# Productivity and Content Management Services # SABLIER SESSION DURATION: Set to 5m for testing. Increase to 30m for production in config-templates/traefik/dynamic/sablier.yml # RESTART POLICY GUIDE: # - unless-stopped: Core infrastructure services that should always run # - no: Services with Sablier lazy loading (start on-demand) # - See individual service comments for specific reasoning services: # Nextcloud - File sync and collaboration # Uses Sablier lazy loading - starts on-demand, stops after 5min inactivity nextcloud: image: nextcloud:28 deploy: resources: limits: cpus: '1.5' memory: 1G pids: 2048 reservations: cpus: '0.75' memory: 512M container_name: nextcloud restart: no networks: - homelab-network - traefik-network ports: - '8089:80' volumes: - ./nextcloud/html:/var/www/html - ${NEXTCLOUD_DIR}:/var/www/html/data environment: - MYSQL_HOST=nextcloud-db - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_PASSWORD=${NEXTCLOUD_DB_PASSWORD} - NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN_USER} - NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD} - NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.${DOMAIN} - TRUSTED_PROXIES=172.18.0.0/16 - OVERWRITEPROTOCOL=https - OVERWRITEHOST=nextcloud.${DOMAIN} healthcheck: test: ['CMD', 'curl', '-f', 'http://localhost/status.php'] interval: 30s timeout: 10s retries: 3 start_period: 60s depends_on: - nextcloud-db labels: # TRAEFIK CONFIGURATION # Service metadata - 'com.centurylinklabs.watchtower.enable=true' - 'homelab.category=productivity' - 'homelab.description=File sync and collaboration' - 'traefik.enable=true' - 'traefik.docker.network=traefik-network' # Router configuration - 'traefik.http.routers.nextcloud.rule=Host(`nextcloud.${DOMAIN}`)' - 'traefik.http.routers.nextcloud.entrypoints=websecure' - 'traefik.http.routers.nextcloud.tls.certresolver=letsencrypt' - 'traefik.http.routers.nextcloud.middlewares=authelia@docker' # Service configuration - 'traefik.http.services.nextcloud.loadbalancer.server.port=8089' # Sablier configuration - 'sablier.enable=true' - 'sablier.group=jasper-nextcloud' - 'sablier.start-on-demand=true' nextcloud-db: image: mariadb:10.11 container_name: nextcloud-db restart: no networks: - homelab-network volumes: - ./nextcloud/db:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD=${NEXTCLOUD_DB_ROOT_PASSWORD} - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_PASSWORD=${NEXTCLOUD_DB_PASSWORD} command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW labels: - 'homelab.category=productivity' - 'homelab.description=Nextcloud database' # Mealie - Recipe manager mealie: image: ghcr.io/mealie-recipes/mealie:latest container_name: mealie restart: no networks: - homelab-network - traefik-network ports: - '9000:9000' volumes: - ./mealie/data:/app/data environment: - PUID=${PUID} - PGID=${PGID} - TZ=${TZ} - BASE_URL=https://mealie.${DOMAIN} - DB_ENGINE=sqlite labels: # TRAEFIK CONFIGURATION # Service metadata - 'com.centurylinklabs.watchtower.enable=true' - 'homelab.category=productivity' - 'homelab.description=Recipe manager and meal planner' - 'traefik.enable=true' - 'traefik.docker.network=traefik-network' # Router configuration - 'traefik.http.routers.mealie.rule=Host(`mealie.${DOMAIN}`)' - 'traefik.http.routers.mealie.entrypoints=websecure' - 'traefik.http.routers.mealie.tls.certresolver=letsencrypt' - 'traefik.http.routers.mealie.middlewares=authelia@docker' # Service configuration - 'traefik.http.services.mealie.loadbalancer.server.port=9000' # Sablier configuration - 'sablier.enable=true' - 'sablier.group=jasper-mealie' - 'sablier.start-on-demand=true' # WordPress - Blog/website platform wordpress: image: wordpress:latest container_name: wordpress restart: no networks: - homelab-network - traefik-network ports: - '8088:80' volumes: - ./wordpress/html:/var/www/html environment: - WORDPRESS_DB_HOST=wordpress-db - WORDPRESS_DB_USER=wordpress - WORDPRESS_DB_PASSWORD=${WORDPRESS_DB_PASSWORD} - WORDPRESS_DB_NAME=wordpress healthcheck: test: ['CMD', 'curl', '-f', 'http://localhost/'] interval: 30s timeout: 10s retries: 3 start_period: 60s depends_on: - wordpress-db labels: # TRAEFIK CONFIGURATION # Service metadata - 'com.centurylinklabs.watchtower.enable=true' - 'homelab.category=productivity' - 'homelab.description=Blog and website platform' - 'traefik.enable=true' - 'traefik.docker.network=traefik-network' # Router configuration - 'traefik.http.routers.wordpress.rule=Host(`wordpress.${DOMAIN}`)' - 'traefik.http.routers.wordpress.entrypoints=websecure' - 'traefik.http.routers.wordpress.tls.certresolver=letsencrypt' - 'traefik.http.routers.wordpress.middlewares=authelia@docker' # Service configuration - 'traefik.http.services.wordpress.loadbalancer.server.port=8088' # Sablier configuration - 'sablier.enable=true' - 'sablier.group=jasper-wordpress' - 'sablier.start-on-demand=true' wordpress-db: image: mariadb:10.11 container_name: wordpress-db restart: no networks: - homelab-network volumes: - ./wordpress/db:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD=${WORDPRESS_DB_ROOT_PASSWORD} - MYSQL_DATABASE=wordpress - MYSQL_USER=wordpress - MYSQL_PASSWORD=${WORDPRESS_DB_PASSWORD} labels: - 'homelab.category=productivity' - 'homelab.description=WordPress database' # Gitea - Self-hosted Git service gitea: image: gitea/gitea:latest deploy: resources: limits: cpus: '0.50' memory: 256M pids: 512 reservations: cpus: '0.25' memory: 128M container_name: gitea restart: no networks: - homelab-network - traefik-network ports: - '3010:3000' volumes: - ./gitea/data:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro environment: - USER_UID=${PUID} - USER_GID=${PGID} - GITEA__database__DB_TYPE=postgres - GITEA__database__HOST=gitea-db:5432 - GITEA__database__NAME=gitea - GITEA__database__USER=gitea - GITEA__database__PASSWD=${GITEA_DB_PASSWORD} healthcheck: test: ['CMD', 'curl', '-f', 'http://localhost:3000/'] interval: 30s timeout: 10s retries: 3 start_period: 60s depends_on: - gitea-db labels: # TRAEFIK CONFIGURATION # Service metadata - 'com.centurylinklabs.watchtower.enable=true' - 'homelab.category=productivity' - 'homelab.description=Self-hosted Git service' - 'traefik.enable=true' - 'traefik.docker.network=traefik-network' # Router configuration - 'traefik.http.routers.gitea.rule=Host(`gitea.${DOMAIN}`)' - 'traefik.http.routers.gitea.entrypoints=websecure' - 'traefik.http.routers.gitea.tls.certresolver=letsencrypt' - 'traefik.http.routers.gitea.middlewares=authelia@docker' # Service configuration - 'traefik.http.services.gitea.loadbalancer.server.port=3010' # Sablier configuration - 'sablier.enable=true' - 'sablier.group=jasper-gitea' - 'sablier.start-on-demand=true' gitea-db: image: postgres:14-alpine container_name: gitea-db restart: no networks: - homelab-network volumes: - ./gitea/db:/var/lib/postgresql/data environment: - POSTGRES_USER=gitea - POSTGRES_PASSWORD=${GITEA_DB_PASSWORD} - POSTGRES_DB=gitea labels: - 'homelab.category=productivity' - 'homelab.description=Gitea database' # Jupyter Lab - Interactive computing notebooks # Token displayed in logs on first start jupyter: image: jupyter/scipy-notebook:latest container_name: jupyter restart: no networks: - homelab-network - traefik-network ports: - '8890:8888' volumes: - ./config/jupyter:/home/jovyan/work environment: - JUPYTER_ENABLE_LAB=yes - GRANT_SUDO=yes user: root command: start-notebook.sh --NotebookApp.token='${JUPYTER_TOKEN}' # Uncomment for GPU support (NVIDIA, requires nvidia-container-toolkit) # runtime: nvidia # devices: # - /dev/nvidia0:/dev/nvidia0 # - /dev/nvidiactl:/dev/nvidiactl # Add these to environment above: # - NVIDIA_VISIBLE_DEVICES=all # - NVIDIA_DRIVER_CAPABILITIES=compute,utility labels: # TRAEFIK CONFIGURATION # ========================================== # Service metadata - 'homelab.category=productivity' - 'homelab.description=Jupyter Lab for data science and ML' # Traefik reverse proxy (comment/uncomment to disable/enable) # If Traefik is on a remote server: these labels are NOT USED; # configure external yml files in /traefik/dynamic folder instead. - 'traefik.enable=true' - 'traefik.docker.network=traefik-network' - 'traefik.http.routers.jupyter.rule=Host(`jupyter.${DOMAIN}`)' - 'traefik.http.routers.jupyter.entrypoints=websecure' - 'traefik.http.routers.jupyter.tls.certresolver=letsencrypt' - 'traefik.http.routers.jupyter.middlewares=authelia@docker' - 'traefik.http.services.jupyter.loadbalancer.server.port=8890' # Sablier configuration - 'sablier.enable=true' - 'sablier.group=jasper-jupyter' - 'sablier.start-on-demand=true' networks: homelab-network: external: true traefik-network: external: true x-dockge: urls: # Proxied URLs (through Traefik) - https://nextcloud.${DOMAIN} - https://192.168.4.4:8089 - https://mealie.${DOMAIN} - https://192.168.4.4:9000 - https://wordpress.${DOMAIN} - https://192.168.4.4:8088 - https://gitea.${DOMAIN} - https://192.168.4.4:3010 - https://jupyter.${DOMAIN} - https://192.168.4.4:8890