Initial Lab Commit: Final Cleanup

.gitignore

@@ -0,0 +1,198 @@
+# ===========================
+# 1. SECRETS (Must Block)
+# ===========================
+.env
+.env.*
+*.key
+*.cert
+*.pem
+*.crt
+
+# ===========================
+# 2. GLOBAL GENERICS
+# ===========================
+**/logs/
+**/log/
+**/cache/
+**/tmp/
+**/temp/
+**/backups/
+**/Backups/
+**/BT_Backup/
+*.DS_Store
+Thumbs.db
+*.fastresume
+*.torrent
+*.jpg
+*.vtt
+lost+found
+
+# ===========================
+# 3. DATABASES (Heavy Data)
+# ===========================
+**/db/
+**/mysql/
+**/postgres/
+**/postgres_data/
+**/prometheus-db/
+**/grafana-db/
+**/alertmanager-db/
+**/stash-db/
+**/wud-db/
+**/pg_subtrans
+**/pg_wal
+**/index-v2/
+*.db-shm
+**/komodo-postgres/
+*.db
+*.db-wal
+
+# ===========================
+# 4. SERVARR STACK (Radarr/Sonarr/Lidarr)
+# ===========================
+# The posters/banners (Huge)
+MediaCover/
+# Error reporting cache
+Sentry/
+# ASP.NET temporary files
+asp/
+# Dupeguru scan results
+scans/
+
+# ===========================
+# 5. MEDIA SERVERS (Plex/Jellyfin)
+# ===========================
+# Plex Metadata (Can be GBs in size)
+**/Library/
+**/transcode/
+# Jellyfin metadata (if local)
+**/metadata/
+
+# ===========================
+# 6. APP SPECIFIC
+# ===========================
+# SMTP Relay Queue
+**/queue/
+# Node-Red dependencies
+**/node_modules/
+# Frigate database/clips
+**/frigate/
+# Home Assistant State Registry (Contains secrets)
+**/.storage/
+# Text-to-speech cache
+**/tts/
+# Stash scrapers (often binary/heavy)
+**/scrapers/
+**/smf/
+
+# ===========================
+# KOMODO DEPLOYMENT MANAGER
+# ===========================
+# Ignore Komodo's internal cache of git repos
+**/komodo/repo-cache/
+**/komodo/core-etc/repos/
+**/komodo/periphery-etc/repos/
+# Ignore build artifacts
+**/komodo/builders/
+
+# ===========================
+# 🚨 CRITICAL EXCLUSIONS 🚨
+# ===========================
+
+# 1. Gitea Data (PREVENTS INFINITE LOOP)
+# This is where Gitea stores the bare repos. Never commit this.
+**/gitea/git/
+**/gitea/gitea/
+**/gitea/ssh/
+
+# 2. Komodo Internals (Huge Cache)
+**/komodo/repo-cache/
+**/komodo/periphery-etc/
+**/komodo/builders/
+
+# 3. Media & Assets (Huge User Data)
+**/stash/data/
+**/MediaCover/
+**/metadata/
+
+# 4. Jellyfin Cache/Metadata (Often inside config)
+**/jellyfin/config/metadata/
+**/jellyfin/config/data/
+**/jellyfin/config/cache/
+
+# ===========================
+# HOME ASSISTANT CLEANUP
+# ===========================
+# System Cache & History
+**/.cache/
+.ash_history
+.bash_history
+.HA_VERSION
+
+# ===========================
+# TECHNITIUM CLEANUP
+# ===========================
+# Downloaded Apps/Plugins (Binaries, Zips, DLLs)
+**/technitium/config/apps/
+# Blocklists
+**/technitium/config/blocklists/
+
+
+# ===========================
+# HOME ASSISTANT CLEANUP
+# ===========================
+# 1. Internal Caches & History
+**/.cache/
+**/.storage/
+**/.HA_VERSION
+**/.ash_history
+**/.bash_history
+**/.cloud/
+**/custom_components/
+
+# 2. Dependencies (The 2000+ files usually live here)
+**/deps/
+**/lib/
+**/site-packages/
+**/__pycache__/
+
+# 3. Media & Backups
+**/tts/
+**/backups/
+**/www/
+**/blueprints/
+
+# 4. Databases & Logs
+*.db
+*.db-shm
+*.db-wal
+*.log
+
+# ===========================
+# DATABASE & BACKUP BLOCKER
+# ===========================
+# Block all SQLite databases (Duplicati, Manyfold, Govee, etc.)
+*.sqlite
+*.sqlite3
+*.sqlite-wal
+*.sqlite-shm
+*.db
+*.db3
+
+# Block Large Binaries & Backups
+*.tar
+*.tar.gz
+*.zip
+*.7z
+*.mmdb
+*.iso
+
+# ===========================
+# APP SPECIFIC
+# ===========================
+# Duplicati: Block the heavy local databases, keep only json configs if needed
+**/duplicati/data/
+**/duplicati/config/*.sqlite
+
+# QBittorrent: Block GeoIP databases
+**/GeoDB/

ansible/docker-compose.yml

@@ -0,0 +1,66 @@
+services:
+  semaphore-postgres:
+    image: postgres:15
+    container_name: semaphore-postgres
+    restart: unless-stopped
+    volumes:
+      - ./postgres:/var/lib/postgresql/data
+    environment:
+      POSTGRES_USER: semaphore
+      POSTGRES_PASSWORD: ${SEMAPHORE_DB_PASSWORD}
+      POSTGRES_DB: semaphore
+    networks:
+      - ansible_internal
+    labels:
+      - "komodo.skip=true"
+
+  semaphore:
+    image: semaphoreui/semaphore:latest
+    container_name: semaphore
+    restart: unless-stopped
+    depends_on:
+      - semaphore-postgres
+    ports:
+      - "3000:3000"
+    environment:
+      # Database Connection
+      SEMAPHORE_DB_DIALECT: postgres
+      SEMAPHORE_DB_HOST: semaphore-postgres
+      SEMAPHORE_DB_USER: semaphore
+      SEMAPHORE_DB_PASS: ${SEMAPHORE_DB_PASSWORD}
+      SEMAPHORE_DB_PORT: 5432
+      SEMAPHORE_DB: semaphore
+
+      # Admin User Setup (Created on first run)
+      SEMAPHORE_ADMIN: admin
+      SEMAPHORE_ADMIN_PASSWORD: ${SEMAPHORE_ADMIN_PASSWORD}
+      SEMAPHORE_ADMIN_NAME: "Admin"
+      SEMAPHORE_ADMIN_EMAIL: "admin@mapletree.email"
+
+      # Security & Config
+      # Generate this with: head -c32 /dev/urandom | base64
+      SEMAPHORE_ACCESS_KEY_ENCRYPTION: ${SEMAPHORE_ENCRYPTION_KEY}
+      SEMAPHORE_Tmp_Path: /tmp/semaphore
+    volumes:
+      # Map your host SSH keys so Semaphore can SSH into your servers
+      - /root/.ssh:/root/.ssh:ro
+      # Allow Semaphore to control Docker on the host (optional, but useful for Ansible)
+      - /var/run/docker.sock:/var/run/docker.sock
+      # Persist configuration
+      - ./semaphore:/etc/semaphore
+    networks:
+      - ansible_external # For Traefik access
+      - ansible_internal # For Database access
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=ansible_external"
+      - "traefik.http.routers.semaphore.rule=Host(`ansible.mapletree.email`)"
+      - "traefik.http.routers.semaphore.entrypoints=web,websecure"
+      - "traefik.http.routers.semaphore.tls.certresolver=myresolver"
+      - "traefik.http.services.semaphore.loadbalancer.server.port=3000"
+
+networks:
+  ansible_external:
+    external: true
+  ansible_internal:
+    internal: true

ansible/semaphore/config.json

@@ -0,0 +1,16 @@
+{
+ 	"postgres": {
+ 		"host": "semaphore-postgres:5432",
+ 		"user": "semaphore",
+ 		"pass": "34reSVI6GKdr5xEGzC6eHKi+a2Int5xvp9eyx+tC+0Y=",
+ 		"name": "semaphore",
+ 		"options": {
+ 			"sslmode": "disable"
+ 		}
+ 	},
+ 	"dialect": "postgres",
+ 	"tmp_path": "/tmp/semaphore",
+ 	"cookie_hash": "S7ijkMPos6enLgDYyFlMC+2nI0/8isOMbWI24PnqBhk=",
+ 	"cookie_encryption": "CWqqZ1L0z6Y/0CE/MSFHA7JM5IW2y/Vgx+nMO3m0rfY=",
+ 	"access_key_encryption": "vETTM8BJ2uMMAHJ74KOdlRKGw0QYWhWjq9xaBa8vuJU="
+ }

ansible/semaphore/ping.yml

@@ -0,0 +1,6 @@
+---
+- name: Ping Test
+  hosts: all
+  tasks:
+    - name: Ping
+      ansible.builtin.ping:

beets/config/beets.sh

@@ -0,0 +1,27 @@
+#!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+#
+# beets music tagger - post-processing script
+#
+# Author: Rich Manton (overbyrn)
+# Date: 29-04-13
+#
+# $1 - Fullpath of directory to be processed.  eg./mnt/user/downloads/some.artist_some.album
+
+# $7 - Status of post processing. 0 = OK, 1 = failed verification, 2 = failed unpack, 3 = 1+2
+if [ -n "$7" ] && [ "$7" -gt 0 ]; then
+    echo "post-processing failed, bypassing script"
+    exit 1
+fi
+
+# process files
+echo "--------------------------"
+printf %b "$(date)\n"
+echo "Starting beets.sh for $(basename "$1")"
+
+BEETSDIR=/config
+export BEETSDIR
+FPCALC=/usr/bin/fpcalc
+export FPCALC
+/lsiopy/bin/beet -v import -q "$1"
+

beets/config/config.yaml

@@ -0,0 +1,7 @@
+directory: /music/combined
+library: /config/musiclibrary.db
+import:
+  copy: no     # Use files in place
+plugins:
+  - musicbrainz  # Example plugin for fetching metadata
+  - web

beets/config/start.sh

@@ -0,0 +1 @@
+beet -c /config/config.yaml import -q /music

beets/docker-compose.yml

@@ -0,0 +1,16 @@
+services:
+  beets:
+    image: linuxserver/beets
+    container_name: beets
+    environment:
+      - PUID=1000 # Your user ID
+      - PGID=1000 # Your group ID
+      - TZ=America/Edmonton
+     # Your timezone
+    volumes:
+      - ./config:/config # Mount your Beets config directory
+      - /pool/music:/music # Mount your music library
+      #- /path/to/your/import_source:/import # Optional: directory for importing new music
+    restart: unless-stopped
+    ports:
+      - 8337:8337

ddns/config/config.json

@@ -0,0 +1,82 @@
+{
+  "settings": [
+    {
+      "provider": "namecheap",
+      "domain": "mapletree.email",
+      "host": "activepieces",
+      "password": "1ca674aff7c34051babec029f0c4eb78"
+    },
+    {
+      "provider": "namecheap",
+      "domain": "mapletree.email",
+      "host": "firefly",
+      "password": "1ca674aff7c34051babec029f0c4eb78"
+    },
+    {
+      "provider": "namecheap",
+      "domain": "mapletree.email",
+      "host": "firefly-import",
+      "password": "1ca674aff7c34051babec029f0c4eb78"
+    },
+    {
+      "provider": "namecheap",
+      "domain": "mapletree.email",
+      "host": "ha",
+      "password": "1ca674aff7c34051babec029f0c4eb78"
+    },
+    {
+      "provider": "namecheap",
+      "domain": "mapletree.email",
+      "host": "media",
+      "password": "1ca674aff7c34051babec029f0c4eb78"
+    },
+    {
+      "provider": "namecheap",
+      "domain": "mapletree.email",
+      "host": "music",
+      "password": "1ca674aff7c34051babec029f0c4eb78"
+    },
+    {
+      "provider": "namecheap",
+      "domain": "mapletree.email",
+      "host": "request",
+      "password": "1ca674aff7c34051babec029f0c4eb78"
+    },
+    {
+      "provider": "namecheap",
+      "domain": "mapletree.email",
+      "host": "stash",
+      "password": "1ca674aff7c34051babec029f0c4eb78"
+    },
+    {
+      "provider": "namecheap",
+      "domain": "mapletree.email",
+      "host": "syncthing",
+      "password": "1ca674aff7c34051babec029f0c4eb78"
+    },
+    {
+      "provider": "namecheap",
+      "domain": "mapletree.email",
+      "host": "lukas",
+      "password": "1ca674aff7c34051babec029f0c4eb78"
+    },
+    {
+      "provider": "namecheap",
+      "domain": "mapletree.email",
+      "host": "josh",
+      "password": "1ca674aff7c34051babec029f0c4eb78"
+    },
+    {
+      "provider": "namecheap",
+      "domain": "mapletree.email",
+      "host": "rustdesk",
+      "password": "1ca674aff7c34051babec029f0c4eb78"
+    },
+    {
+      "provider": "namecheap",
+      "domain": "mapletree.email",
+      "host": "ssh",
+      "password": "1ca674aff7c34051babec029f0c4eb78"
+    }
+  ]
+}

ddns/config/updates.json

@@ -0,0 +1,238 @@
+{
+  "records": [
+    {
+      "domain": "mapletree.email",
+      "owner": "activepieces",
+      "ips": [
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-20T00:11:12.727495911Z"
+        },
+        {
+          "ip": "108.173.3.22",
+          "time": "2026-01-21T11:36:37.598594845Z"
+        },
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-21T11:56:36.805186025Z"
+        }
+      ]
+    },
+    {
+      "domain": "mapletree.email",
+      "owner": "firefly",
+      "ips": [
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-20T00:11:12.727495911Z"
+        },
+        {
+          "ip": "108.173.3.22",
+          "time": "2026-01-21T11:36:37.044336038Z"
+        },
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-21T12:06:36.327383699Z"
+        }
+      ]
+    },
+    {
+      "domain": "mapletree.email",
+      "owner": "firefly-import",
+      "ips": [
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-20T00:11:12.727495911Z"
+        },
+        {
+          "ip": "108.173.3.22",
+          "time": "2026-01-21T11:36:37.685644543Z"
+        },
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-21T12:01:36.408325056Z"
+        }
+      ]
+    },
+    {
+      "domain": "mapletree.email",
+      "owner": "ha",
+      "ips": [
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-20T00:11:12.727495911Z"
+        },
+        {
+          "ip": "108.173.3.22",
+          "time": "2026-01-21T11:36:36.545872198Z"
+        },
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-21T12:01:36.51727364Z"
+        }
+      ]
+    },
+    {
+      "domain": "mapletree.email",
+      "owner": "media",
+      "ips": [
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-20T00:11:12.727495911Z"
+        },
+        {
+          "ip": "108.173.3.22",
+          "time": "2026-01-21T11:36:36.697141701Z"
+        },
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-21T11:46:36.591132154Z"
+        }
+      ]
+    },
+    {
+      "domain": "mapletree.email",
+      "owner": "music",
+      "ips": [
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-20T00:11:12.727495911Z"
+        },
+        {
+          "ip": "108.173.3.22",
+          "time": "2026-01-21T11:36:37.130094711Z"
+        },
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-21T12:01:36.611585284Z"
+        }
+      ]
+    },
+    {
+      "domain": "mapletree.email",
+      "owner": "request",
+      "ips": [
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-20T00:11:12.727495911Z"
+        },
+        {
+          "ip": "108.173.3.22",
+          "time": "2026-01-21T11:36:36.78400893Z"
+        },
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-21T11:51:38.14005314Z"
+        }
+      ]
+    },
+    {
+      "domain": "mapletree.email",
+      "owner": "stash",
+      "ips": [
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-20T00:11:12.727495911Z"
+        },
+        {
+          "ip": "108.173.3.22",
+          "time": "2026-01-21T11:36:37.215898786Z"
+        },
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-21T11:46:36.691068393Z"
+        }
+      ]
+    },
+    {
+      "domain": "mapletree.email",
+      "owner": "syncthing",
+      "ips": [
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-20T00:11:12.727495911Z"
+        },
+        {
+          "ip": "108.173.3.22",
+          "time": "2026-01-21T11:36:37.322103667Z"
+        },
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-21T11:56:36.529780427Z"
+        }
+      ]
+    },
+    {
+      "domain": "mapletree.email",
+      "owner": "lukas",
+      "ips": [
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-20T00:11:12.727495911Z"
+        },
+        {
+          "ip": "108.173.3.22",
+          "time": "2026-01-21T11:36:36.867839801Z"
+        },
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-21T11:56:36.617891144Z"
+        }
+      ]
+    },
+    {
+      "domain": "mapletree.email",
+      "owner": "josh",
+      "ips": [
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-20T01:49:10.258641795Z"
+        },
+        {
+          "ip": "108.173.3.22",
+          "time": "2026-01-21T11:36:37.428639266Z"
+        },
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-21T11:46:36.782529426Z"
+        }
+      ]
+    },
+    {
+      "domain": "mapletree.email",
+      "owner": "rustdesk",
+      "ips": [
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-20T18:35:24.275438034Z"
+        },
+        {
+          "ip": "108.173.3.22",
+          "time": "2026-01-21T11:36:37.514619364Z"
+        },
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-21T11:56:36.705830114Z"
+        }
+      ]
+    },
+    {
+      "domain": "mapletree.email",
+      "owner": "ssh",
+      "ips": [
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-20T18:35:24.275438034Z"
+        },
+        {
+          "ip": "108.173.3.22",
+          "time": "2026-01-21T11:36:36.957924863Z"
+        },
+        {
+          "ip": "50.65.208.7",
+          "time": "2026-01-21T12:06:36.452443906Z"
+        }
+      ]
+    }
+  ]
+}

ddns/docker-compose.yml

@@ -0,0 +1,10 @@
+services:
+  ddns:
+    image: qmcgaw/ddns-updater
+    container_name: ddns
+    restart: unless-stopped
+    volumes:
+      - ./config:/updater/data
+    dns:
+      - 1.1.1.1
+      - 8.8.8.8

dirs.txt

@@ -0,0 +1,304 @@
+.
+./servarr
+./servarr/whisparr
+./servarr/whisparr/logs
+./servarr/whisparr/Sentry
+./servarr/whisparr/asp
+./servarr/whisparr/MediaCover
+./servarr/whisparr/Backups
+./servarr/overseerr
+./servarr/overseerr/db
+./servarr/overseerr/logs
+./servarr/lidarr
+./servarr/lidarr/logs
+./servarr/lidarr/Sentry
+./servarr/lidarr/asp
+./servarr/lidarr/MediaCover
+./servarr/lidarr/Backups
+./servarr/config
+./servarr/config/Jackett
+./servarr/radarr
+./servarr/radarr/logs
+./servarr/radarr/Sentry
+./servarr/radarr/asp
+./servarr/radarr/MediaCover
+./servarr/radarr/Backups
+./servarr/sonarr
+./servarr/sonarr/logs
+./servarr/sonarr/Sentry
+./servarr/sonarr/asp
+./servarr/sonarr/MediaCover
+./servarr/sonarr/Backups
+./ddns
+./ddns/config
+./homepage
+./homepage/config
+./homepage/config/logs
+./lost+found
+./management
+./management/gitea
+./management/gitea/gitea
+./management/gitea/ssh
+./management/gitea/git
+./management/wud
+./management/wud/etc
+./management/wud/var
+./management/komodo
+./management/komodo/periphery-etc
+./management/komodo/core-etc
+./management/komodo/config
+./management/komodo/var
+./management/komodo/postgres
+./management/komodo/backups
+./management/komodo/repo-cache
+./management/wud-db
+./management/gitea-postgres
+./management/gitea-postgres/postgres
+./management/ferret
+./management/komodo-postgres
+./management/komodo-postgres/pg_notify
+./management/komodo-postgres/pg_dynshmem
+./management/komodo-postgres/base
+./management/komodo-postgres/pg_stat_tmp
+./management/komodo-postgres/pg_xact
+./management/komodo-postgres/pg_logical
+./management/komodo-postgres/pg_subtrans
+./management/komodo-postgres/pg_replslot
+./management/komodo-postgres/pg_wal
+./management/komodo-postgres/pg_commit_ts
+./management/komodo-postgres/pg_snapshots
+./management/komodo-postgres/pg_stat
+./management/komodo-postgres/postgres_backup
+./management/komodo-postgres/pg_tblspc
+./management/komodo-postgres/global
+./management/komodo-postgres/pg_multixact
+./management/komodo-postgres/pg_serial
+./management/komodo-postgres/pg_twophase
+./management/komodo-postgres/pg_documentdb_cursor_files
+./syncthing
+./syncthing/config
+./syncthing/config/index-v2
+./dupeguru
+./dupeguru/config
+./dupeguru/config/xdg
+./dupeguru/config/log
+./dupeguru/config/scans
+./dns
+./dns/secondary
+./dns/secondary/blocklists
+./dns/secondary/logs
+./dns/secondary/stats
+./dns/secondary/zones
+./dns/secondary/apps
+./dns/secondary/scopes
+./dns/primary
+./dns/primary/blocklists
+./dns/primary/logs
+./dns/primary/stats
+./dns/primary/zones
+./dns/primary/apps
+./dns/primary/scopes
+./dns/config
+./dns/config/secondary
+./dns/config/primary
+./ansible
+./ansible/postgres
+./ansible/postgres/pg_notify
+./ansible/postgres/pg_dynshmem
+./ansible/postgres/base
+./ansible/postgres/pg_stat_tmp
+./ansible/postgres/pg_xact
+./ansible/postgres/pg_logical
+./ansible/postgres/pg_subtrans
+./ansible/postgres/pg_replslot
+./ansible/postgres/pg_wal
+./ansible/postgres/pg_commit_ts
+./ansible/postgres/pg_snapshots
+./ansible/postgres/pg_stat
+./ansible/postgres/pg_tblspc
+./ansible/postgres/global
+./ansible/postgres/pg_multixact
+./ansible/postgres/pg_serial
+./ansible/postgres/pg_twophase
+./ansible/semaphore
+./traefik
+./traefik/letsencrypt
+./traefik/dynamic
+./smf
+./smf/smf_files
+./smf/smf_files/Smileys
+./smf/smf_files/avatars
+./smf/smf_files/logo
+./smf/smf_files/videos
+./smf/smf_files/avs
+./smf/smf_files/files
+./smf/smf_files/cache
+./smf/smf_files/attachments
+./smf/smf_files/Themes
+./smf/smf_files/custom_avatar
+./smf/smf_files/Sources
+./smf/smf_files/Packages
+./smf/db_restore
+./smf/mysql
+./smf/mysql/#innodb_redo
+./smf/mysql/#innodb_temp
+./smf/mysql/performance_schema
+./smf/mysql/smf
+./smf/mysql/sys
+./smf/mysql/mysql
+./smf/db_data
+./mediaservices
+./mediaservices/app
+./mediaservices/output
+./mediaservices/stash
+./mediaservices/stash/data
+./mediaservices/config
+./mediaservices/plex
+./mediaservices/plex/Library
+./mediaservices/jellyfin
+./mediaservices/jellyfin/config
+./mediaservices/jellyfin/cache
+./mediaservices/stash-db
+./mediaservices/stash-db/scrapers
+./mediaservices/stash-db/plugins
+./rustdesk
+./rustdesk/data
+./rustdesk/data/.config
+./qbittorrent
+./qbittorrent/data
+./qbittorrent/data/.cache
+./qbittorrent/data/qBittorrent
+./qbittorrent/data/converted
+./qbittorrent/data/procps
+./qbittorrent/appdata_local
+./qbittorrent/appdata_local/qBittorrent
+./qbittorrent/appdata_roaming
+./qbittorrent/appdata_roaming/rss
+./qbittorrent/unpackerr
+./technitium
+./technitium/data
+./technitium/config
+./technitium/config/blocklists
+./technitium/config/logs
+./technitium/config/stats
+./technitium/config/zones
+./technitium/config/apps
+./technitium/config/scopes
+./guacamole
+./guacamole/db
+./guacamole/db/pg_notify
+./guacamole/db/pg_dynshmem
+./guacamole/db/base
+./guacamole/db/pg_stat_tmp
+./guacamole/db/pg_xact
+./guacamole/db/pg_logical
+./guacamole/db/pg_subtrans
+./guacamole/db/pg_replslot
+./guacamole/db/pg_wal
+./guacamole/db/pg_commit_ts
+./guacamole/db/pg_snapshots
+./guacamole/db/pg_stat
+./guacamole/db/pg_tblspc
+./guacamole/db/global
+./guacamole/db/pg_multixact
+./guacamole/db/pg_serial
+./guacamole/db/pg_twophase
+./guacamole/init
+./guacamole/tmp
+./guacamole/tmp/guacamole-home.8uPwDs97ox
+./guacamole/tmp/hsperfdata_root
+./guacamole/tmp/catalina-base.EJrGxCmUst
+./beets
+./beets/config
+./beets/config/.config
+./monitoring
+./monitoring/grafana
+./monitoring/prometheus-db
+./monitoring/prometheus-db/01KF8C65RJE1HYDCW77F4DNYBP
+./monitoring/prometheus-db/01KFQ30RNDMGZWSCQMY8GZX2AJ
+./monitoring/prometheus-db/01KEYQ6N0FJ167P8JNG96ZV5GY
+./monitoring/prometheus-db/01KF0N05PQ7X74QCZE4HG4XWS1
+./monitoring/prometheus-db/01KFQ30R3811B1BDNQ8G2MBN9K
+./monitoring/prometheus-db/01KERX6E5ACK05RGMYDA316MWK
+./monitoring/prometheus-db/01KF4GK4DHNDTWWXYENK3D2D20
+./monitoring/prometheus-db/01KER7V2Z4MM0ZASJMN3JD98FY
+./monitoring/prometheus-db/01KF6ECMMH29117ZA6T3KRPZM5
+./monitoring/prometheus-db/01KEWSCYAP0N943DWA2Z93AWYD
+./monitoring/prometheus-db/01KF2JSQ2CQ85ZCG6NF3S6QH6R
+./monitoring/prometheus-db/chunks_head
+./monitoring/prometheus-db/01KETN4AAJ0JCA1Z93YSGX9P9C
+./monitoring/prometheus-db/01KEHC8Y4VC88Y4DMBXSMZASPV
+./monitoring/prometheus-db/01KFPMCZDJMKE91H5WWCTAX09V
+./monitoring/prometheus-db/01KEKCY8DM0RYHNKHE8A80DPYE
+./monitoring/prometheus-db/wal
+./monitoring/prometheus-db/01KFQ30QYDEEXXPDE4JH94PHGR
+./monitoring/prometheus-db/01KEV160FANB8GQJ19RBDVCR9Z
+./monitoring/watchtower
+./monitoring/prometheus
+./monitoring/alertmanager
+./monitoring/grafana-db
+./monitoring/grafana-db/png
+./monitoring/grafana-db/pdf
+./monitoring/grafana-db/csv
+./monitoring/grafana-db/plugins
+./monitoring/alertmanager-db
+./duplicati
+./duplicati/data
+./duplicati/data/Duplicati
+./duplicati/config
+./duplicati/config/control_dir_v2
+./duplicati/config/.aspnet
+./smtp-relay
+./smtp-relay/queue
+./smtp-relay/queue/incoming
+./smtp-relay/queue/flush
+./smtp-relay/queue/saved
+./smtp-relay/queue/deferred
+./smtp-relay/queue/active
+./smtp-relay/queue/corrupt
+./smtp-relay/queue/hold
+./smtp-relay/queue/public
+./smtp-relay/queue/bounce
+./smtp-relay/queue/pid
+./smtp-relay/queue/maildrop
+./smtp-relay/queue/defer
+./smtp-relay/queue/private
+./smtp-relay/queue/trace
+./manyfold
+./manyfold/config
+./homeassistant
+./homeassistant/node-red
+./homeassistant/node-red/lib
+./homeassistant/node-red/.npm
+./homeassistant/node-red/node_modules
+./homeassistant/matter
+./homeassistant/matter/credentials
+./homeassistant/govee2mqtt
+./homeassistant/govee2mqtt/config
+./homeassistant/config
+./homeassistant/config/.storage
+./homeassistant/config/.cloud
+./homeassistant/config/blueprints
+./homeassistant/config/deps
+./homeassistant/config/tts
+./homeassistant/frigate
+./homeassistant/frigate/cache
+./homeassistant/frigate/model_cache
+./homeassistant/mosquitto
+./homeassistant/mosquitto/data
+./homeassistant/mosquitto/config
+./homeassistant/mosquitto/log
+./homeassistant/homeassistant
+./homeassistant/homeassistant/share
+./homeassistant/homeassistant/media
+./homeassistant/homeassistant/.cache
+./homeassistant/homeassistant/.storage
+./homeassistant/homeassistant/.cloud
+./homeassistant/homeassistant/custom_components
+./homeassistant/homeassistant/.local
+./homeassistant/homeassistant/backup
+./homeassistant/homeassistant/blueprints
+./homeassistant/homeassistant/backups
+./homeassistant/homeassistant/.config
+./homeassistant/homeassistant/deps
+./homeassistant/homeassistant/tts

dns/docker-compose.yml

@@ -0,0 +1,80 @@
+services:
+  # --- Node 1 (Primary) ---
+  dns-01:
+    image: technitium/dns-server:latest
+    container_name: dns-01
+    hostname: dns-01
+    restart: unless-stopped
+    ports:
+      - "53:53/udp"     # Live DNS
+      - "53:53/tcp"
+      - "5381:5380/tcp" # Web UI -> 5381
+    environment:
+      - TZ=America/Edmonton
+      - DNS_SERVER_DOMAIN=dns1.mapletree.email
+      - DNS_SERVER_ADMIN_PASSWORD=${DNS_ADMIN_PASSWORD}
+    volumes:
+      #- ${CONFIG_PATH}/primary:/etc/dns/config
+      - ./primary:/etc/dns
+    networks:
+      dns_internal:
+        ipv4_address: 172.35.0.101
+      dns_external: {}
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=dns_external"
+      - "traefik.http.routers.dns01.rule=Host(`dns1.mapletree.email`)"
+      - "traefik.http.routers.dns01.entrypoints=web,websecure"
+      - "traefik.http.routers.dns01.tls.certresolver=myresolver"
+      - "traefik.http.services.dns01.loadbalancer.server.port=5380"
+
+  # --- Node 2 (Secondary) ---
+  dns-02:
+    image: technitium/dns-server:latest
+    container_name: dns-02
+    hostname: dns-02
+    restart: unless-stopped
+    ports:
+      - "5301:53/udp"   # Testing DNS
+      - "5301:53/tcp"
+      - "5382:5380/tcp" # Web UI -> 5382
+    environment:
+      - TZ=America/Edmonton
+      - DNS_SERVER_DOMAIN=dns2.mapletree.email
+      - DNS_SERVER_ADMIN_PASSWORD=${DNS_ADMIN_PASSWORD}
+    volumes:
+      #- ${CONFIG_PATH}/secondary:/etc/dns/config
+      - ./secondary:/etc/dns
+    networks:
+      dns_internal:
+        ipv4_address: 172.35.0.102
+      dns_external: {}
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=dns_external"
+      - "traefik.http.routers.dns02.rule=Host(`dns2.mapletree.email`)"
+      # ... (Standard Traefik labels) ...
+      - "traefik.http.services.dns02.loadbalancer.server.port=5380"
+
+  # --- Metrics Sidecar ---
+  dns-exporter:
+    image: ghcr.io/guycalledseven/technitium-dns-prometheus-exporter:latest
+    container_name: dns-exporter
+    restart: unless-stopped
+    environment:
+      # Note the simplified variable names
+      - TECHNITIUM_BASE_URL=http://172.35.0.101:5380
+      - TECHNITIUM_TOKEN=${DNS_API_TOKEN}
+    ports:
+      - "8081:9105" # Maps container 8080 to host 8081
+    networks:
+      - dns_internal
+
+networks:
+  dns_internal:
+    driver: bridge
+    ipam:
+      config:
+        - subnet: 172.35.0.0/24
+  dns_external:
+    external: true