dc1c2681fe
added a patst while we work on a new branch for PA, also a more timely health check so traefik is faster to notice its back after a restart
Damien De Paoli2025-10-25 21:55:48 +11:00
43719b968a
trying to place a health check/url on padev to fix the weird slow restart, not sure it was not just traefik needing a rebuild??? also finally have moved embyserver off the beta versions back to mainline :latest
Damien De Paoli2025-10-10 23:55:32 +11:00
ef24976947
bump emby, deal with postgres 18 upgrade - including annoying "18" now being in path for data
Damien De Paoli2025-09-28 10:35:43 +10:00
adfe4f9ce4
bump emby, change commit url for new openldap, added tty: true and PYTHONUNBUFFERED: 1 to make python dev container instantly show output
Damien De Paoli2025-09-23 20:07:29 +10:00
050b3f6480
switched from bitnami ldap to tiredofit ldap due to upstream licensing shenanigans, also added a splunk (for now) just to see the unifi logs - to see if its worth it
Damien De Paoli2025-09-15 18:14:04 +10:00
3527f94efa
added skip profile to readarr as its no longer supported/working, cleaned up syntax/format for restart clause for all, fixed up dumbness with the mara/homarr/myth web containers so that all works, still troubleshooting calibre - can only get it to go via direct ports, not via traefik for now
Damien De Paoli2025-08-16 11:33:45 +10:00
f2da5f4e86
updated emby to 4.9.1.0 updated mythweb to only work on myth.ddp.net updated vaultwarden to allow redirect to work behind traefik, and also disabled ability for anyone new to register an account
Damien De Paoli2025-05-27 18:16:54 +10:00
a8a1940d2d
added a gitignore so we dont inherit git repos inside git repos
Damien De Paoli2025-05-09 16:35:09 +10:00
88a9ea5ee7
updated emby, made finplan have the DB persist into /srv/.../container/finplan/
Damien De Paoli2025-04-30 13:54:30 +10:00
fc819e63bd
updated emby, also removed watchtower line from cdpdev so that it does not count in my grafana dashboard as being updated (or running)
Damien De Paoli2025-04-16 14:08:58 +10:00
911adb1d85
cam added ftps, ddp added homarr v1 - but import didnt work, both need more work, but commiting for now as ftps did not have a restart clause and would not come back on reboot, fixed now
Damien De Paoli2025-03-28 11:01:07 +11:00
f62dab2d42
remove old secrets no longer used, add homarr secrets in for new v1
Damien De Paoli2025-03-28 11:00:15 +11:00
6c077b253c
added finplan, added mythweb and changed traefik router for it to just myth.ddp.net, upgraded emby and upgraded mail - including putting back the hostname: depaoli.id.au - this is needed to keep off spamhaus blacklist as the DNS did not match the rev PTR
Damien De Paoli2025-03-13 20:38:42 +11:00
0314dbf672
replaced heimdall with homarr, fixed myth db paths to remove _tmp, added health check for prod PA db. Cam added shitster
Damien De Paoli2025-02-07 15:30:25 +11:00
e831eb8b67
remove pihole, final replacement with adguard as the dependency in docker as well
Damien De Paoli2025-01-08 17:09:25 +11:00
d01ff8e647
changed grafana local to grafana.ddp.net not using mara anymore
Damien De Paoli2025-01-08 17:05:00 +11:00
e519ae1493
explicit use of 0.0.0.0 in port stanzas to force only opening up ipv4, added heimdall and adguard. For now pihole is still there, just the ports have been hidden so adguard is active dns. Using heimdall as mara.ddp.net default web content now, moved mythweb to myth.ddp.net. Finally, just use user root (no group docker) for telegraf
Damien De Paoli2025-01-04 22:35:14 +11:00
3b1e523c0c
change over to mariadb for mythdb, remove unused ark-server, remove ports exposed on mara that are not used anymore - did have to reconfigure grafana to use influxdb as the host instead of 192.168.0.2
Damien De Paoli2024-11-26 22:00:15 +11:00
166089f0e7
changing over to mariadb, so adding root pwd for maria in secrets
Damien De Paoli2024-11-26 21:59:20 +11:00
3ca2f07ddc
moving to BOOK_UID/BOOK_GID args for pybook, mount in /books so we can write ebooks to it, and try harder to stop watchtower restarting mail container
Damien De Paoli2024-11-16 00:04:49 +11:00
72cfa77d57
uppped emby 4.9.0.30, locked docker-mailserver to 14.0.0 as watchtower quiety/partially broke it so do updates here manually, better last_commit url for bitnami openldap, move postgres dev to explicit latest, and to :17 for prod, cleaned up PA to now use a PA_ID, pass it to docker build and then use that to simplify wrapper to handle prod/container better
Damien De Paoli2024-11-04 19:59:07 +11:00
49d8f9f6c7
added ftp service, added last.commit.url label so I can see if a project is still active, removed deprecated version, upgraded emby to a newer beta and finally locked mythdb to an 8.4 mysql so that its compatible with android apk
Damien De Paoli2024-08-25 22:42:13 +10:00
d8433d4bd5
upped docker-compose version (just because), explicitly called :latest (just because), commented out ark-server and mass, added tixbkend (separate tix web and force it to run as uid=1000, and backend that processes pdfs), upped emby to a newer 4.9 release - but still not allowing latest, so we can convert back to prod 4.9 version when it goes to latest, adjsted telegraf group after reinstall of mara -- this still is not elegant, but works
Damien De Paoli2024-06-30 17:16:14 +10:00
0fe30e2e74
cleaned up names of traefik rules for developed containers, added padev, made myth container be "from scratch", taking an ubuntu:latest image and just adding mythbuntu, etc.
Damien De Paoli2024-05-05 12:10:13 +10:00
47ec3b3ac3
put sab back to latest image, and hide bookdb_webdev port and use book-dev.ddp.net to refer to it now
Damien De Paoli2024-03-10 13:58:23 +11:00
10e6d3fcbb
made samba use prod ldap, version locked sab and emby due to issues, also force mass to depends_on emby so it stops stealing embys port
Damien De Paoli2024-03-08 21:09:08 +11:00
66d380f73a
remove ldap-dev and phpldapadmin, now that samba is in prod
Damien De Paoli2024-02-25 21:04:57 +11:00
16b5f8624d
added ldap-dev, phpldapadmin and samba containers to get samba containerised. This verison has a working ldap-dev, phpldapadmin pointing to it, and samba is now working pointing to prod. Also made pybook run as user 2000 instead of root
Damien De Paoli2024-02-25 21:04:11 +11:00
e7c6f83a86
remove commented out plex server - not needed, plex account and leeching of ej works without it
Damien De Paoli2024-02-17 21:55:49 +11:00
9f5138f8e7
remove tls / cert config for openldap, we dont use it
Damien De Paoli2024-02-17 21:49:56 +11:00
7e52aa8d50
converted over from manual certbot to traefik automatically handling certs updated doco around when we use loadbalancer port emby now has group 110 (radeon) as well, so it can do hardware acceleration from new AMD 5600G cpu and added /dev/dri to access the hardware change roundcubemail to webmail converted mail container to use traefik's acme.json moved esphome to its own esphome.ddp.net (aka removed internet access as I could not get a password in front of it via traefik as yet) convert telegraf to use mara-init / entrypoint standar added ldap to grafana so password is now taken from secrets/ldap* converted bookdb_web, paweb, tix away from SSL passthrough to normal traefik ssl offload (also making it easier to traefik to manage certs as I had issues with some with HostSNI / passthrough converted padb* to use entrypoint standard, rather than using a separate DockerFile to have the postgres image and then my own customising converted kuma to have a new data dir and to adopt new mara-init/mara-bin/entrypoint.sh standard moved mythtv root pwd out into secrets / env file update mythtv to new mara-init, mara-bin, entrypoint.sh standard, removed use of network_mode: host, and go direct to mythdb via local dns / container name, instead of ip or mara finalised move from wikijs to bookstack (renaming wikitst to wiki) added depweb basic web service, solely to allow traefik to handle depaoli.id.au SSL domain (for mail which does not route traffic there itself)
Damien De Paoli2024-02-17 18:48:39 +11:00
fa00790e95
moved several services to *.ddp.net, this adds influx.ddp.net, fixes piholes crazy URL rewrites, and simplifies a few ruls - needed for influxs api and traefiks api routes to coexist. Also had to go back to network_mode: host for myth - not sure why as yet
Damien De Paoli2024-01-24 00:48:25 +11:00
6fa9e42ff5
move to improved / influx pwd and correct VAR for it
Damien De Paoli2024-01-24 00:46:34 +11:00
291c2996b8
put rspamd web behind traefik, and hide it on local port. fixed up poor username/password combo for influxdb, added localtime to a few containers that did not have it, created a new web server that handles php covering my local needs to serve the landing page / images & mythweb
Damien De Paoli2024-01-23 16:54:30 +11:00
da3a2de62f
converted over to rspamd including new dkim keys (into DNS and rspamd), and removed now unneeded PTRACE capability - dropped in Jun 2022)
Damien De Paoli2024-01-19 18:56:10 +11:00
d3587c6de4
fixup of myth, influxdb and wiki migration in secrets env files
Damien De Paoli2024-01-19 17:56:25 +11:00
7b1e2307f9
committed to running traefik in network_mode: host, and fixed up where this then caused traefik labels to not knowthe loadbalancer port
Damien De Paoli2024-01-19 17:55:26 +11:00
aa31f0a691
added back plex (but commented out for now - works on dining tv, so need to consider this again. Moved myth into containers (and learnt about entrypoint). Big chaneover from prometheus, cadvisor, *exporters containers to influxdb, telegraf and a few scripts running in containers like mail, myth and some native crons on mara
Damien De Paoli2024-01-09 21:50:19 +11:00
b7ac96e0d6
added access logs of errors / slow URLs only, and exposed that out into /srv/docker/container/traefik/var/log/access_log, moved all passwords into separate env_files
Damien De Paoli2023-12-20 16:40:24 +11:00
696b6cdb58
added access logs of errors / slow URLs only, and exposed that out into /srv/docker/container/traefik/var/log/access_log, moved all passwords into separate env_files
Damien De Paoli2023-12-20 16:40:09 +11:00
80d15db83a
sshwifty now has no exposed ports, and traefik routing to it properly. Also tweaked mail settings to ensure some default variables, and some future to test variables are there
Damien De Paoli2023-11-02 17:31:45 +11:00
7ce444e169
commenting out ark-server and phpldapadmin as lamely, that is the only way to keep them but not have them start when mara boots up
Damien De Paoli2023-10-28 12:21:48 +11:00
49f68974f2
removed plex, oxisia openldap, wetty -> migrated to bitnami openldap and sshwifty, mail does not use SASL anymore (bitnami doesnt work with it), updated mail ENV var to newer format for ldap, added some comments around network_mode: host and why I have it set
Damien De Paoli2023-10-28 12:07:56 +11:00
729fec4db3
using ping for esphome while mdns not working as expected, also locked postgres to a 16 version - each update breaks the database as it needs an export / import to upgrade. Finally precautionarily locked docker-mailserver, I can see they also are considering changing ldap and that sounds large / I want to test first. I also get an email when they upgrade, so will get that prompt
Damien De Paoli2023-09-21 13:20:21 +10:00
fcbe2d3c4b
remove old mimosa code, removed unnecessary :latest
Damien De Paoli2023-09-15 21:35:14 +10:00
36743c3ecf
fixing a couple more containers to latest or fixed numbers as best we can, also trying a new ldap (not an easy swap)
Damien De Paoli2023-09-13 23:17:01 +10:00
a502982f1c
fixed pihole to handle /admin redirect, updated blackbox-exporter to have proper :latest on the image not the container name, moved to newer speedtest with latest tag, updated pihole to use newer DNS settings for newer pihole syntax/version
Damien De Paoli2023-08-30 22:35:21 +10:00
1cfcac194e
fixed watchtower to have latest tag, using different phpopenldap image that is being kept up to date (and using latest tag), moved pihole to latest tag (required tweaks to dnsmasq settings (in /srv/docker/container/pihole/...), updated wikidb to use latest postgres, and now using a real password
Damien De Paoli2023-08-25 22:51:14 +10:00
c89623aba1
clean up of older containers wont use again like alert-manager, also fixed the hass issue where each new container breaks command line authentication
Damien De Paoli2023-07-06 19:52:59 +10:00
e96f56e7a8
have to use files for hass and network mode to be able to autodiscover devices like sonos
Damien De Paoli2023-06-19 20:31:34 +10:00
0860aa1931
made a bookdb_webdev container, and passed appropriate FLASK_ENV to each bookdb_web* container
Damien De Paoli2023-06-13 00:25:34 +10:00
a9ac26c549
added new tix home built python server for work ticket trends, added music assistant (mass) as a seperate container, used traefik to route hass again and put esphome and mass as URLs off hass.depaoli.id.au
Damien De Paoli2023-06-11 11:26:30 +10:00
c25e6fb065
removed commented out old images, added :latest to a few images, put watchtower updates on mqtt and esphome, changed over to vaultwarden from bitwarden
Damien De Paoli2023-04-09 13:22:59 +10:00
073fd63889
cut over to vaultwarden from bitwarden_rs, and changed TRUSTED_DEVICE_NAME -- wasnt needed, but a version of eufy-security-ws had an issue, but next release fixed it
Damien De Paoli2023-03-14 22:46:06 +11:00
c1fc868d1d
remove ddphome.asuscomm.com, no longer used and also added a comment
Damien De Paoli2023-02-16 16:48:53 +11:00
a65c41b0c9
replaced alertmanager with kuma, and exposed it on mon.depaoli.id.au
Damien De Paoli2022-12-29 13:08:00 +11:00
9eff9275df
moved hass traefik to files (cant exactly recall why, but believe its tls1.2 related, added esphome, added ssl for mimosa-clinic, allowed grafana to be https or http, Cam added mosquitto for pug/windows and his use of nfts
Damien De Paoli2022-12-20 21:58:13 +11:00
ab7bd563d5
now that I have opened port 3610, traefik was using it by default for ssl, so forced traefik to use 8123
Damien De Paoli2022-10-16 17:07:48 +11:00
8c1c1423a4
weirdly needed to add 3610 udp to get dining-ac to "poll", not sure why NOW I need this, but it is working
Damien De Paoli2022-10-14 17:11:06 +11:00
c3a8ac9e3f
moved to using tweak postgres image so we can add cron to backup users into /docker-entrypoint-initdb.d SO if we ever rebuild pa content from scratch, we have kept the person/refimgs
Damien De Paoli2022-09-19 17:04:25 +10:00
f1779971d8
put latest tags on mimosa containers, and made watchtower update them. Also added restart: always to mimosa-db
Damien De Paoli2022-09-01 18:08:51 +10:00
a083bfeaa6
adding padb_tst db for future testing, force roundcubemail to use port 993 and Cam added mimosa clinic wp site for now (and mariadb)
Damien De Paoli2022-08-31 21:43:30 +10:00
aafb0a4126
update to postgres 14, added ark-server, and grabbed autodiscover server, but not implemented it yet, so its commented out
Damien De Paoli2022-07-07 00:20:05 +10:00
b3b483afab
minor tweak of pybook to same format for building as PA, switched to newer cadvisor which seems to work better with newer U22.04 for mara stats, added new ENV vars with newer mail-server
Damien De Paoli2022-06-25 10:48:10 +10:00
176675e7d1
consistent use of restart:always to fix some containers not starting on boot in U22.04, also had to stop doing ports and network_mode (TO FIX), added in new bookdb_dev to make book* be consistent with PA added dependencies to try to better order container startups, switched to different source of cadvisor - it works, but still logs verbose errors about mem (TO FIX)
Damien De Paoli2022-06-19 00:00:46 +10:00
06c9e7d672
got alertmanager working, but not via traefik yet. Also added in containers for eufy security cam for hass, but they only partially work - I think my camera is too new
Damien De Paoli2022-06-05 17:35:46 +10:00
7804de5df6
remove tls12 restriction now cam has a new phone, and moved portainer to v2 - needed explicit loadbalancer port of 9000 for traefik as it also opened 8000
Damien De Paoli2022-05-28 09:25:25 +10:00
817ef23cdd
added wetty for ssh and put it behind ssh.depaoli.id.au:443 via traefik
Damien De Paoli2022-02-24 18:02:44 +11:00
615d5b5817
remove unneeded plex ports, and set DNS2 to opendns not cloudflare
Damien De Paoli2022-02-20 21:00:50 +11:00
f355cdcf1e
fix readarr config for traefik, and added jswiki with pg backend
Damien De Paoli2022-01-30 23:55:07 +11:00
369caa4130
clean up config file, removing isotope, ports on roundcube
Damien De Paoli2022-01-04 23:25:48 +11:00
f231c204bc
emby now uses localtime, added readarr, calibre and lidarr and reduced cpu load with cadvisor
Damien De Paoli2022-01-02 14:23:51 +11:00
f59c297910
okay, switched back to non hassio supervisor, and just a straight docker container, also put watchtowerrr back too
Damien De Paoli2021-08-08 16:18:11 +10:00
eb6caaa68b
updated mail container to use fail2ban again, added notes, reduced logs, also using correct/newer image location
Damien De Paoli2021-08-08 15:04:02 +10:00
943d9e09b2
use /etc/localtime so docker containers have right time for logs
Damien De Paoli2021-07-28 21:43:37 +10:00
4ab0742938
update hassio supervisor and add note on incantation to get around its stupid auto-updating failing crap
Damien De Paoli2021-06-12 22:54:57 +10:00
ba8b9ef764
revert pihole to 5.7, pa build vars (not working) and update hassio
Damien De Paoli2021-04-17 23:20:13 +10:00
4649f18dab
upgraded hass supervisor and force bw.depaoli.id.au to tolerate tls1.2 as min version so that cam/mich phones can use app
Damien De Paoli2021-03-13 14:11:04 +11:00
f47068b547
added docker storage path for paweb, may need to make this smarter eventually, e.g. allow a user to browse mounted file systems to find storage/import paths, and map storage dir to /storage
Damien De Paoli2021-03-03 20:32:43 +11:00
b9133f1131
added pa, bitwarden, changed radarr sonarr over to new names
Damien De Paoli2021-03-03 14:27:55 +11:00
3c095d9d3b
removed watchtower, doing that in cron to make hassio happy. added book* padb, switched to hassio :latest, and removed /dev/dri as it no longer exists on mara -- need to investigate that one
Damien De Paoli2021-01-14 00:19:00 +11:00
4e3e15fe54
completed: TODO-22: adding a sub-book when the parent book is in a series, and renamed MAYBE-1 to TODO-23 (deal with moving book in a series with another series involved), 24 (dockerise), 25 (actually allow removing just one subbook form series)
Damien De Paoli2021-01-07 21:36:21 +11:00
Damien De Paoli