Merge pull request 'dev' (#7) from dev into main

Reviewed-on: #7

README.md

@@ -1,16 +1,8 @@
 ## Basics
-This repository is for my documenting my homelab.  Most documentation is found in the Wiki tab of this repository.
+This repository is for documenting my homelab.  Most documentation is found in the Wiki (work in progress) tab of this repository that will link to my bookstack website.
 
 I use docker for all of my services that I run with a docker compose file.  I use ssh through a peer to peer vpn service called [Tailscale](https://tailscale.com/).  Tailscale has functionality to store ssh keys and makes managing them very simple and easy with github accounts.
 
-The homelab is run off of a dedicated server running a headless instance of Arch Linux.  Arch linux is my Distro of preference however if I were to run a server that is required for reliability I would most likely prefer RedHat or similar for a stable environment over rolling release Arch.
+The homelab is run off of a dedicated server running a headless instance of Arch Linux.  Arch linux is my Distro of preference however if I were to run a server that is required for reliability I would most likely prefer RedHat or similar for a stable environment over rolling release Arch but so far Arch has been fine.
 
-Nginx is currently used to share my publicly facing services with a subdomain of mintyserver.net eg https://git.mintyserver.net.  I use a docker image from linuxserver.io called swag.  This contains some nice packages fo nginx such as fail2ban for spam authentication protection and letsencrypt for http ssl certificates.  Not all services are reverse proxied such as my pihole as they are only needed to be accessed by me and therefore only accessible via local or vpn connections.  
-
-
-
-## TODO
-- Investigate a sync service for music playlists between yt spotify musicbrainz and lastfm
-- find email filtering service to host
-- Check out caddy and try it as an alternitive to nginx
--
+Caddy is currently used to share my publicly facing services with a subdomain of archox.org eg https://git.archox.org. Not all services are reverse proxied such as my DNS server as they are only needed to be accessed by me and therefore only accessible via local or vpn connections.  

docker-compose.d/Documentation/bookstack.yml

@@ -0,0 +1,55 @@
+services:
+  bookstack:
+    image: lscr.io/linuxserver/bookstack
+    container_name: bookstack
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/Chicago
+      - APP_URL=https://bookstack.archfox.org
+      - APP_KEY=${BOOKKEY}
+      - DB_HOST=bookstack_db
+      - DB_PORT=3306
+      - DB_USERNAME=bookstack
+      - DB_PASSWORD=${PASS}
+      - DB_DATABASE=bookstackapp
+    volumes:
+      - bookstack:/config
+    restart: unless-stopped
+    depends_on:
+      - bookstack_db
+    networks:
+      - caddy
+      - bookstack
+  
+  bookstack_db:
+    image: lscr.io/linuxserver/mariadb
+    container_name: bookstack_db
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/Chicago
+      - MYSQL_ROOT_PASSWORD=${PASS}
+      - MYSQL_DATABASE=bookstackapp
+      - MYSQL_USER=bookstack
+      - MYSQL_PASSWORD=${PASS}
+    volumes:
+      - bookstack_db:/config
+    restart: unless-stopped
+    networks:
+      - bookstack
+
+networks:
+  caddy:
+    name: caddy
+    external: true
+  bookstack:
+    name: bookstack
+
+volumes:
+  bookstack:
+    name: bookstack
+    external: true
+  bookstack_db:
+    name: bookstack_db
+    external: true

docker-compose.d/Documentation/gitea.yml

@@ -0,0 +1,25 @@
+services:
+  gitea:
+   container_name: gitea
+   image: gitea/gitea:latest
+   environment:
+     - GITEA__service__DISABLE_REGISTRATION=true
+     - USER_UID=1000
+     - USER_GID=1000
+   volumes:
+     - gitea:/data
+     - /etc/timezone:/etc/timezone:ro
+     - /etc/localtime:/etc/localtime:ro
+   restart: unless-stopped
+   networks: 
+     - caddy
+
+networks:
+  caddy:
+    name: caddy
+    external: true
+
+volumes:
+  gitea:
+    name: gitea
+    external: true

docker-compose.d/Documentation/vaultwarden.yml

@@ -0,0 +1,24 @@
+services:
+  vaultwarden:
+    image: vaultwarden/server:latest
+    container_name: vaultwarden
+    restart: unless-stopped
+    environment: 
+      DOMAIN: "https://vault.archfox.org"
+      WEBSOCKET_ENABLED: true
+      SIGNUPS_ALLOWED: false
+      ADMIN_TOKEN: ${PASS} 
+    volumes:
+      - vaultwarden:/data
+    networks: 
+      - caddy
+
+networks:
+  caddy:
+    name: caddy
+    external: true
+
+volumes:
+  vaultwarden:
+    name: vaultwarden
+    external: true

docker-compose.d/Media/arr.yml

@@ -0,0 +1,48 @@
+services:
+  prowlarr:
+    image: lscr.io/linuxserver/prowlarr:latest
+    container_name: prowlarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - prowlarr:/config
+    ports:
+      - 9696:9696
+    restart: unless-stopped
+    networks:
+      - arr
+      - qbit
+
+  sonarr:
+    image: lscr.io/linuxserver/sonarr:latest
+    container_name: sonarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - sonarr:/config
+      - /mnt/massdrive/media:/mnt/media
+    ports:
+      - 8989:8989
+    restart: unless-stopped
+    networks:
+      - arr
+      - qbit
+
+networks:
+  arr:
+    name: arr
+  qbit:
+    name: qbit
+    external: true
+
+volumes:
+  prowlarr:
+    name: prowlarr
+    external: true
+  sonarr:
+    name: sonarr
+    external: true

docker-compose.d/Media/jellyfin.yml

@@ -0,0 +1,31 @@
+services:
+  jellyfin:
+    image: lscr.io/linuxserver/jellyfin:latest
+    container_name: jellyfin
+    devices: 
+      - /dev/dri:/dev/dri
+    environment: 
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/Chicago
+    volumes:
+      - jellyfin:/config
+      - /mnt/massdrive/media:/data
+    ports:
+      - 8096:8096
+    restart: unless-stopped
+    networks:
+      - caddy
+      - shoko
+
+networks:
+  caddy:
+    name: caddy
+    external: true
+  shoko: 
+    name: shoko
+    external: true
+
+volumes:
+  jellyfin:
+    external: true

docker-compose.d/Media/shoko.yml

@@ -0,0 +1,27 @@
+services:
+  shoko:
+    shm_size: 256m
+    container_name: shoko
+    image: shokoanime/server:latest
+    restart: always
+    environment:
+      - "PUID=1000"
+      - "PGID=1000"
+      - "TZ=Etc/UTC"
+    ports:
+      - "8111:8111"
+    volumes:
+      - shoko:/home/shoko/.shoko
+      - /mnt/massdrive/media:/mnt/media
+    networks: 
+      - shoko
+
+networks:
+  shoko:
+    name: shoko
+    external: true
+
+volumes:
+  shoko:
+    name: shoko
+    external: true

docker-compose.d/Networking/caddy.yml

@@ -0,0 +1,43 @@
+services:
+  caddy:
+    image: ghcr.io/caddybuilds/caddy-cloudflare:latest
+    container_name: caddy
+    restart: unless-stopped
+    cap_add:
+      - NET_ADMIN
+    ports:
+      - 80:80
+      - 443:443
+      - 443:443/udp
+    volumes:
+      - caddy_set:/etc/caddy
+      - caddy_srv:/srv
+      - caddy_data:/data
+      - caddy_config:/config
+    environment:
+      - CLOUDFLARE_API_TOKEN=${CF_CADDY_KEY}
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+    networks:
+      - caddy
+
+networks:
+  caddy:
+    name: caddy
+    external: true
+
+volumes:
+  caddy_config:
+    name: caddy_config
+    external: true
+  caddy_data:
+    name: caddy_data
+    external: true
+  caddy_srv:
+    name: caddy_srv
+    external: true
+  caddy_set:
+    name: caddy_set
+    external: true
+  caddy_html:
+    external: true

docker-compose.d/Networking/ddns.yml

@@ -0,0 +1,14 @@
+services:
+  cloudflare-ddns:
+    container_name: ddns
+    image: favonia/cloudflare-ddns:latest
+    network_mode: host
+    restart: always
+    user: "1000:1000"
+    read_only: true
+    cap_drop: [all]
+    security_opt: [no-new-privileges:true]
+    environment:
+      - CLOUDFLARE_API_TOKEN=${CFKEY}
+      - DOMAINS=archfox.org, jelly.archfox.org, searxng.archfox.org, bookstack.archfox.org, vault.archfox.org, git.archfox.org, nextcloud.archfox.org, aria.archfox.org, wings.archfox.org, panel.archfox.org, omada.archfox.org, mc.archfox.org, ai.archfox.org, p.archfox.org, actual.archfox.org
+      - PROXIED=false

docker-compose.d/Networking/omada.yml

@@ -0,0 +1,23 @@
+
+services:
+  omada:
+    container_name: omada
+    image: mbentley/omada-controller:latest
+    restart: unless-stopped
+    ulimits:
+      nofile:
+        soft: 4096
+        hard: 8192
+    stop_grace_period: 60s
+    network_mode: host
+    environment:
+      - TZ=America/Chicago
+    volumes:
+      - omada-data:/opt/tplink/EAPController/data
+      - omada-logs:/opt/tplink/EAPController/logs
+
+volumes:
+  omada-data:
+    external: true
+  omada-logs:
+    external: true

docker-compose.d/Networking/technitium.yml

@@ -0,0 +1,17 @@
+services:
+  technitium:
+    container_name: technitium
+    image: technitium/dns-server:latest
+    network_mode: "host"
+    environment:
+      - DNS_SERVER_DOMAIN=technitium 
+      - DNS_SERVER_ADMIN_PASSWORD=${PASS}
+    volumes:
+      - technitium:/etc/dns
+    restart: unless-stopped
+
+volumes:
+  technitium:
+    name: technitium
+    external: true
+

docker-compose.d/Tools/actual.yml

@@ -0,0 +1,27 @@
+services:
+  actual_server:
+    container_name: actual
+    image: docker.io/actualbudget/actual-server:latest
+    environment:
+      - ACTUAL_UPLOAD_FILE_SYNC_SIZE_LIMIT_MB=100
+      - ACTUAL_UPLOAD_SYNC_ENCRYPTED_FILE_SYNC_SIZE_LIMIT_MB=100
+      - ACTUAL_UPLOAD_FILE_SIZE_LIMIT_MB=100
+    volumes:
+      - actual-data:/data
+    networks:
+      - caddy
+    healthcheck:
+      test: ['CMD-SHELL', 'node src/scripts/health-check.js']
+      interval: 60s
+      timeout: 10s
+      retries: 3
+      start_period: 20s
+    restart: unless-stopped
+
+volumes:
+  actual-data:
+    external: true
+
+networks:
+  caddy:
+    external: true

docker-compose.d/Tools/ariang.yml

@@ -0,0 +1,27 @@
+services:
+  ariang:
+    image: hurlenko/aria2-ariang
+    container_name: aria
+    restart: unless-stopped
+    volumes: 
+      - /mnt/nextcloud:/aria2/data
+      - ariang:/aria2/conf
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - RPC_SECRET=${PASS}
+      - BASIC_AUTH_USERNAME=poslop
+      - BASIC_AUTH_PASSWORD=${PASS}
+      - ARIA2RPCPORT=443
+    networks:
+      - caddy
+
+volumes:
+  ariang:
+    name: ariang
+    external: true
+
+networks:
+  caddy:
+    name: caddy
+    external: true

docker-compose.d/Tools/monerod.yml

@@ -0,0 +1,27 @@
+services:
+  monerod:
+    image: sethsimmons/simple-monerod:latest
+    restart: unless-stopped
+    container_name: monerod
+    volumes:
+      - bitmonero:/home/monero/.bitmonero:rw
+    ports:
+      - 18080:18080
+      - 18089:18089
+      - 18083:18083
+    command:
+      - "--add-priority-node=p2pmd.xmrvsbeast.com:18080"
+      - "--out-peers=32"
+      - "--in-peers=64"
+      - "--disable-dns-checkpoints"
+      - "--rpc-restricted-bind-ip=0.0.0.0"
+      - "--rpc-restricted-bind-port=18089"
+      - "--no-igd"
+      - "--enable-dns-blocklist"
+      - "--prune-blockchain"
+      - "--zmq-pub=tcp://0.0.0.0:18083"
+
+volumes:
+  bitmonero:
+    name: bitmonero
+    external: true

docker-compose.d/Tools/nextcloud-aio.yml

@@ -0,0 +1,21 @@
+services:
+  nextcloud:
+    container_name: nextcloud-aio-mastercontainer
+    init: true
+    restart: unless-stopped
+    image: nextcloud/all-in-one:latest
+    volumes:
+      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    ports:
+      - 8080:8080
+    environment:
+      - APACHE_PORT=11000
+      - APACHE_IP_BINDING=0.0.0.0
+      - NEXTCLOUD_MOUNT=/mnt/nextcloud/
+      - NEXTCLOUD_MEMORY_LIMIT=4096M
+
+volumes:
+  nextcloud_aio_mastercontainer:
+    name: nextcloud_aio_mastercontainer
+    external: true

docker-compose.d/Tools/open-webui.yml

@@ -0,0 +1,21 @@
+services:
+  open-webui:
+    container_name: open-webui
+    image: ghcr.io/open-webui/open-webui:main
+    restart: unless-stopped
+    environment:
+      - OLLAMA_BASE_URL=http://poslop-w:11434
+    volumes:
+      - open-webui:/app/backend/data
+    networks:
+      - caddy
+
+
+volumes:
+  open-webui:
+    external: true
+
+networks:
+  caddy:
+    name: caddy
+    external: true

docker-compose.d/Tools/p2pool.yml

@@ -0,0 +1,23 @@
+services:
+  p2pool:
+    image: sethsimmons/p2pool:latest
+    restart: unless-stopped
+    container_name: p2pool
+    tty: true
+    stdin_open: true
+    volumes: 
+      - p2pool-data:/home/p2pool
+      - /dev/hugepages:/dev/hugepages:rw
+    ports:
+      - 3333:3333
+      - 37889:37889
+    command: >-
+      --wallet "452KRkV1ekYiMh1iy6g3TWbBUGjcJLZH8NYbcd8uaso7Z65CxHsjCmshNaRikDWnRy84kkDZxSfw7DXitNQvhpPW3rmRasA"
+      --stratum "0.0.0.0:3333" --p2p "0.0.0.0:37889" --rpc-port "18089"
+      --host "monerod"
+      --loglevel 1      
+
+volumes:
+  p2pool-data:
+    name: p2pool-data
+    external: true

docker-compose.d/Tools/pastefy.yml

@@ -0,0 +1,45 @@
+services:
+  pastedb:
+   container_name: pastedb
+   image: mariadb:10.11
+   volumes:
+     - pastedb:/var/lib/mysql
+
+   environment:
+     MYSQL_ROOT_PASSWORD: pastefy
+     MYSQL_DATABASE: pastefy
+     MYSQL_USER: pastefy
+     MYSQL_PASSWORD: pastefy
+   networks:
+     - pastefy
+
+  pastefy:
+   container_name: pastefy
+   depends_on:
+     - pastedb
+   image: interaapps/pastefy:latest
+     
+   environment:
+     HTTP_SERVER_PORT: 80
+     HTTP_SERVER_CORS: "*"
+     DATABASE_DRIVER: mysql
+     DATABASE_NAME: pastefy
+     DATABASE_USER: pastefy
+     DATABASE_PASSWORD: pastefy
+     DATABASE_HOST: pastedb
+     DATABASE_PORT: 3306
+     SERVER_NAME: "https://p.archfox.org"
+   networks:
+    - caddy
+    - pastefy
+
+volumes:
+  pastedb:
+    external: true
+
+networks:
+  pastefy:
+    name: pastefy
+  caddy:
+    name: caddy
+    external: true

docker-compose.d/Tools/pterodactyl.yml.tmp

@@ -0,0 +1,130 @@
+###
+# Minimal Configuration File
+#
+# This configuration strips services to the absolute bare essentials to function.
+# Very useful for reverse proxy configurations where a user would override networking anyways.
+###
+
+services:
+  ##
+  # -- Panel Cron --
+  # These are required for schedules and other misc tasks to
+  # function correctly.
+  ##
+  tcron:
+    command: p:cron
+    container_name: tcron
+    env_file: ${TPATH}conf.d/panel.env
+    image: ccarney16/pterodactyl-panel:${PANEL_VERSION:-latest}
+    profiles: [ panel ]
+    restart: always
+    volumes:
+      - tpanel:/data
+    networks:
+      - pterodactyl
+
+  ##
+  # -- Pterodactyl Daemon --
+  # This service provides the wings runtime.
+  ##
+  twings:
+    container_name: twings
+    environment:
+      - TZ=${DAEMON_TIMEZONE:-UTC}
+    image: docker.io/ccarney16/pterodactyl-daemon:${DAEMON_VERSION:-latest}
+    privileged: true
+    profiles: [ daemon ]
+    restart: always
+    volumes:
+      - ${DAEMON_DATA_DIRECTORY:-/var/lib/pterodactyl}:${DAEMON_DATA_DIRECTORY:-/var/lib/pterodactyl}
+      - ${DOCKER_SOCKET:-/var/run/docker.sock}:/var/run/docker.sock
+      - /tmp/pterodactyl/:/tmp/pterodactyl/
+      - ${TPATH}conf.d/daemon:/etc/pterodactyl
+    working_dir: ${DAEMON_DATA_DIRECTORY:-/var/lib/pterodactyl}
+    networks:
+      - pterodactyl_nw
+      - caddy
+
+  ##
+  # -- MariaDB --
+  # Required for the control panel to work.
+  # Stores Server/User information
+  ##
+  tdb:
+    image: docker.io/library/mariadb:10.11
+    container_name: tdb
+    env_file: ${TPATH}conf.d/mariadb.env
+    networks:
+      - pterodactyl
+    profiles: [ panel ]
+    restart: always
+    volumes:
+      - tdb:/var/lib/mysql
+
+  ##
+  # -- Pterodactyl Panel --
+  # This is the container that provides the main web interface.
+  ##
+  tpanel:
+    env_file: ${TPATH}conf.d/panel.env
+    image: docker.io/ccarney16/pterodactyl-panel:${PANEL_VERSION:-latest}
+    container_name: tpanel
+    profiles: [ panel ]
+    ports:
+      - 4848:80
+    restart: always
+    volumes:
+      - tpanel:/data
+    depends_on:
+      tdb:
+        condition: service_started
+      tredis:
+        condition: service_started
+    networks:
+      - pterodactyl
+      - caddy
+
+  ##
+  # -- Redis --
+  ##
+  tredis:
+    container_name: tredis
+    cpu_count: 2
+    image: docker.io/library/redis:alpine
+    mem_limit: 128m
+    networks:
+      - pterodactyl
+    profiles: [ panel ]
+    restart: always
+
+  ##
+  # -- Panel Worker --
+  ##
+  tworker:
+    container_name: tworker
+    command: p:worker
+    env_file: ${TPATH}conf.d/panel.env
+    image: docker.io/ccarney16/pterodactyl-panel:${PANEL_VERSION:-latest}
+    profiles: [ panel ]
+    restart: always
+    volumes:
+      - tpanel:/data
+    networks:
+      - pterodactyl
+
+volumes:
+  tpanel:
+    name: tpanel
+    external: true
+  tdb:
+    name: tdb
+    external: true
+
+networks:
+  caddy:
+    external: true
+  pterodactyl:
+    external: true
+  pterodactyl_nw:
+    external: true
+

docker-compose.d/Tools/qbit.yml

@@ -0,0 +1,54 @@
+services:
+  qbittorrent:
+    image: lscr.io/linuxserver/qbittorrent:latest
+    container_name: qbittorrent
+    environment:
+      - DOCKER_MODS=ghcr.io/vuetorrent/vuetorrent-lsio-mod:latest
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+      - WEBUI_PORT=8181
+    network_mode: "service:gluetun"
+    volumes:
+      - qbittorrent:/config
+      - /mnt/nextcloud:/mnt/files
+    restart: unless-stopped
+    depends_on:
+      gluetun:
+        condition: service_healthy
+
+
+  gluetun:
+    image: qmcgaw/gluetun:v3
+    cap_add:
+      - NET_ADMIN
+    container_name: gluetun
+    environment:
+      - VPN_SERVICE_PROVIDER=mullvad        
+      - VPN_TYPE=wireguard
+      - WIREGUARD_PRIVATE_KEY=${MULLKEY}    
+      - WIREGUARD_ADDRESSES=10.75.99.140/32
+      - SERVER_COUNTRIES=USA
+      - SERVER_CITIES=Chicago IL
+      #- DNS_ADDRESS=10.64.0.1
+    volumes:
+      - gluetun:/gluetun
+    devices:
+      - /dev/net/tun:/dev/net/tun 
+    ports:
+      - 8181:8181
+      - 6881:6881
+      - 6881:6881/udp
+    restart: unless-stopped
+    networks:
+      - qbit 
+
+volumes:
+  qbittorrent:
+    external: true
+  gluetun:
+    external: true
+
+networks:
+   qbit:
+      external: true

docker-compose.d/Tools/searxng.yml

@@ -0,0 +1,21 @@
+services:
+  searxng:
+    image: searxng/searxng:latest
+    container_name: searxng
+    environment: 
+      - BASE_URL=https://searxng.archfox.org
+    volumes:
+      - searxng:/etc/searxng
+    restart: unless-stopped
+    networks: 
+      - caddy
+
+networks:
+  caddy:
+    name: caddy
+    external: true
+
+volumes:
+  searxng:
+    name: searxng
+    external: true

docker-compose.d/Tools/watchtower.yml

@@ -0,0 +1,6 @@
+services:
+  watchtower:
+    container_name: watchtower
+    image: containrrr/watchtower
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock

docker-compose.yml

@@ -1,315 +0,0 @@
-networks:
-  swag:
-    name: swag
-  qbit:
-    name: qbit
-  shoko:
-    name: shoko
-  arr:
-    name: arr
-
-volumes:
-  searxng:
-    name: searxng
-  jellyfin: 
-    name: jellyfin
-  gitea:
-    name: gitea
-  technitium:
-    name: technitium
-  sonarr:
-    name: sonarr
-  prowlarr:
-    name: prowlarr
-  nextcloud_aio_mastercontainer:
-    name: nextcloud_aio_mastercontainer
-  bitmonero:
-    name: bitmonero
-  p2pool-data:
-    name: p2pool-data
-  swag:
-    name: swag
-
-services:
-
-  technitium:
-    container_name: technitium
-    image: technitium/dns-server:latest
-    network_mode: "host"
-        # ports:
-        #   - "5380:5380/tcp" #DNS web console (HTTP)
-        #   # - "53443:53443/tcp" #DNS web console (HTTPS)
-        #   - "53:53/udp" #DNS service
-        #   - "53:53/tcp" #DNS service
-        #   # - "853:853/udp" #DNS-over-QUIC service
-        #   # - "853:853/tcp" #DNS-over-TLS service
-        #   # - "443:443/udp" #DNS-over-HTTPS service (HTTP/3)
-        #   # - "443:443/tcp" #DNS-over-HTTPS service (HTTP/1.1, HTTP/2)
-        #   # - "80:80/tcp" #DNS-over-HTTP service (use with reverse proxy or certbot certificate renewal)
-        #   # - "8053:8053/tcp" #DNS-over-HTTP service (use with reverse proxy)
-        #   # - "67:67/udp" #DHCP service      
-    environment:
-      - DNS_SERVER_DOMAIN=technitium #The primary domain name used by this DNS Server to identify itself.
-      - DNS_SERVER_ADMIN_PASSWORD=${PASS}
-    volumes:
-      - technitium:/etc/dns
-    restart: unless-stopped
-      #    sysctls:
-      #      - net.ipv4.ip_local_port_range=1024 65000
-
-  prowlarr:
-    image: lscr.io/linuxserver/prowlarr:latest
-    container_name: prowlarr
-    environment:
-      - PUID=1000
-      - PGID=1000
-      - TZ=Etc/UTC
-    volumes:
-      - prowlarr:/config
-    ports:
-      - 9696:9696
-    restart: unless-stopped
-    networks:
-      - arr
-      - qbit
-
-  sonarr:
-    image: lscr.io/linuxserver/sonarr:latest
-    container_name: sonarr
-    environment:
-      - PUID=1000
-      - PGID=1000
-      - TZ=Etc/UTC
-    volumes:
-      - sonarr:/config
-      - /mnt/massdrive/media:/mnt/media
-    ports:
-      - 8989:8989
-    restart: unless-stopped
-    networks:
-      - arr
-      - qbit
-
-  qbittorrent:
-    image: lscr.io/linuxserver/qbittorrent:latest
-    container_name: qbittorrent
-    environment:
-      - PUID=1000
-      - PGID=1000
-      - TZ=Etc/UTC
-      - WEBUI_PORT=8181
-    volumes:
-      - /mnt/docker/configs/qbittorrent/config:/config
-      - /mnt/nextcloud:/mnt/files
-    ports:
-      - 8181:8181
-      - 6881:6881
-      - 6881:6881/udp
-    restart: unless-stopped
-    networks: 
-      - qbit
-
-  shoko:
-    shm_size: 256m
-    container_name: shoko
-    image: shokoanime/server:daily
-    restart: always
-    environment:
-      - "PUID=1000"
-      - "PGID=1000"
-      - "TZ=Etc/UTC"
-    ports:
-      - "8111:8111"
-    volumes:
-      - /mnt/docker/configs/shoko:/home/shoko/.shoko
-      - /mnt/massdrive/media:/mnt/media
-    networks: 
-      - shoko
-
-
-  vaultwarden:
-    image: vaultwarden/server:latest
-    container_name: vaultwarden
-    restart: unless-stopped
-    environment: 
-      DOMAIN: "https://vault.mintyserver.net"
-      WEBSOCKET_ENABLED: true
-      SIGNUPS_ALLOWED: false
-      ADMIN_TOKEN: ${PASS} 
-    volumes:
-      - /mnt/docker/configs/vaultwarden:/data
-    networks: 
-      - swag
-    ports:
-      - 8089:80
-
-
-  monerod:
-    image: sethsimmons/simple-monerod:latest
-    restart: unless-stopped
-    container_name: monerod
-    volumes:
-      - bitmonero:/home/monero/.bitmonero:rw
-    ports:
-      - 18080:18080
-      - 18089:18089
-      - 18083:18083
-    command:
-      - "--disable-dns-checkpoints"
-      - "--rpc-restricted-bind-ip=0.0.0.0"
-      - "--rpc-restricted-bind-port=18089"
-      - "--no-igd"
-      - "--enable-dns-blocklist"
-      - "--prune-blockchain"
-      - "--zmq-pub=tcp://0.0.0.0:18083"
-
-  p2pool:
-    image: sethsimmons/p2pool:latest
-    restart: unless-stopped
-    container_name: p2pool
-    tty: true
-    stdin_open: true
-    volumes: 
-      - p2pool-data:/home/p2pool
-      - /dev/hugepages:/dev/hugepages:rw
-    ports:
-      - 3333:3333
-      - 37889:37889
-    command: >-
-      --wallet "48Whozrwq4jDA6JZ3vJw3Z22VFCCdi4MnLDH5WfHX33w8ehHZ3hRsJC6JBFmgau8BjbXzfL6Um1GdGNfzzbqueDGPhSusji"
-      --stratum "0.0.0.0:3333" --p2p "0.0.0.0:37889" --rpc-port "18089"
-      --host "monerod"
-      --loglevel 1
-
-
-  ariang:
-    image: hurlenko/aria2-ariang
-    container_name: aria
-      #ports: 
-      #- 8989:8080
-    restart: unless-stopped
-    volumes: 
-      - /mnt/nextcloud:/aria2/data
-      - /mnt/docker/configs/aria:/aria2/conf
-    environment:
-      - PUID=1000
-      - PGID=1000
-      - RPC_SECRET=${PASS}
-      - BASIC_AUTH_USERNAME=poslop
-      - BASIC_AUTH_PASSWORD=${PASS}
-      - ARIA2RPCPORT=443
-    networks:
-      - swag
-        # network_mode: none
-
-  searxng:
-    image: searxng/searxng:latest
-    container_name: searxng
-    environment: 
-      - BASE_URL=https://searxng.mintyserver.net
-    volumes:
-      - searxng:/etc/searxng
-        #    ports:
-        #      - 8998:8080
-    restart: unless-stopped
-    networks: 
-      - swag
-
-  puffer:
-    image: pufferpanel/pufferpanel:latest
-    container_name: puffer
-    restart: always
-    environment:
-      - PUFFER_DAEMON_DATA_SERVERS=/mnt/docker/configs/puffer/lib/servers
-        #ports:
-        #  - 8081:8080
-        #  - 5657:5657
-    volumes:
-      - /mnt/docker/configs/puffer/pufferpanel-config:/etc/pufferpanel
-      - /mnt/docker/configs/puffer/lib:/var/lib/pufferpanel
-      - /var/run/docker.sock:/var/run/docker.sock
-      - /mnt/docker/configs/puffer/lib/servers:/docker/store/puffer/lib/servers
-    networks: 
-      - swag
-
-  gitea:
-   image: gitea/gitea:latest
-   container_name: gitea
-   environment:
-     - USER_UID=1000
-     - USER_GID=1000
-   restart: always
-   volumes:
-     - gitea:/data
-     - /etc/timezone:/etc/timezone:ro
-     - /etc/localtime:/etc/localtime:ro
-       #ports:
-       #  - "3030:3000"
-       #  - "222:22"
-   networks: 
-     - swag
- 
-  jellyfin:
-    image: lscr.io/linuxserver/jellyfin:latest
-    container_name: jellyfin
-    devices: 
-      - /dev/dri:/dev/dri
-    environment: 
-      - PUID=1000
-      - PGID=1000
-      - TZ=America/Chicago
-    volumes:
-      - jellyfin:/config
-      - /mnt/massdrive/media:/data
-        # ports:
-        #   - 7359:7359/udp
-        #   - 1900:1900/udp
-        #   - 8096:8096
-    restart: unless-stopped
-    networks:
-      - swag
-      - shoko
-
-  swag:
-    container_name: swag
-    image: lscr.io/linuxserver/swag:latest
-    restart: unless-stopped
-    volumes:
-      - swag:/config
-    environment:
-      - PUID=1000
-      - PGID=1000
-      - TZ=America/Chicago
-      - URL=mintyserver.net
-      - VALIDATION=http 
-      - SUBDOMAINS=aria,git,nextcloud,jelly,searxng,puffer,vault
-    ports:
-      - 443:443
-      - 80:80
-    networks: 
-      - swag
-
-  nextcloud:
-    container_name: nextcloud-aio-mastercontainer
-    init: true
-    restart: unless-stopped
-    image: nextcloud/all-in-one:latest
-    volumes:
-      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-    ports:
-      # - 8666:80
-      - 8080:8080
-        # - 8443:8443
-    environment:
-      - APACHE_PORT=11000
-      - APACHE_IP_BINDING=0.0.0.0
-      - NEXTCLOUD_DATADIR=/mnt/docker/configs/ncaio
-      - NEXTCLOUD_MOUNT=/mnt/nextcloud/
-      - NEXTCLOUD_MEMORY_LIMIT=4096M
-
-  watchtower:
-    image: containrrr/watchtower
-    container_name: watchtower
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock

scripts/caddyreload

@@ -0,0 +1,2 @@
+caddy_container_id=$(docker ps | grep caddy | awk '{print $1;}')
+docker exec -w /etc/caddy $caddy_container_id caddy reload

scripts/compose

@@ -1 +1,2 @@
+# command to run compose with
 docker compose up -d --remove-orphans

scripts/permfix

@@ -1,3 +1,4 @@
 # Adds the group 1000 and then adds that group to user 33 to nextcloud container to fix permissions
 docker exec -it nextcloud-aio-nextcloud groupadd -g 1000 poslop
 docker exec -it nextcloud-aio-nextcloud usermod www-data -aG poslop
+docker exec -u 33 nextcloud-aio-nextcloud ./occ files:scan poslop

scripts/run-all.sh

@@ -0,0 +1,48 @@
+#!/bin/bash
+
+# Define the path to the .env file (root-level)
+ENV_FILE="/mnt/docker/.env"
+
+# Base directory where the service Compose files are located
+COMPOSE_DIR="/mnt/docker/docker-compose.d"
+
+# List of service directories under docker-compose.d
+services=(
+    "Documentation/bookstack.yml"
+    "Documentation/gitea.yml"
+    "Documentation/vaultwarden.yml"
+    "Media/arr.yml"
+    "Media/jellyfin.yml"
+    "Media/shoko.yml"
+    "Networking/technitium.yml"
+    "Networking/caddy.yml"
+    "Networking/omada.yml"
+    "Networking/ddns.yml"
+    "Tools/searxng.yml"
+    "Tools/monerod.yml"
+    "Tools/p2pool.yml"
+    "Tools/ariang.yml"
+    "Tools/nextcloud-aio.yml"
+    "Tools/qbit.yml"
+    "Tools/open-webui.yml"
+    "Tools/watchtower.yml"
+    "Tools/pastefy.yml"
+    "Tools/actual.yml"
+    "pterodactyl/docker-compose.yml"
+)
+
+# Start building the docker compose command with multiple -f flags
+COMPOSE_COMMAND="docker compose --env-file \"$ENV_FILE\""
+
+# Loop through each service and append the -f flag for each compose file
+for service in "${services[@]}"; do
+    COMPOSE_COMMAND+=" -f \"$COMPOSE_DIR/$service\""
+done
+
+# Add the up command to the final docker compose command
+COMPOSE_COMMAND+=" --profile panel --profile daemon up -d"
+
+# Execute the composed command
+eval $COMPOSE_COMMAND
+
+echo "All services have been started."