version: "3.8" services: # NGINX PROXY MANAGER # Web UI: http://192.168.0.46:81 nginx-proxy-manager: image: jc21/nginx-proxy-manager:latest container_name: nginx-proxy-manager restart: unless-stopped dns: - 8.8.8.8 ports: - "80:80" # HTTP traffic (free now that PiHole moved) - "443:443" # HTTPS traffic (free now that PiHole moved) - "81:81" # Admin web UI volumes: - /home/family/homelab/npm/data:/data - /home/family/homelab/npm/letsencrypt:/etc/letsencrypt # VAULTWARDEN # Web UI: http://192.168.0.46:8080 vaultwarden: image: vaultwarden/server:latest container_name: vaultwarden restart: unless-stopped ports: - "8080:80" volumes: - /home/family/homelab/vaultwarden/data:/data environment: - SIGNUPS_ALLOWED=false - ADMIN_TOKEN=79JdtLV00ucORU - WEBSOCKET_ENABLED=true - LOGIN_RATELIMIT_MAX_BURST=10 - LOGIN_RATELIMIT_SECONDS=60 - ADMIN_RATELIMIT_MAX_BURST=5 - ADMIN_RATELIMIT_SECONDS=60 # PIHOLE # Web UI: http://192.168.0.46:8082/admin # Password: admin pihole: image: pihole/pihole:latest container_name: pihole restart: unless-stopped ports: - "53:53/tcp" # DNS - "53:53/udp" # DNS - "8082:80" # PiHole web UI (moved off port 80) volumes: - /home/family/homelab/pihole/etc-pihole:/etc/pihole - /home/family/homelab/pihole/etc-dnsmasq.d:/etc/dnsmasq.d environment: - TZ=America/New_York - WEBPASSWORD=admin - FTLCONF_dns_listeningMode=all # SYNCTHING # Web UI: http://192.168.0.46:8384 syncthing: image: syncthing/syncthing:latest container_name: syncthing restart: unless-stopped dns: - 8.8.8.8 ports: - "8384:8384" # Web UI - "22000:22000/tcp" # Sync protocol - "22000:22000/udp" # Sync protocol - "21027:21027/udp" # Discovery broadcasts volumes: - /home/family/homelab/syncthing/config:/var/syncthing/config - /home/joe-solis/private/renpy-saves:/home/joe-solis/private/renpy-saves - /home/family/snapshots:/home/family/snapshots - /home/family/homelab/homepage:/home/family/homelab/homepage environment: - TZ=America/New_York - PUID=1000 - PGID=1000 # UPTIME KUMA # Web UI: http://192.168.0.46:3001 uptime-kuma: image: louislam/uptime-kuma:latest container_name: uptime-kuma restart: unless-stopped ports: - "3001:3001" dns: - 8.8.8.8 volumes: - /home/family/homelab/uptime-kuma/data:/app/data # Homepage: single landing screen homepage: image: ghcr.io/gethomepage/homepage:latest container_name: homepage restart: unless-stopped dns: - 8.8.8.8 ports: - 3000:3000 volumes: - /home/family/homelab/homepage:/app/config # Make sure your local config directory exists - /var/run/docker.sock:/var/run/docker.sock:ro # (optional) For docker integrations - /home:/mnt/home:ro environment: - HOMEPAGE_ALLOWED_HOSTS=192.168.0.46:3000,lab.home # required, may need port. See gethomepage.dev/installation/#homepage_allowed_hosts - HOMEPAGE_VAR_NPM_USER=spacegoblins@protonmail.com - HOMEPAGE_VAR_NPM_PASS=EJtH'7Fb7iGa}aj - HOMEPAGE_VAR_PIHOLE_KEY=PkqRk8RF]RPf'sh - HOMEPAGE_VAR_DOCKHAND_USER=admin - HOMEPAGE_VAR_DOCKHAND_PASSWORD=m6RK52Z7!2&@uqh # tiny app to generate snapshots snapshot-api: image: python:3.12-slim container_name: snapshot-api restart: unless-stopped privileged: true pid: host ports: - "8765:8765" volumes: - /home/family/homelab/snapshot-api/app.py:/app/app.py:ro - /home/family/snapshots:/snapshots - /home/family/snapshot.sh:/snapshot.sh:ro working_dir: /app command: bash -c "pip install flask --quiet && python3 /app/app.py" # AUTHELIA (SSO / Forward Auth) # Single container. NPM uses it as forward auth middleware for protected services. # Login portal: https://authelia.spacegoblins.org authelia: image: authelia/authelia:latest container_name: authelia restart: unless-stopped ports: - "9091:9091" # HTTP — NPM proxies this to https://authelia.spacegoblins.org dns: - 8.8.8.8 volumes: - /home/family/homelab/authelia/config:/config environment: - TZ=America/New_York # GITEA (Git hosting) gitea: image: gitea/gitea:latest container_name: gitea restart: unless-stopped ports: - "3005:3000" - "2223:22" volumes: - /home/family/homelab/gitea/data:/data environment: - USER_UID=1000 - USER_GID=1000 - GITEA__database__DB_TYPE=sqlite3 - GITEA__server__ROOT_URL=https://gitea.spacegoblins.org/ # VIKUNJA (Task manager) # As of v0.23.0, frontend and API are merged into a single image. vikunja: image: vikunja/vikunja:latest container_name: vikunja restart: unless-stopped ports: - "3456:3456" volumes: - /home/family/homelab/vikunja/data:/app/vikunja/files environment: - VIKUNJA_DATABASE_TYPE=sqlite - VIKUNJA_DATABASE_PATH=/app/vikunja/files/vikunja.db - VIKUNJA_SERVICE_PUBLICURL=https://vikunja.spacegoblins.org # Docmost, for note taking. plus dependencies docmost: image: docmost/docmost:latest container_name: docmost restart: unless-stopped depends_on: - docmost-db - docmost-redis ports: - "3003:3000" volumes: - /home/family/homelab/docmost/data:/app/data/storage environment: - APP_URL=https://docmost.spacegoblins.org - APP_SECRET=1e7b0575ccdc4ae349c5110d2a592099bc0bdf40404ef99e6ed2ec11f8d060a2 - DATABASE_URL=postgresql://docmost:5PKEzKzVDcFkjG@docmost-db/docmost - REDIS_URL=redis://docmost-redis:6379 docmost-db: image: postgres:16-alpine container_name: docmost-db restart: unless-stopped volumes: - /home/family/homelab/docmost/postgres:/var/lib/postgresql/data environment: - POSTGRES_USER=docmost - POSTGRES_PASSWORD=5PKEzKzVDcFkjG - POSTGRES_DB=docmost docmost-redis: image: redis:7-alpine container_name: docmost-redis restart: unless-stopped volumes: - /home/family/homelab/docmost/redis:/data