alias

authentik/stack.env

@@ -3,7 +3,7 @@ PG_USER=authentik
 PG_DB=authentik
 AUTHENTIK_SECRET_KEY=ZKkVCxj8kKj5ZklvzxKG2IgYQOftDoLPRjc57yomr1qzbKEQVZ
 AUTHENTIK_ERROR_REPORTING__ENABLED=true
-AUTHENTIK_TAG=2025.2.1
+AUTHENTIK_TAG=2025.4.1
 POSTGRES_PASSWORD=499NU6Ze5HcJK4IwSShO8oDbj3j0i0CalyEzfgEp
 POSTGRES_USER=authentik
 POSTGRES_DB=authentik

fail2ban/.env

@@ -0,0 +1,2 @@
+APPNAME=fail2ban
+DOCKER_REGISTRY=r.sectorq.eu/library/

fail2ban/docker-compose.yaml

@@ -1,35 +1,49 @@
 ---
 services:
-  fail2ban:
+  # fail2ban:
-    image: lscr.io/linuxserver/fail2ban:latest
+  #   image: lscr.io/linuxserver/fail2ban:latest
-    container_name: fail2ban
+  #   container_name: fail2ban
-    cap_add:
+  #   cap_add:
-      - NET_ADMIN
+  #     - NET_ADMIN
-      - NET_RAW
+  #     - NET_RAW
-    network_mode: host
+  #   network_mode: host
+  #   environment:
+  #     - PUID=1000
+  #     - PGID=1000
+  #     - TZ=Europe/Bratislava
+  #     - VERBOSITY=-vvv #optional
+  #   volumes:
+  #     - /share/docker_data/fail2ban/config:/config
+  #     - /share/docker_data/fail2ban/log:/var/log:ro
+  #     # - /path/to/airsonic/log:/remotelogs/airsonic:ro #optional
+  #     # - /path/to/apache2/log:/remotelogs/apache2:ro #optional
+  #     # - /path/to/authelia/log:/remotelogs/authelia:ro #optional
+  #     # - /path/to/emby/log:/remotelogs/emby:ro #optional
+  #     # - /path/to/filebrowser/log:/remotelogs/filebrowser:ro #optional
+  #     - /share/docker_data/ha:/remotelogs/homeassistant:ro #optional
+  #     # - /path/to/lighttpd/log:/remotelogs/lighttpd:ro #optional
+  #     # - /path/to/nextcloud/log:/remotelogs/nextcloud:ro #optional
+  #     # - /path/to/nginx/log:/remotelogs/nginx:ro #optional
+  #     # - /path/to/nzbget/log:/remotelogs/nzbget:ro #optional
+  #     # - /path/to/overseerr/log:/remotelogs/overseerr:ro #optional
+  #     # - /path/to/prowlarr/log:/remotelogs/prowlarr:ro #optional
+  #     # - /path/to/radarr/log:/remotelogs/radarr:ro #optional
+  #     # - /path/to/sabnzbd/log:/remotelogs/sabnzbd:ro #optional
+  #     # - /path/to/sonarr/log:/remotelogs/sonarr:ro #optional
+  #     # - /path/to/unificontroller/log:/remotelogs/unificontroller:ro #optional
+  #     # - /path/to/vaultwarden/log:/remotelogs/vaultwarden:ro #optional
+  #   restart: unless-stopped
+  blockips-unifi:
+    stdin_open: true
+    tty: true
+    container_name: blockips-unifi
+    restart: always
     environment:
-      - PUID=1000
+        - TZ=Europe/Bratislava
-      - PGID=1000
-      - TZ=Europe/Bratislava
-      - VERBOSITY=-vvv #optional
     volumes:
-      - /share/docker_data/fail2ban/config:/config
+        - /share/docker_data/unify_block/config.php:/config.php
-      - /share/docker_data/fail2ban/log:/var/log:ro
+        - /share/docker_data/unify_block/ban.sh:/ban.sh
-      # - /path/to/airsonic/log:/remotelogs/airsonic:ro #optional
+        - /share/docker_data/unify_block/crontab:/etc/crontabs/root
-      # - /path/to/apache2/log:/remotelogs/apache2:ro #optional
+        - /share/docker_data/fail2ban/ban:/ban
-      # - /path/to/authelia/log:/remotelogs/authelia:ro #optional
+        - /share/docker_data/fail2ban/unban:/unban
-      # - /path/to/emby/log:/remotelogs/emby:ro #optional
+    image: ${DOCKER_REGISTRY:-}tusc/blockips-unifi:latest
-      # - /path/to/filebrowser/log:/remotelogs/filebrowser:ro #optional
-      - /share/docker_data/ha:/remotelogs/homeassistant:ro #optional
-      # - /path/to/lighttpd/log:/remotelogs/lighttpd:ro #optional
-      # - /path/to/nextcloud/log:/remotelogs/nextcloud:ro #optional
-      # - /path/to/nginx/log:/remotelogs/nginx:ro #optional
-      # - /path/to/nzbget/log:/remotelogs/nzbget:ro #optional
-      # - /path/to/overseerr/log:/remotelogs/overseerr:ro #optional
-      # - /path/to/prowlarr/log:/remotelogs/prowlarr:ro #optional
-      # - /path/to/radarr/log:/remotelogs/radarr:ro #optional
-      # - /path/to/sabnzbd/log:/remotelogs/sabnzbd:ro #optional
-      # - /path/to/sonarr/log:/remotelogs/sonarr:ro #optional
-      # - /path/to/unificontroller/log:/remotelogs/unificontroller:ro #optional
-      # - /path/to/vaultwarden/log:/remotelogs/vaultwarden:ro #optional
-    restart: unless-stopped

gitea/docker-compose.yml

@@ -38,7 +38,7 @@ services:
     - /etc/timezone:/etc/timezone:ro
     - /etc/localtime:/etc/localtime:ro
   runner:
-    image: docker.io/gitea/act_runner:nightly
+    image: ${DOCKER_REGISTRY:-}docker.io/gitea/act_runner:nightly
     environment:
       CONFIG_FILE: /config/config.yaml
       GITEA_INSTANCE_URL: "https://gitea.sectorq.eu/"

kestra/.env

@@ -1,3 +1,2 @@
 APPNAME=kestra
-DOCKER_REGISTRY=r.sectorq.eu/library/
 PASSWORD=l4c1j4yd33Du5lo

kestra/docker-compose.yml

@@ -6,6 +6,7 @@ services:
         condition: service_started
     environment:
       SECRET_MYPASSWORD: bDRjMWo0eWQzM0R1NWxv
+      SECRET_GITLAB: Z2xwYXQtdWotbi1lRWZUWTM5OFBFNHZLU1M=
       KESTRA_CONFIGURATION: |
         datasources:
           postgres:

mailu/docker-compose.yml

@@ -20,10 +20,10 @@ networks:
 services:
   admin:
     depends_on:
-    - redis
+      - redis
-    - resolver
+      - resolver
     dns:
-    - 192.168.205.254
+      - 192.168.205.254
     env_file: stack.env
     image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-2024.06}
     labels:
@@ -31,17 +31,17 @@ services:
       wud.watch.digest: true
     restart: ${RESTART:-unless-stopped}
     volumes:
-    - /share/docker_data/mailu3/data:/data
+      - /share/docker_data/mailu3/data:/data
-    - /share/docker_data/mailu3/dkim:/dkim
+      - /share/docker_data/mailu3/dkim:/dkim
   antispam:
     depends_on:
-    - front
+      - front
-    - redis
+      - redis
-    - oletools
+      - oletools
-    - antivirus
+      - antivirus
-    - resolver
+      - resolver
     dns:
-    - 192.168.205.254
+      - 192.168.205.254
     env_file: stack.env
     hostname: antispam
     image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-2024.06}
@@ -49,39 +49,39 @@ services:
       wud.watch: true
       wud.watch.digest: true
     networks:
-    - default
+      - default
-    - oletools
+      - oletools
-    - clamav
+      - clamav
     restart: ${RESTART:-unless-stopped}
     volumes:
-    - /share/docker_data/mailu3/filter:/var/lib/rspamd
+      - /share/docker_data/mailu3/filter:/var/lib/rspamd
-    - /share/docker_data/mailu3/overrides/rspamd:/overrides:ro
+      - /share/docker_data/mailu3/overrides/rspamd:/overrides:ro
   antivirus:
     healthcheck:
       interval: 10s
       retries: 3
       start_period: 10s
       test:
-      - CMD-SHELL
+        - CMD-SHELL
-      - kill -0 `cat /tmp/clamd.pid` && kill -0 `cat /tmp/freshclam.pid`
+        - kill -0 `cat /tmp/clamd.pid` && kill -0 `cat /tmp/freshclam.pid`
       timeout: 5s
     image: ${DOCKER_REGISTRY:-}clamav/clamav-debian:1.2.0-6
     labels:
       wud.watch: true
       wud.watch.digest: true
     networks:
-    - clamav
+      - clamav
     restart: ${RESTART:-unless-stopped}
     volumes:
-    - /share/docker_data/mailu3/filter/clamav:/var/lib/clamav
+      - /share/docker_data/mailu3/filter/clamav:/var/lib/clamav
   fetchmail:
     depends_on:
-    - admin
+      - admin
-    - smtp
+      - smtp
-    - imap
+      - imap
-    - resolver
+      - resolver
     dns:
-    - 192.168.205.254
+      - 192.168.205.254
     env_file: stack.env
     image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}fetchmail:${MAILU_VERSION:-2024.06}
     labels:
@@ -92,9 +92,9 @@ services:
     - /share/docker_data/mailu3/data/fetchmail:/data
   front:
     depends_on:
-    - resolver
+      - resolver
     dns:
-    - 192.168.205.254
+      - 192.168.205.254
     env_file: stack.env
     extends:
       file: logging.yml
@@ -113,36 +113,36 @@ services:
       homepage.weight: 1
 
     networks:
-    - default
+      - default
-    - webmail
+      - webmail
-    - radicale
+      - radicale
     ports:
-    - 0.0.0.0:8880:80
+      - 0.0.0.0:8880:80
-    - 0.0.0.0:8443:443
+      - 0.0.0.0:8443:443
-    - 0.0.0.0:25:25
+      - 0.0.0.0:25:25
-    - 0.0.0.0:465:465
+      - 0.0.0.0:465:465
-    - 0.0.0.0:587:587
+      - 0.0.0.0:587:587
-    - 0.0.0.0:110:110
+      - 0.0.0.0:110:110
-    - 0.0.0.0:995:995
+      - 0.0.0.0:995:995
-    - 0.0.0.0:143:143
+      - 0.0.0.0:143:143
-    - 0.0.0.0:993:993
+      - 0.0.0.0:993:993
-    - 0.0.0.0:4190:4190
+      - 0.0.0.0:4190:4190
     restart: ${RESTART:-unless-stopped}
     volumes:
-    - /share/docker_data/mailu3/certs:/certs
+      - /share/docker_data/mailu3/certs:/certs
-    - /share/docker_data/mailu3/overrides/nginx:/overrides:ro
+      - /share/docker_data/mailu3/overrides/nginx:/overrides:ro
   fts_attachments:
     depends_on:
-    - resolver
+     - resolver
     dns:
-    - 192.168.205.254
+      - 192.168.205.254
     healthcheck:
       interval: 10s
       retries: 3
       start_period: 10s
       test:
-      - CMD-SHELL
+        - CMD-SHELL
-      - wget -nv -t1 -O /dev/null http://127.0.0.1:9998/tika || exit 1
+        - wget -nv -t1 -O /dev/null http://127.0.0.1:9998/tika || exit 1
       timeout: 5s
     hostname: tika
     image: ${DOCKER_REGISTRY:-}apache/tika:2.9.2.1-full
@@ -150,45 +150,45 @@ services:
       wud.watch: true
       wud.watch.digest: true
     networks:
-    - fts_attachments
+      - fts_attachments
     restart: ${RESTART:-unless-stopped}
   imap:
     depends_on:
-    - front
+      - front
-    - fts_attachments
+      - fts_attachments
-    - resolver
+      - resolver
     dns:
-    - 192.168.205.254
+      - 192.168.205.254
     env_file: stack.env
     image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-2024.06}
     labels:
       wud.watch: true
       wud.watch.digest: true
     networks:
-    - default
+      - default
-    - fts_attachments
+      - fts_attachments
     restart: ${RESTART:-unless-stopped}
     volumes:
-    - /share/docker_data/mailu3/mail:/mail
+      - /share/docker_data/mailu3/mail:/mail
-    - /share/docker_data/mailu3/overrides/dovecot:/overrides:ro
+      - /share/docker_data/mailu3/overrides/dovecot:/overrides:ro
   oletools:
     depends_on:
-    - resolver
+      - resolver
     dns:
-    - 192.168.205.254
+      - 192.168.205.254
     hostname: oletools
     image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}oletools:${MAILU_VERSION:-2024.06}
     labels:
       wud.watch: true
       wud.watch.digest: true
     networks:
-    - oletools
+      - oletools
     restart: ${RESTART:-unless-stopped}
   redis:
     depends_on:
-    - resolver
+      - resolver
     dns:
-    - 192.168.205.254
+      - 192.168.205.254
     image: ${DOCKER_REGISTRY:-}redis:alpine
     labels:
       wud.watch: true
@@ -208,10 +208,10 @@ services:
     restart: ${RESTART:-unless-stopped}
   smtp:
     depends_on:
-    - front
+      - front
-    - resolver
+      - resolver
     dns:
-    - 192.168.205.254
+     - 192.168.205.254
     env_file: stack.env
     image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-2024.06}
     labels:
@@ -219,29 +219,29 @@ services:
       wud.watch.digest: true
     restart: ${RESTART:-unless-stopped}
     volumes:
-    - /share/docker_data/mailu3/mailqueue:/queue
+     - /share/docker_data/mailu3/mailqueue:/queue
-    - /share/docker_data/mailu3/overrides/postfix:/overrides:ro
+     - /share/docker_data/mailu3/overrides/postfix:/overrides:ro
   webdav:
     image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}radicale:${MAILU_VERSION:-2024.06}
     labels:
       wud.watch: true
       wud.watch.digest: true
     networks:
-    - radicale
+      - radicale
     restart: ${RESTART:-unless-stopped}
     volumes:
-    - /share/docker_data/mailu3/dav:/data
+      - /share/docker_data/mailu3/dav:/data
   webmail:
     depends_on:
-    - front
+      - front
     env_file: stack.env
     image: ${DOCKER_REGISTRY:-}ghcr.io/mailu/${DOCKER_PREFIX:-}webmail:${MAILU_VERSION:-2024.06}
     labels:
       wud.watch: true
       wud.watch.digest: true
     networks:
-    - webmail
+      - webmail
     restart: ${RESTART:-unless-stopped}
     volumes:
-    - /share/docker_data/mailu3/webmail:/data
+      - /share/docker_data/mailu3/webmail:/data
-    - /share/docker_data/mailu3/overrides/roundcube:/overrides:ro
+      - /share/docker_data/mailu3/overrides/roundcube:/overrides:ro

mailu/stack.env

@@ -24,8 +24,8 @@ HOSTNAMES=sectorq.eu,mail.sectorq.eu
 POSTMASTER=admin
 
 # Choose how secure connections will behave (value: letsencrypt, cert, notls, mail, mail-letsencrypt)
-TLS_FLAVOR=cert
+#TLS_FLAVOR=cert
-
+TLS_FLAVOR=letsencrypt
 # Authentication rate limit per IP (per /24 on ipv4 and /48 on ipv6)
 AUTH_RATELIMIT_IP=5/hour
 

mealie/.env

@@ -1,3 +1,4 @@
 RESTART=always
 DOCKER_REGISTRY=r.sectorq.eu/library/
-APPNAME=wud
+APPNAME=mealie
+

mealie/docker-compose.yml

@@ -0,0 +1,42 @@
+services:
+  mealie:
+    image: ${DOCKER_REGISTRY}ghcr.io/mealie-recipes/mealie:v2.8.0 # 
+    container_name: mealie
+    restart: always
+    ports:
+        - "9925:9000" # 
+    deploy:
+      resources:
+        limits:
+          memory: 1000M # 
+    volumes:
+      - /share/docker_data/mealie/data:/app/data/
+    environment:
+      # Set Backend ENV Variables Here
+      ALLOW_SIGNUP: "false"
+      PUID: 1000
+      PGID: 1000
+      TZ: Europe/Bratislava
+      BASE_URL: https://mealie.sectorq.eu
+      OIDC_AUTH_ENABLED: true
+      OIDC_PROVIDER_NAME: authentik
+      OIDC_CONFIGURATION_URL: https://auth.sectorq.eu/application/o/mealie/.well-known/openid-configuration
+      OIDC_CLIENT_ID: "QfrrMn3EzUqkb3ueFl8UQe983qCxr50O2eScPZ3b"
+      OIDC_CLIENT_SECRET: "SN5QQJzEZO6kFbyZJ4JcaUbev1CH3VDFfyfB0oeJXo23r0Wx74xpfLS3OMAvoRW8QFxpaYwsRm492MHtZIHaofwf29yhjADHA2DABPecSGAm8V6JVU8m4HRSF3NjDyTV"
+      OIDC_SIGNUP_ENABLED: true
+      OIDC_USER_GROUP: mealie-users
+      OIDC_ADMIN_GROUP: mealie-admins
+      OIDC_AUTO_REDIRECT: true   # Optional: The login page will be bypassed and you will be sent directly to your Identity Provider.
+      OIDC_REMEMBER_ME: true
+    labels:      
+      homepage.container: mealie
+      homepage.description: Recipe server
+      homepage.group: Utils
+      homepage.href: https://${APPNAME}.sectorq.eu
+      homepage.icon: ${APPNAME}.png
+      homepage.name: Mealie
+      homepage.server: my-docker
+      wud.watch: true
+      wud.watch.digest: true     
+volumes:
+  mealie-data:

mealie/stack.env

@@ -0,0 +1,37 @@
+###############################################################################
+# Paperless-ngx settings                                                      #
+###############################################################################
+
+# See http://docs.paperless-ngx.com/configuration/ for all available options.
+
+# The UID and GID of the user used to run paperless in the container. Set this
+# to your UID and GID on the host so that you have write access to the
+# consumption directory.
+#USERMAP_UID=1000
+#USERMAP_GID=1000
+
+# See the documentation linked above for all options. A few commonly adjusted settings
+# are provided below.
+
+# This is required if you will be exposing Paperless-ngx on a public domain
+# (if doing so please consider security measures such as reverse proxy)
+#PAPERLESS_URL=https://paperless.example.com
+
+# Adjust this key if you plan to make paperless available publicly. It should
+# be a very long sequence of random characters. You don't need to remember it.
+#PAPERLESS_SECRET_KEY=change-me
+
+# Use this variable to set a timezone for the Paperless Docker containers. Defaults to UTC.
+#PAPERLESS_TIME_ZONE=America/Los_Angeles
+
+# The default language to use for OCR. Set this to the language most of your
+# documents are written in.
+#PAPERLESS_OCR_LANGUAGE=eng
+
+# Additional languages to install for text recognition, separated by a whitespace.
+# Note that this is different from PAPERLESS_OCR_LANGUAGE (default=eng), which defines
+# the language used for OCR.
+# The container installs English, German, Italian, Spanish and French by default.
+# See https://packages.debian.org/search?keywords=tesseract-ocr-&searchon=names&suite=buster
+# for available languages.
+#PAPERLESS_OCR_LANGUAGES=tur ces

mediacenter/.env

@@ -9,3 +9,4 @@ LIDARR_TOKEN=a9d7379966bd467aa0ad226848575e03
 QBIT_TOKEN=l4c1j4yd33Du5lo
 RADARR_TOKEN=671f20f9518b4ab3a977cc00f95b0427
 SONARR_TOKEN=325b15a81c544ed2a1cd2bb16e95a129
+HW_MODE=hw

mediacenter/docker-compose.yml

@@ -7,12 +7,12 @@ services:
   bazarr:
     container_name: bazarr
     depends_on:
-    - sonarr
+      - sonarr
-    - radarr
+      - radarr
     environment:
-    - PUID=1000
+      - PUID=1000
-    - PGID=1000
+      - PGID=1000
-    - TZ=Europe/Bratislava
+      - TZ=Europe/Bratislava
     hostname: bazarr
     image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/bazarr:latest
     labels:
@@ -31,14 +31,14 @@ services:
       wud.watch: true
       wud.watch.digest: true
     networks:
-    - mediarr
+      - mediarr
     ports:
-    - 6767:6767
+      - 6767:6767
     restart: ${RESTART:-unless-stopped}
     volumes:
-    - /share/docker_data/bazarr/config:/config
+      - /share/docker_data/bazarr/config:/config
-    - /media/data/movies:/movies
+      - /media/data/movies:/movies
-    - /media/data/shows:/tv
+      - /media/data/shows:/tv
   flaresolverr:
     container_name: flaresolverr
     environment:
@@ -51,9 +51,9 @@ services:
       wud.watch: true
       wud.watch.digest: true
     networks:
-    - mediarr
+      - mediarr
     ports:
-    - 8191:8191
+      - 8191:8191
     restart: ${RESTART:-unless-stopped}
   homarr:
     container_name: homarr
@@ -64,26 +64,28 @@ services:
       wud.watch: true
       wud.watch.digest: true
     networks:
-    - mediarr
+      - mediarr
     ports:
-    - 7575:7575
+      - 7575:7575
     restart: ${RESTART:-unless-stopped}
     volumes:
-    - /var/run/docker.sock:/var/run/docker.sock
+      - /var/run/docker.sock:/var/run/docker.sock
-    - /share/docker_data/homarr/configs:/app/data/configs
+      - /share/docker_data/homarr/configs:/app/data/configs
-    - /share/docker_data/homarr/icons:/app/public/icons
+      - /share/docker_data/homarr/icons:/app/public/icons
-    - /share/docker_data/homarr/data:/data
+      - /share/docker_data/homarr/data:/data
   jackett:
     container_name: jackett
+    dns:
+      - 192.168.77.101
     depends_on:
-    - sonarr
+      - sonarr
-    - radarr
+      - radarr
     environment:
-    - PUID=1000
+      - PUID=1000
-    - PGID=1000
+      - PGID=1000
-    - TZ=Europe/Bratislava
+      - TZ=Europe/Bratislava
-    - AUTO_UPDATE=true
+      - AUTO_UPDATE=true
-    - RUN_OPTS=
+      - RUN_OPTS=
     hostname: jackett
     image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/jackett:latest
     labels:
@@ -282,10 +284,12 @@ services:
     - /media/data/downloads:/downloads
   sonarr:
     container_name: sonarr
+    dns:
+      - 192.168.77.101
     environment:
-    - PUID=1000
+      - PUID=1000
-    - PGID=1000
+      - PGID=1000
-    - TZ=Europe/Bratislava
+      - TZ=Europe/Bratislava
     hostname: sonarr
     image: ${DOCKER_REGISTRY:-}lscr.io/linuxserver/sonarr:latest
     labels:

nextcloud/stack.env

@@ -5,6 +5,6 @@ MYSQL_DATABASE=nextcloud
 MYSQL_USER=nextcloud
 MYSQL_HOST=db
 REDIS_HOST=redis
-# - PHP_MEMORY_LIMIT=1024M
+PHP_MEMORY_LIMIT=1024M
-# - PHP_UPLOAD_LIMIT=1024M
+PHP_UPLOAD_LIMIT=1024M
-# - NEXTCLOUD_MEMORY_LIMIT=1024M
+NEXTCLOUD_MEMORY_LIMIT=1024M

octoprint/docker-compose.yml

@@ -2,7 +2,7 @@ services:
   octoprint1:
     container_name: octoprint1
     devices:
-    - /dev:/dev
+      - /dev/ttyUSB0:/dev/ttyUSB0
     environment:
     - ENABLE_MJPG_STREAMER=true
     image: ${DOCKER_REGISTRY:-}octoprint/octoprint:latest
@@ -25,7 +25,7 @@ services:
     ports:
     - 85:80
     volumes:
-    - /share/docker_data/octoprint1:/octoprint
+      - /share/docker_data/octoprint1:/octoprint
   octoprint2:
     container_name: octoprint2
     environment:
@@ -50,5 +50,5 @@ services:
     ports:
     - 86:80
     volumes:
-    - /share/docker_data/octoprint2:/octoprint
+      - /share/docker_data/octoprint2:/octoprint
-    - /dev:/dev
+      - /dev:/dev

paperless-ng/docker-compose.yml

@@ -1,28 +0,0 @@
----
-version: "2.1"
-services:
-  paperless-ng:
-    image: lscr.io/linuxserver/paperless-ng:latest
-    container_name: paperless-ng
-    environment:
-      - PUID=1000
-      - PGID=1000
-      - TZ=Europe/Bratislava
-      - REDIS_URL= #optional
-    volumes:
-      - /share/docker_data/paperless/config:/config
-      - /share/docker_data/paperless/data:/data
-    ports:
-      - 8001:8000
-    restart: unless-stopped
-    labels:
-      wud.watch: true
-      wud.watch.digest: true
-      homepage.container: paperless-ng
-      homepage.description: PDF
-      homepage.group: Utils
-      homepage.href: https://active.home.lan:9343/admin
-      homepage.icon: /images/pihole.png
-      homepage.name: Paperless-ng
-      homepage.server: my-docker
-      homepage.weight: '1'

paperless-ng/stack.env

@@ -1,95 +0,0 @@
-TZ=Europe/Bratislava
-WUD_REGISTRY_HUB_PUBLIC_LOGIN=jaydee77
-WUD_REGISTRY_HUB_PUBLIC_PASSWORD=dckr_pat_WUfjkuEEYYEFDI95myphANR7AUU
-
-WUD_REGISTRY_CUSTOM_JAYDEE_URL=https://r.sectorq.eu
-WUD_REGISTRY_CUSTOM_JAYDEE_LOGIN=jaydee
-WUD_REGISTRY_CUSTOM_JAYDEE_PASSWORD=l4c1j4yd33Du5lo
-#WUD_REGISTRY_CUSTOM_JAYDEE_AUTH="$2y$05$KM.AT7zX5BseO0HnXG4ds.a01XHLPBmrEFYt4ZjD.v6pUZw3xmCkq"
-
-# AUTHENTIK
-WUD_AUTH_OIDC_AUTHENTIK_CLIENTID=p8WUIAWMMx2mRdsnjZdkMl5XXerZQfZFo6ZadAvH
-WUD_AUTH_OIDC_AUTHENTIK_CLIENTSECRET=ApAQrTyl2qVIsxhHY1MYJkxCS5tHjQz2gKnmDTOgGALeVCxiN9upQP1h28VqqAaOtc6WEDsczhsk1hKFvit1WUe8mbk0BkGQc2Mnh0Hf2MRybXd1vDcTRWL6pqICywBs
-WUD_AUTH_OIDC_AUTHENTIK_DISCOVERY=https://auth.sectorq.eu/application/o/wud/.well-known/openid-configuration
-WUD_AUTH_OIDC_AUTHENTIK_REDIRECT=false
-WUD_AUTH_OIDC_AUTHENTIK_TIMEOUT=2000
-
-# BASIC
-WUD_AUTH_BASIC_JAYDEE_USER=homepage
-WUD_AUTH_BASIC_JAYDEE_HASH=$$apr1$$pGMz1QxU$$y6XuTscvGcYgas15JWlfg/
-# GOTIFY
-WUD_TRIGGER_GOTIFY_EXTERNAL_PRIORITY=0
-WUD_TRIGGER_GOTIFY_EXTERNAL_TOKEN="AFxvpm1JpPSsmkf"
-WUD_TRIGGER_GOTIFY_EXTERNAL_URL=https://gotify.sectorq.eu
-#WUD_TRIGGER_GOTIFY_EXTERNAL_MODE=batch
-WUD_TRIGGER_GOTIFY_EXTERNAL_MODE=simple
-WUD_TRIGGER_GOTIFY_EXTERNAL_ONCE=true
-
-# WUD_TRIGGER_GOTIFY_EXTERNAL2_PRIORITY=0
-# WUD_TRIGGER_GOTIFY_EXTERNAL2_TOKEN=AzAY1vUr1zLS9R6
-# WUD_TRIGGER_GOTIFY_EXTERNAL2_URL=https://gotify2.sectorq.eu
-# #WUD_TRIGGER_GOTIFY_EXTERNAL2_MODE=batch
-# WUD_TRIGGER_GOTIFY_EXTERNAL2_MODE=simple
-# WUD_TRIGGER_GOTIFY_EXTERNAL2_ONCE=true
-
-
-# NTFY
-#WUD_TRIGGER_NTFY_MSERVER_URL=https://ntfy.sectorq.eu
-#WUD_TRIGGER_NTFY_MSERVER_TOPIC=wud
-
-
-WUD_TRIGGER_DOCKER_MSERVER_PRUNE=true
-WUD_TRIGGER_DOCKER_RPI5_PRUNE=true
-WUD_TRIGGER_DOCKER_NAS_PRUNE=true
-WUD_TRIGGER_DOCKER_RACK_PRUNE=true
-# error info debug trace
-WUD_LOG_LEVEL=debug
-# text json
-WUD_LOG_FORMAT=text
-
-WUD_WATCHER_EXTDOCKER_HOST=193.168.144.164
-WUD_WATCHER_EXTDOCKER_PORT=2376
-WUD_WATCHER_EXTDOCKER_CERTFILE=/certs/ext/cert.pem
-WUD_WATCHER_EXTDOCKER_CAFILE=/certs/ext/ca.pem
-WUD_WATCHER_EXTDOCKER_KEYFILE=/certs/ext/key.pem
-WUD_WATCHER_EXTDOCKER_CRON=0 * * * *
-WUD_WATCHER_EXTDOCKER_WATCHALL=true
-WUD_WATCHER_EXTDOCKER_WATCHBYDEFAULT=true
-
-WUD_WATCHER_MSERVER_HOST=192.168.77.101
-WUD_WATCHER_MSERVER_PORT=2376
-WUD_WATCHER_MSERVER_CERTFILE=/certs/m-server/cert.pem
-WUD_WATCHER_MSERVER_CAFILE=/certs/m-server/ca.pem
-WUD_WATCHER_MSERVER_KEYFILE=/certs/m-server/key.pem
-WUD_WATCHER_MSERVER_CRON=0 * * * *
-WUD_WATCHER_MSERVER_WATCHALL=true
-WUD_WATCHER_MSERVER_WATCHBYDEFAULT=false
-
-WUD_WATCHER_RPI5_HOST=192.168.77.238
-WUD_WATCHER_RPI5_PORT=2376
-WUD_WATCHER_RPI5_CERTFILE=/certs/rpi5/cert.pem
-WUD_WATCHER_RPI5_CAFILE=/certs/rpi5/ca.pem
-WUD_WATCHER_RPI5_KEYFILE=/certs/rpi5/key.pem
-WUD_WATCHER_RPI5_CRON=0 * * * *
-WUD_WATCHER_RPI5_WATCHALL=true
-WUD_WATCHER_RPI5_WATCHBYDEFAULT=true
-
-WUD_WATCHER_NAS_HOST=192.168.77.106
-WUD_WATCHER_NAS_PORT=2376
-WUD_WATCHER_NAS_CERTFILE=/certs/nas/cert.pem
-WUD_WATCHER_NAS_CAFILE=/certs/nas/ca.pem
-WUD_WATCHER_NAS_KEYFILE=/certs/nas/key.pem
-WUD_WATCHER_NAS_CRON=0 * * * *
-WUD_WATCHER_NAS_WATCHALL=true
-WUD_WATCHER_NAS_WATCHBYDEFAULT=true
-
-WUD_WATCHER_RACK_HOST=192.168.77.55
-WUD_WATCHER_RACK_PORT=2376
-WUD_WATCHER_RACK_CERTFILE=/certs/rack/cert.pem
-WUD_WATCHER_RACK_CAFILE=/certs/rack/ca.pem
-WUD_WATCHER_RACK_KEYFILE=/certs/rack/key.pem
-WUD_WATCHER_RACK_CRON=0 * * * *
-WUD_WATCHER_RACK_WATCHALL=true
-WUD_WATCHER_RACK_WATCHBYDEFAULT=true
-
-WUD_SERVER_CORS_ENABLED=true

paperless-ngx/.env

@@ -0,0 +1,3 @@
+RESTART=always
+DOCKER_REGISTRY=r.sectorq.eu/library/
+APPNAME=paperless-ngx

paperless-ngx/docker-compose.yml

@@ -0,0 +1,53 @@
+services:
+  broker:
+    image: ${DOCKER_REGISTRY:-}docker.io/library/redis:8
+    restart: unless-stopped
+    volumes:
+      - /share/docker_data/paperless/redisdata:/data
+  webserver:
+    image: ${DOCKER_REGISTRY:-}ghcr.io/paperless-ngx/paperless-ngx:latest
+    restart: unless-stopped
+    depends_on:
+      - broker
+    ports:
+      - "8001:8000"
+    volumes:
+      - /share/docker_data/paperless/data:/usr/src/paperless/data
+      - /share/docker_data/paperless/media:/usr/src/paperless/media
+      - /share/docker_data/paperless/export:/usr/src/paperless/export
+      - /share/docker_data/paperless/consume:/usr/src/paperless/consume
+      - /share/docker_data/paperless/scripts:/opt/scripts
+    env_file: stack.env
+    environment:
+      PAPERLESS_REDIS: redis://broker:6379
+      PAPERLESS_APPS: allauth.socialaccount.providers.openid_connect
+      PAPERLESS_URL: https://paperless.sectorq.eu
+      PAPERLESS_CSRF_TRUSTED_ORIGINS: https://paperless.sectorq.eu
+      PAPERLESS_POST_CONSUME_SCRIPT: /opt/scripts/post-consumption.sh
+      PAPERLESS_SOCIALACCOUNT_PROVIDERS: >
+          {
+            "openid_connect": {
+              "APPS": [
+                {
+                  "provider_id": "authentik",
+                  "name": "Authentik",
+                  "client_id": "B4NM614bqWkvDqGDAmR823qUm8n4ZNlG3XtvkI51",
+                  "secret": "7FFRdLWOUHlDxkhc86xR2yhxRn8BmDfTtfX9aTVY1XbRY197zy3UXPs51IMIkIjwjp6uijtpIQDDJDpR7LNInJt0F5hEXGMEcTfJxYyfNv2ytKFO58tCN5UD2EnzbCmN",
+                  "settings": {
+                    "server_url": "https://auth.sectorq.eu/application/o/paperless/.well-known/openid-configuration"
+                  }
+                }
+              ],
+              "OAUTH_PKCE_ENABLED": "True"
+            }
+          }
+    labels:
+      homepage.container: paperless-webserver-1
+      homepage.description: PDF server
+      homepage.group: Utils
+      homepage.href: https://paperless.sectorq.eu
+      homepage.icon: ${APPNAME}.png
+      homepage.name: Paperless
+      homepage.server: my-docker
+      wud.watch: true
+      wud.watch.digest: true          

paperless-ngx/stack.env

@@ -0,0 +1,37 @@
+###############################################################################
+# Paperless-ngx settings                                                      #
+###############################################################################
+
+# See http://docs.paperless-ngx.com/configuration/ for all available options.
+
+# The UID and GID of the user used to run paperless in the container. Set this
+# to your UID and GID on the host so that you have write access to the
+# consumption directory.
+#USERMAP_UID=1000
+#USERMAP_GID=1000
+
+# See the documentation linked above for all options. A few commonly adjusted settings
+# are provided below.
+
+# This is required if you will be exposing Paperless-ngx on a public domain
+# (if doing so please consider security measures such as reverse proxy)
+#PAPERLESS_URL=https://paperless.example.com
+
+# Adjust this key if you plan to make paperless available publicly. It should
+# be a very long sequence of random characters. You don't need to remember it.
+#PAPERLESS_SECRET_KEY=change-me
+
+# Use this variable to set a timezone for the Paperless Docker containers. Defaults to UTC.
+#PAPERLESS_TIME_ZONE=America/Los_Angeles
+
+# The default language to use for OCR. Set this to the language most of your
+# documents are written in.
+#PAPERLESS_OCR_LANGUAGE=eng
+
+# Additional languages to install for text recognition, separated by a whitespace.
+# Note that this is different from PAPERLESS_OCR_LANGUAGE (default=eng), which defines
+# the language used for OCR.
+# The container installs English, German, Italian, Spanish and French by default.
+# See https://packages.debian.org/search?keywords=tesseract-ocr-&searchon=names&suite=buster
+# for available languages.
+#PAPERLESS_OCR_LANGUAGES=tur ces

zabbix-server/docker-compose.yml

@@ -26,11 +26,11 @@ services:
     - db-server
     env_file:
     - stack.env
-    image: ${DOCKER_REGISTRY:-}zabbix/zabbix-web-nginx-pgsql:alpine-latest
+    image: ${DOCKER_REGISTRY:-}zabbix/zabbix-web-nginx-pgsql:alpine-7.2.0
     labels:
       com.centurylinklabs.watchtower.enable: true
-      wud.watch: true
+      # wud.watch: true
-      wud.watch.digest: true
+      # wud.watch.digest: true
     networks:
       zabbix:
         ipv4_address: 192.168.89.3
@@ -48,7 +48,7 @@ services:
     extends:
       file: logging.yml
       service: ${LOGGING:-syslog}
-    image: ${DOCKER_REGISTRY:-}zabbix/zabbix-server-pgsql:alpine-latest
+    image: ${DOCKER_REGISTRY:-}zabbix/zabbix-server-pgsql:alpine-7.2.0
     labels:
       com.centurylinklabs.watchtower.enable: 'true'
       homepage.container: zabbix-server-zabbix-server-1
@@ -62,8 +62,8 @@ services:
       homepage.widget.key: a5294f55cccb490cded051a6ccd45f15f3434f06f7c77de4b22abc8bf086534a
       homepage.widget.type: ${APPNAME}
       homepage.widget.url: https://${APPNAME}.sectorq.eu
-      wud.watch: true
+      # wud.watch: true
-      wud.watch.digest: true
+      # wud.watch.digest: true
     networks:
       zabbix:
         ipv4_address: 192.168.89.2