azpsen/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: azpsen:25f0fe968464fe52e406fc4b4c0ac592a7688bc1
Branches Tags
azpsen:main
..
compare: azpsen:main
Branches Tags
azpsen:main

31 Commits
25f0fe9684 ... main

Author SHA1 Message Date
April Petersen
fe50b1db30 cleanup, app changes 2025-10-21 17:51:49 -05:00
azpsen
a769356f31 major invidious and immich updates, fixes 2025-10-21 17:47:56 -05:00
azpsen
22d9444d0f immich version bump, add workout tracker 2025-04-27 20:20:04 -05:00
azpsen
15c10fa570 remove calibre-web 2025-04-23 15:07:57 -05:00
azpsen
8501b5f381 beszel updates 2025-04-23 14:33:30 -05:00
azpsen
649e019028 cleanup 2025-04-23 14:25:10 -05:00
azpsen
e637e839c0 switch from linkstack to static webserver 2025-04-23 14:11:12 -05:00
azpsen
658285f13c add beszel 2025-04-23 13:21:13 -05:00
azpsen
35790d786b cleanup 2025-04-23 13:15:00 -05:00
azpsen
3ae1187928 cleanup 2025-04-21 11:21:07 -05:00
azpsen
961c894a5e switch to memos, remove grocy 2025-04-21 10:40:49 -05:00
azpsen
d64b5504e0 switch to myspeed in readme 2025-04-21 10:07:07 -05:00
azpsen
e50817db0c switch to myspeed, remove hoarder, formatting fixes 2025-04-21 10:06:08 -05:00
azpsen
18d251f09f switch to wallabag 2025-04-14 10:05:49 -05:00
azpsen
af37f66fbe move media directories to env file 2025-04-11 10:21:46 -05:00
azpsen
1bfd569816 add baikal, change directories 2025-04-07 11:52:24 -05:00
azpsen
806a5812a0 add it-tools 2025-04-03 20:39:29 -05:00
azpsen
2ac8df2a1f add backup tool 2025-04-02 22:20:27 -05:00
azpsen
6866d75e3b add seafile, version bump 2025-03-31 10:38:29 -05:00
azpsen
1af6a726fb version bump, immich cleanup 2025-03-30 10:09:21 -05:00
azpsen
6025d8ec78 immich version bump, clean up readme 2025-03-26 11:40:48 -05:00
azpsen
f0ec9c7a4a env docs, invidious healthcheck 2025-03-26 11:36:36 -05:00
azpsen
47cc083199 enable invidious, add convertx 2025-03-26 11:01:32 -05:00
azpsen
4550a7e3c2 env changes, new services 2025-03-24 15:18:08 -05:00
azpsen
0045db906a version bumps, homepage switch 2025-03-12 14:13:06 -05:00
azpsen
3e23a943cb update immich 2025-01-14 07:53:40 -06:00
azpsen
0f80e2c1c2 add glance, fix readme arrangement 2025-01-07 12:29:53 -06:00
azpsen
ac903c6db8 add hoarder, simplify dns changes 2025-01-07 08:27:13 -06:00
azpsen
ce97e8659b add ebook downloading 2025-01-06 15:36:13 -06:00
azpsen
bfe190b57c fix readme merge conflict 2025-01-06 13:19:22 -06:00
azpsen
71ab4fb685 add wizarr 2025-01-06 13:16:54 -06:00
4 changed files with 673 additions and 326 deletions
Expand all files Collapse all files

29
.env Normal file
View File

@@ -0,0 +1,29 @@
# Base directory for docker-compose
DOCKER_DIR=/docker
# Directory for env files
ENV_DIR=/docker/env
# The IP of this server in the tailscale network
DNS_IP=100.111.0.126
# Time zone
TZ=America/Chicago
# Jellyfin directories
JF_MOVIES=/media/jf/movies
JF_SHOWS=/media/jf/shows
JF_MUSIC=/media/jf/music
# Immich directories
IMMICH_LIBRARY=/media/immich
# Kiwix directories
KIWIX_DIR=/media/kiwix
# qBittorrent directories
QB_EXT_DL=/media/dl
# Audiobookshelf directories
ABS_BOOKS=/media/abs/audiobooks
ABS_PODS=/media/abs/podcasts

1
.gitignore vendored
View File

@@ -1,3 +1,4 @@
*
!docker-compose.yml
!.env
!readme.md

714
docker-compose.yml
View File

@@ -1,19 +1,7 @@
services:
#---------------- USER-FACING SERVICES ----------------#
## Actual (budget)
actual_server:
image: docker.io/actualbudget/actual-server:latest
container_name: actual
ports:
- 5006:5006
volumes:
- /docker/actual:/data
dns:
- 100.111.0.126
restart: unless-stopped
#---------------- MEDIA ----------------#
## AudioBookShelf (audiobook downloading)
audiobookshelf:
@@ -25,12 +13,12 @@ services:
ports:
- 13378:80
volumes:
- /media/audiobooks:/audiobooks
- /media/podcasts:/podcasts
- /docker/audiobookshelf/config:/config
- /docker/audiobookshelf/metadata:/metadata
- ${ABS_BOOKS}:/audiobooks
- ${ABS_PODS}:/podcasts
- ${DOCKER_DIR}/audiobookshelf/config:/config
- ${DOCKER_DIR}/audiobookshelf/metadata:/metadata
dns:
- 100.111.0.126
- ${DNS_IP}
restart: unless-stopped
## AudioBookShelf metadata provider
abs-tract:
@@ -39,147 +27,127 @@ services:
ports:
- 5585:5555
dns:
- 100.111.0.126
restart: unless-stopped
## Calibre (ebook management)
calibre-web:
image: lscr.io/linuxserver/calibre-web:latest
container_name: calibre-web
environment:
- PUID=1000
- PGID=1000
- TZ=America/Chicago
- DOCKER_MODS=linuxserver/mods:universal-calibre #optional
- OAUTHLIB_RELAX_TOKEN_SCOPE=1 #optional
volumes:
- /docker/calibre/config:/config
- /docker/calibre/books:/books
ports:
- 8083:8083
dns:
- 100.111.0.126
restart: unless-stopped
## Gitea
gitea:
image: docker.io/gitea/gitea:latest-rootless
container_name: gitea
user: "1001"
volumes:
- /docker/gitea/data:/var/lib/gitea
- /docker/gitea/config:/etc/gitea
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- 3003:3000
- 2222:2222
dns:
- 100.111.0.126
restart: unless-stopped
## Grocy (home inventory management)
grocy:
container_name: grocy
image: lscr.io/linuxserver/grocy:latest
environment:
- PUID=1000
- PGID=1000
- TZ=America/Chicago
volumes:
- /docker/grocy:/config
ports:
- 9283:80
restart: unless-stopped
## Homepage (server dashboard)
homepage:
image: ghcr.io/gethomepage/homepage:latest
container_name: homepage
environment:
- PUID=1000
- PGID=1000
ports:
- 3000:3000
volumes:
- /docker/homepage:/app/config
- /docker/homepage/images:/app/public/images
- /docker/homepage/fonts:/app/public/fonts
- /media:/media:ro
dns:
- 100.111.0.126
restart: unless-stopped
docker-proxy:
image: ghcr.io/tecnativa/docker-socket-proxy:latest
container_name: docker-proxy
environment:
- CONTAINERS=1 # Allow access to viewing containers
- POST=0 # Disallow any POST operations (effectively read-only)
ports:
- 2375:2375
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${DNS_IP}
restart: unless-stopped
## Immich (photo library management)
immich-server:
immich_server:
container_name: immich_server
image: ghcr.io/immich-app/immich-server:v1.123.0
image: ghcr.io/immich-app/immich-server:release
volumes:
- /media/immich:/usr/src/app/upload
- /docker/immich_db_dump:/db_dump
- ${IMMICH_LIBRARY}:/data
env_file:
- /docker/env/immich.env
- ${ENV_DIR}/immich.env
environment:
- TZ=${TZ}
- PUID=1000
- PGID=1000
ports:
- 2283:2283
depends_on:
- redis
- database
- immich_redis
- immich_db
devices:
- /dev/dri:/dev/dri
dns:
- 100.111.0.126
- ${DNS_IP}
restart: unless-stopped
immich-machine-learning:
container_name: immich_machine_learning
image: ghcr.io/immich-app/immich-machine-learning:v1.123.0
image: ghcr.io/immich-app/immich-machine-learning:release
volumes:
- model-cache:/cache
env_file:
- /docker/env/immich.env
- ${ENV_DIR}/immich.env
restart: unless-stopped
redis:
immich_redis:
container_name: immich_redis
image: redis:6.2-alpine@sha256:70a7a5b641117670beae0d80658430853896b5ef269ccf00d1827427e3263fa3
restart: unless-stopped
database:
container_name: immich_postgres
image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
immich_db:
container_name: immich_db
image: ghcr.io/immich-app/postgres:14-vectorchord0.3.0-pgvectors0.2.0
env_file:
- /docker/env/immich.env
- ${ENV_DIR}/immich.env
volumes:
- /docker/immich:/var/lib/postgresql/data
- ${DOCKER_DIR}/immich:/var/lib/postgresql/data
restart: unless-stopped
## Invidious (youtube client)
invidious:
container_name: invidious
image: quay.io/invidious/invidious:latest
ports:
- 9080:3000
env_file:
- ${ENV_DIR}/invidious.env
healthcheck:
test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/trending || exit 1
interval: 30s
timeout: 5s
retries: 2
depends_on:
- invidious-db
- invidious-companion
restart: unless-stopped
invidious-companion:
container_name: invidious-companion
image: quay.io/invidious/invidious-companion:latest
logging:
options:
max-size: "1G"
max-file: "4"
volumes:
- companioncache:/var/tmp/youtubei.js:rw
env_file:
- ${ENV_DIR}/invidious.env
cap_drop:
- ALL
read_only: true
security_opt:
- no-new-privileges:true
restart: unless-stopped
# invidious-sighelper:
# container_name: invidious-sighelper
# image: quay.io/invidious/inv-sig-helper:latest
# init: true
# command: ["--tcp", "0.0.0.0:12999"]
# ports:
# - 12999:12999
# environment:
# - RUST_LOG=info
# cap_drop:
# - ALL
# read_only: true
# security_opt:
# - no-new-privileges:true
# restart: unless-stopped
invidious-db:
container_name: invidious-db
image: docker.io/library/postgres:14
volumes:
- ${DOCKER_DIR}/invidious/data:/var/lib/postgresql/data
- ${DOCKER_DIR}/invidious/config/sql:/config/sql
- ${DOCKER_DIR}/invidious/docker/init-invidious-db.sh:/docker-entrypoint-initdb.d/init-invidious-db.sh
env_file:
- ${ENV_DIR}/invidious.env
restart: unless-stopped
## Jellyfin (media server)
jellyfin:
image: lscr.io/linuxserver/jellyfin:latest
container_name: jellyfin
image: lscr.io/linuxserver/jellyfin:10.10.7
environment:
- TZ=${TZ}
- PUID=1000
- PGID=1000
- TZ=America/Chicago
- JELLYFIN_PublishedServerUrl=https://watch.azpsen.com
volumes:
- /docker/jellyfin:/config
- /docker/jellyfin/theme:/usr/share/jellyfin/web/theme
- /media/jellyfin/Movies:/data/movies
- /media/jellyfin/TV Shows:/data/tvshows
- /media/jellyfin/Music:/data/music
- /media/jellyfin/Live TV:/data/livetv
- ${DOCKER_DIR}/jellyfin:/config
- ${DOCKER_DIR}/jellyfin/theme:/usr/share/jellyfin/web/theme
- ${JF_MOVIES}:/data/movies
- ${JF_SHOWS}:/data/tvshows
- ${JF_MUSIC}:/data/music
ports:
- 8096:8096
- 7539:7539/udp
@@ -187,81 +155,181 @@ services:
devices:
- /dev/dri:/dev/dri
dns:
- 100.111.0.126
- ${DNS_IP}
restart: unless-stopped
## Joplin (notes)
joplin:
image: joplin/server:latest
container_name: joplin
#---------------- UTILITIES ----------------#
## Actual (budget)
actual:
container_name: actual
image: docker.io/actualbudget/actual-server:latest
ports:
- 22300:22300
env_file:
- /docker/env/joplin.env
depends_on:
- joplin-db
dns:
- 100.111.0.126
restart: unless-stopped
joplin-db:
image: postgres:15
container_name: joplin-db
- 5006:5006
volumes:
- /docker/joplin:/var/lib/postgresql/data
- ${DOCKER_DIR}/actual:/data
dns:
- ${DNS_IP}
restart: unless-stopped
## Baikal (calendar/contacts)
baikal:
container_name: baikal
image: ckulka/baikal:nginx
ports:
- 5432:5432
- 8391:80
volumes:
- ${DOCKER_DIR}/baikal/config:/var/www/baikal/config
- ${DOCKER_DIR}/baikal/data:/var/www/baikal/Specific
restart: unless-stopped
## Backrest (backup GUI)
backrest:
container_name: backrest
image: garethgeorge/backrest:latest
hostname: backrest
volumes:
- ${DOCKER_DIR}/backrest/data:/data
- ${DOCKER_DIR}/backrest/config:/config
- ${DOCKER_DIR}/backrest/cache:/cache
- ${DOCKER_DIR}/backrest/tmp:/tmp
- ${DOCKER_DIR}:/userdata/docker
- ${IMMICH_LIBRARY}:/userdata/immich
environment:
- POSTGRES_PASSWORD=d8t3nmcj3
- POSTGRES_USER=april
- POSTGRES_DB=joplin
- BACKREST_DATA=/data
- BACKREST_CONFIG=/config/config.json
- XDG_CACHE_HOME=/cache
- TMPDIR=/tmp
- TZ=${TZ}
dns:
- ${DNS_IP}
network_mode: host
restart: unless-stopped
## ConvertX (file converter)
convertx:
container_name: convertx
image: ghcr.io/c4illin/convertx
ports:
- 9132:3000
volumes:
- ${DOCKER_DIR}/convertx:/app/data
env_file:
- ${ENV_DIR}/convertx.env
environment:
- PUID=1000
- PGID=1000
restart: unless-stopped
## Gitea
gitea:
container_name: gitea
image: docker.io/gitea/gitea:latest-rootless
user: "1001"
volumes:
- ${DOCKER_DIR}/gitea/data:/var/lib/gitea
- ${DOCKER_DIR}/gitea/config:/etc/gitea
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- 3003:3000
- 2222:2222
dns:
- ${DNS_IP}
restart: unless-stopped
## IT Tools (misc utilities)
it-tools:
container_name: it-tools
image: corentinth/it-tools:latest
ports:
- 5734:80
restart: unless-stopped
## Kiwix (offline wiki)
kiwix-serve:
image: ghcr.io/kiwix/kiwix-serve
container_name: kiwix-serve
image: ghcr.io/kiwix/kiwix-serve
volumes:
- /media/kiwix:/data
- ${KIWIX_DIR}:/data
ports:
- 8765:8080
command: '*.zim'
dns:
- ${DNS_IP}
restart: unless-stopped
## Link Stack
linkstack:
image: linkstackorg/linkstack
container_name: linkstack
env_file:
- /docker/env/linkstack.env
ports:
- 4000:80
dns:
- 100.111.0.126
## LubeLogger (car mileage tracker)
lubelogger:
container_name: lubelogger
image: ghcr.io/hargata/lubelogger:latest
volumes:
- linkstack:/htdocs
- ${DOCKER_DIR}/lubelogger/data:/App/data
- ${DOCKER_DIR}/lubelogger/keys:/root/.aspnet/DataProtection-Keys
ports:
- 8103:8080
env_file:
- ${ENV_DIR}/lubelogger.env
restart: unless-stopped
## Maloja (music listen tracking)
maloja:
container_name: maloja
image: krateng/maloja
ports:
- 42010:42010
volumes:
- ${DOCKER_DIR}/maloja:/mljdata
environment:
- PUID=1000
- PGID=1000
- MALOJA_DATA_DIRECTORY=/mljdata
dns:
- ${DNS_IP}
restart: unless-stopped
multi-scrobbler:
container_name: multi-scrobbler
image: foxxmd/multi-scrobbler
env_file:
- ${ENV_DIR}/scrobbler.env
volumes:
- ${DOCKER_DIR}/scrobbler:/config
ports:
- 9078:9078
restart: unless-stopped
## Memos (simple note app)
memos:
container_name: memos
image: neosmemo/memos:stable
volumes:
- ${DOCKER_DIR}/memos:/var/opt/memos
ports:
- 5230:5230
restart: unless-stopped
## Miniflux (rss feed reader)
miniflux:
image: miniflux/miniflux:latest
container_name: miniflux
image: miniflux/miniflux:latest
ports:
- 8772:8080
depends_on:
rss_db:
condition: service_healthy
env_file:
- /docker/env/miniflux.env
- ${ENV_DIR}/miniflux.env
healthcheck:
test: ["CMD", "/usr/bin/miniflux", "-healthcheck", "auto"]
dns:
- 100.111.0.126
- ${DNS_IP}
restart: unless-stopped
rss_db:
image: postgres:15
container_name: rss_db
image: postgres:15
env_file:
- /docker/env/miniflux.env
- ${ENV_DIR}/miniflux.env
volumes:
- miniflux-db:/var/lib/postgresql/data
healthcheck:
@@ -272,8 +340,8 @@ services:
## Paperless (document management)
paperless:
image: ghcr.io/paperless-ngx/paperless-ngx:latest
container_name: paperless
image: ghcr.io/paperless-ngx/paperless-ngx:latest
user: 1000:1000
depends_on:
- paperless_broker
@@ -282,77 +350,236 @@ services:
volumes:
- paperless-data:/usr/src/paperless/data
- paperless-media:/usr/src/paperless/media
- /docker/paperless/export:/usr/src/paperless/export
- /docker/paperless/consume:/usr/src/paperless/consume
- ${DOCKER_DIR}/paperless/export:/usr/src/paperless/export
- ${DOCKER_DIR}/paperless/consume:/usr/src/paperless/consume
env_file:
- /docker/env/paperless.env
- ${ENV_DIR}/paperless.env
restart: unless-stopped
paperless_broker:
image: docker.io/library/redis:7
container_name: paperless_broker
image: docker.io/library/redis:7
volumes:
- redis-data:/data
restart: unless-stopped
## PicoShare (file sharing tool)
picoshare:
container_name: picoshare
image: mtlynch/picoshare
env_file:
- ${ENV_DIR}/picoshare.env
ports:
- 4001:4001
command: -db /data/store.db
volumes:
- ${DOCKER_DIR}/picoshare:/data
dns:
- ${DNS_IP}
restart: unless-stopped
## SeaFile (cloud drive)
seafile:
container_name: seafile
image: seafileltd/seafile-mc:11.0-latest
ports:
- 8623:80
volumes:
- ${DOCKER_DIR}/seafile/data:/shared
env_file:
- ${ENV_DIR}/seafile.env
environment:
- TIME_ZONE=${TZ}
depends_on:
- seafile_db
- seafile_cache
restart: unless-stopped
seafile_db:
container_name: seafile-mysql
image: mariadb:10.11
env_file:
- ${ENV_DIR}/seafile.env
volumes:
- ${DOCKER_DIR}/seafile/db:/var/lib/mysql
restart: unless-stopped
seafile_cache:
container_name: seafile_cache
image: memcached:1.6.18
entrypoint: memcached -m 256
restart: unless-stopped
## Stirling PDF (pdf utilities)
stirling-pdf:
container_name: stirling-pdf
image: docker.stirlingpdf.com/stirlingtools/stirling-pdf:latest
ports:
- 8710:8080
volumes:
- ${DOCKER_DIR}/stirlingpdf/trainingData:/usr/share/tessdata
- ${DOCKER_DIR}/stirlingpdf/extraConfigs:/configs
- ${DOCKER_DIR}/stirlingpdf/customFiles:/customFiles/
- ${DOCKER_DIR}/stirlingpdf/logs:/logs/
- ${DOCKER_DIR}/stirlingpdf/pipeline:/pipeline/
environment:
- TZ=${TZ}
- DOCKER_ENABLE_SECURITY=false
- LANGS=en_US
- DOCKER_ENABLE_SECURITY=true
- SECURITY_ENABLELOGIN=true
- SECURITY_CSRFDISABLED=false
- SECURITY_INITIALLOGIN_USERNAME=april
- SECURITY_INITIALLOGIN_PASSWORD="qYoK!FVom%bpg24Xd$@g"
restart: unless-stopped
## Tandoor (recipe management)
tandoor:
container_name: tandoor
image: vabene1111/recipes
user: 1000:1000
env_file:
- /docker/env/tandoor.env
- ${ENV_DIR}/tandoor.env
volumes:
- tandoor-server-config:/opt/recipes/nginx/conf.d
- /docker/tandoor/static:/opt/recipes/staticfiles
- /docker/tandoor/media:/opt/recipes/mediafiles
- ${DOCKER_DIR}/tandoor/static:/opt/recipes/staticfiles
- ${DOCKER_DIR}/tandoor/media:/opt/recipes/mediafiles
depends_on:
- tandoor-db
dns:
- 100.111.0.126
- ${DNS_IP}
restart: unless-stopped
tandoor-server:
image: nginx:mainline-alpine
container_name: tandoor-server
image: nginx:mainline-alpine
ports:
- 8554:80
env_file:
- /docker/env/tandoor.env
- ${ENV_DIR}/tandoor.env
volumes:
- tandoor-server-config:/etc/nginx/conf.d:ro
- /docker/tandoor/static:/static:ro
- /docker/tandoor/media:/media:ro
- ${DOCKER_DIR}/tandoor/static:/static:ro
- ${DOCKER_DIR}/tandoor/media:/media:ro
depends_on:
- tandoor
dns:
- 100.111.0.126
- ${DNS_IP}
restart: unless-stopped
tandoor-db:
container_name: tandoor-db
image: postgres:16-alpine
user: 1000:1000
env_file:
- /docker/env/tandoor.env
- ${ENV_DIR}/tandoor.env
volumes:
- /docker/tandoor/postgresql:/var/lib/postgresql/data
- ${DOCKER_DIR}/tandoor/postgresql:/var/lib/postgresql/data
restart: unless-stopped
## TinyHome (server dashboard)
tinyhome:
container_name: tinyhome
image: azpsen/tinyhome:main
environment:
- REFRESH_INTERVAL=360
ports:
- 3000:80
volumes:
- ${DOCKER_DIR}/tinyhome:/config:rw
dns:
- ${DNS_IP}
restart: unless-stopped
## Vaultwarden (password manager)
vaultwarden:
image: vaultwarden/server:latest
container_name: vaultwarden
image: vaultwarden/server:latest
env_file:
- /docker/env/vaultwarden.env
- ${ENV_DIR}/vaultwarden.env
volumes:
- /docker/vaultwarden:/data
- ${DOCKER_DIR}/vaultwarden:/data
ports:
- 8912:80
dns:
- 100.111.0.126
- ${DNS_IP}
restart: unless-stopped
## Wallabag (bookmark manager)
wallabag:
container_name: wallabag
image: wallabag/wallabag
env_file:
- ${ENV_DIR}/wallabag.env
ports:
- 5438:80
volumes:
- ${DOCKER_DIR}/wallabag/images:/var/www/wallabag/web/assets/images
- ${DOCKER_DIR}/wallabag/data:/var/www/wallabag/data
dns:
- ${DNS_IP}
restart: unless-stopped
## Personal Website
webserver:
container_name: azpsen
image: lipanski/docker-static-website:latest
ports:
- 4000:3000
volumes:
- ${DOCKER_DIR}/azpsen/static:/home/static
- ${DOCKER_DIR}/azpsen/httpd.conf:/home/static/httpd.conf:ro
restart: unless-stopped
## Wizarr (jellyfin invites)
wizarr:
container_name: wizarr
image: ghcr.io/wizarrrr/wizarr:latest
ports:
- 5690:5690
volumes:
- ${DOCKER_DIR}/wizarr/database:/data/database
dns:
- ${DNS_IP}
restart: unless-stopped
## Workout Tracker
workout-tracker:
container_name: workout-tracker
image: ghcr.io/jovandeginste/workout-tracker:master
ports:
# Host Port:Container Port
- 5021:8080
volumes:
- ${DOCKER_DIR}/workout-tracker:/data
env_file:
- ${ENV_DIR}/workout-tracker.env
restart: unless-stopped
#---------------- MONITORING ----------------#
## Beszel (system monitoring)
beszel:
container_name: beszel
image: henrygd/beszel
env_file:
- ${ENV_DIR}/beszel.env
ports:
- 2493:8090
volumes:
- ${DOCKER_DIR}/beszel/data:/beszel_data
- ${DOCKER_DIR}/beszel/socket:/beszel_socket
restart: unless-stopped
beszel-agent:
container_name: beszel-agent
image: henrygd/beszel-agent:latest
env_file:
- ${ENV_DIR}/beszel.env
volumes:
- ${DOCKER_DIR}/beszel/socket:/beszel_socket
- /var/run/docker.sock:/var/run/docker.sock:ro
- /media:/extra-filesystems/media:ro
network_mode: host
restart: unless-stopped
## Dozzle (docker logs)
dozzle:
container_name: dozzle
@@ -363,23 +590,6 @@ services:
- 9999:8080
restart: unless-stopped
## Glances (system monitor)
glances:
image: nicolargo/glances:latest
container_name: glances
pid: host
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /:/glances/root:ro
environment:
- "GLANCES_OPT=-w"
ports:
- 61208:61208
secrets:
- source: glances_password
target: /root/.config/glances/glances.pwd
restart: unless-stopped
## Scrutiny (disk health monitoring)
scrutiny:
container_name: scrutiny
@@ -391,8 +601,8 @@ services:
- 8086:8086
volumes:
- /run/udev:/run/udev:ro
- /docker/scrutiny/config:/opt/scrutiny/config
- /docker/scrutiny/influxdb:/opt/scrutiny/influxdb
- ${DOCKER_DIR}/scrutiny/config:/opt/scrutiny/config
- ${DOCKER_DIR}/scrutiny/influxdb:/opt/scrutiny/influxdb
devices:
- /dev/sda:/dev/sda
- /dev/sdb:/dev/sdb
@@ -400,19 +610,16 @@ services:
- /dev/sdd:/dev/sdd
restart: unless-stopped
## Speedtest Tracker
speedtest-tracker:
image: lscr.io/linuxserver/speedtest-tracker:latest
container_name: speedtest-tracker
ports:
- 8465:80
- 8466:443
env_file:
- /docker/env/speedtest.env
## MySpeed (internet speed tracker)
myspeed:
container_name: myspeed
image: germannewsmaker/myspeed
volumes:
- /docker/speedtest-tracker:/config
- ${DOCKER_DIR}/myspeed:/myspeed/data
ports:
- 5216:5216
dns:
- 100.111.0.126
- ${DNS_IP}
restart: unless-stopped
@@ -420,38 +627,30 @@ services:
## AdGuard Home (ad-blocking dns provider)
adguard:
image: adguard/adguardhome
container_name: adguard
image: adguard/adguardhome
network_mode: host
ports:
- 53:53/tcp
- 53:53/udp
- 784:784/udp
- 853:853/tcp
- 3000:3000/tcp
- 80:80/tcp
- 443:443/tcp
volumes:
- /docker/adguard/working:/opt/adguardhome/work
- /docker/adguard/conf:/opt/adguardhome/conf
- ${DOCKER_DIR}/adguard/working:/opt/adguardhome/work
- ${DOCKER_DIR}/adguard/conf:/opt/adguardhome/conf
restart: unless-stopped
## Cloudflared (tunnel service for outside web access)
cloudflared:
container_name: cloudflared
image: cloudflare/cloudflared:latest
network_mode: "host"
network_mode: host
volumes:
- /docker/cloudflared:/etc/cloudflared
- ${DOCKER_DIR}/cloudflared:/etc/cloudflared
command: tunnel --no-autoupdate run
env_file:
- /docker/env/cloudflared.env
- ${ENV_DIR}/cloudflared.env
restart: unless-stopped
## Gluetun (vpn connector)
gluetun:
image: qmcgaw/gluetun:latest
container_name: gluetun
image: qmcgaw/gluetun:latest
hostname: gluetun
cap_add:
- NET_ADMIN
@@ -470,12 +669,12 @@ services:
- 8989:8989 # Radarr
- 7878:7878 # Sonarr
volumes:
- /docker/gluetun:/gluetun
- ${DOCKER_DIR}/gluetun:/gluetun
- /etc/localtime:/etc/localtime:ro
devices:
- /dev/net/tun:/dev/net/tun
env_file:
- /docker/env/gluetun.env
- ${ENV_DIR}/gluetun.env
restart: unless-stopped
@@ -483,96 +682,93 @@ services:
## Bazarr (subtitle downloading)
bazarr:
image: lscr.io/linuxserver/bazarr:latest
container_name: bazarr
image: lscr.io/linuxserver/bazarr:latest
environment:
- puid=1000
- pgid=1000
- tz=america/chicago
- PUID=1000
- PGID=1000
- TZ=${TZ}
volumes:
- /docker/bazarr:/config
- /media/jellyfin/movies:/movies
- /media/jellyfin/tv shows:/tv
- ${DOCKER_DIR}/bazarr:/config
- ${JF_MOVIES}:/movies
- ${JF_SHOWS}:/tv
ports:
- 6767:6767
restart: unless-stopped
## Prowlarr (torrent indexer management)
prowlarr:
image: ghcr.io/linuxserver/prowlarr:nightly
container_name: prowlarr
image: ghcr.io/linuxserver/prowlarr:nightly
network_mode: "service:gluetun"
environment:
- TZ=${TZ}
- PUID=1000
- PGID=1000
- TZ=America/Chicago
volumes:
- /docker/prowlarr:/config
- ${DOCKER_DIR}/prowlarr:/config
restart: unless-stopped
## QBittorrent (torrent client)
qbittorrent:
image: ghcr.io/linuxserver/qbittorrent:latest
container_name: qbittorrent
image: ghcr.io/linuxserver/qbittorrent:latest
network_mode: "service:gluetun"
environment:
- TZ=${TZ}
- PUID=1000
- PGID=1000
- TZ=America/Chicago
- WEBUI_PORT=8080
volumes:
- /docker/qbittorrent/config:/config
- /docker/qbittorrent/downloads:/downloads
- /media/downloads:/ext_dl
- ${DOCKER_DIR}/qbittorrent/config:/config
- ${DOCKER_DIR}/qbittorrent/downloads:/downloads
- ${QB_EXT_DL}:/ext_dl
restart: unless-stopped
## Radarr (movie downloading)
radarr:
image: ghcr.io/linuxserver/radarr:latest
container_name: radarr
image: ghcr.io/linuxserver/radarr:latest
network_mode: "service:gluetun"
environment:
- TZ=${TZ}
- PUID=1000
- PGID=1000
- TZ=America/Chicago
volumes:
- /docker/radarr:/config
- /media/jellyfin/Movies:/Movies #optional
- /docker/qbittorrent/downloads:/downloads #optional
- ${DOCKER_DIR}/radarr:/config
- ${JF_MOVIES}:/Movies #optional
- ${DOCKER_DIR}/qbittorrent/downloads:/downloads #optional
restart: unless-stopped
## Sonarr (tv show downloading)
sonarr:
image: ghcr.io/linuxserver/sonarr:latest
container_name: sonarr
image: ghcr.io/linuxserver/sonarr:latest
network_mode: "service:gluetun"
environment:
- TZ=${TZ}
- PUID=1000
- PGID=1000
- TZ=America/Chicago
- DOCKER_MODS=ghcr.io/gilbn/theme.park:sonarr
- TP_ADDON=sonarr-darker
- TP_THEME=dark
volumes:
- /docker/sonarr:/config
- /media/jellyfin/TV Shows:/TV Shows
- /docker/qbittorrent/downloads:/downloads
- ${DOCKER_DIR}/sonarr:/config
- ${JF_SHOWS}:/TV Shows
- ${DOCKER_DIR}/qbittorrent/downloads:/downloads
restart: unless-stopped
#---------------- DOCKER ----------------#
secrets:
glances_password:
file: /docker/secrets/glances_password
volumes:
companioncache:
hoarder:
meilisearch:
model-cache:
miniflux-db:
paperless-data:
paperless-media:
redis-data:
tandoor-server-config:
joplindb:
linkstack:

255
readme.md
View File

@@ -14,57 +14,69 @@ I have a dedicated home server that I run a lot of services on. This repo has my
These are all the services hosted, what they are for, and any clients I use with them, in alphabetical order.
### User-Facing Services
### Media
- [Actual Budget](https://actualbudget.org/) - Excellent budgeting app. It can be automatically synced with your bank ([SimpleFIN Bridge](https://beta-bridge.simplefin.org/) for US banks, $15/year), but I have found that to be unstable
- There used to be an official app but it has been discontinued - I added the website to my phone's home screen and it works quite well
- [AudioBookShelf](https://www.audiobookshelf.org/) - Audiobook server
- [Audiobookshelf](https://www.audiobookshelf.org/) - Audiobook, ebook, and podcast server
- The official mobile client works great
- [Calibre Web](https://github.com/janeczku/calibre-web) - Ebook management
- [Yomu](https://www.yomu-reader.com/) for iOS is nice and minimal and supports OPDS for use with Calibre Web
- [Gitea](https://about.gitea.com/) - Git server - in the process of replacing my GitHub account
- [Grocy](https://github.com/grocy/grocy) - Household management (Am I out of milk? Do I have AAA batteries? What can I make for dinner?)
- [iOS Client](https://apps.apple.com/us/app/grocy-mobile/id1567803209)
- [Homepage](https://gethomepage.dev/) - My default new tab page - has info and stats about all my services plus links
- [Immich](https://immich.app/) - Photo and video management
- Their official mobile apps are quite good
- [Jellyfin](https://jellyfin.org) - Media server for movies, TV shows, and music
- [Feishin](https://github.com/jeffvli/feishin) - Desktop music client (soon to be replaced by [audioling](https://github.com/audioling/audioling))
- [Feishin](https://github.com/jeffvli/feishin) - Desktop music client
- [Finamp](https://github.com/jmshrv/finamp) - Mobile music client
- For other devices (desktop, mobile, Roku/Android TV) I use either the web app or the official Jellyfin client
- [Joplin](https://joplinapp.org/) - Notes (Obsidian alternative)
### Utilities
- [Actual Budget](https://actualbudget.org/) - Excellent budgeting app. It can be automatically synced with your bank ([SimpleFIN Bridge](https://beta-bridge.simplefin.org/) for US banks, $15/year), but I have found that to be unstable
- There used to be an official app but it has been discontinued - I added the website to my phone's home screen and it works quite well
- [Baikal](https://sabre.io/baikal/) - Calendar/contacts
- [Backrest](https://github.com/garethgeorge/backrest) - UI to manage backups (sent to a Raspberry Pi 5 running [restic](https://restic.net/))
- [ConvertX](https://github.com/C4illin/ConvertX) - File conversion utility
- [Gitea](https://about.gitea.com/) - Git server - in the process of replacing my GitHub account
- [Wallabag](https://wallabag.org/) - Bookmark tool for links, pictures, notes, etc.
- [IT Tools](https://github.com/CorentinTh/it-tools) - Collection of random useful development/IT utilities
- [Kiwix](https://kiwix.org/en/) - Offline wiki hosting - I have Wikipedia, the Arch Linux wiki, and several others downloaded
- [LinkStack](https://linkstack.org/) - Self-hosted LinkTree alternative ([azpsen.com](https://azpsen.com)) - more for content creators, definitely overkill for what I need. I'll probably replace it with a simple static site at some point
- [LubeLogger](https://lubelogger.com/) - Car mileage and service tracker
- [Maloja](https://github.com/krateng/maloja) - Self-hosted music listen tracker (last.fm replacement) - with [multi-scrobbler](https://github.com/FoxxMD/multi-scrobbler) for Jellyfin support
- [Memos](https://github.com/usememos/memos) - Super simple note/list/todo/memo app
- [Miniflux](https://miniflux.app/) - Minimalist RSS feed reader
- [NetNewsWire](https://netnewswire.com/) - Wonderful all-purpose iOS RSS client
- [Capy Reader](https://github.com/jocmp/capyreader) - Android RSS client
- [Paperless-ngx](https://docs.paperless-ngx.com/) - Document management system for legal documents, IDs, bank statements, etc.
- [Swift Paperless](https://github.com/paulgessinger/swift-paperless) - iOS client
- [PicoShare](https://github.com/picocss/pico) - Super simple file sharing tool
- [Seafile](https://www.seafile.com/en/home/) - Cloud drive
- [Static Webserver](https://github.com/lipanski/docker-static-website) - Simple Docker container with BusyBox to serve my personal website ([azpsen.com](https://azpsen.com))
- [Stirling PDF](https://www.stirlingpdf.com/) - PDF tools for viewing, editing, converting, and everything else
- [Tandoor](https://tandoor.dev/) - Recipe management, so I always know which zucchine muffin recipe is the good one
- [Untare](https://github.com/phantomate/Untare) - Mobile client (discontinued but it still works for now)
- [vaultwarden](https://github.com/dani-garcia/vaultwarden) - Password manager
- [Tinyhome](https://github.com/bderenzo/tinyhome) - Static new tab page set up with links to all my server stuff
- [Vaultwarden](https://github.com/dani-garcia/vaultwarden) - Password manager
- [Bitwarden clients](https://bitwarden.com/download/)
- [Wizarr](https://github.com/Wizarrrr/wizarr?tab=readme-ov-file) - Jellyfin user invite manager
- [Workout Tracker](https://github.com/jovandeginste/workout-tracker) - Used with [OpenTracks](https://github.com/OpenTracksApp/OpenTracks) to track my cycling
### Monitoring
- [Beszel](https://www.beszel.dev/) - System stats with pretty graphs
- [Dozzle](https://dozzle.dev/) - Docker logs all in one place
- [Glances](https://github.com/nicolargo/glances) - System monitor - I mostly have this for dashboard widgets but it can be useful by itself
- [Scrutiny](https://github.com/AnalogJ/scrutiny) - HDD SMART monitoring, so I know when to prepare for a drive failure
- [Speedtest Tracker](https://speedtest-tracker.dev/) - Runs scheduled internet speedtests and creates pretty graphs to keep my ISP honest
- [MySpeed](https://github.com/gnmyt/myspeed) - Runs scheduled internet speedtests and creates pretty graphs to keep my ISP honest
### Networking
- [AdGuard Home](https://adguard.com/en/adguard-home/overview.html) - DNS filtering - I use this with [tailscale](https://tailscale.com/) to block ads on my phone
- [cloudflared](https://github.com/cloudflare/cloudflared) - CloudFlare tunnel client for easy and secure external service access
- [gluetun](https://github.com/qdm12/gluetun) - Docker VPN client and kill-switch. Very useful, allows for per-container VPN routing.
- [Cloudflared](https://github.com/cloudflare/cloudflared) - CloudFlare tunnel client for easy and secure external service access
- [Gluetun](https://github.com/qdm12/gluetun) - Docker VPN client and kill-switch. Very useful, allows for per-container VPN routing.
Note that I run tailscale as a system service, not in a container, so it is not listed here, but it is very useful for secure remote access - both for SSH and for services that don't need to be publicly visible.
In `docker-compose.yml`, services that I access through tailscale need the `dns: 100.111.0.126` section in order to access the internet (`100.111.0.126` is the tailscale IP of the server).
### Downloading
- [Bazarr](https://www.bazarr.media/) - Automated subtitle fetching (I also use the OpenSubtitles plugin within Jellyfin when needed, but this works hands-off most of the time)
- [Prowlarr](https://prowlarr.com/) - Torrent indexer that interfaces with the other *arrs
- [Radarr](https://radarr.video/) - Automated movie fetching
- [Prowlarr](https://prowlarr.com/) - Torrent indexer that interfaces with the other \*arrs
- [qBittorrent](https://www.qbittorrent.org/) - The only torrent client I'll ever use
- [Radarr](https://radarr.video/) - Automated movie fetching
- [Sonarr](https://sonarr.tv/) - Automated TV show fetching
I use [LunaSea](https://www.lunasea.app/) as a mobile client for Radarr and Sonarr.
@@ -94,7 +106,22 @@ Below are the variables that need to be set in the `.env` file for each service.
> - Password: API Key generated in SendGrid
> - From: `<mailer-name>@<your-domain>` - For each custom sender (`mailer-name`), there needs to be a verified sender in SendGrid.
### cloudflared
### Beszel
[Docs](https://www.beszel.dev/guide/environment-variables)
```env
# beszel.env
# Hub settings
BESZEL_HUB_APP_URL=
# Agent settings
BESZEL_AGENT_LISTEN=/beszel_socket/beszel.sock
BESZEL_AGENT_KEY=''
```
### Cloudflared
[Docs](https://github.com/cloudflare/cloudflared?tab=readme-ov-file)
@@ -105,7 +132,18 @@ Below are the variables that need to be set in the `.env` file for each service.
TUNNEL_TOKEN=
```
### gluetun
### ConvertX
[Docs](https://github.com/C4illin/ConvertX#environment-variables)
```env
# convertx.env
JWT_SECRET=
HTTP_ALLOWED=true
```
### Gluetun
[Docs](https://github.com/qdm12/gluetun)
@@ -130,10 +168,9 @@ The values for `WIREGUARD_PRIVATE_KEY` and `WIREGUARD_ADDRESSES` should be avail
My current Immich docker setup has a lot of repetition - when I want to update, I have to change the version in 3 places. I have plans to improve this, but for now this is what works. Also note that the way I set the upload location is not recommended by the Immich docs.
```env
#immich.env
# immich.env
UPLOAD_LOCATION=/media/immich
IMMICH_VERSION="v1.123.0"
TYPESENSE_API_KEY=
DB_PASSWORD=
@@ -150,44 +187,69 @@ POSTGRES_USER=postgres
POSTGRES_DB=immich
```
### Joplin
### Invidious
[Docs](https://github.com/flosoft/docker-joplin-server)
[Docs](https://docs.invidious.io/installation/)
Note that the `password` under `db` in `INVIDIOUS_CONFIG` should be the same as the `POSTGRES_PASSWORD`.
The `hmac_key` should be a different, randomly generated value, and the `invidious_companion_key`/`SERVER_SECRET_KEY` should both be set to another different, randomly generated value.
```env
# joplin.env
# invidious.env
APP_PORT=22300
APP_BASE_URL=
DB_CLIENT=pg
# Invidious
INVIDIOUS_CONFIG='
db:
dbname: invidious
user: invidious
password:
host: invidious-db
port: 5432
check_tables: true
invidious_companion:
- private_url: "http://invidious-companion:8282/companion"
invidious_companion_key: ""
external_port: 9080
https_only: false
statistics_enabled: false
registration_enabled: false
popular_enabled: false
hmac_key:
admins: ["april"]
default_user_preferences:
quality: dash
feed_menu: ["Trending", "Subscriptions", "Playlists"]
default_home: Trending
'
# Companion
SERVER_SECRET_KEY=
# Database
POSTGRES_DB=invidious
POSTGRES_USER=invidious
POSTGRES_PASSWORD=
POSTGRES_DATABASE=joplin
POSTGRES_USER=
POSTGRES_PORT=5432
POSTGRES_HOST=joplin-db
# Optional SMTP settings
MAILER_ENABLED=1
MAILER_HOST=
MAILER_PORT=465
MAILER_SECURE=1
MAILER_AUTH_USER=
MAILER_AUTH_PASSWORD=
MAILER_NOREPLY_NAME=
MAILER_NOREPLY_EMAIL=
# to update the visitor_data and po_token:
# docker run quay.io/invidious/youtube-trusted-session-generator
# or, for use with gluetun:
# docker run --network=container:gluetun quay.io/invidious/youtube-trusted-session-generator
```
### LinkStack
### LubeLogger
[Docs](https://linkstack.org/docker/)
This one just needs the public hostname and admin email.
[Docs](https://docs.lubelogger.com/Advanced/Environment%20Variables)
```env
# linkstack.env
HTTPS_SERVER_NAME=
SERVER_ADMIN=
# lubelogger.env
LC_ALL=en_US
LANG=en_US
MailConfig__EmailServer=
MailConfig__EmailFrom=
MailConfig__Port=587
MailConfig__Username=
MailConfig__Password=
```
### Miniflux
@@ -205,6 +267,24 @@ POSTGRES_PASSWORD= # this is the password used above
POSTGRES_DB=miniflux
```
### MultiScrobbler
[Docs](https://foxxmd.github.io/multi-scrobbler/docs/configuration/)
```env
# scrobbler.env
TZ=America/Chicago
PUID=1000
PGID=1000
MALOJA_URL=http://maloja:42010
MALOJA_API_KEY=
JELLYFIN_URL=http://jellyfin:8096
JELLYFIN_USER=
JELLYFIN_APIKEY=
JELLYFIN_USERS_ALLOW=
```
### Paperless-ngx
[Docs](https://docs.paperless-ngx.com/setup/#docker)
@@ -238,26 +318,35 @@ PAPERLESS_EMAIL_HOST_PASSWORD=
PAPERLESS_EMAIL_FROM=
```
### Speedtest Tracker
### PicoShare
[Docs](https://docs.speedtest-tracker.dev/getting-started/installation/using-docker-compose)
[Docs](https://github.com/mtlynch/picoshare)
```env
# speedtest.env
# picoshare.env
PUID=1000
PGID=1000
PORT=4001
PS_SHARED_SECRET=
PS_BEHIND_PROXY=true
```
# Generate with `echo -n 'base64:'; openssl rand -base64 32;` or use the speedtest-tracker website
APP_KEY=
### Seafile
# Public address or IP
APP_URL=
[Docs](https://manual.seafile.com/11.0/docker/deploy_seafile_with_docker/)
DB_CONNECTION=sqlite
APP_TIMEZONE=
DISPLAY_TIMEZONE=
SPEEDTEST_SCHEDULE=0,15,30,45 * * * * # run speedtest every 15 minutes
```env
# seafile.env
DB_HOST=seafile_db
DB_ROOT_PASSWD=
SEAFILE_ADMIN_EMAIL=
SEAFILE_ADMIN_PASSWORD=
SEAFILE_SERVER_HOSTNAME=
FORCE_HTTPS_IN_CONF=true
MYSQL_ROOT_PASSWORD= # same as DB_ROOT_PASSWD above
MYSQL_LOG_CONSOLE=true
MARIADB_AUTO_UPGRADE=1
```
### Tandoor
@@ -282,7 +371,7 @@ POSTGRES_USER=tandoor
POSTGRES_PASSWORD=
```
### vaultwarden
### Vaultwarden
[Docs](https://github.com/dani-garcia/vaultwarden)
@@ -308,3 +397,35 @@ SMTP_SECURITY=starttls
SMTP_USERNAME=
SMTP_PASSWORD=
```
### Wallabag
[Docs](https://hub.docker.com/r/wallabag/wallabag/)
The domain name should be set to your Wallabag instance's domain (e.g. links.mysite.com). Server name is just a pretty name for your instance. The DB password and secret can be set to randomly generated strings.
FOSUSER_REGISTRATION must be set to `true` for at least the first run so a user can be created.
Note: The username/password need to be included in the mailer DSN (e.g. smtp://apikey:mykey12345@smtp.sendgrid.net)
```env
# wallabag.env
SYMFONY__ENV__DOMAIN_NAME=
SYMFONY__ENV__SERVER_NAME=
SYMFONY__ENV__DATABASE_PASSWORD=
SYMFONY__ENV__SECRET=
SYMFONY__ENV__FOSUSER_REGISTRATION=false
SYMFONY__ENV__MAILER_DSN=
SYMFONY__ENV__FROM_EMAIL=
```
### Workout Tracker
[Docs](https://github.com/jovandeginste/workout-tracker#docker)
```env
# workout-tracker.env
WT_JWT_ENCRYPTION_KEY=
```