kelin/EZ-Homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix homepage Traefik network routing and update configurations

Browse Source 
- Add traefik.docker.network=traefik-network label to homepage service
- Prevent Traefik from using wrong IP from homelab-network
- Resolve 504 Gateway Timeout issues after authentication
- Update various docker-compose configurations and templates
- Clean up unused configuration files
This commit is contained in:
EZ-Homelab Assistant
2026-01-30 23:29:00 -05:00
parent 465c10ae42
commit 90a26a9ac4
88 changed files with 3841 additions and 3626 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
docker-compose/utilities/docker-compose.yml
View File

@@ -8,7 +8,7 @@
services:
# Backrest - Backup solution for restic
# Access at: https://backrest.${DOMAIN}
# Access at: https://backrest.kelinreij.duckdns.org
# Uses Sablier lazy loading - starts on-demand, stops after 5min inactivity
backrest:
image: garethgeorge/backrest:latest
@@ -28,7 +28,7 @@ services:
environment:
- BACKREST_DATA=/data
- BACKREST_CONFIG=/config/config.json
- TZ=${TZ}
- TZ=America/New_York
healthcheck:
test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:9898/"]
interval: 30s
@@ -43,7 +43,7 @@ services:
- "homelab.description=Backup management with restic"
- "traefik.enable=true"
# Router configuration
- "traefik.http.routers.backrest.rule=Host(`backrest.${DOMAIN}`)"
- "traefik.http.routers.backrest.rule=Host(`backrest.kelinreij.duckdns.org`)"
- "traefik.http.routers.backrest.entrypoints=websecure"
- "traefik.http.routers.backrest.tls.certresolver=letsencrypt"
- "traefik.http.routers.backrest.middlewares=authelia@docker"
@@ -51,11 +51,11 @@ services:
- "traefik.http.services.backrest.loadbalancer.server.port=9898"
# Sablier configuration
- "sablier.enable=true"
- "sablier.group=${SERVER_HOSTNAME}-backrest"
- "sablier.group=jasper-backrest"
- "sablier.start-on-demand=true"
# Duplicati - Backup solution
# Access at: https://duplicati.${DOMAIN}
# Access at: https://duplicati.kelinreij.duckdns.org
duplicati:
image: lscr.io/linuxserver/duplicati:2.0.7
container_name: duplicati
@@ -71,9 +71,9 @@ services:
- /mnt:/source/mnt:ro
- /mnt/backups:/backups
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
- PUID=1000
- PGID=1000
- TZ=America/New_York
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8200/"]
interval: 30s
@@ -88,7 +88,7 @@ services:
- "homelab.description=Backup software with encryption"
- "traefik.enable=true"
# Router configuration
- "traefik.http.routers.duplicati.rule=Host(`duplicati.${DOMAIN}`)"
- "traefik.http.routers.duplicati.rule=Host(`duplicati.kelinreij.duckdns.org`)"
- "traefik.http.routers.duplicati.entrypoints=websecure"
- "traefik.http.routers.duplicati.tls.certresolver=letsencrypt"
- "traefik.http.routers.duplicati.middlewares=authelia@docker"
@@ -96,7 +96,7 @@ services:
- "traefik.http.services.duplicati.loadbalancer.server.port=8200"
# Sablier configuration
- "sablier.enable=true"
- "sablier.group=${SERVER_HOSTNAME}-duplicati"
- "sablier.group=jasper-duplicati"
- "sablier.start-on-demand=true"
# Form.io - Form builder
@@ -132,7 +132,7 @@ services:
# Traefik labels
- "traefik.enable=true"
# Router configuration
- "traefik.http.routers.formio.rule=Host(`forms.${DOMAIN}`)"
- "traefik.http.routers.formio.rule=Host(`forms.kelinreij.duckdns.org`)"
- "traefik.http.routers.formio.entrypoints=websecure"
- "traefik.http.routers.formio.tls.certresolver=letsencrypt"
- "traefik.http.routers.formio.middlewares=authelia@docker"
@@ -140,7 +140,7 @@ services:
- "traefik.http.services.formio.loadbalancer.server.port=3001"
# Sablier configuration
- "sablier.enable=true"
- "sablier.group=${SERVER_HOSTNAME}-formio"
- "sablier.group=jasper-formio"
- "sablier.start-on-demand=true"
formio-mongo:
@@ -154,7 +154,7 @@ services:
- "homelab.description=Form.io database"
# Bitwarden (Vaultwarden) - Password manager
# Access at: https://vault.${DOMAIN}
# Access at: https://vault.kelinreij.duckdns.org
# Note: SSO disabled for browser extension and mobile app compatibility
vaultwarden:
@@ -169,7 +169,7 @@ services:
volumes:
- ./vaultwarden/data:/data
environment:
- DOMAIN=https://vault.${DOMAIN}
- DOMAIN=https://vault.kelinreij.duckdns.org
- SIGNUPS_ALLOWED=${BITWARDEN_SIGNUPS_ALLOWED}
- INVITATIONS_ALLOWED=${BITWARDEN_INVITATIONS_ALLOWED}
- ADMIN_TOKEN=${BITWARDEN_ADMIN_TOKEN}
@@ -196,7 +196,7 @@ services:
# If Traefik is on a remote server: these labels are NOT USED;
# configure external yml files in /traefik/dynamic folder instead.
- "traefik.enable=true"
- "traefik.http.routers.vaultwarden.rule=Host(`vault.${DOMAIN}`)"
- "traefik.http.routers.vaultwarden.rule=Host(`vault.kelinreij.duckdns.org`)"
- "traefik.http.routers.vaultwarden.entrypoints=websecure"
- "traefik.http.routers.vaultwarden.tls=true"
- "traefik.http.routers.vaultwarden.tls.certresolver=letsencrypt"
@@ -205,7 +205,7 @@ services:
- "traefik.http.services.vaultwarden.loadbalancer.server.port=80"
# Sablier configuration
- "sablier.enable=true"
- "sablier.group=${SERVER_HOSTNAME}-vaultwarden"
- "sablier.group=jasper-vaultwarden"
- "sablier.start-on-demand=true"
# Authelia Redis - Session storage for Authelia
@@ -236,11 +236,11 @@ networks:
x-dockge:
urls:
- https://backrest.${DOMAIN}
- https://${SERVER_IP}:9898
- https://duplicati.${DOMAIN}
- https://${SERVER_IP}:8200
- https://forms.${DOMAIN}
- https://${SERVER_IP}:3002
- https://vault.${DOMAIN}
- https://${SERVER_IP}:8091
- https://backrest.kelinreij.duckdns.org
- https://192.168.4.4:9898
- https://duplicati.kelinreij.duckdns.org
- https://192.168.4.4:8200
- https://forms.kelinreij.duckdns.org
- https://192.168.4.4:3002
- https://vault.kelinreij.duckdns.org
- https://192.168.4.4:8091

246
docker-compose/utilities/docker-compose.yml.template Normal file
View File

@@ -0,0 +1,246 @@
# Backup and Utility Services
# Place in /opt/stacks/utilities/docker-compose.yml
# RESTART POLICY GUIDE:
# - unless-stopped: Core infrastructure services that should always run
# - no: Services with Sablier lazy loading (start on-demand)
# - See individual service comments for specific reasoning
services:
# Backrest - Backup solution for restic
# Access at: https://backrest.${DOMAIN}
# Uses Sablier lazy loading - starts on-demand, stops after 5min inactivity
backrest:
image: garethgeorge/backrest:latest
container_name: backrest
restart: no
networks:
- homelab-network
- traefik-network
ports:
- "9898:9898"
volumes:
- ./backrest/data:/data
- ./backrest/config:/config
- /opt/stacks:/opt/stacks:ro # Backup source
- /mnt:/mnt:ro # Backup additional drives
- backrest-cache:/cache
environment:
- BACKREST_DATA=/data
- BACKREST_CONFIG=/config/config.json
- TZ=${TZ}
healthcheck:
test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:9898/"]
interval: 30s
timeout: 10s
retries: 3
start_period: 30s
labels:
# TRAEFIK CONFIGURATION
# Service metadata
- "com.centurylinklabs.watchtower.enable=true"
- "homelab.category=utilities"
- "homelab.description=Backup management with restic"
- "traefik.enable=true"
# Router configuration
- "traefik.http.routers.backrest.rule=Host(`backrest.${DOMAIN}`)"
- "traefik.http.routers.backrest.entrypoints=websecure"
- "traefik.http.routers.backrest.tls.certresolver=letsencrypt"
- "traefik.http.routers.backrest.middlewares=authelia@docker"
# Service configuration
- "traefik.http.services.backrest.loadbalancer.server.port=9898"
# Sablier configuration
- "sablier.enable=true"
- "sablier.group=${SERVER_HOSTNAME}-backrest"
- "sablier.start-on-demand=true"
# Duplicati - Backup solution
# Access at: https://duplicati.${DOMAIN}
duplicati:
image: lscr.io/linuxserver/duplicati:2.0.7
container_name: duplicati
restart: no
networks:
- homelab-network
- traefik-network
ports:
- "8200:8200"
volumes:
- ./duplicati/config:/config
- /opt/stacks:/source/stacks:ro
- /mnt:/source/mnt:ro
- /mnt/backups:/backups
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8200/"]
interval: 30s
timeout: 10s
retries: 3
start_period: 60s
labels:
# TRAEFIK CONFIGURATION
# Service metadata
- "com.centurylinklabs.watchtower.enable=true"
- "homelab.category=utilities"
- "homelab.description=Backup software with encryption"
- "traefik.enable=true"
# Router configuration
- "traefik.http.routers.duplicati.rule=Host(`duplicati.${DOMAIN}`)"
- "traefik.http.routers.duplicati.entrypoints=websecure"
- "traefik.http.routers.duplicati.tls.certresolver=letsencrypt"
- "traefik.http.routers.duplicati.middlewares=authelia@docker"
# Service configuration
- "traefik.http.services.duplicati.loadbalancer.server.port=8200"
# Sablier configuration
- "sablier.enable=true"
- "sablier.group=${SERVER_HOSTNAME}-duplicati"
- "sablier.start-on-demand=true"
# Form.io - Form builder
# Uncomment and configure if formio/formio image becomes available
formio:
image: calipseo/formio:latest
container_name: formio
restart: no
networks:
- homelab-network
- traefik-network
ports:
- "3002:3001"
environment:
- MONGO=mongodb://formio-mongo:27017/formio
- JWT_SECRET=${FORMIO_JWT_SECRET}
- DB_SECRET=${FORMIO_DB_SECRET}
healthcheck:
test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:3001/"]
interval: 30s
timeout: 10s
retries: 3
start_period: 60s
depends_on:
- formio-mongo
labels:
# TRAEFIK CONFIGURATION
# ==========================================
# Service metadata
- "com.centurylinklabs.watchtower.enable=true"
- "homelab.category=utilities"
- "homelab.description=Form builder platform"
# Traefik labels
- "traefik.enable=true"
# Router configuration
- "traefik.http.routers.formio.rule=Host(`forms.${DOMAIN}`)"
- "traefik.http.routers.formio.entrypoints=websecure"
- "traefik.http.routers.formio.tls.certresolver=letsencrypt"
- "traefik.http.routers.formio.middlewares=authelia@docker"
# Service configuration
- "traefik.http.services.formio.loadbalancer.server.port=3001"
# Sablier configuration
- "sablier.enable=true"
- "sablier.group=${SERVER_HOSTNAME}-formio"
- "sablier.start-on-demand=true"
formio-mongo:
image: mongo:4.4
container_name: formio-mongo
restart: unless-stopped
networks:
- homelab-network
labels:
- "homelab.category=utilities"
- "homelab.description=Form.io database"
# Bitwarden (Vaultwarden) - Password manager
# Access at: https://vault.${DOMAIN}
# Note: SSO disabled for browser extension and mobile app compatibility
vaultwarden:
image: vaultwarden/server:1.30.1
container_name: vaultwarden
restart: no
networks:
- homelab-network
- traefik-network
ports:
- "8091:80"
volumes:
- ./vaultwarden/data:/data
environment:
- DOMAIN=https://vault.${DOMAIN}
- SIGNUPS_ALLOWED=${BITWARDEN_SIGNUPS_ALLOWED}
- INVITATIONS_ALLOWED=${BITWARDEN_INVITATIONS_ALLOWED}
- ADMIN_TOKEN=${BITWARDEN_ADMIN_TOKEN}
# SMTP disabled - uncomment and configure to enable email
# - SMTP_HOST=${SMTP_HOST}
# - SMTP_FROM=${SMTP_FROM}
# - SMTP_PORT=${SMTP_PORT}
# - SMTP_SECURITY=${SMTP_SECURITY}
# - SMTP_USERNAME=${SMTP_USERNAME}
# - SMTP_PASSWORD=${SMTP_PASSWORD}
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:80/"]
interval: 30s
timeout: 10s
retries: 3
start_period: 30s
labels:
# TRAEFIK CONFIGURATION
# ==========================================
# Service metadata
- "homelab.category=utilities"
- "homelab.description=Self-hosted password manager (Bitwarden)"
# Traefik reverse proxy (comment/uncomment to disable/enable)
# If Traefik is on a remote server: these labels are NOT USED;
# configure external yml files in /traefik/dynamic folder instead.
- "traefik.enable=true"
- "traefik.http.routers.vaultwarden.rule=Host(`vault.${DOMAIN}`)"
- "traefik.http.routers.vaultwarden.entrypoints=websecure"
- "traefik.http.routers.vaultwarden.tls=true"
- "traefik.http.routers.vaultwarden.tls.certresolver=letsencrypt"
# SSO disabled for browser extension and mobile app compatibility
# - "traefik.http.routers.vaultwarden.middlewares=authelia@docker"
- "traefik.http.services.vaultwarden.loadbalancer.server.port=80"
# Sablier configuration
- "sablier.enable=true"
- "sablier.group=${SERVER_HOSTNAME}-vaultwarden"
- "sablier.start-on-demand=true"
# Authelia Redis - Session storage for Authelia
# No web UI - backend service
# authelia-redis:
# image: redis:7-alpine
# container_name: authelia-redis
# restart: unless-stopped
# networks:
# - homelab-network
# volumes:
# - authelia-redis-data:/data
# command: redis-server --save 60 1 --loglevel warning
# labels:
# - homelab.category=utilities
# - homelab.description=Session storage for Authelia
volumes:
backrest-cache: null
formio-mongo-data: null
authelia-redis-data: null
networks:
homelab-network:
external: true
traefik-network:
external: true
x-dockge:
urls:
- https://backrest.${DOMAIN}
- https://${SERVER_IP}:9898
- https://duplicati.${DOMAIN}
- https://${SERVER_IP}:8200
- https://forms.${DOMAIN}
- https://${SERVER_IP}:3002
- https://vault.${DOMAIN}
- https://${SERVER_IP}:8091