feat: add MongoDB service to README for documentation completeness

Only way I could mount my p100 gpu to ollama in docker container. Still had to install extra stuff on debian that was for ubuntu. Didn't feel right, did it anyways. Worked.

README.md

@@ -1,126 +1,342 @@
-# Home-Server Development
-## This is my docker home server development repo.
+# Docker-Home-Server Development
+## Docker Home Server Testing & Setup
 
-For the past 4-5 years I've been testing multiple docker containers. Here is a list of anything worth having in docker imo.. Few things may be left off or not currently maintained. I plan to add folders and update docker-compose.yml for each container later. At least for backup purposes. Some currently have private info so will need to refine those first.
+Welcome to my home server development repository! Over the past 4-5 years, I’ve tested a wide variety of Docker containers for self-hosting and automation. This repo collects the containers I’ve found most useful, though some may be missing or not actively maintained. My goal is to organize each container into its own folder with a `docker-compose.yml` for easy setup and backup. Some configurations contain private information and will be refined before public release.
 
+- [adguard](./docker-compose/adguard)  
+   *Network-wide ad blocker and privacy protection.*
+- [airdcpp](./docker-compose/airdcpp)  
+   *Advanced Direct Connect client.*
+- [amule](./docker-compose/amule)  
+   *Peer-to-peer file sharing client for the eDonkey network.*
+- [apprise](./docker-compose/apprise)  
+   *Unified notification service for multiple platforms.*
+- [aria2](./docker-compose/aria2)  
+   *Lightweight multi-protocol & multi-source command-line download utility.*
+- [audiobookshelf](./docker-compose/audiobookshelf)  
+   *Self-hosted audiobook server and web player.*
+- [authelia](./docker-compose/authelia)  
+   *Authentication and authorization server for your applications.*
+- [bazarr](./docker-compose/bazarr)  
+   *Subtitle management for Radarr and Sonarr.*
+- [beets](./docker-compose/beets)  
+   *Music library organizer and tagger.*
+- [btcpayserver](./docker-compose/btcpayserver)  
+   *Self-hosted Bitcoin payment processor.*
+- [calibre](./docker-compose/calibre)  
+   *E-book management software.*
+- [calibre-web](./docker-compose/calibre-web)  
+   *Web-based interface for Calibre e-book library.*
+- [chd-converter](./docker-compose/chd-converter)  
+   *Tool for converting PlayStation disk images to CHD format.*
+- [code-server](./docker-compose/code-server)  
+   *VS Code running on a remote server accessible through the browser.*
+- [dashy](./docker-compose/dashy)  
+   *Self-hosted dashboard app for organizing links and services.*
+- [ddclient](./docker-compose/ddclient)  
+   *Dynamic DNS update client.*
+- [deemix](./docker-compose/deemix)  
+   *Music downloader for Deezer.*
+- [deluge](./docker-compose/deluge)  
+   *Lightweight, open-source BitTorrent client.*
+- [dillinger](./docker-compose/dillinger)  
+   *Online Markdown editor.*
+- [doublecommander](./docker-compose/doublecommander)  
+   *Cross-platform file manager.*
+- [elasticsearch](./docker-compose/elasticsearch)  
+   *Distributed search and analytics engine.*
+- [filebrowser](./docker-compose/filebrowser)  
+   *Web-based file manager for your server.*
+- [filedrop](./docker-compose/filedrop)  
+   *Simple file sharing app.*
+- [filegator](./docker-compose/filegator)  
+   *Web-based file manager.*
+- [flaresolverr](./docker-compose/flaresolverr)  
+   *Proxy server to bypass Cloudflare protection.*
+- [foundryvtt](./docker-compose/foundryvtt)  
+   *Virtual Tabletop for RPGs.*
+- [freshrss](./docker-compose/freshrss)  
+   *Self-hosted RSS feed aggregator.*
+- [gamevault](./docker-compose/gamevault)  
+   *Game library manager.*
+- [gameyfin](./docker-compose/gameyfin)  
+   *Game streaming server.*
+- [ghostfolio](./docker-compose/ghostfolio)  
+   *Personal finance management.*
+- [gitea](./docker-compose/gitea)  
+   *Self-hosted Git service.*
+- [glances](./docker-compose/glances)  
+   *System monitoring tool.*
+- [gluetun](./docker-compose/gluetun)  
+   *VPN client for Docker containers.*
+- [gmod](./docker-compose/gmod)  
+   *Garry's Mod game server.*
+- [grafana](./docker-compose/grafana)  
+   *Analytics and monitoring dashboard.*
+- [grifter](./docker-compose/grifter)  
+   *Automation and scripting tool.*
+- [headphones](./docker-compose/headphones)  
+   *Music download manager for Usenet and torrents.*
+- [heimdall](./docker-compose/heimdall)  
+   *Application dashboard for your server.*
+- [homarr](./docker-compose/homarr)  
+   *Modern dashboard for managing your home server.*
+- [homeassistant](./docker-compose/homeassistant)  
+   *Open-source home automation platform.*
+- [homebridge](./docker-compose/homebridge)  
+   *HomeKit support for non-Apple devices.*
+- [immich](./docker-compose/immich)  
+   *Self-hosted photo and video backup solution.*
+- [iptv-org-epg](./docker-compose/iptv-org-epg)  
+   *EPG for IPTV.*
+- [it-tools](./docker-compose/it-tools)  
+   *Handy web-based tools for developers.*
+- [jackett](./docker-compose/jackett)  
+   *API support for torrent indexers.*
+- [jdownloader](./docker-compose/jdownloader)  
+   *Download manager for various file hosts.*
+- [jellyfin](./docker-compose/jellyfin)  
+   *Open-source media server.*
+- [joplin](./docker-compose/joplin)  
+   *Note-taking and to-do application.*
+- [jupyter](./docker-compose/jupyter)  
+   *Interactive notebooks for code and data.*
+- [karakeep](./docker-compose/karakeep)  
+   *Self-hosted note-taking app.*
+- [kometa](./docker-compose/kometa)  
+   *Media library metadata manager.*
+- [lancommander](./docker-compose/lancommander)  
+   *LAN party management tool.*
+- [lazylibrarian](./docker-compose/lazylibrarian)  
+   *Book download and management tool.*
+- [libation](./docker-compose/libation)  
+   *Audiobook downloader and manager.*
+- [lidarr](./docker-compose/lidarr)  
+   *Music collection manager for Usenet and torrents.*
+- [mailcow](./docker-compose/mailcow)  
+   *Self-hosted mail server suite.*
+- [mailserver](./docker-compose/mailserver)  
+   *General purpose mail server.*
+- [mariadb](./docker-compose/mariadb)  
+   *Open-source relational database.*
+- [mastodon](./docker-compose/mastodon)  
+   *Decentralized social network server.*
+- [mealie](./docker-compose/mealie)  
+   *Recipe management and meal planning.*
+- [mediacms](./docker-compose/mediacms)  
+   *Open-source media content management system.*
+- [minecraft-paper_itzg](./docker-compose/minecraft-paper_itzg)  
+   *Minecraft Paper server by itzg.*
+- [mixpost](./docker-compose/mixpost)  
+   *Social media scheduling platform.*
+- [mkvtoolnix](./docker-compose/mkvtoolnix)  
+   *Tools for working with Matroska media files.*
+- [mongodb](./docker-compose/mongodb)  
+   *NoSQL document database.*
+- [mosquitto-eclipse](./docker-compose/mosquitto-eclipse)  
+   *MQTT broker for IoT messaging.*
+- [musicbrainz](./docker-compose/musicbrainz)  
+   *Open music encyclopedia database.*
+- [n8n](./docker-compose/n8n)  
+   *Workflow automation tool.*
+- [navidrome](./docker-compose/navidrome)  
+   *Music streaming server.*
+- [netbootxyz](./docker-compose/netbootxyz)  
+   *Network boot server for OS installations.*
+- [nginxproxymanager](./docker-compose/nginxproxymanager)  
+   *Web proxy management with a GUI.*
+- [nicotineplus](./docker-compose/nicotineplus)  
+   *Soulseek client. Download music, tv, movies, ebooks, and more.*
+- [node-red](./docker-compose/node-red)  
+   *Flow-based programming for IoT.*
+- [nostr-relay](./docker-compose/nostr-relay)  
+   *Relay server for Nostr protocol.*
+- [notifiarr](./docker-compose/notifiarr)  
+   *Notification integration for media servers.*
+- [nzbget](./docker-compose/nzbget)  
+   *Usenet downloader.*
+- [ollama](./docker-compose/ollama)  
+   *Run large language models locally.*
+- [ombi](./docker-compose/ombi)  
+   *Media request management for Plex/Emby/Jellyfin.*
+- [omni-tools](./docker-compose/omni-tools)  
+   *Collection of useful tools.*
+- [open-assistant](./docker-compose/open-assistant)  
+   *Open-source AI assistant.*
+- [open-webui](./docker-compose/open-webui)  
+   *Web UI for LLMs.*
+- [openbooks](./docker-compose/openbooks)  
+   *Book search and download tool.*
+- [organizr](./docker-compose/organizr)  
+   *Unified web interface for your services.*
+- [paperless-ng](./docker-compose/paperless-ng)  
+   *Document management system.*
+- [phpmyadmin](./docker-compose/phpmyadmin)  
+   *Web-based MySQL/MariaDB administration.*
+- [picard](./docker-compose/picard)  
+   *Music tagger by MusicBrainz.*
+- [pidgin](./docker-compose/pidgin)  
+   *Multi-protocol chat client.*
+- [plex](./docker-compose/plex)  
+   *Media server for streaming your content.*
+- [plex-image-cleanup](./docker-compose/plex-image-cleanup)  
+   *Tool to clean up Plex image cache.*
+- [pms-docker](./docker-compose/pms-docker)  
+   *Plex Media Server Docker image.*
+- [podgrab](./docker-compose/podgrab)  
+   *Podcast downloader and manager.*
+- [portainer-be](./docker-compose/portainer-be)  
+   *Portainer backend service.*
+- [portainer-ce](./docker-compose/portainer-ce)  
+   *Portainer Community Edition.*
+- [postgres](./docker-compose/postgres)  
+   *PostgreSQL database.*
+- [postiz](./docker-compose/postiz)  
+   *Post management tool.*
+- [prometheus](./docker-compose/prometheus)  
+   *Monitoring and alerting toolkit.*
+- [prowlarr](./docker-compose/prowlarr)  
+   *Indexer manager for Usenet and torrents.*
+- [qbittorrent](./docker-compose/qbittorrent)  
+   *Open-source BitTorrent client.*
+- [radarr](./docker-compose/radarr)  
+   *Movie collection manager for Usenet and torrents.*
+- [rainloop](./docker-compose/rainloop)  
+   *Webmail client.*
+- [readarr](./docker-compose/readarr)  
+   *Book collection manager for Usenet and torrents.*
+- [readarr-audio](./docker-compose/readarr-audio)  
+   *Audio book collection manager.*
+- [recyclarr](./docker-compose/recyclarr)  
+   *Syncs trash/recycle settings for media managers.*
+- [romm](./docker-compose/romm)  
+   *Retro game manager.*
+- [romvault](./docker-compose/romvault)  
+   *ROM management and auditing tool.*
+- [sabnzbd](./docker-compose/sabnzbd)  
+   *Usenet binary downloader.*
+- [searxng](./docker-compose/searxng)  
+   *Privacy-respecting metasearch engine.*
+- [shoutrrr](./docker-compose/shoutrrr)  
+   *Notification library for various services.*
+- [sociaboard](./docker-compose/sociaboard)  
+   *Social media management platform.*
+- [sonarr](./docker-compose/sonarr)  
+   *TV series collection manager for Usenet and torrents.*
+- [soulseek](./docker-compose/soulseek)  
+   *Peer-to-peer music sharing client.*
+- [spotify-playlist-generator](./docker-compose/spotify-playlist-generator)  
+   *Tool to generate Spotify playlists.*
+- [spotisub](./docker-compose/spotisub)  
+   *Spotify playlist subscription manager.*
+- [sptnr](./docker-compose/sptnr)  
+   *Spotify playlist and library manager.*
+- [swag-letsencrypt](./docker-compose/swag-letsencrypt)  
+   *Secure Web Application Gateway with Let's Encrypt.*
+- [swag-letsencrypt_duckdns](./docker-compose/swag-letsencrypt_duckdns)  
+   *SWAG with DuckDNS integration.*
+- [tautulli](./docker-compose/tautulli)  
+   *Plex usage monitoring and analytics.*
+- [tdarr](./docker-compose/tdarr)  
+   *Distributed media transcoding system.*
+- [tellytv](./docker-compose/tellytv)  
+   *IPTV proxy for Plex.*
+- [traefik](./docker-compose/traefik)  
+   *Modern reverse proxy and load balancer.*
+- [trilium](./docker-compose/trilium)  
+   *Hierarchical note-taking application.*
+- [tubearchivist](./docker-compose/tubearchivist)  
+   *YouTube archiving and management tool.*
+- [tvheadend](./docker-compose/tvheadend)  
+   *TV streaming server for DVB, ATSC, IPTV.*
+- [unpackerr](./docker-compose/unpackerr)  
+   *Automated extraction of archives for media managers.*
+- [vocechat](./docker-compose/vocechat)  
+   *Self-hosted chat platform.*
+- [vscodium](./docker-compose/vscodium)  
+   *Open-source build of VS Code.*
+- [watchtower](./docker-compose/watchtower)  
+   *Automatic update for Docker containers.*
+- [webgrabplus](./docker-compose/webgrabplus)  
+   *EPG (Electronic Program Guide) grabber.*
+- [wg-easy](./docker-compose/wg-easy)  
+   *Simple WireGuard VPN management.*
+- [whisper-webui](./docker-compose/whisper-webui)  
+   *Web UI for OpenAI Whisper speech-to-text.*
+- [wireguard](./docker-compose/wireguard)  
+   *Fast, modern VPN tunnel.*
+- [wireshark](./docker-compose/wireshark)  
+   *Network protocol analyzer.*
+- [xbackbone](./docker-compose/xbackbone)  
+   *File sharing and image hosting platform.*
+- [xteve](./docker-compose/xteve)  
+   *IPTV proxy for Plex and Emby.*
+- [youtube-dl-material](./docker-compose/youtube-dl-material)  
+   *Web UI for youtube-dl downloads.*
+- [youtube-dl-server](./docker-compose/youtube-dl-server)  
+   *REST API for youtube-dl.*
 
-Docker containers in my testing library:
-- adguard
-- amule
-- apprise
-- audiobookshelf
-- authelia
-- bazarr
-- beets
-- calibre
-- calibre-web
-- chd-converter
-- code-server
-- ddclient
-- deemix
-- deluge
-- dillinger
-- doublecommander
-- elasticsearch
-- filebrowser
-- flaresolverr
-- gamevault
-- gameyfin
-- gitea
-- glances
-- gluetun
-- gmod
-- grafana
-- grifter
-- headphones
-- heimdall
-- homarr
-- homeassistant
-- homebridge
-- immich
-- jackett
-- jdownloader
-- jellyfin
-- joplin
-- jupyter
-- kometa
-- lazylibrarian
-- libation
-- lidarr
-- mailcow
-- mailserver
-- mariadb
-- mastadon
-- mastodon
-- mealie
-- mediacms
-- minecraft-paper_itzg
-- mkvtoolnix
-- mongodb
-- mosquitto-eclipse
-- musicbrainz
-- n8n
-- navidrome
-- netbootxyz
-- nginxproxymanager
-- node-red
-- nostr-relay
-- notifiarr
-- nzbget
-- ombi
-- open-assistant
-- openbooks
-- organizr
-- paperless-ng
-- phpmyadmin
-- picard
-- pidgin
-- plex
-- plex-image-cleanup
-- pms-docker
-- podgrab
-- portainer
-- portainer-be
-- portainer-ce
-- postgres_data
-- prometheus
-- prowlarr
-- qbittorrent
-- radarr
-- rainloop
-- readarr
-- recyclarr
-- requestrr
-- romm
-- romvault
-- sabnzbd
-- shoutrrr
-- sonarr
-- soulseek
-- spotify-playlist-generator
-- spotisub
-- sptnr
-- swag-letsencrypt
-- swag-letsencrypt_duckdns
-- tautulli
-- tdarr
-- tellytv
-- traefik
-- trilium
-- tubearchivist
-- tvheadend
-- unpackerr
-- vscodium
-- watchtower
-- web-dev-compose.yml
-- webgrabplus
-- wg-easy
-- whisper-webui
-- wireguard
-- wireshark
-- xbackbone
-- xteve
-- youtube-dl-material
-- youtube-dl-server
+## How To Use This Repo
 
-Most of these I have used, give or take a few. Around 70 or so active currently. Will format those later
+### Prerequisites
+- [Docker](https://docs.docker.com/get-docker/) installed on your server or local machine.
+- [Docker Compose](https://docs.docker.com/compose/install/) (if using `docker-compose.yml` files).
+- [Portainer](https://www.portainer.io/) (optional, for managing containers via a web UI).
+
+### Getting Started
+
+1. **Clone the Repository**
+   ```sh
+   git clone https://github.com/yourusername/home-server.git
+   cd home-server
+   ```
+
+2. **Choose a Container**
+   - Browse the folders listed above.
+   - Each folder typically contains a `docker-compose.yml` or instructions for setup.
+
+3. **Configure Environment Variables**
+   - Some containers require environment variables or custom configuration files.
+   - Review the comments in each `docker-compose.yml` or `.env` file within the container's folder for setup details.
+   - Comments are marked with `#` for easy reference.
+
+4. **Start a Container**
+   ```sh
+   cd <container-folder>
+   docker-compose up -d
+   ```
+   - Or use Portainer to deploy and manage containers/stacks through its web interface.
+
+5. **Access the Service**
+   - Most services will be available at `http://localhost:<port>` or via your server’s IP.
+
+### Updating Containers
+
+- To update a running container:
+  ```sh
+  docker-compose pull
+  docker-compose up -d
+  ```
+- Or use Portainer's update features. Portainer > Stack > Editor > Update The Stack > Tick (Re-pull image and redeploy)
+- Or enable automatic updates with Watchtower.  
+  Deploy Watchtower to monitor and update your containers automatically:
+  ```sh
+  docker run -d --name watchtower -v /var/run/docker.sock:/var/run/docker.sock containrrr/watchtower
+  ```
+
+### Stopping Containers
+
+- To stop a container:
+  ```sh
+  docker-compose down
+  ```
+- Or stop containers from the Portainer dashboard.
+
+### Backup & Restore
+
+- Backup your configuration files and persistent data folders regularly.
+- Restore by copying your backups back into the appropriate folders before starting the containers.
+
+---
+
+For container-specific instructions, see the comments within each file.

docker-compose/adguard/docker-compose.yml

@@ -0,0 +1,74 @@
+# Version isn't needed for docker CLI since 2020
+# All 2.x and 3.x features are supported
+# V1 EOL June 2023
+---
+#version: "2.1" #needed if you want ipv6 supposedly
+services:
+  adguardhome:
+    image: adguard/adguardhome
+    container_name: adguardhome
+    environment:
+      - PUID=1000
+      - PGID=1006
+    volumes:
+      #Old Locations
+      #- /docker-containers/adguard/conf:/opt/adguardhome/conf
+      #- /docker-containers/adguard/work:/opt/adguardhome/work
+      #- /docker-containers/swag-letsencrypt/keys/letsencrypt/fullchain.pem:/opt/adguardhome/certs/fullchain.pem:r
+      #- /docker-containers/swag-letsencrypt/keys/letsencrypt/privkey.pem:/opt/adguardhome/certs/privkey.pem:r
+      - /docker-containers/adguard/conf:/opt/adguardhome/conf
+      - /docker-containers/adguard/work:/opt/adguardhome/work
+      #- /docker-containers/swag-letsencrypt/keys/letsencrypt/fullchain.pem:/opt/adguardhome/certs/fullchain.pem:r # sometimes perm for file is root
+      - /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/fullchain.pem:/opt/adguardhome/certs/fullchain.pem:r
+      #- /docker-containers/swag-letsencrypt/keys/letsencrypt/privkey.pem:/opt/adguardhome/certs/privkey.pem:r
+      - /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/privkey.pem:/opt/adguardhome/certs/privkey.pem:r
+    ports:
+        # DNS
+        - 53:53
+        # # DHCP server
+        #- 67:67/udp
+        #- 68:68/tcp
+        #- 68:68/udp
+        - 8599:80/tcp  # Dns over https through http
+       # # HTTPS/DNS-over-HTTPS
+        - 444:443/tcp
+       # # DNS-over-TLS
+        - 853:853/tcp
+       # # DNS-over-QUIC
+        - 784:784/udp
+       # # DNSCrypt
+        - 5443:5443/tcp
+        - 5443:5443/udp
+       # # WebUI
+        - 3000:3000/tcp
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      mcprodnet:
+        ipv4_address: 192.168.1.169
+        #ipv6_address: 2605:a601:a627:100:2::1 # ip changed
+#        ipv6_address: 2605:a601:9132:d100:2::1 # newer, private setup within your network is better though fe:etc
+#        ipv6_address: 2001:3200:3200::20  # disabled because google fiber is shit and always changing and no way to update here
+      homelab:
+        aliases:
+          - adguard # adding multiple aliases under certain network
+          - adg
+networks:    # specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true # This option causes compose to join the above network instead of making a _default one
+  mcprodnet:
+    #enable_ipv6: true
+    name: mcprodnet      # We will name the network instead of letting docker do something random
+    # external: true      # This option causes compose to join the above network instead of making a _default one
+    driver: macvlan      # Making the above network macvlan
+    driver_opts:         # driver options to use
+      parent: eno1     # usually eth0 or eth1 but not always, used enp3s0 and enp4s0, had to delete /var/lib/docker/network/files/local-kv.db because phantom network
+    ipam:
+      config:
+        - subnet: "192.168.1.0/24"    #Basically copy router range
+          gateway: "192.168.1.1"      #host will eventually route to router, or just go direct
+#        - subnet: "2605:a601:9132:d100:2::/80" # dual subnet ipv6, has to match router subnet unfortunately for external connections like samsung tv
+#          gateway: "2605:a601:9132:d100:2:ffff:ffff:ffff"      #this needs to be router(ish)

docker-compose/airdcpp/docker-compose.yml

@@ -0,0 +1,38 @@
+services:
+  airdcpp:
+    image: gangefors/airdcpp-webclient
+    container_name: airdcpp
+    environment:
+      - PUID=1000
+      - PGID=1006
+    volumes:
+      - /docker-containers/airdcpp/config:/.airdcpp
+      - "/unsorted/airdcpp:/Downloads" #Shared Downloads folder
+      - "/Books:/Share/Books" #Shared Books folder
+      - "/games:/Share/Games" #Shared Games folder
+      - "/Music:/Share/Music" #Shared Music Folder
+      - "/Movies:/Share/Movies" #Shared Movies folder
+      - "/srv/samba/programs/Movies:/Share/Programs" #Shared Movies folder
+      - "/TvShows:/Share/TvShows" #Shared TvShows folder
+      - "/Videos:/Share/Videos" #Shared Videos folder
+      
+    ports:
+        #- 80:5600
+        - 5602:5600
+        #- 443:5601
+        - 5603:5601
+        - 21248:21248
+        - 21248:21248/udp
+        - 21249:21249
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      homelab:
+        aliases:
+          - dcpp # adding multiple aliases under certain network
+networks:    # specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true # This option causes compose to join the above network instead of making a _default one

docker-compose/amule/docker-compose.yml

@@ -0,0 +1,44 @@
+---
+services:
+  amule:
+    image: ngosang/amule
+    container_name: amule
+    restart: unless-stopped
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+      - GUI_PWD=ChangeMe123
+      - WEBUI_PWD=ChangeMe123
+      - MOD_AUTO_RESTART_ENABLED=true
+      - MOD_AUTO_RESTART_CRON=0 6 * * *
+      - MOD_AUTO_SHARE_ENABLED=true
+      - MOD_AUTO_SHARE_DIRECTORIES=/incoming;/shared/books;/shared/music
+      - MOD_FIX_KAD_GRAPH_ENABLED=true
+      - MOD_FIX_KAD_BOOTSTRAP_ENABLED=true
+    ports:
+      - "4711:4711" # web ui
+      - "4712:4712" # remote gui, webserver, cmd ...
+      - "4662:4662" # ed2k tcp
+      - "4665:4665/udp" # ed2k global search udp (tcp port +3)
+      - "4672:4672/udp" # ed2k udp
+    volumes:
+      - /docker-containers/amule/config:/home/amule/.aMule
+      - /unsorted/amule/downloaded:/incoming
+      - /unsorted/amule/temp:/temp
+      - /Books:/shared/books #Shared Books folder
+      - /Music:/shared/music #Shared Music folder
+      # - "/games:/Share/Games" #Shared Games folder
+      # - "/Movies:/Share/Movies" #Shared Movies folder
+      # - "/srv/samba/programs/Movies:/Share/Programs" #Shared Movies folder
+      # - "/TvShows:/Share/TvShows" #Shared TvShows folder
+      # - "/Videos:/Share/Videos" #Shared Videos folder
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true # This option causes compose to join the above network instead of making a _default one

docker-compose/apprise/docker-compose.yml

@@ -0,0 +1,24 @@
+---
+services:
+  apprise:
+    image: lscr.io/linuxserver/apprise-api:latest
+    container_name: apprise
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+      - APPRISE_ATTACH_SIZE=0 #optional
+    volumes:
+      - /docker-containers/apprise/config:/config
+      - /docker-containers/apprise/attachments:/attachments #optional
+    ports:
+      - 8004:8000
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/aria2/docker-compose.yml

@@ -0,0 +1,36 @@
+---
+services:
+  webui-aria2:
+    image: ndthuan/aria2-alpine
+    container_name: webui-aria2
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+    volumes:
+      - /docker-containers/freshrss/config:/config
+      - /unsorted/aria2:/downloads
+      - /docker-containers/aria2:/home/aria/.aria2
+    ports:
+      - 6800:6800
+      - 9100:8080
+    restart: unless-stopped
+    stdin_open: true
+    tty: true
+    networks:
+      - homelab
+
+  httpd:
+    image: busybox
+    volumes:
+        - ./:/usr/html
+    ports:
+        - "80:80"
+    command: /bin/busybox httpd -f -p 80 -h /usr/html
+    networks:
+      - homelab
+
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/audiobookshelf/docker-compose.yml

@@ -0,0 +1,27 @@
+version: "3.7"
+services:
+  audiobookshelf:
+    container_name: audiobookshelf
+    image: ghcr.io/advplyr/audiobookshelf:latest #2.3.3
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+    ports:
+      - 13378:80
+    volumes:
+      - /Books/audio_books:/audiobooks
+      - /Books/calibre:/calibre
+      - /Books/Educational:/books-educational
+      - /Music/Podcasts:/podcasts
+      - /docker-containers/audiobookshelf:/config
+      - /docker-containers/audiobookshelf/metadata:/metadata
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/authelia/docker-compose.yml

@@ -0,0 +1,25 @@
+---
+version: "3.8"
+services:
+  authelia:
+    container_name: authelia
+    image: docker.io/authelia/authelia:latest
+    restart: unless-stopped
+    networks:
+      homelab:
+        aliases: [auth]
+    expose:
+      - 9091
+    environment:
+      TZ: 'America/New_York'
+      AUTHELIA_JWT_SECRET_FILE: /secrets/JWT_SECRET
+      AUTHELIA_SESSION_SECRET_FILE: /secrets/SESSION_SECRET
+      AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: /secrets/STORAGE_PASSWORD
+      AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: /secrets/STORAGE_ENCRYPTION_KEY
+    volumes:
+      - /docker-containers/authelia/config:/config
+      - /docker-containers/authelia/secrets:/secrets
+networks:
+  homelab:
+    external: true
+    name: homelab

docker-compose/bazarr/docker-compose.yml

@@ -0,0 +1,25 @@
+# version: "2.1" # Kind of old school and not needed with portainer
+services:
+# Subtitle software tv/movies
+  bazarr:
+    image: lscr.io/linuxserver/bazarr:latest
+    container_name: bazarr
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+    volumes:
+      - /docker-containers/bazarr:/config
+      - /Movies/Main-Library:/movies #optional
+      - /TvShows:/tv #optional
+    ports:
+      - 6767:6767
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/beets/docker-compose.yml

@@ -0,0 +1,33 @@
+# Beets software for music library management.
+# Metadata, Lyrics, CoverArt, and loads more able to do
+
+---
+version: "2.1"
+services:
+  beets:
+    image: lscr.io/linuxserver/beets:nightly  # think latest is 1.6.0 and nightly is newer?
+    container_name: beets
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+    volumes:
+      - /docker-containers/beets:/config
+      - /Music/beetsplaylist:/bpg
+      - /Music/Testing:/music
+      # - /unsorted/beets:/music
+      - /unsorted/beets:/downloads
+    # seems like the easiest way to fix problems just install on each first run.. this fixed discogs but not wlg
+    # seems to be crashing about it tho
+    command: "/config/docker-compose-post-commands.sh"
+    ports:
+      - 8337:8337
+    # restart: unless-stopped # disabled to see if something shows
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/btcpayserver/docker-compose.yml

@@ -0,0 +1,326 @@
+version: "3"
+
+# Run `docker-compose up dev` for bootstrapping your development environment
+# Doing so will expose NBXplorer, Bitcoind RPC and postgres port to the host so that tests can Run,
+# The Visual Studio launch setting `Docker-regtest` is configured to use this environment.
+services:
+
+  tests:
+    build:
+      context: ..
+      dockerfile: BTCPayServer.Tests/Dockerfile
+      args:
+        CONFIGURATION_NAME: Release
+    environment:
+      TESTS_BTCRPCCONNECTION: server=http://bitcoind:43782;ceiwHEbqWI83:DwubwWsoo3
+      TESTS_BTCNBXPLORERURL: http://nbxplorer:32838/
+      TESTS_POSTGRES: User ID=postgres;Include Error Detail=true;Host=postgres;Port=5432;Database=btcpayserver
+      TESTS_EXPLORER_POSTGRES: User ID=postgres;Include Error Detail=true;Host=postgres;Port=5432;Database=nbxplorer
+      TESTS_HOSTNAME: tests
+      TESTS_RUN_EXTERNAL_INTEGRATION: ${TESTS_RUN_EXTERNAL_INTEGRATION:-"false"}
+      TESTS_AzureBlobStorageConnectionString: ${TESTS_AzureBlobStorageConnectionString:-none}
+      TEST_MERCHANTLIGHTNINGD: "type=clightning;server=unix://etc/merchant_lightningd_datadir/lightning-rpc"
+      TEST_CUSTOMERLIGHTNINGD: "type=clightning;server=unix://etc/customer_lightningd_datadir/lightning-rpc"
+      TEST_MERCHANTLND: "http://merchant_lnd:8080/"
+      TESTS_INCONTAINER: "true"
+      TESTS_SSHCONNECTION: "root@sshd:22"
+      TESTS_SSHPASSWORD: ""
+      TESTS_SSHKEYFILE: ""
+      TESTS_SOCKSENDPOINT: "tor:9050"
+    expose:
+      - "80"
+    depends_on:
+      - dev
+      - selenium
+    extra_hosts:
+      - "tests:127.0.0.1"
+    networks:
+      default:
+      custom:
+        ipv4_address: 172.23.0.18
+    volumes:
+      - "sshd_datadir:/root/.ssh"
+      - "customer_lightningd_datadir:/etc/customer_lightningd_datadir"
+      - "merchant_lightningd_datadir:/etc/merchant_lightningd_datadir"
+
+  # The dev container is not actually used, it is just handy to run `docker-compose up dev` to start all services
+  dev:
+    image: alpine:3.7
+    command: [ "/bin/sh", "-c", "trap : TERM INT; while :; do echo Ready to code and debug like a rockstar!!!; sleep 2073600; done & wait" ]
+    depends_on:
+      - nbxplorer
+      - postgres
+      - customer_lightningd
+      - merchant_lightningd
+      - customer_lnd
+      - merchant_lnd
+      - sshd
+      - tor
+
+  sshd:
+    build:
+        context: .
+        dockerfile: sshd.Dockerfile
+    ports:
+        - "21622:22"
+    expose:
+        - 22
+    volumes:
+        - "sshd_datadir:/root/.ssh"
+
+  devlnd:
+    image: btcpayserver/bitcoin:28.1
+    environment:
+      BITCOIN_NETWORK: regtest
+      BITCOIN_WALLETDIR: "/data/wallets"
+      BITCOIN_EXTRA_ARGS: |
+        deprecatedrpc=signrawtransaction
+        connect=bitcoind:39388
+        fallbackfee=0.0002
+        rpcallowip=0.0.0.0/0
+    depends_on:
+      - nbxplorer
+      - postgres
+      - customer_lnd
+      - merchant_lnd
+
+  selenium:
+    image: selenium/standalone-chrome:125.0
+    extra_hosts:
+      - "tests:172.23.0.18"
+    expose:
+      - "4444"
+    networks:
+      default:
+      custom:
+
+  nbxplorer:
+    image: nicolasdorier/nbxplorer:2.5.22
+    restart: unless-stopped
+    ports:
+      - "32838:32838"
+    expose:
+      - "32838"
+    environment:
+      NBXPLORER_NETWORK: regtest
+      NBXPLORER_CHAINS: "btc"
+      NBXPLORER_BTCRPCURL: http://bitcoind:43782/
+      NBXPLORER_BTCNODEENDPOINT: bitcoind:39388
+      NBXPLORER_BTCRPCUSER: ceiwHEbqWI83
+      NBXPLORER_BTCRPCPASSWORD: DwubwWsoo3
+      NBXPLORER_BIND: 0.0.0.0:32838
+      NBXPLORER_MINGAPSIZE: 5
+      NBXPLORER_MAXGAPSIZE: 10
+      NBXPLORER_VERBOSE: 1
+      NBXPLORER_POSTGRES: User ID=postgres;Include Error Detail=true;Host=postgres;Port=5432;Database=nbxplorer
+      NBXPLORER_EXPOSERPC: 1
+      NBXPLORER_NOAUTH: 1
+    depends_on:
+      - bitcoind
+
+  bitcoind:
+    restart: unless-stopped
+    image: btcpayserver/bitcoin:28.1
+    environment:
+      BITCOIN_NETWORK: regtest
+      BITCOIN_WALLETDIR: "/data/wallets"
+      BITCOIN_EXTRA_ARGS: |-
+        rpcuser=ceiwHEbqWI83
+        rpcpassword=DwubwWsoo3
+        rpcport=43782
+        rpcbind=0.0.0.0:43782
+        rpcallowip=0.0.0.0/0
+        port=39388
+        whitelist=0.0.0.0/0
+        zmqpubrawblock=tcp://0.0.0.0:28332
+        zmqpubrawtx=tcp://0.0.0.0:28333
+        deprecatedrpc=signrawtransaction
+        fallbackfee=0.0002
+    ports:
+      - "43782:43782"
+      - "39388:39388"
+    expose:
+      - "43782" # RPC
+      - "39388" # P2P
+      - "28332" # ZMQ
+      - "28333" # ZMQ
+    volumes:
+      - "bitcoin_datadir:/data"
+
+  customer_lightningd:
+    image: btcpayserver/lightning:v24.08.2
+    stop_signal: SIGKILL
+    restart: unless-stopped
+    environment:
+      EXPOSE_TCP: "true"
+      LIGHTNINGD_CHAIN: "btc"
+      LIGHTNINGD_NETWORK: "regtest"
+      LIGHTNINGD_OPT: |
+        developer
+        bitcoin-datadir=/etc/bitcoin
+        bitcoin-rpcconnect=bitcoind
+        announce-addr=customer_lightningd:9735
+        log-level=debug
+        funding-confirms=1
+        dev-fast-gossip
+        dev-bitcoind-poll=1
+    ports:
+      - "30992:9835" # api port
+      - "30892:9735" # server port
+    expose:
+      - "9735" # server port
+      - "9835" # api port
+    volumes:
+      - "bitcoin_datadir:/etc/bitcoin"
+      - "customer_lightningd_datadir:/root/.lightning"
+    depends_on:
+      - bitcoind
+
+  merchant_lightningd:
+    image: btcpayserver/lightning:v24.08.2
+    stop_signal: SIGKILL
+    restart: unless-stopped
+    environment:
+      EXPOSE_TCP: "true"
+      LIGHTNINGD_CHAIN: "btc"
+      LIGHTNINGD_NETWORK: "regtest"
+      LIGHTNINGD_OPT: |
+        developer
+        bitcoin-datadir=/etc/bitcoin
+        bitcoin-rpcconnect=bitcoind
+        announce-addr=merchant_lightningd:9735
+        funding-confirms=1
+        log-level=debug
+        dev-fast-gossip
+        dev-bitcoind-poll=1
+    ports:
+      - "30993:9835" # api port
+      - "30893:9735" # server port
+    expose:
+      - "9735" # server port
+      - "9835" # api port
+    volumes:
+      - "bitcoin_datadir:/etc/bitcoin"
+      - "merchant_lightningd_datadir:/root/.lightning"
+    depends_on:
+      - bitcoind
+
+  postgres:
+    image:  postgres:13.13
+    environment:
+        POSTGRES_HOST_AUTH_METHOD: trust
+    ports:
+      - "39372:5432"
+    expose:
+      - "5432"
+
+  merchant_lnd:
+    image: btcpayserver/lnd:v0.18.5-beta
+    restart: unless-stopped
+    environment:
+      LND_CHAIN: "btc"
+      LND_ENVIRONMENT: "regtest"
+      LND_EXPLORERURL: "http://nbxplorer:32838/"
+      LND_REST_LISTEN_HOST: http://merchant_lnd:8080
+      LND_EXTRA_ARGS: |
+        restlisten=merchant_lnd:8080
+        rpclisten=127.0.0.1:10008
+        rpclisten=merchant_lnd:10009
+        bitcoin.node=bitcoind
+        bitcoind.rpchost=bitcoind:43782
+        bitcoind.rpcuser=ceiwHEbqWI83
+        bitcoind.rpcpass=DwubwWsoo3
+        bitcoind.zmqpubrawblock=tcp://bitcoind:28332
+        bitcoind.zmqpubrawtx=tcp://bitcoind:28333
+        externalip=merchant_lnd:9735
+        bitcoin.defaultchanconfs=1
+        no-macaroons=1
+        debuglevel=debug
+        trickledelay=1000
+        no-rest-tls=1
+    ports:
+      - "35531:8080"
+      - "53280:10009"
+      - "30894:9735"
+    expose:
+      - "8080"
+      - "9735"
+      - "10009"
+    volumes:
+      - "merchant_lnd_datadir:/data"
+      - "bitcoin_datadir:/deps/.bitcoin"
+    depends_on:
+      - bitcoind
+
+  customer_lnd:
+    image: btcpayserver/lnd:v0.18.5-beta
+    restart: unless-stopped
+    environment:
+      LND_CHAIN: "btc"
+      LND_ENVIRONMENT: "regtest"
+      LND_EXPLORERURL: "http://nbxplorer:32838/"
+      LND_REST_LISTEN_HOST: http://customer_lnd:8080
+      LND_EXTRA_ARGS: |
+        restlisten=customer_lnd:8080
+        rpclisten=127.0.0.1:10008
+        rpclisten=customer_lnd:10009
+        bitcoin.node=bitcoind
+        bitcoind.rpchost=bitcoind:43782
+        bitcoind.rpcuser=ceiwHEbqWI83
+        bitcoind.rpcpass=DwubwWsoo3
+        bitcoind.zmqpubrawblock=tcp://bitcoind:28332
+        bitcoind.zmqpubrawtx=tcp://bitcoind:28333
+        externalip=customer_lnd:9735
+        bitcoin.defaultchanconfs=1
+        no-macaroons=1
+        debuglevel=debug
+        trickledelay=1000
+        no-rest-tls=1
+    ports:
+      - "35532:8080"
+      - "30895:9735"
+    expose:
+      - "8080"
+      - "9735"
+      - "10009"
+    volumes:
+      - "customer_lnd_datadir:/root/.lnd"
+      - "bitcoin_datadir:/deps/.bitcoin"
+    depends_on:
+      - bitcoind
+
+  tor:
+    restart: unless-stopped
+    image: btcpayserver/tor:0.4.6.5
+    container_name: tor
+    environment:
+        TOR_PASSWORD: btcpayserver
+    ports:
+        - "9050:9050" # SOCKS
+        - "9051:9051" # Tor Control
+    volumes:
+        - "tor_datadir:/home/tor/.tor"
+        - "torrcdir:/usr/local/etc/tor"
+        - "tor_servicesdir:/var/lib/tor/hidden_services"
+
+volumes:
+    sshd_datadir:
+    bitcoin_datadir:
+    elementsd_liquid_datadir:
+    customer_lightningd_datadir:
+    merchant_lightningd_datadir:
+    lightning_charge_datadir:
+    customer_lnd_datadir:
+    merchant_lnd_datadir:
+    tor_datadir:
+    torrcdir:
+    tor_servicesdir:
+
+networks:
+  default:
+    driver: bridge
+  custom:
+    driver: bridge
+    ipam:
+      config:
+        - subnet: 172.23.0.0/16

docker-compose/calibre-web/docker-compose.yml

@@ -0,0 +1,18 @@
+---
+version: "2.1"
+services:
+  calibre-web:
+    image: lscr.io/linuxserver/calibre-web:latest
+    container_name: calibre-web
+    environment:
+      - PUID=1000
+      - PGID=1003
+      - TZ=America/New_York
+      - DOCKER_MODS=linuxserver/mods:universal-calibre #optional
+      - OAUTHLIB_RELAX_TOKEN_SCOPE=1 #optional
+    volumes:
+      - /docker-containers/calibre-web:/config
+      - /Books/calibre:/books
+    ports:
+      - 8083:8083
+    restart: unless-stopped

docker-compose/calibre/docker-compose.yml

@@ -0,0 +1,31 @@
+version: "2.1"
+services:
+
+  calibre:
+    image: lscr.io/linuxserver/calibre:latest
+    container_name: calibre
+    security_opt:
+      - seccomp:unconfined #optional
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+      #- PASSWORD= #optional
+      #- CLI_ARGS= #optional
+    volumes:
+      - /docker-containers/calibre:/config
+      - /Books:/books
+      - /unsorted:/downloads
+      - /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/fullchain.pem:/config/ssl/certs/fullchain.pem:r
+      - /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/privkey.pem:/config/ssl/certs/privkey.pem:r
+    ports:
+      - 8082:8080
+      - 8083:8083
+    restart: unless-stopped
+    networks:
+      homelab:
+        aliases:
+          - calibre-web  # how to add multiple aliases
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:            # Sub-section, any network name or 'default' to edit default one created
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/chd-converter/docker-compose.yml

@@ -0,0 +1,16 @@
+---
+version: "2.1"
+services:
+  chd-converter:
+    image: marctv/chd-converter
+    container_name: chd-converter
+    volumes:
+      - /unsorted/jdownloader/chd-convert:/tmp/images/:rw
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/code-server/docker-compose.yml

@@ -0,0 +1,32 @@
+---
+version: "2.1"
+services:
+  code-server:
+    image: lscr.io/linuxserver/code-server:latest
+    container_name: code-server
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=Etc/UTC
+      # - PASSWORD=ChangeMe123 #optional
+      # - HASHED_PASSWORD= #optional
+      # - SUDO_PASSWORD=ChangeMe123!@ #optional
+      # - SUDO_PASSWORD_HASH= #optional
+      - PROXY_DOMAIN=code-server.example.com #optional
+      - DEFAULT_WORKSPACE=/config/workspace #optional
+    volumes:
+      - /docker-containers/code-server/config:/config
+      - /Documents/prodigy:/media/prodigy
+    ports:
+      - 8443:8443
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+
+  homelab:
+#    name: homelab      # Networks can also be given a custom name, not needed if existing
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/dashy/docker-compose.yml

@@ -0,0 +1,43 @@
+---
+# Welcome to Dashy! To get started, run `docker compose up -d`
+# You can configure your container here, by modifying this file
+version: "3.8"
+services:
+  dashy:
+    container_name: Dashy
+
+    # Pull latest image from DockerHub
+    image: lissy93/dashy
+
+    # To build from source, replace 'image: lissy93/dashy' with 'build: .'
+    # build: .
+
+    # You can also use an image with a different tag, or pull from a different registry, e.g:
+    # image: ghcr.io/lissy93/dashy or image: lissy93/dashy:3.0.0
+
+    # Pass in your config file below, by specifying the path on your host machine
+    # volumes:
+      # - /path/to/my-config.yml:/app/user-data/conf.yml
+      # - /path/to/item-icons:/app/user-data/item-icons/
+
+    # Set port that web service will be served on. Keep container port as 8080
+    ports:
+      - 4000:8080
+
+    # Set any environmental variables
+    environment:
+      - NODE_ENV=production
+    # Specify your user ID and group ID. You can find this by running `id -u` and `id -g`
+    #  - UID=1000
+    #  - GID=1000
+
+    # Specify restart policy
+    restart: unless-stopped
+
+    # Configure healthchecks
+    healthcheck:
+      test: ['CMD', 'node', '/app/services/healthcheck']
+      interval: 1m30s
+      timeout: 10s
+      retries: 3
+      start_period: 40s

docker-compose/ddclient/docker-compose.yml

@@ -0,0 +1,13 @@
+---
+version: "2.1"
+services:
+  ddclient:
+    image: lscr.io/linuxserver/ddclient:latest
+    container_name: ddclient
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+    volumes:
+      - /docker-containers/ddclient:/config
+    restart: unless-stopped

docker-compose/deemix/docker-compose.yml

@@ -0,0 +1,27 @@
+---
+version: "3.3"
+services:
+  deemix:
+    image: registry.gitlab.com/bockiii/deemix-docker
+    container_name: Deemix
+    volumes:
+       - /unsorted/deemix:/downloads # it will remove empty folders from directories
+       - /docker-containers/deemix:/config
+    environment:
+       - PUID=1000
+       - PGID=1003
+       - UMASK_SET=022
+       - DEEMIX_SINGLE_USER=true
+    ports:
+       - 6595:6595
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+
+  homelab:
+#    name: homelab      # Networks can also be given a custom name, not needed if existing
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/deluge/docker-compose.yml

@@ -0,0 +1,27 @@
+---
+#version: "2.1"    # Phased/outdated. Not needed if running portainer or newest version of compose
+services:
+  deluge:
+    image: lscr.io/linuxserver/deluge:latest
+    container_name: deluge
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+      - DELUGE_LOGLEVEL=error #optional
+    volumes:
+      - /docker-containers/deluge:/config
+      - /unsorted/deluge:/downloads
+    ports:
+      - 8112:8112
+      - 12881:12881
+      - 12881:12881/udp
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/dillinger/docker-compose.yml

@@ -0,0 +1,28 @@
+---
+version: "2.1"
+services:
+  dillinger:
+    image: lscr.io/linuxserver/dillinger:latest
+    container_name: dillinger
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+    volumes:
+      - /docker-containers/dillinger:/config
+      - /Documents/prodigy/Text-Files:/mediadata
+    ports:
+      - 8281:8080
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+#  some-additional-network:
+#     aliases:
+#        - simplename   # This isn't allowed in portainer, must be called in the service.
+  homelab:
+#    name: homelab      # Networks can also be given a custom name, not needed if existing
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/doublecommander/docker-compose.yml

@@ -0,0 +1,25 @@
+---
+version: "2.1"
+services:
+  doublecommander:
+    image: lscr.io/linuxserver/doublecommander:latest
+    container_name: doublecommander
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+    volumes:
+      - /docker-containers/doublecommander:/config
+      - :/data
+    ports:
+      - 4000:3000
+      - 4001:3001
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/elasticsearch/docker-compose.yml

@@ -0,0 +1,140 @@
+# version: '2.2'
+services:
+  elasticsearch:
+    image: docker.elastic.co/elasticsearch/elasticsearch:8.18.2 # the one listed on website is sort of dated
+    container_name: elasticsearch
+    environment: 
+      - "node.name=es01"
+      - "cluster.name=elasticsick"
+      - "discovery.type=single-node"
+      # - "ELASTIC_USERNAME=elastic"              # default superuser, don't think you can specify here anymore
+      - "ELASTIC_PASSWORD=ChangeMe123!#@"       # matching Elasticsearch password, user: elastic
+      - "bootstrap.memory_lock=true"
+      - "ES_JAVA_OPTS=-Xms4g -Xmx4g"
+      # - "xpack.security.enabled=true"  # Set false when testing, true for production # uncommented this line to fix 'received plaintext http traffic on an https channel' # worked # kibanna loading now # Kibana cannot connect to the Elastic Package Registry, which provides Elastic Agent integrations. Ensure the proxy server (opens in a new tab or window) or your own registry(opens in a new tab or window) is configured correctly, or try again later.
+      # - "xpack.security.http.ssl.enabled=true"  # was throwing error without it # enable ssl for http layer so kibana can connect securely
+      # - "xpack.security.enrollment.enabled=true" # must be true to generate toke for kibana.yml
+      # - "xpack.security.transport.ssl.enabled=true" # transport ssl when forwarding between nodes/servers
+      - "path.repo=/usr/share/elasticsearch/data/snapshot"
+      # - "xpack.security.http.ssl.key=/usr/share/elasticsearch/config/certs/privkey.pem" # shouldn't be needed within containers.. also needs disabled when other is not enabled
+      # - "xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/certs/fullchain.pem"
+      # - "xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/certs/privkey.pem"
+      # - "xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/certs/fullchain.pem"
+    volumes:
+      - /docker-containers/elasticsearch/data:/usr/share/elasticsearch/data
+      # - /docker-containers/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml
+      # - /docker-containers/elasticsearch/config:/usr/share/elasticsearch/config # if you mount the config directory you need the files present https://github.com/elastic/elasticsearch/tree/main/distribution/src/config
+      - /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/fullchain.pem:/usr/share/elasticsearch/config/certs/fullchain.pem:ro # Possibly not needed I hope, no encryption needed inbetween container network
+      - /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/chain.pem:/usr/share/elasticsearch/config/certs/chain.pem:ro #
+      - /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/privkey.pem:/usr/share/elasticsearch/config/certs/privkey.pem:ro
+    ports:
+      - 9200:9200
+      - 9300:9300  # for ssl transport # enabled for testing
+    restart: unless-stopped
+    networks:           # Specify network for container
+      homelab:
+        aliases:
+          - es # adding multiple aliases under certain network
+          - elastic
+          - es01
+
+  kibana:   # gui for elastic basically
+    image: docker.elastic.co/kibana/kibana:8.18.2
+    container_name: kibana
+    environment:
+      - SERVER_NAME=kibana
+      - SERVER_HOST=kibana # should technically work here so i don't have to mount config # ips and hostnames work
+      - SERVER_PORT=5601 # should technically work here so i don't have to mount config # define port so it doesnt choose random later
+      - SERVER_PUBLICBASEURL="https://kibana.example.com" # i don't reckon needed with reverse proxy, it handles the requests. Recommended for production env
+      # - server.publicBaseUrl # for nginx reverse proxy ig?
+      # - urlForwarding # maybe have to do with publicBaseURL, doesnt seem to effect ^
+      - ELASTICSEARCH_HOSTS="http://es:9200"
+      - ELASTICSEARCH_USERNAME=kibana_system          # kibana_system if you set that password
+      - ELASTICSEARCH_PASSWORD="KibanaChangeMe123!#@Pass123!"
+      # - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=/usr/share/kibana/config/certs/fullchain.pem
+    volumes:  # say you should create kibana.yml to configure
+      # - /docker-containers/elasticsearch/kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml # most things here can be added in env now
+      - /docker-containers/elasticsearch/kibana/logs:/var/logs/
+      - /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/fullchain.pem:/usr/share/kibana/config/certs/fullchain.pem:ro # Possibly not needed I hope
+      - /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/chain.pem:/usr/share/kibana/config/certs/chain.pem:ro #
+      - /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/privkey.pem:/usr/share/kibana/config/certs/privkey.pem:ro
+# and in kibana.yml reference the CA or set REQUESTS_CA_BUNDLE env as needed # elasticsearch.ssl.certificateAuthorities: [ "/usr/share/kibana/config/certs/chain.pem" ]
+    ports:
+      - 5601:5601
+    restart: unless-stopped
+    networks:
+      - homelab
+    depends_on:
+      - elasticsearch
+
+  metricbeat:
+    container_name: metricbeat
+    depends_on:
+      - elasticsearch
+      - kibana
+      # elasticsearch:
+      #   condition: service_healthy
+      # kibana:
+      #   condition: service_healthy
+    image: docker.elastic.co/beats/metricbeat-oss:8.18.2
+    user: root # must have matching entries in passwd file apparently, so have to use root, root must also have access to config, so can't chown directory..
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+      # For testing ssl stuff... didn't workout
+      - /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/fullchain.pem:/usr/share/metricbeat/certs/fullchain.pem:r
+      - /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/privkey.pem:/usr/share/metricbeat/certs/privkey.pem:r
+      # Personal Data locations
+      - /docker-containers/elasticsearch/metricbeat/data:/usr/share/metricbeat/data
+      - /docker-containers/elasticsearch/metricbeat/config/metricbeat.yml:/usr/share/metricbeat/metricbeat.yml:ro
+      - /docker-containers/elasticsearch/metricbeat/diskqueue:/usr/share/metricbeat/diskqueue
+    networks:
+      - homelab
+
+  # How to Tune Elastic Beats Performance: A Practical Example with Batch Size, Worker Count, and More
+  # https://www.elastic.co/blog/how-to-tune-elastic-beats-performance-a-practical-example-with-batch-size-worker-count-and-more?blade=tw&hulk=social
+  filebeat:
+    image: elastic/filebeat:8.18.2
+    # https://github.com/docker/swarmkit/issues/1951
+    container_name: filebeat
+    hostname: "es01-filebeat"
+    # Need to override user so we can access the log files, and docker.sock
+    user: root
+    volumes:
+      - /docker-containers/elasticsearch/filebeat/data:/usr/share/filebeat/data
+      - /var/run/docker.sock:/var/run/docker.sock
+      # This is needed for filebeat to load container log path as specified in filebeat.yml
+      - /var/lib/docker/containers/:/var/lib/docker/containers/:ro
+
+      # # This is needed for filebeat to load jenkins build log path as specified in filebeat.yml
+      # - /var/lib/docker/volumes/jenkins_home/_data/jobs/:/var/lib/docker/volumes/jenkins_home/_data/jobs/:ro
+
+      # This is needed for filebeat to load logs for system and auth modules
+      - /var/log/:/var/log/:ro
+
+      # This is needed for filebeat to load logs for auditd module. you might have to install audit system
+      # on ubuntu first (sudo apt-get install -y auditd audispd-plugins)
+      - /var/log/audit/:/var/log/audit/:ro
+      - /var/log/syslog:/var/log/syslog:ro
+      - /var/log/auth.log:/var/log/auth.log:ro
+
+      # Personal locations
+      - /docker-containers/elasticsearch/filebeat/filebeat.yml:/usr/share/filebeat/filebeat.yml:ro
+      - /docker-containers/elasticsearch/filebeat/diskqueue:/usr/share/filebeat/diskqueue
+    environment:
+      - ELASTICSEARCH_HOST="http://es:9200"
+      - KIBANA_HOST="http://kibana:5601"
+      - ELASTICSEARCH_USERNAME="elastic"
+      - ELASTICSEARCH_PASSWORD="ChangeMe123!#@"
+    # disable strict permission checks
+    command: ["filebeat", "-e", "--strict.perms=false"]
+    deploy:
+      mode: global
+    depends_on:
+      - elasticsearch
+      - kibana
+    networks:
+      - homelab
+
+networks:
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly) also forces to join instead of creating one

docker-compose/filebrowser/docker-compose.yml

@@ -0,0 +1,25 @@
+---
+version: "2.1"
+services:
+  filebrowser:
+    image: filebrowser/filebrowser:s6
+    container_name: filebrowser
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+    volumes:
+      - /docker-containers/filebrowser:/srv
+      - /docker-containers/filebrowser/filebrowser.db:/database/filebrowser.db
+      - /docker-containers/filebrowser/settings.json:/config/settings.json
+    ports:
+      - 8189:80
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/filedrop/docker-compose.yml

@@ -0,0 +1,39 @@
+services:
+  filedrop:
+    image: itsnoted/filedrop
+    environment:
+      - WS_HOST=0.0.0.0
+      - WS_APP_NAME=${APP_NAME}
+      - WS_ABUSE_EMAIL=${ABUSE_EMAIL}
+      - WS_USE_X_FORWARDED_FOR=${USE_X_FORWARDED_FOR}
+      - WS_REQUIRE_CRYPTO=1
+      - TURN_MODE=hmac
+      - TURN_SERVER=turn:(hostname)
+      - TURN_USERNAME=filedrop
+      - TURN_SECRET=${TURN_SECRET}
+    ports:
+      - '5000:5000'
+    networks:
+      - homelab
+
+  coturn:
+    image: coturn/coturn
+    command:
+      - --log-file=stdout
+      - --use-auth-secret
+      - --static-auth-secret=${TURN_SECRET}
+      - --no-multicast-peers
+      - --no-tls
+      - --no-dtls
+      - --no-software-attribute
+      - --fingerprint
+      - --no-cli
+    depends_on:
+      - filedrop
+    networks:
+      - homelab
+
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/filegator/docker-compose.yml

@@ -0,0 +1,39 @@
+version: '2'
+services:
+  filegator:
+    container_name: filegator
+    image: filegator/filegator
+    restart: always
+    ports:
+      - "8080:8080"
+    volumes:
+      # common mount points are listed here
+      # make sure filegator can read/write to the mounted volume
+
+      # mount local folder as a repository
+      # - ./files:/var/www/filegator/repository
+      - "/unsorted:/var/www/filegator/repository/Downloads" #Shared Downloads folder
+      - "/Books:/var/www/filegator/repository/Books" #Shared Books Folder
+      - "/games:/var/www/filegator/repository/Games" #Shared Games folder
+      - "/Music:/var/www/filegator/repository/Music" #Shared Music Folder
+      - "/Movies:/var/www/filegator/repository/Movies" #Shared Movies folder
+      - "/programs:/var/www/filegator/repository/Programs" #Shared Movies folder
+      - "/TvShows:/var/www/filegator/repository/TvShows" #Shared TvShows folder
+      - "/Videos:/var/www/filegator/repository/Videos" #Shared Videos folder
+
+      # locally stored users.json file
+      #- /docker-containers/filegator/config/users.json:/var/www/filegator/private/users.json
+
+      # load your own custom configuration file
+      #- /docker-containers/filegator/config/configuration.php:/var/www/filegator/configuration.php
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      homelab:
+        aliases:
+          - fileg # adding multiple aliases under certain network
+networks:    # specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true # This option causes compose to join the above network instead of making a _default one

docker-compose/flaresolverr/docker-compose.yml

@@ -0,0 +1,23 @@
+---
+version: "2.1"
+services:
+  flaresolverr:
+    # DockerHub mirror flaresolverr/flaresolverr:latest
+    image: ghcr.io/flaresolverr/flaresolverr:latest
+    container_name: flaresolverr
+    environment:
+      - LOG_LEVEL=${LOG_LEVEL:-info}
+      - LOG_HTML=${LOG_HTML:-false}
+      - CAPTCHA_SOLVER=${CAPTCHA_SOLVER:-none}
+      - TZ=America/New_York
+    ports:
+      - "${PORT:-8191}:8191"
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/foundryvtt/docker-compose.yml

@@ -0,0 +1,29 @@
+---
+services:
+  foundry:
+    image: felddy/foundryvtt:13
+    container_name: foundryvtt
+    hostname: foundry.example.com
+    volumes:
+      - type: bind
+        source: /docker-containers/foundryvtt/data
+        target: /data
+    environment:
+      - FOUNDRY_PASSWORD=ChangeMe123foundry
+      - FOUNDRY_USERNAME=yourusername
+      - FOUNDRY_ADMIN_KEY=ChangeMe123
+    ports:
+      - target: 30000
+        published: 30000
+        protocol: tcp
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      homelab:
+        aliases:
+          - foundry # adding multiple aliases under certain network
+networks:    # specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true # This option causes compose to join the above network instead of making a _default one

docker-compose/freshrss/docker-compose.yml

@@ -0,0 +1,22 @@
+---
+services:
+  freshrss:
+    image: lscr.io/linuxserver/freshrss:latest
+    container_name: freshrss
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+    volumes:
+      - /docker-containers/freshrss/config:/config
+    ports:
+      - 8282:80
+    restart: unless-stopped
+    stdin_open: true
+    tty: true
+    networks:
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/gamevault/docker-compose.yml

@@ -0,0 +1,32 @@
+services:
+  gamevault-backend:
+    image: phalcode/gamevault-backend:latest
+    container_name: gamevault
+    restart: unless-stopped
+    environment:
+      PUID: 1000
+      PGID: 1006
+      DB_HOST: postgres
+      DB_USERNAME: yourusername
+      DB_PASSWORD: PostgresChangeMe123!
+      SERVER_ADMIN_USERNAME: yourusername
+      SERVER_MAX_DOWNLOAD_BANDWIDTH_IN_KBPS: 2500
+    volumes:
+      # Mount the folder where your games are
+      - /docker-containers/gamevault/config:/config
+      # Mount the folder where your games are
+      - /games/WindowsGames:/files
+      # Mount the folder where GameVault should store its media
+      - /docker-containers/gamevault/media:/media
+      # Mount the folder where GameVault should store its logs
+      - /docker-containers/gamevault/logs:/logs
+    ports:
+      - 8581:8080/tcp
+    networks:
+      homelab:
+        aliases:
+          - gv  # how to add multiple aliases
+
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:            # Sub-section, any network name or 'default' to edit default one created
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/gameyfin/docker-compose.yml

@@ -0,0 +1,43 @@
+services:
+  gameyfin:
+    image: grimsi/gameyfin:2.0.0.beta3 # Replace with the latest version tag from Docker Hub
+    container_name: gameyfin
+    restart: unless-stopped
+    environment:
+      # Generate a new APP_KEY using the command `openssl rand -base64 32` or similar.
+      APP_KEY: YourEncryptedString
+
+      # (optional) Set the URL of your Gameyfin instance if you are using a reverse proxy.
+      APP_URL: https://gameyfin.example.com # Change this to your actual URL if needed
+
+      # (optional) Set the user and group ID to run Gameyfin with a specific user.
+      PUID: 1000 # Change this to your user ID if needed
+      PGID: 1006 # Change this to your group ID if needed
+      #old environment:
+      # - PUID=1000
+      # - PGID=1006
+      # - GAMEYFIN_USER=sick
+      # - GAMEYFIN_PASSWORD=gaming
+      # - GAMEYFIN_IGDB_API_CLIENT_ID=YourAPIClientID
+      # - GAMEYFIN_IGDB_API_CLIENT_SECRET=YourAPIClientSecret
+      # - GAMEYFIN_SOURCES=/opt/gameyfin-library/library-1,/opt/gameyfin-library/library-2,/opt/gameyfin-library/library-3
+    volumes:
+      - /docker-containers/gameyfin/db:/opt/gameyfin/db
+      - /docker-containers/gameyfin/data:/opt/gameyfin/data
+      - /docker-containers/gameyfin/logs:/opt/gameyfin/logs
+      - /games/WindowsGames:/opt/gameyfin-library/windows-games
+      - /games/WindowsGames/Call.of.Duty:/opt/gameyfin-library/cod
+      - "/games/WindowsGames/No.Man's.Sky+Updates:/opt/gameyfin-library/nomansky"
+      #- /docker-containers/gameyfin/configs:/opt/gameyfin-library/library-1-configs
+      # - <Path on your host to the 3rd source folder>:/opt/gameyfin-library/library-4
+    ports:
+      - "8385:8080"
+    networks:
+      homelab:
+        aliases:
+          - gamefin  # how to add multiple aliases
+
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:            # Sub-section, any network name or 'default' to edit default one created
+    external: true      # This option causes compose to join the above network instead of making a _default one
+

docker-compose/ghostfolio/.env

@@ -0,0 +1,16 @@
+COMPOSE_PROJECT_NAME=Prodigy-Ghostfolio
+
+# CACHE
+REDIS_HOST=redis
+REDIS_PORT=6379
+REDIS_PASSWORD=RedisChangeMe123!
+
+# POSTGRES
+POSTGRES_DB=ghostfolio-db
+POSTGRES_USER=yourusername
+POSTGRES_PASSWORD=PostgresChangeMe123!
+
+# VARIOUS
+ACCESS_TOKEN_SALT=yourRandomSaltValue
+DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}?connect_timeout=300&sslmode=prefer
+JWT_SECRET_KEY=openSSL-rand-hex-32byte

docker-compose/ghostfolio/docker-compose.yml

@@ -0,0 +1,83 @@
+name: ghostfolio
+services:
+  ghostfolio:
+    image: docker.io/ghostfolio/ghostfolio:latest
+    container_name: ghostfolio
+    restart: unless-stopped
+    init: true
+    cap_drop:
+      - ALL
+    security_opt:
+      - no-new-privileges:true
+    env_file: # using portainer and this is how I pass env vars within portainer
+      - stack.env
+    ports:
+      - 3333:3333
+    depends_on:
+      # postgres:
+      #   condition: service_healthy
+      redis:
+        condition: service_healthy
+    healthcheck:
+      test: ['CMD-SHELL', 'curl -f http://localhost:3333/api/v1/health']
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    networks:
+      - homelab
+      - ghostfolio_net
+  # Running separate compose container, 1 postgres for all apps
+  # postgres:
+  #   image: docker.io/library/postgres:15-alpine
+  #   container_name: gf-postgres
+  #   restart: unless-stopped
+  #   cap_drop:
+  #     - ALL
+  #   cap_add:
+  #     - CHOWN
+  #     - DAC_READ_SEARCH
+  #     - FOWNER
+  #     - SETGID
+  #     - SETUID
+  #   security_opt:
+  #     - no-new-privileges:true
+  #   env_file:
+  #     - ../.env
+  #   healthcheck:
+  #     test:
+  #       ['CMD-SHELL', 'pg_isready -d "$${POSTGRES_DB}" -U $${POSTGRES_USER}']
+  #     interval: 10s
+  #     timeout: 5s
+  #     retries: 5
+  #   volumes:
+  #     - postgres:/var/lib/postgresql/data
+
+  redis:
+    image: docker.io/library/redis:alpine
+    container_name: gf-redis
+    restart: unless-stopped
+    user: '999:1000'
+    cap_drop:
+      - ALL
+    security_opt:
+      - no-new-privileges:true
+    env_file:
+      - stack.env
+    command:
+      - /bin/sh
+      - -c
+      - redis-server --requirepass "$${REDIS_PASSWORD:?REDIS_PASSWORD variable is not set}"
+    healthcheck:
+      test:
+        ['CMD-SHELL', 'redis-cli --pass "$${REDIS_PASSWORD}" ping | grep PONG']
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    networks:
+      - ghostfolio_net
+
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:            # Sub-section, any network name or 'default' to edit default one created
+    external: true      # This option causes compose to join the above network instead of making a _default one
+  ghostfolio_net:
+    external: false

docker-compose/gitea/docker-compose.yml

@@ -0,0 +1,25 @@
+version: "3"
+services:
+  server:
+    image: gitea/gitea:1.25-nightly-rootless # Don't specify newest version, could be breaking changes in the future, apparently breaking changes with nightly...
+    container_name: gitea
+    environment:
+      - USER_UID=1000
+      - USER_GID=1006
+    restart: always
+    volumes:
+      - /docker-containers/gitea/data:/var/lib/gitea
+      - /docker-containers/gitea/config:/etc/gitea
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - "3999:3000"  # Once setup for domain port access isn't there anymore locally outside of docker network
+      - "2096:2222"
+    networks:           # Specify network for container
+      homelab:
+        aliases:
+          - giteassh # adding multiple aliases under certain network
+          - git
+networks:
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/glances/docker-compose.yml

@@ -0,0 +1,20 @@
+version: '3'
+
+services:
+  monitoring:
+    image: nicolargo/glances:latest-full
+    pid: host
+    network_mode: host
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /run/user/1000/podman/podman.sock:/run/user/1000/podman/podman.sock
+    environment:
+      - "GLANCES_OPT=-w"
+    # For nvidia GPUs
+    deploy:
+      resources:
+        reservations:
+          devices:
+            - driver: nvidia
+              count: 1
+              capabilities: [gpu]

docker-compose/gluetun/docker-compose.yml

@@ -0,0 +1,62 @@
+version: "3"
+services:
+  gluetun:
+    image: qmcgaw/gluetun
+    container_name: gluetun
+    # line above must be uncommented to allow external containers to connect.
+    # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-container-to-gluetun.md#external-container-to-gluetun
+    cap_add:
+      - NET_ADMIN
+    devices:
+      - /dev/net/tun:/dev/net/tun
+    ports:
+      - 8888:8888/tcp # HTTP proxy
+      - 8388:8388/tcp # Shadowsocks
+      - 8388:8388/udp # Shadowsocks
+      # wireguard
+      - "51820:51820/udp"
+      - "51821:51821/tcp"
+    volumes:
+      - /docker-containers/gluetun:/gluetun
+    environment:
+      # HTTP proxy setup
+      - HTTPPROXY=on
+      - HTTPPROXY_USER=yourusername
+      - HTTPPROXY_PASSWORD=ChangeMe123
+      - HTTPPROXY_LOG=on
+      # Shadow Sock Setup
+      - SHADOWSOCKS=on
+      - SHADOWSOCKS_PASSWORD=ChangeMe123
+      - SHADOWSOCKS_CIPHER=chacha20-ietf-poly1305
+      - SHADOWSOCKS_LOG=on
+      # Firewall setup
+      - BLOCK_MALICIOUS=off
+      - BLOCK_SURVEILLANCE=off
+      - BLOCK_ADS=off
+      - DOT=off
+      - FIREWALL_OUTBOUND_SUBNETS=192.168.1.0/24,172.20.0.0/16
+      # See https://github.com/qdm12/gluetun-wiki/tree/main/setup#setup
+      - VPN_SERVICE_PROVIDER=nordvpn
+      - VPN_TYPE=wireguard
+      # OpenVPN:
+      # - OPENVPN_USER=abc
+      # - OPENVPN_PASSWORD=abc
+      # Wireguard:
+      - WIREGUARD_PRIVATE_KEY=WireguardPrivateKey
+      # - WIREGUARD_ADDRESSES=10.64.222.21/32
+      - SERVER_COUNTRIES="United States"
+      # Timezone for accurate log times
+      - TZ=America/New_York
+      # Server list updater
+      # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/servers.md#update-the-vpn-servers-list
+      - UPDATER_PERIOD=24h
+      
+#     networks:           # Specify network for container
+#       - homelab
+
+# networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+#   homelab:
+#     external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)
+
+# docker run --rm -v /docker-containers/gluetun:/gluetun qmcgaw/gluetun format-servers -nordvpn
+# docker run --rm -v /docker-containers/gluetun:/gluetun qmcgaw/gluetun format-servers -hidemyass

docker-compose/gmod/docker-compose.yml

@@ -0,0 +1,25 @@
+version: '3'
+services:
+  monitoring:
+    image: hackebein/garrysmod
+    volumes:
+      - ./server.cfg:/opt/steam/garrysmod/cfg/server.cfg
+      - ./overlay:/opt/overlay
+    ports:
+      - 27015:27015/tcp
+      - 27015:27015/udp
+    environment:
+      - AUTHKEY=...
+      - GAMEMODE=terrortown
+      - MAP=ttt_minecraft_b5
+      - WORKSHOP=843519054
+      - WORKSHOPDL=843519054
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+
+networks:    # specify the network 2x. In service, and in this tag area
+  homelab:
+    external: true      # join the above network instead of making a _default one

docker-compose/grafana/docker-compose.yml

@@ -0,0 +1,23 @@
+---
+version: "2"
+services:
+  grafana:
+    image: grafana/grafana-oss
+    container_name: grafana
+    volumes:
+      - /docker-containers/grafana/configs:/etc/grafana
+      - /docker-containers/grafana/logs:/var/log/grafana
+      - /docker-containers/grafana/lib:/var/lib/grafana
+      - /docker-containers/grafana/share:/usr/share/grafana
+    ports:
+      - 8409:3000
+    user: '1000'
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/grifter/docker-compose.yml

@@ -0,0 +1,12 @@
+version: '3.3'
+services:
+    grifter:
+        image: 'grifter:latest'
+        container_name: grifter
+        volumes:
+            - '/docker-containers/grifter/grifter.toml:/opt/grifter/grifter.toml'
+            - '/docker-containers/grifter/cache:/opt/grifter/cache' # optional, but if you dont mount the cache as volume, it will be lost after the container is destroyed
+            - '/games/WindowsGames:/opt/grifter/library:ro' # Mount games as "read-only"
+        ports:
+            - '3909:39090'
+        restart: unless-stopped

docker-compose/headphones/docker-compose.yml

@@ -0,0 +1,24 @@
+version: "2.1"
+services:
+  headphones:
+    image: lscr.io/linuxserver/headphones:latest
+    container_name: headphones
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+    volumes:
+      - /docker-containers/headphones:/config
+      - /unsorted:/downloads
+      - /Music:/music
+    ports:
+      - 9581:8181
+    restart: unless-stopped
+    networks:
+      homelab:
+        aliases:
+          - headphone # adding multiple aliases under certain network
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/heimdall/docker-compose.yml

@@ -0,0 +1,24 @@
+---
+version: "2.1"
+services:
+  heimdall:
+    image: lscr.io/linuxserver/heimdall:latest
+    container_name: heimdall
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+    volumes:
+      - /docker-containers/heimdall:/config
+    ports:
+      - 9112:80
+      #- 443:443
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/homarr/docker-compose.yml

@@ -0,0 +1,28 @@
+version: '3'
+#---------------------------------------------------------------------#
+#     Homarr - A simple, yet powerful dashboard for your server.     #
+#---------------------------------------------------------------------#
+services:
+  homarr:
+    container_name: homarr
+    image: ghcr.io/homarr-labs/homarr:latest
+    restart: unless-stopped
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /docker-containers/homarr/appdata:/appdata
+      # - /docker-containers/homarr/configs:/app/data/configs
+      # - /docker-containers/homarr/data:/data
+      # - /docker-containers/homarr/icons:/app/public/icons
+    environment:
+      - SECRET_ENCRYPTION_KEY=YourEncryptedString32Byte
+    ports:
+      - '7575:7575'
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/homeassistant/docker-compose.yml

@@ -0,0 +1,37 @@
+version: '2.1'
+services:
+  homeassistant:
+    container_name: homeassistant
+    image: "ghcr.io/home-assistant/home-assistant:stable"
+    volumes:
+      - /docker-containers/homeassistant:/config
+      - /etc/localtime:/etc/localtime:ro
+    restart: unless-stopped
+#    depends_on:
+#      - mosquitto
+    privileged: true
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+    networks:           # Specify network for container
+      - homelab
+
+  mosquitto:
+    container_name: mosquitto
+    image: eclipse-mosquitto
+    restart: unless-stopped
+    ports:
+      - "1883:1883/tcp"
+    environment:
+      - TZ=American/New_York
+    volumes:
+      - /docker-containers/mosquitto-eclipse:/mosquitto/config
+      - /docker-containers/mosquitto-eclipse/data:/mosquitto/data
+      - /docker-containers/mosquitto-eclipse/log:/mosquitto/log
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one 

docker-compose/homebridge/docker-compose.yml

@@ -0,0 +1,13 @@
+version: '2'
+services:
+  homebridge:
+    image: oznu/homebridge:latest
+    restart: always
+    network_mode: host
+    volumes:
+      - /docker-containers/homebridge:/homebridge
+    logging:
+      driver: json-file
+      options:
+        max-size: "10mb"
+        max-file: "1"

docker-compose/immich/.env

@@ -0,0 +1,22 @@
+# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables
+
+# The location where your uploaded files are stored
+UPLOAD_LOCATION=/docker-containers/immich/upload
+
+# The location where your database files are stored
+DB_DATA_LOCATION=/docker-containers/immich/postgres_data
+
+# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
+TZ=America/New_York
+
+# The Immich version to use. You can pin this to a specific version like "v1.71.0"
+IMMICH_VERSION=release
+
+# Connection secret for postgres. You should change it to a random password
+# Please use only the characters `A-Za-z0-9`, without special characters or spaces
+DB_PASSWORD=YourPassword
+
+# The values below this line do not need to be changed
+###################################################################################
+DB_USERNAME=postgres
+DB_DATABASE_NAME=immich

docker-compose/immich/docker-compose.yml

@@ -0,0 +1,118 @@
+version: "3.8"
+
+#
+# WARNING: Make sure to use the docker-compose.yml of the current release:
+#
+# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
+#
+# The compose file on main may not be compatible with the latest release.
+#
+
+name: immich
+
+services:
+  immich-server:
+    container_name: immich_server
+    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
+    # extends:
+    #   file: hwaccel.transcoding.yml
+    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
+    volumes:
+      # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
+      - ${UPLOAD_LOCATION}:/usr/src/app/upload
+      - /Documents/prodigy/Pictures:/mnt/media/prodigy/Pictures  # external library location - optional
+      - /etc/localtime:/etc/localtime:ro
+    devices:
+      - /dev/dri/renderD128:/dev/dri/renderD128
+    env_file:
+      - stack.env
+    ports:
+      - '2283:2283'
+    depends_on:
+      - redis
+      - database
+    restart: always
+    healthcheck:
+      disable: false
+    networks:           # Specify network for container
+      homelab:
+        aliases:
+          - immich  # how to add multiple aliases
+          - immich-server
+      immich_net:
+        aliases:
+          - immich  # how to add multiple aliases
+          - immich-server
+
+  immich-machine-learning:
+    container_name: immich_machine_learning
+    # For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag.
+    # Example tag: ${IMMICH_VERSION:-release}-cuda
+    image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
+    # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
+    #   file: hwaccel.ml.yml
+    #   service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
+    volumes:
+      - model-cache:/cache
+    env_file:
+      - stack.env
+    restart: always
+    healthcheck:
+      disable: false
+    networks:           # Specify network for container
+      - immich_net
+
+  redis:
+    container_name: immich_redis
+    image: docker.io/redis:6.2-alpine@sha256:eaba718fecd1196d88533de7ba49bf903ad33664a92debb24660a922ecd9cac8
+    healthcheck:
+      test: redis-cli ping || exit 1
+    restart: always
+    networks:           # Specify network for container
+      - immich_net
+
+  database:
+    container_name: immich_postgres
+    image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
+    environment:
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
+      POSTGRES_USER: ${DB_USERNAME}
+      POSTGRES_DB: ${DB_DATABASE_NAME}
+      POSTGRES_INITDB_ARGS: '--data-checksums'
+    volumes:
+      # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
+      - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
+    healthcheck:
+      test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
+      interval: 5m
+      start_interval: 30s
+      start_period: 5m
+    command:
+      [
+        'postgres',
+        '-c',
+        'shared_preload_libraries=vectors.so',
+        '-c',
+        'search_path="$$user", public, vectors',
+        '-c',
+        'logging_collector=on',
+        '-c',
+        'max_wal_size=2GB',
+        '-c',
+        'shared_buffers=512MB',
+        '-c',
+        'wal_compression=on',
+      ]
+    restart: always
+    networks:           # Specify network for container
+      - immich_net
+
+volumes:
+  pgdata:
+  model-cache:
+
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)
+  immich_net:
+    external: false

docker-compose/iptv-org-epg/docker-compose.yml

@@ -0,0 +1,27 @@
+version: "2.1"
+services:
+# Download iptv-org epg data
+  iptv-org-epg:
+    image: iptv-org/epg
+    container_name: iptv-org-epg
+    environment:
+      - CRON_SCHEDULE="45 22,10 * * *"
+      - MAX_CONNECTIONS=10
+      # - GZIP=true
+      # - PROXY="socks5://127.0.0.1:1234"
+      - DAYS=14
+      - TIMEOUT=5
+      - DELAY=2
+    volumes:
+      - /docker-containers/iptv-org-epg/channels.xml:/epg/channels.xml
+    ports:
+      - 3000:3000
+    restart: unless-stopped
+    stdin_open: true
+    tty: true
+    networks:
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/it-tools/docker-compose.yml

@@ -0,0 +1,17 @@
+version: '3.9'
+services:
+  it-tools:
+    image: 'corentinth/it-tools:latest'
+    ports:
+      - '8589:80'
+    restart: unless-stopped
+    container_name: it-tools
+    networks:
+      homelab:
+        aliases:
+          - ittools # adding multiple aliases under certain network
+          - webtools
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/jackett/docker-compose.yml

@@ -0,0 +1,26 @@
+version: "2.1"
+services:
+# Indexer for torrent sites
+  jackett:
+    image: lscr.io/linuxserver/jackett:latest
+    container_name: jackett
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+      - AUTO_UPDATE=true #optional
+      #- RUN_OPTS=<run options here> #optional
+    volumes:
+      - /docker-containers/jackett:/config
+      - /unsorted/qbit/_watched:/downloads
+    ports:
+      - 9117:9117
+    restart: unless-stopped
+    stdin_open: true
+    tty: true
+    networks:
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/jdownloader/docker-compose.yml

@@ -0,0 +1,16 @@
+version: '3'
+services:
+  jdownloader:
+    container_name: jdownloader
+    image: jlesage/jdownloader-2
+    ports:
+      - "5800:5800"
+    volumes:
+      - /docker-containers/jdownloader:/config:rw
+      - /unsorted/jdownloader:/output:rw
+    restart: unless-stopped
+    networks:           # Specify network for container
+      - homelab
+networks:    # specify the network 2x. In service, and in this tag area
+  homelab:
+    external: true      # join the above network instead of making a _default one

docker-compose/jellyfin/docker-compose.yml

@@ -0,0 +1,35 @@
+version: '3.5'
+services:
+  jellyfin:
+    image: jellyfin/jellyfin
+    container_name: jellyfin
+    user: 1000:1006
+    volumes:
+      - /docker-containers/jellyfin/config:/config
+      - /docker-containers/jellyfin/cache:/cache
+      - /Movies:/media/movies:ro
+      - /TvShows:/media/tvshows:ro
+      - /Videos:/media/videos:ro
+      - /Music:/media/music:ro
+      - /Pictures:/media/pictures:ro
+      - /Books:/media/books:ro
+    devices:
+      - /dev/dri/renderD128:/dev/dri/renderD128
+    ports:
+      - 8096:8096/tcp
+      - 7359:7359/udp
+    restart: 'unless-stopped'
+    # Optional - alternative address used for autodiscovery
+    environment:
+      - JELLYFIN_PublishedServerUrl=https://jellyfin.example.com
+    # Optional - may be necessary for docker healthcheck to pass if running in host network mode
+    #extra_hosts:
+    #  - "host.docker.internal:host-gateway"
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # specify the network 2x. In service, and in this tag area
+  homelab:
+    external: true      # join the above network instead of making a _default one

docker-compose/joplin/docker-compose.yml

@@ -0,0 +1,41 @@
+version: '3'
+
+services:
+    db:
+        image: postgres:15
+        volumes:
+            - /docker/joplindb:/var/lib/postgresql/data
+        ports:
+            - "5432:5432"
+        restart: unless-stopped
+        environment:
+            - POSTGRES_PASSWORD=postgres
+            - POSTGRES_USER=postgres
+            - POSTGRES_DB=joplin
+    app:
+        image: joplin/server:latest
+        depends_on:
+            - db
+        ports:
+            - "22300:22300"
+        restart: unless-stopped
+        environment:
+            - APP_PORT=22300
+            - APP_BASE_URL=https://websiteurl.com
+            - DB_CLIENT=pg
+            - POSTGRES_PASSWORD=postgres
+            - POSTGRES_DATABASE=joplin
+            - POSTGRES_USER=postgres
+            - POSTGRES_PORT=5432
+            - POSTGRES_HOST=db
+            - MAILER_ENABLED=1
+            - MAILER_HOST=smtp.gmail.com
+            - MAILER_PORT=465
+            - MAILER_SECURE=1
+            - MAILER_AUTH_USER=youremail@gmail.com
+            - MAILER_AUTH_PASSWORD=Y0urP@ssw0rd
+            - MAILER_NOREPLY_NAME=Joplin
+            - MAILER_NOREPLY_EMAIL=email@email.com
+            
+volumes:
+  joplindb:

docker-compose/jupyter/docker-compose.yml

@@ -0,0 +1,17 @@
+jupyter:
+  image: jupyter/datascience-notebook
+  environment:
+    - PASSWORD=${PASSWORD}
+
+
+nginx:  
+  image: nginx
+  links: 
+    - jupyter
+  volumes:
+    - ./nginx.conf:/etc/nginx/nginx.conf
+    - ./letsencrypt.crt:/data/cert.crt
+    - /letsencrypt.key:/data/key.key
+  ports:
+    - 80:80
+    - 443:443

docker-compose/karakeep/.env

@@ -0,0 +1,4 @@
+KARAKEEP_VERSION=release
+NEXTAUTH_SECRET=YourEncryptedString
+MEILI_MASTER_KEY=YourEncryptedString
+NEXTAUTH_URL=http://localhost:3000

docker-compose/karakeep/docker-compose.yml

@@ -0,0 +1,55 @@
+services:
+  karakeep:
+    image: ghcr.io/karakeep-app/karakeep:${KARAKEEP_VERSION:-release}
+    container_name: karakeep
+    restart: unless-stopped
+    volumes:
+      - /docker-containers/karakeep/data:/data
+    ports:
+      - 3069:3000
+    env_file:
+      - stack.env
+    environment:
+      MEILI_ADDR: http://meilisearch:7700
+      BROWSER_WEB_URL: http://chrome:9222
+      OPENAI_API_KEY: YourAPIKEY
+      DATA_DIR: /data # DON'T CHANGE THIS
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+  chrome:
+    image: gcr.io/zenika-hub/alpine-chrome:123
+    container_name: karakeep-chrome
+    restart: unless-stopped
+    command:
+      - --no-sandbox
+      - --disable-gpu
+      - --disable-dev-shm-usage
+      - --remote-debugging-address=0.0.0.0
+      - --remote-debugging-port=9222
+      - --hide-scrollbars
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+  meilisearch:
+    image: getmeili/meilisearch:v1.13.3
+    container_name: karakeep-meilisearch
+    restart: unless-stopped
+    env_file:
+      - stack.env
+    environment:
+      MEILI_NO_ANALYTICS: "true"
+    volumes:
+      - /docker-containers/karakeep/meilisearch:/meili_data
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # specify the network 2x. In service, and in this tag area
+  homelab:
+    external: true      # join the above network instead of making a _default one

docker-compose/kometa/docker-compose.yml

@@ -0,0 +1,31 @@
+version: "2.1"
+services:
+# Kometa / Plex Collections Manager | Formerly "Plex Meta Manager"
+  kometa:
+    image: kometateam/kometa:latest  # meisnate12/plex-meta-manager:nightly rebranded as kometa # lscr.io/linuxserver/plex-meta-manager:latest
+    container_name: kometa
+    labels:
+      - "com.centurylinklabs.watchtower.enable=true"
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+      - KOMETA_CONFIG=/config/config.yml #optional
+      - KOMETA_TIME=23:15 #optional
+      # - KOMETA_RUN=true #optional
+      # - KOMETA_TEST=False #optional
+      # - KOMETA_NO_MISSING=False #optional
+    volumes:
+      - /docker-containers/kometa:/config:rw
+    entrypoint:
+      - python3
+      - kometa.py
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/lancommander/docker-compose.yml

@@ -0,0 +1,22 @@
+services:
+  lancommander:
+    image: lancommander/lancommander:latest
+    container_name: lancommander
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+    volumes:
+      - /docker-containers/lancommander/config:/app/config
+      - /games:/media/games
+      - /unsorted:/media/unsorted
+    ports:
+      - 1337:1337/tcp   # Webinterface
+      - 35891:35891/udp # Beacon Broadcast
+    restart: unless-stopped
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/lazylibrarian/docker-compose.yml

@@ -0,0 +1,24 @@
+---
+version: "2.1"
+services:
+  lazylibrarian:
+    image: lscr.io/linuxserver/lazylibrarian:latest
+    container_name: lazylibrarian
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+      #- DOCKER_MODS=linuxserver/calibre-web:calibre|linuxserver/mods:lazylibrarian-ffmpeg #optional
+    volumes:
+      - /docker-containers/lazylibrarian:/config
+      - /unsorted:/downloads
+      - /Books:/books #optional
+    ports:
+      - 5299:5299
+    restart: unless-stopped
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/libation/docker-compose.yml

@@ -0,0 +1,15 @@
+# libation - for editing drm audio files to normal
+---
+version: "2.1"
+services:
+  libation:
+    image: rmcrackan/libation
+    container_name: libation
+    environment:
+      - SLEEP_TIME=10m # 10m or -1 for scan 1 and download stop
+    volumes:
+      - /docker-containers/libation/config:/config
+      - /Books/test:/data
+      - /unsorted/libation:/tmp
+    restart: always
+

docker-compose/lidarr/docker-compose.yml

@@ -0,0 +1,30 @@
+version: "2.1"
+services:
+  lidarr:
+    image: lscr.io/linuxserver/lidarr:latest
+    container_name: lidarr
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+    volumes:
+      - /docker-containers/lidarr:/config
+      - /Music/Music-Library:/music #optional
+      - /Videos/Music:/musicvideos
+      - /unsorted:/downloads #optional
+      - /docker-containers/lidarr/custom-services:/custom-services.d
+      - /docker-containers/lidarr/custom-cont-init:/custom-cont-init.d
+    ports:
+      - 8686:8686
+    logging:
+      driver: json-file
+      options:
+        max-size: "10mb"
+        max-file: "1"
+    restart: unless-stopped
+    networks:
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/mailcow/docker-compose.yml

@@ -0,0 +1,639 @@
+version: '2.1'
+services:
+
+    unbound-mailcow:
+      image: mailcow/unbound:1.17
+      environment:
+        - TZ=${TZ}
+      volumes:
+        - ./data/hooks/unbound:/hooks:Z
+        - ./data/conf/unbound/unbound.conf:/etc/unbound/unbound.conf:ro,Z
+      restart: always
+      tty: true
+      networks:
+        mailcow-network:
+          ipv4_address: ${IPV4_NETWORK:-172.22.1}.254
+          aliases:
+            - unbound
+
+    mysql-mailcow:
+      image: mariadb:10.5
+      depends_on:
+        - unbound-mailcow
+      stop_grace_period: 45s
+      volumes:
+        - mysql-vol-1:/var/lib/mysql/
+        - mysql-socket-vol-1:/var/run/mysqld/
+        - ./data/conf/mysql/:/etc/mysql/conf.d/:ro,Z
+      environment:
+        - TZ=${TZ}
+        - MYSQL_ROOT_PASSWORD=${DBROOT}
+        - MYSQL_DATABASE=${DBNAME}
+        - MYSQL_USER=${DBUSER}
+        - MYSQL_PASSWORD=${DBPASS}
+        - MYSQL_INITDB_SKIP_TZINFO=1
+      restart: always
+      ports:
+        - "${SQL_PORT:-127.0.0.1:13306}:3306"
+      networks:
+        mailcow-network:
+          aliases:
+            - mysql
+
+    redis-mailcow:
+      image: redis:7-alpine
+      volumes:
+        - redis-vol-1:/data/
+      restart: always
+      ports:
+        - "${REDIS_PORT:-127.0.0.1:7654}:6379"
+      environment:
+        - TZ=${TZ}
+      sysctls:
+        - net.core.somaxconn=4096
+      networks:
+        mailcow-network:
+          ipv4_address: ${IPV4_NETWORK:-172.22.1}.249
+          aliases:
+            - redis
+
+    clamd-mailcow:
+      image: mailcow/clamd:1.60
+      restart: always
+      depends_on:
+        - unbound-mailcow
+      dns:
+        - ${IPV4_NETWORK:-172.22.1}.254
+      environment:
+        - TZ=${TZ}
+        - SKIP_CLAMD=${SKIP_CLAMD:-n}
+      volumes:
+        - ./data/conf/clamav/:/etc/clamav/:Z
+        - clamd-db-vol-1:/var/lib/clamav
+      networks:
+        mailcow-network:
+          aliases:
+            - clamd
+
+    rspamd-mailcow:
+      image: mailcow/rspamd:1.92
+      stop_grace_period: 30s
+      depends_on:
+        - dovecot-mailcow
+      environment:
+        - TZ=${TZ}
+        - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
+        - IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
+        - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
+        - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
+      volumes:
+        - ./data/hooks/rspamd:/hooks:Z
+        - ./data/conf/rspamd/custom/:/etc/rspamd/custom:z
+        - ./data/conf/rspamd/override.d/:/etc/rspamd/override.d:Z
+        - ./data/conf/rspamd/local.d/:/etc/rspamd/local.d:Z
+        - ./data/conf/rspamd/plugins.d/:/etc/rspamd/plugins.d:Z
+        - ./data/conf/rspamd/lua/:/etc/rspamd/lua/:ro,Z
+        - ./data/conf/rspamd/rspamd.conf.local:/etc/rspamd/rspamd.conf.local:Z
+        - ./data/conf/rspamd/rspamd.conf.override:/etc/rspamd/rspamd.conf.override:Z
+        - rspamd-vol-1:/var/lib/rspamd
+      restart: always
+      hostname: rspamd
+      dns:
+        - ${IPV4_NETWORK:-172.22.1}.254
+      networks:
+        mailcow-network:
+          aliases:
+            - rspamd
+
+    php-fpm-mailcow:
+      image: mailcow/phpfpm:1.82
+      command: "php-fpm -d date.timezone=${TZ} -d expose_php=0"
+      depends_on:
+        - redis-mailcow
+      volumes:
+        - ./data/hooks/phpfpm:/hooks:Z
+        - ./data/web:/web:z
+        - ./data/conf/rspamd/dynmaps:/dynmaps:ro,z
+        - ./data/conf/rspamd/custom/:/rspamd_custom_maps:z
+        - rspamd-vol-1:/var/lib/rspamd
+        - mysql-socket-vol-1:/var/run/mysqld/
+        - ./data/conf/sogo/:/etc/sogo/:z
+        - ./data/conf/rspamd/meta_exporter:/meta_exporter:ro,z
+        - ./data/conf/phpfpm/sogo-sso/:/etc/sogo-sso/:z
+        - ./data/conf/phpfpm/php-fpm.d/pools.conf:/usr/local/etc/php-fpm.d/z-pools.conf:Z
+        - ./data/conf/phpfpm/php-conf.d/opcache-recommended.ini:/usr/local/etc/php/conf.d/opcache-recommended.ini:Z
+        - ./data/conf/phpfpm/php-conf.d/upload.ini:/usr/local/etc/php/conf.d/upload.ini:Z
+        - ./data/conf/phpfpm/php-conf.d/other.ini:/usr/local/etc/php/conf.d/zzz-other.ini:Z
+        - ./data/conf/dovecot/global_sieve_before:/global_sieve/before:z
+        - ./data/conf/dovecot/global_sieve_after:/global_sieve/after:z
+        - ./data/assets/templates:/tpls:z
+        - ./data/conf/nginx/:/etc/nginx/conf.d/:z
+      dns:
+        - ${IPV4_NETWORK:-172.22.1}.254
+      environment:
+        - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
+        - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
+        - LOG_LINES=${LOG_LINES:-9999}
+        - TZ=${TZ}
+        - DBNAME=${DBNAME}
+        - DBUSER=${DBUSER}
+        - DBPASS=${DBPASS}
+        - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
+        - MAILCOW_PASS_SCHEME=${MAILCOW_PASS_SCHEME:-BLF-CRYPT}
+        - IMAP_PORT=${IMAP_PORT:-143}
+        - IMAPS_PORT=${IMAPS_PORT:-993}
+        - POP_PORT=${POP_PORT:-110}
+        - POPS_PORT=${POPS_PORT:-995}
+        - SIEVE_PORT=${SIEVE_PORT:-4190}
+        - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
+        - IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
+        - SUBMISSION_PORT=${SUBMISSION_PORT:-587}
+        - SMTPS_PORT=${SMTPS_PORT:-465}
+        - SMTP_PORT=${SMTP_PORT:-25}
+        - API_KEY=${API_KEY:-invalid}
+        - API_KEY_READ_ONLY=${API_KEY_READ_ONLY:-invalid}
+        - API_ALLOW_FROM=${API_ALLOW_FROM:-invalid}
+        - COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
+        - SKIP_SOLR=${SKIP_SOLR:-y}
+        - SKIP_CLAMD=${SKIP_CLAMD:-n}
+        - SKIP_SOGO=${SKIP_SOGO:-n}
+        - ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
+        - MASTER=${MASTER:-y}
+        - DEV_MODE=${DEV_MODE:-n}
+        - DEMO_MODE=${DEMO_MODE:-n}
+        - WEBAUTHN_ONLY_TRUSTED_VENDORS=${WEBAUTHN_ONLY_TRUSTED_VENDORS:-n}
+      restart: always
+      networks:
+        mailcow-network:
+          aliases:
+            - phpfpm
+
+    sogo-mailcow:
+      image: mailcow/sogo:1.114
+      environment:
+        - DBNAME=${DBNAME}
+        - DBUSER=${DBUSER}
+        - DBPASS=${DBPASS}
+        - TZ=${TZ}
+        - LOG_LINES=${LOG_LINES:-9999}
+        - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
+        - MAILCOW_PASS_SCHEME=${MAILCOW_PASS_SCHEME:-BLF-CRYPT}
+        - ACL_ANYONE=${ACL_ANYONE:-disallow}
+        - ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
+        - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
+        - SOGO_EXPIRE_SESSION=${SOGO_EXPIRE_SESSION:-480}
+        - SKIP_SOGO=${SKIP_SOGO:-n}
+        - MASTER=${MASTER:-y}
+        - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
+        - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
+      dns:
+        - ${IPV4_NETWORK:-172.22.1}.254
+      volumes:
+        - ./data/hooks/sogo:/hooks:Z
+        - ./data/conf/sogo/:/etc/sogo/:z
+        - ./data/web/inc/init_db.inc.php:/init_db.inc.php:Z
+        - ./data/conf/sogo/custom-favicon.ico:/usr/lib/GNUstep/SOGo/WebServerResources/img/sogo.ico:z
+        - ./data/conf/sogo/custom-theme.js:/usr/lib/GNUstep/SOGo/WebServerResources/js/theme.js:z
+        - ./data/conf/sogo/custom-sogo.js:/usr/lib/GNUstep/SOGo/WebServerResources/js/custom-sogo.js:z
+        - mysql-socket-vol-1:/var/run/mysqld/
+        - sogo-web-vol-1:/sogo_web
+        - sogo-userdata-backup-vol-1:/sogo_backup
+      labels:
+        ofelia.enabled: "true"
+        ofelia.job-exec.sogo_sessions.schedule: "@every 1m"
+        ofelia.job-exec.sogo_sessions.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-tool expire-sessions $${SOGO_EXPIRE_SESSION} || exit 0\""
+        ofelia.job-exec.sogo_ealarms.schedule: "@every 1m"
+        ofelia.job-exec.sogo_ealarms.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-ealarms-notify -p /etc/sogo/sieve.creds || exit 0\""
+        ofelia.job-exec.sogo_eautoreply.schedule: "@every 5m"
+        ofelia.job-exec.sogo_eautoreply.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-tool update-autoreply -p /etc/sogo/sieve.creds || exit 0\""
+        ofelia.job-exec.sogo_backup.schedule: "@every 24h"
+        ofelia.job-exec.sogo_backup.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-tool backup /sogo_backup ALL || exit 0\""
+      restart: always
+      networks:
+        mailcow-network:
+          ipv4_address: ${IPV4_NETWORK:-172.22.1}.248
+          aliases:
+            - sogo
+
+    dovecot-mailcow:
+      image: mailcow/dovecot:1.22
+      depends_on:
+        - mysql-mailcow
+      dns:
+        - ${IPV4_NETWORK:-172.22.1}.254
+      cap_add:
+        - NET_BIND_SERVICE
+      volumes:
+        - ./data/hooks/dovecot:/hooks:Z
+        - ./data/conf/dovecot:/etc/dovecot:z
+        - ./data/assets/ssl:/etc/ssl/mail/:ro,z
+        - ./data/conf/sogo/:/etc/sogo/:z
+        - ./data/conf/phpfpm/sogo-sso/:/etc/phpfpm/:z
+        - vmail-vol-1:/var/vmail
+        - vmail-index-vol-1:/var/vmail_index
+        - crypt-vol-1:/mail_crypt/
+        - ./data/conf/rspamd/custom/:/etc/rspamd/custom:z
+        - ./data/assets/templates:/templates:z
+        - rspamd-vol-1:/var/lib/rspamd
+        - mysql-socket-vol-1:/var/run/mysqld/
+      environment:
+        - DOVECOT_MASTER_USER=${DOVECOT_MASTER_USER:-}
+        - DOVECOT_MASTER_PASS=${DOVECOT_MASTER_PASS:-}
+        - LOG_LINES=${LOG_LINES:-9999}
+        - DBNAME=${DBNAME}
+        - DBUSER=${DBUSER}
+        - DBPASS=${DBPASS}
+        - TZ=${TZ}
+        - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
+        - MAILCOW_PASS_SCHEME=${MAILCOW_PASS_SCHEME:-BLF-CRYPT}
+        - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
+        - ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
+        - MAILDIR_GC_TIME=${MAILDIR_GC_TIME:-7200}
+        - ACL_ANYONE=${ACL_ANYONE:-disallow}
+        - SKIP_SOLR=${SKIP_SOLR:-y}
+        - MAILDIR_SUB=${MAILDIR_SUB:-}
+        - MASTER=${MASTER:-y}
+        - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
+        - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
+        - COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
+      ports:
+        - "${DOVEADM_PORT:-127.0.0.1:19991}:12345"
+        - "${IMAP_PORT:-143}:143"
+        - "${IMAPS_PORT:-993}:993"
+        - "${POP_PORT:-110}:110"
+        - "${POPS_PORT:-995}:995"
+        - "${SIEVE_PORT:-4190}:4190"
+      restart: always
+      tty: true
+      labels:
+        ofelia.enabled: "true"
+        ofelia.job-exec.dovecot_imapsync_runner.schedule: "@every 1m"
+        ofelia.job-exec.dovecot_imapsync_runner.no-overlap: "true"
+        ofelia.job-exec.dovecot_imapsync_runner.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu nobody /usr/local/bin/imapsync_runner.pl || exit 0\""
+        ofelia.job-exec.dovecot_trim_logs.schedule: "@every 1m"
+        ofelia.job-exec.dovecot_trim_logs.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu vmail /usr/local/bin/trim_logs.sh || exit 0\""
+        ofelia.job-exec.dovecot_quarantine.schedule: "@every 20m"
+        ofelia.job-exec.dovecot_quarantine.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu vmail /usr/local/bin/quarantine_notify.py || exit 0\""
+        ofelia.job-exec.dovecot_clean_q_aged.schedule: "@every 24h"
+        ofelia.job-exec.dovecot_clean_q_aged.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu vmail /usr/local/bin/clean_q_aged.sh || exit 0\""
+        ofelia.job-exec.dovecot_maildir_gc.schedule: "@every 30m"
+        ofelia.job-exec.dovecot_maildir_gc.command: "/bin/bash -c \"source /source_env.sh ; /usr/local/bin/gosu vmail /usr/local/bin/maildir_gc.sh\""
+        ofelia.job-exec.dovecot_sarules.schedule: "@every 24h"
+        ofelia.job-exec.dovecot_sarules.command: "/bin/bash -c \"/usr/local/bin/sa-rules.sh\""
+        ofelia.job-exec.dovecot_fts.schedule: "@every 24h"
+        ofelia.job-exec.dovecot_fts.command: "/usr/bin/curl http://solr:8983/solr/dovecot-fts/update?optimize=true"
+        ofelia.job-exec.dovecot_repl_health.schedule: "@every 5m"
+        ofelia.job-exec.dovecot_repl_health.command: "/bin/bash -c \"/usr/local/bin/gosu vmail /usr/local/bin/repl_health.sh\""
+      ulimits:
+        nproc: 65535
+        nofile:
+          soft: 20000
+          hard: 40000
+      networks:
+        mailcow-network:
+          ipv4_address: ${IPV4_NETWORK:-172.22.1}.250
+          aliases:
+            - dovecot
+
+    postfix-mailcow:
+      image: mailcow/postfix:1.68
+      depends_on:
+        - mysql-mailcow
+      volumes:
+        - ./data/hooks/postfix:/hooks:Z
+        - ./data/conf/postfix:/opt/postfix/conf:z
+        - ./data/assets/ssl:/etc/ssl/mail/:ro,z
+        - postfix-vol-1:/var/spool/postfix
+        - crypt-vol-1:/var/lib/zeyple
+        - rspamd-vol-1:/var/lib/rspamd
+        - mysql-socket-vol-1:/var/run/mysqld/
+      environment:
+        - LOG_LINES=${LOG_LINES:-9999}
+        - TZ=${TZ}
+        - DBNAME=${DBNAME}
+        - DBUSER=${DBUSER}
+        - DBPASS=${DBPASS}
+        - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
+        - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
+        - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
+      cap_add:
+        - NET_BIND_SERVICE
+      ports:
+        - "${SMTP_PORT:-25}:25"
+        - "${SMTPS_PORT:-465}:465"
+        - "${SUBMISSION_PORT:-587}:587"
+      restart: always
+      dns:
+        - ${IPV4_NETWORK:-172.22.1}.254
+      networks:
+        mailcow-network:
+          ipv4_address: ${IPV4_NETWORK:-172.22.1}.253
+          aliases:
+            - postfix
+
+    memcached-mailcow:
+      image: memcached:alpine
+      restart: always
+      environment:
+        - TZ=${TZ}
+      networks:
+        mailcow-network:
+          aliases:
+            - memcached
+
+    nginx-mailcow:
+      depends_on:
+        - sogo-mailcow
+        - php-fpm-mailcow
+        - redis-mailcow
+      image: nginx:mainline-alpine
+      dns:
+        - ${IPV4_NETWORK:-172.22.1}.254
+      command: /bin/sh -c "envsubst < /etc/nginx/conf.d/templates/listen_plain.template > /etc/nginx/conf.d/listen_plain.active &&
+        envsubst < /etc/nginx/conf.d/templates/listen_ssl.template > /etc/nginx/conf.d/listen_ssl.active &&
+        envsubst < /etc/nginx/conf.d/templates/sogo.template > /etc/nginx/conf.d/sogo.active &&
+        . /etc/nginx/conf.d/templates/server_name.template.sh > /etc/nginx/conf.d/server_name.active &&
+        . /etc/nginx/conf.d/templates/sites.template.sh > /etc/nginx/conf.d/sites.active &&
+        . /etc/nginx/conf.d/templates/sogo_eas.template.sh > /etc/nginx/conf.d/sogo_eas.active &&
+        nginx -qt &&
+        until ping phpfpm -c1 > /dev/null; do sleep 1; done &&
+        until ping sogo -c1 > /dev/null; do sleep 1; done &&
+        until ping redis -c1 > /dev/null; do sleep 1; done &&
+        until ping rspamd -c1 > /dev/null; do sleep 1; done &&
+        exec nginx -g 'daemon off;'"
+      environment:
+        - HTTPS_PORT=${HTTPS_PORT:-443}
+        - HTTP_PORT=${HTTP_PORT:-80}
+        - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
+        - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
+        - TZ=${TZ}
+        - SKIP_SOGO=${SKIP_SOGO:-n}
+        - ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
+        - ADDITIONAL_SERVER_NAMES=${ADDITIONAL_SERVER_NAMES:-}
+      volumes:
+        - ./data/web:/web:ro,z
+        - ./data/conf/rspamd/dynmaps:/dynmaps:ro,z
+        - ./data/assets/ssl/:/etc/ssl/mail/:ro,z
+        - ./data/conf/nginx/:/etc/nginx/conf.d/:z
+        - ./data/conf/rspamd/meta_exporter:/meta_exporter:ro,z
+        - sogo-web-vol-1:/usr/lib/GNUstep/SOGo/
+      ports:
+        - "${HTTPS_BIND:-}:${HTTPS_PORT:-443}:${HTTPS_PORT:-443}"
+        - "${HTTP_BIND:-}:${HTTP_PORT:-80}:${HTTP_PORT:-80}"
+      restart: always
+      networks:
+        mailcow-network:
+          aliases:
+            - nginx
+
+    acme-mailcow:
+      depends_on:
+        - nginx-mailcow
+      image: mailcow/acme:1.84
+      dns:
+        - ${IPV4_NETWORK:-172.22.1}.254
+      environment:
+        - LOG_LINES=${LOG_LINES:-9999}
+        - ACME_CONTACT=${ACME_CONTACT:-}
+        - ADDITIONAL_SAN=${ADDITIONAL_SAN}
+        - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
+        - DBNAME=${DBNAME}
+        - DBUSER=${DBUSER}
+        - DBPASS=${DBPASS}
+        - SKIP_LETS_ENCRYPT=${SKIP_LETS_ENCRYPT:-n}
+        - COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
+        - DIRECTORY_URL=${DIRECTORY_URL:-}
+        - ENABLE_SSL_SNI=${ENABLE_SSL_SNI:-n}
+        - SKIP_IP_CHECK=${SKIP_IP_CHECK:-n}
+        - SKIP_HTTP_VERIFICATION=${SKIP_HTTP_VERIFICATION:-n}
+        - ONLY_MAILCOW_HOSTNAME=${ONLY_MAILCOW_HOSTNAME:-n}
+        - LE_STAGING=${LE_STAGING:-n}
+        - TZ=${TZ}
+        - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
+        - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
+        - SNAT_TO_SOURCE=${SNAT_TO_SOURCE:-n}
+        - SNAT6_TO_SOURCE=${SNAT6_TO_SOURCE:-n}
+      volumes:
+        - ./data/web/.well-known/acme-challenge:/var/www/acme:z
+        - ./data/assets/ssl:/var/lib/acme/:z
+        - ./data/assets/ssl-example:/var/lib/ssl-example/:ro,Z
+        - mysql-socket-vol-1:/var/run/mysqld/
+      restart: always
+      networks:
+        mailcow-network:
+          aliases:
+            - acme
+
+    netfilter-mailcow:
+      image: mailcow/netfilter:1.50
+      stop_grace_period: 30s
+      depends_on:
+        - dovecot-mailcow
+        - postfix-mailcow
+        - sogo-mailcow
+        - php-fpm-mailcow
+        - redis-mailcow
+      restart: always
+      privileged: true
+      environment:
+        - TZ=${TZ}
+        - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
+        - IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
+        - SNAT_TO_SOURCE=${SNAT_TO_SOURCE:-n}
+        - SNAT6_TO_SOURCE=${SNAT6_TO_SOURCE:-n}
+        - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
+        - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
+      network_mode: "host"
+      volumes:
+        - /lib/modules:/lib/modules:ro
+
+    watchdog-mailcow:
+      image: mailcow/watchdog:1.97
+      dns:
+        - ${IPV4_NETWORK:-172.22.1}.254
+      tmpfs:
+        - /tmp
+      volumes:
+        - rspamd-vol-1:/var/lib/rspamd
+        - mysql-socket-vol-1:/var/run/mysqld/
+        - postfix-vol-1:/var/spool/postfix
+        - ./data/assets/ssl:/etc/ssl/mail/:ro,z
+      restart: always
+      environment:
+        - IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
+        - LOG_LINES=${LOG_LINES:-9999}
+        - TZ=${TZ}
+        - DBNAME=${DBNAME}
+        - DBUSER=${DBUSER}
+        - DBPASS=${DBPASS}
+        - DBROOT=${DBROOT}
+        - USE_WATCHDOG=${USE_WATCHDOG:-n}
+        - WATCHDOG_NOTIFY_EMAIL=${WATCHDOG_NOTIFY_EMAIL:-}
+        - WATCHDOG_NOTIFY_BAN=${WATCHDOG_NOTIFY_BAN:-y}
+        - WATCHDOG_SUBJECT=${WATCHDOG_SUBJECT:-Watchdog ALERT}
+        - WATCHDOG_EXTERNAL_CHECKS=${WATCHDOG_EXTERNAL_CHECKS:-n}
+        - WATCHDOG_MYSQL_REPLICATION_CHECKS=${WATCHDOG_MYSQL_REPLICATION_CHECKS:-n}
+        - WATCHDOG_VERBOSE=${WATCHDOG_VERBOSE:-n}
+        - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
+        - COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
+        - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
+        - IP_BY_DOCKER_API=${IP_BY_DOCKER_API:-0}
+        - CHECK_UNBOUND=${CHECK_UNBOUND:-1}
+        - SKIP_CLAMD=${SKIP_CLAMD:-n}
+        - SKIP_LETS_ENCRYPT=${SKIP_LETS_ENCRYPT:-n}
+        - SKIP_SOGO=${SKIP_SOGO:-n}
+        - HTTPS_PORT=${HTTPS_PORT:-443}
+        - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
+        - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
+        - EXTERNAL_CHECKS_THRESHOLD=${EXTERNAL_CHECKS_THRESHOLD:-1}
+        - NGINX_THRESHOLD=${NGINX_THRESHOLD:-5}
+        - UNBOUND_THRESHOLD=${UNBOUND_THRESHOLD:-5}
+        - REDIS_THRESHOLD=${REDIS_THRESHOLD:-5}
+        - MYSQL_THRESHOLD=${MYSQL_THRESHOLD:-5}
+        - MYSQL_REPLICATION_THRESHOLD=${MYSQL_REPLICATION_THRESHOLD:-1}
+        - SOGO_THRESHOLD=${SOGO_THRESHOLD:-3}
+        - POSTFIX_THRESHOLD=${POSTFIX_THRESHOLD:-8}
+        - CLAMD_THRESHOLD=${CLAMD_THRESHOLD:-15}
+        - DOVECOT_THRESHOLD=${DOVECOT_THRESHOLD:-12}
+        - DOVECOT_REPL_THRESHOLD=${DOVECOT_REPL_THRESHOLD:-20}
+        - PHPFPM_THRESHOLD=${PHPFPM_THRESHOLD:-5}
+        - RATELIMIT_THRESHOLD=${RATELIMIT_THRESHOLD:-1}
+        - FAIL2BAN_THRESHOLD=${FAIL2BAN_THRESHOLD:-1}
+        - ACME_THRESHOLD=${ACME_THRESHOLD:-1}
+        - RSPAMD_THRESHOLD=${RSPAMD_THRESHOLD:-5}
+        - OLEFY_THRESHOLD=${OLEFY_THRESHOLD:-5}
+        - MAILQ_THRESHOLD=${MAILQ_THRESHOLD:-20}
+        - MAILQ_CRIT=${MAILQ_CRIT:-30}
+      networks:
+        mailcow-network:
+          aliases:
+            - watchdog
+
+    dockerapi-mailcow:
+      image: mailcow/dockerapi:2.01
+      security_opt:
+        - label=disable
+      restart: always
+      dns:
+        - ${IPV4_NETWORK:-172.22.1}.254
+      environment:
+        - DBROOT=${DBROOT}
+        - TZ=${TZ}
+        - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
+        - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
+      volumes:
+        - /var/run/docker.sock:/var/run/docker.sock:ro
+      networks:
+        mailcow-network:
+          aliases:
+            - dockerapi
+
+    solr-mailcow:
+      image: mailcow/solr:1.8.1
+      restart: always
+      volumes:
+        - solr-vol-1:/opt/solr/server/solr/dovecot-fts/data
+      ports:
+        - "${SOLR_PORT:-127.0.0.1:18983}:8983"
+      environment:
+        - TZ=${TZ}
+        - SOLR_HEAP=${SOLR_HEAP:-1024}
+        - SKIP_SOLR=${SKIP_SOLR:-y}
+      networks:
+        mailcow-network:
+          aliases:
+            - solr
+
+    olefy-mailcow:
+      image: mailcow/olefy:1.11
+      restart: always
+      environment:
+        - TZ=${TZ}
+        - OLEFY_BINDADDRESS=0.0.0.0
+        - OLEFY_BINDPORT=10055
+        - OLEFY_TMPDIR=/tmp
+        - OLEFY_PYTHON_PATH=/usr/bin/python3
+        - OLEFY_OLEVBA_PATH=/usr/bin/olevba
+        - OLEFY_LOGLVL=20
+        - OLEFY_MINLENGTH=500
+        - OLEFY_DEL_TMP=1
+      networks:
+        mailcow-network:
+          aliases:
+            - olefy
+
+    ofelia-mailcow:
+      image: mcuadros/ofelia:latest
+      restart: always
+      command: daemon --docker
+      environment:
+        - TZ=${TZ}
+      depends_on:
+        - sogo-mailcow
+        - dovecot-mailcow
+      labels:
+        ofelia.enabled: "true"
+      security_opt:
+        - label=disable
+      volumes:
+        - /var/run/docker.sock:/var/run/docker.sock:ro
+      networks:
+        mailcow-network:
+          aliases:
+            - ofelia
+
+    ipv6nat-mailcow:
+      depends_on:
+        - unbound-mailcow
+        - mysql-mailcow
+        - redis-mailcow
+        - clamd-mailcow
+        - rspamd-mailcow
+        - php-fpm-mailcow
+        - sogo-mailcow
+        - dovecot-mailcow
+        - postfix-mailcow
+        - memcached-mailcow
+        - nginx-mailcow
+        - acme-mailcow
+        - netfilter-mailcow
+        - watchdog-mailcow
+        - dockerapi-mailcow
+        - solr-mailcow
+      environment:
+        - TZ=${TZ}
+      image: robbertkl/ipv6nat
+      security_opt:
+        - label=disable
+      restart: always
+      privileged: true
+      network_mode: "host"
+      volumes:
+        - /var/run/docker.sock:/var/run/docker.sock:ro
+        - /lib/modules:/lib/modules:ro
+
+networks:
+  mailcow-network:
+    driver: bridge
+    driver_opts:
+      com.docker.network.bridge.name: br-mailcow
+    enable_ipv6: true
+    ipam:
+      driver: default
+      config:
+        - subnet: ${IPV4_NETWORK:-172.22.1}.0/24
+        - subnet: ${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
+
+volumes:
+  vmail-vol-1:
+  vmail-index-vol-1:
+  mysql-vol-1:
+  mysql-socket-vol-1:
+  redis-vol-1:
+  rspamd-vol-1:
+  solr-vol-1:
+  postfix-vol-1:
+  crypt-vol-1:
+  sogo-web-vol-1:
+  sogo-userdata-backup-vol-1:
+  clamd-db-vol-1:

docker-compose/mailserver/docker-compose.yml

@@ -0,0 +1,43 @@
+services:
+
+# Full example :
+# https://github.com/hardware/mailserver/blob/master/docker-compose.sample.yml
+  rainloop:
+    image: hardware/rainloop
+    container_name: rainloop
+    volumes:
+      - /docker-containers/rainloop:/rainloop/data
+    depends_on:
+      - mailserver
+  mailserver:
+    image: docker.io/mailserver/docker-mailserver:latest
+    container_name: mailserver
+    # If the FQDN for your mail-server is only two labels (eg: example.com),
+    # you can assign this entirely to `hostname` and remove `domainname`.
+    hostname: mail
+    domainname: example.com
+    env_file: mailserver.env
+    # More information about the mail-server ports:
+    # https://docker-mailserver.github.io/docker-mailserver/edge/config/security/understanding-the-ports/
+    # To avoid conflicts with yaml base-60 float, DO NOT remove the quotation marks.
+    ports:
+      - "25:25"    # SMTP  (explicit TLS => STARTTLS)
+      - "143:143"  # IMAP4 (explicit TLS => STARTTLS)
+      - "465:465"  # ESMTP (implicit TLS)
+      - "587:587"  # ESMTP (explicit TLS => STARTTLS)
+      - "993:993"  # IMAP4 (implicit TLS)
+    volumes:
+      - /docker-containers/mailserver:/var/
+#      - ./docker-data/dms/mail-data/:/var/mail/
+#      - ./docker-data/dms/mail-state/:/var/mail-state/
+#      - ./docker-data/dms/mail-logs/:/var/log/mail/
+#      - ./docker-data/dms/config/:/tmp/docker-mailserver/
+      - /etc/localtime:/etc/localtime:ro
+    restart: always
+    stop_grace_period: 1m
+    cap_add:
+      - NET_ADMIN
+    healthcheck:
+      test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1"
+      timeout: 3s
+      retries: 0

docker-compose/mariadb/docker-compose.yml

@@ -0,0 +1,30 @@
+version: "3.0"
+services:
+  mariadb:
+    image: lscr.io/linuxserver/mariadb
+    container_name: mariadb
+    environment:
+      - PUID=1000
+      - PGID=1003
+      - MYSQL_ROOT_PASSWORD=ChangeMe123
+      - TZ=America/New_York
+      - MYSQL_DATABASE=default
+      - MYSQL_USER=yourusername
+      - MYSQL_PASSWORD=ChangeMe123
+    volumes:
+      - /docker-containers/mariadb:/config
+    ports:
+      - "3306:3306"
+    restart: unless-stopped
+    stdin_open: true
+    tty: true
+    networks:
+      homelab:
+        aliases:
+          - mysql  # how to add multiple aliases
+          - romm-db
+          - db
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one, wont work without it though..

docker-compose/mastodon/docker-compose.yml

@@ -0,0 +1,142 @@
+# https://github.com/mastodon/mastodon/blob/main/docker-compose.yml
+version: '3'
+
+services:
+
+# Already installed in it's own container, not sure If I want to run here also. maybe different version?
+  db:
+    restart: always
+    image: postgres:14-alpine
+    shm_size: 256mb
+    networks:
+      - internal_mast
+    healthcheck:
+      test: ['CMD', 'pg_isready', '-U', 'postgres']
+    volumes:
+      #- ./postgres14:/var/lib/postgresql/data
+      - /docker-containers/mastodon/postgres14:/var/lib/postgresql/data
+    environment:
+      - 'POSTGRES_HOST_AUTH_METHOD=trust'
+
+  redis:
+    restart: always
+    image: redis:7-alpine
+    networks:
+      - internal_mast
+    healthcheck:
+      test: ['CMD', 'redis-cli', 'ping']
+    volumes:
+      - /docker-containers/mastodon/redis:/data
+
+# Already installed in it's own container
+  # es:
+  #   restart: always
+  #   image: docker.elastic.co/elasticsearch/elasticsearch:7.17.4
+  #   environment:
+  #     - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Des.enforce.bootstrap.checks=true"
+  #     - "xpack.license.self_generated.type=basic"
+  #     - "xpack.security.enabled=false"
+  #     - "xpack.watcher.enabled=false"
+  #     - "xpack.graph.enabled=false"
+  #     - "xpack.ml.enabled=false"
+  #     - "bootstrap.memory_lock=true"
+  #     - "cluster.name=es-mastodon"
+  #     - "discovery.type=single-node"
+  #     - "thread_pool.write.queue_size=1000"
+  #   networks:
+  #      - external_mast
+  #      - internal_mast
+  #   healthcheck:
+  #      test: ["CMD-SHELL", "curl --silent --fail localhost:9200/_cluster/health || exit 1"]
+  #   volumes:
+  #      - ./elasticsearch:/usr/share/elasticsearch/data
+  #   ulimits:
+  #     memlock:
+  #       soft: -1
+  #       hard: -1
+  #     nofile:
+  #       soft: 65536
+  #       hard: 65536
+  #   ports:
+  #     - '127.0.0.1:9200:9200'
+
+  web:
+    build: .
+    image: ghcr.io/mastodon/mastodon:v4.2.0
+    restart: always
+    env_file: 
+      - /docker-containers/mastodon/.env.production
+    command: bundle exec puma -C config/puma.rb
+    networks:
+      - external_mast
+      - internal_mast
+    healthcheck:
+      # prettier-ignore
+      test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:3000/health || exit 1']
+    ports:
+      - '127.0.0.1:3000:3000'
+    depends_on:
+      - db
+      - redis
+      # - es
+    volumes:
+      - /docker-containers/mastodon/system:/mastodon/public/system
+
+  streaming:
+    build: .
+    image: ghcr.io/mastodon/mastodon:v4.2.0
+    restart: always
+    env_file: 
+      -/docker-containers/mastodon/.env.production
+    command: node ./streaming
+    networks:
+      - external_mast
+      - internal_mast
+    healthcheck:
+      # prettier-ignore
+      test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1']
+    ports:
+      - '127.0.0.1:4000:4000'
+    depends_on:
+      - db
+      - redis
+
+  sidekiq:
+    build: .
+    image: ghcr.io/mastodon/mastodon:v4.2.0
+    restart: always
+    env_file: 
+      - /docker-containers/mastodon/.env.production
+    command: bundle exec sidekiq
+    depends_on:
+      - db
+      - redis
+    networks:
+      - external_mast
+      - internal_mast
+    volumes:
+      - /docker-containers/mastodon/system:/mastodon/public/system
+    healthcheck:
+      test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"]
+
+  ## Uncomment to enable federation with tor instances along with adding the following ENV variables
+  ## http_hidden_proxy=http://privoxy:8118
+  ## ALLOW_ACCESS_TO_HIDDEN_SERVICE=true
+  # tor:
+  #   image: sirboops/tor
+  #   networks:
+  #      - external_mast
+  #      - internal_mast
+  #
+  # privoxy:
+  #   image: sirboops/privoxy
+  #   volumes:
+  #     - ./priv-config:/opt/config
+  #   networks:
+  #     - external_mast
+  #     - internal_mast
+
+networks:
+  external_mast:
+  internal_mast:
+    internal: true

docker-compose/mealie/docker-compose.yml

@@ -0,0 +1,39 @@
+---
+version: "3.7"
+services:
+  mealie:
+    image: ghcr.io/mealie-recipes/mealie:v3.3.0
+    container_name: mealie
+    ports:
+      - "9925:9000"
+    deploy:
+      resources:
+        limits:
+          memory: 1000M
+    environment:
+      - ALLOW_SIGNUP=true
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+      - MAX_WORKERS=1
+      - WEB_CONCURRENCY=1
+      - BASE_URL=https://mealie.example.com/
+      - OPENAI_BASE_URL=   # leave empty to use standard if aren't sure
+      - OPENAI_API_KEY=YourAPIKEY
+      - OPENAI_MODEL=gpt-4o
+      - OPENAI_ENABLE_IMAGE_SERVICES=true
+      - OPENAI_WORKERS=1 # more = more money
+      - OPENAI_SEND_DATABASE_DATA=false  # true = more money
+      - OPENAI_REQUEST_TIMEOUT=60 # default is 60
+
+    restart: always
+    volumes:
+      - /docker-containers/mealie:/app/data
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/mediacms/docker-compose.yml

@@ -0,0 +1,96 @@
+version: "3"
+
+services:
+  migrations:
+    image: mediacms/mediacms:latest
+    volumes:
+      - /docker-containers/mediacms:/home/mediacms.io/mediacms/
+    environment:
+      ENABLE_UWSGI: 'no'
+      ENABLE_NGINX: 'no'
+      ENABLE_CELERY_SHORT: 'no'
+      ENABLE_CELERY_LONG: 'no'
+      ENABLE_CELERY_BEAT: 'no'
+      ADMIN_USER: 'yourusername'
+      ADMIN_EMAIL: 'your@email.com'
+      ADMIN_PASSWORD: 'ChangeMe123'
+    command: "./deploy/docker/prestart.sh"
+    restart: on-failure
+    depends_on:
+      redis:
+        condition: service_healthy
+      # db:
+      #   condition: service_healthy
+    networks:           # Specify network for container
+      - homelab
+  web:
+    image: mediacms/mediacms:latest
+    deploy:
+      replicas: 1
+    ports:
+      - "80:80"
+    volumes:
+      - /docker-containers/mediacms:/home/mediacms.io/mediacms/
+    environment:
+      ENABLE_CELERY_BEAT: 'no'
+      ENABLE_CELERY_SHORT: 'no'
+      ENABLE_CELERY_LONG: 'no'
+      ENABLE_MIGRATIONS: 'no'
+    depends_on:
+      - migrations
+    networks:           # Specify network for container
+      - homelab
+  celery_beat:
+    image: mediacms/mediacms:latest
+    volumes:
+      - /docker-containers/mediacms:/home/mediacms.io/mediacms/
+    environment:
+      ENABLE_UWSGI: 'no'
+      ENABLE_NGINX: 'no'
+      ENABLE_CELERY_SHORT: 'no'
+      ENABLE_CELERY_LONG: 'no'
+      ENABLE_MIGRATIONS: 'no'
+    depends_on:
+      - redis
+  celery_worker:
+    image: mediacms/mediacms:latest
+    deploy:
+      replicas: 1
+    volumes:
+      - /docker-containers/mediacms:/home/mediacms.io/mediacms/
+    environment:
+      ENABLE_UWSGI: 'no'
+      ENABLE_NGINX: 'no'
+      ENABLE_CELERY_BEAT: 'no'
+      ENABLE_MIGRATIONS: 'no'
+    depends_on:
+      - migrations
+  # Uncomment below to use postgres db, running in seperate stack. 
+  # db:
+  #   image: postgres:15.2-alpine
+  #   volumes:
+  #     - ../postgres_data:/var/lib/postgresql/data/
+  #   restart: always
+  #   environment:
+  #     POSTGRES_USER: mediacms
+  #     POSTGRES_PASSWORD: mediacms
+  #     POSTGRES_DB: mediacms
+  #     TZ: Europe/London
+  #   healthcheck:
+  #     test: ["CMD-SHELL", "pg_isready", "--host=db", "--dbname=$POSTGRES_DB", "--username=$POSTGRES_USER"]
+  #     interval: 10s
+  #     timeout: 5s
+  #     retries: 5
+  redis:
+    image: "redis:alpine"
+    restart: always
+    healthcheck:
+      test: ["CMD", "redis-cli","ping"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/minecraft-paper_itzg/docker-compose.yml

@@ -0,0 +1,37 @@
+version: "3.8"
+services:
+  mc:
+    image: itzg/minecraft-server
+    container_name: minecraft
+    environment:
+      EULA: "true"
+      TYPE: "PAPER"
+      VERSION: 1.21.1
+      PLUGINS: |
+        https://download.geysermc.org/v2/projects/geyser/versions/latest/builds/latest/downloads/spigot
+        https://download.geysermc.org/v2/projects/floodgate/versions/latest/builds/latest/downloads/spigot
+      VIEW_DISTANCE: 15
+      MAX_PLAYERS: 100
+      MEMORY: 12G
+      EXTRA_ARGS: '--world-dir /data/worlds/'
+      # WORLD: /data/worlds
+      # FORCE_WORLD_COPY: "false"    # will copy a world from a directory then run if needed # still clones world from /data/worlds to /data/world
+    ports:
+      - "25565:25565"
+      - "19132:19132/udp"
+      - "8123:8123"   # For dynmap
+    volumes:
+      # attach the relative directory 'data' to the container's /data path
+      - /docker-containers/minecraft-paper_itzg:/data
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      homelab:
+        aliases:
+          - mc
+          - mcecon
+networks:    # you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/mixpost/.env

@@ -0,0 +1,26 @@
+# The name of your application.
+APP_NAME=Mixpost
+
+# Key used to encrypt and decrypt sensitive data. Generate this using the following tool:
+# https://mixpost.app/tools/encryption-key-generator
+APP_KEY=base64:YourBase64EncodedString
+
+# Debug mode setting. Set to `false` for production environments.
+APP_DEBUG=false
+
+# Your app's domain or subdomain, without the 'http://' or 'https://' prefix.
+APP_DOMAIN=mixpost.example.com
+
+# Full application URL is automatically configured; no modification required.
+APP_URL=https://${APP_DOMAIN}
+
+# MySQL connection setup.
+DB_CONNECTION=mysql
+DB_HOST=mysql # Use one of the MariaDB aliases
+DB_PORT=3306
+DB_DATABASE=mixpost_db
+DB_USERNAME=mixpost
+DB_PASSWORD=yourPassword
+
+# Specify the email address to be used for SSL certificate registration and notifications.
+SSL_EMAIL=admin@example.com

docker-compose/mixpost/docker-compose.yml

@@ -0,0 +1,53 @@
+# social media management software # paid past facebook and twitter
+# didn't want to mix traefik and nginx so stopped using for now may pick up later
+# using mariadb for mysql connection. already setup within .env if checked
+# even after getting working couldn't quite get it to post to facebook or twitter
+# Will likely use n8n or node-red instead. Seems all these softwares go to paid plans eventually
+version: "3.8"
+services:
+  mixpost:
+    image: inovector/mixpost:latest
+    container_name: mixpost
+    # env_file:
+    #   - .env
+    environment:
+      - APP_KEY=base64:YourBase64EncodedString
+      - APP_DEBUG=true
+      - APP_DOMAIN=mixpost.example.com
+      - APP_URL=https://mixpost.example.com
+      - DB_CONNECTION=mysql
+      - DB_HOST=mysql
+      - DB_PORT=3306
+      - DB_DATABASE=mixpost_db
+      - DB_USERNAME=mixpost
+      - DB_PASSWORD=yourPassword
+      - SSL_EMAIL=admin@example.com
+    ports:
+      - "8540:80"
+      - "8543:443"
+    volumes:
+      - /docker-containers/mixpost/app:/var/www/html/storage/app
+      - /docker-containers/mixpost/logs:/var/www/html/storage/logs
+    depends_on:
+      - redis 
+    restart: unless-stopped
+    networks:           # Specify network for container
+      homelab:
+        aliases:
+          - facebook
+          - instagram
+
+  redis:
+    image: 'redis:latest'
+    command: redis-server --appendonly yes --replica-read-only no
+    volumes:
+      - /docker-containers/mixpost/redis:/data
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+      retries: 3
+      timeout: 5s
+    restart: unless-stopped
+
+networks:    # you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/mkvtoolnix/docker-compose.yml

@@ -0,0 +1,21 @@
+version: "3"
+services:
+  mkvtoolnix:
+    image: jlesage/mkvtoolnix
+    restart: unless-stopped
+    ports:
+      - "5800:5800" # mkvtoolnix gui
+    volumes:
+      - /docker-containers/mkvtoolnix:/config:rw
+      - /docker-containers/mkvtoolnix/storage:/storage:rw
+      - /TvShows:/storage/tvshows:rw
+      - /Videos:/storage/videos:rw
+      - /Movies:/storage/movies:rw
+    networks:
+      homelab:
+        aliases:
+          - mkvtool
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/mongodb/docker-compose.yml

@@ -0,0 +1,44 @@
+# Use root/example as user/password credentials
+version: '3.1'
+services:
+  mongo-db:
+    image: mongo
+    container_name: mongo-db
+    restart: always
+    environment:
+      UID: 1000
+      GID: 1006
+      MONGO_INITDB_ROOT_USERNAME: yourusername
+      MONGO_INITDB_ROOT_PASSWORD: ChangeMe123!
+    volumes:
+      - /docker-containers/mongodb/db:/data/db
+      - /docker-containers/mongodb/configdb:/data/configdb
+      - /docker-containers/mongodb/backup:/data/sickbackup
+    stdin_open: true
+    tty: true
+    networks:
+      homelab:    # Specifying the network to join, simple way
+        aliases:
+          - mongo  # how to add multiple aliases
+          - mongo-db
+          - mongodb
+
+  mongo-express:
+    image: mongo-express
+    restart: always
+    ports:
+      - 8081:8081
+    environment:
+      ME_CONFIG_MONGODB_ADMINUSERNAME: yourusername
+      ME_CONFIG_MONGODB_ADMINPASSWORD: ChangeMe123!
+      ME_CONFIG_MONGODB_URL: mongodb://yourusername:ChangeMe123!@mongo:27017/
+      ME_CONFIG_BASICAUTH_USERNAME: yourusername
+      ME_CONFIG_BASICAUTH_PASSWORD: ChangeMe123
+    networks:
+      - homelab    # Specifying the network to join, simple way
+
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+#  some-network:
+  homelab:            # Sub-section, any network name or 'default' to edit default one created
+#    name: homelab      # Networks can also be given a custom name, not needed if existing
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/mosquitto-eclipse/docker-compose.yml

@@ -0,0 +1,16 @@
+version: '2'
+services: 
+ mosquitto:
+    container_name: mosquitto
+    image: eclipse-mosquitto
+    restart: unless-stopped
+    ports:
+      - "1883:1883/tcp"
+    environment:
+      - TZ=American/New_York
+    volumes:
+      - /docker-containers/mosquitto-eclipse:/mosquitto/config
+      - /docker-containers/mosquitto-eclipse/data:/mosquitto/data
+      - /docker-containers/mosquitto-eclipse/log:/mosquitto/log
+    stdin_open: true
+    tty: true

docker-compose/musicbrainz/docker-compose.yml

@@ -0,0 +1,132 @@
+version: '3.1'
+
+# Description: Default compose file, with host port for musicbrainz
+
+volumes:
+  mqdata:
+    driver: local
+  pgdata:
+    driver: local
+  solrdata:
+    driver: local
+  dbdump:
+    driver: local
+  searchdump:
+    driver: local
+
+services:
+  db:
+    build:
+      context: build/postgres
+      args:
+        - POSTGRES_VERSION=${POSTGRES_VERSION:-12}
+    image: musicbrainz-docker_db:${POSTGRES_VERSION:-12}
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "10m"
+        max-file: "10"
+    restart: unless-stopped
+    command: postgres -c "shared_buffers=2048MB" -c "shared_preload_libraries=pg_amqp.so"
+    env_file:
+      - ./default/postgres.env
+    shm_size: "2GB"
+    volumes:
+      - pgdata:/var/lib/postgresql/data
+    expose:
+      - "5432"
+
+  musicbrainz:
+    build:
+      context: build/musicbrainz
+      args:
+        - POSTGRES_VERSION=${POSTGRES_VERSION:-12}
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "50m"
+        max-file: "50"
+    ports:
+      - "${MUSICBRAINZ_DOCKER_HOST_IPADDRCOL:-}${MUSICBRAINZ_WEB_SERVER_PORT:-5000}:5000"
+    volumes:
+      - dbdump:/media/dbdump
+      - searchdump:/media/searchdump
+    restart: unless-stopped
+    env_file:
+      - ./default/postgres.env
+    environment:
+      - MUSICBRAINZ_BASE_FTP_URL=${MUSICBRAINZ_BASE_FTP_URL:-}
+      - MUSICBRAINZ_BASE_DOWNLOAD_URL=${MUSICBRAINZ_BASE_DOWNLOAD_URL:-https://data.metabrainz.org/pub/musicbrainz}
+      - MUSICBRAINZ_SERVER_PROCESSES=${MUSICBRAINZ_SERVER_PROCESSES:-10}
+      - MUSICBRAINZ_USE_PROXY=1
+      - MUSICBRAINZ_WEB_SERVER_HOST=${MUSICBRAINZ_WEB_SERVER_HOST:-localhost}
+      - MUSICBRAINZ_WEB_SERVER_PORT=${MUSICBRAINZ_WEB_SERVER_PORT:-5000}
+    depends_on:
+      - db
+      - mq
+      - search
+      - redis
+
+  indexer:
+    build: build/sir
+    env_file:
+      - ./default/postgres.env
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "10m"
+        max-file: "10"
+    volumes:
+      - ${SIR_CONFIG_PATH:-./default/indexer.ini}:/code/config.ini
+    depends_on:
+      - db
+      - mq
+      - search
+
+  search:
+    build:
+      context: build/solr
+      args:
+        - MB_SOLR_VERSION=${MB_SOLR_VERSION:-3.4.2}
+    image: musicbrainz-docker_search:${MB_SOLR_VERSION:-3.4.2}
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "10m"
+        max-file: "10"
+    restart: unless-stopped
+    environment:
+      - SOLR_HEAP=2g
+      - LOG4J_FORMAT_MSG_NO_LOOKUPS=true
+    expose:
+      - "8983"
+    volumes:
+      - solrdata:/opt/solr/server/solr/data
+      - searchdump:/media/searchdump
+
+  mq:
+    build: build/rabbitmq
+    hostname: "mq"
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "10m"
+        max-file: "10"
+    restart: unless-stopped
+    ulimits:
+      nofile: 65536
+    volumes:
+      - mqdata:/var/lib/rabbitmq
+    expose:
+      - "5672"
+
+  redis:
+    image: redis:3-alpine
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "10m"
+        max-file: "10"
+    restart: unless-stopped
+    expose:
+      - "6379"

docker-compose/n8n/docker-compose.yml

@@ -0,0 +1,26 @@
+version: '2'
+services: 
+ n8n:
+    container_name: n8n
+    image: docker.n8n.io/n8nio/n8n
+    restart: unless-stopped
+    ports:
+      - "5678:5678"
+    environment:
+      - N8N_HOST=${SUBDOMAIN}.${DOMAIN_NAME}
+      - N8N_PORT=5678
+      - N8N_PROTOCOL=https
+      - NODE_ENV=production
+      - WEBHOOK_URL=https://${SUBDOMAIN}.${DOMAIN_NAME}/
+      - GENERIC_TIMEZONE=${GENERIC_TIMEZONE}
+    volumes:
+      - /docker-containers/n8n/data:/home/node/.n8n
+      - /docker-containers/n8n/local-files:/files
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/navidrome/docker-compose.yml

@@ -0,0 +1,27 @@
+# version: "2.1" # Kind of old school and not needed with portainer
+services:
+# Music Streaming software. Browser + phone support substreamer/isub/amperfy(iphone)
+  navidrome:
+    image: deluan/navidrome:latest
+    container_name: navidrome
+    user: 1000:1006 # should be owner of volumes
+    ports:
+      - "4533:4533"
+    environment:
+      # Optional: put your config options customization here. Examples:
+      ND_CONFIGFILE: "/data/navidrome.toml"
+      ND_PROMETHEUS_ENABLED: "true"
+      ND_PROMETHEUS_METRICSPATH: "/metrics_naviprodigy986"
+    volumes:
+      - "/docker-containers/navidrome:/data"
+      - "/Music:/music:ro"
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/netbootxyz/docker-compose.yml

@@ -0,0 +1,46 @@
+---
+version: "2.1"
+services:
+  netbootxyz:
+    image: lscr.io/linuxserver/netbootxyz:latest
+    container_name: netbootxyz
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+      - MENU_VERSION=2.0.83 #optional
+      - WEB_APP_PORT=3000 #optional
+      - NGINX_PORT=80 #optional
+    volumes:
+      - /docker-containers/netbootxyz/config:/config
+      - /docker-containers/netbootxyz/assets:/assets #optional
+    ports:
+      - 3069:3000
+      - 69:69/udp
+      - 8289:80 #optional
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+    networks:           # Specify network for container
+      mcprodnet:
+        ipv4_address: 192.168.1.168
+        #ipv6_address: 2605:a601:a627:100:2::1 # ip changed
+#        ipv6_address: 2605:a601:9132:d100:2::1 # newer, private setup within your network is better though fe:etc
+#        ipv6_address: 2001:3200:3200::20  # disabled because google fiber is shit and always changing and no way to update here
+      homelab:
+        aliases:
+          - netboot # adding multiple aliases under certain network
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)
+  mcprodnet:
+    #enable_ipv6: true
+    name: mcprodnet      # We will name the network instead of letting docker do something random
+    driver: macvlan      # Making the above network macvlan
+    driver_opts:         # driver options to use
+      parent: eno1     # usually eth0 or eth1 but not always, used enp3s0 and enp4s0, had to delete /var/lib/docker/network/files/local-kv.db because phantom network
+    ipam:
+      config:
+        - subnet: "192.168.1.0/24"    #Basically copy router range
+          gateway: "192.168.1.1"      #host will eventually route to router, or just go direct

docker-compose/nginxproxymanager/docker-compose.yml

@@ -0,0 +1,25 @@
+version: '3.8'
+services:
+  app:
+    image: 'jc21/nginx-proxy-manager:latest'
+    restart: unless-stopped
+    ports:
+      # These ports are in format <host-port>:<container-port>
+      - '80:80' # Public HTTP Port
+      - '443:443' # Public HTTPS Port
+      - '81:81' # Admin Web Port
+      # Add any other Stream port you want to expose
+      # - '21:21' # FTP
+
+    # Uncomment the next line if you uncomment anything in the section
+    # environment:
+      # Uncomment this if you want to change the location of
+      # the SQLite DB file within the container
+      # DB_SQLITE_FILE: "/data/database.sqlite"
+
+      # Uncomment this if IPv6 is not enabled on your host
+      # DISABLE_IPV6: 'true'
+
+    volumes:
+      - ./data:/data
+      - ./letsencrypt:/etc/letsencrypt

docker-compose/nicotineplus/docker-compose.yml

@@ -0,0 +1,38 @@
+---
+version: "2.1"
+services:
+  nicotine-plus:
+    image: ghcr.io/fletchto99/nicotine-plus-docker:latest
+    container_name: nicotine-plus
+    security_opt:
+      - seccomp:unconfined #optional
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York 
+      # - PASSWORD= #optional
+    volumes:
+      - /docker-containers/nicotineplus/data:/config
+      - /unsorted/nicotineplus/complete:/data/downloads
+      - /unsorted/nicotineplus/incomplete:/data/incomplete_downloads
+      - /Music:/data/shared/Music #Shared Music Folder
+      - /Movies:/data/shared/Movies #Shared Movies folder
+      - /TvShows:/data/shared/TvShows #Shared TvShows folder
+      - /Videos:/data/shared/Videos #Shared Videos folder
+      - /programs:/data/shared/Programs #Shared Programs folder
+      - /games:/data/shared/Games #Shared Games folder
+      - /Books:/data/shared/Books #Shared Books folder
+    ports:
+      - 6080:6080
+      - 2234-2239:2234-2239
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      homelab:
+        aliases:
+          - nicotineplus # adding multiple aliases under certain network
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/node-red/docker-compose.yml

@@ -0,0 +1,29 @@
+################################################################################
+# Node-RED Stack or Compose
+################################################################################
+# docker stack deploy node-red --compose-file docker-compose-node-red.yml
+# docker-compose -f docker-compose-node-red.yml -p myNoderedProject up
+################################################################################
+version: "3.7"
+
+services:
+  node-red:
+    image: nodered/node-red:latest
+    container_name: node-red
+    #image: nodered/node-red:2.2.3-12@sha256:051cdb78937b7396d5be102e575b3b47322bfa48efad5aeb0d86d0a3bef22d22   // armv7 version works for raspberry pi, apparently isn't very good at seeing whether 32 or 64 bit
+    environment:
+      - TZ=America/New_York
+      - NODE_RED_CREDENTIAL_SECRET=YourEncryptedString
+    ports:
+      - "1880:1880"
+    volumes:
+      - /docker-containers/node-red/data:/data
+    networks:
+      homelab:
+        aliases:
+          - nodered
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one
+

docker-compose/nostr-relay/docker-compose.yml

@@ -0,0 +1,145 @@
+services:
+  nostream:
+    build: .
+    container_name: nostream
+    environment:
+      SECRET: ${SECRET}
+      RELAY_PORT: 8008
+      # Master
+      NOSTR_CONFIG_DIR: /home/node/.nostr
+      DB_HOST: nostream-db
+      DB_PORT: 5432
+      DB_USER: nostr_ts_relay
+      DB_PASSWORD: nostr_ts_relay
+      DB_NAME: nostr_ts_relay
+      DB_MIN_POOL_SIZE: 16
+      DB_MAX_POOL_SIZE: 64
+      DB_ACQUIRE_CONNECTION_TIMEOUT: 60000
+      # Read Replica
+      READ_REPLICAS: 2
+      READ_REPLICA_ENABLED: 'false'
+      # Read Replica No. 1
+      RR0_DB_HOST: db
+      RR0_DB_PORT: 5432
+      RR0_DB_USER: nostr_ts_relay
+      RR0_DB_PASSWORD: nostr_ts_relay
+      RR0_DB_NAME: nostr_ts_relay
+      RR0_DB_MIN_POOL_SIZE: 16
+      RR0_DB_MAX_POOL_SIZE: 64
+      RR0_DB_ACQUIRE_CONNECTION_TIMEOUT: 10000
+      # Read Replica No. 2
+      RR1_DB_HOST: db
+      RR1_DB_PORT: 5432
+      RR1_DB_USER: nostr_ts_relay
+      RR1_DB_PASSWORD: nostr_ts_relay
+      RR1_DB_NAME: nostr_ts_relay
+      RR1_DB_MIN_POOL_SIZE: 16
+      RR1_DB_MAX_POOL_SIZE: 64
+      RR1_DB_ACQUIRE_CONNECTION_TIMEOUT: 10000
+      # Add RR2, RR3, etc. to configure more read replicas
+      # Redis
+      REDIS_HOST: nostream-cache
+      REDIS_PORT: 6379
+      REDIS_USER: default
+      REDIS_PASSWORD: nostr_ts_relay
+      TOR_HOST: tor_proxy
+      TOR_CONTROL_PORT: 9051
+      TOR_PASSWORD: nostr_ts_relay
+      HIDDEN_SERVICE_PORT: 80
+      # Payments Processors
+      # Zebedee
+      ZEBEDEE_API_KEY: ${ZEBEDEE_API_KEY}
+      # Nodeless.io
+      NODELESS_API_KEY: ${NODELESS_API_KEY}
+      NODELESS_WEBHOOK_SECRET: ${NODELESS_WEBHOOK_SECRET}
+      # OpenNode
+      OPENNODE_API_KEY: ${OPENNODE_API_KEY}
+      # Lnbits
+      LNBITS_API_KEY: ${LNBITS_API_KEY}
+      # Enable DEBUG for troubleshooting. Examples:
+      # DEBUG: "primary:*"
+      # DEBUG: "worker:*"
+      # DEBUG: "knex:query"
+    user: node:node
+    volumes:
+      - ${PWD}/.nostr:/home/node/.nostr
+    ports:
+      - 127.0.0.1:8008:8008
+    depends_on:
+      nostream-cache:
+        condition: service_healthy
+      nostream-db:
+        condition: service_healthy
+      nostream-migrate:
+        condition: service_completed_successfully
+    restart: on-failure
+    networks:
+      default:
+  nostream-db:
+    image: postgres
+    container_name: nostream-db
+    environment:
+      POSTGRES_DB: nostr_ts_relay
+      POSTGRES_USER: nostr_ts_relay
+      POSTGRES_PASSWORD: nostr_ts_relay
+    volumes:
+      - ${PWD}/.nostr/data:/var/lib/postgresql/data
+      - ${PWD}/.nostr/db-logs:/var/log/postgresql
+      - ${PWD}/postgresql.conf:/postgresql.conf
+    networks:
+      default:
+    command: postgres -c 'config_file=/postgresql.conf'
+    restart: always
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U nostr_ts_relay"]
+      interval: 5s
+      timeout: 5s
+      retries: 5
+      start_period: 360s
+  nostream-cache:
+    image: redis:7.0.5-alpine3.16
+    container_name: nostream-cache
+    volumes:
+      - cache:/data
+    command: redis-server --loglevel warning --requirepass nostr_ts_relay
+    networks:
+      default:
+    restart: always
+    healthcheck:
+      test: [ "CMD", "redis-cli", "ping", "|", "grep", "PONG" ]
+      interval: 1s
+      timeout: 5s
+      retries: 5
+  nostream-migrate:
+    image: node:18-alpine3.16
+    container_name: nostream-migrate
+    environment:
+      DB_HOST: nostream-db
+      DB_PORT: 5432
+      DB_USER: nostr_ts_relay
+      DB_PASSWORD: nostr_ts_relay
+      DB_NAME: nostr_ts_relay
+    entrypoint:
+      - sh
+      - -c
+      - 'cd code && npm install --no-save --quiet knex@2.4.0 pg@8.8.0 && npx knex migrate:latest'
+    volumes:
+      - ./migrations:/code/migrations
+      - ./knexfile.js:/code/knexfile.js
+    depends_on:
+      nostream-db:
+        condition: service_healthy
+    networks:
+      default:
+        ipv4_address: 10.10.10.254
+
+networks:
+  default:
+    name: nostream
+    ipam:
+      driver: default
+      config:
+        - subnet: 10.10.10.0/24
+
+volumes:
+  cache:

docker-compose/notifiarr/docker-compose.yml

@@ -0,0 +1,19 @@
+version: "2.1"
+services:
+  notifiarr:
+    container_name: notifiarr
+    hostname: notifiarr
+    image: golift/notifiarr
+    ports:
+      - "5454:5454"
+    volumes:
+      - /docker-containers/notifiarr:/config
+      - /var/run/utmp:/var/run/utmp
+      - /etc/machine-id:/etc/machine-id
+    restart: unless-stopped
+    networks:
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/nzbget/docker-compose.yml

@@ -0,0 +1,26 @@
+version: "2.1"
+services:
+  nzbget:
+    image: lscr.io/linuxserver/nzbget:latest
+    container_name: nzbget
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+      - NZBGET_USER=yourusername #optional
+      - NZBGET_PASS=ChangeMe123 #optional
+    volumes:
+      - /docker-containers/nzbget:/config
+      - /unsorted:/downloads #optional
+      - /docker-containers/swag-letsencrypt/keys/letsencrypt/fullchain.pem:/config/certs/fullchain.pem:r
+      - /docker-containers/swag-letsencrypt/keys/letsencrypt/privkey.pem:/config/certs/privkey.pem:r
+    ports:
+      - 6789:6789
+      - 6791:6791
+    restart: unless-stopped
+    networks:
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/ollama/docker-compose.yml

@@ -0,0 +1,29 @@
+services:
+  ollama:
+    image: docker.io/ollama/ollama:latest
+    ports:
+      - 7869:11434
+    volumes:
+      - /docker-containers/ollama/code:/code
+      - /docker-containers/ollama/data:/root/.ollama
+      # - /usr/local/cuda:/usr/local/cuda:ro      # <-- mount CUDA runtime from host maybe
+    container_name: ollama
+    tty: true
+    restart: always
+    environment:
+      - OLLAMA_KEEP_ALIVE=24h
+      - OLLAMA_HOST=0.0.0.0
+      - NVIDIA_VISIBLE_DEVICES=all
+      - NVIDIA_DRIVER_CAPABILITIES=compute,utility
+    # devices:
+    #   - /dev/nvidia0:/dev/nvidia0
+    #   - /dev/nvidiactl:/dev/nvidiactl
+    #   - /dev/nvidia-uvm:/dev/nvidia-uvm
+    runtime: nvidia
+    networks:
+      - homelab
+
+networks:
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/ombi/docker-compose.yml

@@ -0,0 +1,24 @@
+version: "2.1"
+services:
+# Plex Requests basically
+  ombi:
+    image: lscr.io/linuxserver/ombi:latest
+    container_name: ombi
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+      - BASE_URL=/ombi #optional
+    volumes:
+      - /docker-containers/ombi:/config
+    ports:
+      - 3579:3579
+    restart: always
+    stdin_open: true
+    tty: true
+    networks:
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/omni-tools/docker-compose.yml

@@ -0,0 +1,16 @@
+services:
+  omni-tools:
+    image: iib0011/omni-tools:latest
+    container_name: omni-tools
+    restart: unless-stopped
+    ports:
+      - "8489:80"
+    networks:
+      homelab:
+        aliases:
+          - omnitools # adding multiple aliases under certain network
+          - omni
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/open-assistant/docker-compose.yml

@@ -0,0 +1,342 @@
+version: "3.8"
+
+services:
+  # Use `docker compose --profile backend-dev up --build --attach-dependencies` to start a database and work and the backend.
+
+  # Use `docker compose --profile frontend-dev up --build --attach-dependencies` to start the services needed to work on the frontend. If you want to also run the inference, add a second `--profile inference` argument.
+
+  # If you update the containers used by the inference profile, please update inference/README.md. Thank you
+
+  # The profile ci is used by CI automations. (i.e E2E testing)
+
+  # This DB is for the FastAPI Backend.
+  db:
+    platform: "${DB_PLATFORM:-}"
+    image: ghcr.io/laion-ai/open-assistant/oasst-postgres
+    pull_policy: always
+    restart: always
+    profiles: ["frontend-dev", "backend-dev", "ci", "inference-dev"]
+    ports:
+      - 5432:5432
+    environment:
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: postgres
+      POSTGRES_DB: postgres
+    healthcheck:
+      test: ["CMD", "pg_isready", "-U", "postgres"]
+      interval: 2s
+      timeout: 2s
+      retries: 10
+
+  # Redis - caching + rate limiting on BE
+  redis:
+    image: redis
+    restart: always
+    profiles: ["frontend-dev", "backend-dev", "ci"]
+    ports:
+      - 6379:6379
+    healthcheck:
+      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
+      interval: 2s
+      timeout: 2s
+      retries: 10
+    command: redis-server /usr/local/etc/redis/redis.conf
+    volumes:
+      - ./redis.conf:/usr/local/etc/redis/redis.conf
+  # insights host - redis:6379
+  redis-insights:
+    image: redislabs/redisinsight:latest
+    profiles: ["backend-dev"]
+    ports:
+      - 8001:8001
+
+  # This DB is for Web Authentication and data caching.
+  webdb:
+    image: postgres
+    restart: always
+    profiles: ["frontend-dev", "ci", "inference-dev"]
+    ports:
+      - 5433:5432
+    environment:
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: postgres
+      POSTGRES_DB: oasst_web
+    healthcheck:
+      test: ["CMD", "pg_isready", "-U", "postgres"]
+      interval: 2s
+      timeout: 2s
+      retries: 10
+
+  # This lets you manually inspect the web and backend databases.
+  adminer:
+    image: adminer
+    restart: always
+    profiles: ["frontend-dev", "backend-dev"]
+    ports:
+      - 8089:8080
+
+  # This fakes an SMTP email server used by website authentication.
+  # User registration emails can be found by going to localhost:1080 and
+  # opening the emails listed.
+  maildev:
+    image: maildev/maildev
+    restart: always
+    profiles: ["frontend-dev", "ci"]
+    environment:
+      - MAILDEV_WEB_PORT=1080
+      - MAILDEV_SMTP_PORT=1025
+    ports:
+      - "1080:1080"
+      - "1025:1025"
+
+  # The oassist backend service.
+  backend:
+    build:
+      dockerfile: docker/Dockerfile.backend
+      context: .
+    image: oasst-backend
+    environment:
+      - POSTGRES_HOST=db
+      - REDIS_HOST=redis
+      - DEBUG_USE_SEED_DATA=True
+      - DEBUG_ALLOW_SELF_LABELING=True
+      - MAX_WORKERS=1
+      - DEBUG_SKIP_TOXICITY_CALCULATION=False
+      - DEBUG_SKIP_EMBEDDING_COMPUTATION=False
+      - CELERY_BROKER_URL=redis://redis:6379/0
+      - CELERY_RESULT_BACKEND=redis://redis:6379/0
+    depends_on:
+      db:
+        condition: service_healthy
+    profiles: ["frontend-dev", "ci", "inference-dev"]
+    ports:
+      - "8080:8080"
+
+  # The oassist backend celery worker service.
+  backend-worker:
+    build:
+      dockerfile: docker/Dockerfile.backend-worker
+      context: .
+    command: celery -A oasst_backend.celery_worker worker -l info -E
+    image: oasst-backend-worker
+    environment:
+      - CELERY_BROKER_URL=redis://redis:6379/0
+      - CELERY_RESULT_BACKEND=redis://redis:6379/0
+      - POSTGRES_HOST=db
+      - REDIS_HOST=redis
+      - MAX_WORKERS=1
+    depends_on:
+      db:
+        condition: service_healthy
+      redis:
+        condition: service_healthy
+    profiles: ["frontend-dev", "ci"]
+
+  # The oassist backend celery worker service.
+  backend-worker-beat:
+    build:
+      dockerfile: docker/Dockerfile.backend-worker
+      context: .
+    command: celery -A oasst_backend.celery_worker beat -l INFO
+    image: oasst-backend-worker-beat
+    environment:
+      - CELERY_BROKER_URL=redis://redis:6379/0
+      - CELERY_RESULT_BACKEND=redis://redis:6379/0
+      - POSTGRES_HOST=db
+      - REDIS_HOST=redis
+      - MAX_WORKERS=1
+    depends_on:
+      db:
+        condition: service_healthy
+      redis:
+        condition: service_healthy
+    profiles: ["frontend-dev", "ci"]
+
+  # The oassist web service.
+  web:
+    build:
+      dockerfile: docker/Dockerfile.website
+      context: .
+    image: oasst-web
+    environment:
+      - CLOUDFLARE_CAPTCHA_SECRET_KEY=1x0000000000000000000000000000000AA
+      - CLOUDFARE_CAPTCHA_SITE_KEY=1x00000000000000000000AA
+      - DATABASE_URL=postgres://postgres:postgres@webdb/oasst_web
+      - FASTAPI_URL=http://backend:8080
+      - FASTAPI_KEY=1234
+      - NEXTAUTH_SECRET=O/M2uIbGj+lDD2oyNa8ax4jEOJqCPJzO53UbWShmq98=
+      - EMAIL_SERVER_HOST=maildev
+      - EMAIL_SERVER_PORT=1025
+      - EMAIL_FROM=info@example.com
+      - ENABLE_EMAIL_SIGNIN=true
+      - ENABLE_EMAIL_SIGNIN_CAPTCHA=false
+      - NEXTAUTH_URL=http://localhost:3000
+      - DEBUG_LOGIN=true
+      - INFERENCE_SERVER_HOST=http://inference-server:8000
+      - ENABLE_CHAT=true
+      - ENABLE_DRAFTS_WITH_PLUGINS=false
+      - NUM_GENERATED_DRAFTS=3
+    depends_on:
+      webdb:
+        condition: service_healthy
+    ports:
+      - "3000:3000"
+    command: bash wait-for-postgres.sh node server.js
+    profiles: ["ci"]
+
+  # This DB is for Inference
+  inference-db:
+    image: postgres
+    restart: always
+    ports:
+      - 5434:5432
+    environment:
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: postgres
+      POSTGRES_DB: oasst_inference
+    healthcheck:
+      test: ["CMD", "pg_isready", "-U", "postgres"]
+      interval: 2s
+      timeout: 2s
+      retries: 10
+    profiles: ["inference"]
+
+  inference-redis:
+    image: redis
+    restart: always
+    profiles: ["inference"]
+    ports:
+      - 6389:6379
+    healthcheck:
+      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
+      interval: 2s
+      timeout: 2s
+      retries: 10
+    command: redis-server /usr/local/etc/redis/redis.conf
+    volumes:
+      - ./redis.conf:/usr/local/etc/redis/redis.conf
+
+  inference-server:
+    build:
+      dockerfile: docker/inference/Dockerfile.server
+      context: .
+      target: dev
+    image: oasst-inference-server:dev
+    environment:
+      PORT: 8000
+      REDIS_HOST: inference-redis
+      POSTGRES_HOST: inference-db
+      POSTGRES_DB: oasst_inference
+      DEBUG_API_KEYS: "0000"
+      TRUSTED_CLIENT_KEYS: "6969"
+      ALLOW_DEBUG_AUTH: "True"
+      API_ROOT: "http://localhost:8000"
+    volumes:
+      - "./oasst-shared:/opt/inference/lib/oasst-shared"
+      - "./inference/server:/opt/inference/server"
+    restart: unless-stopped
+    ports:
+      - "8000:8000"
+    depends_on:
+      inference-redis:
+        condition: service_healthy
+      inference-db:
+        condition: service_healthy
+    profiles: ["inference"]
+
+  inference-worker:
+    build:
+      dockerfile: docker/inference/Dockerfile.worker-full
+      context: .
+    image: oasst-inference-worker:dev
+    environment:
+      API_KEY: "0000"
+      MODEL_CONFIG_NAME: ${MODEL_CONFIG_NAME:-distilgpt2}
+      BACKEND_URL: "ws://inference-server:8000"
+      PARALLELISM: 2
+    volumes:
+      - "./oasst-shared:/opt/inference/lib/oasst-shared"
+      - "./inference/worker:/opt/inference/worker"
+    deploy:
+      replicas: 1
+    profiles: ["inference"]
+
+  inference-safety:
+    build:
+      dockerfile: docker/inference/Dockerfile.safety
+      context: .
+    image: oasst-inference-safety:dev
+    environment:
+      PORT: 8002
+    volumes:
+      - "./oasst-shared:/opt/inference/lib/oasst-shared"
+      - "./inference/safety:/opt/inference/safety"
+    profiles: ["inference-safety"]
+
+  prometheus:
+    image: prom/prometheus
+    container_name: prometheus
+    command:
+      - "--config.file=/etc/prometheus/prometheus.yml"
+    ports:
+      - 9090:9090
+    restart: unless-stopped
+    volumes:
+      - ${PWD}/docker/prometheus:/etc/prometheus
+      - prom_data:/prometheus
+    profiles: ["observability"]
+
+  grafana:
+    image: grafana/grafana
+    container_name: grafana
+    ports:
+      - 2000:2000
+    restart: unless-stopped
+    environment:
+      - GF_SECURITY_ADMIN_USER=admin
+      - GF_SECURITY_ADMIN_PASSWORD=grafana
+      - GF_SERVER_HTTP_PORT=2000
+    volumes:
+      - ${PWD}/docker/grafana/datasources:/etc/grafana/provisioning/datasources
+      - ${PWD}/docker/grafana/dashboards/dashboard.yaml:/etc/grafana/provisioning/dashboards/main.yaml
+      - ${PWD}/docker/grafana/dashboards:/var/lib/grafana/dashboards
+    profiles: ["observability"]
+
+  netdata:
+    image: netdata/netdata
+    container_name: netdata
+    pid: host
+    hostname: oasst-netdata
+    ports:
+      - 19999:19999
+    restart: unless-stopped
+    cap_add:
+      - SYS_PTRACE
+      - SYS_ADMIN
+    security_opt:
+      - apparmor:unconfined
+    volumes:
+      - netdataconfig:/etc/netdata
+      - netdatalib:/var/lib/netdata
+      - netdatacache:/var/cache/netdata
+      - /etc/passwd:/host/etc/passwd:ro
+      - /etc/group:/host/etc/group:ro
+      - /proc:/host/proc:ro
+      - /sys:/host/sys:ro
+      - /etc/os-release:/host/etc/os-release:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ${PWD}/docker/netdata/go.d/redis.conf:/etc/netdata/go.d/redis.conf
+      - ${PWD}/docker/netdata/go.d/postgres.conf:/etc/netdata/go.d/postgres.conf
+      - ${PWD}/docker/netdata/go.d/prometheus.conf:/etc/netdata/go.d/prometheus.conf
+    environment:
+      # useful if want to claim monitoring agents into https://www.netdata.cloud/
+      # else ignore or leave blank to just use local netdata dashboards as localhost:19999
+      - NETDATA_CLAIM_TOKEN=${NETDATA_CLAIM_TOKEN:-}
+      - NETDATA_CLAIM_URL=https://app.netdata.cloud
+    profiles: ["observability"]
+
+volumes:
+  prom_data:
+  netdataconfig:
+  netdatalib:
+  netdatacache:

docker-compose/open-webui/docker-compose.yml

@@ -0,0 +1,56 @@
+version: "3.8"
+services:
+  open-webui:
+    image: ghcr.io/open-webui/open-webui:latest
+
+    container_name: open-webui
+    restart: unless-stopped
+    ports:
+      - "3030:8080"
+    environment:
+      - GLOBAL_LOG_LEVEL=DEBUG
+      - MODEL_SERVER_URL=http://ollama:11434
+      - PROVIDER=ollama,openai
+      - OPENAI_API_KEY=YourAPIKEY
+        # With below set, and turning off basic auth in nginx, I was able to get reverse proxy working
+      - CORS_ALLOW_ORIGIN=https://open-webui.example.com;https://example.com;http://open-webui;http://open-webui:8080;https://open-webui:8080;http://192.168.1.239;http://192.168.1.239:3030;http://localhost:3030;http://192.168.1.1:80;http://192.168.1.1:443
+      - WEBUI_URL=https://open-webui.example.com;https://example.com;http://open-webui;http://open-webui:8080;https://open-webui:8080;http://192.168.1.239;http://192.168.1.239:3030;http://localhost:3030;http://192.168.1.1:80;http://192.168.1.1:443
+
+      # - ENABLE_WEBSOCKET_SUPPORT=false # didn't work, default true
+      # - WEBUI_AUTH=false # can't be any users in db
+      # Required for multi-worker/multi-instance deployments
+      - REDIS_URL=redis://redis-valkey-webui:6379/0
+
+      # Required for websocket support
+      - WEBSOCKET_MANAGER=redis
+      - WEBSOCKET_REDIS_URL=redis://redis-valkey-webui:6379/1
+
+    volumes:
+      - /docker-containers/open-webui/data:/app/backend/data
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+    networks:           # Specify network for container
+      homelab:
+        aliases:
+          - openwebui # adding multiple aliases under certain network
+          - open-wui
+      openwebui_net:
+        aliases:
+          - openwebui_internal  # to connect to redis network, and not redis connect to homelab anymore (multi redis)
+    depends_on:
+      - redis-valkey-webui
+
+  redis-valkey-webui:
+    image: redis:7
+    container_name: redis-valkey-webui
+    restart: unless-stopped
+    networks:
+      - openwebui_net
+
+networks:
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one
+  openwebui_net:
+    name: openwebui_net
+    external: false

docker-compose/openbooks/docker-compose.yml

@@ -0,0 +1,16 @@
+version: '3.3'
+services:
+    openbooks:
+        ports:
+            - '8080:80'
+        volumes:
+            - 'booksVolume:/books'
+        restart: unless-stopped
+        container_name: OpenBooks
+        command: --name prodigious --persist
+        environment:
+          - BASE_PATH=/openbooks/
+        image: evanbuss/openbooks:latest
+
+volumes:
+    booksVolume:

docker-compose/organizr/docker-compose.yml

@@ -0,0 +1,16 @@
+---
+version: "2.1"
+services:
+  organizr:
+    image: organizr/organizr
+    container_name: organizr
+    environment:
+      - branch=v2-master
+      - PUID=1000
+      - PGID=1003
+      - TZ=GMT-5
+    volumes:
+      - /docker-containers/organizr:/config
+    ports:
+      - 9983:80
+    restart: unless-stopped

docker-compose/paperless-ng/docker-compose.yml

@@ -0,0 +1,17 @@
+---
+version: "2.1"
+services:
+  paperless-ng:
+    image: lscr.io/linuxserver/paperless-ng:latest
+    container_name: paperless-ng
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/New_York
+      - REDIS_URL= #optional
+    volumes:
+      - </path/to/appdata/config>:/config
+      - </path/to/appdata/data>:/data
+    ports:
+      - 8000:8000
+    restart: unless-stopped

docker-compose/phpmyadmin/docker-compose.yml

@@ -0,0 +1,25 @@
+---
+version: "2.1"
+services:
+  phpmyadmin:
+    image: lscr.io/linuxserver/phpmyadmin:latest
+    container_name: phpmyadmin
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/New_York
+      - PMA_ARBITRARY=1 #optional
+      - PMA_ABSOLUTE_URI=https://phpmyadmin.example.com #optional
+    volumes:
+      - /docker-containers/phpmyadmin:/config
+    ports:
+      - 8008:8008
+    restart: unless-stopped
+
+  phpmyadmin:
+    image: phpmyadmin
+    restart: always
+    ports:
+      - 8080:80
+    environment:
+      - PMA_ARBITRARY=1

docker-compose/picard/docker-compose.yml

@@ -0,0 +1,18 @@
+version: '3'
+services:
+  picard:
+    image: mikenye/picard:latest
+    ports:
+      - "5801:5800"
+    volumes:
+      - "/docker-containers/picard/config:/config:rw"
+      - "/Music:/storage:rw"
+    # restart: unless-stopped # disabled to see if something shows
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/pidgin/docker-compose.yml

@@ -0,0 +1,24 @@
+---
+version: "2.1"
+services:
+  pidgin:
+    image: lscr.io/linuxserver/pidgin:latest
+    container_name: pidgin
+    security_opt:
+      - seccomp:unconfined #optional
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+    volumes:
+      - /docker-containers/pidgin:/config
+    ports:
+      - 3420:3000
+      - 3421:3001
+    restart: unless-stopped
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+#    name: homelab      # Networks can also be given a custom name, not needed if existing
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/plex-image-cleanup/docker-compose.yml

@@ -0,0 +1,25 @@
+version: "2.1"
+services:
+  plex-image-cleanup:
+    image: meisnate12/plex-image-cleanup
+    container_name: plex-image-cleanup
+    environment:
+      - TZ=America/New_York
+      - SCHEDULE=00:33|monthly(1)
+      - PLEX_URL=http://plex:32400
+      - PLEX_TOKEN=PlexToken
+      - DISCORD=https://discord.com/api/webhooks/YourDiscordServerID/YourDiscordToken
+      - TIMEOUT=600
+      - MODE=remove
+    volumes:
+      - /docker-containers/plex-image-cleanup/config:/config
+      - /docker-containers/plex/Library/Application Support/Plex Media Server/:/plex
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/plex/docker-compose.yml

@@ -0,0 +1,45 @@
+---
+version: "2.1"
+services:
+  plex:
+    image: lscr.io/linuxserver/plex:latest
+    container_name: plex
+    environment:
+      - PUID=1000
+      - PGID=1006
+      - TZ=America/New_York
+      - VERSION=docker
+      - PLEX_CLAIM=YourClaimString
+    volumes:
+      - /docker-containers/plex:/config
+      - /TvShows:/tv
+      - /Music:/music
+      - /Movies:/movies
+      - /Videos:/videos
+      - /Pictures:/pictures
+      - /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/fullchain.pem:/rcs1/certs/fullchain.pem:r
+      - /docker-containers/swag-letsencrypt/etc/letsencrypt/live/example.com/privkey.pem:/rcs1/certs/privkey.pem:r
+    devices:
+      - /dev/dri/renderD128:/dev/dri/renderD128
+    ports:
+      - 32400:32400
+      - 33400:33400      # webtools shit
+      - 1900:1900/udp
+      - 3005:3005
+      #- 5353:5353/udp     #bonjour shit
+      - 8324:8324
+      - 32410:32410/udp
+      - 32412:32412/udp
+      - 32413:32413/udp
+      - 32414:32414/udp
+      - 32469:32469
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+#    name: homelab      # Networks can also be given a custom name, not needed if existing
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/pms-docker/docker-compose.yml

@@ -0,0 +1,47 @@
+#Updated slowly it seems so I tend not to use. Beta hasn't been updated in 3 years but that may be a mistake in transparency I suppose.
+---
+version: "2.1"
+services:
+  plex:
+    image: plexinc/pms-docker/plex:beta
+    container_name: plex
+    environment:
+      - PLEX_UID=1000
+      - PLEX_GID=1006
+      - TZ=America/New_York
+      - VERSION=docker
+      - PLEX_CLAIM=YourClaimString
+      - ADVERTISE_IP="http://192.168.1.185:32400/,https://plex.example.com/"
+      - ALLOWED_NETWORKS="192.168.1.1/24"    # Allow access to the server without requiring authorization.
+    volumes:
+      - /docker-containers/plex:/config
+      - /TvShows:/tv
+      - /Music:/music
+      - /Movies:/movies
+      - /Videos:/videos
+      - /Pictures:/pictures
+      - /docker-containers/swag-letsencrypt/keys/letsencrypt/fullchain.pem:/rcs1/certs/fullchain.pem:r
+      - /docker-containers/swag-letsencrypt/keys/letsencrypt/privkey.pem:/rcs1/certs/privkey.pem:r
+    devices:
+      - /dev/dri:/dev/dri       # not sure if supported, should be HW
+    ports:
+      - 32400:32400
+      - 1900:1900/udp
+      - 3005:3005
+      #- 5353:5353/udp     #bonjour shit
+      - 8324:8324
+      - 32410:32410/udp
+      - 32412:32412/udp
+      - 32413:32413/udp
+      - 32414:32414/udp
+      - 32469:32469
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+#    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+#    name: homelab      # Networks can also be given a custom name, not needed if existing
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/podgrab/docker-compose.yml

@@ -0,0 +1,21 @@
+version: "2.1"
+services:
+  podgrab:
+    image: akhilrex/podgrab
+    container_name: podgrab
+    environment:
+      - CHECK_FREQUENCY=240
+      #- PASSWORD=ChangeMe123     ## Uncomment to enable basic authentication, username = podgrab
+    volumes:
+      - /docker-containers/podgrab:/config
+      - /Music/Podcasts:/assets
+    ports:
+      - 8182:8080
+    restart: unless-stopped
+    stdin_open: true    # to attach to containers
+    tty: true           # also used to attach to containers
+    networks:           # Specify network for container
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:
+    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)

docker-compose/portainer-be/docker-compose.yml

@@ -0,0 +1,50 @@
+# version: '3' Supposedly obsolete now..
+
+services:
+  portainer:
+    image: portainer/portainer-ee:sts # latest didnt pull docker pull portainer/portainer-ee:2.20.1 now sts to get 2.20.2 and newer versions of it
+    container_name: portainer
+    command: -H unix:///var/run/docker.sock
+    restart: unless-stopped
+    environment:
+      - VIRTUAL_HOST=portainer.example.com
+      - VIRTUAL_PORT=9000
+    security_opt:
+      - no-new-privileges:true
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - /usr/share/zoneinfo/America/New_York:/etc/localtime
+      #- /docker-containers/portainer-be:/data # old location
+      - /docker-containers/portainer-be:/data
+    ports:
+      - 8000:8000        # new Portainer port I think
+      - 9443:9443        # SSL port for Portainer Business Edition
+      - 9110:9000        # Legacy Portainer CE version port 9k reflected 9110
+      # If referencing by container name for ip, use internal port not external (reverse proxy)
+    stdin_open: true     # docker run -i #interactive
+    tty: true            # docker run -t #ttyl
+    networks:
+      - homelab
+
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  default:
+  homelab:
+    name: homelab      # Networks can also be given a custom name, needs to be created if isn't already.
+
+    # a network with name homelab exists but was not created by compose.\\nSet `external: true` to use an existing network
+    external: true      # This option causes compose to join the above network instead of making a _default one, if not created already could be issues
+    #enable_ipv6: true
+
+# Save for later, think because it's already initialized this caused trouble starting out of nowhere.
+# Also need to make network attachable somehow, think this is the thing you can't do in compose when creating a network, may not be needed though.
+#     # We will name the network instead of letting docker do something random
+#     driver: bridge      # Making the above network macvlan
+#     driver_opts:         # driver options to use
+#       parent: enp3s0     # usually eth0 or eth1 but not always, used enp3s0 and enp4s0, had to delete /var/lib/docker/network/files/local-kv.db because phantom network
+#     ipam:
+#       config:
+#         - subnet: "172.69.0.0/24"    # Private range to initialize homelab possibly?
+# #          gateway: "192.168.1.1"      #host will eventually route to router, or just go direct
+# #        - subnet: "2605:a601:9132:d100:2::/80" # dual subnet ipv6, has to match router subnet unfortunately for external connections like samsung tv
+# #          gateway: "2605:a601:9132:d100:2:ffff:ffff:ffff"      #this needs to be router(ish)
+# #    external: true

docker-compose/portainer-ce/docker-compose.yml

@@ -0,0 +1,28 @@
+version: '3'
+
+services:
+  portainer:
+    image: portainer/portainer-ce:latest
+    container_name: portainer
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - /docker-containers/portainer-ce:/data
+    ports:
+      - 9110:9000        # If referencing by container name for ip, use internal port not external (reverse proxy)
+    stdin_open: true     # docker run -i #interactive
+    tty: true            # docker run -t #ttyl
+    networks:
+      - homelab
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+#  some-network:
+#     aliases:   # Example
+#        - alias1    # Example
+#        - alias3    # Example
+  default:
+  homelab:
+    name: homelab      # Networks can also be given a custom name
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/postgres/docker-compose.yml

@@ -0,0 +1,41 @@
+# Use postgres/example user/password credentials
+version: '3.9'
+services:
+  postgres:
+    image: postgres:16
+    container_name: postgres
+    restart: always
+    # set shared memory limit when using docker-compose
+    shm_size: 128mb
+    # or set shared memory limit when deploy via swarm stack
+    #volumes:
+    #  - type: tmpfs
+    #    target: /dev/shm
+    #    tmpfs:
+    #      size: 134217728 # 128*2^20 bytes = 128Mb
+    environment:
+      POSTGRES_USER: yourusername
+      POSTGRES_PASSWORD: PostgresChangeMe123!
+    volumes:
+      # Mount the folder where your PostgreSQL database files should land
+      - /docker-containers/postgres/db:/var/lib/postgresql/data
+    networks:
+      homelab:
+        aliases:
+          - postgress  # how to add multiple aliases
+          - postgressql
+
+  adminer:
+    image: adminer
+    container_name: adminer
+    restart: always
+    ports:
+      - 8389:8080
+    networks:
+      homelab:
+        aliases:
+          - postgresgui  # how to add multiple aliases
+
+networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..
+  homelab:            # Sub-section, any network name or 'default' to edit default one created
+    external: true      # This option causes compose to join the above network instead of making a _default one

docker-compose/postiz/docker-compose.yml

@@ -0,0 +1,84 @@
+services:
+  postiz:
+    image: ghcr.io/gitroomhq/postiz-app:latest
+    container_name: postiz
+    restart: always
+    environment:
+      # You must change these. Replace `postiz.your-server.com` with your DNS name - this needs to be exactly the URL you're accessing Postiz on.
+      MAIN_URL: "https://postiz.your-server.com"
+      FRONTEND_URL: "https://postiz.your-server.com"
+      NEXT_PUBLIC_BACKEND_URL: "https://postiz.your-server.com/api"
+      JWT_SECRET: "random string that is unique to every install - just type random characters here!"
+      # These defaults are probably fine, but if you change your user/password, update it in the
+      # postiz-postgres or postiz-redis services below.
+      DATABASE_URL: "postgresql://postiz-user:postiz-password@postiz-postgres:5432/postiz-db-local"
+      REDIS_URL: "redis://postiz-redis:6379"
+      BACKEND_INTERNAL_URL: "http://localhost:3000"
+      IS_GENERAL: "true" # Required for self-hosting.
+      DISABLE_REGISTRATION: "false" # Only allow single registration, then disable signup
+      # The container images are pre-configured to use /uploads for file storage.
+      # You probably should not change this unless you have a really good reason!
+      STORAGE_PROVIDER: "local"
+      UPLOAD_DIRECTORY: "/uploads"
+      NEXT_PUBLIC_UPLOAD_DIRECTORY: "/uploads"
+    volumes:
+      - postiz-config:/config/
+      - postiz-uploads:/uploads/
+    ports:
+      - 5000:5000
+    networks:
+      - postiz-network
+    depends_on:
+      postiz-postgres:
+        condition: service_healthy
+      postiz-redis:
+        condition: service_healthy
+
+  postiz-postgres:
+    image: postgres:17-alpine
+    container_name: postiz-postgres
+    restart: always
+    environment:
+      POSTGRES_PASSWORD: postiz-password
+      POSTGRES_USER: postiz-user
+      POSTGRES_DB: postiz-db-local
+    volumes:
+      - postgres-volume:/var/lib/postgresql/data
+    networks:
+      - postiz-network
+    healthcheck:
+      test: pg_isready -U postiz-user -d postiz-db-local
+      interval: 10s
+      timeout: 3s
+      retries: 3
+  postiz-redis:
+    image: redis:7.2
+    container_name: postiz-redis
+    restart: always
+    healthcheck:
+      test: redis-cli ping
+      interval: 10s
+      timeout: 3s
+      retries: 3
+    volumes:
+      - postiz-redis-data:/data
+    networks:
+      - postiz-network
+
+
+volumes:
+  postgres-volume:
+    external: false
+
+  postiz-redis-data:
+    external: false
+
+  postiz-config:
+    external: false
+
+  postiz-uploads:
+    external: false
+
+networks:
+  postiz-network:
+    external: false