updated mythweb to only work on myth.ddp.net
updated vaultwarden to allow redirect to work behind traefik, and also disabled
ability for anyone new to register an account
commented shitster so its works with my docker-updates parser for grafana
removed tix*
upgraded kuma to v2, removing kuma and replacing with mon for container name
upgraded mail server
updated doco around when we use loadbalancer port
emby now has group 110 (radeon) as well, so it can do hardware acceleration from new AMD 5600G cpu
and added /dev/dri to access the hardware
change roundcubemail to webmail
converted mail container to use traefik's acme.json
moved esphome to its own esphome.ddp.net (aka removed internet access as I could not get a password in front of it via traefik as yet)
convert telegraf to use mara-init / entrypoint standar
added ldap to grafana so password is now taken from secrets/ldap*
converted bookdb_web, paweb, tix away from SSL passthrough to normal traefik ssl offload (also making it easier to traefik to manage certs as I had issues with some with HostSNI / passthrough
converted padb* to use entrypoint standard, rather than using a separate DockerFile to have the postgres image and then my own customising
converted kuma to have a new data dir and to adopt new mara-init/mara-bin/entrypoint.sh standard
moved mythtv root pwd out into secrets / env file
update mythtv to new mara-init, mara-bin, entrypoint.sh standard, removed use of network_mode: host, and go direct to mythdb via local dns / container name, instead of ip or mara
finalised move from wikijs to bookstack (renaming wikitst to wiki)
added depweb basic web service, solely to allow traefik to handle depaoli.id.au SSL domain (for mail which does not route traffic there itself)
then realised hass needed to add ::1 ti trusted hosts as that was how traefik is using the explicit loadbalancer port setting with network_mode: host containers like hass, emby, etc.
upgrade to latest mail again, validated newer fail2ban defaults look okay, reduced comment appropriately, added rspamd* env vars (commented out), prepared to remove old env vars so we can switch to rspamd - doing this commit first
put back SASL auth, and updated LDAP_HOST use for mail container based on newer format - and Cams doc :)
removed last reference to prometheus (in a depends_on, which didnt exist clearly)
converted padb* containers back to native postgres:16 images, and used better model of overriding install scripts via entrypoint:
removed old reference to asuscomm.com
tried out and got working autodiscover, it worked for thunderbird but not our phones, so just getting rid of it - it seems to be a stale image / not maintained
convered from wikijs to bookstack (due to wikijs being unmaintained, and producing version 3 for something like 18 months and still being a mile from finished)
tweaked naming with myth container - still some work to fix up here I believe (remove network_mode: host, and put back DB server name to be container name - cant test until nothing is being recorded)
and myth* still has lame passwords, as does influxdb, to be finalised...
