kelin/EZ-Homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Update EZ-Homelab configurations and documentation

Browse Source 
- Update .env.example with latest environment variables
- Enhance homepage dashboard configurations and templates
- Improve Traefik routing templates for external hosts
- Update docker-compose files for dashboards and infrastructure
- Add comprehensive TUI documentation and PRD
- Add new Homelab-Audit documentation
- Remove outdated release notes
This commit is contained in:
kelinfoxy
2026-01-28 21:56:33 -05:00
parent bb19aeb9b1
commit 7b4f562c68
70 changed files with 5982 additions and 828 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
.env.example
View File

@@ -7,9 +7,16 @@ PGID=1000
TZ=America/New_York
# Configuration for this server
SERVER_IP=192.168.1.100
SERVER_HOSTNAME=debian # used for Sablier group naming
# Optional configuration for a second server
REMOTE_SERVER_IP=your.remote.ip.address
REMOTE_SERVER_HOSTNAME=your-remote-server
REMOTE_SERVER_USER=${DEFAULT_USER}
REMOTE_SERVER_PASSWORD=${DEFAULT_PASSWORD}
# Domain & DuckDNS Configuration
DUCKDNS_SUBDOMAINS=yourdomain # Without .duckdns.org
DOMAIN=${DUCKDNS_SUBDOMAINS}.duckdns.org

366
EZ-Homelab TUI-Deployment-Script.md Normal file
View File

@@ -0,0 +1,366 @@
# EZ-Homelab TUI Deployment Script
## Script Launch Options
**Command Line Arguments:**
- No arguments: Interactive TUI mode
- `--yes` or `-y`: Automated deployment using complete .env file
- `--save-only`: Answer questions and save .env without deploying
- `--help`: Show help information
## .env File Structure Enhancement
Add deployment configuration section to .env:
```bash
# ... existing configuration ...
##################################################
# DEPLOYMENT CONFIGURATION (Optional - for automated deployment)
# Set these values to skip the TUI and use --yes for automated install
##################################################
# Deployment Type: SINGLE_SERVER, CORE_SERVER, REMOTE_SERVER
DEPLOYMENT_TYPE=SINGLE_SERVER
# Service Selection (true/false)
DEPLOY_DOCKGE=true
DEPLOY_CORE=true
DEPLOY_INFRASTRUCTURE=true
DEPLOY_DASHBOARDS=true
PREPARE_VPN=true
PREPARE_MEDIA=true
PREPARE_MEDIA_MGMT=true
PREPARE_TRANSCODERS=true
PREPARE_HOMEASSISTANT=true
PREPARE_PRODUCTIVITY=true
PREPARE_MONITORING=true
PREPARE_UTILITIES=true
PREPARE_WIKIS=true
PREPARE_ALTERNATIVES=false
# System Configuration
INSTALL_DOCKER=true
INSTALL_NVIDIA=true
AUTO_REBOOT=true
```
## Pre-Flight Checks (Before TUI)
**System Prerequisites Check:**
- Check OS compatibility (Ubuntu/Debian)
- Check if running as root or with sudo
- Check internet connectivity
- Check available disk space (>10GB)
- Check system architecture (amd64/arm64)
**Docker Check:**
- Check if Docker is installed and running
- Check if user is in docker group
- If not installed: Prompt to install Docker
- If installed but user not in group: Add user to group
**NVIDIA GPU Detection:**
- Check for NVIDIA GPU presence (`lspci | grep -i nvidia`)
- If GPU detected: Check for existing drivers
- Check for NVIDIA Container Toolkit
- If missing: Prompt to install drivers and toolkit
- Detect GPU model for correct driver version
**Dependency Installation:**
- Install required packages: `curl wget git htop nano ufw fail2ban unattended-upgrades apt-listchanges sshpass`
- Update system packages
- Install Python dependencies for TUI: `rich questionary python-dotenv`
## Enhanced Question Flow
## Initial Setup Check
**Question 0: Environment File Check**
- Type: `confirm`
- Message: "Found existing .env file with configuration. Use existing values where available?"
- Default: true
- Condition: Only show if .env exists and has valid values
**Question 0.5: Complete Configuration Check**
- Type: `confirm`
- Message: "Your .env file appears to be complete. Skip questions and proceed with deployment?"
- Default: true
- Condition: Only show if all required values are present and valid
## System Setup Questions
**Question 0.6: Docker Installation**
- Type: `confirm`
- Message: "Docker is not installed. Install Docker now?"
- Default: true
- Condition: Only show if Docker not detected
**Question 0.7: NVIDIA Setup**
- Type: `confirm`
- Message: "NVIDIA GPU detected. Install NVIDIA drivers and Container Toolkit?"
- Default: true
- Condition: Only show if GPU detected but drivers/toolkit missing
**Question 0.8: Auto Reboot**
- Type: `confirm`
- Message: "Some installations require a system reboot. Reboot automatically when needed?"
- Default: false
- Note: Warns about potential logout requirement for docker group changes
## Initial Setup Check
## Deployment Scenario Selection
**Question 1: Deployment Type**
- Type: `select` (single choice)
- Message: "Choose your Deployment Scenario"
- Choices:
- "🚀 Single Server Full Deployment - Deploy everything (Dockge, Core, Infrastructure, Dashboards) and prepare all stacks for Dockge"
- "🏗️ Core Server Deployment - Deploy only core infrastructure (Dockge, Core, Dashboards) and prepare all stacks for Dockge"
- "🔧 Remote Server Deployment - Deploy infrastructure tools (Dockge, Infrastructure, Dashboards) without core services and prepare all stacks for Dockge"
- Default: First option
## Basic Configuration (Conditional - skip if valid values exist)
**Question 2: Domain Setup**
- Type: `text`
- Message: "Enter your DuckDNS subdomain (without .duckdns.org)"
- Default: From .env or "example"
- Validation: Required, alphanumeric + hyphens only
- Condition: Skip if valid DOMAIN exists in .env
**Question 3: DuckDNS Token**
- Type: `password`
- Message: "Enter your DuckDNS token"
- Validation: Required
- Condition: Skip if valid DUCKDNS_TOKEN exists in .env
**Question 4: Server IP Address**
- Type: `text`
- Message: "Enter this server's IP address"
- Default: From .env or auto-detected local IP
- Validation: Valid IP address format
- Condition: Skip if valid SERVER_IP exists in .env
**Question 5: Server Hostname**
- Type: `text`
- Message: "Enter this server's hostname"
- Default: From .env or auto-detected hostname
- Validation: Required
- Condition: Skip if valid SERVER_HOSTNAME exists in .env
**Question 6: Timezone**
- Type: `text`
- Message: "Enter your timezone"
- Default: From .env or "America/New_York"
- Validation: Valid timezone format
- Condition: Skip if valid TZ exists in .env
## Admin Credentials (Conditional - only for deployments with Core, skip if valid)
**Question 7: Admin Username**
- Type: `text`
- Message: "Enter admin username for Authelia SSO"
- Default: From .env or "admin"
- Validation: Required, alphanumeric only
- Condition: Only show if deployment includes core services AND no valid AUTHELIA_ADMIN_USER exists
**Question 8: Admin Email**
- Type: `text`
- Message: "Enter admin email for Authelia SSO"
- Default: From .env or "admin@{domain}"
- Validation: Valid email format
- Condition: Only show if deployment includes core services AND no valid AUTHELIA_ADMIN_EMAIL exists
**Question 9: Admin Password**
- Type: `password`
- Message: "Enter admin password for Authelia SSO (will be hashed)"
- Validation: Minimum 8 characters
- Condition: Only show if deployment includes core services AND no valid AUTHELIA_ADMIN_PASSWORD exists
## Multi-Server Configuration (Conditional - only for Remote Server Deployment, skip if valid)
**Question 10: Core Server IP**
- Type: `text`
- Message: "Enter the IP address of your core server (for shared TLS CA)"
- Default: From .env
- Validation: Valid IP address format
- Condition: Only show for Remote Server Deployment AND no valid REMOTE_SERVER_IP exists
**Question 11: Core Server SSH User**
- Type: `text`
- Message: "Enter SSH username for core server access"
- Default: From .env or current user
- Validation: Required
- Condition: Only show for Remote Server Deployment AND no valid REMOTE_SERVER_USER exists
**Question 12: Core Server SSH Password**
- Type: `password`
- Message: "Enter SSH password for core server (leave empty if using SSH keys)"
- Validation: Optional
- Condition: Only show for Remote Server Deployment AND no valid REMOTE_SERVER_PASSWORD exists
## Optional Advanced Configuration (skip if valid values exist)
**Question 13: VPN Setup**
- Type: `confirm`
- Message: "Would you like to configure VPN for download services?"
- Default: true if VPN credentials exist in .env, false otherwise
- Condition: Skip if user explicitly chooses to configure later
**Question 14: Surfshark Username** (Conditional)
- Type: `text`
- Message: "Enter your Surfshark VPN username"
- Default: From .env
- Validation: Required
- Condition: Only show if VPN setup = true AND no valid SURFSHARK_USERNAME exists
**Question 15: Surfshark Password** (Conditional)
- Type: `password`
- Message: "Enter your Surfshark VPN password"
- Validation: Required
- Condition: Only show if VPN setup = true AND no valid SURFSHARK_PASSWORD exists
**Question 16: VPN Server Country**
- Type: `text`
- Message: "Preferred VPN server country"
- Default: From .env or "Netherlands"
- Condition: Only show if VPN setup = true AND no valid VPN_SERVER_COUNTRIES exists
**Question 17: Custom User/Group IDs**
- Type: `confirm`
- Message: "Use custom PUID/PGID for file permissions? (Default: 1000/1000)"
- Default: true if custom PUID/PGID exist in .env, false otherwise
**Question 18: PUID** (Conditional)
- Type: `text`
- Message: "Enter PUID (user ID)"
- Default: From .env or "1000"
- Validation: Numeric
- Condition: Only show if custom IDs = true AND no valid PUID exists
**Question 19: PGID** (Conditional)
- Type: `text`
- Message: "Enter PGID (group ID)"
- Default: From .env or "1000"
- Validation: Numeric
- Condition: Only show if custom IDs = true AND no valid PGID exists
## Service Selection Summary (for all deployment types)
**Question 20: Core Services Selection**
- Type: `checkbox` (multi-select)
- Message: "Select which core services to deploy:"
- Choices: (based on deployment type)
- Single Server: [✓] DuckDNS, [✓] Traefik, [✓] Authelia, [✓] Sablier, [✓] Dockge
- Core Server: [✓] DuckDNS, [✓] Traefik, [✓] Authelia, [✓] Sablier, [✓] Dockge
- Remote Server: [ ] DuckDNS, [ ] Traefik, [ ] Authelia, [ ] Sablier, [✓] Dockge
- Default: All enabled for selected deployment type
- Note: Core services are required for the selected deployment type
**Question 21: Infrastructure Services Selection**
- Type: `checkbox` (multi-select)
- Message: "Select which infrastructure services to deploy:"
- Choices:
- [✓] Pi-hole (DNS + Ad blocking)
- [✓] Watchtower (Auto container updates)
- [✓] Dozzle (Docker log viewer)
- [✓] Glances (System monitoring)
- [✓] Code Server (VS Code in browser)
- [✓] Docker Proxy (Secure socket access)
- Default: All enabled
- Condition: Always shown, but some may be pre-selected based on deployment type
**Question 22: Dashboard Services Selection**
- Type: `checkbox` (multi-select)
- Message: "Select which dashboard services to deploy:"
- Choices:
- [✓] Homepage (App dashboard)
- [ ] Homarr (Modern dashboard)
- Default: Homepage enabled, Homarr disabled
- Condition: Always shown
**Question 23: Additional Stacks to Prepare**
- Type: `checkbox` (multi-select)
- Message: "Select which additional service stacks to prepare for Dockge:"
- Choices:
- [✓] VPN (qBittorrent with VPN)
- [✓] Media (Jellyfin, Calibre-Web)
- [✓] Media Management (*arr services, Prowlarr)
- [✓] Transcoders (Tdarr, Unmanic)
- [✓] Home Automation (Home Assistant, Node-RED, Zigbee2MQTT)
- [✓] Productivity (Nextcloud, Gitea, Mealie)
- [✓] Monitoring (Prometheus, Grafana, Uptime Kuma)
- [✓] Utilities (Vaultwarden, Backrest, Duplicati)
- [✓] Wikis (DokuWiki, BookStack, MediaWiki)
- [ ] Alternatives (Portainer, Authentik, Plex)
- Default: All enabled except Alternatives
- Note: These stacks will be copied to /opt/stacks/ but not started
## Confirmation and Summary
**Question 24: Configuration Review**
- Type: `confirm`
- Message: "Review and confirm the following configuration:\n\n[Display formatted summary of all settings and selected services]\n\nProceed with deployment?"
- Default: true
**Question 25: Deployment Action**
- Type: `select`
- Message: "What would you like to do?"
- Choices:
- "🚀 Proceed with deployment"
- "💾 Save configuration to .env and exit (no deployment)"
- "🔄 Change configuration values"
- "❌ Exit without saving"
- Default: First option
- Condition: Only show if user declines deployment confirmation in Question 24
**Question 26: Save Location** (Conditional)
- Type: `text`
- Message: "Enter filename to save configuration (leave empty for .env)"
- Default: ".env"
- Validation: Valid filename
- Condition: Only show if user chooses "Save configuration" in Question 25
## Post-Deployment Options
**Auto-Reboot Handling:**
- If AUTO_REBOOT=true and reboot required: Automatically reboot at end
- If AUTO_REBOOT=false and reboot required: Display manual reboot instructions
- If no reboot required: Display success message and access URLs
## One-Step Installation Strategy
**Installation Order (to minimize reboots):**
1. System updates and package installation (no reboot needed)
2. Docker installation and user group addition (may require logout)
3. NVIDIA driver installation (requires reboot)
4. NVIDIA Container Toolkit (no additional reboot)
5. Python dependencies (no reboot)
6. EZ-Homelab deployment (no reboot)
**Reboot Optimization:**
- Detect what requires reboot vs logout vs nothing
- Perform all non-reboot actions first
- Group reboot-requiring actions together
- Use `newgrp docker` or similar to avoid logout for group changes
- Only reboot once at the end if needed
**Logout Avoidance Techniques:**
- Use `sg docker -c "command"` to run commands as docker group member
- Reload systemd without full reboot for some services
- Update environment variables in current session
- Use `exec su -l $USER` to reload user environment
This approach ensures maximum convenience for users while handling all the complex system setup requirements.
This question flow ensures:
- **Logical progression**: Basic setup first, then conditional advanced options
- **Clear validation**: Each question validates input appropriately
- **Conditional logic**: Questions only appear when relevant to the selected deployment type
- **Security**: Passwords are properly masked
- **User experience**: Clear messages and sensible defaults
- **Error prevention**: Validation prevents common configuration mistakes
The TUI would then proceed to perform the actual deployment based on the collected configuration.

397
EZ-Homelab TUI-PRD.md Normal file
View File

@@ -0,0 +1,397 @@
# EZ-Homelab TUI Deployment Script - Product Requirements Document
## Executive Summary
The EZ-Homelab TUI Deployment Script is a modern, user-friendly replacement for the existing complex bash deployment script. It provides an interactive terminal user interface (TUI) for deploying and managing a comprehensive homelab infrastructure using Docker Compose stacks, with support for automated deployment via configuration files.
## Objectives
### Primary Objectives
- Replace the complex 1000+ line bash script with a maintainable Python TUI application
- Provide three distinct deployment scenarios: Single Server Full, Core Server, and Remote Server
- Enable both interactive and fully automated deployment workflows
- Handle complete system setup including Docker and NVIDIA GPU configuration
- Ensure maximum user convenience by minimizing required logouts/reboots
### Secondary Objectives
- Improve user experience with modern TUI design using Rich + Questionary
- Provide flexible service selection and configuration options
- Support save-only mode for configuration preparation
- Include comprehensive validation and error handling
- Maintain backward compatibility with existing .env configurations
## Target Users
### Primary Users
- **Homelab Enthusiasts**: Users setting up personal server infrastructure
- **Self-Hosters**: Individuals deploying media servers, productivity tools, and monitoring
- **System Administrators**: Those managing small-scale server deployments
### User Personas
1. **Alex the Homelab Beginner**: New to self-hosting, needs guided setup with sensible defaults
2. **Jordan the Power User**: Experienced user who wants fine-grained control over service selection
3. **Sam the DevOps Engineer**: Needs automated deployment for multiple servers, prefers configuration files
### Technical Requirements
- Ubuntu/Debian Linux systems (primary target)
- Basic command-line familiarity
- Internet access for package downloads
- Administrative privileges (sudo access)
## Functional Requirements
### Core Features
#### 1. Deployment Scenarios
**FR-DEP-001**: Support three deployment scenarios
- Single Server Full: Deploy all core, infrastructure, and dashboard services
- Core Server: Deploy only core infrastructure and dashboards
- Remote Server: Deploy infrastructure and dashboards without core services
**FR-DEP-002**: Automated scenario selection based on user choice
- Pre-select appropriate services for each scenario
- Allow user customization within scenario constraints
#### 2. Configuration Management
**FR-CONF-001**: Load existing .env configuration
- Parse existing .env file on startup
- Validate configuration completeness
- Pre-populate TUI defaults with existing values
**FR-CONF-002**: Support deployment configuration section in .env
- Parse [DEPLOYMENT] section with service selections
- Enable fully automated deployment with --yes flag
- Validate deployment configuration completeness
**FR-CONF-003**: Interactive configuration collection
- Skip questions for valid existing values
- Provide sensible defaults for all settings
- Validate user input in real-time
#### 3. System Setup & Prerequisites
**FR-SYS-001**: Pre-flight system checks
- OS compatibility (Ubuntu/Debian)
- Available disk space (>10GB)
- Internet connectivity
- System architecture validation
**FR-SYS-002**: Docker installation and configuration
- Detect existing Docker installation
- Install Docker if missing
- Add user to docker group
- Avoid requiring logout through smart command execution
**FR-SYS-003**: NVIDIA GPU support
- Detect NVIDIA GPU presence
- Install official NVIDIA drivers using official installers
- Install NVIDIA Container Toolkit
- Handle reboot requirements intelligently
**FR-SYS-004**: Dependency management
- Install required system packages
- Install Python dependencies (Rich, Questionary, python-dotenv)
- Update system packages as needed
#### 4. Service Selection & Customization
**FR-SVC-001**: Core services selection
- Display scenario-appropriate core services
- Allow include/exclude for flexibility
- Enforce minimum requirements for each scenario
**FR-SVC-002**: Infrastructure services selection
- Provide checkbox interface for all infrastructure services
- Include descriptions and default selections
- Allow complete customization
**FR-SVC-003**: Additional stacks preparation
- Multi-select interface for optional service stacks
- Copy selected stacks to /opt/stacks/ without starting
- Enable later deployment via Dockge
#### 5. User Interface & Experience
**FR-UI-001**: Interactive TUI design
- Use Rich + Questionary for modern terminal interface
- Provide clear, descriptive prompts
- Include help text and validation messages
**FR-UI-002**: Conditional question flow
- Show questions only when relevant
- Skip questions with valid existing values
- Provide logical question progression
**FR-UI-003**: Configuration summary and confirmation
- Display formatted summary of all settings
- Allow review before proceeding
- Provide options to save, change, or exit
#### 6. Deployment Execution
**FR-DEP-003**: One-step deployment process
- Handle all installation and deployment in single script run
- Minimize required logouts/reboots
- Provide clear progress indication
**FR-DEP-004**: Smart reboot handling
- Detect what requires reboot vs logout vs nothing
- Perform reboot-requiring actions last
- Support both automatic and manual reboot options
**FR-DEP-005**: Error handling and recovery
- Provide clear error messages
- Allow recovery from partial failures
- Maintain configuration state across retries
### Command Line Interface
#### Launch Options
**FR-CLI-001**: Support multiple launch modes
- Interactive mode (default): Full TUI experience
- Automated mode (--yes): Use complete .env configuration
- Save-only mode (--save-only): Collect configuration without deploying
- Help mode (--help): Display usage information
#### Configuration Output
**FR-CLI-002**: Flexible configuration saving
- Save to .env by default
- Allow custom filename specification
- Preserve existing .env structure and comments
## Non-Functional Requirements
### Performance
**NFR-PERF-001**: Fast startup and validation
- Complete pre-flight checks within 30 seconds
- Validate .env file parsing within 5 seconds
- Provide responsive TUI interaction
**NFR-PERF-002**: Efficient deployment
- Complete full deployment within 15-30 minutes
- Provide real-time progress indication
- Handle large downloads gracefully
### Reliability
**NFR-REL-001**: Robust error handling
- Graceful handling of network failures
- Clear error messages with recovery suggestions
- Maintain system stability during installation
**NFR-REL-002**: Configuration validation
- Validate all user inputs before proceeding
- Check for conflicting configurations
- Prevent deployment with invalid settings
### Usability
**NFR-USAB-001**: Intuitive interface design
- Clear, descriptive prompts and help text
- Logical question flow and grouping
- Consistent terminology and formatting
**NFR-USAB-002**: Accessibility considerations
- Support keyboard navigation
- Provide clear visual feedback
- Include progress indicators for long operations
### Security
**NFR-SEC-001**: Secure credential handling
- Mask password inputs in TUI
- Store credentials securely in .env
- Validate certificate and token formats
**NFR-SEC-002**: Safe system modifications
- Require explicit user confirmation for system changes
- Provide clear warnings for potentially disruptive actions
- Maintain secure file permissions
### Compatibility
**NFR-COMP-001**: OS compatibility
- Primary support for Ubuntu 20.04+ and Debian 11+
- Graceful handling of different package managers
- Architecture support for amd64 and arm64
**NFR-COMP-002**: Backward compatibility
- Read existing .env files without modification
- Support legacy configuration formats
- Provide migration path for old configurations
## Technical Requirements
### Technology Stack
**TR-TECH-001**: Core technologies
- Python 3.8+ as runtime environment
- Rich library for terminal formatting
- Questionary library for interactive prompts
- python-dotenv for configuration parsing
**TR-TECH-002**: System integration
- Docker and Docker Compose for container management
- systemd for service management
- apt/dpkg for package management
- Official NVIDIA installation tools
### Architecture
**TR-ARCH-001**: Modular design
- Separate concerns for UI, validation, and deployment
- Configurable question flow engine
- Pluggable deployment modules
**TR-ARCH-002**: State management
- Maintain configuration state throughout TUI flow
- Support save/restore of partial configurations
- Handle interruption and resumption gracefully
### Dependencies
**TR-DEPS-001**: Python packages
- rich>=12.0.0
- questionary>=1.10.0
- python-dotenv>=0.19.0
- pyyaml>=6.0 (for configuration parsing)
**TR-DEPS-002**: System packages
- curl, wget, git (for downloads and version control)
- htop, nano, vim (system monitoring and editing)
- ufw, fail2ban (security)
- unattended-upgrades, apt-listchanges (system maintenance)
- sshpass (for multi-server setup)
## User Experience Requirements
### Onboarding Flow
**UX-ONB-001**: First-time user experience
- Clear welcome message and overview
- Guided setup with sensible defaults
- Help text for each question
**UX-ONB-002**: Returning user experience
- Load existing configuration automatically
- Skip redundant questions
- Provide quick confirmation for known setups
### Interaction Patterns
**UX-INT-001**: Question flow optimization
- Group related questions together
- Provide progress indication
- Allow backtracking and editing
**UX-INT-002**: Feedback and validation
- Real-time input validation
- Clear error messages with suggestions
- Success confirmations for completed steps
### Error Recovery
**UX-ERR-001**: Graceful error handling
- Clear error descriptions
- Suggested recovery actions
- Option to retry or modify configuration
**UX-ERR-002**: Partial failure recovery
- Save progress on interruption
- Allow resumption from last completed step
- Provide rollback options where possible
## Success Criteria
### Functional Completeness
- [ ] All three deployment scenarios work correctly
- [ ] Automated deployment with --yes flag functions
- [ ] Save-only mode preserves configuration
- [ ] Docker and NVIDIA installation work reliably
- [ ] Service selection and customization work as specified
### User Experience
- [ ] TUI is intuitive and responsive
- [ ] Configuration validation prevents errors
- [ ] Error messages are helpful and actionable
- [ ] Deployment completes without requiring logout/reboot (except when absolutely necessary)
### Technical Quality
- [ ] Code is well-structured and maintainable
- [ ] Comprehensive error handling implemented
- [ ] Configuration parsing is robust
- [ ] System integration works reliably across Ubuntu/Debian versions
### Performance Targets
- [ ] Pre-flight checks complete within 30 seconds
- [ ] TUI startup within 5 seconds
- [ ] Full deployment completes within 30 minutes
- [ ] Memory usage remains under 200MB during execution
## Implementation Plan
### Phase 1: Core Infrastructure (Week 1-2)
- Set up Python project structure
- Implement basic TUI framework with Rich + Questionary
- Create configuration parsing and validation
- Implement pre-flight system checks
### Phase 2: System Setup (Week 3-4)
- Implement Docker installation and configuration
- Add NVIDIA GPU detection and official driver installation
- Create dependency management system
- Implement smart reboot/logout handling
### Phase 3: Configuration Management (Week 5-6)
- Build dynamic question flow engine
- Implement .env parsing and [DEPLOYMENT] section support
- Create configuration validation system
- Add save-only functionality
### Phase 4: Deployment Logic (Week 7-8)
- Implement deployment scenario logic
- Create service selection and preparation system
- Build deployment execution engine
- Add progress indication and error handling
### Phase 5: Testing & Polish (Week 9-10)
- Comprehensive testing across Ubuntu/Debian versions
- User experience testing and refinement
- Documentation and help system
- Performance optimization
## Dependencies & Constraints
### External Dependencies
- **NVIDIA Official Installers**: Must use official NVIDIA installation methods
- **Docker Official Installation**: Use official Docker installation scripts
- **Ubuntu/Debian Package Repositories**: Rely on standard package sources
### Technical Constraints
- **Python Version**: Minimum Python 3.8 required for modern type hints
- **Terminal Compatibility**: Must work in standard Linux terminals
- **Network Requirements**: Internet access required for downloads
- **Privilege Requirements**: sudo access required for system modifications
### Business Constraints
- **Open Source**: Must remain free and open source
- **Backward Compatibility**: Should not break existing .env files
- **Documentation**: Comprehensive documentation required
- **Community Support**: Should be maintainable by community contributors
## Risk Assessment
### High Risk Items
- **NVIDIA Installation**: Complex driver installation across different GPU models
- **Reboot Handling**: Ensuring one-step installation without logout requirements
- **Configuration Validation**: Complex validation logic for interdependent settings
### Mitigation Strategies
- **Testing**: Extensive testing on multiple hardware configurations
- **Fallback Options**: Provide manual installation instructions as backup
- **Modular Design**: Allow components to be disabled/enabled independently
- **User Communication**: Clear warnings and alternative options for complex scenarios
## Future Enhancements
### Planned Features
- Support for additional Linux distributions
- Web-based configuration interface
- Integration with configuration management tools
- Advanced deployment templates and presets
### Maintenance Considerations
- Regular updates for new NVIDIA driver versions
- Compatibility testing with new Ubuntu/Debian releases
- Community contribution guidelines and testing frameworks
---
*This PRD serves as the authoritative specification for the EZ-Homelab TUI Deployment Script. All development decisions should reference this document to ensure alignment with user requirements and technical constraints.*</content>
<parameter name="filePath">c:\Users\kelin\Documents\Apps\GitHub\EZ-Homelab\EZ-Homelab TUI-PRD.md

219
README-TUI.md Normal file
View File

@@ -0,0 +1,219 @@
# EZ-Homelab TUI Deployment Script
A modern, user-friendly Terminal User Interface (TUI) replacement for the complex bash deployment script. Built with Python, Rich, and Questionary for an intuitive setup experience.
## Features
- **Interactive TUI**: Beautiful terminal interface with conditional question flow
- **Automated Deployment**: Use `--yes` flag for hands-free deployment with complete .env file
- **Save-Only Mode**: Configure without deploying using `--save-only` flag
- **Smart Validation**: Pre-flight checks ensure system readiness
- **Three Deployment Scenarios**:
- Single Server Full: Deploy everything (core + infrastructure + dashboards)
- Core Server: Deploy only essential services
- Remote Server: Deploy infrastructure for multi-server setups
- **Flexible Service Selection**: Choose which services to deploy and prepare for Dockge
## Quick Start
### Prerequisites
- Ubuntu 20.04+ or Debian 11+
- Python 3.8+
- Internet connection
- DuckDNS account (for dynamic DNS)
### Installation
1. **Clone the repository:**
```bash
git clone https://github.com/kelinfoxy/EZ-Homelab.git
cd EZ-Homelab
```
2. **Install dependencies:**
```bash
pip install -r requirements.txt
```
3. **Copy environment template:**
```bash
cp .env.example .env
```
### Usage
#### Interactive Setup (Recommended)
```bash
python ez-homelab-tui.py
```
#### Automated Deployment
```bash
# Complete your .env file first, then:
python ez-homelab-tui.py --yes
```
#### Save Configuration Only
```bash
python ez-homelab-tui.py --save-only
```
## Command Line Options
- No flags: Interactive TUI mode
- `--yes` or `-y`: Automated deployment using complete .env file
- `--save-only`: Answer questions and save .env without deploying
- `--help`: Show help message
## Deployment Scenarios
### 1. Single Server Full Deployment
Deploys everything on one server:
- Core services (DuckDNS, Traefik, Authelia, Sablier, Dockge)
- Infrastructure services (Pi-hole, Dozzle, Glances, etc.)
- Dashboard services (Homepage, Homarr)
- Prepares all additional stacks for Dockge
### 2. Core Server Deployment
Deploys only essential services:
- Core services + Dashboards
- Prepares all additional stacks for Dockge
- Suitable for dedicated core server in multi-server setup
### 3. Remote Server Deployment
Deploys infrastructure without core services:
- Infrastructure services + Dashboards + Dockge
- For application servers in multi-server setup
- Requires core server to be set up first
## Configuration
The script uses a comprehensive `.env` file with two main sections:
### Required Configuration
```bash
# Basic server settings
PUID=1000
PGID=1000
TZ=America/New_York
SERVER_IP=192.168.1.100
SERVER_HOSTNAME=debian
# Domain settings
DUCKDNS_SUBDOMAINS=yourdomain
DUCKDNS_TOKEN=your-token
# Admin credentials (for core servers)
DEFAULT_USER=admin
DEFAULT_PASSWORD=secure-password
DEFAULT_EMAIL=admin@yourdomain.duckdns.org
```
### Deployment Configuration (Optional)
```bash
# For automated deployment
DEPLOYMENT_TYPE=SINGLE_SERVER
AUTO_REBOOT=false
INSTALL_DOCKER=true
INSTALL_NVIDIA=true
# Service selection
DEPLOY_DOCKGE=true
DEPLOY_CORE=true
DEPLOY_INFRASTRUCTURE=true
DEPLOY_DASHBOARDS=true
PREPARE_VPN=true
PREPARE_MEDIA=true
# ... etc
```
## System Requirements
- **OS**: Ubuntu 20.04+ or Debian 11+
- **Python**: 3.8 or higher
- **RAM**: Minimum 4GB (8GB recommended)
- **Disk**: 10GB free space minimum
- **Network**: Internet connection for downloads
## What Gets Installed
### System Setup
- Docker and Docker Compose
- NVIDIA drivers and Container Toolkit (if GPU detected)
- UFW firewall configuration
- Automatic security updates
- Required system packages
### Docker Networks
- `traefik-network`: For services behind Traefik
- `homelab-network`: General service communication
- `media-network`: Media service isolation
### Services Deployed
Based on your deployment scenario and selections.
## Post-Installation
After successful deployment:
1. **Access Dockge**: `https://dockge.yourdomain.duckdns.org`
2. **Configure Authelia**: `https://auth.yourdomain.duckdns.org` (if core services deployed)
3. **Start Additional Services**: Use Dockge web UI to deploy prepared stacks
4. **Access Homepage**: `https://homepage.yourdomain.duckdns.org`
## Troubleshooting
### Common Issues
**"Python version 3.8+ required"**
- Upgrade Python: `sudo apt install python3.10`
**"Missing required dependency"**
- Install dependencies: `pip install -r requirements.txt`
**"Pre-flight checks failed"**
- Ensure you're running on Ubuntu/Debian
- Check internet connectivity
- Verify sufficient disk space
**"Deployment failed"**
- Check Docker installation: `docker --version`
- Verify .env configuration
- Review deployment logs
### Getting Help
- Check the [docs/](docs/) directory for detailed guides
- Review [troubleshooting](docs/quick-reference.md) in the quick reference
- Use the AI assistant in VS Code for EZ-Homelab specific help
## Development
### Running Tests
```bash
# Basic syntax check
python -m py_compile ez-homelab-tui.py
# YAML validation
python -c "import yaml; yaml.safe_load(open('config-templates/traefik/dynamic/external-host-production.yml'))"
```
### Code Structure
- `EZHomelabTUI` class: Main application logic
- Pre-flight checks and validation
- Interactive question flow
- Deployment orchestration
- Configuration management
## Contributing
1. Fork the repository
2. Create a feature branch
3. Make your changes
4. Test thoroughly
5. Submit a pull request
## License
See [LICENSE](LICENSE) file for details.

10
config-templates/homepage/custom.css
View File

@@ -1,7 +1,15 @@
.information-widgets {
max-width: 1500px;
}
.services-group {
max-width: 250px;
}
#services {
margin: 0px;
}
.service {
height: 70px;
max-height: 80px;
@@ -9,7 +17,7 @@
margin-right: 3px;
}
#services {
#services #bookmarks {
margin: 0px 0px 0px 20px;
}

22
config-templates/homepage/docker.yaml
View File

@@ -1,8 +1,18 @@
# Homepage Configuration - Docker Integration
# Copy to /opt/stacks/homepage/config/docker.yaml
# Enables auto-discovery of containers and status monitoring
# Docker socket (via proxy for security)
my-docker:
socket: /var/run/docker.sock
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/docker/
# my-docker:
# host: 127.0.0.1
# port: 2375
# my-docker:
# socket: /var/run/docker.sock
# home-assistant:
# host: 192.168.4.5
# port: 2375
#${SERVER_HOSTNAME}:
# host: 192.168.4.11
# port: 2375

222
config-templates/homepage/services.yaml
View File

@@ -5,277 +5,287 @@
- Homepage:
icon: homepage.png
href: https://homepage.${DOMAIN}
description: This Dashboard
container: homepage
description: Hosted on Raspberry Pi
- Homepage - ${REMOTE_SERVER_HOSTNAME}:
icon: homepage.png
href: https://homepage.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Application Dashboard
- Homarr:
icon: homarr.png
href: https://homarr.${DOMAIN}
description: Alternative Dashboard
container: homarr
- Homarr - ${REMOTE_SERVER_HOSTNAME}:
icon: homarr.png
href: https://homarr.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Alternative Dashboard
- Dockge - ${SERVER_HOSTNAME}:
icon: dockge.png
href: https://${SERVER_HOSTNAME}.${DOMAIN}
description: Main Server
- Dockge - ${REMOTE_SERVER_HOSTNAME}:
icon: dockge.png
href: https://${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: Raspberry Pi Authentication Server
- Core:
- Dockge:
icon: dockge.png
href: https://dockge.${SERVER_HOSTNAME}.${DOMAIN}
description: Docker Compose Manager
container: dockge
- Traefik:
icon: traefik.png
href: https://traefik.${DOMAIN}
description: Reverse Proxy & SSL
container: traefik
- Authelia:
icon: authelia.png
href: https://auth.${DOMAIN}
description: Authentication Portal
container: authelia
- Infrastructure:
- Dozzle:
icon: dozzle.png
href: https://dozzle.${SERVER_HOSTNAME}.${DOMAIN}
description: Real-time Log Viewer
container: dozzle
- Glances:
icon: glances.png
href: https://glances.${SERVER_HOSTNAME}.${DOMAIN}
description: System Monitoring
container: glances
description: Authentication SSO Portal
- Pi-hole:
icon: pi-hole.png
href: https://pihole.${DOMAIN}
description: Network-wide Ad Blocking
container: pihole
# Available to Install - Grouped by Stack
- Monitoring Stack:
- Dozzle:
icon: dozzle.png
href: https://dozzle.${SERVER_HOSTNAME}.${DOMAIN}
description: ${SERVER_HOSTNAME} - Real-time Log Viewer
- Dozzle:
icon: dozzle.png
href: https://dozzle.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Real-time Log Viewer
- Glances - ${SERVER_HOSTNAME}:
icon: glances.png
href: https://glances.${SERVER_HOSTNAME}.${DOMAIN}
description: ${SERVER_HOSTNAME} - System Monitoring
- Glances - ${REMOTE_SERVER_HOSTNAME}:
icon: glances.png
href: https://glances.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - System Monitoring
- Uptime Kuma:
icon: uptime-kuma.png
href: https://uptime-kuma.${DOMAIN}
description: Uptime Monitoring
- Grafana - ${REMOTE_SERVER_HOSTNAME}:
icon: grafana.png
href: https://grafana.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Metrics Dashboard
- Prometheus - ${REMOTE_SERVER_HOSTNAME}:
icon: prometheus.png
href: https://prometheus.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Metrics Collection
- Uptime Kuma - ${REMOTE_SERVER_HOSTNAME}:
icon: uptime-kuma.png
href: https://status.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Uptime Monitoring
- Media:
- Jellyfin:
icon: jellyfin.png
href: https://jellyfin.${DOMAIN}
description: Open Source Media Server
container: jellyfin
- Jellyseerr:
icon: jellyseerr.png
href: https://jellyseerr.${DOMAIN}
description: Media Request Manager
container: jellyseerr
- Calibre-Web:
icon: calibre-web.png
href: https://calibre.${DOMAIN}
description: Ebook Library
container: calibre-web
- Media Management:
- Sonarr:
icon: sonarr.png
href: https://sonarr.${DOMAIN}
description: TV Shows Automation
container: sonarr
- Radarr:
icon: radarr.png
href: https://radarr.${DOMAIN}
description: Movies Automation
container: radarr
- Prowlarr:
icon: prowlarr.png
href: https://prowlarr.${DOMAIN}
description: Indexer Manager
container: prowlarr
- Readarr:
icon: readarr.png
href: https://readarr.${DOMAIN}
description: Books Automation
container: readarr
- Lidarr:
icon: lidarr.png
href: https://lidarr.${DOMAIN}
description: Music Automation
container: lidarr
- Mylar3:
icon: mylar.png
href: https://mylar.${DOMAIN}
description: Comics Manager
container: mylar3
- qBittorrent:
icon: qbittorrent.png
href: https://qbit.${DOMAIN}
description: Torrent Client
container: qbittorrent
- Tdarr:
icon: tdarr.png
href: https://tdarr.${DOMAIN}
description: Media Transcoding
container: tdarr
- Home Automation:
- Home Assistant:
icon: home-assistant.png
href: https://ha.${DOMAIN}
href: https://hass.${DOMAIN}
description: Home Automation Platform
container: homeassistant
- ESPHome:
icon: esphome.png
href: https://esphome.${DOMAIN}
description: ESP Device Manager
container: esphome
- Node-RED:
icon: node-red.png
href: https://nodered.${DOMAIN}
description: Flow-based Automation
container: nodered
- Zigbee2MQTT:
icon: zigbee2mqtt.png
href: https://zigbee.${DOMAIN}
description: Zigbee Bridge
container: zigbee2mqtt
- Mosquitto:
icon: mosquitto.png
href: https://mqtt.${DOMAIN}
description: MQTT Broker
container: mosquitto
- Productivity:
- Nextcloud:
icon: nextcloud.png
href: https://nextcloud.${DOMAIN}
description: Cloud Storage & Collaboration
container: nextcloud
- Gitea:
icon: gitea.png
href: https://gitea.${DOMAIN}
description: Git Repository
container: gitea
- Mealie:
icon: mealie.png
href: https://mealie.${DOMAIN}
description: Recipe Manager
container: mealie
- WordPress:
icon: wordpress.png
href: https://wordpress.${DOMAIN}
description: CMS Platform
container: wordpress
- Wikis:
- BookStack:
icon: bookstack.png
href: https://bookstack.${DOMAIN}
description: Wiki Platform
container: bookstack
- DokuWiki:
icon: dokuwiki.png
href: https://dokuwiki.${DOMAIN}
description: Simple Wiki
container: dokuwiki
- MediaWiki:
- Mediawiki:
icon: mediawiki.png
href: https://mediawiki.${DOMAIN}
description: Wikipedia Engine
container: mediawiki
- Monitoring Stack:
- Grafana:
icon: grafana.png
href: https://grafana.${DOMAIN}
description: Metrics Dashboard
container: grafana
- Prometheus:
icon: prometheus.png
href: https://prometheus.${DOMAIN}
description: Metrics Collection
container: prometheus
- Uptime Kuma:
icon: uptime-kuma.png
href: https://uptime-kuma.${DOMAIN}
description: Uptime Monitoring
container: uptime-kuma
- cAdvisor:
icon: cadvisor.png
href: https://cadvisor.${DOMAIN}
description: Container Metrics
container: cadvisor
description: Collaborative Wiki
- Development:
- VS Code Server:
icon: vscode.png
href: https://code.${DOMAIN}
description: Browser-based IDE
container: code-server
- Jupyter:
icon: jupyter.png
href: https://jupyter.${DOMAIN}
description: Data Science Notebooks
container: jupyter
- Backups:
- Backrest:
icon: mdi-backup-restore
href: https://backrest.${DOMAIN}
description: Backup Solution
container: backrest
- Downloaders:
- qBittorrent:
icon: qbittorrent.png
href: https://qbit.${DOMAIN}
description: Torrent Client
- Transcoders:
- Tdarr:
icon: tdarr.png
href: https://tdarr.${DOMAIN}
description: Media Transcoding
- Duplicati:
icon: duplicati.png
href: https://duplicati.${DOMAIN}
description: Backup Software
container: duplicati
- Unmanic:
icon: unmanic.png
href: https://unmanic.${DOMAIN}
description: Media Transcoder
- Utilities:
- Vaultwarden:
icon: vaultwarden.png
href: https://vault.${DOMAIN}
description: Password Manager
container: vaultwarden
- Formio:
icon: mdi-form-select
href: https://formio.${DOMAIN}
description: Form Builder
container: formio
- Backup:
- Backrest:
icon: mdi-backup-restore
href: https://backrest.${DOMAIN}
description: Backup Solution
- Backrest - ${REMOTE_SERVER_HOSTNAME}:
icon: mdi-backup-restore
href: https://backrest.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Backup Solution
- Duplicati:
icon: duplicati.png
href: https://duplicati.${DOMAIN}
description: Backup Software
- Duplicati - ${REMOTE_SERVER_HOSTNAME}:
icon: duplicati.png
href: https://duplicati.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Backup Software
- Metrics:
- Grafana:
icon: grafana.png
href: https://grafana.${DOMAIN}
description: Metrics Dashboard
- Prometheus:
icon: prometheus.png
href: https://prometheus.${DOMAIN}
description: Metrics Collection
- cAdvisor:
icon: cadvisor.png
href: https://cadvisor.${DOMAIN}
description: Container Metrics
- Alternatives:
- Portainer:
icon: portainer.png
href: https://portainer.${DOMAIN}
description: Container Management UI
container: portainer
- Authentik:
icon: authentik.png
href: https://authentik.${DOMAIN}
description: Alternative Auth Provider
container: authentik
- Plex:
icon: plex.png
href: https://plex.${DOMAIN}
description: Media Server
container: plex

14
config-templates/homepage/settings.yaml
View File

@@ -1,11 +1,7 @@
---
# Homepage Settings
# For all configuration options: https://gethomepage.dev/configs/settings/
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/settings/
title: AI Homelab Dashboard
theme: dark
color: slate
headerStyle: boxed
providers:
openweathermap: openweathermapapikey
weatherapi: weatherapiapikey

4
config-templates/homepage/widgets.yaml
View File

@@ -1,6 +1,6 @@
---
# Homepage Widgets Configuration
# Service widgets omitted per user request
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/info-widgets/
- resources:
cpu: true

562
config-templates/traefik/dynamic/external-host-production.yml
View File

@@ -1,599 +1,399 @@
http:
routers:
backrest-${SERVER_HOSTNAME}:
rule: "Host(`backrest.${DOMAIN}`)"
# Remote Server Services (${REMOTE_SERVER_HOSTNAME})
dockge-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`dockge.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: backrest-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-backrest@file
- authelia@docker
bookstack-${SERVER_HOSTNAME}:
rule: "Host(`bookstack.${DOMAIN}`)"
entryPoints:
- websecure
service: bookstack-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-bookstack@file
- authelia@docker
vaultwarden-${SERVER_HOSTNAME}:
rule: "Host(`vault.${DOMAIN}`)"
entryPoints:
- websecure
service: vaultwarden-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
# SSO disabled for browser extension and mobile app compatibility
# middlewares:
# - sablier-${SERVER_HOSTNAME}-vaultwarden@file
calibre-web-${SERVER_HOSTNAME}:
rule: "Host(`calibre.${DOMAIN}`)"
entryPoints:
- websecure
service: calibre-web-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-calibre-web@file
- authelia@docker
code-${SERVER_HOSTNAME}:
rule: "Host(`code.${DOMAIN}`)"
entryPoints:
- websecure
service: code-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-code-server@file
- authelia@docker
dockge-${SERVER_HOSTNAME}:
rule: "Host(`jarvis.${DOMAIN}`)"
entryPoints:
- websecure
service: dockge-${SERVER_HOSTNAME}
service: dockge-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
dockhand-${SERVER_HOSTNAME}:
rule: "Host(`dockhand.${DOMAIN}`)"
dozzle-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`dozzle.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: dockhand-${SERVER_HOSTNAME}
service: dozzle-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
dokuwiki-${SERVER_HOSTNAME}:
rule: "Host(`dokuwiki.${DOMAIN}`)"
glances-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`glances.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: dokuwiki-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-dokuwiki@file
- authelia@docker
dozzle-${SERVER_HOSTNAME}:
rule: "Host(`dozzle.${SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: dozzle-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-dozzle@file
- authelia@docker
duplicati-${SERVER_HOSTNAME}:
rule: "Host(`duplicati.${DOMAIN}`)"
entryPoints:
- websecure
service: duplicati-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-duplicati@file
- authelia@docker
formio-${SERVER_HOSTNAME}:
rule: "Host(`formio.${DOMAIN}`)"
entryPoints:
- websecure
service: formio-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-formio@file
- authelia@docker
gitea-${SERVER_HOSTNAME}:
rule: "Host(`gitea.${DOMAIN}`)"
entryPoints:
- websecure
service: gitea-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-gitea@file
- authelia@docker
glances-${SERVER_HOSTNAME}:
rule: "Host(`glances.jarvis.${DOMAIN}`)"
entryPoints:
- websecure
service: glances-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-glances@file
- authelia@docker
homepage-${SERVER_HOSTNAME}:
rule: "Host(`homepage.jarvis.${DOMAIN}`)"
entryPoints:
- websecure
service: homepage-${SERVER_HOSTNAME}
service: glances-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
homarr-${SERVER_HOSTNAME}:
rule: "Host(`homarr.${DOMAIN}`)"
backrest-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`backrest.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: homarr-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
- sablier-${SERVER_HOSTNAME}-homarr@file
jellyfin-${SERVER_HOSTNAME}:
rule: "Host(`jellyfin.${DOMAIN}`)"
entryPoints:
- websecure
service: jellyfin-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-jellyfin@file
# No authelia middleware for media apps
jupyter-${SERVER_HOSTNAME}:
rule: "Host(`jupyter.${DOMAIN}`)"
entryPoints:
- websecure
service: jupyter-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-jupyter@file
- authelia@docker
kopia-${SERVER_HOSTNAME}:
rule: "Host(`kopia.${DOMAIN}`)"
entryPoints:
- websecure
service: kopia-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-kopia@file
- authelia@docker
mealie-${SERVER_HOSTNAME}:
rule: "Host(`mealie.${DOMAIN}`)"
entryPoints:
- websecure
service: mealie-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-mealie@file
- authelia@docker
motioneye-${SERVER_HOSTNAME}:
rule: "Host(`motioneye.${DOMAIN}`)"
entryPoints:
- websecure
service: motioneye-${SERVER_HOSTNAME}
service: backrest-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
mediawiki-${SERVER_HOSTNAME}:
rule: "Host(`mediawiki.${DOMAIN}`)"
duplicati-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`duplicati.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: mediawiki-${SERVER_HOSTNAME}
service: duplicati-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-mediawiki@file
- authelia@docker
nextcloud-${SERVER_HOSTNAME}:
rule: "Host(`nextcloud.${DOMAIN}`)"
homepage-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`homepage.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: nextcloud-${SERVER_HOSTNAME}
service: homepage-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-nextcloud@file
- authelia@docker
openkm-${SERVER_HOSTNAME}:
rule: "Host(`openkm.${DOMAIN}`)"
homarr-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`homarr.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: openkm-${SERVER_HOSTNAME}
service: homarr-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-openkm@file
- authelia@docker
openwebui-${SERVER_HOSTNAME}:
rule: "Host(`openwebui.${DOMAIN}`)"
grafana-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`grafana.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: openwebui-${SERVER_HOSTNAME}
service: grafana-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-openwebui@file
- authelia@docker
qbittorrent-${SERVER_HOSTNAME}:
rule: "Host(`torrents.${DOMAIN}`)"
prometheus-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`prometheus.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: qbittorrent-${SERVER_HOSTNAME}
service: prometheus-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
tdarr-${SERVER_HOSTNAME}:
rule: "Host(`tdarr.${DOMAIN}`)"
uptime-kuma-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`status.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: tdarr-${SERVER_HOSTNAME}
service: uptime-kuma-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
unmanic-${SERVER_HOSTNAME}:
rule: "Host(`unmanic.${DOMAIN}`)"
entryPoints:
- websecure
service: unmanic-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-unmanic@file
- authelia@docker
wordpress-${SERVER_HOSTNAME}:
rule: "Host(`knot-u.${DOMAIN}`)"
entryPoints:
- websecure
service: wordpress-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-wordpress@file
- authelia@file
# Arr Services (no SSO for media apps)
jellyseerr-${SERVER_HOSTNAME}:
rule: "Host(`jellyseerr.${DOMAIN}`)"
entryPoints:
- websecure
service: jellyseerr-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
prowlarr-${SERVER_HOSTNAME}:
rule: "Host(`prowlarr.${DOMAIN}`)"
entryPoints:
- websecure
service: prowlarr-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
radarr-${SERVER_HOSTNAME}:
rule: "Host(`radarr.${DOMAIN}`)"
entryPoints:
- websecure
service: radarr-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
sonarr-${SERVER_HOSTNAME}:
rule: "Host(`sonarr.${DOMAIN}`)"
entryPoints:
- websecure
service: sonarr-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
lidarr-${SERVER_HOSTNAME}:
rule: "Host(`lidarr.${DOMAIN}`)"
entryPoints:
- websecure
service: lidarr-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
readarr-${SERVER_HOSTNAME}:
rule: "Host(`readarr.${DOMAIN}`)"
entryPoints:
- websecure
service: readarr-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
mylar3-${SERVER_HOSTNAME}:
rule: "Host(`mylar3.${DOMAIN}`)"
entryPoints:
- websecure
service: mylar3-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
# Service Definitions
services:
backrest-${SERVER_HOSTNAME}:
loadBalancer:
servers:
- url: "http://192.168.4.11:9898"
- url: "http://${SERVER_IP}:9898"
passHostHeader: true
vaultwarden-${SERVER_HOSTNAME}:
loadBalancer:
servers:
- url: "http://192.168.4.11:8091"
- url: "http://${SERVER_IP}:8091"
passHostHeader: true
bookstack-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:6875"
- url: "http://${SERVER_IP}:6875"
passHostHeader: true
calibre-web-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8083"
- url: "http://${SERVER_IP}:8083"
passHostHeader: true
code-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8079"
- url: "http://${SERVER_IP}:8079"
passHostHeader: true
dockge-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:5001"
- url: "http://${SERVER_IP}:5001"
passHostHeader: true
dockhand-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:3003"
- url: "http://${SERVER_IP}:3003"
passHostHeader: true
dokuwiki-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8087"
- url: "http://${SERVER_IP}:8087"
passHostHeader: true
dozzle-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8085"
- url: "http://${SERVER_IP}:8085"
passHostHeader: true
duplicati-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8200"
- url: "http://${SERVER_IP}:8200"
passHostHeader: true
ez-assistant-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:18789" # Internal IP of ${SERVER_HOSTNAME} server
passHostHeader: true
formio-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:3002"
- url: "http://${SERVER_IP}:3002"
passHostHeader: true
gitea-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:3010"
- url: "http://${SERVER_IP}:3010"
passHostHeader: true
glances-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:61208"
- url: "http://${SERVER_IP}:61208"
passHostHeader: true
homarr-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:7575"
- url: "http://${SERVER_IP}:7575"
passHostHeader: true
homepage-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:3000"
- url: "http://${SERVER_IP}:3000"
passHostHeader: true
jellyfin-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8096"
- url: "http://${SERVER_IP}:8096"
passHostHeader: true
jupyter-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8890"
- url: "http://${SERVER_IP}:8890"
passHostHeader: true
kopia-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:51515"
- url: "http://${SERVER_IP}:51515"
passHostHeader: true
mealie-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:9000"
- url: "http://${SERVER_IP}:9000"
passHostHeader: true
mediawiki-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8086"
- url: "http://${SERVER_IP}:8086"
passHostHeader: true
motioneye-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8081"
- url: "http://${SERVER_IP}:8081"
passHostHeader: true
nextcloud-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8089"
- url: "http://${SERVER_IP}:8089"
passHostHeader: true
openkm-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:18080"
- url: "http://${SERVER_IP}:18080"
passHostHeader: true
openwebui-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:3000"
- url: "http://${SERVER_IP}:3000"
passHostHeader: true
qbittorrent-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8081"
- url: "http://${SERVER_IP}:8081"
passHostHeader: true
tdarr-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8265"
- url: "http://${SERVER_IP}:8265"
passHostHeader: true
unmanic-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8889"
- url: "http://${SERVER_IP}:8889"
passHostHeader: true
wordpress-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8088"
- url: "http://${SERVER_IP}:8088"
passHostHeader: true
# Arr Services
jellyseerr-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:5055"
- url: "http://${SERVER_IP}:5055"
passHostHeader: true
prowlarr-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:9696"
- url: "http://${SERVER_IP}:9696"
passHostHeader: true
radarr-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:7878"
- url: "http://${SERVER_IP}:7878"
passHostHeader: true
sonarr-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8989"
- url: "http://${SERVER_IP}:8989"
passHostHeader: true
lidarr-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8686"
- url: "http://${SERVER_IP}:8686"
passHostHeader: true
readarr-${SERVER_HOSTNAME}:
loadBalancer:
loadbalancer:
servers:
- url: "http://192.168.4.11:8787"
- url: "http://${SERVER_IP}:8787"
passHostHeader: true
mylar3-${SERVER_HOSTNAME}:
loadBalancer:
servers:
- url: "http://192.168.4.11:8090"
- url: "http://${SERVER_IP}:8090"
passHostHeader: true
# Remote Server Service Definitions (${REMOTE_SERVER_HOSTNAME})
dockge-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:5001"
passHostHeader: true
dozzle-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:8085"
passHostHeader: true
glances-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:61208"
passHostHeader: true
backrest-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:9898"
passHostHeader: true
duplicati-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:8200"
passHostHeader: true
homepage-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:3000"
passHostHeader: true
homarr-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:7575"
passHostHeader: true
grafana-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:3000"
passHostHeader: true
prometheus-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:9090"
passHostHeader: true
uptime-kuma-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:3001"
passHostHeader: true
# Middleware Definitions
middlewares:
ez-assistant-websocket:
headers:
accessControlAllowHeaders:
- "Connection"
- "Upgrade"
accessControlAllowMethods:
- "GET"
- "POST"
- "OPTIONS"
accessControlMaxAge: 86400

121
config-templates/traefik/dynamic/sablier.yml
View File

@@ -319,3 +319,124 @@ http:
displayName: wordpress
theme: ghost
show-details-by-default: true
# Remote Server (${REMOTE_SERVER_HOSTNAME}) Sablier Middlewares
sablier-${REMOTE_SERVER_HOSTNAME}-dockge:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-dockge
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Dockge (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-dozzle:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-dozzle
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Dozzle (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-glances:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-glances
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Glances (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-backrest:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-backrest
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Backrest (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-duplicati:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-duplicati
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Duplicati (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-homepage:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-homepage
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Homepage (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-homarr:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-homarr
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Homarr (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-grafana:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-grafana
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Grafana (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-prometheus:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-prometheus
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Prometheus (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-uptime-kuma:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-uptime-kuma
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Uptime Kuma (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true

59
config-templates/traefik/traefik.yml
View File

@@ -1,56 +1,43 @@
# Traefik Static Configuration
# Copy to /opt/stacks/traefik/traefik.yml
global:
checkNewVersion: true
sendAnonymousUsage: false
experimental:
plugins:
sablier:
moduleName: github.com/sablierapp/sablier-traefik-plugin
version: v1.1.0
api:
dashboard: true
insecure: false # Dashboard accessible via Traefik route with Authelia
providers:
docker:
exposedByDefault: false
file:
directory: /dynamic
entryPoints:
web:
address: ":80"
http:
redirections:
entryPoint:
to: websecure
scheme: https
websecure:
address: ":443"
http:
tls:
certResolver: letsencrypt
traefik:
address: ":8080"
certificatesResolvers:
letsencrypt:
acme:
email: ACME_EMAIL_PLACEHOLDER # Will be replaced by deploy script
caServer: https://acme-staging-v02.api.letsencrypt.org/directory
storage: /acme.json
# For testing: Use staging to avoid production rate limits
# caServer: https://acme-staging-v02.api.letsencrypt.org/directory
# DNS challenge - For wildcard certificates (*.yourdomain.duckdns.org)
# Works with DuckDNS - requires DUCKDNS_TOKEN in environment
dnsChallenge:
provider: duckdns
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false # Only expose services with traefik.enable=true
network: traefik-network
file:
directory: /dynamic
watch: true
email: ${DEFAULT_EMAIL}
storage: /letsencrypt/acme.json
log:
level: INFO # DEBUG, INFO, WARN, ERROR
filePath: /var/log/traefik/traefik.log
level: DEBUG
accessLog:
filePath: /var/log/traefik/access.log
bufferingSize: 100
format: json
api:
dashboard: true
insecure: true
ping:
manualRouting: true

6
docker-compose/dashboards/docker-compose.yml
View File

@@ -43,8 +43,10 @@ services:
- "homelab.category=dashboard"
- "homelab.description=Application dashboard"
# Traefik reverse proxy (comment/uncomment to disable/enable)
# If Traefik is on a remote server: these labels are NOT USED;
# configure external yml files in /traefik/dynamic folder instead.
# IMPORTANT: On REMOTE SERVERS (where Traefik runs elsewhere):
# - COMMENT OUT all traefik.* labels below (don't delete them)
# - Routes are configured via external YAML files on the core server
# - This prevents conflicts between Docker labels and file provider
- "traefik.enable=true"
- "traefik.http.routers.homepage.rule=Host(`homepage.${DOMAIN}`)"
- "traefik.http.routers.homepage.entrypoints=websecure"

196
docker-compose/dashboards/homepage/README.md Normal file
View File

@@ -0,0 +1,196 @@
# Configuration Templates
This directory contains example configuration files for various services. These templates provide sensible defaults and are ready to use with minimal modifications.
## Usage
1. **Create your config directory** (if it doesn't exist):
```bash
mkdir -p config/service-name
```
2. **Copy the template** to your config directory:
```bash
cp config-templates/service-name/* config/service-name/
```
3. **Edit the configuration** as needed for your environment
4. **Start the service** using Docker Compose
## Available Templates
### Prometheus (`prometheus/prometheus.yml`)
Metrics collection and monitoring system configuration.
**Features:**
- Pre-configured to scrape Node Exporter and cAdvisor
- 15-second scrape interval
- Ready for additional service monitoring
**Setup:**
```bash
mkdir -p config/prometheus
cp config-templates/prometheus/prometheus.yml config/prometheus/
docker compose -f docker-compose/monitoring.yml up -d prometheus
```
### Loki (`loki/loki-config.yml`)
Log aggregation system configuration.
**Features:**
- Filesystem-based storage
- 30-day log retention
- Automatic log compaction
- Pre-configured for Promtail
**Setup:**
```bash
mkdir -p config/loki
cp config-templates/loki/loki-config.yml config/loki/
docker compose -f docker-compose/monitoring.yml up -d loki
```
### Promtail (`promtail/promtail-config.yml`)
Log shipper for Loki.
**Features:**
- Automatically ships Docker container logs
- Parses Docker JSON format
- Extracts container IDs and names
- Optional system log collection
**Setup:**
```bash
mkdir -p config/promtail
cp config-templates/promtail/promtail-config.yml config/promtail/
docker compose -f docker-compose/monitoring.yml up -d promtail
```
### Redis (`redis/redis.conf`)
In-memory data store configuration.
**Features:**
- Both AOF and RDB persistence enabled
- 256MB memory limit with LRU eviction
- Sensible defaults for homelab use
- Security options (password protection available)
**Setup:**
```bash
mkdir -p config/redis
cp config-templates/redis/redis.conf config/redis/
# Optional: Edit redis.conf to set a password
docker compose -f docker-compose/development.yml up -d redis
```
## Customization Tips
### Prometheus
- Add more scrape targets to monitor additional services
- Adjust `scrape_interval` based on your needs (lower = more frequent, more data)
- Configure alerting by uncommenting the alertmanager section
### Loki
- Adjust `retention_period` to keep logs longer or shorter
- Change storage from filesystem to S3 for better scalability
- Configure multiple tenants if needed
### Promtail
- Add more scrape configs for system logs, application logs, etc.
- Customize pipeline stages to extract more labels
- Filter logs based on patterns
### Redis
- Set `maxmemory` based on your available RAM
- Choose appropriate `maxmemory-policy` for your use case
- Enable password protection by uncommenting `requirepass`
## Service-Specific Notes
### Services That Don't Need Config Templates
Many services work perfectly with just environment variables and don't require separate config files:
- **Plex, Jellyfin**: Configure via web UI
- **Sonarr, Radarr, Prowlarr**: Configure via web UI
- **Portainer**: Configure via web UI
- **Grafana**: Can use provisioning or web UI
- **Most LinuxServer.io images**: Configured via environment variables
### Services That Benefit from Config Files
- **Prometheus**: Requires `prometheus.yml` for scrape configuration
- **Loki**: Requires config for storage and retention
- **Promtail**: Requires config for log sources
- **Redis**: Benefits from custom config for persistence and security
- **Nginx**: Needs config for proxy rules (use Nginx Proxy Manager UI instead)
## Best Practices
1. **Version Control**: Keep your config templates in git
2. **Secrets**: Never commit passwords or API keys
3. **Comments**: Add comments explaining custom settings
4. **Backups**: Backup config directories regularly
5. **Testing**: Test config changes in a separate environment first
## Creating New Templates
When creating templates for other services:
1. Start with the official documentation
2. Use sensible defaults for homelab use
3. Add comments explaining important settings
4. Include examples for common customizations
5. Test the template before committing
## Getting Help
- Check the official documentation for each service
- Ask GitHub Copilot in VS Code for configuration help
- Review the [Docker Guidelines](../docs/docker-guidelines.md)
- Consult service-specific community forums
## Example: Full Monitoring Stack Setup
```bash
# Create all config directories
mkdir -p config/{prometheus,loki,promtail,grafana}
# Copy templates
cp config-templates/prometheus/prometheus.yml config/prometheus/
cp config-templates/loki/loki-config.yml config/loki/
cp config-templates/promtail/promtail-config.yml config/promtail/
# Start the monitoring stack
docker compose -f docker-compose/monitoring.yml up -d
# Access services
# Prometheus: http://server-ip:9090
# Grafana: http://server-ip:3000
# Loki: http://server-ip:3100
```
## Troubleshooting
### Config file not found
Ensure you copied the template to the correct location referenced in the docker-compose file.
### Permission errors
Fix ownership:
```bash
sudo chown -R 1000:1000 config/service-name
```
### Syntax errors
Validate YAML files:
```bash
# For YAML files
python3 -c "import yaml; yaml.safe_load(open('config/service/config.yml'))"
```
### Service won't start
Check logs for configuration errors:
```bash
docker compose -f docker-compose/file.yml logs service-name
```

86
docker-compose/dashboards/homepage/authelia/configuration.yml Normal file
View File

@@ -0,0 +1,86 @@
# Authelia Configuration
# Copy to /opt/stacks/authelia/configuration.yml
# IMPORTANT: Replace 'your-domain.duckdns.org' with your actual DuckDNS domain
server:
host: 0.0.0.0
port: 9091
log:
level: info
theme: dark
jwt_secret: ${AUTHELIA_JWT_SECRET}
default_redirection_url: https://auth.${DOMAIN}
totp:
issuer: ${DOMAIN}
period: 30
skew: 1
authentication_backend:
file:
path: /config/users_database.yml
password:
algorithm: argon2id
iterations: 1
key_length: 32
salt_length: 16
memory: 1024
parallelism: 8
access_control:
default_policy: deny
rules:
# Bypass Authelia for Jellyfin (allow app access)
- domain: jellyfin.${DOMAIN}
policy: bypass
# Bypass for Plex (allow app access)
- domain: plex.${DOMAIN}
policy: bypass
# Bypass for Home Assistant (has its own auth)
- domain: ha.${DOMAIN}
policy: bypass
# Protected: All other services require authentication
- domain: "*.${DOMAIN}"
policy: one_factor
# Two-factor for admin services (optional)
# - domain:
# - "admin.${DOMAIN}"
# - "portainer.${DOMAIN}"
# policy: two_factor
session:
name: authelia_session
secret: ${AUTHELIA_SESSION_SECRET}
expiration: 24h # Session expires after 24 hours
inactivity: 24h # Session expires after 24 hours of inactivity
remember_me_duration: 1M
domain: ${DOMAIN}
cookies:
- name: authelia_session
domain: ${DOMAIN}
secure: true
same_site: lax
regulation:
max_retries: 3
find_time: 2m
ban_time: 5m
storage:
encryption_key: ${AUTHELIA_STORAGE_ENCRYPTION_KEY}
local:
path: /config/db.sqlite3
notifier:
# File-based notifications (for development/testing)
filesystem:
filename: /config/notification.txt

20
docker-compose/dashboards/homepage/authelia/users_database.yml Normal file
View File

@@ -0,0 +1,20 @@
# Authelia Users Database
# Copy to /opt/stacks/authelia/users_database.yml
# Generate password hashes with: docker run authelia/authelia:latest authelia crypto hash generate argon2 --password 'yourpassword'
users:
admin:
displayname: "Admin User"
password: "$argon2id$v=19$m=65536,t=3,p=4$CHANGEME" # Replace with your hashed password
email: admin@example.com
groups:
- admins
- users
# Example: Additional user
# user1:
# displayname: "User One"
# password: "$argon2id$v=19$m=65536,t=3,p=4$CHANGEME"
# email: user1@example.com
# groups:
# - users

493
docker-compose/dashboards/homepage/bookmarks.yaml Normal file
View File

@@ -0,0 +1,493 @@
---
# Homepage Bookmarks - Comprehensive EZ-Homelab Resources
- EZ-Homelab Project:
- EZ-Homelab GitHub:
- icon: github.png
href: https://github.com/kelinfoxy/EZ-Homelab
description: EZ-Homelab Repository & Documentation
- EZ-Homelab Wiki:
- icon: si-readthedocs
href: https://github.com/kelinfoxy/EZ-Homelab/wiki
description: Comprehensive Documentation Wiki
- Homepage Dashboard:
- icon: homepage.png
href: https://gethomepage.dev
description: Homepage Dashboard Documentation
- Infrastructure & Core Services:
- Traefik:
- icon: si-traefikproxy
href: https://traefik.io
description: Traefik Reverse Proxy
- icon: github.png
href: https://github.com/traefik/traefik
description: Traefik GitHub
- icon: docker.png
href: https://hub.docker.com/_/traefik
description: Traefik Docker Image
- Authelia:
- icon: si-authelia
href: https://www.authelia.com
description: Authelia SSO Authentication
- icon: github.png
href: https://github.com/authelia/authelia
description: Authelia GitHub
- icon: docker.png
href: https://hub.docker.com/r/authelia/authelia
description: Authelia Docker Image
- DuckDNS:
- icon: si-duckduckgo
href: https://www.duckdns.org
description: Dynamic DNS Service
- Docker:
- icon: docker.png
href: https://www.docker.com
description: Docker Official Website
- icon: docker.png
href: https://hub.docker.com
description: Docker Hub Registry
- icon: si-docker
href: https://docs.docker.com
description: Docker Documentation
- Portainer:
- icon: si-portainer
href: https://www.portainer.io
description: Portainer Container Management
- icon: github.png
href: https://github.com/portainer/portainer
description: Portainer GitHub
- icon: docker.png
href: https://hub.docker.com/r/portainer/portainer-ce
description: Portainer Docker Image
- Pi-hole:
- icon: si-raspberrypi
href: https://pi-hole.net
description: Pi-hole Network-wide Ad Blocking
- icon: github.png
href: https://github.com/pi-hole/pi-hole
description: Pi-hole GitHub
- icon: docker.png
href: https://hub.docker.com/r/pihole/pihole
description: Pi-hole Docker Image
- LinuxServer.io:
- icon: si-linux
href: https://www.linuxserver.io
description: LinuxServer.io Container Images
- icon: github.png
href: https://github.com/linuxserver
description: LinuxServer GitHub Organization
- Media Services:
- Plex:
- icon: si-plex
href: https://www.plex.tv
description: Plex Media Server
- icon: github.png
href: https://github.com/plexinc/pms-docker
description: Plex Docker GitHub
- icon: docker.png
href: https://hub.docker.com/r/plexinc/pms-docker
description: Plex Docker Image
- Jellyfin:
- icon: si-jellyfin
href: https://jellyfin.org
description: Jellyfin Media Server (Open Source)
- icon: github.png
href: https://github.com/jellyfin/jellyfin
description: Jellyfin GitHub
- icon: docker.png
href: https://hub.docker.com/r/jellyfin/jellyfin
description: Jellyfin Docker Image
- Sonarr:
- icon: si-sonarr
href: https://sonarr.tv
description: Sonarr TV Show Manager
- icon: github.png
href: https://github.com/Sonarr/Sonarr
description: Sonarr GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/sonarr
description: Sonarr Docker Image
- Radarr:
- icon: si-radarr
href: https://radarr.video
description: Radarr Movie Manager
- icon: github.png
href: https://github.com/Radarr/Radarr
description: Radarr GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/radarr
description: Radarr Docker Image
- Prowlarr:
- icon: si-prowlarr
href: https://prowlarr.com
description: Prowlarr Indexer Manager
- icon: github.png
href: https://github.com/Prowlarr/Prowlarr
description: Prowlarr GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/prowlarr
description: Prowlarr Docker Image
- qBittorrent:
- icon: si-qbittorrent
href: https://www.qbittorrent.org
description: qBittorrent Torrent Client
- icon: github.png
href: https://github.com/qbittorrent/qBittorrent
description: qBittorrent GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/qbittorrent
description: qBittorrent Docker Image
- Readarr:
- icon: si-readarr
href: https://readarr.com
description: Readarr Book Manager
- icon: github.png
href: https://github.com/Readarr/Readarr
description: Readarr GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/readarr
description: Readarr Docker Image
- Lidarr:
- icon: si-lidarr
href: https://lidarr.audio
description: Lidarr Music Manager
- icon: github.png
href: https://github.com/Lidarr/Lidarr
description: Lidarr GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/lidarr
description: Lidarr Docker Image
- Jellyseerr:
- icon: si-jellyseerr
href: https://jellyseerr.dev
description: Jellyseerr Media Requests
- icon: github.png
href: https://github.com/Fallenbagel/jellyseerr
description: Jellyseerr GitHub
- icon: docker.png
href: https://hub.docker.com/r/fallenbagel/jellyseerr
description: Jellyseerr Docker Image
- Tdarr:
- icon: si-tdarr
href: https://tdarr.io
description: Tdarr Media Transcoding
- icon: github.png
href: https://github.com/HaveAGitGat/Tdarr
description: Tdarr GitHub
- icon: docker.png
href: https://hub.docker.com/r/haveagitgat/tdarr
description: Tdarr Docker Image
- Unmanic:
- icon: si-unmanic
href: https://docs.unmanic.app
description: Unmanic Media Optimizer
- icon: github.png
href: https://github.com/Unmanic/unmanic
description: Unmanic GitHub
- icon: docker.png
href: https://hub.docker.com/r/josh5/unmanic
description: Unmanic Docker Image
- Calibre-Web:
- icon: si-calibre
href: https://github.com/janeczku/calibre-web
description: Calibre-Web Ebook Reader
- icon: github.png
href: https://github.com/janeczku/calibre-web
description: Calibre-Web GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/calibre-web
description: Calibre-Web Docker Image
- Productivity & Collaboration:
- Nextcloud:
- icon: si-nextcloud
href: https://nextcloud.com
description: Nextcloud File Sync & Collaboration
- icon: github.png
href: https://github.com/nextcloud/server
description: Nextcloud GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/nextcloud
description: Nextcloud Docker Image
- Gitea:
- icon: si-gitea
href: https://gitea.io
description: Gitea Git Service
- icon: github.png
href: https://github.com/go-gitea/gitea
description: Gitea GitHub
- icon: docker.png
href: https://hub.docker.com/r/gitea/gitea
description: Gitea Docker Image
- BookStack:
- icon: si-bookstack
href: https://www.bookstackapp.com
description: BookStack Documentation Platform
- icon: github.png
href: https://github.com/BookStackApp/BookStack
description: BookStack GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/bookstack
description: BookStack Docker Image
- DokuWiki:
- icon: si-dokuwiki
href: https://www.dokuwiki.org
description: DokuWiki File-based Wiki
- icon: github.png
href: https://github.com/dokuwiki/dokuwiki
description: DokuWiki GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/dokuwiki
description: DokuWiki Docker Image
- MediaWiki:
- icon: si-mediawiki
href: https://www.mediawiki.org
description: MediaWiki Wiki Platform
- icon: github.png
href: https://github.com/wikimedia/mediawiki
description: MediaWiki GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/mediawiki
description: MediaWiki Docker Image
- WordPress:
- icon: si-wordpress
href: https://wordpress.org
description: WordPress Blog/CMS Platform
- icon: github.png
href: https://github.com/WordPress/WordPress
description: WordPress GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/wordpress
description: WordPress Docker Image
- Mealie:
- icon: si-mealie
href: https://hay-kot.github.io/mealie
description: Mealie Recipe Manager
- icon: github.png
href: https://github.com/hay-kot/mealie
description: Mealie GitHub
- icon: docker.png
href: https://hub.docker.com/r/hkotel/mealie
description: Mealie Docker Image
- Form.io:
- icon: si-formio
href: https://www.form.io
description: Form.io Form Builder
- icon: github.png
href: https://github.com/formio/formio
description: Form.io GitHub
- icon: docker.png
href: https://hub.docker.com/r/formio/formio-enterprise
description: Form.io Docker Image
- Home Automation:
- Home Assistant:
- icon: si-homeassistant
href: https://www.home-assistant.io
description: Home Assistant Smart Home Platform
- icon: github.png
href: https://github.com/home-assistant/core
description: Home Assistant GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/homeassistant
description: Home Assistant Docker Image
- ESPHome:
- icon: si-esphome
href: https://esphome.io
description: ESPHome ESP32/ESP8266 Firmware
- icon: github.png
href: https://github.com/esphome/esphome
description: ESPHome GitHub
- icon: docker.png
href: https://hub.docker.com/r/esphome/esphome
description: ESPHome Docker Image
- Node-RED:
- icon: si-nodered
href: https://nodered.org
description: Node-RED Flow-based Programming
- icon: github.png
href: https://github.com/node-red/node-red
description: Node-RED GitHub
- icon: docker.png
href: https://hub.docker.com/r/nodered/node-red
description: Node-RED Docker Image
- Zigbee2MQTT:
- icon: si-zigbee2mqtt
href: https://www.zigbee2mqtt.io
description: Zigbee2MQTT Zigbee Bridge
- icon: github.png
href: https://github.com/Koenkk/zigbee2mqtt
description: Zigbee2MQTT GitHub
- icon: docker.png
href: https://hub.docker.com/r/koenkk/zigbee2mqtt
description: Zigbee2MQTT Docker Image
- MotionEye:
- icon: si-motioneye
href: https://github.com/motioneye-project/motioneye
description: MotionEye Video Surveillance
- icon: github.png
href: https://github.com/motioneye-project/motioneye
description: MotionEye GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/motioneye
description: MotionEye Docker Image
- TasmoAdmin:
- icon: si-tasmota
href: https://github.com/reloxx13/TasmoAdmin
description: TasmoAdmin Tasmota Device Manager
- icon: github.png
href: https://github.com/reloxx13/TasmoAdmin
description: TasmoAdmin GitHub
- icon: docker.png
href: https://hub.docker.com/r/raymondmm/tasmoadmin
description: TasmoAdmin Docker Image
- Development & Utilities:
- Code Server:
- icon: si-visualstudiocode
href: https://github.com/coder/code-server
description: Code Server (VS Code in Browser)
- icon: github.png
href: https://github.com/coder/code-server
description: Code Server GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/code-server
description: Code Server Docker Image
- Jupyter Lab:
- icon: si-jupyter
href: https://jupyter.org
description: Jupyter Lab Notebooks
- icon: github.png
href: https://github.com/jupyterlab/jupyterlab
description: Jupyter Lab GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/jupyterlab
description: Jupyter Lab Docker Image
- Vaultwarden:
- icon: si-bitwarden
href: https://github.com/dani-garcia/vaultwarden
description: Vaultwarden Password Manager
- icon: github.png
href: https://github.com/dani-garcia/vaultwarden
description: Vaultwarden GitHub
- icon: docker.png
href: https://hub.docker.com/r/vaultwarden/server
description: Vaultwarden Docker Image
- Duplicati:
- icon: si-duplicati
href: https://www.duplicati.com
description: Duplicati Backup Solution
- icon: github.png
href: https://github.com/duplicati/duplicati
description: Duplicati GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/duplicati
description: Duplicati Docker Image
- pgAdmin:
- icon: si-postgresql
href: https://www.pgadmin.org
description: pgAdmin PostgreSQL Management
- icon: github.png
href: https://github.com/pgadmin-org/pgadmin4
description: pgAdmin GitHub
- icon: docker.png
href: https://hub.docker.com/r/dpage/pgadmin4
description: pgAdmin Docker Image
- GitLab CE:
- icon: si-gitlab
href: https://about.gitlab.com
description: GitLab DevOps Platform
- icon: github.png
href: https://gitlab.com/gitlab-org/gitlab
description: GitLab GitHub
- icon: docker.png
href: https://hub.docker.com/r/gitlab/gitlab-ce
description: GitLab CE Docker Image
- Monitoring & Observability:
- Grafana:
- icon: si-grafana
href: https://grafana.com
description: Grafana Visualization Platform
- icon: github.png
href: https://github.com/grafana/grafana
description: Grafana GitHub
- icon: docker.png
href: https://hub.docker.com/r/grafana/grafana
description: Grafana Docker Image
- Prometheus:
- icon: si-prometheus
href: https://prometheus.io
description: Prometheus Metrics Collection
- icon: github.png
href: https://github.com/prometheus/prometheus
description: Prometheus GitHub
- icon: docker.png
href: https://hub.docker.com/r/prom/prometheus
description: Prometheus Docker Image
- Uptime Kuma:
- icon: si-uptimekuma
href: https://uptime.kuma.pet
description: Uptime Kuma Status Monitoring
- icon: github.png
href: https://github.com/louislam/uptime-kuma
description: Uptime Kuma GitHub
- icon: docker.png
href: https://hub.docker.com/r/louislam/uptime-kuma
description: Uptime Kuma Docker Image
- Glances:
- icon: si-glances
href: https://nicolargo.github.io/glances
description: Glances System Monitoring
- icon: github.png
href: https://github.com/nicolargo/glances
description: Glances GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/glances
description: Glances Docker Image
- Dozzle:
- icon: si-dozzle
href: https://dozzle.dev
description: Dozzle Docker Log Viewer
- icon: github.png
href: https://github.com/amir20/dozzle
description: Dozzle GitHub
- icon: docker.png
href: https://hub.docker.com/r/amir20/dozzle
description: Dozzle Docker Image
- External Resources & Communities:
- Awesome Docker Compose:
- icon: docker.png
href: https://awesome-docker-compose.com
description: Curated Docker Compose Examples
- Servarr Wiki:
- icon: si-servarr
href: https://wiki.servarr.com
description: Servarr Applications Documentation
- Docker Compose Documentation:
- icon: docker.png
href: https://docs.docker.com/compose
description: Docker Compose Official Docs
- Let's Encrypt:
- icon: si-letsencrypt
href: https://letsencrypt.org
description: Free SSL Certificates
- Awesome Selfhosted:
- icon: si-awesome
href: https://awesome-selfhosted.net
description: Self-hosted Software List
- Homelab Wiki:
- icon: si-wikipedia
href: https://homelab.wiki
description: Homelab Community Wiki
- Reddit r/selfhosted:
- icon: si-reddit
href: https://reddit.com/r/selfhosted
description: Self-hosted Community
- Reddit r/homelab:
- icon: si-reddit
href: https://reddit.com/r/homelab
description: Homelab Community

31
docker-compose/dashboards/homepage/custom.css Normal file
View File

@@ -0,0 +1,31 @@
.information-widgets {
max-width: 1500px;
}
.services-group {
max-width: 250px;
}
#services {
margin: 0px;
}
.service {
height: 70px;
max-height: 80px;
margin-bottom: 0px;
margin-right: 3px;
}
#services #bookmarks {
margin: 0px 0px 0px 20px;
}
.text-sm {
font-size: 16px;
}
.bookmark-group {
min-width: 250px;
max-width: 250px;
}

0
docker-compose/dashboards/homepage/custom.js Normal file
View File

18
docker-compose/dashboards/homepage/docker.yaml Normal file
View File

@@ -0,0 +1,18 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/docker/
# my-docker:
# host: 127.0.0.1
# port: 2375
# my-docker:
# socket: /var/run/docker.sock
# home-assistant:
# host: 192.168.4.5
# port: 2375
#${SERVER_HOSTNAME}:
# host: 192.168.4.11
# port: 2375

8
docker-compose/dashboards/homepage/dokuwiki/conf/.htaccess Normal file
View File

@@ -0,0 +1,8 @@
## no access to the conf directory
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
</IfModule>

10
docker-compose/dashboards/homepage/dokuwiki/conf/acl.auth.php Normal file
View File

@@ -0,0 +1,10 @@
# acl.auth.php
# <?php exit()?>
# Don't modify the lines above
#
# Access Control Lists
#
# Auto-generated by install script
# Date: Tue, 20 Jan 2026 20:06:48 -0500
* @ALL 1
* @user 8

21
docker-compose/dashboards/homepage/dokuwiki/conf/acl.auth.php.dist Normal file
View File

@@ -0,0 +1,21 @@
# acl.auth.php
# <?php exit()?>
# Don't modify the lines above
#
# Access Control Lists
#
# Editing this file by hand shouldn't be necessary. Use the ACL
# Manager interface instead.
#
# If your auth backend allows special char like spaces in groups
# or user names you need to urlencode them (only chars <128, leave
# UTF-8 multibyte chars as is)
#
# none 0
# read 1
# edit 2
# create 4
# upload 8
# delete 16
* @ALL 8

62
docker-compose/dashboards/homepage/dokuwiki/conf/acronyms.conf Normal file
View File

@@ -0,0 +1,62 @@
# Acronyms.
ACL Access Control List
AFAICS As far as I can see
AFAIK As far as I know
AFAIR As far as I remember
API Application Programming Interface
ASAP As soon as possible
ASCII American Standard Code for Information Interchange
BTW By the way
CMS Content Management System
CSS Cascading Style Sheets
DNS Domain Name System
EOF End of file
EOL End of line
EOM End of message
EOT End of text
FAQ Frequently Asked Questions
FTP File Transfer Protocol
FOSS Free & Open-Source Software
FLOSS Free/Libre and Open Source Software
FUD Fear, Uncertainty, and Doubt
FYI For your information
GB Gigabyte
GHz Gigahertz
GPL GNU General Public License
GUI Graphical User Interface
HTML HyperText Markup Language
IANAL I am not a lawyer (but)
IE Internet Explorer
IIRC If I remember correctly
IMHO In my humble opinion
IMO In my opinion
IOW In other words
IRC Internet Relay Chat
IRL In real life
KISS Keep it simple stupid
LAN Local Area Network
LGPL GNU Lesser General Public License
LOL Laughing out loud
MathML Mathematical Markup Language
MB Megabyte
MHz Megahertz
MSIE Microsoft Internet Explorer
OMG Oh my God
OS Operating System
OSS Open Source Software
OTOH On the other hand
PITA Pain in the Ass
RFC Request for Comments
ROTFL Rolling on the floor laughing
RTFM Read The Fine Manual
spec specification
TIA Thanks in advance
TL;DR Too long; didn't read
TOC Table of Contents
URI Uniform Resource Identifier
URL Uniform Resource Locator
W3C World Wide Web Consortium
WTF? What the f***
WYSIWYG What You See Is What You Get
YMMV Your mileage may vary

187
docker-compose/dashboards/homepage/dokuwiki/conf/dokuwiki.php Normal file
View File

@@ -0,0 +1,187 @@
<?php
/**
* This is DokuWiki's Main Configuration file
*
* All the default values are kept here, you should not modify it but use
* a local.php file instead to override the settings from here.
*
* This is a piece of PHP code so PHP syntax applies!
*
* For help with the configuration and a more detailed explanation of the various options
* see https://www.dokuwiki.org/config
*/
/* Basic Settings */
$conf['title'] = 'DokuWiki'; //what to show in the title
$conf['start'] = 'start'; //name of start page
$conf['lang'] = 'en'; //your language
$conf['template'] = 'dokuwiki'; //see lib/tpl directory
$conf['tagline'] = ''; //tagline in header (if template supports it)
$conf['sidebar'] = 'sidebar'; //name of sidebar in root namespace (if template supports it)
$conf['license'] = 'cc-by-nc-sa'; //see conf/license.php
$conf['savedir'] = './data'; //where to store all the files
$conf['basedir'] = ''; //absolute dir from serveroot - blank for autodetection
$conf['baseurl'] = ''; //URL to server including protocol - blank for autodetect
$conf['cookiedir'] = ''; //path to use in cookies - blank for basedir
$conf['dmode'] = 0755; //set directory creation mode
$conf['fmode'] = 0644; //set file creation mode
$conf['allowdebug'] = 0; //allow debug output, enable if needed 0|1
/* Display Settings */
$conf['recent'] = 20; //how many entries to show in recent
$conf['recent_days'] = 7; //How many days of recent changes to keep. (days)
$conf['breadcrumbs'] = 10; //how many recent visited pages to show
$conf['youarehere'] = 0; //show "You are here" navigation? 0|1
$conf['fullpath'] = 0; //show full path of the document or relative to datadir only? 0|1
$conf['typography'] = 1; //smartquote conversion 0=off, 1=doublequotes, 2=all quotes
$conf['dformat'] = '%Y/%m/%d %H:%M'; //dateformat accepted by PHPs strftime() function
$conf['signature'] = ' --- //[[@MAIL@|@NAME@]] @DATE@//'; //signature see wiki page for details
$conf['showuseras'] = 'loginname'; // 'loginname' users login name
// 'username' users full name
// 'email' e-mail address (will be obfuscated as per mailguard)
// 'email_link' e-mail address as a mailto: link (obfuscated)
$conf['toptoclevel'] = 1; //Level starting with and below to include in AutoTOC (max. 5)
$conf['tocminheads'] = 3; //Minimum amount of headlines that determines if a TOC is built
$conf['maxtoclevel'] = 3; //Up to which level include into AutoTOC (max. 5)
$conf['maxseclevel'] = 3; //Up to which level create editable sections (max. 5)
$conf['camelcase'] = 0; //Use CamelCase for linking? (I don't like it) 0|1
$conf['deaccent'] = 1; //deaccented chars in pagenames (1) or romanize (2) or keep (0)?
$conf['useheading'] = 0; //use the first heading in a page as its name
$conf['sneaky_index']= 0; //check for namespace read permission in index view (0|1) (1 might cause unexpected behavior)
$conf['hidepages'] = ''; //Regexp for pages to be skipped from RSS, Search and Recent Changes
/* Authentication Settings */
$conf['useacl'] = 0; //Use Access Control Lists to restrict access?
$conf['autopasswd'] = 1; //autogenerate passwords and email them to user
$conf['authtype'] = 'authplain'; //which authentication backend should be used
$conf['passcrypt'] = 'bcrypt'; //Used crypt method (smd5,md5,sha1,ssha,crypt,mysql,my411,bcrypt)
$conf['defaultgroup']= 'user'; //Default groups new Users are added to
$conf['superuser'] = '!!not set!!'; //The admin can be user or @group or comma separated list user1,@group1,user2
$conf['manager'] = '!!not set!!'; //The manager can be user or @group or comma separated list user1,@group1,user2
$conf['profileconfirm'] = 1; //Require current password to confirm changes to user profile
$conf['rememberme'] = 1; //Enable/disable remember me on login
$conf['disableactions'] = ''; //comma separated list of actions to disable
$conf['auth_security_timeout'] = 900; //time (seconds) auth data is considered valid, set to 0 to recheck on every page view
$conf['securecookie'] = 1; //never send HTTPS cookies via HTTP
$conf['samesitecookie'] = 'Lax'; //SameSite attribute for cookies (Lax|Strict|None|Empty)
$conf['remote'] = 0; //Enable/disable remote interfaces
$conf['remoteuser'] = '!!not set!!'; //user/groups that have access to remote interface (comma separated). leave empty to allow all users
$conf['remotecors'] = ''; //enable Cross-Origin Resource Sharing (CORS) for the remote interfaces. Asterisk (*) to allow all origins. leave empty to deny.
/* Antispam Features */
$conf['usewordblock']= 1; //block spam based on words? 0|1
$conf['relnofollow'] = 1; //use rel="ugc nofollow" for external links?
$conf['indexdelay'] = 60*60*24*5; //allow indexing after this time (seconds) default is 5 days
$conf['mailguard'] = 'hex'; //obfuscate email addresses against spam harvesters?
//valid entries are:
// 'visible' - replace @ with [at], . with [dot] and - with [dash]
// 'hex' - use hex entities to encode the mail address
// 'none' - do not obfuscate addresses
$conf['iexssprotect']= 1; // check for JavaScript and HTML in uploaded files 0|1
/* Editing Settings */
$conf['usedraft'] = 1; //automatically save a draft while editing (0|1)
$conf['locktime'] = 15*60; //maximum age for lockfiles (defaults to 15 minutes)
$conf['cachetime'] = 60*60*24; //maximum age for cachefile in seconds (defaults to a day)
/* Link Settings */
// Set target to use when creating links - leave empty for same window
$conf['target']['wiki'] = '';
$conf['target']['interwiki'] = '';
$conf['target']['extern'] = '';
$conf['target']['media'] = '';
$conf['target']['windows'] = '';
/* Media Settings */
$conf['mediarevisions'] = 1; //enable/disable media revisions
$conf['refcheck'] = 1; //check for references before deleting media files
$conf['gdlib'] = 2; //the GDlib version (0, 1 or 2) 2 tries to autodetect
$conf['im_convert'] = ''; //path to ImageMagicks convert (will be used instead of GD)
$conf['jpg_quality'] = '70'; //quality of compression when scaling jpg images (0-100)
$conf['fetchsize'] = 0; //maximum size (bytes) fetch.php may download from extern, disabled by default
/* Notification Settings */
$conf['subscribers'] = 0; //enable change notice subscription support
$conf['subscribe_time'] = 24*60*60; //Time after which digests / lists are sent (in sec, default 1 day)
//Should be smaller than the time specified in recent_days
$conf['notify'] = ''; //send change info to this email (leave blank for nobody)
$conf['registernotify'] = ''; //send info about newly registered users to this email (leave blank for nobody)
$conf['mailfrom'] = ''; //use this email when sending mails
$conf['mailreturnpath'] = ''; //use this email as returnpath for bounce mails
$conf['mailprefix'] = ''; //use this as prefix of outgoing mails
$conf['htmlmail'] = 1; //send HTML multipart mails
$conf['dontlog'] = 'debug'; //logging facilities that should be disabled
$conf['logretain'] = 3; //how many days of logs to keep
/* Syndication Settings */
$conf['sitemap'] = 0; //Create a Google sitemap? How often? In days.
$conf['rss_type'] = 'rss1'; //type of RSS feed to provide, by default:
// 'rss' - RSS 0.91
// 'rss1' - RSS 1.0
// 'rss2' - RSS 2.0
// 'atom' - Atom 0.3
// 'atom1' - Atom 1.0
$conf['rss_linkto'] = 'diff'; //what page RSS entries link to:
// 'diff' - page showing revision differences
// 'page' - the revised page itself
// 'rev' - page showing all revisions
// 'current' - most recent revision of page
$conf['rss_content'] = 'abstract'; //what to put in the items by default?
// 'abstract' - plain text, first paragraph or so
// 'diff' - plain text unified diff wrapped in <pre> tags
// 'htmldiff' - diff as HTML table
// 'html' - the full page rendered in XHTML
$conf['rss_media'] = 'both'; //what should be listed?
// 'both' - page and media changes
// 'pages' - page changes only
// 'media' - media changes only
$conf['rss_update'] = 5*60; //Update the RSS feed every n seconds (defaults to 5 minutes)
$conf['rss_show_summary'] = 1; //Add revision summary to title? 0|1
$conf['rss_show_deleted'] = 1; //Show deleted items 0|1
/* Advanced Settings */
$conf['updatecheck'] = 1; //automatically check for new releases?
$conf['userewrite'] = 0; //this makes nice URLs: 0: off 1: .htaccess 2: internal
$conf['useslash'] = 0; //use slash instead of colon? only when rewrite is on
$conf['sepchar'] = '_'; //word separator character in page names; may be a
// letter, a digit, '_', '-', or '.'.
$conf['canonical'] = 0; //Should all URLs use full canonical http://... style?
$conf['fnencode'] = 'url'; //encode filenames (url|safe|utf-8)
$conf['autoplural'] = 0; //try (non)plural form of nonexistent files?
$conf['compression'] = 'gz'; //compress old revisions: (0: off) ('gz': gnuzip) ('bz2': bzip)
// bz2 generates smaller files, but needs more cpu-power
$conf['gzip_output'] = 0; //use gzip content encoding for the output xhtml (if allowed by browser)
$conf['compress'] = 1; //Strip whitespaces and comments from Styles and JavaScript? 1|0
$conf['cssdatauri'] = 512; //Maximum byte size of small images to embed into CSS, won't work on IE<8
$conf['send404'] = 0; //Send an HTTP 404 status for nonexistent pages?
$conf['broken_iua'] = 0; //Platform with broken ignore_user_abort (IIS+CGI) 0|1
$conf['xsendfile'] = 0; //Use X-Sendfile (1 = lighttpd, 2 = standard)
$conf['renderer_xhtml'] = 'xhtml'; //renderer to use for main page generation
$conf['readdircache'] = 0; //time cache in second for the readdir operation, 0 to deactivate.
$conf['search_nslimit'] = 0; //limit the search to the current X namespaces
$conf['search_fragment'] = 'exact'; //specify the default fragment search behavior
/* Feature Flags */
$conf['defer_js'] = 1; // Defer javascript to be executed after the page's HTML has been parsed. Setting will be removed in the next release.
$conf['hidewarnings'] = 0; // Hide warnings
/* Network Settings */
$conf['dnslookups'] = 1; //disable to disallow IP to hostname lookups
$conf['jquerycdn'] = 0; //use a CDN for delivering jQuery?
$conf['trustedproxies'] = array('::1', 'fe80::/10', '127.0.0.0/8', '10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16');
// Trusted proxy servers from which to read the X-Forwarded-For header.
// Each item in the array may be either an IPv4 or IPv6 address, or
// an IPv4 or IPv6 CIDR range (e.g. 10.0.0.0/8).
$conf['realip'] = false; // Enable reading the X-Real-IP header. Default: false.
// Only enable this if your server writes this header, otherwise it may be spoofed.
// Proxy setup - if your Server needs a proxy to access the web set these
$conf['proxy']['host'] = '';
$conf['proxy']['port'] = '';
$conf['proxy']['user'] = '';
$conf['proxy']['pass'] = '';
$conf['proxy']['ssl'] = 0;
$conf['proxy']['except'] = '';

22
docker-compose/dashboards/homepage/dokuwiki/conf/entities.conf Normal file
View File

@@ -0,0 +1,22 @@
# Typography replacements
#
# Order does matter!
#
# You can use HTML entities here, but it is not recommended because it may break
# non-HTML renderers. Use UTF-8 chars directly instead.
<-> ↔
-> →
<- ←
<=> ⇔
=> ⇒
<= ⇐
>> »
<< «
--- —
--
(c) ©
(tm) ™
(r) ®
... …

43
docker-compose/dashboards/homepage/dokuwiki/conf/interwiki.conf Normal file
View File

@@ -0,0 +1,43 @@
# Each URL may contain one of these placeholders
# {URL} is replaced by the URL encoded representation of the wikiname
# this is the right thing to do in most cases
# {NAME} this is replaced by the wikiname as given in the document
# only mandatory encoded is done, urlencoding if the link
# is an external URL, or encoding as a wikiname if it is an
# internal link (begins with a colon)
# {SCHEME}
# {HOST}
# {PORT}
# {PATH}
# {QUERY} these placeholders will be replaced with the appropriate part
# of the link when parsed as a URL
# If no placeholder is defined the urlencoded name is appended to the URL
# To prevent losing your added InterWiki shortcuts after an upgrade,
# you should add new ones to interwiki.local.conf
wp https://en.wikipedia.org/wiki/{NAME}
wpfr https://fr.wikipedia.org/wiki/{NAME}
wpde https://de.wikipedia.org/wiki/{NAME}
wpes https://es.wikipedia.org/wiki/{NAME}
wppl https://pl.wikipedia.org/wiki/{NAME}
wpjp https://ja.wikipedia.org/wiki/{NAME}
wpru https://ru.wikipedia.org/wiki/{NAME}
wpmeta https://meta.wikipedia.org/wiki/{NAME}
doku https://www.dokuwiki.org/
rfc https://tools.ietf.org/html/rfc
man http://man.cx/
amazon https://www.amazon.com/dp/{URL}?tag=splitbrain-20
amazon.de https://www.amazon.de/dp/{URL}?tag=splitbrain-21
amazon.uk https://www.amazon.co.uk/dp/{URL}
paypal https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&amp;business=
phpfn https://secure.php.net/{NAME}
skype skype:{NAME}
google https://www.google.com/search?q=
google.de https://www.google.de/search?q=
go https://www.google.com/search?q={URL}&amp;btnI=lucky
user :user:{NAME}
# To support VoIP/SIP/TEL links
callto callto://{NAME}
tel tel:{NAME}

38
docker-compose/dashboards/homepage/dokuwiki/conf/license.php Normal file
View File

@@ -0,0 +1,38 @@
<?php
/**
* This file defines multiple available licenses you can license your
* wiki contents under. Do not change this file, but create a
* license.local.php instead.
*/
if(empty($LC)) $LC = empty($conf['lang']) ? 'en' : $conf['lang'];
$license['cc-zero'] = array(
'name' => 'CC0 1.0 Universal',
'url' => 'https://creativecommons.org/publicdomain/zero/1.0/deed.'.$LC,
);
$license['publicdomain'] = array(
'name' => 'Public Domain',
'url' => 'https://creativecommons.org/licenses/publicdomain/deed.'.$LC,
);
$license['cc-by'] = array(
'name' => 'CC Attribution 4.0 International',
'url' => 'https://creativecommons.org/licenses/by/4.0/deed.'.$LC,
);
$license['cc-by-sa'] = array(
'name' => 'CC Attribution-Share Alike 4.0 International',
'url' => 'https://creativecommons.org/licenses/by-sa/4.0/deed.'.$LC,
);
$license['gnufdl'] = array(
'name' => 'GNU Free Documentation License 1.3',
'url' => 'https://www.gnu.org/licenses/fdl-1.3.html',
);
$license['cc-by-nc'] = array(
'name' => 'CC Attribution-Noncommercial 4.0 International',
'url' => 'https://creativecommons.org/licenses/by-nc/4.0/deed.'.$LC,
);
$license['cc-by-nc-sa'] = array(
'name' => 'CC Attribution-Noncommercial-Share Alike 4.0 International',
'url' => 'https://creativecommons.org/licenses/by-nc-sa/4.0/deed.'.$LC,
);

13
docker-compose/dashboards/homepage/dokuwiki/conf/local.php Normal file
View File

@@ -0,0 +1,13 @@
<?php
/**
* Dokuwiki's Main Configuration File - Local Settings
* Auto-generated by install script
* Date: Tue, 20 Jan 2026 20:06:48 -0500
*/
$conf['title'] = 'AI-Homelab';
$conf['lang'] = 'en';
$conf['license'] = 'cc-by-sa';
$conf['useacl'] = 1;
$conf['superuser'] = '@admin';
$conf['disableactions'] = 'register';
$conf['savedir'] = '/app/www/public/data';

16
docker-compose/dashboards/homepage/dokuwiki/conf/local.php.dist Normal file
View File

@@ -0,0 +1,16 @@
<?php
/**
* This is an example of how a local.php could look like.
* Simply copy the options you want to change from dokuwiki.php
* to this file and change them.
*
* When using the installer, a correct local.php file be generated for
* you automatically.
*/
//$conf['title'] = 'My Wiki'; //what to show in the title
//$conf['useacl'] = 1; //Use Access Control Lists to restrict access?
//$conf['superuser'] = 'joe';

3
docker-compose/dashboards/homepage/dokuwiki/conf/manifest.json Normal file
View File

@@ -0,0 +1,3 @@
{
"display": "standalone"
}

91
docker-compose/dashboards/homepage/dokuwiki/conf/mediameta.php Normal file
View File

@@ -0,0 +1,91 @@
<?php
/**
* This configures which metadata will be editable through
* the media manager. Each field of the array is an array with the
* following contents:
* fieldname - Where data will be saved (EXIF or IPTC field)
* label - key to lookup in the $lang var, if not found printed as is
* htmltype - 'text', 'textarea' or 'date'
* lookups - array additional fields to look up the data (EXIF or IPTC fields)
*
* The fields are not ordered continuously to make inserting additional items
* in between simpler.
*
* This is a PHP snippet, so PHP syntax applies.
*
* Note: $fields is not a global variable and will not be available to any
* other functions or templates later
*
* You may extend or overwrite this variable in an optional
* conf/mediameta.local.php file
*
* For a list of available EXIF/IPTC fields refer to
* http://www.dokuwiki.org/devel:templates:detail.php
*/
$fields = array(
10 => array('Iptc.Headline',
'img_title',
'text'),
20 => array('',
'img_date',
'date',
array('Date.EarliestTime')),
30 => array('',
'img_fname',
'text',
array('File.Name')),
40 => array('Iptc.Caption',
'img_caption',
'textarea',
array('Exif.UserComment',
'Exif.TIFFImageDescription',
'Exif.TIFFUserComment')),
50 => array('Iptc.Byline',
'img_artist',
'text',
array('Exif.TIFFArtist',
'Exif.Artist',
'Iptc.Credit')),
60 => array('Iptc.CopyrightNotice',
'img_copyr',
'text',
array('Exif.TIFFCopyright',
'Exif.Copyright')),
70 => array('',
'img_format',
'text',
array('File.Format')),
80 => array('',
'img_fsize',
'text',
array('File.NiceSize')),
90 => array('',
'img_width',
'text',
array('File.Width')),
100 => array('',
'img_height',
'text',
array('File.Height')),
110 => array('',
'img_camera',
'text',
array('Simple.Camera')),
120 => array('Iptc.Keywords',
'img_keywords',
'text',
array('Exif.Category')),
);

75
docker-compose/dashboards/homepage/dokuwiki/conf/mime.conf Normal file
View File

@@ -0,0 +1,75 @@
# Allowed uploadable file extensions and mimetypes are defined here.
# To extend this file it is recommended to create a mime.local.conf
# file. Mimetypes that should be downloadable and not be opened in the
# should be prefixed with a !
jpg image/jpeg
jpeg image/jpeg
gif image/gif
png image/png
webp image/webp
ico image/vnd.microsoft.icon
mp3 audio/mpeg
ogg audio/ogg
wav audio/wav
webm video/webm
ogv video/ogg
mp4 video/mp4
vtt text/vtt
tgz !application/octet-stream
tar !application/x-gtar
gz !application/octet-stream
bz2 !application/octet-stream
zip !application/zip
rar !application/rar
7z !application/x-7z-compressed
pdf application/pdf
ps !application/postscript
rpm !application/octet-stream
deb !application/octet-stream
doc !application/msword
xls !application/msexcel
ppt !application/mspowerpoint
rtf !application/msword
docx !application/vnd.openxmlformats-officedocument.wordprocessingml.document
xlsx !application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
pptx !application/vnd.openxmlformats-officedocument.presentationml.presentation
sxw !application/soffice
sxc !application/soffice
sxi !application/soffice
sxd !application/soffice
odc !application/vnd.oasis.opendocument.chart
odf !application/vnd.oasis.opendocument.formula
odg !application/vnd.oasis.opendocument.graphics
odi !application/vnd.oasis.opendocument.image
odp !application/vnd.oasis.opendocument.presentation
ods !application/vnd.oasis.opendocument.spreadsheet
odt !application/vnd.oasis.opendocument.text
svg image/svg+xml
# You should enable HTML and Text uploads only for restricted Wikis.
# Spammers are known to upload spam pages through unprotected Wikis.
# Note: Enabling HTML opens Cross Site Scripting vulnerabilities
# through JavaScript. Only enable this with trusted users. You
# need to disable the iexssprotect option additionally to
# adding the mime type here
#html text/html
#htm text/html
#txt text/plain
#conf text/plain
#xml text/xml
#csv text/csv
# Also flash may be able to execute arbitrary scripts in the website's
# context
#swf application/x-shockwave-flash

253
docker-compose/dashboards/homepage/dokuwiki/conf/mysql.conf.php.example Normal file
View File

@@ -0,0 +1,253 @@
<?php
/*
* This is an example configuration for the mysql auth plugin.
*
* This SQL statements are optimized for following table structure.
* If you use a different one you have to change them accordingly.
* See comments of every statement for details.
*
* TABLE users
* uid login pass firstname lastname email
*
* TABLE groups
* gid name
*
* TABLE usergroup
* uid gid
*
* To use this configuration you have to copy them to local.protected.php
* or at least include this file in local.protected.php.
*/
/* Options to configure database access. You need to set up this
* options carefully, otherwise you won't be able to access you
* database.
*/
$conf['plugin']['authmysql']['server'] = '';
$conf['plugin']['authmysql']['user'] = '';
$conf['plugin']['authmysql']['password'] = '';
$conf['plugin']['authmysql']['database'] = '';
/* This option enables debug messages in the mysql plugin. It is
* mostly useful for system admins.
*/
$conf['plugin']['authmysql']['debug'] = 0;
/* Normally password encryption is done by DokuWiki (recommended) but for
* some reasons it might be useful to let the database do the encryption.
* Set 'forwardClearPass' to '1' and the cleartext password is forwarded to
* the database, otherwise the encrypted one.
*/
$conf['plugin']['authmysql']['forwardClearPass'] = 0;
/* Multiple table operations will be protected by locks. This array tells
* the plugin which tables to lock. If you use any aliases for table names
* these array must also contain these aliases. Any unnamed alias will cause
* a warning during operation. See the example below.
*/
$conf['plugin']['authmysql']['TablesToLock']= array("users", "users AS u","groups", "groups AS g", "usergroup", "usergroup AS ug");
/***********************************************************************/
/* Basic SQL statements for user authentication (required) */
/***********************************************************************/
/* This statement is used to grant or deny access to the wiki. The result
* should be a table with exact one line containing at least the password
* of the user. If the result table is empty or contains more than one
* row, access will be denied.
*
* The plugin accesses the password as 'pass' so an alias might be necessary.
*
* Following patters will be replaced:
* %{user} user name
* %{pass} encrypted or clear text password (depends on 'encryptPass')
* %{dgroup} default group name
*/
$conf['plugin']['authmysql']['checkPass'] = "SELECT pass
FROM usergroup AS ug
JOIN users AS u ON u.uid=ug.uid
JOIN groups AS g ON g.gid=ug.gid
WHERE login='%{user}'
AND name='%{dgroup}'";
/* This statement should return a table with exact one row containing
* information about one user. The field needed are:
* 'pass' containing the encrypted or clear text password
* 'name' the user's full name
* 'mail' the user's email address
*
* Keep in mind that Dokuwiki will access this information through the
* names listed above so aliases might be necessary.
*
* Following patters will be replaced:
* %{user} user name
*/
$conf['plugin']['authmysql']['getUserInfo'] = "SELECT pass, CONCAT(firstname,' ',lastname) AS name, email AS mail
FROM users
WHERE login='%{user}'";
/* This statement is used to get all groups a user is member of. The
* result should be a table containing all groups the given user is
* member of. The plugin accesses the group name as 'group' so an alias
* might be necessary.
*
* Following patters will be replaced:
* %{user} user name
*/
$conf['plugin']['authmysql']['getGroups'] = "SELECT name as `group`
FROM groups g, users u, usergroup ug
WHERE u.uid = ug.uid
AND g.gid = ug.gid
AND u.login='%{user}'";
/***********************************************************************/
/* Additional minimum SQL statements to use the user manager */
/***********************************************************************/
/* This statement should return a table containing all user login names
* that meet certain filter criteria. The filter expressions will be added
* case dependent by the plugin. At the end a sort expression will be added.
* Important is that this list contains no double entries for a user. Each
* user name is only allowed once in the table.
*
* The login name will be accessed as 'user' to an alias might be necessary.
* No patterns will be replaced in this statement but following patters
* will be replaced in the filter expressions:
* %{user} in FilterLogin user's login name
* %{name} in FilterName user's full name
* %{email} in FilterEmail user's email address
* %{group} in FilterGroup group name
*/
$conf['plugin']['authmysql']['getUsers'] = "SELECT DISTINCT login AS user
FROM users AS u
LEFT JOIN usergroup AS ug ON u.uid=ug.uid
LEFT JOIN groups AS g ON ug.gid=g.gid";
$conf['plugin']['authmysql']['FilterLogin'] = "login LIKE '%{user}'";
$conf['plugin']['authmysql']['FilterName'] = "CONCAT(firstname,' ',lastname) LIKE '%{name}'";
$conf['plugin']['authmysql']['FilterEmail'] = "email LIKE '%{email}'";
$conf['plugin']['authmysql']['FilterGroup'] = "name LIKE '%{group}'";
$conf['plugin']['authmysql']['SortOrder'] = "ORDER BY login";
/***********************************************************************/
/* Additional SQL statements to add new users with the user manager */
/***********************************************************************/
/* This statement should add a user to the database. Minimum information
* to store are: login name, password, email address and full name.
*
* Following patterns will be replaced:
* %{user} user's login name
* %{pass} password (encrypted or clear text, depends on 'encryptPass')
* %{email} email address
* %{name} user's full name
*/
$conf['plugin']['authmysql']['addUser'] = "INSERT INTO users
(login, pass, email, firstname, lastname)
VALUES ('%{user}', '%{pass}', '%{email}',
SUBSTRING_INDEX('%{name}',' ', 1),
SUBSTRING_INDEX('%{name}',' ', -1))";
/* This statement should add a group to the database.
* Following patterns will be replaced:
* %{group} group name
*/
$conf['plugin']['authmysql']['addGroup'] = "INSERT INTO groups (name)
VALUES ('%{group}')";
/* This statement should connect a user to a group (a user become member
* of that group).
* Following patterns will be replaced:
* %{user} user's login name
* %{uid} id of a user dataset
* %{group} group name
* %{gid} id of a group dataset
*/
$conf['plugin']['authmysql']['addUserGroup']= "INSERT INTO usergroup (uid, gid)
VALUES ('%{uid}', '%{gid}')";
/* This statement should remove a group fom the database.
* Following patterns will be replaced:
* %{group} group name
* %{gid} id of a group dataset
*/
$conf['plugin']['authmysql']['delGroup'] = "DELETE FROM groups
WHERE gid='%{gid}'";
/* This statement should return the database index of a given user name.
* The plugin will access the index with the name 'id' so an alias might be
* necessary.
* following patters will be replaced:
* %{user} user name
*/
$conf['plugin']['authmysql']['getUserID'] = "SELECT uid AS id
FROM users
WHERE login='%{user}'";
/***********************************************************************/
/* Additional SQL statements to delete users with the user manager */
/***********************************************************************/
/* This statement should remove a user fom the database.
* Following patterns will be replaced:
* %{user} user's login name
* %{uid} id of a user dataset
*/
$conf['plugin']['authmysql']['delUser'] = "DELETE FROM users
WHERE uid='%{uid}'";
/* This statement should remove all connections from a user to any group
* (a user quits membership of all groups).
* Following patterns will be replaced:
* %{uid} id of a user dataset
*/
$conf['plugin']['authmysql']['delUserRefs'] = "DELETE FROM usergroup
WHERE uid='%{uid}'";
/***********************************************************************/
/* Additional SQL statements to modify users with the user manager */
/***********************************************************************/
/* This statements should modify a user entry in the database. The
* statements UpdateLogin, UpdatePass, UpdateEmail and UpdateName will be
* added to updateUser on demand. Only changed parameters will be used.
*
* Following patterns will be replaced:
* %{user} user's login name
* %{pass} password (encrypted or clear text, depends on 'encryptPass')
* %{email} email address
* %{name} user's full name
* %{uid} user id that should be updated
*/
$conf['plugin']['authmysql']['updateUser'] = "UPDATE users SET";
$conf['plugin']['authmysql']['UpdateLogin'] = "login='%{user}'";
$conf['plugin']['authmysql']['UpdatePass'] = "pass='%{pass}'";
$conf['plugin']['authmysql']['UpdateEmail'] = "email='%{email}'";
$conf['plugin']['authmysql']['UpdateName'] = "firstname=SUBSTRING_INDEX('%{name}',' ', 1),
lastname=SUBSTRING_INDEX('%{name}',' ', -1)";
$conf['plugin']['authmysql']['UpdateTarget']= "WHERE uid=%{uid}";
/* This statement should remove a single connection from a user to a
* group (a user quits membership of that group).
*
* Following patterns will be replaced:
* %{user} user's login name
* %{uid} id of a user dataset
* %{group} group name
* %{gid} id of a group dataset
*/
$conf['plugin']['authmysql']['delUserGroup']= "DELETE FROM usergroup
WHERE uid='%{uid}'
AND gid='%{gid}'";
/* This statement should return the database index of a given group name.
* The plugin will access the index with the name 'id' so an alias might
* be necessary.
*
* Following patters will be replaced:
* %{group} group name
*/
$conf['plugin']['authmysql']['getGroupID'] = "SELECT gid AS id
FROM groups
WHERE name='%{group}'";

12
docker-compose/dashboards/homepage/dokuwiki/conf/plugins.local.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
/*
* Local plugin enable/disable settings
*
* Auto-generated by install script
* Date: Tue, 20 Jan 2026 20:06:48 -0500
*/
$plugins['authad'] = 0;
$plugins['authldap'] = 0;
$plugins['authmysql'] = 0;
$plugins['authpgsql'] = 0;

6
docker-compose/dashboards/homepage/dokuwiki/conf/plugins.php Normal file
View File

@@ -0,0 +1,6 @@
<?php
/**
* This file configures the default states of available plugins. All settings in
* the plugins.*.php files will override those here.
*/
$plugins['testing'] = 0;

12
docker-compose/dashboards/homepage/dokuwiki/conf/plugins.required.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
/**
* This file configures the enabled/disabled status of plugins, which are also protected
* from changes by the extension manager. These settings will override any local settings.
* It is not recommended to change this file, as it is overwritten on DokuWiki upgrades.
*/
$plugins['acl'] = 1;
$plugins['authplain'] = 1;
$plugins['extension'] = 1;
$plugins['config'] = 1;
$plugins['usermanager'] = 1;
$plugins['template:dokuwiki'] = 1; // not a plugin, but this should not be uninstalled either

11
docker-compose/dashboards/homepage/dokuwiki/conf/scheme.conf Normal file
View File

@@ -0,0 +1,11 @@
#Add URL schemes you want to be recognized as links here
http
https
telnet
gopher
wais
ftp
ed2k
irc
ldap

28
docker-compose/dashboards/homepage/dokuwiki/conf/smileys.conf Normal file
View File

@@ -0,0 +1,28 @@
# Smileys configured here will be replaced by the
# configured images in the smiley directory
8-) cool.svg
8-O eek.svg
8-o eek.svg
:-( sad.svg
:-) smile.svg
=) smile2.svg
:-/ doubt.svg
:-\ doubt2.svg
:-? confused.svg
:-D biggrin.svg
:-P razz.svg
:-o surprised.svg
:-O surprised.svg
:-x silenced.svg
:-X silenced.svg
:-| neutral.svg
;-) wink.svg
m( facepalm.svg
^_^ fun.svg
:?: question.svg
:!: exclaim.svg
LOL lol.svg
FIXME fixme.svg
DELETEME deleteme.svg

13
docker-compose/dashboards/homepage/dokuwiki/conf/users.auth.php Normal file
View File

@@ -0,0 +1,13 @@
# users.auth.php
# <?php exit()?>
# Don't modify the lines above
#
# Userfile
#
# Auto-generated by install script
# Date: Tue, 20 Jan 2026 20:06:48 -0500
#
# Format:
# login:passwordhash:Real Name:email:groups,comma,separated
admin:$2y$10$dX5ryEUsFKXDRNl6DAk5Zem.1KtI8Q45.z0EQ6NLI7HXJjJyx4hqS:Admin:admin@example.com:admin,user

10
docker-compose/dashboards/homepage/dokuwiki/conf/users.auth.php.dist Normal file
View File

@@ -0,0 +1,10 @@
# users.auth.php
# <?php exit()?>
# Don't modify the lines above
#
# Userfile
#
# Format:
#
# login:passwordhash:Real Name:email:groups,comma,separated

29
docker-compose/dashboards/homepage/dokuwiki/conf/wordblock.conf Normal file
View File

@@ -0,0 +1,29 @@
# This blacklist is maintained by the DokuWiki community
# patches welcome
#
https?:\/\/(\S*?)(-side-effects|top|pharm|pill|discount|discount-|deal|price|order|now|best|cheap|cheap-|online|buy|buy-|sale|sell)(\S*?)(cialis|viagra|prazolam|xanax|zanax|soma|vicodin|zenical|xenical|meridia|paxil|prozac|claritin|allegra|lexapro|wellbutrin|zoloft|retin|valium|levitra|phentermine)
https?:\/\/(\S*?)(bi\s*sex|gay\s*sex|fetish|incest|penis|\brape\b)
zoosex
gang\s*bang
facials
ladyboy
\btits\b
bolea\.com
52crystal
baida\.org
web-directory\.awardspace\.us
korsan-team\.com
BUDA TAMAMDIR
wow-powerleveling-wow\.com
wow gold
wow-gold\.dinmo\.cn
downgrade-vista\.com
downgradetowindowsxp\.com
elegantugg\.com
classicedhardy\.com
research-service\.com
https?:\/\/(\S*?)(2-pay-secure|911essay|academia-research|anypapers|applicationessay|bestbuyessay|bestdissertation|bestessay|bestresume|besttermpaper|businessessay|college-paper|customessay|custom-made-paper|custom-writing|degree-?result|dissertationblog|dissertation-service|dissertations?expert|essaybank|essay-?blog|essaycapital|essaylogic|essaymill|essayontime|essaypaper|essays?land|essaytownsucks|essay-?writ|fastessays|freelancercareers|genuinecontent|genuineessay|genuinepaper|goessay|grandresume|killer-content|ma-dissertation|managementessay|masterpaper|mightystudent|needessay|researchedge|researchpaper-blog|resumecvservice|resumesexperts|resumesplanet|rushessay|samedayessay|superiorcontent|superiorpaper|superiorthesis|term-paper|termpaper-blog|term-paper-research|thesisblog|universalresearch|valwriting|vdwriters|wisetranslation|writersassembly|writers\.com\.ph|writers\.ph)
flatsinmumbai\.co\.in
https?:\/\/(\S*?)penny-?stock
mattressreview\.biz
(just|simply) (my|a) profile (site|webpage|page)

35
docker-compose/dashboards/homepage/dokuwiki/docker-compose.yml Normal file
View File

@@ -0,0 +1,35 @@
# Dokuwiki - Self-hosted Wiki Platform
# Place in /opt/stacks/productivity/dokuwiki/docker-compose.yml
services:
dokuwiki:
image: lscr.io/linuxserver/dokuwiki:latest
container_name: dokuwiki
restart: unless-stopped
networks:
- traefik-network
ports:
- "80:80"
volumes:
- ./config:/config
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
labels:
- "homelab.category=productivity"
- "homelab.description=Self-hosted wiki platform"
- "traefik.enable=true"
- "traefik.http.routers.dokuwiki.rule=Host(`wiki.${DOMAIN}`)"
- "traefik.http.routers.dokuwiki.entrypoints=websecure"
- "traefik.http.routers.dokuwiki.tls.certresolver=letsencrypt"
- "traefik.http.routers.dokuwiki.middlewares=authelia@docker"
- "traefik.http.services.dokuwiki.loadbalancer.server.port=80"
- "x-dockge.url=https://wiki.${DOMAIN}"
volumes:
dokuwiki-config:
networks:
traefik-network:
external: true

493
docker-compose/dashboards/homepage/homepage/bookmarks.yaml Normal file
View File

@@ -0,0 +1,493 @@
---
# Homepage Bookmarks - Comprehensive EZ-Homelab Resources
- EZ-Homelab Project:
- EZ-Homelab GitHub:
- icon: github.png
href: https://github.com/kelinfoxy/EZ-Homelab
description: EZ-Homelab Repository & Documentation
- EZ-Homelab Wiki:
- icon: si-readthedocs
href: https://github.com/kelinfoxy/EZ-Homelab/wiki
description: Comprehensive Documentation Wiki
- Homepage Dashboard:
- icon: homepage.png
href: https://gethomepage.dev
description: Homepage Dashboard Documentation
- Infrastructure & Core Services:
- Traefik:
- icon: si-traefikproxy
href: https://traefik.io
description: Traefik Reverse Proxy
- icon: github.png
href: https://github.com/traefik/traefik
description: Traefik GitHub
- icon: docker.png
href: https://hub.docker.com/_/traefik
description: Traefik Docker Image
- Authelia:
- icon: si-authelia
href: https://www.authelia.com
description: Authelia SSO Authentication
- icon: github.png
href: https://github.com/authelia/authelia
description: Authelia GitHub
- icon: docker.png
href: https://hub.docker.com/r/authelia/authelia
description: Authelia Docker Image
- DuckDNS:
- icon: si-duckduckgo
href: https://www.duckdns.org
description: Dynamic DNS Service
- Docker:
- icon: docker.png
href: https://www.docker.com
description: Docker Official Website
- icon: docker.png
href: https://hub.docker.com
description: Docker Hub Registry
- icon: si-docker
href: https://docs.docker.com
description: Docker Documentation
- Portainer:
- icon: si-portainer
href: https://www.portainer.io
description: Portainer Container Management
- icon: github.png
href: https://github.com/portainer/portainer
description: Portainer GitHub
- icon: docker.png
href: https://hub.docker.com/r/portainer/portainer-ce
description: Portainer Docker Image
- Pi-hole:
- icon: si-raspberrypi
href: https://pi-hole.net
description: Pi-hole Network-wide Ad Blocking
- icon: github.png
href: https://github.com/pi-hole/pi-hole
description: Pi-hole GitHub
- icon: docker.png
href: https://hub.docker.com/r/pihole/pihole
description: Pi-hole Docker Image
- LinuxServer.io:
- icon: si-linux
href: https://www.linuxserver.io
description: LinuxServer.io Container Images
- icon: github.png
href: https://github.com/linuxserver
description: LinuxServer GitHub Organization
- Media Services:
- Plex:
- icon: si-plex
href: https://www.plex.tv
description: Plex Media Server
- icon: github.png
href: https://github.com/plexinc/pms-docker
description: Plex Docker GitHub
- icon: docker.png
href: https://hub.docker.com/r/plexinc/pms-docker
description: Plex Docker Image
- Jellyfin:
- icon: si-jellyfin
href: https://jellyfin.org
description: Jellyfin Media Server (Open Source)
- icon: github.png
href: https://github.com/jellyfin/jellyfin
description: Jellyfin GitHub
- icon: docker.png
href: https://hub.docker.com/r/jellyfin/jellyfin
description: Jellyfin Docker Image
- Sonarr:
- icon: si-sonarr
href: https://sonarr.tv
description: Sonarr TV Show Manager
- icon: github.png
href: https://github.com/Sonarr/Sonarr
description: Sonarr GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/sonarr
description: Sonarr Docker Image
- Radarr:
- icon: si-radarr
href: https://radarr.video
description: Radarr Movie Manager
- icon: github.png
href: https://github.com/Radarr/Radarr
description: Radarr GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/radarr
description: Radarr Docker Image
- Prowlarr:
- icon: si-prowlarr
href: https://prowlarr.com
description: Prowlarr Indexer Manager
- icon: github.png
href: https://github.com/Prowlarr/Prowlarr
description: Prowlarr GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/prowlarr
description: Prowlarr Docker Image
- qBittorrent:
- icon: si-qbittorrent
href: https://www.qbittorrent.org
description: qBittorrent Torrent Client
- icon: github.png
href: https://github.com/qbittorrent/qBittorrent
description: qBittorrent GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/qbittorrent
description: qBittorrent Docker Image
- Readarr:
- icon: si-readarr
href: https://readarr.com
description: Readarr Book Manager
- icon: github.png
href: https://github.com/Readarr/Readarr
description: Readarr GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/readarr
description: Readarr Docker Image
- Lidarr:
- icon: si-lidarr
href: https://lidarr.audio
description: Lidarr Music Manager
- icon: github.png
href: https://github.com/Lidarr/Lidarr
description: Lidarr GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/lidarr
description: Lidarr Docker Image
- Jellyseerr:
- icon: si-jellyseerr
href: https://jellyseerr.dev
description: Jellyseerr Media Requests
- icon: github.png
href: https://github.com/Fallenbagel/jellyseerr
description: Jellyseerr GitHub
- icon: docker.png
href: https://hub.docker.com/r/fallenbagel/jellyseerr
description: Jellyseerr Docker Image
- Tdarr:
- icon: si-tdarr
href: https://tdarr.io
description: Tdarr Media Transcoding
- icon: github.png
href: https://github.com/HaveAGitGat/Tdarr
description: Tdarr GitHub
- icon: docker.png
href: https://hub.docker.com/r/haveagitgat/tdarr
description: Tdarr Docker Image
- Unmanic:
- icon: si-unmanic
href: https://docs.unmanic.app
description: Unmanic Media Optimizer
- icon: github.png
href: https://github.com/Unmanic/unmanic
description: Unmanic GitHub
- icon: docker.png
href: https://hub.docker.com/r/josh5/unmanic
description: Unmanic Docker Image
- Calibre-Web:
- icon: si-calibre
href: https://github.com/janeczku/calibre-web
description: Calibre-Web Ebook Reader
- icon: github.png
href: https://github.com/janeczku/calibre-web
description: Calibre-Web GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/calibre-web
description: Calibre-Web Docker Image
- Productivity & Collaboration:
- Nextcloud:
- icon: si-nextcloud
href: https://nextcloud.com
description: Nextcloud File Sync & Collaboration
- icon: github.png
href: https://github.com/nextcloud/server
description: Nextcloud GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/nextcloud
description: Nextcloud Docker Image
- Gitea:
- icon: si-gitea
href: https://gitea.io
description: Gitea Git Service
- icon: github.png
href: https://github.com/go-gitea/gitea
description: Gitea GitHub
- icon: docker.png
href: https://hub.docker.com/r/gitea/gitea
description: Gitea Docker Image
- BookStack:
- icon: si-bookstack
href: https://www.bookstackapp.com
description: BookStack Documentation Platform
- icon: github.png
href: https://github.com/BookStackApp/BookStack
description: BookStack GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/bookstack
description: BookStack Docker Image
- DokuWiki:
- icon: si-dokuwiki
href: https://www.dokuwiki.org
description: DokuWiki File-based Wiki
- icon: github.png
href: https://github.com/dokuwiki/dokuwiki
description: DokuWiki GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/dokuwiki
description: DokuWiki Docker Image
- MediaWiki:
- icon: si-mediawiki
href: https://www.mediawiki.org
description: MediaWiki Wiki Platform
- icon: github.png
href: https://github.com/wikimedia/mediawiki
description: MediaWiki GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/mediawiki
description: MediaWiki Docker Image
- WordPress:
- icon: si-wordpress
href: https://wordpress.org
description: WordPress Blog/CMS Platform
- icon: github.png
href: https://github.com/WordPress/WordPress
description: WordPress GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/wordpress
description: WordPress Docker Image
- Mealie:
- icon: si-mealie
href: https://hay-kot.github.io/mealie
description: Mealie Recipe Manager
- icon: github.png
href: https://github.com/hay-kot/mealie
description: Mealie GitHub
- icon: docker.png
href: https://hub.docker.com/r/hkotel/mealie
description: Mealie Docker Image
- Form.io:
- icon: si-formio
href: https://www.form.io
description: Form.io Form Builder
- icon: github.png
href: https://github.com/formio/formio
description: Form.io GitHub
- icon: docker.png
href: https://hub.docker.com/r/formio/formio-enterprise
description: Form.io Docker Image
- Home Automation:
- Home Assistant:
- icon: si-homeassistant
href: https://www.home-assistant.io
description: Home Assistant Smart Home Platform
- icon: github.png
href: https://github.com/home-assistant/core
description: Home Assistant GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/homeassistant
description: Home Assistant Docker Image
- ESPHome:
- icon: si-esphome
href: https://esphome.io
description: ESPHome ESP32/ESP8266 Firmware
- icon: github.png
href: https://github.com/esphome/esphome
description: ESPHome GitHub
- icon: docker.png
href: https://hub.docker.com/r/esphome/esphome
description: ESPHome Docker Image
- Node-RED:
- icon: si-nodered
href: https://nodered.org
description: Node-RED Flow-based Programming
- icon: github.png
href: https://github.com/node-red/node-red
description: Node-RED GitHub
- icon: docker.png
href: https://hub.docker.com/r/nodered/node-red
description: Node-RED Docker Image
- Zigbee2MQTT:
- icon: si-zigbee2mqtt
href: https://www.zigbee2mqtt.io
description: Zigbee2MQTT Zigbee Bridge
- icon: github.png
href: https://github.com/Koenkk/zigbee2mqtt
description: Zigbee2MQTT GitHub
- icon: docker.png
href: https://hub.docker.com/r/koenkk/zigbee2mqtt
description: Zigbee2MQTT Docker Image
- MotionEye:
- icon: si-motioneye
href: https://github.com/motioneye-project/motioneye
description: MotionEye Video Surveillance
- icon: github.png
href: https://github.com/motioneye-project/motioneye
description: MotionEye GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/motioneye
description: MotionEye Docker Image
- TasmoAdmin:
- icon: si-tasmota
href: https://github.com/reloxx13/TasmoAdmin
description: TasmoAdmin Tasmota Device Manager
- icon: github.png
href: https://github.com/reloxx13/TasmoAdmin
description: TasmoAdmin GitHub
- icon: docker.png
href: https://hub.docker.com/r/raymondmm/tasmoadmin
description: TasmoAdmin Docker Image
- Development & Utilities:
- Code Server:
- icon: si-visualstudiocode
href: https://github.com/coder/code-server
description: Code Server (VS Code in Browser)
- icon: github.png
href: https://github.com/coder/code-server
description: Code Server GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/code-server
description: Code Server Docker Image
- Jupyter Lab:
- icon: si-jupyter
href: https://jupyter.org
description: Jupyter Lab Notebooks
- icon: github.png
href: https://github.com/jupyterlab/jupyterlab
description: Jupyter Lab GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/jupyterlab
description: Jupyter Lab Docker Image
- Vaultwarden:
- icon: si-bitwarden
href: https://github.com/dani-garcia/vaultwarden
description: Vaultwarden Password Manager
- icon: github.png
href: https://github.com/dani-garcia/vaultwarden
description: Vaultwarden GitHub
- icon: docker.png
href: https://hub.docker.com/r/vaultwarden/server
description: Vaultwarden Docker Image
- Duplicati:
- icon: si-duplicati
href: https://www.duplicati.com
description: Duplicati Backup Solution
- icon: github.png
href: https://github.com/duplicati/duplicati
description: Duplicati GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/duplicati
description: Duplicati Docker Image
- pgAdmin:
- icon: si-postgresql
href: https://www.pgadmin.org
description: pgAdmin PostgreSQL Management
- icon: github.png
href: https://github.com/pgadmin-org/pgadmin4
description: pgAdmin GitHub
- icon: docker.png
href: https://hub.docker.com/r/dpage/pgadmin4
description: pgAdmin Docker Image
- GitLab CE:
- icon: si-gitlab
href: https://about.gitlab.com
description: GitLab DevOps Platform
- icon: github.png
href: https://gitlab.com/gitlab-org/gitlab
description: GitLab GitHub
- icon: docker.png
href: https://hub.docker.com/r/gitlab/gitlab-ce
description: GitLab CE Docker Image
- Monitoring & Observability:
- Grafana:
- icon: si-grafana
href: https://grafana.com
description: Grafana Visualization Platform
- icon: github.png
href: https://github.com/grafana/grafana
description: Grafana GitHub
- icon: docker.png
href: https://hub.docker.com/r/grafana/grafana
description: Grafana Docker Image
- Prometheus:
- icon: si-prometheus
href: https://prometheus.io
description: Prometheus Metrics Collection
- icon: github.png
href: https://github.com/prometheus/prometheus
description: Prometheus GitHub
- icon: docker.png
href: https://hub.docker.com/r/prom/prometheus
description: Prometheus Docker Image
- Uptime Kuma:
- icon: si-uptimekuma
href: https://uptime.kuma.pet
description: Uptime Kuma Status Monitoring
- icon: github.png
href: https://github.com/louislam/uptime-kuma
description: Uptime Kuma GitHub
- icon: docker.png
href: https://hub.docker.com/r/louislam/uptime-kuma
description: Uptime Kuma Docker Image
- Glances:
- icon: si-glances
href: https://nicolargo.github.io/glances
description: Glances System Monitoring
- icon: github.png
href: https://github.com/nicolargo/glances
description: Glances GitHub
- icon: docker.png
href: https://hub.docker.com/r/linuxserver/glances
description: Glances Docker Image
- Dozzle:
- icon: si-dozzle
href: https://dozzle.dev
description: Dozzle Docker Log Viewer
- icon: github.png
href: https://github.com/amir20/dozzle
description: Dozzle GitHub
- icon: docker.png
href: https://hub.docker.com/r/amir20/dozzle
description: Dozzle Docker Image
- External Resources & Communities:
- Awesome Docker Compose:
- icon: docker.png
href: https://awesome-docker-compose.com
description: Curated Docker Compose Examples
- Servarr Wiki:
- icon: si-servarr
href: https://wiki.servarr.com
description: Servarr Applications Documentation
- Docker Compose Documentation:
- icon: docker.png
href: https://docs.docker.com/compose
description: Docker Compose Official Docs
- Let's Encrypt:
- icon: si-letsencrypt
href: https://letsencrypt.org
description: Free SSL Certificates
- Awesome Selfhosted:
- icon: si-awesome
href: https://awesome-selfhosted.net
description: Self-hosted Software List
- Homelab Wiki:
- icon: si-wikipedia
href: https://homelab.wiki
description: Homelab Community Wiki
- Reddit r/selfhosted:
- icon: si-reddit
href: https://reddit.com/r/selfhosted
description: Self-hosted Community
- Reddit r/homelab:
- icon: si-reddit
href: https://reddit.com/r/homelab
description: Homelab Community

31
docker-compose/dashboards/homepage/homepage/custom.css Normal file
View File

@@ -0,0 +1,31 @@
.information-widgets {
max-width: 1500px;
}
.services-group {
max-width: 250px;
}
#services {
margin: 0px;
}
.service {
height: 70px;
max-height: 80px;
margin-bottom: 0px;
margin-right: 3px;
}
#services #bookmarks {
margin: 0px 0px 0px 20px;
}
.text-sm {
font-size: 16px;
}
.bookmark-group {
min-width: 250px;
max-width: 250px;
}

0
docker-compose/dashboards/homepage/homepage/custom.js Normal file
View File

18
docker-compose/dashboards/homepage/homepage/docker.yaml Normal file
View File

@@ -0,0 +1,18 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/docker/
# my-docker:
# host: 127.0.0.1
# port: 2375
# my-docker:
# socket: /var/run/docker.sock
# home-assistant:
# host: 192.168.4.5
# port: 2375
#${SERVER_HOSTNAME}:
# host: 192.168.4.11
# port: 2375

2
docker-compose/dashboards/homepage/homepage/kubernetes.yaml Normal file
View File

@@ -0,0 +1,2 @@
---
# sample kubernetes config

5
docker-compose/dashboards/homepage/homepage/proxmox.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
# pve:
# url: https://proxmox.host.or.ip:8006
# token: username@pam!Token ID
# secret: secret

291
docker-compose/dashboards/homepage/homepage/services.yaml Normal file
View File

@@ -0,0 +1,291 @@
---
# Currently Installed Services - Grouped by Stack
- Dashboards:
- Homepage:
icon: homepage.png
href: https://homepage.${DOMAIN}
description: Hosted on Raspberry Pi
- Homepage - ${REMOTE_SERVER_HOSTNAME}:
icon: homepage.png
href: https://homepage.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Application Dashboard
- Homarr:
icon: homarr.png
href: https://homarr.${DOMAIN}
description: Alternative Dashboard
- Homarr - ${REMOTE_SERVER_HOSTNAME}:
icon: homarr.png
href: https://homarr.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Alternative Dashboard
- Dockge - ${SERVER_HOSTNAME}:
icon: dockge.png
href: https://${SERVER_HOSTNAME}.${DOMAIN}
description: Main Server
- Dockge - ${REMOTE_SERVER_HOSTNAME}:
icon: dockge.png
href: https://${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: Raspberry Pi Authentication Server
- Core:
- Traefik:
icon: traefik.png
href: https://traefik.${DOMAIN}
description: Reverse Proxy & SSL
- Authelia:
icon: authelia.png
href: https://auth.${DOMAIN}
description: Authentication SSO Portal
- Pi-hole:
icon: pi-hole.png
href: https://pihole.${DOMAIN}
description: Network-wide Ad Blocking
- Monitoring Stack:
- Dozzle:
icon: dozzle.png
href: https://dozzle.${SERVER_HOSTNAME}.${DOMAIN}
description: ${SERVER_HOSTNAME} - Real-time Log Viewer
- Dozzle:
icon: dozzle.png
href: https://dozzle.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Real-time Log Viewer
- Glances - ${SERVER_HOSTNAME}:
icon: glances.png
href: https://glances.${SERVER_HOSTNAME}.${DOMAIN}
description: ${SERVER_HOSTNAME} - System Monitoring
- Glances - ${REMOTE_SERVER_HOSTNAME}:
icon: glances.png
href: https://glances.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - System Monitoring
- Uptime Kuma:
icon: uptime-kuma.png
href: https://uptime-kuma.${DOMAIN}
description: Uptime Monitoring
- Grafana - ${REMOTE_SERVER_HOSTNAME}:
icon: grafana.png
href: https://grafana.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Metrics Dashboard
- Prometheus - ${REMOTE_SERVER_HOSTNAME}:
icon: prometheus.png
href: https://prometheus.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Metrics Collection
- Uptime Kuma - ${REMOTE_SERVER_HOSTNAME}:
icon: uptime-kuma.png
href: https://status.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Uptime Monitoring
- Media:
- Jellyfin:
icon: jellyfin.png
href: https://jellyfin.${DOMAIN}
description: Open Source Media Server
- Jellyseerr:
icon: jellyseerr.png
href: https://jellyseerr.${DOMAIN}
description: Media Request Manager
- Calibre-Web:
icon: calibre-web.png
href: https://calibre.${DOMAIN}
description: Ebook Library
- Media Management:
- Sonarr:
icon: sonarr.png
href: https://sonarr.${DOMAIN}
description: TV Shows Automation
- Radarr:
icon: radarr.png
href: https://radarr.${DOMAIN}
description: Movies Automation
- Prowlarr:
icon: prowlarr.png
href: https://prowlarr.${DOMAIN}
description: Indexer Manager
- Readarr:
icon: readarr.png
href: https://readarr.${DOMAIN}
description: Books Automation
- Lidarr:
icon: lidarr.png
href: https://lidarr.${DOMAIN}
description: Music Automation
- Mylar3:
icon: mylar.png
href: https://mylar.${DOMAIN}
description: Comics Manager
- Home Automation:
- Home Assistant:
icon: home-assistant.png
href: https://hass.${DOMAIN}
description: Home Automation Platform
- ESPHome:
icon: esphome.png
href: https://esphome.${DOMAIN}
description: ESP Device Manager
- Node-RED:
icon: node-red.png
href: https://nodered.${DOMAIN}
description: Flow-based Automation
- Zigbee2MQTT:
icon: zigbee2mqtt.png
href: https://zigbee.${DOMAIN}
description: Zigbee Bridge
- Mosquitto:
icon: mosquitto.png
href: https://mqtt.${DOMAIN}
description: MQTT Broker
- Productivity:
- Nextcloud:
icon: nextcloud.png
href: https://nextcloud.${DOMAIN}
description: Cloud Storage & Collaboration
- Gitea:
icon: gitea.png
href: https://gitea.${DOMAIN}
description: Git Repository
- Mealie:
icon: mealie.png
href: https://mealie.${DOMAIN}
description: Recipe Manager
- WordPress:
icon: wordpress.png
href: https://wordpress.${DOMAIN}
description: CMS Platform
- Wikis:
- BookStack:
icon: bookstack.png
href: https://bookstack.${DOMAIN}
description: Wiki Platform
- DokuWiki:
icon: dokuwiki.png
href: https://dokuwiki.${DOMAIN}
description: Simple Wiki
- Mediawiki:
icon: mediawiki.png
href: https://mediawiki.${DOMAIN}
description: Collaborative Wiki
- Development:
- VS Code Server:
icon: vscode.png
href: https://code.${DOMAIN}
description: Browser-based IDE
- Jupyter:
icon: jupyter.png
href: https://jupyter.${DOMAIN}
description: Data Science Notebooks
- Downloaders:
- qBittorrent:
icon: qbittorrent.png
href: https://qbit.${DOMAIN}
description: Torrent Client
- Transcoders:
- Tdarr:
icon: tdarr.png
href: https://tdarr.${DOMAIN}
description: Media Transcoding
- Unmanic:
icon: unmanic.png
href: https://unmanic.${DOMAIN}
description: Media Transcoder
- Utilities:
- Vaultwarden:
icon: vaultwarden.png
href: https://vault.${DOMAIN}
description: Password Manager
- Formio:
icon: mdi-form-select
href: https://formio.${DOMAIN}
description: Form Builder
- Backup:
- Backrest:
icon: mdi-backup-restore
href: https://backrest.${DOMAIN}
description: Backup Solution
- Backrest - ${REMOTE_SERVER_HOSTNAME}:
icon: mdi-backup-restore
href: https://backrest.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Backup Solution
- Duplicati:
icon: duplicati.png
href: https://duplicati.${DOMAIN}
description: Backup Software
- Duplicati - ${REMOTE_SERVER_HOSTNAME}:
icon: duplicati.png
href: https://duplicati.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Backup Software
- Metrics:
- Grafana:
icon: grafana.png
href: https://grafana.${DOMAIN}
description: Metrics Dashboard
- Prometheus:
icon: prometheus.png
href: https://prometheus.${DOMAIN}
description: Metrics Collection
- cAdvisor:
icon: cadvisor.png
href: https://cadvisor.${DOMAIN}
description: Container Metrics
- Alternatives:
- Portainer:
icon: portainer.png
href: https://portainer.${DOMAIN}
description: Container Management UI
- Authentik:
icon: authentik.png
href: https://authentik.${DOMAIN}
description: Alternative Auth Provider
- Plex:
icon: plex.png
href: https://plex.${DOMAIN}
description: Media Server

7
docker-compose/dashboards/homepage/homepage/settings.yaml Normal file
View File

@@ -0,0 +1,7 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/settings/
providers:
openweathermap: openweathermapapikey
weatherapi: weatherapiapikey

19
docker-compose/dashboards/homepage/homepage/widgets.yaml Normal file
View File

@@ -0,0 +1,19 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/info-widgets/
- resources:
cpu: true
memory: true
disk: /
- datetime:
text_size: xl
format:
dateStyle: long
timeStyle: short
hourCycle: h23
- greeting:
text_size: 4xl
text: EZ Homelab

2
docker-compose/dashboards/homepage/kubernetes.yaml Normal file
View File

@@ -0,0 +1,2 @@
---
# sample kubernetes config

46
docker-compose/dashboards/homepage/loki/loki-config.yml Normal file
View File

@@ -0,0 +1,46 @@
# Loki Configuration Template
# Copy this file to ./config/loki/loki-config.yml
auth_enabled: false
server:
http_listen_port: 3100
grpc_listen_port: 9096
common:
path_prefix: /loki
storage:
filesystem:
chunks_directory: /loki/chunks
rules_directory: /loki/rules
replication_factor: 1
ring:
instance_addr: 127.0.0.1
kvstore:
store: inmemory
schema_config:
configs:
- from: 2020-10-24
store: boltdb-shipper
object_store: filesystem
schema: v11
index:
prefix: index_
period: 24h
ruler:
alertmanager_url: http://localhost:9093
# Retention configuration (delete logs older than 30 days)
limits_config:
retention_period: 720h # 30 days
# Compactor to delete old data
compactor:
working_directory: /loki/compactor
shared_store: filesystem
compaction_interval: 10m
retention_enabled: true
retention_delete_delay: 2h
retention_delete_worker_count: 150

49
docker-compose/dashboards/homepage/prometheus/prometheus.yml Normal file
View File

@@ -0,0 +1,49 @@
# Prometheus Configuration Template
# Copy this file to ./config/prometheus/prometheus.yml
global:
scrape_interval: 15s
evaluation_interval: 15s
external_labels:
monitor: 'homelab'
# Alertmanager configuration (optional)
# alerting:
# alertmanagers:
# - static_configs:
# - targets:
# - alertmanager:9093
# Load rules once and periodically evaluate them
# rule_files:
# - "alerts/*.yml"
# Scrape configurations
scrape_configs:
# Prometheus itself
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
# Node Exporter - System metrics
- job_name: 'node-exporter'
static_configs:
- targets: ['node-exporter:9100']
labels:
instance: 'homelab-server'
# cAdvisor - Container metrics
- job_name: 'cadvisor'
static_configs:
- targets: ['cadvisor:8080']
labels:
instance: 'homelab-server'
# Add your own services here
# Example: Monitor a service with /metrics endpoint
# - job_name: 'my-service'
# static_configs:
# - targets: ['my-service:8080']
# labels:
# instance: 'homelab-server'
# service: 'my-service'

53
docker-compose/dashboards/homepage/promtail/promtail-config.yml Normal file
View File

@@ -0,0 +1,53 @@
# Promtail Configuration Template
# Copy this file to ./config/promtail/promtail-config.yml
server:
http_listen_port: 9080
grpc_listen_port: 0
positions:
filename: /tmp/positions.yaml
clients:
- url: http://loki:3100/loki/api/v1/push
scrape_configs:
# Docker container logs
- job_name: docker
static_configs:
- targets:
- localhost
labels:
job: docker
__path__: /var/lib/docker/containers/*/*-json.log
pipeline_stages:
# Parse Docker JSON logs
- json:
expressions:
output: log
stream: stream
attrs: attrs
# Extract container name from path
- regex:
expression: '/var/lib/docker/containers/(?P<container_id>[^/]+)/.*'
source: filename
# Add labels
- labels:
stream:
container_id:
# Output the log line
- output:
source: output
# System logs (optional)
# - job_name: system
# static_configs:
# - targets:
# - localhost
# labels:
# job: varlogs
# __path__: /var/log/*.log

5
docker-compose/dashboards/homepage/proxmox.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
# pve:
# url: https://proxmox.host.or.ip:8006
# token: username@pam!Token ID
# secret: secret

42
docker-compose/dashboards/homepage/redis/redis.conf Normal file
View File

@@ -0,0 +1,42 @@
# Redis Configuration Template
# Copy this file to ./config/redis/redis.conf
# Network
bind 0.0.0.0
protected-mode yes
port 6379
# General
daemonize no
supervised no
pidfile /var/run/redis_6379.pid
loglevel notice
logfile ""
# Persistence - AOF (Append Only File)
appendonly yes
appendfilename "appendonly.aof"
appendfsync everysec
no-appendfsync-on-rewrite no
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
# Persistence - RDB (Snapshotting)
save 900 1
save 300 10
save 60 10000
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
dir /data
# Memory Management
maxmemory 256mb
maxmemory-policy allkeys-lru
# Security
# requirepass yourpassword # Uncomment and set a strong password
# Limits
maxclients 10000

355
docker-compose/dashboards/homepage/services.yaml
View File

@@ -1,283 +1,256 @@
---
- Core:
- Dockge:
icon: dockge.png
href: https://dockge.kelin-casa.duckdns.org
description: Docker Compose Manager
container: dockge
- Traefik:
icon: traefik.png
href: https://traefik.kelin-casa.duckdns.org
description: Reverse Proxy & SSL
container: traefik
- Authelia:
icon: authelia.png
href: https://auth.kelin-casa.duckdns.org
description: Authentication Portal
container: authelia
# Currently Installed Services - Grouped by Stack
- Dashboards:
- Homepage:
icon: homepage.png
href: https://home.kelin-casa.duckdns.org
description: This Dashboard
container: homepage
href: https://homepage.${DOMAIN}
description: Hosted on Raspberry Pi
- Homarr:
icon: homarr.png
href: https://homarr.kelin-casa.duckdns.org
href: https://homarr.${DOMAIN}
description: Alternative Dashboard
container: homarr
- Infrastructure:
- VS Code Server:
icon: vscode.png
href: https://code.kelin-casa.duckdns.org
description: Browser-based IDE
container: code-server
- Dozzle:
icon: dozzle.png
href: https://dozzle.kelin-casa.duckdns.org
description: Real-time Log Viewer
container: dozzle
- Dockge - ${SERVER_HOSTNAME}:
icon: dockge.png
href: https://${SERVER_HOSTNAME}.${DOMAIN}
description: Main Server
- Glances:
icon: glances.png
href: https://glances.kelin-casa.duckdns.org
description: System Monitoring
container: glances
- Dockge - ${REMOTE_SERVER_HOSTNAME}:
icon: dockge.png
href: https://${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: Raspberry Pi Authentication Server
- Core:
- Traefik:
icon: traefik.png
href: https://traefik.${DOMAIN}
description: Reverse Proxy & SSL
- Authelia:
icon: authelia.png
href: https://auth.${DOMAIN}
description: Authentication SSO Portal
- Pi-hole:
icon: pi-hole.png
href: https://pihole.kelin-casa.duckdns.org
href: https://pihole.${DOMAIN}
description: Network-wide Ad Blocking
container: pihole
- Monitoring:
- Grafana:
icon: grafana.png
href: https://grafana.kelin-casa.duckdns.org
description: Metrics Dashboard
container: grafana
- Monitoring Stack:
- Dozzle:
icon: dozzle.png
href: https://dozzle.${SERVER_HOSTNAME}.${DOMAIN}
description: ${SERVER_HOSTNAME} - Real-time Log Viewer
- Prometheus:
icon: prometheus.png
href: https://prometheus.kelin-casa.duckdns.org
description: Metrics Collection
container: prometheus
- Dozzle:
icon: dozzle.png
href: https://dozzle.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - Real-time Log Viewer
- Glances - ${SERVER_HOSTNAME}:
icon: glances.png
href: https://glances.${SERVER_HOSTNAME}.${DOMAIN}
description: ${SERVER_HOSTNAME} - System Monitoring
- Glances - ${REMOTE_SERVER_HOSTNAME}:
icon: glances.png
href: https://glances.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}
description: ${REMOTE_SERVER_HOSTNAME} - System Monitoring
- Uptime Kuma:
icon: uptime-kuma.png
href: https://uptime-kuma.kelin-casa.duckdns.org
href: https://uptime-kuma.${DOMAIN}
description: Uptime Monitoring
container: uptime-kuma
- Loki:
icon: loki.png
href: https://loki.kelin-casa.duckdns.org
description: Log Aggregation
container: loki
- cAdvisor:
icon: cadvisor.png
href: https://cadvisor.kelin-casa.duckdns.org
description: Container Metrics
container: cadvisor
- Media:
- Jellyfin:
icon: jellyfin.png
href: https://jellyfin.kelin-casa.duckdns.org
href: https://jellyfin.${DOMAIN}
description: Open Source Media Server
container: jellyfin
- Jellyseerr:
icon: jellyseerr.png
href: https://jellyseerr.kelin-casa.duckdns.org
href: https://jellyseerr.${DOMAIN}
description: Media Request Manager
container: jellyseerr
- Calibre-Web:
icon: calibre-web.png
href: https://calibre.kelin-casa.duckdns.org
href: https://calibre.${DOMAIN}
description: Ebook Library
container: calibre-web
- Media Management:
- Lidarr:
icon: lidarr.png
href: https://lidarr.kelin-casa.duckdns.org
description: Music Automation
container: lidarr
- Readarr:
icon: readarr.png
href: https://readarr.kelin-casa.duckdns.org
description: Books Automation
container: readarr
- Radarr:
icon: radarr.png
href: https://radarr.kelin-casa.duckdns.org
description: Movies Automation
container: radarr
- Sonarr:
icon: sonarr.png
href: https://sonarr.kelin-casa.duckdns.org
href: https://sonarr.${DOMAIN}
description: TV Shows Automation
container: sonarr
- Radarr:
icon: radarr.png
href: https://radarr.${DOMAIN}
description: Movies Automation
- Prowlarr:
icon: prowlarr.png
href: https://prowlarr.kelin-casa.duckdns.org
href: https://prowlarr.${DOMAIN}
description: Indexer Manager
container: prowlarr
- Readarr:
icon: readarr.png
href: https://readarr.${DOMAIN}
description: Books Automation
- Lidarr:
icon: lidarr.png
href: https://lidarr.${DOMAIN}
description: Music Automation
- Mylar3:
icon: mylar.png
href: https://mylar.kelin-casa.duckdns.org
href: https://mylar.${DOMAIN}
description: Comics Manager
container: mylar3
- Productivity:
- Nextcloud:
icon: nextcloud.png
href: https://nextcloud.kelin-casa.duckdns.org
description: Cloud Storage & Collaboration
container: nextcloud
- Mealie:
icon: mealie.png
href: https://mealie.kelin-casa.duckdns.org
description: Recipe Manager
container: mealie
- WordPress:
icon: wordpress.png
href: https://wordpress.kelin-casa.duckdns.org
description: CMS Platform
container: wordpress
- Jupyter:
icon: jupyter.png
href: https://jupyter.kelin-casa.duckdns.org
description: Data Science Notebooks
container: jupyter
- Gitea:
icon: gitea.png
href: https://gitea.kelin-casa.duckdns.org
description: Git Repository
container: gitea
- Wiki:
- BookStack:
icon: bookstack.png
href: https://bookstack.kelin-casa.duckdns.org
description: Wiki Platform
container: bookstack
- DokuWiki:
icon: dokuwiki.png
href: https://dokuwiki.kelin-casa.duckdns.org
description: Simple Wiki
container: dokuwiki
- Home Automation:
- Home Assistant:
icon: home-assistant.png
href: https://ha.kelin-casa.duckdns.org
href: https://hass.${DOMAIN}
description: Home Automation Platform
container: homeassistant
- ESPHome:
icon: esphome.png
href: https://esphome.kelin-casa.duckdns.org
href: https://esphome.${DOMAIN}
description: ESP Device Manager
container: esphome
- Node-RED:
icon: node-red.png
href: https://nodered.kelin-casa.duckdns.org
href: https://nodered.${DOMAIN}
description: Flow-based Automation
container: nodered
- Zigbee2MQTT:
icon: zigbee2mqtt.png
href: https://zigbee.kelin-casa.duckdns.org
href: https://zigbee.${DOMAIN}
description: Zigbee Bridge
container: zigbee2mqtt
- Mosquitto:
icon: mosquitto.png
href: https://mqtt.kelin-casa.duckdns.org
href: https://mqtt.${DOMAIN}
description: MQTT Broker
container: mosquitto
- Utilities:
- Backrest:
icon: mdi-backup-restore
href: https://backrest.kelin-casa.duckdns.org
description: Backup Solution
container: backrest
- Productivity:
- Nextcloud:
icon: nextcloud.png
href: https://nextcloud.${DOMAIN}
description: Cloud Storage & Collaboration
- Duplicati:
icon: duplicati.png
href: https://duplicati.kelin-casa.duckdns.org
description: Backup Software
container: duplicati
- Gitea:
icon: gitea.png
href: https://gitea.${DOMAIN}
description: Git Repository
- Vaultwarden:
icon: vaultwarden.png
href: https://vault.kelin-casa.duckdns.org
description: Password Manager
container: vaultwarden
- Mealie:
icon: mealie.png
href: https://mealie.${DOMAIN}
description: Recipe Manager
- Formio:
icon: mdi-form-select
href: https://forms.kelin-casa.duckdns.org
description: Form Builder
container: formio
- WordPress:
icon: wordpress.png
href: https://wordpress.${DOMAIN}
description: CMS Platform
- Wikis:
- BookStack:
icon: bookstack.png
href: https://bookstack.${DOMAIN}
description: Wiki Platform
- DokuWiki:
icon: dokuwiki.png
href: https://dokuwiki.${DOMAIN}
description: Simple Wiki
- Mediawiki:
icon: mediawiki.png
href: https://mediawiki.${DOMAIN}
description: Collaborative Wiki
- Development:
- VS Code Server:
icon: vscode.png
href: https://code.${DOMAIN}
description: Browser-based IDE
- Jupyter:
icon: jupyter.png
href: https://jupyter.${DOMAIN}
description: Data Science Notebooks
- VPN Protected:
- gluetun:
icon: gluetun.png
href: https://home.kelin-casa.duckdns.org
description: VPN Client
container: gluetun
- Downloaders:
- qBittorrent:
icon: qbittorrent.png
href: https://qbit.kelin-casa.duckdns.org
href: https://qbit.${DOMAIN}
description: Torrent Client
container: qbittorrent
- Transcoders:
- Unmanic:
icon: unmanic.png
href: https://unmanic.kelin-casa.duckdns.org
description: Media Transcoding
container: unmanic
- Tdarr:
icon: tdarr.png
href: https://tdarr.kelin-casa.duckdns.org
href: https://tdarr.${DOMAIN}
description: Media Transcoding
container: tdarr-server
- Unmanic:
icon: unmanic.png
href: https://unmanic.${DOMAIN}
description: Media Transcoder
- Utilities:
- Vaultwarden:
icon: vaultwarden.png
href: https://vault.${DOMAIN}
description: Password Manager
- Formio:
icon: mdi-form-select
href: https://formio.${DOMAIN}
description: Form Builder
- Backup:
- Backrest:
icon: mdi-backup-restore
href: https://backrest.${DOMAIN}
description: Backup Solution
- Duplicati:
icon: duplicati.png
href: https://duplicati.${DOMAIN}
description: Backup Software
- Metrics:
- Grafana:
icon: grafana.png
href: https://grafana.${DOMAIN}
description: Metrics Dashboard
- Prometheus:
icon: prometheus.png
href: https://prometheus.${DOMAIN}
description: Metrics Collection
- cAdvisor:
icon: cadvisor.png
href: https://cadvisor.${DOMAIN}
description: Container Metrics
- Alternatives:
- Portainer:
icon: portainer.png
href: https://portainer.kelin-casa.duckdns.org
href: https://portainer.${DOMAIN}
description: Container Management UI
container: portainer
- Authentik:
icon: authentik.png
href: https://authentik.kelin-casa.duckdns.org
href: https://authentik.${DOMAIN}
description: Alternative Auth Provider
container: authentik
- Plex:
icon: plex.png
href: https://plex.kelin-casa.duckdns.org
href: https://plex.${DOMAIN}
description: Media Server
container: plex

7
docker-compose/dashboards/homepage/settings.yaml Normal file
View File

@@ -0,0 +1,7 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/settings/
providers:
openweathermap: openweathermapapikey
weatherapi: weatherapiapikey

19
docker-compose/dashboards/homepage/traefik/dynamic/external-host-homeassistant.yml Normal file
View File

@@ -0,0 +1,19 @@
http:
routers:
# Individual Services
homeassistant:
rule: "Host(`hass.${DOMAIN}`)"
entryPoints:
- websecure
service: homeassistant
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
services:
# Individual Services
homeassistant:
loadBalancer:
servers:
- url: "http://${HOMEASSISTANT_IP}:8123"
passHostHeader: true

795
docker-compose/dashboards/homepage/traefik/dynamic/external-host-production.yml Normal file
View File

@@ -0,0 +1,795 @@
http:
routers:
backrest-${SERVER_HOSTNAME}:
rule: "Host(`backrest.${DOMAIN}`)"
entryPoints:
- websecure
service: backrest-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-backrest@file
- authelia@docker
bookstack-${SERVER_HOSTNAME}:
rule: "Host(`bookstack.${DOMAIN}`)"
entryPoints:
- websecure
service: bookstack-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-bookstack@file
- authelia@docker
vaultwarden-${SERVER_HOSTNAME}:
rule: "Host(`vault.${DOMAIN}`)"
entryPoints:
- websecure
service: vaultwarden-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
# SSO disabled for browser extension and mobile app compatibility
middlewares:
- sablier-${SERVER_HOSTNAME}-vaultwarden@file
calibre-web-${SERVER_HOSTNAME}:
rule: "Host(`calibre.${DOMAIN}`)"
entryPoints:
- websecure
service: calibre-web-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-calibre-web@file
- authelia@docker
code-${SERVER_HOSTNAME}:
rule: "Host(`code.${DOMAIN}`)"
entryPoints:
- websecure
service: code-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-code-server@file
- authelia@docker
dockge-${SERVER_HOSTNAME}:
rule: "Host(`jarvis.${DOMAIN}`)"
entryPoints:
- websecure
service: dockge-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
dockhand-${SERVER_HOSTNAME}:
rule: "Host(`dockhand.${DOMAIN}`)"
entryPoints:
- websecure
service: dockhand-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
dokuwiki-${SERVER_HOSTNAME}:
rule: "Host(`dokuwiki.${DOMAIN}`)"
entryPoints:
- websecure
service: dokuwiki-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-dokuwiki@file
- authelia@docker
dozzle-${SERVER_HOSTNAME}:
rule: "Host(`dozzle.${DOMAIN}`)"
entryPoints:
- websecure
service: dozzle-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-dozzle@file
- authelia@docker
duplicati-${SERVER_HOSTNAME}:
rule: "Host(`duplicati.${DOMAIN}`)"
entryPoints:
- websecure
service: duplicati-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-duplicati@file
- authelia@docker
ez-assistant-${SERVER_HOSTNAME}:
rule: "Host(`assistant.${DOMAIN}`)"
entryPoints:
- websecure
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
# - sablier-${SERVER_HOSTNAME}-assistant@file
- ez-assistant-websocket
service: ez-assistant-${SERVER_HOSTNAME}
formio-${SERVER_HOSTNAME}:
rule: "Host(`formio.${DOMAIN}`)"
entryPoints:
- websecure
service: formio-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-formio@file
- authelia@docker
gitea-${SERVER_HOSTNAME}:
rule: "Host(`gitea.${DOMAIN}`)"
entryPoints:
- websecure
service: gitea-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-gitea@file
- authelia@docker
glances-${SERVER_HOSTNAME}:
rule: "Host(`glances.jarvis.${DOMAIN}`)"
entryPoints:
- websecure
service: glances-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-glances@file
- authelia@docker
homepage-${SERVER_HOSTNAME}:
rule: "Host(`homepage.jarvis.${DOMAIN}`)"
entryPoints:
- websecure
service: homepage-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
homarr-${SERVER_HOSTNAME}:
rule: "Host(`homarr.${DOMAIN}`)"
entryPoints:
- websecure
service: homarr-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
- sablier-${SERVER_HOSTNAME}-homarr@file
jellyfin-${SERVER_HOSTNAME}:
rule: "Host(`jellyfin.${DOMAIN}`)"
entryPoints:
- websecure
service: jellyfin-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-jellyfin@file
# No authelia middleware for media apps
jupyter-${SERVER_HOSTNAME}:
rule: "Host(`jupyter.${DOMAIN}`)"
entryPoints:
- websecure
service: jupyter-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-jupyter@file
- authelia@docker
kopia-${SERVER_HOSTNAME}:
rule: "Host(`kopia.${DOMAIN}`)"
entryPoints:
- websecure
service: kopia-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-kopia@file
- authelia@docker
mealie-${SERVER_HOSTNAME}:
rule: "Host(`mealie.${DOMAIN}`)"
entryPoints:
- websecure
service: mealie-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-mealie@file
- authelia@docker
motioneye-${SERVER_HOSTNAME}:
rule: "Host(`motioneye.${DOMAIN}`)"
entryPoints:
- websecure
service: motioneye-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
mediawiki-${SERVER_HOSTNAME}:
rule: "Host(`mediawiki.${DOMAIN}`)"
entryPoints:
- websecure
service: mediawiki-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-mediawiki@file
- authelia@docker
nextcloud-${SERVER_HOSTNAME}:
rule: "Host(`nextcloud.${DOMAIN}`)"
entryPoints:
- websecure
service: nextcloud-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-nextcloud@file
- authelia@docker
openkm-${SERVER_HOSTNAME}:
rule: "Host(`openkm.${DOMAIN}`)"
entryPoints:
- websecure
service: openkm-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-openkm@file
- authelia@docker
openwebui-${SERVER_HOSTNAME}:
rule: "Host(`openwebui.${DOMAIN}`)"
entryPoints:
- websecure
service: openwebui-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-openwebui@file
- authelia@docker
qbittorrent-${SERVER_HOSTNAME}:
rule: "Host(`qbit.${DOMAIN}`)"
entryPoints:
- websecure
service: qbittorrent-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
tdarr-${SERVER_HOSTNAME}:
rule: "Host(`tdarr.${DOMAIN}`)"
entryPoints:
- websecure
service: tdarr-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
unmanic-${SERVER_HOSTNAME}:
rule: "Host(`unmanic.${DOMAIN}`)"
entryPoints:
- websecure
service: unmanic-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-unmanic@file
- authelia@docker
- authelia@docker
wordpress-${SERVER_HOSTNAME}:
rule: "Host(`wordpress.${DOMAIN}`)"
entryPoints:
- websecure
service: wordpress-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-wordpress@file
- authelia@docker
# Arr Services (no SSO for media apps)
jellyseerr-${SERVER_HOSTNAME}:
rule: "Host(`jellyseerr.${DOMAIN}`)"
entryPoints:
- websecure
service: jellyseerr-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
prowlarr-${SERVER_HOSTNAME}:
rule: "Host(`prowlarr.${DOMAIN}`)"
entryPoints:
- websecure
service: prowlarr-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
radarr-${SERVER_HOSTNAME}:
rule: "Host(`radarr.${DOMAIN}`)"
entryPoints:
- websecure
service: radarr-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
sonarr-${SERVER_HOSTNAME}:
rule: "Host(`sonarr.${DOMAIN}`)"
entryPoints:
- websecure
service: sonarr-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
lidarr-${SERVER_HOSTNAME}:
rule: "Host(`lidarr.${DOMAIN}`)"
entryPoints:
- websecure
service: lidarr-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
readarr-${SERVER_HOSTNAME}:
rule: "Host(`readarr.${DOMAIN}`)"
entryPoints:
- websecure
service: readarr-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
mylar3-${SERVER_HOSTNAME}:
rule: "Host(`mylar3.${DOMAIN}`)"
entryPoints:
- websecure
service: mylar3-${SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- sablier-${SERVER_HOSTNAME}-arr@file
- authelia@docker
# Remote Server Services (${REMOTE_SERVER_HOSTNAME})
dockge-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`dockge.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: dockge-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
dozzle-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`dozzle.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: dozzle-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
glances-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`glances.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: glances-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
backrest-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`backrest.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: backrest-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
duplicati-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`duplicati.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: duplicati-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
homepage-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`homepage.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: homepage-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
homarr-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`homarr.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: homarr-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
grafana-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`grafana.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: grafana-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
prometheus-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`prometheus.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: prometheus-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
uptime-kuma-${REMOTE_SERVER_HOSTNAME}:
rule: "Host(`status.${REMOTE_SERVER_HOSTNAME}.${DOMAIN}`)"
entryPoints:
- websecure
service: uptime-kuma-${REMOTE_SERVER_HOSTNAME}
tls:
certResolver: letsencrypt
middlewares:
- authelia@docker
# Service Definitions
services:
backrest-${SERVER_HOSTNAME}:
loadBalancer:
servers:
- url: "http://${SERVER_IP}:9898"
passHostHeader: true
vaultwarden-${SERVER_HOSTNAME}:
loadBalancer:
servers:
- url: "http://${SERVER_IP}:8091"
passHostHeader: true
bookstack-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:6875"
passHostHeader: true
calibre-web-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8083"
passHostHeader: true
code-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8079"
passHostHeader: true
dockge-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:5001"
passHostHeader: true
dockhand-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:3003"
passHostHeader: true
dokuwiki-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8087"
passHostHeader: true
dozzle-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8085"
passHostHeader: true
duplicati-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8200"
passHostHeader: true
ez-assistant-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:18789" # Internal IP of ${SERVER_HOSTNAME} server
passHostHeader: true
formio-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:3002"
passHostHeader: true
gitea-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:3010"
passHostHeader: true
glances-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:61208"
passHostHeader: true
homarr-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:7575"
passHostHeader: true
homepage-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:3000"
passHostHeader: true
jellyfin-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8096"
passHostHeader: true
jupyter-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8890"
passHostHeader: true
kopia-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:51515"
passHostHeader: true
mealie-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:9000"
passHostHeader: true
mediawiki-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8086"
passHostHeader: true
motioneye-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8081"
passHostHeader: true
nextcloud-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8089"
passHostHeader: true
openkm-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:18080"
passHostHeader: true
openwebui-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:3000"
passHostHeader: true
qbittorrent-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8081"
passHostHeader: true
tdarr-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8265"
passHostHeader: true
unmanic-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8889"
passHostHeader: true
wordpress-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8088"
passHostHeader: true
# Arr Services
jellyseerr-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:5055"
passHostHeader: true
prowlarr-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:9696"
passHostHeader: true
radarr-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:7878"
passHostHeader: true
sonarr-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8989"
passHostHeader: true
lidarr-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8686"
passHostHeader: true
readarr-${SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${SERVER_IP}:8787"
passHostHeader: true
mylar3-${SERVER_HOSTNAME}:
loadBalancer:
servers:
- url: "http://${SERVER_IP}:8090"
passHostHeader: true
# Remote Server Service Definitions (${REMOTE_SERVER_HOSTNAME})
dockge-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:5001"
passHostHeader: true
dozzle-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:8085"
passHostHeader: true
glances-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:61208"
passHostHeader: true
backrest-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:9898"
passHostHeader: true
duplicati-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:8200"
passHostHeader: true
homepage-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:3000"
passHostHeader: true
homarr-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:7575"
passHostHeader: true
grafana-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:3000"
passHostHeader: true
prometheus-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:9090"
passHostHeader: true
uptime-kuma-${REMOTE_SERVER_HOSTNAME}:
loadbalancer:
servers:
- url: "http://${REMOTE_SERVER_IP}:3001"
passHostHeader: true
# Middleware Definitions
middlewares:
ez-assistant-websocket:
headers:
accessControlAllowHeaders:
- "Connection"
- "Upgrade"
accessControlAllowMethods:
- "GET"
- "POST"
- "OPTIONS"
accessControlMaxAge: 86400

31
docker-compose/dashboards/homepage/traefik/dynamic/routes.yml Normal file
View File

@@ -0,0 +1,31 @@
# Traefik Dynamic Configuration
# Copy to /opt/stacks/traefik/dynamic/routes.yml
# Add custom routes here that aren't defined via Docker labels
http:
routers:
# Example custom route
# custom-service:
# rule: "Host(`custom.example.com`)"
# entryPoints:
# - websecure
# middlewares:
# - authelia@docker
# tls:
# certResolver: letsencrypt
# service: custom-service
services:
# Example custom service
# custom-service:
# loadBalancer:
# servers:
# - url: "http://192.168.1.100:8080"
middlewares:
# Additional middlewares can be defined here
# Example: Rate limiting
# rate-limit:
# rateLimit:
# average: 100
# burst: 50

442
docker-compose/dashboards/homepage/traefik/dynamic/sablier.yml Normal file
View File

@@ -0,0 +1,442 @@
# Session duration set to 5m for testing. Increase to 30m for production.
http:
middlewares:
authelia:
forwardauth:
address: http://authelia:9091/api/verify?rd=https://auth.${DOMAIN}/
authResponseHeaders:
- X-Secret
trustForwardHeader: true
sablier-${SERVER_HOSTNAME}-arr:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-arr
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Arr Apps
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-backrest:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-backrest
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Backrest
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-vaultwarden:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-vaultwarden
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Vaultwarden
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-bookstack:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-bookstack
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Bookstack
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-calibre-web:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-calibre-web
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Calibre Web
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-code-server:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-code-server
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Code Server
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-dozzle:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-dozzle
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: dozzle
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-dokuwiki:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-dokuwiki
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: DokuWiki
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-duplicati:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-duplicati
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Duplicati
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-formio:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-formio
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: FormIO
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-gitea:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-gitea
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Gitea
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-glances:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-glances
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Glances
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-homarr:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-homarr
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Homarr
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-jellyfin:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-jellyfin
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Jellyfin
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-jupyter:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-jupyter
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Jupyter
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-komodo:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-komodo
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Komodo
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-kopia:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-kopia
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Kopia
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-mealie:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-mealie
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Mealie
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-mediawiki:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-mediawiki
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: MediaWiki
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-nextcloud:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-nextcloud
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: NextCloud
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-openkm:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-openkm
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: OpenKM
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-openwebui:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-openwebui
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: OpenWebUI
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-pulse:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-pulse
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Pulse
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-tdarr:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-tdarr
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Tdarr
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-unmanic:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-unmanic
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Unmanic
theme: ghost
show-details-by-default: true
sablier-${SERVER_HOSTNAME}-wordpress:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${SERVER_HOSTNAME}-wordpress
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: wordpress
theme: ghost
show-details-by-default: true
# Remote Server (${REMOTE_SERVER_HOSTNAME}) Sablier Middlewares
sablier-${REMOTE_SERVER_HOSTNAME}-dockge:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-dockge
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Dockge (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-dozzle:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-dozzle
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Dozzle (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-glances:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-glances
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Glances (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-backrest:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-backrest
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Backrest (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-duplicati:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-duplicati
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Duplicati (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-homepage:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-homepage
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Homepage (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-homarr:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-homarr
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Homarr (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-grafana:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-grafana
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Grafana (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-prometheus:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-prometheus
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Prometheus (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true
sablier-${REMOTE_SERVER_HOSTNAME}-uptime-kuma:
plugin:
sablier:
sablierUrl: http://sablier-service:10000
group: ${REMOTE_SERVER_HOSTNAME}-uptime-kuma
sessionDuration: 5m
ignoreUserAgent: curl
dynamic:
displayName: Uptime Kuma (${REMOTE_SERVER_HOSTNAME})
theme: ghost
show-details-by-default: true

43
docker-compose/dashboards/homepage/traefik/traefik.yml Normal file
View File

@@ -0,0 +1,43 @@
# Traefik Static Configuration
# Copy to /opt/stacks/traefik/traefik.yml
experimental:
plugins:
sablier:
moduleName: github.com/sablierapp/sablier-traefik-plugin
version: v1.1.0
providers:
docker:
exposedByDefault: false
file:
directory: /dynamic
entryPoints:
web:
address: ":80"
websecure:
address: ":443"
traefik:
address: ":8080"
certificatesResolvers:
letsencrypt:
acme:
dnsChallenge:
provider: duckdns
email: ${DEFAULT_EMAIL}
storage: /letsencrypt/acme.json
log:
level: DEBUG
accessLog:
format: json
api:
dashboard: true
insecure: true
ping:
manualRouting: true

19
docker-compose/dashboards/homepage/widgets.yaml Normal file
View File

@@ -0,0 +1,19 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/info-widgets/
- resources:
cpu: true
memory: true
disk: /
- datetime:
text_size: xl
format:
dateStyle: long
timeStyle: short
hourCycle: h23
- greeting:
text_size: 4xl
text: EZ Homelab

6
docker-compose/infrastructure/docker-compose.yml
View File

@@ -81,8 +81,10 @@ services:
- "homelab.category=infrastructure"
- "homelab.description=Network-wide ad blocking and DNS"
# Traefik reverse proxy (comment/uncomment to disable/enable)
# If Traefik is on a remote server: these labels are NOT USED;
# configure external yml files in /traefik/dynamic folder instead.
# IMPORTANT: On REMOTE SERVERS (where Traefik runs elsewhere):
# - COMMENT OUT all traefik.* labels below (don't delete them)
# - Routes are configured via external YAML files on the core server
# - This prevents conflicts between Docker labels and file provider
- "traefik.enable=true"
- "traefik.http.routers.pihole.rule=Host(`pihole.${DOMAIN}`)"
- "traefik.http.routers.pihole.entrypoints=websecure"

20
docs/Homelab-Audit.md Normal file
View File

@@ -0,0 +1,20 @@
# EZ-Homelab Configuration Audit
## Purpose
Validate the configuration for the entire homelab.
For each server:
* Folder structure
* File permissions
* List all stacks in /opt
* List all compose files with relevant .env file
For standalone server:
* All of the above plus
*

89
release-notes-v0.1.md
View File

@@ -1,89 +0,0 @@
# Release Notes v0.1
## ez-homelab.sh
* Options 1 & 2: Require additional testing
* Option 3: Confirmed working on fresh Debian 12 install with an existing core server.
## Manual Install Instructions
* May require some refinement
## Security
* Authelia SSO
* Optional 2FA
* TLS Certificates for docker-proxy
* SSO enabled by default (except for special cases)
## DNS & Proxy
* DuckDNS & LetsEncrypt
* Traefik routing via lables for local services
* Traefik routing via external host files for remote servers
* service.yoursubdomain.duckdns.org subdomains for all exposed webui
* service.serverhostname.yoursubdomain.duckdns.org for services that are likely to run on multiple servers (dockge, glances, etc)
## Sablier lazyloading of services
>**WHY?** Saves resounces, reduces power bills, allows for running a ton of services without overtaxing your server.
>Requires the stack to be up.
* Enabled on most services by default
* Dependant services are loaded as a group (like the arr apps)
>**Downsides** Short delay while the service starts.
Occasional time-out or Bad Gateway errors in browser.
Refreshing the page will work once the container is healthy.
## UX - Setup
On a fresh install of an OS, like Debian
* Log in as root and run (replace yourusername with the username created during install)
`apt update && apt upgrade -y && apt install git sudo -y && usermod -aG sudo yourusername`
* Run `exit` to log out
* Log in with your username
* Change directory to your home folder
`cd ~`
* Run `git clone https://github.com/kelinfoxy/EZ-Homelab.git`
* run `sudo ./scripts/ez-homelab.sh` to install docker
* Log out (`exit`) and back in
* Run `./scripts/ez-homelab.sh` (without sudo) to perform the install
**Once complete**
* the script provides a link to open Dockge in a browser
* The core stack (if installed) is running
* The infrastructure stack is running
* The dashboards stack is running
* All remaining stacks show as inactive
## UX - Dashboards
>**REMEMBER** Lazyloading only works if the stacks are up
* Homepage is the default dashboard
* homepage.yoursubdomain.duckdns.org
* Preconfigured to work out of the box
# Services Preconfigured wtih Traefik and Sablier
>**NOTE**: Most services require an initial setup in the webui on first launch
* Core stack
* Infrastructure stack
* Dashboards stack
* Media stack
* Media Management stack
* Productivity stack
* Transcoders stack
* Utilities stack
* VPN stack
* Wikis stack
The Monitoring stack is not configured for traefik/sablier yet
The Alternatives stack is completely untested.
## Github Wiki
Mostly accurate, needs refinement

64
scripts/ez-homelab.sh
View File

@@ -235,6 +235,14 @@ load_env_file() {
echo " Domain: ${DOMAIN:-Not set}"
echo " Server IP: ${SERVER_IP:-Not set}"
echo " Server Hostname: ${SERVER_HOSTNAME:-Not set}"
echo " Remote Server IP: ${REMOTE_SERVER_IP:-Not set}"
echo " Remote Server Hostname: ${REMOTE_SERVER_HOSTNAME:-Not set}"
echo " Remote Server User: ${REMOTE_SERVER_USER:-Not set}"
if [ -n "${REMOTE_SERVER_PASSWORD:-}" ]; then
echo " Remote Server Password: [HIDDEN]"
else
echo " Remote Server Password: Not set"
fi
echo " Default User: ${DEFAULT_USER:-Not set}"
if [ -n "${DEFAULT_PASSWORD:-}" ]; then
echo " Default Password: [HIDDEN]"
@@ -264,6 +272,10 @@ save_env_file() {
sudo -u "$ACTUAL_USER" sed -i "s%DOMAIN=.*%DOMAIN=$DOMAIN%" "$REPO_DIR/.env"
sudo -u "$ACTUAL_USER" sed -i "s%SERVER_IP=.*%SERVER_IP=$SERVER_IP%" "$REPO_DIR/.env"
sudo -u "$ACTUAL_USER" sed -i "s%SERVER_HOSTNAME=.*%SERVER_HOSTNAME=$SERVER_HOSTNAME%" "$REPO_DIR/.env"
sudo -u "$ACTUAL_USER" sed -i "s%REMOTE_SERVER_IP=.*%REMOTE_SERVER_IP=$REMOTE_SERVER_IP%" "$REPO_DIR/.env"
sudo -u "$ACTUAL_USER" sed -i "s%REMOTE_SERVER_HOSTNAME=.*%REMOTE_SERVER_HOSTNAME=$REMOTE_SERVER_HOSTNAME%" "$REPO_DIR/.env"
sudo -u "$ACTUAL_USER" sed -i "s%REMOTE_SERVER_USER=.*%REMOTE_SERVER_USER=$REMOTE_SERVER_USER%" "$REPO_DIR/.env"
sudo -u "$ACTUAL_USER" sed -i "s%REMOTE_SERVER_PASSWORD=.*%REMOTE_SERVER_PASSWORD=$REMOTE_SERVER_PASSWORD%" "$REPO_DIR/.env"
sudo -u "$ACTUAL_USER" sed -i "s%TZ=.*%TZ=$TZ%" "$REPO_DIR/.env"
# Authelia settings (only generate secrets if deploying core)
@@ -332,6 +344,10 @@ prompt_for_values() {
DEFAULT_SERVER_IP="${SERVER_IP:-$(hostname -I | awk '{print $1}')}"
DEFAULT_CORE_SERVER_IP="${CORE_SERVER_IP:-}"
DEFAULT_SERVER_HOSTNAME="${SERVER_HOSTNAME:-$(hostname)}"
DEFAULT_REMOTE_SERVER_IP="${REMOTE_SERVER_IP:-}"
DEFAULT_REMOTE_SERVER_HOSTNAME="${REMOTE_SERVER_HOSTNAME:-}"
DEFAULT_REMOTE_SERVER_USER="${REMOTE_SERVER_USER:-${DEFAULT_USER:-}}"
DEFAULT_REMOTE_SERVER_PASSWORD="${REMOTE_SERVER_PASSWORD:-}"
DEFAULT_TZ="${TZ:-America/New_York}"
# Display current/default configuration
@@ -339,6 +355,14 @@ prompt_for_values() {
echo " Domain: $DEFAULT_DOMAIN"
echo " Server IP: $DEFAULT_SERVER_IP"
echo " Server Hostname: $DEFAULT_SERVER_HOSTNAME"
echo " Remote Server IP: $DEFAULT_REMOTE_SERVER_IP"
echo " Remote Server Hostname: $DEFAULT_REMOTE_SERVER_HOSTNAME"
echo " Remote Server User: $DEFAULT_REMOTE_SERVER_USER"
if [ -n "$DEFAULT_REMOTE_SERVER_PASSWORD" ]; then
echo " Remote Server Password: [HIDDEN]"
else
echo " Remote Server Password: Not set"
fi
echo " Timezone: $DEFAULT_TZ"
if [ "$DEPLOY_CORE" = false ] && [ -z "$DEFAULT_CORE_SERVER_IP" ]; then
@@ -374,6 +398,25 @@ prompt_for_values() {
read -p "Server Hostname [$DEFAULT_SERVER_HOSTNAME]: " SERVER_HOSTNAME
SERVER_HOSTNAME="${SERVER_HOSTNAME:-$DEFAULT_SERVER_HOSTNAME}"
# Remote Server IP
read -p "Remote Server IP [$DEFAULT_REMOTE_SERVER_IP]: " REMOTE_SERVER_IP
REMOTE_SERVER_IP="${REMOTE_SERVER_IP:-$DEFAULT_REMOTE_SERVER_IP}"
# Remote Server Hostname
read -p "Remote Server Hostname [$DEFAULT_REMOTE_SERVER_HOSTNAME]: " REMOTE_SERVER_HOSTNAME
REMOTE_SERVER_HOSTNAME="${REMOTE_SERVER_HOSTNAME:-$DEFAULT_REMOTE_SERVER_HOSTNAME}"
# Remote Server User
read -p "Remote Server User [$DEFAULT_REMOTE_SERVER_USER]: " REMOTE_SERVER_USER
REMOTE_SERVER_USER="${REMOTE_SERVER_USER:-$DEFAULT_REMOTE_SERVER_USER}"
# Remote Server Password
read -s -p "Remote Server Password: " REMOTE_SERVER_PASSWORD
echo ""
if [ -z "$REMOTE_SERVER_PASSWORD" ]; then
REMOTE_SERVER_PASSWORD="$DEFAULT_REMOTE_SERVER_PASSWORD"
fi
# Timezone
read -p "Timezone [$DEFAULT_TZ]: " TZ
TZ="${TZ:-$DEFAULT_TZ}"
@@ -562,12 +605,28 @@ deploy_core() {
fi
cp -r "$REPO_DIR/config-templates/traefik" /opt/stacks/core/
# Only copy external host files on core server (where Traefik runs)
if [ "$DEPLOY_CORE" = true ]; then
log_info "Core server detected - copying external host routing files"
else
log_info "Remote server detected - removing external host routing files"
rm -f /opt/stacks/core/traefik/dynamic/external-host-*.yml
fi
# Replace ACME email placeholder
sed -i "s/ACME_EMAIL_PLACEHOLDER/${AUTHELIA_ADMIN_EMAIL}/g" /opt/stacks/core/traefik/traefik.yml
# Replace domain placeholders in traefik dynamic configs
find /opt/stacks/core/traefik/dynamic -name "*.yml" -exec sed -i "s/\${DOMAIN}/${DOMAIN}/g" {} \;
find /opt/stacks/core/traefik/dynamic -name "*.yml" -exec sed -i "s/\${SERVER_HOSTNAME}/${SERVER_HOSTNAME}/g" {} \;
find /opt/stacks/core/traefik/dynamic -name "*.yml" -exec sed -i "s/\${REMOTE_SERVER_HOSTNAME}/${REMOTE_SERVER_HOSTNAME}/g" {} \;
find /opt/stacks/core/traefik/dynamic -name "*.yml" -exec sed -i "s/\${REMOTE_SERVER_IP}/${REMOTE_SERVER_IP}/g" {} \;
# Rename external-host-production.yml to use remote server hostname
if [ -f "/opt/stacks/core/traefik/dynamic/external-host-production.yml" ]; then
mv "/opt/stacks/core/traefik/dynamic/external-host-production.yml" "/opt/stacks/core/traefik/dynamic/external-host-${REMOTE_SERVER_HOSTNAME}.yml"
log_info "Renamed external-host-production.yml to external-host-${REMOTE_SERVER_HOSTNAME}.yml"
fi
if [ -d "/opt/stacks/core/authelia" ]; then
mv /opt/stacks/core/authelia /opt/stacks/core/authelia.backup.$(date +%Y%m%d_%H%M%S)
@@ -661,6 +720,11 @@ deploy_dashboards() {
# Copy homepage config
if [ -d "$REPO_DIR/docker-compose/dashboards/homepage" ]; then
cp -r "$REPO_DIR/docker-compose/dashboards/homepage" /opt/stacks/dashboards/
# Replace placeholders in homepage config files
find /opt/stacks/dashboards/homepage -name "*.yaml" -type f | while read -r config_file; do
replace_env_placeholders "$config_file"
done
fi
# Replace placeholders in dashboards compose file