af0a5cd2bd
trying out wud, added secrets for it
2025-12-11 22:26:59 +11:00
dc1c2681fe
added a patst while we work on a new branch for PA, also a more timely health check so traefik is faster to notice its back after a restart
2025-10-25 21:55:48 +11:00
43719b968a
trying to place a health check/url on padev to fix the weird slow restart, not sure it was not just traefik needing a rebuild??? also finally have moved embyserver off the beta versions back to mainline :latest
2025-10-10 23:55:32 +11:00
ef24976947
bump emby, deal with postgres 18 upgrade - including annoying "18" now being in path for data
2025-09-28 10:35:43 +10:00
adfe4f9ce4
bump emby, change commit url for new openldap, added tty: true and PYTHONUNBUFFERED: 1 to make python dev container instantly show output
2025-09-23 20:07:29 +10:00
e7915b2050
add last commit url for new ldap repo
2025-09-15 22:23:42 +10:00
050b3f6480
switched from bitnami ldap to tiredofit ldap due to upstream licensing shenanigans, also added a splunk (for now) just to see the unifi logs - to see if its worth it
2025-09-15 18:14:04 +10:00
3527f94efa
added skip profile to readarr as its no longer supported/working, cleaned up syntax/format for restart clause for all, fixed up dumbness with the mara/homarr/myth web containers so that all works, still troubleshooting calibre - can only get it to go via direct ports, not via traefik for now
2025-08-16 11:33:45 +10:00
f2da5f4e86
updated emby to 4.9.1.0
...
updated mythweb to only work on myth.ddp.net
updated vaultwarden to allow redirect to work behind traefik, and also disabled
ability for anyone new to register an account
2025-05-27 18:16:54 +10:00
191e24c0ab
updated emby
2025-05-09 14:47:13 +10:00
88a9ea5ee7
updated emby, made finplan have the DB persist into /srv/.../container/finplan/
2025-04-30 13:54:30 +10:00
fc819e63bd
updated emby, also removed watchtower line from cdpdev so that it does not count in my grafana dashboard as being updated (or running)
2025-04-16 14:08:58 +10:00
6529714a2d
upgraded emby
...
commented shitster so its works with my docker-updates parser for grafana
removed tix*
upgraded kuma to v2, removing kuma and replacing with mon for container name
upgraded mail server
2025-04-11 17:23:38 +10:00
ec53210e14
finalise move to new homarr v1
2025-03-29 15:51:52 +11:00
911adb1d85
cam added ftps, ddp added homarr v1 - but import didnt work, both need more work, but commiting for now as ftps did not have a restart clause and would not come back on reboot, fixed now
2025-03-28 11:01:07 +11:00
6c077b253c
added finplan, added mythweb and changed traefik router for it to just myth.ddp.net, upgraded emby and upgraded mail - including putting back the hostname: depaoli.id.au - this is needed to keep off spamhaus blacklist as the DNS did not match the rev PTR
2025-03-13 20:38:42 +11:00
0314dbf672
replaced heimdall with homarr, fixed myth db paths to remove _tmp, added health check for prod PA db. Cam added shitster
2025-02-07 15:30:25 +11:00
e831eb8b67
remove pihole, final replacement with adguard as the dependency in docker as well
2025-01-08 17:09:25 +11:00
d01ff8e647
changed grafana local to grafana.ddp.net not using mara anymore
2025-01-08 17:05:00 +11:00
e519ae1493
explicit use of 0.0.0.0 in port stanzas to force only opening up ipv4, added heimdall and adguard. For now pihole is still there, just the ports have been hidden so adguard is active dns. Using heimdall as mara.ddp.net default web content now, moved mythweb to myth.ddp.net. Finally, just use user root (no group docker) for telegraf
2025-01-04 22:35:14 +11:00
3b1e523c0c
change over to mariadb for mythdb, remove unused ark-server, remove ports exposed on mara that are not used anymore - did have to reconfigure grafana to use influxdb as the host instead of 192.168.0.2
2024-11-26 22:00:15 +11:00
3ca2f07ddc
moving to BOOK_UID/BOOK_GID args for pybook, mount in /books so we can write ebooks to it, and try harder to stop watchtower restarting mail container
2024-11-16 00:04:49 +11:00
72cfa77d57
uppped emby 4.9.0.30, locked docker-mailserver to 14.0.0 as watchtower quiety/partially broke it so do updates here manually, better last_commit url for bitnami openldap, move postgres dev to explicit latest, and to :17 for prod, cleaned up PA to now use a PA_ID, pass it to docker build and then use that to simplify wrapper to handle prod/container better
2024-11-04 19:59:07 +11:00
49d8f9f6c7
added ftp service, added last.commit.url label so I can see if a project is still active, removed deprecated version, upgraded emby to a newer beta and finally locked mythdb to an 8.4 mysql so that its compatible with android apk
2024-08-25 22:42:13 +10:00
d8433d4bd5
upped docker-compose version (just because), explicitly called :latest (just because), commented out ark-server and mass, added tixbkend (separate tix web and force it to run as uid=1000, and backend that processes pdfs), upped emby to a newer 4.9 release - but still not allowing latest, so we can convert back to prod 4.9 version when it goes to latest, adjsted telegraf group after reinstall of mara -- this still is not elegant, but works
2024-06-30 17:16:14 +10:00
2ed88cd9d6
remove lidarr, never really use it
2024-05-07 00:02:20 +10:00
0fe30e2e74
cleaned up names of traefik rules for developed containers, added padev, made myth container be "from scratch", taking an ubuntu:latest image and just adding mythbuntu, etc.
2024-05-05 12:10:13 +10:00
fa84f9b914
rename and be consistent for book / bookdev
2024-03-10 14:15:58 +11:00
47ec3b3ac3
put sab back to latest image, and hide bookdb_webdev port and use book-dev.ddp.net to refer to it now
2024-03-10 13:58:23 +11:00
10e6d3fcbb
made samba use prod ldap, version locked sab and emby due to issues, also force mass to depends_on emby so it stops stealing embys port
2024-03-08 21:09:08 +11:00
66d380f73a
remove ldap-dev and phpldapadmin, now that samba is in prod
2024-02-25 21:04:57 +11:00
16b5f8624d
added ldap-dev, phpldapadmin and samba containers to get samba containerised. This verison has a working ldap-dev, phpldapadmin pointing to it, and samba is now working pointing to prod. Also made pybook run as user 2000 instead of root
2024-02-25 21:04:11 +11:00
e7c6f83a86
remove commented out plex server - not needed, plex account and leeching of ej works without it
2024-02-17 21:55:49 +11:00
9f5138f8e7
remove tls / cert config for openldap, we dont use it
2024-02-17 21:49:56 +11:00
7e52aa8d50
converted over from manual certbot to traefik automatically handling certs
...
updated doco around when we use loadbalancer port
emby now has group 110 (radeon) as well, so it can do hardware acceleration from new AMD 5600G cpu
and added /dev/dri to access the hardware
change roundcubemail to webmail
converted mail container to use traefik's acme.json
moved esphome to its own esphome.ddp.net (aka removed internet access as I could not get a password in front of it via traefik as yet)
convert telegraf to use mara-init / entrypoint standar
added ldap to grafana so password is now taken from secrets/ldap*
converted bookdb_web, paweb, tix away from SSL passthrough to normal traefik ssl offload (also making it easier to traefik to manage certs as I had issues with some with HostSNI / passthrough
converted padb* to use entrypoint standard, rather than using a separate DockerFile to have the postgres image and then my own customising
converted kuma to have a new data dir and to adopt new mara-init/mara-bin/entrypoint.sh standard
moved mythtv root pwd out into secrets / env file
update mythtv to new mara-init, mara-bin, entrypoint.sh standard, removed use of network_mode: host, and go direct to mythdb via local dns / container name, instead of ip or mara
finalised move from wikijs to bookstack (renaming wikitst to wiki)
added depweb basic web service, solely to allow traefik to handle depaoli.id.au SSL domain (for mail which does not route traffic there itself)
2024-02-17 18:48:39 +11:00
fa00790e95
moved several services to *.ddp.net, this adds influx.ddp.net, fixes piholes crazy URL rewrites, and simplifies a few ruls - needed for influxs api and traefiks api routes to coexist. Also had to go back to network_mode: host for myth - not sure why as yet
2024-01-24 00:48:25 +11:00
bcd3fde841
removed unused wikijs, autodiscover
2024-01-23 16:55:44 +11:00
291c2996b8
put rspamd web behind traefik, and hide it on local port. fixed up poor username/password combo for influxdb, added localtime to a few containers that did not have it, created a new web server that handles php covering my local needs to serve the landing page / images & mythweb
2024-01-23 16:54:30 +11:00
da3a2de62f
converted over to rspamd including new dkim keys (into DNS and rspamd), and removed now unneeded PTRACE capability - dropped in Jun 2022)
2024-01-19 18:56:10 +11:00
7b1e2307f9
committed to running traefik in network_mode: host, and fixed up where this then caused traefik labels to not knowthe loadbalancer port
...
then realised hass needed to add ::1 ti trusted hosts as that was how traefik is using the explicit loadbalancer port setting with network_mode: host containers like hass, emby, etc.
upgrade to latest mail again, validated newer fail2ban defaults look okay, reduced comment appropriately, added rspamd* env vars (commented out), prepared to remove old env vars so we can switch to rspamd - doing this commit first
put back SASL auth, and updated LDAP_HOST use for mail container based on newer format - and Cams doc :)
removed last reference to prometheus (in a depends_on, which didnt exist clearly)
converted padb* containers back to native postgres:16 images, and used better model of overriding install scripts via entrypoint:
removed old reference to asuscomm.com
tried out and got working autodiscover, it worked for thunderbird but not our phones, so just getting rid of it - it seems to be a stale image / not maintained
convered from wikijs to bookstack (due to wikijs being unmaintained, and producing version 3 for something like 18 months and still being a mile from finished)
tweaked naming with myth container - still some work to fix up here I believe (remove network_mode: host, and put back DB server name to be container name - cant test until nothing is being recorded)
and myth* still has lame passwords, as does influxdb, to be finalised...
2024-01-19 17:55:26 +11:00
aa31f0a691
added back plex (but commented out for now - works on dining tv, so need to consider this again. Moved myth into containers (and learnt about entrypoint). Big chaneover from prometheus, cadvisor, *exporters containers to influxdb, telegraf and a few scripts running in containers like mail, myth and some native crons on mara
2024-01-09 21:50:19 +11:00
696b6cdb58
added access logs of errors / slow URLs only, and exposed that out into /srv/docker/container/traefik/var/log/access_log, moved all passwords into separate env_files
2023-12-20 16:40:09 +11:00
80d15db83a
sshwifty now has no exposed ports, and traefik routing to it properly. Also tweaked mail settings to ensure some default variables, and some future to test variables are there
2023-11-02 17:31:45 +11:00
7ce444e169
commenting out ark-server and phpldapadmin as lamely, that is the only way to keep them but not have them start when mara boots up
2023-10-28 12:21:48 +11:00
49f68974f2
removed plex, oxisia openldap, wetty -> migrated to bitnami openldap and sshwifty, mail does not use SASL anymore (bitnami doesnt work with it), updated mail ENV var to newer format for ldap, added some comments around network_mode: host and why I have it set
2023-10-28 12:07:56 +11:00
729fec4db3
using ping for esphome while mdns not working as expected, also locked postgres to a 16 version - each update breaks the database as it needs an export / import to upgrade. Finally precautionarily locked docker-mailserver, I can see they also are considering changing ldap and that sounds large / I want to test first. I also get an email when they upgrade, so will get that prompt
2023-09-21 13:20:21 +10:00
fcbe2d3c4b
remove old mimosa code, removed unnecessary :latest
2023-09-15 21:35:14 +10:00
36743c3ecf
fixing a couple more containers to latest or fixed numbers as best we can, also trying a new ldap (not an easy swap)
2023-09-13 23:17:01 +10:00
a502982f1c
fixed pihole to handle /admin redirect, updated blackbox-exporter to have proper :latest on the image not the container name, moved to newer speedtest with latest tag, updated pihole to use newer DNS settings for newer pihole syntax/version
2023-08-30 22:35:21 +10:00
1cfcac194e
fixed watchtower to have latest tag, using different phpopenldap image that is being kept up to date (and using latest tag), moved pihole to latest tag (required tweaks to dnsmasq settings (in /srv/docker/container/pihole/...), updated wikidb to use latest postgres, and now using a real password
2023-08-25 22:51:14 +10:00
