handbrake-server: add

.env

@@ -1,7 +1,5 @@
 REGISTRY_URL=registry.kucharczyk.xyz
 DOMAIN=kucharczyk.xyz
-TS_DOMAIN=jacob-shark.ts.net
-TS_DOMAIN_NAS=nas.${TS_DOMAIN}
 TZ=Europe/Prague
 STORAGE_PATH=/srv/mergerfs/storage
 MEDIA_PATH=${STORAGE_PATH}/media
@@ -13,7 +11,6 @@ MUSIC_PATH=${STORAGE_PATH}/media/music2
 DOWNLOADS_PATH=${STORAGE_PATH}/download
 NZB_DOWNLOADS_PATH=${DOWNLOADS_PATH}/sabnzbd
 TORRENTS_SEED_PATH=${STORAGE_PATH}/seed
-TORRENTS_WATCH_PATH=${DOWNLOADS_PATH}/watch
 DOCKER_STORAGE_PATH=/docker
 DOCKER_STORAGE_PATH_SLOW=${STORAGE_PATH}/docker-storage
 PHOTOS_STORAGE_PATH=/srv/dev-disk-by-uuid-2d34f1a9-4284-4cad-ae9a-f1ef36244201/photos
@@ -110,11 +107,5 @@ BAZARR_EXTERNAL_PORT=6767
 BAZARR_INTERNAL_PORT=6767
 GLUETUN_JAPAN_INTERNAL_PORT=8888
 GLUETUN_JAPAN_EXTERNAL_PORT=8888
-HANDBRAKER_SERVER_INTERNAL_PORT=9999
-HANDBRAKER_SERVER_EXTERNAL_PORT=9997
-REDLIB_EXTERNAL_PORT=8088
-SABNZBD_EXTERNAL_PORT=8081
-SABNZBD_INTERNAL_PORT=8080
-QBITTORRENT_WEBUI_PORT=9092
-QBITTORRENT_WEBUI_EXTERNAL_PORT=${QBITTORRENT_WEBUI_PORT}
-QBITTORRENT_WEBUI_INTERNAL_PORT=${QBITTORRENT_WEBUI_PORT}
+HANDBRAKER_SERVER_INTERNAL_PORT=9997
+HANDBRAKER_SERVER_EXTERNAL_PORT=9999

docker-compose.yml

@@ -1,21 +1,4 @@
 ---
-configs:
-  caddyfile:
-    content: |
-      notes-old.kucharczyk.xyz {
-        handle {
-          root * /srv/notes
-          file_server
-        }
-      }
-      mimi.kucharczyk.xyz {
-        handle {
-          root * /etc/caddy/sites-enabled
-          file_server {
-            index mimikong.html
-          }
-      }
-
 
 include:
   - services/bazarr.yml
@@ -37,34 +20,23 @@ include:
   - services/enshrouded.yml
   - services/7dtdserver.yml
   - services/gluetun.yml
-  - services/handbrake-server.yml
-  - services/redlib.yml
-  - services/calibre-web.yml
-  - services/kavita.yml
 
 services:
   caddy:
-    image: lucaslorentz/caddy-docker-proxy:ci-alpine
+    image: caddy
     container_name: caddy
     ports:
       - "${TIMETRACKER_EXTERNAL_PORT}:${TIMETRACKER_INTERNAL_PORT}"
       - "${DENDRON_NOTES_EXTERNAL_PORT}:${DENDRON_NOTES_INTERNAL_PORT}"
       - 80:80
       - 443:443
-    environment:
-      - CADDY_INGRESS_NETWORKS=docker-compose-templates_public
-      - CADDY_DOCKER_CADDYFILE_PATH=/Caddyfile
-    configs:
-      - source: caddyfile
-        target: /Caddyfile
+    user: ${PUID}
     volumes:
       - "${DOCKER_STORAGE_PATH}/caddy/etc:/etc/caddy"
       - "${DOCKER_STORAGE_PATH}/caddy/data:/data"
       - "${DOCKER_STORAGE_PATH}/caddy/config:/config"
-      - "/var/run/tailscale/tailscaled.sock:/var/run/tailscale/tailscaled.sock"
       - "/www/notes:/srv/notes"
       - "timetracker-static:/srv/timetracker"
-      - /var/run/docker.sock:/var/run/docker.sock
     networks:
       public:
         ipv4_address: 192.168.240.2
@@ -90,30 +62,16 @@ services:
     networks:
       public:
         ipv4_address: 192.168.240.3
-    labels:
-      caddy: tracker.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams 8001 }}"
-      caddy.handle_path: "/static/*"
-      caddy.handle_path.root: "* /srv/timetracker"
-      caddy.handle_path.file_server:
-      caddy.handle: /robots.txt
-      caddy.handle.root: "* /srv/timetracker"
-      caddy.handle.file_server:
     restart: unless-stopped
 
   trilium:
-    image: triliumnext/notes:v0.95.0
+    image: zadam/trilium
     container_name: trilium
     restart: always
     environment:
       - TRILIUM_DATA_DIR=/home/node/trilium-data
     volumes:
       - ${DOCKER_STORAGE_PATH}/trilium:/home/node/trilium-data
-      - /etc/timezone:/etc/timezone:ro
-      - /etc/localtime:/etc/localtime:ro
-    labels:
-      caddy: trilium.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams $TRILIUM_INTERNAL_PORT }}"
     ports:
       - "${TRILIUM_EXTERNAL_PORT}:${TRILIUM_INTERNAL_PORT}"
     networks:
@@ -136,17 +94,10 @@ services:
     networks:
       public:
         ipv4_address: 192.168.240.5
-    labels:
-      caddy: "notify.${DOMAIN}, http://notify.${DOMAIN}"
-      caddy.reverse_proxy: "{{ upstreams $NTFY_INTERNAL_PORT }}"
-      caddy.@httpget.protocol: http
-      caddy.@httpget.method: get
-      caddy.@httpget.path_regexp: "^/([-_a-z0-9]{0,64}$|docs/|static/)"
-      caddy.redir: "@httpget https://{host}{uri}"
     restart: unless-stopped
 
   audiobookshelf:
-    image: ghcr.io/advplyr/audiobookshelf:2.20.0
+    image: ghcr.io/advplyr/audiobookshelf
     container_name: audiobookshelf
     environment:
       - AUDIOBOOKSHELF_UID=${PUID}
@@ -165,10 +116,11 @@ services:
     restart: unless-stopped
 
   beets:
-    image: lscr.io/linuxserver/beets:2.5.1
+    image: ${REGISTRY_URL}/beets:latest
     container_name: beets
-    user: 1000:100
     environment:
+      - PUID=${PUID}
+      - PGID=${PGID}
       - TZ=${TZ}
     volumes:
       - "${DOCKER_STORAGE_PATH}/beets:/config"
@@ -195,9 +147,29 @@ services:
     networks:
       public:
         ipv4_address: 192.168.240.8
-    labels:
-      caddy: recipes.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams 9000 }}"
+    restart: unless-stopped
+
+  rtorrent:
+    image: binhex/arch-rtorrentvpn
+    container_name: rtorrent
+    volumes:
+      - "${DOCKER_STORAGE_PATH}/rtorrent/config:/config"
+      - "${DOCKER_STORAGE_PATH}/rtorrent/watch:/watch"
+      - ${STORAGE_PATH}/seed:/data
+      - /etc/localtime:/etc/localtime:ro
+    environment:
+      - PUID=${PUID}
+      - PGID=${PGID}
+    env_file:
+      - rtorrent.env
+    ports:
+      - "9080:9080"
+      - "9443:9443"
+      - "8118:8118"
+      - "6881:6881"
+    networks:
+      public:
+        ipv4_address: 192.168.240.9
     restart: unless-stopped
 
   webhook:
@@ -235,7 +207,7 @@ services:
     restart: unless-stopped
 
   stash:
-    image: stashapp/stash:v0.29.1
+    image: stashapp/stash:v0.27.2
     container_name: stash
     ports:
       - "${STASH_EXTERNAL_PORT}:${STASH_INTERNAL_PORT}"
@@ -275,7 +247,7 @@ services:
     restart: unless-stopped
 
   navidrome:
-    image: deluan/navidrome:0.58.0
+    image: deluan/navidrome:0.53.3
     container_name: navidrome
     ports:
       - "${NAVIDROME_EXTERNAL_PORT}:${NAVIDROME_INTERNAL_PORT}"
@@ -288,9 +260,6 @@ services:
     networks:
       public:
         ipv4_address: 192.168.240.14
-    labels:
-      caddy: music.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams $NAVIDROME_INTERNAL_PORT }}"
     restart: unless-stopped
 
   maloja:
@@ -320,7 +289,7 @@ services:
 
   paperless-ngx:
     container_name: paperless-ngx
-    image: ghcr.io/paperless-ngx/paperless-ngx:2.0.1
+    image: ghcr.io/paperless-ngx/paperless-ngx:latest
     restart: unless-stopped
     depends_on:
       - redis
@@ -394,12 +363,11 @@ services:
     restart: unless-stopped
 
   syncthing:
-    image: lscr.io/linuxserver/syncthing:1.28.1
+    image: lscr.io/linuxserver/syncthing:latest
     container_name: syncthing
     volumes:
       - "${DOCKER_STORAGE_PATH}/syncthing:/config"
-      - "${DOCKER_STORAGE_PATH}/syncthing/shares:/shares"
-      - "${STORAGE_PATH}:/storage"
+      - "${STORAGE_PATH}/docker-storage/syncthing:/general"
     ports:
       - "${SYNCTHING_EXTERNAL_PORT1}:${SYNCTHING_INTERNAL_PORT1}"
       - "${SYNCTHING_EXTERNAL_PORT2}:${SYNCTHING_INTERNAL_PORT2}"
@@ -419,9 +387,6 @@ services:
     networks:
       public:
         ipv4_address: 192.168.240.21
-    labels:
-      caddy: wiki.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams $MEDIAWIKI_INTERNAL_PORT }}"
     depends_on:
       - mariadb
     ports:
@@ -440,9 +405,6 @@ services:
         ipv4_address: 192.168.240.22
     ports:
       - "${PHOTOPRISM_EXTERNAL_PORT}:${PHOTOPRISM_INTERNAL_PORT}"
-    labels:
-      caddy: photos.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams 2342 }}"
     depends_on:
       - mariadb
     env_file:
@@ -461,8 +423,6 @@ services:
         ipv4_address: 192.168.240.23
     ports:
       - "${MARIADB_EXTERNAL_PORT}:${MARIADB_INTERNAL_PORT}"
-    environment:
-      - MARIADB_AUTO_UPGRADE=true
     volumes:
       - "${DOCKER_STORAGE_PATH}/mariadb:/config"
       - sockets:/run/mysqld/
@@ -474,9 +434,6 @@ services:
     networks:
       public:
         ipv4_address: 192.168.240.24
-    labels:
-      caddy: baserow.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams 80 }}"
     depends_on:
       - postgres
     env_file:
@@ -487,7 +444,7 @@ services:
 
   gitea:
     container_name: gitea
-    image: gitea/gitea:1.24.0
+    image: gitea/gitea:1.21.11
     networks:
       public:
         ipv4_address: 192.168.240.26
@@ -496,9 +453,6 @@ services:
     ports:
       - "${GITEA_WEBUI_EXTERNAL_PORT}:${GITEA_WEBUI_INTERNAL_PORT}"
       - "${GITEA_SSH_EXTERNAL_PORT}:${GITEA_SSH_INTERNAL_PORT}"
-    labels:
-      caddy: git.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams $GITEA_WEBUI_INTERNAL_PORT }}"
     volumes:
       - "${DOCKER_STORAGE_PATH}/gitea:/data"
     restart: unless-stopped
@@ -527,14 +481,11 @@ services:
     restart: unless-stopped
 
   linkace:
-    image: linkace/linkace:v2.4.0
+    image: linkace/linkace:v1.15.4-simple
     container_name: linkace
     networks:
       public:
         ipv4_address: 192.168.240.28
-    labels:
-      caddy: bookmarks.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams 80 }}"
     depends_on:
       - mariadb
       - redis
@@ -542,7 +493,6 @@ services:
       # these env variables are instead of .env file
       # see https://www.linkace.org/docs/v1/setup/setup-with-docker/advanced-configuration/#using-docker-environment-variables-instead-of-the-env-file
       - APP_KEY=base64:X6XDR+dfqn5PM9QdmmxJoOECSsldWhkfnyi6yvohgNM=
-      - DB_CONNECTION=mysql
       - DB_HOST=${MYSQL_HOST}
       - DB_DATABASE=${LINKACE_DB}
       - DB_USERNAME=${LINKACE_DB_USERNAME}
@@ -571,16 +521,13 @@ services:
   #     - public
 
   vaultwarden:
-    image: vaultwarden/server:1.32.1
+    image: vaultwarden/server:1.31.0
     container_name: vaultwarden
     networks:
       public:
         ipv4_address: 192.168.240.29
     ports:
       - "${VAULTWARDEN_EXTERNAL_PORT}:${VAULTWARDEN_INTERNAL_PORT}"
-    labels:
-      caddy: bw.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams 80 }}"
     env_file:
       - ./secrets/vaultwarden.env
     environment:
@@ -599,125 +546,6 @@ services:
     volumes:
       - ${DOCKER_STORAGE_PATH}/vaultwarden:/data
     restart: unless-stopped
-
-  qbittorrent:
-    image: lscr.io/linuxserver/qbittorrent:latest
-    container_name: qbittorrent
-    environment:
-      - PUID=${PUID}
-      - PGID=${PGID}
-      - TZ=${TZ}
-      - WEBUI_PORT=${QBITTORRENT_WEBUI_PORT}
-      - TORRENTING_PORT=6881
-      - DOCKER_MODS=ghcr.io/vuetorrent/vuetorrent-lsio-mod|linuxserver/mods:universal-apprise
-    volumes:
-      - ${DOCKER_STORAGE_PATH}/qbittorrent/appdata:/config
-      - "${DOWNLOADS_PATH}/sabnzbd:/downloads"
-      - "${TORRENTS_SEED_PATH}:/seed"
-      - ${TORRENTS_WATCH_PATH}:/watch
-      - /etc/localtime:/etc/localtime:ro
-    networks:
-      public:
-        ipv4_address: 192.168.240.55
-    ports:
-      - ${QBITTORRENT_WEBUI_EXTERNAL_PORT}:${QBITTORRENT_WEBUI_INTERNAL_PORT}
-      - 6881:6881
-      - 6881:6881/udp
-    labels:
-      caddy: qbt.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams $QBITTORRENT_WEBUI_INTERNAL_PORT }}"
-    restart: unless-stopped
-
-  # see https://github.com/FarisZR/Privacy-OCI
-  breezewiki:
-    container_name: breezewiki
-    image: oci.fariszr.com/fariszr/breezewiki:latest
-    restart: always
-    networks:
-      public:
-        ipv4_address: 192.168.240.56
-    ports:
-      - 8005:8000
-    labels:
-      caddy: bwiki.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams 8000 }}"
-    environment:
-      - bw_canonical_origin=bwiki.kucharczyk.xyz
-      - bw_feature_search_suggestions=true
-      - bw_port=8000
-
-  rss-bridge:
-    container_name: rss-bridge
-    image: rssbridge/rss-bridge:latest
-    networks:
-      public:
-        ipv4_address: 192.168.240.57
-    volumes:
-      - ./config:/config
-    ports:
-      - 3002:80
-    restart: unless-stopped
-
-  karakeep:
-    container_name: karakeep
-    image: ghcr.io/karakeep-app/karakeep:0.27.1
-    restart: unless-stopped
-    volumes:
-      # By default, the data is stored in a docker volume called "data".
-      # If you want to mount a custom directory, change the volume mapping to:
-      # - /path/to/your/directory:/data
-      - ${DOCKER_STORAGE_PATH}/karakeep:/data
-    ports:
-      - 3003:3000
-    env_file:
-      - .env
-    environment:
-      MEILI_ADDR: http://meilisearch:7700
-      BROWSER_WEB_URL: http://chrome:9222
-      NEXTAUTH_SECRET: lB5mx3t9mdKclELtt+cs2pVBefB+8vD4dKuzhvUP+JzR9bL1
-      MEILI_MASTER_KEY: Cvu7m/RIGYQPiYcIrxacHFhbfLKfKq3wwSAWJPKVWQEauiIX
-      NEXTAUTH_URL: https://karakeep.kucharczykx.xyz
-      DISABLE_SIGNUPS: TRUE
-      # OPENAI_API_KEY: ...
-
-      # You almost never want to change the value of the DATA_DIR variable.
-      # If you want to mount a custom directory, change the volume mapping above instead.
-      DATA_DIR: /data # DON'T CHANGE THIS
-    networks:
-      public:
-        ipv4_address: 192.168.240.58
-    labels:
-      caddy: karakeep.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams 3000 }}"
-
-  chrome:
-    image: gcr.io/zenika-hub/alpine-chrome:124
-    restart: unless-stopped
-    command:
-      - --no-sandbox
-      - --disable-gpu
-      - --disable-dev-shm-usage
-      - --remote-debugging-address=0.0.0.0
-      - --remote-debugging-port=9222
-      - --hide-scrollbars
-    networks:
-      public:
-        ipv4_address: 192.168.240.59
-
-  meilisearch:
-    image: getmeili/meilisearch:v1.13.3
-    restart: unless-stopped
-    env_file:
-      - .env
-    environment:
-      MEILI_NO_ANALYTICS: "true"
-      MEILI_MASTER_KEY: Cvu7m/RIGYQPiYcIrxacHFhbfLKfKq3wwSAWJPKVWQEauiIX
-    volumes:
-      - meilisearch:/meili_data
-    networks:
-      public:
-        ipv4_address: 192.168.240.60
-
        
 
 networks:

kavita.env

@@ -0,0 +1,2 @@
+KAVITA_INTERNAL_PORT=5000
+KAVITA_EXTERNAL_PORT=5100

scripts/README.md

@@ -0,0 +1,9 @@
+This folder contains the configuration file, template, and script to generate a Caddyfile for all the services in main repository.
+
+# Usage
+
+1. Run the script:
+```bash
+ ./add --config sites-config.yaml --template template.j2 > sites-enabled/generated.caddy
+```
+2. Reload Caddy with `caddy reload -c /etc/caddy/Caddyfile`

scripts/add

@@ -0,0 +1,76 @@
+#!/usr/bin/python3
+import argparse
+import yaml
+from jinja2 import Template
+
+
+def render_template(template_path, **kwargs):
+    with open(template_path, "r") as file:
+        template = Template(file.read())
+        output = template.render(**kwargs)
+    return output
+
+
+def format_subdomain(subdomains, domain):
+    if isinstance(subdomains, list):
+        return ", ".join([f"{sub}.{domain}" for sub in subdomains])
+    else:
+        return f"{subdomains}.{domain}"
+
+
+def process_sites_config(config_path, template_path, check_mode):
+    with open(config_path, "r") as file:
+        sites_config = yaml.safe_load(file)
+
+    default_domain = sites_config.get("default_domain", None)
+    if default_domain is None:
+        raise ValueError("YAML configuration is missing default_domain key")
+    total_sites = len(sites_config["sites"])
+    enabled_sites = 0
+    disabled_sites = 0
+
+    for site in sites_config["sites"]:
+        domain = site.get("domain", default_domain)
+        # Check if site is enabled
+        if site.get("enabled", True):  # Default to True if 'enabled' key is not present
+            enabled_sites += 1
+
+            if "subdomain" in site:
+                site["subdomain"] = format_subdomain(site["subdomain"], domain)
+
+            if not check_mode:
+                rendered_content = render_template(template_path, **site)
+                print(f"{rendered_content}\n")
+        else:
+            disabled_sites += 1
+
+    if check_mode:
+        print(f"Total sites: {total_sites}")
+        print(f"Enabled sites: {enabled_sites}")
+        print(f"Disabled sites: {disabled_sites}")
+
+
+def main():
+    parser = argparse.ArgumentParser(
+        description="Process a sites configuration file for Caddyfiles"
+    )
+    parser.add_argument(
+        "--config", required=True, help="Path to the YAML configuration file"
+    )
+    parser.add_argument(
+        "--check",
+        action="store_true",
+        help="Only check statistics, do not output templates",
+    )
+    parser.add_argument("--template", help="Path to the Jinja2 template file")
+    args = parser.parse_args()
+
+    if args.template is None and args.check is False:
+        parser.error("--template argument is required if not using --check")
+
+    template_path = args.template  # Replace with the actual path to your template file
+    process_sites_config(args.config, template_path, args.check)
+
+
+if __name__ == "__main__":
+    main()

scripts/sites-config.yaml

@@ -0,0 +1,114 @@
+sites:
+  - hostname: gitea
+    subdomain: git
+    port: 3000
+  - hostname: rtorrent
+    subdomain: torrent
+    port: 9080
+  - subdomain: portainer
+    # fixme: move portainer to docker-compose.yml
+    # hostname: portainer
+    hostname: 192.168.0.106
+    port: 9000
+  - subdomain: radarr
+    hostname: radarr
+    port: 7878
+  - subdomain: sonarr-tv
+    hostname: sonarr_tv
+    port: 8989
+  - subdomain: sonarr-anime
+    hostname: sonarr_anime
+    port: 8989
+  - subdomain: notify
+    hostname: ntfy
+    port: 80
+    additional_config: |
+      @httpget {
+            protocol http
+            method GET
+            path_regexp ^/([-_a-z0-9]{0,64}$|docs/|static/)
+            }
+       redir @httpget https://{host}{uri}
+  - subdomain: recipes
+    hostname: mealie
+    port: 80
+  - subdomain: music
+    hostname: navidrome
+    port: 4533
+  - subdomain: paperless
+    hostname: paperless-ngx
+    port: 8000
+  - subdomain: photos
+    hostname: photoprism
+    port: 2342
+  - subdomain: bookmarks
+    hostname: linkace
+    port: 80
+  - subdomain: bw
+    hostname: vaultwarden
+    port: 80
+  - subdomain: drone
+    # fixme: move to docker compose & change hostname AND PORT!! (80)
+    # hostname: drone
+    hostname: 192.168.0.106
+    port: 580
+  - subdomain: jellyfin
+    hostname: jellyfin
+    port: 8096
+  - subdomain: comic
+    hostname: komga
+    port: 25600
+  - subdomain: miniflux
+    hostname: miniflux
+    port: 8080
+  - subdomain: netboot
+    # fixme: move to compose
+    # hostname: netbootxyz
+    hostname: 192.168.0.106
+    port: 3001
+  - subdomain: cloud
+    # fixme: move to compose
+    # hostname: nextcloud
+    hostname: 192.168.0.106
+    port: 8484
+    additional_config: |
+      redir /.well-known/carddav /remote.php/dav 301
+      redir /.well-known/caldav /remote.php/dav 301
+      header Strict-Transport-Security "max-age=15552000; includeSubDomains"
+  - subdomain: registry
+    # fixme: move to compose
+    # hostname: registry
+    hostname: 192.168.0.106
+    port: 5000
+  - subdomain: tracker
+    hostname: timetracker
+    port: 8001
+    additional_config: |
+      handle_path /static/* {
+        root * /srv/timetracker
+        file_server
+      }
+      handle /robots.txt {
+        root * /srv/timetracker
+        file_server
+      }
+  - subdomain: notes-old
+    additional_config: |
+      root * /srv/notes
+      file_server
+  - subdomain: notes
+    additional_config: |
+      reverse_proxy https://publish.obsidian.md {
+        header_up Host {upstream_hostport}
+      }
+      rewrite * /serve?url=notes.kucharczyk.xyz{path}
+    server_config: |
+      encode zstd gzip
+  - subdomain: wiki
+    hostname: mediawiki
+    port: 80
+  - subdomain: baserow
+    hostname: baserow
+    port: 80
+
+

scripts/template.j2

@@ -0,0 +1,17 @@
+{{ subdomain }} {
+	handle {
+		{% if reverse_proxy_config %}
+			reverse_proxy {{ hostname }}:{{ port }} {
+			{{ reverse_proxy_config }}
+			}
+		{% else %}
+			{% if hostname and port %}
+				reverse_proxy {{ hostname }}:{{ port }}
+			{% endif %}
+		{% endif %}
+		{% if additional_config %}
+			{{ additional_config }}
+		{% endif %}
+	}
+	{{ server_config }}
+}

services/calibre-web.yml

@@ -1,17 +0,0 @@
----
-services:
-  calibre-web:
-    image: docker.io/linuxserver/calibre-web:0.6.25
-    container_name: calibre-web
-    ports:
-      - 8089:8083
-    networks:
-      public:
-        ipv4_address: 192.168.240.52
-    environment:
-      - PUID=${PUID}
-      - PGID=${PGID}
-    volumes:
-      - "${DOCKER_STORAGE_PATH}/calibre-web:/config"
-      - "${DOCKER_STORAGE_PATH}/syncthing/shares/Calibre Library:/books"
-    restart: unless-stopped

services/drone/drone.yml

@@ -6,9 +6,6 @@ services:
     networks:
       public:
         ipv4_address: 192.168.240.47
-    labels:
-      caddy: drone.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams 80 }}"
     volumes:
       - ${DOCKER_STORAGE_PATH}/drone:/data
     env_file:

services/handbrake-server.yml

@@ -1,8 +1,8 @@
----
+--
 services:
   handbrake-server:
-    image: ghcr.io/thenickoftime/handbrake-web-server:0.7.3
-    container_name: handbrake-server
+    image: ghcr.io/thenickoftime/handbrake-web-server:latest
+    container_name: handbrake-web-server
     user: 1000:100 # edit to run as user (uuid:guid) with permissions to access your media. 0:0 to run as root (not recommended).
     networks:
         public:
@@ -10,6 +10,5 @@ services:
     ports:
       - "${HANDBRAKER_SERVER_EXTERNAL_PORT}:${HANDBRAKER_SERVER_INTERNAL_PORT}"
     volumes:
-      - "${DOCKER_STORAGE_PATH}/handbrake-server/data:/data"
+      - "${DOCKER_STORAGE_PATH}/data:/data"
       - "${STORAGE_PATH}:/video"
-    restart: unless-stopped

services/jellyfin.yml

@@ -1,7 +1,7 @@
 ---
 services:
   jellyfin:
-    image: linuxserver/jellyfin:10.11.1
+    image: linuxserver/jellyfin:10.10.1
     container_name: jellyfin
     ports:
       - "8096:8096"
@@ -10,9 +10,6 @@ services:
     networks:
       public:
         ipv4_address: 192.168.240.32
-    labels:
-      caddy: jellyfin.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams 8096 }}"
     volumes:
       - "${DOCKER_STORAGE_PATH}/jellyfin:/config"
       - "${MEDIA_PATH}:/data/media"

services/kavita.yml

@@ -1,21 +0,0 @@
----
-services:
-  kavita:
-    image: ghcr.io/kareadita/kavita:0.8.8
-    container_name: kavita
-    networks:
-      public:
-        ipv4_address: 192.168.240.53
-    ports:
-      - ${KAVITA_EXTERNAL_PORT}:${KAVITA_INTERNAL_PORT}
-    labels:
-      caddy: kavita.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams $KAVITA_INTERNAL_PORT }}"
-    environment:
-      - DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=true
-    volumes:
-      - "${STORAGE_PATH}/media/comics:/comics"
-      - "${STORAGE_PATH}/media/comics/manga:/manga"
-      - "${STORAGE_PATH}/media/comics/books:/books"
-      - "${DOCKER_STORAGE_PATH}/kavita:/kavita/config"
-    restart: unless-stopped

services/komga.yml

@@ -1,16 +1,13 @@
 ---
 services:
   komga:
-    image: gotson/komga:1.20.0
+    image: gotson/komga:latest
     container_name: komga
+    ports:
+      - "6080:25600"
     networks:
       public:
         ipv4_address: 192.168.240.34
-    ports:
-      - "25600:25600"
-    labels:
-      caddy: comic.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams 25600 }}"
     volumes:
       - "${DOCKER_STORAGE_PATH}/komga:/config"
       - "${COMIC_PATH}:/data"

services/miniflux.yml

@@ -1,19 +1,15 @@
 ---
 services:
   miniflux:
-    image: miniflux/miniflux:2.2.14
+    image: miniflux/miniflux:latest
     container_name: miniflux
+    ports:
+      - "8282:8080"
     networks:
       public:
         ipv4_address: 192.168.240.35
-    labels:
-      caddy: miniflux.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams 8080 }}"
     environment:
       - BASE_URL=https://miniflux.${DOMAIN}
       - DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres/miniflux?sslmode=disable
       - RUN_MIGRATIONS=1
-      - CLEANUP_ARCHIVE_READ_DAYS=3650 # remove after 10 years
-      - CLEANUP_ARCHIVE_UNREAD_DAYS=-1 # never remove unread entries
-      - WEBAUTHN=1
     restart: unless-stopped

services/netbootxyz.yml

@@ -6,8 +6,6 @@ services:
     networks:
       public:
         ipv4_address: 192.168.240.44
-    ports:
-      - 3000:3000
     volumes:
       - "${DOCKER_STORAGE_PATH}/netbootxyz:/config"
       - "${DOCKER_STORAGE_PATH_SLOW}/netbootxyz:/assets"

services/nextcloud.yml

@@ -15,10 +15,4 @@ services:
     environment:
       # caddy
       - TRUSTED_PROXIES=192.168.240.2
-    labels:
-      caddy: cloud.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams 80 }}"
-      caddy.handle.redir_0: "/.well-known/carddav /remote.php/dav 301"
-      caddy.handle.redir_1: "/.well-known/caldav /remote.php/dav 301"
-      caddy.header.Strict-Transport-Security: "max-age=15552000; includeSubDomains"
     restart: unless-stopped

services/prowlarr.yml

@@ -1,14 +1,11 @@
 ---
 services:
   prowlarr:
-    # see https://github.com/linuxserver/docker-prowlarr/releases
-    image: linuxserver/prowlarr:2.0.5.5160-ls126
+    image: linuxserver/prowlarr:latest
     container_name: prowlarr
     networks:
       public:
         ipv4_address: 192.168.240.43
-    ports:
-      - 9696:9696
     volumes:
       - "${DOCKER_STORAGE_PATH}/prowlarr:/config"
     restart: unless-stopped

services/redlib.yml

@@ -1,29 +0,0 @@
----
-services:
-  redlib:
-    image: quay.io/redlib/redlib:latest
-    restart: unless-stopped
-    container_name: "redlib"
-      # exposed via caddy -> doesn't need an external port
-    user: nobody
-    read_only: true
-    security_opt:
-      - no-new-privileges:true
-      # - seccomp=seccomp-redlib.json
-    cap_drop:
-      - ALL
-    environment:
-      - REDLIB_DEFAULT_THEME=dracula;
-      - REDLIB_DEFAULT_SHOW_NSFW=on;
-      - REDLIB_DEFAULT_HIDE_AWARDS=on;
-      - REDLIB_DEFAULT_USE_HLS=on;
-      - REDLIB_DEFAULT_BLUR_SPOILER=on;
-    networks:
-      public:
-        ipv4_address: 192.168.240.51
-    ports:
-      - "8082:8080"
-    healthcheck:
-      test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"]
-      interval: 5m
-      timeout: 3s

services/registry.yml

@@ -6,11 +6,6 @@ services:
     networks:
       public:
         ipv4_address: 192.168.240.45
-    ports:
-      - 5000:5000
-    labels:
-      caddy: registry.${DOMAIN}
-      caddy.reverse_proxy: "{{ upstreams 5000 }}"
     volumes:
       - "${DOCKER_STORAGE_PATH}/registry/data:/var/lib/registry"
       - "${DOCKER_STORAGE_PATH}/registry/config.yml:/etc/docker/registry/config.yml"

services/sabnzbd.yml

@@ -1,7 +1,7 @@
 ---
 services:
   sabnzbd:
-    image: linuxserver/sabnzbd:4.5.4
+    image: linuxserver/sabnzbd:latest
     container_name: sabnzbd
     networks:
       public:
@@ -11,8 +11,6 @@ services:
       - PGID=100
       - DOCKER_MODS=ghcr.io/themepark-dev/theme.park:sabnzbd
       - TP_THEME=dracula
-    ports:
-      - "${SABNZBD_EXTERNAL_PORT}:${SABNZBD_INTERNAL_PORT}"
     volumes:
       - "${DOCKER_STORAGE_PATH}/sabnzbd:/config"
       - "${DOWNLOADS_PATH}/sabnzbd:/downloads"

services/sonarr.yml

@@ -17,6 +17,7 @@ services:
       - "${ANIME_PATH}:/anime"
       - "${NZB_DOWNLOADS_PATH}:/downloads"
       - "${TORRENTS_SEED_PATH}:/seed"
+      - "${TORRENTS_SEED_PATH}/incomplete:/data/incomplete"
     restart: unless-stopped
 
   sonarr_anime:
@@ -35,4 +36,5 @@ services:
       - "${ANIME_PATH}:/anime"
       - "${NZB_DOWNLOADS_PATH}:/downloads"
       - "${TORRENTS_SEED_PATH}:/seed"
-    restart: unless-stopped
+      - "${TORRENTS_SEED_PATH}/incomplete:/data/incomplete"
+    restart: unless-stopped