Trez/rinoa-docker
4
0
Fork 0
Code Issues 1 Pull Requests 9 Actions Activity
Files
504bc0b0f7ac807d0d00a743df39de05b09fd5b8
rinoa-docker/docker-compose.yml
T
renovate-bot 504bc0b0f7
Renovate Image Tag Deployment / Renovate PR Deployment (pull_request) Failing after 3m24s
Details
🔧 Renovate: Update (digest) docker.io/library/postgres:14 Docker digest to b964c32
2026-02-25 22:26:23 +00:00

7064 lines
238 KiB
YAML
Raw Blame History

name: compose
networks:
default:
name: compose_default
nextcloud-aio:
external: true
x-jitsi-admin: &jitsi_admin_app
image: h2invent/jitsi-admin-main:latest@sha256:0d442f65e8f68c84beda5a7b4c2240b9c0774fb244a31640cde5af57bb476f61
#build: .
environment:
APACHE_DOCUMENT_ROOT: "public/"
PHP_EXTENSION_XDEBUG: "1"
PHP_INI_MEMORY_LIMIT: "1G"
PHP_EXTENSION_LDAP: 1
PHP_EXTENSION_INTL: 1
x-maxun: &maxun-env
environment:
NODE_ENV: production
JWT_SECRET: ${MAXUN_JWT_SECRET}
DB_NAME: maxun
DB_USER: maxun
DB_PASSWORD: ${MAXUN_DB_PASSWORD}
DB_HOST: maxun-pg-db
DB_PORT: 5432
ENCRYPTION_KEY: ${MAXUN_ENCRYPTION_KEY}
SESSION_SECRET: ${MAXUN_SESSION_SECRET}
MINIO_ENDPOINT: minio
MINIO_PORT: 9000
MINIO_CONSOLE_PORT: 9001
MINIO_ACCESS_KEY: ${MAXUN_MINIO_ACCESS_KEY}
MINIO_SECRET_KEY: ${MAXUN_MINIO_SECRET_KEY}
REDIS_HOST: maxun-valkey
REDIS_PORT: 6379
BACKEND_PORT: 8080
FRONTEND_PORT: 5173
BACKEND_URL: https://scrape.${MY_TLD}
PUBLIC_URL: https://scrape.${MY_TLD}
VITE_BACKEND_URL: https://scrape.${MY_TLD}
VITE_PUBLIC_URL: https://scrape.${MY_TLD}
MAXUN_TELEMETRY: true
PLAYWRIGHT_BROWSERS_PATH: /ms-playwright
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 0
CHROMIUM_FLAGS: "--disable-gpu --no-sandbox --headless=new"
#DEBUG: pw:api
#PWDEBUG: 1
x-signoz-common: &signoz-common
profiles: ["rinoa-apps"]
restart: unless-stopped
x-signoz-clickhouse-defaults: &signoz-clickhouse-defaults
<<: *signoz-common
# adding non LTS version due to this fix https://github.com/ClickHouse/ClickHouse/commit/32caf8716352f45c1b617274c7508c86b7d1afab
image: clickhouse/clickhouse-server:25.5.6-alpine
tty: true
labels:
signoz.io/scrape: "true"
signoz.io/port: "9363"
signoz.io/path: "/metrics"
depends_on:
signoz-init-clickhouse:
condition: service_completed_successfully
signoz-zookeeper-1:
condition: service_healthy
healthcheck:
test:
- CMD
- wget
- --spider
- -q
- 0.0.0.0:8123/ping
interval: 30s
timeout: 5s
retries: 3
ulimits:
nproc: 65535
nofile:
soft: 262144
hard: 262144
environment:
- CLICKHOUSE_SKIP_USER_SETUP=1
x-signoz-zookeeper-defaults: &signoz-zookeeper-defaults
<<: *signoz-common
image: signoz/zookeeper:3.7.1@sha256:fcc4a3288154ccaa3bdb5ae6dc10180c084d29a8a6a26b62ac8e30a8940dc2e6
user: root
labels:
signoz.io/scrape: "true"
signoz.io/port: "9141"
signoz.io/path: "/metrics"
healthcheck:
test:
- CMD-SHELL
- curl -s -m 2 http://localhost:8080/commands/ruok | grep error | grep null
interval: 30s
timeout: 5s
retries: 3
x-signoz-db-depend: &signoz-db-depend
<<: *signoz-common
depends_on:
signoz-clickhouse:
condition: service_healthy
signoz-schema-migrator-sync:
condition: service_completed_successfully
x-valkey-params: &valkey-params
healthcheck:
test: redis-cli ping || exit 1
image: docker.io/valkey/valkey:9-alpine@sha256:68677f85c863830af7836ff07c4a13b7f085ebeff62f4dedb71499ca27d229f2
environment:
ALLOW_EMPTY_PASSWORD: yes
VALKEY_DATA_DIR: /data/valkey
VALKEY_DATABASE: 0
expose:
- 6379
profiles: ["rinoa-apps"]
restart: unless-stopped
services:
13ft:
container_name: 13ft
image: ghcr.io/wasi-master/13ft:latest@sha256:563ce7794a7173250c25c9162495bf2f510dd714067d74363c9ab2bd0e5a994f
labels:
swag: enable
swag_port: 5000
swag_proto: http
swag_url: 13ft.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: 13ft Ladder
swag.uptime-kuma.monitor.url: https://13ft.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Personal Tools
homepage.name: 13ft Ladder
homepage.icon: 13ft.svg
homepage.href: https://13ft.${MY_TLD}
homepage.description: Web interface for blocking ads and paywalls
ports:
- 10633:5000
profiles: ["rinoa-apps"]
restart: unless-stopped
actual_server:
container_name: actualbudget
environment:
ACTUAL_LOGIN_METHOD: "password"
ACTUAL_PORT: 5006
# - ACTUAL_UPLOAD_FILE_SYNC_SIZE_LIMIT_MB=20
# - ACTUAL_UPLOAD_SYNC_ENCRYPTED_FILE_SYNC_SIZE_LIMIT_MB=50
# - ACTUAL_UPLOAD_FILE_SIZE_LIMIT_MB=20
# See all options and more details at https://actualbudget.github.io/docs/Installing/Configuration
# !! If you are not using any of these options, remove the 'environment:' tag entirely.
image: docker.io/actualbudget/actual-server:latest@sha256:c34346f87725b9cce5dca5af1a2a9b989127d592cc4c6af5cf4652d4a86def90
labels:
swag: enable
swag_port: 5006
swag_proto: http
swag_url: fin.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Actual Budget
swag.uptime-kuma.monitor.url: https://13ft.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Lifestyle
homepage.name: Actual Budget
homepage.icon: actual-budget.svg
homepage.href: https://fin.${MY_TLD}
homepage.description: Privacy-focused app for managing finances
ports:
- 5006:5006
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/actual-budget:/data
adguard:
cap_add:
- NET_BIND_SERVICE
- NET_RAW
container_name: adguard
environment:
TZ: ${TZ}
image: adguard/adguardhome:v0.107.71@sha256:92929135ced2554aaf94706f766a98ad348f211df61b0704e2db7e8498cc00b7
labels:
swag: enable
swag_proto: http
swag_port: 8008
swag_address: 192.168.1.254
swag_url: adgh.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: AdGuard Home
swag.uptime-kuma.monitor.url: https://adgh.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: System Administration
homepage.name: AdGuard Home
homepage.icon: adguard-home.png
homepage.href: https://adgh.${MY_TLD}
homepage.description: Ad-blocking/DNS
homepage.widget.type: adguard
homepage.widget.url: http://192.168.1.254:8008
homepage.widget.username: admin
homepage.widget.password: ${ADGUARD_PASSWORD}
network_mode: host
privileged: true
# ports:
# - "192.168.1.254:53:53/udp"
# - "192.168.1.254:53:53/tcp"
# - 3001:3000
# - "192.168.1.254:446:443/tcp"
# - 8008:80
# - "192.168.1.254:853:853/tcp"
# - 67:67
# - 688:68
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/adguard/work:/opt/adguardhome/work
- ${DOCKER_VOLUME_CONFIG}/adguard/conf:/opt/adguardhome/conf
- ${DOCKER_VOLUME_CONFIG}/swag/etc/letsencrypt/:/opt/adguardhome/certs
apcupsd-cgi:
container_name: apcupsd-cgi
environment:
UPSHOSTS: 192.168.1.254
UPSNAMES: Rinoa
TZ: ${TZ}
DASHBOARD_PROVISION: false
image: bnhf/apcupsd-cgi:latest@sha256:e8733930739719aca608fd97aecfb0aa5f53aaf7681bf4bbccd49dbf67132bf8
labels:
swag: enable
swag_proto: http
swag_auth: authelia
swag_url: apc.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: APC UPS Web
swag.uptime-kuma.monitor.url: https://apc.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: APC UPS Web
homepage.icon: apc.svg
homepage.href: https://apc.${MY_TLD}
homepage.description: Web interface for apcupsd
homepage.widget.type: apcups
homepage.widget.url: tcp://192.168.1.254:3551
ports:
- 3552:80
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/apcupsd:/etc/apcupsd
apprise-api:
container_name: apprise-api
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
APPRISE_ATTACH_DIR: /attach
APPRISE_ATTACH_SIZE: 500
APPRISE_CONFIG_DIR: /config
APPRISE_STATEFUL_MODE: simple
image: lscr.io/linuxserver/apprise-api:latest@sha256:12402826bb18353b0348bf7abe64e355180604985911094a39abe9a9069dd840
labels:
swag: enable
swag_proto: http
swag_port: 8000
swag_auth: authelia
swag_auth_bypass: /status,/notify/,/details,/metrics,/json/urls
swag_url: apprise.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Apprise-API
swag.uptime-kuma.monitor.url: https://apprise.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: Apprise
homepage.icon: apprise.png
homepage.href: https://apprise.${MY_TLD}
homepage.description: Multi-channel notification API
homepage.widget.type: customapi
homepage.widget.headers: "Accept: application/json"
homepage.widget.url: http://apprise-api:8000/status
homepage.widget.method: GET
homepage.widget.mappings[0].label: Status
homepage.widget.mappings[0].field: status.details
# homepage.widget[1].type: customapi
# homepage.widget[1].headers: 'Accept: application/json'
# homepage.widget[1].url: http://apprise-api:8111/json/urls/apprise?privacy=1
# homepage.widget[1].method: GET
# homepage.widget[1].mappings[0].label: URLS
# homepage.widget[1].mappings[0].field: urls
# homepage.widget[1].mappings[0].format: size
ports:
- 54995:8000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/apprise/conf:/config
- ${DOCKER_VOLUME_CONFIG}/apprise/attachments:/attach #optional
archivebox:
container_name: archivebox
environment:
ADMIN_USERNAME: admin # creates an admin user on first run with the given user/pass combo
ADMIN_PASSWORD: ${ARCHIVEBOX_ADMIN_PASSWORD}
ALLOWED_HOSTS: "*" # set this to the hostname(s) you're going to serve the site from!
CSRF_TRUSTED_ORIGINS: http://localhost:8000 # you MUST set this to the server's URL for admin login and the REST API to work
PUBLIC_INDEX: false # set to False to prevent anonymous users from viewing snapshot list
PUBLIC_SNAPSHOTS: false # set to False to prevent anonymous users from viewing snapshot content
PUBLIC_ADD_VIEW: false # set to True to allow anonymous users to submit new URLs to archive
SEARCH_BACKEND_ENGINE: ripgrep # tells ArchiveBox to use sonic container below for fast full-text search
image: archivebox/archivebox:latest@sha256:fdf2936192aa1e909b0c3f286f60174efa24078555be4b6b90a07f2cef1d4909
labels:
homepage.group: Personal Tools
homepage.name: ArchiveBox
homepage.href: https://archive.${MY_TLD}
homepage.icon: archivebox.png
homepage.description: Open-source and self-hosted web archiving
swag: enable
swag_port: 8000
swag_proto: http
swag_url: archive.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: ArchiveBox
swag.uptime-kuma.monitor.url: https://archive.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 21324:8000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/archivebox:/data
# ./data/personas/Default/chrome_profile/Default:/data/personas/Default/chrome_profile/Default
asciinema:
container_name: asciinema
depends_on:
asciinema-pg-db:
condition: service_healthy
required: true
environment:
DATABASE_URL: postgresql://asciinema:${ASCIINEMA_PG_DB_PASSWORD}@asciinema-pg-db:5432/asciinema
DEFAULT_AVATAR: gravatar
MAIL_FROM_ADDRESS: noreply@${MY_TLD}
SECRET_KEY_BASE: ${ASCIINEMA_SECRET_KEY_BASE}
SIGN_UP_DISABLED: true
SMTP_HOST: postal-smtp
SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER}
SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
SMTP_PORT: 25
UPLOAD_AUTH_REQUIRED: true
URL_HOST: asciinema.trez.wtf
URL_PORT: 4000
URL_SCHEME: https
image: ghcr.io/asciinema/asciinema-server:latest@sha256:d6d3bd5377dbe0773016ece1fdcc8326826d45395f1df7a6883ea30caf7140e8
labels:
homepage.group: Code/DevOps
homepage.name: Asciinema
homepage.href: https://asciinema.${MY_TLD}
homepage.icon: asciinema.svg
homepage.description: Platform for hosting and sharing terminal session recordings
swag: enable
swag_port: 4000
swag_proto: http
swag_url: asciinema.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Asciinema
swag.uptime-kuma.monitor.url: https://asciinema.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 4000:4000
- 4002:4002
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- asciinema-data:/var/opt/asciinema
asciinema-pg-db:
container_name: asciinema-pg-db
environment:
POSTGRES_PASSWORD: ${ASCIINEMA_PG_DB_PASSWORD}
POSTGRES_USER: asciinema
POSTGRES_DB: asciinema
expose:
- 5432
healthcheck:
test: ["CMD-SHELL", "pg_isready -U asciinema"]
interval: 2s
timeout: 5s
retries: 10
image: postgres:14-alpine@sha256:0197f365d4245fffa3988018ab1a5040b4ba79b572b21c2c82695d7b68692ff0
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- asciinema-pg-data:/var/lib/postgresql/data
audiobookshelf:
container_name: audiobookshelf
environment:
CONFIG_PATH: /config
HOME: /config/.home
LOG_LEVEL: info
METADATA_PATH: /metadata
TZ: America/New_York
hostname: Rinoa
image: ghcr.io/advplyr/audiobookshelf:latest@sha256:a52dc5db694a5bf041ce38f285dd6c6a660a4b1b21e37ad6b6746433263b2ae5
labels:
homepage.group: Media Library
homepage.name: Audiobookshelf
homepage.href: https://abs.${MY_TLD}
homepage.icon: audiobookshelf.png
homepage.description: Podcasts, eBooks, & Audiobooks
homepage.widget.type: audiobookshelf
homepage.widget.url: http://audiobookshelf:80
homepage.widget.key: ${AUDIOBOOKSHELF_ROOT_API_KEY}
swag: enable
swag_address: audiobookshelf
swag_proto: http
swag_url: abs.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Audiobookshelf
swag.uptime-kuma.monitor.url: https://abs.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 13378:80
profiles: ["rinoa-apps"]
restart: unless-stopped
user: 1000:1000
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/audiobookshelf
target: /config
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/audiobookshelf/.metadata
target: /metadata
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
audiomuse-ai-flask:
container_name: audiomuse-ai-flask
depends_on:
audiomuse-ai-valkey:
required: true
condition: service_healthy
audiomuse-ai-pg:
required: true
condition: service_healthy
environment:
AI_MODEL_PROVIDER: OLLAMA
OLLAMA_SERVER_URL: http://192.168.1.249:11434/api/generate
SERVICE_TYPE: "flask"
MEDIASERVER_TYPE: "navidrome"
NAVIDROME_URL: http://navidrome:4533/
NAVIDROME_USER: ${NAVIDROME_USERNAME}
NAVIDROME_PASSWORD: ${NAVIDROME_PASSWORD}
POSTGRES_USER: audiomuse
POSTGRES_PASSWORD: ${AUDIOMUSE_AI_PG_PASSWORD}
POSTGRES_DB: audiomusedb
POSTGRES_HOST: audiomuse-ai-pg
POSTGRES_PORT: 5432
REDIS_URL: redis://audiomuse-ai-valkey:6379/0
TEMP_DIR: /app/temp_audio
image: ghcr.io/neptunehub/audiomuse-ai:0.7.12-beta@sha256:a0ed658b75d66044e3884cbf94acf5e016d4898bac4d5f0f25929b066c3e5f9c
labels:
homepage.group: Media Library
homepage.name: AudioMuse-AI
homepage.href: https://muse.${MY_TLD}
homepage.description: Automatic playlist generation using AI
homepage.icon: /icons/audiomuseai.png
swag: enable
swag_auth: authelia
swag_port: 8000
swag_proto: http
swag_url: muse.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: AudioMuse-AI
swag.uptime-kuma.monitor.url: https://muse.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 36025:8000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- audiomuse-temp-audio-flask:/app/temp_audio
audiomuse-ai-pg:
container_name: audiomuse-ai-pg
environment:
POSTGRES_USER: audiomuse
POSTGRES_PASSWORD: ${AUDIOMUSE_AI_PG_PASSWORD}
POSTGRES_DB: audiomusedb
expose:
- 5432
healthcheck:
test: ["CMD-SHELL", "pg_isready -U audiomuse -d audiomusedb"]
interval: 10s
retries: 5
start_period: 30s
timeout: 10s
image: postgres:15-alpine@sha256:5fe8ca7fc662071188c30271cb870d1ce9a6ec4578c934b064697ae77a9241e1
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- audiomuse-ai-pg-data:/var/lib/postgresql/data
audiomuse-ai-valkey:
container_name: audiomuse-ai-valkey
<<: *valkey-params
volumes:
- audiomuse-ai-valkey-data:/data/valkey
audiomuse-ai-worker:
container_name: audiomuse-ai-worker
depends_on:
audiomuse-ai-valkey:
required: true
condition: service_healthy
audiomuse-ai-pg:
required: true
condition: service_healthy
environment:
AI_MODEL_PROVIDER: OLLAMA
OLLAMA_SERVER_URL: http://192.168.1.249:11434/api/generate
SERVICE_TYPE: "worker"
MEDIASERVER_TYPE: "navidrome"
NAVIDROME_URL: http://navidrome:4533/
NAVIDROME_USER: ${NAVIDROME_USERNAME}
NAVIDROME_PASSWORD: ${NAVIDROME_PASSWORD}
POSTGRES_USER: audiomuse
POSTGRES_PASSWORD: ${AUDIOMUSE_AI_PG_PASSWORD}
POSTGRES_DB: audiomusedb
POSTGRES_HOST: audiomuse-ai-pg
POSTGRES_PORT: 5432
REDIS_URL: "redis://audiomuse-ai-valkey:6379/0"
TEMP_DIR: "/app/temp_audio"
image: ghcr.io/neptunehub/audiomuse-ai:0.7.12-beta@sha256:a0ed658b75d66044e3884cbf94acf5e016d4898bac4d5f0f25929b066c3e5f9c
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- audiomuse-temp-audio-worker:/app/temp_audio
authelia:
container_name: authelia
depends_on:
authelia-pg:
condition: service_started
required: true
lldap:
condition: service_started
required: true
environment:
AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD: ${AUTHELIA_AUTH_BIND_LDAP_PASSWORD}
AUTHELIA_JWT_SECRET: ${AUTHELIA_JWT_SECRET}
AUTHELIA_NOTIFIER_SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
AUTHELIA_NOTIFIER_SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER}
AUTHELIA_SESSION_SECRET: ${AUTHELIA_SESSION_SECRET}
AUTHELIA_STORAGE_ENCRYPTION_KEY: ${AUTHELIA_STORAGE_ENCRYPTION_KEY}
AUTHELIA_STORAGE_POSTGRES_PASSWORD: ${AUTHELIA_STORAGE_POSTGRES_PASSWORD}
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
X_AUTHELIA_CONFIG_FILTERS: template
expose:
- 9091
- 9959 # Metrics port for Prometheus
image: authelia/authelia:master@sha256:0128483f5f3da143315cc96a94cb8079cbaaf2d914179d7d3bc8c3c1a428c24c
labels:
homepage.group: Privacy/Security
homepage.name: Authelia
homepage.href: https://auth.${MY_TLD}
homepage.icon: authelia.svg
homepage.description: Authentication/authorization server with MFA & SSO
swag: enable
swag_proto: http
swag_port: 9091
swag_url: auth.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Authelia
swag.uptime-kuma.monitor.url: https://auth.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/authelia/
target: /config
type: bind
bind:
create_host_path: true
authelia-pg:
container_name: authelia-pg
environment:
POSTGRES_PASSWORD: ${AUTHELIA_STORAGE_POSTGRES_PASSWORD}
POSTGRES_USER: authelia
POSTGRES_DB: authelia
expose:
- 5432
image: postgres:16-alpine@sha256:97ff59a4e30e08d1c11bdcd9455e7832368c0572b576c9092cde2df4ae5552a3
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: authelia-pg-db
target: /var/lib/postgresql/data
type: volume
bind:
create_host_path: true
authelia-valkey:
container_name: authelia-valkey
<<: *valkey-params
volumes:
- authelia-valkey-data:/data/valkey
backrest:
container_name: backrest
hostname: backrest
image: garethgeorge/backrest:latest@sha256:6ecf25925dafcb6b37ab871d23c1d424a6f5008191a631c0b520641ec22a3f84
environment:
BACKREST_DATA: /data # path for backrest data. restic binary and the database are placed here.
BACKREST_CONFIG: /config/config.json # path for the backrest config file.
XDG_CACHE_HOME: /cache # path for the restic cache which greatly improves performance.
TZ: ${TZ} # set the timezone for the container, used as the timezone for cron jobs.
labels:
swag: enable
swag_port: 9898
swag_proto: http
swag_url: backrest.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Backrest
swag.uptime-kuma.monitor.url: https://backrest.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Automation
homepage.name: Backrest
homepage.href: https://backrest.${MY_TLD}
homepage.icon: backrest.svg
homepage.description: Data backup
ports:
- 9898:9898
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/backrest/data:/data
- ${DOCKER_VOLUME_CONFIG}/backrest/config:/config
- ${DOCKER_VOLUME_CONFIG}/backrest/cache:/cache
bazarr:
container_name: bazarr
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
DOCKER_MODS: ghcr.io/gilbn/theme.park:bazarr
hostname: Rinoa
image: lscr.io/linuxserver/bazarr:latest@sha256:18ff732dffcebd559d15a91845fc3360d49652ea01dccfbfd98b8248ceb86e38
labels:
homepage.group: Servarr Stack
homepage.name: Bazarr
homepage.href: https://bazarr.${MY_TLD}
homepage.icon: bazarr.png
homepage.description: Subtitle automation for TV shows/movies
homepage.widget.type: bazarr
homepage.widget.url: http://bazarr:6767
homepage.widget.key: ${BAZARR_API_KEY}
swag: enable
swag_proto: http
swag_port: 6767
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Bazarr
swag.uptime-kuma.monitor.url: https://bazaar.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 6767:6767
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/bazarr
target: /config
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
beszel:
container_name: beszel
extra_hosts:
- host.docker.internal:host-gateway
image: henrygd/beszel:latest@sha256:d1326b5cd73838b1d1acc5f1764c4b993c9668aa26df149082695894cb2805ae
labels:
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: Beszel
homepage.href: https://beszel.${MY_TLD}
homepage.icon: beszel.svg
homepage.description: Lightweight server monitoring hub
homepage.widget.type: beszel
homepage.widget.url: http://beszel:8090
homepage.widget.username: ${SWAG_ENVIRONMENT_EMAIL}
homepage.widget.password: ${BESZEL_ADMIN_PASSWORD}
homepage.widget.version: 2
swag: enable
swag_proto: http
swag_port: 8090
swag_url: beszel.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Beszel
swag.uptime-kuma.monitor.url: https://beszel.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 22220:8090
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/beszel:/beszel_data
beszel-agent:
container_name: beszel-agent
depends_on:
beszel:
condition: service_started
required: true
environment:
PORT: 45876
# Do not remove quotes around the key
KEY: "${BESZEL_RINOA_AGENT_KEY}"
expose:
- 45876
image: henrygd/beszel-agent:latest@sha256:67b51e7976da13b7ce15e0270869827d54aa3df8cf0978e240e4105f62395a46
network_mode: host
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /rinoa-storage:/extra-filesystems/rinoa-storage:ro
- /dev/nvme0n1:/extra-filesystems/nvme0n1:ro
bitwarden:
container_name: bitwarden
environment:
ADMIN_TOKEN: ${BITWARDEN_ENVIRONMENT_ADMIN_TOKEN}
DATABASE_URL: data/db.sqlite3
DISABLE_ADMIN_TOKEN: "false"
DOMAIN: https://bitwarden.${MY_TLD}
ENABLE_DB_WAL: "true"
INVITATIONS_ALLOWED: "false"
SHOW_PASSWORD_HINT: "false"
SIGNUPS_ALLOWED: "true"
SIGNUPS_VERIFY: "true"
TZ: America/New_York
WEBSOCKET_ENABLED: "true"
hostname: Rinoa
image: vaultwarden/server:latest@sha256:1ca2e2098ba9ab9e46004f4ee61a3be6080ffee3ed41018a95c4b0fb6454a54b
labels:
homepage.group: Privacy/Security
homepage.name: Vaultwarden
homepage.icon: vaultwarden.svg
homepage.href: https://bitwarden.${MY_TLD}
homepage.description: Credential/Information Vault
swag: enable
swag_url: bitwarden.${MY_TLD}
swag_proto: http
swag_port: 80
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Vaultwarden
swag.uptime-kuma.monitor.url: https://bitwarden.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 3012:3012
- 8013:80
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/bitwarden
target: /data
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
bluesky-pds:
container_name: bluesky-pds
environment:
PDS_ADMIN_EMAIL: charish.patel@${MY_TLD}
PDS_HOSTNAME: bsky.${MY_TLD}
PDS_JWT_SECRET: ${BLUESKY_PDS_JWT_SECRET}
PDS_ADMIN_PASSWORD: ${BLUESKY_PDS_ADMIN_PASSWORD}
PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: ${BLUESKY_PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX}
PDS_DATA_DIRECTORY: /pds
PDS_EMAIL_SMTP_URL: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25
PDS_EMAIL_FROM_ADDRESS: noreply@${MY_TLD}
PDS_BLOBSTORE_DISK_LOCATION: /pds/blocks
PDS_BLOB_UPLOAD_LIMIT: 52428800
PDS_DID_PLC_URL: ${PDS_DID_PLC_URL}
PDS_BSKY_APP_VIEW_URL: ${PDS_BSKY_APP_VIEW_URL}
PDS_BSKY_APP_VIEW_DID: ${PDS_BSKY_APP_VIEW_DID}
PDS_REPORT_SERVICE_URL: ${PDS_REPORT_SERVICE_URL}
PDS_REPORT_SERVICE_DID: ${PDS_REPORT_SERVICE_DID}
PDS_CRAWLERS: ${PDS_CRAWLERS}
LOG_ENABLED: true
expose:
- 3000
image: code.modernleft.org/gravityfargo/bluesky-pds:v0.4.193@sha256:54122ea4515d9021a4901aa849c6e57d2275e2194f6eda2cc9df217d12302f9e
labels:
swag: enable
swag_port: 3000
swag_url: bsky.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: BlueSky PDS
swag.uptime-kuma.monitor.url: https://bsky.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- type: bind
source: ${DOCKER_VOLUME_CONFIG}/bluesky-pds
target: /pds
browserless:
container_name: browserless
environment:
ALLOW_FILE_PROTOCOL: true
CONCURRENT: 20
HEALTH: false
PROXY_HOST: browserless
PROXY_PORT: 3000
PROXY_SSL: false
QUEUED: 20
TIMEOUT: 300000
TOKEN: ${CHROMIUM_TOKEN}
TZ: ${TZ}
expose:
- 3000
extra_hosts:
- "host.docker.internal:host-gateway"
image: ghcr.io/browserless/chromium:latest@sha256:ca3fca1093897b11dd1319d6b28d42d86ba5e2cff0fdfbdd4dcf448a0b76c795
labels:
swag: enable
swag_proto: http
swag_port: 3000
swag_url: browse.${MY_TLD}
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
bytestash:
container_name: bytestash
environment:
BASE_PATH:
JWT_SECRET: ${BYTESTASH_JWT_SECRET}
TOKEN_EXPIRY: 24h
ALLOW_NEW_ACCOUNTS: true
DEBUG: true
DISABLE_ACCOUNTS: false
DISABLE_INTERNAL_ACCOUNTS: false
image: ghcr.io/jordan-dalby/bytestash:latest@sha256:f5ca5cc8c33d76eda8969757d5b6da653c39ca8d946b3f7bfbc86df1360bf525
labels:
homepage.description: Code Gists/Snippets
homepage.group: Code/DevOps
homepage.href: https://gist.${MY_TLD}
homepage.icon: bytestash.svg
homepage.name: ByteStash
swag: enable
swag_port: 5000
swag_proto: http
swag_url: gist.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: ByteStash
swag.uptime-kuma.monitor.url: https://gist.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 62139:5000
profiles: ["rinoa-apps"]
restart: always
volumes:
- ${DOCKER_VOLUME_CONFIG}/bytestash:/data/snippets
changedetection:
container_name: changedetection
depends_on:
changedetection-chrome:
condition: service_started
environment:
PORT: 5000
LOGGER_LEVEL: TRACE
PLAYWRIGHT_DRIVER_URL: ws://browser-sockpuppet-chrome:3000
BASE_URL: https://chdt.${MY_TLD}
USE_X_SETTINGS: 1
HIDE_REFERER: true
ALLOW_FILE_URI: False
TZ: ${TZ}
LC_ALL: en_US.UTF-8
LISTEN_HOST: 0.0.0.0
image: ghcr.io/dgtlmoon/changedetection.io@sha256:e95931043d68da46e90498ce74ad317b392caade07186dc06bdfa1710901bf90
labels:
homepage.description: Page change monitoring with alerts
homepage.group: System Administration
homepage.href: https://chdt.${MY_TLD}
homepage.icon: changedetection.svg
homepage.name: ChangeDetection
homepage.widget.type: changedetectionio
homepage.widget.url: http://changedetection:5000
homepage.widget.key: ${CHANGEDETECTION_HOMEPAGE_API_KEY}
swag: enable
swag_port: 5000
swag_proto: http
swag_url: chdt.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: ChangeDetection
swag.uptime-kuma.monitor.url: https://chdt.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 15827:5000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- changedetection-data:/datastore
changedetection-chrome:
cap_add:
- SYS_ADMIN
container_name: changedetection-chrome
image: dgtlmoon/sockpuppetbrowser:latest@sha256:7116c61ef9cfce3d48a7efd9355d2fbe19f593ea3cfb52a5ded40ecbcb0a3f9d
environment:
SCREEN_WIDTH: 1920
SCREEN_HEIGHT: 1024
SCREEN_DEPTH: 16
MAX_CONCURRENT_CHROME_PROCESSES: 10
profiles: ["rinoa-apps"]
restart: unless-stopped
chrome:
container_name: chrome
command:
- --no-sandbox
- --disable-gpu
- --disable-dev-shm-usage
- --remote-debugging-address=0.0.0.0
- --remote-debugging-port=9222
- --hide-scrollbars
image: gcr.io/zenika-hub/alpine-chrome:124@sha256:1a0046448e0bb6c275c88f86e01faf0de62b02ec8572901256ada0a8c08be23f
profiles: ["rinoa-apps"]
restart: unless-stopped
clipcascade:
container_name: clipcascade
environment:
CC_MAX_MESSAGE_SIZE_IN_MiB: 25 # Maximum message size in MiB (ignored if P2P mode is enabled)
CC_P2P_ENABLED: false # Enables or disables peer-to-peer(P2P) mode
# CC_ALLOWED_ORIGINS: https://clipcascade.example.com # Defines allowed CORS origins for security
CC_SIGNUP_ENABLED: false # Enables or disables user self-registration
image: sathvikrao/clipcascade:latest@sha256:0f7aadec03af6b22a157466ade3ed1730dfd3b390d2989e55c0180e1d12d736f
labels:
homepage.group: Personal Tools
homepage.name: ClipCascade
homepage.href: https://clip.${MY_TLD}
homepage.icon: sh-clipcascade.svg
homepage.description: Online file converter
swag: enable
swag_port: 8080
swag_proto: http
swag_url: clip.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: ClipCascade
swag.uptime-kuma.monitor.url: https://clip.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 64048:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/clipcascade:/database # Persistent storage for user data
cloudflareddns:
container_name: cloudflareddns
environment:
ARGS: --dns-cloudflare-propagation-seconds 60
CF_APIKEY: ${CLOUDFLAREDDNS_ENVIRONMENT_APIKEY}
CF_APITOKEN: ${CLOUDFLAREDDNS_ENVIRONMENT_APITOKEN}
CF_HOSTS: ${MY_TLD}
CF_RECORDTYPES: A
CF_USER: charish.patel@${MY_TLD}
CF_ZONES: ${MY_TLD}
DETECTION_MODE: dig-google.com
INTERVAL: "300"
LOG_LEVEL: "3"
PGID: "1000"
PUID: "1000"
TZ: America/New_York
hostname: Rinoa
image: ghcr.io/hotio/cloudflareddns:latest@sha256:195c3d07afc76e6db7119bd902f0565342976b5f6537461a97e09229dde14a5b
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/cloudflareddns
target: /config
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
convertx:
container_name: convertx
environment:
JWT_SECRET: ${CONVERTX_JWT_SECRET}
image: ghcr.io/c4illin/convertx@sha256:e1f85be04bbaf8a55ead9261194c3ae0fa0957d303ea537127154860b2552afd
labels:
homepage.group: System Administration
homepage.name: ConvertX
homepage.href: https://convert.${MY_TLD}
homepage.icon: sh-convertx.png
homepage.description: Online file converter
swag: enable
swag_port: 3000
swag_proto: http
swag_url: convert.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: ConvertX
swag.uptime-kuma.monitor.url: https://convert.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 38946:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/convertx:/app/data
crowdsec:
container_name: crowdsec
depends_on:
swag:
condition: service_started
required: true
environment:
DOCKER_HOST: tcp:/${DOCKER_VOLUME_CONFIG}proxy:2375
GID: 1000
BOUNCER_KEY_SWAG: ${CROWDSEC_SWAG_API_KEY}
COLLECTIONS: >-
corvese/apache-guacamole
crowdsecurity/home-assistant
crowdsecurity/http-cve
crowdsecurity/iptables
crowdsecurity/linux
crowdsecurity/mariadb
crowdsecurity/nextcloud
crowdsecurity/nginx
crowdsecurity/whitelist-good-actors
Dominic-Wagner/vaultwarden
gauth-fr/immich
LePresidente/adguardhome
LePresidente/authelia
LePresidente/gitea
LePresidente/jellyfin
LePresidente/ombi
plague-doctor/audiobookshelf
schiz0phr3ne/sonarr
sdwilsh/navidrome
timokoessler/mongodb
timokoessler/uptime-kuma
xs539/joplin-server
image: crowdsecurity/crowdsec:latest@sha256:63b595fef92de1778573b375897a45dd226637ee9a3d3db9f57ac7355c369493
networks:
default: null
ports:
- 8101:8080
profiles: ["rinoa-infra"]
restart: unless-stopped
security_opt:
- no-new-privileges=true
volumes:
# - ${DOCKER_VOLUME_CONFIG}/crowdsec/config.yaml.local:/etc/crowdsec/config.yaml
- ${DOCKER_VOLUME_CONFIG}/swag/log/nginx:/var/log/swag:ro # SWAG
- ${DOCKER_VOLUME_CONFIG}/mariadb/:/var/lib/mysql:ro # MariaDB
- ${DOCKER_VOLUME_CONFIG}/audiobookshelf/.metadata/logs:/var/log/audiobookself:ro # Audiobookshelf
- crowdsec-config:/etc/crowdsec
- crowdsec-db:/var/lib/crowdsec/data
- /var/log/journal:/var/log/host/journal:ro
- /var/log/auth.log:/var/log/host/auth.log:ro
crowdsec-dashboard:
container_name: crowdsec-dashboard
depends_on:
crowdsec:
condition: service_started
required: true
environment:
MB_DB_FILE: /data/metabase.db
MGID: ${GID-1000}
image: metabase/metabase@sha256:d516ae895bd557765a9bc3a3cfdba80cb7381194db51f2c5eca1de29c59daa95
labels:
homepage.group: Privacy/Security
homepage.name: CrowdSec Dashboard
homepage.href: https://csec.${MY_TLD}
homepage.icon: crowdsec.svg
homepage.description: Real-time & crowdsourced protection against aggressive IPs
homepage.widget.type: crowdsec
homepage.widget.url: http://crowdsec:8080
homepage.widget.username: localhost
homepage.widget.password: ${CROWDSEC_LOCAL_API_KEY}
swag: enable
swag_port: 3000
swag_proto: http
swag_url: csec.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Crowdsec
swag.uptime-kuma.monitor.url: https://csec.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8908:3000
profiles: ["rinoa-infra"]
restart: always
volumes:
- crowdsec-db:/data/
cyber-chef:
container_name: cyber-chef
image: mpepping/cyberchef:latest@sha256:d526d91271ab52b242b079dafa5b896b3ef805d69e265ad19613615d4099fa6b
labels:
homepage.description: Web app for encryption, encoding, compression, and data analysis
homepage.group: Privacy/Security
homepage.href: https://cchef.${MY_TLD}
homepage.icon: cyberchef.svg
homepage.name: CyberChef
swag: enable
swag_port: 8000
swag_proto: http
swag_url: cchef.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: CyberChef
swag.uptime-kuma.monitor.url: https://cchef.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 20992:8000
profiles: ["rinoa-apps"]
restart: unless-stopped
czkawka:
container_name: czkawka
environment:
KEEP_APP_RUNNING: 1
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
UMASK: 1
SECURE_CONNECTION: 1
WEB_LISTENING_PORT: 5800
WEB_AUTHENTICATION: 1
WEB_AUTHENTICATION_USERNAME: ${CZKAWKA_WEB_AUTH_USERNAME}
WEB_AUTHENTICATION_PASSWORD: ${CZKAWKA_WEB_AUTH_PASSWORD}
CZKAWKA_GUI_KROKIET: 1
image: jlesage/czkawka@sha256:8acdc65b4fa28005404de995abeeaf517ea0d0b7f715d3f5d548982d83c99c6d
labels:
homepage.group: System Administration
homepage.name: Czkawka
homepage.href: https://czkawka.${MY_TLD}
homepage.icon: sh-czkawka.svg
homepage.description: Smart file management
swag: enable
swag_port: 5800
swag_proto: http
swag_url: czkawka.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Czkawka
swag.uptime-kuma.monitor.url: https://czkawka.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 5800:5800
privileged: true
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/czkawka
target: /config
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_STORAGE}
target: /storage
type: bind
bind:
create_host_path: true
dagu:
container_name: dagu
environment:
DAGU_PORT: 8080
DAGU_TZ: ${TZ} # optional. default is local timezone
DAGU_BASE_PATH: /
DAGU_HOME: /dagu
DAGU_AUTH_BASIC_USERNAME: admin
DAGU_AUTH_BASIC_PASSWORD: ${DAGU_AUTH_BASIC_PASSWORD}
DAGU_AUTH_TOKEN: ${DAGU_AUTH_TOKEN}
PUID: ${PUID}
PGID: ${PGID}
image: ghcr.io/dagu-org/dagu:alpine@sha256:38305e41eba65f961531c9ccc4dc106a91d488ea72f8f7d8fd9a1f11f7880030
labels:
homepage.group: Automation
homepage.name: Dagu
homepage.href: https://cron.${MY_TLD}
homepage.icon: sh-dagu.svg
homepage.description: Cron alternative with a web UI
homepage.widget.type: customapi
homepage.widget.headers: "Authorization: Bearer ${DAGU_AUTH_TOKEN}"
homepage.widget.url: http://dagu:8080/api/v2/health
homepage.widget.method: GET
homepage.widget.mappings[0].label: Status
homepage.widget.mappings[0].field: status
swag: enable
swag_port: 8080
swag_proto: http
swag_url: cron.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Dagu
swag.uptime-kuma.monitor.url: https://cron.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 31037:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/dagu/:/dagu
- ${DOCKER_VOLUME_STORAGE}/backups/:/backups
- /var/run/docker.sock:/var/run/docker.sock
dawarich-app:
command: bin/dev
container_name: dawarich-app
depends_on:
dawarich-pg-db:
condition: service_healthy
restart: true
dawarich-valkey:
condition: service_started
restart: true
deploy:
resources:
limits:
cpus: "0.50" # Limit CPU usage to 50% of one core
memory: "4G" # Limit memory usage to 4GB
entrypoint: web-entrypoint.sh
environment:
RAILS_ENV: production
REDIS_URL: redis://dawarich-valkey:6379
DATABASE_HOST: dawarich-pg-db
DATABASE_USERNAME: dawarich
DATABASE_PASSWORD: ${DAWARICH_PG_PASSWORD}
DATABASE_NAME: dawarich
MIN_MINUTES_SPENT_IN_CITY: 60
APPLICATION_HOSTS: localhost,loc.${MY_TLD},192.168.1.254
TIME_ZONE: ${TZ}
APPLICATION_PROTOCOL: http
DISTANCE_UNIT: km
SECRET_KEY_BASE: ${DAWARICH_SECRET_KEY_BASE}
PROMETHEUS_EXPORTER_ENABLED: true
PROMETHEUS_EXPORTER_HOST: 0.0.0.0
PROMETHEUS_EXPORTER_PORT: 9394
ENABLE_TELEMETRY: false # More on telemetry: https://dawarich.app/docs/tutorials/telemetry
SELF_HOSTED: true
expose:
- 9394
healthcheck:
test:
[
"CMD-SHELL",
"wget -qO - http://127.0.0.1:3000/api/v1/health | grep -q '\"status\"\\s*:\\s*\"ok\"'",
]
interval: 10s
retries: 30
start_period: 30s
timeout: 10s
image: freikin/dawarich:latest@sha256:e18c28b2f6e0dd973b6ad8c12121c3f3be71c2113928569d409774dd89fc4d07
labels:
homepage.group: Privacy/Security
homepage.name: Dawarich
homepage.href: https://loc.${MY_TLD}
homepage.icon: dawarich.svg
homepage.description: Self-hosted alternative to Google Location History
swag: enable
swag_port: 3000
swag_proto: http
swag_url: loc.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Dawarich
swag.uptime-kuma.monitor.url: https://loc.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 63561:3000
profiles: ["rinoa-apps"]
restart: on-failure
stdin_open: true
tty: true
volumes:
- dawarich_public:/var/app/public
- dawarich_watched:/var/app/tmp/imports/watched
- ${DOCKER_VOLUME_CONFIG}/dawarich/web-entrypoint.sh:/usr/local/bin/web-entrypoint.sh
dawarich-pg-db:
container_name: dawarich-pg-db
environment:
POSTGRES_DB: dawarich
POSTGRES_USER: dawarich
POSTGRES_PASSWORD: ${DAWARICH_PG_PASSWORD}
healthcheck:
test: ["CMD-SHELL", "pg_isready -U dawarich -d dawarich"]
interval: 10s
retries: 5
start_period: 30s
timeout: 10s
image: postgis/postgis:17-3.5-alpine@sha256:f439e384b4111f0bc21b4a49e223f8fd7f40516285fc3825d7a8af15e710d47c
profiles: ["rinoa-apps"]
restart: always
shm_size: 1G
volumes:
- dawarich_db_data:/var/lib/postgresql/data
- dawarich_shared:/var/shared
dawarich-sidekiq:
command: ["sidekiq"]
container_name: dawarich-sidekiq
depends_on:
dawarich-app:
condition: service_healthy
restart: true
dawarich-pg-db:
condition: service_healthy
restart: true
dawarich-valkey:
condition: service_healthy
restart: true
deploy:
resources:
limits:
cpus: "0.50" # Limit CPU usage to 50% of one core
memory: "4G" # Limit memory usage to 4GB
entrypoint: sidekiq-entrypoint.sh
environment:
APPLICATION_HOSTS: localhost,loc.${MY_TLD}
APPLICATION_PROTOCOL: http
BACKGROUND_PROCESSING_CONCURRENCY: 10
DATABASE_HOST: dawarich-pg-db
DATABASE_NAME: dawarich
DATABASE_PASSWORD: ${DAWARICH_PG_PASSWORD}
DATABASE_USERNAME: dawarich
DISTANCE_UNIT: km
ENABLE_TELEMETRY: false # More on telemetry: https://dawarich.app/docs/tutorials/telemetry
PROMETHEUS_EXPORTER_ENABLED: false
RAILS_ENV: production
RAILS_LOG_TO_STDOUT: true
REDIS_URL: "redis://dawarich-valkey:6379"
SECRET_KEY_BASE: ${DAWARICH_SECRET_KEY_BASE}
SELF_HOSTED: true
STORE_GEODATA: true
expose:
- 9394
healthcheck:
test: ["CMD-SHELL", "pgrep -f sidekiq"]
interval: 10s
retries: 30
start_period: 30s
timeout: 10s
image: freikin/dawarich:latest@sha256:e18c28b2f6e0dd973b6ad8c12121c3f3be71c2113928569d409774dd89fc4d07
profiles: ["rinoa-apps"]
restart: on-failure
stdin_open: true
tty: true
volumes:
- dawarich_public:/var/app/public
- dawarich_watched:/var/app/tmp/imports/watched
- ${DOCKER_VOLUME_CONFIG}/dawarich/sidekiq-entrypoint.sh:/usr/local/bin/sidekiq-entrypoint.sh
dawarich-valkey:
container_name: dawarich-valkey
<<: *valkey-params
volumes:
- dawarich-valkey-data:/data/valkey
dead-man-hand:
container_name: dead-man-hand
image: ghcr.io/bkupidura/dead-man-hand:latest@sha256:bdfcc5b2429bf02aa37ec78e120078572fd6f8e4161973ec4d0250c7ad378779
environment:
DMH_CONFIG_FILE: /data/config.yaml
labels:
# homepage.group: Personal/Professional Services
# homepage.name: Dawarich
# homepage.href: https://loc.${MY_TLD}
# homepage.icon: dawarich.svg
# homepage.description: Self-hosted alternative to Google Location History
swag: enable
swag_port: 8080
swag_proto: http
swag_url: dms.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.monitor.url: https://dms.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 25807:8080
volumes:
- ${DOCKER_VOLUME_CONFIG}/dead-man-hand:/data
docker-socket-proxy:
container_name: dockerproxy
environment:
AUTH: 1
BUILD: 1
COMMIT: 1
CONFIGS: 1
CONTAINERS: 1
DISTRIBUTION: 1
EVENTS: 1
EXEC: 1
GPRC: 1
IMAGES: 1
INFO: 1
NETWORKS: 1
NODES: 1
POST: 1
PLUGINS: 1
SERVICES: 1
SESSION: 1
SYSTEM: 1
TASKS: 1
VOLUMES: 1
LOG_LEVEL: debug
image: ghcr.io/tecnativa/docker-socket-proxy:latest@sha256:1f3a6f303320723d199d2316a3e82b2e2685d86c275d5e3deeaf182573b47476
networks:
default: null
ports:
- 2375:2375
privileged: true
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
dockflare:
container_name: dockflare
environment:
AGENT_STATUS_UPDATE_INTERVAL_SECONDS: 10
CF_ACCOUNT_ID: ${CLOUDFLARE_ACCOUNT_ID}
CF_API_TOKEN: ${CLOUDFLAREDDNS_ENVIRONMENT_APITOKEN}
CF_ZONE_ID: ${CLOUDFLARE_ZONE_ID}
CLEANUP_INTERVAL_SECONDS: 300
CLOUDFLARED_METRICS_PORT: 20119
CLOUDFLARED_NETWORK_NAME: compose_default
DEFAULT_NO_TLS_VERIFY: false
GRACE_PERIOD_SECONDS: 600
LABEL_PREFIX: cloudflare.tunnel
MAX_CONCURRENT_DNS_OPS: 3
RECONCILIATION_BATCH_SIZE: 3
SCAN_ALL_NETWORKS: false
STATE_FILE_PATH: /app/data/state.json
TRUSTED_PROXIES: 192.168.1.0/24,172.18.0.0/16
TUNNEL_DNS_SCAN_ZONE_NAMES:
TUNNEL_NAME: dockflared-tunnel
TZ: ${TZ}
healthcheck:
test:
[
"CMD-SHELL",
"wget -qO- --server-response http://localhost:5000/ping 2>&1 | awk '/^ HTTP/{code=$2} /^[^{]/{next} {print; fflush()} END{exit (code>=400 || code==0)}' >/dev/null",
]
interval: 1m30s
timeout: 30s
retries: 5
start_period: 30s
image: alplat/dockflare:stable@sha256:da9502921f35787c78a061b7ab605237553f38ef07a46873bd7df8c7af19fb6d # Or :unstable for the latest features
labels:
homepage.group: Privacy/Security
homepage.name: DockFlare
homepage.href: https://cftunn.${MY_TLD}
homepage.icon: sh-dockflare.svg
homepage.description: Cloudflare Tunnel controller
homepage.widget.type: cloudflared
homepage.widget.accountid: ${CLOUDFLARE_ACCOUNT_ID}
homepage.widget.tunnelid: ${DOCKFLARE_CLOUDFLARE_TUNNEL_ID}
homepage.widget.key: ${CLOUDFLAREDDNS_ENVIRONMENT_APITOKEN}
swag: enable
swag_proto: http
swag_url: cftunn.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: DockFlare
swag.uptime-kuma.monitor.url: https://cftunn.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
### EXAMPLE CF TUNNEL LABELS ###
# Enable DockFlare management for this container
# - "cloudflare.tunnel.enable=true"
# The public hostname to expose
# - "cloudflare.tunnel.hostname=my-service.example.com"
# The internal service address (protocol://container_name_or_ip:port)
# Service type (http, https, tcp, ssh, rdp, http_status) is inferred from the prefix.
# - "cloudflare.tunnel.service=http://my-service:80"
# Optional: Specify a URL path. Only requests to hostname/path will match.
# - "cloudflare.tunnel.path=/app"
# Optional: Specify a different Cloudflare Zone for this hostname
# - "cloudflare.tunnel.zonename=another.example.com"
# Optional: Disable TLS verification if your internal service uses HTTP or a self-signed cert
# - "cloudflare.tunnel.no_tls_verify=true"
# Optional: Specify Origin Server Name (SNI) for TLS connection to origin
# - "cloudflare.tunnel.originsrvname=internal.service.local"
ports:
- 20756:5000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- dockflare_data:/app/data
dockpeek:
container_name: dockpeek
image: ghcr.io/dockpeek/dockpeek:v1.7.2@sha256:87654d0104eacff48a70c7c1eea6126f19f5803b21bfdace842ae765351593b4
depends_on:
docker-socket-proxy:
condition: service_started
required: true
environment:
SECRET_KEY: ${DOCKPEEK_SECRET_KEY}
USERNAME: admin
PASSWORD: ${DOCKPEEK_PASSWORD}
DOCKER_HOST: tcp://192.168.1.254:2375
DOCKER_HOST_NAME: Rinoa
DOCKER_HOST_PUBLIC_HOSTNAME: 192.168.1.254
DOCKER_HOST_1_URL: tcp://192.168.1.250:2375
DOCKER_HOST_1_NAME: Benedikta
DOCKER_HOST_1_PUBLIC_NAME: 192.168.1.250
DOCKER_HOST_2_URL: tcp://192.168.1.252:2375
DOCKER_HOST_2_NAME: Rikku
DOCKER_HOST_2_PUBLIC_NAME: 192.168.1.252
DOCKER_HOST_3_URL: tcp://192.168.1.249:2375
DOCKER_HOST_3_NAME: Ultima
DOCKER_HOST_3_PUBLIC_NAME: 192.168.1.249
labels:
swag: enable
swag_proto: http
swag_port: 8000
swag_url: ports.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Dockpeek
swag.uptime-kuma.monitor.url: https://ports.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: System Administration
homepage.name: Dockpeek
homepage.href: https://ports.${MY_TLD}
homepage.icon: sh-dockpeek.svg
homepage.description: Real-time port monitoring and discovery
ports:
- 3420:8000
profiles: ["rinoa-apps"]
restart: unless-stopped
duplicati:
container_name: duplicati
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
hostname: Rinoa
image: lscr.io/linuxserver/duplicati:latest@sha256:d709e953da12e37c3cc9c54b0ddcf1e11037ffad640f60f82dc5481dbabb6c6f
labels:
swag: enable
swag_port: 8200
swag_proto: http
swag_url: dup.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Duplicati
swag.uptime-kuma.monitor.url: https://dup.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Automation
homepage.name: Duplicati
homepage.href: https://dup.${MY_TLD}
homepage.icon: duplicati.png
homepage.description: Data backup
networks:
default: null
ports:
- 8282:8200
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/duplicati
target: /config
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
- bind:
create_host_path: true
source: /home/charish/.config/appdata/backups
target: /backups
type: bind
- bind:
create_host_path: true
source: /home/charish/.config/appdata
target: /source
type: bind
excalidraw:
container_name: excalidraw
image: "excalidraw/excalidraw:latest@sha256:3c2513e830bb6e195147c05b34ecf8393d0ba2b1cc86e93b407a5777d6135c6c"
labels:
homepage.group: Personal Tools
homepage.name: Excalidraw
homepage.href: https://draw.${MY_TLD}
homepage.icon: excalidraw.svg
homepage.description: Virtual whiteboard for sketching hand-drawn like diagrams
swag: enable
swag_proto: http
swag_url: draw.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Excalidraw
swag.uptime-kuma.monitor.url: https://draw.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 53721:80
profiles: ["rinoa-apps"]
restart: unless-stopped
explo:
container_name: explo
environment:
TZ: ${TZ}
WEEKLY_EXPLORATION_SCHEDULE: 0 8 * * 2
WEEKLY_EXPLORATION_FLAGS:
WEEKLY_JAMS_SCHEDULE: 30 00 * * 1
WEEKLY_JAMS_FLAGS: --playlist=weekly-jams --download-mode=skip
DAILY_JAMS_SCHEDULE: 30 2 * * *
DAILY_JAMS_FLAGS: --playlist=daily-jams --download-mode=skip
image: ghcr.io/lumepart/explo:latest@sha256:e4659bd1f4349a6355c0a89a0f718092de27b32d64ee24c76e1609089b060701
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/explo/local.env:/opt/explo/.env
- ${DOCKER_VOLUME_STORAGE}/Audio/Explo:/downloads # has to be in the same path you have your music system pointed to (it's recommended to put explo under a subfolder)
- ${DOCKER_VOLUME_STORAGE}/Audio/Playlists:/playlists
fastenhealth:
container_name: fastenhealth
image: ghcr.io/fastenhealth/fasten-onprem:main@sha256:d208351137e8ba6a06aacede0d87f459a8bb9fc2ed705e62f4a9ca3f693bd7ca
labels:
homepage.group: Lifestyle
homepage.name: Fasten Health
homepage.icon: sh-fasten-health.svg
homepage.href: http://health.${MY_TLD}
homepage.description: Open-source, self-hosted, personal/family electronic medical record aggregator
swag: enable
swag_proto: http
swag_port: 8080
swag_url: health.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Fasten Health
swag.uptime-kuma.monitor.url: https://health.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8105:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: fastenhealth-cache
target: /opt/fasten/cache
type: volume
volume: {}
- source: fastenhealth-db
target: /opt/fasten/db
type: volume
volume: {}
flaresolverr:
container_name: flaresolverr
environment:
CAPTCHA_SOLVER: none
LOG_HTML: false
LOG_LEVEL: info
PORT: 8191
TZ: America/New_York
BROWSER_TIMEOUT: 40000
TEST_URL: https://duckduckgo.com
hostname: Rinoa
image: ghcr.io/flaresolverr/flaresolverr:latest@sha256:7962759d99d7e125e108e0f5e7f3cdbcd36161776d058d1d9b7153b92ef1af9e
networks:
default: null
ports:
- 8191:8191
profiles: ["rinoa-apps"]
restart: unless-stopped
sysctls:
- net.ipv6.conf.all.disable_ipv6=1
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
garage:
container_name: garage
image: dxflrs/garage:v2.1.0@sha256:4c9b34c113e61358466e83fd6e7d66e6d18657ede14b776eb78a93ee8da7cf6a
ports:
- 3900:3900
- 3901:3901
- 3902:3902
- 3903:3903
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/garage/garage.toml:/etc/garage.toml
- ${DOCKER_VOLUME_CONFIG}/garage/meta:/var/lib/garage/meta
- ${DOCKER_VOLUME_STORAGE}/garage_data:/var/lib/garage/data
garage-webui:
container_name: garage-webui
depends_on:
garage:
condition: service_started
required: true
environment:
API_BASE_URL: http://garage:3903
S3_ENDPOINT_URL: http://garage:3900
image: khairul169/garage-webui:latest@sha256:17c793551873155065bf9a022dabcde874de808a1f26e648d4b82e168806439c
labels:
homepage.group: System Administration
homepage.name: Garage
homepage.href: http://192.168.1.254:3909
homepage.icon: garage.svg
homepage.description: S3-compatible storage backend
ports:
- 3909:3909
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/garage/garage.toml:/etc/garage.toml:ro
ghost:
container_name: ghost_blog
depends_on:
mariadb:
condition: service_healthy
required: true
restart: true
environment:
database__client: mysql
database__connection__host: mariadb
database__connection__port: 3306
database__connection__user: ${GHOST_DB_USER}
database__connection__password: ${GHOST_DB_PASSWORD}
database__connection__database: ghost_db
mail__transport: SMTP
mail__options__host: postal-smtp
mail__options__port: 25
mail__options__secure: false
mail__options__auth__user: ${POSTAL_SMTP_AUTH_USER}
mail__options__auth__pass: ${POSTAL_SMTP_AUTH_PASSWORD}
mail__from: "'Ghost @ Rinoa' <noreply@${MY_TLD}>"
url: https://blog.${MY_TLD}
image: ghost:latest@sha256:17c52dc8780f222662cb529b0cfc86b71fd606020f879cfa7b1926e52c7e33ec
labels:
homepage.group: Lifestyle
homepage.name: Ghost
homepage.href: https://blog.${MY_TLD}
homepage.icon: ghost.png
homepage.description: Personal blog
swag: enable
swag_port: 2368
swag_proto: http
swag_url: blog.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Ghost
swag.uptime-kuma.monitor.url: https://blog.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 2368:2368
profiles: ["rinoa-apps"]
restart: always
volumes:
- ${DOCKER_VOLUME_CONFIG}/ghost:/var/lib/ghost/content
gitea:
container_name: gitea
depends_on:
gitea-db:
condition: service_healthy
required: true
environment:
USER_UID: ${PUID}
USER_GID: ${PGID}
GITEA__database__DB_TYPE: postgres
GITEA__database__HOST: gitea-db:5432
GITEA__database__NAME: gitea
GITEA__database__USER: gitea
GITEA__database__PASSWD: ${GITEA_PG_DB_PASSWORD}
GITEA__mailer__ENABLED: true
GITEA__mailer__FROM: '"Gitea" <noreply@${MY_TLD}>'
GITEA__mailer__PROTOCOL: smtp
GITEA__mailer__SMTP_ADDR: postal-smtp
GITEA__mailer__SMTP_PORT: 25
GITEA__mailer__USER: ${POSTAL_SMTP_AUTH_USER}
GITEA__mailer__PASSWD: ${POSTAL_SMTP_AUTH_PASSWORD}
image: gitea/gitea:1.25.4@sha256:17d18218be2dad1f8ed402a4f906989505c90ab8b66ee9befcecfb5d470133e7
labels:
cloudflare.tunnel.enable: true
cloudflare.tunnel.hostname: git-ssh.${MY_TLD}
cloudflare.tunnel.service: http://gitea:22
cloudflare.tunnel.no_tls_verify: true
homepage.group: Code/DevOps
homepage.name: Gitea
homepage.href: https://git.${MY_TLD}
homepage.icon: gitea.svg
homepage.description: Private Code Repo
homepage.widget.type: gitea
homepage.widget.url: http://gitea:3000
homepage.widget.key: ${GITEA_HOMEPAGE_API_KEY}
swag: enable
swag_url: git.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Gitea
swag.uptime-kuma.monitor.url: https://git.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 3013:3000
- 222:22
profiles: ["rinoa-infra"]
restart: always
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/gitea
target: /data/gitea
type: bind
bind:
create_host_path: true
- bind:
create_host_path: true
read_only: true
source: /etc/timezone
target: /etc/timezone
type: bind
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
gitea-db:
container_name: gitea-db
environment:
POSTGRES_USER: gitea
POSTGRES_PASSWORD: ${GITEA_PG_DB_PASSWORD}
POSTGRES_DB: gitea
expose:
- 5432
healthcheck:
interval: 10s
start_period: 20s
test: ["CMD-SHELL", "pg_isready -U gitea -d gitea"]
image: postgres:14@sha256:473783dca8870bbde3a32370c72a9de9406f37d048c05d7b5c40f93e7c23d827
networks:
default: null
profiles: ["rinoa-infra"]
restart: always
volumes:
- source: gitea-pg-db
target: /var/lib/postgresql/data
type: volume
volume: {}
gitea-runner:
container_name: gitea-runner
depends_on:
gitea:
condition: service_started
environment:
CONFIG_FILE: /config.yaml
GITEA_INSTANCE_URL: http://gitea:3000
GITEA_RUNNER_REGISTRATION_TOKEN: "${GITEA_RUNNER_REGISTRATION_TOKEN}"
GITEA_RUNNER_NAME: "gitea-runner-1"
image: gitea/act_runner:nightly@sha256:7788adb45777cb8093cb08ce51f01fef658e74eee10e37e2beb070d0879db19f
ports:
- 63604:63604
profiles: ["rinoa-infra"]
restart: always
volumes:
- ${DOCKER_VOLUME_CONFIG}/gitea/act-runner/config.yaml:/config.yaml
- /var/run/docker.sock:/var/run/docker.sock
gitea-sonarqube-bot:
container_name: gitea-sonarqube-bot
depends_on:
gitea:
condition: service_started
sonarqube:
condition: service_started
image: justusbunsi/gitea-sonarqube-bot:v0.4.0@sha256:18dd43b470d9a470e27d5999dd7dcbb44423d5c4466ae56dd7c1722f23115673
environment:
GITEA_SQ_BOT_PORT: 58525
GITEA_SQ_BOT_CONFIG_PATH: /home/bot/config/config.yaml
ports:
- 58525:58525
profiles: ["rinoa-infra"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/gitea/sonarqube-bot/:/home/bot/config/
gitignore-io:
container_name: gitignore-io
image: guog/gitignore.io:latest@sha256:27b0bc3e9eb81adaee39fb6f77169ea9cbef164bcab049d29bcab68d154013ad
labels:
homepage.group: Code/DevOps
homepage.name: gitignore-io
homepage.href: https://gitignore.${MY_TLD}
homepage.icon: /icons/gitignore-io.svg
homepage.description: .gitignore generator
swag: enable
swag_url: gitignore.${MY_TLD}
swag_address: gitignore-io
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: gitignore-io
swag.uptime-kuma.monitor.url: https://gitignore.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 14822:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
gluetun:
cap_add:
- NET_ADMIN
container_name: gluetun
environment:
OPENVPN_PASSWORD: ${DELUGEVPN_ENVIRONMENT_VPN_PASS}
OPENVPN_USER: ${DELUGEVPN_ENVIRONMENT_VPN_USER}
PORT_FORWARD_ONLY: true
SERVER_REGIONS: Bahamas,Belgium,Cyprus,Estonia,FI Helsinki,Iceland,Latvia,Lithuania,Luxembourg,Montenegro,Netherlands,Portugal,DK Copenhagen,Ukraine,Uruguay
VPN_SERVICE_PROVIDER: private internet access
expose:
- 8000
image: qmcgaw/gluetun:latest@sha256:a26bf64824e15a841c6ab9757a008969ae814ab3991c22f1f397c7c303575623
ports:
- 3333:3333
- 3334:3334
- 5030:5030
- 5031:5031
- 50300:50300
profiles: ["rinoa-apps"]
restart: always
gotify:
container_name: gotify
environment:
GOTIFY_SERVER_PORT: 80
GOTIFY_SERVER_KEEPALIVEPERIODSECONDS: 0
GOTIFY_SERVER_LISTENADDR:
GOTIFY_SERVER_SSL_ENABLED: false
GOTIFY_SERVER_SSL_REDIRECTTOHTTPS: true
GOTIFY_SERVER_SSL_LISTENADDR:
GOTIFY_SERVER_SSL_PORT: 443
GOTIFY_SERVER_SSL_CERTFILE:
GOTIFY_SERVER_SSL_CERTKEY:
GOTIFY_SERVER_SSL_LETSENCRYPT_ENABLED: false
GOTIFY_SERVER_SSL_LETSENCRYPT_ACCEPTTOS: false
GOTIFY_SERVER_SSL_LETSENCRYPT_CACHE: certs
GOTIFY_SERVER_STREAM_PINGPERIODSECONDS: 45
GOTIFY_DATABASE_DIALECT: sqlite3
GOTIFY_DATABASE_CONNECTION: data/gotify.db
GOTIFY_DEFAULTUSER_NAME: admin
GOTIFY_DEFAULTUSER_PASS: ${GOTIFY_PASSWORD}
GOTIFY_PASSSTRENGTH: 10
GOTIFY_UPLOADEDIMAGESDIR: data/images
GOTIFY_PLUGINSDIR: data/plugins
GOTIFY_REGISTRATION: false
image: gotify/server@sha256:4df8c1bb23646b8d8b308e881866474bfae4a9a5b3980e5047f87eb84017e8a0
labels:
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: Gotify
homepage.href: https://gotify.${MY_TLD}
homepage.icon: gotify.png
homepage.description: Notification System
homepage.widget.type: gotify
homepage.widget.url: http://gotify
homepage.widget.key: ${GOTIFY_HOMEPAGE_CLIENT_KEY}
swag: enable
swag_proto: http
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Gotify
swag.uptime-kuma.monitor.url: https://gotify.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8097:80
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/gotify
target: /app/data
type: bind
bind:
create_host_path: true
guacamole:
container_name: guacamole
environment:
DOCKER_HOST: tcp:/${DOCKER_VOLUME_CONFIG}proxy:2375
EXTENSIONS: "auth-totp"
TZ: ${TZ}
image: flcontainers/guacamole:latest@sha256:81a420f386ef8cbb4697208e13ea90f6a10a54619981241bed672e4a41b5f77f
labels:
homepage.group: System Administration
homepage.name: Guacamole
homepage.description: Client-less remote desktop gateway
homepage.href: https://guac.${MY_TLD}
homepage.icon: guacamole.svg
swag: enable
swag_proto: http
swag_port: 8080
swag_url: guac.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Guacamole
swag.uptime-kuma.monitor.url: https://guac.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 62173:8080
profiles: ["rinoa-apps"]
restart: always
volumes:
- ${DOCKER_VOLUME_CONFIG}/guacamole/:/config
- /etc/localtime:/etc/localtime:ro
homepage:
container_name: homepage
environment:
HOMEPAGE_ALLOWED_HOSTS: ${MY_TLD}
PUID: ${PUID}
PGID: ${PGID}
image: ghcr.io/gethomepage/homepage:latest@sha256:0b596092c0b55fe4c65379a428a3fe90bd192f10d1b07d189a34fe5fabe7eedb
labels:
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Homepage
swag.uptime-kuma.monitor.url: https://${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 3004:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/homepage:/app/config
- ${DOCKER_VOLUME_CONFIG}/homepage/images:/app/public/images
- ${DOCKER_VOLUME_CONFIG}/homepage/icons:/app/public/icons
- ${DOCKER_VOLUME_STORAGE}:/rinoa-storage:ro
hugo:
command: hugo server --baseURL "it-services.${MY_TLD}" --bind 0.0.0.0 --appendPort=false --source=/src/ --configDir=/src/config/ -e production --logLevel debug
container_name: hugo
image: hugomods/hugo:exts@sha256:dcbc5b53c4e53bb74a7c986caf58a3954395a1e9d8dc9bb492f2c610a7cf6eb0
labels:
swag: enable
swag_proto: http
swag_port: 1313
swag_url: it-services.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Hugo
swag.uptime-kuma.monitor.url: https://it-services.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Professional Services
homepage.name: Hugo
homepage.href: https://it-services.${MY_TLD}
homepage.icon: hugo.svg
homepage.description: Static site
ports:
- 1313:1313
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/hugo/:/src
- ${DOCKER_VOLUME_CONFIG}/hugo/cache:/tmp/hugo_cache
immich-server:
container_name: immich-server
depends_on:
immich-valkey:
condition: service_healthy
required: true
immich-pg-db:
condition: service_healthy
required: true
restart: true
immich-machine-learning:
condition: service_healthy
required: true
restart: true
environment:
DB_DATABASE_NAME: immich
DB_HOSTNAME: immich-pg-db
DB_PORT: 5432
DB_USERNAME: immich
DB_PASSWORD: ${IMMICH_DB_PASSWORD}
IMMICH_LOG_LEVEL: error
IMMICH_TELEMETRY_INCLUDE: all
IMMICH_API_METRICS_PORT: 8081
IMMICH_MICROSERVICES_METRICS_PORT: 8082
REDIS_HOSTNAME: immich-valkey
REDIS_PORT: 6379
REDIS_DBINDEX: 0
healthcheck:
disable: false
image: ghcr.io/immich-app/immich-server:release@sha256:aa163d2e1cc2b16a9515dd1fef901e6f5231befad7024f093d7be1f2da14341a
labels:
swag: enable
swag_proto: http
swag_port: 2283
swag_url: pics.${MY_TLD}
swag_server_custom_directive: |
location /share {
proxy_pass http://immich-public-proxy:3000;
}
location /tools {
proxy_pass http://immich-power-tools:3000;
}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Immich
swag.uptime-kuma.monitor.url: https://pics.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Media Library
homepage.name: Immich
homepage.href: https://pics.${MY_TLD}
homepage.icon: immich.svg
homepage.description: High performance self-hosted photo and video management solution
homepage.widget.type: immich
homepage.widget.url: http://immich-server:2283
homepage.widget.key: ${IMMICH_POWER_TOOLS_KEY}
homepage.widget.version: 2
ports:
- 2283:2283
- 42239:8081
- 42015:8082
profiles: ["rinoa-apps"]
restart: always
volumes:
# Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
- ${DOCKER_VOLUME_STORAGE}/Pics:/usr/src/app/upload
- /etc/localtime:/etc/localtime:ro
immich-machine-learning:
container_name: immich-machine-learning
healthcheck:
disable: false
image: ghcr.io/immich-app/immich-machine-learning:release@sha256:b213fa3c82d27a21a299c46ffbb38a091f18384db1ad67d409a3b34fe0fce556
profiles: ["rinoa-apps"]
restart: always
volumes:
- immich-model-cache:/cache
immich-pg-db:
command: >-
postgres
-c shared_preload_libraries=vectors.so
-c 'search_path="$$user", public, vectors'
-c logging_collector=on
-c max_wal_size=2GB
-c shared_buffers=512MB
-c wal_compression=on
container_name: immich-pg-db
environment:
POSTGRES_PASSWORD: ${IMMICH_DB_PASSWORD}
POSTGRES_USER: immich
POSTGRES_DB: immich
expose:
- 5432
healthcheck:
test: >-
pg_isready --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" || exit 1;
Chksum="$$(psql --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" --tuples-only --no-align
--command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')";
echo "checksum failure count is $$Chksum";
[ "$$Chksum" = '0' ] || exit 1
interval: 5m
start_interval: 30s
start_period: 5m
image: tensorchord/pgvecto-rs:pg14-v0.2.1@sha256:9172feae86a211bc502db4ec2d3309a57329060b031d91796d39f45d1d698ef3
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/immich/db:/var/lib/postgresql/data
immich-public-proxy:
container_name: immich-public-proxy
depends_on:
immich-server:
condition: service_healthy
required: true
environment:
IMMICH_URL: http://immich-server:2283
expose:
- 3000
healthcheck:
test: wget -q --spider http://localhost:3000/share/healthcheck || exit 1
start_period: 10s
timeout: 5s
image: alangrainger/immich-public-proxy:latest@sha256:4aea9965af2d28f78cda19b31b6672fc31124ee9411858dc8a043e0e30354f7d
labels:
homepage.group: Lifestyle
homepage.name: Immich Public Proxy
homepage.href: https://pics.${MY_TLD}/share
homepage.icon: sh-immich-public-proxy.svg
homepage.description: Immich Proxy for public sharing
homepage.widget.type: immich
homepage.widget.url: http://immich-server:2283
homepage.widget.key: ${IMMICH_POWER_TOOLS_KEY}
homepage.widget.version: 2
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Immich Public Proxy
swag.uptime-kuma.monitor.url: https://pics.${MY_TLD}/share
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
profiles: ["rinoa-apps"]
restart: always
immich-power-tools:
container_name: immich-power-tools
environment:
DB_DATABASE_NAME: immich
DB_HOSTNAME: immich-pg-db
DB_PORT: 5432
DB_USERNAME: immich
DB_PASSWORD: ${IMMICH_DB_PASSWORD}
EXTERNAL_IMMICH_URL: https://pics.${MY_TLD}
IMMICH_API_KEY: ${IMMICH_POWER_TOOLS_KEY}
IMMICH_URL: http://immich-server:2283
image: ghcr.io/varun-raj/immich-power-tools:latest@sha256:8e7a25ed0e99c9c323012e306fde6c97a1004765742c8802ad03c95503679e77
ports:
- 54018:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
immich-valkey:
container_name: immich-valkey
<<: *valkey-params
volumes:
- immich-valkey-data:/data/valkey
influxdb2:
container_name: influxdb2
environment:
DOCKER_INFLUXDB_INIT_MODE: setup
DOCKER_INFLUXDB_INIT_USERNAME: admin
DOCKER_INFLUXDB_INIT_PASSWORD: ${INFLUXDB2_ADMIN_PASSWORD}
DOCKER_INFLUXDB_INIT_ADMIN_TOKEN: /run/secrets/influxdb2-admin-token
DOCKER_INFLUXDB_INIT_ORG: rinoa
DOCKER_INFLUXDB_INIT_BUCKET: rinoa
image: influxdb:2-alpine@sha256:f15dfc604753f53b180364a331b46c2f4bc5c08a665d025982b301efa69bc2f7
labels:
swag: enable
swag_proto: http
swag_port: 8086
swag_url: influxdb.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.monitor.url: https://influxdb.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
homepage.group: System Administration
homepage.name: InfluxDBv2
homepage.href: https://influxdb.${MY_TLD}
homepage.icon: influxdb.svg
homepage.description: Scalable datastore for metrics, events, and real-time analytics
ports:
- 8086:8086
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- influxdb2-data:/var/lib/influxdb2
- influxdb2-config:/etc/influxdb2
invidious:
container_name: invidious
depends_on:
invidious-db:
condition: service_started
required: true
environment:
INVIDIOUS_CONFIG_FILE: /config.yml
healthcheck:
interval: 30s
retries: 2
test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/trending || exit 1
timeout: 5s
image: quay.io/invidious/invidious:latest@sha256:9d972ea5930c2e170b3c4d49bdd9fa09bf03f077d555f58747342062dffc5876
labels:
swag: enable
swag_proto: http
swag_port: 3000
swag_url: invid.${MY_TLD}
swag_server_custom_directive: |
location /companion {
proxy_pass http://invidious-companion:8282;
}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Invidious
swag.uptime-kuma.monitor.url: https://invid.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Social
homepage.name: Invidious
homepage.href: https://invid.${MY_TLD}
homepage.icon: invidious.svg
homepage.description: Alternative YouTube frontend (privacy-focused, ad-blocking)
networks:
default: null
ports:
- 3007:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/invidious/config.yml:/config.yml
invidious-companion:
cap_drop:
- ALL
container_name: invidious-companion
environment:
SERVER_SECRET_KEY: ${INVID_COMPANION_KEY}
image: quay.io/invidious/invidious-companion:latest@sha256:8f07706baf04785a59cc32547d54fa530ef0d0128e60b100d8971bb5991de6a0
logging:
options:
max-size: "1G"
max-file: "4"
ports:
- 16290:8282
profiles: ["rinoa-apps"]
read_only: true
restart: unless-stopped
security_opt:
- no-new-privileges:true
volumes:
- invidious-companion-cache:/var/tmp/youtubei.js:rw
invidious-db:
container_name: invidious-db
environment:
POSTGRES_DB: invidious
POSTGRES_PASSWORD: ${INVID_PG_DB_PASSWORD}
POSTGRES_USER: kemal
healthcheck:
test:
- CMD-SHELL
- pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB
image: docker.io/library/postgres:14@sha256:b964c3211689ffe50cc65235ea338717520954dcf6ecd4d76bf887eba3cbc91f
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: invidious-postgres
target: /var/lib/postgresql/data
type: volume
volume: {}
- source: ${DOCKER_VOLUME_CONFIG}/invidious/sql
target: /config/sql
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/invidious/entrypoint/init-invidious-db.sh
target: ${DOCKER_VOLUME_CONFIG}-entrypoint-initdb.d/init-invidious-db.sh
type: bind
bind:
create_host_path: true
it-tools:
container_name: it-tools
image: ghcr.io/corentinth/it-tools:latest@sha256:8b8128748339583ca951af03dfe02a9a4d7363f61a216226fc28030731a5a61f
labels:
swag: enable
swag_proto: http
swag_url: itt.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: IT-Tools
swag.uptime-kuma.monitor.url: https://itt.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Code/DevOps
homepage.name: IT-Tools
homepage.href: https://itt.${MY_TLD}
homepage.icon: it-tools.svg
homepage.description: Useful tools for developers and people working in IT
networks:
default: null
ports:
- 8104:80
profiles: ["rinoa-apps"]
restart: unless-stopped
jellyfin:
container_name: jellyfin
environment:
JELLYFIN_PublishedServerUrl: https://jf.${MY_TLD}
image: jellyfin/jellyfin@sha256:333b647716631443a43c7fabac4b0c46b4e2f036bad19547e00958f10f721b85
labels:
homepage.group: Media Library
homepage.name: Jellyfin
homepage.icon: jellyfin.svg
homepage.href: https://jf.${MY_TLD}
homepage.description: Movie/TV Streaming
homepage.widget.type: jellyfin
homepage.widget.url: http://jellyfin:8096
homepage.widget.key: ${JELLYFIN_API_KEY}
homepage.widget.enableBlocks: true
homepage.widget.enableNowPlaying: true
homepage.widget.enableUser: true
homepage.widget.showEpisodeNumber: true
homepage.widget.expandOneStreamToTwoRows: false
swag: enable
swag_url: jf.${MY_TLD}
swag_port: 8096
swag_proto: http
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Jellyfin
swag.uptime-kuma.monitor.url: https://jf.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 8487:8096
- 7359:7359
- 1900:1900
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/jellyfin:/config
- ${DOCKER_VOLUME_CONFIG}/jellyfin/cache:/cache
- ${DOCKER_VOLUME_STORAGE}/TV_Shows:/storage/tv
- ${DOCKER_VOLUME_STORAGE}/Movies:/storage/movies
- /etc/localtime:/etc/localtime
- /usr/share/fonts:/usr/local/share/fonts/custom
jitsi-etherpad:
container_name: jitsi-etherpad
environment:
TITLE: ${JITSI__ETHERPAD_TITLE}
DEFAULT_PAD_TEXT: ${JITSI__ETHERPAD_DEFAULT_PAD_TEXT}
SKIN_NAME: ${JITSI__ETHERPAD_SKIN_NAME}
SKIN_VARIANTS: ${JITSI__ETHERPAD_SKIN_VARIANTS}
SUPPRESS_ERRORS_IN_PAD_TEXT: true
hostname: etherpad.meet.jitsi
image: etherpad/etherpad:1.9.7@sha256:d1d6a772dd49e2d920fda874cdae2d4a43f24ba5713a1e330b6342fbab3eb5ec
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
jitsi-jibri:
cap_add:
- SYS_ADMIN
container_name: jitsi-jibri
depends_on:
jitsi-jicofo:
condition: service_started
required: true
environment:
AUTOSCALER_SIDECAR_KEY_FILE:
AUTOSCALER_SIDECAR_KEY_ID:
AUTOSCALER_SIDECAR_GROUP_NAME:
AUTOSCALER_SIDECAR_HOST_ID:
AUTOSCALER_SIDECAR_INSTANCE_ID:
AUTOSCALER_SIDECAR_PORT:
AUTOSCALER_SIDECAR_REGION:
AUTOSCALER_SIDECAR_SHUTDOWN_POLLING_INTERVAL:
AUTOSCALER_SIDECAR_STATS_POLLING_INTERVAL:
AUTOSCALER_URL:
CHROMIUM_FLAGS:
DISPLAY: :0
ENABLE_STATS_D:
JIBRI_WEBHOOK_SUBSCRIBERS:
JIBRI_HTTP_API_EXTERNAL_PORT:
JIBRI_HTTP_API_INTERNAL_PORT:
JIBRI_RECORDING_RESOLUTION:
JIBRI_RECORDING_VIDEO_ENCODE_PRESET:
JIBRI_RECORDING_CONSTANT_RATE_FACTOR:
JIBRI_RECORDING_FRAMERATE:
JIBRI_RECORDING_QUEUE_SIZE:
JIBRI_RECORDING_STREAMING_MAX_BITRATE:
JIBRI_USAGE_TIMEOUT:
JIBRI_XMPP_USER:
JIBRI_XMPP_PASSWORD: ${JITSI__JIBRI_XMPP_PASSWORD}
JIBRI_BREWERY_MUC:
JIBRI_RECORDER_USER: jibri-recorder
JIBRI_RECORDER_PASSWORD: ${JITSI__JIBRI_RECORDER_PASSWORD}
JIBRI_RECORDING_DIR:
JIBRI_FINALIZE_RECORDING_SCRIPT_PATH:
JIBRI_STRIP_DOMAIN_JID:
JIBRI_STATSD_HOST:
JIBRI_STATSD_PORT:
LOCAL_ADDRESS:
PUBLIC_URL: ${JITSI__PUBLIC_URL}
TZ: ${TZ}
XMPP_AUTH_DOMAIN:
XMPP_DOMAIN:
XMPP_INTERNAL_MUC_DOMAIN:
XMPP_MUC_DOMAIN:
XMPP_RECORDER_DOMAIN:
XMPP_SERVER:
XMPP_PORT:
XMPP_TRUST_ALL_CERTS:
image: jitsi/jibri:${JITSI_IMAGE_VERSION:-stable}
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
shm_size: 2gb
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/jitsi/jibri
target: /config
type: bind
bind:
create_host_path: true
jitsi-jicofo:
container_name: jitsi-jicofo
depends_on:
jitsi-prosody:
condition: service_started
required: true
environment:
AUTH_TYPE:
BRIDGE_AVG_PARTICIPANT_STRESS:
BRIDGE_STRESS_THRESHOLD:
ENABLE_AUTH:
ENABLE_AUTO_OWNER:
ENABLE_CODEC_VP8:
ENABLE_CODEC_VP9:
ENABLE_CODEC_H264:
ENABLE_CODEC_OPUS_RED:
ENABLE_JVB_XMPP_SERVER:
ENABLE_OCTO:
ENABLE_RECORDING: 1
ENABLE_SCTP:
ENABLE_AUTO_LOGIN:
JICOFO_AUTH_LIFETIME:
JICOFO_AUTH_PASSWORD: ${JITSI__JICOFO_AUTH_PASSWORD}
JICOFO_AUTH_TYPE:
JICOFO_BRIDGE_REGION_GROUPS:
JICOFO_ENABLE_AUTH:
JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS:
JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT:
JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT:
JICOFO_CONF_SOURCE_SIGNALING_DELAYS:
JICOFO_CONF_MAX_AUDIO_SENDERS:
JICOFO_CONF_MAX_VIDEO_SENDERS:
JICOFO_CONF_STRIP_SIMULCAST:
JICOFO_CONF_SSRC_REWRITING:
JICOFO_ENABLE_HEALTH_CHECKS:
JICOFO_ENABLE_REST:
JICOFO_HEALTH_CHECKS_USE_PRESENCE:
JICOFO_MULTI_STREAM_BACKWARD_COMPAT:
JICOFO_OCTO_REGION:
JIBRI_BREWERY_MUC:
JIBRI_REQUEST_RETRIES:
JIBRI_PENDING_TIMEOUT:
JIGASI_BREWERY_MUC:
JIGASI_SIP_URI:
JVB_BREWERY_MUC:
JVB_XMPP_AUTH_DOMAIN:
JVB_XMPP_INTERNAL_MUC_DOMAIN:
JVB_XMPP_PORT:
JVB_XMPP_SERVER:
MAX_BRIDGE_PARTICIPANTS:
OCTO_BRIDGE_SELECTION_STRATEGY:
SENTRY_DSN: "${JICOFO_SENTRY_DSN:-0}"
SENTRY_ENVIRONMENT:
SENTRY_RELEASE:
TZ: ${TZ}
XMPP_DOMAIN:
XMPP_AUTH_DOMAIN:
XMPP_INTERNAL_MUC_DOMAIN:
XMPP_MUC_DOMAIN:
XMPP_RECORDER_DOMAIN:
XMPP_SERVER:
XMPP_PORT:
image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable}
networks:
default: null
ports:
- 8889:8888
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/jicofo
target: /config
type: bind
jitsi-jigasi:
container_name: jitsi-jigasi
depends_on:
jitsi-prosody:
condition: service_started
required: true
environment:
ENABLE_AUTH: 1
ENABLE_GUESTS: 1
XMPP_AUTH_DOMAIN:
XMPP_GUEST_DOMAIN:
XMPP_MUC_DOMAIN:
XMPP_INTERNAL_MUC_DOMAIN:
XMPP_SERVER:
XMPP_PORT:
XMPP_DOMAIN:
PUBLIC_URL: ${JITSI__PUBLIC_URL}
JIGASI_DISABLE_SIP:
JIGASI_SIP_URI: ${JITSI__SIP_URI}
JIGASI_SIP_PASSWORD: ${JITSI__JIGAGI_SIP_PASSWORD}
JIGASI_SIP_SERVER: ${JITSI__JIGAGI_SIP_SERVER}
JIGASI_SIP_PORT: ${JITSI__JIGAGI_SIP_PORT}
JIGASI_SIP_TRANSPORT: ${JITSI__JIGAGI_SIP_TRANSPORT}
JIGASI_SIP_DEFAULT_ROOM:
JIGASI_XMPP_USER:
JIGASI_XMPP_PASSWORD: ${JITSI__JIGASI_XMPP_PASSWORD}
JIGASI_BREWERY_MUC:
JIGASI_PORT_MIN:
JIGASI_PORT_MAX:
JIGASI_HEALTH_CHECK_SIP_URI:
JIGASI_HEALTH_CHECK_INTERVAL:
JIGASI_SIP_KEEP_ALIVE_METHOD:
JIGASI_ENABLE_SDES_SRTP:
ENABLE_TRANSCRIPTIONS: 1
JIGASI_TRANSCRIBER_ADVERTISE_URL:
JIGASI_TRANSCRIBER_RECORD_AUDIO:
JIGASI_TRANSCRIBER_SEND_TXT:
GC_PROJECT_ID:
GC_PRIVATE_KEY_ID:
GC_PRIVATE_KEY:
GC_CLIENT_EMAIL:
GC_CLIENT_ID:
GC_CLIENT_CERT_URL:
SHUTDOWN_REST_ENABLED:
SENTRY_DSN: "${JIGASI_SENTRY_DSN:-0}"
SENTRY_ENVIRONMENT:
SENTRY_RELEASE:
TZ: ${TZ}
image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-stable}
networks:
default: null
ports:
- 20000-20050:20000-20050/udp
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/jigasi
target: /config
type: bind
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/transcripts
target: /tmp/transcripts
type: bind
jitsi-jvb:
container_name: video.meet.jitsi
depends_on:
jitsi-prosody:
condition: service_started
required: true
environment:
DOCKER_HOST_ADDRESS:
ENABLE_COLIBRI_WEBSOCKET:
ENABLE_JVB_XMPP_SERVER:
ENABLE_OCTO:
JVB_ADVERTISE_IPS: 192.168.1.254
JVB_ADVERTISE_PRIVATE_CANDIDATES:
JVB_AUTH_USER:
JVB_AUTH_PASSWORD: ${JITSI__JVB_AUTH_PASSWORD}
JVB_BREWERY_MUC:
JVB_DISABLE_STUN:
JVB_PORT:
JVB_MUC_NICKNAME:
JVB_STUN_SERVERS:
JVB_OCTO_BIND_ADDRESS:
JVB_OCTO_REGION:
JVB_OCTO_RELAY_ID:
JVB_WS_DOMAIN:
JVB_WS_SERVER_ID:
JVB_XMPP_AUTH_DOMAIN:
JVB_XMPP_INTERNAL_MUC_DOMAIN:
JVB_XMPP_PORT:
JVB_XMPP_SERVER:
PUBLIC_URL: ${JITSI__PUBLIC_URL}
SENTRY_DSN: "${JVB_SENTRY_DSN:-0}"
SENTRY_ENVIRONMENT:
SENTRY_RELEASE:
COLIBRI_REST_ENABLED:
SHUTDOWN_REST_ENABLED:
TZ: ${TZ}
XMPP_AUTH_DOMAIN:
XMPP_INTERNAL_MUC_DOMAIN:
XMPP_SERVER:
XMPP_PORT:
image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable}
networks:
default: null
ports:
- 10000:10000/udp
- 8091:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/jvb
target: /config
type: bind
jitsi-prosody:
container_name: xmpp.meet.jitsi
environment:
AUTH_TYPE:
DISABLE_POLLS:
ENABLE_AUTH:
ENABLE_AV_MODERATION:
ENABLE_BREAKOUT_ROOMS:
ENABLE_END_CONFERENCE:
ENABLE_GUESTS: 1
ENABLE_IPV6:
ENABLE_LOBBY: 1
ENABLE_RECORDING: 1
ENABLE_XMPP_WEBSOCKET:
ENABLE_JAAS_COMPONENTS:
GC_TYPE:
GC_INC_TH:
GC_INC_SPEED:
GC_INC_STEP_SIZE:
GC_GEN_MIN_TH:
GC_GEN_MAX_TH:
GLOBAL_CONFIG:
GLOBAL_MODULES:
JIBRI_RECORDER_USER:
JIBRI_RECORDER_PASSWORD: ${JITSI__JIBRI_RECORDER_PASSWORD}
JIBRI_XMPP_USER:
JIBRI_XMPP_PASSWORD: ${JITSI__JIBRI_XMPP_PASSWORD}
JICOFO_AUTH_PASSWORD: ${JITSI__JICOFO_AUTH_PASSWORD}
JICOFO_COMPONENT_SECRET:
JIGASI_XMPP_USER:
JIGASI_XMPP_PASSWORD: ${JITSI__JIGASI_XMPP_PASSWORD}
JIGASI_TRANSCRIBER_PASSWORD: ${JITSI__JIGASI_TRANSCRIBER_PASSWORD}
JVB_AUTH_USER:
JVB_AUTH_PASSWORD: ${JITSI__JVB_AUTH_PASSWORD}
JWT_APP_ID:
JWT_APP_SECRET:
JWT_ACCEPTED_ISSUERS:
JWT_ACCEPTED_AUDIENCES:
JWT_ASAP_KEYSERVER:
JWT_ALLOW_EMPTY:
JWT_AUTH_TYPE:
JWT_ENABLE_DOMAIN_VERIFICATION:
JWT_TOKEN_AUTH_MODULE:
MATRIX_UVS_URL:
MATRIX_UVS_ISSUER:
MATRIX_UVS_AUTH_TOKEN:
MATRIX_UVS_SYNC_POWER_LEVELS:
LOG_LEVEL:
LDAP_AUTH_METHOD:
LDAP_BASE:
LDAP_BINDDN:
LDAP_BINDPW:
LDAP_FILTER:
LDAP_VERSION:
LDAP_TLS_CIPHERS:
LDAP_TLS_CHECK_PEER:
LDAP_TLS_CACERT_FILE:
LDAP_TLS_CACERT_DIR:
LDAP_START_TLS:
LDAP_URL:
LDAP_USE_TLS:
MAX_PARTICIPANTS:
PROSODY_AUTH_TYPE:
PROSODY_RESERVATION_ENABLED:
PROSODY_RESERVATION_REST_BASE_URL:
PROSODY_ENABLE_RATE_LIMITS:
PROSODY_RATE_LIMIT_LOGIN_RATE:
PROSODY_RATE_LIMIT_SESSION_RATE:
PROSODY_RATE_LIMIT_TIMEOUT:
PROSODY_RATE_LIMIT_ALLOW_RANGES:
PROSODY_RATE_LIMIT_CACHE_SIZE:
PUBLIC_URL: ${JITSI__PUBLIC_URL}
TURN_CREDENTIALS:
TURN_HOST:
TURNS_HOST:
TURN_PORT:
TURNS_PORT:
TURN_TRANSPORT:
TZ: ${TZ}
XMPP_DOMAIN:
XMPP_AUTH_DOMAIN:
XMPP_GUEST_DOMAIN:
XMPP_MUC_DOMAIN:
XMPP_INTERNAL_MUC_DOMAIN:
XMPP_MODULES:
XMPP_MUC_MODULES:
XMPP_MUC_CONFIGURATION:
XMPP_INTERNAL_MUC_MODULES:
XMPP_RECORDER_DOMAIN:
XMPP_PORT:
expose:
- 5222
- "5347"
- "5280"
image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable}
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/prosody/config
target: /config
type: bind
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/prosody/prosody-plugins-custom
target: /prosody-plugins-custom
type: bind
jitsi-web:
container_name: jitsi-web
environment:
AMPLITUDE_ID:
ANALYTICS_SCRIPT_URLS:
ANALYTICS_WHITELISTED_EVENTS:
AUDIO_QUALITY_OPUS_BITRATE:
AUTO_CAPTION_ON_RECORD:
BRANDING_DATA_URL:
CALLSTATS_CUSTOM_SCRIPT_URL:
CALLSTATS_ID:
CALLSTATS_SECRET:
CHROME_EXTENSION_BANNER_JSON:
COLIBRI_WEBSOCKET_PORT:
CONFCODE_URL:
CONFIG_EXTERNAL_CONNECT:
DEFAULT_LANGUAGE:
DEPLOYMENTINFO_ENVIRONMENT:
DEPLOYMENTINFO_ENVIRONMENT_TYPE:
DEPLOYMENTINFO_REGION:
DEPLOYMENTINFO_SHARD:
DEPLOYMENTINFO_USERREGION:
DESKTOP_SHARING_FRAMERATE_MIN:
DESKTOP_SHARING_FRAMERATE_MAX:
DIALIN_NUMBERS_URL:
DIALOUT_AUTH_URL:
DIALOUT_CODES_URL:
DISABLE_AUDIO_LEVELS:
DISABLE_DEEP_LINKING:
DISABLE_GRANT_MODERATOR:
DISABLE_HTTPS: 1
DISABLE_KICKOUT:
DISABLE_LOCAL_RECORDING:
DISABLE_POLLS:
DISABLE_PRIVATE_CHAT:
DISABLE_PROFILE:
DISABLE_REACTIONS:
DISABLE_REMOTE_VIDEO_MENU:
DISABLE_START_FOR_ALL:
DROPBOX_APPKEY:
DROPBOX_REDIRECT_URI:
DYNAMIC_BRANDING_URL:
ENABLE_AUDIO_PROCESSING:
ENABLE_AUTH:
ENABLE_BREAKOUT_ROOMS:
ENABLE_CALENDAR:
ENABLE_COLIBRI_WEBSOCKET:
ENABLE_E2EPING:
ENABLE_FILE_RECORDING_SHARING:
ENABLE_GUESTS: 1
ENABLE_HSTS:
ENABLE_HTTP_REDIRECT: 0
ENABLE_IPV6:
ENABLE_LETSENCRYPT: 0
ENABLE_LIPSYNC:
ENABLE_NO_AUDIO_DETECTION:
ENABLE_NOISY_MIC_DETECTION:
ENABLE_OCTO:
ENABLE_OPUS_RED:
ENABLE_PREJOIN_PAGE:
ENABLE_P2P:
ENABLE_WELCOME_PAGE:
ENABLE_CLOSE_PAGE:
ENABLE_LIVESTREAMING:
ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK:
ENABLE_LIVESTREAMING_HELP_LINK:
ENABLE_LIVESTREAMING_TERMS_LINK:
ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING:
ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT:
ENABLE_LOCAL_RECORDING_SELF_START:
ENABLE_RECORDING: 1
ENABLE_REMB:
ENABLE_REQUIRE_DISPLAY_NAME:
ENABLE_SERVICE_RECORDING:
ENABLE_SIMULCAST:
ENABLE_STATS_ID:
ENABLE_STEREO:
ENABLE_SUBDOMAINS:
ENABLE_TALK_WHILE_MUTED:
ENABLE_TCC:
ENABLE_TRANSCRIPTIONS: 1
ENABLE_XMPP_WEBSOCKET:
ENABLE_JAAS_COMPONENTS:
ETHERPAD_PUBLIC_URL:
ETHERPAD_URL_BASE: ${JITSI__ETHERPAD_URL_BASE}
E2EPING_NUM_REQUESTS:
E2EPING_MAX_CONFERENCE_SIZE:
E2EPING_MAX_MESSAGE_PER_SECOND:
GOOGLE_ANALYTICS_ID:
GOOGLE_API_APP_CLIENT_ID:
HIDE_PREMEETING_BUTTONS:
HIDE_PREJOIN_DISPLAY_NAME:
HIDE_PREJOIN_EXTRA_BUTTONS:
INVITE_SERVICE_URL:
LETSENCRYPT_DOMAIN:
LETSENCRYPT_EMAIL:
LETSENCRYPT_USE_STAGING:
MATOMO_ENDPOINT:
MATOMO_SITE_ID:
MICROSOFT_API_APP_CLIENT_ID:
NGINX_RESOLVER:
NGINX_WORKER_PROCESSES:
NGINX_WORKER_CONNECTIONS:
PEOPLE_SEARCH_URL:
PREFERRED_LANGUAGE:
PUBLIC_URL: ${JITSI__PUBLIC_URL}
P2P_PREFERRED_CODEC:
RESOLUTION:
RESOLUTION_MIN:
RESOLUTION_WIDTH:
RESOLUTION_WIDTH_MIN:
START_AUDIO_MUTED:
START_AUDIO_ONLY:
START_BITRATE:
START_SILENT:
START_WITH_AUDIO_MUTED:
START_VIDEO_MUTED:
START_WITH_VIDEO_MUTED:
TESTING_CAP_SCREENSHARE_BITRATE:
TESTING_OCTO_PROBABILITY:
TOKEN_AUTH_URL:
TOOLBAR_BUTTONS:
TRANSLATION_LANGUAGES:
TRANSLATION_LANGUAGES_HEAD:
TZ: ${TZ}
USE_APP_LANGUAGE:
VIDEOQUALITY_BITRATE_H264_LOW:
VIDEOQUALITY_BITRATE_H264_STANDARD:
VIDEOQUALITY_BITRATE_H264_HIGH:
VIDEOQUALITY_BITRATE_VP8_LOW:
VIDEOQUALITY_BITRATE_VP8_STANDARD:
VIDEOQUALITY_BITRATE_VP8_HIGH:
VIDEOQUALITY_BITRATE_VP9_LOW:
VIDEOQUALITY_BITRATE_VP9_STANDARD:
VIDEOQUALITY_BITRATE_VP9_HIGH:
VIDEOQUALITY_ENFORCE_PREFERRED_CODEC:
VIDEOQUALITY_PREFERRED_CODEC:
XMPP_AUTH_DOMAIN:
XMPP_BOSH_URL_BASE:
XMPP_DOMAIN:
XMPP_GUEST_DOMAIN:
XMPP_MUC_DOMAIN:
XMPP_RECORDER_DOMAIN:
XMPP_PORT:
WHITEBOARD_ENABLED:
WHITEBOARD_COLLAB_SERVER_PUBLIC_URL:
hostname: meet.jitsi
image: jitsi/web:${JITSI_IMAGE_VERSION:-stable}
labels:
swag: enable
swag_proto: https
swag_url: meet.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Jitsi
swag.uptime-kuma.monitor.url: https://meet.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Professional Services
homepage.name: Jitsi
homepage.href: https://meet.${MY_TLD}
homepage.icon: jitsi.png
homepage.description: Web Conferencing
networks:
default: null
ports:
- 8001:80
- 8002:443
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/web
target: /config
type: bind
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/web/crontabs
target: /var/spool/cron/crontabs
type: bind
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/transcripts
target: /usr/share/jitsi-meet/transcripts
type: bind
joplin-db:
container_name: joplin-db
environment:
POSTGRES_PASSWORD: ${JOPLIN_POSTGRES_PASSWORD}
POSTGRES_USER: ${JOPLIN_POSTGRES_USER}
POSTGRES_DB: ${JOPLIN_POSTGRES_DATABASE}
expose:
- 5432
image: postgres:17-alpine@sha256:3430fe182f5065a6ea505c3d432d2c7fff18fbab954df8f277c1dbf4c70124af
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: joplin_data
target: /var/lib/postgresql/data
type: volume
volume: {}
joplin:
container_name: joplin
environment:
ACCOUNT_TYPES_ENABLED: true
APP_PORT: ${JOPLIN_APP_PORT}
APP_BASE_URL: ${JOPLIN_APP_BASE_URL}
DB_CLIENT: pg
INSTANCE_NAME: "Joplin @ Rinoa"
IS_ADMIN_INSTANCE: true
MAILER_ENABLED: 1
MAILER_HOST: postal-SMTP
MAILER_PORT: 25
MAILER_SECURITY: none
MAILER_AUTH_USER: ${POSTAL_SMTP_AUTH_USER}
MAILER_AUTH_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
MAILER_NOREPLY_NAME: Joplin @ Rinoa
MAILER_NOREPLY_EMAIL: noreply@${MY_TLD}
POSTGRES_PASSWORD: ${JOPLIN_POSTGRES_PASSWORD}
POSTGRES_DATABASE: ${JOPLIN_POSTGRES_DATABASE}
POSTGRES_USER: ${JOPLIN_POSTGRES_USER}
POSTGRES_PORT: 5432
POSTGRES_HOST: joplin-db
image: joplin/server:latest@sha256:5d9e7f9d31b436cb1b99d1a6a65d8c5bf760829094617e8ad1e956fd925de888
labels:
homepage.group: Personal Tools
homepage.name: Joplin
homepage.href: https://notes.${MY_TLD}
homepage.icon: joplin.svg
homepage.description: Open-source note taking & to-do
swag: enable
swag_url: notes.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Joplin
swag.uptime-kuma.monitor.url: https://notes.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 22300:22300
profiles: ["rinoa-apps"]
restart: unless-stopped
karakeep:
container_name: karakeep
image: ghcr.io/karakeep-app/karakeep:release@sha256:2724d4a9a6d13a7fa3babf53b9245767aae56c34f06042a8463ee983c6b41caf
environment:
BROWSER_WEB_URL: http://chrome:9222
DATA_DIR: /data
INFERENCE_TEXT_MODEL: llama3.3:latest
INFERENCE_IMAGE_MODEL: llava:latest
MEILI_ADDR: http://meilisearch:7700
NEXTAUTH_SECRET: ${KARAKEEP_NEXTAUTH_SECRET}
NEXTAUTH_URL: https://kkeep.${MY_TLD}
OPENAI_API_KEY: ${LIBRECHAT_OPENAI_API_KEY}
OLLAMA_BASE_URL: http://192.168.1.249:11434
labels:
homepage.group: Lifestyle
homepage.name: Karakeep
homepage.href: https://kkeep.${MY_TLD}
homepage.icon: karakeep-dark.svg
homepage.description: Self-hosted bookmark-everything app with a touch of AI for data hoarders
homepage.widget.type: karakeep
homepage.widget.url: http://karakeep:3000
homepage.widget.key: ${KARAKEEP_HOMEPAGE_WIDGET_KEY}
swag: enable
swag_url: kkeep.${MY_TLD}
swag_port: 3000
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Karakeep
swag.uptime-kuma.monitor.url: https://kkeep.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 24977:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- karakeep-data:/data
languagetool:
container_name: languagetool
environment:
langtool_languageModel: /opt/languagetool/langModel
Java_Xms: 512m
Java_Xmx: 1g
expose:
- 8010
image: elestio/languagetool:latest@sha256:f0c2e7a1dc3b9acc893f86959406500fe04764ff49372a5d2fb69d6206f09c65
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/languagetool/:/opt/languagetool/langModel
libretranslate:
container_name: libretranslate
environment:
LT_UPDATE_MODELS: true
healthcheck:
test: ["CMD-SHELL", "./venv/bin/python scripts/healthcheck.py"]
image: libretranslate/libretranslate@sha256:28107a7a0cdd3d555cc3bd0d88c54ab427124e14882ff9d124f80d10fc6769af
labels:
homepage.group: Personal Tools
homepage.name: LibreTranslate
homepage.href: https://translate.${MY_TLD}
homepage.icon: sh-libretranslate.svg
homepage.description: Open-source machine translation API
swag: enable
swag_port: 5000
swag_url: translate.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: LibreTranslate
swag.uptime-kuma.monitor.url: https://translate.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 5000:5000
profiles: ["rinoa-apps"]
restart: unless-stopped
stdin_open: true
tty: true
volumes:
- libretranslate_api_keys:/app/db
- libretranslate_models:/home/libretranslate/.local:rw
lidarr:
container_name: lidarr
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: America/New_York
DOCKER_MODS: ghcr.io/gilbn/theme.park:lidarr
hostname: Rinoa
image: lscr.io/linuxserver/lidarr:latest@sha256:37a3df74f4c2a6f10eead66f4d8034362ebf2866f935026b4a71dd888b9e7f08
labels:
homepage.group: Servarr Stack
homepage.name: Lidarr
homepage.href: https://lidarr.${MY_TLD}
homepage.icon: lidarr.png
homepage.description: Music Automation
homepage.widget.type: lidarr
homepage.widget.url: http://lidarr:8686
homepage.widget.key: ${LIDARR_API_KEY}
swag: enable
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Lidarr
swag.uptime-kuma.monitor.url: https://lidarr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8686:8686
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/lidarr:/config
- /rinoa-storage:/storage
- ${DOCKER_VOLUME_STORAGE}/downloads/:/downloads
lidify:
container_name: lidify
environment:
app_name: lidify
app_rev: 0.09
app_url: lidify.${MY_TLD}
dry_run_adding_to_lidarr: true
fallback_to_top_result: false
last_fm_api_key: ${LASTFM_API_KEY}
last_fm_api_secret: ${LASTFM_API_SECRET}
lidarr_address: http://lidarr:8686
lidarr_api_key: ${LIDARR_API_KEY}
lidarr_api_timeout: 120
metadata_profile_id: 1
mode: LastFM
quality_profile_id: 1
root_folder_path: /data/media/music
search_for_missing_albums: false
spotify_client_id: ${YOUR_SPOTIFY_ID}
spotify_client_secret: ${YOUR_SPOTIFY_SECRET}
expose:
- 5000
image: thewicklowwolf/lidify:latest@sha256:d9968f2eebe30e28448f94f8f7198b3bc9ee06e950434b659e10b4d46dfeaac3
labels:
homepage.group: Servarr Stack
homepage.name: Lidify
homepage.href: https://lidify.${MY_TLD}
homepage.icon: sh-lidify.png
homepage.description: Music Discovery a la Last.fm, Spotify, Pandora, etc.
swag: enable
swag_auth: authelia
swag_proto: http
swag_port: 5000
swag_url: lidify.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Lidify
swag.uptime-kuma.monitor.url: https://lidify.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/lidify
target: /lidify/config
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_STORAGE}/Audio/Music
target: /data/media/music
type: bind
bind:
create_host_path: true
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
linkstack:
container_name: linkstack
image: linkstackorg/linkstack:latest@sha256:d9c4e1fd521e1ae78e796ac549b4d3e6371665775761d6c712aec8ac3bd9c5bc
environment:
TZ: ${TZ}
SERVER_ADMIN: noreply@${MY_TLD}
HTTP_SERVER_NAME: profile.${MY_TLD}
HTTPS_SERVER_NAME: profile.${MY_TLD}
LOG_LEVEL: info
PHP_MEMORY_LIMIT: 256M
UPLOAD_MAX_FILESIZE: 64M
labels:
homepage.group: Social
homepage.name: LinkStack
homepage.href: https://profile.${MY_TLD}
homepage.icon: linkstack.svg
homepage.description: Personal profile
swag: enable
swag_proto: https
swag_url: profile.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: LinkStack
swag.uptime-kuma.monitor.url: "https://profile.${MY_TLD}/@Trez.One"
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 8190:443
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- linkstack_data:/htdocs
lldap:
container_name: lldap
environment:
UID: ${PUID}
GID: ${PGID}
TZ: ${TZ}
LLDAP_JWT_SECRET: ${LLDAP_JWT_SECRET}
LLDAP_KEY_SEED: ${LLDAP_KEY_SEED}
LLDAP_LDAP_BASE_DN: dc=trez,dc=wtf
image: lldap/lldap:stable@sha256:9e605a66c02514bfcffd1b67cafb1e98d50992216bb2871d7ae44622047dd09d
labels:
homepage.group: Privacy/Security
homepage.name: LLDAP
homepage.href: https://ldap.${MY_TLD}
homepage.icon: /icons/lldap.png
homepage.description: LDAP made easy
swag: enable
swag_proto: http
swag_port: 17170
swag_url: ldap.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: LLDAP
swag.uptime-kuma.monitor.url: https://ldap.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 3890:3890
- 17170:17170
profiles: ["rinoa-apps"]
restart: always
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/lldap
target: /data
type: bind
bind:
create_host_path: true
loggifly:
image: ghcr.io/clemcer/loggifly:latest@sha256:9f6a673cd11fb90ffd0cfdb9675d5d3b9b3dfac060800fab52ec8dfbd4cc0293
container_name: loggifly
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${DOCKER_VOLUME_CONFIG}/loggifly/config.yaml:/app/config.yaml # Path to your config file (ignore if you are only using environment variables)
maloja:
container_name: maloja
environment:
MALOJA_CLEAN_OUTPUT: true
MALOJA_DEV_MODE: false
MALOJA_FORCE_PASSWORD: ${MALOJA_FORCE_PASSWORD}
MALOJA_LASTFM_API_KEY: ${LASTFM_API_KEY}
MALOJA_LASTFM_API_SECRET: ${LASTFM_API_SECRET}
MALOJA_LASTFM_PASSWORD: ${LASTFM_PASSWORD}
MALOJA_LASTFM_USERNAME: ${LASTFM_USERNAME}
MALOJA_LOGGING: true
MALOJA_PARSE_REMIX_ARTISTS: true
MALOJA_SCROBBLE_LASTFM: true
MALOJA_SKIP_SETUP: true
MALOJA_SPOTIFY_API_ID: ${YOUR_SPOTIFY_ID}
MALOJA_SPOTIFY_API_SECRET: ${YOUR_SPOTIFY_SECRET}
MALOJA_TIMEZONE: ${TZ}
image: krateng/maloja:latest@sha256:4ecea26058d2ca5168a8d53820279942d28f0606664cea6425f42371d5d88f95
labels:
homepage.group: Media Library
homepage.name: Maloja
homepage.href: https://maloja.${MY_TLD}
homepage.icon: maloja.png
homepage.description: Simple self-hosted music scrobble database to create personal listening statistics
swag: enable
swag_proto: http
swag_port: 42010
swag_url: maloja.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Maloja
swag.uptime-kuma.monitor.url: https://maloja.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 42010:42010
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/maloja/config
target: /etc/maloja
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/maloja/data
target: /var/lib/maloja
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/maloja/logs
target: /var/log/maloja
type: bind
bind:
create_host_path: true
manyfold:
container_name: manyfold
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
DATABASE_URL: postgresql://manyfold:${MANYFOLD_PG_DB_PASSWORD}@manyfold-pg-db:5432/manyfold
REDIS_URL: redis://manyfold-valkey:6379/0
SECRET_KEY_BASE: ${MANYFOLD_SECRET_KEY_BASE}
MUTLIUSER: enabled
MANYFOLD_LOG_LEVEL: info
SMTP_SERVER: postal-smtp
SMTP_PORT: 25
SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER}
SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
SMTP_FROM_ADDRESS: noreply@${MY_TLD}
image: lscr.io/linuxserver/manyfold:0.131.0@sha256:e40699dac23fae4de09982fcb2e5d478917b5b9a60bd1fda43ec7a2f18a8c4d6
labels:
homepage.group: Lifestyle
homepage.name: Manyfold
homepage.href: https://3dprint.${MY_TLD}
homepage.icon: manyfold.svg
homepage.description: Self-hosted digital asset manager for 3D print files
swag: enable
swag_proto: http
swag_port: 3214
swag_url: 3dprint.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.monitor.url: https://3dprint.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 3214:3214
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/manyfold/library:/libraries
manyfold-pg-db:
container_name: manyfold-pg-db
environment:
POSTGRES_USER: manyfold
POSTGRES_PASSWORD: ${MANYFOLD_PG_DB_PASSWORD}
POSTGRES_DB: manyfold
expose:
- 5432
healthcheck:
test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER
start_period: 20s
timeout: 30s
interval: 10s
retries: 5
image: postgres:18-alpine@sha256:88f300be8635fe8a9ed4c18a68ba497fb6df1215fd2b074895afd027bd3e1006
profiles: ["rinoa-apps"]
restart: always
volumes:
- manyfold-pg-db:/var/lib/postgresql/data
manyfold-valkey:
container_name: manyfold-valkey
<<: *valkey-params
volumes:
- manyfold-valkey-data:/data/valkey
mariadb:
container_name: mariadb
environment:
MYSQL_ROOT_PASSWORD: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD}
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
healthcheck:
test:
[
"CMD-SHELL",
"mariadb-admin ping -h localhost -p${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD}|| exit 1",
]
interval: 1m30s
timeout: 10s
retries: 5
hostname: Rinoa
image: linuxserver/mariadb@sha256:d70694effbcb6158a5b9c7e81548aeaad24f11958329de517c5efb664aeb6219
networks:
default: null
ports:
- 3306:3306
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/mariadb:/config
- ${DOCKER_VOLUME_STORAGE}:/storage
- ${DOCKER_VOLUME_CONFIG}/mariadb:/var/lib/mysql
mastodon:
container_name: mastodon
depends_on:
mastodon-pg-db:
condition: service_healthy
required: true
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
LOCAL_DOMAIN: mastodon.${MY_TLD}
WEB_DOMAIN: mastodon.${MY_TLD}
REDIS_HOST: mastodon-valkey
REDIS_PORT: 6379
DB_HOST: mastodon-pg-db
DB_USER: mastodon
DB_NAME: mastodon
DB_PASS: ${MASTODON_PG_DB_PASSWORD}
DB_PORT: 5432
ES_ENABLED: false
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY: ${MASTODON_ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY}
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY: ${MASTODON_ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY}
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT: ${MASTODON_ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT}
SECRET_KEY_BASE: ${MASTODON_SECRET_KEY_BASE}
OTP_SECRET: ${MASTODON_OTP_SECRET}
VAPID_PRIVATE_KEY: ${MASTODON_VAPID_PRIVATE_KEY}
VAPID_PUBLIC_KEY: ${MASTODON_VAPID_PUBLIC_KEY}
SMTP_SERVER: postal-smtp
SMTP_PORT: 25
SMTP_LOGIN: ${POSTAL_SMTP_AUTH_USER}
SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
SMTP_FROM_ADDRESS: noreply@${MY_TLD}
S3_ENABLED: true
S3_ENDPOINT: http://minio:9000
S3_REGION: us-east-fh-pln
S3_HOST: s3.${MY_TLD}
S3_PROTOCOL: https
S3_BUCKET: mastodon
AWS_ACCESS_KEY_ID: ${MASTODON_MINIO_ACCESS_KEY}
AWS_SECRET_ACCESS_KEY: ${MASTODON_MINIO_SECRET_KEY}
expose:
- 3000
image: lscr.io/linuxserver/mastodon:latest@sha256:99dc04544ce08e7de34eaa6c64bc358b0c989189d05759e48cc6634855aa970b
labels:
swag: enable
swag_proto: http
swag_port: 80
swag_url: mastodon.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Mastodon
swag.uptime-kuma.monitor.url: https://mastodon.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Social
homepage.name: Mastodon
homepage.href: https://mastodon.${MY_TLD}
homepage.icon: mastodon.svg
homepage.description: Open-source social network
homepage.widget.type: mastodon
homepage.widget.url: https://mastodon.${MY_TLD}
ports:
- 9044:80
- 3444:443
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/mastodon:/config
mastodon-pg-db:
container_name: mastodon-pg-db
environment:
POSTGRES_USER: mastodon
POSTGRES_PASSWORD: ${MASTODON_PG_DB_PASSWORD}
POSTGRES_DB: mastodon
expose:
- 5432
healthcheck:
test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER
start_period: 20s
timeout: 30s
interval: 10s
retries: 5
image: postgres:17-alpine@sha256:3430fe182f5065a6ea505c3d432d2c7fff18fbab954df8f277c1dbf4c70124af
profiles: ["rinoa-apps"]
restart: always
volumes:
- mastodon-pg-db:/var/lib/postgresql/data
mastodon-valkey:
container_name: mastodon-valkey
<<: *valkey-params
volumes:
- mastodon-valkey-data:/data/valkey
maxun-backend:
container_name: maxun-backend
depends_on:
maxun-pg-db:
condition: service_healthy
required: true
minio:
condition: service_started
required: true
<<: *maxun-env
expose:
- 8080
image: getmaxun/maxun-backend:latest@sha256:8985839d272b6c8a6d3b4144a124828878f49832fe0d126949c880e20bee81ee
mem_limit: 2g # Set a 2GB memory limit
ports:
- 8369:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
security_opt:
- seccomp=unconfined # This might help with browser sandbox issues
shm_size: "2gb" # Increase shared memory size for Chromium
volumes:
- /var/run/dbus:/var/run/dbus
maxun-frontend:
container_name: maxun-frontend
depends_on:
- maxun-backend
<<: *maxun-env
image: getmaxun/maxun-frontend:latest@sha256:436369cb8704b83751a74c5eef16babb62ec82244e444f1c0a6cc4d2ca271d2b
labels:
swag: enable
swag_proto: http
swag_port: 5173
swag_url: scrape.${MY_TLD}
swag_server_custom_directive: |
location ~ ^/(auth|storage|record|workflow|robot|proxy|api-docs|api|webhook|socket.io)(/|$) {
proxy_pass http://maxun-backend:8080;
}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Maxun (Frontend)
swag.uptime-kuma.monitor.url: https://scrape.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Personal Tools
homepage.name: Maxun
homepage.href: https://scrape.${MY_TLD}
homepage.icon: sh-maxun.svg
homepage.description: No-code web data extraction platform
ports:
- 5173:5173
profiles: ["rinoa-apps"]
restart: unless-stopped
maxun-pg-db:
container_name: maxun-pg-db
image: postgres:17-alpine@sha256:3430fe182f5065a6ea505c3d432d2c7fff18fbab954df8f277c1dbf4c70124af
environment:
POSTGRES_USER: maxun
POSTGRES_PASSWORD: ${MAXUN_DB_PASSWORD}
POSTGRES_DB: maxun
expose:
- 5432
healthcheck:
test: ["CMD-SHELL", "pg_isready -U maxun"]
interval: 10s
timeout: 5s
retries: 5
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- maxun-pg-data:/var/lib/postgresql/data
maxun-valkey:
container_name: maxun-valkey
<<: *valkey-params
volumes:
- maxun-valkey-data:/data/valkey
meme-search-pro:
container_name: meme-search-pro
depends_on:
meme-search-db:
condition: service_healthy
environment:
DATABASE_URL: postgres://meme-search:${MEME_SEARCH_PG_PASSWORD}@meme-search-db:5432/meme-search
image: ghcr.io/neonwatty/meme_search_pro:latest@sha256:bf3c20a6a0407ffa594d3e2fe8611073c0499659c90f44a28decd5e701e9e1f6
labels:
swag: enable
swag_proto: http
swag_port: 3000
swag_url: memes.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Meme Search Pro
swag.uptime-kuma.monitor.url: https://memes.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Social
homepage.name: Meme Search Pro
homepage.href: https://memes.${MY_TLD}
homepage.icon: sh-meme-search.svg
homepage.description: Meme search engine built with Python and Ruby
ports:
- 14058:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/meme_search_pro/memes/:/rails/public/memes
meme-search-pro-img2txt-gen:
image: ghcr.io/neonwatty/image_to_text_generator:latest@sha256:81ffbc934de800f3f5206f742db534a78596ec894e348dc25548495a1e9ad78e
container_name: meme-search-pro-img2txt-gen
deploy:
resources:
limits:
memory: 12GB
environment:
APP_PORT: 3000
expose:
- 8000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/meme_search_pro/memes/:/app/public/memes
- ${DOCKER_VOLUME_CONFIG}/meme_search_pro/db-data/image_to_text_generator:/app/db
- ${DOCKER_VOLUME_CONFIG}/meme_search_pro/models:/root/.cache/huggingface
meme-search-db:
container_name: meme-search-db
environment:
POSTGRES_DB: meme-search
POSTGRES_USER: meme-search
POSTGRES_PASSWORD: ${MEME_SEARCH_PG_PASSWORD}
expose:
- 5432
healthcheck:
test: ["CMD-SHELL", "pg_isready -U meme-search"]
interval: 10s
timeout: 5s
retries: 5
image: pgvector/pgvector:pg17@sha256:3e8b3adfd27b5707128f60956f62a793c3c9326ea8cfaf0eab7adccb5d700b21
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/meme_search_pro/db-data/meme-search-db:/var/lib/postgresql/data
mini-qr:
container_name: mini-qr
image: ghcr.io/lyqht/mini-qr:latest@sha256:babe90594f88cb3e8463a7622b1aac46defff7ef5c8d991299c5df4ca8514f66
labels:
swag: enable
swag_auth: authelia
swag_proto: http
swag_port: 8080
swag_url: qr.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Mini-QR
swag.uptime-kuma.monitor.url: https://qr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Lifestyle
homepage.name: Mini-QR
homepage.href: https://qr.${MY_TLD}
homepage.icon: sh-mini-qr.svg
homepage.description: Scan and generate customized QR codes easily
ports:
- 14815:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
minio:
command: server --console-address ":9090" /mnt/data
container_name: minio
environment:
MINIO_ROOT_USER: minioadmin
MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
MINIO_ACCESS_KEY: ${MINIO_MIMIR_STORAGE_ACCESS_KEY}
MINIO_SECRET_KEY: ${MINIO_MIMIR_STORAGE_SECRET_KEY}
hostname: minio
image: minio/minio:RELEASE.2025-04-22T22-12-26Z@sha256:a1ea29fa28355559ef137d71fc570e508a214ec84ff8083e39bc5428980b015e
labels:
swag: enable
swag_proto: http
swag_port: 9090
swag_url: s3.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: MinIO
swag.uptime-kuma.monitor.url: https://s3.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: System Administration
homepage.name: MinIO
homepage.href: https://s3.${MY_TLD}
homepage.icon: minio.png
homepage.description: S3-compatible storage backend
networks:
default: null
ports:
- 9001:9000
- 9092:9090
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/minio/data
target: /mnt/data
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/minio/minio
target: /etc/config.env
type: bind
bind:
create_host_path: true
mixpost:
container_name: mixpost
image: inovector/mixpost:latest@sha256:9a118d60bf1514ff19f5adee0b9d7684f8c00ee520e2bf4bcc295665f048c557
depends_on:
mariadb:
condition: service_healthy
required: true
mixpost-valkey:
condition: service_healthy
environment:
APP_NAME: Mixpost
APP_KEY: ${MIXPOST_APP_KEY}
APP_DEBUG: true
APP_DOMAIN: social.${MY_TLD}
APP_URL: https://social.${MY_TLD}
DB_HOST: mariadb
DB_DATABASE: mixpost
DB_USERNAME: mixpost
DB_PASSWORD: ${MIXPOST_DB_PASSWORD}
REDIS_HOST: mixpost-valkey
REDIS_PORT: 6379
labels:
swag: enable
swag_port: 80
swag_proto: http
swag_url: social.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Mixpost
swag.uptime-kuma.monitor.url: https://social.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Social
homepage.name: Mixpost
homepage.href: https://social.${MY_TLD}
homepage.icon: mixpost.svg
homepage.description: Multi-channel social media manager
ports:
- 61757:80
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- mixpost-storage:/var/www/html/storage/app
- mixpost-logs:/var/www/html/storage/logs
mixpost-valkey:
container_name: mixpost-valkey
<<: *valkey-params
volumes:
- mixpost-valkey-data:/data/valkey
mgob:
command: "-LogLevel=info"
container_name: mgob
image: stefanprodan/mgob@sha256:d089c6d105d7d0f9db5222786cb93d85b1bf61e28b21ad717cea90f92570c8f3
labels:
homepage.group: System Administration
homepage.name: mgob
homepage.icon: mongodb.svg
homepage.description: Headless Automated MongoDB Backups
homepage.widget.type: customapi
homepage.widget.url: http://mgob:8090/status
homepage.widget.mappings[0].label: Plan Name
homepage.widget.mappings[0].field: plan
homepage.widget.mappings[1].label: Last Run Status
homepage.widget.mappings[1].field: last_run_status
ports:
- 48606:8090
restart: unless-stopped
volumes:
- mgob-data:/data
- mgob-tmp:/tmp
- ${DOCKER_VOLUME_STORAGE}/backups/dbs/mongodb:/storage
- ${DOCKER_VOLUME_CONFIG}/mgob/config:/config
mongodb:
command: "--config /etc/mongodb/mongod.conf"
container_name: mongodb
environment:
MONGO_INITDB_ROOT_USERNAME: ${MONGO_INITDB_ROOT_USERNAME}
MONGO_INITDB_ROOT_PASSWORD: ${MONGO_INITDB_ROOT_PASSWORD}
image: mongo:7@sha256:6159d784bc2ed3e6e97648bb28d93d43cf9660401c1230f4f340d14d68421119
ports:
- 27017:27017
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/mongodb/config:/etc/mongodb
- ${DOCKER_VOLUME_CONFIG}/mongodb/db:/data/db
mongodb-exporter:
command:
- --log.level=error
- --web.listen-address=:9216
- --web.telemetry-path=/metrics
container_name: mongodb-exporter
environment:
MONGODB_URI: mongodb://${MONGO_INITDB_ROOT_USERNAME}:${MONGO_INITDB_ROOT_PASSWORD}@mongodb:27017/admin?replicaSet=rinoa
image: percona/mongodb_exporter:2.37.0@sha256:afc6fe95557f506fcf9251f9363592c80abfedad506266d891db5d4c8d9be273
ports:
- 9216:9216
profiles: ["rinoa-apps"]
restart: unless-stopped
multi-scrobbler:
container_name: multi-scrobbler
environment:
BASE_URL: https://scrobble.${MY_TLD}
TZ: ${TZ}
PUID: ${PUID}
PGID: ${PGID}
MALOJA_URL: http://maloja:42010
MALOJA_API_KEY: ${MALOJA_API_KEY}
LASTFM_API_KEY: ${LASTFM_API_KEY}
LASTFM_API_SECRET: ${LASTFM_API_SECRET}
LZ_USER: Trez.One
LZ_TOKEN: ${MALOJA_LISTENBRAINZ_TOKEN}
SPOTIFY_CLIENT_ID: ${YOUR_SPOTIFY_ID}
SPOTIFY_CLIENT_SECRET: ${YOUR_SPOTIFY_SECRET}
image: foxxmd/multi-scrobbler@sha256:6138b1e2f7262e28c0d44548766cac05d6d60b1d8efc3279722629894c3b35f2
labels:
homepage.group: Media Library
homepage.name: Multi-Scrobbler
homepage.href: https://scrobble.${MY_TLD}
homepage.icon: sh-multi-scrobbler.svg
homepage.description: JS App for scrobbling/recording play history from/to multiple sources
swag: enable
swag_auth: authelia
swag_proto: http
swag_port: 9078
swag_url: scrobble.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Multi-Scrobbler
swag.uptime-kuma.monitor.url: https://scrobble.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 9078:9078
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/multi-scrobbler
target: /config
type: bind
bind:
create_host_path: true
n8n:
container_name: n8n
environment:
N8N_HOST: n8n.${MY_TLD}
N8N_PORT: 5678
N8N_PROTOCOL: https
NODE_ENV: production
WEBHOOK_URL: https://n8n.${MY_TLD}/
GENERIC_TIMEZONE: ${TZ}
image: docker.n8n.io/n8nio/n8n@sha256:ab6bce7b0a7cacafe8421afbe12217fdecd1c452be34beebda362f79cae8b0c9
labels:
swag: enable
swag_proto: http
swag_port: 5678
swag_url: n8n.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: n8n
swag.uptime-kuma.monitor.url: https://n8n.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Automation
homepage.name: n8n
homepage.href: https://n8n.${MY_TLD}
homepage.icon: n8n.svg
homepage.description: Extendable workflow automation tool to easily automate tasks
ports:
- 5678:5678
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- n8n-data:/home/node/.n8n
navidrome:
container_name: navidrome
environment:
ND_AUTOIMPORTPLAYLISTS: true
ND_BASEURL: ""
ND_BACKUP_PATH: /backups
ND_BACKUP_SCHEDULE: "@every 6h"
ND_BACKUP_COUNT: 7
ND_ENABLEGRAVATAR: true
ND_ENABLESHARING: true
ND_LASTFM_APIKEY: ${LASTFM_API_KEY}
ND_LASTFM_ENABLED: true
ND_LASTFM_SECRET: ${LASTFM_API_SECRET}
ND_LISTENBRAINZ_ENABLED: true
ND_LOGLEVEL: info
ND_MUSICFOLDER: /music
ND_PLAYLISTPATH: /playlists
ND_SCANNER_GROUPALBUMRELEASES: true
ND_SCANSCHEDULE: "@every 6h"
ND_SESSIONTIMEOUT: 24h
ND_SPOTIFY_ID: ${YOUR_SPOTIFY_ID}
ND_SPOTIFY_SECRET: ${YOUR_SPOTIFY_SECRET}
ND_SUBSONICARTISTPARTICIPATIONS: true
image: deluan/navidrome:latest@sha256:a5dce8f33304714dd138e870cca0dcab3d937ca236be1a9f2b97da009d1a0048
labels:
homepage.group: Media Library
homepage.name: Navidrome
homepage.href: https://navi.${MY_TLD}
homepage.icon: navidrome.png
homepage.description: Music Streaming
homepage.widget.type: navidrome
homepage.widget.url: http://navidrome:4533
homepage.widget.user: admin
homepage.widget.token: ${NAVIDROME_HOMEPAGE_TOKEN}
homepage.widget.salt: ${NAVIDROME_HOMEPAGE_SALT}
swag: enable
swag_port: 4533
swag_proto: http
swag_url: navi.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Navidrome
swag.uptime-kuma.monitor.url: https://navi.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 4533:4533
profiles: ["rinoa-apps"]
restart: unless-stopped
user: 1000:1000
volumes:
- ${DOCKER_VOLUME_CONFIG}/navidrome:/data
- ${DOCKER_VOLUME_STORAGE}/Audio/Music:/music
- ${DOCKER_VOLUME_STORAGE}/Audio/Playlists:/playlists
- ${DOCKER_VOLUME_STORAGE}/backups/navidrome:/backups
netalertx:
container_name: netalertx
environment:
TZ: ${TZ}
PORT: 20211
image: jokobsk/netalertx:latest@sha256:f47a8020ae61fd668e1580cd5014e1a34e8ffa80360b1652e6deb3a7347f0238
labels:
cloudflare.tunnel.enable: true
cloudflare.tunnel.hostname: net.${MY_TLD}
cloudflare.tunnel.service: http://192.168.1.254:20211
cloudflare.tunnel.zonename: ${MY_TLD}
cloudflare.tunnel.no_tls_verify: true
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: NetAlertX
homepage.href: http://192.168.1.254:20211
homepage.icon: netalertx.svg
homepage.description: Network Monitoring
homepage.widget.type: netalertx
homepage.widget.url: http://192.168.1.254:20211
homepage.widget.key: ${NETALERTX_API_TOKEN}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: NetAlertX
swag.uptime-kuma.monitor.url: https://pics.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
network_mode: host
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/netalertx/config:/app/config
- ${DOCKER_VOLUME_CONFIG}/netalertx/db:/app/db
# (optional) useful for debugging if you have issues setting up the container
# - ${DOCKER_VOLUME_CONFIG}/netalertx/logs:/app/log
# (API: OPTION 1) use for performance
- type: tmpfs
target: /app/api
# (API: OPTION 2) use when debugging issues
# - ${DOCKER_VOLUME_CONFIG}/netalertx/api:/app/api
nextcloud:
container_name: nextcloud-aio-mastercontainer
environment:
SKIP_DOMAIN_VALIDATION: false
APACHE_ADDITIONAL_NETWORK: compose_default
APACHE_IP_BINDING: 0.0.0.0
APACHE_PORT: 11000
expose:
- 11000
image: nextcloud/all-in-one:latest@sha256:d1af9d7ceaae2f896418186019ffc11e49701adf61b2abca61aed16b626e62ae
labels:
homepage.group: Privacy/Security
homepage.name: NextCloud
homepage.href: https://cloud.${MY_TLD}
homepage.icon: nextcloud.svg
homepage.description: Private Cloud
homepage.widget.type: nextcloud
homepage.widget.url: http://nextcloud-aio-apache:11000
homepage.widget.key: ${NEXTCLOUD_HOMEPAGE_TOKEN}
swag: enable
swag_port: 11000
swag_proto: http
swag_address: nextcloud-aio-apache
swag_url: cloud.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: NextCloud
swag.uptime-kuma.monitor.url: https://cloud.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 56713:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- nextcloud_aio_mastercontainer:/mnt${DOCKER_VOLUME_CONFIG}-aio-config
nocodb:
container_name: nocodb
depends_on:
nocodb-pg-db:
condition: service_healthy
required: true
nocodb-valkey:
condition: service_healthy
required: true
environment:
NC_DB: pg://nocodb-pg-db:5432?u=nocodb&p=${NOCODB_PG_PASSWORD}&d=nocodb
NC_ADMIN_EMAIL: noreply@${MY_TLD}
NC_ADMIN_PASSWORD: ${NOCODB_ADMIN_PASSWORD}
NC_PUBLIC_URL: https://nocodb.${MY_TLD}
NC_AUTH_JWT_SECRET: ${NOCODB_AUTH_JWT_SECRET}
NC_REDIS_URL: redis://nocodb-valkey:6379
NC_SMTP_HOST: postal-smtp
NC_SMTP_PORT: 25
NC_SMTP_SECURE: true
NC_SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER}
NC_SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
NC_SMTP_FROM: noreply@${MY_TLD}
image: "nocodb/nocodb:latest@sha256:d3aba4f7e89bd18fc01d6853eea0fa82476b161a678f7f0ff52380f4c52bb87f"
labels:
homepage.group: Code/DevOps
homepage.name: NocoDB
homepage.href: https://nocodb.${MY_TLD}
homepage.icon: nocodb.svg
homepage.description: Turn any SQL-based database into a smart spreadsheet
swag: enable
swag_port: 8080
swag_proto: http
swag_url: nocodb.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: NocoDB
swag.uptime-kuma.monitor.url: https://nocodb.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 8946:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- nocodb_data:/usr/app/data
nocodb-pg-db:
container_name: nocodb-pg-db
environment:
POSTGRES_DB: nocodb
POSTGRES_PASSWORD: ${NOCODB_PG_PASSWORD}
POSTGRES_USER: nocodb
expose:
- 5432
healthcheck:
interval: 10s
retries: 10
test: 'pg_isready -U "$$POSTGRES_USER" -d "$$POSTGRES_DB"'
timeout: 2s
image: postgres:16-alpine@sha256:97ff59a4e30e08d1c11bdcd9455e7832368c0572b576c9092cde2df4ae5552a3
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- nocodb_pg_data:/var/lib/postgresql/data
nocodb-valkey:
container_name: nocodb-valkey
<<: *valkey-params
volumes:
- nocodb_valkey_data:/data/valkey
ombi:
container_name: ombi
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: America/New_York
hostname: Rinoa
image: lscr.io/linuxserver/ombi:latest@sha256:50fd2bbf5f328cd8f078ad4b4dde4ce06a2cd6bd0e39fc93406f3d8b35d7ba01
labels:
homepage.group: Media Library
homepage.name: Ombi
homepage.href: https://ombi.${MY_TLD}
homepage.icon: ombi.png
homepage.description: Media Requests
homepage.widget.type: ombi
homepage.widget.url: http://ombi:3579
homepage.widget.key: ${OMBI_API_KEY}
swag: enable
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Ombi
swag.uptime-kuma.monitor.url: https://ombi.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 3579:3579
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/ombi
target: /config
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
omnitools:
container_name: omnitools
image: iib0011/omni-tools:latest@sha256:4c89fb9492482b9cb9cbe65b5d2c67d4d281705c079ad0e53a23520526020aad
labels:
homepage.group: Personal Tools
homepage.name: OmniTools
homepage.href: https://otools.${MY_TLD}
homepage.icon: sh-omnitools.png
homepage.description: Tools for common tasks
swag: enable
swag_url: otools.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: OmniTools
swag.uptime-kuma.monitor.url: https://otools.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 23693:80
profiles: ["rinoa-apps"]
restart: unless-stopped
omnipoly:
container_name: omnipoly
depends_on:
languagetool:
condition: service_started
required: true
libretranslate:
condition: service_healthy
required: true
environment:
LANGUAGE_TOOL: http://languagetool:8010
LIBRETRANSLATE: http://libretranslate:5000
OLLAMA: http://192.168.1.249:11434
OLLAMA_MODEL: smollm2:1.7b
THEME: "pole"
DISABLE_DICTIONARY: false
image: kweg/omnipoly:latest@sha256:2c7524c4f0778aa2849d25889b192d383b944b060feaf9109d70b5e137c7d3c9
labels:
homepage.group: Personal Tools
homepage.name: OmniPoly
homepage.href: https://poly.${MY_TLD}
homepage.icon: sh-omnipoly.svg
homepage.description: Open-source language translation with LanguageTool, LibreTranslate, & Ollama
swag: enable
swag_url: poly.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: OmniPoly
swag.uptime-kuma.monitor.url: https://poly.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 3734:80
profiles: ["rinoa-apps"]
restart: unless-stopped
open-webui:
container_name: open-webui
environment:
OLLAMA_BASE_URLS: http://192.168.1.249:11434;http://192.168.1.248:11434
WEBUI_AUTH: true
ENABLE_PASSWORD_VALIDATION: true
ENABLE_SIGNUP_PASSWORD_CONFIRMATION: true
ENABLE_SIGNUP: true
ENABLE_LOGIN_FORM: true
ENABLE_IMAGE_GENERATION: "true"
AUTOMATIC1111_BASE_URL: http://192.168.1.248:7860
IMAGE_SIZE: "1024x1024"
IMAGE_STEPS: "3"
ENABLE_OTEL: true
ENABLE_OTEL_METRICS: true
OTEL_EXPORTER_OTLP_INSECURE: true # Use insecure connection for OTLP, remove in production
OTEL_EXPORTER_OTLP_ENDPOINT: http://192.168.1.254:4317
OTEL_SERVICE_NAME: open-webui
ENABLE_RAG_WEB_SEARCH: True
RAG_WEB_SEARCH_ENGINE: searxng
RAG_WEB_SEARCH_RESULT_COUNT: 3
RAG_WEB_SEARCH_CONCURRENT_REQUESTS: 10
SEARXNG_QUERY_URL: "https://search.trez.wtf/search?q=<query>"
ENABLE_LDAP: true
LDAP_SERVER_LABEL: rinoa-ldap
LDAP_SERVER_HOST: lldap
LDAP_SERVER_PORT: 3890
LDAP_ATTRIBUTE_FOR_MAIL: mail
LDAP_ATTRIBUTE_FOR_USERNAME: uid
LDAP_APP_DN: uid=authelia,ou=people,dc=trez,dc=wtf
LDAP_APP_PASSWORD: ${AUTHELIA_AUTH_BIND_LDAP_PASSWORD}
LDAP_SEARCH_BASE: dc=trez,dc=wtf
LDAP_SEARCH_FILTER: "(objectClass=inetOrgPerson)"
LDAP_USE_TLS: false
# LibreTranslate
LT_DEBUG: false
LT_UPDATE_MODELS: true
LT_SSL: false
LT_SUGGESTIONS: false
LT_METRICS: false
LT_HOST: http://libretranslate:5000
LT_API_KEYS: false
LT_THREADS: 12
LT_FRONTEND_TIMEOUT: 2000
# Redis Websocket
ENABLE_WEBSOCKET_SUPPORT: true
WEBSOCKET_MANAGER: redis
WEBSOCKET_REDIS_URL: redis://open-webui-valkey:6379/0
REDIS_KEY_PREFIX: open-webui
image: ghcr.io/open-webui/open-webui:main@sha256:ea750f19fc2a7ca0cb221bc512b8c2c470a01616b89ed98cb77d9ab0d5f24109
labels:
homepage.group: Personal Tools
homepage.name: Open WebUI
homepage.href: https://ai.${MY_TLD}
homepage.icon: open-webui.svg
homepage.description: User-friendly and extensible AI interface
swag: enable
swag_port: 8080
swag_proto: http
swag_url: ai.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Open WebUI
swag.uptime-kuma.monitor.url: https://ai.${MY_TLD}/health
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
swag.uptime-kuma.monitor.type: https
ports:
- 3080:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- open-webui-data:/app/backend/data
open-webui-valkey:
container_name: open-webui-valkey
<<: *valkey-params
volumes:
- open-webui-valkey-data:/data/valkey
paperless-ngx:
container_name: paperless-ngx
depends_on:
mariadb:
condition: service_healthy
required: true
restart: true
environment:
PAPERLESS_DBENGINE: mariadb
PAPERLESS_DBHOST: mariadb
PAPERLESS_DBPASS: ${PAPERLESS_DBPASS}
PAPERLESS_DBPORT: 3306
PAPERLESS_DBUSER: paperless
PAPERLESS_OCR_LANGUAGE: eng
PAPERLESS_OCR_LANGUAGES: all
PAPERLESS_REDIS: redis://paperless-valkey:6379
PAPERLESS_SECRET_KEY: ${PAPERLESS_SECRET_KEY}
PAPERLESS_TIME_ZONE: ${TZ}
PAPERLESS_URL: https://docs.${MY_TLD}
USERMAP_GID: ${PGID}
USERMAP_UID: ${PUID}
image: ghcr.io/paperless-ngx/paperless-ngx:latest@sha256:a28330462994b937938e02aaa5632a1effcc7f9acfba96c1bef9c50e1167a027
labels:
swag: enable
swag_proto: http
swag_port: 8000
swag_url: docs.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Paperless-ngx
swag.uptime-kuma.monitor.url: https://docs.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Personal Tools
homepage.name: Paperless-ngx
homepage.href: https://docs.${MY_TLD}
homepage.icon: paperless-ngx.svg
homepage.description: Document indexer & archiver with OCR
networks:
default: null
ports:
- 8004:8000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: paperless-ngx-data
target: /usr/src/paperless/data
type: volume
volume: {}
- source: paperless-ngx-media
target: /usr/src/paperless/media
type: volume
volume: {}
- source: ${DOCKER_VOLUME_CONFIG}/paperless-ngx/export
target: /usr/src/paperless/export
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/paperless-ngx/consume
target: /usr/src/paperless/consume
type: bind
bind:
create_host_path: true
paperless-valkey:
container_name: paperless-valkey
<<: *valkey-params
volumes:
- paperless-valkey-data:/data/valkey
pgbackweb:
container_name: pgbackweb
depends_on:
pgbackweb-db:
condition: service_healthy
environment:
PBW_ENCRYPTION_KEY: ${PGBACKWEB_ENCRYPTION_KEY}
PBW_POSTGRES_CONN_STRING: "postgresql://pgbackweb:${PGBACKWEB_PG_DB_PASSWD}@pgbackweb-db:5432/pgbackweb?sslmode=disable"
TZ: ${TZ}
image: eduardolat/pgbackweb:latest@sha256:56358e7adff53250ec0b43cf2764e723e45872fa2b92b9608fdddfeebaafbed7
labels:
homepage.group: System Administration
homepage.name: PG Back Web
homepage.href: https://pg.${MY_TLD}
homepage.icon: sh-pg-back-web.svg
homepage.description: Backups for PostgreSQL
swag: enable
swag_proto: http
swag_port: 8085
swag_url: pg.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.name: PG Back Web
swag.uptime-kuma.monitor.url: https://pg.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- "8085:8085" # Access the web interface at http://localhost:8085
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_STORAGE}/backups/dbs/:/backups
pgbackweb-db:
container_name: pgbackweb-db
environment:
POSTGRES_USER: pgbackweb
POSTGRES_DB: pgbackweb
POSTGRES_PASSWORD: ${PGBACKWEB_PG_DB_PASSWD}
expose:
- 5432
healthcheck:
test: ["CMD-SHELL", "pg_isready -U pgbackweb -d pgbackweb"]
interval: 5s
timeout: 5s
retries: 5
image: postgres:17-alpine@sha256:3430fe182f5065a6ea505c3d432d2c7fff18fbab954df8f277c1dbf4c70124af
restart: unless-stopped
volumes:
- pgbackweb-data:/var/lib/postgresql/data
planka:
container_name: planka
depends_on:
planka-pg-db:
condition: service_healthy
environment:
BASE_URL: https://kanban.${MY_TLD}
DATABASE_URL: postgresql://planka:${PLANKA_PG_PASSWORD}@planka-pg-db/planka
SECRET_KEY: ${PLANKA_SECRET_KEY}
LOG_LEVEL: warn
TRUST_PROXY: true
TOKEN_EXPIRES_IN: 365 # In days
# KNEX_REJECT_UNAUTHORIZED_SSL_CERTIFICATE: false
DEFAULT_LANGUAGE: en-US
DEFAULT_ADMIN_EMAIL: noreply@${MY_TLD}
DEFAULT_ADMIN_PASSWORD: ${PLANKA_ADMIN_PASSWORD}
DEFAULT_ADMIN_NAME: Planka Rinoa
DEFAULT_ADMIN_USERNAME: admin
S3_ENDPOINT: http://minio:9000
S3_REGION: us-east-fh-pln
S3_ACCESS_KEY_ID: ${PLANKA_MINIO_ACCESS_KEY}
S3_SECRET_ACCESS_KEY: ${PLANKA_MINIO_SECRET_KEY}
S3_BUCKET: planka
S3_FORCE_PATH_STYLE: true
SMTP_HOST: postal-smtp
SMTP_PORT: 25
SMTP_NAME: noreply@${MY_TLD}
SMTP_SECURE: true
SMTP_USER: ${POSTAL_SMTP_AUTH_USER}
SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
SMTP_FROM: '"Planka @ Rinoa" <noreply@${MY_TLD}>'
SMTP_TLS_REJECT_UNAUTHORIZED: false
image: ghcr.io/plankanban/planka:2.0.0-rc.3@sha256:5a2a69ec7159a2f9c6679c31698e4b5b17ccf254d5bfc6e9be43e411b6de0c3d
labels:
homepage.group: Professional Services
homepage.name: Planka
homepage.href: https://kanban.${MY_TLD}
homepage.icon: planka.svg
homepage.description: Kanban board
swag: enable
swag_url: kanban.${MY_TLD}
swag_address: planka
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.monitor.url: https://kanban.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 54476:1337
profiles: ["rinoa-apps"]
restart: on-failure
volumes:
- planka-favicons:/app/public/favicons
- planka-user-avatars:/app/public/user-avatars
- planka-background-images:/app/public/background-images
- planka-attachments:/app/private/attachments
planka-pg-db:
container_name: planka-pg-db
environment:
POSTGRES_DB: planka
POSTGRES_USER: planka
POSTGRES_PASSWORD: ${PLANKA_PG_PASSWORD}
POSTGRES_HOST_AUTH_METHOD: trust
expose:
- 5432
healthcheck:
test: ["CMD-SHELL", "pg_isready -U planka -d planka"]
interval: 10s
timeout: 5s
retries: 5
image: postgres:16-alpine@sha256:97ff59a4e30e08d1c11bdcd9455e7832368c0572b576c9092cde2df4ae5552a3
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- planka-db-data:/var/lib/postgresql/data
plant-it:
container_name: plant-it
depends_on:
mariadb:
condition: service_healthy
required: true
plant-it-valkey:
condition: service_healthy
required: true
environment:
MYSQL_HOST: mariadb
MYSQL_PORT: 3306
MYSQL_USERNAME: plantit
MYSQL_PSW: ${PLANTIT_DB_PASSWORD}
MYSQL_DATABASE: plantit
MYSQL_ROOT_PASSWORD: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD}
HTTPS_METHOD: noredirect
JWT_SECRET: ${PLANTIT_JWT_SECRET}
JWT_EXP: 1
USERS_LIMIT: -1 # less then 0 means no limit
UPLOAD_DIR: /upload-dir # path to the directory used to store uploaded images, if on docker deployment leave as it is and change the volume binding in the docker-compose file if needed
API_PORT: 8080
FLORACODEX_URL: https://api.floracodex.com
FLORACODEX_KEY: ${PLANTIT_FLORACODEX_APP_KEY}
ALLOWED_ORIGINS: "*" # CORS allowed origins (comma separated list)
LOG_LEVEL: DEBUG # could be: DEBUG, INFO, WARN, ERROR
CONTACT_MAIL: noreply@${MY_TLD} # address used as "contact" for template email
REMINDER_NOTIFY_CHECK: 0 30 7 * * * # 6-values crontab expression to set the check time for reminders
MAX_REQUESTS_PER_MINUTE: 100 # rate limiting of the upcoming requests
NTFY_ENABLED: false # if "false" ntfy service won't be available as notification dispatcher
GOTIFY_ENABLED: true # if "false" ntfy service won't be available as notification dispatcher
CACHE_TYPE: redis # Cache type. By default, it's "redis" but can also be "none"
CACHE_TTL: 86400
CACHE_HOST: plant-it-valkey
CACHE_PORT: 6379
SMTP_HOST: postal-smtp
SMTP_PORT: 25
SMTP_EMAIL: noreply@${MY_TLD}
SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
SMTP_AUTH: true
SMTP_START_TTL: false
image: msdeluise/plant-it-server:latest@sha256:23ddf8660087d6b9f5dbdca2ca09817b84db45cb2d9d6e2e0176e70f514629e7
labels:
swag: enable
swag_proto: http
swag_port: 3000
swag_url: plants.${MY_TLD}
swag_server_custom_directive: |
location /api {
proxy_pass http://plant-it:8080;
}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Plant-It
swag.uptime-kuma.monitor.url: https://plants.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Lifestyle
homepage.name: Plant-It
homepage.href: https://plants.${MY_TLD}
homepage.icon: plant-it.png
homepage.description: 🪴 Self-hosted, open source gardening companion app
homepage.widget.type: plantit
homepage.widget.url: http://plant-it:3000
homepage.widget.key: ${PLANTIT_API_KEY}
ports:
- 64067:8080
- 3460:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/plant-it:/upload-dir
plant-it-valkey:
container_name: plant-it-valkey
<<: *valkey-params
volumes:
- plant-it-valkey-data:/data/valkey
plantuml-server:
container_name: plantuml-server
image: plantuml/plantuml-server:jetty@sha256:0cac1e9b921ef783b49bd1f90243c830946ceb0edf175e66ca19b3991c55257e
labels:
homepage.group: Personal Tools
homepage.name: PlantUML
homepage.href: https://plantuml.${MY_TLD}
homepage.icon: plantuml.svg
homepage.description: Textual diagram generator for UML & other visualizations.
swag: enable
swag_port: 8080
swag_url: plantuml.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.monitor.url: https://plantuml.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 42262:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
portainer:
container_name: portainer
depends_on:
docker-socket-proxy:
condition: service_started
required: true
expose:
- 9000
- 9443
image: portainer/portainer-ce:alpine@sha256:9f09222fef0cc0e0d4a65ae19ddf9788b9751e4afcff17fc7769227ba7581286
labels:
swag: enable
swag_proto: http
swag_port: 9000
swag_url: portainer.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Portainer
swag.uptime-kuma.monitor.url: https://portainer.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: System Administration
homepage.name: Portainer
homepage.href: https://portainer.${MY_TLD}
homepage.icon: portainer.svg
homepage.description: Service delivery platform for containerized applications
homepage.widgets[0].type: portainer
homepage.widgets[0].url: http://portainer:9000
homepage.widgets[0].env: 7
homepage.widgets[0.key: ${PORTAINER_HOMEPAGE_TOKEN}
homepage.widgets[1].type: portainer
homepage.widgets[1].url: http://portainer:9000
homepage.widgets[1].env: 12
homepage.widgets[1.key: ${PORTAINER_HOMEPAGE_TOKEN}
homepage.widgets[2].type: portainer
homepage.widgets[2].url: http://portainer:9000
homepage.widgets[2].env: 13
homepage.widgets[2].key: ${PORTAINER_HOMEPAGE_TOKEN}
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- portainer-data:/data
- /var/run/docker.sock:/var/run/docker.sock
portchecker-web:
container_name: portchecker-web
depends_on:
portchecker-api:
required: true
condition: service_healthy
environment:
DEFAULT_HOST: # Optional, Populates a default host address value to be populataed in the in the UI input. Defaults to external/WAN IP.
DEFAULT_PORT: 443 # Optional, Populates a default port value to be populataed in the in the UI input
API_URL: http://portchecker-api:8000 # Optional, the URL of the API service. The scheme and port is required. Defaults to http://api:8000 if not set.
# GOOGLE_ANALYTICS: # Optional, set for Google Analytics integration
healthcheck:
test: ["CMD", "wget", "--spider", "-S", "http://127.0.0.1"]
interval: 30s
timeout: 10s
retries: 3
start_period: 5s
image: ghcr.io/dsgnr/portcheckerio-web:latest@sha256:089b0e92e3071c3a586dbb3f6f021033a30777500167a5eb52fc727819d6458c
labels:
swag: enable
swag_auth: authelia
swag_proto: http
swag_url: portc.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: PortChecker
swag.uptime-kuma.monitor.url: https://portc.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: System Administration
homepage.name: PortChecker
homepage.href: https://portc.${MY_TLD}
homepage.icon: mdi-check-network-outline
homepage.description: Service delivery platform for containerized applications
ports:
- 31131:80
profiles: ["rinoa-apps"]
restart: unless-stopped
portchecker-api:
container_name: portchecker-api
environment:
ALLOW_PRIVATE: true # Prevent usage of private IP addresses
healthcheck:
test: ["CMD", "wget", "--spider", "-S", "http://127.0.0.1:8000/healthz"]
interval: 30s
timeout: 10s
retries: 3
start_period: 5s
image: ghcr.io/dsgnr/portcheckerio-api:latest@sha256:e0c01460b689ac1fbb11ef0e93e08971fb2a4c907e7cabeaf53586680c3be77d
ports:
- 36102:8000
profiles: ["rinoa-apps"]
restart: unless-stopped
postal-smtp:
cap_add:
- NET_BIND_SERVICE
command: postal smtp-server
container_name: postal-smtp
image: ghcr.io/postalserver/postal:latest@sha256:e8300c81deeee3123a732f5e70598719d613d26fc03ec350e623031aa75b2e2b
networks:
default: null
ports:
- 25:25
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/postal:/config
- ${DOCKER_VOLUME_CONFIG}/swag/etc/letsencrypt/live/${MY_TLD}:/config/certs
postal-web:
command: postal web-server
container_name: postal-web
image: ghcr.io/postalserver/postal:latest@sha256:e8300c81deeee3123a732f5e70598719d613d26fc03ec350e623031aa75b2e2b
labels:
swag: enable
swag_proto: http
swag_port: 5000
swag_address: postal-web
swag_url: post.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Postal
swag.uptime-kuma.monitor.url: https://post.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: System Administration
homepage.name: Postal
homepage.href: https://post.${MY_TLD}
homepage.icon: sh-postal.svg
homepage.description: OSS Mail delivery platform
networks:
default: null
ports:
- 5001:5000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/postal
target: /config
type: bind
bind:
create_host_path: true
postal-worker:
command: postal worker
container_name: postal-worker
environment:
LOG_LEVEL: debug
image: ghcr.io/postalserver/postal:latest@sha256:e8300c81deeee3123a732f5e70598719d613d26fc03ec350e623031aa75b2e2b
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/postal
target: /config
type: bind
bind:
create_host_path: true
protonmail-bridge:
container_name: protonmail-bridge
image: shenxn/protonmail-bridge@sha256:3717b4441130675dc9131196de9f9c5287d2ea21b138d83b0486429e1737638a
ports:
- 1025:25/tcp
- 1143:143/tcp
restart: unless-stopped
volumes:
- protonmail-data:/root
prowlarr:
container_name: prowlarr
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: America/New_York
DOCKER_MODS: ghcr.io/gilbn/theme.park:sonarr
TP_DOMAIN: ${MY_TLD}\/themepark
TP_COMMUNITY_THEME: false
TP_THEME: space-gray
hostname: Rinoa
image: lscr.io/linuxserver/prowlarr:latest@sha256:e74a1e093dcc223d671d4b7061e2b4946f1989a4d3059654ff4e623b731c9134
labels:
homepage.group: Servarr Stack
homepage.name: Prowlarr
homepage.href: https://prowlarr.${MY_TLD}
homepage.icon: prowlarr.png
homepage.description: Index aggregator
homepage.widget.type: prowlarr
homepage.widget.url: http://prowlarr:9696
homepage.widget.key: ${PROWLARR_API_KEY}
swag: enable
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Prowlarr
swag.uptime-kuma.monitor.url: https://prowlarr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 9696:9696
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/prowlarr
target: /config
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
qbit-manage:
container_name: qbit-manage
depends_on:
qbittorrentvpn:
required: true
condition: service_started
image: ghcr.io/stuffanthings/qbit_manage:latest@sha256:4f36632a138b4e5aeab3b765b7f389087bfb140c80dbbec1343eca74dc351245
environment:
# Web API Configuration
QBT_WEB_SERVER: true # Set to true to enable web API
QBT_PORT: 8080 # Web API port (default: 8080)
# Scheduler Configuration
QBT_RUN: false
QBT_SCHEDULE: 1440
QBT_CONFIG: /config/config.yml
QBT_LOGFILE: activity.log
# Command Flags
QBT_RECHECK: false
QBT_CAT_UPDATE: false
QBT_TAG_UPDATE: false
QBT_REM_UNREGISTERED: false
QBT_REM_ORPHANED: false
QBT_TAG_TRACKER_ERROR: false
QBT_TAG_NOHARDLINKS: false
QBT_SHARE_LIMITS: false
QBT_SKIP_CLEANUP: false
QBT_DRY_RUN: false
# Logging Configuration
QBT_LOG_LEVEL: INFO
QBT_DIVIDER: "="
QBT_WIDTH: 100
ports:
- 5965:8080
profiles: ["rinoa-apps"]
restart: on-failure
volumes:
- ${DOCKER_VOLUME_CONFIG}/qbittorrent/qbit_manage/:/config:rw
- ${DOCKER_VOLUME_STORAGE}/downloads/:/downloads:rw
- ${DOCKER_VOLUME_CONFIG}/qbittorrent/qBittorrent:/qbittorrent/:ro
qbittorrentvpn:
cap_add:
- NET_ADMIN
- SYS_MODULE
container_name: qbittorrentvpn
environment:
DEBUG: true
ENABLE_PRIVOXY: yes
ENABLE_SOCKS: yes
LAN_NETWORK: 192.168.1.0/24
NAME_SERVERS: 1.1.1.1,1.0.0.1,94.140.14.14,94.140.15.15
PGID: ${PGID}
PUID: ${PUID}
SOCKS_USER: admin
SOCKS_PASS: socks
TZ: ${TZ}
VPN_CLIENT: openvpn
VPN_ENABLED: yes
VPN_INPUT_PORTS: ""
VPN_OPTIONS: ""
VPN_OUTPUT_PORTS: ""
VPN_USER: ${DELUGEVPN_ENVIRONMENT_VPN_USER}
VPN_PASS: ${DELUGEVPN_ENVIRONMENT_VPN_PASS}
VPN_PROV: pia
WEBUI_PORT: 8080
image: ghcr.io/binhex/arch-qbittorrentvpn:latest@sha256:bfe0b55f9785ffd83a24e9a9591151ef6372803f0ce4755e79b7a417afc8f1ac
labels:
homepage.group: Downloaders
homepage.name: qBittorrent
homepage.href: https://qbit.${MY_TLD}
homepage.icon: qbittorrent.svg
homepage.description: Fast and stable torrent client
homepage.widget.type: qbittorrent
homepage.widget.url: http://qbittorrentvpn:8080
homepage.widget.user: admin
homepage.widget.password: "${DELUGEVPN_PASSWORD}"
swag: enable
swag_server_custom_directive: |
location /mgmt {
proxy_pass http://qbit-manage:8080;
}
swag_port: 8080
swag_proto: http
swag_url: qbit.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: qBittorrent
swag.uptime-kuma.monitor.url: https://qbit.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 58846:58846
- 58946:58946/udp
- 8118:8118
- 9118:9118
- 38927:8080
privileged: true
profiles: ["rinoa-apps"]
restart: unless-stopped
sysctls:
net.ipv4.conf.all.src_valid_mark: 1
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/.openvpn:/config/openvpn
- ${DOCKER_VOLUME_CONFIG}/.wireguard:/config/wireguard
- ${DOCKER_VOLUME_CONFIG}/qbittorrent/:/config
- ${DOCKER_VOLUME_CONFIG}/qbittorrent/data:/data
- ${DOCKER_VOLUME_STORAGE}/downloads:/downloads
radarec:
container_name: radarec
environment:
auto_start: true
auto_start_delay: 60
dry_run_adding_to_radarr: false
fallback_to_top_result: false
language_choice: all
metadata_profile_id: 1
minimum_rating: 4.5
minimum_votes: 50
quality_profile_id: 1
radarr_address: http://radarr:7878
radarr_api_key: ${RADARR_API_KEY}
radarr_api_timeout: 120
root_folder_path: /data/media/movies
search_for_movie: true
tmdb_api_key: ${TMDB_API_KEY}
expose:
- 5000
image: thewicklowwolf/radarec:latest@sha256:71a14da7b1b12d36dbe54fc031da6ce30055cfe4b630a047c4deede927fbd944
labels:
homepage.group: Servarr Stack
homepage.name: RadaRec
homepage.href: https://radarec.${MY_TLD}
homepage.icon: sh-radarec.png
homepage.description: Movie discovery based on library/tastes
swag: enable
swag_proto: http
swag_port: 5000
swag_auth: authelia
swag_url: radarec.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: RadaRec
swag.uptime-kuma.monitor.url: https://radarec.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_STORAGE}/Movies
target: /data/media/movies
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/radarec
target: /radarec/config
type: bind
bind:
create_host_path: true
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
radarr:
container_name: radarr
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
hostname: Rinoa
image: lscr.io/linuxserver/radarr:latest@sha256:6d3e68474ea146f995af98d3fb2cb1a14e2e4457ddaf035aa5426889e2f9249c
labels:
homepage.group: Servarr Stack
homepage.name: Radarr
homepage.href: https://radarr.${MY_TLD}
homepage.icon: radarr.png
homepage.description: Movie Automation
homepage.widget.type: radarr
homepage.widget.url: http://radarr:7878
homepage.widget.key: ${RADARR_API_KEY}
swag: enable
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Radarr
swag.uptime-kuma.monitor.url: https://radarr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 7878:7878
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/radarr:/config
- /rinoa-storage:/storage
- ${DOCKER_VOLUME_STORAGE}/downloads/:/downloads
reactive-resume:
container_name: reactive-resume
depends_on:
browserless:
condition: service_started
required: true
minio:
condition: service_started
required: true
reactive-resume-pg:
condition: service_started
required: true
environment:
ACCESS_TOKEN_SECRET: ${REACTIVE_RESUME_ACCESS_TOKEN_SECRET}
CHROME_PORT: 443
CHROME_TOKEN: ${CHROMIUM_TOKEN}
CHROME_URL: wss://browserless:3000
DATABASE_URL: postgresql://reactiveresume:${REACTIVE_RESUME_PGSQL_PASSWORD}@reactive-resume-pg:5432/reactiveresume
MAIL_FROM: noreply@${MY_TLD}
NODE_ENV: production
PORT: 3000
PUBLIC_URL: http://reactive-resume:3000
REFRESH_TOKEN_SECRET: ${REACTIVE_RESUME_REFRESH_TOKEN_SECRET}
SMTP_URL: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25
STORAGE_ACCESS_KEY: ${REACTIVE_RESUME_S3_ACCESS_KEY}
STORAGE_BUCKET: reactive-resume
STORAGE_ENDPOINT: minio
STORAGE_PORT: 9000
STORAGE_REGION: us-east-fh-pln
STORAGE_SECRET_KEY: ${REACTIVE_RESUME_S3_SECRET_KEY}
STORAGE_URL: https://s3.${MY_TLD}/reactive-resume
STORAGE_USE_SSL: false
TZ: ${TZ}
image: amruthpillai/reactive-resume:latest@sha256:f26fd329f35b97bccdf5ee5a7b558df0ccf1e073a1d7a5787e433043e22b9296
labels:
homepage.group: Professional Services
homepage.name: Reactive Resume
homepage.href: https://resume.${MY_TLD}
homepage.icon: reactive-resume.svg
homepage.description: Open-source resume builder
swag: enable
swag_proto: http
swag_port: 3000
swag_url: resume.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Reactive Resume
swag.uptime-kuma.monitor.url: https://resume.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 3011:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
reactive-resume-pg:
container_name: reactive-resume-pg
environment:
TZ: ${TZ}
POSTGRES_DB: reactiveresume
POSTGRES_USER: reactiveresume
POSTGRES_PASSWORD: ${REACTIVE_RESUME_PGSQL_PASSWORD}
expose:
- 5432
image: postgres:16-alpine@sha256:97ff59a4e30e08d1c11bdcd9455e7832368c0572b576c9092cde2df4ae5552a3
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- reactive-resume-pg:/var/lib/postgresql/data
readarr:
container_name: readarr
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: America/New_York
DOCKER_MODS: ghcr.io/gilbn/theme.park:readnarr
hostname: Rinoa
image: lscr.io/linuxserver/readarr:develop@sha256:eb37f58646a901dc7727cf448cae36daaefaba79de33b5058dab79aa4c04aefb
labels:
homepage.group: Servarr Stack
homepage.name: Readarr
homepage.href: https://readarr.${MY_TLD}
homepage.icon: readarr.png
homepage.description: eBook/Audiobook Automation
homepage.widget.type: readarr
homepage.widget.url: http://readarr:8787
homepage.widget.key: ${READARR_API_KEY}
swag: enable
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Readarr
swag.uptime-kuma.monitor.url: https://readarr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8787:8787
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/readarr:/config
- /rinoa-storage:/storage
- ${DOCKER_VOLUME_STORAGE}/downloads/:/downloads
redlib:
cap_drop:
- ALL
container_name: redlib
environment:
REDLIB_SFW_ONLY: off
REDLIB_BANNER:
REDLIB_ROBOTS_DISABLE_INDEXING: off
REDLIB_PUSHSHIFT_FRONTEND: undelete.pullpush.io
REDLIB_DEFAULT_THEME: nord
REDLIB_DEFAULT_FRONT_PAGE: default
REDLIB_DEFAULT_LAYOUT: clean
REDLIB_DEFAULT_WIDE: on
REDLIB_DEFAULT_POST_SORT: hot
REDLIB_DEFAULT_COMMENT_SORT: confidence
REDLIB_DEFAULT_SHOW_NSFW: off
REDLIB_DEFAULT_BLUR_NSFW: on
REDLIB_DEFAULT_USE_HLS: off
REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION: off
REDLIB_DEFAULT_AUTOPLAY_VIDEOS: off
REDLIB_DEFAULT_SUBSCRIPTIONS:
REDLIB_DEFAULT_HIDE_AWARDS: off
REDLIB_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION: off
REDLIB_DEFAULT_HIDE_SCORE: off
REDLIB_DEFAULT_FIXED_NAVBAR: on
image: quay.io/redlib/redlib:latest@sha256:dffb6c5a22f889d47d8e28e33411db0fb6c5694599f72cf740c912c12f5fc1c6
labels:
homepage.group: Social
homepage.name: Redlib
homepage.href: https://rlib.${MY_TLD}
homepage.icon: libreddit.svg
homepage.description: Redlib is a private front-end like Invidious but for Reddit
swag: enable
swag_auth: authelia
swag_proto: http
swag_port: 8080
swag_url: rlib.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Redlib
swag.uptime-kuma.monitor.url: https://rlib.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8103:8080
read_only: true
profiles: ["rinoa-apps"]
restart: always
security_opt:
- no-new-privileges=true
user: nobody
rocketchat:
container_name: rocketchat
depends_on:
mongodb:
condition: service_started
required: true
environment:
ADMIN_USERNAME: Trez.One
ADMIN_NAME: Charish Patel
ADMIN_PASS: ${ROCKETCHAT_ADMIN_PASSWORD}
ADMIN_EMAIL: charish.patel@${MY_TLD}
MONGO_URL: mongodb://rocketchat:${ROCKETCHAT_MONGODB_PASSWORD}@mongodb:27017/rocketchat?replicaSet=rinoa
MONGO_OPLOG_URL: mongodb://rocketchat:${ROCKETCHAT_MONGODB_PASSWORD}@mongodb:27017/local?replicaSet=rinoa
ROOT_URL: https://chat.${MY_TLD}
PORT: 3000
DEPLOY_METHOD: docker
DEPLOY_PLATFORM: ${DEPLOY_PLATFORM:-}
REG_TOKEN: ${REG_TOKEN:-}
expose:
- 3000
image: ${IMAGE:-registry.rocket.chat/rocketchat/rocket.chat}:${RELEASE:-latest}
labels:
homepage.group: Social
homepage.name: Rocket.Chat
homepage.href: https://chat.${MY_TLD}
homepage.icon: rocket-chat.svg
homepage.description: Fully customizable communications platform with high standards of data protection
swag: enable
swag_proto: http
swag_port: 3000
swag_url: chat.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Rocket.Chat
swag.uptime-kuma.monitor.url: https://chat.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
profiles: ["rinoa-apps"]
restart: always
romm:
container_name: romm
depends_on:
mariadb:
condition: service_healthy
required: true
restart: true
image: rommapp/romm:latest@sha256:7f8b04e2e7652ae3121f19e712373bc021530b3c500e0c077c69a9cfe431395c
environment:
ROMM_DB_DRIVER: mariadb # mariadb | sqlite (default: sqlite)
ROMM_HOST: https://localhost:3000 # [Optional] your host ip or domain name (including http(s)://, subdomain and port if needed). Being used only for webRcade feed for now.
# [Optional] Only required if using MariaDB as the database
DB_HOST: mariadb
DB_PORT: 3306
DB_USER: romm
DB_NAME: romm # Should match the MYSQL_DATABASE value in the mariadb container
DB_PASSWD: ${ROMM_MARIADB_PASSWORD}
# [Optional WIP] Use SteamGridDB as a source for covers
# STEAMGRIDDB_API_KEY: <SteamGridDB api key>
# [Optional] Will enable user management and require authentication to access the interface (disabled by default)
ROMM_AUTH_ENABLED: true # default: false
ROMM_AUTH_SECRET_KEY: ${ROMM_AUTH_SECRET_KEY} # Generate a key with `openssl rand -hex 32`
ROMM_AUTH_USERNAME: admin # default: admin
ROMM_AUTH_PASSWORD: ${ROMM_AUTH_PASSWORD} # default: admin
# [Optional] Only required if authentication is enabled
ENABLE_EXPERIMENTAL_REDIS: true # default: false
REDIS_HOST: romm-valkey # default: localhost
REDIS_PORT: 6379 # default: 6379
REDIS_DB: 0
# REDIS_PASSWORD: # [Optional] Support for secured redis
# [Optional] Will enable asynchronous tasks (all disabled by default)
# Important: Do NOT wrap the cron expression in quotes
ENABLE_RESCAN_ON_FILESYSTEM_CHANGE: true # Runs a quick scan on the library when a file is added or removed
RESCAN_ON_FILESYSTEM_CHANGE_DELAY: 5 # Delay in seconds before running the quick scan (default: 5)
ENABLE_SCHEDULED_RESCAN: true # Runs a quick scan on the library at a given time
SCHEDULED_RESCAN_CRON: 0 3 * * * # Cron expression for the scheduled scan (default: 0 3 * * * At 3:00 AM every day)
ENABLE_SCHEDULED_UPDATE_SWITCH_TITLEDB: true # Updates the Switch TitleDB database at a given time
SCHEDULED_UPDATE_SWITCH_TITLEDB_CRON: 0 4 * * * # Cron expression for the scheduled update (default: 0 4 * * * At 4:00 AM every day)
ENABLE_SCHEDULED_UPDATE_MAME_XML: true # Updates the MAME XML database at a given time
SCHEDULED_UPDATE_MAME_XML_CRON: 0 5 * * * # Cron expression for the scheduled update (default: 0 5 * * * At 5:00 AM every day)
IGDB_CLIENT_ID: ${ROMM_IGDB_CLIENT_ID} # Generate an ID and SECRET in IGDB
IGDB_CLIENT_SECRET: ${ROMM_IGDB_CLIENT_SECRET} # https://docs.romm.app/latest/Getting-Started/Generate-API-Keys/#igdb
MOBYGAMES_API_KEY: # https://docs.romm.app/latest/Getting-Started/Generate-API-Keys/#mobygames
STEAMGRIDDB_API_KEY: ${ROMM_STEAMGRIDDB_API_KEY} # https://docs.romm.app/latest/Getting-Started/Generate-API-Keys/#steamgriddb
SCREENSCRAPER_USER: ${ROMM_SCREENSCRAPER_USERNAME} # Use your ScreenScraper username and password
SCREENSCRAPER_PASSWORD: ${ROMM_SCREENSCRAPER_PASSWORD} # https://docs.romm.app/latest/Getting-Started/Generate-API-Keys/#screenscraper
labels:
homepage.group: Media Library
homepage.name: RomM
homepage.href: https://romm.${MY_TLD}
homepage.icon: romm.svg
homepage.description: Beautiful, powerful, self-hosted ROM manager
homepage.widget.type: romm
homepage.widget.url: http://romm:8080
swag: enable
swag_proto: http
swag_url: romm.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: RomM
swag.uptime-kuma.monitor.url: https://romm.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 30229:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- romm_resources:/romm/resources # Resources fetched from IGDB (covers, screenshots, etc.)
- ${DOCKER_VOLUME_STORAGE}/roms:/romm/library # Your game library. Check https://github.com/rommapp/romm?tab=readme-ov-file#folder-structure for more details.
- ${DOCKER_VOLUME_STORAGE}/roms/assets:/romm/assets # Uploaded saves, states, etc.
- ${DOCKER_VOLUME_CONFIG}/romm:/romm/config # Path where config.yml is stored
romm-valkey:
container_name: romm-valkey
<<: *valkey-params
volumes:
- romm-valkey-data:/data/valkey
sabnzbdvpn:
cap_add:
- NET_ADMIN
- SYS_MODULE
container_name: sabnzbdvpn
environment:
ENABLE_PRIVOXY: no
LAN_NETWORK: 192.168.1.0/24
NAME_SERVERS: 192.168.1.254,1.1.1.1
PGID: 1000
PUID: 1000
TZ: America/New_York
VPN_CLIENT: openvpn
VPN_ENABLED: yes
VPN_INPUT_PORTS:
VPN_OPTIONS:
VPN_OUTPUT_PORTS:
VPN_PASS: ${SABNZBDVPN_ENVIRONMENT_VPN_PASS}
VPN_PROV: pia
VPN_USER: ${SABNZBDVPN_ENVIRONMENT_VPN_USER}
DEBUG: true
hostname: Rinoa
image: ghcr.io/binhex/arch-sabnzbdvpn:latest@sha256:411ed4ba589529960690c08de64fb2791c76d37d9a4278a99d30d7d32fc701f5
labels:
homepage.group: Downloaders
homepage.name: SABnzbd
homepage.href: https://sabnzbd.${MY_TLD}
homepage.icon: sabnzbd.png
homepage.description: NZB Downloader over VPN
homepage.widget.type: sabnzbd
homepage.widget.url: http://sabnzbdvpn:8080
homepage.widget.env: 1
homepage.widget.key: ${SABNZBDVPN_API_KEY}
swag: enable
swag_proto: http
swag_url: sabnzbd.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: SABnzbd
swag.uptime-kuma.monitor.url: https://sabnzbd.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8080:8080
- 8090:8090
- 8119:8118
privileged: true
profiles: ["rinoa-apps"]
restart: unless-stopped
sysctls:
net.ipv4.conf.all.src_valid_mark: "1"
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/sabnzbdvpn
target: /config
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
sablier:
container_name: sablier
environment:
PROVIDER_NAME: docker
SERVER_PORT: 10000
SERVER_BASE_PATH: /
STORAGE_FILE: /opt/sablier/state
SESSIONS_DEFAULT_DURATION: 5m
SESSIONS_EXPIRATION_INTERVAL: 20s
LOGGING_LEVEL: trace
STRATEGY_DYNAMIC_CUSTOM_THEMES_PATH: /opt/sablier/custom_themes
STRATEGY_DYNAMIC_SHOW_DETAILS_BY_DEFAULT: false
STRATEGY_DYNAMIC_DEFAULT_THEME: hacker-terminal
STRATEGY_DYNAMIC_DEFAULT_REFRESH_FREQUENCY: 5s
STRATEGY_BLOCKING_DEFAULT_TIMEOUT: 1m
image: sablierapp/sablier:latest@sha256:000fab8e34adec9587b2424cc91e8526403ebea4b0636e9667f4123d450fe165
ports:
- 19311:10000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/sablier/state:/opt/sablier/state
- ${DOCKER_VOLUME_CONFIG}/sablier/custom_themes:/opt/sablier/custom_themes
- /var/run/docker.sock:/var/run/docker.sock
scraparr:
container_name: scraparr
depends_on:
bazarr:
condition: service_started
required: true
prowlarr:
condition: service_started
required: true
radarr:
condition: service_started
required: true
sonarr:
condition: service_started
required: true
environment:
BAZARR_API_KEY: ${BAZARR_API_KEY}
BAZARR_URL: http://bazarr:6767
PROWLARR_API_KEY: ${PROWLARR_API_KEY}
PROWLARR_URL: http://prowlarr:9696
RADARR_API_KEY: ${RADARR_API_KEY}
RADARR_URL: http://radarr:7878
SONARR_API_KEY: ${SONARR_API_KEY}
SONARR_URL: http://sonarr:8989
image: ghcr.io/thecfu/scraparr:2@sha256:cfe07f005aa6e93221dd0bb540600aaa51ea1215968595806863f9df3dc3b26c
ports:
- 7100:7100
profiles: ["rinoa-apps"]
restart: unless-stopped
scrutiny:
cap_add:
- SYS_RAWIO
container_name: scrutiny
devices:
- "/dev/nvme0n1:/dev/nvme0n1:rwm"
- "/dev/sda:/dev/sda:rwm"
- "/dev/sdb:/dev/sdb:rwm"
- "/dev/sdc:/dev/sdc:rwm"
- "/dev/sdd:/dev/sdd:rwm"
- "/dev/sde:/dev/sde:rwm"
- "/dev/sdf:/dev/sdf:rwm"
image: ghcr.io/analogj/scrutiny:master-omnibus@sha256:18689773150d6b8b53c94a435f40f7b6e946fd4a6d40b44c64fa2154a5b38941
labels:
cloudflare.tunnel.enable: true
cloudflare.tunnel.hostname: smartd.${MY_TLD}
cloudflare.tunnel.service: http://scrutiny:8080
cloudflare.tunnel.zonename: ${MY_TLD}
cloudflare.tunnel.no_tls_verify: true
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: Scrutiny
homepage.href: https://smartd.${MY_TLD}
homepage.icon: scrutiny.png
homepage.description: WebUI for smartd S.M.A.R.T monitoring
homepage.widget.type: scrutiny
homepage.widget.url: http://scrutiny:8080
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Scrutiny
swag.uptime-kuma.monitor.url: https://smartd.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8909:8080
- 8910:8086
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /run/udev
target: /run/udev
type: bind
- source: ${DOCKER_VOLUME_CONFIG}/scrutiny/config
target: /opt/scrutiny/config
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/scrutiny/influxdb
target: /opt/scrutiny/influxdb
type: bind
bind:
create_host_path: true
searxng:
cap_add:
- CHOWN
- SETGID
- SETUID
cap_drop:
- ALL
container_name: searxng
environment:
SEARXNG_BASE_URL: https://search.${MY_TLD}
image: searxng/searxng:latest@sha256:733c25efc9c7d195cc11974b75abff935e30c33d1f88dbcf0a6accd772718608
labels:
homepage.group: Privacy/Security
homepage.name: SearxNG
homepage.href: https://search.${MY_TLD}
homepage.icon: searxng.png
homepage.description: Anonymized Meta-Search Engine
swag: enable
swag_address: searxng
swag_proto: http
swag_url: search.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: SearxNG
swag.uptime-kuma.monitor.url: https://search.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
logging:
driver: json-file
options:
max-file: "1"
max-size: 1m
networks:
default: null
ports:
- 8095:8080
privileged: true
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/searxng
target: /etc/searxng
type: bind
bind:
create_host_path: true
searxng-valkey:
container_name: searxng-valkey
<<: *valkey-params
volumes:
- searxng-valkey-data:/data/valkey
semaphore-ui:
container_name: semaphore-ui
environment:
ANSIBLE_HOST_KEY_CHECKING: false
SEMAPHORE_ADMIN_PASSWORD: ${SEMAPHORE_ADMIN_PASSWORD}
SEMAPHORE_ADMIN_NAME: admin
SEMAPHORE_ADMIN_EMAIL: charish.patel@${MY_TLD}
SEMAPHORE_ADMIN: admin
SEMAPHORE_DB_DIALECT: bolt
SEMAPHORE_EMAIL_ALERT: true
SEMAPHORE_EMAIL_SENDER: noreply@${MY_TLD}
SEMAPHORE_EMAIL_HOST: postal-smtp
SEMAPHORE_EMAIL_PORT: 25
SEMAPHORE_EMAIL_USERNAME: ${POSTAL_SMTP_AUTH_USER}
SEMAPHORE_EMAIL_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
SEMAPHORE_EMAIL_SECURE: false
SEMAPHORE_USE_REMOTE_RUNNER: true
image: semaphoreui/semaphore:v2.16.51@sha256:316520f513e3c964d23cdd40709777a6a452e275020627aba406e9bd9c08adde
labels:
homepage.group: Code/DevOps
homepage.name: Semaphore UI
homepage.href: https://devops.${MY_TLD}
homepage.icon: semaphore.svg
homepage.description: Modern UI for Ansible, Terraform, OpenTofu, PowerShell and other DevOps tools
swag: enable
swag_port: 3000
swag_proto: http
swag_url: devops.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Semaphore UI
swag.uptime-kuma.monitor.url: https://devops.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 3015:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- semaphore_config:/etc/semaphore
- semaphore_data:/var/lib/semaphore
- semaphore_tmp:/tmp/semaphore
signoz-app:
<<: *signoz-db-depend
container_name: signoz-app
environment:
SIGNOZ_ALERTMANAGER_PROVIDER: signoz
SIGNOZ_ANALYTICS_ENABLED: true
SIGNOZ_JWT_SECRET: ${SIGNOZ_JWT_SECRET}
SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_DSN: tcp://signoz-clickhouse:9000
SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER: cluser
SIGNOZ_QUERIER_FLUX__INTERVAL: 5m
SIGNOZ_TELEMETRYSTORE_PROVIDER: clickhouse
SIGNOZ_SQLSTORE_SQLITE_PATH: /var/lib/signoz/signoz.db
SIGNOZ_ALERTMANAGER_SIGNOZ_EXTERNAL__URL: https://apm.${MY_TLD}
SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__FROM: noreply@${MY_TLD}
SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__SMARTHOST: postal-smtp:25
SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__AUTH__USERNAME: ${POSTAL_SMTP_AUTH_USER}
SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__AUTH__PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__REQUIRE__TLS: true
SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__TLS__CONFIG_INSECURE__SKIP__VERIFY: true
SIGNOZ_PROMETHEUS_CONFIG: /root/config/prometheus.yml
DASHBOARDS_PATH: /root/config/dashboards
GODEBUG: netdns=go
DEPLOYMENT_TYPE: docker-standalone-amd
healthcheck:
test:
- CMD
- wget
- --spider
- -q
- localhost:8080/api/v1/health
interval: 30s
timeout: 5s
retries: 3
image: signoz/signoz:v0.96.1@sha256:e2cded000c87adb0366c9ae4f292e034515458552d151879195071ba4f078b4e
labels:
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: Signoz
homepage.href: https://apm.${MY_TLD}
homepage.icon: signoz.svg
homepage.description: Logs, metrics, and traces in a single pane
swag: enable
swag_proto: http
swag_port: 8080
swag_url: apm.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Signoz
swag.uptime-kuma.monitor.url: https://apm.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 36113:8080 # signoz port
# - "6060:6060" # pprof port
volumes:
- ${DOCKER_VOLUME_CONFIG}/signoz/common/prometheus.yml:/root/config/prometheus.yml
- ${DOCKER_VOLUME_CONFIG}/signoz/common/dashboards:/root/config/dashboards
- signoz-sqlite:/var/lib/signoz/
signoz-clickhouse:
<<: *signoz-clickhouse-defaults
container_name: signoz-clickhouse
expose:
- 9000
ports:
# - "9000:9000"
- "8123:8123"
- "9181:9181"
volumes:
- ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/config.xml:/etc/clickhouse-server/config.xml
- ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/users.xml:/etc/clickhouse-server/users.xml
- ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/custom-function.xml:/etc/clickhouse-server/custom-function.xml
- ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/user_scripts:/var/lib/clickhouse/user_scripts/
- ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/cluster.xml:/etc/clickhouse-server/config.d/cluster.xml
- signoz-clickhouse:/var/lib/clickhouse/
# - ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/storage.xml:/etc/clickhouse-server/config.d/storage.xml
signoz-init-clickhouse:
<<: *signoz-common
container_name: signoz-init-clickhouse
command:
- bash
- -c
- |
version="v0.0.1"
node_os=$$(uname -s | tr '[:upper:]' '[:lower:]')
node_arch=$$(uname -m | sed s/aarch64/arm64/ | sed s/x86_64/amd64/)
echo "Fetching histogram-binary for $${node_os}/$${node_arch}"
cd /tmp
wget -O histogram-quantile.tar.gz "https://github.com/SigNoz/signoz/releases/download/histogram-quantile%2F$${version}/histogram-quantile_$${node_os}_$${node_arch}.tar.gz"
tar -xvzf histogram-quantile.tar.gz
mv histogram-quantile /var/lib/clickhouse/user_scripts/histogramQuantile
image: clickhouse/clickhouse-server:25.5.6-alpine
restart: on-failure
volumes:
- ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/user_scripts/:/var/lib/clickhouse/user_scripts/
signoz-logspout:
command: signoz://signoz-otel-collector:8082
container_name: signoz-logspout
depends_on:
signoz-otel-collector:
required: true
condition: service_started
environment:
ENV: prod
SIGNOZ_LOG_ENDPOINT: http://signoz-otel-collector:8082
image: pavanputhra/logspout-signoz@sha256:6da8ce12279a5262de8b2d5c083ce82d4c878c4eab702b4d328afe147ed7553b
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
signoz-otel-collector:
<<: *signoz-db-depend
command:
- --config=/etc/otel-collector-config.yaml
- --manager-config=/etc/manager-config.yaml
- --copy-path=/var/tmp/collector-config.yaml
- --feature-gates=-pkg.translator.prometheus.NormalizeName
container_name: signoz-otel-collector
depends_on:
signoz-app:
condition: service_healthy
environment:
NGINX_ACCESS_LOG_FILE: /swag/log/nginx/access.log
NGINX_ERROR_LOG_FILE: /swag/log/nginx/error.log
OTEL_RESOURCE_ATTRIBUTES: host.name=signoz-host,os.type=linux
LOW_CARDINAL_EXCEPTION_GROUPING: false
image: signoz/signoz-otel-collector:v0.129.14@sha256:59b6f37b3b7611af9d0df34566ee5c775f8b51bb495e68ab65b6a81bea94212c
ports:
# - "1777:1777" # pprof extension
- "4317:4317" # OTLP gRPC receiver
- "4318:4318" # OTLP HTTP receiver
- 8082:8082 # Logspout collection (https://signoz.io/blog/logspout-signoz-setup/)
volumes:
- ${DOCKER_VOLUME_CONFIG}/signoz/common/otel/otel-collector-config.yaml:/etc/otel-collector-config.yaml
- ${DOCKER_VOLUME_CONFIG}/signoz/common/otel/otel-collector-opamp-config.yaml:/etc/manager-config.yaml
- ${DOCKER_VOLUME_CONFIG}/swag/log/nginx/access.log:/swag/log/nginx/access.log:ro
- ${DOCKER_VOLUME_CONFIG}/swag/log/nginx/error.log:/swag/log/nginx/error.log:ro
signoz-schema-migrator-async:
<<: *signoz-db-depend
image: signoz/signoz-schema-migrator:v0.129.14@sha256:d49088faac9e3746b02cd6ea6355f0690bd1b15f7165bcd77bfcd3bf92f19bac
container_name: signoz-schema-migrator-async
command:
- async
- --dsn=tcp://signoz-clickhouse:9000
- --up=
profiles: ["rinoa-apps"]
restart: on-failure
signoz-schema-migrator-sync:
<<: *signoz-common
image: signoz/signoz-schema-migrator:v0.129.14@sha256:d49088faac9e3746b02cd6ea6355f0690bd1b15f7165bcd77bfcd3bf92f19bac
container_name: signoz-schema-migrator-sync
command:
- sync
- --dsn=tcp://signoz-clickhouse:9000
- --up=
depends_on:
signoz-clickhouse:
condition: service_healthy
profiles: ["rinoa-apps"]
restart: on-failure
signoz-zookeeper-1:
<<: *signoz-zookeeper-defaults
container_name: signoz-zookeeper-1
environment:
ZOO_SERVER_ID: 1
ALLOW_ANONYMOUS_LOGIN: yes
ZOO_AUTOPURGE_INTERVAL: 1
ZOO_ENABLE_PROMETHEUS_METRICS: yes
ZOO_PROMETHEUS_METRICS_PORT_NUMBER: 9141
ports:
- "2181:2181"
- "2888:2888"
- "3888:3888"
volumes:
- signoz-zookeeper-1:/bitnami/zookeeper
sonarqube:
container_name: sonarqube
depends_on:
sonarqube-pg-db:
condition: service_healthy
environment:
SONAR_JDBC_URL: jdbc:postgresql://sonarqube-pg-db:5432/sonar
SONAR_JDBC_USERNAME: sonar
SONAR_JDBC_PASSWORD: ${SONARQUBE_POSTGRES_PASSWORD}
SONAR_SECURITY_REALM: LDAP
LDAP_URL: ldap://lldap:3890
LDAP_BINDDN: cn=sonarqube,ou=people,dc=trez,dc=wtf
LDAP_BINDPASSWORD: ${SONARQUBE_LDAP_BIND_PASSWORD}
LDAP_AUTHENTICATION: simple
LDAP_USER_BASEDN: ou=people,dc=trez,dc=wtf
LDAP_USER_REQUEST: (&(objectClass=inetOrgPerson)(uid={login})(memberof=cn=sonarqube_users,ou=groups,dc=example,dc=com))
LDAP_USER_REALNAMEATTRIBUTE: cn
LDAP_USER_EMAILATTRIBUTE: mail
hostname: sonarqube
image: mc1arke/sonarqube-with-community-branch-plugin:lts@sha256:70b055c294a2a751357ee65d5d55139c93f87faed436d0075034da38b2edafa1
labels:
homepage.group: Code/DevOps
homepage.name: SonarQube
homepage.href: https://sqube.${MY_TLD}
homepage.icon: sonarqube.svg
homepage.description: Code/DevOps quality/security
swag: enable
swag_proto: http
swag_port: 9000
swag_url: sqube.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: SonarQube
swag.uptime-kuma.monitor.url: https://sqube.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
volumes:
- sonarqube-data:/opt/sonarqube/data
- sonarqube-extensions:/opt/sonarqube/extensions
- sonarqube-logs:/opt/sonarqube/logs
- sonarqube-temp:/opt/sonarqube/temp
ports:
- 9003:9000
read_only: true
profiles: ["rinoa-infra"]
restart: unless-stopped
sonarqube-pg-db:
container_name: sonarqube-pg-db
environment:
POSTGRES_USER: sonar
POSTGRES_PASSWORD: ${SONARQUBE_POSTGRES_PASSWORD}
POSTGRES_DB: sonar
healthcheck:
test: ["CMD-SHELL", "pg_isready -U sonar -d sonar"]
interval: 10s
timeout: 5s
retries: 5
image: postgres:17-alpine@sha256:3430fe182f5065a6ea505c3d432d2c7fff18fbab954df8f277c1dbf4c70124af
profiles: ["rinoa-infra"]
restart: unless-stopped
volumes:
- sonarqube-db:/var/lib/postgresql
- sonarqube-db-data:/var/lib/postgresql/data
sonarr:
container_name: sonarr
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
DOCKER_MODS: ghcr.io/gilbn/theme.park:sonarr
hostname: Rinoa
image: lscr.io/linuxserver/sonarr:latest@sha256:37be832b78548e3f55f69c45b50e3b14d18df1b6def2a4994258217e67efb1a1
labels:
homepage.group: Servarr Stack
homepage.name: Sonarr
homepage.href: https://sonarr.${MY_TLD}
homepage.icon: sonarr.png
homepage.description: TV Show Automation
homepage.widget.type: sonarr
homepage.widget.url: http://sonarr:8989
homepage.widget.key: ${SONARR_API_KEY}
swag: enable
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Sonarr
swag.uptime-kuma.monitor.url: https://sonarr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8989:8989
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/sonarr:/config
- /rinoa-storage:/storage
- ${DOCKER_VOLUME_STORAGE}/downloads/:/downloads
sonashow:
container_name: sonashow
environment:
auto_start: true
auto_start_delay: 60
dry_run_adding_to_sonarr: false
fallback_to_top_result: false
language_choice: all
metadata_profile_id: 1
minimum_rating: 4.5
minimum_votes: 50
quality_profile_id: 1
sonarr_address: http://sonarr:8989
sonarr_api_key: ${SONARR_API_KEY}
root_folder_path: /data/media/shows
search_for_missing_episodes: true
sonarr_api_timeout: 120
tmdb_api_key: ${TMDB_API_KEY}
expose:
- 5000
image: thewicklowwolf/sonashow:latest@sha256:24051dd89a89018a862678912959eef013707c277cbced534fab7ce019e21b53
labels:
homepage.group: Servarr Stack
homepage.name: SonaShow
homepage.href: https://sonashow.${MY_TLD}
homepage.icon: sh-sonashow.png
homepage.description: TV show discovery based on library/tastes
swag: enable
swag_auth: authelia
swag_proto: http
swag_port: 5000
swag_url: sonashow.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: SonaShow
swag.uptime-kuma.monitor.url: https://sonashow.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_STORAGE}/TV_Shows
target: /data/media/shows
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/sonashow
target: /sonashow/config
type: bind
bind:
create_host_path: true
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
soularr:
container_name: soularr
depends_on:
lidarr:
condition: service_started
required: true
soulseek:
condition: service_started
required: true
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
#Script interval in seconds
SCRIPT_INTERVAL: 300
image: mrusse08/soularr:latest@sha256:efa11f11ec1ad398f7456e3df304b942841f1ef975a02859c2e31cfdd24882d4
network_mode: service:gluetun
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
#"You can set /downloads to whatever you want but will then need to change the Slskd download dir in your config file"
- ${DOCKER_VOLUME_STORAGE}/downloads:/downloads
#Select where you are storing your config file. Leave "/data" since thats where the script expects the config file to be
- ${DOCKER_VOLUME_CONFIG}/soularr:/data
soularr-dashboard:
container_name: soularr-dashboard
depends_on:
soularr:
condition: service_started
environment:
DOCKER_HOST: tcp:/${DOCKER_VOLUME_CONFIG}proxy:2375
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
image: ghcr.io/mrusse/soularr:main@sha256:2148f2c7f405a31ce64082ce085c88bf6e486fbb705bec20ead6a170fd8def72
labels:
homepage.name: Soularr
homepage.group: Downloaders
homepage.description: Dashboard for monitoring Soularr
homepage.href: https://soularr.${MY_TLD}
homepage.icon: /icons/soularr.png
swag: enable
swag_proto: http
swag_url: soularr.${MY_TLD}
swag_port: 8080
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Soularr
swag.uptime-kuma.monitor.url: https://soularr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 18364:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/soularr/dashboard:/app
- ${DOCKER_VOLUME_CONFIG}/soularr:/data
- ${DOCKER_VOLUME_CONFIG}/soularr/logs:/data/logs
- /var/run/docker.sock:/var/run/docker.sock:ro
working_dir: /app
soulseek:
container_name: soulseek
depends_on:
gluetun:
condition: service_started
required: true
restart: true
image: slskd/slskd@sha256:bcf9820dab68e21d2bba8ebb1ffd583d71fcba542a50a1e998119f69b7b498fe
labels:
homepage.name: Soulseek
homepage.group: Downloaders
homepage.description: Modern client-server application for the Soulseek file-sharing network.
homepage.href: https://slsk.${MY_TLD}
homepage.icon: slskd.svg
swag: enable
swag_proto: http
swag_url: slsk.${MY_TLD}
swag_address: gluetun
swag_port: 5030
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: SoulSeek
swag.uptime-kuma.monitor.url: https://slsk.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
network_mode: service:gluetun
profiles: ["rinoa-apps"]
restart: always
volumes:
- ${DOCKER_VOLUME_CONFIG}/soulseek:/app
- ${DOCKER_VOLUME_STORAGE}/Audio/Music:/music
- ${DOCKER_VOLUME_STORAGE}/downloads/completed/slsk:/app/downloads/
- ${DOCKER_VOLUME_STORAGE}/downloads/incomplete/slsk:/app/incomplete
speedtest-tracker:
container_name: speedtest-tracker
image: lscr.io/linuxserver/speedtest-tracker:latest@sha256:00f1b34ec10863d15ef5d3ea3b0bb10efbb64758a418ddbeee7ce25859b149c3
environment:
PUID: ${PUID}
PGID: ${PGID}
APP_KEY: ${SPEEDTEST_TRACKER_APP_KEY}
DB_CONNECTION: sqlite
SPEEDTEST_SCHEDULE: 15 */3 * * *
labels:
homepage.name: Speedtest Tracker
homepage.group: Infrastructure/App Performance Monitoring
homepage.description: Self-hosted internet performance tracking
homepage.href: https://speed.${MY_TLD}
homepage.icon: speedtest-tracker.png
homepage.widget.type: speedtest
homepage.widget.url: http://speedtest-tracker
swag: enable
swag_proto: http
swag_url: speed.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Speedtest Tracker
swag.uptime-kuma.monitor.url: https://speed.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 47512:80
- 62777:443
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/speedtest-tracker:/config
stirling-pdf:
container_name: stirling-pdf
environment:
DOCKER_ENABLE_SECURITY: true
LANGS: en_US
SECURITY_ENABLE_LOGIN: true
SYSTEM_SHOW_UPDATE: false
SYSTEM_SHOW_UPDATE_ONLY_ADMIN: true
image: docker.stirlingpdf.com/stirlingtools/stirling-pdf:latest@sha256:073023f9829b96a5e64ec3cdbf2f441e65feb8b89bfbebeae217b96564b546e9
labels:
homepage.name: Stirling-PDF
homepage.group: Professional Services
homepage.description: PDF Operations
homepage.href: https://pdf.${MY_TLD}
homepage.icon: stirling-pdf.svg
swag: enable
swag_port: 8080
swag_proto: http
swag_url: pdf.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Stirling-PDF
swag.uptime-kuma.monitor.url: https://pdf.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 58931:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/stirling-pdf/training-data:/usr/share/tessdata # Required for extra OCR languages
- ${DOCKER_VOLUME_CONFIG}/stirling-pdf/extra-configs:/configs
- ${DOCKER_VOLUME_CONFIG}/stirling-pdf/custom-files:/customFiles/
- ${DOCKER_VOLUME_CONFIG}/stirling-pdf/logs:/logs/
- ${DOCKER_VOLUME_CONFIG}/stirling-pdf/pipeline:/pipeline/
swag:
cap_add:
- NET_ADMIN
container_name: swag
environment:
DNSPLUGIN: cloudflare
EMAIL: charish.patel@${MY_TLD}
EXTRA_DOMAINS:
ONLY_SUBDOMAINS: false
PGID: 1000
PUID: 1000
SUBDOMAINS: etherpad,ha,www
TZ: America/New_York
URL: ${MY_TLD}
VALIDATION: dns
CROWDSEC_API_KEY: ${CROWDSEC_SWAG_API_KEY}
CROWDSEC_LAPI_URL: http://crowdsec:8080
DOCKER_MODS: linuxserver/mods:universal-docker|linuxserver/mods:swag-auto-proxy|linuxserver/mods:swag-dashboard|linuxserver/mods:swag-maxmind|linuxserver/mods:universal-stdout-logs|linuxserver/mods:universal-package-install|ghcr.io/linuxserver/mods:swag-crowdsec #|ghcr.io/trezone/swag-auto-uptime-kuma:d84284c8fbec305e94a6c2f6b825e8e3430d9569 #linuxserver/mods:swag-auto-uptime-kuma
INSTALL_PACKAGES: nginx-mod-http-js
PROPAGATION: 30
UPTIME_KUMA_PASSWORD: ${UPTIME_KUMA_PASSWORD}
UPTIME_KUMA_URL: http://uptimekuma:3001
UPTIME_KUMA_USERNAME: ${UPTIME_KUMA_USERNAME}
hostname: Rinoa
image: lscr.io/linuxserver/swag:latest@sha256:d2499bac1876f075e7b6ecd6ce193b5ed937085fac71f21c6a31916ba98a2a88
labels:
swag: enable
swag_proto: http
swag_port: 81
swag_url: swag.${MY_TLD}
swag_auth: authelia
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.monitor.url: https://swag.${MY_TLD}
swag.uptime-kuma.name: SWAG Dashboard
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: SWAG Dashboard
homepage.href: https://swag.${MY_TLD}
homepage.icon: linuxserver-io.png
homepage.description: SWAG Dashboard for proxies
homepage.widget.type: swagdashboard
homepage.widget.url: http://swag:81
networks:
- default
# - nextcloud-aio
ports:
- 443:443
- 80:80
- 81:81
profiles: ["rinoa-infra"]
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/swag:/config
- ${DOCKER_VOLUME_CONFIG}/sablier/sablier.js:/etc/nginx/conf.d/sablier.js
# - ${DOCKER_VOLUME_CONFIG}/swag/otel_ngx_module.so:/usr/lib/nginx/modules/otel_ngx_module.so
# - ${DOCKER_VOLUME_CONFIG}/swag/30_http_otel.conf:/etc/nginx/modules/30_http_otel.conf
# - ${DOCKER_VOLUME_CONFIG}/swag/opentelemetry_config.toml:/etc/nginx/opentelemetry_config.toml
- /rinoa-storage:/storage
- /var/run/docker.sock:/var/run/docker.sock:ro
tandoor:
container_name: tandoor-recipes
depends_on:
tandoor-pg:
condition: service_started
required: true
environment:
DB_ENGINE: django.db.backends.postgresql
GID: 1000
GUNICORN_MEDIA: 1
POSTGRES_DB: tandoor
POSTGRES_HOST: tandoor-pg
POSTGRES_PASSWORD: ${TANDOOR_POSTGRES_PASSWORD}
POSTGRES_USER: tandoor
SECRET_KEY: ${TANDOOR_SECRET_KEY}
TZ: ${TZ}
UID: 1000
image: vabene1111/recipes@sha256:7ce6534c9ab0e471fd0f08add67e871b9173fb580c2f86294c3ead025603a3d7
labels:
homepage.group: Lifestyle
homepage.name: Tandoor Recipes
homepage.href: https://recipes.${MY_TLD}
homepage.icon: tandoor-recipes.svg
homepage.description: Recipes, cookbooks, meal-planning, & grocery lists
homepage.widget.type: tandoor
homepage.widget.url: http://tandoor-recipes:8080
homepage.widget.key: ${TANDOOR_API_TOKEN}
swag: enable
swag_proto: http
swag_address: tandoor-recipes
swag_url: recipes.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Tandoor Recipes
swag.uptime-kuma.monitor.url: https://recipes.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8106:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/tandoor/static
target: /opt/recipes/staticfiles
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/tandoor/media
target: /opt/recipes/mediafiles
type: bind
bind:
create_host_path: true
tandoor-pg:
container_name: tandoor-pg
environment:
POSTGRES_DB: tandoor
POSTGRES_PASSWORD: ${TANDOOR_POSTGRES_PASSWORD}
POSTGRES_USER: tandoor
expose:
- 5432
image: postgres:16-alpine@sha256:97ff59a4e30e08d1c11bdcd9455e7832368c0572b576c9092cde2df4ae5552a3
networks:
default: null
profiles: ["rinoa-apps"]
restart: always
volumes:
- source: tandoor-pg
target: /var/lib/postgresql/data
type: volume
volume: {}
tdarr:
container_name: tdarr
environment:
TZ: ${TZ}
PUID: ${PUID}
PGID: ${PGID}
UMASK_SET: 002
serverIP: 0.0.0.0
serverPort: 8266
webUIPort: 8265
internalNode: true
inContainer: true
ffmpegVersion: 7
nodeName: tdarr-rinoa
auth: false
authSecretKey: ${TDARR_AUTH_SECRET_KEY}
openBrowser: true
maxLogSizeMB: 10
cronPluginUpdate:
NVIDIA_DRIVER_CAPABILITIES: all
NVIDIA_VISIBLE_DEVICES: all
image: ghcr.io/haveagitgat/tdarr:2.58.02@sha256:20a5656c4af4854e1877046294f77113f949d27e35940a9a65f231423d063207
labels:
homepage.group: Servarr Stack
homepage.name: Tdarr
homepage.href: https://tdarr.${MY_TLD}
homepage.icon: tdarr.png
homepage.description: Distributed transcode automation
homepage.widget.type: tdarr
homepage.widget.url: http://tdarr:8266
swag: enable
swag_proto: http
swag_port: 8265
swag_address: tdarr
swag_url: tdarr.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Tdarr
swag.uptime-kuma.monitor.url: https://tdarr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 8265:8265
- 8266:8266
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/tdarr/server:/app/server
- ${DOCKER_VOLUME_CONFIG}/tdarr/configs:/app/configs
- ${DOCKER_VOLUME_CONFIG}/tdarr/logs:/app/logs
- ${DOCKER_VOLUME_CONFIG}/tdarr/transcode_cache:/temp
- ${DOCKER_VOLUME_STORAGE}/:/media
unmanic:
container_name: unmanic
environment:
DOCKER_MODS: linuxserver/mods:universal-docker|linuxserver/mods:universal-stdout-logs
PUID: ${PUID}
PGID: ${PGID}
LOGS_TO_STDOUT: /config/.unmanic/logs/unmanic.log
image: josh5/unmanic:latest@sha256:dbd1257d6463f1e987e8086acc33cdb54c54623b539b4e98253aedf94c68f713
labels:
homepage.group: Media Library
homepage.name: Unmanic
homepage.href: https://unmanic.${MY_TLD}
homepage.icon: unmanic.png
homepage.description: Library Optimizer
homepage.widget.type: unmanic
homepage.widget.url: http://unmanic:8888
swag: enable
swag_port: 8888
swag_url: unmanic.${MY_TLD}
swag_proto: http
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.monitor.url: https://unmanic.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8911:8888
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/unmanic
target: /config
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_STORAGE}
target: /library
type: bind
bind:
create_host_path: true
- source: unmanic-cache
target: /tmp/unmanic
type: volume
volume: {}
uptimekuma:
container_name: uptimekuma
depends_on:
swag:
condition: service_started
required: true
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
UPTIME_KUMA_USERNAME: ${UPTIME_KUMA_USERNAME}
UPTIME_KUMA_PASSWORD: ${UPTIME_KUMA_PASSWORD}
DOCKER_HOST: tcp:/${DOCKER_VOLUME_CONFIG}proxy:2375
hostname: Rinoa
image: louislam/uptime-kuma:latest@sha256:431fee3be822b04861cf0e35daf4beef6b7cb37391c5f26c3ad6e12ce280fe18
labels:
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: Uptime Kuma
homepage.href: https://uptime.${MY_TLD}
homepage.icon: uptime-kuma.png
homepage.description: HTTP Endpoint Monitoring
homepage.widget.type: uptimekuma
homepage.widget.url: http://uptimekuma:3001
homepage.widget.slug: rinoa-services
swag: enable
swag_proto: http
swag_url: uptime.${MY_TLD}
networks:
default: null
ports:
- 3003:3001
profiles: ["rinoa-infra"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/uptimekuma
target: /app/data
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
vault:
cap_add:
- IPC_LOCK
command:
- server
container_name: hc-vault
environment:
AWS_ACCESS_KEY_ID: ${VAULT_HASHICORP_AWS_ACCESS_KEY_ID}
AWS_SECRET_ACCESS_KEY: ${VAULT_HASHICORP_AWS_SECRET_ACCESS_KEY}
image: hashicorp/vault:latest@sha256:5f244d447c6f90107149c9565da5ffedf847cec673ba0062a82fc3dd83c89e65
labels:
homepage.group: Code/DevOps
homepage.name: HashiCorp Vault
homepage.icon: vault.png
homepage.href: https://vault.${MY_TLD}
homepage.description: HashiCorp Vault for secrets, key/value stores, etc.
swag: enable
swag_proto: http
swag_port: 8200
swag_url: vault.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: HashiCorp Vault
swag.uptime-kuma.monitor.url: https://vault.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 8200:8200
- 8250:8250
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/config/:/vault/config
- ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/logs/:/vault/logs
wallos:
container_name: wallos
environment:
TZ: ${TZ}
image: bellamy/wallos:latest@sha256:46f25daeebedbe00f409abdc82f07d1bde6818dc9fee8b360b0b09c453c4b999
labels:
homepage.group: Lifestyle
homepage.name: wallos
homepage.href: https://subs.${MY_TLD}
homepage.icon: wallos.png
homepage.description: Subscription Tracking
sablier.enable: false
sablier.group: rinoa
swag: enable
swag_proto: http
swag_url: subs.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Wallos
swag.uptime-kuma.monitor.url: https://subs.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8283:80
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- wallos-db:/var/www/html/db
- wallos-logos:/var/www/html/images/uploads/logos
web-check:
container_name: web-check
image: lissy93/web-check@sha256:2b4ee0a63f6e5cf12c96dd5b123fff488b40410b99f43f08a6e24bc8460531fa
labels:
homepage.group: Privacy/Security
homepage.name: Web-Check
homepage.icon: web-check.png
homepage.href: https://scan.${MY_TLD}
homepage.description: Site scanner for attack vectors, architecture, security configs, and more
swag: enable
swag_proto: http
swag_url: scan.${MY_TLD}
swag_port: 3000
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Web-Check
swag.uptime-kuma.monitor.url: https://scan.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 3010:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
whodb:
container_name: whodb
image: clidey/whodb@sha256:717edc4ffb968fb1540244797fa8104f2cb8bf6c86d7d7fd738c6bc28082acda
environment:
WHODB_CLICKHOUSE_1: '{
"host": "signoz-clickhouse"
}'
WHODB_MARIADB_1: '{
"host": "mariadb",
"user": "root",
"password": "${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD}"
}'
WHODB_MONGODB_1: '{
"host": "mongodb:27017/admin?replicaSet=rinoa",
"user": "root",
"password": "${MONGO_INITDB_ROOT_PASSWORD}"
}'
WHODB_POSTGRES_1: '{
"host": "authelia-pg",
"user": "authelia",
"password": "${AUTHELIA_STORAGE_POSTGRES_PASSWORD}",
"database": "authelia"
}'
WHODB_POSTGRES_2: '{
"host": "dawarich-pg-db",
"user": "dawarich",
"password": "${DAWARICH_PG_PASSWORD}",
"database": "authelia"
}'
WHODB_POSTGRES_3: '{
"host": "gitea-db",
"user": "gitea",
"password": "${GITEA_PG_DB_PASSWORD}",
"database": "gitea"
}'
WHODB_POSTGRES_4: '{
"host": "immich-pg-db",
"user": "immich",
"password": "${IMMICH_DB_PASSWORD}",
"database": "immich"
}'
WHODB_POSTGRES_5: '{
"host": "invidious-db",
"user": "kemal",
"password": "${INVID_PG_DB_PASSWORD}",
"database": "invidious"
}'
WHODB_POSTGRES_6: '{
"host": "joplin-db",
"user": "joplin",
"password": "${JOPLIN_POSTGRES_PASSWORD}",
"database": "joplin"
}'
WHODB_POSTGRES_7: '{
"host": "librechat-vectordb",
"user": "librechat",
"password": "${LIBRECHAT_PG_DB_PASSWD}",
"database": "librechat"
}'
WHODB_POSTGRES_8: '{
"host": "mastodon-pg-db",
"user": "mastodon",
"password": "${MASTODON_PG_DB_PASSWORD}",
"database": "mastodon"
}'
WHODB_POSTGRES_9: '{
"host": "penpot-pg-db",
"user": "penpot",
"password": "${PENPOT_PG_DB_PASSWORD}",
"database": "penpot"
}'
WHODB_POSTGRES_10: '{
"host": "planka-pg-db",
"user": "planka",
"password": "${PLANKA_PG_PASSWORD}",
"database": "planka"
}'
WHODB_POSTGRES_11: '{
"host": "portnote-pg-db",
"user": "portnote",
"password": "${PORTNOTE_POSTGRES_PASSWORD}",
"database": "portnote"
}'
WHODB_POSTGRES_12: '{
"host": "reactive-resume-pg",
"user": "reactiveresume",
"password": "${REACTIVE_RESUME_PGSQL_PASSWORD}",
"database": "reactiveresume"
}'
WHODB_POSTGRES_13: '{
"host": "sonarqube-pg-db",
"user": "sonar",
"password": "${SONARQUBE_POSTGRES_PASSWORD}",
"database": "sonar"
}'
WHODB_POSTGRES_14: '{
"host": "tandoor-pg",
"user": "tandoor",
"password": "${TANDOOR_POSTGRES_PASSWORD}",
"database": "tandoor"
}'
WHODB_POSTGRES_15: '{
"host": "asciinema-pg-db",
"user": "asciinema",
"password": "${ASCIINEMA_PG_DB_PASSWORD}",
"database": "asciinema"
}'
WHODB_REDIS_1: '{
"host": "castopod-valkey"
}'
WHODB_REDIS_2: '{
"host": "dawarich-valkey"
}'
WHODB_REDIS_3: '{
"host": "immich-valkey"
}'
WHODB_REDIS_4: '{
"host": "librechat-valkey"
}'
WHODB_REDIS_5: '{
"host": "manyfold-valkey"
}'
WHODB_REDIS_6: '{
"host": "mastodon-valkey"
}'
WHODB_REDIS_7: '{
"host": "maxun-valkey"
}'
WHODB_REDIS_8: '{
"host": "mixpost-valkey"
}'
WHODB_REDIS_9: '{
"host": "paperless-valkey"
}'
WHODB_REDIS_10: '{
"host": "plant-it-valkey"
}'
WHODB_SQLITE3_1: '{"database":"kuma.db"}'
WHODB_OLLAMA_HOST: 192.168.1.249
WHODB_OLLAMA_PORT: 11434
WHODB_ANTHROPIC_API_KEY: ${LIBRECHAT_ANTHROPIC_API_KEY}
WHODB_OPENAI_API_KEY: ${LIBRECHAT_OPENAI_API_KEY}
expose:
- 8080
labels:
homepage.group: System Administration
homepage.name: WhoDB
homepage.href: https://dbs.${MY_TLD}
homepage.icon: whodb.png
homepage.description: Lightweight next-gen database explorer
swag: enable
swag_auth: authelia
swag_port: 8080
swag_proto: http
swag_url: dbs.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: WhoDB
swag.uptime-kuma.monitor.url: https://dbs.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/uptimekuma/:/db
wizarr:
container_name: wizarr
depends_on:
authelia:
condition: service_started
required: true
environment:
PUID: ${PUID}
PGID: ${PGID}
DISABLE_BUILTIN_AUTH: true
TZ: ${TZ}
image: ghcr.io/wizarrrr/wizarr@sha256:83fc0b50985d196226b7c28a27062a1c4e63124a5d6d2448710aee222637b79e
labels:
homepage.group: Servarr Stack
homepage.name: Wizarr
homepage.href: https://wizarr.${MY_TLD}
homepage.icon: wizarr.svg
homepage.description: User invitation management system for Jellyfin, Plex, and Emby
swag: enable
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Wizarr
swag.uptime-kuma.monitor.url: https://wizarr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 5690:5690
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/wizarr/database:/data/database
- ${DOCKER_VOLUME_CONFIG}/wizarr/wizard:/data/wizard_steps
youtubedl:
container_name: youtubedl
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: America/New_York
YDL_CONFIG_PATH: /youtube-dl/config.yml
YDL_DEBUG: "false"
hostname: Rinoa
image: nbr23/youtube-dl-server:latest@sha256:1f0ed0ae120ba836a235dd6db240bb1960ecf4621f0419c90341539c8ab91501
labels:
homepage.group: Downloaders
homepage.name: YoutubeDL
homepage.icon: youtube-dl.svg
homepage.href: https://ytdl.${MY_TLD}
homepage.description: YouTube Downloader
swag: enable
swag_proto: http
swag_url: ytdl.${MY_TLD}
swag_port: 8080
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: YoutubeDL
swag.uptime-kuma.monitor.url: https://ytdl.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8089:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/youtubedl
target: /youtube-dl
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
volumes:
asciinema-data:
name: asciinema-data
asciinema-pg-data:
name: asciinema-pg-data
audiomuse-ai-pg-data:
name: audiomuse-ai-pg-data
audiomuse-temp-audio-flask:
name: audiomuse-temp-audio-flask
audiomuse-ai-valkey-data:
name: audiomuse-ai-valkey-data
audiomuse-temp-audio-worker:
name: audiomuse-temp-audio-worker
authelia-pg-db:
name: authelia-pg-db
authelia-valkey-data:
name: authelia-valkey-data
castopod-media:
name: castopod-media
castopod-valkey-data:
name: castopod-valkey-data
changedetection-data:
name: changedetection-data
crowdsec-config:
name: crowdsec-config
crowdsec-db:
name: crowdsec-db
dagu-data:
name: dagu-data
dawarich_db_data:
name: dawarich_db_data
dawarich_shared:
name: dawarich_shared
dawarich_public:
name: dawarich_public
dawarich-valkey-data:
name: dawarich-valkey-data
dawarich_watched:
name: dawarich_watched
dockflare_data:
name: dockflare_data
fastenhealth-cache:
name: fastenhealth-cache
fastenhealth-db:
name: fastenhealth-db
gitea-pg-db:
name: gitea-pg-db
immich-model-cache:
name: immich-model-cache
immich-valkey-data:
name: immich-valkey-data
influxdb2-data:
name: influxdb2-data
influxdb2-config:
name: influxdb2-config
invidious-companion-cache:
name: invidious-companion-cache
invidious-postgres:
name: invidious-postgres
jitsi-web-admin-theme:
name: jitsi-web-admin-theme
jitsi-web-admin-upload:
name: jitsi-web-admin-upload
joplin_data:
name: joplin_data
karakeep-data:
name: karakeep-data
linkstack_data:
name: linkstack_data
libretranslate_api_keys:
name: libretranslate_api_keys
libretranslate_models:
name: libretranslate_models
lldap_data:
name: lldap_data
manyfold-pg-db:
name: manyfold-pg-db
manyfold-valkey-data:
name: manyfold-valkey-data
mastodon-pg-db:
name: mastodon-pg-db
mastodon-valkey-data:
name: mastodon-valkey-data
maxun-pg-data:
name: maxun-pg-data
maxun-valkey-data:
name: maxun-valkey-data
mixpost-storage:
name: mixpost-storage
mixpost-logs:
name: mixpost-logs
mixpost-valkey-data:
name: mixpost-valkey-data
mgob-data:
name: mgob-data
mgob-tmp:
name: mgob-tmp
mongodb_config:
name: mongodb_config
mongodb_data:
name: mongodb_data
n8n-data:
name: n8n-data
nextcloud_aio_mastercontainer:
name: nextcloud_aio_mastercontainer
nocodb_data:
name: nocodb_data
nocodb_pg_data:
name: nocodb_pg_data
nocodb_valkey_data:
name: nocodb_valkey_data
open-webui-data:
name: open-webui-data
open-webui-valkey-data:
name: open-webui-valkey-data
paperless-ngx-data:
name: paperless-ngx-data
paperless-ngx-media:
name: paperless-ngx-media
paperless-ngx-pg:
name: paperless-ngx-pg
paperless-valkey-data:
name: paperless-valkey-data
pgbackweb-data:
name: pgbackweb-data
planka-favicons:
name: planka-favicons
planka-user-avatars:
name: planka-user-avatars
planka-background-images:
name: planka-background-images
planka-attachments:
name: planka-attachments
planka-db-data:
name: planka-db-data
plant-it-valkey-data:
name: plant-it-valkey-data
portainer-data:
name: portainer-data
protonmail-data:
name: protonmail-data
reactive-resume-pg:
name: reactive-resume-pg
romm_resources:
name: romm_resources
romm-valkey-data:
name: romm-valkey-data
searxng-valkey-data:
name: searxng-valkey-data
semaphore_config:
name: semaphore_config
semaphore_data:
name: semaphore_data
semaphore_tmp:
name: semaphore_tmp
signoz-clickhouse:
name: signoz-clickhouse
signoz-sqlite:
name: signoz-sqlite
signoz-zookeeper-1:
name: signoz-zookeeper-1
sonarqube-data:
name: sonarqube-data
sonarqube-db:
name: sonarqube-db
sonarqube-db-data:
name: sonarqube-db-data
sonarqube-extensions:
name: sonarqube-extensions
sonarqube-logs:
name: sonarqube-logs
sonarqube-temp:
name: sonarqube-temp
tandoor-pg:
name: tandoor-pg
unmanic-cache:
name: unmanic-cache
wallos-db:
name: wallos-db
wallos-logos:
name: wallos-logos
Reference in New Issue View Git Blame Copy Permalink