Folder reorg if prep for using git runner

Docker/Caddy/Another/Dockerfile.2

@@ -1,19 +0,0 @@
-# Stage 1: Build Caddy with required plugins
-FROM golang:latest AS builder
-
-# Enable Go Modules and set Go proxy to avoid direct GitHub calls
-ENV GO111MODULE=on
-ENV GOPROXY=https://proxy.golang.org,direct
-
-# Install xcaddy
-RUN go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
-
-# Build Caddy with required plugins
-RUN xcaddy build \
-    --with github.com/lucaslorentz/caddy-docker-proxy/v2 \
-    --with github.com/crowdsecurity/caddy-bouncer/v2
-# Stage 2: Create final lightweight image
-FROM caddy:latest
-
-# Copy built Caddy binary from builder stage
-COPY --from=builder /go/bin/caddy /usr/bin/caddy

Docker/Caddy/Another/Dockerfile.old

@@ -1,20 +0,0 @@
-FROM golang:latest AS builder
-
-# Enable Go Modules and force Go proxy usage
-ENV GO111MODULE=on
-ENV GOPROXY=https://proxy.golang.org,direct
-
-# Install xcaddy
-RUN go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
-
-# Build Caddy with required plugins
-RUN xcaddy build \
-    --with github.com/lucaslorentz/caddy-docker-proxy/v2 \
-    --with github.com/crowdsecurity/caddy-bouncer
-
-# Create a lightweight final image
-FROM caddy:latest
-
-# Copy built Caddy binary from the builder stage
-COPY --from=builder /go/bin/caddy /usr/bin/caddy
-

Docker/Caddy/DockerFile

@@ -1,28 +0,0 @@
-# FROM golang:latest AS builder
-
-# # Install xcaddy
-# RUN go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
-
-# # Build Caddy with necessary plugins
-# RUN xcaddy build \
-#     --with github.com/lucaslorentz/caddy-docker-proxy/v2 \
-#     --with github.com/crowdsecurity/caddy-bouncer
-
-# # Create a lightweight final image
-# FROM caddy:latest
-
-# # Copy built Caddy binary from the builder stage
-# COPY --from=builder /go/bin/caddy /usr/bin/caddy
-
-
-FROM lucaslorentz/caddy-docker-proxy:ci-alpine AS base
-
-FROM caddy:builder AS builder
-RUN xcaddy build \
-    --with github.com/hslatman/caddy-crowdsec-bouncer \
-    --with github.com/mholt/caddy-events-exec 
- #   --with github.com/lucaslorentz/caddy-docker-proxy/v2 
-
-FROM base
-COPY --from=builder /usr/bin/caddy /usr/bin/caddy
-

Docker/Dockerfile

@@ -1,10 +0,0 @@
-FROM lucaslorentz/caddy-docker-proxy:ci-alpine AS base
-FROM caddy:builder AS builder
-
-RUN xcaddy build \
-    --with github.com/hslatman/caddy-crowdsec-bouncer \
-    --with github.com/mholt/caddy-events-exec 
-
-FROM base
-COPY --from=builder /usr/bin/caddy /usr/bin/caddy
-

Docker/caddy.yaml

@@ -1,39 +0,0 @@
-configs:
-  caddy-basic-content:
-    file: ./Caddyfile
-    labels:
-      caddy:
-
-services:
-  caddy:
-    #image: lucaslorentz/caddy-docker-proxy:ci-alpine
-    #image: ghcr.io/serfriz/caddy-crowdsec:latest
-    #image: caddy-crowdsec
-    image: git.netgrimoire.com/traveler/caddy-bounce
-    ports:
-      - 80:80
-      - 443:443
-    environment:
-      - CADDY_INGRESS_NETWORKS=netgrimoire
-    networks:
-      - netgrimoire
-      - vpn
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-      - /export/Docker/caddy/Caddyfile:/etc/caddy/Caddyfile
-      - /export/Docker/caddy:/data
-      - /export/Docker/caddy/logs:/var/log/caddy # Mount logs for CrowdSec
-    deploy:
-      placement:
-        constraints:
-          - node.hostname == nas
-    
-    # restart: unless-stopped
-
-networks:
-  netgrimoire:
-    external: true   
-  vpn:
-    external: true 
-
-

Template.yaml

@@ -1,83 +0,0 @@
-
-version: "3.8"
-
-services:
-  {{ service_name }}:
-    image: {{ image }}
-    container_name: {{ container_name | default(service_name) }}
-    restart: unless-stopped
-    environment:
-      - PUID={{ puid | default("1001") }}
-      - PGID={{ pgid | default("998") }}
-      - TZ={{ timezone | default("America/Chicago") }}
-    user: "{{ puid | default("1001") }}:{{ pgid | default("998") }}"
-    volumes:
-      {% for volume in volumes %}
-      - {{ volume }}
-      {% endfor %}
-    networks:
-      - {{ network | default("netgrimoire") }}
-    labels:
-      - "homepage.group={{ homepage_group }}"
-      - "homepage.name={{ homepage_name | default(service_name) }}"
-      - "homepage.icon={{ homepage_icon | default(service_name) }}"
-      - "homepage.href=https://{{ homepage_href }}"
-      - "homepage.description={{ homepage_description }}"
-      - "diun.enable=true"
-      - "diun.watch_repo=true"
-      - "diun.max_tags={{ diun_max_tags | default(5) }}"
-      - "caddy = {{ caddy_address }}"
-      - "caddy.reverse_proxy={{ caddy_reverse_proxy | default('{{upstreams 80}}') }}"
-      - "caddy.import={{ caddy_import | default('authentik') }}"
-        - kuma.jellyseer.http.name="JellySeer"
-        - kuma.jellyseer.http.url=http://jellyseer:5055
-
-
-
-networks:
-  {{ network | default("netgrimoire") }}:
-    external: true
-
-
-
-
-
-
- user: "1001:998"
-  networks:
-      - netgrimoire
-
-    deploy:
-      restart_policy:
-        condition: any
-        delay: 10s
-        max_attempts: 5
-        window: 60s
-      labels:
-        homepage.group: "Application"
-        homepage.name: "Vikunja"
-        homepage.icon: "vikunja.png"
-        homepage.href: "https://task.netgrimoire.com"
-        homepage.description: "Task Manager"
-        kuma.vik.http.name: "Vikunja"
-        kuma.vik.http.url: "http://vikunja:3456"
-        caddy: "task.netgrimoire.com"
-        caddy.import: "authentik"
-        caddy.reverse_proxy: "{{upstreams 3456}}"
-      placement:
-        constraints:
-          - node.hostname == docker4
-
-
-networks:
-  netgrimoire:
-    external: true
-
-      - TZ=America/Chicago
-    volumes:
-      - /data/nfs/Baxter/Docker/firefox:/config:rw
-
-docker network create --driver overlay --attachable --internal komodo
-
-
-          

compose/docker3/librenms/.env

@@ -0,0 +1,8 @@
+TZ=America/Chicago
+PUID=1001
+PGID=998
+
+MYSQL_DATABASE=librenms
+MYSQL_USER=librenms
+MYSQL_PASSWORD=libenms
+

compose/docker3/librenms/compose.yml

@@ -0,0 +1,188 @@
+name: librenms
+
+services:
+  libre_db:
+    image: mariadb:10
+    container_name: librenms_db
+    command:
+      - "mysqld"
+      - "--innodb-file-per-table=1"
+      - "--lower-case-table-names=0"
+      - "--character-set-server=utf8mb4"
+      - "--collation-server=utf8mb4_unicode_ci"
+    networks:
+      - netgrimoire
+    volumes:
+      #- "./db:/var/lib/mysql"
+      - libre_dbase:/var/lib/mysql
+    environment:
+      - "TZ=${TZ}"
+      - "MARIADB_RANDOM_ROOT_PASSWORD=yes"
+      - "MYSQL_DATABASE=${MYSQL_DATABASE}"
+      - "MYSQL_USER=${MYSQL_USER}"
+      - "MYSQL_PASSWORD=${MYSQL_PASSWORD}"
+    restart: always
+
+  libre_redis:
+    image: redis:7.2-alpine
+    container_name: librenms_redis
+    environment:
+      - "TZ=${TZ}"
+    networks:
+      - netgrimoire
+    restart: always
+
+  libre_msmtpd:
+    image: crazymax/msmtpd:latest
+    container_name: librenms_msmtpd
+    env_file:
+      - "./msmtpd.env"
+    networks:
+      - netgrimoire
+    restart: always
+
+  librenms:
+    image: librenms/librenms:latest
+    container_name: librenms
+    hostname: librenms
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    ports:
+      - "8000:8000/tcp"
+    depends_on:
+      - libre_db
+      - libre_redis
+      - libre_msmtpd
+    volumes:
+     # - "./librenms:/data"
+      - librenms:/data
+    networks:
+      - netgrimoire
+    env_file:
+      - "./librenms.env"
+    environment:
+      - "TZ=${TZ}"
+      - "PUID=${PUID}"
+      - "PGID=${PGID}"
+      - "DB_HOST=libre_db"
+      - "DB_NAME=${MYSQL_DATABASE}"
+      - "DB_USER=${MYSQL_USER}"
+      - "DB_PASSWORD=${MYSQL_PASSWORD}"
+      - "DB_TIMEOUT=60"
+    restart: always
+
+  dispatcher:
+    image: librenms/librenms:latest
+    container_name: librenms_dispatcher
+    hostname: librenms-dispatcher
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    depends_on:
+      - librenms
+      - libre_redis
+    volumes:
+    #  - "./librenms:/data"
+      - librenms:/data
+    networks:
+      - netgrimoire
+    env_file:
+      - "./librenms.env"
+    environment:
+      - "TZ=${TZ}"
+      - "PUID=${PUID}"
+      - "PGID=${PGID}"
+      - "DB_HOST=libre_db"
+      - "DB_NAME=${MYSQL_DATABASE}"
+      - "DB_USER=${MYSQL_USER}"
+      - "DB_PASSWORD=${MYSQL_PASSWORD}"
+      - "DB_TIMEOUT=60"
+      - "DISPATCHER_NODE_ID=dispatcher1"
+      - "SIDECAR_DISPATCHER=1"
+    restart: always
+
+  syslogng:
+    image: librenms/librenms:latest
+    container_name: librenms_syslogng
+    hostname: librenms-syslogng
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    depends_on:
+      - librenms
+      - libre_redis
+    ports:
+      - "514:514/tcp"
+      - "514:514/udp"
+    volumes:
+    #  - "./librenms:/data"
+      - librenms:/data
+    networks:
+      - netgrimoire
+    env_file:
+      - "./librenms.env"
+    environment:
+      - "TZ=${TZ}"
+      - "PUID=${PUID}"
+      - "PGID=${PGID}"
+      - "DB_HOST=libre_db"
+      - "DB_NAME=${MYSQL_DATABASE}"
+      - "DB_USER=${MYSQL_USER}"
+      - "DB_PASSWORD=${MYSQL_PASSWORD}"
+      - "DB_TIMEOUT=60"
+      - "SIDECAR_SYSLOGNG=1"
+    restart: always
+
+  snmptrapd:
+    image: librenms/librenms:latest
+    container_name: librenms_snmptrapd
+    hostname: librenms-snmptrapd
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    depends_on:
+      - librenms
+      - libre_redis
+    ports:
+      - "162:162/tcp"
+      - "162:162/udp"
+    volumes:
+    #  - "./librenms:/data"
+      - librenms:/data
+    networks:
+      - netgrimoire
+    env_file:
+      - "./librenms.env"
+    environment:
+      - "TZ=${TZ}"
+      - "PUID=${PUID}"
+      - "PGID=${PGID}"
+      - "DB_HOST=libre_db"
+      - "DB_NAME=${MYSQL_DATABASE}"
+      - "DB_USER=${MYSQL_USER}"
+      - "DB_PASSWORD=${MYSQL_PASSWORD}"
+      - "DB_TIMEOUT=60"
+      - "SIDECAR_SNMPTRAPD=1"
+    restart: always
+
+volumes:
+
+  libre_dbase:
+    driver: local
+    driver_opts:
+      type: none
+      o: bind
+      device: /DockerVol/librenms/libre_db
+
+  librenms:
+    driver: local
+    driver_opts:
+      type: none
+      o: bind
+      device: /DockerVol/librenms/data
+
+networks:
+  netgrimoire:
+    external: true   
+  

compose/docker3/librenms/librenms.env

@@ -0,0 +1,16 @@
+MEMORY_LIMIT=256M
+MAX_INPUT_VARS=1000
+UPLOAD_MAX_SIZE=16M
+OPCACHE_MEM_SIZE=128
+REAL_IP_FROM=0.0.0.0/32
+REAL_IP_HEADER=X-Forwarded-For
+LOG_IP_VAR=remote_addr
+
+CACHE_DRIVER=redis
+SESSION_DRIVER=redis
+REDIS_HOST=redis
+
+LIBRENMS_SNMP_COMMUNITY=librenmsdocker
+
+LIBRENMS_WEATHERMAP=false
+LIBRENMS_WEATHERMAP_SCHEDULE=*/5 * * * *

compose/docker3/librenms/monitor.yaml

@@ -0,0 +1,24 @@
+services:  
+
+
+
+  glances:
+    image: nicolargo/glances
+    container_name: glances
+    hostname: glances
+    restart: always
+    network_mode: host
+    privileged: true
+    pid: host
+    volumes:
+      - /DockerVol/glances/config:/glances/conf
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      - TZ=America/Chicago
+      - "GLANCES_OPT=-w"
+    ports:
+      - 61208-61209:61208-61209
+
+networks:
+  netgrimoire:
+    external: true   

compose/docker3/librenms/msmtpd.env

@@ -0,0 +1,10 @@
+# https://github.com/crazy-max/docker-msmtpd
+SMTP_HOST=mail.netgrimoire.com
+SMTP_PORT=587
+SMTP_TLS=on
+SMTP_STARTTLS=on
+SMTP_TLS_CHECKCERT=on
+SMTP_AUTH=on
+SMTP_USER=traveler@netgrimoire.com
+SMTP_PASSWORD=F@lcon13
+SMTP_FROM=network@netgrimoire.com

compose/docker4/graylog.yaml

@@ -0,0 +1,153 @@
+#only works with compose
+
+
+
+services: 
+  # MongoDB: https://hub.docker.com/_/mongo/
+  mongodb:
+    container_name: graylog-mongo
+    image: mongo:5.0
+    volumes:
+      #- /DockerVol/Graylog/Mongo/data/db:/data/db
+      - mongodb_data:/data/db
+    networks:
+      - netgrimoire
+    environment:
+      - PGID=998
+      - PUID=1001  
+      - UMASK=002
+    # deploy:
+    #   placement:
+    #     constraints:
+    #       - node.hostname == docker2
+      
+  datanode:
+    container_name: graylog-datanode
+    image: "${DATANODE_IMAGE:-graylog/graylog-datanode:6.0}"
+    hostname: "datanode"
+    environment:
+      GRAYLOG_DATANODE_NODE_ID_FILE: "/var/lib/graylog-datanode/node-id"
+      GRAYLOG_DATANODE_PASSWORD_SECRET: "TZ3XajhzIBugTl61oNNgrWL0OHTn4qYcNAuzTTHWRKYxxWf61oAEpHOpesLoP7ssgqBTuainTBX6YIVAcYs2de2jhPHQBYD5"
+      GRAYLOG_DATANODE_ROOT_PASSWORD_SHA2: "1b12de7f4069972e784d42dbe826c0769f1287412cd35479de127fcf816699dc"
+      GRAYLOG_DATANODE_MONGODB_URI: "mongodb://mongodb:27017/graylog"
+      PGID: 998
+      PUID: 1001 
+      UMASK: 002
+    ulimits:
+      memlock:
+        hard: -1
+        soft: -1
+      nofile:
+        soft: 65536
+        hard: 65536
+    ports:
+      - "8999:8999/tcp"   # DataNode API
+      - "9200:9200/tcp"
+      - "9300:9300/tcp"
+    volumes:
+      #- /DockerVol/Graylog/datanode:/var/lib/graylog-datanode 
+      - graylog-datanode:/var/lib/graylog-datanode
+    networks:
+      - netgrimoire  
+    # deploy:
+    #   placement:
+    #     constraints:
+    #       - node.hostname == docker2
+
+  graylog:
+    container_name: graylog
+    hostname: "server"
+    image: "${GRAYLOG_IMAGE:-graylog/graylog:6.0}"
+    depends_on:
+      - mongodb
+      #    -condition: "service_started"
+    entrypoint: "/usr/bin/tini --  /docker-entrypoint.sh"
+    environment:
+      GRAYLOG_NODE_ID_FILE: "/usr/share/graylog/data/data/node-id"
+      GRAYLOG_PASSWORD_SECRET: "TZ3XajhzIBugTl61oNNgrWL0OHTn4qYcNAuzTTHWRKYxxWf61oAEpHOpesLoP7ssgqBTuainTBX6YIVAcYs2de2jhPHQBYD5"
+      GRAYLOG_ROOT_PASSWORD_SHA2: "1b12de7f4069972e784d42dbe826c0769f1287412cd35479de127fcf816699dc"
+      GRAYLOG_HTTP_BIND_ADDRESS: "0.0.0.0:9000"
+      GRAYLOG_HTTP_EXTERNAL_URI: "http://log.netgrimoire.com/"
+      GRAYLOG_MONGODB_URI: "mongodb://mongodb:27017/graylog"
+      GRAYLOG_ELASTICSEARCH_SSL_VERIFY: false
+      GRAYLOG_DATANODE_TRANSPORT_URI: "http://datanode:9200"
+
+      PGID: 998
+      PUID: 1001
+      UMASK: 002 
+    ports:
+      - "5044:5044/tcp"   # Beats
+      - "5140:5140/udp"   # Syslog
+      - "5140:5140/tcp"   # Syslog
+      - "5555:5555/tcp"   # RAW TCP
+      - "5555:5555/udp"   # RAW UDP
+      - "9000:9000/tcp"   # Server API
+      - "12201:12201/tcp" # GELF TCP
+      - "12201:12201/udp" # GELF UDP
+      - "10000:10000/tcp" # Custom TCP port
+      - "10000:10000/udp" # Custom UDP port
+      - "13301:13301/tcp" # Forwarder data
+      - "13302:13302/tcp" # Forwarder config
+    volumes:
+      #- "/DockerVol/Graylog/graylog_data:/usr/share/graylog/data/data"
+      #- "/DockerVol/Graylog/graylog_journal:/usr/share/graylog/data/journal"
+      - graylog_data:/usr/share/graylog/data/data
+      - graylog_journal:/usr/share/graylog/data/journal
+    networks:
+      - netgrimoire
+    # deploy:
+    #   labels:
+    #     - homepage.group=Monitoring
+    #     - homepage.name=Graylog
+    #     - homepage.icon=graylog.png
+    #     - homepage.href=https://log.netgrimoire.com
+    #     - homepage.description=Logging Server
+    #     - caddy=log.netgrimoire.com
+    #     - caddy.reverse_proxy="{{upstreams 9000}}"
+    #   placement:
+    #     constraints:
+    #       - node.hostname == docker2
+
+
+volumes:
+  mongodb_data:
+    driver: local
+    driver_opts:
+      type: none
+      o: bind
+      device: /DockerVol/Graylog/Mongo/data/db
+
+  graylog-datanode:
+    driver: local
+    driver_opts:
+      type: none
+      o: bind
+      device: /DockerVol/Graylog/datanode
+
+  graylog_data:
+    driver: local
+    driver_opts:
+      type: none
+      o: bind
+      device: /DockerVol/Graylog/graylog_data
+
+  graylog_journal:
+    driver: local
+    driver_opts:
+      type: none
+      o: bind
+      device: /DockerVol/Graylog/graylog_journal
+
+
+networks:
+  netgrimoire:
+    external: true    
+
+
+
+
+
+
+ 
+
+

compose/docker5/JellyFin.yaml

@@ -0,0 +1,42 @@
+version: "3.8"
+
+services:
+  jellyfin:
+    image: lscr.io/linuxserver/jellyfin
+    container_name: jellyfin
+    environment:
+      - PUID=1001
+      - PGID=998
+      - TZ=America/Chicago
+    #  - JELLYFIN_PublishedServerUrl=http://jellyfin.local:8096  # Optional, helps clients find the server
+    volumes:
+      - /DockerVol/Jellyfin/config:/config
+      - /data/nfs/Baxter/Data/media:/data:shared
+    ports:
+      - "8096:8096"
+      - "8920:8920"
+      # - "7359:7359/udp"
+      # - "1900:1900/udp"
+    devices:
+      - /dev/dri:/dev/dri  # Intel iGPU for VAAPI
+    restart: unless-stopped
+    networks:
+      - netgrimoire
+    labels:
+      # Homepage Dashboard
+      homepage.group: "Media"
+      homepage.name: "Jellyfin"
+      homepage.icon: "jellyfin.jpg"
+      homepage.href: "http://jellyfin.netgrimoire.com:8096"
+      homepage.description: "Media server with VAAPI transcoding"
+
+
+
+      # Diun (Docker Image Update Notifier)
+      diun.enable: "true"
+      diun.watch_repo: "true"
+      diun.notify: "ntfy"  # change to your preferred notifier if needed
+
+networks:
+  netgrimoire:
+    external: true

compose/docker5/JellyFinx.yaml

@@ -0,0 +1,45 @@
+version: "3.8"
+
+services:
+  jellyfinx:
+    image: lscr.io/linuxserver/jellyfin
+    container_name: jellyfinx
+    environment:
+      - PUID=1001
+      - PGID=998
+      - TZ=America/Chicago
+ #     - JELLYFIN_PublishedServerUrl=http://jellyfin.local:7096
+    volumes:
+      - /DockerVol/Jellyfinx/config:/config
+      - /data/nfs/Baxter/Data/media:/data:shared
+      - /data/nfs/Baxter/Green/media/movies:/green:shared
+      - /data/nfs/Baxter/Green/media/After_Dark:/AfterDark:shared
+    ports:
+      - "7096:8096"
+      - "7920:8920"
+    devices:
+      - /dev/dri:/dev/dri  # Intel iGPU for VAAPI
+    restart: unless-stopped
+    networks:
+      - netgrimoire
+    labels:
+      # Homepage Dashboard
+      homepage.group: "Media"
+      homepage.name: "Jellyfinx"
+      homepage.icon: "jellyfin"
+      homepage.href: http://jellyfinx.netgrimoire.com:7096
+      homepage.description: "Media server with VAAPI transcoding"
+      homepage.weight: "1"
+
+
+
+      # Diun (Docker Image Update Notifier)
+      diun.enable: "true"
+      diun.watch_repo: "true"
+      diun.notify: "ntfy"  # or your notifier key/topic (e.g., smtp, gotify, etc.)
+
+networks:
+  netgrimoire:
+    external: true
+
+

compose/nas/.env

@@ -0,0 +1,23 @@
+# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables
+
+# The location where your uploaded files are stored
+UPLOAD_LOCATION=/srv/a18f546e-e9bf-4a8d-8b9d-02e7ec32b632/immich/library
+# The location where your database files are stored
+DB_DATA_LOCATION=/srv/a18f546e-e9bf-4a8d-8b9d-02e7ec32b632/immich/postgres
+
+
+
+# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
+TZ=America/Chicago
+
+# The Immich version to use. You can pin this to a specific version like "v1.71.0"
+IMMICH_VERSION=v2
+
+# Connection secret for postgres. You should change it to a random password
+# Please use only the characters `A-Za-z0-9`, without special characters or spaces
+DB_PASSWORD=postgres
+
+# The values below this line do not need to be changed
+###################################################################################
+DB_USERNAME=postgres
+DB_DATABASE_NAME=immich

compose/nas/calibre.yaml

@@ -0,0 +1,40 @@
+services:
+  Calibre:
+    image: lscr.io/linuxserver/calibre:latest
+    container_name: calibre
+    hostname: calibre
+    environment:
+      - TZ=America/Chicago
+      - PGID=998
+      - PUID=1001 
+    networks:
+      - netgrimoire
+    volumes:
+      - /DockerVol/Calibre/Config:/config
+      - /DockerVol/Calibre/Plugins:/plugins
+      - /data/nfs/Baxter/Data/media:/data:shared
+    ports:
+      - 7070:8080 
+      - 7081:8081
+    restart: unless-stopped
+    security_opt:
+      - seccomp=unconfined
+   # deploy:
+    labels:
+      # - homepage.group=Library
+      # - homepage.name=Calibre
+      # - homepage.icon=calibre.png
+      # - homepage.href=http://calibre.netgrimoire.com
+      # - homepage.description=Calibre Library
+      # - kuma.calibre.http.name="Calibre"
+      # - kuma.calibre.http.url=http://calibre:8080
+      - caddy=calibre.netgrimoire.com
+      - caddy.import=authentik
+      - caddy.reverse_proxy="{{upstreams 8080}}"
+      # placement:
+      #   constraints:
+      #     - node.hostname == nas
+
+networks:
+  netgrimoire:
+    external: true 

compose/nas/cloud.yaml

@@ -0,0 +1,52 @@
+services:
+  nextcloud-aio-mastercontainer:
+    image: nextcloud/all-in-one:latest
+    init: true
+    restart: always
+    container_name: nextcloud-aio-mastercontainer # This line is not allowed to be changed as otherwise AIO will not work correctly
+    volumes:
+      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config # This line is not allowed to be changed as otherwise the built-in backup solution will not work
+      - /var/run/docker.sock:/var/run/docker.sock:ro # May be changed on macOS, Windows or docker rootless. See the applicable documentation. If adjusting, don't forget to also set 'WATCHTOWER_DOCKER_SOCKET_PATH'!
+      - /srv/ssd1/NextCloud-AIO:/var/www/html/data
+    networks:
+      - netgrimoire # add to the same network as docker run would do
+    ports:
+    #  - 80:80 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
+      - 8080:8080
+    #  - 8443:8443 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
+    environment: # Is needed when using any of the options below
+      # AIO_DISABLE_BACKUP_SECTION: false # Setting this to true allows to hide the backup section in the AIO interface. See https://github.com/nextcloud/all-in-one#how-to-disable-the-backup-section
+      # AIO_COMMUNITY_CONTAINERS: # With this variable, you can add community containers very easily. See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers
+      APACHE_PORT: 11000 # Is needed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
+      APACHE_IP_BINDING: 0.0.0.0 # Should be set when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) that is running on the same host. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
+      APACHE_ADDITIONAL_NETWORK: netgrimoire # (Optional) Connect the apache container to an additional docker network. Needed when behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) running in a different docker network on same server. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
+      # BORG_RETENTION_POLICY: --keep-within=7d --keep-weekly=4 --keep-monthly=6 # Allows to adjust borgs retention policy. See https://github.com/nextcloud/all-in-one#how-to-adjust-borgs-retention-policy
+      # COLLABORA_SECCOMP_DISABLED: false # Setting this to true allows to disable Collabora's Seccomp feature. See https://github.com/nextcloud/all-in-one#how-to-disable-collaboras-seccomp-feature
+      NEXTCLOUD_DATADIR: /srv/ssd1/NextCloud-AIO # Allows to set the host directory for Nextcloud's datadir. ⚠️⚠️⚠️ Warning: do not set or adjust this value after the initial Nextcloud installation is done! See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir
+      # NEXTCLOUD_MOUNT: /mnt/ # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host
+      # NEXTCLOUD_UPLOAD_LIMIT: 16G # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-upload-limit-for-nextcloud
+      # NEXTCLOUD_MAX_TIME: 3600 # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-max-execution-time-for-nextcloud
+      # NEXTCLOUD_MEMORY_LIMIT: 512M # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-php-memory-limit-for-nextcloud
+      # NEXTCLOUD_TRUSTED_CACERTS_DIR: /path/to/my/cacerts # CA certificates in this directory will be trusted by the OS of the nextcloud container (Useful e.g. for LDAPS) See https://github.com/nextcloud/all-in-one#how-to-trust-user-defined-certification-authorities-ca
+      # NEXTCLOUD_STARTUP_APPS: deck twofactor_totp tasks calendar contacts notes # Allows to modify the Nextcloud apps that are installed on starting AIO the first time. See https://github.com/nextcloud/all-in-one#how-to-change-the-nextcloud-apps-that-are-installed-on-the-first-startup
+      # NEXTCLOUD_ADDITIONAL_APKS: imagemagick # This allows to add additional packages to the Nextcloud container permanently. Default is imagemagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-os-packages-permanently-to-the-nextcloud-container
+      # NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS: imagick # This allows to add additional php extensions to the Nextcloud container permanently. Default is imagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-php-extensions-permanently-to-the-nextcloud-container
+      # NEXTCLOUD_ENABLE_DRI_DEVICE: true # This allows to enable the /dev/dri device for containers that profit from it. ⚠️⚠️⚠️ Warning: this only works if the '/dev/dri' device is present on the host! If it should not exist on your host, don't set this to true as otherwise the Nextcloud container will fail to start! See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud
+      # NEXTCLOUD_ENABLE_NVIDIA_GPU: true # This allows to enable the NVIDIA runtime and GPU access for containers that profit from it. ⚠️⚠️⚠️ Warning: this only works if an NVIDIA gpu is installed on the server. See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud.
+      # NEXTCLOUD_KEEP_DISABLED_APPS: false # Setting this to true will keep Nextcloud apps that are disabled in the AIO interface and not uninstall them if they should be installed. See https://github.com/nextcloud/all-in-one#how-to-keep-disabled-apps
+      SKIP_DOMAIN_VALIDATION: true # This should only be set to true if things are correctly configured. See https://github.com/nextcloud/all-in-one?tab=readme-ov-file#how-to-skip-the-domain-validation
+      # TALK_PORT: 3478 # This allows to adjust the port that the talk container is using which is exposed on the host. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-talk-port
+      # WATCHTOWER_DOCKER_SOCKET_PATH: /var/run/docker.sock # Needs to be specified if the docker socket on the host is not located in the default '/var/run/docker.sock'. Otherwise mastercontainer updates will fail. For macos it needs to be '/var/run/docker.sock'
+    # security_opt: ["label:disable"] # Is needed when using SELinux
+ 
+
+volumes: # If you want to store the data on a different drive, see https://github.com/nextcloud/all-in-one#how-to-store-the-filesinstallation-on-a-separate-drive
+  nextcloud_aio_mastercontainer:
+    name: nextcloud_aio_mastercontainer # This line is not allowed to be changed as otherwise the built-in backup solution will not work
+
+
+networks:
+  netgrimoire:
+    external: true   
+
+  

compose/nas/immich.yaml

@@ -0,0 +1,91 @@
+#
+# WARNING: Make sure to use the docker-compose.yml of the current release:
+#
+# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
+#
+# The compose file on main may not be compatible with the latest release.
+#
+name: immich
+
+services:
+  immich-server:
+    container_name: immich_server
+    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
+    # extends:
+    #   file: hwaccel.transcoding.yml
+    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
+    volumes:
+      # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
+      - ${UPLOAD_LOCATION}:/usr/src/app/upload
+      - /etc/localtime:/etc/localtime:ro
+      - /srv/a18f546e-e9bf-4a8d-8b9d-02e7ec32b632:/mergerfs
+      - /srv/ssd1:/nextcloud
+
+
+    env_file:
+      - .env
+    ports:
+      - '2283:2283'
+    networks:
+      - netgrimoire
+      - immich
+    depends_on:
+      - redis
+      - database
+    #restart: always
+    healthcheck:
+      disable: false
+
+  immich-machine-learning:
+    container_name: immich_machine_learning
+    # For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag.
+    # Example tag: ${IMMICH_VERSION:-release}-cuda
+    image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
+    # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
+    #   file: hwaccel.ml.yml
+    #   service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
+    volumes:
+      - model-cache:/cache
+    env_file:
+      - .env
+    restart: always
+    networks:
+      - immich
+    healthcheck:
+      disable: false
+
+  redis:
+    container_name: immich_redis
+    image: docker.io/valkey/valkey:8@sha256:81db6d39e1bba3b3ff32bd3a1b19a6d69690f94a3954ec131277b9a26b95b3aa
+    networks:
+      - immich    
+    healthcheck:
+      test: redis-cli ping || exit 1
+    restart: always
+
+  database:
+    container_name: immich_postgres
+    #image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
+    image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:bcf63357191b76a916ae5eb93464d65c07511da41e3bf7a8416db519b40b1c23
+
+    environment:
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
+      POSTGRES_USER: ${DB_USERNAME}
+      POSTGRES_DB: ${DB_DATABASE_NAME}
+      POSTGRES_INITDB_ARGS: '--data-checksums'
+    volumes:
+      # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
+      - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
+    networks:
+      - immich
+    
+    restart: always
+
+volumes:
+  model-cache:
+
+networks:
+  netgrimoire:
+    external: true  
+  immich:
+    external: true 

compose/nas/monitor.yaml

@@ -0,0 +1,49 @@
+services:  
+  scrutiny:  
+      image: ghcr.io/analogj/scrutiny:master-omnibus
+      container_name: scrutiny
+      hostname: scrutiny
+      networks:
+        - netgrimoire
+      ports:
+        - 8081:8080   
+        - 8086:8086
+      cap_add:    
+        - SYS_RAWIO
+      devices:
+        - "/dev/sda"
+        - "/dev/sdb"
+        - "/dev/sdc"
+        - "/dev/sdd"
+        - "/dev/sde"
+        - "/dev/sdf"
+        - "/dev/sdg"
+        # - "/dev/sdh"
+        # - "/dev/sdi"
+        # - "/dev/sdj"
+      volumes:
+        - /run/udev:/run/udev:ro
+        - /DockerVol/scrutiny/config:/opt/scrutiny/config
+        - /DockerVol/scrutiny/influxdb:/opt/scrutiny/influxdb
+
+
+  glances:
+    image: nicolargo/glances
+    container_name: glances
+    hostname: glances
+    restart: always
+    network_mode: host
+    privileged: true
+    pid: host
+    volumes:
+      - /DockerVol/glances/config:/glances/conf
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      - TZ=America/Chicago
+      - "GLANCES_OPT=-w"
+    ports:
+      - 61208-61209:61208-61209
+
+networks:
+  netgrimoire:
+    external: true   

compose/nas/namer.yaml

@@ -0,0 +1,24 @@
+services:
+
+  namer:
+    container_name: namer
+    image: ghcr.io/theporndatabase/namer:latest
+    networks:
+      - netgrimoire
+    environment:
+      - PUID=1001
+      - PGID=998
+      - TZ=America/Chicago
+      - NAMER_CONFIG=/config/namer.cfg
+    volumes:
+      - /DockerVol/namer/:/config 
+      - /data/nfs/Baxter/Green/:/data 
+    ports:
+      - 6980:6980
+    restart: always
+ 
+
+
+networks:
+  netgrimoire:
+    external: true 

compose/nas/stash.yaml

@@ -0,0 +1,39 @@
+services:
+  stash:
+    image: stashapp/stash:latest
+    container_name: stash
+    networks:
+      - netgrimoire
+    restart: unless-stopped
+    ## the container's port must be the same with the STASH_PORT in the environment section
+    ports:
+      - 9999:9999
+    ## If you intend to use stash's DLNA functionality uncomment the below network mode and c
+    # network_mode: host
+    environment:
+      - STASH_STASH=/data/
+      - STASH_GENERATED=/generated/
+      - STASH_METADATA=/metadata/
+      - STASH_CACHE=/cache/
+      - STASH_GRAPHQL_PLAYGROUND=true
+      ## Adjust below to change default port (9999)
+      - STASH_PORT=9999
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      ## Adjust below paths (the left part) to your liking.
+      ## E.g. you can change ./config:/root/.stash to ./stash:/root/.stash
+      
+      ## Keep configs, scrapers, and plugins here.
+      - /DockerVol/Stash/config:/root/.stash
+      ## Point this at your collection.
+      - /data/nfs/Baxter/Green:/data
+      ## This is where your stash's metadata lives
+      - /DockerVol/Stash/metadata:/metadata
+      ## Any other cache content.
+      - ./DockerVol/Stash/cache:/cache
+      ## Where to store generated content (screenshots,previews,transcodes,sprites)
+      - /DockerVol/Stash/generated:/generated  
+
+networks:
+  netgrimoire:
+    external: true   

compose/nas/windows7.yaml

@@ -0,0 +1,27 @@
+services:
+  windows:
+    image: dockurr/windows
+    container_name: win7
+    devices:
+      - /dev/kvm:/dev/kvm
+    cap_add:
+      - NET_ADMIN
+    ports:
+      - 8006:8006
+      - 3389:3389/tcp
+      - 3389:3389/udp
+    stop_grace_period: 2m
+    # restart: on-failure
+    environment:
+      VERSION: "7u"
+      RAM_SIZE: "4G"
+      CPU_CORES: "4"
+      DISK_SIZE: "64G"
+      DISK2_SIZE: "256G"
+      USERNAME: "traveler"
+      PASSWORD: "H@rvey"
+      # QEMU_OPTS: "-drive file=/disk/data.vhd,format=vpc,if=virtio"
+      # EXTRA_DISKS: /disk/data.vhd
+    volumes:
+      - /srv/6e859070-caa4-472f-bb3c-53fb44e1bcc9/DockerVol/windows7/:/storage
+      - /srv/6e859070-caa4-472f-bb3c-53fb44e1bcc9/DockerVol/windows7/storage/:/storage2

library copy.yaml

@@ -1,44 +0,0 @@
-  
-services:  
-  Calibre-Netgrimoire:
-    image: lscr.io/linuxserver/calibre-web:latest
-    container_name: Calibre-Netgrimoire
-    hostname: calibre-netgrimoire
-    networks:
-      - netgrimoire
-    environment:
-      - TZ=America/Chicago
-      - PGID=998
-      - PUID=1001 
-    volumes:
-      - /data/nfs/Baxter/Docker/Calibre-netgrimoire/Config:/config
-      - /data/nfs/Baxter/Data:/data:shared
-    ports:
-      - 8083:8083
-    restart: unless-stopped
-    deploy:
-      labels:
-        - homepage.group=Library
-        - homepage.name=Netgrimoire Library
-        - homepage.icon=calibre-web.png
-        - homepage.href=http://books.netgrimoire.com
-        - homepage.description=Curated Library
-        - homepage.widget.type=calibreweb
-        - homepage.widget.url=http://Calibre-netgrimoire:8083
-        - homepage.widget.username=traveler
-        - homepage.widget.password=F@lcon13
-        - kuma.calibre1.http.name="Calibre-Netgrimoire"
-        - kuma.auth.http.url=http://calibre-netgrimoire:8083
-        - caddy=books.netgrimoire.com
-        - caddy.import=authentik
-        - caddy.reverse_proxy="{{upstreams 8083}}"
-      placement:
-        constraints:
-          - node.labels.general == true
-
-
-
-        
-networks:
-  netgrimoire:
-    external: true   

swarm/kopia.yaml

@@ -34,7 +34,8 @@ services:
     deploy:
       placement:
         constraints:
-          - node.hostname == nas
+          - node.hostname == znas
+          - node.labels.cps == amd
       labels:
         diun.enable: "true"
         homepage.group: "Backup"