initial composes

RPi/Caddy/Caddyfile

@@ -0,0 +1,174 @@
+vault.casademm.de {
+  log {
+    level INFO
+    output file {$LOG_FILE} {
+      roll_size 10MB
+      roll_keep 10
+    }
+  }
+
+
+  # Use the ACME HTTP-01 challenge to get a cert for the configured domain.
+  tls {$EMAIL}
+
+  # This setting may have compatibility issues with some browsers
+  # (e.g., attachment downloading on Firefox). Try disabling this
+  # if you encounter issues.
+  encode zstd gzip
+
+  # Proxy everything Rocket
+  reverse_proxy vaultwarden:80 {
+       # Send the true remote IP to Rocket, so that vaultwarden can put this in the
+       # log, so that fail2ban can ban the correct IP.
+       header_up X-Real-IP {remote_host}
+  }
+  
+  
+  
+}
+
+https://portainer.casademm.de {
+    tls {$EMAIL}
+
+    reverse_proxy https://portainer:9443 {
+        transport http {
+            tls
+            tls_insecure_skip_verify
+        }
+    }
+}
+
+
+
+https://heimdall.casademm.de {
+    tls {$EMAIL}
+
+    reverse_proxy https://heimdall:443 {
+        transport http {
+            tls
+            tls_insecure_skip_verify
+        }
+    }
+}
+
+https://fritz.casademm.de {
+    tls {$EMAIL}
+
+    reverse_proxy https://192.168.178.1 {
+        transport http {
+            tls
+            tls_insecure_skip_verify
+        }
+    }
+}
+
+
+#https://heidrun.casademm.de {
+#    tls {$EMAIL}
+
+#    reverse_proxy https://192.168.178.23 {
+#        transport http {
+#            tls
+#            tls_insecure_skip_verify
+#        }
+#    }
+#}
+
+hole.casademm.de {
+    tls {$EMAIL}
+
+    reverse_proxy pihole:443 {
+        transport http {
+            tls_insecure_skip_verify
+        }
+    }
+}
+
+mb.casademm.de {
+    tls {$EMAIL}
+
+    reverse_proxy systems.casademm.de:2333 {
+        transport http {
+            tls_insecure_skip_verify
+        }
+    }
+}
+
+ss.casademm.de {
+    tls {$EMAIL}
+
+    reverse_proxy systems.casademm.de:8003 {
+        transport http {
+            tls_insecure_skip_verify
+        }
+    }
+}
+
+ftp.casademm.de {
+    
+
+    reverse_proxy systems.casademm.de:8080 {
+        
+    }
+}
+
+next.casademm.de {
+    reverse_proxy https://nextcloud:443 {
+        transport http {
+            tls_insecure_skip_verify
+        }
+    }
+}
+
+wtw.casademm.de {
+    tls {$EMAIL}
+
+    reverse_proxy http://systems.casademm.de:3630 {
+        
+    }
+}
+https://home.casademm.de {
+    tls {$EMAIL}
+
+    reverse_proxy https://heimdall:443 {
+        transport http {
+            tls
+            tls_insecure_skip_verify
+        }
+    }
+}
+
+
+hsm.casademm.de {
+    tls {$EMAIL}
+
+    reverse_proxy http://systems.casademm.de:3001 {
+        
+    }
+}
+
+gitea.casademm.de {
+    tls {$EMAIL}
+
+    reverse_proxy http://systems.casademm.de:3000 {
+        
+    }
+}
+
+
+
+
+act.casademm.de {
+    #tls {$EMAIL}
+
+    encode gzip zstd
+    reverse_proxy actual-server:5006
+}
+
+php.casademm.de {
+    reverse_proxy http://phpmyadmin:80
+}
+
+maria.casademm.de {
+    reverse_proxy mariadb:3306
+}

RPi/Caddy/compose.yaml

@@ -0,0 +1,29 @@
+services:
+  caddy:
+    image: dhi.io/caddy:2-debian13-dev
+    container_name: caddy
+    restart: always
+    ports:
+      - 80:80  # Needed for the ACME HTTP-01 challenge.
+      - 443:443
+      - 443:443/udp # Needed for HTTP/3.
+    volumes:
+      - ./Caddyfile:/etc/caddy/Caddyfile:ro
+      - ./caddy-config:/config
+      - ./caddy-data:/data
+    environment:
+      DOMAIN: "https://vault.casademm.de"  # Your domain.
+      EMAIL: "t.r.martin22699@gmail.com"                 # The email address to use for ACME registration.
+      LOG_FILE: "/data/access.log"
+    networks:
+      - casa-de-martmann
+      - proxy
+      
+networks:
+  casa-de-martmann:
+    name: casa-de-martmann
+    external: true
+    
+  proxy:
+    name: proxy
+    external: true

RPi/MariaDB/compose.yaml

@@ -0,0 +1,33 @@
+services:
+  mariadb:
+    image: mariadb:latest
+    container_name: mariadb
+    restart: always
+    environment:
+      MYSQL_ROOT_PASSWORD: bmjsfoznrc
+      MYSQL_DATABASE: entry
+      MYSQL_USER: roulette
+      MYSQL_PASSWORD: bmjsfoznrc
+    ports:
+      - "3306:3306"
+    volumes:
+      - ./data:/var/lib/mysql
+    networks:
+      - casa-de-martmann
+
+  phpmyadmin:
+    image: phpmyadmin:latest
+    container_name: phpmyadmin
+    restart: always
+    environment:
+      PMA_HOST: mariadb
+    ports:
+      - "8085:80"
+    depends_on:
+      - mariadb
+    networks:
+      - casa-de-martmann
+networks:
+  casa-de-martmann:
+    name: casa-de-martmann
+    external: true

RPi/Nextcloud/compose.yaml

@@ -0,0 +1,21 @@
+services:
+  nextcloud:
+    image: lscr.io/linuxserver/nextcloud:latest
+    networks:
+      - casa-de-martmann
+    container_name: nextcloud
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - /media/admin/62 GB Volume/Nextcloud_config:/config
+      - /media/admin/62 GB Volume/Nextcloud_data:/data
+    ports:
+      - 4435:443
+    restart: unless-stopped
+    
+networks:
+  casa-de-martmann:
+    name: casa-de-martmann
+    external: true

RPi/PiHole/compose.yaml

@@ -0,0 +1,50 @@
+# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
+services:
+  pihole:
+    container_name: pihole
+    image: pihole/pihole:latest
+    ports:
+      # DNS Ports
+      - "53:53/tcp"
+      - "53:53/udp"
+      # Default HTTP Port
+      - "8081:80/tcp"
+      # Default HTTPs Port. FTL will generate a self-signed certificate
+      - "4430:443/tcp"
+      # Uncomment the line below if you are using Pi-hole as your DHCP server
+      #- "67:67/udp"
+      # Uncomment the line below if you are using Pi-hole as your NTP server
+      #- "123:123/udp"
+    environment:
+      # Set the appropriate timezone for your location (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones), e.g:
+      TZ: 'Europe/Berlin'
+      # Set a password to access the web interface. Not setting one will result in a random password being assigned
+      FTLCONF_webserver_api_password: 'bmjsfoznrc'
+      # If using Docker's default `bridge` network setting the dns listening mode should be set to 'ALL'
+      FTLCONF_dns_listeningMode: 'ALL'
+    # Volumes store your data between container upgrades
+    volumes:
+      # For persisting Pi-hole's databases and common configuration file
+      - './etc-pihole:/etc/pihole'
+      # Uncomment the below if you have custom dnsmasq config files that you want to persist. Not needed for most starting fresh with Pi-hole v6. If you're upgrading from v5 you and have used this directory before, you should keep it enabled for the first v6 container start to allow for a complete migration. It can be removed afterwards. Needs environment variable FTLCONF_misc_etc_dnsmasq_d: 'true'
+      #- './etc-dnsmasq.d:/etc/dnsmasq.d'
+    cap_add:
+      # See https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
+      # Required if you are using Pi-hole as your DHCP server, else not needed
+      - NET_ADMIN
+      # Required if you are using Pi-hole as your NTP client to be able to set the host's system time
+      - SYS_TIME
+      # Optional, if Pi-hole should get some more processing time
+      - SYS_NICE
+    restart: unless-stopped
+    networks:
+      - casa-de-martmann
+      - proxy
+      
+networks:
+  casa-de-martmann:
+    name: casa-de-martmann
+    external: true
+  proxy:
+    name: proxy
+    external: true

RPi/Portainer/compose.yaml

@@ -0,0 +1,23 @@
+services:
+  portainer:
+    container_name: portainer
+    image: portainer/portainer-ce:lts
+    restart: always
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - portainer_data:/data
+
+    ports:
+      - 9443:9443
+      - 8000:8000  # Remove if you do not intend to use Edge Agents
+      
+    networks:
+      - casa-de-martmann
+volumes:
+  portainer_data:
+    name: portainer_data
+
+networks:
+  casa-de-martmann:
+    name: casa-de-martmann
+    external: true

RPi/Vaultwarden Docker Compose/compose.yaml

@@ -0,0 +1,18 @@
+services:
+  vaultwarden:
+    networks:
+      - casa-de-martmann
+      
+    image: vaultwarden/server:latest
+    container_name: vaultwarden
+    restart: always
+    environment:
+      DOMAIN: "https://vault.casademm.de"  # Your domain; vaultwarden needs to know it's https to work properly with attachments
+      SIGNUPS_ALLOWED: "false"
+      
+    volumes:
+      - ./vw-data:/data
+networks:
+  casa-de-martmann:
+    name: casa-de-martmann
+    external: true