# Backup and Utility Services # Place in /opt/stacks/utilities/docker-compose.yml # Service Access URLs: # - Backrest: https://backrest.${DOMAIN} # - Duplicati: https://duplicati.${DOMAIN} # - Form.io: https://forms.${DOMAIN} # - Vaultwarden (Bitwarden): https://vault.${DOMAIN} services: # Backrest - Backup solution for restic # Access at: https://backrest.${DOMAIN} backrest: image: garethgeorge/backrest:latest container_name: backrest restart: unless-stopped networks: - homelab-network - traefik-network volumes: - ./backrest/data:/data - ./backrest/config:/config - /opt/stacks:/opt/stacks:ro # Backup source - /mnt:/mnt:ro # Backup additional drives - backrest-cache:/cache environment: - BACKREST_DATA=/data - BACKREST_CONFIG=/config/config.json - TZ=${TZ} labels: - "homelab.category=utilities" - "homelab.description=Backup management with restic" - "traefik.enable=true" - "traefik.http.routers.backrest.rule=Host(`backrest.${DOMAIN}`)" - "traefik.http.routers.backrest.entrypoints=websecure" - "traefik.http.routers.backrest.tls.certresolver=letsencrypt" - "traefik.http.routers.backrest.middlewares=authelia@docker" - "traefik.http.services.backrest.loadbalancer.server.port=9898" - "x-dockge.url=https://backrest.${DOMAIN}" - "x-dockge.url=https://backrest.${DOMAIN}" # Duplicati - Backup solution # Access at: https://duplicati.${DOMAIN} duplicati: image: lscr.io/linuxserver/duplicati:2.0.7 container_name: duplicati restart: unless-stopped networks: - homelab-network - traefik-network volumes: - ./duplicati/config:/config - /opt/stacks:/source/stacks:ro - /mnt:/source/mnt:ro - /mnt/backups:/backups environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - TZ=${TZ} labels: - "homelab.category=utilities" - "homelab.description=Backup software with encryption" - "traefik.enable=true" - "traefik.http.routers.duplicati.rule=Host(`duplicati.${DOMAIN}`)" - "traefik.http.routers.duplicati.entrypoints=websecure" - "traefik.http.routers.duplicati.tls.certresolver=letsencrypt" - "traefik.http.routers.duplicati.middlewares=authelia@docker" - "traefik.http.services.duplicati.loadbalancer.server.port=8200" # Form.io - Form builder (DISABLED - image not available) # Uncomment and configure if formio/formio image becomes available # formio: # image: formio/formio:latest # container_name: formio # restart: unless-stopped # networks: # - homelab-network # - traefik-network # - formio-network # environment: # - MONGO_URL=mongodb://formio-mongo:27017/formio # - JWT_SECRET=${FORMIO_JWT_SECRET} # - DB_SECRET=${FORMIO_DB_SECRET} # depends_on: # - formio-mongo # labels: # - "homelab.category=utilities" # - "homelab.description=Form builder platform" # - "traefik.enable=true" # - "traefik.http.routers.formio.rule=Host(`forms.${DOMAIN}`)" # - "traefik.http.routers.formio.entrypoints=websecure" # - "traefik.http.routers.formio.tls.certresolver=letsencrypt" # - "traefik.http.routers.formio.middlewares=authelia@docker" # - "traefik.http.services.formio.loadbalancer.server.port=3000" # formio-mongo: # image: mongo:6.0 # container_name: formio-mongo # restart: unless-stopped # networks: # - formio-network # volumes: # - formio-mongo-data:/data/db # labels: # - "homelab.category=utilities" # - "homelab.description=Form.io database" # Bitwarden (Vaultwarden) - Password manager # Access at: https://vault.${DOMAIN} # Note: SSO disabled for browser extension and mobile app compatibility vaultwarden: image: vaultwarden/server:1.30.1 container_name: vaultwarden restart: unless-stopped networks: - homelab-network - traefik-network volumes: - ./vaultwarden/data:/data environment: - DOMAIN=https://vault.${DOMAIN} - SIGNUPS_ALLOWED=${BITWARDEN_SIGNUPS_ALLOWED:-true} - INVITATIONS_ALLOWED=${BITWARDEN_INVITATIONS_ALLOWED:-true} - ADMIN_TOKEN=${BITWARDEN_ADMIN_TOKEN} # SMTP disabled - uncomment and configure to enable email # - SMTP_HOST=${SMTP_HOST} # - SMTP_FROM=${SMTP_FROM} # - SMTP_PORT=${SMTP_PORT:-587} # - SMTP_SECURITY=${SMTP_SECURITY:-starttls} # - SMTP_USERNAME=${SMTP_USERNAME} # - SMTP_PASSWORD=${SMTP_PASSWORD} labels: - "homelab.category=utilities" - "homelab.description=Self-hosted password manager (Bitwarden)" - "traefik.enable=true" - "traefik.http.routers.vaultwarden.rule=Host(`vault.${DOMAIN}`)" - "traefik.http.routers.vaultwarden.entrypoints=websecure" - "traefik.http.routers.vaultwarden.tls=true" - "traefik.http.routers.vaultwarden.tls.certresolver=letsencrypt" # SSO disabled for browser extension and mobile app compatibility # - "traefik.http.routers.vaultwarden.middlewares=authelia@docker" - "traefik.http.services.vaultwarden.loadbalancer.server.port=80" # Authelia Redis - Session storage for Authelia # No web UI - backend service authelia-redis: image: redis:7-alpine container_name: authelia-redis restart: unless-stopped networks: - homelab-network volumes: - authelia-redis-data:/data command: redis-server --save 60 1 --loglevel warning labels: - "homelab.category=utilities" - "homelab.description=Session storage for Authelia" volumes: backrest-cache: formio-mongo-data: authelia-redis-data: networks: homelab-network: external: true traefik-network: external: true formio-network: driver: bridge