From 3d4c01fc1b08ded3db50b9e02f7d8fe63038beeb Mon Sep 17 00:00:00 2001 From: GSRN Date: Sat, 30 Aug 2025 22:50:16 +0200 Subject: [PATCH] Enhance README.md with detailed service descriptions and port matrix for Docker services in the home lab environment. --- README.md | 72 +++++++++++++++++++++++ firefly/compose.yaml | 88 ++++++++++++++++++++++++++++ frigate/compose.yaml | 32 ++++++++++ frigate/config/config.yaml | 116 +++++++++++++++++++++++++++++++++++++ gittea/compose.yaml | 40 +++++++++++++ immich/docker-compose.yml | 88 ++++++++++++++++++++++++++++ mongo/compose.yaml | 17 ++++++ n8n/compose.yaml | 25 ++++++++ portainer/compose.yaml | 20 +++++++ redis/compose.yaml | 42 ++++++++++++++ watchtower/compose.yaml | 35 +++++++++++ webmap/compose.yaml | 34 +++++++++++ 12 files changed, 609 insertions(+) create mode 100644 firefly/compose.yaml create mode 100644 frigate/compose.yaml create mode 100644 frigate/config/config.yaml create mode 100644 gittea/compose.yaml create mode 100644 immich/docker-compose.yml create mode 100644 mongo/compose.yaml create mode 100644 n8n/compose.yaml create mode 100644 portainer/compose.yaml create mode 100644 redis/compose.yaml create mode 100644 watchtower/compose.yaml create mode 100644 webmap/compose.yaml diff --git a/README.md b/README.md index e0ae6b2..103c23e 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,74 @@ # homelab_docker +A collection of Docker services for a home lab environment. + +## Port Matrix + +| Service | 80 | 81 | 222 | 2283 | 3000 | 5000 | 5540 | 5678 | 6379 | 8001 | 8554 | 8555 | 8971 | 9000 | 9443 | 27017 | +|---------|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----| +| πŸ”₯ Firefly III | βœ… | βœ… | | | | | | | | | | | | | | | +| πŸ“Ή Frigate | | | | | | βœ… | | | | | βœ… | βœ… | βœ… | | | | +| πŸ™ Gitea | | | βœ… | | βœ… | | | | | | | | | | | | +| πŸ“± Immich | | | | βœ… | | | | | | | | | | | | | +| πŸƒ MongoDB | | | | | | | | | | | | | | | | βœ… | +| πŸ”„ n8n | | | | | | | | βœ… | | | | | | | | | +| 🐳 Portainer | | | | | | | | | | | | | | | βœ… | βœ… | +| πŸ”΄ Redis | | | | | | | βœ… | | βœ… | | | | | | | | +| πŸ—ΊοΈ WebMap | | | | | | | | | | βœ… | | | | | | | + +## Services + +### πŸ”₯ Firefly III +**Ports:** 80 (Core), 81 (Data Importer) +**Description:** Personal finance manager with budgeting, expense tracking, and financial insights. Includes data import capabilities and automated cron jobs for recurring transactions. + +### πŸ“Ή Frigate +**Ports:** 8971, 5000, 8554, 8555 +**Description:** NVR (Network Video Recorder) with real-time object detection using AI. Supports RTSP cameras, USB Coral TPU for hardware acceleration, and provides web interface for monitoring. + +### πŸ™ Gitea +**Ports:** 3000 (Web), 222 (SSH) +**Description:** Self-hosted Git service similar to GitHub/GitLab. Provides repository hosting, issue tracking, and collaboration tools with PostgreSQL backend. + +### πŸ“± Immich +**Ports:** 2283 +**Description:** Self-hosted photo and video backup solution with machine learning capabilities. Features automatic organization, face recognition, and mobile app support. + +### πŸƒ MongoDB +**Ports:** 27017 +**Description:** NoSQL database service for applications requiring flexible document storage and high performance data operations. + +### πŸ”„ n8n +**Ports:** 5678 +**Description:** Workflow automation platform that connects different services and APIs. Create automated workflows with a visual interface. + +### 🐳 Portainer +**Ports:** 9000, 9443 +**Description:** Web-based Docker management interface for managing containers, images, volumes, and networks through a user-friendly GUI. + +### πŸ”΄ Redis +**Ports:** 6379 (Redis), 5540 (RedisInsight) +**Description:** In-memory data structure store with RedisInsight for database management and monitoring. Used as cache, message broker, and session store. + +### πŸ‘€ Watchtower +**Description:** Automated Docker container updater that monitors running containers and automatically updates them to the latest available image versions. + +### πŸ—ΊοΈ WebMap +**Ports:** 8001 +**Description:** Network discovery and visualization tool that scans network devices and provides a web interface to view network topology and device information. + +## Getting Started + +Each service is contained in its own directory with a `compose.yaml` file. To start a service: + +```bash +cd +docker-compose up -d +``` + +## Requirements + +- Docker and Docker Compose +- Sufficient storage for data volumes +- Network access for services that require external connections + diff --git a/firefly/compose.yaml b/firefly/compose.yaml new file mode 100644 index 0000000..c424a7f --- /dev/null +++ b/firefly/compose.yaml @@ -0,0 +1,88 @@ +# +# The Firefly III Data Importer will ask you for the Firefly III URL and a "Client ID". +# You can generate the Client ID at http://localhost/profile (after registering) +# The Firefly III URL is: http://app:8080 +# +# Other URL's will give 500 | Server Error +# + +services: + app: + image: fireflyiii/core:latest + hostname: app + container_name: firefly_iii_core + networks: + - firefly_iii + restart: always + volumes: + - firefly_iii_upload:/var/www/html/storage/upload + env_file: .env + ports: + - '80:8080' + depends_on: + - db + healthcheck: + test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/api/v1/about"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 60s + db: + image: mariadb:lts + hostname: db + container_name: firefly_iii_db + networks: + - firefly_iii + restart: always + env_file: .db.env + volumes: + - firefly_iii_db:/var/lib/mysql + healthcheck: + test: ["CMD", "mysqladmin", "ping", "-h", "localhost"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s + + importer: + image: fireflyiii/data-importer:latest + hostname: importer + restart: always + container_name: firefly_iii_importer + networks: + - firefly_iii + ports: + - '81:8080' + depends_on: + - app + env_file: .importer.env + healthcheck: + test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/health"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s + + cron: + # + # To make this work, set STATIC_CRON_TOKEN in your .env file or as an environment variable and replace REPLACEME below + # The STATIC_CRON_TOKEN must be *exactly* 32 characters long + # + image: alpine + container_name: firefly_iii_cron + restart: always + command: sh -c " + apk add tzdata + && ln -s /usr/share/zoneinfo/${TZ} /etc/localtime + | echo \"0 3 * * * wget -qO- http://app:8080/api/v1/cron/HcguQHJQpjR38uLfred;echo\" + | crontab - + && crond -f -L /dev/stdout" + networks: + - firefly_iii +volumes: + firefly_iii_upload: + firefly_iii_db: + +networks: + firefly_iii: + driver: bridge \ No newline at end of file diff --git a/frigate/compose.yaml b/frigate/compose.yaml new file mode 100644 index 0000000..a18859b --- /dev/null +++ b/frigate/compose.yaml @@ -0,0 +1,32 @@ +version: "3.9" +services: + frigate: + container_name: frigate + restart: unless-stopped + stop_grace_period: 30s # allow enough time to shut down the various services + image: ghcr.io/blakeblackshear/frigate:stable + shm_size: "512mb" # update for your cameras based on calculation above + devices: + - /dev/bus/usb:/dev/bus/usb # Passes the USB Coral, needs to be modified for other versions + volumes: + - /etc/localtime:/etc/localtime:ro + - ./config:/config + - ./storage:/media/frigate + - type: tmpfs # Optional: 1GB of memory, reduces SSD/SD Card wear + target: /tmp/cache + tmpfs: + size: 3000000000 + ports: + - "8971:8971" + - "5000:5000" # Internal unauthenticated access. Expose carefully. + - "8554:8554" # RTSP feeds + - "8555:8555/tcp" # WebRTC over tcp + - "8555:8555/udp" # WebRTC over udp + environment: + FRIGATE_RTSP_PASSWORD: "password" + healthcheck: + test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:5000/api/version"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 60s diff --git a/frigate/config/config.yaml b/frigate/config/config.yaml new file mode 100644 index 0000000..5a85df7 --- /dev/null +++ b/frigate/config/config.yaml @@ -0,0 +1,116 @@ +mqtt: + enabled: true + host: 192.168.2.158 + user: frigate + password: Frigate1234! + +go2rtc: + streams: + achtertuin: + - ffmpeg:http://192.168.2.26/flv?port=1935&app=bcs&stream=channel0_main.bcs&user=admin&password=Olenoob220996 # channel numbers are 0-15 + - ffmpeg:your_reolink_camera_via_nvr#audio=aac + achtertuin_sub: + - ffmpeg:http://192.168.2.26/flv?port=1935&app=bcs&stream=channel0_ext.bcs&user=admin&password=Olenoob220996 + tuinhuis: + - ffmpeg:http://192.168.2.26/flv?port=1935&app=bcs&stream=channel1_main.bcs&user=admin&password=Olenoob220996 # channel numbers are 0-15 + - ffmpeg:your_reolink_camera_via_nvr#audio=aac + tuinhuis_sub: + - ffmpeg:http://192.168.2.26/flv?port=1935&app=bcs&stream=channel1_ext.bcs&user=admin&password=Olenoob220996 + carport: + - ffmpeg:http://192.168.2.26/flv?port=1935&app=bcs&stream=channel2_main.bcs&user=admin&password=Olenoob220996 # channel numbers are 0-15 + - ffmpeg:your_reolink_camera_via_nvr#audio=aac + carport_sub: + - ffmpeg:http://192.168.2.26/flv?port=1935&app=bcs&stream=channel2_ext.bcs&user=admin&password=Olenoob220996 + + +cameras: + achtertuin: + enabled: true + ffmpeg: + inputs: + - path: rtsp://127.0.0.1:8554/achtertuin?video=copy&audio=aac # <----- The stream you want to use for detection + roles: + - record + - path: rtsp://127.0.0.1:8554/achtertuin_sub?video=copy + roles: + - detect + zones: + ingang: + coordinates: + 0.292,0.006,0.138,0.134,0,0.178,0.002,0.995,0.994,0.995,0.998,0.391,0.998,0.131,0.649,0.075,0.647,0.007 + loitering_time: 0 + inertia: 3 + objects: person + review: + alerts: + required_zones: ingang + motion: + threshold: 33 + contour_area: 10 + improve_contrast: true + tuinhuis: + enabled: true + ffmpeg: + inputs: + - path: rtsp://127.0.0.1:8554/tuinhuis?video=copy&audio=aac # <----- The stream you want to use for detection + roles: + - record + - path: rtsp://127.0.0.1:8554/tuinhuis_sub?video=copy + roles: + - detect + carport: + enabled: true + ffmpeg: + inputs: + - path: rtsp://127.0.0.1:8554/carport?video=copy&audio=aac # <----- The stream you want to use for detection + roles: + - record + - path: rtsp://127.0.0.1:8554/carport_sub?video=copy + roles: + - detect + + motion: + threshold: 35 + contour_area: 10 + improve_contrast: true +version: 0.16-0 + +detect: + enabled: true + +semantic_search: + enabled: false + model_size: small + +face_recognition: + enabled: true + model_size: large + +lpr: + enabled: true + +classification: + bird: + enabled: false + +detectors: + coral: + type: edgetpu + device: usb + +record: + enabled: true + retain: + days: 0 + alerts: + retain: + days: 3 # <- number of days to keep alert recordings + detections: + retain: + days: 3 + +objects: + track: + - person + - car + - bicycle diff --git a/gittea/compose.yaml b/gittea/compose.yaml new file mode 100644 index 0000000..8fdf036 --- /dev/null +++ b/gittea/compose.yaml @@ -0,0 +1,40 @@ +networks: + gitea: + external: false + +services: + server: + image: docker.gitea.com/gitea:latest + container_name: gitea + environment: + - USER_UID=1000 + - USER_GID=1000 + - GITEA__database__DB_TYPE=postgres + - GITEA__database__HOST=db:5432 + - GITEA__database__NAME=gitea + - GITEA__database__USER=gitea + - GITEA__database__PASSWD=gitea + restart: always + networks: + - gitea + volumes: + - ./gitea:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + ports: + - "3000:3000" + - "222:22" + depends_on: + - db + + db: + image: docker.io/library/postgres:14 + restart: always + environment: + - POSTGRES_USER=gitea + - POSTGRES_PASSWORD=gitea + - POSTGRES_DB=gitea + networks: + - gitea + volumes: + - ./postgres:/var/lib/postgresql/data diff --git a/immich/docker-compose.yml b/immich/docker-compose.yml new file mode 100644 index 0000000..74f7d1e --- /dev/null +++ b/immich/docker-compose.yml @@ -0,0 +1,88 @@ +# +# WARNING: To install Immich, follow our guide: https://immich.app/docs/install/docker-compose +# +# Make sure to use the docker-compose.yml of the current release: +# +# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml +# +# The compose file on main may not be compatible with the latest release. + +name: immich + +services: + immich-server: + container_name: immich_server + image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} + # extends: + # file: hwaccel.transcoding.yml + # service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding + volumes: + # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file + - ${UPLOAD_LOCATION}:/data + - /etc/localtime:/etc/localtime:ro + env_file: + - .env + ports: + - '2283:2283' + depends_on: + - redis + - database + restart: unless-stopped + healthcheck: + test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:2283/health"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 60s + + immich-machine-learning: + container_name: immich_machine_learning + # For hardware acceleration, add one of -[armnn, cuda, rocm, openvino, rknn] to the image tag. + # Example tag: ${IMMICH_VERSION:-release}-cuda + image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release} + # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration + # file: hwaccel.ml.yml + # service: cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference - use the `-wsl` version for WSL2 where applicable + volumes: + - model-cache:/cache + env_file: + - .env + restart: unless-stopped + healthcheck: + test: ["CMD", "ps", "aux", "|", "grep", "python", "|", "grep", "-v", "grep"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 60s + + redis: + container_name: immich_redis + image: docker.io/valkey/valkey:8-bookworm@sha256:facc1d2c3462975c34e10fccb167bfa92b0e0dbd992fc282c29a61c3243afb11 + healthcheck: + test: redis-cli ping || exit 1 + restart: unless-stopped + + database: + container_name: immich_postgres + image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:32324a2f41df5de9efe1af166b7008c3f55646f8d0e00d9550c16c9822366b4a + environment: + POSTGRES_PASSWORD: ${DB_PASSWORD} + POSTGRES_USER: ${DB_USERNAME} + POSTGRES_DB: ${DB_DATABASE_NAME} + POSTGRES_INITDB_ARGS: '--data-checksums' + # Uncomment the DB_STORAGE_TYPE: 'HDD' var if your database isn't stored on SSDs + # DB_STORAGE_TYPE: 'HDD' + volumes: + # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file + - ${DB_DATA_LOCATION}:/var/lib/postgresql/data + shm_size: 128mb + restart: unless-stopped + healthcheck: + test: ["CMD-SHELL", "pg_isready -U ${DB_USERNAME} -d ${DB_DATABASE_NAME}"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s + +volumes: + model-cache: diff --git a/mongo/compose.yaml b/mongo/compose.yaml new file mode 100644 index 0000000..9026103 --- /dev/null +++ b/mongo/compose.yaml @@ -0,0 +1,17 @@ +version: '3.8' +services: + mongodb: + image: mongo:6-jammy + ports: + - '27017:27017' + volumes: + - dbdata6:/data/db + restart: "unless-stopped" + healthcheck: + test: ["CMD", "mongosh", "--eval", "db.adminCommand('ping')"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s +volumes: + dbdata6: diff --git a/n8n/compose.yaml b/n8n/compose.yaml new file mode 100644 index 0000000..5af52a7 --- /dev/null +++ b/n8n/compose.yaml @@ -0,0 +1,25 @@ +version: '3' + +services: + n8n: + image: docker.n8n.io/n8nio/n8n:latest + container_name: n8n + ports: + - "5678:5678" + volumes: + - n8n_data:/home/node/.n8n + - ./data:/data + - /etc/localtime:/etc/localtime:ro + restart: unless-stopped + env_file: + - .env + network_mode: "host" + healthcheck: + test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:5678/healthz"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s + +volumes: + n8n_data: diff --git a/portainer/compose.yaml b/portainer/compose.yaml new file mode 100644 index 0000000..7a2a17e --- /dev/null +++ b/portainer/compose.yaml @@ -0,0 +1,20 @@ +version: "3" +services: + portainer: + image: portainer/portainer-ce:latest + ports: + - 9443:9443 + - 9000:9000 + volumes: + - data:/data + - /var/run/docker.sock:/var/run/docker.sock + - ./curl:/usr/local/bin/curl + restart: unless-stopped + healthcheck: + test: ["CMD","/usr/local/bin/curl", "http://localhost:9000/api/system/status"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s +volumes: + data: diff --git a/redis/compose.yaml b/redis/compose.yaml new file mode 100644 index 0000000..4800e9e --- /dev/null +++ b/redis/compose.yaml @@ -0,0 +1,42 @@ +services: + redis: + image: redis:7-alpine + container_name: redis + restart: unless-stopped + command: > + redis-server + --requirepass Olenoob2209 + --appendonly yes + ports: + - "6379:6379" # Optional: expose only if needed + volumes: + - redis_data:/data + environment: + - REDIS_PASSWORD=Olenoob2209 + networks: + - redis_net + healthcheck: + test: ["CMD", "redis-cli", "-a", "Olenoob2209", "ping"] + interval: 10s + timeout: 3s + retries: 5 + start_period: 5s + + redisinsight: + image: redislabs/redisinsight:2.70 + container_name: redisinsight + restart: unless-stopped + ports: + - "5540:5540" # Access via http://localhost:8001 + networks: + - redis_net + volumes: + - redisinsight_data:/db + +volumes: + redis_data: + redisinsight_data: + +networks: + redis_net: + driver: bridge diff --git a/watchtower/compose.yaml b/watchtower/compose.yaml new file mode 100644 index 0000000..f7cb386 --- /dev/null +++ b/watchtower/compose.yaml @@ -0,0 +1,35 @@ +services: + watchtower: + image: containrrr/watchtower + container_name: watchtower + restart: unless-stopped + volumes: + - /var/run/docker.sock:/var/run/docker.sock + environment: + WATCHTOWER_CLEANUP: "true" + WATCHTOWER_POLL_INTERVAL: 86400 + WATCHTOWER_NOTIFICATION_REPORT: "true" + WATCHTOWER_NOTIFICATION_URL: > + generic+http://192.168.2.158:8123/api/webhook/-skoZVzhPaZcecNZaigi9Np1B?template=json + WATCHTOWER_NOTIFICATION_TEMPLATE: | + {"title":"Watchtower","message":" + {{- if .Report -}} + {{- with .Report -}} + {{len .Scanned}} Scanned, {{len .Updated}} Updated, {{len .Failed}} Failed + {{- range .Updated}} + - {{.Name}} ({{.ImageName}}): {{.CurrentImageID.ShortID}} updated to {{.LatestImageID.ShortID}} + {{- end -}} + {{- range .Fresh}} + - {{.Name}} ({{.ImageName}}): {{.State}} + {{- end -}} + {{- range .Skipped}} + - {{.Name}} ({{.ImageName}}): {{.State}}: {{.Error}} + {{- end -}} + {{- range .Failed}} + - {{.Name}} ({{.ImageName}}): {{.State}}: {{.Error}} + {{- end -}} + {{- end -}} + {{- else -}} + {{range .Entries -}}{{.Message}}\n{{- end -}} + {{- end -}}" + } diff --git a/webmap/compose.yaml b/webmap/compose.yaml new file mode 100644 index 0000000..c8a1064 --- /dev/null +++ b/webmap/compose.yaml @@ -0,0 +1,34 @@ +version: '3.3' +services: + nmap: + image: instrumentisto/nmap + container_name: nmap + command: -sT -A -T3 -oX tmp/myscan.xml 192.168.2.0/24 + cap_add: + - NET_ADMIN + volumes: + - ./webmap:/tmp + network_mode: host + environment: + - PUID=1000 + - PGID=100 + + + webmap: + container_name: webmap + hostname: webmap + ports: + - '8001:8000' + volumes: + - ./webmap:/opt/xml + image: reborntc/webmap + environment: + - PUID=1000 + - PGID=100 + restart: unless-stopped + healthcheck: + test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8000"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s