services = { "acme_dns" = { host = "node001" dns = [{ domain = "acme.serguzim.me" }] monitoring = { url = "/health" group = "7-support" } ports = [ { description = "DNS" port = 53 protocol = "tcp" type = "firewall" }, { description = "DNS" port = 53 protocol = "udp" type = "firewall" } ] auth = false database = true s3 = false }, "authentik" = { host = "node001" dns = [{ domain = "auth.serguzim.me" }] monitoring = { url = "/-/health/live/" group = "4-services" } certificates = ["auth.serguzim.me"] auth = false database = true s3 = false mail = "auth" }, "backup" = { host = "*" auth = false database = false s3 = false }, "caddy" = { host = "*" ports = [ { description = "HTTP" port = 80 protocol = "tcp" type = "reverse_proxy" }, { description = "HTTPS" port = 443 protocol = "tcp" type = "reverse_proxy" }, { description = "HTTP/3 QUIC" port = 443 protocol = "udp" type = "reverse_proxy" }, #"2019:2019", ] auth = false database = false s3 = false }, "dokku" = { host = "node001" dns = [ { domain = "paas.serguzim.me" }, { domain = "*.paas.serguzim.me" name = "dokku-wildcard" alias = "dokku" }, { domain = "serguzim.me" name = "webpage-serguzim" alias = "dokku" }, { domain = "www.serguzim.me" name = "webpage-serguzim-www" alias = "webpage-serguzim" }, ] backup = [{ name = "dokku" type = "directory" path = "/var/lib/dokku" }] monitoring = { group = "7-support" } ports = [ { description = "SSH for dokku" port = 3022 protocol = "tcp" type = "firewall" } ] auth = false database = false s3 = false }, "extra_services" = { host = "node001" auth = false database = false s3 = false }, "forgejo" = { host = "node001" dns = [{ domain = "git.serguzim.me" }] backup = [{ name = "forgejo_data" type = "docker" }] monitoring = { url = "/api/v1/version" group = "4-services" } ports = [ { description = "SSH for forgejo" port = 22 protocol = "tcp" type = "firewall" } ] auth = true auth_redirects = ["https://git.serguzim.me/user/oauth2/auth.serguzim.me/callback"] database = true s3 = true mail = "git" }, "forgejo_runner" = { host = "node001" auth = false database = false s3 = false }, "healthcheck" = { host = "node001" auth = false database = false s3 = false }, "gatus" = { host = "node001" dns = [{ domain = "status.serguzim.me" }] backup = [{ name = "gatus_data" type = "docker" }] auth = false database = false s3 = false mail = "status" }, "homebox" = { host = "node001" dns = [{ domain = "inventory.serguzim.me" }] backup = [{ name = "homebox_data" type = "docker" }] monitoring = { url = "/api/v1/status" group = "4-services" conditions = [ "DEFAULT", "[BODY].health == true" ] } auth = false database = false s3 = false mail = "inventory" }, "immich" = { host = "node001" dns = [{ domain = "gallery.serguzim.me" }] backup = [ #{ # name = "immich_upload" # type = "docker_remote" #}, { name = "immich_database" type = "hook" } ] monitoring = { group = "4-services" } auth = true auth_redirects = ["https://gallery.serguzim.me/auth/login"] database = false s3 = false }, "influxdb" = { host = "node001" dns = [{ domain = "tick.serguzim.me" }] backup = [{ name = "influxdb_data" type = "docker" }] monitoring = { url = "/health" group = "4-services" conditions = [ "DEFAULT", "[BODY].status == pass" ] } auth = false database = false s3 = false }, "jellyfin" = { host = "node001" dns = [{ domain = "media.serguzim.me" }] backup = [ { name = "jellyfin_config" type = "docker" }, #{ # name = "jellyfin_media" # type = "docker_remote" #} ] monitoring = { url = "/health" group = "4-services" conditions = [ "DEFAULT", "[BODY] == Healthy" ] } auth = false database = false s3 = false }, "lego" = { host = "*" auth = false database = false s3 = false }, "linkwarden" = { host = "node001" dns = [{ domain = "bookmarks.serguzim.me" }] monitoring = { url = "/api/v1/logins" group = "4-services" } auth = true auth_cert = "rsa" auth_redirects = ["https://bookmarks.serguzim.me/api/v1/auth/callback/authentik"] database = true s3 = true }, mailcowdockerized = { host = "node003" dns = [{ domain = "mail.serguzim.me" }] backup = [{ name = "mailcowdockerized" type = "hook" }] monitoring = { group = "4-services" } ports = [ { description = "SMTP" port = 25 protocol = "tcp" type = "firewall" }, { description = "SMTP TLS" port = 465 protocol = "tcp" type = "firewall" }, { description = "SMTP StartTLS" port = 587 protocol = "tcp" type = "firewall" }, { description = "IMAPS" port = 993 protocol = "tcp" type = "firewall" }, { description = "POPS" port = 995 protocol = "tcp" type = "firewall" }, { description = "Sieve" port = 4190 protocol = "tcp" type = "firewall" } ] auth = false database = false s3 = false }, "minio" = { host = "node001" dns = [ { domain = "s3.serguzim.me" }, { domain = "console.s3.serguzim.me" name = "minio-console" alias = "minio" } ] backup = [{ name = "minio_data" type = "docker" }] monitoring = { url = "/minio/health/live" group = "7-support" } auth = true auth_redirects = ["https://console.s3.serguzim.me/oauth_callback"] database = false s3 = false }, "ntfy" = { host = "node001" dns = [{ domain = "push.serguzim.me" }] backup = [{ name = "ntfy_data" type = "docker" }] monitoring = { url = "/v1/health" group = "4-services" conditions = [ "DEFAULT", "[BODY].healthy == true" ] } auth = false database = false s3 = false }, "postgresql" = { host = "node001" dns = [{ domain = "db.serguzim.me" }] backup = [{ name = "postgresql" type = "hook" }] monitoring = { url = "tcp://db.serguzim.me:5432" group = "7-support" conditions = [ "[CONNECTED] == true" ] } certificates = ["db.serguzim.me"] auth = false database = false s3 = false }, "reitanlage_oranienburg" = { host = "node001" dns = [ { domain = "reitanlage-oranienburg.de" }, { domain = "www.reitanlage-oranienburg.de" name = "reitanlage_oranienburg-www" alias = "reitanlage_oranienburg" } ] backup = [{ name = "reitanlage_oranienburg_data" type = "docker" }] monitoring = { group = "5-websites" } auth = false database = false s3 = false }, "shlink" = { host = "node001" dns = [ { domain = "msrg.cc" }, { domain = "msvg.cc" name = "shlink-msvg" alias = "shlink" }, { domain = "emgauwa.app" name = "shlink-emgauwa" alias = "shlink" } ] monitoring = { url = "/rest/health" group = "4-services" conditions = [ "DEFAULT", "[BODY].status == pass" ] } auth = false database = true s3 = false }, "synapse" = { host = "node001" dns = [ { domain = "matrix.serguzim.me" }, { domain = "matrix.msrg.cc" name = "synapse-msrg" alias = "synapse" } ] backup = [{ name = "synapse_media_store" type = "docker" }] monitoring = { url = "/_matrix/client/versions" group = "4-services" } ports = [ { description = "Matrix" port = 8448 protocol = "tcp" type = "reverse_proxy" } ] auth = true auth_redirects = ["https://matrix.serguzim.me/_synapse/client/oidc/callback"] database = true s3 = false mail = "matrix" }, "tandoor" = { host = "node001" dns = [{ domain = "recipes.serguzim.me" }] backup = [{ name = "tandoor_mediafiles" type = "docker" }] monitoring = { url = "/accounts/login/" group = "4-services" } auth = false database = true s3 = false }, "teamspeak_fallback" = { host = "node001" dns = [ { domain = "ts.serguzim.me" }, { domain = "hook.serguzim.me" name = "teamspeak_fallback-hook" alias = "teamspeak_fallback" } ] backup = [{ name = "teamspeak_fallback_data" type = "docker" }] monitoring = { group = "7-support" } ports = [ { description = "Teamspeak server" port = 9987 protocol = "udp" type = "firewall" }, { description = "Teamspeak filetransfer" port = 30033 protocol = "tcp" type = "firewall" }, { description = "Teamspeak serverquery" port = 10011 protocol = "tcp" type = "firewall" } ] auth = false database = false s3 = false } "telegraf" = { host = "node001" auth = false database = true s3 = false }, "tinytinyrss" = { host = "node001" dns = [{ domain = "rss.serguzim.me" }] monitoring = { url = "/tt-rss/" group = "4-services" } auth = false database = true s3 = false }, "umami" = { host = "node001" dns = [{ domain = "analytics.serguzim.me" }] monitoring = { url = "/api/heartbeat" group = "4-services" } auth = false database = true s3 = false }, "vikunja" = { host = "node001" dns = [{ domain = "todo.serguzim.me" }] backup = [{ name = "vikunja_data" type = "docker" }] monitoring = { url = "/api/v1/info" group = "4-services" } auth = true auth_redirects = ["https://todo.serguzim.me/auth/openid/authserguzimme"] database = true s3 = false mail = "todo" }, "watchtower" = { host = "*" auth = false database = false s3 = false mail = "watchtower" }, "wiki_js" = { host = "node001" dns = [{ domain = "wiki.serguzim.me" }] monitoring = { group = "4-services" } auth = true auth_redirects = ["https://wiki.serguzim.me/login/f792bc7d-1a25-4437-944e-55eaf0111102/callback"] database = true s3 = false mail = "wiki" }, "woodpecker" = { host = "node001" dns = [ { domain = "ci.serguzim.me" }, { domain = "agents.ci.serguzim.me" name = "woodpecker-agents" alias = "woodpecker" } ] monitoring = { url = "/healthz" group = "4-services" } auth = false database = true s3 = false } }