- Removed docker-compose/productivity/nextcloud/html/ directory containing Nextcloud app files
- Added exclusion for Nextcloud html directory in .gitignore
- Nextcloud should install its files via Docker volume mounts, not be committed to repo
- Apply consistent label structure across all compose files
- Include complete Traefik and Sablier labels for all services
- Enable Sablier by default for services with middleware definitions
- Comment out Sablier labels for services without middleware
- Add explanatory comments for remote Traefik configurations
- Comment out Authelia middleware where not appropriate (media apps, public services)
- Maintain existing configuration data and functionality
- Enable Sablier by default for services with middleware definitions
- Update label comments to indicate 'enabled by default - comment out to disable'
- Ensure x-dockge sections have proxied URLs first, then direct IP:port
- Remove any x-dockge labels from service configurations
- Maintain well-documented, concise label sections for easy enable/disable
- Change Traefik configs to use ${SERVER_HOSTNAME} placeholder (defaults to debian)
- Update ez-homelab.sh to replace SERVER_HOSTNAME in config templates
- Set Sablier session duration to 5m for testing (increase to 30m for production)
- Add SERVER_HOSTNAME prompt and saving in setup script
- Reorganize .env.example with better structure and SMTP variables
- Add production guidance comments to docker-compose files
- Intentional SMTP variable redundancy for service flexibility
- Added healthcheck to ensure Jellyfin is ready before Sablier redirects
- Added hacker-terminal theme to Sablier starting page
- This should help Sablier detect when Jellyfin is fully ready
- Restored Sablier labels and restart: no for Dozzle, Glances, Code Server
- Remote Sablier can control local containers via dockerproxy
- Services will start on-demand when accessed
- Changed Dozzle, Glances, Code Server from restart: no to unless-stopped
- Removed Sablier labels from all three services
- Updated comments to reflect continuous running
- Kept dockerproxy environment variables for local Docker operations
- Add SERVER_HOSTNAME env var for Sablier group naming
- Update default hostname from 'jarvis' to 'debian' for generic repo compatibility
- Add restart policy documentation to all docker-compose files
- Add Sablier labels to lazy-loaded services (jellyfin, dozzle, glances, code-server, homarr, dokuwiki)
- Update sablier.yml template to use debian- prefixes
- Enhance deploy script to auto-detect hostname and update configurations
- Ensure all YAML files remain syntactically valid
- Change restart policy from 'unless-stopped' to 'no' for services configured with Sablier middleware
- Services affected: jellyfin, dozzle, glances, code-server, homarr, dokuwiki
- Allows Sablier to control container startup/shutdown for lazy loading
- Improves resource utilization by only running services when accessed
- Add unified ez-homelab.sh script with guided menu interface
- Create dedicated Dockge stack in /opt/dockge for clean isolation
- Move dockerproxy from core to infrastructure stack
- Fix Authelia configuration with proper variable placeholders
- Update all compose files to use variables
- Enhance script with comprehensive variable replacement
- Fix sed delimiter conflicts and middleware issues
- Add proper step numbering and error handling
- Prepare all stacks for Dockge management
- Update README with new deployment instructions
- Remove alternatives.yml, development.yml, homeassistant.yml
- Keep folder-based structure for all stacks
- Note: development stack was removed as it was incomplete
- Remove redundant .yml files from main docker-compose folder
- Update deploy script to use folder-based structure for all stacks
- Update documentation to reflect new folder-based organization
- Standardize all stacks to use docker-compose.yml in individual folders
This eliminates confusion between file-based and folder-based structures,
making the repository more maintainable and consistent.
- Updated all documentation references from AI-Homelab to EZ-Homelab
- Changed repository URLs and directory paths
- Updated wiki content and navigation
- Maintained AI assistance functionality while emphasizing ease of use
- Updated copilot instructions and agent guidelines
- Added x-dockge.url=https://service. labels to all services that have Traefik routers
- Enables Dockge to display direct links to service web interfaces
- Covers all stacks: core, infrastructure, media, productivity, monitoring, utilities, etc.
- Update GitLab to latest image and configure for HTTPS via Traefik
- Update pgAdmin to latest image and add Traefik routing
- Update Jupyter to latest image and add Traefik routing
- Add traefik-network to all web-accessible services
- Configure unique hostnames: gitlab, pgadmin, jupyter
- Remove direct port exposure in favor of Traefik reverse proxy
- Update service descriptions and access URLs
- Remove user directives from Prometheus and Loki services to allow root access to volumes
- Add resource limits to all monitoring services (Prometheus, Grafana, Uptime Kuma, Loki)
- Fixes permission denied errors when writing to named volumes
- Fix malformed deploy.resources sections in homepage and homarr
- Ensure proper YAML indentation for reservations sections
- Apply web service resource limits (0.5 CPU, 256MB memory each)
- Validate both deployed and repository configurations
- Fix malformed deploy.resources sections in dockge, pihole, glances
- Add missing resource limits to dozzle and code-server
- Ensure proper YAML indentation for reservations sections
- Apply researched resource limits based on service types:
* Lightweight: dockge (0.5 CPU), pihole (0.25 CPU)
* Web services: dozzle, glances (0.5 CPU each)
* Heavy apps: code-server (1.5 CPU for full IDE)
- Validate both deployed and repository configurations
- Added user field with DOCKER_GID to allow homepage to read Docker socket
- Ensures container status monitoring works properly
- DOCKER_GID defaults to 999, should be set to actual docker group ID in .env
- Created new downloaders stack with Gluetun + qBittorrent unified
- Moved Gluetun from core stack to downloaders stack
- Moved qBittorrent from media-management to downloaders stack
- Uses network_mode: service:gluetun for better maintainability
- Eliminates cross-stack container ID dependencies
- Both services now start/stop together as a logical unit
- Add tls=true label to vaultwarden for HTTPS routing
- Add Traefik routing labels to Gluetun for qbittorrent access
- Move qbittorrent service to media-management stack (proper location)
- Update copilot-instructions.md with project-specific architecture details
- Clean up outdated gluetun.yml references in media.yml template
Both services now accessible via HTTPS with proper SSL certificates.
- Added Traefik labels and routing to prometheus, grafana, loki, cadvisor
- Fixed Grafana ROOT_URL to use domain-based URL (https://grafana.${DOMAIN})
- Added uptime-kuma bypass rule in Authelia (needs initial setup)
- Updated all services to use traefik-network
- Synced domain from kelin-hass to kelin-casa across all configs
- Fixed missing tls=true label on uptime-kuma
- Note: Loki is API-only service (no web UI, accessed via Grafana)
Fixes:
- docker-compose/infrastructure.yml:
- Uncommented Watchtower service
- Updated image from 1.7.1 to latest
- Changed DOCKER_API_VERSION from 1.44 to 1.52 (current Docker version)
- Added default empty value for WATCHTOWER_NOTIFICATION_URL
- scripts/deploy-homelab.sh:
- Removed "temporarily disabled" note
- Added Watchtower to infrastructure stack list
- docs/services-overview.md:
- Updated infrastructure stack count from 7 to 8
- Added Watchtower to service list
Watchtower now runs successfully with scheduled updates at 4 AM daily
Critical fix for argon2 password hash preservation:
- Root cause: Bash variable expansion of $ characters in argon2id hashes
- Solution: Write hash directly from Docker output to file, bypass bash variables entirely
- setup-homelab.sh: Stream Docker output directly to /tmp/authelia_password_hash.tmp
- deploy-homelab.sh: Read hash file in Python to avoid any bash expansion
- Result: Password hash correctly preserved with full $argon2id$v=19$m=... format
Other changes:
- Added DOCKER_API_VERSION=1.44 env var for watchtower (API compatibility)
- Watchtower still has issues with Docker 29.1.4 - keeping version pinned for investigation
Tested on Debian 12 with Docker 29.1.4:
✅ All 11 critical containers healthy
✅ Authelia authentication working correctly
✅ Password hash preserved through entire deployment workflow
⚠️ Watchtower restart loop (non-critical, under investigation)
- Add DOCKER_API_VERSION=1.44 to Watchtower (fixes crash loop)
- Add dockerproxy-network creation to deploy script (fixes dashboard deployment)
- Add explicit acme.json file creation with 600 permissions (fixes SSL cert acquisition)
- Fix setup script to correctly resolve user home directory when run with sudo
These fixes resolve all critical blockers discovered in Round 3 testing.
- Added compose files for core, infrastructure, and dashboards stacks
- Added Traefik, Authelia, and DuckDNS configuration files
- Added dockge.managed and dockge.url labels to all services
- Updated Watchtower to latest version with DOCKER_API_VERSION=1.44
- Created comprehensive SSL certificate troubleshooting guide for DuckDNS issues
