# Productivity and Content Management Services # Place in /opt/stacks/productivity/docker-compose.yml # SABLIER SESSION DURATION: Set to 5m for testing. Increase to 30m for production in config-templates/traefik/dynamic/sablier.yml # RESTART POLICY GUIDE: # - unless-stopped: Core infrastructure services that should always run # - no: Services with Sablier lazy loading (start on-demand) # - See individual service comments for specific reasoning services: # Nextcloud - File sync and collaboration # Access at: https://nextcloud.kelinreij.duckdns.org # Uses Sablier lazy loading - starts on-demand, stops after 5min inactivity nextcloud: image: nextcloud:28 deploy: resources: limits: cpus: '1.5' memory: 1G pids: 2048 reservations: cpus: '0.75' memory: 512M container_name: nextcloud restart: no networks: - homelab-network - traefik-network ports: - "8089:80" volumes: - ./nextcloud/html:/var/www/html - /mnt/nextcloud-data:/var/www/html/data # Large data on separate drive environment: - MYSQL_HOST=nextcloud-db - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_PASSWORD=${NEXTCLOUD_DB_PASSWORD} - NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN_USER} - NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD} - NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.kelinreij.duckdns.org - TRUSTED_PROXIES=172.18.0.0/16 - OVERWRITEPROTOCOL=https - OVERWRITEHOST=nextcloud.kelinreij.duckdns.org healthcheck: test: ["CMD", "curl", "-f", "http://localhost/status.php"] interval: 30s timeout: 10s retries: 3 start_period: 60s depends_on: - nextcloud-db labels: # TRAEFIK CONFIGURATION # Service metadata - "com.centurylinklabs.watchtower.enable=true" - "homelab.category=productivity" - "homelab.description=File sync and collaboration" - "traefik.enable=true" # Router configuration - "traefik.http.routers.nextcloud.rule=Host(`nextcloud.kelinreij.duckdns.org`)" - "traefik.http.routers.nextcloud.entrypoints=websecure" - "traefik.http.routers.nextcloud.tls.certresolver=letsencrypt" - "traefik.http.routers.nextcloud.middlewares=authelia@docker" # Service configuration - "traefik.http.services.nextcloud.loadbalancer.server.port=8089" # Sablier configuration - "sablier.enable=true" - "sablier.group=jasper-nextcloud" - "sablier.start-on-demand=true" nextcloud-db: image: mariadb:10.11 container_name: nextcloud-db restart: no networks: - homelab-network volumes: - nextcloud-db-data:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD=${NEXTCLOUD_DB_ROOT_PASSWORD} - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_PASSWORD=${NEXTCLOUD_DB_PASSWORD} command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW labels: - "homelab.category=productivity" - "homelab.description=Nextcloud database" # Mealie - Recipe manager # Access at: https://mealie.kelinreij.duckdns.org mealie: image: ghcr.io/mealie-recipes/mealie:latest container_name: mealie restart: no networks: - homelab-network - traefik-network ports: - "9000:9000" volumes: - ./mealie/data:/app/data environment: - PUID=1000 - PGID=1000 - TZ=America/New_York - BASE_URL=https://mealie.kelinreij.duckdns.org - DB_ENGINE=sqlite labels: # TRAEFIK CONFIGURATION # Service metadata - "com.centurylinklabs.watchtower.enable=true" - "homelab.category=productivity" - "homelab.description=Recipe manager and meal planner" - "traefik.enable=true" # Router configuration - "traefik.http.routers.mealie.rule=Host(`mealie.kelinreij.duckdns.org`)" - "traefik.http.routers.mealie.entrypoints=websecure" - "traefik.http.routers.mealie.tls.certresolver=letsencrypt" - "traefik.http.routers.mealie.middlewares=authelia@docker" # Service configuration - "traefik.http.services.mealie.loadbalancer.server.port=9000" # Sablier configuration - "sablier.enable=true" - "sablier.group=jasper-mealie" - "sablier.start-on-demand=true" # WordPress - Blog/website platform # Access at: https://blog.kelinreij.duckdns.org wordpress: image: wordpress:latest container_name: wordpress restart: no networks: - homelab-network - traefik-network ports: - "8088:80" volumes: - ./wordpress/html:/var/www/html environment: - WORDPRESS_DB_HOST=wordpress-db - WORDPRESS_DB_USER=wordpress - WORDPRESS_DB_PASSWORD=${WORDPRESS_DB_PASSWORD} - WORDPRESS_DB_NAME=wordpress healthcheck: test: ["CMD", "curl", "-f", "http://localhost/"] interval: 30s timeout: 10s retries: 3 start_period: 60s depends_on: - wordpress-db labels: # TRAEFIK CONFIGURATION # Service metadata - "com.centurylinklabs.watchtower.enable=true" - "homelab.category=productivity" - "homelab.description=Blog and website platform" - "traefik.enable=true" # Router configuration - "traefik.http.routers.wordpress.rule=Host(`wordpress.kelinreij.duckdns.org`)" - "traefik.http.routers.wordpress.entrypoints=websecure" - "traefik.http.routers.wordpress.tls.certresolver=letsencrypt" - "traefik.http.routers.wordpress.middlewares=authelia@docker" # Service configuration - "traefik.http.services.wordpress.loadbalancer.server.port=8088" # Sablier configuration - "sablier.enable=true" - "sablier.group=jasper-wordpress" - "sablier.start-on-demand=true" wordpress-db: image: mariadb:10.11 container_name: wordpress-db restart: no networks: - homelab-network volumes: - wordpress-db-data:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD=${WORDPRESS_DB_ROOT_PASSWORD} - MYSQL_DATABASE=wordpress - MYSQL_USER=wordpress - MYSQL_PASSWORD=${WORDPRESS_DB_PASSWORD} labels: - "homelab.category=productivity" - "homelab.description=WordPress database" # Gitea - Self-hosted Git service # Access at: https://git.kelinreij.duckdns.org gitea: image: gitea/gitea:latest deploy: resources: limits: cpus: '0.50' memory: 256M pids: 512 reservations: cpus: '0.25' memory: 128M container_name: gitea restart: no networks: - homelab-network - traefik-network ports: - "3010:3000" volumes: - ./gitea/data:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro environment: - USER_UID=1000 - USER_GID=1000 - GITEA__database__DB_TYPE=postgres - GITEA__database__HOST=gitea-db:5432 - GITEA__database__NAME=gitea - GITEA__database__USER=gitea - GITEA__database__PASSWD=${GITEA_DB_PASSWORD} healthcheck: test: ["CMD", "curl", "-f", "http://localhost:3000/"] interval: 30s timeout: 10s retries: 3 start_period: 60s depends_on: - gitea-db labels: # TRAEFIK CONFIGURATION # Service metadata - "com.centurylinklabs.watchtower.enable=true" - "homelab.category=productivity" - "homelab.description=Self-hosted Git service" - "traefik.enable=true" # Router configuration - "traefik.http.routers.gitea.rule=Host(`gitea.kelinreij.duckdns.org`)" - "traefik.http.routers.gitea.entrypoints=websecure" - "traefik.http.routers.gitea.tls.certresolver=letsencrypt" - "traefik.http.routers.gitea.middlewares=authelia@docker" # Service configuration - "traefik.http.services.gitea.loadbalancer.server.port=3010" # Sablier configuration - "sablier.enable=true" - "sablier.group=jasper-gitea" - "sablier.start-on-demand=true" gitea-db: image: postgres:14-alpine container_name: gitea-db restart: no networks: - homelab-network volumes: - gitea-db-data:/var/lib/postgresql/data environment: - POSTGRES_USER=gitea - POSTGRES_PASSWORD=${GITEA_DB_PASSWORD} - POSTGRES_DB=gitea labels: - "homelab.category=productivity" - "homelab.description=Gitea database" # Jupyter Lab - Interactive computing notebooks # Access at: https://jupyter.kelinreij.duckdns.org # Token displayed in logs on first start jupyter: image: jupyter/scipy-notebook:latest container_name: jupyter restart: no networks: - homelab-network - traefik-network ports: - "8890:8888" volumes: - ./config/jupyter:/home/jovyan/work environment: - JUPYTER_ENABLE_LAB=yes - GRANT_SUDO=yes user: root command: start-notebook.sh --NotebookApp.token='${JUPYTER_TOKEN}' # Uncomment for GPU support (NVIDIA, requires nvidia-container-toolkit) # runtime: nvidia # devices: # - /dev/nvidia0:/dev/nvidia0 # - /dev/nvidiactl:/dev/nvidiactl # Add these to environment above: # - NVIDIA_VISIBLE_DEVICES=all # - NVIDIA_DRIVER_CAPABILITIES=compute,utility labels: # TRAEFIK CONFIGURATION # ========================================== # Service metadata - "homelab.category=productivity" - "homelab.description=Jupyter Lab for data science and ML" # Traefik reverse proxy (comment/uncomment to disable/enable) # If Traefik is on a remote server: these labels are NOT USED; # configure external yml files in /traefik/dynamic folder instead. - "traefik.enable=true" - "traefik.http.routers.jupyter.rule=Host(`jupyter.kelinreij.duckdns.org`)" - "traefik.http.routers.jupyter.entrypoints=websecure" - "traefik.http.routers.jupyter.tls.certresolver=letsencrypt" - "traefik.http.routers.jupyter.middlewares=authelia@docker" - "traefik.http.services.jupyter.loadbalancer.server.port=8890" # Sablier configuration - "sablier.enable=true" - "sablier.group=jasper-jupyter" - "sablier.start-on-demand=true" volumes: nextcloud-db-data: wordpress-db-data: gitea-db-data: networks: homelab-network: external: true traefik-network: external: true x-dockge: urls: # Proxied URLs (through Traefik) - https://nextcloud.kelinreij.duckdns.org - https://192.168.4.4:8089 - https://mealie.kelinreij.duckdns.org - https://192.168.4.4:9000 - https://wordpress.kelinreij.duckdns.org - https://192.168.4.4:8088 - https://gitea.kelinreij.duckdns.org - https://192.168.4.4:3010 - https://jupyter.kelinreij.duckdns.org - https://192.168.4.4:8890