistics swag: enable swag_proto: http swag_port: 42010 swag_url: maloja.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Maloja swag.uptime-kuma.monitor.url: https://maloja.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 42010:42010 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/maloja/config target: /etc/maloja type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/maloja/data target: /var/lib/maloja type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/maloja/logs target: /var/log/maloja type: bind bind: create_host_path: true manyfold: container_name: manyfold environment: PUID: ${PUID} PGID: ${PGID} TZ: ${TZ} DATABASE_URL: postgresql://manyfold:${MANYFOLD_PG_DB_PASSWORD}@manyfold-pg-db:5432/manyfold REDIS_URL: redis://manyfold-valkey:6379/0 SECRET_KEY_BASE: ${MANYFOLD_SECRET_KEY_BASE} MUTLIUSER: enabled MANYFOLD_LOG_LEVEL: info SMTP_SERVER: postal-smtp SMTP_PORT: 25 SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER} SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} SMTP_FROM_ADDRESS: noreply@${MY_TLD} image: lscr.io/linuxserver/manyfold:0.133.1@sha256:1e27e90558d913a41b01a81d3e6f24d7faad60cc3478abe52ddd9fc104a39494 labels: homepage.group: Lifestyle homepage.name: Manyfold homepage.href: https://3dprint.${MY_TLD} homepage.icon: manyfold.svg homepage.description: Self-hosted digital asset manager for 3D print files swag: enable swag_proto: http swag_port: 3214 swag_url: 3dprint.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.monitor.url: https://3dprint.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 3214:3214 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/manyfold/library:/libraries manyfold-pg-db: container_name: manyfold-pg-db environment: POSTGRES_USER: manyfold POSTGRES_PASSWORD: ${MANYFOLD_PG_DB_PASSWORD} POSTGRES_DB: manyfold expose: - 5432 healthcheck: test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER start_period: 20s timeout: 30s interval: 10s retries: 5 image: postgres:18-alpine@sha256:96d56f7f57c6aacd1fcb908bc83b345ec5f83231ee486dd66a1baadce274db88 profiles: ["rinoa-apps"] restart: always volumes: - manyfold-pg-db:/var/lib/postgresql/data manyfold-valkey: container_name: manyfold-valkey <<: *valkey-params volumes: - manyfold-valkey-data:/data/valkey mariadb: container_name: mariadb environment: MYSQL_ROOT_PASSWORD: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD} PGID: ${PGID} PUID: ${PUID} TZ: ${TZ} healthcheck: test: [ "CMD-SHELL", "mariadb-admin ping -h localhost -p${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD}|| exit 1", ] interval: 1m30s timeout: 10s retries: 5 hostname: Rinoa image: linuxserver/mariadb@sha256:41e8b59056fda0dfca6e24e2515674b18a76e774c93e464899da4d7116bc147d networks: default: null ports: - 3306:3306 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - /etc/localtime:/etc/localtime:ro - ${DOCKER_VOLUME_CONFIG}/mariadb:/config - ${DOCKER_VOLUME_STORAGE}:/storage - ${DOCKER_VOLUME_CONFIG}/mariadb:/var/lib/mysql mastodon: container_name: mastodon depends_on: mastodon-pg-db: condition: service_healthy required: true environment: PUID: ${PUID} PGID: ${PGID} TZ: ${TZ} LOCAL_DOMAIN: mastodon.${MY_TLD} WEB_DOMAIN: mastodon.${MY_TLD} REDIS_HOST: mastodon-valkey REDIS_PORT: 6379 DB_HOST: mastodon-pg-db DB_USER: mastodon DB_NAME: mastodon DB_PASS: ${MASTODON_PG_DB_PASSWORD} DB_PORT: 5432 ES_ENABLED: false ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY: ${MASTODON_ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY} ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY: ${MASTODON_ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY} ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT: ${MASTODON_ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT} SECRET_KEY_BASE: ${MASTODON_SECRET_KEY_BASE} OTP_SECRET: ${MASTODON_OTP_SECRET} VAPID_PRIVATE_KEY: ${MASTODON_VAPID_PRIVATE_KEY} VAPID_PUBLIC_KEY: ${MASTODON_VAPID_PUBLIC_KEY} SMTP_SERVER: postal-smtp SMTP_PORT: 25 SMTP_LOGIN: ${POSTAL_SMTP_AUTH_USER} SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} SMTP_FROM_ADDRESS: noreply@${MY_TLD} S3_ENABLED: true S3_ENDPOINT: http://minio:9000 S3_REGION: us-east-fh-pln S3_HOST: s3.${MY_TLD} S3_PROTOCOL: https S3_BUCKET: mastodon AWS_ACCESS_KEY_ID: ${MASTODON_MINIO_ACCESS_KEY} AWS_SECRET_ACCESS_KEY: ${MASTODON_MINIO_SECRET_KEY} expose: - 3000 image: lscr.io/linuxserver/mastodon:latest@sha256:eb34805b65f9f1354c0b6f33df3a4bebb8c2db690c6146eac175a96d06de341c labels: swag: enable swag_proto: http swag_port: 80 swag_url: mastodon.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Mastodon swag.uptime-kuma.monitor.url: https://mastodon.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Social homepage.name: Mastodon homepage.href: https://mastodon.${MY_TLD} homepage.icon: mastodon.svg homepage.description: Open-source social network homepage.widget.type: mastodon homepage.widget.url: https://mastodon.${MY_TLD} ports: - 9044:80 - 3444:443 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/mastodon:/config mastodon-pg-db: container_name: mastodon-pg-db environment: POSTGRES_USER: mastodon POSTGRES_PASSWORD: ${MASTODON_PG_DB_PASSWORD} POSTGRES_DB: mastodon expose: - 5432 healthcheck: test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER start_period: 20s timeout: 30s interval: 10s retries: 5 image: postgres:17-alpine@sha256:979c4379dd698aba0b890599a6104e082035f98ef31d9b9291ec22f2b13059ca profiles: ["rinoa-apps"] restart: always volumes: - mastodon-pg-db:/var/lib/postgresql/data mastodon-valkey: container_name: mastodon-valkey <<: *valkey-params volumes: - mastodon-valkey-data:/data/valkey maxun-backend: container_name: maxun-backend depends_on: maxun-pg-db: condition: service_healthy required: true minio: condition: service_started required: true <<: *maxun-env expose: - 8080 image: getmaxun/maxun-backend:latest@sha256:06c524edafb7ff84d34340dc7f3656c71cba4f5e3c957ca1b1b4ab84f5505057 mem_limit: 2g # Set a 2GB memory limit ports: - 8369:8080 profiles: ["rinoa-apps"] restart: unless-stopped security_opt: - seccomp=unconfined # This might help with browser sandbox issues shm_size: "2gb" # Increase shared memory size for Chromium volumes: - /var/run/dbus:/var/run/dbus maxun-frontend: container_name: maxun-frontend depends_on: - maxun-backend <<: *maxun-env image: getmaxun/maxun-frontend:latest@sha256:ac9150566fea38778e350d7f3ef3cf7244539394e5bc3598c1b5c30f41b5b73a labels: swag: enable swag_proto: http swag_port: 5173 swag_url: scrape.${MY_TLD} swag_server_custom_directive: | location ~ ^/(auth|storage|record|workflow|robot|proxy|api-docs|api|webhook|socket.io)(/|$) { proxy_pass http://maxun-backend:8080; } swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Maxun (Frontend) swag.uptime-kuma.monitor.url: https://scrape.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Personal Tools homepage.name: Maxun homepage.href: https://scrape.${MY_TLD} homepage.icon: sh-maxun.svg homepage.description: No-code web data extraction platform ports: - 5173:5173 profiles: ["rinoa-apps"] restart: unless-stopped maxun-pg-db: container_name: maxun-pg-db image: postgres:17-alpine@sha256:979c4379dd698aba0b890599a6104e082035f98ef31d9b9291ec22f2b13059ca environment: POSTGRES_USER: maxun POSTGRES_PASSWORD: ${MAXUN_DB_PASSWORD} POSTGRES_DB: maxun expose: - 5432 healthcheck: test: ["CMD-SHELL", "pg_isready -U maxun"] interval: 10s timeout: 5s retries: 5 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - maxun-pg-data:/var/lib/postgresql/data maxun-valkey: container_name: maxun-valkey <<: *valkey-params volumes: - maxun-valkey-data:/data/valkey meme-search-pro: container_name: meme-search-pro depends_on: meme-search-db: condition: service_healthy environment: DATABASE_URL: postgres://meme-search:${MEME_SEARCH_PG_PASSWORD}@meme-search-db:5432/meme-search image: ghcr.io/neonwatty/meme_search_pro:latest@sha256:bf3c20a6a0407ffa594d3e2fe8611073c0499659c90f44a28decd5e701e9e1f6 labels: swag: enable swag_proto: http swag_port: 3000 swag_url: memes.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Meme Search Pro swag.uptime-kuma.monitor.url: https://memes.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Social homepage.name: Meme Search Pro homepage.href: https://memes.${MY_TLD} homepage.icon: sh-meme-search.svg homepage.description: Meme search engine built with Python and Ruby ports: - 14058:3000 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/meme_search_pro/memes/:/rails/public/memes meme-search-pro-img2txt-gen: image: ghcr.io/neonwatty/image_to_text_generator:latest@sha256:81ffbc934de800f3f5206f742db534a78596ec894e348dc25548495a1e9ad78e container_name: meme-search-pro-img2txt-gen deploy: resources: limits: memory: 12GB environment: APP_PORT: 3000 expose: - 8000 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/meme_search_pro/memes/:/app/public/memes - ${DOCKER_VOLUME_CONFIG}/meme_search_pro/db-data/image_to_text_generator:/app/db - ${DOCKER_VOLUME_CONFIG}/meme_search_pro/models:/root/.cache/huggingface meme-search-db: container_name: meme-search-db environment: POSTGRES_DB: meme-search POSTGRES_USER: meme-search POSTGRES_PASSWORD: ${MEME_SEARCH_PG_PASSWORD} expose: - 5432 healthcheck: test: ["CMD-SHELL", "pg_isready -U meme-search"] interval: 10s timeout: 5s retries: 5 image: pgvector/pgvector:pg17@sha256:feb68f4f15446397d8cac7f4fe48fe4586de83160d1fc48b46283312d1a33966 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/meme_search_pro/db-data/meme-search-db:/var/lib/postgresql/data mini-qr: container_name: mini-qr image: ghcr.io/lyqht/mini-qr:latest@sha256:c9ccf1c25dda85db4275518c9583f6d72fab0885a2221cade0fa1249633aa1a4 labels: swag: enable swag_auth: authelia swag_proto: http swag_port: 8080 swag_url: qr.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Mini-QR swag.uptime-kuma.monitor.url: https://qr.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Lifestyle homepage.name: Mini-QR homepage.href: https://qr.${MY_TLD} homepage.icon: sh-mini-qr.svg homepage.description: Scan and generate customized QR codes easily ports: - 14815:8080 profiles: ["rinoa-apps"] restart: unless-stopped minio: command: server --console-address ":9090" /mnt/data container_name: minio environment: MINIO_ROOT_USER: minioadmin MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD} MINIO_ACCESS_KEY: ${MINIO_MIMIR_STORAGE_ACCESS_KEY} MINIO_SECRET_KEY: ${MINIO_MIMIR_STORAGE_SECRET_KEY} hostname: minio image: minio/minio:RELEASE.2025-04-22T22-12-26Z@sha256:a1ea29fa28355559ef137d71fc570e508a214ec84ff8083e39bc5428980b015e labels: swag: enable swag_proto: http swag_port: 9090 swag_url: s3.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: MinIO swag.uptime-kuma.monitor.url: https://s3.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: System Administration homepage.name: MinIO homepage.href: https://s3.${MY_TLD} homepage.icon: minio.png homepage.description: S3-compatible storage backend networks: default: null ports: - 9001:9000 - 9092:9090 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/minio/data target: /mnt/data type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/minio/minio target: /etc/config.env type: bind bind: create_host_path: true mixpost: container_name: mixpost image: inovector/mixpost:latest@sha256:60460addcafb65ed76e4676f718e0f2325c3a4800973cedad92634e27769f9d1 depends_on: mariadb: condition: service_healthy required: true mixpost-valkey: condition: service_healthy environment: APP_NAME: Mixpost APP_KEY: ${MIXPOST_APP_KEY} APP_DEBUG: true APP_DOMAIN: social.${MY_TLD} APP_URL: https://social.${MY_TLD} DB_HOST: mariadb DB_DATABASE: mixpost DB_USERNAME: mixpost DB_PASSWORD: ${MIXPOST_DB_PASSWORD} REDIS_HOST: mixpost-valkey REDIS_PORT: 6379 labels: swag: enable swag_port: 80 swag_proto: http swag_url: social.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Mixpost swag.uptime-kuma.monitor.url: https://social.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Social homepage.name: Mixpost homepage.href: https://social.${MY_TLD} homepage.icon: mixpost.svg homepage.description: Multi-channel social media manager ports: - 61757:80 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - mixpost-storage:/var/www/html/storage/app - mixpost-logs:/var/www/html/storage/logs mixpost-valkey: container_name: mixpost-valkey <<: *valkey-params volumes: - mixpost-valkey-data:/data/valkey mgob: command: "-LogLevel=info" container_name: mgob image: stefanprodan/mgob@sha256:d089c6d105d7d0f9db5222786cb93d85b1bf61e28b21ad717cea90f92570c8f3 labels: homepage.group: System Administration homepage.name: mgob homepage.icon: mongodb.svg homepage.description: Headless Automated MongoDB Backups homepage.widget.type: customapi homepage.widget.url: http://mgob:8090/status homepage.widget.mappings[0].label: Plan Name homepage.widget.mappings[0].field: plan homepage.widget.mappings[1].label: Last Run Status homepage.widget.mappings[1].field: last_run_status ports: - 48606:8090 restart: unless-stopped volumes: - mgob-data:/data - mgob-tmp:/tmp - ${DOCKER_VOLUME_STORAGE}/backups/dbs/mongodb:/storage - ${DOCKER_VOLUME_CONFIG}/mgob/config:/config mongodb: command: "--config /etc/mongodb/mongod.conf" container_name: mongodb environment: MONGO_INITDB_ROOT_USERNAME: ${MONGO_INITDB_ROOT_USERNAME} MONGO_INITDB_ROOT_PASSWORD: ${MONGO_INITDB_ROOT_PASSWORD} image: mongo:7@sha256:4b5bf3c2bb7516164f6dcb44acce4fdcb428abfe5771a1128304a0f34ab9ff7c ports: - 27017:27017 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/mongodb/config:/etc/mongodb - ${DOCKER_VOLUME_CONFIG}/mongodb/db:/data/db mongodb-exporter: command: - --log.level=error - --web.listen-address=:9216 - --web.telemetry-path=/metrics container_name: mongodb-exporter environment: MONGODB_URI: mongodb://${MONGO_INITDB_ROOT_USERNAME}:${MONGO_INITDB_ROOT_PASSWORD}@mongodb:27017/admin?replicaSet=rinoa image: percona/mongodb_exporter:2.37.0@sha256:afc6fe95557f506fcf9251f9363592c80abfedad506266d891db5d4c8d9be273 ports: - 9216:9216 profiles: ["rinoa-apps"] restart: unless-stopped multi-scrobbler: container_name: multi-scrobbler environment: BASE_URL: https://scrobble.${MY_TLD} TZ: ${TZ} PUID: ${PUID} PGID: ${PGID} MALOJA_URL: http://maloja:42010 MALOJA_API_KEY: ${MALOJA_API_KEY} LASTFM_API_KEY: ${LASTFM_API_KEY} LASTFM_API_SECRET: ${LASTFM_API_SECRET} LZ_USER: Trez.One LZ_TOKEN: ${MALOJA_LISTENBRAINZ_TOKEN} SPOTIFY_CLIENT_ID: ${YOUR_SPOTIFY_ID} SPOTIFY_CLIENT_SECRET: ${YOUR_SPOTIFY_SECRET} image: foxxmd/multi-scrobbler@sha256:aecbf754a18c2ddc5d9bcf6385316a63aeae685f4106e76c25ab9d2c26c0f550 labels: homepage.group: Media Library homepage.name: Multi-Scrobbler homepage.href: https://scrobble.${MY_TLD} homepage.icon: sh-multi-scrobbler.svg homepage.description: JS App for scrobbling/recording play history from/to multiple sources swag: enable swag_auth: authelia swag_proto: http swag_port: 9078 swag_url: scrobble.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Multi-Scrobbler swag.uptime-kuma.monitor.url: https://scrobble.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 9078:9078 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/multi-scrobbler target: /config type: bind bind: create_host_path: true n8n: container_name: n8n environment: N8N_HOST: n8n.${MY_TLD} N8N_PORT: 5678 N8N_PROTOCOL: https NODE_ENV: production WEBHOOK_URL: https://n8n.${MY_TLD}/ GENERIC_TIMEZONE: ${TZ} image: docker.n8n.io/n8nio/n8n@sha256:9f1f8e4c093c9924338bd168e3f813f746041d13b337753af0dbdd329e7b50f7 labels: swag: enable swag_proto: http swag_port: 5678 swag_url: n8n.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: n8n swag.uptime-kuma.monitor.url: https://n8n.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Automation homepage.name: n8n homepage.href: https://n8n.${MY_TLD} homepage.icon: n8n.svg homepage.description: Extendable workflow automation tool to easily automate tasks ports: - 5678:5678 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - n8n-data:/home/node/.n8n navidrome: container_name: navidrome environment: ND_AUTOIMPORTPLAYLISTS: true ND_BASEURL: "" ND_BACKUP_PATH: /backups ND_BACKUP_SCHEDULE: "@every 6h" ND_BACKUP_COUNT: 7 ND_ENABLEGRAVATAR: true ND_ENABLESHARING: true ND_JUKEBOX_ENABLED: true ND_LASTFM_APIKEY: ${LASTFM_API_KEY} ND_LASTFM_ENABLED: true ND_LASTFM_SECRET: ${LASTFM_API_SECRET} ND_LISTENBRAINZ_ENABLED: true ND_LOGLEVEL: info ND_MUSICFOLDER: /music ND_MPVCMDTEMPLATE: "mpv --no-audio-display --pause --input-ipc-server=%s --audio-channels=stereo --audio-samplerate=48000 --audio-format=s16 --ao=pcm:waveheader=no:file=/dev/stdout %f | nc 192.168.1.252 4953" ND_PLAYLISTPATH: /playlists ND_PLUGINS_ENABLED: true ND_PLUGINS_AUTORELOAD: true ND_AGENTS: audiomuseai,lastfm,spotify ND_DEVARTISTINFOTIMETOLIVE: 1s ND_SCANNER_GROUPALBUMRELEASES: true ND_SCANSCHEDULE: "@every 6h" ND_SESSIONTIMEOUT: 24h ND_SPOTIFY_ID: ${YOUR_SPOTIFY_ID} ND_SPOTIFY_SECRET: ${YOUR_SPOTIFY_SECRET} ND_SUBSONICARTISTPARTICIPATIONS: true image: deluan/navidrome:latest@sha256:c4b5cb36a790b3eb63ca6a68bbe2fe149c2d7fa2e586f7a480e61db630e6664b labels: homepage.group: Media Library homepage.name: Navidrome homepage.href: https://navi.${MY_TLD} homepage.icon: navidrome.png homepage.description: Music Streaming homepage.widget.type: navidrome homepage.widget.url: http://navidrome:4533 homepage.widget.user: admin homepage.widget.token: ${NAVIDROME_HOMEPAGE_TOKEN} homepage.widget.salt: ${NAVIDROME_HOMEPAGE_SALT} swag: enable swag_port: 4533 swag_proto: http swag_url: navi.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Navidrome swag.uptime-kuma.monitor.url: https://navi.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 4533:4533 profiles: ["rinoa-apps"] restart: unless-stopped user: 1000:1000 volumes: - ${DOCKER_VOLUME_CONFIG}/navidrome:/data - ${DOCKER_VOLUME_STORAGE}/Audio/Music:/music - ${DOCKER_VOLUME_STORAGE}/Audio/Playlists:/playlists - ${DOCKER_VOLUME_STORAGE}/backups/navidrome:/backups netalertx: container_name: netalertx cap_drop: - ALL cap_add: - CHOWN - SETUID - SETGID - NET_RAW - NET_ADMIN - NET_BIND_SERVICE environment: TZ: ${TZ} PORT: 20211 PUID: ${NETALERTX_UID:-20211} # Runtime UID after priming (Synology/no-copy-up safe) PGID: ${NETALERTX_GID:-20211} # Runtime GID after priming (Synology/no-copy-up safe) LISTEN_ADDR: ${LISTEN_ADDR:-0.0.0.0} # Listen for connections on all interfaces GRAPHQL_PORT: ${GRAPHQL_PORT:-20212} # GraphQL API port ALWAYS_FRESH_INSTALL: ${ALWAYS_FRESH_INSTALL:-false} # Set to true to reset your config and database on each container start NETALERTX_DEBUG: ${NETALERTX_DEBUG:-0} # 0=kill all services and restart if any dies. 1 keeps running dead services. image: jokobsk/netalertx:latest@sha256:656da7fc9f9fa5429cc75a33b0eb073fe538fd58b3d370f229fa0e4725f065b7 labels: cloudflare.tunnel.enable: true cloudflare.tunnel.hostname: net.${MY_TLD} cloudflare.tunnel.service: http://192.168.1.254:20211 cloudflare.tunnel.zonename: ${MY_TLD} cloudflare.tunnel.no_tls_verify: true homepage.group: Infrastructure/App Performance Monitoring homepage.name: NetAlertX homepage.href: http://192.168.1.254:20211 homepage.icon: netalertx.svg homepage.description: Network Monitoring homepage.widget.type: netalertx homepage.widget.url: http://192.168.1.254:20211 homepage.widget.key: ${NETALERTX_API_TOKEN} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: NetAlertX swag.uptime-kuma.monitor.url: https://pics.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 network_mode: host profiles: ["rinoa-apps"] restart: unless-stopped tmpfs: - "/tmp:mode=1700,uid=0,gid=0,rw,noexec,nosuid,nodev,async,noatime,nodira\ time" volumes: - ${DOCKER_VOLUME_CONFIG}/netalertx/config:/data - /etc/localtime:/etc/localtime:ro nextcloud: container_name: nextcloud-aio-mastercontainer environment: SKIP_DOMAIN_VALIDATION: false APACHE_ADDITIONAL_NETWORK: compose_default APACHE_IP_BINDING: 0.0.0.0 APACHE_PORT: 11000 expose: - 11000 image: nextcloud/all-in-one:latest@sha256:e77ff490d8caf528116feb2268a2e8cb9d9c974090090878ea00e76998f5298c labels: homepage.group: Privacy/Security homepage.name: NextCloud homepage.href: https://cloud.${MY_TLD} homepage.icon: nextcloud.svg homepage.description: Private Cloud homepage.widget.type: nextcloud homepage.widget.url: http://nextcloud-aio-apache:11000 homepage.widget.key: ${NEXTCLOUD_HOMEPAGE_TOKEN} swag: enable swag_port: 11000 swag_proto: http swag_address: nextcloud-aio-apache swag_url: cloud.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: NextCloud swag.uptime-kuma.monitor.url: https://cloud.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 56713:8080 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock - nextcloud_aio_mastercontainer:/mnt${DOCKER_VOLUME_CONFIG}-aio-config nocodb: container_name: nocodb depends_on: nocodb-pg-db: condition: service_healthy required: true nocodb-valkey: condition: service_healthy required: true environment: NC_DB: pg://nocodb-pg-db:5432?u=nocodb&p=${NOCODB_PG_PASSWORD}&d=nocodb NC_ADMIN_EMAIL: noreply@${MY_TLD} NC_ADMIN_PASSWORD: ${NOCODB_ADMIN_PASSWORD} NC_PUBLIC_URL: https://nocodb.${MY_TLD} NC_AUTH_JWT_SECRET: ${NOCODB_AUTH_JWT_SECRET} NC_REDIS_URL: redis://nocodb-valkey:6379 NC_SMTP_HOST: postal-smtp NC_SMTP_PORT: 25 NC_SMTP_SECURE: true NC_SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER} NC_SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} NC_SMTP_FROM: noreply@${MY_TLD} image: "nocodb/nocodb:latest@sha256:98090d707ab36ad0fe62dac8c8416b4ebf6ee939a8f\ 851676b880b5ac159a74a" labels: homepage.group: Code/DevOps homepage.name: NocoDB homepage.href: https://nocodb.${MY_TLD} homepage.icon: nocodb.svg homepage.description: Turn any SQL-based database into a smart spreadsheet swag: enable swag_port: 8080 swag_proto: http swag_url: nocodb.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: NocoDB swag.uptime-kuma.monitor.url: https://nocodb.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 8946:8080 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - nocodb_data:/usr/app/data nocodb-pg-db: container_name: nocodb-pg-db environment: POSTGRES_DB: nocodb POSTGRES_PASSWORD: ${NOCODB_PG_PASSWORD} POSTGRES_USER: nocodb expose: - 5432 healthcheck: interval: 10s retries: 10 test: 'pg_isready -U "$$POSTGRES_USER" -d "$$POSTGRES_DB"' timeout: 2s image: postgres:16-alpine@sha256:16bc17c64a573ef34162af9298258d1aec548232985b33ed7b1eac33ba35c229 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - nocodb_pg_data:/var/lib/postgresql/data nocodb-valkey: container_name: nocodb-valkey <<: *valkey-params volumes: - nocodb_valkey_data:/data/valkey ombi: container_name: ombi environment: PGID: ${PGID} PUID: ${PUID} TZ: America/New_York hostname: Rinoa image: lscr.io/linuxserver/ombi:latest@sha256:0caadf03b8047e1e6ec8396069bfd7aa2ecacb7d26cd67435dc1f334634d04ac labels: homepage.group: Media Library homepage.name: Ombi homepage.href: https://ombi.${MY_TLD} homepage.icon: ombi.png homepage.description: Media Requests homepage.widget.type: ombi homepage.widget.url: http://ombi:3579 homepage.widget.key: ${OMBI_API_KEY} swag: enable swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Ombi swag.uptime-kuma.monitor.url: https://ombi.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 3579:3579 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/ombi target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind omnitools: container_name: omnitools image: iib0011/omni-tools:latest@sha256:437e7f6f2ddf12bbe5a3d2d00cb853af40c3768d0e2b8b62780e05ba6c4ce61d labels: homepage.group: Personal Tools homepage.name: OmniTools homepage.href: https://otools.${MY_TLD} homepage.icon: sh-omnitools.png homepage.description: Tools for common tasks swag: enable swag_url: otools.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: OmniTools swag.uptime-kuma.monitor.url: https://otools.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 23693:80 profiles: ["rinoa-apps"] restart: unless-stopped omnipoly: container_name: omnipoly depends_on: languagetool: condition: service_started required: true libretranslate: condition: service_healthy required: true environment: LANGUAGE_TOOL: http://languagetool:8010 LIBRETRANSLATE: http://libretranslate:5000 OLLAMA: http://192.168.1.249:11434 OLLAMA_MODEL: smollm2:1.7b THEME: "pole" DISABLE_DICTIONARY: false image: kweg/omnipoly:latest@sha256:7bc685865d26378f35fdd2d45ac756e72495af16a89b1f805885b9323053ca6c labels: homepage.group: Personal Tools homepage.name: OmniPoly homepage.href: https://poly.${MY_TLD} homepage.icon: sh-omnipoly.svg homepage.description: Open-source language translation with LanguageTool, LibreTranslate, & Ollama swag: enable swag_url: poly.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: OmniPoly swag.uptime-kuma.monitor.url: https://poly.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 3734:80 profiles: ["rinoa-apps"] restart: unless-stopped open-webui: container_name: open-webui environment: OLLAMA_BASE_URLS: http://192.168.1.249:11434;http://192.168.1.248:11434 WEBUI_AUTH: true ENABLE_PASSWORD_VALIDATION: true ENABLE_SIGNUP_PASSWORD_CONFIRMATION: true ENABLE_SIGNUP: true ENABLE_LOGIN_FORM: true ENABLE_IMAGE_GENERATION: "true" AUTOMATIC1111_BASE_URL: http://192.168.1.248:7860 IMAGE_SIZE: "1024x1024" IMAGE_STEPS: "3" ENABLE_OTEL: true ENABLE_OTEL_METRICS: true OTEL_EXPORTER_OTLP_INSECURE: true # Use insecure connection for OTLP, remove in production OTEL_EXPORTER_OTLP_ENDPOINT: http://192.168.1.254:4317 OTEL_SERVICE_NAME: open-webui ENABLE_RAG_WEB_SEARCH: True RAG_WEB_SEARCH_ENGINE: searxng RAG_WEB_SEARCH_RESULT_COUNT: 3 RAG_WEB_SEARCH_CONCURRENT_REQUESTS: 10 SEARXNG_QUERY_URL: "https://search.trez.wtf/search?q=" ENABLE_LDAP: true LDAP_SERVER_LABEL: rinoa-ldap LDAP_SERVER_HOST: lldap LDAP_SERVER_PORT: 3890 LDAP_ATTRIBUTE_FOR_MAIL: mail LDAP_ATTRIBUTE_FOR_USERNAME: uid LDAP_APP_DN: uid=authelia,ou=people,dc=trez,dc=wtf LDAP_APP_PASSWORD: ${AUTHELIA_AUTH_BIND_LDAP_PASSWORD} LDAP_SEARCH_BASE: dc=trez,dc=wtf LDAP_SEARCH_FILTER: "(objectClass=inetOrgPerson)" LDAP_USE_TLS: false # LibreTranslate LT_DEBUG: false LT_UPDATE_MODELS: true LT_SSL: false LT_SUGGESTIONS: false LT_METRICS: false LT_HOST: http://libretranslate:5000 LT_API_KEYS: false LT_THREADS: 12 LT_FRONTEND_TIMEOUT: 2000 # Redis Websocket ENABLE_WEBSOCKET_SUPPORT: true WEBSOCKET_MANAGER: redis WEBSOCKET_REDIS_URL: redis://open-webui-valkey:6379/0 REDIS_KEY_PREFIX: open-webui image: ghcr.io/open-webui/open-webui:main@sha256:74093dadc9c6aabc23987a74fd8c2fb8d995b1a5b22e83b0036fb9d6af590e8c labels: homepage.group: Personal Tools homepage.name: Open WebUI homepage.href: https://ai.${MY_TLD} homepage.icon: open-webui.svg homepage.description: User-friendly and extensible AI interface swag: enable swag_port: 8080 swag_proto: http swag_url: ai.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Open WebUI swag.uptime-kuma.monitor.url: https://ai.${MY_TLD}/health swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 swag.uptime-kuma.monitor.type: https ports: - 3080:8080 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - open-webui-data:/app/backend/data open-webui-valkey: container_name: open-webui-valkey <<: *valkey-params volumes: - open-webui-valkey-data:/data/valkey paperless-ngx: container_name: paperless-ngx depends_on: mariadb: condition: service_healthy required: true restart: true environment: PAPERLESS_DBENGINE: mariadb PAPERLESS_DBHOST: mariadb PAPERLESS_DBPASS: ${PAPERLESS_DBPASS} PAPERLESS_DBPORT: 3306 PAPERLESS_DBUSER: paperless PAPERLESS_OCR_LANGUAGE: eng PAPERLESS_OCR_LANGUAGES: all PAPERLESS_REDIS: redis://paperless-valkey:6379 PAPERLESS_SECRET_KEY: ${PAPERLESS_SECRET_KEY} PAPERLESS_TIME_ZONE: ${TZ} PAPERLESS_URL: https://docs.${MY_TLD} USERMAP_GID: ${PGID} USERMAP_UID: ${PUID} image: ghcr.io/paperless-ngx/paperless-ngx:latest@sha256:6c86cad803970ea782683a8e80e7403444c5bf3cf70de63b4d3c8e87500db92f labels: swag: enable swag_proto: http swag_port: 8000 swag_url: docs.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Paperless-ngx swag.uptime-kuma.monitor.url: https://docs.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Personal Tools homepage.name: Paperless-ngx homepage.href: https://docs.${MY_TLD} homepage.icon: paperless-ngx.svg homepage.description: Document indexer & archiver with OCR networks: default: null ports: - 8004:8000 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: paperless-ngx-data target: /usr/src/paperless/data type: volume volume: {} - source: paperless-ngx-media target: /usr/src/paperless/media type: volume volume: {} - source: ${DOCKER_VOLUME_CONFIG}/paperless-ngx/export target: /usr/src/paperless/export type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/paperless-ngx/consume target: /usr/src/paperless/consume type: bind bind: create_host_path: true paperless-valkey: container_name: paperless-valkey <<: *valkey-params volumes: - paperless-valkey-data:/data/valkey pgbackweb: container_name: pgbackweb depends_on: pgbackweb-db: condition: service_healthy environment: PBW_ENCRYPTION_KEY: ${PGBACKWEB_ENCRYPTION_KEY} PBW_POSTGRES_CONN_STRING: "postgresql://pgbackweb:${PGBACKWEB_PG_DB_PASSWD}@pgb\ ackweb-db:5432/pgbackweb?sslmode=disable" TZ: ${TZ} image: eduardolat/pgbackweb:latest@sha256:56358e7adff53250ec0b43cf2764e723e45872fa2b92b9608fdddfeebaafbed7 labels: homepage.group: System Administration homepage.name: PG Back Web homepage.href: https://pg.${MY_TLD} homepage.icon: sh-pg-back-web.svg homepage.description: Backups for PostgreSQL swag: enable swag_proto: http swag_port: 8085 swag_url: pg.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.name: PG Back Web swag.uptime-kuma.monitor.url: https://pg.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - "8085:8085" # Access the web interface at http://localhost:8085 restart: unless-stopped volumes: - ${DOCKER_VOLUME_STORAGE}/backups/dbs/:/backups pgbackweb-db: container_name: pgbackweb-db environment: POSTGRES_USER: pgbackweb POSTGRES_DB: pgbackweb POSTGRES_PASSWORD: ${PGBACKWEB_PG_DB_PASSWD} expose: - 5432 healthcheck: test: ["CMD-SHELL", "pg_isready -U pgbackweb -d pgbackweb"] interval: 5s timeout: 5s retries: 5 image: postgres:17-alpine@sha256:979c4379dd698aba0b890599a6104e082035f98ef31d9b9291ec22f2b13059ca restart: unless-stopped volumes: - pgbackweb-data:/var/lib/postgresql/data planka: container_name: planka depends_on: planka-pg-db: condition: service_healthy environment: BASE_URL: https://kanban.${MY_TLD} DATABASE_URL: postgresql://planka:${PLANKA_PG_PASSWORD}@planka-pg-db/planka SECRET_KEY: ${PLANKA_SECRET_KEY} LOG_LEVEL: warn TRUST_PROXY: true TOKEN_EXPIRES_IN: 365 # In days # KNEX_REJECT_UNAUTHORIZED_SSL_CERTIFICATE: false DEFAULT_LANGUAGE: en-US DEFAULT_ADMIN_EMAIL: noreply@${MY_TLD} DEFAULT_ADMIN_PASSWORD: ${PLANKA_ADMIN_PASSWORD} DEFAULT_ADMIN_NAME: Planka Rinoa DEFAULT_ADMIN_USERNAME: admin S3_ENDPOINT: http://minio:9000 S3_REGION: us-east-fh-pln S3_ACCESS_KEY_ID: ${PLANKA_MINIO_ACCESS_KEY} S3_SECRET_ACCESS_KEY: ${PLANKA_MINIO_SECRET_KEY} S3_BUCKET: planka S3_FORCE_PATH_STYLE: true SMTP_HOST: postal-smtp SMTP_PORT: 25 SMTP_NAME: noreply@${MY_TLD} SMTP_SECURE: true SMTP_USER: ${POSTAL_SMTP_AUTH_USER} SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} SMTP_FROM: '"Planka @ Rinoa" ' SMTP_TLS_REJECT_UNAUTHORIZED: false image: ghcr.io/plankanban/planka:2.0.0-rc.3@sha256:5a2a69ec7159a2f9c6679c31698e4b5b17ccf254d5bfc6e9be43e411b6de0c3d labels: homepage.group: Professional Services homepage.name: Planka homepage.href: https://kanban.${MY_TLD} homepage.icon: planka.svg homepage.description: Kanban board swag: enable swag_url: kanban.${MY_TLD} swag_address: planka swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.monitor.url: https://kanban.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 54476:1337 profiles: ["rinoa-apps"] restart: on-failure volumes: - planka-favicons:/app/public/favicons - planka-user-avatars:/app/public/user-avatars - planka-background-images:/app/public/background-images - planka-attachments:/app/private/attachments planka-pg-db: container_name: planka-pg-db environment: POSTGRES_DB: planka POSTGRES_USER: planka POSTGRES_PASSWORD: ${PLANKA_PG_PASSWORD} POSTGRES_HOST_AUTH_METHOD: trust expose: - 5432 healthcheck: test: ["CMD-SHELL", "pg_isready -U planka -d planka"] interval: 10s timeout: 5s retries: 5 image: postgres:16-alpine@sha256:16bc17c64a573ef34162af9298258d1aec548232985b33ed7b1eac33ba35c229 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - planka-db-data:/var/lib/postgresql/data plant-it: container_name: plant-it depends_on: mariadb: condition: service_healthy required: true plant-it-valkey: condition: service_healthy required: true environment: MYSQL_HOST: mariadb MYSQL_PORT: 3306 MYSQL_USERNAME: plantit MYSQL_PSW: ${PLANTIT_DB_PASSWORD} MYSQL_DATABASE: plantit MYSQL_ROOT_PASSWORD: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD} HTTPS_METHOD: noredirect JWT_SECRET: ${PLANTIT_JWT_SECRET} JWT_EXP: 1 USERS_LIMIT: -1 # less then 0 means no limit UPLOAD_DIR: /upload-dir # path to the directory used to store uploaded images, if on docker deployment leave as it is and change the volume binding in the docker-compose file if needed API_PORT: 8080 FLORACODEX_URL: https://api.floracodex.com FLORACODEX_KEY: ${PLANTIT_FLORACODEX_APP_KEY} ALLOWED_ORIGINS: "*" # CORS allowed origins (comma separated list) LOG_LEVEL: DEBUG # could be: DEBUG, INFO, WARN, ERROR CONTACT_MAIL: noreply@${MY_TLD} # address used as "contact" for template email REMINDER_NOTIFY_CHECK: 0 30 7 * * * # 6-values crontab expression to set the check time for reminders MAX_REQUESTS_PER_MINUTE: 100 # rate limiting of the upcoming requests NTFY_ENABLED: false # if "false" ntfy service won't be available as notification dispatcher GOTIFY_ENABLED: true # if "false" ntfy service won't be available as notification dispatcher CACHE_TYPE: redis # Cache type. By default, it's "redis" but can also be "none" CACHE_TTL: 86400 CACHE_HOST: plant-it-valkey CACHE_PORT: 6379 SMTP_HOST: postal-smtp SMTP_PORT: 25 SMTP_EMAIL: noreply@${MY_TLD} SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} SMTP_AUTH: true SMTP_START_TTL: false image: msdeluise/plant-it-server:latest@sha256:23ddf8660087d6b9f5dbdca2ca09817b84db45cb2d9d6e2e0176e70f514629e7 labels: swag: enable swag_proto: http swag_port: 3000 swag_url: plants.${MY_TLD} swag_server_custom_directive: | location /api { proxy_pass http://plant-it:8080; } swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Plant-It swag.uptime-kuma.monitor.url: https://plants.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Lifestyle homepage.name: Plant-It homepage.href: https://plants.${MY_TLD} homepage.icon: plant-it.png homepage.description: 🪴 Self-hosted, open source gardening companion app homepage.widget.type: plantit homepage.widget.url: http://plant-it:3000 homepage.widget.key: ${PLANTIT_API_KEY} ports: - 64067:8080 - 3460:3000 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/plant-it:/upload-dir plant-it-valkey: container_name: plant-it-valkey <<: *valkey-params volumes: - plant-it-valkey-data:/data/valkey plantuml-server: container_name: plantuml-server image: plantuml/plantuml-server:jetty@sha256:6ab7824dbc4882156ba9b6d4f8ca42d697a79634c073d4d28eb768158f6ef5a7 labels: homepage.group: Personal Tools homepage.name: PlantUML homepage.href: https://plantuml.${MY_TLD} homepage.icon: plantuml.svg homepage.description: Textual diagram generator for UML & other visualizations. swag: enable swag_port: 8080 swag_url: plantuml.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.monitor.url: https://plantuml.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 42262:8080 profiles: ["rinoa-apps"] restart: unless-stopped portainer: container_name: portainer depends_on: docker-socket-proxy: condition: service_started required: true expose: - 9000 - 9443 image: portainer/portainer-ce:alpine@sha256:8cc90229468de756df561da23fb0e1403dc4fe53ca1ae155e0f1010b162bae32 labels: swag: enable swag_proto: http swag_port: 9000 swag_url: portainer.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Portainer swag.uptime-kuma.monitor.url: https://portainer.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: System Administration homepage.name: Portainer homepage.href: https://portainer.${MY_TLD} homepage.icon: portainer.svg homepage.description: Service delivery platform for containerized applications homepage.widgets[0].type: portainer homepage.widgets[0].url: http://portainer:9000 homepage.widgets[0].env: 7 homepage.widgets[0.key: ${PORTAINER_HOMEPAGE_TOKEN} homepage.widgets[1].type: portainer homepage.widgets[1].url: http://portainer:9000 homepage.widgets[1].env: 12 homepage.widgets[1.key: ${PORTAINER_HOMEPAGE_TOKEN} homepage.widgets[2].type: portainer homepage.widgets[2].url: http://portainer:9000 homepage.widgets[2].env: 13 homepage.widgets[2].key: ${PORTAINER_HOMEPAGE_TOKEN} profiles: ["rinoa-apps"] restart: unless-stopped volumes: - portainer-data:/data - /var/run/docker.sock:/var/run/docker.sock portchecker-web: container_name: portchecker-web depends_on: portchecker-api: required: true condition: service_healthy environment: DEFAULT_HOST: # Optional, Populates a default host address value to be populataed in the in the UI input. Defaults to external/WAN IP. DEFAULT_PORT: 443 # Optional, Populates a default port value to be populataed in the in the UI input API_URL: http://portchecker-api:8000 # Optional, the URL of the API service. The scheme and port is required. Defaults to http://api:8000 if not set. # GOOGLE_ANALYTICS: # Optional, set for Google Analytics integration healthcheck: test: ["CMD", "wget", "--spider", "-S", "http://127.0.0.1"] interval: 30s timeout: 10s retries: 3 start_period: 5s image: ghcr.io/dsgnr/portcheckerio-web:latest@sha256:4e0b4c4f0dd99954b6db70e8766f856742ec1a43370d94a754f8a608ddb0d88a labels: swag: enable swag_auth: authelia swag_proto: http swag_url: portc.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: PortChecker swag.uptime-kuma.monitor.url: https://portc.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: System Administration homepage.name: PortChecker homepage.href: https://portc.${MY_TLD} homepage.icon: mdi-check-network-outline homepage.description: Service delivery platform for containerized applications ports: - 31131:80 profiles: ["rinoa-apps"] restart: unless-stopped portchecker-api: container_name: portchecker-api environment: ALLOW_PRIVATE: true # Prevent usage of private IP addresses healthcheck: test: ["CMD", "wget", "--spider", "-S", "http://127.0.0.1:8000/healthz"] interval: 30s timeout: 10s retries: 3 start_period: 5s image: ghcr.io/dsgnr/portcheckerio-api:latest@sha256:881099ffea3550c0abd4ebdb48751f33fde913265695ab5890319f30583e3c62 ports: - 36102:8000 profiles: ["rinoa-apps"] restart: unless-stopped postal-smtp: cap_add: - NET_BIND_SERVICE command: postal smtp-server container_name: postal-smtp image: ghcr.io/postalserver/postal:latest@sha256:4f96b2e527c5589e6b73e25aebf877917bba45b460f535ecfca527488745e926 networks: default: null ports: - 25:25 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/postal:/config - ${DOCKER_VOLUME_CONFIG}/swag/etc/letsencrypt/live/${MY_TLD}:/config/certs postal-web: command: postal web-server container_name: postal-web image: ghcr.io/postalserver/postal:latest@sha256:4f96b2e527c5589e6b73e25aebf877917bba45b460f535ecfca527488745e926 labels: swag: enable swag_proto: http swag_port: 5000 swag_address: postal-web swag_url: post.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Postal swag.uptime-kuma.monitor.url: https://post.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: System Administration homepage.name: Postal homepage.href: https://post.${MY_TLD} homepage.icon: sh-postal.svg homepage.description: OSS Mail delivery platform networks: default: null ports: - 5001:5000 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/postal target: /config type: bind bind: create_host_path: true postal-worker: command: postal worker container_name: postal-worker environment: LOG_LEVEL: debug image: ghcr.io/postalserver/postal:latest@sha256:4f96b2e527c5589e6b73e25aebf877917bba45b460f535ecfca527488745e926 networks: default: null profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/postal target: /config type: bind bind: create_host_path: true protonmail-bridge: container_name: protonmail-bridge image: shenxn/protonmail-bridge@sha256:3717b4441130675dc9131196de9f9c5287d2ea21b138d83b0486429e1737638a ports: - 1025:25/tcp - 1143:143/tcp restart: unless-stopped volumes: - protonmail-data:/root prowlarr: container_name: prowlarr environment: PGID: ${PGID} PUID: ${PUID} TZ: America/New_York DOCKER_MODS: ghcr.io/gilbn/theme.park:sonarr TP_DOMAIN: ${MY_TLD}\/themepark TP_COMMUNITY_THEME: false TP_THEME: space-gray hostname: Rinoa image: lscr.io/linuxserver/prowlarr:latest@sha256:c9fe528f34b1fd3715438b6f6d6991d64e2965f2c055db36398bc66a0e7eab01 labels: homepage.group: Servarr Stack homepage.name: Prowlarr homepage.href: https://prowlarr.${MY_TLD} homepage.icon: prowlarr.png homepage.description: Index aggregator homepage.widget.type: prowlarr homepage.widget.url: http://prowlarr:9696 homepage.widget.key: ${PROWLARR_API_KEY} swag: enable swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Prowlarr swag.uptime-kuma.monitor.url: https://prowlarr.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 9696:9696 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/prowlarr target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind qbit-manage: container_name: qbit-manage depends_on: qbittorrentvpn: required: true condition: service_started image: ghcr.io/stuffanthings/qbit_manage:latest@sha256:56e1eeec5582e202e82479b42b588e3807ececca25716f91c7a29f5c597c55d0 environment: # Web API Configuration QBT_WEB_SERVER: true # Set to true to enable web API QBT_PORT: 8080 # Web API port (default: 8080) # Scheduler Configuration QBT_RUN: false QBT_SCHEDULE: 1440 QBT_CONFIG: /config/config.yml QBT_LOGFILE: activity.log # Command Flags QBT_RECHECK: false QBT_CAT_UPDATE: false QBT_TAG_UPDATE: false QBT_REM_UNREGISTERED: false QBT_REM_ORPHANED: false QBT_TAG_TRACKER_ERROR: false QBT_TAG_NOHARDLINKS: false QBT_SHARE_LIMITS: false QBT_SKIP_CLEANUP: false QBT_DRY_RUN: false # Logging Configuration QBT_LOG_LEVEL: INFO QBT_DIVIDER: "=" QBT_WIDTH: 100 ports: - 5965:8080 profiles: ["rinoa-apps"] restart: on-failure volumes: - ${DOCKER_VOLUME_CONFIG}/qbittorrent/qbit_manage/:/config:rw - ${DOCKER_VOLUME_STORAGE}/downloads/:/downloads:rw - ${DOCKER_VOLUME_CONFIG}/qbittorrent/qBittorrent:/qbittorrent/:ro qbittorrentvpn: cap_add: - NET_ADMIN - SYS_MODULE container_name: qbittorrentvpn devices: - "/dev/net/tun:/dev/net/tun" environment: DEBUG: true ENABLE_PRIVOXY: yes ENABLE_SOCKS: yes LAN_NETWORK: 192.168.1.0/24 NAME_SERVERS: 1.1.1.1,1.0.0.1,94.140.14.14,94.140.15.15 PGID: ${PGID} PUID: ${PUID} SOCKS_USER: admin SOCKS_PASS: socks TZ: ${TZ} VPN_CLIENT: openvpn VPN_ENABLED: yes VPN_INPUT_PORTS: "" VPN_OPTIONS: "" VPN_OUTPUT_PORTS: "" VPN_USER: ${DELUGEVPN_ENVIRONMENT_VPN_USER} VPN_PASS: ${DELUGEVPN_ENVIRONMENT_VPN_PASS} VPN_PROV: pia WEBUI_PORT: 8080 image: ghcr.io/binhex/arch-qbittorrentvpn:latest@sha256:64462c1cef85a4dde9ff76465dfa39f5628b6b88a30143fa48b3546a776fcac0 labels: homepage.group: Downloaders homepage.name: qBittorrent homepage.href: https://qbit.${MY_TLD} homepage.icon: qbittorrent.svg homepage.description: Fast and stable torrent client homepage.widget.type: qbittorrent homepage.widget.url: http://qbittorrentvpn:8080 homepage.widget.user: admin homepage.widget.password: "${DELUGEVPN_PASSWORD}" swag: enable swag_server_custom_directive: | location /mgmt { proxy_pass http://qbit-manage:8080; } swag_port: 8080 swag_proto: http swag_url: qbit.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: qBittorrent swag.uptime-kuma.monitor.url: https://qbit.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 58846:58846 - 58946:58946/udp - 8118:8118 - 9118:9118 - 38927:8080 privileged: true profiles: ["rinoa-apps"] restart: unless-stopped sysctls: net.ipv4.conf.all.src_valid_mark: 1 volumes: - /etc/localtime:/etc/localtime:ro - ${DOCKER_VOLUME_CONFIG}/.openvpn:/config/openvpn - ${DOCKER_VOLUME_CONFIG}/.wireguard:/config/wireguard - ${DOCKER_VOLUME_CONFIG}/qbittorrent/:/config - ${DOCKER_VOLUME_CONFIG}/qbittorrent/data:/data - ${DOCKER_VOLUME_STORAGE}/downloads:/downloads radarec: container_name: radarec environment: auto_start: true auto_start_delay: 60 dry_run_adding_to_radarr: false fallback_to_top_result: false language_choice: all metadata_profile_id: 1 minimum_rating: 4.5 minimum_votes: 50 quality_profile_id: 1 radarr_address: http://radarr:7878 radarr_api_key: ${RADARR_API_KEY} radarr_api_timeout: 120 root_folder_path: /data/media/movies search_for_movie: true tmdb_api_key: ${TMDB_API_KEY} expose: - 5000 image: thewicklowwolf/radarec:latest@sha256:1ff2aee6682b81363160a686860f7ead8314c47a13af88d623bf7f149d165e7b labels: homepage.group: Servarr Stack homepage.name: RadaRec homepage.href: https://radarec.${MY_TLD} homepage.icon: sh-radarec.png homepage.description: Movie discovery based on library/tastes swag: enable swag_proto: http swag_port: 5000 swag_auth: authelia swag_url: radarec.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: RadaRec swag.uptime-kuma.monitor.url: https://radarec.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_STORAGE}/Movies target: /data/media/movies type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/radarec target: /radarec/config type: bind bind: create_host_path: true - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind radarr: container_name: radarr environment: PGID: ${PGID} PUID: ${PUID} TZ: ${TZ} hostname: Rinoa image: lscr.io/linuxserver/radarr:latest@sha256:079e48870584baf2a3e7e43e7ba6d3c834555931851a59c82c51cc792d285caf labels: homepage.group: Servarr Stack homepage.name: Radarr homepage.href: https://radarr.${MY_TLD} homepage.icon: radarr.png homepage.description: Movie Automation homepage.widget.type: radarr homepage.widget.url: http://radarr:7878 homepage.widget.key: ${RADARR_API_KEY} swag: enable swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Radarr swag.uptime-kuma.monitor.url: https://radarr.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 7878:7878 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - /etc/localtime:/etc/localtime:ro - ${DOCKER_VOLUME_CONFIG}/radarr:/config - /rinoa-storage:/storage - ${DOCKER_VOLUME_STORAGE}/downloads/:/downloads reactive-resume: container_name: reactive-resume depends_on: browserless: condition: service_started required: true minio: condition: service_started required: true reactive-resume-pg: condition: service_started required: true environment: ACCESS_TOKEN_SECRET: ${REACTIVE_RESUME_ACCESS_TOKEN_SECRET} CHROME_PORT: 443 CHROME_TOKEN: ${CHROMIUM_TOKEN} CHROME_URL: wss://browserless:3000 DATABASE_URL: postgresql://reactiveresume:${REACTIVE_RESUME_PGSQL_PASSWORD}@reactive-resume-pg:5432/reactiveresume MAIL_FROM: noreply@${MY_TLD} NODE_ENV: production PORT: 3000 PUBLIC_URL: http://reactive-resume:3000 REFRESH_TOKEN_SECRET: ${REACTIVE_RESUME_REFRESH_TOKEN_SECRET} SMTP_URL: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25 STORAGE_ACCESS_KEY: ${REACTIVE_RESUME_S3_ACCESS_KEY} STORAGE_BUCKET: reactive-resume STORAGE_ENDPOINT: minio STORAGE_PORT: 9000 STORAGE_REGION: us-east-fh-pln STORAGE_SECRET_KEY: ${REACTIVE_RESUME_S3_SECRET_KEY} STORAGE_URL: https://s3.${MY_TLD}/reactive-resume STORAGE_USE_SSL: false TZ: ${TZ} image: amruthpillai/reactive-resume:latest@sha256:267e56e622f39b226e3796331e7391dad6ac9bc8c4369a506f33cd5876f26b36 labels: homepage.group: Professional Services homepage.name: Reactive Resume homepage.href: https://resume.${MY_TLD} homepage.icon: reactive-resume.svg homepage.description: Open-source resume builder swag: enable swag_proto: http swag_port: 3000 swag_url: resume.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Reactive Resume swag.uptime-kuma.monitor.url: https://resume.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 3011:3000 profiles: ["rinoa-apps"] restart: unless-stopped reactive-resume-pg: container_name: reactive-resume-pg environment: TZ: ${TZ} POSTGRES_DB: reactiveresume POSTGRES_USER: reactiveresume POSTGRES_PASSWORD: ${REACTIVE_RESUME_PGSQL_PASSWORD} expose: - 5432 image: postgres:16-alpine@sha256:16bc17c64a573ef34162af9298258d1aec548232985b33ed7b1eac33ba35c229 networks: default: null profiles: ["rinoa-apps"] restart: unless-stopped volumes: - reactive-resume-pg:/var/lib/postgresql/data readarr: container_name: readarr environment: PGID: ${PGID} PUID: ${PUID} TZ: America/New_York DOCKER_MODS: ghcr.io/gilbn/theme.park:readnarr hostname: Rinoa image: lscr.io/linuxserver/readarr:develop@sha256:eb37f58646a901dc7727cf448cae36daaefaba79de33b5058dab79aa4c04aefb labels: homepage.group: Servarr Stack homepage.name: Readarr homepage.href: https://readarr.${MY_TLD} homepage.icon: readarr.png homepage.description: eBook/Audiobook Automation homepage.widget.type: readarr homepage.widget.url: http://readarr:8787 homepage.widget.key: ${READARR_API_KEY} swag: enable swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Readarr swag.uptime-kuma.monitor.url: https://readarr.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 8787:8787 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - /etc/localtime:/etc/localtime:ro - ${DOCKER_VOLUME_CONFIG}/readarr:/config - /rinoa-storage:/storage - ${DOCKER_VOLUME_STORAGE}/downloads/:/downloads redlib: cap_drop: - ALL container_name: redlib environment: REDLIB_SFW_ONLY: off REDLIB_BANNER: REDLIB_ROBOTS_DISABLE_INDEXING: off REDLIB_PUSHSHIFT_FRONTEND: undelete.pullpush.io REDLIB_DEFAULT_THEME: nord REDLIB_DEFAULT_FRONT_PAGE: default REDLIB_DEFAULT_LAYOUT: clean REDLIB_DEFAULT_WIDE: on REDLIB_DEFAULT_POST_SORT: hot REDLIB_DEFAULT_COMMENT_SORT: confidence REDLIB_DEFAULT_SHOW_NSFW: off REDLIB_DEFAULT_BLUR_NSFW: on REDLIB_DEFAULT_USE_HLS: off REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION: off REDLIB_DEFAULT_AUTOPLAY_VIDEOS: off REDLIB_DEFAULT_SUBSCRIPTIONS: REDLIB_DEFAULT_HIDE_AWARDS: off REDLIB_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION: off REDLIB_DEFAULT_HIDE_SCORE: off REDLIB_DEFAULT_FIXED_NAVBAR: on image: quay.io/redlib/redlib:latest@sha256:e6647a94d553bf3f7c95c53fc6d9da5785e6c278d9002e99ea32abdb5e3c513a labels: homepage.group: Social homepage.name: Redlib homepage.href: https://rlib.${MY_TLD} homepage.icon: libreddit.svg homepage.description: Redlib is a private front-end like Invidious but for Reddit swag: enable swag_auth: authelia swag_proto: http swag_port: 8080 swag_url: rlib.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Redlib swag.uptime-kuma.monitor.url: https://rlib.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 8103:8080 read_only: true profiles: ["rinoa-apps"] restart: always security_opt: - no-new-privileges=true user: nobody rocketchat: container_name: rocketchat depends_on: mongodb: condition: service_started required: true environment: ADMIN_USERNAME: Trez.One ADMIN_NAME: Charish Patel ADMIN_PASS: ${ROCKETCHAT_ADMIN_PASSWORD} ADMIN_EMAIL: charish.patel@${MY_TLD} MONGO_URL: mongodb://rocketchat:${ROCKETCHAT_MONGODB_PASSWORD}@mongodb:27017/rocketchat?replicaSet=rinoa MONGO_OPLOG_URL: mongodb://rocketchat:${ROCKETCHAT_MONGODB_PASSWORD}@mongodb:27017/local?replicaSet=rinoa ROOT_URL: https://chat.${MY_TLD} PORT: 3000 DEPLOY_METHOD: docker DEPLOY_PLATFORM: ${DEPLOY_PLATFORM:-} REG_TOKEN: ${REG_TOKEN:-} expose: - 3000 image: ${IMAGE:-registry.rocket.chat/rocketchat/rocket.chat}:${RELEASE:-latest} labels: homepage.group: Social homepage.name: Rocket.Chat homepage.href: https://chat.${MY_TLD} homepage.icon: rocket-chat.svg homepage.description: Fully customizable communications platform with high standards of data protection swag: enable swag_proto: http swag_port: 3000 swag_url: chat.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Rocket.Chat swag.uptime-kuma.monitor.url: https://chat.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 profiles: ["rinoa-apps"] restart: always romm: container_name: romm depends_on: mariadb: condition: service_healthy required: true restart: true image: rommapp/romm:latest@sha256:2b7a1714b287f69b081ad2a63bb8c2fa673666a17b2f21322b580b0cd51cb266 environment: ROMM_DB_DRIVER: mariadb # mariadb | sqlite (default: sqlite) ROMM_HOST: https://localhost:3000 # [Optional] your host ip or domain name (including http(s)://, subdomain and port if needed). Being used only for webRcade feed for now. # [Optional] Only required if using MariaDB as the database DB_HOST: mariadb DB_PORT: 3306 DB_USER: romm DB_NAME: romm # Should match the MYSQL_DATABASE value in the mariadb container DB_PASSWD: ${ROMM_MARIADB_PASSWORD} # [Optional WIP] Use SteamGridDB as a source for covers # STEAMGRIDDB_API_KEY: # [Optional] Will enable user management and require authentication to access the interface (disabled by default) ROMM_AUTH_ENABLED: true # default: false ROMM_AUTH_SECRET_KEY: ${ROMM_AUTH_SECRET_KEY} # Generate a key with `openssl rand -hex 32` ROMM_AUTH_USERNAME: admin # default: admin ROMM_AUTH_PASSWORD: ${ROMM_AUTH_PASSWORD} # default: admin # [Optional] Only required if authentication is enabled ENABLE_EXPERIMENTAL_REDIS: true # default: false REDIS_HOST: romm-valkey # default: localhost REDIS_PORT: 6379 # default: 6379 REDIS_DB: 0 # REDIS_PASSWORD: # [Optional] Support for secured redis # [Optional] Will enable asynchronous tasks (all disabled by default) # Important: Do NOT wrap the cron expression in quotes ENABLE_RESCAN_ON_FILESYSTEM_CHANGE: true # Runs a quick scan on the library when a file is added or removed RESCAN_ON_FILESYSTEM_CHANGE_DELAY: 5 # Delay in seconds before running the quick scan (default: 5) ENABLE_SCHEDULED_RESCAN: true # Runs a quick scan on the library at a given time SCHEDULED_RESCAN_CRON: 0 3 * * * # Cron expression for the scheduled scan (default: 0 3 * * * At 3:00 AM every day) ENABLE_SCHEDULED_UPDATE_SWITCH_TITLEDB: true # Updates the Switch TitleDB database at a given time SCHEDULED_UPDATE_SWITCH_TITLEDB_CRON: 0 4 * * * # Cron expression for the scheduled update (default: 0 4 * * * At 4:00 AM every day) ENABLE_SCHEDULED_UPDATE_MAME_XML: true # Updates the MAME XML database at a given time SCHEDULED_UPDATE_MAME_XML_CRON: 0 5 * * * # Cron expression for the scheduled update (default: 0 5 * * * At 5:00 AM every day) IGDB_CLIENT_ID: ${ROMM_IGDB_CLIENT_ID} # Generate an ID and SECRET in IGDB IGDB_CLIENT_SECRET: ${ROMM_IGDB_CLIENT_SECRET} # https://docs.romm.app/latest/Getting-Started/Generate-API-Keys/#igdb MOBYGAMES_API_KEY: # https://docs.romm.app/latest/Getting-Started/Generate-API-Keys/#mobygames STEAMGRIDDB_API_KEY: ${ROMM_STEAMGRIDDB_API_KEY} # https://docs.romm.app/latest/Getting-Started/Generate-API-Keys/#steamgriddb SCREENSCRAPER_USER: ${ROMM_SCREENSCRAPER_USERNAME} # Use your ScreenScraper username and password SCREENSCRAPER_PASSWORD: ${ROMM_SCREENSCRAPER_PASSWORD} # https://docs.romm.app/latest/Getting-Started/Generate-API-Keys/#screenscraper labels: homepage.group: Media Library homepage.name: RomM homepage.href: https://romm.${MY_TLD} homepage.icon: romm.svg homepage.description: Beautiful, powerful, self-hosted ROM manager homepage.widget.type: romm homepage.widget.url: http://romm:8080 swag: enable swag_proto: http swag_url: romm.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: RomM swag.uptime-kuma.monitor.url: https://romm.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 30229:8080 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - romm_resources:/romm/resources # Resources fetched from IGDB (covers, screenshots, etc.) - ${DOCKER_VOLUME_STORAGE}/roms:/romm/library # Your game library. Check https://github.com/rommapp/romm?tab=readme-ov-file#folder-structure for more details. - ${DOCKER_VOLUME_STORAGE}/roms/assets:/romm/assets # Uploaded saves, states, etc. - ${DOCKER_VOLUME_CONFIG}/romm:/romm/config # Path where config.yml is stored romm-valkey: container_name: romm-valkey <<: *valkey-params volumes: - romm-valkey-data:/data/valkey sabnzbdvpn: cap_add: - NET_ADMIN - SYS_MODULE container_name: sabnzbdvpn devices: - /dev/net/tun:/dev/net/tun environment: ENABLE_PRIVOXY: no LAN_NETWORK: 192.168.1.0/24 NAME_SERVERS: 192.168.1.254,1.1.1.1 PGID: 1000 PUID: 1000 TZ: America/New_York VPN_CLIENT: openvpn VPN_ENABLED: yes VPN_INPUT_PORTS: VPN_OPTIONS: VPN_OUTPUT_PORTS: VPN_PASS: ${SABNZBDVPN_ENVIRONMENT_VPN_PASS} VPN_PROV: pia VPN_USER: ${SABNZBDVPN_ENVIRONMENT_VPN_USER} DEBUG: true hostname: Rinoa image: ghcr.io/binhex/arch-sabnzbdvpn:latest@sha256:f9c6e4131a003ff8d033949afa08e3555cddcccbff51375c920f3755438e2b06 labels: homepage.group: Downloaders homepage.name: SABnzbd homepage.href: https://sabnzbd.${MY_TLD} homepage.icon: sabnzbd.png homepage.description: NZB Downloader over VPN homepage.widget.type: sabnzbd homepage.widget.url: http://sabnzbdvpn:8080 homepage.widget.env: 1 homepage.widget.key: ${SABNZBDVPN_API_KEY} swag: enable swag_proto: http swag_url: sabnzbd.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: SABnzbd swag.uptime-kuma.monitor.url: https://sabnzbd.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 8080:8080 - 8090:8090 - 8119:8118 privileged: true profiles: ["rinoa-apps"] restart: unless-stopped sysctls: net.ipv4.conf.all.src_valid_mark: "1" volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/sabnzbdvpn target: /config type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind sablier: container_name: sablier environment: PROVIDER_NAME: docker SERVER_PORT: 10000 SERVER_BASE_PATH: / STORAGE_FILE: /opt/sablier/state SESSIONS_DEFAULT_DURATION: 5m SESSIONS_EXPIRATION_INTERVAL: 20s LOGGING_LEVEL: trace STRATEGY_DYNAMIC_CUSTOM_THEMES_PATH: /opt/sablier/custom_themes STRATEGY_DYNAMIC_SHOW_DETAILS_BY_DEFAULT: false STRATEGY_DYNAMIC_DEFAULT_THEME: hacker-terminal STRATEGY_DYNAMIC_DEFAULT_REFRESH_FREQUENCY: 5s STRATEGY_BLOCKING_DEFAULT_TIMEOUT: 1m image: sablierapp/sablier:latest@sha256:31c6877d69e7d8e627b51343f78234498e8746eb90051deafcfb765caabb584b ports: - 19311:10000 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/sablier/state:/opt/sablier/state - ${DOCKER_VOLUME_CONFIG}/sablier/custom_themes:/opt/sablier/custom_themes - /var/run/docker.sock:/var/run/docker.sock scraparr: container_name: scraparr depends_on: bazarr: condition: service_started required: true prowlarr: condition: service_started required: true radarr: condition: service_started required: true sonarr: condition: service_started required: true environment: BAZARR_API_KEY: ${BAZARR_API_KEY} BAZARR_URL: http://bazarr:6767 PROWLARR_API_KEY: ${PROWLARR_API_KEY} PROWLARR_URL: http://prowlarr:9696 RADARR_API_KEY: ${RADARR_API_KEY} RADARR_URL: http://radarr:7878 SONARR_API_KEY: ${SONARR_API_KEY} SONARR_URL: http://sonarr:8989 image: ghcr.io/thecfu/scraparr:3@sha256:47ae07184e9d35ed7c25ed378e79a423b6f9da15056c9299d517af2bbe6f5e96 ports: - 7100:7100 profiles: ["rinoa-apps"] restart: unless-stopped scrutiny: cap_add: - SYS_RAWIO container_name: scrutiny devices: - "/dev/nvme0n1:/dev/nvme0n1:rwm" - "/dev/sda:/dev/sda:rwm" - "/dev/sdb:/dev/sdb:rwm" - "/dev/sdc:/dev/sdc:rwm" - "/dev/sdd:/dev/sdd:rwm" - "/dev/sde:/dev/sde:rwm" - "/dev/sdf:/dev/sdf:rwm" image: ghcr.io/analogj/scrutiny:master-omnibus@sha256:18689773150d6b8b53c94a435f40f7b6e946fd4a6d40b44c64fa2154a5b38941 labels: cloudflare.tunnel.enable: true cloudflare.tunnel.hostname: smartd.${MY_TLD} cloudflare.tunnel.service: http://scrutiny:8080 cloudflare.tunnel.zonename: ${MY_TLD} cloudflare.tunnel.no_tls_verify: true homepage.group: Infrastructure/App Performance Monitoring homepage.name: Scrutiny homepage.href: https://smartd.${MY_TLD} homepage.icon: scrutiny.png homepage.description: WebUI for smartd S.M.A.R.T monitoring homepage.widget.type: scrutiny homepage.widget.url: http://scrutiny:8080 swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Scrutiny swag.uptime-kuma.monitor.url: https://smartd.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 8909:8080 - 8910:8086 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /run/udev target: /run/udev type: bind - source: ${DOCKER_VOLUME_CONFIG}/scrutiny/config target: /opt/scrutiny/config type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/scrutiny/influxdb target: /opt/scrutiny/influxdb type: bind bind: create_host_path: true searxng: cap_add: - CHOWN - SETGID - SETUID cap_drop: - ALL container_name: searxng environment: SEARXNG_BASE_URL: https://search.${MY_TLD} image: searxng/searxng:latest@sha256:04cc81a759e882e411569e008a77243ab8b0fc4137bcf88018cd7b7c3cbdff41 labels: homepage.group: Privacy/Security homepage.name: SearxNG homepage.href: https://search.${MY_TLD} homepage.icon: searxng.png homepage.description: Anonymized Meta-Search Engine swag: enable swag_address: searxng swag_proto: http swag_url: search.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: SearxNG swag.uptime-kuma.monitor.url: https://search.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 logging: driver: json-file options: max-file: "1" max-size: 1m networks: default: null ports: - 8095:8080 privileged: true profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/searxng:/etc/searxng searxng-valkey: container_name: searxng-valkey <<: *valkey-params volumes: - searxng-valkey-data:/data/valkey semaphore-ui: container_name: semaphore-ui environment: ANSIBLE_HOST_KEY_CHECKING: false SEMAPHORE_ADMIN_PASSWORD: ${SEMAPHORE_ADMIN_PASSWORD} SEMAPHORE_ADMIN_NAME: admin SEMAPHORE_ADMIN_EMAIL: charish.patel@${MY_TLD} SEMAPHORE_ADMIN: admin SEMAPHORE_DB_DIALECT: bolt SEMAPHORE_EMAIL_ALERT: true SEMAPHORE_EMAIL_SENDER: noreply@${MY_TLD} SEMAPHORE_EMAIL_HOST: postal-smtp SEMAPHORE_EMAIL_PORT: 25 SEMAPHORE_EMAIL_USERNAME: ${POSTAL_SMTP_AUTH_USER} SEMAPHORE_EMAIL_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} SEMAPHORE_EMAIL_SECURE: false SEMAPHORE_USE_REMOTE_RUNNER: true image: semaphoreui/semaphore:v2.18.4@sha256:e32c60f52e42799be077c6669f8dc9fcb6cedb1a1f851f791a6be851f4347c41 labels: homepage.group: Code/DevOps homepage.name: Semaphore UI homepage.href: https://devops.${MY_TLD} homepage.icon: semaphore.svg homepage.description: Modern UI for Ansible, Terraform, OpenTofu, PowerShell and other DevOps tools swag: enable swag_port: 3000 swag_proto: http swag_url: devops.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Semaphore UI swag.uptime-kuma.monitor.url: https://devops.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 3015:3000 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - semaphore_config:/etc/semaphore - semaphore_data:/var/lib/semaphore - semaphore_tmp:/tmp/semaphore signoz-app: <<: *signoz-db-depend container_name: signoz-app environment: SIGNOZ_ALERTMANAGER_PROVIDER: signoz SIGNOZ_ANALYTICS_ENABLED: true SIGNOZ_JWT_SECRET: ${SIGNOZ_JWT_SECRET} SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_DSN: tcp://signoz-clickhouse:9000 SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER: cluser SIGNOZ_QUERIER_FLUX__INTERVAL: 5m SIGNOZ_TELEMETRYSTORE_PROVIDER: clickhouse SIGNOZ_SQLSTORE_SQLITE_PATH: /var/lib/signoz/signoz.db SIGNOZ_ALERTMANAGER_SIGNOZ_EXTERNAL__URL: https://apm.${MY_TLD} SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__FROM: noreply@${MY_TLD} SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__SMARTHOST: postal-smtp:25 SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__AUTH__USERNAME: ${POSTAL_SMTP_AUTH_USER} SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__AUTH__PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD} SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__REQUIRE__TLS: true SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__TLS__CONFIG_INSECURE__SKIP__VERIFY: true SIGNOZ_PROMETHEUS_CONFIG: /root/config/prometheus.yml DASHBOARDS_PATH: /root/config/dashboards GODEBUG: netdns=go DEPLOYMENT_TYPE: docker-standalone-amd healthcheck: test: - CMD - wget - --spider - -q - localhost:8080/api/v1/health interval: 30s timeout: 5s retries: 3 image: signoz/signoz:v0.113.0@sha256:381d613fc4a186243a0ba28e55b957921e6d8663dd9111ef95c2cfdead1021c5 labels: homepage.group: Infrastructure/App Performance Monitoring homepage.name: Signoz homepage.href: https://apm.${MY_TLD} homepage.icon: signoz.svg homepage.description: Logs, metrics, and traces in a single pane swag: enable swag_proto: http swag_port: 8080 swag_url: apm.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Signoz swag.uptime-kuma.monitor.url: https://apm.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 36113:8080 # signoz port # - "6060:6060" # pprof port volumes: - ${DOCKER_VOLUME_CONFIG}/signoz/common/prometheus.yml:/root/config/prometheus.yml - ${DOCKER_VOLUME_CONFIG}/signoz/common/dashboards:/root/config/dashboards - signoz-sqlite:/var/lib/signoz/ signoz-clickhouse: <<: *signoz-clickhouse-defaults container_name: signoz-clickhouse expose: - 9000 ports: # - "9000:9000" - "8123:8123" - "9181:9181" volumes: - ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/config.xml:/etc/clickhouse-server/config.xml - ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/users.xml:/etc/clickhouse-server/users.xml - ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/custom-function.xml:/etc/clickhouse-server/custom-function.xml - ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/user_scripts:/var/lib/clickhouse/user_scripts/ - ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/cluster.xml:/etc/clickhouse-server/config.d/cluster.xml - signoz-clickhouse:/var/lib/clickhouse/ # - ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/storage.xml:/etc/clickhouse-server/config.d/storage.xml signoz-init-clickhouse: <<: *signoz-common container_name: signoz-init-clickhouse command: - bash - -c - | version="v0.0.1" node_os=$$(uname -s | tr '[:upper:]' '[:lower:]') node_arch=$$(uname -m | sed s/aarch64/arm64/ | sed s/x86_64/amd64/) echo "Fetching histogram-binary for $${node_os}/$${node_arch}" cd /tmp wget -O histogram-quantile.tar.gz "https://github.com/SigNoz/signoz/releases/download/histogram-quantile%2F$${version}/histogram-quantile_$${node_os}_$${node_arch}.tar.gz" tar -xvzf histogram-quantile.tar.gz mv histogram-quantile /var/lib/clickhouse/user_scripts/histogramQuantile image: clickhouse/clickhouse-server:25.5.6-alpine restart: on-failure volumes: - ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/user_scripts/:/var/lib/clickhouse/user_scripts/ signoz-logspout: command: signoz://signoz-otel-collector:8082 container_name: signoz-logspout depends_on: signoz-otel-collector: required: true condition: service_started environment: ENV: prod SIGNOZ_LOG_ENDPOINT: http://signoz-otel-collector:8082 image: pavanputhra/logspout-signoz@sha256:6da8ce12279a5262de8b2d5c083ce82d4c878c4eab702b4d328afe147ed7553b profiles: ["rinoa-apps"] restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock signoz-otel-collector: <<: *signoz-db-depend command: - --config=/etc/otel-collector-config.yaml - --manager-config=/etc/manager-config.yaml - --copy-path=/var/tmp/collector-config.yaml - --feature-gates=-pkg.translator.prometheus.NormalizeName container_name: signoz-otel-collector depends_on: signoz-app: condition: service_healthy environment: NGINX_ACCESS_LOG_FILE: /swag/log/nginx/access.log NGINX_ERROR_LOG_FILE: /swag/log/nginx/error.log OTEL_RESOURCE_ATTRIBUTES: host.name=signoz-host,os.type=linux LOW_CARDINAL_EXCEPTION_GROUPING: false image: signoz/signoz-otel-collector:v0.144.4@sha256:3a3205cf47f92249c2c2eca8ead2cdf7d1181646910d397b6c435505422d777a ports: # - "1777:1777" # pprof extension - "4317:4317" # OTLP gRPC receiver - "4318:4318" # OTLP HTTP receiver - 8082:8082 # Logspout collection (https://signoz.io/blog/logspout-signoz-setup/) volumes: - ${DOCKER_VOLUME_CONFIG}/signoz/common/otel/otel-collector-config.yaml:/etc/otel-collector-config.yaml - ${DOCKER_VOLUME_CONFIG}/signoz/common/otel/otel-collector-opamp-config.yaml:/etc/manager-config.yaml - ${DOCKER_VOLUME_CONFIG}/swag/log/nginx/access.log:/swag/log/nginx/access.log:ro - ${DOCKER_VOLUME_CONFIG}/swag/log/nginx/error.log:/swag/log/nginx/error.log:ro signoz-schema-migrator-async: <<: *signoz-db-depend image: signoz/signoz-schema-migrator:v0.144.4@sha256:7678033d452b4f20b8852e736f598d241d95df48f5292ba5388fba670ed94e6e container_name: signoz-schema-migrator-async command: - async - --dsn=tcp://signoz-clickhouse:9000 - --up= profiles: ["rinoa-apps"] restart: on-failure signoz-schema-migrator-sync: <<: *signoz-common image: signoz/signoz-schema-migrator:v0.144.4@sha256:7678033d452b4f20b8852e736f598d241d95df48f5292ba5388fba670ed94e6e container_name: signoz-schema-migrator-sync command: - sync - --dsn=tcp://signoz-clickhouse:9000 - --up= depends_on: signoz-clickhouse: condition: service_healthy profiles: ["rinoa-apps"] restart: on-failure signoz-zookeeper-1: <<: *signoz-zookeeper-defaults container_name: signoz-zookeeper-1 environment: ZOO_SERVER_ID: 1 ALLOW_ANONYMOUS_LOGIN: yes ZOO_AUTOPURGE_INTERVAL: 1 ZOO_ENABLE_PROMETHEUS_METRICS: yes ZOO_PROMETHEUS_METRICS_PORT_NUMBER: 9141 ports: - "2181:2181" - "2888:2888" - "3888:3888" volumes: - signoz-zookeeper-1:/bitnami/zookeeper sonarqube: container_name: sonarqube depends_on: sonarqube-pg-db: condition: service_healthy environment: SONAR_JDBC_URL: jdbc:postgresql://sonarqube-pg-db:5432/sonar SONAR_JDBC_USERNAME: sonar SONAR_JDBC_PASSWORD: ${SONARQUBE_POSTGRES_PASSWORD} SONAR_SECURITY_REALM: LDAP LDAP_URL: ldap://lldap:3890 LDAP_BINDDN: cn=sonarqube,ou=people,dc=trez,dc=wtf LDAP_BINDPASSWORD: ${SONARQUBE_LDAP_BIND_PASSWORD} LDAP_AUTHENTICATION: simple LDAP_USER_BASEDN: ou=people,dc=trez,dc=wtf LDAP_USER_REQUEST: (&(objectClass=inetOrgPerson)(uid={login})(memberof=cn=sonarqube_users,ou=groups,dc=example,dc=com)) LDAP_USER_REALNAMEATTRIBUTE: cn LDAP_USER_EMAILATTRIBUTE: mail hostname: sonarqube image: mc1arke/sonarqube-with-community-branch-plugin:lts@sha256:70b055c294a2a751357ee65d5d55139c93f87faed436d0075034da38b2edafa1 labels: homepage.group: Code/DevOps homepage.name: SonarQube homepage.href: https://sqube.${MY_TLD} homepage.icon: sonarqube.svg homepage.description: Code/DevOps quality/security swag: enable swag_proto: http swag_port: 9000 swag_url: sqube.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: SonarQube swag.uptime-kuma.monitor.url: https://sqube.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 volumes: - sonarqube-data:/opt/sonarqube/data - sonarqube-extensions:/opt/sonarqube/extensions - sonarqube-logs:/opt/sonarqube/logs - sonarqube-temp:/opt/sonarqube/temp ports: - 9003:9000 read_only: true profiles: ["rinoa-infra"] restart: unless-stopped sonarqube-pg-db: container_name: sonarqube-pg-db environment: POSTGRES_USER: sonar POSTGRES_PASSWORD: ${SONARQUBE_POSTGRES_PASSWORD} POSTGRES_DB: sonar healthcheck: test: ["CMD-SHELL", "pg_isready -U sonar -d sonar"] interval: 10s timeout: 5s retries: 5 image: postgres:17-alpine@sha256:979c4379dd698aba0b890599a6104e082035f98ef31d9b9291ec22f2b13059ca profiles: ["rinoa-infra"] restart: unless-stopped volumes: - sonarqube-db:/var/lib/postgresql - sonarqube-db-data:/var/lib/postgresql/data sonarr: container_name: sonarr environment: PGID: ${PGID} PUID: ${PUID} TZ: ${TZ} DOCKER_MODS: ghcr.io/gilbn/theme.park:sonarr hostname: Rinoa image: lscr.io/linuxserver/sonarr:latest@sha256:60f3b6b5c7647ba2bafd81163acfe34b11117b9b834ebd7fbcc3e5f1b309c7ef labels: homepage.group: Servarr Stack homepage.name: Sonarr homepage.href: https://sonarr.${MY_TLD} homepage.icon: sonarr.png homepage.description: TV Show Automation homepage.widget.type: sonarr homepage.widget.url: http://sonarr:8989 homepage.widget.key: ${SONARR_API_KEY} swag: enable swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Sonarr swag.uptime-kuma.monitor.url: https://sonarr.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 8989:8989 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - /etc/localtime:/etc/localtime:ro - ${DOCKER_VOLUME_CONFIG}/sonarr:/config - /rinoa-storage:/storage - ${DOCKER_VOLUME_STORAGE}/downloads/:/downloads sonashow: container_name: sonashow environment: auto_start: true auto_start_delay: 60 dry_run_adding_to_sonarr: false fallback_to_top_result: false language_choice: all metadata_profile_id: 1 minimum_rating: 4.5 minimum_votes: 50 quality_profile_id: 1 sonarr_address: http://sonarr:8989 sonarr_api_key: ${SONARR_API_KEY} root_folder_path: /data/media/shows search_for_missing_episodes: true sonarr_api_timeout: 120 tmdb_api_key: ${TMDB_API_KEY} expose: - 5000 image: thewicklowwolf/sonashow:latest@sha256:fae1105710063e6900159c32942128bc8d78522c2cedf54036f1cbdd9c49281e labels: homepage.group: Servarr Stack homepage.name: SonaShow homepage.href: https://sonashow.${MY_TLD} homepage.icon: sh-sonashow.png homepage.description: TV show discovery based on library/tastes swag: enable swag_auth: authelia swag_proto: http swag_port: 5000 swag_url: sonashow.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: SonaShow swag.uptime-kuma.monitor.url: https://sonashow.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_STORAGE}/TV_Shows target: /data/media/shows type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/sonashow target: /sonashow/config type: bind bind: create_host_path: true - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind soularr: container_name: soularr depends_on: lidarr: condition: service_started required: true soulseek: condition: service_started required: true environment: PUID: ${PUID} PGID: ${PGID} TZ: ${TZ} #Script interval in seconds SCRIPT_INTERVAL: 300 image: mrusse08/soularr:latest@sha256:aaec67deb033e753dfe4f255470bb22108ed8fb4a5473d3b8b630ac35549d730 network_mode: service:gluetun profiles: ["rinoa-apps"] restart: unless-stopped volumes: #"You can set /downloads to whatever you want but will then need to change the Slskd download dir in your config file" - ${DOCKER_VOLUME_STORAGE}/downloads:/downloads #Select where you are storing your config file. Leave "/data" since thats where the script expects the config file to be - ${DOCKER_VOLUME_CONFIG}/soularr:/data soularr-dashboard: container_name: soularr-dashboard depends_on: soularr: condition: service_started environment: DOCKER_HOST: tcp:/${DOCKER_VOLUME_CONFIG}proxy:2375 PUID: ${PUID} PGID: ${PGID} TZ: ${TZ} image: ghcr.io/mrusse/soularr:main@sha256:a46d4b0af667e54e816e2058ec574a03337519ee74476e17875d4c5cb3a3c288 labels: homepage.name: Soularr homepage.group: Downloaders homepage.description: Dashboard for monitoring Soularr homepage.href: https://soularr.${MY_TLD} homepage.icon: /icons/soularr.png swag: enable swag_proto: http swag_url: soularr.${MY_TLD} swag_port: 8080 swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Soularr swag.uptime-kuma.monitor.url: https://soularr.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 18364:8080 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/soularr/dashboard:/app - ${DOCKER_VOLUME_CONFIG}/soularr:/data - ${DOCKER_VOLUME_CONFIG}/soularr/logs:/data/logs - /var/run/docker.sock:/var/run/docker.sock:ro working_dir: /app soulseek: container_name: soulseek depends_on: gluetun: condition: service_started required: true restart: true image: slskd/slskd@sha256:ab9ed50e028b524cefdb7c1dd8ebca368a076e18441ee8ac2326473eb850b4c3 labels: homepage.name: Soulseek homepage.group: Downloaders homepage.description: Modern client-server application for the Soulseek file-sharing network. homepage.href: https://slsk.${MY_TLD} homepage.icon: slskd.svg swag: enable swag_proto: http swag_url: slsk.${MY_TLD} swag_address: gluetun swag_port: 5030 swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: SoulSeek swag.uptime-kuma.monitor.url: https://slsk.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 network_mode: service:gluetun profiles: ["rinoa-apps"] restart: always volumes: - ${DOCKER_VOLUME_CONFIG}/soulseek:/app - ${DOCKER_VOLUME_STORAGE}/Audio/Music:/music - ${DOCKER_VOLUME_STORAGE}/downloads/completed/slsk:/app/downloads/ - ${DOCKER_VOLUME_STORAGE}/downloads/incomplete/slsk:/app/incomplete speedtest-tracker: container_name: speedtest-tracker image: lscr.io/linuxserver/speedtest-tracker:latest@sha256:3f75c5ec7a14c232f91af1ddda4248543bb2e8f0aeb18fec64c34d2f42dd00ce environment: PUID: ${PUID} PGID: ${PGID} APP_KEY: ${SPEEDTEST_TRACKER_APP_KEY} DB_CONNECTION: sqlite SPEEDTEST_SCHEDULE: 15 */3 * * * labels: homepage.name: Speedtest Tracker homepage.group: Infrastructure/App Performance Monitoring homepage.description: Self-hosted internet performance tracking homepage.href: https://speed.${MY_TLD} homepage.icon: speedtest-tracker.png homepage.widget.type: speedtest homepage.widget.url: http://speedtest-tracker swag: enable swag_proto: http swag_url: speed.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Speedtest Tracker swag.uptime-kuma.monitor.url: https://speed.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 47512:80 - 62777:443 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/speedtest-tracker:/config stirling-pdf: container_name: stirling-pdf environment: DOCKER_ENABLE_SECURITY: true LANGS: en_US SECURITY_ENABLE_LOGIN: true SYSTEM_SHOW_UPDATE: false SYSTEM_SHOW_UPDATE_ONLY_ADMIN: true image: docker.stirlingpdf.com/stirlingtools/stirling-pdf:latest@sha256:2bb9b67f3edbca7ecc80f6e851a02cd04a10d5ea1d69b3e80b1e1f615e97b7a2 labels: homepage.name: Stirling-PDF homepage.group: Professional Services homepage.description: PDF Operations homepage.href: https://pdf.${MY_TLD} homepage.icon: stirling-pdf.svg swag: enable swag_port: 8080 swag_proto: http swag_url: pdf.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Stirling-PDF swag.uptime-kuma.monitor.url: https://pdf.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 58931:8080 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/stirling-pdf/training-data:/usr/share/tessdata # Required for extra OCR languages - ${DOCKER_VOLUME_CONFIG}/stirling-pdf/extra-configs:/configs - ${DOCKER_VOLUME_CONFIG}/stirling-pdf/custom-files:/customFiles/ - ${DOCKER_VOLUME_CONFIG}/stirling-pdf/logs:/logs/ - ${DOCKER_VOLUME_CONFIG}/stirling-pdf/pipeline:/pipeline/ swag: cap_add: - NET_ADMIN container_name: swag environment: DNSPLUGIN: cloudflare EMAIL: charish.patel@${MY_TLD} EXTRA_DOMAINS: ONLY_SUBDOMAINS: false PGID: 1000 PUID: 1000 SUBDOMAINS: etherpad,ha,www TZ: America/New_York URL: ${MY_TLD} VALIDATION: dns CROWDSEC_API_KEY: ${CROWDSEC_SWAG_API_KEY} CROWDSEC_LAPI_URL: http://crowdsec:8080 DOCKER_MODS: linuxserver/mods:universal-docker|linuxserver/mods:swag-auto-proxy|linuxserver/mods:swag-dashboard|linuxserver/mods:swag-maxmind|linuxserver/mods:universal-stdout-logs|linuxserver/mods:universal-package-install|ghcr.io/linuxserver/mods:swag-crowdsec #|ghcr.io/trezone/swag-auto-uptime-kuma:d84284c8fbec305e94a6c2f6b825e8e3430d9569 #linuxserver/mods:swag-auto-uptime-kuma INSTALL_PACKAGES: nginx-mod-http-js PROPAGATION: 30 UPTIME_KUMA_PASSWORD: ${UPTIME_KUMA_PASSWORD} UPTIME_KUMA_URL: http://uptimekuma:3001 UPTIME_KUMA_USERNAME: ${UPTIME_KUMA_USERNAME} hostname: Rinoa image: lscr.io/linuxserver/swag:latest@sha256:ef97e83fc0283f972406ed62f208482653b9a9233eb389b947718b28c8c99263 labels: swag: enable swag_proto: http swag_port: 81 swag_url: swag.${MY_TLD} swag_auth: authelia swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.monitor.url: https://swag.${MY_TLD} swag.uptime-kuma.name: SWAG Dashboard swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 homepage.group: Infrastructure/App Performance Monitoring homepage.name: SWAG Dashboard homepage.href: https://swag.${MY_TLD} homepage.icon: linuxserver-io.png homepage.description: SWAG Dashboard for proxies homepage.widget.type: swagdashboard homepage.widget.url: http://swag:81 networks: - default # - nextcloud-aio ports: - 443:443 - 80:80 - 81:81 profiles: ["rinoa-infra"] restart: unless-stopped volumes: - /etc/localtime:/etc/localtime:ro - ${DOCKER_VOLUME_CONFIG}/swag:/config - ${DOCKER_VOLUME_CONFIG}/sablier/sablier.js:/etc/nginx/conf.d/sablier.js # - ${DOCKER_VOLUME_CONFIG}/swag/otel_ngx_module.so:/usr/lib/nginx/modules/otel_ngx_module.so # - ${DOCKER_VOLUME_CONFIG}/swag/30_http_otel.conf:/etc/nginx/modules/30_http_otel.conf # - ${DOCKER_VOLUME_CONFIG}/swag/opentelemetry_config.toml:/etc/nginx/opentelemetry_config.toml - /rinoa-storage:/storage - /var/run/docker.sock:/var/run/docker.sock:ro tandoor: container_name: tandoor-recipes depends_on: tandoor-pg: condition: service_started required: true environment: DB_ENGINE: django.db.backends.postgresql GID: 1000 GUNICORN_MEDIA: 1 POSTGRES_DB: tandoor POSTGRES_HOST: tandoor-pg POSTGRES_PASSWORD: ${TANDOOR_POSTGRES_PASSWORD} POSTGRES_USER: tandoor SECRET_KEY: ${TANDOOR_SECRET_KEY} TZ: ${TZ} UID: 1000 image: vabene1111/recipes@sha256:969c5b3552ffbf18a6f82b3ad5babbae89bfbd30ab6e3195fd3c158bcf3062ed labels: homepage.group: Lifestyle homepage.name: Tandoor Recipes homepage.href: https://recipes.${MY_TLD} homepage.icon: tandoor-recipes.svg homepage.description: Recipes, cookbooks, meal-planning, & grocery lists homepage.widget.type: tandoor homepage.widget.url: http://tandoor-recipes:8080 homepage.widget.key: ${TANDOOR_API_TOKEN} swag: enable swag_proto: http swag_address: tandoor-recipes swag_url: recipes.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Tandoor Recipes swag.uptime-kuma.monitor.url: https://recipes.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 8106:8080 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/tandoor/static target: /opt/recipes/staticfiles type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_CONFIG}/tandoor/media target: /opt/recipes/mediafiles type: bind bind: create_host_path: true tandoor-pg: container_name: tandoor-pg environment: POSTGRES_DB: tandoor POSTGRES_PASSWORD: ${TANDOOR_POSTGRES_PASSWORD} POSTGRES_USER: tandoor expose: - 5432 image: postgres:16-alpine@sha256:16bc17c64a573ef34162af9298258d1aec548232985b33ed7b1eac33ba35c229 networks: default: null profiles: ["rinoa-apps"] restart: always volumes: - source: tandoor-pg target: /var/lib/postgresql/data type: volume volume: {} tdarr: container_name: tdarr environment: TZ: ${TZ} PUID: ${PUID} PGID: ${PGID} UMASK_SET: 2 serverIP: 0.0.0.0 serverPort: 8266 webUIPort: 8265 internalNode: true inContainer: true ffmpegVersion: 7 nodeName: tdarr-rinoa auth: false authSecretKey: ${TDARR_AUTH_SECRET_KEY} openBrowser: true maxLogSizeMB: 10 cronPluginUpdate: NVIDIA_DRIVER_CAPABILITIES: all NVIDIA_VISIBLE_DEVICES: all image: ghcr.io/haveagitgat/tdarr:2.72.01@sha256:fd9abc79b06a14e4ed0940aade7a92afe734d3188104fa085d5cde3eaf778b2f labels: homepage.group: Servarr Stack homepage.name: Tdarr homepage.href: https://tdarr.${MY_TLD} homepage.icon: tdarr.png homepage.description: Distributed transcode automation homepage.widget.type: tdarr homepage.widget.url: http://tdarr:8266 swag: enable swag_proto: http swag_port: 8265 swag_address: tdarr swag_url: tdarr.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Tdarr swag.uptime-kuma.monitor.url: https://tdarr.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 8265:8265 - 8266:8266 restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/tdarr/server:/app/server - ${DOCKER_VOLUME_CONFIG}/tdarr/configs:/app/configs - ${DOCKER_VOLUME_CONFIG}/tdarr/logs:/app/logs - ${DOCKER_VOLUME_CONFIG}/tdarr/transcode_cache:/temp - ${DOCKER_VOLUME_STORAGE}/:/media unmanic: container_name: unmanic environment: DOCKER_MODS: linuxserver/mods:universal-docker|linuxserver/mods:universal-stdout-logs PUID: ${PUID} PGID: ${PGID} LOGS_TO_STDOUT: /config/.unmanic/logs/unmanic.log image: josh5/unmanic:latest@sha256:3751881e8129e412c64453e6d11ff3fb1469121eeb271c73ad63f925a9f5c910 labels: homepage.group: Media Library homepage.name: Unmanic homepage.href: https://unmanic.${MY_TLD} homepage.icon: unmanic.png homepage.description: Library Optimizer homepage.widget.type: unmanic homepage.widget.url: http://unmanic:8888 swag: enable swag_port: 8888 swag_url: unmanic.${MY_TLD} swag_proto: http swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.monitor.url: https://unmanic.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 8911:8888 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - source: ${DOCKER_VOLUME_CONFIG}/unmanic target: /config type: bind bind: create_host_path: true - source: ${DOCKER_VOLUME_STORAGE} target: /library type: bind bind: create_host_path: true - source: unmanic-cache target: /tmp/unmanic type: volume volume: {} uptimekuma: container_name: uptimekuma depends_on: swag: condition: service_started required: true environment: PGID: ${PGID} PUID: ${PUID} TZ: ${TZ} UPTIME_KUMA_USERNAME: ${UPTIME_KUMA_USERNAME} UPTIME_KUMA_PASSWORD: ${UPTIME_KUMA_PASSWORD} DOCKER_HOST: tcp:/${DOCKER_VOLUME_CONFIG}proxy:2375 hostname: Rinoa image: louislam/uptime-kuma:latest@sha256:3d632903e6af34139a37f18055c4f1bfd9b7205ae1138f1e5e8940ddc1d176f9 labels: homepage.group: Infrastructure/App Performance Monitoring homepage.name: Uptime Kuma homepage.href: https://uptime.${MY_TLD} homepage.icon: uptime-kuma.png homepage.description: HTTP Endpoint Monitoring homepage.widget.type: uptimekuma homepage.widget.url: http://uptimekuma:3001 homepage.widget.slug: rinoa-services swag: enable swag_proto: http swag_url: uptime.${MY_TLD} networks: default: null ports: - 3003:3001 profiles: ["rinoa-infra"] restart: unless-stopped volumes: - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/uptimekuma target: /app/data type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind vault: cap_add: - IPC_LOCK command: - server container_name: hc-vault environment: AWS_ACCESS_KEY_ID: ${VAULT_HASHICORP_AWS_ACCESS_KEY_ID} AWS_SECRET_ACCESS_KEY: ${VAULT_HASHICORP_AWS_SECRET_ACCESS_KEY} SKIP_SETCAP: "true" image: hashicorp/vault:2.0.0-bugfix labels: homepage.group: Code/DevOps homepage.name: HashiCorp Vault homepage.icon: vault.png homepage.href: https://vault.${MY_TLD} homepage.description: HashiCorp Vault for secrets, key/value stores, etc. swag: enable swag_proto: http swag_port: 8200 swag_url: vault.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: HashiCorp Vault swag.uptime-kuma.monitor.url: https://vault.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 8200:8200 - 8250:8250 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/config/:/vault/config - ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/logs/:/vault/logs vault-agent: cap_add: - IPC_LOCK command: - agent - -config=/vault/config/vault-agent.hcl container_name: hc-vault-agent environment: VAULT_ADDR: http://hc-vault:8200 SKIP_SETCAP: true image: hashicorp/vault:2.0.0-bugfix ports: - 8100 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/agent/config/:/vault/config:ro - ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/agent/data/:/vault/data:ro - ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/agent/tokens/:/vault/tokens - ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/agent/output/:/vault/output wallos: container_name: wallos environment: TZ: ${TZ} image: bellamy/wallos:latest@sha256:11ed4975912a014e2ec53d5270acfdde8eb928f59b56ad9ba136a2e69bbec019 labels: homepage.group: Lifestyle homepage.name: wallos homepage.href: https://subs.${MY_TLD} homepage.icon: wallos.png homepage.description: Subscription Tracking sablier.enable: false sablier.group: rinoa swag: enable swag_proto: http swag_url: subs.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Wallos swag.uptime-kuma.monitor.url: https://subs.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 8283:80 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - wallos-db:/var/www/html/db - wallos-logos:/var/www/html/images/uploads/logos web-check: container_name: web-check image: lissy93/web-check@sha256:6c2c4957c8794ffbcd50e0b560f6f010f17884b36b587c74155482fbad15a077 labels: homepage.group: Privacy/Security homepage.name: Web-Check homepage.icon: web-check.png homepage.href: https://scan.${MY_TLD} homepage.description: Site scanner for attack vectors, architecture, security configs, and more swag: enable swag_proto: http swag_url: scan.${MY_TLD} swag_port: 3000 swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Web-Check swag.uptime-kuma.monitor.url: https://scan.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 3010:3000 profiles: ["rinoa-apps"] restart: unless-stopped whodb: container_name: whodb image: clidey/whodb@sha256:daee5c278a431a14f7d76a2f55eb483452d16e151f90098a61ceea358d35f025 environment: WHODB_CLICKHOUSE_1: '{ "host": "signoz-clickhouse" }' WHODB_MARIADB_1: '{ "host": "mariadb", "user": "root", "password": "${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD}" }' WHODB_MONGODB_1: '{ "host": "mongodb:27017/admin?replicaSet=rinoa", "user": "root", "password": "${MONGO_INITDB_ROOT_PASSWORD}" }' WHODB_POSTGRES_1: '{ "host": "authelia-pg", "user": "authelia", "password": "${AUTHELIA_STORAGE_POSTGRES_PASSWORD}", "database": "authelia" }' WHODB_POSTGRES_2: '{ "host": "dawarich-pg-db", "user": "dawarich", "password": "${DAWARICH_PG_PASSWORD}", "database": "authelia" }' WHODB_POSTGRES_3: '{ "host": "gitea-db", "user": "gitea", "password": "${GITEA_PG_DB_PASSWORD}", "database": "gitea" }' WHODB_POSTGRES_4: '{ "host": "immich-pg-db", "user": "immich", "password": "${IMMICH_DB_PASSWORD}", "database": "immich" }' WHODB_POSTGRES_5: '{ "host": "invidious-db", "user": "kemal", "password": "${INVID_PG_DB_PASSWORD}", "database": "invidious" }' WHODB_POSTGRES_6: '{ "host": "joplin-db", "user": "joplin", "password": "${JOPLIN_POSTGRES_PASSWORD}", "database": "joplin" }' WHODB_POSTGRES_7: '{ "host": "librechat-vectordb", "user": "librechat", "password": "${LIBRECHAT_PG_DB_PASSWD}", "database": "librechat" }' WHODB_POSTGRES_8: '{ "host": "mastodon-pg-db", "user": "mastodon", "password": "${MASTODON_PG_DB_PASSWORD}", "database": "mastodon" }' WHODB_POSTGRES_9: '{ "host": "penpot-pg-db", "user": "penpot", "password": "${PENPOT_PG_DB_PASSWORD}", "database": "penpot" }' WHODB_POSTGRES_10: '{ "host": "planka-pg-db", "user": "planka", "password": "${PLANKA_PG_PASSWORD}", "database": "planka" }' WHODB_POSTGRES_11: '{ "host": "portnote-pg-db", "user": "portnote", "password": "${PORTNOTE_POSTGRES_PASSWORD}", "database": "portnote" }' WHODB_POSTGRES_12: '{ "host": "reactive-resume-pg", "user": "reactiveresume", "password": "${REACTIVE_RESUME_PGSQL_PASSWORD}", "database": "reactiveresume" }' WHODB_POSTGRES_13: '{ "host": "sonarqube-pg-db", "user": "sonar", "password": "${SONARQUBE_POSTGRES_PASSWORD}", "database": "sonar" }' WHODB_POSTGRES_14: '{ "host": "tandoor-pg", "user": "tandoor", "password": "${TANDOOR_POSTGRES_PASSWORD}", "database": "tandoor" }' WHODB_POSTGRES_15: '{ "host": "asciinema-pg-db", "user": "asciinema", "password": "${ASCIINEMA_PG_DB_PASSWORD}", "database": "asciinema" }' WHODB_REDIS_1: '{ "host": "castopod-valkey" }' WHODB_REDIS_2: '{ "host": "dawarich-valkey" }' WHODB_REDIS_3: '{ "host": "immich-valkey" }' WHODB_REDIS_4: '{ "host": "librechat-valkey" }' WHODB_REDIS_5: '{ "host": "manyfold-valkey" }' WHODB_REDIS_6: '{ "host": "mastodon-valkey" }' WHODB_REDIS_7: '{ "host": "maxun-valkey" }' WHODB_REDIS_8: '{ "host": "mixpost-valkey" }' WHODB_REDIS_9: '{ "host": "paperless-valkey" }' WHODB_REDIS_10: '{ "host": "plant-it-valkey" }' WHODB_SQLITE3_1: '{"database":"kuma.db"}' WHODB_OLLAMA_HOST: 192.168.1.249 WHODB_OLLAMA_PORT: 11434 WHODB_ANTHROPIC_API_KEY: ${LIBRECHAT_ANTHROPIC_API_KEY} WHODB_OPENAI_API_KEY: ${LIBRECHAT_OPENAI_API_KEY} expose: - 8080 labels: homepage.group: System Administration homepage.name: WhoDB homepage.href: https://dbs.${MY_TLD} homepage.icon: whodb.png homepage.description: Lightweight next-gen database explorer swag: enable swag_auth: authelia swag_port: 8080 swag_proto: http swag_url: dbs.${MY_TLD} swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: WhoDB swag.uptime-kuma.monitor.url: https://dbs.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/uptimekuma/:/db wizarr: container_name: wizarr depends_on: authelia: condition: service_started required: true environment: PUID: ${PUID} PGID: ${PGID} DISABLE_BUILTIN_AUTH: true TZ: ${TZ} image: ghcr.io/wizarrrr/wizarr@sha256:19da537e01b5470cb34b083b5ac64cb534dd27084d9d66bc634e96c1f3976884 labels: homepage.group: Servarr Stack homepage.name: Wizarr homepage.href: https://wizarr.${MY_TLD} homepage.icon: wizarr.svg homepage.description: User invitation management system for Jellyfin, Plex, and Emby swag: enable swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: Wizarr swag.uptime-kuma.monitor.url: https://wizarr.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 ports: - 5690:5690 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - ${DOCKER_VOLUME_CONFIG}/wizarr/database:/data/database - ${DOCKER_VOLUME_CONFIG}/wizarr/wizard:/data/wizard_steps youtubedl: container_name: youtubedl environment: PGID: ${PGID} PUID: ${PUID} TZ: America/New_York YDL_CONFIG_PATH: /youtube-dl/config.yml YDL_DEBUG: "false" hostname: Rinoa image: nbr23/youtube-dl-server:latest@sha256:b96cd888162d088b5a2e011b03fca1c78c9bbf2e5ed558325330a8420c66af5a labels: homepage.group: Downloaders homepage.name: YoutubeDL homepage.icon: youtube-dl.svg homepage.href: https://ytdl.${MY_TLD} homepage.description: YouTube Downloader swag: enable swag_proto: http swag_url: ytdl.${MY_TLD} swag_port: 8080 swag.uptime-kuma.enabled: true swag.uptime-kuma.monitor.parent: Rinoa swag.uptime-kuma.name: YoutubeDL swag.uptime-kuma.monitor.url: https://ytdl.${MY_TLD} swag.uptime-kuma.monitor.interval: 300 swag.uptime-kuma.monitor.retryInterval: 60 swag.uptime-kuma.monitor.maxretries: 5 networks: default: null ports: - 8089:8080 profiles: ["rinoa-apps"] restart: unless-stopped volumes: - bind: create_host_path: true read_only: true source: /etc/localtime target: /etc/localtime type: bind - bind: create_host_path: true source: ${DOCKER_VOLUME_CONFIG}/youtubedl target: /youtube-dl type: bind - bind: create_host_path: true source: /rinoa-storage target: /storage type: bind volumes: asciinema-data: name: asciinema-data asciinema-pg-data: name: asciinema-pg-data authelia-pg-db: name: authelia-pg-db authelia-valkey-data: name: authelia-valkey-data castopod-media: name: castopod-media castopod-valkey-data: name: castopod-valkey-data changedetection-data: name: changedetection-data crowdsec-config: name: crowdsec-config crowdsec-db: name: crowdsec-db dagu-data: name: dagu-data dawarich_db_data: name: dawarich_db_data dawarich_shared: name: dawarich_shared dawarich_public: name: dawarich_public dawarich-valkey-data: name: dawarich-valkey-data dawarich_watched: name: dawarich_watched dockflare_data: name: dockflare_data fastenhealth-cache: name: fastenhealth-cache fastenhealth-db: name: fastenhealth-db gitea-pg-db: name: gitea-pg-db immich-model-cache: name: immich-model-cache immich-valkey-data: name: immich-valkey-data influxdb2-data: name: influxdb2-data influxdb2-config: name: influxdb2-config invidious-companion-cache: name: invidious-companion-cache invidious-postgres: name: invidious-postgres jitsi-web-admin-theme: name: jitsi-web-admin-theme jitsi-web-admin-upload: name: jitsi-web-admin-upload joplin_data: name: joplin_data karakeep-data: name: karakeep-data linkstack_data: name: linkstack_data libretranslate_api_keys: name: libretranslate_api_keys libretranslate_models: name: libretranslate_models lldap_data: name: lldap_data manyfold-pg-db: name: manyfold-pg-db manyfold-valkey-data: name: manyfold-valkey-data mastodon-pg-db: name: mastodon-pg-db mastodon-valkey-data: name: mastodon-valkey-data maxun-pg-data: name: maxun-pg-data maxun-valkey-data: name: maxun-valkey-data mixpost-storage: name: mixpost-storage mixpost-logs: name: mixpost-logs mixpost-valkey-data: name: mixpost-valkey-data mgob-data: name: mgob-data mgob-tmp: name: mgob-tmp mongodb_config: name: mongodb_config mongodb_data: name: mongodb_data n8n-data: name: n8n-data nextcloud_aio_mastercontainer: name: nextcloud_aio_mastercontainer nocodb_data: name: nocodb_data nocodb_pg_data: name: nocodb_pg_data nocodb_valkey_data: name: nocodb_valkey_data open-webui-data: name: open-webui-data open-webui-valkey-data: name: open-webui-valkey-data paperless-ngx-data: name: paperless-ngx-data paperless-ngx-media: name: paperless-ngx-media paperless-ngx-pg: name: paperless-ngx-pg paperless-valkey-data: name: paperless-valkey-data pgbackweb-data: name: pgbackweb-data planka-favicons: name: planka-favicons planka-user-avatars: name: planka-user-avatars planka-background-images: name: planka-background-images planka-attachments: name: planka-attachments planka-db-data: name: planka-db-data plant-it-valkey-data: name: plant-it-valkey-data portainer-data: name: portainer-data protonmail-data: name: protonmail-data reactive-resume-pg: name: reactive-resume-pg romm_resources: name: romm_resources romm-valkey-data: name: romm-valkey-data searxng-valkey-data: name: searxng-valkey-data semaphore_config: name: semaphore_config semaphore_data: name: semaphore_data semaphore_tmp: name: semaphore_tmp signoz-clickhouse: name: signoz-clickhouse signoz-sqlite: name: signoz-sqlite signoz-zookeeper-1: name: signoz-zookeeper-1 sonarqube-data: name: sonarqube-data sonarqube-db: name: sonarqube-db sonarqube-db-data: name: sonarqube-db-data sonarqube-extensions: name: sonarqube-extensions sonarqube-logs: name: sonarqube-logs sonarqube-temp: name: sonarqube-temp tandoor-pg: name: tandoor-pg unmanic-cache: name: unmanic-cache wallos-db: name: wallos-db wallos-logos: name: wallos-logos