Init

server/config/.gitmodules

@@ -0,0 +1,6 @@
+[submodule "ass/ass"]
+	path = ass/ass
+	url = https://github.com/tycrek/ass.git
+[submodule "exatorrent/exatorrent"]
+	path = exatorrent/exatorrent
+	url = git@github.com:Jafner/exatorrent.git

server/config/arr/.env

@@ -0,0 +1,4 @@
+DOCKER_DATA=/home/joey/docker_data/arr
+MEDIA_DIR=/mnt/media
+DOWNLOAD_DIR=/mnt/md0/torrenting/NZB
+INCOMPLETE_DOWNLOAD_DIR=/mnt/md0/torrenting/NZB_incomplete

server/config/arr/docker-compose.yml

@@ -0,0 +1,82 @@
+version: "3"
+services:
+  radarr:
+    image: linuxserver/radarr
+    container_name: radarr
+    networks:
+      - web
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/Los_Angeles
+    volumes:
+      - "${MEDIA_DIR}/Video/Movies:/movies"
+      - "${DOCKER_DATA}/radarr_config:/config"
+      - "${DOWNLOAD_DIR}:/downloads"
+    labels:
+      - traefik.http.routers.radarr.rule=Host(`radarr.jafner.net`)
+      - traefik.http.routers.radarr.tls.certresolver=lets-encrypt
+      - traefik.http.services.radarr.loadbalancer.server.port=7878
+      - traefik.http.routers.radarr.middlewares=lan-only@file
+  sonarr:
+    image: linuxserver/sonarr
+    container_name: sonarr
+    networks:
+      - web
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/Los_Angeles
+    volumes:
+      - "${MEDIA_DIR}/Video/Shows:/shows"
+      - "${DOCKER_DATA}/sonarr_config:/config"
+      - "${DOWNLOAD_DIR}:/downloads"
+    labels:
+      - traefik.http.routers.sonarr.rule=Host(`sonarr.jafner.net`)
+      - traefik.http.routers.sonarr.tls.certresolver=lets-encrypt
+      - traefik.http.services.sonarr.loadbalancer.server.port=8989
+      - traefik.http.routers.sonarr.middlewares=lan-only@file
+  
+  nzbhydra2:
+    image: linuxserver/nzbhydra2
+    container_name: nzbhydra2
+    networks:
+      - web
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/Los_Angeles
+    volumes:
+      - "${DOCKER_DATA}/nzbhydra2_config:/config"
+      - "${DOWNLOAD_DIR}:/downloads"
+    labels:
+      - traefik.http.routers.nzbhydra2.rule=Host(`nzbhydra.jafner.net`)
+      - traefik.http.routers.nzbhydra2.tls.certresolver=lets-encrypt
+      - traefik.http.services.nzbhydra2.loadbalancer.server.port=5076
+      - traefik.http.routers.nzbhydra2.middlewares=lan-only@file
+  
+  sabnzbd:
+    image: linuxserver/sabnzbd
+    container_name: sabnzbd
+    networks:
+      - web
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/Los_Angeles
+    ports:
+      - 8085:8080
+    volumes:
+      - "${DOCKER_DATA}/sabnzbd_config:/config"
+      - "${DOWNLOAD_DIR}:/downloads"
+      - "${INCOMPLETE_DOWNLOAD_DIR}:/incomplete-downloads"
+    labels:
+      - traefik.http.routers.sabnzbd.rule=Host(`sabnzbd.jafner.net`)
+      - traefik.http.routers.sabnzbd.tls.certresolver=lets-encrypt
+      - traefik.http.services.sabnzbd.loadbalancer.server.port=8080
+      - traefik.http.routers.sabnzbd.middlewares=lan-only@file
+          
+networks:
+  web:
+    external: true
+

server/config/ass/.env

@@ -0,0 +1,2 @@
+DOCKER_DATA=/home/joey/docker_data/ass
+

server/config/ass/auth.json

@@ -0,0 +1,12 @@
+{
+    "users": {
+        "cc5e88283c0d43d8a929c8c02e748f5a": {
+            "username": "ass",
+            "count": 9
+        },
+        "23780fc6458d4774bea2ff5c027f0889": {
+            "username": "ace",
+            "count": 0
+        }
+    }
+}

server/config/ass/config.json

@@ -0,0 +1,28 @@
+{
+    "host": "0.0.0.0",
+    "port": 40115,
+    "domain": "share.jafner.net",
+    "maxUploadSize": 1024,
+    "isProxied": true,
+    "useSsl": true,
+    "resourceIdSize": 12,
+    "resourceIdType": "random",
+    "spaceReplace": "_",
+    "gfyIdSize": 2,
+    "mediaStrict": false,
+    "viewDirect": false,
+    "dataEngine": "@tycrek/papito",
+    "frontendName": "ass-x",
+    "indexFile": "",
+    "useSia": false,
+    "s3enabled": false,
+    "s3endpoint": "sfo3.digitaloceanspaces.com",
+    "s3bucket": "bucket-name",
+    "s3usePathStyle": false,
+    "s3accessKey": "accessKey",
+    "s3secretKey": "secretKey",
+    "__WARNING__": "The following configs are no longer used and are here for backwards compatibility. For optimal use, DO NOT edit them.",
+    "diskFilePath": "uploads/",
+    "saveWithDate": true,
+    "saveAsOriginal": false
+}

server/config/ass/data.json

@@ -0,0 +1,218 @@
+{
+    "XJ7RxSB3H6sL": {
+        "encoding": "7bit",
+        "mimetype": "image/png",
+        "ext": ".png",
+        "originalname": "Test.png",
+        "path": "uploads/2022-01/f8f0d045205bf5dd7cc9abdaf6ec4b2cfdd66e31",
+        "randomId": "IYf0QwXvJ5VnlxfH3rZIx7897DAh3JjV",
+        "deleteId": "UotPU14x96CQTgPFBSfNpMx5zbhUwWbf",
+        "is": {
+            "image": true,
+            "video": false,
+            "audio": false,
+            "other": false
+        },
+        "thumbnail": "IYf0QwXvJ5VnlxfH3rZIx7897DAh3JjV.thumbnail.jpg",
+        "vibrant": "#04af24",
+        "sha1": "f8f0d045205bf5dd7cc9abdaf6ec4b2cfdd66e31",
+        "size": 27422,
+        "domain": "https://share.jafner.net",
+        "timestamp": 1641830424260,
+        "timeoffset": "UTC+0",
+        "token": "cc5e88283c0d43d8a929c8c02e748f5a",
+        "opengraph": {}
+    },
+    "CVySsKV97iWW": {
+        "encoding": "7bit",
+        "mimetype": "image/png",
+        "ext": ".png",
+        "originalname": "firefox_uqCMkJWqLh.png",
+        "path": "uploads/2022-01/09560e7135f99b35824851b7333e02986c92d594",
+        "randomId": "G41NiAjfpdQWOjyTZ4DTjXO5WJOerGNj",
+        "deleteId": "jRstfk0SZHjaBSaQz9IIaj3scsXJQsyo",
+        "is": {
+            "image": true,
+            "video": false,
+            "audio": false,
+            "other": false
+        },
+        "thumbnail": "G41NiAjfpdQWOjyTZ4DTjXO5WJOerGNj.thumbnail.jpg",
+        "vibrant": "#fa7c14",
+        "sha1": "09560e7135f99b35824851b7333e02986c92d594",
+        "size": 61175,
+        "domain": "https://share.jafner.net",
+        "timestamp": 1641830572175,
+        "timeoffset": "UTC+0",
+        "token": "cc5e88283c0d43d8a929c8c02e748f5a",
+        "opengraph": {}
+    },
+    "fmv0ZHwr7l2A": {
+        "encoding": "7bit",
+        "mimetype": "application/x-msdownload",
+        "ext": ".exe",
+        "originalname": "ShareX-13.7.0-setup.exe",
+        "path": "uploads/2022-01/d98e48f0e1c0c48b0b2526488d6775d1459d434e",
+        "randomId": "zAwZRT1XeC0hHWN0JwSgSRN6xfIkUH3E",
+        "deleteId": "ndarm2QTwB6s0QRCNBe5wiDUCUrMAtoQ",
+        "is": {
+            "image": false,
+            "video": false,
+            "audio": false,
+            "other": true
+        },
+        "thumbnail": "views/ass-file-icon.png",
+        "vibrant": "#554C7F",
+        "sha1": "d98e48f0e1c0c48b0b2526488d6775d1459d434e",
+        "size": 7417058,
+        "domain": "https://share.jafner.net",
+        "timestamp": 1641830644900,
+        "timeoffset": "UTC+0",
+        "token": "cc5e88283c0d43d8a929c8c02e748f5a",
+        "opengraph": {}
+    },
+    "WuYvCcRNXp95": {
+        "encoding": "7bit",
+        "mimetype": "application/pdf",
+        "ext": ".pdf",
+        "originalname": "The_Wild_Beyond_the_Witchlight.pdf",
+        "path": "uploads/2022-01/1b6e61d5744b7277d3f274ed94d2f1ba89c184d9",
+        "randomId": "EntmccCR8Fut6qOgxNtCdUgLV0zbJNWq",
+        "deleteId": "zClYdX5SL17uFHlmdVUDzbp0bT0UTN0h",
+        "is": {
+            "image": false,
+            "video": false,
+            "audio": false,
+            "other": true
+        },
+        "thumbnail": "views/ass-file-icon.png",
+        "vibrant": "#F7FA5D",
+        "sha1": "1b6e61d5744b7277d3f274ed94d2f1ba89c184d9",
+        "size": 198505536,
+        "domain": "https://share.jafner.net",
+        "timestamp": 1641830949070,
+        "timeoffset": "UTC+0",
+        "token": "cc5e88283c0d43d8a929c8c02e748f5a",
+        "opengraph": {}
+    },
+    "ewfc7CfA8bbK": {
+        "encoding": "7bit",
+        "mimetype": "video/x-matroska",
+        "ext": ".mkv",
+        "originalname": "Replay_2022-01-10_08-35-21.mkv",
+        "path": "uploads/2022-01/a00a5a865f80a6334b0d300b3e52af2d2d640cde",
+        "randomId": "SfrVVLblBa84SXBuOKZDXym5q6ExbJNG",
+        "deleteId": "NGZLnA2MH8EVx8MzaGPGWr4VvlLphZ8I",
+        "is": {
+            "image": false,
+            "video": true,
+            "audio": false,
+            "other": false
+        },
+        "thumbnail": "SfrVVLblBa84SXBuOKZDXym5q6ExbJNG.thumbnail.jpg",
+        "vibrant": "#07BEDA",
+        "sha1": "a00a5a865f80a6334b0d300b3e52af2d2d640cde",
+        "size": 222311197,
+        "domain": "https://share.jafner.net",
+        "timestamp": 1641832599727,
+        "timeoffset": "UTC+0",
+        "token": "cc5e88283c0d43d8a929c8c02e748f5a",
+        "opengraph": {}
+    },
+    "DRpeI0FZ8O7z": {
+        "encoding": "7bit",
+        "mimetype": "application/vnd.ms-pki.stl",
+        "ext": ".stl",
+        "originalname": "Kazin.stl",
+        "path": "uploads/2022-01/7bed4ce372c794cd6beb3286ad7a082400fbc933",
+        "randomId": "yXSUnUW2nRKnPYhaMTnXB6em2wm5Puld",
+        "deleteId": "Mj83HWVGRz440GADyUZRXfC1HA8IIywa",
+        "is": {
+            "image": false,
+            "video": false,
+            "audio": false,
+            "other": true
+        },
+        "thumbnail": "views/ass-file-icon.png",
+        "vibrant": "#BF8B70",
+        "sha1": "7bed4ce372c794cd6beb3286ad7a082400fbc933",
+        "size": 45095484,
+        "domain": "https://share.jafner.net",
+        "timestamp": 1642796578264,
+        "timeoffset": "UTC+0",
+        "token": "cc5e88283c0d43d8a929c8c02e748f5a",
+        "opengraph": {}
+    },
+    "ax8ohlADSGbc": {
+        "encoding": "7bit",
+        "mimetype": "image/jpeg",
+        "ext": ".jpg",
+        "originalname": "Overwatch_6WdLlLXVje.jpg",
+        "path": "uploads/2022-01/60b8e3543abf0cf944bb9ab1cd739378cc874e07",
+        "randomId": "U74vZU95KS3KWKGnJ2P6rjPmAzCchxAQ",
+        "deleteId": "203s9JNZ3XwP2LR2fE2axkNM2Amb5hTD",
+        "is": {
+            "image": true,
+            "video": false,
+            "audio": false,
+            "other": false
+        },
+        "thumbnail": "U74vZU95KS3KWKGnJ2P6rjPmAzCchxAQ.thumbnail.jpg",
+        "vibrant": "#543141",
+        "sha1": "60b8e3543abf0cf944bb9ab1cd739378cc874e07",
+        "size": 436632,
+        "domain": "https://share.jafner.net",
+        "timestamp": 1642976189467,
+        "timeoffset": "UTC+0",
+        "token": "cc5e88283c0d43d8a929c8c02e748f5a",
+        "opengraph": {}
+    },
+    "dHJcDIgr8UfN": {
+        "encoding": "7bit",
+        "mimetype": "image/jpeg",
+        "ext": ".jpg",
+        "originalname": "Overwatch_HdTgc7eO0D.jpg",
+        "path": "uploads/2022-01/5bc0fc847ef06628d9a5e52d617c8b0d47283a75",
+        "randomId": "JxehS26C39uYk9ClZyXziqgcAHzcM0qx",
+        "deleteId": "58L1XPjSiJ3EkXND1lGzA67hZqKo9x30",
+        "is": {
+            "image": true,
+            "video": false,
+            "audio": false,
+            "other": false
+        },
+        "thumbnail": "JxehS26C39uYk9ClZyXziqgcAHzcM0qx.thumbnail.jpg",
+        "vibrant": "#57323c",
+        "sha1": "5bc0fc847ef06628d9a5e52d617c8b0d47283a75",
+        "size": 480224,
+        "domain": "https://share.jafner.net",
+        "timestamp": 1642976236765,
+        "timeoffset": "UTC+0",
+        "token": "cc5e88283c0d43d8a929c8c02e748f5a",
+        "opengraph": {}
+    },
+    "oeVcp8G0Tbw4": {
+        "encoding": "7bit",
+        "mimetype": "image/jpeg",
+        "ext": ".jpg",
+        "originalname": "firefox_BzcecQhJSM.jpg",
+        "path": "uploads/2022-01/b510275fc5a468373e5fd87617caef8b3820043e",
+        "randomId": "jhn7DQS2ZhDyt4j7IfMPQzQklht3iZhK",
+        "deleteId": "mZNtmvi8nYlzfi5gobNbplQDk2erfHtk",
+        "is": {
+            "image": true,
+            "video": false,
+            "audio": false,
+            "other": false
+        },
+        "thumbnail": "jhn7DQS2ZhDyt4j7IfMPQzQklht3iZhK.thumbnail.jpg",
+        "vibrant": "#2c3444",
+        "sha1": "b510275fc5a468373e5fd87617caef8b3820043e",
+        "size": 704904,
+        "domain": "https://share.jafner.net",
+        "timestamp": 1643042244380,
+        "timeoffset": "UTC+0",
+        "token": "cc5e88283c0d43d8a929c8c02e748f5a",
+        "opengraph": {}
+    }
+}

server/config/ass/docker-compose.yml

@@ -0,0 +1,38 @@
+version: "3.6"
+services:
+  ass:
+    build: ./ass
+    command: npm start
+    container_name: ass
+    restart: unless-stopped
+    networks:
+      - web
+    ports:
+      - "40115:40115"
+    volumes:
+      - ${DOCKER_DATA}/uploads:/opt/ass/uploads
+      - ${DOCKER_DATA}/share:/opt/ass/share
+      - type: bind
+        source: ./config.json
+        target: /opt/ass/config.json
+      - type: bind
+        source: ./auth.json
+        target: /opt/ass/auth.json
+      - type: bind
+        source: ./data.json
+        target: /opt/ass/data.json
+    tmpfs: /tmp # temp files such as uploads are stored here
+    working_dir: /opt/ass
+    tty: true
+    environment:
+      - NODE_ENV=production # for production
+      - ASS_ENV=docker # docker, local, production (not widely used yet)
+      - LOG_LEVEL=debug # debug, info, warn, error
+      - FORCE_COLOR=3 # force color output
+    labels:
+      - traefik.http.routers.ass.rule=Host(`share.jafner.net`)
+      - traefik.http.routers.ass.tls.certresolver=lets-encrypt
+
+networks:
+  web:
+    external: true

server/config/authentik/.env

@@ -0,0 +1,25 @@
+DOCKER_DATA=/home/joey/docker_data/authentik
+
+PG_PASS=jTB6Se9YYvSy6NXMYLh7PyCvDauW9V6wkhmFQTMS
+AUTHENTIK_SECRET_KEY=HXWqo5Cd3ezSKB8oPxM6sccXoADwqWTJJBPfmn7M
+
+AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
+AUTHENTIK_TAG=gh-next
+AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-next
+
+
+############## EMAIL STUFF #################
+# SMTP Host Emails are sent to
+AUTHENTIK_EMAIL__HOST=localhost
+AUTHENTIK_EMAIL__PORT=25
+# Optionally authenticate (don't add quotation marks to you password)
+AUTHENTIK_EMAIL__USERNAME=
+AUTHENTIK_EMAIL__PASSWORD=
+# Use StartTLS
+AUTHENTIK_EMAIL__USE_TLS=false
+# Use SSL
+AUTHENTIK_EMAIL__USE_SSL=false
+AUTHENTIK_EMAIL__TIMEOUT=10
+# Email address authentik will send from, should have a correct @domain
+AUTHENTIK_EMAIL__FROM=authentik@localhost
+

server/config/authentik/docker-compose.yml

@@ -0,0 +1,88 @@
+version: '3.2'
+
+services:
+  postgresql:
+    image: postgres:12-alpine
+    restart: unless-stopped
+    networks:
+      - authentik
+    volumes:
+      - database:/var/lib/postgresql/data
+    environment:
+      - POSTGRES_PASSWORD=${PG_PASS}
+      - POSTGRES_USER=${PG_USER:-authentik}
+      - POSTGRES_DB=${PG_DB:-authentik}
+    env_file:
+      - .env
+
+  redis:
+    image: redis:alpine
+    networks:
+      - authentik
+    restart: unless-stopped
+
+  server:
+    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.1.3}
+    networks:
+      authentik:
+      web:
+        aliases:
+          - authentik-server
+    #ports: 
+    #  - 9000:9000
+    restart: unless-stopped
+    command: server
+    environment:
+      AUTHENTIK_HOST: http://authentik-server:9000
+      AUTHENTIK_HOST_BROWSER: https://authentik.jafner.net
+      AUTHENTIK_REDIS__HOST: redis
+      AUTHENTIK_POSTGRESQL__HOST: postgresql
+      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
+      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
+      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
+    volumes:
+      - ${DOCKER_DATA}/media:/media
+      - ${DOCKER_DATA}/custom-templates:/templates
+    env_file:
+      - .env
+    labels:
+      traefik.http.routers.authentik.priority: 1
+      traefik.http.routers.authentik.rule: Host(`authentik.jafner.net`)
+      traefik.http.routers.authentik.tls.certresolver: lets-encrypt
+      traefik.http.services.authentik.loadbalancer.server.port: 9000
+      traefik.http.middlewares.authentik.forwardauth.address: http://ak-outpost-forward-auth:9000/akprox/auth/traefik
+      traefik.http.middlewares.authentik.forwardauth.trustForwardHeader: true
+      traefik.http.middlewares.authentik.forwardauth.authResponseHeaders: X-authentik-username,X-authentik-groups,X-authentik-email,X-authentik-name,X-authentik-uid,X-authentik-jwt,X-authentik-meta-jwks,X-authentik-meta-outpost,X-authentik-meta-provider,X-authentik-meta-app,X-authentik-meta-version
+
+  worker:
+    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.1.3}
+    restart: unless-stopped
+    networks:
+      - authentik
+    command: worker
+    environment:
+      AUTHENTIK_REDIS__HOST: redis
+      AUTHENTIK_POSTGRESQL__HOST: postgresql
+      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
+      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
+      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
+    user: root
+    volumes:
+      - ${DOCKER_DATA}/backups:/backups
+      - ${DOCKER_DATA}/media:/media
+      - ${DOCKER_DATA}/certs:/certs
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ${DOCKER_DATA}/custom-templates:/templates
+    env_file:
+      - .env
+    labels:
+      traefik.enable: false
+
+volumes:
+  database:
+    driver: local
+
+networks:
+  authentik:
+  web:
+    external: true

server/config/calibre-web/.env

@@ -0,0 +1 @@
+LIBRARY_DIR=/mnt/nas/Ebooks/Calibre

server/config/calibre-web/docker-compose.yml

@@ -0,0 +1,78 @@
+version: '3'
+services:
+  calibre-web-rpg:
+    image: linuxserver/calibre-web
+    container_name: calibre-web-rpg
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/Los_Angeles
+    volumes:
+      - calibre-web-rpg_data:/config
+      - /mnt/calibre/rpg:/books
+    labels:
+      - traefik.http.routers.calibre-rpg.rule=Host(`calibre-rpg.jafner.net`)
+      - traefik.http.routers.calibre-rpg.tls.certresolver=lets-encrypt
+      #- traefik.http.routers.calibre-rpg.middlewares=authentik@docker
+    networks:
+      - web
+
+  calibre-web-sff:
+    image: linuxserver/calibre-web
+    container_name: calibre-web-sff
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/Los_Angeles
+    volumes:
+      - calibre-web-sff_data:/config
+      - /mnt/calibre/sff:/books
+    labels:
+      - traefik.http.routers.calibre-sff.rule=Host(`calibre-sff.jafner.net`)
+      - traefik.http.routers.calibre-sff.tls.certresolver=lets-encrypt
+      #- traefik.http.routers.calibre-sff.middlewares=authentik@docker
+    networks:
+      - web
+
+  calibre-web-ace:
+    image: linuxserver/calibre-web
+    container_name: calibre-web-ace
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/Los_Angeles
+    volumes:
+      - calibre-web-ace_data:/config
+      - /mnt/md0/calibre/ace:/books
+    labels:
+      - traefik.http.routers.calibre-ace.rule=Host(`calibre-ace.jafner.net`)
+      - traefik.http.routers.calibre-ace.tls.certresolver=lets-encrypt
+      #- traefik.http.routers.calibre-ace.middlewares=authentik@docker
+    networks:
+      - web
+
+  calibre-web-dev:
+    image: linuxserver/calibre-web
+    container_name: calibre-web-dev
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/Los_Angeles
+    volumes:
+      - calibre-web-dev_data:/config
+      - /mnt/md0/calibre/dev:/books
+    labels:
+      - traefik.http.routers.calibre-dev.rule=Host(`calibre-dev.jafner.net`)
+      - traefik.http.routers.calibre-dev.tls.certresolver=lets-encrypt
+      - traefik.http.routers.calibre-dev.middlewares=authentik@docker
+    networks:
+      - web
+
+networks:
+  web:
+    external: true
+volumes:
+  calibre-web-rpg_data:
+  calibre-web-sff_data:
+  calibre-web-ace_data:
+  calibre-web-dev_data:

server/config/cloudflare-ddns/docker-compose.yml

@@ -0,0 +1,12 @@
+version: "3"
+services:
+  cloudflare-ddns:
+    image: oznu/cloudflare-ddns
+    container_name: cloudflare-ddns
+    restart: unless-stopped
+    environment:
+      - API_KEY=6wjPH5DND2dFjWIuNTq_TVL-VJS9czp5Wlq3_4ju
+      - ZONE=jafner.net
+      - SUBDOMAIN=*
+    labels:
+      - traefik.enable=false

server/config/drawio/.env

@@ -0,0 +1 @@
+DRAWIO_BASE_URL=https://draw.jafner.net

server/config/drawio/docker-compose.yml

@@ -0,0 +1,74 @@
+version: '3'
+services:
+  plantuml-server:
+    image: jgraph/plantuml-server
+    container_name: drawio_plantuml-server
+    restart: unless-stopped
+    expose:
+      - "8080"
+    networks:
+      - drawionet
+    volumes:
+      - fonts_volume:/usr/share/fonts/drawio
+  image-export:
+    image: jgraph/export-server
+    container_name: drawio_export-server
+    restart: unless-stopped
+    expose:
+      - "8000"
+    networks:
+      - drawionet
+    volumes:
+      - fonts_volume:/usr/share/fonts/drawio
+    environment:
+      - DRAWIO_SERVER_URL=${DRAWIO_BASE_URL}
+  drawio:
+    image: jgraph/drawio
+    container_name: drawio_drawio
+    links:
+      - plantuml-server:plantuml-server
+      - image-export:image-export
+    depends_on:
+      - plantuml-server
+      - image-export
+    networks:
+      - drawionet
+      - web
+    environment:
+      - DRAWIO_SELF_CONTAINED=1
+      - PLANTUML_URL=http://plantuml-server:8080/
+      - EXPORT_URL=http://image-export:8000/
+      - DRAWIO_BASE_URL=${DRAWIO_BASE_URL}
+      - DRAWIO_CSP_HEADER=${DRAWIO_CSP_HEADER}
+      - DRAWIO_VIEWER_URL=${DRAWIO_VIEWER_URL}
+      - DRAWIO_CONFIG=${DRAWIO_CONFIG}
+      - DRAWIO_GOOGLE_CLIENT_ID=${DRAWIO_GOOGLE_CLIENT_ID}
+      - DRAWIO_GOOGLE_APP_ID=${DRAWIO_GOOGLE_APP_ID}
+      - DRAWIO_GOOGLE_CLIENT_SECRET=${DRAWIO_GOOGLE_CLIENT_SECRET}
+      - DRAWIO_GOOGLE_VIEWER_CLIENT_ID=${DRAWIO_GOOGLE_VIEWER_CLIENT_ID}
+      - DRAWIO_GOOGLE_VIEWER_APP_ID=${DRAWIO_GOOGLE_VIEWER_APP_ID}
+      - DRAWIO_GOOGLE_VIEWER_CLIENT_SECRET=${DRAWIO_GOOGLE_VIEWER_CLIENT_SECRET}
+      - DRAWIO_MSGRAPH_CLIENT_ID=${DRAWIO_MSGRAPH_CLIENT_ID}
+      - DRAWIO_MSGRAPH_CLIENT_SECRET=${DRAWIO_MSGRAPH_CLIENT_SECRET}
+      - DRAWIO_GITLAB_ID=${DRAWIO_GITLAB_ID}
+      - DRAWIO_GITLAB_URL=${DRAWIO_GITLAB_URL}
+      - DRAWIO_CLOUD_CONVERT_APIKEY=${DRAWIO_CLOUD_CONVERT_APIKEY}
+      - DRAWIO_CACHE_DOMAIN=${DRAWIO_CACHE_DOMAIN}
+      - DRAWIO_MEMCACHED_ENDPOINT=${DRAWIO_MEMCACHED_ENDPOINT}
+      - DRAWIO_PUSHER_MODE=2
+      - DRAWIO_IOT_ENDPOINT=${DRAWIO_IOT_ENDPOINT}
+      - DRAWIO_IOT_CERT_PEM=${DRAWIO_IOT_CERT_PEM}
+      - DRAWIO_IOT_PRIVATE_KEY=${DRAWIO_IOT_PRIVATE_KEY}
+      - DRAWIO_IOT_ROOT_CA=${DRAWIO_IOT_ROOT_CA}
+      - DRAWIO_MXPUSHER_ENDPOINT=${DRAWIO_MXPUSHER_ENDPOINT}
+    labels:
+      - traefik.http.routers.drawio.rule=Host(`draw.jafner.net`)
+      - traefik.http.routers.drawio.tls.certresolver=lets-encrypt
+
+networks:
+  drawionet:
+  web:
+    external: true
+
+volumes:
+  fonts_volume:

server/config/exatorrent/.env

@@ -0,0 +1,2 @@
+DOCKER_DATA=/home/joey/docker_data/exatorrent
+TORRENT_DATA=/mnt/torrenting/PUB

server/config/exatorrent/docker-compose.yml

@@ -0,0 +1,25 @@
+version: '3.2'
+services:
+  exatorrent:
+    build: ./exatorrent # cloned from git@github.com:Jafner/exatorrent.git
+    #image: ghcr.io/varbhat/exatorrent:latest
+    container_name: exatorrent
+    ports:
+      - 5000:5000
+      - 42069:42069
+    volumes:
+      - ${TORRENT_DATA}/torrents:/exa/exadir/torrents
+      - ${DOCKER_DATA}/data:/exa/exadir/data
+      - ${DOCKER_DATA}/config:/exa/exadir/config
+      - ${DOCKER_DATA}/cache:/exa/exadir/cache
+    networks:
+      - web
+    labels:
+      - traefik.http.routers.exatorrent.rule=Host(`exa.jafner.net`)
+      - traefik.http.routers.exatorrent.tls.certresolver=lets-encrypt
+      - traefik.http.routers.exatorrent.middlewares=lan-only@file
+      - traefik.http.services.exatorrent.loadbalancer.server.port=5000
+
+networks:
+  web:
+    external: true

server/config/exatorrent/exatorrent

@@ -0,0 +1 @@
+Subproject commit ce40b049a6d2deaad0ef0f1725bb481ef43d7bf6

server/config/git_update.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+cd /home/joey/docker_config/
+git add --all
+git commit -am "$(date)"
+git push

server/config/gitea/.env

@@ -0,0 +1 @@
+DOCKER_DATA=/home/joey/docker_data/gitea

server/config/gitea/app.ini

@@ -0,0 +1,2 @@
+START_SSH_SERVER=true
+SSH_PORT=2228

server/config/gitea/docker-compose.yml

@@ -0,0 +1,27 @@
+version: "3"
+
+networks:
+  web:
+    external: true
+
+services:
+  server:
+    image: gitea/gitea:1.15.10
+    container_name: gitea
+    environment:
+      - USER_UID=9988
+      - USER_GID=9988
+    restart: always
+    networks:
+      - web
+    volumes:
+      - ${DOCKER_DATA}:/data
+      - ./app.ini:/data/gitea/app.ini
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - "2228:22"
+    labels:
+      - traefik.http.routers.gitea.rule=Host(`gitea.jafner.net`)
+      - traefik.http.routers.gitea.tls.certresolver=lets-encrypt
+      - traefik.http.services.gitea.loadbalancer.server.port=3000

server/config/gitlab/.env

@@ -0,0 +1,2 @@
+DOCKER_DATA=/home/joey/docker_data/gitlab
+DOCKER_CONFIG=/home/joey/docker_config/gitlab

server/config/gitlab/docker-compose.yml

@@ -0,0 +1,34 @@
+version: '3.3'
+services:
+  gitlab:
+    image: 'gitlab/gitlab-ee:latest'
+    container_name: gitlab
+    restart: unless-stopped
+    hostname: 'gitlab.jafner.net'
+    networks:
+      - web
+    environment:
+      GITLAB_OMNIBUS_CONFIG: |
+        external_url 'https://gitlab.jafner.net'
+        gitlab_rails['gitlab_shell_ssh_port'] = 2229
+        nginx['listen_https'] = false
+        nginx['listen_port'] = 80
+        # Add any other gitlab.rb configuration here, each on its own line
+    ports:
+      #- '80:80'
+      #- '443:443'
+      - '2229:22'
+    volumes:
+      - '${DOCKER_CONFIG}/config:/etc/gitlab'
+      - '${DOCKER_DATA}/logs:/var/log/gitlab'
+      - '${DOCKER_DATA}/data:/var/opt/gitlab'
+    shm_size: '256m'
+    labels:
+      - traefik.http.routers.gitlab.rule=Host(`gitlab.jafner.net`)
+      - traefik.http.routers.gitlab.tls.certresolver=lets-encrypt
+      - traefik.http.routers.gitlab.middlewares=lan-only@file
+      - traefik.http.services.gitlab.loadbalancer.server.port=80
+
+networks:
+  web:
+    external: true

server/config/grafana-stack/.env

@@ -0,0 +1,2 @@
+DOCKER_DATA=/home/joey/docker_data/grafana-stack
+MINECRAFT_DIR=/home/joey/docker_data/minecraft

server/config/grafana-stack/.forgetps.json

@@ -0,0 +1 @@
+[]

server/config/grafana-stack/docker-compose.yml

@@ -0,0 +1,65 @@
+version: '3'
+services:
+  influxdb:
+    image: influxdb:2.0
+    container_name: influxdb
+    restart: unless-stopped
+    networks:
+      - monitoring
+    ports:
+      - 8086:8086
+      - 8089:8089/udp
+    volumes:
+      - ./influxdb.conf:/etc/influxdb/influxdb.conf:ro
+      - "${DOCKER_DATA}/influxdb:/var/lib/influxdb"
+    environment:
+      - TZ=America/Los_Angeles
+      - DOCKER_INFLUXDB_INIT_MODE=setup
+      - DOCKER_INFLUXDB_INIT_USERNAME=jafner
+      - DOCKER_INFLUXDB_INIT_PASSWORD=CX3UuhnNeTWy7GaD7MNsykWww76uJNuN
+      - "DOCKER_INFLUXDB_INIT_ORG=Jafner Industries"
+      - DOCKER_INFLUXDB_INIT_BUCKET=Bucket
+      - DOCKER_INFLUXDB_INIT_ADMIN_TOKEN=35YMePC79Zz2ovM35xFtTi7odFMSrZsf
+
+  telegraf:
+    image: telegraf:latest
+    container_name: telegraf
+    restart: unless-stopped
+    depends_on:
+      - influxdb
+    networks:
+      - monitoring
+    volumes:
+      - ./telegraf.conf:/etc/telegraf/telegraf.conf:ro
+      - ./scripts/.forgetps.json:/.forgetps.json:ro
+      - /sys:/rootfs/sys:ro
+      - /proc:/rootfs/proc:ro
+      - /etc:/rootfs/etc:ro
+
+  grafana:
+    image: mbarmem/grafana-render:latest
+    container_name: grafana
+    restart: unless-stopped
+    depends_on:
+      - influxdb
+      - telegraf
+    networks:
+      - monitoring
+      - web
+    user: "0"
+    volumes:  
+      - ${DOCKER_DATA}/grafana:/var/lib/grafana
+      - ./grafana.ini:/etc/grafana/grafana.ini
+    environment:
+      - GF_INSTALL_PLUGINS=grafana-clock-panel,grafana-simple-json-datasource,grafana-worldmap-panel,grafana-piechart-panel
+    labels:
+      - traefik.http.routers.grafana.rule=Host(`grafana.jafner.net`)
+      - traefik.http.routers.grafana.tls.certresolver=lets-encrypt
+      #- traefik.http.routers.grafana.middlewares=authelia@file
+
+networks:
+  monitoring:
+    external: true
+  web:
+    external: true
+

server/config/grafana-stack/grafana.ini

@@ -0,0 +1,622 @@
+##################### Grafana Configuration Example #####################
+#
+# Everything has defaults so you only need to uncomment things you want to
+# change
+
+# possible values : production, development
+;app_mode = production
+
+# instance name, defaults to HOSTNAME environment variable value or hostname if HOSTNAME var is empty
+;instance_name = ${HOSTNAME}
+
+#################################### Paths ####################################
+[paths]
+# Path to where grafana can store temp files, sessions, and the sqlite3 db (if that is used)
+;data = /var/lib/grafana
+
+# Temporary files in `data` directory older than given duration will be removed
+;temp_data_lifetime = 24h
+
+# Directory where grafana can store logs
+;logs = /var/log/grafana
+
+# Directory where grafana will automatically scan and look for plugins
+;plugins = /var/lib/grafana/plugins
+
+# folder that contains provisioning config files that grafana will apply on startup and while running.
+;provisioning = conf/provisioning
+
+#################################### Server ####################################
+[server]
+# Protocol (http, https, h2, socket)
+;protocol = http
+
+# The ip address to bind to, empty will bind to all interfaces
+;http_addr =
+
+# The http port  to use
+;http_port = 3000
+
+# The public facing domain name used to access grafana from a browser
+;domain = localhost
+
+# Redirect to correct domain if host header does not match domain
+# Prevents DNS rebinding attacks
+;enforce_domain = false
+
+# The full public facing url you use in browser, used for redirects and emails
+# If you use reverse proxy and sub path specify full url (with sub path)
+;root_url = http://localhost:3000
+
+# Serve Grafana from subpath specified in `root_url` setting. By default it is set to `false` for compatibility reasons.
+;serve_from_sub_path = false
+
+# Log web requests
+;router_logging = false
+
+# the path relative working path
+;static_root_path = public
+
+# enable gzip
+;enable_gzip = false
+
+# https certs & key file
+;cert_file =
+;cert_key =
+
+# Unix socket path
+;socket =
+
+#################################### Database ####################################
+[database]
+# You can configure the database connection by specifying type, host, name, user and password
+# as separate properties or as on string using the url properties.
+
+# Either "mysql", "postgres" or "sqlite3", it's your choice
+;type = sqlite3
+;host = 127.0.0.1:3306
+;name = grafana
+;user = root
+# If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
+;password =
+
+# Use either URL or the previous fields to configure the database
+# Example: mysql://user:secret@host:port/database
+;url =
+
+# For "postgres" only, either "disable", "require" or "verify-full"
+;ssl_mode = disable
+
+# For "sqlite3" only, path relative to data_path setting
+;path = grafana.db
+
+# Max idle conn setting default is 2
+;max_idle_conn = 2
+
+# Max conn setting default is 0 (mean not set)
+;max_open_conn =
+
+# Connection Max Lifetime default is 14400 (means 14400 seconds or 4 hours)
+;conn_max_lifetime = 14400
+
+# Set to true to log the sql calls and execution times.
+;log_queries =
+
+# For "sqlite3" only. cache mode setting used for connecting to the database. (private, shared)
+;cache_mode = private
+
+#################################### Cache server #############################
+[remote_cache]
+# Either "redis", "memcached" or "database" default is "database"
+;type = database
+
+# cache connectionstring options
+# database: will use Grafana primary database.
+# redis: config like redis server e.g. `addr=127.0.0.1:6379,pool_size=100,db=0,ssl=false`. Only addr is required. ssl may be 'true', 'false', or 'insecure'.
+# memcache: 127.0.0.1:11211
+;connstr =
+
+#################################### Data proxy ###########################
+[dataproxy]
+
+# This enables data proxy logging, default is false
+;logging = false
+
+# How long the data proxy should wait before timing out default is 30 (seconds)
+;timeout = 30
+
+# If enabled and user is not anonymous, data proxy will add X-Grafana-User header with username into the request, default is false.
+;send_user_header = false
+
+#################################### Analytics ####################################
+[analytics]
+# Server reporting, sends usage counters to stats.grafana.org every 24 hours.
+# No ip addresses are being tracked, only simple counters to track
+# running instances, dashboard and error counts. It is very helpful to us.
+# Change this option to false to disable reporting.
+;reporting_enabled = true
+
+# Set to false to disable all checks to https://grafana.net
+# for new vesions (grafana itself and plugins), check is used
+# in some UI views to notify that grafana or plugin update exists
+# This option does not cause any auto updates, nor send any information
+# only a GET request to http://grafana.com to get latest versions
+;check_for_updates = true
+
+# Google Analytics universal tracking code, only enabled if you specify an id here
+;google_analytics_ua_id =
+
+# Google Tag Manager ID, only enabled if you specify an id here
+;google_tag_manager_id =
+
+#################################### Security ####################################
+[security]
+# default admin user, created on startup
+;admin_user = admin
+admin_user = jafner
+
+# default admin password, can be changed before first start of grafana,  or in profile settings
+;admin_password = admin
+admin_password = joeyyeoj
+
+# used for signing
+;secret_key = SW2YcwTIb9zpOOhoPsMm
+
+# disable gravatar profile images
+;disable_gravatar = false
+
+# data source proxy whitelist (ip_or_domain:port separated by spaces)
+;data_source_proxy_whitelist =
+
+# disable protection against brute force login attempts
+;disable_brute_force_login_protection = false
+
+# set to true if you host Grafana behind HTTPS. default is false.
+;cookie_secure = false
+
+# set cookie SameSite attribute. defaults to `lax`. can be set to "lax", "strict" and "none"
+;cookie_samesite = lax
+
+# set to true if you want to allow browsers to render Grafana in a <frame>, <iframe>, <embed> or <object>. default is false.
+;allow_embedding = false
+
+# Set to true if you want to enable http strict transport security (HSTS) response header.
+# This is only sent when HTTPS is enabled in this configuration.
+# HSTS tells browsers that the site should only be accessed using HTTPS.
+# The default version will change to true in the next minor release, 6.3.
+;strict_transport_security = false
+
+# Sets how long a browser should cache HSTS. Only applied if strict_transport_security is enabled.
+;strict_transport_security_max_age_seconds = 86400
+
+# Set to true if to enable HSTS preloading option. Only applied if strict_transport_security is enabled.
+;strict_transport_security_preload = false
+
+# Set to true if to enable the HSTS includeSubDomains option. Only applied if strict_transport_security is enabled.
+;strict_transport_security_subdomains = false
+
+# Set to true to enable the X-Content-Type-Options response header.
+# The X-Content-Type-Options response HTTP header is a marker used by the server to indicate that the MIME types advertised
+# in the Content-Type headers should not be changed and be followed. The default will change to true in the next minor release, 6.3.
+;x_content_type_options = false
+
+# Set to true to enable the X-XSS-Protection header, which tells browsers to stop pages from loading
+# when they detect reflected cross-site scripting (XSS) attacks. The default will change to true in the next minor release, 6.3.
+;x_xss_protection = false
+
+#################################### Snapshots ###########################
+[snapshots]
+# snapshot sharing options
+;external_enabled = true
+;external_snapshot_url = https://snapshots-origin.raintank.io
+;external_snapshot_name = Publish to snapshot.raintank.io
+
+# Set to true to enable this Grafana instance act as an external snapshot server and allow unauthenticated requests for
+# creating and deleting snapshots.
+;public_mode = false
+
+# remove expired snapshot
+;snapshot_remove_expired = true
+
+#################################### Dashboards History ##################
+[dashboards]
+# Number dashboard versions to keep (per dashboard). Default: 20, Minimum: 1
+;versions_to_keep = 20
+
+#################################### Users ###############################
+[users]
+# disable user signup / registration
+;allow_sign_up = true
+
+# Allow non admin users to create organizations
+;allow_org_create = true
+
+# Set to true to automatically assign new users to the default organization (id 1)
+;auto_assign_org = true
+
+# Default role new users will be automatically assigned (if disabled above is set to true)
+;auto_assign_org_role = Viewer
+
+# Background text for the user field on the login page
+;login_hint = email or username
+;password_hint = password
+
+# Default UI theme ("dark" or "light")
+;default_theme = dark
+
+# External user management, these options affect the organization users view
+;external_manage_link_url =
+;external_manage_link_name =
+;external_manage_info =
+
+# Viewers can edit/inspect dashboard settings in the browser. But not save the dashboard.
+;viewers_can_edit = false
+
+# Editors can administrate dashboard, folders and teams they create
+;editors_can_admin = false
+
+[auth]
+# Login cookie name
+;login_cookie_name = grafana_session
+
+# The lifetime (days) an authenticated user can be inactive before being required to login at next visit. Default is 7 days,
+;login_maximum_inactive_lifetime_days = 7
+login_maximum_inactive_lifetime_days = 999
+
+# The maximum lifetime (days) an authenticated user can be logged in since login time before being required to login. Default is 30 days.
+;login_maximum_lifetime_days = 30
+login_maximum_lifetime_days = 999
+
+# How often should auth tokens be rotated for authenticated users when being active. The default is each 10 minutes.
+;token_rotation_interval_minutes = 10
+
+# Set to true to disable (hide) the login form, useful if you use OAuth, defaults to false
+;disable_login_form = false
+
+# Set to true to disable the signout link in the side menu. useful if you use auth.proxy, defaults to false
+;disable_signout_menu = false
+
+# URL to redirect the user to after sign out
+;signout_redirect_url =
+
+# Set to true to attempt login with OAuth automatically, skipping the login screen.
+# This setting is ignored if multiple OAuth providers are configured.
+;oauth_auto_login = false
+
+#################################### Anonymous Auth ######################
+[auth.anonymous]
+# enable anonymous access
+;enabled = false
+enabled = true
+
+# specify organization name that should be used for unauthenticated users
+;org_name = Main Org.
+
+# specify role for unauthenticated users
+;org_role = Viewer
+
+#################################### Github Auth ##########################
+[auth.github]
+;enabled = false
+;allow_sign_up = true
+;client_id = some_id
+;client_secret = some_secret
+;scopes = user:email,read:org
+;auth_url = https://github.com/login/oauth/authorize
+;token_url = https://github.com/login/oauth/access_token
+;api_url = https://api.github.com/user
+;team_ids =
+;allowed_organizations =
+
+#################################### Google Auth ##########################
+[auth.google]
+;enabled = false
+;allow_sign_up = true
+;client_id = some_client_id
+;client_secret = some_client_secret
+;scopes = https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email
+;auth_url = https://accounts.google.com/o/oauth2/auth
+;token_url = https://accounts.google.com/o/oauth2/token
+;api_url = https://www.googleapis.com/oauth2/v1/userinfo
+;allowed_domains =
+
+#################################### Generic OAuth ##########################
+[auth.generic_oauth]
+;enabled = false
+;name = OAuth
+;allow_sign_up = true
+;client_id = some_id
+;client_secret = some_secret
+;scopes = user:email,read:org
+;email_attribute_name = email:primary
+;email_attribute_path =
+;auth_url = https://foo.bar/login/oauth/authorize
+;token_url = https://foo.bar/login/oauth/access_token
+;api_url = https://foo.bar/user
+;team_ids =
+;allowed_organizations =
+;tls_skip_verify_insecure = false
+;tls_client_cert =
+;tls_client_key =
+;tls_client_ca =
+
+; Set to true to enable sending client_id and client_secret via POST body instead of Basic authentication HTTP header
+; This might be required if the OAuth provider is not RFC6749 compliant, only supporting credentials passed via POST payload
+;send_client_credentials_via_post = false
+
+#################################### SAML Auth ###########################
+[auth.saml] # Enterprise only
+# Defaults to false. If true, the feature is enabled.
+;enabled = false
+
+# Base64-encoded public X.509 certificate. Used to sign requests to the IdP
+;certificate =
+
+# Path to the public X.509 certificate. Used to sign requests to the IdP
+;certificate_path =
+
+# Base64-encoded private key. Used to decrypt assertions from the IdP
+;private_key =
+
+;# Path to the private key. Used to decrypt assertions from the IdP
+;private_key_path =
+
+# Base64-encoded IdP SAML metadata XML. Used to verify and obtain binding locations from the IdP
+;idp_metadata =
+
+# Path to the SAML metadata XML. Used to verify and obtain binding locations from the IdP
+;idp_metadata_path =
+
+# URL to fetch SAML IdP metadata. Used to verify and obtain binding locations from the IdP
+;idp_metadata_url =
+
+# Duration, since the IdP issued a response and the SP is allowed to process it. Defaults to 90 seconds.
+;max_issue_delay = 90s
+
+# Duration, for how long the SP's metadata should be valid. Defaults to 48 hours.
+;metadata_valid_duration = 48h
+
+# Friendly name or name of the attribute within the SAML assertion to use as the user's name
+;assertion_attribute_name = displayName
+
+# Friendly name or name of the attribute within the SAML assertion to use as the user's login handle
+;assertion_attribute_login = mail
+
+# Friendly name or name of the attribute within the SAML assertion to use as the user's email
+;assertion_attribute_email = mail
+
+#################################### Grafana.com Auth ####################
+[auth.grafana_com]
+;enabled = false
+;allow_sign_up = true
+;client_id = some_id
+;client_secret = some_secret
+;scopes = user:email
+;allowed_organizations =
+
+#################################### Auth Proxy ##########################
+[auth.proxy]
+;enabled = false
+;header_name = X-WEBAUTH-USER
+;header_property = username
+;auto_sign_up = true
+;ldap_sync_ttl = 60
+;whitelist = 192.168.1.1, 192.168.2.1
+;headers = Email:X-User-Email, Name:X-User-Name
+
+#################################### Basic Auth ##########################
+[auth.basic]
+;enabled = true
+
+#################################### Auth LDAP ##########################
+[auth.ldap]
+;enabled = false
+;config_file = /etc/grafana/ldap.toml
+;allow_sign_up = true
+
+# LDAP backround sync (Enterprise only)
+# At 1 am every day
+;sync_cron = "0 0 1 * * *"
+;active_sync_enabled = true
+
+#################################### SMTP / Emailing ##########################
+[smtp]
+# enabled = true
+# host = 
+# user = 
+# If the password contains # or ; you have to wrap it with trippel quotes. Ex """#password;"""
+# password = 
+;cert_file =
+;key_file =
+# skip_verify = true
+# from_address = 
+# from_name = 
+# EHLO identity in SMTP dialog (defaults to instance_name)
+;ehlo_identity = dashboard.example.com
+
+[emails]
+;welcome_email_on_sign_up = false
+
+#################################### Logging ##########################
+[log]
+# Either "console", "file", "syslog". Default is console and  file
+# Use space to separate multiple modes, e.g. "console file"
+;mode = console file
+
+# Either "debug", "info", "warn", "error", "critical", default is "info"
+;level = info
+
+# optional settings to set different levels for specific loggers. Ex filters = sqlstore:debug
+;filters =
+
+# For "console" mode only
+[log.console]
+;level =
+
+# log line format, valid options are text, console and json
+;format = console
+
+# For "file" mode only
+[log.file]
+;level =
+
+# log line format, valid options are text, console and json
+;format = text
+
+# This enables automated log rotate(switch of following options), default is true
+;log_rotate = true
+
+# Max line number of single file, default is 1000000
+;max_lines = 1000000
+
+# Max size shift of single file, default is 28 means 1 << 28, 256MB
+;max_size_shift = 28
+
+# Segment log daily, default is true
+;daily_rotate = true
+
+# Expired days of log file(delete after max days), default is 7
+;max_days = 7
+
+[log.syslog]
+;level =
+
+# log line format, valid options are text, console and json
+;format = text
+
+# Syslog network type and address. This can be udp, tcp, or unix. If left blank, the default unix endpoints will be used.
+;network =
+;address =
+
+# Syslog facility. user, daemon and local0 through local7 are valid.
+;facility =
+
+# Syslog tag. By default, the process' argv[0] is used.
+;tag =
+
+#################################### Alerting ############################
+[alerting]
+# Disable alerting engine & UI features
+;enabled = true
+# Makes it possible to turn off alert rule execution but alerting UI is visible
+;execute_alerts = true
+
+# Default setting for new alert rules. Defaults to categorize error and timeouts as alerting. (alerting, keep_state)
+;error_or_timeout = alerting
+
+# Default setting for how Grafana handles nodata or null values in alerting. (alerting, no_data, keep_state, ok)
+;nodata_or_nullvalues = no_data
+
+# Alert notifications can include images, but rendering many images at the same time can overload the server
+# This limit will protect the server from render overloading and make sure notifications are sent out quickly
+;concurrent_render_limit = 5
+
+
+# Default setting for alert calculation timeout. Default value is 30
+;evaluation_timeout_seconds = 30
+
+# Default setting for alert notification timeout. Default value is 30
+;notification_timeout_seconds = 30
+
+# Default setting for max attempts to sending alert notifications. Default value is 3
+;max_attempts = 3
+
+#################################### Explore #############################
+[explore]
+# Enable the Explore section
+;enabled = true
+
+#################################### Internal Grafana Metrics ##########################
+# Metrics available at HTTP API Url /metrics
+[metrics]
+# Disable / Enable internal metrics
+;enabled           = true
+# Disable total stats (stat_totals_*) metrics to be generated
+;disable_total_stats = false
+
+# Publish interval
+;interval_seconds  = 10
+
+# Send internal metrics to Graphite
+[metrics.graphite]
+# Enable by setting the address setting (ex localhost:2003)
+;address =
+;prefix = prod.grafana.%(instance_name)s.
+
+#################################### Distributed tracing ############
+[tracing.jaeger]
+# Enable by setting the address sending traces to jaeger (ex localhost:6831)
+;address = localhost:6831
+# Tag that will always be included in when creating new spans. ex (tag1:value1,tag2:value2)
+;always_included_tag = tag1:value1
+# Type specifies the type of the sampler: const, probabilistic, rateLimiting, or remote
+;sampler_type = const
+# jaeger samplerconfig param
+# for "const" sampler, 0 or 1 for always false/true respectively
+# for "probabilistic" sampler, a probability between 0 and 1
+# for "rateLimiting" sampler, the number of spans per second
+# for "remote" sampler, param is the same as for "probabilistic"
+# and indicates the initial sampling rate before the actual one
+# is received from the mothership
+;sampler_param = 1
+# Whether or not to use Zipkin propagation (x-b3- HTTP headers).
+;zipkin_propagation = false
+# Setting this to true disables shared RPC spans.
+# Not disabling is the most common setting when using Zipkin elsewhere in your infrastructure.
+;disable_shared_zipkin_spans = false
+
+#################################### Grafana.com integration  ##########################
+# Url used to import dashboards directly from Grafana.com
+[grafana_com]
+;url = https://grafana.com
+
+#################################### External image storage ##########################
+[external_image_storage]
+# Used for uploading images to public servers so they can be included in slack/email messages.
+# you can choose between (s3, webdav, gcs, azure_blob, local)
+;provider =
+
+[external_image_storage.s3]
+;bucket =
+;region =
+;path =
+;access_key =
+;secret_key =
+
+[external_image_storage.webdav]
+;url =
+;public_url =
+;username =
+;password =
+
+[external_image_storage.gcs]
+;key_file =
+;bucket =
+;path =
+
+[external_image_storage.azure_blob]
+;account_name =
+;account_key =
+;container_name =
+
+[external_image_storage.local]
+# does not require any configuration
+
+[rendering]
+# Options to configure a remote HTTP image rendering service, e.g. using https://github.com/grafana/grafana-image-renderer.
+# URL to a remote HTTP image renderer service, e.g. http://localhost:8081/render, will enable Grafana to render panels and dashboards to PNG-images using HTTP requests to an external service.
+;server_url =
+# If the remote HTTP image renderer service runs on a different server than the Grafana server you may have to configure this to a URL where Grafana is reachable, e.g. http://grafana.domain/.
+;callback_url =
+
+[enterprise]
+# Path to a valid Grafana Enterprise license.jwt file
+;license_path =
+
+[panels]
+# If set to true Grafana will allow script tags in text panels. Not recommended as it enable XSS vulnerabilities.
+;disable_sanitize_html = false
+
+[plugins]
+;enable_alpha = false
+;app_tls_skip_verify_insecure = false

server/config/grafana-stack/influxdb.conf

@@ -0,0 +1,305 @@
+### Welcome to the InfluxDB configuration file.
+
+# Once every 24 hours InfluxDB will report usage data to usage.influxdata.com
+# The data includes a random ID, os, arch, version, the number of series and other
+# usage data. No data from user databases is ever transmitted.
+# Change this option to true to disable reporting.
+reporting-disabled = false
+
+# we'll try to get the hostname automatically, but if it the os returns something
+# that isn't resolvable by other servers in the cluster, use this option to
+# manually set the hostname
+# hostname = "localhost"
+
+###
+### [meta]
+###
+### Controls the parameters for the Raft consensus group that stores metadata
+### about the InfluxDB cluster.
+###
+
+[meta]
+  # Where the metadata/raft database is stored
+  dir = "/var/lib/influxdb/meta"
+
+  retention-autocreate = true
+
+  # If log messages are printed for the meta service
+  logging-enabled = true
+  pprof-enabled = false
+
+  # The default duration for leases.
+  lease-duration = "1m0s"
+
+###
+### [data]
+###
+### Controls where the actual shard data for InfluxDB lives and how it is
+### flushed from the WAL. "dir" may need to be changed to a suitable place
+### for your system, but the WAL settings are an advanced configuration. The
+### defaults should work for most systems.
+###
+
+[data]
+  # Controls if this node holds time series data shards in the cluster
+  enabled = true
+
+  dir = "/var/lib/influxdb/data"
+
+  # These are the WAL settings for the storage engine >= 0.9.3
+  wal-dir = "/var/lib/influxdb/wal"
+  wal-logging-enabled = true
+
+  # Trace logging provides more verbose output around the tsm engine. Turning
+  # this on can provide more useful output for debugging tsm engine issues.
+  # trace-logging-enabled = false
+
+  # Whether queries should be logged before execution. Very useful for troubleshooting, but will
+  # log any sensitive data contained within a query.
+  # query-log-enabled = true
+
+  # Settings for the TSM engine
+
+  # CacheMaxMemorySize is the maximum size a shard's cache can
+  # reach before it starts rejecting writes.
+  # cache-max-memory-size = 524288000
+
+  # CacheSnapshotMemorySize is the size at which the engine will
+  # snapshot the cache and write it to a TSM file, freeing up memory
+  # cache-snapshot-memory-size = 26214400
+
+  # CacheSnapshotWriteColdDuration is the length of time at
+  # which the engine will snapshot the cache and write it to
+  # a new TSM file if the shard hasn't received writes or deletes
+  # cache-snapshot-write-cold-duration = "1h"
+
+  # MinCompactionFileCount is the minimum number of TSM files
+  # that need to exist before a compaction cycle will run
+  # compact-min-file-count = 3
+
+  # CompactFullWriteColdDuration is the duration at which the engine
+  # will compact all TSM files in a shard if it hasn't received a
+  # write or delete
+  # compact-full-write-cold-duration = "24h"
+
+  # MaxPointsPerBlock is the maximum number of points in an encoded
+  # block in a TSM file. Larger numbers may yield better compression
+  # but could incur a performance penalty when querying
+  # max-points-per-block = 1000
+
+###
+### [coordinator]
+###
+### Controls the clustering service configuration.
+###
+
+[coordinator]
+  write-timeout = "10s"
+  max-concurrent-queries = 0
+  query-timeout = "0"
+  log-queries-after = "0"
+  max-select-point = 0
+  max-select-series = 0
+  max-select-buckets = 0
+
+###
+### [retention]
+###
+### Controls the enforcement of retention policies for evicting old data.
+###
+
+[retention]
+  enabled = true
+  check-interval = "30m"
+
+###
+### [shard-precreation]
+###
+### Controls the precreation of shards, so they are available before data arrives.
+### Only shards that, after creation, will have both a start- and end-time in the
+### future, will ever be created. Shards are never precreated that would be wholly
+### or partially in the past.
+
+[shard-precreation]
+  enabled = true
+  check-interval = "10m"
+  advance-period = "30m"
+
+###
+### Controls the system self-monitoring, statistics and diagnostics.
+###
+### The internal database for monitoring data is created automatically if
+### if it does not already exist. The target retention within this database
+### is called 'monitor' and is also created with a retention period of 7 days
+### and a replication factor of 1, if it does not exist. In all cases the
+### this retention policy is configured as the default for the database.
+
+[monitor]
+  store-enabled = true # Whether to record statistics internally.
+  store-database = "_internal" # The destination database for recorded statistics
+  store-interval = "10s" # The interval at which to record statistics
+
+###
+### [admin]
+###
+### Controls the availability of the built-in, web-based admin interface. If HTTPS is
+### enabled for the admin interface, HTTPS must also be enabled on the [http] service.
+###
+
+[admin]
+  enabled = true
+  bind-address = ":8083"
+  https-enabled = false
+  https-certificate = "/etc/ssl/influxdb.pem"
+
+###
+### [http]
+###
+### Controls how the HTTP endpoints are configured. These are the primary
+### mechanism for getting data into and out of InfluxDB.
+###
+
+[http]
+  enabled = true
+  bind-address = ":8086"
+  auth-enabled = false
+  log-enabled = true
+  write-tracing = false
+  pprof-enabled = false
+  https-enabled = false
+  https-certificate = "/etc/ssl/influxdb.pem"
+  ### Use a separate private key location.
+  # https-private-key = ""
+  max-row-limit = 10000
+  realm = "InfluxDB"
+
+###
+### [subsciber]
+###
+### Controls the subscriptions, which can be used to fork a copy of all data
+### received by the InfluxDB host.
+###
+
+[subsciber]
+  enabled = true
+  http-timeout = "30s"
+
+
+###
+### [[graphite]]
+###
+### Controls one or many listeners for Graphite data.
+###
+
+[[graphite]]
+  enabled = false
+  # database = "graphite"
+  # bind-address = ":2003"
+  # protocol = "tcp"
+  # consistency-level = "one"
+
+  # These next lines control how batching works. You should have this enabled
+  # otherwise you could get dropped metrics or poor performance. Batching
+  # will buffer points in memory if you have many coming in.
+
+  # batch-size = 5000 # will flush if this many points get buffered
+  # batch-pending = 10 # number of batches that may be pending in memory
+  # batch-timeout = "1s" # will flush at least this often even if we haven't hit buffer limit
+  # udp-read-buffer = 0 # UDP Read buffer size, 0 means OS default. UDP listener will fail if set above OS max.
+
+  ### This string joins multiple matching 'measurement' values providing more control over the final measurement name.
+  # separator = "."
+
+  ### Default tags that will be added to all metrics.  These can be overridden at the template level
+  ### or by tags extracted from metric
+  # tags = ["region=us-east", "zone=1c"]
+
+  ### Each template line requires a template pattern.  It can have an optional
+  ### filter before the template and separated by spaces.  It can also have optional extra
+  ### tags following the template.  Multiple tags should be separated by commas and no spaces
+  ### similar to the line protocol format.  There can be only one default template.
+  # templates = [
+  #   "*.app env.service.resource.measurement",
+  #   # Default template
+  #   "server.*",
+  # ]
+
+###
+### [collectd]
+###
+### Controls one or many listeners for collectd data.
+###
+
+[[collectd]]
+  enabled = false
+  # bind-address = ""
+  # database = ""
+  # typesdb = ""
+
+  # These next lines control how batching works. You should have this enabled
+  # otherwise you could get dropped metrics or poor performance. Batching
+  # will buffer points in memory if you have many coming in.
+
+  # batch-size = 1000 # will flush if this many points get buffered
+  # batch-pending = 5 # number of batches that may be pending in memory
+  # batch-timeout = "1s" # will flush at least this often even if we haven't hit buffer limit
+  # read-buffer = 0 # UDP Read buffer size, 0 means OS default. UDP listener will fail if set above OS max.
+
+###
+### [opentsdb]
+###
+### Controls one or many listeners for OpenTSDB data.
+###
+
+[[opentsdb]]
+  enabled = false
+  # bind-address = ":4242"
+  # database = "opentsdb"
+  # retention-policy = ""
+  # consistency-level = "one"
+  # tls-enabled = false
+  # certificate= ""
+  # log-point-errors = true # Log an error for every malformed point.
+
+  # These next lines control how batching works. You should have this enabled
+  # otherwise you could get dropped metrics or poor performance. Only points
+  # metrics received over the telnet protocol undergo batching.
+
+  # batch-size = 1000 # will flush if this many points get buffered
+  # batch-pending = 5 # number of batches that may be pending in memory
+  # batch-timeout = "1s" # will flush at least this often even if we haven't hit buffer limit
+
+###
+### [[udp]]
+###
+### Controls the listeners for InfluxDB line protocol data via UDP.
+###
+
+[[udp]]
+  enabled = true
+  bind-address = "0.0.0.0:8089"
+  database = "host"
+  # retention-policy = ""
+
+  # These next lines control how batching works. You should have this enabled
+  # otherwise you could get dropped metrics or poor performance. Batching
+  # will buffer points in memory if you have many coming in.
+
+  batch-size = 1000 # will flush if this many points get buffered
+  # batch-pending = 5 # number of batches that may be pending in memory
+  batch-timeout = "1s" # will flush at least this often even if we haven't hit buffer limit
+  # read-buffer = 0 # UDP Read buffer size, 0 means OS default. UDP listener will fail if set above OS max.
+
+  # set the expected UDP payload size; lower values tend to yield better performance, default is max UDP size 65536
+  # udp-payload-size = 65536
+
+###
+### [continuous_queries]
+###
+### Controls how continuous queries are run within InfluxDB.
+###
+
+[continuous_queries]
+  log-enabled = true
+  enabled = true
+  # run-interval = "1s" # interval for how often continuous queries will be checked if they need to run

server/config/grafana-stack/scripts/.forgetps.json

@@ -0,0 +1 @@
+[{"dim":"minecraft:overworld","tpt":0.000,"tps":20.000},{"dim":"minecraft:the_nether","tpt":0.000,"tps":20.000},{"dim":"minecraft:the_end","tpt":0.000,"tps":20.000},{"dim":"rftoolsdim:coaldim","tpt":0.000,"tps":20.000},{"dim":"compactmachines:compact_world","tpt":0.000,"tps":20.000},{"dim":"rats:ratlantis","tpt":0.000,"tps":20.000},{"dim":"rftoolsdim:dim1","tpt":0.000,"tps":20.000},{"dim":"rftoolsdim:fluoritedim","tpt":0.000,"tps":20.000},{"dim":"rftoolsdim:dim2","tpt":0.000,"tps":20.000},{"dim":"rftoolsdim:dim3","tpt":0.000,"tps":20.000},{"dim":"rftoolsdim:dim4","tpt":0.000,"tps":20.000},{"dim":"rftoolsdim:uraniumtendrils","tpt":0.000,"tps":20.000},{"dim":"rftoolsdim:dim5","tpt":0.000,"tps":20.000},{"dim":"rftoolsdim:dim6","tpt":0.000,"tps":20.000},{"dim":"atum:atum","tpt":0.000,"tps":20.000},{"dim":"rftoolsdim:uraniumdim","tpt":0.000,"tps":20.000},{"dim":"mythicbotany:alfheim","tpt":0.000,"tps":20.000},{"dim":"undergarden:undergarden","tpt":0.000,"tps":20.000},{"dim":"Overall","tpt":0.000,"tps":20.000}]

server/config/grafana-stack/scripts/diskstatus.sh

@@ -0,0 +1,19 @@
+#!/usr/bin/env sh
+
+SMARTCTL=/usr/local/sbin/smartctl
+
+DISKS=$(/sbin/sysctl -n kern.disks | cut -d= -f2)
+
+for DISK in ${DISKS}
+do
+  TEMP=$(${SMARTCTL} -l scttemp /dev/${DISK} | grep '^Current Temperature:' | awk '{print $3}')
+  HEALTH=$(${SMARTCTL} -H /dev/${DISK} | grep 'test result:' | cut -d: -f2 | sed 's/^[ \t]*//')
+  if [ -z != ${TEMP} ] && [ -z != ${HEALTH} ]
+  then
+    JSON=$(echo ${JSON}{\"disk\":\"${DISK}\",\"health\":\"${HEALTH}\",\"temperature\":${TEMP}},)
+  fi
+done
+
+JSON=$(echo ${JSON} | sed 's/,$//')
+
+echo [${JSON}] >&1

server/config/grafana-stack/scripts/forgepc.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+docker exec e6 rcon-cli forge entity list "minecraft:player" >&1

server/config/grafana-stack/scripts/forgetps-to-json.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+# this script converts the output of the "forge tps" command (in the form of the .forgetps file) into json for sending to influxdb
+# by default it reads from stdin and outputs to a .forgetps.json file
+while IFS= read -r line; do
+  if [ "$line" != "" ]; then
+    DIM=$(echo -n "$line" | awk '{print $2}')
+    if [ "$DIM" = "Mean" ]; then
+      DIM="Overall"
+    fi
+    TPT=$(echo "$line" | grep -oE 'Mean tick time: .+ms' | awk '{print $4}')
+    TPS=$(echo "$line" | grep -oE 'Mean TPS: .+' | awk '{print $3}')
+    JSON+=\{$(echo \"dim\":\"$DIM\",\"tpt\":$TPT,\"tps\":$TPS)\}, 
+  fi
+#done < .forgetps # inputs from .forgetps file
+done <$1 # inputs from file passed via stdin
+JSON=$(echo ${JSON} | sed 's/,$//')
+
+#echo [${JSON}] >&1 # outputs to stdout
+echo [${JSON}] > .forgetps.json # uncomment this to output to file

server/config/grafana-stack/telegraf.conf

@@ -0,0 +1,32 @@
+[global_tags]
+[agent]
+  interval = "10s"
+  round_interval = true
+  metric_batch_size = 1000
+  metric_buffer_limit = 10000
+  collection_jitter = "0s"
+  flush_interval = "10s"
+  flush_jitter = "0s"
+  precision = ""
+  hostname = ""
+  omit_hostname = false
+[[outputs.influxdb_v2]]
+  urls = ["http://influxdb:8086"]
+  organization = "Jafner Industries"
+  bucket = "Bucket"
+  token = "35YMePC79Zz2ovM35xFtTi7odFMSrZsf"
+[[inputs.cpu]]
+  percpu = true
+  totalcpu = true
+  collect_cpu_time = false
+  report_active = false
+[[inputs.disk]]
+  ignore_fs = ["tmpfs", "devtmpfs", "devfs", "iso9660", "overlay", "aufs", "squashfs"]
+[[inputs.mem]]
+[[inputs.system]]
+[[inputs.sensors]]
+[[inputs.file]]
+  files = ["/.forgetps.json"]
+  data_format = "json"
+  name_override = "tickinfo"
+  tag_keys = ["dim"]  

server/config/homer/.env

@@ -0,0 +1 @@
+DOCKER_DATA=/home/joey/docker_config/homer/assets

server/config/homer/assets/additionnal-page.yml.dist

@@ -0,0 +1,35 @@
+---
+# Additionnal page configuration
+
+# Additionnal configurations are loaded using its file name, minus the extension, as an anchor (https://<mydashboad>#<config>). 
+# `config.yml` is still used as a base configuration, and all values here will overwrite it, so you don't have to re-defined everything
+
+
+subtitle: "this is another dashboard page"
+
+# This overwrites message config. Setting it to empty to remove message from this page and keep it only in the main one:
+message: ~
+
+# as we want to include a differente link here (so we can get back to home page), we need to replicate all links or they will be revome when overwriting the links field:
+links:
+  - name: "Home"
+    icon: "fas fa-home"
+    url: "#"
+  - name: "Contribute"
+    icon: "fab fa-github"
+    url: "https://github.com/bastienwirtz/homer"
+    target: "_blank" # optional html a tag target attribute
+  - name: "Wiki"
+    icon: "fas fa-book"
+    url: "https://www.wikipedia.org/"
+
+services:
+  - name: "More applications on another page!"
+    icon: "fas fa-cloud"
+    items:
+      - name: "Awesome app on a second page!"
+        logo: "assets/tools/sample.png"
+        subtitle: "Bookmark example"
+        tag: "app"
+        url: "https://www.reddit.com/r/selfhosted/"
+        target: "_blank"

server/config/homer/assets/config.yml

@@ -0,0 +1,209 @@
+---
+
+title: "Homer"
+subtitle: "Dashboard"
+
+header: false
+footer: false
+
+columns: auto
+connectivityCheck: true
+
+# Optional theme customization
+theme: default
+colors:
+  light:
+    highlight-primary: "#3367d6"
+    highlight-secondary: "#4285f4"
+    highlight-hover: "#5a95f5"
+    background: "#f5f5f5"
+    card-background: "#ffffff"
+    text: "#363636"
+    text-header: "#ffffff"
+    text-title: "#303030"
+    text-subtitle: "#424242"
+    card-shadow: rgba(0, 0, 0, 0.1)
+    link: "#3273dc"
+    link-hover: "#363636"
+  dark:
+    highlight-primary: "#3367d6"
+    highlight-secondary: "#4285f4"
+    highlight-hover: "#5a95f5"
+    background: "#131313"
+    card-background: "#2b2b2b"
+    text: "#eaeaea"
+    text-header: "#ffffff"
+    text-title: "#fafafa"
+    text-subtitle: "#f5f5f5"
+    card-shadow: rgba(0, 0, 0, 0.4)
+    link: "#3273dc"
+    link-hover: "#ffdd57"
+
+# Services
+# First level array represent a group.
+# Leave only a "items" key if not using group (group name, icon & tagstyle are optional, section separation will not be displayed).
+services:
+  - name: "Jafner.tools"
+    icon: "fas fa-cloud"
+    items:
+      - name: "5eTools"
+        logo: assets/icons/5et-192.png
+        subtitle: "D&D 5e Complete Reference"
+        url: "https://5e.jafner.tools"
+      - name: "Joplin"
+        logo: assets/icons/joplin-512.png
+        subtitle: "Sync server for the Joplin notes app"
+        url: "https://joplin.jafner.tools"
+      - name: "Bitwarden"
+        logo: assets/icons/bitwarden-512.png
+        subtitle: "Sync server for the Bitwarden password manager"
+        url: "https://bitwarden.jafner.tools"
+      - name: "Uptime Kuma"
+        logo: assets/icons/uptimekuma-512.png
+        subtitle: "Web monitoring dashboard"
+        url: "https://uptime.jafner.tools/dashboard"
+
+  - name: "Jafner.chat"
+    icon: "fas fa-cloud"
+    items:
+      - name: "Element"
+        logo: assets/icons/element-512.webp
+        subtitle: "Web-based Matrix client for the jafner.chat homeserver"
+        url: "https://element.jafner.chat"
+      - name: "Synapse Admin"
+        subtitle: "Web admin portal for the Synapse homeserver"
+        url: "https://matrix.jafner.chat/synapse-admin"
+
+  - name: "Jafner.pi1"
+    icon: "fas fa-server"
+    items:
+      - name: "Pihole Admin"
+        logo: assets/icons/pihole-1200.png
+        subtitle: "Ad-blocking DNS server"
+        url: "http://jafner.pi1/admin"
+    
+  - name: "Jafner.nas"
+    icon: "fas fa-hdd"
+    items:
+      - name: "TrueNAS Admin"
+        logo: assets/icons/truenas-280.png
+        subtitle: "BSD-based ZFS NAS appliance OS"
+        url: "http://nas.jafner.net"
+
+  - name: "Jafner.seedbox"
+    icon: "fas fa-server"
+    items:
+      - name: "GGN"
+        logo: assets/icons/deluge-1200.png
+        subtitle: "Deluge Torrent Web UI for GGN"
+        url: "http://jafner.seedbox:52000/"
+      - name: "MAM"
+        logo: assets/icons/deluge-1200.png
+        subtitle: "Deluge Torrent Web UI for MAM"
+        url: "http://jafner.seedbox:52100/"
+      - name: "EMP"
+        logo: assets/icons/deluge-1200.png
+        subtitle: "Deluge Torrent Web UI for EMP"
+        url: "http://jafner.seedbox:52200/"
+
+  - name: "Jafner.net"
+    icon: "fas fa-server"
+    items:
+      - name: "Traefik"
+        logo: assets/icons/traefik-400.png
+        subtitle: "Reverse proxy dashboard"
+        url: "https://traefik.jafner.net"
+      - name: "Authentik"
+        logo: assets/icons/authentik-200.png
+        subtitle: "Fully-featured, self-hosted SSO"
+        url: "https://authentik.jafner.net"
+
+      - name: "Portainer"
+        logo: assets/icons/portainer-200.webp
+        subtitle: "Docker management web interface"
+        url: "https://portainer.jafner.net"
+
+      - name: "Gitea"
+        logo: assets/icons/gitea-880.png
+        subtitle: "Lightweight Git server"
+        url: "https://git.jafner.net"
+
+      - name: "Prometheus"
+        logo: assets/icons/prometheus-1200.png
+        subtitle: "Integrated data visualization interface for collected metrics"
+        url: "https://prometheus.jafner.net"
+      - name: "Grafana"
+        logo: assets/icons/grafana-1200.png
+        subtitle: "Metrics visualization tool"
+        url: "https://grafana.jafner.net"
+      
+      - name: "ShareX"
+        logo: assets/icons/sharex-256.png
+        subtitle: "ShareX upload endpoint"
+        url: "https://share.jafner.net"
+
+      - name: "Plex"
+        logo: assets/icons/plex-580.png
+        subtitle: "TV show and movie server"
+        url: "https://plex.jafner.net"
+      - name: "Ombi"
+        logo: assets/icons/ombi-256.png
+        subtitle: "Web interface for wishlisting movies and shows to be added to Plex"
+        url: "https://ombi.jafner.net"
+      - name: "Tautulli"
+        logo: assets/icons/tautulli-350.png
+        subtitle: "Data collector for Plex"
+        url: "https://tautulli.jafner.net"
+      - name: "NZBHydra"
+        logo: assets/icons/nzbhydra-256.png
+        subtitle: "NZB index search provider"
+        url: "https://nzbhydra.jafner.net"
+      - name: "SABNzbd"
+        logo: assets/icons/sabnzbd-256.png
+        subtitle: "NZB download client"
+        url: "https://sabnzbd.jafner.net"
+      - name: "Radarr"
+        logo: assets/icons/radarr-256.png
+        subtitle: "Movie collection manager"
+        url: "https://radarr.jafner.net"
+      - name: "Sonarr"
+        logo: assets/icons/sonarr-256.png
+        subtitle: "TV show collection manager"
+        url: "https://sonarr.jafner.net"
+      - name: "Tdarr"
+        logo: assets/icons/tdarr.png
+        subtitle: "Transcode management system for media library"
+        url: "https://tdarr.jafner.net"
+
+      - name: "Peertube"
+        logo: assets/icons/peertube-1534.png
+        subtitle: "Video hosting platform"
+        url: "https://peertube.jafner.net"
+
+      - name: "NVGM"
+        logo: assets/icons/wordpress-1200.png
+        subtitle: "Blog-style repository for D&D 5e musings"
+        url: "https://nvgm.jafner.net"
+
+      - name: "Calibre SFF"
+        logo: assets/icons/calibre-1024.png
+        subtitle: "Calibre-web instance serving a large collection of sci-fi and fantasy books"
+        url: "https://calibre-sff.jafner.net"
+      - name: "Calibre RPG"
+        logo: assets/icons/calibre-1024.png
+        subtitle: "Calibre-web instance serving a collection of Dungeons & Dragons books"
+        url: "https://calibre-rpg.jafner.net"
+      - name: "Calibre Ace"
+        logo: assets/icons/calibre-1024.png
+        subtitle: "Calibre-web instance serving a collection of whatever Ace wants to put on it"
+        url: "https://calibre-ace.jafner.net"
+      
+      - name: "ExaTorrent"
+        icon: fas fa-sort
+        subtitle: "Lightweight torrent client written in GO"
+        url: "https://exa.jafner.net"
+
+      - name: "Homer"
+        logo: assets/icons/homer-458.png
+        subtitle: "This."
+        url: "https://home.jafner.net"

server/config/homer/assets/config.yml.dist

@@ -0,0 +1,84 @@
+---
+# Homepage configuration
+# See https://fontawesome.com/icons for icons options
+
+title: "Demo dashboard"
+subtitle: "Homer"
+logo: "logo.png"
+# icon: "fas fa-skull-crossbones" # Optional icon
+
+header: true
+footer: '<p>Created with <span class="has-text-danger">❤️</span> with <a href="https://bulma.io/">bulma</a>, <a href="https://vuejs.org/">vuejs</a> & <a href="https://fontawesome.com/">font awesome</a> // Fork me on <a href="https://github.com/bastienwirtz/homer"><i class="fab fa-github-alt"></i></a></p>' # set false if you want to hide it.
+
+# Optional theme customization
+theme: default
+colors:
+  light:
+    highlight-primary: "#3367d6"
+    highlight-secondary: "#4285f4"
+    highlight-hover: "#5a95f5"
+    background: "#f5f5f5"
+    card-background: "#ffffff"
+    text: "#363636"
+    text-header: "#ffffff"
+    text-title: "#303030"
+    text-subtitle: "#424242"
+    card-shadow: rgba(0, 0, 0, 0.1)
+    link: "#3273dc"
+    link-hover: "#363636"
+  dark:
+    highlight-primary: "#3367d6"
+    highlight-secondary: "#4285f4"
+    highlight-hover: "#5a95f5"
+    background: "#131313"
+    card-background: "#2b2b2b"
+    text: "#eaeaea"
+    text-header: "#ffffff"
+    text-title: "#fafafa"
+    text-subtitle: "#f5f5f5"
+    card-shadow: rgba(0, 0, 0, 0.4)
+    link: "#3273dc"
+    link-hover: "#ffdd57"
+
+# Optional message
+message:
+  #url: https://b4bz.io
+  style: "is-dark" # See https://bulma.io/documentation/components/message/#colors for styling options.
+  title: "Demo !"
+  icon: "fa fa-grin"
+  content: "This is a dummy homepage demo. <br /> Find more information on <a href='https://github.com/bastienwirtz/homer'>github.com/bastienwirtz/homer</a>"
+
+# Optional navbar
+# links: [] # Allows for navbar (dark mode, layout, and search) without any links
+links:
+  - name: "Contribute"
+    icon: "fab fa-github"
+    url: "https://github.com/bastienwirtz/homer"
+    target: "_blank" # optional html a tag target attribute
+  - name: "Wiki"
+    icon: "fas fa-book"
+    url: "https://www.wikipedia.org/"
+  # this will link to a second homer page that will load config from additionnal-page.yml and keep default config values as in config.yml file
+  # see url field and assets/additionnal-page.yml.dist used in this example:
+  - name: "another page!"
+    icon: "fas fa-file-alt"
+    url: "#additionnal-page" 
+
+# Services
+# First level array represent a group.
+# Leave only a "items" key if not using group (group name, icon & tagstyle are optional, section separation will not be displayed).
+services:
+  - name: "Applications"
+    icon: "fas fa-cloud"
+    items:
+      - name: "Awesome app"
+        logo: "assets/tools/sample.png"
+        subtitle: "Bookmark example"
+        tag: "app"
+        url: "https://www.reddit.com/r/selfhosted/"
+        target: "_blank" # optional html a tag target attribute
+      - name: "Another one"
+        logo: "assets/tools/sample2.png"
+        subtitle: "Another application"
+        tag: "app"
+        url: "#"

server/config/homer/assets/config.yml.dist.sample-sui

@@ -0,0 +1,64 @@
+---
+# Homepage configuration
+# See https://fontawesome.com/icons for icons options
+
+title: "Hello beautiful!"
+subtitle: "App dashboard"
+logo: false
+# icon: "fas fa-skull-crossbones" Optional icon
+
+header: true
+
+# Optional theme customization
+theme: sui
+colors:
+  light:
+    highlight-primary: transparent
+    highlight-secondary: transparent
+    highlight-hover: "#4a4a4a"
+    text-subtitle: "#424242"
+  dark:
+    background: "#2B2C56"
+    highlight-primary: transparent
+    highlight-secondary: transparent
+    highlight-hover: "#200b35"
+    text-subtitle: "#6375e8"
+
+# Optional navbar
+# links: [] # Allows for navbar (dark mode, layout, and search) without any links
+links: []
+
+# Services
+# First level array represent a group.
+# Leave only a "items" key if not using group (group name, icon & tagstyle are optional, section separation will not be displayed).
+services:
+  - name: "APPLICATIONS"
+    items:
+      - name: "Jenkins"
+        logo: "assets/tools/jenkins.png"
+        subtitle: "Continuous integration server"
+        url: "https://jenkins.io/"
+      - name: "RabbitMQ Management"
+        logo: "assets/tools/rabbitmq.png"
+        subtitle: "Manage & monitor RabbitMQ server"
+        # Optional tagstyle
+        # Same styling options as the optional message.
+        tagstyle: "is-success"
+        url: "https://www.rabbitmq.com/"
+      - name: "M/Monit"
+        logo: "assets/tools/monit.png"
+        subtitle: "Monitor & manage all monit enabled hosts"
+        url: "https://mmonit.com/monit/"
+      - name: "Grafana"
+        logo: "assets/tools/grafana.png"
+        subtitle: "Metric analytics & dashboards"
+        url: "https://grafana.com/"
+      - name: "Kibana"
+        logo: "assets/tools/elastic.png"
+        subtitle: "Explore & visualize logs"
+        url: "https://www.elastic.co/products/kibana"
+      - name: "Website monitoring"
+        logo: "assets/tools/pingdom.png"
+        subtitle: "Pingdom public reports overview"
+        tag: "CI"
+        url: "https://www.pingdom.com/"

server/config/homer/assets/custom.css.sample

@@ -0,0 +1,8 @@
+@charset "UTF-8";
+
+/* Custom card colors */
+/* Use with `class:` property of services in config.yml */
+body #app .card.green {
+  background-color: #006600;
+  color: #00ff00;
+}

server/config/homer/assets/manifest.json

@@ -0,0 +1 @@
+{"name":"Homer Dashboard","short_name":"Homer","theme_color":"#3367D6","icons":[{"src":"./icons/favicon-16x16.png","sizes":"16x16","type":"image/png"},{"src":"./icons/favicon-32x32.png","sizes":"32x32","type":"image/png"},{"src":"./icons/icon-any.png","sizes":"512x512","type":"image/png","purpose":"any"},{"src":"./icons/icon-any.svg","sizes":"any","type":"image/svg+xml","purpose":"any"},{"src":"./icons/icon-maskable.png","sizes":"512x512","type":"image/png","purpose":"maskable"},{"src":"./icons/safari-pinned-tab.svg","sizes":"any","type":"image/svg+xml","purpose":"monochrome"}],"start_url":"../","display":"standalone","background_color":"#000000"}

server/config/homer/docker-compose.yml

@@ -0,0 +1,20 @@
+version: '3'
+services:
+    homer:
+        image: b4bz/homer
+        container_name: homer
+        restart: "unless-stopped"
+        environment:
+            - UID=1000
+            - GID=1000
+        volumes:
+            - ${DOCKER_DATA}:/www/assets
+        networks:
+            - web
+        labels:
+            - traefik.http.routers.homer.rule=Host(`home.jafner.net`)
+            - traefik.http.routers.homer.tls.certresolver=lets-encrypt
+
+networks:
+    web:
+        external: true

server/config/joplin/.env

@@ -0,0 +1,12 @@
+DOCKER_DATA=/home/joey/docker_data/joplin
+
+DB_CLIENT=pg
+POSTGRES_PASSWORD=postgres
+POSTGRES_DATABASE=joplin
+POSTGRES_DB=joplin
+POSTGRES_USER=postgres
+POSTGRES_PORT=5432
+POSTGRES_HOST=joplin_db
+
+APP_BASE_URL=https://joplin.jafner.net
+APP_PORT=22300

server/config/joplin/docker-compose.yml

@@ -0,0 +1,34 @@
+version: '3'
+services:
+  joplin:
+    image: joplin/server:2.6-beta
+    container_name: joplin
+    restart: unless-stopped
+    env_file:
+      - .env
+    depends_on:
+      - joplin_db
+    networks:
+      - web
+      - joplin
+    labels:
+      - traefik.http.routers.joplin.rule=Host(`joplin.jafner.net`)
+      - traefik.http.routers.joplin.tls.certresolver=lets-encrypt
+      - traefik.http.middlewares.joplin.headers.customrequestheaders.X-Forwarded-Proto = http
+      - traefik.http.services.joplin.loadbalancer.server.port=22300
+      - traefik.http.services.joplin.loadbalancer.passhostheader=true
+  joplin_db:
+    image: postgres:13.1
+    container_name: joplin_db
+    restart: unless-stopped
+    env_file: 
+      - .env
+    volumes:
+      - ${DOCKER_DATA}/db:/var/lib/postresql/data
+    networks:
+      - joplin
+
+networks:
+  joplin:
+  web: 
+    external: true

server/config/joplin/docker-compose.yml.save

@@ -0,0 +1,31 @@
+version: '3'
+services:
+  joplin:
+    image: joplin/server:2.6-beta
+    container_name: joplin
+    restart: unless-stopped
+    env
+    depends_on:
+      - joplin_db
+    networks:
+      - web
+      - joplin
+    labels:
+      - traefik.http.routers.joplin.rule=Host(`joplin.jafner.net`)
+      - traefik.http.routers.joplin.tls.certresolver=lets-encrypt
+      - traefik.http.middlewares.joplin.headers.customrequestheaders.X-Forwarded-Proto = http
+      - traefik.http.services.joplin.loadbalancer.server.port=22300
+      - traefik.http.services.joplin.loadbalancer.passhostheader=true
+  joplin_db:
+    image: postgres:13.1
+    container_name: joplin_db
+    restart: unless-stopped
+    volumes:
+      - ${DOCKER_DATA}/db:/var/lib/postresql/data
+    networks:
+      - joplin
+
+networks:
+  joplin:
+  web: 
+    external: true

server/config/landing/.env

@@ -0,0 +1,2 @@
+DOCKER_DATA=/home/joey/docker_data/landing
+

server/config/landing/docker-compose.yml

@@ -0,0 +1,46 @@
+version: '3.1'
+
+services:
+    landing:
+        image: wordpress
+        container_name: landing
+        restart: always
+        environment:
+            WORDPRESS_DB_HOST: landing_db
+            WORDPRESS_DB_USER: wordpress
+            WORDPRESS_DB_PASSWORD: wordpress
+            WORDPRESS_DB_NAME: wordpressdb
+        volumes:
+            - ${DOCKER_DATA}/html:/var/www/html
+            - ./docker-php-memlimit.ini:/usr/local/etc/php/conf.d/docker-php-memlimit.ini:ro
+        labels:
+            - traefik.http.routers.landing.rule=Host(`www.jafner.net`)
+            - traefik.http.routers.landing.tls=true
+            - traefik.http.routers.landing.tls.certresolver=lets-encrypt
+            - traefik.port=80
+        networks:
+            - web
+            - landing
+        depends_on:
+            - landing_db
+
+    landing_db:
+        image: mysql:5.7
+        container_name: landing_db
+        restart: always
+        networks:
+            - landing
+        environment:
+            MYSQL_DATABASE: wordpressdb
+            MYSQL_USER: wordpress
+            MYSQL_PASSWORD: wordpress
+            MYSQL_RANDOM_ROOT_PASSWORD: '1'
+        volumes:
+            - ${DOCKER_DATA}/db:/var/lib/mysql
+        labels:
+            - traefik.enable=false
+
+networks:
+    web:
+        external: true
+    landing:

server/config/landing/docker-php-memlimit.ini

@@ -0,0 +1 @@
+memory_limit = 512M

server/config/mc-monitor/docker-compose.yml

@@ -0,0 +1,18 @@
+version: '3'
+
+services:
+  monitor:
+    image: itzg/mc-monitor
+    command: export-for-prometheus
+    restart: unless-stopped
+    networks:
+      - monitoring
+      - mc-router
+    environment:
+      EXPORT_SERVERS: e6-056,vanilla,bmcp
+
+networks:
+  monitoring:
+    external: true
+  mc-router:
+    external: true

server/config/mc-monitor/telegraf.conf

@@ -0,0 +1,9 @@
+[agent]
+  interval = "10s"
+
+[[outputs.influxdb]]
+  urls = ["http://192.168.1.23:8086"]
+  database = "mc-monitor"
+
+[[inputs.socket_listener]]
+  service_address = "tcp://:8094"

server/config/minecraft/.env

@@ -0,0 +1,3 @@
+DOCKER_DATA=/home/joey/docker_data/minecraft
+DOCKER_CONFIG=/home/joey/docker_config/minecraft
+RCON_PASSWORD=eZJxnAxUa9qEacEZFKdU6cEL

server/config/minecraft/bmcp.yml

@@ -0,0 +1,23 @@
+version: '3'
+
+services:
+  bmcp:
+    image: itzg/minecraft-server:java8
+    container_name: bmcp
+    environment:
+      - EULA=TRUE
+      - MAX_MEMORY=8G
+      - TYPE=FORGE
+      - VERSION=1.16.5
+      - FORGEVERSION=36.2.22
+      - OPS=jafner425
+      - ENABLE_RCON=true
+      - RCON_PASSWORD=${RCON_PASSWORD}
+    volumes:
+      - $DOCKER_DATA/bmcp:/data:rw
+    networks:
+      - mc-router
+    restart: always
+networks:
+  mc-router:
+    external: true

server/config/minecraft/e6-056.yml

@@ -0,0 +1,23 @@
+version: '3'
+
+services:
+  e6-056:
+    image: itzg/minecraft-server:java8
+    container_name: e6-056
+    environment:
+      - EULA=TRUE
+      - MAX_MEMORY=12G
+      - TYPE=FORGE
+      - VERSION=1.16.5
+      - FORGEVERSION=36.1.31
+      - OPS=jafner425
+      - ENABLE_RCON=true
+      - RCON_PASSWORD=${RCON_PASSWORD}
+    volumes:
+      - $DOCKER_DATA/e6-056:/data:rw
+    networks:
+      - mc-router
+    restart: always
+networks:
+  mc-router:
+    external: true

server/config/minecraft/router.yml

@@ -0,0 +1,17 @@
+version: '3'
+services:
+  router:
+    image: itzg/mc-router
+    container_name: mc-router
+    restart: always
+    networks:
+      - mc-router
+    ports:
+      - 25565:25565
+    command: --mapping=e6.jafner.net=e6-056:25565,vanilla.jafner.net=vanilla:25565,tnp.jafner.net=tnp:25565,bmcp.jafner.net=bmcp:25565 --api-binding=0.0.0.0:25566
+
+networks:
+  mc-router:
+    external: true
+volumes:
+  mc-router:

server/config/minecraft/telegraf.conf

@@ -0,0 +1,21 @@
+[global_tags]
+[agent]
+  interval = "10s"
+  round_interval = true
+  metric_batch_size = 1000
+  metric_buffer_limit = 10000
+  collection_jitter = "0s"
+  flush_interval = "10s"
+  flush_jitter = "0s"
+  precision = ""
+  hostname = ""
+  omit_hostname = false
+[[outputs.influxdb]]
+  urls = ["http://192.168.1.23:8086"]
+  database = "minecraft"
+[[inputs.exec]]
+  name_override = "tickinfo"
+  commands = ["/data/get-tps.sh"]
+  timeout = "30s"
+  data_format = "json"
+  tag_keys = ["dim","tpt"]

server/config/minecraft/vanilla.yml

@@ -0,0 +1,18 @@
+version: '3'
+services:
+  vanilla:
+    image: itzg/minecraft-server:latest
+    container_name: vanilla
+    environment:
+      - EULA=TRUE
+      - VERSION=1.18.1
+      - OPS=mollymsmom
+      - MAX_MEMORY=6G
+    volumes:
+      - $DOCKER_DATA/vanilla:/data:rw
+    networks:
+      - mc-router
+
+networks:
+  mc-router:
+    external: true

server/config/nvgm/.env

@@ -0,0 +1,2 @@
+DOCKER_DATA=/home/joey/docker_data/nvgm
+