Trez/rinoa-docker
4
0
Fork 0
Code Issues 1 Pull Requests 9 Actions Activity
Files
e09689bbbbdff48f8af08aac009ecff76f545288
rinoa-docker/docker-compose.yml
T

6998 lines
236 KiB
YAML
Raw Blame History

name: compose
networks:
default:
name: compose_default
nextcloud-aio:
external: true
x-jitsi-admin: &jitsi_admin_app
image: h2invent/jitsi-admin-main:latest@sha256:dcebcc7eab4b95f97751a3ced9d11cd3b65b41297652bac40aea405e8efe4694
#build: .
environment:
APACHE_DOCUMENT_ROOT: "public/"
PHP_EXTENSION_XDEBUG: "1"
PHP_INI_MEMORY_LIMIT: "1G"
PHP_EXTENSION_LDAP: 1
PHP_EXTENSION_INTL: 1
x-maxun: &maxun-env
environment:
NODE_ENV: production
JWT_SECRET: ${MAXUN_JWT_SECRET}
DB_NAME: maxun
DB_USER: maxun
DB_PASSWORD: ${MAXUN_DB_PASSWORD}
DB_HOST: maxun-pg-db
DB_PORT: 5432
ENCRYPTION_KEY: ${MAXUN_ENCRYPTION_KEY}
SESSION_SECRET: ${MAXUN_SESSION_SECRET}
MINIO_ENDPOINT: minio
MINIO_PORT: 9000
MINIO_CONSOLE_PORT: 9001
MINIO_ACCESS_KEY: ${MAXUN_MINIO_ACCESS_KEY}
MINIO_SECRET_KEY: ${MAXUN_MINIO_SECRET_KEY}
REDIS_HOST: maxun-valkey
REDIS_PORT: 6379
BACKEND_PORT: 8080
FRONTEND_PORT: 5173
BACKEND_URL: https://scrape.${MY_TLD}
PUBLIC_URL: https://scrape.${MY_TLD}
VITE_BACKEND_URL: https://scrape.${MY_TLD}
VITE_PUBLIC_URL: https://scrape.${MY_TLD}
MAXUN_TELEMETRY: true
PLAYWRIGHT_BROWSERS_PATH: /ms-playwright
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 0
CHROMIUM_FLAGS: "--disable-gpu --no-sandbox --headless=new"
#DEBUG: pw:api
#PWDEBUG: 1
x-signoz-common: &signoz-common
profiles: ["rinoa-apps"]
restart: unless-stopped
x-signoz-clickhouse-defaults: &signoz-clickhouse-defaults
<<: *signoz-common
# adding non LTS version due to this fix https://github.com/ClickHouse/ClickHouse/commit/32caf8716352f45c1b617274c7508c86b7d1afab
image: clickhouse/clickhouse-server:25.5.6-alpine
tty: true
labels:
signoz.io/scrape: "true"
signoz.io/port: "9363"
signoz.io/path: "/metrics"
depends_on:
signoz-init-clickhouse:
condition: service_completed_successfully
signoz-zookeeper-1:
condition: service_healthy
healthcheck:
test:
- CMD
- wget
- --spider
- -q
- 0.0.0.0:8123/ping
interval: 30s
timeout: 5s
retries: 3
ulimits:
nproc: 65535
nofile:
soft: 262144
hard: 262144
environment:
- CLICKHOUSE_SKIP_USER_SETUP=1
x-signoz-zookeeper-defaults: &signoz-zookeeper-defaults
<<: *signoz-common
image: signoz/zookeeper:3.7.1@sha256:fcc4a3288154ccaa3bdb5ae6dc10180c084d29a8a6a26b62ac8e30a8940dc2e6
user: root
labels:
signoz.io/scrape: "true"
signoz.io/port: "9141"
signoz.io/path: "/metrics"
healthcheck:
test:
- CMD-SHELL
- curl -s -m 2 http://localhost:8080/commands/ruok | grep error | grep null
interval: 30s
timeout: 5s
retries: 3
x-signoz-db-depend: &signoz-db-depend
<<: *signoz-common
depends_on:
signoz-clickhouse:
condition: service_healthy
signoz-schema-migrator-sync:
condition: service_completed_successfully
x-valkey-params: &valkey-params
healthcheck:
test: redis-cli ping || exit 1
image: docker.io/valkey/valkey:9-alpine@sha256:b4ee67d73e00393e712accc72cfd7003b87d0fcd63f0eba798b23251bfc9c394
environment:
ALLOW_EMPTY_PASSWORD: yes
VALKEY_DATA_DIR: /data/valkey
VALKEY_DATABASE: 0
expose:
- 6379
profiles: ["rinoa-apps"]
restart: unless-stopped
services:
13ft:
container_name: 13ft
image: ghcr.io/wasi-master/13ft:latest@sha256:563ce7794a7173250c25c9162495bf2f510dd714067d74363c9ab2bd0e5a994f
labels:
swag: enable
swag_port: 5000
swag_proto: http
swag_url: 13ft.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: 13ft Ladder
swag.uptime-kuma.monitor.url: https://13ft.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Personal Tools
homepage.name: 13ft Ladder
homepage.icon: 13ft.svg
homepage.href: https://13ft.${MY_TLD}
homepage.description: Web interface for blocking ads and paywalls
ports:
- 10633:5000
profiles: ["rinoa-apps"]
restart: unless-stopped
actual_server:
container_name: actualbudget
environment:
ACTUAL_LOGIN_METHOD: "password"
ACTUAL_PORT: 5006
# - ACTUAL_UPLOAD_FILE_SYNC_SIZE_LIMIT_MB=20
# - ACTUAL_UPLOAD_SYNC_ENCRYPTED_FILE_SYNC_SIZE_LIMIT_MB=50
# - ACTUAL_UPLOAD_FILE_SIZE_LIMIT_MB=20
# See all options and more details at https://actualbudget.github.io/docs/Installing/Configuration
# !! If you are not using any of these options, remove the 'environment:' tag entirely.
image: docker.io/actualbudget/actual-server:latest@sha256:8f72d73e68958566850325c1f9fe780a4477340979969bd6979649dc519723ab
labels:
swag: enable
swag_port: 5006
swag_proto: http
swag_url: fin.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Actual Budget
swag.uptime-kuma.monitor.url: https://13ft.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Lifestyle
homepage.name: Actual Budget
homepage.icon: actual-budget.svg
homepage.href: https://fin.${MY_TLD}
homepage.description: Privacy-focused app for managing finances
ports:
- 5006:5006
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/actual-budget:/data
adguard:
cap_add:
- NET_BIND_SERVICE
- NET_RAW
container_name: adguard
environment:
TZ: ${TZ}
image: adguard/adguardhome:v0.107.69@sha256:8a4107ec812023842ccab9e04600c5d39d3be6b15e907c34a36339c184c8fccf
labels:
swag: enable
swag_proto: http
swag_port: 8008
swag_address: 192.168.1.254
swag_url: adgh.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: AdGuard Home
swag.uptime-kuma.monitor.url: https://adgh.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: System Administration
homepage.name: AdGuard Home
homepage.icon: adguard-home.png
homepage.href: https://adgh.${MY_TLD}
homepage.description: Ad-blocking/DNS
homepage.widget.type: adguard
homepage.widget.url: http://192.168.1.254:8008
homepage.widget.username: admin
homepage.widget.password: ${ADGUARD_PASSWORD}
network_mode: host
privileged: true
# ports:
# - "192.168.1.254:53:53/udp"
# - "192.168.1.254:53:53/tcp"
# - 3001:3000
# - "192.168.1.254:446:443/tcp"
# - 8008:80
# - "192.168.1.254:853:853/tcp"
# - 67:67
# - 688:68
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/adguard/work:/opt/adguardhome/work
- ${DOCKER_VOLUME_CONFIG}/adguard/conf:/opt/adguardhome/conf
- ${DOCKER_VOLUME_CONFIG}/swag/etc/letsencrypt/:/opt/adguardhome/certs
apcupsd-cgi:
container_name: apcupsd-cgi
environment:
UPSHOSTS: 192.168.1.254
UPSNAMES: Rinoa
TZ: ${TZ}
DASHBOARD_PROVISION: false
image: bnhf/apcupsd-cgi:latest@sha256:e8733930739719aca608fd97aecfb0aa5f53aaf7681bf4bbccd49dbf67132bf8
labels:
swag: enable
swag_proto: http
swag_auth: authelia
swag_url: apc.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: APC UPS Web
swag.uptime-kuma.monitor.url: https://apc.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: APC UPS Web
homepage.icon: apc.svg
homepage.href: https://apc.${MY_TLD}
homepage.description: Web interface for apcupsd
homepage.widget.type: apcups
homepage.widget.url: tcp://192.168.1.254:3551
ports:
- 3552:80
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/apcupsd:/etc/apcupsd
apprise-api:
container_name: apprise-api
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
APPRISE_ATTACH_DIR: /attach
APPRISE_ATTACH_SIZE: 500
APPRISE_CONFIG_DIR: /config
APPRISE_STATEFUL_MODE: simple
image: lscr.io/linuxserver/apprise-api:latest@sha256:21295ffabb1e93ac751662160aaa514c6d7f6acc8dfcbe956c9fb32384d51be6
labels:
cloudflare.tunnel.enable: true
cloudflare.tunnel.hostname: apprise.${MY_TLD}
cloudflare.tunnel.service: http://apprise:8000
cloudflare.tunnel.zonename: ${MY_TLD}
cloudflare.tunnel.no_tls_verify: true
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: Apprise
homepage.icon: apprise.png
homepage.href: http://192.168.1.254:54995
homepage.description: Multi-channel notification API
homepage.widget.type: customapi
homepage.widget.headers: "Accept: application/json"
homepage.widget.url: http://apprise-api:8000/status
homepage.widget.method: GET
homepage.widget.mappings[0].label: Status
homepage.widget.mappings[0].field: status.details
# homepage.widget[1].type: customapi
# homepage.widget[1].headers: 'Accept: application/json'
# homepage.widget[1].url: http://apprise-api:8111/json/urls/apprise?privacy=1
# homepage.widget[1].method: GET
# homepage.widget[1].mappings[0].label: URLS
# homepage.widget[1].mappings[0].field: urls
# homepage.widget[1].mappings[0].format: size
ports:
- 54995:8000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/apprise/conf:/config
- ${DOCKER_VOLUME_CONFIG}/apprise/attachments:/attach #optional
archivebox:
container_name: archivebox
environment:
ADMIN_USERNAME: admin # creates an admin user on first run with the given user/pass combo
ADMIN_PASSWORD: ${ARCHIVEBOX_ADMIN_PASSWORD}
ALLOWED_HOSTS: "*" # set this to the hostname(s) you're going to serve the site from!
CSRF_TRUSTED_ORIGINS: http://localhost:8000 # you MUST set this to the server's URL for admin login and the REST API to work
PUBLIC_INDEX: false # set to False to prevent anonymous users from viewing snapshot list
PUBLIC_SNAPSHOTS: false # set to False to prevent anonymous users from viewing snapshot content
PUBLIC_ADD_VIEW: false # set to True to allow anonymous users to submit new URLs to archive
SEARCH_BACKEND_ENGINE: ripgrep # tells ArchiveBox to use sonic container below for fast full-text search
image: archivebox/archivebox:latest@sha256:fdf2936192aa1e909b0c3f286f60174efa24078555be4b6b90a07f2cef1d4909
labels:
homepage.group: Personal Tools
homepage.name: ArchiveBox
homepage.href: https://archive.${MY_TLD}
homepage.icon: archivebox.png
homepage.description: Open-source and self-hosted web archiving
swag: enable
swag_port: 8000
swag_proto: http
swag_url: archive.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: ArchiveBox
swag.uptime-kuma.monitor.url: https://archive.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 21324:8000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/archivebox:/data
# ./data/personas/Default/chrome_profile/Default:/data/personas/Default/chrome_profile/Default
asciinema:
container_name: asciinema
depends_on:
asciinema-pg-db:
condition: service_healthy
required: true
environment:
DATABASE_URL: postgresql://asciinema:${ASCIINEMA_PG_DB_PASSWORD}@asciinema-pg-db:5432/asciinema
DEFAULT_AVATAR: gravatar
MAIL_FROM_ADDRESS: noreply@${MY_TLD}
SECRET_KEY_BASE: ${ASCIINEMA_SECRET_KEY_BASE}
SIGN_UP_DISABLED: true
SMTP_HOST: postal-smtp
SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER}
SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
SMTP_PORT: 25
UPLOAD_AUTH_REQUIRED: true
URL_HOST: asciinema.trez.wtf
URL_PORT: 4000
URL_SCHEME: https
image: ghcr.io/asciinema/asciinema-server:latest@sha256:fad89accd5cedb366cd9213ed90e02c4f3c069458771122a9065bc7ffb2e93e1
labels:
homepage.group: Code/DevOps
homepage.name: Asciinema
homepage.href: https://asciinema.${MY_TLD}
homepage.icon: asciinema.svg
homepage.description: Platform for hosting and sharing terminal session recordings
swag: enable
swag_port: 4000
swag_proto: http
swag_url: asciinema.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Asciinema
swag.uptime-kuma.monitor.url: https://asciinema.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 4000:4000
- 4002:4002
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- asciinema-data:/var/opt/asciinema
asciinema-pg-db:
container_name: asciinema-pg-db
environment:
POSTGRES_PASSWORD: ${ASCIINEMA_PG_DB_PASSWORD}
POSTGRES_USER: asciinema
POSTGRES_DB: asciinema
expose:
- 5432
healthcheck:
test: ["CMD-SHELL", "pg_isready -U asciinema"]
interval: 2s
timeout: 5s
retries: 10
image: postgres:14-alpine@sha256:cb54bb67c0fca8b439f18c1daadb315ad67de1faf8c387988c63080d15a54145
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- asciinema-pg-data:/var/lib/postgresql/data
audiobookshelf:
container_name: audiobookshelf
environment:
CONFIG_PATH: /config
HOME: /config/.home
LOG_LEVEL: info
METADATA_PATH: /metadata
TZ: America/New_York
hostname: Rinoa
image: ghcr.io/advplyr/audiobookshelf:latest@sha256:6fbd7dc95d53c6e168ce69e760b87c334e3b9ba88bf7b8531ed5a116d5d6da03
labels:
homepage.group: Media Library
homepage.name: Audiobookshelf
homepage.href: https://abs.${MY_TLD}
homepage.icon: audiobookshelf.png
homepage.description: Podcasts, eBooks, & Audiobooks
homepage.widget.type: audiobookshelf
homepage.widget.url: http://audiobookshelf:80
homepage.widget.key: ${AUDIOBOOKSHELF_ROOT_API_KEY}
swag: enable
swag_address: audiobookshelf
swag_proto: http
swag_url: abs.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Audiobookshelf
swag.uptime-kuma.monitor.url: https://abs.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 13378:80
profiles: ["rinoa-apps"]
restart: unless-stopped
user: 1000:1000
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/audiobookshelf
target: /config
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/audiobookshelf/.metadata
target: /metadata
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
audiomuse-ai-flask:
container_name: audiomuse-ai-flask
depends_on:
audiomuse-ai-valkey:
required: true
condition: service_healthy
audiomuse-ai-pg:
required: true
condition: service_healthy
environment:
AI_MODEL_PROVIDER: OLLAMA
OLLAMA_SERVER_URL: http://ollama:11434/api/generate
SERVICE_TYPE: "flask"
MEDIASERVER_TYPE: "navidrome"
NAVIDROME_URL: http://navidrome:4533/
NAVIDROME_USER: ${NAVIDROME_USERNAME}
NAVIDROME_PASSWORD: ${NAVIDROME_PASSWORD}
POSTGRES_USER: audiomuse
POSTGRES_PASSWORD: ${AUDIOMUSE_AI_PG_PASSWORD}
POSTGRES_DB: audiomusedb
POSTGRES_HOST: audiomuse-ai-pg
POSTGRES_PORT: 5432
REDIS_URL: redis://audiomuse-ai-valkey:6379/0
TEMP_DIR: /app/temp_audio"
image: ghcr.io/neptunehub/audiomuse-ai:0.7.9-beta@sha256:2a4bfc79f0ebd4f11881a4817276dbf4ef5981fa1b3cd6adbbfc6a3ea54b25a4
labels:
homepage.group: Media Library
homepage.name: AudioMuse-AI
homepage.href: https://muse.${MY_TLD}
homepage.description: Platform for hosting and sharing terminal session recordings
homepage.icon: /icons/audiomuseai.png
swag: enable
swag_auth: authelia
swag_port: 8000
swag_proto: http
swag_url: muse.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: AudioMuse-AI
swag.uptime-kuma.monitor.url: https://muse.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 36025:8000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- audiomuse-temp-audio-flask:/app/temp_audio
audiomuse-ai-pg:
container_name: audiomuse-ai-pg
environment:
POSTGRES_USER: audiomuse
POSTGRES_PASSWORD: ${AUDIOMUSE_AI_PG_PASSWORD}
POSTGRES_DB: audiomusedb
expose:
- 5432
healthcheck:
test: ["CMD-SHELL", "pg_isready -U audiomuse -d audiomusedb"]
interval: 10s
retries: 5
start_period: 30s
timeout: 10s
image: postgres:15-alpine@sha256:64583b3cb4f2010277bdd9749456de78e5c36f8956466ba14b0b96922e510950
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- audiomuse-ai-pg-data:/var/lib/postgresql/data
audiomuse-ai-valkey:
container_name: audiomuse-ai-valkey
<<: *valkey-params
volumes:
- audiomuse-ai-valkey-data:/data/valkey
audiomuse-ai-worker:
container_name: audiomuse-ai-worker
depends_on:
audiomuse-ai-valkey:
required: true
condition: service_healthy
audiomuse-ai-pg:
required: true
condition: service_healthy
environment:
AI_MODEL_PROVIDER: OLLAMA
OLLAMA_SERVER_URL: http://ollama:11434/api/generate
SERVICE_TYPE: "worker"
MEDIASERVER_TYPE: "navidrome"
NAVIDROME_URL: http://navidrome:4533/
NAVIDROME_USER: ${NAVIDROME_USERNAME}
NAVIDROME_PASSWORD: ${NAVIDROME_PASSWORD}
POSTGRES_USER: audiomuse
POSTGRES_PASSWORD: ${AUDIOMUSE_AI_PG_PASSWORD}
POSTGRES_DB: audiomusedb
POSTGRES_HOST: audiomuse-ai-pg
POSTGRES_PORT: 5432
REDIS_URL: "redis://audiomuse-ai-valkey:6379/0"
TEMP_DIR: "/app/temp_audio"
image: ghcr.io/neptunehub/audiomuse-ai:0.7.9-beta@sha256:2a4bfc79f0ebd4f11881a4817276dbf4ef5981fa1b3cd6adbbfc6a3ea54b25a4
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- audiomuse-temp-audio-worker:/app/temp_audio
authelia:
container_name: authelia
depends_on:
authelia-pg:
condition: service_started
required: true
lldap:
condition: service_started
required: true
environment:
AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD: ${AUTHELIA_AUTH_BIND_LDAP_PASSWORD}
AUTHELIA_JWT_SECRET: ${AUTHELIA_JWT_SECRET}
AUTHELIA_NOTIFIER_SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
AUTHELIA_NOTIFIER_SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER}
AUTHELIA_SESSION_SECRET: ${AUTHELIA_SESSION_SECRET}
AUTHELIA_STORAGE_ENCRYPTION_KEY: ${AUTHELIA_STORAGE_ENCRYPTION_KEY}
AUTHELIA_STORAGE_POSTGRES_PASSWORD: ${AUTHELIA_STORAGE_POSTGRES_PASSWORD}
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
X_AUTHELIA_CONFIG_FILTERS: template
expose:
- 9091
- 9959 # Metrics port for Prometheus
image: authelia/authelia:master@sha256:b66c837b2d1115e1c49495a55b562c8701da5160d56f73272e22a8f8cd6d66e3
labels:
homepage.group: Privacy/Security
homepage.name: Authelia
homepage.href: https://auth.${MY_TLD}
homepage.icon: authelia.svg
homepage.description: Authentication/authorization server with MFA & SSO
swag: enable
swag_proto: http
swag_port: 9091
swag_url: auth.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Authelia
swag.uptime-kuma.monitor.url: https://auth.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/authelia/
target: /config
type: bind
bind:
create_host_path: true
authelia-pg:
container_name: authelia-pg
environment:
POSTGRES_PASSWORD: ${AUTHELIA_STORAGE_POSTGRES_PASSWORD}
POSTGRES_USER: authelia
POSTGRES_DB: authelia
expose:
- 5432
image: postgres:16-alpine@sha256:029660641a0cfc575b14f336ba448fb8a75fd595d42e1fa316b9fb4378742297
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: authelia-pg-db
target: /var/lib/postgresql/data
type: volume
bind:
create_host_path: true
authelia-valkey:
container_name: authelia-valkey
<<: *valkey-params
volumes:
- authelia-valkey-data:/data/valkey
backrest:
container_name: backrest
hostname: backrest
image: garethgeorge/backrest:latest@sha256:1308397161321b3c5aeca8acc6bf26eccb990df385f2532d3ce0eaa8b483dedf
environment:
BACKREST_DATA: /data # path for backrest data. restic binary and the database are placed here.
BACKREST_CONFIG: /config/config.json # path for the backrest config file.
XDG_CACHE_HOME: /cache # path for the restic cache which greatly improves performance.
TZ: ${TZ} # set the timezone for the container, used as the timezone for cron jobs.
labels:
swag: enable
swag_port: 9898
swag_proto: http
swag_url: backrest.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Backrest
swag.uptime-kuma.monitor.url: https://backrest.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Automation
homepage.name: Backrest
homepage.href: https://backrest.${MY_TLD}
homepage.icon: backrest.svg
homepage.description: Data backup
ports:
- 9898:9898
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/backrest/data:/data
- ${DOCKER_VOLUME_CONFIG}/backrest/config:/config
- ${DOCKER_VOLUME_CONFIG}/backrest/cache:/cache
bazarr:
container_name: bazarr
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
DOCKER_MODS: ghcr.io/gilbn/theme.park:bazarr
hostname: Rinoa
image: lscr.io/linuxserver/bazarr:latest@sha256:a42fef2a5ffa1dca8714e12892ba0b8de5c6c513f1bcdb1ffe4143e715cffb45
labels:
homepage.group: Servarr Stack
homepage.name: Bazarr
homepage.href: https://bazarr.${MY_TLD}
homepage.icon: bazarr.png
homepage.description: Subtitle automation for TV shows/movies
homepage.widget.type: bazarr
homepage.widget.url: http://bazarr:6767
homepage.widget.key: ${BAZARR_API_KEY}
swag: enable
swag_proto: http
swag_port: 6767
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Bazarr
swag.uptime-kuma.monitor.url: https://bazaar.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 6767:6767
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/bazarr
target: /config
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
beszel:
container_name: beszel
extra_hosts:
- host.docker.internal:host-gateway
image: henrygd/beszel:latest@sha256:37858df37c29cc532d9af103b90a4f2645bc7555f6a291ed3f15c9096a00731e
labels:
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: Beszel
homepage.href: https://beszel.${MY_TLD}
homepage.icon: beszel.svg
homepage.description: Lightweight server monitoring hub
homepage.widget.type: beszel
homepage.widget.url: http://beszel:8090
homepage.widget.username: ${SWAG_ENVIRONMENT_EMAIL}
homepage.widget.password: ${BESZEL_ADMIN_PASSWORD}
homepage.widget.version: 2
swag: enable
swag_proto: http
swag_port: 8090
swag_url: beszel.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Beszel
swag.uptime-kuma.monitor.url: https://beszel.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 22220:8090
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/beszel:/beszel_data
beszel-agent:
container_name: beszel-agent
depends_on:
- beszel
environment:
PORT: 45876
# Do not remove quotes around the key
KEY: "${BESZEL_RINOA_AGENT_KEY}"
expose:
- 45876
image: henrygd/beszel-agent:latest@sha256:bc6c4068ce99d20e66ea28830d853339145552704497496d1d0cfd6999413070
network_mode: host
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /rinoa-storage:/extra-filesystems/rinoa-storage:ro
- /dev/nvme0n1:/extra-filesystems/nvme0n1:ro
bitwarden:
container_name: bitwarden
environment:
ADMIN_TOKEN: ${BITWARDEN_ENVIRONMENT_ADMIN_TOKEN}
DATABASE_URL: data/db.sqlite3
DISABLE_ADMIN_TOKEN: "false"
DOMAIN: https://bitwarden.${MY_TLD}
ENABLE_DB_WAL: "true"
INVITATIONS_ALLOWED: "false"
SHOW_PASSWORD_HINT: "false"
SIGNUPS_ALLOWED: "true"
SIGNUPS_VERIFY: "true"
TZ: America/New_York
WEBSOCKET_ENABLED: "true"
hostname: Rinoa
image: vaultwarden/server:latest@sha256:84fd8a47f58d79a1ad824c27be0a9492750c0fa5216b35c749863093bfa3c3d7
labels:
homepage.group: Privacy/Security
homepage.name: Vaultwarden
homepage.icon: vaultwarden.svg
homepage.href: https://bitwarden.${MY_TLD}
homepage.description: Credential/Information Vault
swag: enable
swag_url: bitwarden.${MY_TLD}
swag_proto: http
swag_port: 80
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Vaultwarden
swag.uptime-kuma.monitor.url: https://bitwarden.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 3012:3012
- 8013:80
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/bitwarden
target: /data
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
bluesky-pds:
container_name: bluesky-pds
environment:
PDS_ADMIN_EMAIL: charish.patel@${MY_TLD}
PDS_HOSTNAME: bsky.${MY_TLD}
PDS_JWT_SECRET: ${BLUESKY_PDS_JWT_SECRET}
PDS_ADMIN_PASSWORD: ${BLUESKY_PDS_ADMIN_PASSWORD}
PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: ${BLUESKY_PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX}
PDS_DATA_DIRECTORY: /pds
PDS_EMAIL_SMTP_URL: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25
PDS_EMAIL_FROM_ADDRESS: noreply@${MY_TLD}
PDS_BLOBSTORE_DISK_LOCATION: /pds/blocks
PDS_BLOB_UPLOAD_LIMIT: 52428800
PDS_DID_PLC_URL: ${PDS_DID_PLC_URL}
PDS_BSKY_APP_VIEW_URL: ${PDS_BSKY_APP_VIEW_URL}
PDS_BSKY_APP_VIEW_DID: ${PDS_BSKY_APP_VIEW_DID}
PDS_REPORT_SERVICE_URL: ${PDS_REPORT_SERVICE_URL}
PDS_REPORT_SERVICE_DID: ${PDS_REPORT_SERVICE_DID}
PDS_CRAWLERS: ${PDS_CRAWLERS}
LOG_ENABLED: true
expose:
- 3000
image: code.modernleft.org/gravityfargo/bluesky-pds:v0.4.158@sha256:44810dc5cf9c78135d20dfd60e0999e2db0dfc5fd56dc7e45e8844d1b57c54bd
labels:
swag: enable
swag_port: 3000
swag_url: bsky.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: BlueSky PDS
swag.uptime-kuma.monitor.url: https://bsky.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- type: bind
source: ${DOCKER_VOLUME_CONFIG}/bluesky-pds
target: /pds
browserless:
container_name: browserless
environment:
ALLOW_FILE_PROTOCOL: true
CONCURRENT: 20
HEALTH: false
PROXY_HOST: browserless
PROXY_PORT: 3000
PROXY_SSL: false
QUEUED: 20
TIMEOUT: 300000
TOKEN: ${CHROMIUM_TOKEN}
TZ: ${TZ}
expose:
- 3000
extra_hosts:
- "host.docker.internal:host-gateway"
image: ghcr.io/browserless/chromium:latest@sha256:3c467f68e3b588b89faa6d27556a798121defc46509100386cd100248599fd3f
labels:
swag: enable
swag_proto: http
swag_port: 3000
swag_url: browse.${MY_TLD}
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
bytestash:
container_name: bytestash
environment:
BASE_PATH:
JWT_SECRET: ${BYTESTASH_JWT_SECRET}
TOKEN_EXPIRY: 24h
ALLOW_NEW_ACCOUNTS: true
DEBUG: true
DISABLE_ACCOUNTS: false
DISABLE_INTERNAL_ACCOUNTS: false
image: ghcr.io/jordan-dalby/bytestash:latest@sha256:9c17b5510ca45c976fe23b0d4705ad416aa58d4bf756a70e03ef1f08cf7801fd
labels:
homepage.description: Code Gists/Snippets
homepage.group: Code/DevOps
homepage.href: https://gist.${MY_TLD}
homepage.icon: bytestash.svg
homepage.name: ByteStash
swag: enable
swag_port: 5000
swag_proto: http
swag_url: gist.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: ByteStash
swag.uptime-kuma.monitor.url: https://gist.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 62139:5000
profiles: ["rinoa-apps"]
restart: always
volumes:
- ${DOCKER_VOLUME_CONFIG}/bytestash:/data/snippets
changedetection:
container_name: changedetection
depends_on:
changedetection-chrome:
condition: service_started
environment:
PORT: 5000
LOGGER_LEVEL: TRACE
PLAYWRIGHT_DRIVER_URL: ws://browser-sockpuppet-chrome:3000
BASE_URL: https://chdt.${MY_TLD}
USE_X_SETTINGS: 1
HIDE_REFERER: true
ALLOW_FILE_URI: False
TZ: ${TZ}
LC_ALL: en_US.UTF-8
LISTEN_HOST: 0.0.0.0
image: ghcr.io/dgtlmoon/changedetection.io@sha256:a3684335bc4806b305b40271abc787687e716fbf68bfdb8e7e069ee19c599670
labels:
homepage.description: Page change monitoring with alerts
homepage.group: System Administration
homepage.href: https://chdt.${MY_TLD}
homepage.icon: changedetection.svg
homepage.name: ChangeDetection
homepage.widget.type: changedetectionio
homepage.widget.url: http://changedetection:5000
homepage.widget.key: ${CHANGEDETECTION_HOMEPAGE_API_KEY}
swag: enable
swag_port: 5000
swag_proto: http
swag_url: chdt.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: ChangeDetection
swag.uptime-kuma.monitor.url: https://chdt.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 15827:5000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- changedetection-data:/datastore
changedetection-chrome:
cap_add:
- SYS_ADMIN
container_name: changedetection-chrome
image: dgtlmoon/sockpuppetbrowser:latest@sha256:9f2df6791a4cd9b2c3138cb62b5a8de7f27953cab84729fe09d28cbd341a8973
environment:
SCREEN_WIDTH: 1920
SCREEN_HEIGHT: 1024
SCREEN_DEPTH: 16
MAX_CONCURRENT_CHROME_PROCESSES: 10
profiles: ["rinoa-apps"]
restart: unless-stopped
chrome:
container_name: chrome
command:
- --no-sandbox
- --disable-gpu
- --disable-dev-shm-usage
- --remote-debugging-address=0.0.0.0
- --remote-debugging-port=9222
- --hide-scrollbars
image: gcr.io/zenika-hub/alpine-chrome:123@sha256:e38563d4475a3d791e986500a2e4125c9afd13798067138881cf770b1f6f3980
profiles: ["rinoa-apps"]
restart: unless-stopped
clipcascade:
container_name: clipcascade
environment:
CC_MAX_MESSAGE_SIZE_IN_MiB: 25 # Maximum message size in MiB (ignored if P2P mode is enabled)
CC_P2P_ENABLED: false # Enables or disables peer-to-peer(P2P) mode
# CC_ALLOWED_ORIGINS: https://clipcascade.example.com # Defines allowed CORS origins for security
CC_SIGNUP_ENABLED: false # Enables or disables user self-registration
image: sathvikrao/clipcascade:latest@sha256:0f7aadec03af6b22a157466ade3ed1730dfd3b390d2989e55c0180e1d12d736f
labels:
homepage.group: Personal Tools
homepage.name: ClipCascade
homepage.href: https://clip.${MY_TLD}
homepage.icon: sh-clipcascade.svg
homepage.description: Online file converter
swag: enable
swag_port: 8080
swag_proto: http
swag_url: clip.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: ClipCascade
swag.uptime-kuma.monitor.url: https://clip.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 64048:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/clipcascade:/database # Persistent storage for user data
cloudflareddns:
container_name: cloudflareddns
environment:
ARGS: --dns-cloudflare-propagation-seconds 60
CF_APIKEY: ${CLOUDFLAREDDNS_ENVIRONMENT_APIKEY}
CF_APITOKEN: ${CLOUDFLAREDDNS_ENVIRONMENT_APITOKEN}
CF_HOSTS: ${MY_TLD}
CF_RECORDTYPES: A
CF_USER: charish.patel@${MY_TLD}
CF_ZONES: ${MY_TLD}
DETECTION_MODE: dig-google.com
INTERVAL: "300"
LOG_LEVEL: "3"
PGID: "1000"
PUID: "1000"
TZ: America/New_York
hostname: Rinoa
image: ghcr.io/hotio/cloudflareddns:latest@sha256:b64687779bbe0dcd41f9854129ce8fa9d6c5f009e1992a79bed97c85fe253eaf
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/cloudflareddns
target: /config
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
convertx:
container_name: convertx
environment:
JWT_SECRET: ${CONVERTX_JWT_SECRET}
image: ghcr.io/c4illin/convertx@sha256:53f2c04ebe63fdfb4d812ee66b78a5db9360c729f3defe3dcc864256ff91a7cb
labels:
homepage.group: System Administration
homepage.name: ConvertX
homepage.href: https://convert.${MY_TLD}
homepage.icon: sh-convertx.png
homepage.description: Online file converter
swag: enable
swag_port: 3000
swag_proto: http
swag_url: convert.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: ConvertX
swag.uptime-kuma.monitor.url: https://convert.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 38946:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/convertx:/app/data
crowdsec:
container_name: crowdsec
depends_on:
- swag
environment:
DOCKER_HOST: tcp://dockerproxy:2375
GID: 1000
BOUNCER_KEY_SWAG: ${CROWDSEC_SWAG_API_KEY}
COLLECTIONS: >-
corvese/apache-guacamole
crowdsecurity/home-assistant
crowdsecurity/http-cve
crowdsecurity/iptables
crowdsecurity/linux
crowdsecurity/mariadb
crowdsecurity/nextcloud
crowdsecurity/nginx
crowdsecurity/whitelist-good-actors
Dominic-Wagner/vaultwarden
gauth-fr/immich
LePresidente/adguardhome
LePresidente/authelia
LePresidente/gitea
LePresidente/jellyfin
LePresidente/ombi
plague-doctor/audiobookshelf
schiz0phr3ne/sonarr
sdwilsh/navidrome
timokoessler/mongodb
timokoessler/uptime-kuma
xs539/joplin-server
image: crowdsecurity/crowdsec:latest@sha256:4beb1633cf4f41bb6f9e64d065d151d3aa5e3aa7082d5c3061a243037db0d890
networks:
default: null
ports:
- 8101:8080
profiles: ["rinoa-infra"]
restart: unless-stopped
security_opt:
- no-new-privileges=true
volumes:
# - ${DOCKER_VOLUME_CONFIG}/crowdsec/config.yaml.local:/etc/crowdsec/config.yaml
- ${DOCKER_VOLUME_CONFIG}/swag/log/nginx:/var/log/swag:ro # SWAG
- ${DOCKER_VOLUME_CONFIG}/mariadb/:/var/lib/mysql:ro # MariaDB
- ${DOCKER_VOLUME_CONFIG}/audiobookshelf/.metadata/logs:/var/log/audiobookself:ro # Audiobookshelf
- crowdsec-config:/etc/crowdsec
- crowdsec-db:/var/lib/crowdsec/data
- /var/log/journal:/var/log/host/journal:ro
- /var/log/auth.log:/var/log/host/auth.log:ro
crowdsec-dashboard:
container_name: crowdsec-dashboard
depends_on:
crowdsec:
condition: service_started
required: true
environment:
MB_DB_FILE: /data/metabase.db
MGID: ${GID-1000}
image: metabase/metabase@sha256:7cde7e7129ed13ec153ba7f5d08d79f4cb7db84dc06d9a47d411e66f65fd6933
labels:
homepage.group: Privacy/Security
homepage.name: CrowdSec Dashboard
homepage.href: https://csec.${MY_TLD}
homepage.icon: crowdsec.svg
homepage.description: Real-time & crowdsourced protection against aggressive IPs
homepage.widget.type: crowdsec
homepage.widget.url: http://crowdsec:8080
homepage.widget.username: localhost
homepage.widget.password: ${CROWDSEC_LOCAL_API_KEY}
swag: enable
swag_port: 3000
swag_proto: http
swag_url: csec.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Crowdsec
swag.uptime-kuma.monitor.url: https://csec.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8908:3000
profiles: ["rinoa-infra"]
restart: always
volumes:
- crowdsec-db:/data/
cyber-chef:
container_name: cyber-chef
image: mpepping/cyberchef:latest@sha256:1772a04fd261f971da89cf6212147afe55a37b4a93421db928a78e01de3d65ea
labels:
homepage.description: Web app for encryption, encoding, compression, and data analysis
homepage.group: Privacy/Security
homepage.href: https://cchef.${MY_TLD}
homepage.icon: cyberchef.svg
homepage.name: CyberChef
swag: enable
swag_port: 8000
swag_proto: http
swag_url: cchef.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: CyberChef
swag.uptime-kuma.monitor.url: https://cchef.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 20992:8000
profiles: ["rinoa-apps"]
restart: unless-stopped
czkawka:
container_name: czkawka
environment:
KEEP_APP_RUNNING: 1
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
UMASK: 1
SECURE_CONNECTION: 1
WEB_LISTENING_PORT: 5800
WEB_AUTHENTICATION: 1
WEB_AUTHENTICATION_USERNAME: ${CZKAWKA_WEB_AUTH_USERNAME}
WEB_AUTHENTICATION_PASSWORD: ${CZKAWKA_WEB_AUTH_PASSWORD}
CZKAWKA_GUI_KROKIET: 1
image: jlesage/czkawka@sha256:03109f40d1bc41ebe24c2fd3ee81429950338591bbb64c4cf39ec6160fee75a4
labels:
homepage.group: System Administration
homepage.name: Czkawka
homepage.href: https://czkawka.${MY_TLD}
homepage.icon: sh-czkawka.svg
homepage.description: Smart file management
swag: enable
swag_port: 5800
swag_proto: http
swag_url: czkawka.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Czkawka
swag.uptime-kuma.monitor.url: https://czkawka.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 5800:5800
privileged: true
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/czkawka
target: /config
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_STORAGE}
target: /storage
type: bind
bind:
create_host_path: true
dagu:
container_name: dagu
environment:
DAGU_PORT: 8080
DAGU_TZ: ${TZ} # optional. default is local timezone
DAGU_BASE_PATH: /
DAGU_HOME: /dagu
DAGU_AUTH_BASIC_USERNAME: admin
DAGU_AUTH_BASIC_PASSWORD: ${DAGU_AUTH_BASIC_PASSWORD}
DAGU_AUTH_TOKEN: ${DAGU_AUTH_TOKEN}
PUID: ${PUID}
PGID: ${PGID}
image: ghcr.io/dagu-org/dagu:alpine@sha256:29948c23d404d032022401ddadc17f1ab1564c3a2c073ed244958384340f97ec
labels:
homepage.group: Automation
homepage.name: Dagu
homepage.href: https://cron.${MY_TLD}
homepage.icon: sh-dagu.svg
homepage.description: Cron alternative with a web UI
homepage.widget.type: customapi
homepage.widget.headers: "Authorization: Bearer ${DAGU_AUTH_TOKEN}"
homepage.widget.url: http://dagu:8080/api/v2/health
homepage.widget.method: GET
homepage.widget.mappings[0].label: Status
homepage.widget.mappings[0].field: status
swag: enable
swag_port: 8080
swag_proto: http
swag_url: cron.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Dagu
swag.uptime-kuma.monitor.url: https://cron.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 31037:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/dagu/:/dagu
- ${DOCKER_VOLUME_STORAGE}/backups/:/backups
- /var/run/docker.sock:/var/run/docker.sock
dawarich-app:
command: bin/dev
container_name: dawarich-app
depends_on:
dawarich-pg-db:
condition: service_healthy
restart: true
dawarich-valkey:
condition: service_started
restart: true
deploy:
resources:
limits:
cpus: "0.50" # Limit CPU usage to 50% of one core
memory: "4G" # Limit memory usage to 4GB
entrypoint: web-entrypoint.sh
environment:
RAILS_ENV: production
REDIS_URL: redis://dawarich-valkey:6379
DATABASE_HOST: dawarich-pg-db
DATABASE_USERNAME: dawarich
DATABASE_PASSWORD: ${DAWARICH_PG_PASSWORD}
DATABASE_NAME: dawarich
MIN_MINUTES_SPENT_IN_CITY: 60
APPLICATION_HOSTS: localhost,loc.${MY_TLD},192.168.1.254
TIME_ZONE: ${TZ}
APPLICATION_PROTOCOL: http
DISTANCE_UNIT: km
SECRET_KEY_BASE: ${DAWARICH_SECRET_KEY_BASE}
PROMETHEUS_EXPORTER_ENABLED: true
PROMETHEUS_EXPORTER_HOST: 0.0.0.0
PROMETHEUS_EXPORTER_PORT: 9394
ENABLE_TELEMETRY: false # More on telemetry: https://dawarich.app/docs/tutorials/telemetry
SELF_HOSTED: true
expose:
- 9394
healthcheck:
test:
[
"CMD-SHELL",
"wget -qO - http://127.0.0.1:3000/api/v1/health | grep -q '\"status\"\\s*:\\s*\"ok\"'",
]
interval: 10s
retries: 30
start_period: 30s
timeout: 10s
image: freikin/dawarich:latest@sha256:7219a71e00f53168028796e17289c22ac734f61bd0457ab55f106dae039214a8
labels:
homepage.group: Privacy/Security
homepage.name: Dawarich
homepage.href: https://loc.${MY_TLD}
homepage.icon: dawarich.svg
homepage.description: Self-hosted alternative to Google Location History
swag: enable
swag_port: 3000
swag_proto: http
swag_url: loc.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Dawarich
swag.uptime-kuma.monitor.url: https://loc.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 63561:3000
profiles: ["rinoa-apps"]
restart: on-failure
stdin_open: true
tty: true
volumes:
- dawarich_public:/var/app/public
- dawarich_watched:/var/app/tmp/imports/watched
- ${DOCKER_VOLUME_CONFIG}/dawarich/web-entrypoint.sh:/usr/local/bin/web-entrypoint.sh
dawarich-pg-db:
container_name: dawarich-pg-db
environment:
POSTGRES_DB: dawarich
POSTGRES_USER: dawarich
POSTGRES_PASSWORD: ${DAWARICH_PG_PASSWORD}
healthcheck:
test: ["CMD-SHELL", "pg_isready -U dawarich -d dawarich"]
interval: 10s
retries: 5
start_period: 30s
timeout: 10s
image: postgis/postgis:17-3.5-alpine@sha256:470d7569e6aa821a503eac1f1c3e9851582281db9c1b2fa239ddcc01624fa19a
profiles: ["rinoa-apps"]
restart: always
shm_size: 1G
volumes:
- dawarich_db_data:/var/lib/postgresql/data
- dawarich_shared:/var/shared
dawarich-sidekiq:
command: ["sidekiq"]
container_name: dawarich-sidekiq
depends_on:
dawarich-app:
condition: service_healthy
restart: true
dawarich-pg-db:
condition: service_healthy
restart: true
dawarich-valkey:
condition: service_healthy
restart: true
deploy:
resources:
limits:
cpus: "0.50" # Limit CPU usage to 50% of one core
memory: "4G" # Limit memory usage to 4GB
entrypoint: sidekiq-entrypoint.sh
environment:
APPLICATION_HOSTS: localhost,loc.${MY_TLD}
APPLICATION_PROTOCOL: http
BACKGROUND_PROCESSING_CONCURRENCY: 10
DATABASE_HOST: dawarich-pg-db
DATABASE_NAME: dawarich
DATABASE_PASSWORD: ${DAWARICH_PG_PASSWORD}
DATABASE_USERNAME: dawarich
DISTANCE_UNIT: km
ENABLE_TELEMETRY: false # More on telemetry: https://dawarich.app/docs/tutorials/telemetry
PROMETHEUS_EXPORTER_ENABLED: false
RAILS_ENV: production
RAILS_LOG_TO_STDOUT: true
REDIS_URL: "redis://dawarich-valkey:6379"
SECRET_KEY_BASE: ${DAWARICH_SECRET_KEY_BASE}
SELF_HOSTED: true
STORE_GEODATA: true
expose:
- 9394
healthcheck:
test: ["CMD-SHELL", "pgrep -f sidekiq"]
interval: 10s
retries: 30
start_period: 30s
timeout: 10s
image: freikin/dawarich:latest@sha256:7219a71e00f53168028796e17289c22ac734f61bd0457ab55f106dae039214a8
profiles: ["rinoa-apps"]
restart: on-failure
stdin_open: true
tty: true
volumes:
- dawarich_public:/var/app/public
- dawarich_watched:/var/app/tmp/imports/watched
- ${DOCKER_VOLUME_CONFIG}/dawarich/sidekiq-entrypoint.sh:/usr/local/bin/sidekiq-entrypoint.sh
dawarich-valkey:
container_name: dawarich-valkey
<<: *valkey-params
volumes:
- dawarich-valkey-data:/data/valkey
dead-man-hand:
container_name: dead-man-hand
image: ghcr.io/bkupidura/dead-man-hand:latest@sha256:31905f19678f60d55ecdfa63dad009c07e2055cb5db0c608c8cab5de4467050e
environment:
DMH_CONFIG_FILE: /data/config.yaml
labels:
# homepage.group: Personal/Professional Services
# homepage.name: Dawarich
# homepage.href: https://loc.${MY_TLD}
# homepage.icon: dawarich.svg
# homepage.description: Self-hosted alternative to Google Location History
swag: enable
swag_port: 8080
swag_proto: http
swag_url: dms.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.monitor.url: https://dms.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 25807:8080
volumes:
- ${DOCKER_VOLUME_CONFIG}/dead-man-hand:/data
docker-socket-proxy:
container_name: dockerproxy
environment:
AUTH: 1
BUILD: 1
COMMIT: 1
CONFIGS: 1
CONTAINERS: 1
DISTRIBUTION: 1
EVENTS: 1
EXEC: 1
GPRC: 1
IMAGES: 1
INFO: 1
NETWORKS: 1
NODES: 1
POST: 1
PLUGINS: 1
SERVICES: 1
SESSION: 1
SYSTEM: 1
TASKS: 1
VOLUMES: 1
LOG_LEVEL: debug
image: ghcr.io/tecnativa/docker-socket-proxy:latest@sha256:3400c429c5f9e1b21d62130fb93b16e2e772d4fb7695bd52fc2b743800b9fe9e
networks:
default: null
ports:
- 2375:2375
privileged: true
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
dockflare:
container_name: dockflare
environment:
AGENT_STATUS_UPDATE_INTERVAL_SECONDS: 10
CF_ACCOUNT_ID: ${CLOUDFLARE_ACCOUNT_ID}
CF_API_TOKEN: ${CLOUDFLAREDDNS_ENVIRONMENT_APITOKEN}
CF_ZONE_ID: ${CLOUDFLARE_ZONE_ID}
CLEANUP_INTERVAL_SECONDS: 300
CLOUDFLARED_METRICS_PORT: 20119
CLOUDFLARED_NETWORK_NAME: compose_default
DEFAULT_NO_TLS_VERIFY: false
GRACE_PERIOD_SECONDS: 600
LABEL_PREFIX: cloudflare.tunnel
MAX_CONCURRENT_DNS_OPS: 3
RECONCILIATION_BATCH_SIZE: 3
SCAN_ALL_NETWORKS: false
STATE_FILE_PATH: /app/data/state.json
TRUSTED_PROXIES: 192.168.1.0/24,172.18.0.0/16
TUNNEL_DNS_SCAN_ZONE_NAMES:
TUNNEL_NAME: dockflared-tunnel
TZ: ${TZ}
healthcheck:
test:
[
"CMD-SHELL",
"wget -qO- --server-response http://localhost:5000/ping 2>&1 | awk '/^ HTTP/{code=$2} /^[^{]/{next} {print; fflush()} END{exit (code>=400 || code==0)}' >/dev/null",
]
interval: 1m30s
timeout: 30s
retries: 5
start_period: 30s
image: alplat/dockflare:stable@sha256:d5d77c1caeb3a82467499371dd5e7c9ab7c2c03c527d4f1465062b755aa7c8ca # Or :unstable for the latest features
labels:
homepage.group: Privacy/Security
homepage.name: DockFlare
homepage.href: https://cftunn.${MY_TLD}
homepage.icon: sh-dockflare.svg
homepage.description: Cloudflare Tunnel controller
homepage.widget.type: cloudflared
homepage.widget.accountid: ${CLOUDFLARE_ACCOUNT_ID}
homepage.widget.tunnelid: ${DOCKFLARE_CLOUDFLARE_TUNNEL_ID}
homepage.widget.key: ${CLOUDFLAREDDNS_ENVIRONMENT_APITOKEN}
swag: enable
swag_proto: http
swag_url: cftunn.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: DockFlare
swag.uptime-kuma.monitor.url: https://cftunn.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
### EXAMPLE CF TUNNEL LABELS ###
# Enable DockFlare management for this container
# - "cloudflare.tunnel.enable=true"
# The public hostname to expose
# - "cloudflare.tunnel.hostname=my-service.example.com"
# The internal service address (protocol://container_name_or_ip:port)
# Service type (http, https, tcp, ssh, rdp, http_status) is inferred from the prefix.
# - "cloudflare.tunnel.service=http://my-service:80"
# Optional: Specify a URL path. Only requests to hostname/path will match.
# - "cloudflare.tunnel.path=/app"
# Optional: Specify a different Cloudflare Zone for this hostname
# - "cloudflare.tunnel.zonename=another.example.com"
# Optional: Disable TLS verification if your internal service uses HTTP or a self-signed cert
# - "cloudflare.tunnel.no_tls_verify=true"
# Optional: Specify Origin Server Name (SNI) for TLS connection to origin
# - "cloudflare.tunnel.originsrvname=internal.service.local"
ports:
- 20756:5000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- dockflare_data:/app/data
dockpeek:
container_name: dockpeek
image: ghcr.io/dockpeek/dockpeek:v1.7.2@sha256:87654d0104eacff48a70c7c1eea6126f19f5803b21bfdace842ae765351593b4
depends_on:
docker-socket-proxy:
condition: service_started
required: true
environment:
SECRET_KEY: ${DOCKPEEK_SECRET_KEY}
USERNAME: admin
PASSWORD: ${DOCKPEEK_PASSWORD}
DOCKER_HOST: tcp://192.168.1.254:2375
DOCKER_HOST_NAME: Rinoa
DOCKER_HOST_PUBLIC_HOSTNAME: 192.168.1.254
DOCKER_HOST_1_URL: tcp://192.168.1.250:2375
DOCKER_HOST_1_NAME: Benedikta
DOCKER_HOST_1_PUBLIC_NAME: 192.168.1.250
DOCKER_HOST_2_URL: tcp://192.168.1.252:2375
DOCKER_HOST_2_NAME: Rikku
DOCKER_HOST_2_PUBLIC_NAME: 192.168.1.252
labels:
swag: enable
swag_proto: http
swag_port: 8000
swag_url: ports.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Dockpeek
swag.uptime-kuma.monitor.url: https://ports.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: System Administration
homepage.name: Dockpeek
homepage.href: https://ports.${MY_TLD}
homepage.icon: sh-dockpeek.svg
homepage.description: Real-time port monitoring and discovery
ports:
- 3420:8000
profiles: ["rinoa-apps"]
restart: unless-stopped
duplicati:
container_name: duplicati
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
hostname: Rinoa
image: lscr.io/linuxserver/duplicati:latest@sha256:b634b0eac9dbe49feaf069907115d5f479c06b91af7610bdad7c03a4b972d573
labels:
swag: enable
swag_port: 8200
swag_proto: http
swag_url: dup.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Duplicati
swag.uptime-kuma.monitor.url: https://dup.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Automation
homepage.name: Duplicati
homepage.href: https://dup.${MY_TLD}
homepage.icon: duplicati.png
homepage.description: Data backup
networks:
default: null
ports:
- 8282:8200
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/duplicati
target: /config
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
- bind:
create_host_path: true
source: /home/charish/.config/appdata/backups
target: /backups
type: bind
- bind:
create_host_path: true
source: /home/charish/.config/appdata
target: /source
type: bind
excalidraw:
container_name: excalidraw
image: "excalidraw/excalidraw:latest@sha256:b0b28b8d822519bf7fb9e2fab4a1e74754a557a4f6f42d36756ce95d281d62c5"
labels:
homepage.group: Personal Tools
homepage.name: Excalidraw
homepage.href: https://draw.${MY_TLD}
homepage.icon: excalidraw.svg
homepage.description: Virtual whiteboard for sketching hand-drawn like diagrams
swag: enable
swag_proto: http
swag_url: draw.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Excalidraw
swag.uptime-kuma.monitor.url: https://draw.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 53721:80
profiles: ["rinoa-apps"]
restart: unless-stopped
explo:
container_name: explo
environment:
TZ: ${TZ}
WEEKLY_EXPLORATION_SCHEDULE: 0 8 * * 2
WEEKLY_EXPLORATION_FLAGS:
WEEKLY_JAMS_SCHEDULE: 30 00 * * 1
WEEKLY_JAMS_FLAGS: --playlist=weekly-jams --download-mode=skip
DAILY_JAMS_SCHEDULE: 30 2 * * *
DAILY_JAMS_FLAGS: --playlist=daily-jams --download-mode=skip
image: ghcr.io/lumepart/explo:latest@sha256:4d8870ea033cb27e078772e60c4ca7b92f8c3ece062de8ceaec047e46e79f1df
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/explo/local.env:/opt/explo/.env
- ${DOCKER_VOLUME_STORAGE}/Audio/Explo:/downloads # has to be in the same path you have your music system pointed to (it's recommended to put explo under a subfolder)
- ${DOCKER_VOLUME_STORAGE}/Audio/Playlists:/playlists
fastenhealth:
container_name: fastenhealth
image: ghcr.io/fastenhealth/fasten-onprem:main@sha256:ed5353eb49d0dbd3e3e30aeb1b71d430a35aebe6823637dcd3dca7aa9b7fa3c3
labels:
homepage.group: Lifestyle
homepage.name: Fasten Health
homepage.icon: sh-fasten-health.svg
homepage.href: http://health.${MY_TLD}
homepage.description: Open-source, self-hosted, personal/family electronic medical record aggregator
swag: enable
swag_proto: http
swag_port: 8080
swag_url: health.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Fasten Health
swag.uptime-kuma.monitor.url: https://health.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8105:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: fastenhealth-cache
target: /opt/fasten/cache
type: volume
volume: {}
- source: fastenhealth-db
target: /opt/fasten/db
type: volume
volume: {}
flaresolverr:
container_name: flaresolverr
environment:
CAPTCHA_SOLVER: none
LOG_HTML: false
LOG_LEVEL: info
PORT: 8191
TZ: America/New_York
BROWSER_TIMEOUT: 40000
TEST_URL: https://duckduckgo.com
hostname: Rinoa
image: ghcr.io/flaresolverr/flaresolverr:latest@sha256:06c76759d062c185d8ac0b48f302258645b8d99db86109a3d6dce3209d93de51
networks:
default: null
ports:
- 8191:8191
profiles: ["rinoa-apps"]
restart: unless-stopped
sysctls:
- net.ipv6.conf.all.disable_ipv6=1
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
garage:
container_name: garage
image: dxflrs/garage:v2.1.0@sha256:4c9b34c113e61358466e83fd6e7d66e6d18657ede14b776eb78a93ee8da7cf6a
ports:
- 3900:3900
- 3901:3901
- 3902:3902
- 3903:3903
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/garage/garage.toml:/etc/garage.toml
- ${DOCKER_VOLUME_CONFIG}/garage/meta:/var/lib/garage/meta
- ${DOCKER_VOLUME_STORAGE}/garage_data:/var/lib/garage/data
garage-webui:
container_name: garage-webui
depends_on:
garage:
condition: service_started
required: true
environment:
API_BASE_URL: http://garage:3903
S3_ENDPOINT_URL: http://garage:3900
image: khairul169/garage-webui:latest@sha256:17c793551873155065bf9a022dabcde874de808a1f26e648d4b82e168806439c
labels:
homepage.group: System Administration
homepage.name: Garage
homepage.href: http://192.168.1.254:3909
homepage.icon: garage.svg
homepage.description: S3-compatible storage backend
ports:
- 3909:3909
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/garage/garage.toml:/etc/garage.toml:ro
ghost:
container_name: ghost_blog
depends_on:
mariadb:
condition: service_healthy
required: true
restart: true
environment:
database__client: mysql
database__connection__host: mariadb
database__connection__port: 3306
database__connection__user: ${GHOST_DB_USER}
database__connection__password: ${GHOST_DB_PASSWORD}
database__connection__database: ghost_db
mail__transport: SMTP
mail__options__host: postal-smtp
mail__options__port: 25
mail__options__secure: false
mail__options__auth__user: ${POSTAL_SMTP_AUTH_USER}
mail__options__auth__pass: ${POSTAL_SMTP_AUTH_PASSWORD}
mail__from: "'Ghost @ Rinoa' <noreply@${MY_TLD}>"
url: https://blog.${MY_TLD}
image: ghost:latest@sha256:1e243c833aaa518c6f0786037e83ebe3a8567f8aeac0aa71a38f6fe9d7790935
labels:
homepage.group: Lifestyle
homepage.name: Ghost
homepage.href: https://blog.${MY_TLD}
homepage.icon: ghost.png
homepage.description: Personal blog
swag: enable
swag_port: 2368
swag_proto: http
swag_url: blog.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Ghost
swag.uptime-kuma.monitor.url: https://blog.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 2368:2368
profiles: ["rinoa-apps"]
restart: always
volumes:
- ${DOCKER_VOLUME_CONFIG}/ghost:/var/lib/ghost/content
gitea:
container_name: gitea
depends_on:
gitea-db:
condition: service_healthy
required: true
environment:
USER_UID: ${PUID}
USER_GID: ${PGID}
GITEA__database__DB_TYPE: postgres
GITEA__database__HOST: gitea-db:5432
GITEA__database__NAME: gitea
GITEA__database__USER: gitea
GITEA__database__PASSWD: ${GITEA_PG_DB_PASSWORD}
GITEA__mailer__ENABLED: true
GITEA__mailer__FROM: '"Gitea" <noreply@${MY_TLD}>'
GITEA__mailer__PROTOCOL: smtp
GITEA__mailer__SMTP_ADDR: postal-smtp
GITEA__mailer__SMTP_PORT: 25
GITEA__mailer__USER: ${POSTAL_SMTP_AUTH_USER}
GITEA__mailer__PASSWD: ${POSTAL_SMTP_AUTH_PASSWORD}
image: gitea/gitea:1.25.1@sha256:b3aee0f6fa4ff3271180a2388bb796be5cced8828685b968a310d70e881fcbb3
labels:
cloudflare.tunnel.enable: true
cloudflare.tunnel.hostname: git-ssh.${MY_TLD}
cloudflare.tunnel.service: http://gitea:22
cloudflare.tunnel.no_tls_verify: true
homepage.group: Code/DevOps
homepage.name: Gitea
homepage.href: https://git.${MY_TLD}
homepage.icon: gitea.svg
homepage.description: Private Code Repo
homepage.widget.type: gitea
homepage.widget.url: http://gitea:3000
homepage.widget.key: ${GITEA_HOMEPAGE_API_KEY}
swag: enable
swag_url: git.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Gitea
swag.uptime-kuma.monitor.url: https://git.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 3013:3000
- 222:22
profiles: ["rinoa-infra"]
restart: always
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/gitea
target: /data/gitea
type: bind
bind:
create_host_path: true
- bind:
create_host_path: true
read_only: true
source: /etc/timezone
target: /etc/timezone
type: bind
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
gitea-db:
container_name: gitea-db
environment:
POSTGRES_USER: gitea
POSTGRES_PASSWORD: ${GITEA_PG_DB_PASSWORD}
POSTGRES_DB: gitea
expose:
- 5432
healthcheck:
interval: 10s
start_period: 20s
test: ["CMD-SHELL", "pg_isready -U gitea -d gitea"]
image: postgres:14@sha256:962ffbe9f6418387643411b127c1db27465e5a23b9a8849bfaf45fa6323963ce
networks:
default: null
profiles: ["rinoa-infra"]
restart: always
volumes:
- source: gitea-pg-db
target: /var/lib/postgresql/data
type: volume
volume: {}
gitea-runner:
container_name: gitea-runner
depends_on:
gitea:
condition: service_started
environment:
CONFIG_FILE: /config.yaml
GITEA_INSTANCE_URL: http://gitea:3000
GITEA_RUNNER_REGISTRATION_TOKEN: "${GITEA_RUNNER_REGISTRATION_TOKEN}"
GITEA_RUNNER_NAME: "gitea-runner-1"
image: gitea/act_runner:latest@sha256:8477d5b61b655caad4449888bae39f1f34bebd27db56cb15a62dccb3dcf3a944
ports:
- 63604:63604
profiles: ["rinoa-infra"]
restart: always
volumes:
- ${DOCKER_VOLUME_CONFIG}/gitea/act-runner/config.yaml:/config.yaml
- /var/run/docker.sock:/var/run/docker.sock
gitea-sonarqube-bot:
container_name: gitea-sonarqube-bot
depends_on:
gitea:
condition: service_started
sonarqube:
condition: service_started
image: justusbunsi/gitea-sonarqube-bot:v0.4.0@sha256:18dd43b470d9a470e27d5999dd7dcbb44423d5c4466ae56dd7c1722f23115673
environment:
GITEA_SQ_BOT_PORT: 58525
GITEA_SQ_BOT_CONFIG_PATH: /home/bot/config/config.yaml
ports:
- 58525:58525
profiles: ["rinoa-infra"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/gitea/sonarqube-bot/:/home/bot/config/
gitignore-io:
container_name: gitignore-io
image: guog/gitignore.io:latest@sha256:27b0bc3e9eb81adaee39fb6f77169ea9cbef164bcab049d29bcab68d154013ad
labels:
homepage.group: Code/DevOps
homepage.name: gitignore-io
homepage.href: https://gitignore.${MY_TLD}
homepage.icon: /icons/gitignore-io.svg
homepage.description: .gitignore generator
swag: enable
swag_url: gitignore.${MY_TLD}
swag_address: gitignore-io
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: gitignore-io
swag.uptime-kuma.monitor.url: https://gitignore.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 14822:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
gluetun:
cap_add:
- NET_ADMIN
container_name: gluetun
environment:
OPENVPN_PASSWORD: ${DELUGEVPN_ENVIRONMENT_VPN_PASS}
OPENVPN_USER: ${DELUGEVPN_ENVIRONMENT_VPN_USER}
PORT_FORWARD_ONLY: true
SERVER_REGIONS: Bahamas,Belgium,Cyprus,Estonia,FI Helsinki,Iceland,Latvia,Lithuania,Luxembourg,Montenegro,Netherlands,Portugal,DK Copenhagen,Ukraine,Uruguay
VPN_SERVICE_PROVIDER: private internet access
expose:
- 8000
image: qmcgaw/gluetun:latest@sha256:ffc080cc41f2b9cc55d413aa5779de96f0c760100879152c7b296d590b1e8a46
ports:
- 3333:3333
- 3334:3334
- 5030:5030
- 5031:5031
- 50300:50300
profiles: ["rinoa-apps"]
restart: always
gotify:
container_name: gotify
environment:
GOTIFY_SERVER_PORT: 80
GOTIFY_SERVER_KEEPALIVEPERIODSECONDS: 0
GOTIFY_SERVER_LISTENADDR:
GOTIFY_SERVER_SSL_ENABLED: false
GOTIFY_SERVER_SSL_REDIRECTTOHTTPS: true
GOTIFY_SERVER_SSL_LISTENADDR:
GOTIFY_SERVER_SSL_PORT: 443
GOTIFY_SERVER_SSL_CERTFILE:
GOTIFY_SERVER_SSL_CERTKEY:
GOTIFY_SERVER_SSL_LETSENCRYPT_ENABLED: false
GOTIFY_SERVER_SSL_LETSENCRYPT_ACCEPTTOS: false
GOTIFY_SERVER_SSL_LETSENCRYPT_CACHE: certs
GOTIFY_SERVER_STREAM_PINGPERIODSECONDS: 45
GOTIFY_DATABASE_DIALECT: sqlite3
GOTIFY_DATABASE_CONNECTION: data/gotify.db
GOTIFY_DEFAULTUSER_NAME: admin
GOTIFY_DEFAULTUSER_PASS: ${GOTIFY_PASSWORD}
GOTIFY_PASSSTRENGTH: 10
GOTIFY_UPLOADEDIMAGESDIR: data/images
GOTIFY_PLUGINSDIR: data/plugins
GOTIFY_REGISTRATION: false
image: gotify/server@sha256:2ae0e4e689f183137c8247884382fcb174d5a72253ce1897e7e5267090093fc8
labels:
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: Gotify
homepage.href: https://gotify.${MY_TLD}
homepage.icon: gotify.png
homepage.description: Notification System
homepage.widget.type: gotify
homepage.widget.url: http://gotify
homepage.widget.key: ${GOTIFY_HOMEPAGE_CLIENT_KEY}
swag: enable
swag_proto: http
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Gotify
swag.uptime-kuma.monitor.url: https://gotify.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8097:80
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/gotify
target: /app/data
type: bind
bind:
create_host_path: true
guacamole:
container_name: guacamole
environment:
DOCKER_HOST: tcp://dockerproxy:2375
EXTENSIONS: "auth-totp"
TZ: ${TZ}
image: flcontainers/guacamole:latest@sha256:81a420f386ef8cbb4697208e13ea90f6a10a54619981241bed672e4a41b5f77f
labels:
homepage.group: System Administration
homepage.name: Guacamole
homepage.description: Client-less remote desktop gateway
homepage.href: https://guac.${MY_TLD}
homepage.icon: guacamole.svg
swag: enable
swag_proto: http
swag_port: 8080
swag_url: guac.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Guacamole
swag.uptime-kuma.monitor.url: https://guac.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 62173:8080
profiles: ["rinoa-apps"]
restart: always
volumes:
- ${DOCKER_VOLUME_CONFIG}/guacamole/:/config
- /etc/localtime:/etc/localtime:ro
homepage:
container_name: homepage
environment:
HOMEPAGE_ALLOWED_HOSTS: ${MY_TLD}
PUID: ${PUID}
PGID: ${PGID}
image: ghcr.io/gethomepage/homepage:latest@sha256:8c7ec6a3c9094af7ac0686aa361fed3129264a8ed2c17594d5114a5e8342f7c9
labels:
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Homepage
swag.uptime-kuma.monitor.url: https://${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 3004:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/homepage:/app/config
- ${DOCKER_VOLUME_CONFIG}/homepage/images:/app/public/images
- ${DOCKER_VOLUME_CONFIG}/homepage/icons:/app/public/icons
- ${DOCKER_VOLUME_STORAGE}:/rinoa-storage:ro
hugo:
command: hugo server --baseURL "it-services.${MY_TLD}" --bind 0.0.0.0 --appendPort=false --source=/src/ --configDir=/src/config/ -e production --logLevel debug
container_name: hugo
image: hugomods/hugo:exts@sha256:86b9a9ee8915be9cd5e9b555082352ab502daebf12c0bdae0a513f5340586496
labels:
swag: enable
swag_proto: http
swag_port: 1313
swag_url: it-services.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Hugo
swag.uptime-kuma.monitor.url: https://it-services.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Professional Services
homepage.name: Hugo
homepage.href: https://it-services.${MY_TLD}
homepage.icon: hugo.svg
homepage.description: Static site
ports:
- 1313:1313
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/hugo/:/src
- ${DOCKER_VOLUME_CONFIG}/hugo/cache:/tmp/hugo_cache
immich-server:
container_name: immich-server
depends_on:
immich-valkey:
condition: service_healthy
required: true
immich-pg-db:
condition: service_healthy
required: true
restart: true
immich-machine-learning:
condition: service_healthy
required: true
restart: true
environment:
DB_DATABASE_NAME: immich
DB_HOSTNAME: immich-pg-db
DB_PORT: 5432
DB_USERNAME: immich
DB_PASSWORD: ${IMMICH_DB_PASSWORD}
IMMICH_LOG_LEVEL: error
IMMICH_TELEMETRY_INCLUDE: all
IMMICH_API_METRICS_PORT: 8081
IMMICH_MICROSERVICES_METRICS_PORT: 8082
REDIS_HOSTNAME: immich-valkey
REDIS_PORT: 6379
REDIS_DBINDEX: 0
healthcheck:
disable: false
image: ghcr.io/immich-app/immich-server:release@sha256:4504d794123c3f5410cc45bbc61e4d7dbcacec1e1b0cd2e599691430c94e5849
labels:
swag: enable
swag_proto: http
swag_port: 2283
swag_url: pics.${MY_TLD}
swag_server_custom_directive: |
location /share {
proxy_pass http://immich-public-proxy:3000;
}
location /tools {
proxy_pass http://immich-power-tools:3000;
}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Immich
swag.uptime-kuma.monitor.url: https://pics.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Media Library
homepage.name: Immich
homepage.href: https://pics.${MY_TLD}
homepage.icon: immich.svg
homepage.description: High performance self-hosted photo and video management solution
homepage.widget.type: immich
homepage.widget.url: http://immich-server:2283
homepage.widget.key: ${IMMICH_POWER_TOOLS_KEY}
homepage.widget.version: 2
ports:
- 2283:2283
- 42239:8081
- 42015:8082
profiles: ["rinoa-apps"]
restart: always
volumes:
# Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
- ${DOCKER_VOLUME_STORAGE}/Pics:/usr/src/app/upload
- /etc/localtime:/etc/localtime:ro
immich-machine-learning:
container_name: immich-machine-learning
healthcheck:
disable: false
image: ghcr.io/immich-app/immich-machine-learning:release@sha256:bf339cbb44af6c2ef25d9128e1da51b2bec0cfd524846a83e3017c21bd71ddb4
profiles: ["rinoa-apps"]
restart: always
volumes:
- immich-model-cache:/cache
immich-pg-db:
command: >-
postgres
-c shared_preload_libraries=vectors.so
-c 'search_path="$$user", public, vectors'
-c logging_collector=on
-c max_wal_size=2GB
-c shared_buffers=512MB
-c wal_compression=on
container_name: immich-pg-db
environment:
POSTGRES_PASSWORD: ${IMMICH_DB_PASSWORD}
POSTGRES_USER: immich
POSTGRES_DB: immich
expose:
- 5432
healthcheck:
test: >-
pg_isready --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" || exit 1;
Chksum="$$(psql --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" --tuples-only --no-align
--command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')";
echo "checksum failure count is $$Chksum";
[ "$$Chksum" = '0' ] || exit 1
interval: 5m
start_interval: 30s
start_period: 5m
image: tensorchord/pgvecto-rs:pg14-v0.2.1@sha256:9172feae86a211bc502db4ec2d3309a57329060b031d91796d39f45d1d698ef3
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/immich/db:/var/lib/postgresql/data
immich-public-proxy:
container_name: immich-public-proxy
depends_on:
immich-server:
condition: service_healthy
required: true
environment:
IMMICH_URL: http://immich-server:2283
expose:
- 3000
healthcheck:
test: wget -q --spider http://localhost:3000/share/healthcheck || exit 1
start_period: 10s
timeout: 5s
image: alangrainger/immich-public-proxy:latest@sha256:ed5c7cc406bd26bb1cff327b8a3d8aad35210e45830b620d55f280773b528f3b
labels:
homepage.group: Lifestyle
homepage.name: Immich Public Proxy
homepage.href: https://pics.${MY_TLD}/share
homepage.icon: sh-immich-public-proxy.svg
homepage.description: Immich Proxy for public sharing
homepage.widget.type: immich
homepage.widget.url: http://immich-server:2283
homepage.widget.key: ${IMMICH_POWER_TOOLS_KEY}
homepage.widget.version: 2
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Immich Public Proxy
swag.uptime-kuma.monitor.url: https://pics.${MY_TLD}/share
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
profiles: ["rinoa-apps"]
restart: always
immich-power-tools:
container_name: immich-power-tools
environment:
DB_DATABASE_NAME: immich
DB_HOSTNAME: immich-pg-db
DB_PORT: 5432
DB_USERNAME: immich
DB_PASSWORD: ${IMMICH_DB_PASSWORD}
EXTERNAL_IMMICH_URL: https://pics.${MY_TLD}
IMMICH_API_KEY: ${IMMICH_POWER_TOOLS_KEY}
IMMICH_URL: http://immich-server:2283
image: ghcr.io/varun-raj/immich-power-tools:latest@sha256:2abdc8a73cd7438006e16f7a9b50f51ca6806332f8855404375e8bbdd5b024f7
ports:
- 54018:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
immich-valkey:
container_name: immich-valkey
<<: *valkey-params
volumes:
- immich-valkey-data:/data/valkey
influxdb2:
container_name: influxdb2
environment:
DOCKER_INFLUXDB_INIT_MODE: setup
DOCKER_INFLUXDB_INIT_USERNAME: admin
DOCKER_INFLUXDB_INIT_PASSWORD: ${INFLUXDB2_ADMIN_PASSWORD}
DOCKER_INFLUXDB_INIT_ADMIN_TOKEN: /run/secrets/influxdb2-admin-token
DOCKER_INFLUXDB_INIT_ORG: rinoa
DOCKER_INFLUXDB_INIT_BUCKET: rinoa
image: influxdb:2-alpine@sha256:b4dbe25bb8f8be38f9cf5a12cbca453318a1ad3475954e9d37c38f6e5bc5006b
labels:
swag: enable
swag_proto: http
swag_port: 8086
swag_url: influxdb.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.monitor.url: https://influxdb.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
homepage.group: System Administration
homepage.name: InfluxDBv2
homepage.href: https://influxdb.${MY_TLD}
homepage.icon: influxdb.svg
homepage.description: Scalable datastore for metrics, events, and real-time analytics
ports:
- 8086:8086
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- influxdb2-data:/var/lib/influxdb2
- influxdb2-config:/etc/influxdb2
invidious:
container_name: invidious
depends_on:
invidious-db:
condition: service_started
required: true
environment:
INVIDIOUS_CONFIG_FILE: /config.yml
healthcheck:
interval: 30s
retries: 2
test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/trending || exit 1
timeout: 5s
image: quay.io/invidious/invidious:latest@sha256:2836b5b8226a53a9cc2afdbd5f5fe6bccdd200f2e17cd92a828b4dc8d8b5cc06
labels:
swag: enable
swag_proto: http
swag_port: 3000
swag_url: invid.${MY_TLD}
swag_server_custom_directive: |
location /companion {
proxy_pass http://invidious-companion:8282;
}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Invidious
swag.uptime-kuma.monitor.url: https://invid.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Social
homepage.name: Invidious
homepage.href: https://invid.${MY_TLD}
homepage.icon: invidious.svg
homepage.description: Alternative YouTube frontend (privacy-focused, ad-blocking)
networks:
default: null
ports:
- 3007:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/invidious/config.yml:/config.yml
invidious-companion:
cap_drop:
- ALL
container_name: invidious-companion
environment:
SERVER_SECRET_KEY: ${INVID_COMPANION_KEY}
image: quay.io/invidious/invidious-companion:latest@sha256:4f589b8eedf3c2d49de4a256ee018d7e4ff54fcce683f9005a31dbb7d1bf870f
logging:
options:
max-size: "1G"
max-file: "4"
ports:
- 16290:8282
profiles: ["rinoa-apps"]
read_only: true
restart: unless-stopped
security_opt:
- no-new-privileges:true
volumes:
- invidious-companion-cache:/var/tmp/youtubei.js:rw
invidious-db:
container_name: invidious-db
environment:
POSTGRES_DB: invidious
POSTGRES_PASSWORD: ${INVID_PG_DB_PASSWORD}
POSTGRES_USER: kemal
healthcheck:
test:
- CMD-SHELL
- pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB
image: docker.io/library/postgres:14@sha256:962ffbe9f6418387643411b127c1db27465e5a23b9a8849bfaf45fa6323963ce
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: invidious-postgres
target: /var/lib/postgresql/data
type: volume
volume: {}
- source: ${DOCKER_VOLUME_CONFIG}/invidious/sql
target: /config/sql
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/invidious/entrypoint/init-invidious-db.sh
target: /docker-entrypoint-initdb.d/init-invidious-db.sh
type: bind
bind:
create_host_path: true
it-tools:
container_name: it-tools
image: ghcr.io/corentinth/it-tools:latest@sha256:8b8128748339583ca951af03dfe02a9a4d7363f61a216226fc28030731a5a61f
labels:
swag: enable
swag_proto: http
swag_url: itt.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: IT-Tools
swag.uptime-kuma.monitor.url: https://itt.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Code/DevOps
homepage.name: IT-Tools
homepage.href: https://itt.${MY_TLD}
homepage.icon: it-tools.svg
homepage.description: Useful tools for developers and people working in IT
networks:
default: null
ports:
- 8104:80
profiles: ["rinoa-apps"]
restart: unless-stopped
jellyfin:
container_name: jellyfin
environment:
JELLYFIN_PublishedServerUrl: https://jf.${MY_TLD}
image: jellyfin/jellyfin@sha256:d43a8878689311f841a1967f899f54db56877bf6b426fd7ff870ac1a6fd1dce4
labels:
homepage.group: Media Library
homepage.name: Jellyfin
homepage.icon: jellyfin.svg
homepage.href: https://jf.${MY_TLD}
homepage.description: Movie/TV Streaming
homepage.widget.type: jellyfin
homepage.widget.url: http://jellyfin:8096
homepage.widget.key: ${JELLYFIN_API_KEY}
homepage.widget.enableBlocks: true
homepage.widget.enableNowPlaying: true
homepage.widget.enableUser: true
homepage.widget.showEpisodeNumber: true
homepage.widget.expandOneStreamToTwoRows: false
swag: enable
swag_url: jf.${MY_TLD}
swag_port: 8096
swag_proto: http
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Jellyfin
swag.uptime-kuma.monitor.url: https://jf.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 8487:8096
- 7359:7359
- 1900:1900
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/jellyfin:/config
- ${DOCKER_VOLUME_CONFIG}/jellyfin/cache:/cache
- ${DOCKER_VOLUME_STORAGE}/TV_Shows:/storage/tv
- ${DOCKER_VOLUME_STORAGE}/Movies:/storage/movies
- /etc/localtime:/etc/localtime
- /usr/share/fonts:/usr/local/share/fonts/custom
jitsi-etherpad:
container_name: jitsi-etherpad
environment:
TITLE: ${JITSI__ETHERPAD_TITLE}
DEFAULT_PAD_TEXT: ${JITSI__ETHERPAD_DEFAULT_PAD_TEXT}
SKIN_NAME: ${JITSI__ETHERPAD_SKIN_NAME}
SKIN_VARIANTS: ${JITSI__ETHERPAD_SKIN_VARIANTS}
SUPPRESS_ERRORS_IN_PAD_TEXT: true
hostname: etherpad.meet.jitsi
image: etherpad/etherpad:1.9.7@sha256:d1d6a772dd49e2d920fda874cdae2d4a43f24ba5713a1e330b6342fbab3eb5ec
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
jitsi-jibri:
cap_add:
- SYS_ADMIN
container_name: jitsi-jibri
depends_on:
jitsi-jicofo:
condition: service_started
required: true
environment:
AUTOSCALER_SIDECAR_KEY_FILE:
AUTOSCALER_SIDECAR_KEY_ID:
AUTOSCALER_SIDECAR_GROUP_NAME:
AUTOSCALER_SIDECAR_HOST_ID:
AUTOSCALER_SIDECAR_INSTANCE_ID:
AUTOSCALER_SIDECAR_PORT:
AUTOSCALER_SIDECAR_REGION:
AUTOSCALER_SIDECAR_SHUTDOWN_POLLING_INTERVAL:
AUTOSCALER_SIDECAR_STATS_POLLING_INTERVAL:
AUTOSCALER_URL:
CHROMIUM_FLAGS:
DISPLAY: :0
ENABLE_STATS_D:
JIBRI_WEBHOOK_SUBSCRIBERS:
JIBRI_HTTP_API_EXTERNAL_PORT:
JIBRI_HTTP_API_INTERNAL_PORT:
JIBRI_RECORDING_RESOLUTION:
JIBRI_RECORDING_VIDEO_ENCODE_PRESET:
JIBRI_RECORDING_CONSTANT_RATE_FACTOR:
JIBRI_RECORDING_FRAMERATE:
JIBRI_RECORDING_QUEUE_SIZE:
JIBRI_RECORDING_STREAMING_MAX_BITRATE:
JIBRI_USAGE_TIMEOUT:
JIBRI_XMPP_USER:
JIBRI_XMPP_PASSWORD: ${JITSI__JIBRI_XMPP_PASSWORD}
JIBRI_BREWERY_MUC:
JIBRI_RECORDER_USER: jibri-recorder
JIBRI_RECORDER_PASSWORD: ${JITSI__JIBRI_RECORDER_PASSWORD}
JIBRI_RECORDING_DIR:
JIBRI_FINALIZE_RECORDING_SCRIPT_PATH:
JIBRI_STRIP_DOMAIN_JID:
JIBRI_STATSD_HOST:
JIBRI_STATSD_PORT:
LOCAL_ADDRESS:
PUBLIC_URL: ${JITSI__PUBLIC_URL}
TZ: ${TZ}
XMPP_AUTH_DOMAIN:
XMPP_DOMAIN:
XMPP_INTERNAL_MUC_DOMAIN:
XMPP_MUC_DOMAIN:
XMPP_RECORDER_DOMAIN:
XMPP_SERVER:
XMPP_PORT:
XMPP_TRUST_ALL_CERTS:
image: jitsi/jibri:${JITSI_IMAGE_VERSION:-stable}
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
shm_size: 2gb
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/jitsi/jibri
target: /config
type: bind
bind:
create_host_path: true
jitsi-jicofo:
container_name: jitsi-jicofo
depends_on:
jitsi-prosody:
condition: service_started
required: true
environment:
AUTH_TYPE:
BRIDGE_AVG_PARTICIPANT_STRESS:
BRIDGE_STRESS_THRESHOLD:
ENABLE_AUTH:
ENABLE_AUTO_OWNER:
ENABLE_CODEC_VP8:
ENABLE_CODEC_VP9:
ENABLE_CODEC_H264:
ENABLE_CODEC_OPUS_RED:
ENABLE_JVB_XMPP_SERVER:
ENABLE_OCTO:
ENABLE_RECORDING: 1
ENABLE_SCTP:
ENABLE_AUTO_LOGIN:
JICOFO_AUTH_LIFETIME:
JICOFO_AUTH_PASSWORD: ${JITSI__JICOFO_AUTH_PASSWORD}
JICOFO_AUTH_TYPE:
JICOFO_BRIDGE_REGION_GROUPS:
JICOFO_ENABLE_AUTH:
JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS:
JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT:
JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT:
JICOFO_CONF_SOURCE_SIGNALING_DELAYS:
JICOFO_CONF_MAX_AUDIO_SENDERS:
JICOFO_CONF_MAX_VIDEO_SENDERS:
JICOFO_CONF_STRIP_SIMULCAST:
JICOFO_CONF_SSRC_REWRITING:
JICOFO_ENABLE_HEALTH_CHECKS:
JICOFO_ENABLE_REST:
JICOFO_HEALTH_CHECKS_USE_PRESENCE:
JICOFO_MULTI_STREAM_BACKWARD_COMPAT:
JICOFO_OCTO_REGION:
JIBRI_BREWERY_MUC:
JIBRI_REQUEST_RETRIES:
JIBRI_PENDING_TIMEOUT:
JIGASI_BREWERY_MUC:
JIGASI_SIP_URI:
JVB_BREWERY_MUC:
JVB_XMPP_AUTH_DOMAIN:
JVB_XMPP_INTERNAL_MUC_DOMAIN:
JVB_XMPP_PORT:
JVB_XMPP_SERVER:
MAX_BRIDGE_PARTICIPANTS:
OCTO_BRIDGE_SELECTION_STRATEGY:
SENTRY_DSN: "${JICOFO_SENTRY_DSN:-0}"
SENTRY_ENVIRONMENT:
SENTRY_RELEASE:
TZ: ${TZ}
XMPP_DOMAIN:
XMPP_AUTH_DOMAIN:
XMPP_INTERNAL_MUC_DOMAIN:
XMPP_MUC_DOMAIN:
XMPP_RECORDER_DOMAIN:
XMPP_SERVER:
XMPP_PORT:
image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable}
networks:
default: null
ports:
- 8889:8888
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/jicofo
target: /config
type: bind
jitsi-jigasi:
container_name: jitsi-jigasi
depends_on:
jitsi-prosody:
condition: service_started
required: true
environment:
ENABLE_AUTH: 1
ENABLE_GUESTS: 1
XMPP_AUTH_DOMAIN:
XMPP_GUEST_DOMAIN:
XMPP_MUC_DOMAIN:
XMPP_INTERNAL_MUC_DOMAIN:
XMPP_SERVER:
XMPP_PORT:
XMPP_DOMAIN:
PUBLIC_URL: ${JITSI__PUBLIC_URL}
JIGASI_DISABLE_SIP:
JIGASI_SIP_URI: ${JITSI__SIP_URI}
JIGASI_SIP_PASSWORD: ${JITSI__JIGAGI_SIP_PASSWORD}
JIGASI_SIP_SERVER: ${JITSI__JIGAGI_SIP_SERVER}
JIGASI_SIP_PORT: ${JITSI__JIGAGI_SIP_PORT}
JIGASI_SIP_TRANSPORT: ${JITSI__JIGAGI_SIP_TRANSPORT}
JIGASI_SIP_DEFAULT_ROOM:
JIGASI_XMPP_USER:
JIGASI_XMPP_PASSWORD: ${JITSI__JIGASI_XMPP_PASSWORD}
JIGASI_BREWERY_MUC:
JIGASI_PORT_MIN:
JIGASI_PORT_MAX:
JIGASI_HEALTH_CHECK_SIP_URI:
JIGASI_HEALTH_CHECK_INTERVAL:
JIGASI_SIP_KEEP_ALIVE_METHOD:
JIGASI_ENABLE_SDES_SRTP:
ENABLE_TRANSCRIPTIONS: 1
JIGASI_TRANSCRIBER_ADVERTISE_URL:
JIGASI_TRANSCRIBER_RECORD_AUDIO:
JIGASI_TRANSCRIBER_SEND_TXT:
GC_PROJECT_ID:
GC_PRIVATE_KEY_ID:
GC_PRIVATE_KEY:
GC_CLIENT_EMAIL:
GC_CLIENT_ID:
GC_CLIENT_CERT_URL:
SHUTDOWN_REST_ENABLED:
SENTRY_DSN: "${JIGASI_SENTRY_DSN:-0}"
SENTRY_ENVIRONMENT:
SENTRY_RELEASE:
TZ: ${TZ}
image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-stable}
networks:
default: null
ports:
- 20000-20050:20000-20050/udp
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/jigasi
target: /config
type: bind
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/transcripts
target: /tmp/transcripts
type: bind
jitsi-jvb:
container_name: video.meet.jitsi
depends_on:
jitsi-prosody:
condition: service_started
required: true
environment:
DOCKER_HOST_ADDRESS:
ENABLE_COLIBRI_WEBSOCKET:
ENABLE_JVB_XMPP_SERVER:
ENABLE_OCTO:
JVB_ADVERTISE_IPS: 192.168.1.254
JVB_ADVERTISE_PRIVATE_CANDIDATES:
JVB_AUTH_USER:
JVB_AUTH_PASSWORD: ${JITSI__JVB_AUTH_PASSWORD}
JVB_BREWERY_MUC:
JVB_DISABLE_STUN:
JVB_PORT:
JVB_MUC_NICKNAME:
JVB_STUN_SERVERS:
JVB_OCTO_BIND_ADDRESS:
JVB_OCTO_REGION:
JVB_OCTO_RELAY_ID:
JVB_WS_DOMAIN:
JVB_WS_SERVER_ID:
JVB_XMPP_AUTH_DOMAIN:
JVB_XMPP_INTERNAL_MUC_DOMAIN:
JVB_XMPP_PORT:
JVB_XMPP_SERVER:
PUBLIC_URL: ${JITSI__PUBLIC_URL}
SENTRY_DSN: "${JVB_SENTRY_DSN:-0}"
SENTRY_ENVIRONMENT:
SENTRY_RELEASE:
COLIBRI_REST_ENABLED:
SHUTDOWN_REST_ENABLED:
TZ: ${TZ}
XMPP_AUTH_DOMAIN:
XMPP_INTERNAL_MUC_DOMAIN:
XMPP_SERVER:
XMPP_PORT:
image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable}
networks:
default: null
ports:
- 10000:10000/udp
- 8091:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/jvb
target: /config
type: bind
jitsi-prosody:
container_name: xmpp.meet.jitsi
environment:
AUTH_TYPE:
DISABLE_POLLS:
ENABLE_AUTH:
ENABLE_AV_MODERATION:
ENABLE_BREAKOUT_ROOMS:
ENABLE_END_CONFERENCE:
ENABLE_GUESTS: 1
ENABLE_IPV6:
ENABLE_LOBBY: 1
ENABLE_RECORDING: 1
ENABLE_XMPP_WEBSOCKET:
ENABLE_JAAS_COMPONENTS:
GC_TYPE:
GC_INC_TH:
GC_INC_SPEED:
GC_INC_STEP_SIZE:
GC_GEN_MIN_TH:
GC_GEN_MAX_TH:
GLOBAL_CONFIG:
GLOBAL_MODULES:
JIBRI_RECORDER_USER:
JIBRI_RECORDER_PASSWORD: ${JITSI__JIBRI_RECORDER_PASSWORD}
JIBRI_XMPP_USER:
JIBRI_XMPP_PASSWORD: ${JITSI__JIBRI_XMPP_PASSWORD}
JICOFO_AUTH_PASSWORD: ${JITSI__JICOFO_AUTH_PASSWORD}
JICOFO_COMPONENT_SECRET:
JIGASI_XMPP_USER:
JIGASI_XMPP_PASSWORD: ${JITSI__JIGASI_XMPP_PASSWORD}
JIGASI_TRANSCRIBER_PASSWORD: ${JITSI__JIGASI_TRANSCRIBER_PASSWORD}
JVB_AUTH_USER:
JVB_AUTH_PASSWORD: ${JITSI__JVB_AUTH_PASSWORD}
JWT_APP_ID:
JWT_APP_SECRET:
JWT_ACCEPTED_ISSUERS:
JWT_ACCEPTED_AUDIENCES:
JWT_ASAP_KEYSERVER:
JWT_ALLOW_EMPTY:
JWT_AUTH_TYPE:
JWT_ENABLE_DOMAIN_VERIFICATION:
JWT_TOKEN_AUTH_MODULE:
MATRIX_UVS_URL:
MATRIX_UVS_ISSUER:
MATRIX_UVS_AUTH_TOKEN:
MATRIX_UVS_SYNC_POWER_LEVELS:
LOG_LEVEL:
LDAP_AUTH_METHOD:
LDAP_BASE:
LDAP_BINDDN:
LDAP_BINDPW:
LDAP_FILTER:
LDAP_VERSION:
LDAP_TLS_CIPHERS:
LDAP_TLS_CHECK_PEER:
LDAP_TLS_CACERT_FILE:
LDAP_TLS_CACERT_DIR:
LDAP_START_TLS:
LDAP_URL:
LDAP_USE_TLS:
MAX_PARTICIPANTS:
PROSODY_AUTH_TYPE:
PROSODY_RESERVATION_ENABLED:
PROSODY_RESERVATION_REST_BASE_URL:
PROSODY_ENABLE_RATE_LIMITS:
PROSODY_RATE_LIMIT_LOGIN_RATE:
PROSODY_RATE_LIMIT_SESSION_RATE:
PROSODY_RATE_LIMIT_TIMEOUT:
PROSODY_RATE_LIMIT_ALLOW_RANGES:
PROSODY_RATE_LIMIT_CACHE_SIZE:
PUBLIC_URL: ${JITSI__PUBLIC_URL}
TURN_CREDENTIALS:
TURN_HOST:
TURNS_HOST:
TURN_PORT:
TURNS_PORT:
TURN_TRANSPORT:
TZ: ${TZ}
XMPP_DOMAIN:
XMPP_AUTH_DOMAIN:
XMPP_GUEST_DOMAIN:
XMPP_MUC_DOMAIN:
XMPP_INTERNAL_MUC_DOMAIN:
XMPP_MODULES:
XMPP_MUC_MODULES:
XMPP_MUC_CONFIGURATION:
XMPP_INTERNAL_MUC_MODULES:
XMPP_RECORDER_DOMAIN:
XMPP_PORT:
expose:
- 5222
- "5347"
- "5280"
image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable}
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/prosody/config
target: /config
type: bind
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/prosody/prosody-plugins-custom
target: /prosody-plugins-custom
type: bind
jitsi-web:
container_name: jitsi-web
environment:
AMPLITUDE_ID:
ANALYTICS_SCRIPT_URLS:
ANALYTICS_WHITELISTED_EVENTS:
AUDIO_QUALITY_OPUS_BITRATE:
AUTO_CAPTION_ON_RECORD:
BRANDING_DATA_URL:
CALLSTATS_CUSTOM_SCRIPT_URL:
CALLSTATS_ID:
CALLSTATS_SECRET:
CHROME_EXTENSION_BANNER_JSON:
COLIBRI_WEBSOCKET_PORT:
CONFCODE_URL:
CONFIG_EXTERNAL_CONNECT:
DEFAULT_LANGUAGE:
DEPLOYMENTINFO_ENVIRONMENT:
DEPLOYMENTINFO_ENVIRONMENT_TYPE:
DEPLOYMENTINFO_REGION:
DEPLOYMENTINFO_SHARD:
DEPLOYMENTINFO_USERREGION:
DESKTOP_SHARING_FRAMERATE_MIN:
DESKTOP_SHARING_FRAMERATE_MAX:
DIALIN_NUMBERS_URL:
DIALOUT_AUTH_URL:
DIALOUT_CODES_URL:
DISABLE_AUDIO_LEVELS:
DISABLE_DEEP_LINKING:
DISABLE_GRANT_MODERATOR:
DISABLE_HTTPS: 1
DISABLE_KICKOUT:
DISABLE_LOCAL_RECORDING:
DISABLE_POLLS:
DISABLE_PRIVATE_CHAT:
DISABLE_PROFILE:
DISABLE_REACTIONS:
DISABLE_REMOTE_VIDEO_MENU:
DISABLE_START_FOR_ALL:
DROPBOX_APPKEY:
DROPBOX_REDIRECT_URI:
DYNAMIC_BRANDING_URL:
ENABLE_AUDIO_PROCESSING:
ENABLE_AUTH:
ENABLE_BREAKOUT_ROOMS:
ENABLE_CALENDAR:
ENABLE_COLIBRI_WEBSOCKET:
ENABLE_E2EPING:
ENABLE_FILE_RECORDING_SHARING:
ENABLE_GUESTS: 1
ENABLE_HSTS:
ENABLE_HTTP_REDIRECT: 0
ENABLE_IPV6:
ENABLE_LETSENCRYPT: 0
ENABLE_LIPSYNC:
ENABLE_NO_AUDIO_DETECTION:
ENABLE_NOISY_MIC_DETECTION:
ENABLE_OCTO:
ENABLE_OPUS_RED:
ENABLE_PREJOIN_PAGE:
ENABLE_P2P:
ENABLE_WELCOME_PAGE:
ENABLE_CLOSE_PAGE:
ENABLE_LIVESTREAMING:
ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK:
ENABLE_LIVESTREAMING_HELP_LINK:
ENABLE_LIVESTREAMING_TERMS_LINK:
ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING:
ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT:
ENABLE_LOCAL_RECORDING_SELF_START:
ENABLE_RECORDING: 1
ENABLE_REMB:
ENABLE_REQUIRE_DISPLAY_NAME:
ENABLE_SERVICE_RECORDING:
ENABLE_SIMULCAST:
ENABLE_STATS_ID:
ENABLE_STEREO:
ENABLE_SUBDOMAINS:
ENABLE_TALK_WHILE_MUTED:
ENABLE_TCC:
ENABLE_TRANSCRIPTIONS: 1
ENABLE_XMPP_WEBSOCKET:
ENABLE_JAAS_COMPONENTS:
ETHERPAD_PUBLIC_URL:
ETHERPAD_URL_BASE: ${JITSI__ETHERPAD_URL_BASE}
E2EPING_NUM_REQUESTS:
E2EPING_MAX_CONFERENCE_SIZE:
E2EPING_MAX_MESSAGE_PER_SECOND:
GOOGLE_ANALYTICS_ID:
GOOGLE_API_APP_CLIENT_ID:
HIDE_PREMEETING_BUTTONS:
HIDE_PREJOIN_DISPLAY_NAME:
HIDE_PREJOIN_EXTRA_BUTTONS:
INVITE_SERVICE_URL:
LETSENCRYPT_DOMAIN:
LETSENCRYPT_EMAIL:
LETSENCRYPT_USE_STAGING:
MATOMO_ENDPOINT:
MATOMO_SITE_ID:
MICROSOFT_API_APP_CLIENT_ID:
NGINX_RESOLVER:
NGINX_WORKER_PROCESSES:
NGINX_WORKER_CONNECTIONS:
PEOPLE_SEARCH_URL:
PREFERRED_LANGUAGE:
PUBLIC_URL: ${JITSI__PUBLIC_URL}
P2P_PREFERRED_CODEC:
RESOLUTION:
RESOLUTION_MIN:
RESOLUTION_WIDTH:
RESOLUTION_WIDTH_MIN:
START_AUDIO_MUTED:
START_AUDIO_ONLY:
START_BITRATE:
START_SILENT:
START_WITH_AUDIO_MUTED:
START_VIDEO_MUTED:
START_WITH_VIDEO_MUTED:
TESTING_CAP_SCREENSHARE_BITRATE:
TESTING_OCTO_PROBABILITY:
TOKEN_AUTH_URL:
TOOLBAR_BUTTONS:
TRANSLATION_LANGUAGES:
TRANSLATION_LANGUAGES_HEAD:
TZ: ${TZ}
USE_APP_LANGUAGE:
VIDEOQUALITY_BITRATE_H264_LOW:
VIDEOQUALITY_BITRATE_H264_STANDARD:
VIDEOQUALITY_BITRATE_H264_HIGH:
VIDEOQUALITY_BITRATE_VP8_LOW:
VIDEOQUALITY_BITRATE_VP8_STANDARD:
VIDEOQUALITY_BITRATE_VP8_HIGH:
VIDEOQUALITY_BITRATE_VP9_LOW:
VIDEOQUALITY_BITRATE_VP9_STANDARD:
VIDEOQUALITY_BITRATE_VP9_HIGH:
VIDEOQUALITY_ENFORCE_PREFERRED_CODEC:
VIDEOQUALITY_PREFERRED_CODEC:
XMPP_AUTH_DOMAIN:
XMPP_BOSH_URL_BASE:
XMPP_DOMAIN:
XMPP_GUEST_DOMAIN:
XMPP_MUC_DOMAIN:
XMPP_RECORDER_DOMAIN:
XMPP_PORT:
WHITEBOARD_ENABLED:
WHITEBOARD_COLLAB_SERVER_PUBLIC_URL:
hostname: meet.jitsi
image: jitsi/web:${JITSI_IMAGE_VERSION:-stable}
labels:
swag: enable
swag_proto: https
swag_url: meet.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Jitsi
swag.uptime-kuma.monitor.url: https://meet.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Professional Services
homepage.name: Jitsi
homepage.href: https://meet.${MY_TLD}
homepage.icon: jitsi.png
homepage.description: Web Conferencing
networks:
default: null
ports:
- 8001:80
- 8002:443
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/web
target: /config
type: bind
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/web/crontabs
target: /var/spool/cron/crontabs
type: bind
- bind:
create_host_path: true
selinux: Z
source: ${DOCKER_VOLUME_CONFIG}/jitsi/transcripts
target: /usr/share/jitsi-meet/transcripts
type: bind
joplin-db:
container_name: joplin-db
environment:
POSTGRES_PASSWORD: ${JOPLIN_POSTGRES_PASSWORD}
POSTGRES_USER: ${JOPLIN_POSTGRES_USER}
POSTGRES_DB: ${JOPLIN_POSTGRES_DATABASE}
expose:
- 5432
image: postgres:17-alpine@sha256:ef257d85f76e48da1c64832459b59fcaba1a4dac97bf5d7450c77753542eee94
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: joplin_data
target: /var/lib/postgresql/data
type: volume
volume: {}
joplin:
container_name: joplin
environment:
ACCOUNT_TYPES_ENABLED: true
APP_PORT: ${JOPLIN_APP_PORT}
APP_BASE_URL: ${JOPLIN_APP_BASE_URL}
DB_CLIENT: pg
INSTANCE_NAME: "Joplin @ Rinoa"
IS_ADMIN_INSTANCE: true
MAILER_ENABLED: 1
MAILER_HOST: postal-SMTP
MAILER_PORT: 25
MAILER_SECURITY: none
MAILER_AUTH_USER: ${POSTAL_SMTP_AUTH_USER}
MAILER_AUTH_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
MAILER_NOREPLY_NAME: Joplin @ Rinoa
MAILER_NOREPLY_EMAIL: noreply@${MY_TLD}
POSTGRES_PASSWORD: ${JOPLIN_POSTGRES_PASSWORD}
POSTGRES_DATABASE: ${JOPLIN_POSTGRES_DATABASE}
POSTGRES_USER: ${JOPLIN_POSTGRES_USER}
POSTGRES_PORT: 5432
POSTGRES_HOST: joplin-db
image: joplin/server:latest@sha256:95b67dc6a4e77a974ac2bcc86818cbbfe5495e7b62d06a66f848a877878dce53
labels:
homepage.group: Personal Tools
homepage.name: Joplin
homepage.href: https://notes.${MY_TLD}
homepage.icon: joplin.svg
homepage.description: Open-source note taking & to-do
swag: enable
swag_url: notes.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Joplin
swag.uptime-kuma.monitor.url: https://notes.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 22300:22300
profiles: ["rinoa-apps"]
restart: unless-stopped
karakeep:
container_name: karakeep
image: ghcr.io/karakeep-app/karakeep:release@sha256:abd7d6b11b1b8fa3593d1971f886a74850ba8d6a99291218b150207d5a60378e
environment:
BROWSER_WEB_URL: http://chrome:9222
DATA_DIR: /data
INFERENCE_TEXT_MODEL: llama3.3:latest
INFERENCE_IMAGE_MODEL: llava:latest
MEILI_ADDR: http://meilisearch:7700
NEXTAUTH_SECRET: ${KARAKEEP_NEXTAUTH_SECRET}
NEXTAUTH_URL: https://kkeep.${MY_TLD}
OPENAI_API_KEY: ${LIBRECHAT_OPENAI_API_KEY}
OLLAMA_BASE_URL: http://ollama:11434
labels:
homepage.group: Lifestyle
homepage.name: Karakeep
homepage.href: https://kkeep.${MY_TLD}
homepage.icon: karakeep-dark.svg
homepage.description: Self-hosted bookmark-everything app with a touch of AI for data hoarders
homepage.widget.type: karakeep
homepage.widget.url: http://karakeep:3000
homepage.widget.key: ${KARAKEEP_HOMEPAGE_WIDGET_KEY}
swag: enable
swag_url: kkeep.${MY_TLD}
swag_port: 3000
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Karakeep
swag.uptime-kuma.monitor.url: https://kkeep.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 24977:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- karakeep-data:/data
languagetool:
container_name: languagetool
environment:
langtool_languageModel: /opt/languagetool/langModel
Java_Xms: 512m
Java_Xmx: 1g
expose:
- 8010
image: elestio/languagetool:latest@sha256:85a32bdef9e7d87125977a201bfe7aa4310e67cab8abfa370157a9fc67cda4cd
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/languagetool/:/opt/languagetool/langModel
libretranslate:
container_name: libretranslate
environment:
LT_UPDATE_MODELS: true
healthcheck:
test: ["CMD-SHELL", "./venv/bin/python scripts/healthcheck.py"]
image: libretranslate/libretranslate@sha256:c057e7fb60731a768406e6630909ce6fb5127b594109966b3b2fd90f9eccdac1
labels:
homepage.group: Personal Tools
homepage.name: LibreTranslate
homepage.href: https://translate.${MY_TLD}
homepage.icon: sh-libretranslate.svg
homepage.description: Open-source machine translation API
swag: enable
swag_port: 5000
swag_url: translate.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: LibreTranslate
swag.uptime-kuma.monitor.url: https://translate.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 5000:5000
profiles: ["rinoa-apps"]
restart: unless-stopped
stdin_open: true
tty: true
volumes:
- libretranslate_api_keys:/app/db
- libretranslate_models:/home/libretranslate/.local:rw
lidarr:
container_name: lidarr
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: America/New_York
DOCKER_MODS: ghcr.io/gilbn/theme.park:lidarr
hostname: Rinoa
image: lscr.io/linuxserver/lidarr:latest@sha256:1d49ebdfaae525d9e1e4ad5b7fa1753e364da44ac1b5e6acae241a2173ac09a4
labels:
homepage.group: Servarr Stack
homepage.name: Lidarr
homepage.href: https://lidarr.${MY_TLD}
homepage.icon: lidarr.png
homepage.description: Music Automation
homepage.widget.type: lidarr
homepage.widget.url: http://lidarr:8686
homepage.widget.key: ${LIDARR_API_KEY}
swag: enable
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Lidarr
swag.uptime-kuma.monitor.url: https://lidarr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8686:8686
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/lidarr:/config
- /rinoa-storage:/storage
- ${DOCKER_VOLUME_STORAGE}/downloads/:/downloads
lidify:
container_name: lidify
environment:
app_name: lidify
app_rev: 0.09
app_url: lidify.${MY_TLD}
dry_run_adding_to_lidarr: true
fallback_to_top_result: false
last_fm_api_key: ${LASTFM_API_KEY}
last_fm_api_secret: ${LASTFM_API_SECRET}
lidarr_address: http://lidarr:8686
lidarr_api_key: ${LIDARR_API_KEY}
lidarr_api_timeout: 120
metadata_profile_id: 1
mode: LastFM
quality_profile_id: 1
root_folder_path: /data/media/music
search_for_missing_albums: false
spotify_client_id: ${YOUR_SPOTIFY_ID}
spotify_client_secret: ${YOUR_SPOTIFY_SECRET}
expose:
- 5000
image: thewicklowwolf/lidify:latest@sha256:958eaddeef8195470b974ee03512d9a5c31ad2af3167f7824448fb026fa9c94a
labels:
homepage.group: Servarr Stack
homepage.name: Lidify
homepage.href: https://lidify.${MY_TLD}
homepage.icon: sh-lidify.png
homepage.description: Music Discovery a la Last.fm, Spotify, Pandora, etc.
swag: enable
swag_auth: authelia
swag_proto: http
swag_port: 5000
swag_url: lidify.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Lidify
swag.uptime-kuma.monitor.url: https://lidify.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/lidify
target: /lidify/config
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_STORAGE}/Audio/Music
target: /data/media/music
type: bind
bind:
create_host_path: true
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
linkstack:
container_name: linkstack
image: linkstackorg/linkstack:latest@sha256:abd691b4293b020a317de8794737671e0315159efcb868e8a4124d6f0611f7ae
environment:
TZ: ${TZ}
SERVER_ADMIN: noreply@${MY_TLD}
HTTP_SERVER_NAME: profile.${MY_TLD}
HTTPS_SERVER_NAME: profile.${MY_TLD}
LOG_LEVEL: info
PHP_MEMORY_LIMIT: 256M
UPLOAD_MAX_FILESIZE: 64M
labels:
homepage.group: Social
homepage.name: LinkStack
homepage.href: https://profile.${MY_TLD}
homepage.icon: linkstack.svg
homepage.description: Personal profile
swag: enable
swag_proto: https
swag_url: profile.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: LinkStack
swag.uptime-kuma.monitor.url: "https://profile.${MY_TLD}/@Trez.One"
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 8190:443
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- linkstack_data:/htdocs
lldap:
container_name: lldap
environment:
UID: ${PUID}
GID: ${PGID}
TZ: ${TZ}
LLDAP_JWT_SECRET: ${LLDAP_JWT_SECRET}
LLDAP_KEY_SEED: ${LLDAP_KEY_SEED}
LLDAP_LDAP_BASE_DN: dc=trez,dc=wtf
image: lldap/lldap:stable@sha256:9e605a66c02514bfcffd1b67cafb1e98d50992216bb2871d7ae44622047dd09d
labels:
homepage.group: Privacy/Security
homepage.name: LLDAP
homepage.href: https://ldap.${MY_TLD}
homepage.icon: /icons/lldap.png
homepage.description: LDAP made easy
swag: enable
swag_proto: http
swag_port: 17170
swag_url: ldap.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: LLDAP
swag.uptime-kuma.monitor.url: https://ldap.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 17170:17170
profiles: ["rinoa-apps"]
restart: always
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/lldap
target: /data
type: bind
bind:
create_host_path: true
loggifly:
image: ghcr.io/clemcer/loggifly:latest@sha256:6faa4d4964994a9213494f879b58085acc04cafa2927cadfde98657676dfd199
container_name: loggifly
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${DOCKER_VOLUME_CONFIG}/loggifly/config.yaml:/app/config.yaml # Path to your config file (ignore if you are only using environment variables)
maloja:
container_name: maloja
environment:
MALOJA_CLEAN_OUTPUT: true
MALOJA_DEV_MODE: false
MALOJA_FORCE_PASSWORD: ${MALOJA_FORCE_PASSWORD}
MALOJA_LASTFM_API_KEY: ${LASTFM_API_KEY}
MALOJA_LASTFM_API_SECRET: ${LASTFM_API_SECRET}
MALOJA_LASTFM_PASSWORD: ${LASTFM_PASSWORD}
MALOJA_LASTFM_USERNAME: ${LASTFM_USERNAME}
MALOJA_LOGGING: true
MALOJA_PARSE_REMIX_ARTISTS: true
MALOJA_SCROBBLE_LASTFM: true
MALOJA_SKIP_SETUP: true
MALOJA_SPOTIFY_API_ID: ${YOUR_SPOTIFY_ID}
MALOJA_SPOTIFY_API_SECRET: ${YOUR_SPOTIFY_SECRET}
MALOJA_TIMEZONE: ${TZ}
image: krateng/maloja:latest@sha256:4ecea26058d2ca5168a8d53820279942d28f0606664cea6425f42371d5d88f95
labels:
homepage.group: Media Library
homepage.name: Maloja
homepage.href: https://maloja.${MY_TLD}
homepage.icon: maloja.png
homepage.description: Simple self-hosted music scrobble database to create personal listening statistics
swag: enable
swag_proto: http
swag_port: 42010
swag_url: maloja.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Maloja
swag.uptime-kuma.monitor.url: https://maloja.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 42010:42010
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/maloja/config
target: /etc/maloja
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/maloja/data
target: /var/lib/maloja
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/maloja/logs
target: /var/log/maloja
type: bind
bind:
create_host_path: true
manyfold:
container_name: manyfold
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
DATABASE_URL: sqlite3:/config/manyfold.sqlite3
REDIS_URL: redis://manyfold-valkey:6379/2
SECRET_KEY_BASE: ${MANYFOLD_SECRET_KEY_BASE}
MUTLIUSER: enabled
image: lscr.io/linuxserver/manyfold:latest@sha256:d1641224025e227201b6110a9cb699b324395b0980d35f2808769f4ea79846f1
labels:
homepage.group: Lifestyle
homepage.name: Manyfold
homepage.href: https://3dprint.${MY_TLD}
homepage.icon: manyfold.svg
homepage.description: Self-hosted digital asset manager for 3D print files
swag: enable
swag_proto: http
swag_port: 3214
swag_url: 3dprint.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.monitor.url: https://3dprint.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 3214:3214
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/manyfold/config:/config
- ${DOCKER_VOLUME_CONFIG}/manyfold/library:/libraries #optional
manyfold-valkey:
container_name: manyfold-valkey
<<: *valkey-params
volumes:
- manyfold-valkey-data:/data/valkey
mariadb:
container_name: mariadb
environment:
MYSQL_ROOT_PASSWORD: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD}
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
healthcheck:
test:
[
"CMD-SHELL",
"mariadb-admin ping -h localhost -p${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD}|| exit 1",
]
interval: 1m30s
timeout: 10s
retries: 5
hostname: Rinoa
image: linuxserver/mariadb@sha256:195b6be2d3e2dd0744a54ba2542a136c572b3375bc7f019e37a505da5da3022b
networks:
default: null
ports:
- 3306:3306
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/mariadb:/config
- ${DOCKER_VOLUME_STORAGE}:/storage
- ${DOCKER_VOLUME_CONFIG}/mariadb:/var/lib/mysql
mastodon:
container_name: mastodon
depends_on:
mastodon-pg-db:
condition: service_healthy
required: true
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
LOCAL_DOMAIN: mastodon.${MY_TLD}
WEB_DOMAIN: mastodon.${MY_TLD}
REDIS_HOST: mastodon-valkey
REDIS_PORT: 6379
DB_HOST: mastodon-pg-db
DB_USER: mastodon
DB_NAME: mastodon
DB_PASS: ${MASTODON_PG_DB_PASSWORD}
DB_PORT: 5432
ES_ENABLED: false
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY: ${MASTODON_ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY}
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY: ${MASTODON_ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY}
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT: ${MASTODON_ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT}
SECRET_KEY_BASE: ${MASTODON_SECRET_KEY_BASE}
OTP_SECRET: ${MASTODON_OTP_SECRET}
VAPID_PRIVATE_KEY: ${MASTODON_VAPID_PRIVATE_KEY}
VAPID_PUBLIC_KEY: ${MASTODON_VAPID_PUBLIC_KEY}
SMTP_SERVER: postal-smtp
SMTP_PORT: 25
SMTP_LOGIN: ${POSTAL_SMTP_AUTH_USER}
SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
SMTP_FROM_ADDRESS: noreply@${MY_TLD}
S3_ENABLED: true
S3_ENDPOINT: http://minio:9000
S3_REGION: us-east-fh-pln
S3_HOST: s3.${MY_TLD}
S3_PROTOCOL: https
S3_BUCKET: mastodon
AWS_ACCESS_KEY_ID: ${MASTODON_MINIO_ACCESS_KEY}
AWS_SECRET_ACCESS_KEY: ${MASTODON_MINIO_SECRET_KEY}
expose:
- 3000
image: lscr.io/linuxserver/mastodon:latest@sha256:b15c78b3bdaeb84bac40a6900dc2e37d188e0b9b512299e5b2f99766106a38d8
labels:
swag: enable
swag_proto: http
swag_port: 80
swag_url: mastodon.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Mastodon
swag.uptime-kuma.monitor.url: https://mastodon.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Social
homepage.name: Mastodon
homepage.href: https://mastodon.${MY_TLD}
homepage.icon: mastodon.svg
homepage.description: Open-source social network
homepage.widget.type: mastodon
homepage.widget.url: https://mastodon.${MY_TLD}
ports:
- 9044:80
- 3444:443
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/mastodon:/config
mastodon-pg-db:
container_name: mastodon-pg-db
environment:
POSTGRES_USER: mastodon
POSTGRES_PASSWORD: ${MASTODON_PG_DB_PASSWORD}
POSTGRES_DB: mastodon
expose:
- 5432
healthcheck:
test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER
start_period: 20s
timeout: 30s
interval: 10s
retries: 5
image: postgres:17-alpine@sha256:ef257d85f76e48da1c64832459b59fcaba1a4dac97bf5d7450c77753542eee94
profiles: ["rinoa-apps"]
restart: always
volumes:
- mastodon-pg-db:/var/lib/postgresql/data
mastodon-valkey:
container_name: mastodon-valkey
<<: *valkey-params
volumes:
- mastodon-valkey-data:/data/valkey
maxun-backend:
container_name: maxun-backend
depends_on:
maxun-pg-db:
condition: service_healthy
required: true
minio:
condition: service_started
required: true
<<: *maxun-env
expose:
- 8080
image: getmaxun/maxun-backend:latest@sha256:d9c5f3036d2bccde7387cd3ab06f6cb9f23fb9f8094a9bf83eb194683724430e
mem_limit: 2g # Set a 2GB memory limit
ports:
- 8369:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
security_opt:
- seccomp=unconfined # This might help with browser sandbox issues
shm_size: "2gb" # Increase shared memory size for Chromium
volumes:
- /var/run/dbus:/var/run/dbus
maxun-frontend:
container_name: maxun-frontend
depends_on:
- maxun-backend
<<: *maxun-env
image: getmaxun/maxun-frontend:latest@sha256:fd6f977affa245a2b7d93ffada7c9a5d36657b1948d2374914d6a71e0df63dd6
labels:
swag: enable
swag_proto: http
swag_port: 5173
swag_url: scrape.${MY_TLD}
swag_server_custom_directive: |
location ~ ^/(auth|storage|record|workflow|robot|proxy|api-docs|api|webhook|socket.io)(/|$) {
proxy_pass http://maxun-backend:8080;
}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Maxun (Frontend)
swag.uptime-kuma.monitor.url: https://scrape.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Personal Tools
homepage.name: Maxun
homepage.href: https://scrape.${MY_TLD}
homepage.icon: sh-maxun.svg
homepage.description: No-code web data extraction platform
ports:
- 5173:5173
profiles: ["rinoa-apps"]
restart: unless-stopped
maxun-pg-db:
container_name: maxun-pg-db
image: postgres:17-alpine@sha256:ef257d85f76e48da1c64832459b59fcaba1a4dac97bf5d7450c77753542eee94
environment:
POSTGRES_USER: maxun
POSTGRES_PASSWORD: ${MAXUN_DB_PASSWORD}
POSTGRES_DB: maxun
expose:
- 5432
healthcheck:
test: ["CMD-SHELL", "pg_isready -U maxun"]
interval: 10s
timeout: 5s
retries: 5
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- maxun-pg-data:/var/lib/postgresql/data
maxun-valkey:
container_name: maxun-valkey
<<: *valkey-params
volumes:
- maxun-valkey-data:/data/valkey
meilisearch:
container_name: meilisearch
environment:
MEILI_HOST: http://meilisearch:7700
MEILI_NO_ANALYTICS: true
MEILI_MASTER_KEY: ${MEILISEARCH_MASTER_KEY}
image: getmeili/meilisearch:v1.24@sha256:d991eb07331e9d1f9cec7bc0f9523fd5d51aee3b223d997e0e66206361952056
ports:
- 7700:7700
profiles: ["rinoa-apps"]
restart: always
user: ${PUID}:${PGID}
volumes:
- ${DOCKER_VOLUME_CONFIG}/meilisearch:/meili_data
meme-search-pro:
container_name: meme-search-pro
depends_on:
meme-search-db:
condition: service_healthy
environment:
DATABASE_URL: postgres://meme-search:${MEME_SEARCH_PG_PASSWORD}@meme-search-db:5432/meme-search
image: ghcr.io/neonwatty/meme_search_pro:latest@sha256:bf3c20a6a0407ffa594d3e2fe8611073c0499659c90f44a28decd5e701e9e1f6
labels:
swag: enable
swag_proto: http
swag_port: 3000
swag_url: memes.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Meme Search Pro
swag.uptime-kuma.monitor.url: https://memes.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Social
homepage.name: Meme Search Pro
homepage.href: https://memes.${MY_TLD}
homepage.icon: sh-meme-search.svg
homepage.description: Meme search engine built with Python and Ruby
ports:
- 14058:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/meme_search_pro/memes/:/rails/public/memes
meme-search-pro-img2txt-gen:
image: ghcr.io/neonwatty/image_to_text_generator:latest@sha256:e8445afab38e2eae1fcb95101dd26cf66708ef72127b291cab748050b4700cb8
container_name: meme-search-pro-img2txt-gen
deploy:
resources:
limits:
memory: 12GB
environment:
APP_PORT: 3000
expose:
- 8000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/meme_search_pro/memes/:/app/public/memes
- ${DOCKER_VOLUME_CONFIG}/meme_search_pro/db-data/image_to_text_generator:/app/db
- ${DOCKER_VOLUME_CONFIG}/meme_search_pro/models:/root/.cache/huggingface
meme-search-db:
container_name: meme-search-db
environment:
POSTGRES_DB: meme-search
POSTGRES_USER: meme-search
POSTGRES_PASSWORD: ${MEME_SEARCH_PG_PASSWORD}
expose:
- 5432
healthcheck:
test: ["CMD-SHELL", "pg_isready -U meme-search"]
interval: 10s
timeout: 5s
retries: 5
image: pgvector/pgvector:pg17@sha256:9ae02a756ba16a2d69dd78058e25915e36e189bb36ddf01ceae86390d7ed786a
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/meme_search_pro/db-data/meme-search-db:/var/lib/postgresql/data
mini-qr:
container_name: mini-qr
image: ghcr.io/lyqht/mini-qr:latest@sha256:babe90594f88cb3e8463a7622b1aac46defff7ef5c8d991299c5df4ca8514f66
labels:
swag: enable
swag_auth: authelia
swag_proto: http
swag_port: 8080
swag_url: qr.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Mini-QR
swag.uptime-kuma.monitor.url: https://qr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Lifestyle
homepage.name: Mini-QR
homepage.href: https://qr.${MY_TLD}
homepage.icon: sh-mini-qr.svg
homepage.description: Scan and generate customized QR codes easily
ports:
- 14815:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
minio:
command: server --console-address ":9090" /mnt/data
container_name: minio
environment:
MINIO_ROOT_USER: minioadmin
MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
MINIO_ACCESS_KEY: ${MINIO_MIMIR_STORAGE_ACCESS_KEY}
MINIO_SECRET_KEY: ${MINIO_MIMIR_STORAGE_SECRET_KEY}
hostname: minio
image: minio/minio:RELEASE.2025-04-22T22-12-26Z@sha256:a1ea29fa28355559ef137d71fc570e508a214ec84ff8083e39bc5428980b015e
labels:
swag: enable
swag_proto: http
swag_port: 9090
swag_url: s3.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: MinIO
swag.uptime-kuma.monitor.url: https://s3.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: System Administration
homepage.name: MinIO
homepage.href: https://s3.${MY_TLD}
homepage.icon: minio.png
homepage.description: S3-compatible storage backend
networks:
default: null
ports:
- 9001:9000
- 9092:9090
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/minio/data
target: /mnt/data
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/minio/minio
target: /etc/config.env
type: bind
bind:
create_host_path: true
mixpost:
container_name: mixpost
image: inovector/mixpost:latest@sha256:088a0eed84289e9a408294acea969c1eebf80dff803d165629fe20c3442b0f8c
depends_on:
mariadb:
condition: service_healthy
required: true
mixpost-valkey:
condition: service_healthy
environment:
APP_NAME: Mixpost
APP_KEY: ${MIXPOST_APP_KEY}
APP_DEBUG: true
APP_DOMAIN: social.${MY_TLD}
APP_URL: https://social.${MY_TLD}
DB_HOST: mariadb
DB_DATABASE: mixpost
DB_USERNAME: mixpost
DB_PASSWORD: ${MIXPOST_DB_PASSWORD}
REDIS_HOST: mixpost-valkey
REDIS_PORT: 6379
labels:
swag: enable
swag_port: 80
swag_proto: http
swag_url: social.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Mixpost
swag.uptime-kuma.monitor.url: https://social.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Social
homepage.name: Mixpost
homepage.href: https://social.${MY_TLD}
homepage.icon: mixpost.svg
homepage.description: Multi-channel social media manager
ports:
- 61757:80
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- mixpost-storage:/var/www/html/storage/app
- mixpost-logs:/var/www/html/storage/logs
mixpost-valkey:
container_name: mixpost-valkey
<<: *valkey-params
volumes:
- mixpost-valkey-data:/data/valkey
mgob:
command: "-LogLevel=info"
container_name: mgob
image: stefanprodan/mgob@sha256:d089c6d105d7d0f9db5222786cb93d85b1bf61e28b21ad717cea90f92570c8f3
labels:
homepage.group: System Administration
homepage.name: mgob
homepage.icon: mongodb.svg
homepage.description: Headless Automated MongoDB Backups
homepage.widget.type: customapi
homepage.widget.url: http://mgob:8090/status
homepage.widget.mappings[0].label: Plan Name
homepage.widget.mappings[0].field: plan
homepage.widget.mappings[1].label: Last Run Status
homepage.widget.mappings[1].field: last_run_status
ports:
- 48606:8090
restart: unless-stopped
volumes:
- mgob-data:/data
- mgob-tmp:/tmp
- ${DOCKER_VOLUME_STORAGE}/backups/dbs/mongodb:/storage
- ${DOCKER_VOLUME_CONFIG}/mgob/config:/config
mongodb:
command: "--config /etc/mongodb/mongod.conf"
container_name: mongodb
environment:
MONGO_INITDB_ROOT_USERNAME: ${MONGO_INITDB_ROOT_USERNAME}
MONGO_INITDB_ROOT_PASSWORD: ${MONGO_INITDB_ROOT_PASSWORD}
image: mongo:7@sha256:a814f930db8c4514f5fe5dc3e489f58637fb7ee32a7b9bb0b7064d3274e90b8e
ports:
- 27017:27017
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/mongodb/config:/etc/mongodb
- ${DOCKER_VOLUME_CONFIG}/mongodb/db:/data/db
mongodb-exporter:
command:
- --log.level=error
- --web.listen-address=:9216
- --web.telemetry-path=/metrics
container_name: mongodb-exporter
environment:
MONGODB_URI: mongodb://${MONGO_INITDB_ROOT_USERNAME}:${MONGO_INITDB_ROOT_PASSWORD}@mongodb:27017/admin?replicaSet=rinoa
image: percona/mongodb_exporter:0.47.1@sha256:8ba5d6e25fe7e30912f10b01a9e16e14c6c3af05f36dcaed0659690d70dc1670
ports:
- 9216:9216
profiles: ["rinoa-apps"]
restart: unless-stopped
multi-scrobbler:
container_name: multi-scrobbler
environment:
BASE_URL: https://scrobble.${MY_TLD}
TZ: ${TZ}
PUID: ${PUID}
PGID: ${PGID}
MALOJA_URL: http://maloja:42010
MALOJA_API_KEY: ${MALOJA_API_KEY}
LASTFM_API_KEY: ${LASTFM_API_KEY}
LASTFM_API_SECRET: ${LASTFM_API_SECRET}
LZ_USER: Trez.One
LZ_TOKEN: ${MALOJA_LISTENBRAINZ_TOKEN}
SPOTIFY_CLIENT_ID: ${YOUR_SPOTIFY_ID}
SPOTIFY_CLIENT_SECRET: ${YOUR_SPOTIFY_SECRET}
image: foxxmd/multi-scrobbler@sha256:e1e4832256f5fca895dc3e2f377abfb1476230eb6b30da97fbc32840f21d1e7f
labels:
homepage.group: Media Library
homepage.name: Multi-Scrobbler
homepage.href: https://scrobble.${MY_TLD}
homepage.icon: sh-multi-scrobbler.svg
homepage.description: JS App for scrobbling/recording play history from/to multiple sources
swag: enable
swag_auth: authelia
swag_proto: http
swag_port: 9078
swag_url: scrobble.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Multi-Scrobbler
swag.uptime-kuma.monitor.url: https://scrobble.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 9078:9078
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/multi-scrobbler
target: /config
type: bind
bind:
create_host_path: true
n8n:
container_name: n8n
environment:
N8N_HOST: n8n.${MY_TLD}
N8N_PORT: 5678
N8N_PROTOCOL: https
NODE_ENV: production
WEBHOOK_URL: https://n8n.${MY_TLD}/
GENERIC_TIMEZONE: ${TZ}
image: docker.n8n.io/n8nio/n8n@sha256:a17dbca282c95d2aa5021f0860ca136c1bda529daaa37dbece117c029d65ca39
labels:
swag: enable
swag_proto: http
swag_port: 5678
swag_url: n8n.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: n8n
swag.uptime-kuma.monitor.url: https://n8n.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Automation
homepage.name: n8n
homepage.href: https://n8n.${MY_TLD}
homepage.icon: n8n.svg
homepage.description: Extendable workflow automation tool to easily automate tasks
ports:
- 5678:5678
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- n8n-data:/home/node/.n8n
navidrome:
container_name: navidrome
environment:
ND_AUTOIMPORTPLAYLISTS: true
ND_BASEURL: ""
ND_BACKUP_PATH: /backups
ND_BACKUP_SCHEDULE: "@every 6h"
ND_BACKUP_COUNT: 7
ND_ENABLEGRAVATAR: true
ND_ENABLESHARING: true
ND_LASTFM_APIKEY: ${LASTFM_API_KEY}
ND_LASTFM_ENABLED: true
ND_LASTFM_SECRET: ${LASTFM_API_SECRET}
ND_LISTENBRAINZ_ENABLED: true
ND_LOGLEVEL: info
ND_MUSICFOLDER: /music
ND_PLAYLISTPATH: /playlists
ND_SCANNER_GROUPALBUMRELEASES: true
ND_SCANSCHEDULE: "@every 6h"
ND_SESSIONTIMEOUT: 24h
ND_SPOTIFY_ID: ${YOUR_SPOTIFY_ID}
ND_SPOTIFY_SECRET: ${YOUR_SPOTIFY_SECRET}
ND_SUBSONICARTISTPARTICIPATIONS: true
image: deluan/navidrome:latest@sha256:2ae037d464de9f802d047165a13b1c9dc2bdbb14920a317ae4aef1233adc0a3c
labels:
homepage.group: Media Library
homepage.name: Navidrome
homepage.href: https://navi.${MY_TLD}
homepage.icon: navidrome.png
homepage.description: Music Streaming
homepage.widget.type: navidrome
homepage.widget.url: http://navidrome:4533
homepage.widget.user: admin
homepage.widget.token: ${NAVIDROME_HOMEPAGE_TOKEN}
homepage.widget.salt: ${NAVIDROME_HOMEPAGE_SALT}
swag: enable
swag_port: 4533
swag_proto: http
swag_url: navi.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Navidrome
swag.uptime-kuma.monitor.url: https://navi.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 4533:4533
profiles: ["rinoa-apps"]
restart: unless-stopped
user: 1000:1000
volumes:
- ${DOCKER_VOLUME_CONFIG}/navidrome:/data
- ${DOCKER_VOLUME_STORAGE}/Audio/Music:/music
- ${DOCKER_VOLUME_STORAGE}/Audio/Playlists:/playlists
- ${DOCKER_VOLUME_STORAGE}/backups/navidrome:/backups
netalertx:
container_name: netalertx
environment:
TZ: ${TZ}
PORT: 20211
image: jokobsk/netalertx:latest@sha256:9304e29cd71bf9ddc9f33d6a7ddb3d71bab71815e077ab330f86bcc081598a79
labels:
cloudflare.tunnel.enable: true
cloudflare.tunnel.hostname: net.${MY_TLD}
cloudflare.tunnel.service: http://192.168.1.254:20211
cloudflare.tunnel.zonename: ${MY_TLD}
cloudflare.tunnel.no_tls_verify: true
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: NetAlertX
homepage.href: http://192.168.1.254:20211
homepage.icon: netalertx.svg
homepage.description: Network Monitoring
homepage.widget.type: netalertx
homepage.widget.url: http://192.168.1.254:20211
homepage.widget.key: ${NETALERTX_API_TOKEN}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: NetAlertX
swag.uptime-kuma.monitor.url: https://pics.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
network_mode: host
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/netalertx/config:/app/config
- ${DOCKER_VOLUME_CONFIG}/netalertx/db:/app/db
# (optional) useful for debugging if you have issues setting up the container
# - ${DOCKER_VOLUME_CONFIG}/netalertx/logs:/app/log
# (API: OPTION 1) use for performance
- type: tmpfs
target: /app/api
# (API: OPTION 2) use when debugging issues
# - ${DOCKER_VOLUME_CONFIG}/netalertx/api:/app/api
nextcloud:
container_name: nextcloud-aio-mastercontainer
environment:
SKIP_DOMAIN_VALIDATION: false
APACHE_ADDITIONAL_NETWORK: compose_default
APACHE_IP_BINDING: 0.0.0.0
APACHE_PORT: 11000
expose:
- 11000
image: nextcloud/all-in-one:latest@sha256:090f59bbef2c6753b2ac58163d3bece84b15af19d9d83d02c33da83080cb6400
labels:
homepage.group: Privacy/Security
homepage.name: NextCloud
homepage.href: https://cloud.${MY_TLD}
homepage.icon: nextcloud.svg
homepage.description: Private Cloud
homepage.widget.type: nextcloud
homepage.widget.url: http://nextcloud-aio-apache:11000
homepage.widget.key: ${NEXTCLOUD_HOMEPAGE_TOKEN}
swag: enable
swag_port: 11000
swag_proto: http
swag_address: nextcloud-aio-apache
swag_url: cloud.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: NextCloud
swag.uptime-kuma.monitor.url: https://cloud.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 56713:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- nextcloud_aio_mastercontainer:/mnt/docker-aio-config
nocodb:
container_name: nocodb
depends_on:
nocodb-pg-db:
condition: service_healthy
required: true
nocodb-valkey:
condition: service_healthy
required: true
environment:
NC_DB: pg://nocodb-pg-db:5432?u=nocodb&p=${NOCODB_PG_PASSWORD}&d=nocodb
NC_ADMIN_EMAIL: noreply@${MY_TLD}
NC_ADMIN_PASSWORD: ${NOCODB_ADMIN_PASSWORD}
NC_PUBLIC_URL: https://nocodb.${MY_TLD}
NC_AUTH_JWT_SECRET: ${NOCODB_AUTH_JWT_SECRET}
NC_REDIS_URL: redis://nocodb-valkey:6379
NC_SMTP_HOST: postal-smtp
NC_SMTP_PORT: 25
NC_SMTP_SECURE: true
NC_SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER}
NC_SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
NC_SMTP_FROM: noreply@${MY_TLD}
image: "nocodb/nocodb:latest@sha256:8fd57018accf775fb5390392910e4b0ef6bb154f17c5732b478eb76c40ee8d1e"
labels:
homepage.group: Code/DevOps
homepage.name: NocoDB
homepage.href: https://nocodb.${MY_TLD}
homepage.icon: nocodb.svg
homepage.description: Turn any SQL-based database into a smart spreadsheet
swag: enable
swag_port: 8080
swag_proto: http
swag_url: nocodb.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: NocoDB
swag.uptime-kuma.monitor.url: https://nocodb.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 8946:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- nocodb_data:/usr/app/data
nocodb-pg-db:
container_name: nocodb-pg-db
environment:
POSTGRES_DB: nocodb
POSTGRES_PASSWORD: ${NOCODB_PG_PASSWORD}
POSTGRES_USER: nocodb
expose:
- 5432
healthcheck:
interval: 10s
retries: 10
test: 'pg_isready -U "$$POSTGRES_USER" -d "$$POSTGRES_DB"'
timeout: 2s
image: postgres:16-alpine@sha256:029660641a0cfc575b14f336ba448fb8a75fd595d42e1fa316b9fb4378742297
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- nocodb_pg_data:/var/lib/postgresql/data
nocodb-valkey:
container_name: nocodb-valkey
<<: *valkey-params
volumes:
- nocodb_valkey_data:/data/valkey
ollama:
container_name: ollama
image: ollama/ollama:latest@sha256:e8c3d1f6ad16323bc40dc63eff0701d4fc32113f75a86b54b3e836eef8290de6
ports:
- 11434:11434
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ollama:/root/.ollama
ombi:
container_name: ombi
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: America/New_York
hostname: Rinoa
image: lscr.io/linuxserver/ombi:latest@sha256:701c9801649b2245335b9a99f1dd05d34d1718f1f52bfc021483d1712c83d915
labels:
homepage.group: Media Library
homepage.name: Ombi
homepage.href: https://ombi.${MY_TLD}
homepage.icon: ombi.png
homepage.description: Media Requests
homepage.widget.type: ombi
homepage.widget.url: http://ombi:3579
homepage.widget.key: ${OMBI_API_KEY}
swag: enable
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Ombi
swag.uptime-kuma.monitor.url: https://ombi.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 3579:3579
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/ombi
target: /config
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
omnitools:
container_name: omnitools
image: iib0011/omni-tools:latest@sha256:66027051e7fcf25ca898f3ddddb1e7a7a6682fea4985ca4b96444a7b9d5a984c
labels:
homepage.group: Personal Tools
homepage.name: OmniTools
homepage.href: https://otools.${MY_TLD}
homepage.icon: sh-omnitools.png
homepage.description: Tools for common tasks
swag: enable
swag_url: otools.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: OmniTools
swag.uptime-kuma.monitor.url: https://otools.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 23693:80
profiles: ["rinoa-apps"]
restart: unless-stopped
omnipoly:
container_name: omnipoly
depends_on:
languagetool:
condition: service_started
required: true
libretranslate:
condition: service_healthy
required: true
environment:
LANGUAGE_TOOL: http://languagetool:8010
LIBRETRANSLATE: http://libretranslate:5000
OLLAMA: http://ollama:11434
OLLAMA_MODEL: smollm2:1.7b
THEME: "pole"
DISABLE_DICTIONARY: false
image: kweg/omnipoly:latest@sha256:fa133d5ac6534ee45e393fab85ad61098a0826351724996e0d29ba61033dde7d
labels:
homepage.group: Personal Tools
homepage.name: OmniPoly
homepage.href: https://poly.${MY_TLD}
homepage.icon: sh-omnipoly.svg
homepage.description: Open-source language translation with LanguageTool, LibreTranslate, & Ollama
swag: enable
swag_url: poly.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: OmniPoly
swag.uptime-kuma.monitor.url: https://poly.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 3734:80
profiles: ["rinoa-apps"]
restart: unless-stopped
open-webui:
container_name: open-webui
depends_on:
ollama:
condition: service_started
required: true
stable-diffusion-webui:
condition: service_started
required: true
environment:
OLLAMA_BASE_URLS: http://ollama:11434;http://192.168.1.250:11434;http://192.168.1.252:11434
WEBUI_AUTH: false
ENABLE_IMAGE_GENERATION: "true"
AUTOMATIC1111_BASE_URL: http://stable-diffusion-webui:7860
IMAGE_SIZE: "1024x1024"
IMAGE_STEPS: "3"
ENABLE_OTEL: true
ENABLE_OTEL_METRICS: true
OTEL_EXPORTER_OTLP_INSECURE: true # Use insecure connection for OTLP, remove in production
OTEL_EXPORTER_OTLP_ENDPOINT: http://signoz-otel-collector:4317
OTEL_SERVICE_NAME: open-webui
ENABLE_RAG_WEB_SEARCH: True
RAG_WEB_SEARCH_ENGINE: searxng
RAG_WEB_SEARCH_RESULT_COUNT: 3
RAG_WEB_SEARCH_CONCURRENT_REQUESTS: 10
SEARXNG_QUERY_URL: "http://searxng:8080/search?q=<query>"
# LibreTranslate
LT_DEBUG: false
LT_UPDATE_MODELS: true
LT_SSL: false
LT_SUGGESTIONS: false
LT_METRICS: false
LT_HOST: http://libretranslate:5000
LT_API_KEYS: false
LT_THREADS: 12
LT_FRONTEND_TIMEOUT: 2000
# Redis Websocket
ENABLE_WEBSOCKET_SUPPORT: true
WEBSOCKET_MANAGER: redis
WEBSOCKET_REDIS_URL: redis://open-webui-valkey:6379/0
REDIS_KEY_PREFIX: open-webui
image: ghcr.io/open-webui/open-webui:main@sha256:53a4d2fc8c7a7cc620cd18e6fe416ed9940f2db87fddf837e3aa55111bec6995
labels:
homepage.group: Personal Tools
homepage.name: Open WebUI
homepage.href: https://ai.${MY_TLD}
homepage.icon: open-webui.svg
homepage.description: User-friendly and extensible AI interface
swag: enable
swag_port: 8080
swag_proto: http
swag_auth: authelia
swag_url: ai.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Open WebUI
swag.uptime-kuma.monitor.url: https://ai.${MY_TLD}/health
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
swag.uptime-kuma.monitor.type: https
ports:
- 3080:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- open-webui-data:/app/backend/data
open-webui-valkey:
container_name: open-webui-valkey
<<: *valkey-params
volumes:
- open-webui-valkey-data:/data/valkey
paperless-ngx:
container_name: paperless-ngx
depends_on:
mariadb:
condition: service_healthy
required: true
restart: true
environment:
PAPERLESS_DBENGINE: mariadb
PAPERLESS_DBHOST: mariadb
PAPERLESS_DBPASS: ${PAPERLESS_DBPASS}
PAPERLESS_DBPORT: 3306
PAPERLESS_DBUSER: paperless
PAPERLESS_OCR_LANGUAGE: eng
PAPERLESS_OCR_LANGUAGES: all
PAPERLESS_REDIS: redis://paperless-valkey:6379
PAPERLESS_SECRET_KEY: ${PAPERLESS_SECRET_KEY}
PAPERLESS_TIME_ZONE: ${TZ}
PAPERLESS_URL: https://docs.${MY_TLD}
USERMAP_GID: ${PGID}
USERMAP_UID: ${PUID}
image: ghcr.io/paperless-ngx/paperless-ngx:latest@sha256:5f2a72fd7be42c6b1d8fa1751606a140452d4c3e6e829ae6b1b15e3c95129481
labels:
swag: enable
swag_proto: http
swag_port: 8000
swag_url: docs.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Paperless-ngx
swag.uptime-kuma.monitor.url: https://docs.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Personal Tools
homepage.name: Paperless-ngx
homepage.href: https://docs.${MY_TLD}
homepage.icon: paperless-ngx.svg
homepage.description: Document indexer & archiver with OCR
networks:
default: null
ports:
- 8004:8000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: paperless-ngx-data
target: /usr/src/paperless/data
type: volume
volume: {}
- source: paperless-ngx-media
target: /usr/src/paperless/media
type: volume
volume: {}
- source: ${DOCKER_VOLUME_CONFIG}/paperless-ngx/export
target: /usr/src/paperless/export
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/paperless-ngx/consume
target: /usr/src/paperless/consume
type: bind
bind:
create_host_path: true
paperless-valkey:
container_name: paperless-valkey
<<: *valkey-params
volumes:
- paperless-valkey-data:/data/valkey
pgbackweb:
container_name: pgbackweb
depends_on:
pgbackweb-db:
condition: service_healthy
environment:
PBW_ENCRYPTION_KEY: ${PGBACKWEB_ENCRYPTION_KEY}
PBW_POSTGRES_CONN_STRING: "postgresql://pgbackweb:${PGBACKWEB_PG_DB_PASSWD}@pgbackweb-db:5432/pgbackweb?sslmode=disable"
TZ: ${TZ}
image: eduardolat/pgbackweb:latest@sha256:56358e7adff53250ec0b43cf2764e723e45872fa2b92b9608fdddfeebaafbed7
labels:
homepage.group: System Administration
homepage.name: PG Back Web
homepage.href: https://pg.${MY_TLD}
homepage.icon: sh-pg-back-web.svg
homepage.description: Backups for PostgreSQL
swag: enable
swag_proto: http
swag_port: 8085
swag_url: pg.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.name: PG Back Web
swag.uptime-kuma.monitor.url: https://pg.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- "8085:8085" # Access the web interface at http://localhost:8085
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_STORAGE}/backups/dbs/:/backups
pgbackweb-db:
container_name: pgbackweb-db
environment:
POSTGRES_USER: pgbackweb
POSTGRES_DB: pgbackweb
POSTGRES_PASSWORD: ${PGBACKWEB_PG_DB_PASSWD}
expose:
- 5432
healthcheck:
test: ["CMD-SHELL", "pg_isready -U pgbackweb -d pgbackweb"]
interval: 5s
timeout: 5s
retries: 5
image: postgres:17-alpine@sha256:ef257d85f76e48da1c64832459b59fcaba1a4dac97bf5d7450c77753542eee94
restart: unless-stopped
volumes:
- pgbackweb-data:/var/lib/postgresql/data
planka:
container_name: planka
depends_on:
planka-pg-db:
condition: service_healthy
environment:
BASE_URL: https://kanban.${MY_TLD}
DATABASE_URL: postgresql://planka:${PLANKA_PG_PASSWORD}@planka-pg-db/planka
SECRET_KEY: ${PLANKA_SECRET_KEY}
LOG_LEVEL: warn
TRUST_PROXY: true
TOKEN_EXPIRES_IN: 365 # In days
# KNEX_REJECT_UNAUTHORIZED_SSL_CERTIFICATE: false
DEFAULT_LANGUAGE: en-US
DEFAULT_ADMIN_EMAIL: noreply@${MY_TLD}
DEFAULT_ADMIN_PASSWORD: ${PLANKA_ADMIN_PASSWORD}
DEFAULT_ADMIN_NAME: Planka Rinoa
DEFAULT_ADMIN_USERNAME: admin
S3_ENDPOINT: http://minio:9000
S3_REGION: us-east-fh-pln
S3_ACCESS_KEY_ID: ${PLANKA_MINIO_ACCESS_KEY}
S3_SECRET_ACCESS_KEY: ${PLANKA_MINIO_SECRET_KEY}
S3_BUCKET: planka
S3_FORCE_PATH_STYLE: true
SMTP_HOST: postal-smtp
SMTP_PORT: 25
SMTP_NAME: noreply@${MY_TLD}
SMTP_SECURE: true
SMTP_USER: ${POSTAL_SMTP_AUTH_USER}
SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
SMTP_FROM: '"Planka @ Rinoa" <noreply@${MY_TLD}>'
SMTP_TLS_REJECT_UNAUTHORIZED: false
image: ghcr.io/plankanban/planka:2.0.0-rc.3@sha256:5a2a69ec7159a2f9c6679c31698e4b5b17ccf254d5bfc6e9be43e411b6de0c3d
labels:
homepage.group: Professional Services
homepage.name: Planka
homepage.href: https://kanban.${MY_TLD}
homepage.icon: planka.svg
homepage.description: Kanban board
swag: enable
swag_url: kanban.${MY_TLD}
swag_address: planka
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.monitor.url: https://kanban.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 54476:1337
profiles: ["rinoa-apps"]
restart: on-failure
volumes:
- planka-favicons:/app/public/favicons
- planka-user-avatars:/app/public/user-avatars
- planka-background-images:/app/public/background-images
- planka-attachments:/app/private/attachments
planka-pg-db:
container_name: planka-pg-db
environment:
POSTGRES_DB: planka
POSTGRES_USER: planka
POSTGRES_PASSWORD: ${PLANKA_PG_PASSWORD}
POSTGRES_HOST_AUTH_METHOD: trust
expose:
- 5432
healthcheck:
test: ["CMD-SHELL", "pg_isready -U planka -d planka"]
interval: 10s
timeout: 5s
retries: 5
image: postgres:16-alpine@sha256:029660641a0cfc575b14f336ba448fb8a75fd595d42e1fa316b9fb4378742297
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- planka-db-data:/var/lib/postgresql/data
plant-it:
container_name: plant-it
depends_on:
mariadb:
condition: service_healthy
required: true
plant-it-valkey:
condition: service_healthy
required: true
environment:
MYSQL_HOST: mariadb
MYSQL_PORT: 3306
MYSQL_USERNAME: plantit
MYSQL_PSW: ${PLANTIT_DB_PASSWORD}
MYSQL_DATABASE: plantit
MYSQL_ROOT_PASSWORD: ${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD}
HTTPS_METHOD: noredirect
JWT_SECRET: ${PLANTIT_JWT_SECRET}
JWT_EXP: 1
USERS_LIMIT: -1 # less then 0 means no limit
UPLOAD_DIR: /upload-dir # path to the directory used to store uploaded images, if on docker deployment leave as it is and change the volume binding in the docker-compose file if needed
API_PORT: 8080
FLORACODEX_URL: https://api.floracodex.com
FLORACODEX_KEY: ${PLANTIT_FLORACODEX_APP_KEY}
ALLOWED_ORIGINS: "*" # CORS allowed origins (comma separated list)
LOG_LEVEL: DEBUG # could be: DEBUG, INFO, WARN, ERROR
CONTACT_MAIL: noreply@${MY_TLD} # address used as "contact" for template email
REMINDER_NOTIFY_CHECK: 0 30 7 * * * # 6-values crontab expression to set the check time for reminders
MAX_REQUESTS_PER_MINUTE: 100 # rate limiting of the upcoming requests
NTFY_ENABLED: false # if "false" ntfy service won't be available as notification dispatcher
GOTIFY_ENABLED: true # if "false" ntfy service won't be available as notification dispatcher
CACHE_TYPE: redis # Cache type. By default, it's "redis" but can also be "none"
CACHE_TTL: 86400
CACHE_HOST: plant-it-valkey
CACHE_PORT: 6379
SMTP_HOST: postal-smtp
SMTP_PORT: 25
SMTP_EMAIL: noreply@${MY_TLD}
SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
SMTP_AUTH: true
SMTP_START_TTL: false
image: msdeluise/plant-it-server:latest@sha256:23ddf8660087d6b9f5dbdca2ca09817b84db45cb2d9d6e2e0176e70f514629e7
labels:
swag: enable
swag_proto: http
swag_port: 3000
swag_url: plants.${MY_TLD}
swag_server_custom_directive: |
location /api {
proxy_pass http://plant-it:8080;
}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Plant-It
swag.uptime-kuma.monitor.url: https://plants.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Lifestyle
homepage.name: Plant-It
homepage.href: https://plants.${MY_TLD}
homepage.icon: plant-it.png
homepage.description: 🪴 Self-hosted, open source gardening companion app
homepage.widget.type: plantit
homepage.widget.url: http://plant-it:3000
homepage.widget.key: ${PLANTIT_API_KEY}
ports:
- 64067:8080
- 3460:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/plant-it:/upload-dir
plant-it-valkey:
container_name: plant-it-valkey
<<: *valkey-params
volumes:
- plant-it-valkey-data:/data/valkey
plantuml-server:
container_name: plantuml-server
image: plantuml/plantuml-server:jetty@sha256:ac656ab4215fd80554c59330fd365a3b29041e317f232563c7fc807680ec4ef0
labels:
homepage.group: Personal Tools
homepage.name: PlantUML
homepage.href: https://plantuml.${MY_TLD}
homepage.icon: plantuml.svg
homepage.description: Textual diagram generator for UML & other visualizations.
swag: enable
swag_port: 8080
swag_url: plantuml.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.monitor.url: https://plantuml.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 42262:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
portainer:
container_name: portainer
depends_on:
docker-socket-proxy:
condition: service_started
required: true
expose:
- 9000
- 9443
image: portainer/portainer-ce:alpine@sha256:adcb33ce6a1debd31918a215ebfd08bca84259b907466d93cea63bd538d20f02
labels:
swag: enable
swag_proto: http
swag_port: 9000
swag_url: portainer.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Portainer
swag.uptime-kuma.monitor.url: https://portainer.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: System Administration
homepage.name: Portainer
homepage.href: https://portainer.${MY_TLD}
homepage.icon: portainer.svg
homepage.description: Service delivery platform for containerized applications
homepage.widgets[0].type: portainer
homepage.widgets[0].url: http://portainer:9000
homepage.widgets[0].env: 7
homepage.widgets[0.key: ${PORTAINER_HOMEPAGE_TOKEN}
homepage.widgets[1].type: portainer
homepage.widgets[1].url: http://portainer:9000
homepage.widgets[1].env: 12
homepage.widgets[1.key: ${PORTAINER_HOMEPAGE_TOKEN}
homepage.widgets[2].type: portainer
homepage.widgets[2].url: http://portainer:9000
homepage.widgets[2].env: 13
homepage.widgets[2].key: ${PORTAINER_HOMEPAGE_TOKEN}
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- portainer-data:/data
- /var/run/docker.sock:/var/run/docker.sock
portchecker-web:
container_name: portchecker-web
depends_on:
portchecker-api:
required: true
condition: service_healthy
environment:
DEFAULT_HOST: # Optional, Populates a default host address value to be populataed in the in the UI input. Defaults to external/WAN IP.
DEFAULT_PORT: 443 # Optional, Populates a default port value to be populataed in the in the UI input
API_URL: http://portchecker-api:8000 # Optional, the URL of the API service. The scheme and port is required. Defaults to http://api:8000 if not set.
# GOOGLE_ANALYTICS: # Optional, set for Google Analytics integration
healthcheck:
test: ["CMD", "wget", "--spider", "-S", "http://127.0.0.1"]
interval: 30s
timeout: 10s
retries: 3
start_period: 5s
image: ghcr.io/dsgnr/portcheckerio-web:latest@sha256:8bea203e8785541c0acac7860de9f70849b05806e0c6db1d83dfc1b8407a6077
labels:
swag: enable
swag_auth: authelia
swag_proto: http
swag_url: portc.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: PortChecker
swag.uptime-kuma.monitor.url: https://portc.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: System Administration
homepage.name: PortChecker
homepage.href: https://portc.${MY_TLD}
homepage.icon: mdi-check-network-outline
homepage.description: Service delivery platform for containerized applications
ports:
- 31131:80
profiles: ["rinoa-apps"]
restart: unless-stopped
portchecker-api:
container_name: portchecker-api
environment:
ALLOW_PRIVATE: true # Prevent usage of private IP addresses
healthcheck:
test: ["CMD", "wget", "--spider", "-S", "http://127.0.0.1:8000/healthz"]
interval: 30s
timeout: 10s
retries: 3
start_period: 5s
image: ghcr.io/dsgnr/portcheckerio-api:latest@sha256:7783796d791c3e10aedba9d5f7fc2b934bb0e7afa75bc89054b70b886ed39e5c
ports:
- 36102:8000
profiles: ["rinoa-apps"]
restart: unless-stopped
postal-smtp:
cap_add:
- NET_BIND_SERVICE
command: postal smtp-server
container_name: postal-smtp
image: ghcr.io/postalserver/postal:latest@sha256:ff9a42deeda9b236ac36df012dab843b14726da8f3c2464c18c371f23107d986
networks:
default: null
ports:
- 25:25
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/postal:/config
- ${DOCKER_VOLUME_CONFIG}/swag/etc/letsencrypt/live/${MY_TLD}:/config/certs
postal-web:
command: postal web-server
container_name: postal-web
image: ghcr.io/postalserver/postal:latest@sha256:ff9a42deeda9b236ac36df012dab843b14726da8f3c2464c18c371f23107d986
labels:
swag: enable
swag_proto: http
swag_port: 5000
swag_address: postal-web
swag_url: post.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Postal
swag.uptime-kuma.monitor.url: https://post.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: System Administration
homepage.name: Postal
homepage.href: https://post.${MY_TLD}
homepage.icon: sh-postal.svg
homepage.description: OSS Mail delivery platform
networks:
default: null
ports:
- 5001:5000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/postal
target: /config
type: bind
bind:
create_host_path: true
postal-worker:
command: postal worker
container_name: postal-worker
environment:
LOG_LEVEL: debug
image: ghcr.io/postalserver/postal:latest@sha256:ff9a42deeda9b236ac36df012dab843b14726da8f3c2464c18c371f23107d986
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/postal
target: /config
type: bind
bind:
create_host_path: true
protonmail-bridge:
container_name: protonmail-bridge
image: shenxn/protonmail-bridge@sha256:3717b4441130675dc9131196de9f9c5287d2ea21b138d83b0486429e1737638a
ports:
- 1025:25/tcp
- 1143:143/tcp
restart: unless-stopped
volumes:
- protonmail-data:/root
prowlarr:
container_name: prowlarr
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: America/New_York
DOCKER_MODS: ghcr.io/gilbn/theme.park:sonarr
TP_DOMAIN: ${MY_TLD}\/themepark
TP_COMMUNITY_THEME: false
TP_THEME: space-gray
hostname: Rinoa
image: lscr.io/linuxserver/prowlarr:latest@sha256:643220338204525524db787ff38a607261597f49d1f550694acdb3e908e2b43e
labels:
homepage.group: Servarr Stack
homepage.name: Prowlarr
homepage.href: https://prowlarr.${MY_TLD}
homepage.icon: prowlarr.png
homepage.description: Index aggregator
homepage.widget.type: prowlarr
homepage.widget.url: http://prowlarr:9696
homepage.widget.key: ${PROWLARR_API_KEY}
swag: enable
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Prowlarr
swag.uptime-kuma.monitor.url: https://prowlarr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 9696:9696
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/prowlarr
target: /config
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
qbit-manage:
container_name: qbit-manage
depends_on:
qbittorrentvpn:
required: true
condition: service_started
image: ghcr.io/stuffanthings/qbit_manage:latest@sha256:64f749b97604d607747fc8b790821cf0317d8107385ea111afe1ed1c9d1d5b11
environment:
# Web API Configuration
QBT_WEB_SERVER: true # Set to true to enable web API
QBT_PORT: 8080 # Web API port (default: 8080)
# Scheduler Configuration
QBT_RUN: false
QBT_SCHEDULE: 1440
QBT_CONFIG: /config/config.yml
QBT_LOGFILE: activity.log
# Command Flags
QBT_RECHECK: false
QBT_CAT_UPDATE: false
QBT_TAG_UPDATE: false
QBT_REM_UNREGISTERED: false
QBT_REM_ORPHANED: false
QBT_TAG_TRACKER_ERROR: false
QBT_TAG_NOHARDLINKS: false
QBT_SHARE_LIMITS: false
QBT_SKIP_CLEANUP: false
QBT_DRY_RUN: false
# Logging Configuration
QBT_LOG_LEVEL: INFO
QBT_DIVIDER: "="
QBT_WIDTH: 100
ports:
- 5965:8080
profiles: ["rinoa-apps"]
restart: on-failure
volumes:
- ${DOCKER_VOLUME_CONFIG}/qbittorrent/qbit_manage/:/config:rw
- ${DOCKER_VOLUME_STORAGE}/downloads/:/downloads:rw
- ${DOCKER_VOLUME_CONFIG}/qbittorrent/qBittorrent:/qbittorrent/:ro
qbittorrentvpn:
cap_add:
- NET_ADMIN
- SYS_MODULE
container_name: qbittorrentvpn
environment:
DEBUG: true
ENABLE_PRIVOXY: yes
ENABLE_SOCKS: yes
LAN_NETWORK: 192.168.1.0/24
NAME_SERVERS: 1.1.1.1,1.0.0.1,94.140.14.14,94.140.15.15
PGID: ${PGID}
PUID: ${PUID}
SOCKS_USER: admin
SOCKS_PASS: socks
TZ: ${TZ}
VPN_CLIENT: openvpn
VPN_ENABLED: yes
VPN_INPUT_PORTS: ""
VPN_OPTIONS: ""
VPN_OUTPUT_PORTS: ""
VPN_USER: ${DELUGEVPN_ENVIRONMENT_VPN_USER}
VPN_PASS: ${DELUGEVPN_ENVIRONMENT_VPN_PASS}
VPN_PROV: pia
WEBUI_PORT: 8080
image: ghcr.io/binhex/arch-qbittorrentvpn:latest@sha256:e6556875ffa483ff603c0ed76c0c10122efad1edee2d9f5e4a94244accd5b3a3
labels:
homepage.group: Downloaders
homepage.name: qBittorrent
homepage.href: https://qbit.${MY_TLD}
homepage.icon: qbittorrent.svg
homepage.description: Fast and stable torrent client
homepage.widget.type: qbittorrent
homepage.widget.url: http://qbittorrentvpn:8080
homepage.widget.user: admin
homepage.widget.password: "${DELUGEVPN_PASSWORD}"
swag: enable
swag_server_custom_directive: |
location /mgmt {
proxy_pass http://qbit-manage:8080;
}
swag_port: 8080
swag_proto: http
swag_url: qbit.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: qBittorrent
swag.uptime-kuma.monitor.url: https://qbit.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 58846:58846
- 58946:58946/udp
- 8118:8118
- 9118:9118
- 38927:8080
privileged: true
profiles: ["rinoa-apps"]
restart: unless-stopped
sysctls:
net.ipv4.conf.all.src_valid_mark: 1
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/.openvpn:/config/openvpn
- ${DOCKER_VOLUME_CONFIG}/.wireguard:/config/wireguard
- ${DOCKER_VOLUME_CONFIG}/qbittorrent/:/config
- ${DOCKER_VOLUME_CONFIG}/qbittorrent/data:/data
- ${DOCKER_VOLUME_STORAGE}/downloads:/downloads
radarec:
container_name: radarec
environment:
auto_start: true
auto_start_delay: 60
dry_run_adding_to_radarr: false
fallback_to_top_result: false
language_choice: all
metadata_profile_id: 1
minimum_rating: 4.5
minimum_votes: 50
quality_profile_id: 1
radarr_address: http://radarr:7878
radarr_api_key: ${RADARR_API_KEY}
radarr_api_timeout: 120
root_folder_path: /data/media/movies
search_for_movie: true
tmdb_api_key: ${TMDB_API_KEY}
expose:
- 5000
image: thewicklowwolf/radarec:latest@sha256:df726f35e3a1ef2f0cd482a6cf993bac8782804efd38ee8004c8694f7e8f526e
labels:
homepage.group: Servarr Stack
homepage.name: RadaRec
homepage.href: https://radarec.${MY_TLD}
homepage.icon: sh-radarec.png
homepage.description: Movie discovery based on library/tastes
swag: enable
swag_proto: http
swag_port: 5000
swag_auth: authelia
swag_url: radarec.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: RadaRec
swag.uptime-kuma.monitor.url: https://radarec.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_STORAGE}/Movies
target: /data/media/movies
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/radarec
target: /radarec/config
type: bind
bind:
create_host_path: true
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
radarr:
container_name: radarr
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
hostname: Rinoa
image: lscr.io/linuxserver/radarr:latest@sha256:c984533510abe0219a70e80d15bd0d212b7df21baa0913759c4ce6cc9092240b
labels:
homepage.group: Servarr Stack
homepage.name: Radarr
homepage.href: https://radarr.${MY_TLD}
homepage.icon: radarr.png
homepage.description: Movie Automation
homepage.widget.type: radarr
homepage.widget.url: http://radarr:7878
homepage.widget.key: ${RADARR_API_KEY}
swag: enable
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Radarr
swag.uptime-kuma.monitor.url: https://radarr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 7878:7878
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/radarr:/config
- /rinoa-storage:/storage
- ${DOCKER_VOLUME_STORAGE}/downloads/:/downloads
reactive-resume:
container_name: reactive-resume
depends_on:
browserless:
condition: service_started
required: true
minio:
condition: service_started
required: true
reactive-resume-pg:
condition: service_started
required: true
environment:
ACCESS_TOKEN_SECRET: ${REACTIVE_RESUME_ACCESS_TOKEN_SECRET}
CHROME_PORT: 443
CHROME_TOKEN: ${CHROMIUM_TOKEN}
CHROME_URL: wss://browserless:3000
DATABASE_URL: postgresql://reactiveresume:${REACTIVE_RESUME_PGSQL_PASSWORD}@reactive-resume-pg:5432/reactiveresume
MAIL_FROM: noreply@${MY_TLD}
NODE_ENV: production
PORT: 3000
PUBLIC_URL: http://reactive-resume:3000
REFRESH_TOKEN_SECRET: ${REACTIVE_RESUME_REFRESH_TOKEN_SECRET}
SMTP_URL: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25
STORAGE_ACCESS_KEY: ${REACTIVE_RESUME_S3_ACCESS_KEY}
STORAGE_BUCKET: reactive-resume
STORAGE_ENDPOINT: minio
STORAGE_PORT: 9000
STORAGE_REGION: us-east-fh-pln
STORAGE_SECRET_KEY: ${REACTIVE_RESUME_S3_SECRET_KEY}
STORAGE_URL: https://s3.${MY_TLD}/reactive-resume
STORAGE_USE_SSL: false
TZ: ${TZ}
image: amruthpillai/reactive-resume:latest@sha256:f1b27f567b2a1b57fb6b2a81f7b9cec0af577b6be945820c1599a0a8b6b91f8b
labels:
homepage.group: Professional Services
homepage.name: Reactive Resume
homepage.href: https://resume.${MY_TLD}
homepage.icon: reactive-resume.svg
homepage.description: Open-source resume builder
swag: enable
swag_proto: http
swag_port: 3000
swag_url: resume.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Reactive Resume
swag.uptime-kuma.monitor.url: https://resume.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 3011:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
reactive-resume-pg:
container_name: reactive-resume-pg
environment:
TZ: ${TZ}
POSTGRES_DB: reactiveresume
POSTGRES_USER: reactiveresume
POSTGRES_PASSWORD: ${REACTIVE_RESUME_PGSQL_PASSWORD}
expose:
- 5432
image: postgres:16-alpine@sha256:029660641a0cfc575b14f336ba448fb8a75fd595d42e1fa316b9fb4378742297
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- reactive-resume-pg:/var/lib/postgresql/data
readarr:
container_name: readarr
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: America/New_York
DOCKER_MODS: ghcr.io/gilbn/theme.park:readnarr
hostname: Rinoa
image: lscr.io/linuxserver/readarr:develop@sha256:eb37f58646a901dc7727cf448cae36daaefaba79de33b5058dab79aa4c04aefb
labels:
homepage.group: Servarr Stack
homepage.name: Readarr
homepage.href: https://readarr.${MY_TLD}
homepage.icon: readarr.png
homepage.description: eBook/Audiobook Automation
homepage.widget.type: readarr
homepage.widget.url: http://readarr:8787
homepage.widget.key: ${READARR_API_KEY}
swag: enable
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Readarr
swag.uptime-kuma.monitor.url: https://readarr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8787:8787
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/readarr:/config
- /rinoa-storage:/storage
- ${DOCKER_VOLUME_STORAGE}/downloads/:/downloads
redlib:
cap_drop:
- ALL
container_name: redlib
environment:
REDLIB_SFW_ONLY: off
REDLIB_BANNER:
REDLIB_ROBOTS_DISABLE_INDEXING: off
REDLIB_PUSHSHIFT_FRONTEND: undelete.pullpush.io
REDLIB_DEFAULT_THEME: nord
REDLIB_DEFAULT_FRONT_PAGE: default
REDLIB_DEFAULT_LAYOUT: clean
REDLIB_DEFAULT_WIDE: on
REDLIB_DEFAULT_POST_SORT: hot
REDLIB_DEFAULT_COMMENT_SORT: confidence
REDLIB_DEFAULT_SHOW_NSFW: off
REDLIB_DEFAULT_BLUR_NSFW: on
REDLIB_DEFAULT_USE_HLS: off
REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION: off
REDLIB_DEFAULT_AUTOPLAY_VIDEOS: off
REDLIB_DEFAULT_SUBSCRIPTIONS:
REDLIB_DEFAULT_HIDE_AWARDS: off
REDLIB_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION: off
REDLIB_DEFAULT_HIDE_SCORE: off
REDLIB_DEFAULT_FIXED_NAVBAR: on
image: quay.io/redlib/redlib:latest@sha256:25dbb5466ebd22e58277d4aa54897899b044f02f7219ca3054784aecc0be34e1
labels:
homepage.group: Social
homepage.name: Redlib
homepage.href: https://rlib.${MY_TLD}
homepage.icon: libreddit.svg
homepage.description: Redlib is a private front-end like Invidious but for Reddit
swag: enable
swag_auth: authelia
swag_proto: http
swag_port: 8080
swag_url: rlib.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Redlib
swag.uptime-kuma.monitor.url: https://rlib.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8103:8080
read_only: true
profiles: ["rinoa-apps"]
restart: always
security_opt:
- no-new-privileges=true
user: nobody
rocketchat:
container_name: rocketchat
depends_on:
mongodb:
condition: service_started
required: true
environment:
ADMIN_USERNAME: Trez.One
ADMIN_NAME: Charish Patel
ADMIN_PASS: ${ROCKETCHAT_ADMIN_PASSWORD}
ADMIN_EMAIL: charish.patel@${MY_TLD}
MONGO_URL: mongodb://rocketchat:${ROCKETCHAT_MONGODB_PASSWORD}@mongodb:27017/rocketchat?replicaSet=rinoa
MONGO_OPLOG_URL: mongodb://rocketchat:${ROCKETCHAT_MONGODB_PASSWORD}@mongodb:27017/local?replicaSet=rinoa
ROOT_URL: https://chat.${MY_TLD}
PORT: 3000
DEPLOY_METHOD: docker
DEPLOY_PLATFORM: ${DEPLOY_PLATFORM:-}
REG_TOKEN: ${REG_TOKEN:-}
expose:
- 3000
image: ${IMAGE:-registry.rocket.chat/rocketchat/rocket.chat}:${RELEASE:-latest}
labels:
homepage.group: Social
homepage.name: Rocket.Chat
homepage.href: https://chat.${MY_TLD}
homepage.icon: rocket-chat.svg
homepage.description: Fully customizable communications platform with high standards of data protection
swag: enable
swag_proto: http
swag_port: 3000
swag_url: chat.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Rocket.Chat
swag.uptime-kuma.monitor.url: https://chat.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
profiles: ["rinoa-apps"]
restart: always
romm:
container_name: romm
depends_on:
mariadb:
condition: service_healthy
required: true
restart: true
image: rommapp/romm:latest@sha256:1895c339b3c7ca62d52f809f5e4c747d78fc8291ea5ee88b3b57df84acf33449
environment:
ROMM_DB_DRIVER: mariadb # mariadb | sqlite (default: sqlite)
ROMM_HOST: https://localhost:3000 # [Optional] your host ip or domain name (including http(s)://, subdomain and port if needed). Being used only for webRcade feed for now.
# [Optional] Only required if using MariaDB as the database
DB_HOST: mariadb
DB_PORT: 3306
DB_USER: romm
DB_NAME: romm # Should match the MYSQL_DATABASE value in the mariadb container
DB_PASSWD: ${ROMM_MARIADB_PASSWORD}
# [Optional WIP] Use SteamGridDB as a source for covers
# STEAMGRIDDB_API_KEY: <SteamGridDB api key>
# [Optional] Will enable user management and require authentication to access the interface (disabled by default)
ROMM_AUTH_ENABLED: true # default: false
ROMM_AUTH_SECRET_KEY: ${ROMM_AUTH_SECRET_KEY} # Generate a key with `openssl rand -hex 32`
ROMM_AUTH_USERNAME: admin # default: admin
ROMM_AUTH_PASSWORD: ${ROMM_AUTH_PASSWORD} # default: admin
# [Optional] Only required if authentication is enabled
ENABLE_EXPERIMENTAL_REDIS: true # default: false
REDIS_HOST: romm-valkey # default: localhost
REDIS_PORT: 6379 # default: 6379
REDIS_DB: 0
# REDIS_PASSWORD: # [Optional] Support for secured redis
# [Optional] Will enable asynchronous tasks (all disabled by default)
# Important: Do NOT wrap the cron expression in quotes
ENABLE_RESCAN_ON_FILESYSTEM_CHANGE: true # Runs a quick scan on the library when a file is added or removed
RESCAN_ON_FILESYSTEM_CHANGE_DELAY: 5 # Delay in seconds before running the quick scan (default: 5)
ENABLE_SCHEDULED_RESCAN: true # Runs a quick scan on the library at a given time
SCHEDULED_RESCAN_CRON: 0 3 * * * # Cron expression for the scheduled scan (default: 0 3 * * * At 3:00 AM every day)
ENABLE_SCHEDULED_UPDATE_SWITCH_TITLEDB: true # Updates the Switch TitleDB database at a given time
SCHEDULED_UPDATE_SWITCH_TITLEDB_CRON: 0 4 * * * # Cron expression for the scheduled update (default: 0 4 * * * At 4:00 AM every day)
ENABLE_SCHEDULED_UPDATE_MAME_XML: true # Updates the MAME XML database at a given time
SCHEDULED_UPDATE_MAME_XML_CRON: 0 5 * * * # Cron expression for the scheduled update (default: 0 5 * * * At 5:00 AM every day)
IGDB_CLIENT_ID: ${ROMM_IGDB_CLIENT_ID} # Generate an ID and SECRET in IGDB
IGDB_CLIENT_SECRET: ${ROMM_IGDB_CLIENT_SECRET} # https://docs.romm.app/latest/Getting-Started/Generate-API-Keys/#igdb
MOBYGAMES_API_KEY: # https://docs.romm.app/latest/Getting-Started/Generate-API-Keys/#mobygames
STEAMGRIDDB_API_KEY: ${ROMM_STEAMGRIDDB_API_KEY} # https://docs.romm.app/latest/Getting-Started/Generate-API-Keys/#steamgriddb
SCREENSCRAPER_USER: ${ROMM_SCREENSCRAPER_USERNAME} # Use your ScreenScraper username and password
SCREENSCRAPER_PASSWORD: ${ROMM_SCREENSCRAPER_PASSWORD} # https://docs.romm.app/latest/Getting-Started/Generate-API-Keys/#screenscraper
labels:
homepage.group: Media Library
homepage.name: RomM
homepage.href: https://romm.${MY_TLD}
homepage.icon: romm.svg
homepage.description: Beautiful, powerful, self-hosted ROM manager
homepage.widget.type: romm
homepage.widget.url: http://romm:8080
swag: enable
swag_proto: http
swag_url: romm.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: RomM
swag.uptime-kuma.monitor.url: https://romm.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 30229:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- romm_resources:/romm/resources # Resources fetched from IGDB (covers, screenshots, etc.)
- ${DOCKER_VOLUME_STORAGE}/roms:/romm/library # Your game library. Check https://github.com/rommapp/romm?tab=readme-ov-file#folder-structure for more details.
- ${DOCKER_VOLUME_STORAGE}/roms/assets:/romm/assets # Uploaded saves, states, etc.
- ${DOCKER_VOLUME_CONFIG}/romm:/romm/config # Path where config.yml is stored
romm-valkey:
container_name: romm-valkey
<<: *valkey-params
volumes:
- romm-valkey-data:/data/valkey
sabnzbdvpn:
cap_add:
- NET_ADMIN
- SYS_MODULE
container_name: sabnzbdvpn
environment:
ENABLE_PRIVOXY: no
LAN_NETWORK: 192.168.1.0/24
NAME_SERVERS: 192.168.1.254,1.1.1.1
PGID: 1000
PUID: 1000
TZ: America/New_York
VPN_CLIENT: openvpn
VPN_ENABLED: yes
VPN_INPUT_PORTS:
VPN_OPTIONS:
VPN_OUTPUT_PORTS:
VPN_PASS: ${SABNZBDVPN_ENVIRONMENT_VPN_PASS}
VPN_PROV: pia
VPN_USER: ${SABNZBDVPN_ENVIRONMENT_VPN_USER}
DEBUG: true
hostname: Rinoa
image: ghcr.io/binhex/arch-sabnzbdvpn:latest@sha256:411ed4ba589529960690c08de64fb2791c76d37d9a4278a99d30d7d32fc701f5
labels:
homepage.group: Downloaders
homepage.name: SABnzbd
homepage.href: https://sabnzbd.${MY_TLD}
homepage.icon: sabnzbd.png
homepage.description: NZB Downloader over VPN
homepage.widget.type: sabnzbd
homepage.widget.url: http://sabnzbdvpn:8080
homepage.widget.env: 1
homepage.widget.key: ${SABNZBDVPN_API_KEY}
swag: enable
swag_proto: http
swag_url: sabnzbd.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: SABnzbd
swag.uptime-kuma.monitor.url: https://sabnzbd.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8080:8080
- 8090:8090
- 8119:8118
privileged: true
profiles: ["rinoa-apps"]
restart: unless-stopped
sysctls:
net.ipv4.conf.all.src_valid_mark: "1"
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/sabnzbdvpn
target: /config
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
sablier:
container_name: sablier
environment:
PROVIDER_NAME: docker
SERVER_PORT: 10000
SERVER_BASE_PATH: /
STORAGE_FILE: /opt/sablier/state
SESSIONS_DEFAULT_DURATION: 5m
SESSIONS_EXPIRATION_INTERVAL: 20s
LOGGING_LEVEL: trace
STRATEGY_DYNAMIC_CUSTOM_THEMES_PATH: /opt/sablier/custom_themes
STRATEGY_DYNAMIC_SHOW_DETAILS_BY_DEFAULT: false
STRATEGY_DYNAMIC_DEFAULT_THEME: hacker-terminal
STRATEGY_DYNAMIC_DEFAULT_REFRESH_FREQUENCY: 5s
STRATEGY_BLOCKING_DEFAULT_TIMEOUT: 1m
image: sablierapp/sablier:latest@sha256:4d4096b59a6e1496bd3106c1a90a7fdd161aafb73d58539b8c749c69380dedae
ports:
- 19311:10000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/sablier/state:/opt/sablier/state
- ${DOCKER_VOLUME_CONFIG}/sablier/custom_themes:/opt/sablier/custom_themes
- /var/run/docker.sock:/var/run/docker.sock
scraparr:
container_name: scraparr
depends_on:
bazarr:
condition: service_started
required: true
prowlarr:
condition: service_started
required: true
radarr:
condition: service_started
required: true
sonarr:
condition: service_started
required: true
environment:
BAZARR_API_KEY: ${BAZARR_API_KEY}
BAZARR_URL: http://bazarr:6767
PROWLARR_API_KEY: ${PROWLARR_API_KEY}
PROWLARR_URL: http://prowlarr:9696
RADARR_API_KEY: ${RADARR_API_KEY}
RADARR_URL: http://radarr:7878
SONARR_API_KEY: ${SONARR_API_KEY}
SONARR_URL: http://sonarr:8989
image: ghcr.io/thecfu/scraparr:2@sha256:cfe07f005aa6e93221dd0bb540600aaa51ea1215968595806863f9df3dc3b26c
ports:
- 7100:7100
profiles: ["rinoa-apps"]
restart: unless-stopped
scrutiny:
cap_add:
- SYS_RAWIO
container_name: scrutiny
devices:
- "/dev/nvme0n1:/dev/nvme0n1:rwm"
- "/dev/sda:/dev/sda:rwm"
- "/dev/sdb:/dev/sdb:rwm"
- "/dev/sdc:/dev/sdc:rwm"
- "/dev/sdd:/dev/sdd:rwm"
- "/dev/sde:/dev/sde:rwm"
- "/dev/sdf:/dev/sdf:rwm"
image: ghcr.io/analogj/scrutiny:master-omnibus@sha256:e5638d8580adba40f7c03464cde8420866188b9e48cddb9fc3866ec3243163d5
labels:
cloudflare.tunnel.enable: true
cloudflare.tunnel.hostname: smartd.${MY_TLD}
cloudflare.tunnel.service: http://scrutiny:8080
cloudflare.tunnel.zonename: ${MY_TLD}
cloudflare.tunnel.no_tls_verify: true
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: Scrutiny
homepage.href: https://smartd.${MY_TLD}
homepage.icon: scrutiny.png
homepage.description: WebUI for smartd S.M.A.R.T monitoring
homepage.widget.type: scrutiny
homepage.widget.url: http://scrutiny:8080
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Scrutiny
swag.uptime-kuma.monitor.url: https://smartd.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8909:8080
- 8910:8086
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /run/udev
target: /run/udev
type: bind
- source: ${DOCKER_VOLUME_CONFIG}/scrutiny/config
target: /opt/scrutiny/config
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/scrutiny/influxdb
target: /opt/scrutiny/influxdb
type: bind
bind:
create_host_path: true
searxng:
cap_add:
- CHOWN
- SETGID
- SETUID
cap_drop:
- ALL
container_name: searxng
environment:
SEARXNG_BASE_URL: https://search.${MY_TLD}
image: searxng/searxng:latest@sha256:5a5d0e69819757e3fa23392a687c63851250bc13d2486a1f1711804b1691dc12
labels:
homepage.group: Privacy/Security
homepage.name: SearxNG
homepage.href: https://search.${MY_TLD}
homepage.icon: searxng.png
homepage.description: Anonymized Meta-Search Engine
swag: enable
swag_address: searxng
swag_proto: http
swag_url: search.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: SearxNG
swag.uptime-kuma.monitor.url: https://search.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
logging:
driver: json-file
options:
max-file: "1"
max-size: 1m
networks:
default: null
ports:
- 8095:8080
privileged: true
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/searxng
target: /etc/searxng
type: bind
bind:
create_host_path: true
searxng-valkey:
container_name: searxng-valkey
<<: *valkey-params
volumes:
- searxng-valkey-data:/data/valkey
semaphore-ui:
container_name: semaphore-ui
environment:
ANSIBLE_HOST_KEY_CHECKING: false
SEMAPHORE_ADMIN_PASSWORD: ${SEMAPHORE_ADMIN_PASSWORD}
SEMAPHORE_ADMIN_NAME: admin
SEMAPHORE_ADMIN_EMAIL: charish.patel@${MY_TLD}
SEMAPHORE_ADMIN: admin
SEMAPHORE_DB_DIALECT: bolt
SEMAPHORE_EMAIL_ALERT: true
SEMAPHORE_EMAIL_SENDER: noreply@${MY_TLD}
SEMAPHORE_EMAIL_HOST: postal-smtp
SEMAPHORE_EMAIL_PORT: 25
SEMAPHORE_EMAIL_USERNAME: ${POSTAL_SMTP_AUTH_USER}
SEMAPHORE_EMAIL_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
SEMAPHORE_EMAIL_SECURE: false
SEMAPHORE_USE_REMOTE_RUNNER: true
image: semaphoreui/semaphore:v2.16.45@sha256:979a5924ed459d5169178197fc7b4d849bcb6fbb4aded1f1d1c0b279717b5187
labels:
homepage.group: Code/DevOps
homepage.name: Semaphore UI
homepage.href: https://devops.${MY_TLD}
homepage.icon: semaphore.svg
homepage.description: Modern UI for Ansible, Terraform, OpenTofu, PowerShell and other DevOps tools
swag: enable
swag_port: 3000
swag_proto: http
swag_url: devops.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Semaphore UI
swag.uptime-kuma.monitor.url: https://devops.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 3015:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- semaphore_config:/etc/semaphore
- semaphore_data:/var/lib/semaphore
- semaphore_tmp:/tmp/semaphore
signoz-app:
<<: *signoz-db-depend
container_name: signoz-app
environment:
SIGNOZ_ALERTMANAGER_PROVIDER: signoz
SIGNOZ_ANALYTICS_ENABLED: true
SIGNOZ_JWT_SECRET: ${SIGNOZ_JWT_SECRET}
SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_DSN: tcp://signoz-clickhouse:9000
SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER: cluser
SIGNOZ_QUERIER_FLUX__INTERVAL: 5m
SIGNOZ_TELEMETRYSTORE_PROVIDER: clickhouse
SIGNOZ_SQLSTORE_SQLITE_PATH: /var/lib/signoz/signoz.db
SIGNOZ_ALERTMANAGER_SIGNOZ_EXTERNAL__URL: https://apm.${MY_TLD}
SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__FROM: noreply@${MY_TLD}
SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__SMARTHOST: postal-smtp:25
SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__AUTH__USERNAME: ${POSTAL_SMTP_AUTH_USER}
SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__AUTH__PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__REQUIRE__TLS: true
SIGNOZ_ALERTMANAGER_SIGNOZ_GLOBAL_SMTP__TLS__CONFIG_INSECURE__SKIP__VERIFY: true
SIGNOZ_PROMETHEUS_CONFIG: /root/config/prometheus.yml
DASHBOARDS_PATH: /root/config/dashboards
GODEBUG: netdns=go
DEPLOYMENT_TYPE: docker-standalone-amd
healthcheck:
test:
- CMD
- wget
- --spider
- -q
- localhost:8080/api/v1/health
interval: 30s
timeout: 5s
retries: 3
image: signoz/signoz:v0.96.1@sha256:e2cded000c87adb0366c9ae4f292e034515458552d151879195071ba4f078b4e
labels:
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: Signoz
homepage.href: https://apm.${MY_TLD}
homepage.icon: signoz.svg
homepage.description: Logs, metrics, and traces in a single pane
swag: enable
swag_proto: http
swag_port: 8080
swag_url: apm.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Signoz
swag.uptime-kuma.monitor.url: https://apm.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 36113:8080 # signoz port
# - "6060:6060" # pprof port
volumes:
- ${DOCKER_VOLUME_CONFIG}/signoz/common/prometheus.yml:/root/config/prometheus.yml
- ${DOCKER_VOLUME_CONFIG}/signoz/common/dashboards:/root/config/dashboards
- signoz-sqlite:/var/lib/signoz/
signoz-clickhouse:
<<: *signoz-clickhouse-defaults
container_name: signoz-clickhouse
expose:
- 9000
ports:
# - "9000:9000"
- "8123:8123"
- "9181:9181"
volumes:
- ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/config.xml:/etc/clickhouse-server/config.xml
- ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/users.xml:/etc/clickhouse-server/users.xml
- ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/custom-function.xml:/etc/clickhouse-server/custom-function.xml
- ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/user_scripts:/var/lib/clickhouse/user_scripts/
- ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/cluster.xml:/etc/clickhouse-server/config.d/cluster.xml
- signoz-clickhouse:/var/lib/clickhouse/
# - ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/storage.xml:/etc/clickhouse-server/config.d/storage.xml
signoz-init-clickhouse:
<<: *signoz-common
container_name: signoz-init-clickhouse
command:
- bash
- -c
- |
version="v0.0.1"
node_os=$$(uname -s | tr '[:upper:]' '[:lower:]')
node_arch=$$(uname -m | sed s/aarch64/arm64/ | sed s/x86_64/amd64/)
echo "Fetching histogram-binary for $${node_os}/$${node_arch}"
cd /tmp
wget -O histogram-quantile.tar.gz "https://github.com/SigNoz/signoz/releases/download/histogram-quantile%2F$${version}/histogram-quantile_$${node_os}_$${node_arch}.tar.gz"
tar -xvzf histogram-quantile.tar.gz
mv histogram-quantile /var/lib/clickhouse/user_scripts/histogramQuantile
image: clickhouse/clickhouse-server:25.5.6-alpine
restart: on-failure
volumes:
- ${DOCKER_VOLUME_CONFIG}/signoz/common/clickhouse/user_scripts/:/var/lib/clickhouse/user_scripts/
signoz-logspout:
command: signoz://signoz-otel-collector:8082
container_name: signoz-logspout
depends_on:
signoz-otel-collector:
required: true
condition: service_started
environment:
ENV: prod
SIGNOZ_LOG_ENDPOINT: http://signoz-otel-collector:8082
image: pavanputhra/logspout-signoz@sha256:6da8ce12279a5262de8b2d5c083ce82d4c878c4eab702b4d328afe147ed7553b
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
signoz-otel-collector:
<<: *signoz-db-depend
command:
- --config=/etc/otel-collector-config.yaml
- --manager-config=/etc/manager-config.yaml
- --copy-path=/var/tmp/collector-config.yaml
- --feature-gates=-pkg.translator.prometheus.NormalizeName
container_name: signoz-otel-collector
depends_on:
signoz-app:
condition: service_healthy
environment:
NGINX_ACCESS_LOG_FILE: /swag/log/nginx/access.log
NGINX_ERROR_LOG_FILE: /swag/log/nginx/error.log
OTEL_RESOURCE_ATTRIBUTES: host.name=signoz-host,os.type=linux
LOW_CARDINAL_EXCEPTION_GROUPING: false
image: signoz/signoz-otel-collector:v0.129.8@sha256:1beda534e337767597c3fdc83fcca8593a98b6db89bc34032e8fec7c58b7c900
ports:
# - "1777:1777" # pprof extension
- "4317:4317" # OTLP gRPC receiver
- "4318:4318" # OTLP HTTP receiver
- 8082:8082 # Logspout collection (https://signoz.io/blog/logspout-signoz-setup/)
volumes:
- ${DOCKER_VOLUME_CONFIG}/signoz/common/otel/otel-collector-config.yaml:/etc/otel-collector-config.yaml
- ${DOCKER_VOLUME_CONFIG}/signoz/common/otel/otel-collector-opamp-config.yaml:/etc/manager-config.yaml
- ${DOCKER_VOLUME_CONFIG}/swag/log/nginx/access.log:/swag/log/nginx/access.log:ro
- ${DOCKER_VOLUME_CONFIG}/swag/log/nginx/error.log:/swag/log/nginx/error.log:ro
signoz-schema-migrator-async:
<<: *signoz-db-depend
image: signoz/signoz-schema-migrator:v0.129.8@sha256:eb20e69025373e0d9749d3a88e34d74654ea4c03be694eebdb5b76a6cbeadfdc
container_name: signoz-schema-migrator-async
command:
- async
- --dsn=tcp://signoz-clickhouse:9000
- --up=
profiles: ["rinoa-apps"]
restart: on-failure
signoz-schema-migrator-sync:
<<: *signoz-common
image: signoz/signoz-schema-migrator:v0.129.8@sha256:eb20e69025373e0d9749d3a88e34d74654ea4c03be694eebdb5b76a6cbeadfdc
container_name: signoz-schema-migrator-sync
command:
- sync
- --dsn=tcp://signoz-clickhouse:9000
- --up=
depends_on:
signoz-clickhouse:
condition: service_healthy
profiles: ["rinoa-apps"]
restart: on-failure
signoz-zookeeper-1:
<<: *signoz-zookeeper-defaults
container_name: signoz-zookeeper-1
environment:
ZOO_SERVER_ID: 1
ALLOW_ANONYMOUS_LOGIN: yes
ZOO_AUTOPURGE_INTERVAL: 1
ZOO_ENABLE_PROMETHEUS_METRICS: yes
ZOO_PROMETHEUS_METRICS_PORT_NUMBER: 9141
ports:
- "2181:2181"
- "2888:2888"
- "3888:3888"
volumes:
- signoz-zookeeper-1:/bitnami/zookeeper
sonarqube:
container_name: sonarqube
depends_on:
sonarqube-pg-db:
condition: service_healthy
environment:
SONAR_JDBC_URL: jdbc:postgresql://sonarqube-pg-db:5432/sonar
SONAR_JDBC_USERNAME: sonar
SONAR_JDBC_PASSWORD: ${SONARQUBE_POSTGRES_PASSWORD}
SONAR_SECURITY_REALM: LDAP
LDAP_URL: ldap://lldap:3890
LDAP_BINDDN: cn=sonarqube,ou=people,dc=trez,dc=wtf
LDAP_BINDPASSWORD: ${SONARQUBE_LDAP_BIND_PASSWORD}
LDAP_AUTHENTICATION: simple
LDAP_USER_BASEDN: ou=people,dc=trez,dc=wtf
LDAP_USER_REQUEST: (&(objectClass=inetOrgPerson)(uid={login})(memberof=cn=sonarqube_users,ou=groups,dc=example,dc=com))
LDAP_USER_REALNAMEATTRIBUTE: cn
LDAP_USER_EMAILATTRIBUTE: mail
hostname: sonarqube
image: mc1arke/sonarqube-with-community-branch-plugin:lts@sha256:70b055c294a2a751357ee65d5d55139c93f87faed436d0075034da38b2edafa1
labels:
homepage.group: Code/DevOps
homepage.name: SonarQube
homepage.href: https://sqube.${MY_TLD}
homepage.icon: sonarqube.svg
homepage.description: Code/DevOps quality/security
swag: enable
swag_proto: http
swag_port: 9000
swag_url: sqube.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: SonarQube
swag.uptime-kuma.monitor.url: https://sqube.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
volumes:
- sonarqube-data:/opt/sonarqube/data
- sonarqube-extensions:/opt/sonarqube/extensions
- sonarqube-logs:/opt/sonarqube/logs
- sonarqube-temp:/opt/sonarqube/temp
ports:
- 9003:9000
read_only: true
profiles: ["rinoa-infra"]
restart: unless-stopped
sonarqube-pg-db:
container_name: sonarqube-pg-db
environment:
POSTGRES_USER: sonar
POSTGRES_PASSWORD: ${SONARQUBE_POSTGRES_PASSWORD}
POSTGRES_DB: sonar
healthcheck:
test: ["CMD-SHELL", "pg_isready -U sonar -d sonar"]
interval: 10s
timeout: 5s
retries: 5
image: postgres:17-alpine@sha256:ef257d85f76e48da1c64832459b59fcaba1a4dac97bf5d7450c77753542eee94
profiles: ["rinoa-infra"]
restart: unless-stopped
volumes:
- sonarqube-db:/var/lib/postgresql
- sonarqube-db-data:/var/lib/postgresql/data
sonarr:
container_name: sonarr
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
DOCKER_MODS: ghcr.io/gilbn/theme.park:sonarr
hostname: Rinoa
image: lscr.io/linuxserver/sonarr:latest@sha256:4b8a853b76337cd5de5f69961e23b7d0792ce7bf0a8be083dd7202ef670bfc34
labels:
homepage.group: Servarr Stack
homepage.name: Sonarr
homepage.href: https://sonarr.${MY_TLD}
homepage.icon: sonarr.png
homepage.description: TV Show Automation
homepage.widget.type: sonarr
homepage.widget.url: http://sonarr:8989
homepage.widget.key: ${SONARR_API_KEY}
swag: enable
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Sonarr
swag.uptime-kuma.monitor.url: https://sonarr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8989:8989
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/sonarr:/config
- /rinoa-storage:/storage
- ${DOCKER_VOLUME_STORAGE}/downloads/:/downloads
sonashow:
container_name: sonashow
environment:
auto_start: true
auto_start_delay: 60
dry_run_adding_to_sonarr: false
fallback_to_top_result: false
language_choice: all
metadata_profile_id: 1
minimum_rating: 4.5
minimum_votes: 50
quality_profile_id: 1
sonarr_address: http://sonarr:8989
sonarr_api_key: ${SONARR_API_KEY}
root_folder_path: /data/media/shows
search_for_missing_episodes: true
sonarr_api_timeout: 120
tmdb_api_key: ${TMDB_API_KEY}
expose:
- 5000
image: thewicklowwolf/sonashow:latest@sha256:4b40df407bf31577668bfb3191e007ac78c349d81bfde7463ec8433d417ebd3d
labels:
homepage.group: Servarr Stack
homepage.name: SonaShow
homepage.href: https://sonashow.${MY_TLD}
homepage.icon: sh-sonashow.png
homepage.description: TV show discovery based on library/tastes
swag: enable
swag_auth: authelia
swag_proto: http
swag_port: 5000
swag_url: sonashow.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: SonaShow
swag.uptime-kuma.monitor.url: https://sonashow.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_STORAGE}/TV_Shows
target: /data/media/shows
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/sonashow
target: /sonashow/config
type: bind
bind:
create_host_path: true
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
soularr:
container_name: soularr
depends_on:
- lidarr
- soulseek
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
#Script interval in seconds
SCRIPT_INTERVAL: 300
image: mrusse08/soularr:latest@sha256:71a0b9e5a522d76bb0ffdb6d720d681fde22417b3a5acc9ecae61c89d05d8afc
network_mode: service:gluetun
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
#"You can set /downloads to whatever you want but will then need to change the Slskd download dir in your config file"
- ${DOCKER_VOLUME_STORAGE}/downloads:/downloads
#Select where you are storing your config file. Leave "/data" since thats where the script expects the config file to be
- ${DOCKER_VOLUME_CONFIG}/soularr:/data
soularr-dashboard:
container_name: soularr-dashboard
depends_on:
- soularr
environment:
DOCKER_HOST: tcp://dockerproxy:2375
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
image: ghcr.io/mrusse/soularr:main@sha256:61181c5809845d2c49c8c3c182c0280c5c91069cd2e5d7c341ddd8bfa2c01598
labels:
homepage.name: Soularr
homepage.group: Downloaders
homepage.description: Dashboard for monitoring Soularr
homepage.href: https://soularr.${MY_TLD}
homepage.icon: /icons/soularr.png
swag: enable
swag_proto: http
swag_url: soularr.${MY_TLD}
swag_port: 8080
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Soularr
swag.uptime-kuma.monitor.url: https://soularr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 18364:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/soularr/dashboard:/app
- ${DOCKER_VOLUME_CONFIG}/soularr:/data
- ${DOCKER_VOLUME_CONFIG}/soularr/logs:/data/logs
- /var/run/docker.sock:/var/run/docker.sock:ro
working_dir: /app
soulseek:
container_name: soulseek
depends_on:
gluetun:
condition: service_started
required: true
restart: true
image: slskd/slskd@sha256:239ccb871fa1a624aa8ad4f11a712b4ec6c7a2ff570bf5800abae2cf91030834
labels:
homepage.name: Soulseek
homepage.group: Downloaders
homepage.description: Modern client-server application for the Soulseek file-sharing network.
homepage.href: https://slsk.${MY_TLD}
homepage.icon: slskd.svg
swag: enable
swag_proto: http
swag_url: slsk.${MY_TLD}
swag_address: gluetun
swag_port: 5030
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: SoulSeek
swag.uptime-kuma.monitor.url: https://slsk.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
network_mode: service:gluetun
profiles: ["rinoa-apps"]
restart: always
volumes:
- ${DOCKER_VOLUME_CONFIG}/soulseek:/app
- ${DOCKER_VOLUME_STORAGE}/Audio/Music:/music
- ${DOCKER_VOLUME_STORAGE}/downloads/completed/slsk:/app/downloads/
- ${DOCKER_VOLUME_STORAGE}/downloads/incomplete/slsk:/app/incomplete
speedtest-tracker:
container_name: speedtest-tracker
image: lscr.io/linuxserver/speedtest-tracker:latest@sha256:4e90bf6194c159ca01214a88d8fa32d80dac358d556901c31b5e606454da94ce
environment:
PUID: ${PUID}
PGID: ${PGID}
APP_KEY: ${SPEEDTEST_TRACKER_APP_KEY}
DB_CONNECTION: sqlite
SPEEDTEST_SCHEDULE: 15 */3 * * *
labels:
homepage.name: Speedtest Tracker
homepage.group: Infrastructure/App Performance Monitoring
homepage.description: Self-hosted internet performance tracking
homepage.href: https://speed.${MY_TLD}
homepage.icon: speedtest-tracker.png
homepage.widget.type: speedtest
homepage.widget.url: http://speedtest-tracker
swag: enable
swag_proto: http
swag_url: speed.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Speedtest Tracker
swag.uptime-kuma.monitor.url: https://speed.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 47512:80
- 62777:443
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/speedtest-tracker:/config
stable-diffusion-webui:
container_name: stable-diffusion-webui
image: ghcr.io/neggles/sd-webui-docker:latest@sha256:1795fe796e1dad0d8d3baa9ef7c38a255b69c0878b76869feecc617bfd015e53
environment:
CLI_ARGS: "--api --use-cpu all --precision full --no-half --skip-torch-cuda-test --ckpt /empty.pt --do-not-download-clip --disable-nan-check --disable-opt-split-attention"
PYTHONUNBUFFERED: "1"
TERM: "vt100"
SD_WEBUI_VARIANT: "default"
ports:
- 7860:7860
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/stable-diffusion-webui/data:/data
- ${DOCKER_VOLUME_CONFIG}/stable-diffusion-webui/output:/output
stirling-pdf:
container_name: stirling-pdf
environment:
DOCKER_ENABLE_SECURITY: true
LANGS: en_US
SECURITY_ENABLE_LOGIN: true
SYSTEM_SHOW_UPDATE: false
SYSTEM_SHOW_UPDATE_ONLY_ADMIN: true
image: docker.stirlingpdf.com/stirlingtools/stirling-pdf:latest@sha256:bfe2b8dd378c4f3d5fc1d2fc7649a357d0916b3a713022aa70ac3f08d6302cbc
labels:
homepage.name: Stirling-PDF
homepage.group: Professional Services
homepage.description: PDF Operations
homepage.href: https://pdf.${MY_TLD}
homepage.icon: stirling-pdf.svg
swag: enable
swag_port: 8080
swag_proto: http
swag_url: pdf.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Stirling-PDF
swag.uptime-kuma.monitor.url: https://pdf.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 58931:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/stirling-pdf/training-data:/usr/share/tessdata # Required for extra OCR languages
- ${DOCKER_VOLUME_CONFIG}/stirling-pdf/extra-configs:/configs
- ${DOCKER_VOLUME_CONFIG}/stirling-pdf/custom-files:/customFiles/
- ${DOCKER_VOLUME_CONFIG}/stirling-pdf/logs:/logs/
- ${DOCKER_VOLUME_CONFIG}/stirling-pdf/pipeline:/pipeline/
swag:
cap_add:
- NET_ADMIN
container_name: swag
environment:
DNSPLUGIN: cloudflare
EMAIL: charish.patel@${MY_TLD}
EXTRA_DOMAINS:
ONLY_SUBDOMAINS: false
PGID: 1000
PUID: 1000
SUBDOMAINS: etherpad,ha,www
TZ: America/New_York
URL: ${MY_TLD}
VALIDATION: dns
CROWDSEC_API_KEY: ${CROWDSEC_SWAG_API_KEY}
CROWDSEC_LAPI_URL: http://crowdsec:8080
DOCKER_MODS: linuxserver/mods:universal-docker|linuxserver/mods:swag-auto-proxy|linuxserver/mods:swag-dashboard|linuxserver/mods:swag-maxmind|linuxserver/mods:universal-stdout-logs|linuxserver/mods:universal-package-install|ghcr.io/linuxserver/mods:swag-crowdsec|ghcr.io/trezone/swag-auto-uptime-kuma:d84284c8fbec305e94a6c2f6b825e8e3430d9569 #linuxserver/mods:swag-auto-uptime-kuma
INSTALL_PACKAGES: nginx-mod-http-js
PROPAGATION: 30
UPTIME_KUMA_PASSWORD: ${UPTIME_KUMA_PASSWORD}
UPTIME_KUMA_URL: http://uptimekuma:3001
UPTIME_KUMA_USERNAME: ${UPTIME_KUMA_USERNAME}
hostname: Rinoa
image: lscr.io/linuxserver/swag:latest@sha256:19c0853e19c0446a45e84773ee4b2ff94ed643fc30d7e49070145601e378a0b3
labels:
swag: enable
swag_proto: http
swag_port: 81
swag_url: swag.${MY_TLD}
swag_auth: authelia
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.monitor.url: https://swag.${MY_TLD}
swag.uptime-kuma.name: SWAG Dashboard
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: SWAG Dashboard
homepage.href: https://swag.${MY_TLD}
homepage.icon: linuxserver-io.png
homepage.description: SWAG Dashboard for proxies
homepage.widget.type: swagdashboard
homepage.widget.url: http://swag:81
networks:
- default
# - nextcloud-aio
ports:
- 443:443
- 80:80
- 81:81
profiles: ["rinoa-infra"]
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKER_VOLUME_CONFIG}/swag:/config
- ${DOCKER_VOLUME_CONFIG}/sablier/sablier.js:/etc/nginx/conf.d/sablier.js
# - ${DOCKER_VOLUME_CONFIG}/swag/otel_ngx_module.so:/usr/lib/nginx/modules/otel_ngx_module.so
# - ${DOCKER_VOLUME_CONFIG}/swag/30_http_otel.conf:/etc/nginx/modules/30_http_otel.conf
# - ${DOCKER_VOLUME_CONFIG}/swag/opentelemetry_config.toml:/etc/nginx/opentelemetry_config.toml
- /rinoa-storage:/storage
- /var/run/docker.sock:/var/run/docker.sock:ro
tandoor:
container_name: tandoor-recipes
depends_on:
tandoor-pg:
condition: service_started
required: true
environment:
DB_ENGINE: django.db.backends.postgresql
GID: 1000
GUNICORN_MEDIA: 1
POSTGRES_DB: tandoor
POSTGRES_HOST: tandoor-pg
POSTGRES_PASSWORD: ${TANDOOR_POSTGRES_PASSWORD}
POSTGRES_USER: tandoor
SECRET_KEY: ${TANDOOR_SECRET_KEY}
TZ: ${TZ}
UID: 1000
image: vabene1111/recipes@sha256:af6bd76e703d644748a93d581da05c25159d742b94b2da9eddadaaec93555858
labels:
homepage.group: Lifestyle
homepage.name: Tandoor Recipes
homepage.href: https://recipes.${MY_TLD}
homepage.icon: tandoor-recipes.svg
homepage.description: Recipes, cookbooks, meal-planning, & grocery lists
homepage.widget.type: tandoor
homepage.widget.url: http://tandoor-recipes:8080
homepage.widget.key: ${TANDOOR_API_TOKEN}
swag: enable
swag_proto: http
swag_address: tandoor-recipes
swag_url: recipes.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Tandoor Recipes
swag.uptime-kuma.monitor.url: https://recipes.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8106:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/tandoor/static
target: /opt/recipes/staticfiles
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_CONFIG}/tandoor/media
target: /opt/recipes/mediafiles
type: bind
bind:
create_host_path: true
tandoor-pg:
container_name: tandoor-pg
environment:
POSTGRES_DB: tandoor
POSTGRES_PASSWORD: ${TANDOOR_POSTGRES_PASSWORD}
POSTGRES_USER: tandoor
expose:
- 5432
image: postgres:16-alpine@sha256:029660641a0cfc575b14f336ba448fb8a75fd595d42e1fa316b9fb4378742297
networks:
default: null
profiles: ["rinoa-apps"]
restart: always
volumes:
- source: tandoor-pg
target: /var/lib/postgresql/data
type: volume
volume: {}
unmanic:
container_name: unmanic
environment:
DOCKER_MODS: linuxserver/mods:universal-docker|linuxserver/mods:universal-stdout-logs
PUID: ${PUID}
PGID: ${PGID}
LOGS_TO_STDOUT: /config/.unmanic/logs/unmanic.log
image: josh5/unmanic:latest@sha256:998f2dd5cbf6379a85e3427d0339dcfd3500f93e7a2ad089b968803d3fe05fbe
labels:
homepage.group: Media Library
homepage.name: Unmanic
homepage.href: https://unmanic.${MY_TLD}
homepage.icon: unmanic.png
homepage.description: Library Optimizer
homepage.widget.type: unmanic
homepage.widget.url: http://unmanic:8888
swag: enable
swag_port: 8888
swag_url: unmanic.${MY_TLD}
swag_proto: http
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.monitor.url: https://unmanic.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8911:8888
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- source: ${DOCKER_VOLUME_CONFIG}/unmanic
target: /config
type: bind
bind:
create_host_path: true
- source: ${DOCKER_VOLUME_STORAGE}
target: /library
type: bind
bind:
create_host_path: true
- source: unmanic-cache
target: /tmp/unmanic
type: volume
volume: {}
uptimekuma:
container_name: uptimekuma
depends_on:
swag:
condition: service_started
required: true
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: ${TZ}
UPTIME_KUMA_USERNAME: ${UPTIME_KUMA_USERNAME}
UPTIME_KUMA_PASSWORD: ${UPTIME_KUMA_PASSWORD}
DOCKER_HOST: tcp://dockerproxy:2375
hostname: Rinoa
image: louislam/uptime-kuma:latest@sha256:3d632903e6af34139a37f18055c4f1bfd9b7205ae1138f1e5e8940ddc1d176f9
labels:
homepage.group: Infrastructure/App Performance Monitoring
homepage.name: Uptime Kuma
homepage.href: https://uptime.${MY_TLD}
homepage.icon: uptime-kuma.png
homepage.description: HTTP Endpoint Monitoring
homepage.widget.type: uptimekuma
homepage.widget.url: http://uptimekuma:3001
homepage.widget.slug: rinoa-services
swag: enable
swag_proto: http
swag_url: uptime.${MY_TLD}
networks:
default: null
ports:
- 3003:3001
profiles: ["rinoa-infra"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/uptimekuma
target: /app/data
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
vault:
cap_add:
- IPC_LOCK
command:
- server
container_name: hc-vault
environment:
AWS_ACCESS_KEY_ID: ${VAULT_HASHICORP_AWS_ACCESS_KEY_ID}
AWS_SECRET_ACCESS_KEY: ${VAULT_HASHICORP_AWS_SECRET_ACCESS_KEY}
image: hashicorp/vault:latest@sha256:62dd55c9ccbdc0af0a9269e87481a64650258907434d5ddb5e795e2eb2ac5780
labels:
homepage.group: Code/DevOps
homepage.name: HashiCorp Vault
homepage.icon: vault.png
homepage.href: https://vault.${MY_TLD}
homepage.description: HashiCorp Vault for secrets, key/value stores, etc.
swag: enable
swag_proto: http
swag_port: 8200
swag_url: vault.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: HashiCorp Vault
swag.uptime-kuma.monitor.url: https://vault.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 8200:8200
- 8250:8250
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/config/:/vault/config
- ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/logs/:/vault/logs
wallos:
container_name: wallos
environment:
TZ: ${TZ}
image: bellamy/wallos:latest@sha256:1277c83dc626853ac14658c1b0aaf003e1bced213c37370d149fdd9622b5747f
labels:
homepage.group: Lifestyle
homepage.name: wallos
homepage.href: https://subs.${MY_TLD}
homepage.icon: wallos.png
homepage.description: Subscription Tracking
sablier.enable: false
sablier.group: rinoa
swag: enable
swag_proto: http
swag_url: subs.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Wallos
swag.uptime-kuma.monitor.url: https://subs.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8283:80
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- wallos-db:/var/www/html/db
- wallos-logos:/var/www/html/images/uploads/logos
web-check:
container_name: web-check
image: lissy93/web-check@sha256:f2d1dc726958c1d79ac459cac84eb26eb4f203a4d27447f336695a8c1884f1e3
labels:
homepage.group: Privacy/Security
homepage.name: Web-Check
homepage.icon: web-check.png
homepage.href: https://scan.${MY_TLD}
homepage.description: Site scanner for attack vectors, architecture, security configs, and more
swag: enable
swag_proto: http
swag_url: scan.${MY_TLD}
swag_port: 3000
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Web-Check
swag.uptime-kuma.monitor.url: https://scan.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 3010:3000
profiles: ["rinoa-apps"]
restart: unless-stopped
whodb:
container_name: whodb
image: clidey/whodb@sha256:9bdd46c7d37c2cf6aa57a689749eb28acd5ea6b63519c58d59cb25a1ee8f57ae
environment:
WHODB_CLICKHOUSE_1: '{
"host": "signoz-clickhouse"
}'
WHODB_MARIADB_1: '{
"host": "mariadb",
"user": "root",
"password": "${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD}"
}'
WHODB_MONGODB_1: '{
"host": "mongodb:27017/admin?replicaSet=rinoa",
"user": "root",
"password": "${MONGO_INITDB_ROOT_PASSWORD}"
}'
WHODB_POSTGRES_1: '{
"host": "authelia-pg",
"user": "authelia",
"password": "${AUTHELIA_STORAGE_POSTGRES_PASSWORD}",
"database": "authelia"
}'
WHODB_POSTGRES_2: '{
"host": "dawarich-pg-db",
"user": "dawarich",
"password": "${DAWARICH_PG_PASSWORD}",
"database": "authelia"
}'
WHODB_POSTGRES_3: '{
"host": "gitea-db",
"user": "gitea",
"password": "${GITEA_PG_DB_PASSWORD}",
"database": "gitea"
}'
WHODB_POSTGRES_4: '{
"host": "immich-pg-db",
"user": "immich",
"password": "${IMMICH_DB_PASSWORD}",
"database": "immich"
}'
WHODB_POSTGRES_5: '{
"host": "invidious-db",
"user": "kemal",
"password": "${INVID_PG_DB_PASSWORD}",
"database": "invidious"
}'
WHODB_POSTGRES_6: '{
"host": "joplin-db",
"user": "joplin",
"password": "${JOPLIN_POSTGRES_PASSWORD}",
"database": "joplin"
}'
WHODB_POSTGRES_7: '{
"host": "librechat-vectordb",
"user": "librechat",
"password": "${LIBRECHAT_PG_DB_PASSWD}",
"database": "librechat"
}'
WHODB_POSTGRES_8: '{
"host": "mastodon-pg-db",
"user": "mastodon",
"password": "${MASTODON_PG_DB_PASSWORD}",
"database": "mastodon"
}'
WHODB_POSTGRES_9: '{
"host": "penpot-pg-db",
"user": "penpot",
"password": "${PENPOT_PG_DB_PASSWORD}",
"database": "penpot"
}'
WHODB_POSTGRES_10: '{
"host": "planka-pg-db",
"user": "planka",
"password": "${PLANKA_PG_PASSWORD}",
"database": "planka"
}'
WHODB_POSTGRES_11: '{
"host": "portnote-pg-db",
"user": "portnote",
"password": "${PORTNOTE_POSTGRES_PASSWORD}",
"database": "portnote"
}'
WHODB_POSTGRES_12: '{
"host": "reactive-resume-pg",
"user": "reactiveresume",
"password": "${REACTIVE_RESUME_PGSQL_PASSWORD}",
"database": "reactiveresume"
}'
WHODB_POSTGRES_13: '{
"host": "sonarqube-pg-db",
"user": "sonar",
"password": "${SONARQUBE_POSTGRES_PASSWORD}",
"database": "sonar"
}'
WHODB_POSTGRES_14: '{
"host": "tandoor-pg",
"user": "tandoor",
"password": "${TANDOOR_POSTGRES_PASSWORD}",
"database": "tandoor"
}'
WHODB_POSTGRES_15: '{
"host": "asciinema-pg-db",
"user": "asciinema",
"password": "${ASCIINEMA_PG_DB_PASSWORD}",
"database": "asciinema"
}'
WHODB_REDIS_1: '{
"host": "castopod-valkey"
}'
WHODB_REDIS_2: '{
"host": "dawarich-valkey"
}'
WHODB_REDIS_3: '{
"host": "immich-valkey"
}'
WHODB_REDIS_4: '{
"host": "librechat-valkey"
}'
WHODB_REDIS_5: '{
"host": "manyfold-valkey"
}'
WHODB_REDIS_6: '{
"host": "mastodon-valkey"
}'
WHODB_REDIS_7: '{
"host": "maxun-valkey"
}'
WHODB_REDIS_8: '{
"host": "mixpost-valkey"
}'
WHODB_REDIS_9: '{
"host": "paperless-valkey"
}'
WHODB_REDIS_10: '{
"host": "plant-it-valkey"
}'
WHODB_SQLITE3_1: '{"database":"kuma.db"}'
WHODB_OLLAMA_HOST: ollama
WHODB_OLLAMA_PORT: 11434
WHODB_ANTHROPIC_API_KEY: ${LIBRECHAT_ANTHROPIC_API_KEY}
WHODB_OPENAI_API_KEY: ${LIBRECHAT_OPENAI_API_KEY}
expose:
- 8080
labels:
homepage.group: System Administration
homepage.name: WhoDB
homepage.href: https://dbs.${MY_TLD}
homepage.icon: whodb.png
homepage.description: Lightweight next-gen database explorer
swag: enable
swag_auth: authelia
swag_port: 8080
swag_proto: http
swag_url: dbs.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: WhoDB
swag.uptime-kuma.monitor.url: https://dbs.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/uptimekuma/:/db
wizarr:
container_name: wizarr
depends_on:
authelia:
condition: service_started
required: true
environment:
PUID: ${PUID}
PGID: ${PGID}
DISABLE_BUILTIN_AUTH: true
TZ: ${TZ}
image: ghcr.io/wizarrrr/wizarr@sha256:dbf51675f35cd39db92d0a6522b461eec5e28f65357d804c60daca60ba1f3dd8
labels:
homepage.group: Servarr Stack
homepage.name: Wizarr
homepage.href: https://wizarr.${MY_TLD}
homepage.icon: wizarr.svg
homepage.description: User invitation management system for Jellyfin, Plex, and Emby
swag: enable
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: Wizarr
swag.uptime-kuma.monitor.url: https://wizarr.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
ports:
- 5690:5690
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- ${DOCKER_VOLUME_CONFIG}/wizarr/database:/data/database
- ${DOCKER_VOLUME_CONFIG}/wizarr/wizard:/data/wizard_steps
youtubedl:
container_name: youtubedl
environment:
PGID: ${PGID}
PUID: ${PUID}
TZ: America/New_York
YDL_CONFIG_PATH: /youtube-dl/config.yml
YDL_DEBUG: "false"
hostname: Rinoa
image: nbr23/youtube-dl-server:latest@sha256:a5274ded39024da2fe8c3116747e9b906a867ffea8307a6cd4220215f1dfefed
labels:
homepage.group: Downloaders
homepage.name: YoutubeDL
homepage.icon: youtube-dl.svg
homepage.href: https://ytdl.${MY_TLD}
homepage.description: YouTube Downloader
swag: enable
swag_proto: http
swag_url: ytdl.${MY_TLD}
swag_port: 8080
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.parent: Rinoa
swag.uptime-kuma.name: YoutubeDL
swag.uptime-kuma.monitor.url: https://ytdl.${MY_TLD}
swag.uptime-kuma.monitor.interval: 300
swag.uptime-kuma.monitor.retryInterval: 60
swag.uptime-kuma.monitor.maxretries: 5
networks:
default: null
ports:
- 8089:8080
profiles: ["rinoa-apps"]
restart: unless-stopped
volumes:
- bind:
create_host_path: true
read_only: true
source: /etc/localtime
target: /etc/localtime
type: bind
- bind:
create_host_path: true
source: ${DOCKER_VOLUME_CONFIG}/youtubedl
target: /youtube-dl
type: bind
- bind:
create_host_path: true
source: /rinoa-storage
target: /storage
type: bind
volumes:
asciinema-data:
name: asciinema-data
asciinema-pg-data:
name: asciinema-pg-data
audiomuse-ai-pg-data:
name: audiomuse-ai-pg-data
audiomuse-temp-audio-flask:
name: audiomuse-temp-audio-flask
audiomuse-ai-valkey-data:
name: audiomuse-ai-valkey-data
audiomuse-temp-audio-worker:
name: audiomuse-temp-audio-worker
authelia-pg-db:
name: authelia-pg-db
authelia-valkey-data:
name: authelia-valkey-data
castopod-media:
name: castopod-media
castopod-valkey-data:
name: castopod-valkey-data
changedetection-data:
name: changedetection-data
crowdsec-config:
name: crowdsec-config
crowdsec-db:
name: crowdsec-db
dagu-data:
name: dagu-data
dawarich_db_data:
name: dawarich_db_data
dawarich_shared:
name: dawarich_shared
dawarich_public:
name: dawarich_public
dawarich-valkey-data:
name: dawarich-valkey-data
dawarich_watched:
name: dawarich_watched
dockflare_data:
name: dockflare_data
fastenhealth-cache:
name: fastenhealth-cache
fastenhealth-db:
name: fastenhealth-db
gitea-pg-db:
name: gitea-pg-db
immich-model-cache:
name: immich-model-cache
immich-valkey-data:
name: immich-valkey-data
influxdb2-data:
name: influxdb2-data
influxdb2-config:
name: influxdb2-config
invidious-companion-cache:
name: invidious-companion-cache
invidious-postgres:
name: invidious-postgres
jitsi-web-admin-theme:
name: jitsi-web-admin-theme
jitsi-web-admin-upload:
name: jitsi-web-admin-upload
joplin_data:
name: joplin_data
karakeep-data:
name: karakeep-data
linkstack_data:
name: linkstack_data
libretranslate_api_keys:
name: libretranslate_api_keys
libretranslate_models:
name: libretranslate_models
lldap_data:
name: lldap_data
manyfold-valkey-data:
name: manyfold-valkey-data
mastodon-pg-db:
name: mastodon-pg-db
mastodon-valkey-data:
name: mastodon-valkey-data
maxun-pg-data:
name: maxun-pg-data
maxun-valkey-data:
name: maxun-valkey-data
mixpost-storage:
name: mixpost-storage
mixpost-logs:
name: mixpost-logs
mixpost-valkey-data:
name: mixpost-valkey-data
mgob-data:
name: mgob-data
mgob-tmp:
name: mgob-tmp
mongodb_config:
name: mongodb_config
mongodb_data:
name: mongodb_data
n8n-data:
name: n8n-data
nextcloud_aio_mastercontainer:
name: nextcloud_aio_mastercontainer
nocodb_data:
name: nocodb_data
nocodb_pg_data:
name: nocodb_pg_data
nocodb_valkey_data:
name: nocodb_valkey_data
ollama:
name: ollama
open-webui-data:
name: open-webui-data
open-webui-valkey-data:
name: open-webui-valkey-data
paperless-ngx-data:
name: paperless-ngx-data
paperless-ngx-media:
name: paperless-ngx-media
paperless-ngx-pg:
name: paperless-ngx-pg
paperless-valkey-data:
name: paperless-valkey-data
pgbackweb-data:
name: pgbackweb-data
planka-favicons:
name: planka-favicons
planka-user-avatars:
name: planka-user-avatars
planka-background-images:
name: planka-background-images
planka-attachments:
name: planka-attachments
planka-db-data:
name: planka-db-data
plant-it-valkey-data:
name: plant-it-valkey-data
portainer-data:
name: portainer-data
protonmail-data:
name: protonmail-data
reactive-resume-pg:
name: reactive-resume-pg
romm_resources:
name: romm_resources
romm-valkey-data:
name: romm-valkey-data
searxng-valkey-data:
name: searxng-valkey-data
semaphore_config:
name: semaphore_config
semaphore_data:
name: semaphore_data
semaphore_tmp:
name: semaphore_tmp
signoz-clickhouse:
name: signoz-clickhouse
signoz-sqlite:
name: signoz-sqlite
signoz-zookeeper-1:
name: signoz-zookeeper-1
sonarqube-data:
name: sonarqube-data
sonarqube-db:
name: sonarqube-db
sonarqube-db-data:
name: sonarqube-db-data
sonarqube-extensions:
name: sonarqube-extensions
sonarqube-logs:
name: sonarqube-logs
sonarqube-temp:
name: sonarqube-temp
tandoor-pg:
name: tandoor-pg
unmanic-cache:
name: unmanic-cache
wallos-db:
name: wallos-db
wallos-logos:
name: wallos-logos
Reference in New Issue View Git Blame Copy Permalink