dsf
This commit is contained in:
traveler
parent
b8c5e1c66a
commit
5c636adfdc
3 changed files with 113 additions and 1 deletions
32
compose/znas/homelable/.env
Normal file
32
compose/znas/homelable/.env
Normal file
|
|
@ -0,0 +1,32 @@
|
||||||
|
# ============================================================
|
||||||
|
# Homelable — Environment Configuration
|
||||||
|
# ============================================================
|
||||||
|
# Deploy: docker stack deploy --env-file homelable.env -c homelable-stack.yml homelable
|
||||||
|
# ============================================================
|
||||||
|
|
||||||
|
# Generate with: python3 -c "import secrets; print(secrets.token_hex(32))"
|
||||||
|
SECRET_KEY=c11b1b069248886b07fc58f94952e130630853369b58ed36c32589d708e285a7
|
||||||
|
|
||||||
|
# --- Web UI credentials ---
|
||||||
|
AUTH_USERNAME=admin
|
||||||
|
# Generate hash:
|
||||||
|
# docker run --rm ghcr.io/pouzor/homelable-backend:latest \
|
||||||
|
# python -c "from passlib.context import CryptContext; print(CryptContext(schemes=['bcrypt']).hash('yourpassword'))"
|
||||||
|
# Keep single quotes — bcrypt hashes contain $ characters
|
||||||
|
AUTH_PASSWORD_HASH='$2b$12$REPLACE_WITH_REAL_BCRYPT_HASH'
|
||||||
|
|
||||||
|
# --- Network scanner ---
|
||||||
|
# Adjust CIDR ranges to match your subnet layout
|
||||||
|
SCANNER_RANGES=["192.168.3.0/24","192.168.4.0/24","192.168.5.0/24"]
|
||||||
|
|
||||||
|
# How often to poll node health (seconds)
|
||||||
|
STATUS_CHECKER_INTERVAL=60
|
||||||
|
|
||||||
|
# --- MCP server keys ---
|
||||||
|
# Authenticates external MCP clients (Open WebUI / Gremlin, Claude Code, n8n)
|
||||||
|
# Generate: python3 -c "import secrets; print('mcp_sk_' + secrets.token_hex(32))"
|
||||||
|
MCP_API_KEY=mcp_sk_CHANGEME
|
||||||
|
|
||||||
|
# Authenticates MCP server -> backend internally (never leave this network)
|
||||||
|
# Generate: python3 -c "import secrets; print('svc_' + secrets.token_hex(32))"
|
||||||
|
MCP_SERVICE_KEY=svc_d60114070a6f3c4cfe5cd9f676499a857088f5da37d18499c8cf9901264fdab7
|
||||||
80
compose/znas/homelable/docker-compose.yaml
Normal file
80
compose/znas/homelable/docker-compose.yaml
Normal file
|
|
@ -0,0 +1,80 @@
|
||||||
|
networks:
|
||||||
|
netgrimoire:
|
||||||
|
external: true
|
||||||
|
|
||||||
|
services:
|
||||||
|
frontend:
|
||||||
|
image: ghcr.io/pouzor/homelable-frontend:latest
|
||||||
|
networks:
|
||||||
|
- netgrimoire
|
||||||
|
environment:
|
||||||
|
- VITE_API_URL=https://homelable-api.netgrimoire.com
|
||||||
|
deploy:
|
||||||
|
replicas: 1
|
||||||
|
placement:
|
||||||
|
constraints:
|
||||||
|
- node.hostname == znas
|
||||||
|
labels:
|
||||||
|
# --- Caddy reverse proxy ---
|
||||||
|
caddy: homelable.netgrimoire.com
|
||||||
|
caddy.reverse_proxy: "{{upstreams 80}}"
|
||||||
|
# --- Homepage ---
|
||||||
|
homepage.group: Tools
|
||||||
|
homepage.name: Homelable
|
||||||
|
homepage.icon: homelable.png
|
||||||
|
homepage.href: https://homelable.netgrimoire.com
|
||||||
|
homepage.description: Homelab infrastructure visualizer
|
||||||
|
# --- Uptime Kuma ---
|
||||||
|
kuma.homelable.http.url: https://homelable.netgrimoire.com
|
||||||
|
|
||||||
|
backend:
|
||||||
|
image: ghcr.io/pouzor/homelable-backend:latest
|
||||||
|
networks:
|
||||||
|
- netgrimoire
|
||||||
|
volumes:
|
||||||
|
- /DockerVol/homelable/data:/app/data
|
||||||
|
environment:
|
||||||
|
- SECRET_KEY=${SECRET_KEY}
|
||||||
|
- AUTH_USERNAME=${AUTH_USERNAME}
|
||||||
|
- AUTH_PASSWORD_HASH=${AUTH_PASSWORD_HASH}
|
||||||
|
- SCANNER_RANGES=${SCANNER_RANGES:-["192.168.3.0/24","192.168.4.0/24","192.168.5.0/24"]}
|
||||||
|
- STATUS_CHECKER_INTERVAL=${STATUS_CHECKER_INTERVAL:-60}
|
||||||
|
cap_add:
|
||||||
|
- NET_RAW
|
||||||
|
- NET_ADMIN
|
||||||
|
deploy:
|
||||||
|
replicas: 1
|
||||||
|
placement:
|
||||||
|
constraints:
|
||||||
|
- node.hostname == znas
|
||||||
|
labels:
|
||||||
|
# --- Caddy reverse proxy ---
|
||||||
|
caddy: homelable-api.netgrimoire.com
|
||||||
|
caddy.reverse_proxy: "{{upstreams 8000}}"
|
||||||
|
# --- Uptime Kuma ---
|
||||||
|
kuma.homelable-api.http.url: https://homelable-api.netgrimoire.com/health
|
||||||
|
|
||||||
|
mcp:
|
||||||
|
image: ghcr.io/pouzor/homelable-mcp:latest
|
||||||
|
networks:
|
||||||
|
- netgrimoire
|
||||||
|
environment:
|
||||||
|
# Authenticates external MCP clients (Open WebUI, Claude Code, n8n)
|
||||||
|
- MCP_API_KEY=${MCP_API_KEY}
|
||||||
|
# Authenticates MCP server -> backend (internal only, never exposed)
|
||||||
|
- MCP_SERVICE_KEY=${MCP_SERVICE_KEY}
|
||||||
|
- BACKEND_URL=http://backend:8000
|
||||||
|
deploy:
|
||||||
|
replicas: 1
|
||||||
|
placement:
|
||||||
|
constraints:
|
||||||
|
- node.hostname == znas
|
||||||
|
labels:
|
||||||
|
# --- Caddy reverse proxy ---
|
||||||
|
# Exposed for Claude Code on remote machines — remove label if LAN-only preferred
|
||||||
|
caddy: homelable-mcp.netgrimoire.com
|
||||||
|
caddy.reverse_proxy: "{{upstreams 8001}}"
|
||||||
|
# --- Uptime Kuma ---
|
||||||
|
kuma.homelable-mcp.http.url: https://homelable-mcp.netgrimoire.com/health
|
||||||
|
# --- DIUN image update notifications ---
|
||||||
|
diun.enable: "true"
|
||||||
Loading…
Add table
Add a link
Reference in a new issue