# Backup and Utility Services # Place in /opt/stacks/utilities/docker-compose.yml services: # Backrest - Backup solution for restic # Access at: https://backrest.${DOMAIN} backrest: image: garethgeorge/backrest:latest container_name: backrest restart: unless-stopped networks: - homelab-network - traefik-network volumes: - /opt/stacks/backrest/data:/data - ./$(basename $file .yml)/config:/config - /opt/stacks:/opt/stacks:ro # Backup source - /mnt:/mnt:ro # Backup additional drives - backrest-cache:/cache environment: - BACKREST_DATA=/data - BACKREST_CONFIG=/config/config.json - TZ=${TZ} labels: - "homelab.category=utilities" - "homelab.description=Backup management with restic" - "traefik.enable=true" - "traefik.http.routers.backrest.rule=Host(`backrest.${DOMAIN}`)" - "traefik.http.routers.backrest.entrypoints=websecure" - "traefik.http.routers.backrest.tls.certresolver=letsencrypt" - "traefik.http.routers.backrest.middlewares=authelia@docker" - "traefik.http.services.backrest.loadbalancer.server.port=9898" # Duplicati - Backup solution # Access at: https://duplicati.${DOMAIN} duplicati: image: lscr.io/linuxserver/duplicati:latest container_name: duplicati restart: unless-stopped networks: - homelab-network - traefik-network volumes: - ./$(basename $file .yml)/config:/config - /opt/stacks:/source/stacks:ro - /mnt:/source/mnt:ro - /mnt/backups:/backups environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - TZ=${TZ} labels: - "homelab.category=utilities" - "homelab.description=Backup software with encryption" - "traefik.enable=true" - "traefik.http.routers.duplicati.rule=Host(`duplicati.${DOMAIN}`)" - "traefik.http.routers.duplicati.entrypoints=websecure" - "traefik.http.routers.duplicati.tls.certresolver=letsencrypt" - "traefik.http.routers.duplicati.middlewares=authelia@docker" - "traefik.http.services.duplicati.loadbalancer.server.port=8200" # Code Server - VS Code in browser # Access at: https://code.${DOMAIN} code-server: image: lscr.io/linuxserver/code-server:latest container_name: code-server restart: unless-stopped networks: - homelab-network - traefik-network volumes: - ./$(basename $file .yml)/config:/config - /opt/stacks:/opt/stacks # Access to all stacks - /mnt:/mnt:ro # Read-only access to data environment: - PUID=${PUID:-1000} - PGID=${PGID:-1000} - TZ=${TZ} - PASSWORD=${CODE_SERVER_PASSWORD} - SUDO_PASSWORD=${CODE_SERVER_SUDO_PASSWORD} labels: - "homelab.category=utilities" - "homelab.description=VS Code in browser" - "traefik.enable=true" - "traefik.http.routers.code-server.rule=Host(`code.${DOMAIN}`)" - "traefik.http.routers.code-server.entrypoints=websecure" - "traefik.http.routers.code-server.tls.certresolver=letsencrypt" - "traefik.http.routers.code-server.middlewares=authelia@docker" - "traefik.http.services.code-server.loadbalancer.server.port=8443" # Form.io - Form builder (if needed) # Access at: https://forms.${DOMAIN} formio: image: formio/formio:latest container_name: formio restart: unless-stopped networks: - homelab-network - traefik-network - formio-network environment: - MONGO_URL=mongodb://formio-mongo:27017/formio - JWT_SECRET=${FORMIO_JWT_SECRET} - DB_SECRET=${FORMIO_DB_SECRET} depends_on: - formio-mongo labels: - "homelab.category=utilities" - "homelab.description=Form builder platform" - "traefik.enable=true" - "traefik.http.routers.formio.rule=Host(`forms.${DOMAIN}`)" - "traefik.http.routers.formio.entrypoints=websecure" - "traefik.http.routers.formio.tls.certresolver=letsencrypt" - "traefik.http.routers.formio.middlewares=authelia@docker" - "traefik.http.services.formio.loadbalancer.server.port=3000" formio-mongo: image: mongo:6 container_name: formio-mongo restart: unless-stopped networks: - formio-network volumes: - formio-mongo-data:/data/db labels: - "homelab.category=utilities" - "homelab.description=Form.io database" # Bitwarden (Vaultwarden) - Password manager # Access at: https://bitwarden.${DOMAIN} # Note: SSO disabled for browser extension and mobile app compatibility vaultwarden: image: vaultwarden/server:latest container_name: vaultwarden restart: unless-stopped networks: - homelab-network - traefik-network volumes: - /opt/stacks/vaultwarden/data:/data environment: - DOMAIN=https://bitwarden.${DOMAIN} - SIGNUPS_ALLOWED=${BITWARDEN_SIGNUPS_ALLOWED:-true} - INVITATIONS_ALLOWED=${BITWARDEN_INVITATIONS_ALLOWED:-true} - ADMIN_TOKEN=${BITWARDEN_ADMIN_TOKEN} - SMTP_HOST=${SMTP_HOST} - SMTP_FROM=${SMTP_FROM} - SMTP_PORT=${SMTP_PORT:-587} - SMTP_SECURITY=${SMTP_SECURITY:-starttls} - SMTP_USERNAME=${SMTP_USERNAME} - SMTP_PASSWORD=${SMTP_PASSWORD} labels: - "homelab.category=utilities" - "homelab.description=Self-hosted password manager (Bitwarden)" - "traefik.enable=true" - "traefik.http.routers.vaultwarden.rule=Host(`bitwarden.${DOMAIN}`)" - "traefik.http.routers.vaultwarden.entrypoints=websecure" - "traefik.http.routers.vaultwarden.tls.certresolver=letsencrypt" # SSO disabled for browser extension and mobile app compatibility # - "traefik.http.routers.vaultwarden.middlewares=authelia@docker" - "traefik.http.services.vaultwarden.loadbalancer.server.port=80" # Authelia Redis - Session storage for Authelia # No web UI - backend service authelia-redis: image: redis:alpine container_name: authelia-redis restart: unless-stopped networks: - homelab-network volumes: - authelia-redis-data:/data command: redis-server --save 60 1 --loglevel warning labels: - "homelab.category=utilities" - "homelab.description=Session storage for Authelia" volumes: backrest-cache: formio-mongo-data: authelia-redis-data: networks: homelab-network: external: true traefik-network: external: true formio-network: driver: bridge