update root_url

.gitea/workflows/demo2.yaml

@@ -0,0 +1,19 @@
+name: Deploy Stacks
+run-name: ${{ gitea.actor }} is testing out Gitea Actions 🚀
+on: [push]
+
+jobs:
+  Redeploy_services_stacks:
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo "🎉 The job was automatically triggered by a ${{ gitea.event_name }} event."
+      - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by Gitea!"
+      - run: echo "🔎 The name of your branch is ${{ gitea.ref }} and your repository is ${{ gitea.repository }}."
+      - name: Check out repository code
+        uses: actions/checkout@v4
+      - run: echo "💡 The ${{ gitea.repository }} repository has been cloned to the runner."
+      - run: echo "🖥️ The workflow is now ready to test your code on the runner."
+      - name: List files in the repository
+        run: |
+          ls ${{ gitea.workspace }}
+      - run: echo "🍏 This job's status is ${{ job.status }}."

.gitignore

@@ -0,0 +1 @@
+RicoToGhostfolio

RicoToGhostfolio/.idea/.gitignore

@@ -0,0 +1,8 @@
+# Default ignored files
+/shelf/
+/workspace.xml
+# Editor-based HTTP Client requests
+/httpRequests/
+# Datasource local storage ignored files
+/dataSources/
+/dataSources.local.xml

caddy/Dockerfile

@@ -0,0 +1,8 @@
+FROM caddy:builder AS builder
+
+RUN xcaddy build \
+    --with github.com/caddy-dns/cloudflare
+
+FROM caddy
+
+COPY --from=builder /usr/bin/caddy /usr/bin/caddy

caddy/docker-compose.yml

@@ -1,6 +1,6 @@
 services:
   caddy:
-   # image: caddy:latest
+    #image: caddy:latest
     container_name: caddy
     build:
       dockerfile: Dockerfile
@@ -12,16 +12,72 @@ services:
       - "80:80"
       - "443:443"
       - "443:443/udp"
-      - "8282:8282"
+      - "8088:8088"
     volumes:
-      - ./Caddyfile:/etc/caddy/Caddyfile
-      - ./site/bortolaso-sail:/srv/bortolaso-sail
-      - ./site/ariang:/srv/ariang
-      - ./caddy-data:/data
-      - ./caddy-config:/config
+      - /home/ccalifice/docker-data/caddy/Caddyfile:/etc/caddy/Caddyfile
+      - /home/ccalifice/docker-data/caddy/site/bortolaso-sail:/srv/bortolaso-sail
+      - /home/ccalifice/docker-data/caddy/caddy-data:/data
+      - /home/ccalifice/docker-data/caddy/caddy-config:/config
+      - /home/ccalifice/docker-data/caddy/site/webhook-gtm:/srv/webhook-gtm
     networks:
       - caddy-net
 
+  newt:
+    image: fosrl/newt
+    container_name: newt
+    restart: unless-stopped
+    environment:
+      - PANGOLIN_ENDPOINT=https://pangolin.sereiaguardia.com
+      - NEWT_ID=t9eefucz8uk0qds
+      - NEWT_SECRET=tqb7nl80iwqsmyox0nndb82k516egcc7ui4fkuigvesuui3f
+    networks:
+      - caddy-net
+
+  # cloudflared:
+  #     image: cloudflare/cloudflared:latest
+  #     container_name: cloudflared
+  #     user: "0:0"
+  #     volumes:
+  #     - ./config:/root/.cloudflared
+  #     #command: tunnel login
+  #     #command: tunnel create tunnel_ccalifice
+  #     command: tunnel --no-autoupdate run
+  #     restart: unless-stopped
+  #     networks:
+  #       - caddy-net
+
+
+#  ddns-updater:
+#    image: qmcgaw/ddns-updater
+#    container_name: ddns-updater
+#    network_mode: bridge
+#    ports:
+#      - 8008:8000/tcp
+#    volumes:
+#      - ./ddns/data:/updater/data
+#    environment:
+#      - CONFIG=
+#      - PERIOD=5m
+#      - UPDATE_COOLDOWN_PERIOD=5m
+#      - PUBLICIP_FETCHERS=all
+#      - PUBLICIP_HTTP_PROVIDERS=all
+#      - PUBLICIPV4_HTTP_PROVIDERS=all
+#      - PUBLICIPV6_HTTP_PROVIDERS=all
+#      - PUBLICIP_DNS_PROVIDERS=all
+#      - PUBLICIP_DNS_TIMEOUT=3s
+#      - HTTP_TIMEOUT=10s
+      # Web UI
+#      - LISTENING_ADDRESS=:8000
+#      - ROOT_URL=/
+      # Backup
+#      - BACKUP_PERIOD=0 # 0 to disable
+#      - BACKUP_DIRECTORY=/updater/data
+      # Other
+#      - LOG_LEVEL=info
+#      - LOG_CALLER=hidden
+#      - SHOUTRRR_ADDRESSES=
+#    restart: always
+
 networks:
   caddy-net:
     driver: bridge

checkmk/docker-compose.yml

@@ -0,0 +1,15 @@
+services:
+  checkmk:
+    image: "checkmk/check-mk-raw:2.4.0-latest"
+    container_name: "checkmk"
+    environment:
+      - CMK_PASSWORD=asdf1234
+      - TZ=America/Sao_Paulo
+    volumes:
+      - /home/ccalifice/docker-data/checkmk:/omd/sites
+    tmpfs:
+      - /opt/omd/sites/cmk/tmp:uid=1000,gid=1002
+    ports:
+      - 5000:5000
+      - 8800:8000
+    restart: always

cloudflared/docker-compose.yml

@@ -1,18 +0,0 @@
-services:
-    cloudflared:
-        image: cloudflare/cloudflared:latest
-        container_name: cloudflared
-        user: "0:0"
-        volumes:
-        - ./config:/root/.cloudflared
-        #command: tunnel login
-        #command: tunnel create tunnel_ccalifice
-        command: tunnel --no-autoupdate run
-        restart: always
-        networks:
-          - caddy-net
-
-networks:
-  caddy-net:
-    external: true
-    name: caddy-net

cyber-chef/docker-compose.yml

@@ -1,8 +0,0 @@
-name: cyber-chef
-services:
-  cyberchef:
-    ports:
-      - 8383:80
-    image: ghcr.io/gchq/cyberchef:latest
-    restart: unless-stopped
-    container_name: container_name

filebrowser/docker-compose.yml

@@ -1,15 +1,16 @@
----
 services:
   filebrowser:
-    image: filebrowser/filebrowser
-    container_name: filebrowser
+    image: gtstef/filebrowser:stable
+    environment:
       user: "1000:1002"
+      FILEBROWSER_CONFIG: "data/config.yaml" # overrides the default path which is ./config.yaml
+      FILEBROWSER_ADMIN_PASSWORD: "lkj123-0kj12lk12-92nas3@lj&239dfk3"
+      TZ: "America/Sao_Paulo"
+    volumes:
+      - /mnt/servarr:/servarr
+      - /mnt/system:/system
+      - /home/ccalifice/docker-data/filebrowser/data:/home/filebrowser/data
+      - /home/ccalifice/docker-data/filebrowser/tmp:/home/filebrowser/tmp
     ports:
       - 8686:80
-    volumes:
-      - /mnt/christoph:/srv/christoph
-      - /mnt/Public:/srv/Public
-      - ./database.db:/database.db
-      - ./settings.json:/.settings.json
-      - ./branding:/branding
     restart: unless-stopped

firefly-iii/docker-compose.yml

@@ -13,9 +13,9 @@ services:
     container_name: firefly_iii_core
     networks:
       - firefly_iii
-    restart: always
+    restart: unless-stopped
     volumes:
-      - ./firefly_iii_upload:/var/www/html/storage/upload
+      - /home/ccalifice/docker-data/firefly-iii/firefly_iii_upload:/var/www/html/storage/upload
     env_file: .env
     ports:
       - '88:8080'
@@ -27,7 +27,7 @@ services:
     container_name: firefly_iii_db
     networks:
       - firefly_iii
-    restart: always
+    restart: unless-stopped
     env_file: .db.env
     volumes:
       - ./firefly_iii_db:/var/lib/mysql
@@ -35,7 +35,7 @@ services:
   importer:
     image: fireflyiii/data-importer:latest
     hostname: importer
-    restart: always
+    restart: unless-stopped
     container_name: firefly_iii_importer
     networks:
       - firefly_iii
@@ -48,7 +48,7 @@ services:
   importer_mor:
     image: fireflyiii/data-importer:latest
     hostname: importer
-    restart: always
+    restart: unless-stopped
     container_name: firefly_iii_importer_mor
     networks:
       - firefly_iii
@@ -65,7 +65,7 @@ services:
     #
     image: alpine
     container_name: firefly_iii_cron
-    restart: always
+    restart: unless-stopped
     command: sh -c "echo \"0 3 * * * wget -qO- http://app:8080/api/v1/cron/REPLACEME\" | crontab - && crond -f -L /dev/stdout"
     networks:
       - firefly_iii

free-games-claimer/docker-compose.yml

@@ -8,7 +8,7 @@ services:
       # - "5900:5900" # VNC server
       - "6080:6080" # noVNC (browser-based VNC client)
     volumes:
-      - ./fgc:/fgc/data
+      - /home/ccalifice/docker-data/free-games-claimer/fgc:/fgc/data
     restart: unless-stopped
     command: bash -c "node epic-games; node gog; node prime-gaming; echo sleeping; sleep 12h"
 #    environment:

ghostfolio/docker-compose.yml

@@ -47,7 +47,7 @@ services:
       timeout: 5s
       retries: 5
     volumes:
-      - ./postgres:/var/lib/postgresql/data
+      - /home/ccalifice/docker-data/ghostfolio/postgres:/var/lib/postgresql/data
 
   redis:
     image: docker.io/library/redis:alpine

gitea/docker-compose.yml

@@ -1,6 +1,10 @@
 networks:
   gitea:
     external: false
+    name: gitea-net
+  caddy-net:
+    name: caddy-net
+    external: true
 
 services:
   server:
@@ -10,15 +14,19 @@ services:
       - USER_UID=1000
       - USER_GID=1000
       - GITEA__database__DB_TYPE=postgres
-      - GITEA__database__HOST=db:5432
+      - GITEA__database__HOST=gitea-db:5432
       - GITEA__database__NAME=gitea
       - GITEA__database__USER=gitea
       - GITEA__database__PASSWD=gitea
-    restart: always
+      - GITEA__webhook__ALLOWED_HOST_LIST=*
+      - GITEA__packages__ENABLED=true
+      - GITEA__server__ROOT_URL=https://git.ccalifice.com
+    restart: unless-stopped
     networks:
       - gitea
+      - caddy-net
     volumes:
-      - ./gitea:/data
+      - /home/ccalifice/docker-data/gitea/gitea:/data
       - /etc/timezone:/etc/timezone:ro
       - /etc/localtime:/etc/localtime:ro
     ports:
@@ -29,7 +37,8 @@ services:
 
   db:
     image: docker.io/library/postgres:14
-    restart: always
+    container_name: gitea-db
+    restart: unless-stopped
     environment:
       - POSTGRES_USER=gitea
       - POSTGRES_PASSWORD=gitea
@@ -37,4 +46,18 @@ services:
     networks:
       - gitea
     volumes:
-      - ./postgres:/var/lib/postgresql/data
+      - /home/ccalifice/docker-data/gitea/postgres:/var/lib/postgresql/data
+
+  runner:
+    image: docker.io/gitea/act_runner:latest
+    container_name: gitea-runner
+    environment:
+      CONFIG_FILE: /config.yaml
+      GITEA_INSTANCE_URL: "http://192.168.1.202:3005"
+      GITEA_RUNNER_REGISTRATION_TOKEN: "q8X5Ja5wHK49yiFfHxJ4HEhCMKs8lKhYr771QHPh"
+      GITEA_RUNNER_NAME: "services-runner"
+      GITEA_RUNNER_LABELS: 
+    volumes:
+      - /home/ccalifice/docker-data/gitea/runner/config.yaml:/config.yaml
+      - /home/ccalifice/docker-data/gitea/runner/data:/data
+      - /var/run/docker.sock:/var/run/docker.sock

glances/docker-compose.yml

@@ -1,17 +0,0 @@
-services:
-  glances:
-    #image: nicolargo/glances:3.4.0.5-full
-    image: nicolargo/glances:latest-full
-    container_name: glances
-    restart: always
-    pid: host
-    ports:
-      - 61208:61208
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-      # Uncomment the below line if you want glances to display host OS detail instead of container's
-      - /etc/os-release:/etc/os-release:ro
-      - /mnt/restic:/restic
-      - /:/host:ro
-    environment:
-      - "GLANCES_OPT=-w"

grafana/docker-compose.yml

@@ -1,6 +1,3 @@
-networks:
-  grafana:
-
 services:
   loki:
     container_name: loki
@@ -8,30 +5,26 @@ services:
     ports:
       - "3100:3100"
     command: -config.file=/etc/loki/local-config.yaml
-    networks:
-      - grafana
 
   promtail:
     container_name: promtail
     image: grafana/promtail:latest
     volumes:
-      - /var/log:/var/log
+      - /home/ccalifice/docker-data/grafana/var/log:/var/log
     command: -config.file=/etc/promtail/config.yml
-    networks:
-      - grafana
 
   alloy:
     container_name: alloy
     image: grafana/alloy:latest
     profiles: ['alloy']
     volumes:
-      - ./config/alloy:/etc/alloy
+      - /home/ccalifice/docker-data/grafana/config/alloy:/etc/alloy
 
   grafana:
     environment:
       - GF_PATHS_PROVISIONING=/etc/grafana/provisioning
-#      - GF_AUTH_ANONYMOUS_ENABLED=true
-#      - GF_AUTH_ANONYMOUS_ORG_ROLE=Admin
+      #      - GF_AUTH_ANONYMOUS_ENABLED=true
+      #      - GF_AUTH_ANONYMOUS_ORG_ROLE=Admin
       - GF_SECURITY_ADMIN_USER=ccalifice
       - GF_SECURITY_ADMIN_PASSWORD=asdf1234
       - GF_FEATURE_TOGGLES_ENABLE=alertingSimplifiedRouting,alertingQueryAndExpressionsStepMode
@@ -57,27 +50,23 @@ services:
     image: grafana/grafana:latest
     ports:
       - "3003:3000"
-    networks:
-      - grafana
     volumes:
-      - ./data:/var/lib/grafana
+      - /home/ccalifice/docker-data/grafana/data:/var/lib/grafana
     user: "1000:1002"
     container_name: grafana
 
   prometheus:
     image: prom/prometheus
     volumes:
-      - "./prometheus.yml:/etc/prometheus/prometheus.yml"
-      - ./prometheus-data:/prometheus
-    networks:
-      - grafana
+      - "/home/ccalifice/docker-data/grafana/prometheus.yml:/etc/prometheus/prometheus.yml"
+      - /home/ccalifice/docker-data/grafana/prometheus-data:/prometheus
     ports:
       - 9090:9090
     user: "1000:1002"
     container_name: prometheus
 
 
-#sudo docker plugin install grafana/loki-docker-driver:3.3.2-amd64 --alias loki --grant-all-permissions
+# sudo docker plugin install grafana/loki-docker-driver:3.3.2-amd64 --alias loki --grant-all-permissions
 # {
 #     "debug" : true,
 #     "log-driver": "loki",

guacamole/docker-compose.yml

@@ -1,163 +1,59 @@
-####################################################################################
-# docker-compose file for Apache Guacamole
-# created by PCFreak 2017-06-28
-#
-# Apache Guacamole is a clientless remote desktop gateway. It supports standard
-# protocols like VNC, RDP, and SSH. We call it clientless because no plugins or
-# client software are required. Thanks to HTML5, once Guacamole is installed on
-# a server, all you need to access your desktops is a web browser.
-####################################################################################
-#
-# What does this file do?
-#
-# Using docker-compose it will:
-#
-# - create a network 'guacnetwork_compose' with the 'bridge' driver.
-# - create a service 'guacd_compose' from 'guacamole/guacd' connected to 'guacnetwork_compose'
-# - create a service 'postgres_guacamole_compose' (1) from 'postgres' connected to 'guacnetwork_compose'
-# - create a service 'guacamole_compose' (2)  from 'guacamole/guacamole/' conn. to 'guacnetwork_compose'
-# - create a service 'nginx_guacamole_compose' (3) from 'nginx' connected to 'guacnetwork_compose'
-#
-# (1)
-#  DB-Init script is in './init/initdb.sql' it has been created executing
-#  'docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --postgresql > ./init/initdb.sql'
-#  once.
-#  DATA-DIR       is in './data'
-#  If you want to change the DB password change all lines with 'POSTGRES_PASSWORD:' and
-#  change it to your needs before first start.
-#  To start from scratch delete './data' dir completely
-#  './data' will hold all data after first start!
-#  The initdb.d scripts are only executed the first time the container is started
-#  (and the database files are empty). If the database files already exist then the initdb.d
-#  scripts are ignored (e.g. when you mount a local directory or when docker-compose saves
-#  the volume and reuses it for the new container).
-#
-#  !!!!! MAKE SURE your folder './init' is executable (chmod +x ./init)
-#  !!!!! or 'initdb.sql' will be ignored!
-#  
-#  './data' will hold all data after first start!
-#
-# (2)
-#  Make sure you use the same value for 'POSTGRES_USER' and 'POSTGRES_PASSWORD'
-#  as configured under (1)
-#
-# (3)
-#  ./nginx/templates folder will be mapped read-only into the container at /etc/nginx/templates
-#  and according to the official nginx container docs the guacamole.conf.template will be
-#  placed in /etc/nginx/conf.d/guacamole.conf after container startup.
-#  ./nginx/ssl will be mapped into the container at /etc/nginx/ssl
-#  prepare.sh creates a a self-signed certificate. If you want to use your own certs
-#  just remove the part that generates the certs from prepare.sh and replace
-#  'self-ssl.key' and 'self.cert' with your certificate.
-#  nginx will export port 8443 to the outside world, make sure that this port is reachable
-#  on your system from the "outside world". All other traffic is only internal.
-#
-#  You could remove the entire 'nginx' service from this file if you want to use your own
-#  reverse proxy in front of guacamole. If doing so, make sure you change the line
-#   from     - 8080/tcp
-#   to       - 8080:8080/tcp
-#  within the 'guacamole' service. This will expose the guacamole webinterface directly
-#  on port 8080 and you can use it for your own purposes.
-#  Note: Guacamole is available on :8080/guacamole, not /.
-#
-# !!!!! FOR INITAL SETUP (after git clone) run ./prepare.sh once
-#
-# !!!!! FOR A FULL RESET (WILL ERASE YOUR DATABASE, YOUR FILES, YOUR RECORDS AND CERTS) DO A
-# !!!!!  ./reset.sh
-#
-#
-# The initial login to the guacamole webinterface is:
-#
-#     Username: guacadmin
-#     Password: guacadmin
-#
-# Make sure you change it immediately!
-#
-# version            date              comment
-# 0.1                2017-06-28        initial release
-# 0.2                2017-10-09        minor fixes + internal GIT push
-# 0.3                2017-10-09        minor fixes + public GIT push
-# 0.4                2019-08-14        creating of ssl certs now in prepare.sh
-#                                      simplified nginx startup commands
-# 0.5                2023-02-24        nginx now uses a template + some minor changes
-# 0.6                2023-03-23        switched to postgres 15.2-alpine
-# 0.61               2024-07-27        fix networks + version 3.0
-# 0.62               2024-07-27        fix
-#####################################################################################
-
-#the attribute `version` is obsolete, it will be ignored, please remove it to avoid potential confusion
-#version: '3.0'
-
 # networks
 # create a network 'guacnetwork_compose' in mode 'bridged'
 networks:
-  guacnetwork_compose:
-    driver: bridge
+  caddy-net:
+    name: caddy-net
+    external: true
 
 # services
 services:
   # guacd
   guacd:
     container_name: guacd_compose
-    image: guacamole/guacd
-    networks:
-      - guacnetwork_compose
+    image: guacamole/guacd:1.6.0
     restart: always
     volumes:
-    - ./drive:/drive:rw
-    - ./record:/record:rw
+    - /home/ccalifice/docker-data/guacamole/drive:/drive:rw
+    - /home/ccalifice/docker-data/guacamole/record:/record:rw
+  
   # postgres
   postgres:
     container_name: postgres_guacamole_compose
     environment:
       PGDATA: /var/lib/postgresql/data/guacamole
       POSTGRES_DB: guacamole_db
-      POSTGRES_PASSWORD: 'H4RD!PA$$word92753'
+      POSTGRES_PASSWORD: 'axfhj34sf098123jksf-19fnk120-34lkf983'
       POSTGRES_USER: guacamole_user
     image: postgres:15.2-alpine
-    networks:
-      - guacnetwork_compose
     restart: always
     volumes:
-    - ./init:/docker-entrypoint-initdb.d:z
-    - ./data:/var/lib/postgresql/data:Z
+    - /home/ccalifice/docker-data/guacamole/init:/docker-entrypoint-initdb.d:z
+    - /home/ccalifice/docker-data/guacamole/data:/var/lib/postgresql/data:Z
 
   # guacamole
   guacamole:
     container_name: guacamole_compose
+    group_add:
+      - "1000"
     depends_on:
     - guacd
     - postgres
     environment:
       GUACD_HOSTNAME: guacd
-      POSTGRES_DATABASE: guacamole_db
-      POSTGRES_HOSTNAME: postgres
-      POSTGRES_PASSWORD: 'H4RD!PA$$word92753'
-      POSTGRES_USER: guacamole_user
-    image: guacamole/guacamole
+      POSTGRESQL_DATABASE: guacamole_db
+      POSTGRESQL_HOSTNAME: postgres
+      POSTGRESQL_PASSWORD: 'axfhj34sf098123jksf-19fnk120-34lkf983'
+      POSTGRESQL_USERNAME: guacamole_user
+      RECORDING_SEARCH_PATH: /record
+    image: guacamole/guacamole:1.6.0
     networks:
-      - guacnetwork_compose
+      - caddy-net
+      - default
     volumes:
-      - ./record:/record:rw
+      - /home/ccalifice/docker-data/guacamole/record:/record:rw
     ports:
 ## enable next line if not using nginx
-    - 8181:8080/tcp # Guacamole is on :8080/guacamole, not /.
+    - 8085:8080/tcp # Guacamole is on :8080/guacamole, not /.
 ## enable next line when using nginx
-#    - 8080/tcp
+    - 8080/tcp
     restart: always
-
-########### optional ##############
-  # nginx
-#  nginx:
-#   container_name: nginx_guacamole_compose
-#   restart: always
-#   image: nginx:latest
-#   volumes:
-#   - ./nginx/templates:/etc/nginx/templates:ro
-#   - ./nginx/ssl/self.cert:/etc/nginx/ssl/self.cert:ro
-#   - ./nginx/ssl/self-ssl.key:/etc/nginx/ssl/self-ssl.key:ro
-#   ports:
-#   - 8443:443
-#   networks:
-#     - guacnetwork_compose
-####################################################################################

homepage/docker-compose.yml

@@ -1,17 +0,0 @@
-services:
-  homepage:
-    image: ghcr.io/gethomepage/homepage:latest
-    container_name: homepage
-    environment:
-      PUID: 1000
-      PGID: 1002
-      HOMEPAGE_ALLOWED_HOSTS: 192.168.1.202:3000
-    ports:
-      - 3000:3000
-    volumes:
-      - ./config:/app/config # Make sure your local config directory exists
-      - /mnt/servarr:/servarr
-      - /mnt/hdd_1tb:/hdd_1tb
-    restart: unless-stopped
-    
-      

immich-app/.env

@@ -1,10 +1,10 @@
 # You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables
 
 # The location where your uploaded files are stored
-UPLOAD_LOCATION=./library
+UPLOAD_LOCATION=/mnt/immich-library
 
 # The Immich version to use. You can pin this to a specific version like "v1.71.0"
-IMMICH_VERSION=v1.137.3
+IMMICH_VERSION=v2.4.1
 
 # Connection secret for postgres. You should change it to a random password
 DB_PASSWORD=asdf1234
@@ -14,7 +14,6 @@ DB_PASSWORD=asdf1234
 DB_HOSTNAME=immich_postgres
 DB_USERNAME=postgres
 DB_DATABASE_NAME=immich
+DB_DATA_LOCATION=/home/ccalifice/docker-data/immich/pgdata
 
 REDIS_HOSTNAME=immich_redis
-
-EXTERNAL_LIB_CANON=/mnt/Canon

immich-app/docker-compose.yml

@@ -6,7 +6,6 @@ services:
     volumes:
       - ${UPLOAD_LOCATION}:/usr/src/app/upload
       - /etc/localtime:/etc/localtime:ro
-      - ${EXTERNAL_LIB_CANON}:/usr/src/app/external/canon:ro
     env_file:
       - .env
     ports:
@@ -14,33 +13,46 @@ services:
     depends_on:
       - redis
       - database
-    restart: always
+    restart: unless-stopped
+    networks:
+      - caddy-net
+      - default
 
   immich-machine-learning:
     container_name: immich_machine_learning
     image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
     volumes:
-      - ./model-cache:/cache
+      - /home/ccalifice/docker-data/immich/model-cache:/cache
     env_file:
       - .env
-    restart: always
+    restart: unless-stopped
 
   redis:
     container_name: immich_redis
-    image: docker.io/valkey/valkey:8-bookworm@sha256:42cba146593a5ea9a622002c1b7cba5da7be248650cbb64ecb9c6c33d29794b1
+    image: docker.io/valkey/valkey:8@sha256:81db6d39e1bba3b3ff32bd3a1b19a6d69690f94a3954ec131277b9a26b95b3aa
     healthcheck:
       test: redis-cli ping || exit 1
-    restart: always
+    restart: unless-stopped
 
   database:
     container_name: immich_postgres
-    image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
+    image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:bcf63357191b76a916ae5eb93464d65c07511da41e3bf7a8416db519b40b1c23
     env_file:
       - .env
     environment:
       POSTGRES_PASSWORD: ${DB_PASSWORD}
       POSTGRES_USER: ${DB_USERNAME}
       POSTGRES_DB: ${DB_DATABASE_NAME}
+      POSTGRES_INITDB_ARGS: '--data-checksums'
+     # DB_STORAGE_TYPE: 'HDD'
     volumes:
-      - ./pgdata:/var/lib/postgresql/data
-    restart: always
+      - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
+      - /home/ccalifice/docker-data/immich/dump:/dump
+    restart: unless-stopped
+    shm_size: 128mb
+
+networks:
+  caddy-net:
+    external: true
+    name: caddy-net
+  default:

komodo/.env

@@ -0,0 +1,152 @@
+####################################
+# 🦎 KOMODO COMPOSE - VARIABLES 🦎 #
+####################################
+
+## These compose variables can be used with all Komodo deployment options.
+## Pass these variables to the compose up command using `--env-file komodo/compose.env`.
+## Additionally, they are passed to both Komodo Core and Komodo Periphery with `env_file: ./compose.env`,
+## so you can pass any additional environment variables to Core / Periphery directly in this file as well.
+
+## Stick to a specific version, or use `latest`
+COMPOSE_KOMODO_IMAGE_TAG=latest
+## Store dated database backups on the host - https://komo.do/docs/setup/backup
+COMPOSE_KOMODO_BACKUPS_PATH=/etc/komodo/backups
+
+## DB credentials
+KOMODO_DB_USERNAME=admin
+KOMODO_DB_PASSWORD=admin
+
+## Configure a secure passkey to authenticate between Core / Periphery.
+KOMODO_PASSKEY=a_random_passkey
+
+## Set your time zone for schedules
+## https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
+TZ=America/Sao_Paulo
+
+#=-------------------------=#
+#= Komodo Core Environment =#
+#=-------------------------=#
+
+## Full variable list + descriptions are available here:
+## 🦎 https://github.com/moghtech/komodo/blob/main/config/core.config.toml 🦎
+
+## Note. Secret variables also support `${VARIABLE}_FILE` syntax to pass docker compose secrets.
+## Docs: https://docs.docker.com/compose/how-tos/use-secrets/#examples
+
+## Used for Oauth / Webhook url suggestion / Caddy reverse proxy.
+KOMODO_HOST=https://komodo.ccalifice.com
+## Displayed in the browser tab.
+KOMODO_TITLE=Komodo
+## Create a server matching this address as the "first server".
+## Use `https://host.docker.internal:8120` when using systemd-managed Periphery.
+KOMODO_FIRST_SERVER=https://periphery:8120
+## Give the first server a custom name.
+KOMODO_FIRST_SERVER_NAME=Local
+## Make all buttons just double-click, rather than the full confirmation dialog.
+KOMODO_DISABLE_CONFIRM_DIALOG=false
+
+## Rate Komodo polls your servers for
+## status / container status / system stats / alerting.
+## Options: 1-sec, 5-sec, 15-sec, 1-min, 5-min, 15-min
+## Default: 15-sec
+KOMODO_MONITORING_INTERVAL="15-sec"
+## Interval at which to poll Resources for any updates / automated actions.
+## Options: 15-min, 1-hr, 2-hr, 6-hr, 12-hr, 1-day
+## Default: 1-hr
+KOMODO_RESOURCE_POLL_INTERVAL="1-hr"
+
+## Used to auth incoming webhooks. Alt: KOMODO_WEBHOOK_SECRET_FILE
+KOMODO_WEBHOOK_SECRET=a_random_secret
+## Used to generate jwt. Alt: KOMODO_JWT_SECRET_FILE
+KOMODO_JWT_SECRET=a_random_jwt_secret
+## Time to live for jwt tokens.
+## Options: 1-hr, 12-hr, 1-day, 3-day, 1-wk, 2-wk
+KOMODO_JWT_TTL="1-day"
+
+## Enable login with username + password.
+KOMODO_LOCAL_AUTH=true
+## Set the initial admin username created upon first launch.
+## Comment out to disable initial user creation,
+## and create first user using signup button.
+KOMODO_INIT_ADMIN_USERNAME=admin
+## Set the initial admin password
+KOMODO_INIT_ADMIN_PASSWORD=malvado6696
+## Disable new user signups.
+KOMODO_DISABLE_USER_REGISTRATION=false
+## All new logins are auto enabled
+KOMODO_ENABLE_NEW_USERS=false
+## Disable non-admins from creating new resources.
+KOMODO_DISABLE_NON_ADMIN_CREATE=false
+## Allows all users to have Read level access to all resources.
+KOMODO_TRANSPARENT_MODE=true
+
+## Prettier logging with empty lines between logs
+KOMODO_LOGGING_PRETTY=false
+## More human readable logging of startup config (multi-line)
+KOMODO_PRETTY_STARTUP_CONFIG=false
+
+## OIDC Login
+KOMODO_OIDC_ENABLED=false
+## Must reachable from Komodo Core container
+# KOMODO_OIDC_PROVIDER=https://oidc.provider.internal/application/o/komodo
+## Change the host to one reachable be reachable by users (optional if it is the same as above).
+## DO NOT include the `path` part of the URL.
+# KOMODO_OIDC_REDIRECT_HOST=https://oidc.provider.external
+## Your OIDC client id
+# KOMODO_OIDC_CLIENT_ID= # Alt: KOMODO_OIDC_CLIENT_ID_FILE
+## Your OIDC client secret.
+## If your provider supports PKCE flow, this can be ommitted.
+# KOMODO_OIDC_CLIENT_SECRET= # Alt: KOMODO_OIDC_CLIENT_SECRET_FILE
+## Make usernames the full email.
+## Note. This does not work for all OIDC providers.
+# KOMODO_OIDC_USE_FULL_EMAIL=true
+## Add additional trusted audiences for token claims verification.
+## Supports comma separated list, and passing with _FILE (for compose secrets).
+# KOMODO_OIDC_ADDITIONAL_AUDIENCES=abc,123 # Alt: KOMODO_OIDC_ADDITIONAL_AUDIENCES_FILE
+
+## Github Oauth
+KOMODO_GITHUB_OAUTH_ENABLED=false
+# KOMODO_GITHUB_OAUTH_ID= # Alt: KOMODO_GITHUB_OAUTH_ID_FILE
+# KOMODO_GITHUB_OAUTH_SECRET= # Alt: KOMODO_GITHUB_OAUTH_SECRET_FILE
+
+## Google Oauth
+KOMODO_GOOGLE_OAUTH_ENABLED=false
+# KOMODO_GOOGLE_OAUTH_ID= # Alt: KOMODO_GOOGLE_OAUTH_ID_FILE
+# KOMODO_GOOGLE_OAUTH_SECRET= # Alt: KOMODO_GOOGLE_OAUTH_SECRET_FILE
+
+## Aws - Used to launch Builder instances.
+KOMODO_AWS_ACCESS_KEY_ID= # Alt: KOMODO_AWS_ACCESS_KEY_ID_FILE
+KOMODO_AWS_SECRET_ACCESS_KEY= # Alt: KOMODO_AWS_SECRET_ACCESS_KEY_FILE
+
+#=------------------------------=#
+#= Komodo Periphery Environment =#
+#=------------------------------=#
+
+## Full variable list + descriptions are available here:
+## 🦎 https://github.com/moghtech/komodo/blob/main/config/periphery.config.toml 🦎
+
+## Specify the root directory used by Periphery agent.
+PERIPHERY_ROOT_DIRECTORY=/etc/komodo
+
+## Periphery passkeys must include KOMODO_PASSKEY to authenticate.
+PERIPHERY_PASSKEYS=${KOMODO_PASSKEY}
+
+## Specify whether to disable the terminals feature
+## and disallow remote shell access (inside the Periphery container).
+PERIPHERY_DISABLE_TERMINALS=false
+
+## Enable SSL using self signed certificates.
+## Connect to Periphery at https://address:8120.
+PERIPHERY_SSL_ENABLED=true
+
+## If the disk size is overreporting, can use one of these to 
+## whitelist / blacklist the disks to filter them, whichever is easier.
+## Accepts comma separated list of paths.
+## Usually whitelisting just /etc/hostname gives correct size.
+PERIPHERY_INCLUDE_DISK_MOUNTS=/etc/hostname
+# PERIPHERY_EXCLUDE_DISK_MOUNTS=/snap,/etc/repos
+
+## Prettier logging with empty lines between logs
+PERIPHERY_LOGGING_PRETTY=false
+## More human readable logging of startup config (multi-line)
+PERIPHERY_PRETTY_STARTUP_CONFIG=false

komodo/docker-compose.yml

@@ -0,0 +1,94 @@
+###################################
+# 🦎 KOMODO COMPOSE - FERRETDB 🦎 #
+###################################
+
+## This compose file will deploy:
+##   1. Postgres + FerretDB Mongo adapter (https://www.ferretdb.com)
+##   2. Komodo Core
+##   3. Komodo Periphery
+
+services:
+  postgres:
+    # 🚨 Pin to a specific version. Updates can be breaking.
+    # https://github.com/FerretDB/documentdb/pkgs/container/postgres-documentdb
+    image: ghcr.io/ferretdb/postgres-documentdb
+    labels:
+      komodo.skip: # Prevent Komodo from stopping with StopAllContainers
+    restart: unless-stopped
+    # ports:
+    #   - 5432:5432
+    volumes:
+      - postgres-data:/var/lib/postgresql/data
+    environment:
+      POSTGRES_USER: ${KOMODO_DB_USERNAME}
+      POSTGRES_PASSWORD: ${KOMODO_DB_PASSWORD}
+      POSTGRES_DB: postgres
+
+  ferretdb:
+    # 🚨 Pin to a specific version. Updates can be breaking.
+    # https://github.com/FerretDB/FerretDB/pkgs/container/ferretdb
+    image: ghcr.io/ferretdb/ferretdb
+    labels:
+      komodo.skip: # Prevent Komodo from stopping with StopAllContainers
+    restart: unless-stopped
+    depends_on:
+      - postgres
+    # ports:
+    #   - 27017:27017
+    volumes:
+      - ferretdb-state:/state
+    environment:
+      FERRETDB_POSTGRESQL_URL: postgres://${KOMODO_DB_USERNAME}:${KOMODO_DB_PASSWORD}@postgres:5432/postgres
+
+  core:
+    image: ghcr.io/moghtech/komodo-core:${COMPOSE_KOMODO_IMAGE_TAG:-latest}
+    labels:
+      komodo.skip: # Prevent Komodo from stopping with StopAllContainers
+    restart: unless-stopped
+    depends_on:
+      - ferretdb
+    ports:
+      - 9120:9120
+    env_file: ./.env
+    environment:
+      KOMODO_DATABASE_ADDRESS: ferretdb:27017
+      KOMODO_DATABASE_USERNAME: ${KOMODO_DB_USERNAME}
+      KOMODO_DATABASE_PASSWORD: ${KOMODO_DB_PASSWORD}
+    volumes:
+      ## Store dated backups of the database - https://komo.do/docs/setup/backup
+      - ${COMPOSE_KOMODO_BACKUPS_PATH}:/backups
+      ## Store sync files on server
+      # - /path/to/syncs:/syncs
+      ## Optionally mount a custom core.config.toml
+      # - /path/to/core.config.toml:/config/config.toml
+    ## Allows for systemd Periphery connection at 
+    ## "https://host.docker.internal:8120"
+    # extra_hosts:
+    #   - host.docker.internal:host-gateway
+
+  ## Deploy Periphery container using this block,
+  ## or deploy the Periphery binary with systemd using 
+  ## https://github.com/moghtech/komodo/tree/main/scripts
+  periphery:
+    image: ghcr.io/moghtech/komodo-periphery:${COMPOSE_KOMODO_IMAGE_TAG:-latest}
+    labels:
+      komodo.skip: # Prevent Komodo from stopping with StopAllContainers
+    restart: unless-stopped
+    env_file: ./.env
+    volumes:
+      ## Mount external docker socket
+      - /var/run/docker.sock:/var/run/docker.sock
+      ## Allow Periphery to see processes outside of container
+      - /proc:/proc
+      ## Specify the Periphery agent root directory.
+      ## Must be the same inside and outside the container,
+      ## or docker will get confused. See https://github.com/moghtech/komodo/discussions/180.
+      ## Default: /etc/komodo.
+      - ${PERIPHERY_ROOT_DIRECTORY:-/etc/komodo}:${PERIPHERY_ROOT_DIRECTORY:-/etc/komodo}
+      - /home/ccalifice/compose-projects:/home/ccalifice/compose-projects
+
+volumes:
+  # Postgres
+  postgres-data:
+  # FerretDB
+  ferretdb-state:

memos/docker-compose.yml

@@ -5,5 +5,5 @@ services:
         ports:
             - 5230:5230
         volumes:
-            - ./memos/:/var/opt/memos
+            - /home/ccalifice/docker-data/memos:/var/opt/memos
         image: neosmemo/memos:stable

monitoring/.env

@@ -0,0 +1,6 @@
+# Variables defined here will be available to use anywhere in the config with the syntax ${MY_SECRET_TOKEN}
+# Note: making changes to this file requires re-running docker compose up
+MY_SECRET_TOKEN=09cjk13znm31asdnm36981238vasd52
+
+UPTIME_KUMA_URL=http://192.168.1.202:3001
+UPTIME_KUMA_STATUS_SLUG=external

monitoring/docker-compose.yml

@@ -0,0 +1,227 @@
+services:
+  scrutiny-influxdb:
+    container_name: scrutiny-influxdb
+    image: influxdb:2.1-alpine
+    ports:
+      - 8086:8086
+    volumes:
+      - /home/ccalifice/docker-data/monitoring/scrutiny/config/influxdb2/db:/var/lib/influxdb2
+      - /home/ccalifice/docker-data/monitoring/scrutiny/config/influxdb2/config:/etc/influxdb2
+    environment:
+      - DOCKER_INFLUXDB_INIT_MODE=setup
+      - DOCKER_INFLUXDB_INIT_USERNAME=Admin
+      - DOCKER_INFLUXDB_INIT_PASSWORD=asdf1234
+      - DOCKER_INFLUXDB_INIT_ORG=homelab
+      - DOCKER_INFLUXDB_INIT_BUCKET=scrutiny
+      - DOCKER_INFLUXDB_INIT_ADMIN_TOKEN=3249085v098scnm#386
+    restart: unless-stopped
+    networks:
+      - monitoring
+
+  scrutiny:
+    container_name: scrutiny
+    image: ghcr.io/analogj/scrutiny:master-web
+    ports:
+      - 8081:8080
+    volumes:
+      - /home/ccalifice/docker-data/monitoring/scrutiny/config/scrutiny/config:/opt/scrutiny/config
+    environment:
+      - SCRUTINY_WEB_INFLUXDB_HOST=scrutiny-influxdb
+      - SCRUTINY_WEB_INFLUXDB_PORT=8086
+      - SCRUTINY_WEB_INFLUXDB_TOKEN=3249085v098scnm#386
+      - SCRUTINY_WEB_INFLUXDB_ORG=homelab
+      - SCRUTINY_WEB_INFLUXDB_BUCKET=scrutiny
+      # Optional but highly recommended to notify you in case of a problem
+      - SCRUTINY_NOTIFY_URLS=["http://192.168.1.202:9898/SMART"]
+    depends_on:
+      - scrutiny-influxdb
+    restart: unless-stopped
+    networks:
+#      - notifications
+      - monitoring
+
+  glances:
+    #image: nicolargo/glances:3.4.0.5-full
+    image: nicolargo/glances:latest-full
+    container_name: glances
+    restart: unless-stopped
+    pid: host
+    ports:
+      - 61208:61208
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      # Uncomment the below line if you want glances to display host OS detail instead of container's
+      - /etc/os-release:/etc/os-release:ro      
+      - /:/host:ro
+    environment:
+      - "GLANCES_OPT=-w"
+
+  uptime-kuma:
+    image: louislam/uptime-kuma:2
+    container_name: uptime-kuma
+    volumes:
+      - /home/ccalifice/docker-data/monitoring/uptime-kuma/uptime-kuma-data:/app/data
+    ports:
+      - 3001:3001  # <Host Port>:<Container Port>
+    restart: unless-stopped
+    environment:
+      - TZ="America/Sao_Paulo"
+
+  ntfy:
+    image: binwiederhier/ntfy
+    container_name: ntfy
+    command:
+      - serve
+    environment:
+      - TZ=America/Sao_Paulo
+      - NTFY_ENABLE_LOGIN=true
+      - NTFY_AUTH_FILE=/var/lib/ntfy/auth.db
+      - NTFY_CACHE_FILE=/var/lib/ntfy/cache.db
+      - NTFY_BASE_URL=https://ntfy.ccalifice.com
+      - NTFY_AUTH_DEFAULT_ACCESS=deny-all
+      - NTFY_BEHIND_PROXY=true
+      - NTFY_ATTACHMENT_CACHE_DIR=/var/lib/ntfy/attachments
+    volumes:
+      - /home/ccalifice/docker-data/monitoring/ntfy/var/cache/ntfy:/var/cache/ntfy
+      - /home/ccalifice/docker-data/monitoring/ntfy/var/lib/ntfy/:/var/lib/ntfy/
+      - /home/ccalifice/docker-data/monitoring/ntfy/etc/ntfy:/etc/ntfy
+    ports:
+      - 9898:80
+    restart: unless-stopped
+    networks:
+      - caddy-net
+      - default
+
+  apprise:
+      container_name: apprise
+      ports:
+          - 8001:8000
+      volumes:
+          - /home/ccalifice/docker-data/monitoring/apprise/config:/config
+      image: caronc/apprise:latest
+      user: "1000:1002"
+
+  homepage:
+    image: ghcr.io/gethomepage/homepage:latest
+    container_name: homepage
+    environment:
+      PUID: 1000
+      PGID: 1002
+      HOMEPAGE_ALLOWED_HOSTS: 192.168.1.202:3000
+    ports:
+      - 3000:3000
+    volumes:
+      - /home/ccalifice/docker-data/monitoring/homepage/config:/app/config # Make sure your local config directory exists
+    restart: unless-stopped
+
+  # glance:
+  #   container_name: glance
+  #   image: glanceapp/glance
+  #   restart: unless-stopped
+  #   volumes:
+  #     - ./glance/config:/app/config
+  #     - ./glance/assets:/app/assets
+  #     - /etc/localtime:/etc/localtime:ro
+  #     # Optionally, also mount docker socket if you want to use the docker containers widget
+  #     - /var/run/docker.sock:/var/run/docker.sock:ro
+  #   ports:
+  #     - 3099:8080
+  #   env_file: .env
+
+
+##### Grafana 
+
+#   loki:
+#       container_name: loki
+#       image: grafana/loki:latest
+#       ports:
+#         - "3100:3100"
+#       command: -config.file=/etc/loki/local-config.yaml
+#       networks:
+#         - grafana
+
+#   promtail:
+#     container_name: promtail
+#     image: grafana/promtail:latest
+#     volumes:
+#       - /grafana/var/log:/var/log
+#     command: -config.file=/etc/promtail/config.yml
+#     networks:
+#       - grafana
+
+#   alloy:
+#     container_name: alloy
+#     image: grafana/alloy:latest
+#     profiles: ['alloy']
+#     volumes:
+#       - ./grafana/config/alloy:/etc/alloy
+
+#   grafana:
+#     environment:
+#       - GF_PATHS_PROVISIONING=/etc/grafana/provisioning
+# #      - GF_AUTH_ANONYMOUS_ENABLED=true
+# #      - GF_AUTH_ANONYMOUS_ORG_ROLE=Admin
+#       - GF_SECURITY_ADMIN_USER=ccalifice
+#       - GF_SECURITY_ADMIN_PASSWORD=asdf1234
+#       - GF_FEATURE_TOGGLES_ENABLE=alertingSimplifiedRouting,alertingQueryAndExpressionsStepMode
+#     entrypoint:
+#       - sh
+#       - -euc
+#       - |
+#         mkdir -p /etc/grafana/provisioning/datasources
+#         cat <<EOF > /etc/grafana/provisioning/datasources/ds.yaml
+#         apiVersion: 1
+#         datasources:
+#         - name: Loki
+#           type: loki
+#           access: proxy
+#           orgId: 1
+#           url: http://loki:3100
+#           basicAuth: false
+#           isDefault: true
+#           version: 1
+#           editable: false
+#         EOF
+#         /run.sh
+#     image: grafana/grafana:latest
+#     ports:
+#       - "3003:3000"
+#     networks:
+#       - grafana
+#     volumes:
+#       - ./grafana/data:/var/lib/grafana
+#     user: "1000:1002"
+#     container_name: grafana
+
+#   prometheus:
+#     image: prom/prometheus
+#     volumes:
+#       - "./grafana/prometheus.yml:/etc/prometheus/prometheus.yml"
+#       - ./grafana/prometheus-data:/prometheus
+#     networks:
+#       - grafana
+#     ports:
+#       - 9090:9090
+#     user: "1000:1002"
+#     container_name: prometheus
+
+
+#sudo docker plugin install grafana/loki-docker-driver:3.3.2-amd64 --alias loki --grant-all-permissions
+# {
+#     "debug" : true,
+#     "log-driver": "loki",
+#     "log-opts": {
+#         "loki-url": "http://192.168.1.202:3100/loki/api/v1/push",
+#         "loki-batch-size": "400"
+#     },
+# "insecure-registries":["192.168.1.202:6610"]
+# }
+
+
+networks:
+  caddy-net:
+    external: true
+    name: caddy-net
+  monitoring:
+    name: monitoring-net
+  

n8n/docker-compose.yml

@@ -1,14 +1,12 @@
 services:
   n8n:
-    image: n8nio/n8n
+    image: n8nio/n8n:stable
     container_name: n8n
     ports:
       - "5678:5678"
     environment:
       - N8N_SECURE_COOKIE=true
       - N8N_BASIC_AUTH_ACTIVE=true      
-      - N8N_BASIC_AUTH_USER=christoph.califice@hotmail.com
-      - N8N_BASIC_AUTH_PASSWORD=malvado6696
       - DB_TYPE=postgresdb
       - DB_POSTGRESDB_HOST=db
       - DB_POSTGRESDB_PORT=5432
@@ -22,33 +20,29 @@ services:
       - NODE_ENV=production
       - WEBHOOK_URL=https://${SUBDOMAIN}.${DOMAIN_NAME}/
       - GENERIC_TIMEZONE=${GENERIC_TIMEZONE}
+      - TZ=${GENERIC_TIMEZONE}
     volumes:
-      - ./n8n_data:/home/node/.n8n
-      - ./files:/files
+      - /home/ccalifice/docker-data/n8n/n8n_data:/home/node/.n8n
+      - /home/ccalifice/docker-data/n8n/files:/files
     depends_on:
       - db
     restart: unless-stopped
     networks:
       - caddy-net
-      - n8n-net
+      - default
 
   db:
-    image: postgres:12
+    image: postgres:16
     container_name: n8n-db
     volumes:
-      - ./db-data:/var/lib/postgresql/data
+      - /home/ccalifice/docker-data/n8n/db-data:/var/lib/postgresql/data
     environment:
       - POSTGRES_USER=n8n
       - POSTGRES_PASSWORD=n8n
       - POSTGRES_DB=n8n
     restart: unless-stopped
-    networks:
-      - n8n-net
 
 networks:
   caddy-net:
     external: true
     name: caddy-net
-  n8n-net:
-    name: n8n-net
-    driver: bridge

ntfy/docker-compose.yml

@@ -1,30 +0,0 @@
-services:
-  ntfy:
-    image: binwiederhier/ntfy
-    container_name: ntfy
-    command:
-      - serve
-    environment:
-      - TZ=America/Sao_Paulo    # optional: Change to your desired timezone
-    #user: UID:GID # optional: Set custom user/group or uid/gid
-      - NTFY_ENABLE_LOGIN=true
-      - NTFY_AUTH_FILE=/var/lib/ntfy/auth.db
-      - NTFY_CACHE_FILE=/var/lib/ntfy/cache.db
-      - NTFY_BASE_URL=https://ntfy.ccalifice.com
-      - NTFY_AUTH_DEFAULT_ACCESS=deny-all
-      - NTFY_BEHIND_PROXY=true
-      - NTFY_ATTACHMENT_CACHE_DIR=/var/lib/ntfy/attachments
-    volumes:
-      - ./var/cache/ntfy:/var/cache/ntfy
-      - ./var/lib/ntfy/:/var/lib/ntfy/
-      - ./etc/ntfy:/etc/ntfy
-    ports:
-      - 9898:80
-    restart: unless-stopped
-    networks:
-      - caddy-net
-
-networks:
-  caddy-net:
-    external: true
-    name: caddy-net

paperless/docker-compose.yml

@@ -1,24 +1,20 @@
 services:
   broker:
     container_name: paperless-broker
-    image: docker.io/library/redis:7
+    image: docker.io/library/redis:8
     restart: unless-stopped
     volumes:
-      - ./redisdata:/data
-    networks:
-      - paperless-net
+      - /home/ccalifice/docker-data/paperless/redisdata:/data
 
   db:
-    image: docker.io/library/postgres:15
+    image: docker.io/library/postgres:18
     restart: unless-stopped
     volumes:
-      - ./pgdata:/var/lib/postgresql/data
+      - /home/ccalifice/docker-data/paperless/pgdata:/var/lib/postgresql
     environment:
       POSTGRES_DB: paperless
       POSTGRES_USER: paperless
       POSTGRES_PASSWORD: paperless
-    networks:
-      - paperless-net
     container_name: paperless-db
 
   webserver:
@@ -32,16 +28,11 @@ services:
       - tika
     ports:
       - "8000:8000"
-    healthcheck:
-      test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8000"]
-      interval: 30s
-      timeout: 10s
-      retries: 5
     volumes:
-      - ./data:/usr/src/paperless/data
-      - ./media:/usr/src/paperless/media
-      - ./export:/usr/src/paperless/export
-      - ./consume:/usr/src/paperless/consume
+      - /home/ccalifice/docker-data/paperless/data:/usr/src/paperless/data
+      - /home/ccalifice/docker-data/paperless/media:/usr/src/paperless/media
+      - /home/ccalifice/docker-data/paperless/export:/usr/src/paperless/export
+      - /home/ccalifice/docker-data/paperless/consume:/usr/src/paperless/consume
     env_file: .docker-compose.env
     environment:
       PAPERLESS_REDIS: redis://broker:6379
@@ -56,28 +47,21 @@ services:
       USERMAP_UID: 1000
       USERMAP_GID: 1002
     networks:
-      - paperless-net
+      - default
       - caddy-net
 
   gotenberg:
-    image: docker.io/gotenberg/gotenberg:8.3.0
+    image: docker.io/gotenberg/gotenberg:8.25
     restart: unless-stopped
-    networks:
-      - paperless-net
     # The gotenberg chromium route is used to convert .eml files. We do not
     # want to allow external content like tracking pixels or even javascript.
     command:
       - "gotenberg"
       - "--chromium-disable-javascript=true"
       - "--chromium-allow-list=file:///tmp/.*"
-    container_name: gotenberg
-
   tika:
-    image: ghcr.io/paperless-ngx/tika:latest
+    image: docker.io/apache/tika:latest
     restart: unless-stopped
-    networks:
-      - paperless-net
-    container_name: tika
 
 networks:
   caddy-net:

scrutiny/docker-compose.yml

@@ -1,47 +0,0 @@
-networks:
-  monitoring: # A common network for all monitoring services to communicate into
-#    external: true
-#  notifications: # To Gotify or another Notification service
-#    external: true
-
-services:
-  influxdb:
-    container_name: scrutiny-influxdb
-    image: influxdb:2.1-alpine
-    ports:
-      - 8086:8086
-    volumes:
-      - ./config/influxdb2/db:/var/lib/influxdb2
-      - ./config/influxdb2/config:/etc/influxdb2
-    environment:
-      - DOCKER_INFLUXDB_INIT_MODE=setup
-      - DOCKER_INFLUXDB_INIT_USERNAME=Admin
-      - DOCKER_INFLUXDB_INIT_PASSWORD=asdf1234
-      - DOCKER_INFLUXDB_INIT_ORG=homelab
-      - DOCKER_INFLUXDB_INIT_BUCKET=scrutiny
-      - DOCKER_INFLUXDB_INIT_ADMIN_TOKEN=3249085v098scnm#386
-    restart: unless-stopped
-    networks:
-      - monitoring
-
-  scrutiny:
-    container_name: scrutiny
-    image: ghcr.io/analogj/scrutiny:master-web
-    ports:
-      - 8081:8080
-    volumes:
-      - ./config/scrutiny/config:/opt/scrutiny/config
-    environment:
-      - SCRUTINY_WEB_INFLUXDB_HOST=influxdb
-      - SCRUTINY_WEB_INFLUXDB_PORT=8086
-      - SCRUTINY_WEB_INFLUXDB_TOKEN=3249085v098scnm#386
-      - SCRUTINY_WEB_INFLUXDB_ORG=homelab
-      - SCRUTINY_WEB_INFLUXDB_BUCKET=scrutiny
-      # Optional but highly recommended to notify you in case of a problem
-      - SCRUTINY_NOTIFY_URLS=["http://http://192.168.1.202:9898/SMART"]
-    depends_on:
-      - influxdb
-    restart: unless-stopped
-    networks:
-#      - notifications
-      - monitoring

stirling-pdf/docker-compose.yml

@@ -1,31 +0,0 @@
-services:
-  stirling-pdf:
-    container_name: stirling-PDF
-    image: frooodle/s-pdf:latest
-    deploy:
-      resources:
-        limits:
-          memory: 4G
-    healthcheck:
-      test: ["CMD-SHELL", "curl -f http://localhost:8080/api/v1/info/status | grep -q 'UP' && curl -fL http://localhost:8080/ | grep -qv 'Please sign in'"]
-      interval: 5s
-      timeout: 10s
-      retries: 16
-    ports:
-      - "8585:8080"
-    volumes:
-      - ./data:/usr/share/tessdata:rw
-      - ./config:/configs:rw
-      - ./logs:/logs:rw
-    environment:
-      DOCKER_ENABLE_SECURITY: "false"
-      SECURITY_ENABLELOGIN: "false"
-      LANGS: "en_GB,en_US,ar_AR,de_DE,fr_FR,es_ES,zh_CN,zh_TW,ca_CA,it_IT,sv_SE,pl_PL,ro_RO,ko_KR,pt_BR,ru_RU,el_GR,hi_IN,hu_HU,tr_TR,id_ID"
-      SYSTEM_DEFAULTLOCALE: en-US
-      UI_APPNAME: Stirling-PDF
-      UI_HOMEDESCRIPTION: Stirling-PDF
-      UI_APPNAMENAVBAR: Stirling-PDF Latest
-      SYSTEM_MAXFILESIZE: "100"
-      METRICS_ENABLED: "true"
-      SYSTEM_GOOGLEVISIBILITY: "true"
-    restart: on-failure:5

termix/docker-compose.yml

@@ -0,0 +1,28 @@
+services:
+  termix:
+    image: ghcr.io/lukegus/termix:latest
+    container_name: termix
+    restart: unless-stopped
+    ports:
+      - "8090:8080"
+    volumes:
+      - /home/ccalifice/docker-data/termix/termix-data:/app/data
+    environment:
+      PORT: "8080"
+    depends_on:
+      - guacd
+    networks:
+      - termix-net
+
+  guacd:
+    image: guacamole/guacd:latest
+    container_name: guacd
+    restart: unless-stopped
+    ports:
+      - "4822:4822"
+    networks:
+      - termix-net
+
+networks:
+  termix-net:
+    driver: bridge

uptime-kuma/docker-compose.yml

@@ -1,13 +0,0 @@
-# Simple docker-compose.yml
-# You can change your port or volume location
-services:
-  uptime-kuma:
-    image: louislam/uptime-kuma:1
-    container_name: uptime-kuma
-    volumes:
-      - ./uptime-kuma-data:/app/data
-    ports:
-      - 3001:3001  # <Host Port>:<Container Port>
-    restart: always
-    environment:
-      - TZ="America/Sao_Paulo"

utils/docker-compose.yml

@@ -0,0 +1,36 @@
+name: utils
+services:
+  cyberchef:
+    ports:
+      - 8383:80
+    image: ghcr.io/gchq/cyberchef:latest
+    restart: unless-stopped
+    container_name: cyberchef
+
+  stirling-pdf:
+    image: stirlingtools/stirling-pdf:latest
+    container_name: stirling-pdf
+    ports:
+      - '8585:8080'
+    volumes:
+      - /home/ccalifice/docker-data/utils/stirling-data/tessdata:/usr/share/tessdata  # OCR language files
+      - /home/ccalifice/docker-data/utils/stirling-data/configs:/configs               # Settings & database
+      - /home/ccalifice/docker-data/utils/stirling-data/logs:/logs                     # Application logs
+      - /home/ccalifice/docker-data/utils/stirling-data/pipeline:/pipeline             # Automation configs
+    environment:
+      - SECURITY_ENABLELOGIN=false    # Set true to enable user authentication
+      - LANGS=en_GB,pt_BR                   # Interface language
+    restart: unless-stopped
+
+  wallos:
+    container_name: wallos
+    image: bellamy/wallos:latest
+    ports:
+      - "8484:80/tcp"
+    environment:
+      TZ: 'America/Sao_Paulo'
+    # Volumes store your data between container upgrades
+    volumes:
+      - '/home/ccalifice/docker-data/utils/wallos/db:/var/www/html/db'
+      - '/home/ccalifice/docker-data/utils/wallos/logos:/var/www/html/images/uploads/logos'
+    restart: unless-stopped

vaultwarden/.env

@@ -1,4 +1,4 @@
-DOMAIN=http://vaultwarden.ccalifice.com/
+DOMAIN=https://vaultwarden.ccalifice.com/
 ADMIN_TOKEN=yuioqzkjiouqeiu3948sdnasdnmk239!!!asdakj&&
 WEB_VAULT_ENABLED=true
 WEBSOCKET_ENABLED=true

vaultwarden/docker-compose.yml

@@ -4,8 +4,16 @@ services:
     container_name: vaultwarden
     restart: unless-stopped
     volumes:
-      - ./vw-data:/data
+      - /home/ccalifice/docker-data/vaultwarden/vw-data:/data
     ports:
       - 8080:80
     env_file:
       - .env
+    networks:
+      - caddy-net
+
+
+networks:
+  caddy-net:
+    name: caddy-net
+    external: true

vikunja/docker-compose.yml

@@ -13,7 +13,7 @@ services:
     ports:
       - 3456:3456
     volumes:
-      - ./files:/app/vikunja/files
+      - /home/ccalifice/docker-data/vikunja/files:/app/vikunja/files
     depends_on:
       db:
         condition: service_healthy
@@ -28,7 +28,7 @@ services:
       POSTGRES_PASSWORD: ejcurt!898f!
       POSTGRES_USER: vikunja
     volumes:
-      - ./db:/var/lib/postgresql/data
+      - /home/ccalifice/docker-data/vikunja/db:/var/lib/postgresql/data
     restart: unless-stopped
     healthcheck:
       test: ["CMD-SHELL", "pg_isready -h localhost -U $$POSTGRES_USER"]