Update ghcr.io/homarr-labs/homarr Docker tag to v1.22.0

audiobookshelf/docker-compose.yml

@@ -1,7 +1,6 @@
 services:
   audiobookshelf:
-    image: ghcr.io/advplyr/audiobookshelf:2.33.1
+    image: ghcr.io/advplyr/audiobookshelf:2.22.0
-    restart: always
     ports:
       - 13378:80
     volumes:

audiomuse/.env.example

@@ -1,41 +0,0 @@
-# Copy this file to `.env` and fill in the values that match your setup.
-# Docker Compose files under deployment/ read these variables to keep settings in one place.
-#
-# IMPORTANT:
-# 1. This file must be named exactly ".env" (not .env.txt or .env.example)
-# 2. It must be in the SAME directory as your docker-compose-*.yaml file
-# 3. Do NOT use spaces around the = sign
-# 4. Do NOT use quotes around values (unless required by the value itself)
-# 5. After editing, restart containers: docker-compose down && docker-compose up -d
-#
-# SPECIAL CHARACTERS IN VALUES:
-# If your password or API key contains special characters like: $ ` " ' \ # ! & * ( ) [ ] { } | ; < > ?
-# you may need to:
-#   - Avoid quotes entirely: GEMINI_API_KEY=AIza$pecial!Key  (usually works)
-#   - OR use single quotes if the value has $: GEMINI_API_KEY='AIza$pecial!Key'
-#   - OR escape with backslash: GEMINI_API_KEY=AIza\$pecial\!Key
-# Most problematic characters: $ (variable expansion), ` (command substitution), " (string delimiter)
-#
-# TROUBLESHOOTING:
-# If API keys don't work, verify:
-#   - File is named ".env" exactly (check with: ls -la)
-#   - No spaces: GEMINI_API_KEY=AIza... (not GEMINI_API_KEY = "AIza...")
-#   - No unescaped special characters (especially $ ` " ')
-#   - Restart containers after changing this file
-# If all else fails, try hardcoding the value directly in docker-compose-*.yaml to isolate the issue
-
-# --- Jellyfin ---
-JELLYFIN_USER_ID=
-JELLYFIN_TOKEN=
-JELLYFIN_URL=https://jellyfin.smittenfeld.nl
-
-# --- Shared backend configuration ---
-AUDIOMUSE_POSTGRES_USER=audiomuse
-AUDIOMUSE_POSTGRES_PASSWORD=
-AUDIOMUSE_POSTGRES_DB=audiomusedb
-#
-## --- Remote worker integration ---
-#WORKER_URL=http://worker.example.com:8029/worker
-#WORKER_POSTGRES_HOST=server.example.com
-#WORKER_REDIS_URL=redis://server.example.com:6379/0
-

audiomuse/docker-compose.yml

@@ -1,126 +0,0 @@
-services:
-  # Redis service for RQ (task queue)
-  audiomuse-ai-redis:
-    image: redis:8-alpine
-    container_name: audiomuse-redis
-    ports:
-      - "6379:6379" # Expose Redis port to the host
-    volumes:
-      - redis-data:/data # Persistent storage for Redis data
-    networks:
-      - audiomuse
-    restart: unless-stopped
-
-  # PostgreSQL database service
-  audiomuse-ai-postgres:
-    image: postgres:15-alpine
-    container_name: audiomuse-postgres
-    env_file:
-      - .env
-    environment:
-      POSTGRES_USER: ${AUDIOMUSE_POSTGRES_USER}
-      POSTGRES_PASSWORD: ${AUDIOMUSE_POSTGRES_PASSWORD}
-      POSTGRES_DB: ${AUDIOMUSE_POSTGRES_DB}
-    ports:
-      - "5435:5432" # Expose PostgreSQL port to the host
-    volumes:
-      - postgres-data:/var/lib/postgresql/data # Persistent storage for PostgreSQL data
-    networks:
-      - audiomuse
-    restart: unless-stopped
-
-  # AudioMuse-AI Flask application service
-  audiomuse-ai-flask:
-    image: ghcr.io/neptunehub/audiomuse-ai:0.9.6 # Reflects deployment.yaml
-    container_name: audiomuse-ai-flask-app
-    ports:
-      - "8013:8000"
-    env_file:
-      - .env
-    environment:
-      SERVICE_TYPE: "flask" # Tells the container to run the Flask app
-      MEDIASERVER_TYPE: "jellyfin" # Specify the media server type
-      POSTGRES_USER: ${AUDIOMUSE_POSTGRES_USER}
-      POSTGRES_PASSWORD: ${AUDIOMUSE_POSTGRES_PASSWORD}
-      POSTGRES_DB: ${AUDIOMUSE_POSTGRES_DB}
-      POSTGRES_PORT: "5432"
-      POSTGRES_HOST: "audiomuse-ai-postgres" # Service name of the postgres container
-      REDIS_URL: "redis://audiomuse-ai-redis:6379/0" # Connects to the 'redis' service
-      AI_MODEL_PROVIDER: "OPENAI"
-      OPENAI_API_KEY: "any-random-string" # Dummy key to enable local model usage
-      OPENAI_SERVER_URL: "http://172.17.0.1:12434/engines/llama.cpp/v1/chat/completions" #This is the API endpoint for local DMR model from within the Docker container.
-      OPENAI_MODEL_NAME: "ai/qwen3:0.6B-Q4_0"
-      TEMP_DIR: "/app/temp_audio"
-    # Use tmpfs to process audio files in memory for better performance. this reduuces disk I/O but might use more RAM.
-    # Mounted directories are not shared between containers, so each container gets its own tmpfs instance.
-    # Increase tmpfs size for very large audio files as needed.
-    # If host RAM is limited, use a Docker volume instead of tmpfs.
-    # For more info on tmpfs: https://docs.docker.com/engine/storage/tmpfs/
-    tmpfs:
-      - /app/temp_audio:rw,size=1000m
-    depends_on:
-      - audiomuse-ai-redis
-      - audiomuse-ai-postgres
-    restart: unless-stopped
-    networks:
-      - audiomuse
-    models:
-      - llm # Specify that LLM models are used in this service
-
-  # AudioMuse-AI RQ Worker service
-  audiomuse-ai-worker:
-    image: ghcr.io/neptunehub/audiomuse-ai:0.9.6 # Reflects deployment.yaml
-    container_name: audiomuse-ai-worker-instance
-    env_file:
-      - .env
-    environment:
-      SERVICE_TYPE: "worker" # Tells the container to run the RQ worker
-      MEDIASERVER_TYPE: "jellyfin" # Specify the media server type
-      JELLYFIN_USER_ID: "${JELLYFIN_USER_ID}"
-      JELLYFIN_TOKEN: "${JELLYFIN_TOKEN}"
-      JELLYFIN_URL: "${JELLYFIN_URL}"
-      # DATABASE_URL is now constructed by config.py from the following:
-      POSTGRES_USER: ${AUDIOMUSE_POSTGRES_USER}
-      POSTGRES_PASSWORD: ${AUDIOMUSE_POSTGRES_PASSWORD}
-      POSTGRES_DB: ${AUDIOMUSE_POSTGRES_DB}
-      POSTGRES_PORT: "5432"
-      POSTGRES_HOST: "audiomuse-ai-postgres" # Service name of the postgres container
-      REDIS_URL: "redis://audiomuse-ai-redis:6379/0" # Connects to the 'redis' service
-      AI_MODEL_PROVIDER: "OPENAI"
-      OPENAI_API_KEY: "any-random-string" # Dummy key to enable local model usage
-      OPENAI_SERVER_URL: "http://172.17.0.1:12434/engines/llama.cpp/v1/chat/completions" #This is the API endpoint for local DMR model from within the Docker container.
-      OPENAI_MODEL_NAME: "ai/qwen3:0.6B-Q4_0"
-      TEMP_DIR: "/app/temp_audio"
-    # Use tmpfs to process audio files in memory for better performance. this reduuces disk I/O but might use more RAM.
-    # Mounted directories are not shared between containers, so each container gets its own tmpfs instance.
-    # Increase tmpfs size for very large audio files as needed.
-    # If host RAM is limited, use a Docker volume instead of tmpfs.
-    # For more info on tmpfs: https://docs.docker.com/engine/storage/tmpfs/
-    tmpfs:
-      - /app/temp_audio:rw,size=1000m
-    depends_on:
-      - audiomuse-ai-redis
-      - audiomuse-ai-postgres
-    restart: unless-stopped
-    networks:
-      - audiomuse
-    models:
-      - llm # Specify that LLM models are used in this service
-
-# Using Docker Model Runner (DMR)
-# - Make sure your Docker Engine version supports the AI features and that the docker-model-plugin is installed.
-# - Follow Docker's setup guide: https://docs.docker.com/ai/model-runner/get-started/#docker-engine
-# - Once DMR is configured, you can download and run AI models locally just like Docker images — no code changes to this compose file are required.
-# - For model integration with docker-compose, see: https://docs.docker.com/ai/compose/models-and-compose/
-models:
-  llm:
-    model: ai/qwen3:0.6B-Q4_0 # Lightweight local model for testing. Change as needed; if changed, ensure it matches OPENAI_MODEL_NAME.
-
-
-# Define volumes for persistent data and temporary files
-volumes:
-  redis-data:
-  postgres-data:
-
-networks:
-  audiomuse:

central-database/.env.example

@@ -1,11 +0,0 @@
-POSTGRES_ADMIN_PASSWORD=
-
-MATRIX_SYNAPSE_USER_PASSWORD=
-MATRIX_MAS_USER_PASSWORD=
-MATRIX_SIGNAL_USER_PASSWORD=
-MATRIX_WHATSAPP_USER_PASSWORD=
-PAPERLESS_USER_PASSWORD=
-IMMICH_USER_PASSWORD=
-SHLINK_USER_PASSWORD=
-SPLIIT_USER_PASSWORD=
-AUDIOMUSE_USER_PASSWORD=

central-database/Dockerfile

@@ -1,43 +0,0 @@
-# PostgreSQL 18 with pgvector and vectorchord extensions
-FROM postgres:18-alpine
-
-# Install build dependencies
-RUN apk add --no-cache --virtual .build-deps \
-    gcc \
-    musl-dev \
-    postgresql-dev \
-    make \
-    git \
-    cmake \
-    clang \
-    openssl-dev \
-    libxml2-dev \
-    libxslt-dev \
-    python3 \
-    py3-pip \
-    build-base
-
-# Install pgvector extension
-RUN git clone --branch v0.7.3 https://github.com/pgvector/pgvector.git /tmp/pgvector \
-    && cd /tmp/pgvector \
-    && make \
-    && make install
-
-# Install vectorchord extension (for Immich)
-RUN git clone --branch v0.3.0 https://github.com/vectorchord/pg_vectorscale.git /tmp/pg_vectorscale \
-    && cd /tmp/pg_vectorscale \
-    && make \
-    && make install
-
-# Clean up build dependencies
-RUN apk del .build-deps \
-    && rm -rf /tmp/* \
-    && rm -rf /var/lib/apt/lists/*
-
-# Configure PostgreSQL to load extensions
-RUN echo "shared_preload_libraries = 'pg_vectorscale,vector'" >> /var/lib/postgresql/data/postgresql.conf
-
-COPY init-postgres.sh /docker-entrypoint-initdb.d/
-
-EXPOSE 5432
-CMD ["postgres"]

central-database/MIGRATION_GUIDE.md

@@ -1,215 +0,0 @@
-# Service Configuration Migration Guide
-
-This guide shows how to update each service to use the central PostgreSQL database.
-
-## Service-Specific Configuration Updates
-
-### 1. Synapse Matrix
-
-**Current configuration in `synapse/docker-compose.yml`:**
-```yaml
-synapse_db:
-  image: docker.io/library/postgres:17
-  restart: always
-  volumes:
-    - ${SYNAPSE_POSTGRES_DATA_DIR}:/var/lib/postgresql/data
-  environment:
-    POSTGRES_DB: ${SYNAPSE_POSTGRES_DB}
-    POSTGRES_USER: ${SYNAPSE_POSTGRES_USER}
-    POSTGRES_PASSWORD: ${SYNAPSE_POSTGRES_PASSWORD}
-    POSTGRES_INITDB_ARGS: '--encoding=UTF-8  --locale=C'
-  ports:
-    - 5442:5432
-
-synapse:
-  # ... other config ...
-  environment:
-    POSTGRES_HOST: synapse_db
-    POSTGRES_PORT: 5432
-    POSTGRES_DB: ${SYNAPSE_POSTGRES_DB}
-    POSTGRES_USER: ${SYNAPSE_POSTGRES_USER}
-    POSTGRES_PASSWORD: ${SYNAPSE_POSTGRES_PASSWORD}
-```
-
-**Updated configuration:**
-```yaml
-# Remove the synapse_db service entirely
-
-synapse:
-  # ... other config ...
-  environment:
-    POSTGRES_HOST: postgres
-    POSTGRES_PORT: 5432
-    POSTGRES_DB: synapse
-    POSTGRES_USER: synapse_user
-    POSTGRES_PASSWORD: ${SYNAPSE_POSTGRES_PASSWORD}
-  depends_on:
-    - postgres  # Add this dependency
-  networks:
-    - default  # Ensure same network as postgres container
-```
-
-### 2. Paperless
-
-**Current configuration in `paperless/docker-compose.yml`:**
-```yaml
-db:
-  image: docker.io/library/postgres:17
-  restart: always
-  volumes:
-    - ${PAPERLESS_POSTGRES_DATA_DIR}:/var/lib/postgresql/data
-  environment:
-    POSTGRES_DB: ${PAPERLESS_POSTGRES_DB}
-    POSTGRES_USER: ${PAPERLESS_POSTGRES_USER}
-    POSTGRES_PASSWORD: ${PAPERLESS_POSTGRES_PASSWORD}
-  ports:
-    - 5434:5432
-
-paperless:
-  # ... other config ...
-  environment:
-    PAPERLESS_DBHOST: db
-    PAPERLESS_DBNAME: ${PAPERLESS_POSTGRES_DB}
-    PAPERLESS_DBUSER: ${PAPERLESS_POSTGRES_USER}
-    PAPERLESS_DBPASS: ${PAPERLESS_POSTGRES_PASSWORD}
-```
-
-**Updated configuration:**
-```yaml
-# Remove the db service entirely
-
-paperless:
-  # ... other config ...
-  environment:
-    PAPERLESS_DBHOST: postgres
-    PAPERLESS_DBNAME: paperless
-    PAPERLESS_DBUSER: paperless_user
-    PAPERLESS_DBPASS: ${PAPERLESS_POSTGRES_PASSWORD}
-  depends_on:
-    - postgres  # Add this dependency
-  networks:
-    - default
-```
-
-### 3. Immich
-
-**Current configuration in `immich/docker-compose.yml`:**
-```yaml
-database:
-  container_name: immich_postgres
-  image: ghcr.io/immich-app/postgres:14-vectorchord0.3.0-pgvectors0.2.0
-  environment:
-    POSTGRES_USER: ${IMMICH_POSTGRES_USER}
-    POSTGRES_PASSWORD: ${IMMICH_POSTGRES_PASSWORD}
-    POSTGRES_DB: ${IMMICH_POSTGRES_DB}
-    POSTGRES_INITDB_ARGS: '--data-checksums'
-  ports:
-    - 5433:5432
-  volumes:
-    - ${IMMICH_DB_LOCATION}:/var/lib/postgresql/data
-
-immich-server:
-  # ... other config ...
-  environment:
-    DB_HOSTNAME: ${IMMICH_DB_HOSTNAME}
-    DB_USERNAME: ${IMMICH_POSTGRES_USER}
-    DB_PASSWORD: ${IMMICH_POSTGRES_PASSWORD}
-    DB_DATABASE_NAME: ${IMMICH_POSTGRES_DB}
-```
-
-**Updated configuration:**
-```yaml
-# Remove the database service entirely
-
-immich-server:
-  # ... other config ...
-  environment:
-    DB_HOSTNAME: postgres
-    DB_USERNAME: immich_user
-    DB_PASSWORD: ${IMMICH_POSTGRES_PASSWORD}
-    DB_DATABASE_NAME: immich
-  depends_on:
-    - postgres  # Add this dependency
-  networks:
-    - default
-```
-
-### 4. Shlink
-
-**Current configuration in `shlink/docker-compose.yml`:**
-```yaml
-shlink_db:
-  image: postgres:17
-  container_name: shlink_db
-  restart: always
-  volumes:
-    - ${SHLINK_POSTGRES_DIR}:/var/lib/postgresql/data
-  environment:
-    POSTGRES_DB: ${SHLINK_POSTGRES_DB}
-    POSTGRES_USER: ${SHLINK_POSTGRES_USER}
-    POSTGRES_PASSWORD: ${SHLINK_POSTGRES_PASSWORD}
-  ports:
-    - 5436:5432
-
-shlink:
-  # ... other config ...
-  environment:
-    DB_HOST: shlink_db
-    DB_NAME: ${SHLINK_POSTGRES_DB}
-    DB_USER: ${SHLINK_POSTGRES_USER}
-    DB_PASSWORD: ${SHLINK_POSTGRES_PASSWORD}
-```
-
-**Updated configuration:**
-```yaml
-# Remove the shlink_db service entirely
-
-shlink:
-  # ... other config ...
-  environment:
-    DB_HOST: postgres
-    DB_NAME: shlink
-    DB_USER: shlink_user
-    DB_PASSWORD: ${SHLINK_POSTGRES_PASSWORD}
-  depends_on:
-    - postgres  # Add this dependency
-  networks:
-    - default
-```
-
-## General Pattern
-
-For each service:
-
-1. **Remove** the service-specific database container
-2. **Update** the main service container's environment variables:
-   - `POSTGRES_HOST`/`DB_HOST` → `postgres`
-   - `POSTGRES_PORT`/`DB_PORT` → `5432`
-   - `POSTGRES_DB`/`DB_NAME` → `<service_name>` (e.g., `synapse`, `paperless`)
-   - `POSTGRES_USER`/`DB_USER` → `<service_name>_user`
-   - `POSTGRES_PASSWORD`/`DB_PASSWORD` → `${SERVICE_POSTGRES_PASSWORD}` (keep existing)
-
-3. **Add dependency** on `postgres` service
-4. **Update network** configuration if needed (ensure services can reach postgres container)
-
-## Testing Migration
-
-After updating each service:
-
-1. **Stop the service**: `docker-compose down`
-2. **Start with new config**: `docker-compose up -d`
-3. **Check logs**: `docker-compose logs -f`
-4. **Test functionality**: Verify the service works correctly
-5. **Rollback plan**: Keep old database container until migration is confirmed successful
-
-## Network Considerations
-
-Ensure all services are on the same Docker network or can reach the `central_postgres` container. You may need to:
-
-1. Add services to the same network
-2. Use Docker's internal DNS
-3. Configure network aliases if needed
-
-## Password Management
-
-Keep using the same password variables but ensure they match the central database user passwords. The migration script preserves existing passwords for seamless transition.

central-database/README.md

@@ -1,145 +0,0 @@
-# Central PostgreSQL Database Consolidation
-
-This directory contains the configuration for consolidating all PostgreSQL databases into a single PostgreSQL 18 instance with schema isolation.
-
-## Architecture
-
-### Before (Multiple Containers)
-```
-┌─────────────────┐    ┌─────────────────┐    ┌─────────────────┐
-│ Synapse DB      │    │ Paperless DB    │    │ Immich DB       │
-│ PostgreSQL 17    │    │ PostgreSQL 17    │    │ PostgreSQL 14    │
-└─────────────────┘    └─────────────────┘    └─────────────────┘
-      Port 5442          Port 5434          Port 5433
-```
-
-### After (Single Container)
-```
-┌─────────────────────────────────────────────────────┐
-│ PostgreSQL 18 (container name: postgres)          │
-│                                                     │
-│  ┌─────────────────┐  ┌─────────────────┐          │
-│  │ synapse        │  │ paperless       │          │
-│  │ database       │  │ database       │          │
-│  └─────────────────┘  └─────────────────┘          │
-│                                                     │
-│  ┌─────────────────┐  ┌─────────────────┐          │
-│  │ immich          │  │ shlink          │          │
-│  │ database       │  │ database       │          │
-│  └─────────────────┘  └─────────────────┘          │
-│                                                     │
-│  Extensions: vector, pg_vectorscale                │
-└─────────────────────────────────────────────────────┘
-                     Port 5432
-```
-
-## Setup Instructions
-
-### 1. Setup Environment
-```bash
-cd central-database
-cp .env.template .env
-# Edit .env with your actual passwords (do not commit this file)
-```
-
-### 2. Build and Start PostgreSQL Container
-```bash
-docker-compose up -d --build postgres
-```
-
-### 3. Verify Database is Running
-```bash
-docker-compose logs -f postgres
-docker-compose exec postgres psql -U admin -c "\l"
-```
-
-### 4. Migrate Services
-Use the generic migration script for each service:
-
-```bash
-# Set environment variables (or use .env file)
-export SYNAPSE_POSTGRES_PASSWORD="your_actual_password"
-
-# Example: Migrate Synapse
-./migrate_service.sh synapse localhost 5442 synapse synapse_password synapse
-
-# Example: Migrate Paperless
-./migrate_service.sh paperless localhost 5434 paperless paperless_password paperless
-```
-
-### 5. Update Service Configurations
-After migration, update each service's docker-compose.yml to point to the central postgres container:
-
-```yaml
-# Example for Synapse
-environment:
-  POSTGRES_HOST: postgres
-  POSTGRES_PORT: 5432
-  POSTGRES_DB: synapse
-  POSTGRES_USER: synapse_user
-  POSTGRES_PASSWORD: ${SYNAPSE_POSTGRES_PASSWORD}
-```
-
-## Migration Order Recommendation
-1. **Non-critical services first**: shlink, spliit
-2. **Document management**: paperless
-3. **Media services**: immich, audiomuse
-4. **Matrix ecosystem**: mas, signal, whatsapp, synapse
-
-## Backup Strategy
-
-### Full Backup (all databases)
-```bash
-docker-compose exec postgres pg_dumpall -U admin > full_backup_$(date +%Y%m%d).sql
-```
-
-### Individual Database Backup
-```bash
-# Backup specific database
-docker-compose exec postgres pg_dump -U synapse_user -d synapse > synapse_backup_$(date +%Y%m%d).sql
-
-# Backup all databases individually
-for db in synapse mas signal whatsapp paperless immich shlink spliit audiomuse; do
-  docker-compose exec postgres pg_dump -U ${db}_user -d $db > ${db}_backup_$(date +%Y%m%d).sql
-done
-```
-
-### Automated Backup (add to cron)
-```bash
-#!/bin/bash
-# Daily backup script
-BACKUP_DIR="/backups/postgres"
-mkdir -p $BACKUP_DIR
-
-# Full backup
-docker-compose -f /path/to/central-database/docker-compose.yml exec postgres pg_dumpall -U admin | gzip > $BACKUP_DIR/full_backup_$(date +%Y%m%d_%H%M%S).sql.gz
-
-# Individual database backups
-for db in synapse mas signal whatsapp paperless immich shlink spliit audiomuse; do
-  docker-compose -f /path/to/central-database/docker-compose.yml exec postgres pg_dump -U ${db}_user -d $db | gzip > $BACKUP_DIR/${db}_backup_$(date +%Y%m%d_%H%M%S).sql.gz
-done
-
-# Keep last 7 days
-find $BACKUP_DIR -name "*.sql.gz" -mtime +7 -delete
-```
-
-## Troubleshooting
-
-### Connection Issues
-- Verify central database is running: `docker-compose ps`
-- Check logs: `docker-compose logs central_postgres`
-- Test connection: `psql -h localhost -p 5432 -U admin -d central_db`
-
-### Permission Issues
-- Ensure service users have correct permissions on their schemas
-- Check schema ownership: `\dn+` in psql
-
-### Extension Issues
-- Verify extensions are loaded: `\dx` in psql
-- Check PostgreSQL logs for extension errors
-
-## Security Notes
-- Use strong passwords for all service users
-- Rotate passwords after migration
-- Consider using PostgreSQL role attributes for additional security
-- Enable SSL for production environments

central-database/docker-compose.yml

@@ -1,23 +0,0 @@
-services:
-  postgres:
-    build: .
-    container_name: postgres
-    restart: always
-    volumes:
-      - postgres_data:/var/lib/postgresql/data
-    environment:
-      POSTGRES_USER: admin
-      POSTGRES_PASSWORD: ${POSTGRES_ADMIN_PASSWORD}
-    ports:
-      - "5432:5432"
-    networks:
-      - default
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U admin"]
-      interval: 5s
-      timeout: 5s
-      retries: 5
-
-volumes:
-  postgres_data:
-    driver: local

central-database/init-postgres.sh

@@ -1,39 +0,0 @@
-#!/bin/bash
-set -e
-
-echo "Waiting for PostgreSQL to start..."
-until pg_isready -U admin -h localhost; do
-  sleep 2
-done
-
-echo "PostgreSQL is ready. Creating databases and users..."
-
-# Create databases
-for db in matrix_synapse matrix_mas matrix_signal matrix_whatsapp paperless immich shlink spliit audiomuse; do
-  echo "Creating database: $db"
-  createdb -U admin "$db"
-done
-
-# Create users and set permissions
-for db in matrix_synapse matrix_mas matrix_signal matrix_whatsapp paperless immich shlink spliit audiomuse; do
-  user="${db}_user"
-  password_var="${user^^}_PASSWORD"
-  password=${!password_var}
-  
-  if [ -z "$password" ]; then
-    echo "Warning: Password for $user not set. Using default."
-    password="default_password"
-  fi
-  
-  echo "Creating user: $user"
-  psql -U admin -c "CREATE USER $user WITH PASSWORD '$password';"
-  psql -U admin -c "GRANT ALL PRIVILEGES ON DATABASE $db TO $user;"
-  psql -U admin -c "ALTER DATABASE $db OWNER TO $user;"
-done
-
-# Enable extensions in immich database
-echo "Enabling extensions in immich database..."
-psql -U admin -d immich -c "CREATE EXTENSION IF NOT EXISTS vector;"
-psql -U admin -d immich -c "CREATE EXTENSION IF NOT EXISTS pg_vectorscale;"
-
-echo "PostgreSQL initialization complete!"

central-database/migrate_service.sh

@@ -1,106 +0,0 @@
-#!/bin/bash
-
-# Generic PostgreSQL service migration script
-# Usage: ./migrate_service.sh <service_name> <old_host> <old_port> <old_user> <old_password> <old_db>
-
-set -e
-
-if [ "$#" -ne 6 ]; then
-    echo "Usage: $0 <service_name> <old_host> <old_port> <old_user> <old_password> <old_db>"
-    exit 1
-fi
-
-SERVICE_NAME=$1
-OLD_HOST=$2
-OLD_PORT=$3
-OLD_USER=$4
-OLD_PASSWORD=$5
-OLD_DB=$6
-
-# Map service names to database names and users
-case $SERVICE_NAME in
-    synapse)
-        NEW_DB="synapse"
-        NEW_USER="synapse_user"
-        NEW_PASSWORD="${SYNAPSE_POSTGRES_PASSWORD}"
-        ;;
-    mas)
-        NEW_DB="mas"
-        NEW_USER="mas_user"
-        NEW_PASSWORD="${MAS_POSTGRES_PASSWORD}"
-        ;;
-    signal)
-        NEW_DB="signal"
-        NEW_USER="signal_user"
-        NEW_PASSWORD="${MAUTRIX_SIGNAL_POSTGRES_PASSWORD}"
-        ;;
-    whatsapp)
-        NEW_DB="whatsapp"
-        NEW_USER="whatsapp_user"
-        NEW_PASSWORD="${MAUTRIX_WHATSAPP_POSTGRES_PASSWORD}"
-        ;;
-    paperless)
-        NEW_DB="paperless"
-        NEW_USER="paperless_user"
-        NEW_PASSWORD="${PAPERLESS_POSTGRES_PASSWORD}"
-        ;;
-    immich)
-        NEW_DB="immich"
-        NEW_USER="immich_user"
-        NEW_PASSWORD="${IMMICH_POSTGRES_PASSWORD}"
-        ;;
-    shlink)
-        NEW_DB="shlink"
-        NEW_USER="shlink_user"
-        NEW_PASSWORD="${SHLINK_POSTGRES_PASSWORD}"
-        ;;
-    spliit)
-        NEW_DB="spliit"
-        NEW_USER="spliit_user"
-        NEW_PASSWORD="${SPLIIT_POSTGRES_PASSWORD}"
-        ;;
-    audiomuse)
-        NEW_DB="audiomuse"
-        NEW_USER="audiomuse_user"
-        NEW_PASSWORD="${AUDIOMUSE_POSTGRES_PASSWORD}"
-        ;;
-    *)
-        echo "Unknown service: $SERVICE_NAME"
-        exit 1
-        ;;
-esac
-
-echo "Starting migration for $SERVICE_NAME to database $NEW_DB..."
-
-# Export from old database
-echo "Exporting data from $OLD_DB..."
-PGPASSWORD="$OLD_PASSWORD" pg_dump \
-    -h "$OLD_HOST" \
-    -p "$OLD_PORT" \
-    -U "$OLD_USER" \
-    -d "$OLD_DB" \
-    -F custom \
-    -f "/tmp/${SERVICE_NAME}_dump.custom"
-
-# Import to new database
-echo "Importing data to $NEW_DB database..."
-PGPASSWORD="$NEW_PASSWORD" pg_restore \
-    -h localhost \
-    -p 5432 \
-    -U "$NEW_USER" \
-    -d "$NEW_DB" \
-    --clean \
-    --if-exists \
-    "/tmp/${SERVICE_NAME}_dump.custom"
-
-echo "Migration completed for $SERVICE_NAME!"
-
-# Clean up
-rm -f "/tmp/${SERVICE_NAME}_dump.custom"
-
-echo "You can now update your $SERVICE_NAME service configuration to use:"
-echo "  Host: localhost"
-echo "  Port: 5432"
-echo "  Database: $NEW_DB"
-echo "  User: $NEW_USER"
-echo "  Password: ***"

docker-compose.yml

@@ -1,10 +1,9 @@
 include:
   - audiobookshelf/docker-compose.yml
-  - audiomuse/docker-compose.yml
   - gitea/docker-compose.yml
+  - homarr/docker-compose.yml
   - immich/docker-compose.yml
   - jellyfin/docker-compose.yml
-  - monitoring/docker-compose.yml
   - nextcloud/docker-compose.yml
   - paperless/docker-compose.yml
   - pihole/docker-compose.yml
@@ -13,5 +12,5 @@ include:
   - spliit/docker-compose.yml
   - shlink/docker-compose.yml
   - synapse/docker-compose.yml
-#  - updater/docker-compose.yml
+  - updater/docker-compose.yml
   - vaultwarden/docker-compose.yml

gitea/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
   gitea:
     container_name: gitea
-    image: gitea/gitea:1.25.2-rootless
+    image: gitea/gitea:1.23.8-rootless
     restart: always
     volumes:
       - ${GITEA_DATA_LOCATION}:/var/lib/gitea
@@ -14,8 +14,7 @@ services:
       - "3000:3000"
       - "2222:2222"
   gitea-runner:
-    image: gitea/act_runner:0.3.1
+    image: gitea/act_runner:0.2.11
-    restart: always
     environment:
       CONFIG_FILE: /config.yaml
       GITEA_INSTANCE_URL: "${GITEA_INSTANCE_URL}"

homarr/.env.example

@@ -0,0 +1,9 @@
+HOMARR_DATA_DIR=
+HOMARR_ENCRYPTION_KEY=
+
+HOMARR_OIDC_ISSUER=
+HOMARR_OIDC_CLIENT_ID=
+HOMARR_OIDC_CLIENT_SECRET=
+HOMARR_OIDC_CLIENT_NAME=
+
+HOMARR_DOMAIN=

homarr/docker-compose.yml

@@ -0,0 +1,21 @@
+services:
+  homarr:
+    container_name: homarr
+    image: ghcr.io/homarr-labs/homarr:v1.22.0
+    restart: unless-stopped
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ${HOMARR_DATA_DIR}:/appdata
+    environment:
+      - SECRET_ENCRYPTION_KEY=${HOMARR_ENCRYPTION_KEY}
+      - NODE_TLS_REJECT_UNAUTHORIZED=0
+#      - AUTH_PROVIDERS=oidc
+#      - AUTH_OIDC_ISSUER=${HOMARR_OIDC_ISSUER}
+#      - AUTH_OIDC_CLIENT_ID=${HOMARR_OIDC_CLIENT_ID}
+#      - AUTH_OIDC_CLIENT_SECRET=${HOMARR_OIDC_CLIENT_SECRET}
+#      - AUTH_OIDC_CLIENT_NAME=${HOMARR_OIDC_CLIENT_NAME}
+#      - AUTH_OIDC_AUTO_LOGIN=true
+      - NEXTAUTH_URL=${HOMARR_DOMAIN}
+      - BASE_URL=${HOMARR_DOMAIN}
+    ports:
+      - '7575:7575'

immich/.env.example

@@ -1,15 +1,8 @@
 UPLOAD_LOCATION=
-IMMICH_VERSION=
 IMMICH_DB_LOCATION=
 
-IMMICH_DB_HOSTNAME=
+DB_USERNAME=
-IMMICH_POSTGRES_DB=
+DB_PASSWORD=
-IMMICH_POSTGRES_USER=
+DB_DATABASE_NAME=
-IMMICH_POSTGRES_PASSWORD=
 
 REDIS_HOSTNAME=
-
-IMMICH_EXTERNAL_MEDIA_LOCATION=
-
-# Default timezone for images without a timezone set
-TZ=

immich/docker-compose.yml

@@ -1,40 +1,44 @@
 services:
   immich-server:
     container_name: immich_server
-    image: ghcr.io/immich-app/immich-server:v2.6.3
+    image: ghcr.io/immich-app/immich-server:v1.133.0
     # extends:
     #   file: hwaccel.transcoding.yml
     #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
     volumes:
-      - ${UPLOAD_LOCATION}:/data
+      # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
-      - ${IMMICH_EXTERNAL_MEDIA_LOCATION}:/external:ro
+      - ${UPLOAD_LOCATION}:/usr/src/app/upload
       - /etc/localtime:/etc/localtime:ro
     env_file:
       - .env
-    environment:
-      DB_HOSTNAME: ${IMMICH_DB_HOSTNAME}
-      DB_USERNAME: ${IMMICH_POSTGRES_USER}
-      DB_PASSWORD: ${IMMICH_POSTGRES_PASSWORD}
-      DB_DATABASE_NAME: ${IMMICH_POSTGRES_DB}
     ports:
       - '2283:2283'
     depends_on:
       - redis
       - database
     restart: always
+    healthcheck:
+      disable: false
 
   immich-machine-learning:
     container_name: immich_machine_learning
-    image: ghcr.io/immich-app/immich-machine-learning:v2.6.3
+    # For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag.
+    # Example tag: ${IMMICH_VERSION:-release}-cuda
+    image: ghcr.io/immich-app/immich-machine-learning:v1.131.2
+    # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
+    #   file: hwaccel.ml.yml
+    #   service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
     volumes:
       - model-cache:/cache
     env_file:
       - .env
     restart: always
+    healthcheck:
+      disable: false
 
   redis:
     container_name: immich_redis
-    image: docker.io/valkey/valkey:9@sha256:fb8d272e529ea567b9bf1302245796f21a2672b8368ca3fcb938ac334e613c8f
+    image: docker.io/redis:7.4-alpine@sha256:1bf97f21f01b0e7bd4b7b34a26d3b9d8086e41e70c10f262e8a9e0b49b5116a0
     healthcheck:
       test: redis-cli ping || exit 1
     restart: always
@@ -43,17 +47,14 @@ services:
     container_name: immich_postgres
     image: ghcr.io/immich-app/postgres:14-vectorchord0.3.0-pgvectors0.2.0
     environment:
-      POSTGRES_USER: ${IMMICH_POSTGRES_USER}
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
-      POSTGRES_PASSWORD: ${IMMICH_POSTGRES_PASSWORD}
+      POSTGRES_USER: ${DB_USERNAME}
-      POSTGRES_DB: ${IMMICH_POSTGRES_DB}
+      POSTGRES_DB: ${DB_DATABASE_NAME}
       POSTGRES_INITDB_ARGS: '--data-checksums'
       DB_STORAGE_TYPE: 'HDD'
-    ports:
-      - 5433:5432
     volumes:
       # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
       - ${IMMICH_DB_LOCATION}:/var/lib/postgresql/data
-    shm_size: 128mb
     restart: always
 
 volumes:

jellyfin/docker-compose.yml

@@ -1,9 +1,9 @@
 services:
   jellyfin:
-    image: jellyfin/jellyfin:10.11.8
+    image: jellyfin/jellyfin:10.10.7
     user: ${JELLYFIN_USER_UID}:${JELLYFIN_USER_GID}
     network_mode: 'host'
-    restart: always
+    restart: 'unless-stopped'
     env_file:
       - .env
     environment:

monitoring/.env.example

@@ -1,27 +0,0 @@
-GRAFANA_ADMIN_USER=
-GRAFANA_ADMIN_PASSWORD=
-GRAFANA_DOMAIN=
-GRAFANA_ROOT_URL=
-GRAFANA_DISABLE_LOGIN_FORM=false
-
-GRAFANA_SMTP_ENABLED=true
-GRAFANA_SMTP_HOST=
-GRAFANA_SMTP_USER=
-GRAFANA_SMTP_PASSWORD=
-GRAFANA_SMTP_FROM=
-
-GRAFANA_DATA_DIR=
-
-PROMETHEUS_CONFIG_PATH=
-PROMETHEUS_DATA_DIR=
-
-BLACKBOX_CONFIG_PATH=
-
-LOKI_CONFIG_PATH=
-LOKI_DATA_DIR=
-
-ALLOY_CONFIG_PATH=
-
-GMF_MATRIX_HOMESERVER=
-GMF_MATRIX_USER=
-GMF_MATRIX_TOKEN=

monitoring/docker-compose.yml

@@ -1,115 +0,0 @@
-services:
-  # Prometheus - Metrics Collection
-  prometheus:
-    image: prom/prometheus:v3.10.0
-    restart: unless-stopped
-    ports:
-      - "9091:9090"
-    volumes:
-      - ${PROMETHEUS_CONFIG_PATH}:/etc/prometheus/prometheus.yml:ro
-      - ${PROMETHEUS_DATA_DIR}:/prometheus
-    command:
-      - '--config.file=/etc/prometheus/prometheus.yml'
-      - '--storage.tsdb.path=/prometheus'
-      - '--web.console.libraries=/etc/prometheus/console_libraries'
-      - '--web.console.templates=/etc/prometheus/consoles'
-      - '--storage.tsdb.retention.time=200h'
-      - '--web.enable-lifecycle'
-      - '--web.enable-admin-api'
-
-  # Grafana - Visualization Dashboard
-  grafana:
-    image: grafana/grafana:12.4.2
-    restart: unless-stopped
-    ports:
-      - "3002:3000"
-    volumes:
-      - ${GRAFANA_DATA_DIR}:/var/lib/grafana
-    environment:
-      - GF_SECURITY_ADMIN_USER=${GRAFANA_ADMIN_USER}
-      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASSWORD}
-      - GF_USERS_ALLOW_SIGN_UP=false
-      - GF_SERVER_DOMAIN=${GRAFANA_DOMAIN}
-      - GF_SERVER_ROOT_URL=${GRAFANA_ROOT_URL}
-      - GF_AUTH_DISABLE_LOGIN_FORM=${GRAFANA_DISABLE_LOGIN_FORM}
-      - GF_SMTP_ENABLED=${GRAFANA_SMTP_ENABLED}
-      - GF_SMTP_HOST=${GRAFANA_SMTP_HOST}
-      - GF_SMTP_USER=${GRAFANA_SMTP_USER}
-      - GF_SMTP_PASSWORD=${GRAFANA_SMTP_PASSWORD}
-      - GF_SMTP_FROM_ADDRESS=${GRAFANA_SMTP_FROM}
-    depends_on:
-      - prometheus
-
-  loki:
-    image: grafana/loki:3.7.1
-    restart: unless-stopped
-    ports:
-      - "3100:3100"
-    volumes:
-      - ${LOKI_CONFIG_PATH}:/etc/loki/local-config.yaml
-      - ${LOKI_DATA_DIR}:/loki
-    command:
-      - '-config.file=/etc/loki/local-config.yaml'
-      - '-target=all'
-
-  alloy:
-    image: grafana/alloy:v1.15.0
-    restart: unless-stopped
-    ports:
-      - "12345:12345"
-    volumes:
-      - ${ALLOY_CONFIG_PATH}:/etc/alloy/config.alloy:ro
-      - /var/log:/var/log:ro
-
-  # Node Exporter - Host System Metrics
-  node_exporter:
-    image: prom/node-exporter:v1.10.2
-    restart: unless-stopped
-    ports:
-      - "9100:9100"
-    volumes:
-      - /proc:/host/proc:ro
-      - /sys:/host/sys:ro
-      - /:/rootfs:ro
-    command:
-      - '--path.procfs=/host/proc'
-      - '--path.rootfs=/rootfs'
-      - '--path.sysfs=/host/sys'
-      - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)'
-
-  # cAdvisor - Container Metrics
-  cadvisor:
-    image: gcr.io/cadvisor/cadvisor:v0.55.1
-    restart: unless-stopped
-    privileged: true
-    ports:
-      - "8081:8080"
-    volumes:
-      - /:/rootfs:ro
-      - /var/run:/var/run:ro
-      - /sys:/sys:ro
-      - /var/lib/docker/:/var/lib/docker:ro
-    devices:
-      - /dev/kmsg
-    command:
-      - '--housekeeping_interval=30s'
-      - '--max_housekeeping_interval=35s'
-      - '--event_storage_event_limit=default=0'
-      - '--event_storage_age_limit=default=0'
-      - '--disable_metrics=disk,diskIO,tcp,udp,percpu,sched,process,hugetlb,referenced_memory'
-      - '--docker_only=true'
-
-  # Blackbox Exporter - Endpoint Monitoring
-  blackbox_exporter:
-    image: prom/blackbox-exporter:v0.28.0
-    restart: unless-stopped
-    ports:
-      - "9115:9115"
-    volumes:
-      - ${BLACKBOX_CONFIG_PATH}:/etc/blackbox_exporter/config.yml
-
-  grafana-matrix-forwarder:
-    build: ./grafana-matrix-forwarder
-    restart: unless-stopped
-    env_file:
-      - .env

monitoring/grafana-matrix-forwarder/Dockerfile

@@ -1,9 +0,0 @@
-FROM alpine
-
-# Create main app folder to run from
-WORKDIR /app
-
-# Copy compiled binary to release image
-COPY grafana-matrix-forwarder /app/grafana-matrix-forwarder
-
-ENTRYPOINT ["/app/grafana-matrix-forwarder"]

nextcloud/.env.example

@@ -1,2 +1,12 @@
-NEXTCLOUD_AIO_DIR=
+NEXTCLOUD_DOMAIN=
+
 NEXTCLOUD_DATA_DIR=
+
+NEXTCLOUD_POSTGRES_DATA_DIR=
+NEXTCLOUD_POSTGRES_DB=
+NEXTCLOUD_POSTGRES_USER=
+NEXTCLOUD_POSTGRES_PASSWORD=
+
+COLLABORA_DOMAIN=
+COLLABORA_USER=
+COLLABORA_PASSWORD=

nextcloud/docker-compose.yml

@@ -1,40 +1,48 @@
 services:
-  nextcloud-aio-mastercontainer:
+  nextcloud_db:
-    image: ghcr.io/nextcloud-releases/all-in-one:latest # This is the container image used. You can switch to ghcr.io/nextcloud-releases/all-in-one:beta if you want to help testing new releases. See https://github.com/nextcloud/all-in-one#how-to-switch-the-channel
+    image: docker.io/library/postgres:17
-    init: true # This setting makes sure that signals from main process inside the container are correctly forwarded to children. See https://docs.docker.com/reference/compose-file/services/#init
+    restart: unless-stopped
-    restart: always # This makes sure that the container starts always together with the host OS. See https://docs.docker.com/reference/compose-file/services/#restart
-    container_name: nextcloud-aio-mastercontainer # This line is not allowed to be changed as otherwise AIO will not work correctly
     volumes:
-      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config # This line is not allowed to be changed as otherwise the built-in backup solution will not work
+      - ${NEXTCLOUD_POSTGRES_DATA_DIR}:/var/lib/postgresql/data
-      - /var/run/docker.sock:/var/run/docker.sock:ro # May be changed on macOS, Windows or docker rootless. See the applicable documentation. If adjusting, don't forget to also set 'WATCHTOWER_DOCKER_SOCKET_PATH'!
+    environment:
-    network_mode: bridge
+      POSTGRES_DB: ${NEXTCLOUD_POSTGRES_DB}
+      POSTGRES_USER: ${NEXTCLOUD_POSTGRES_USER}
+      POSTGRES_PASSWORD: ${NEXTCLOUD_POSTGRES_PASSWORD}
+    networks:
+      - nextcloud
+  nextcloud:
+    image: nextcloud:31.0.2
+    restart: always
     ports:
-      - 8014:8080 # This is the AIO interface, served via https and self-signed certificate. See https://github.com/nextcloud/all-in-one#explanation-of-used-ports
+      - 8081:80
-    environment: # Is needed when using any of the options below
+    links:
-      # AIO_DISABLE_BACKUP_SECTION: false # Setting this to true allows to hide the backup section in the AIO interface. See https://github.com/nextcloud/all-in-one#how-to-disable-the-backup-section
+      - db
-      APACHE_PORT: 11000 # Is needed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
+    volumes:
-      # APACHE_IP_BINDING: 127.0.0.1 # Should be set when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) that is running on the same host. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
+      - ${NEXTCLOUD_DATA_DIR}:/var/www/html
-      # APACHE_ADDITIONAL_NETWORK: frontend_net # (Optional) Connect the apache container to an additional docker network. Needed when behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) running in a different docker network on same server. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
+    environment:
-      # BORG_RETENTION_POLICY: --keep-within=7d --keep-weekly=4 --keep-monthly=6 # Allows to adjust borgs retention policy. See https://github.com/nextcloud/all-in-one#how-to-adjust-borgs-retention-policy
+      - POSTGRES_HOST=nextcloud_db
-      # COLLABORA_SECCOMP_DISABLED: false # Setting this to true allows to disable Collabora's Seccomp feature. See https://github.com/nextcloud/all-in-one#how-to-disable-collaboras-seccomp-feature
+      - POSTGRES_DB=${NEXTCLOUD_POSTGRES_DB}
-      # DOCKER_API_VERSION: 1.44 # You can adjust the internally used docker api version with this variable. ⚠️⚠️⚠️ Warning: please note that only the default api version (unset this variable) is supported and tested by the maintainers of Nextcloud AIO. So use this on your own risk and things might break without warning. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-internally-used-docker-api-version
+      - POSTGRES_USER=${NEXTCLOUD_POSTGRES_USER}
-      # FULLTEXTSEARCH_JAVA_OPTIONS: "-Xms1024M -Xmx1024M" # Allows to adjust the fulltextsearch java options. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-fulltextsearch-java-options
+      - POSTGRES_PASSWORD=${NEXTCLOUD_POSTGRES_PASSWORD}
-      NEXTCLOUD_DATADIR: ${NEXTCLOUD_DATA_DIR} # Allows to set the host directory for Nextcloud's datadir. ⚠️⚠️⚠️ Warning: do not set or adjust this value after the initial Nextcloud installation is done! See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir
+      - REDIS_HOST=nextcloud-redis
-      # NEXTCLOUD_MOUNT: /mnt/ # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host
+      - REDIS_PORT=6379
-      # NEXTCLOUD_UPLOAD_LIMIT: 16G # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-upload-limit-for-nextcloud
+      - NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_DOMAIN}
-      # NEXTCLOUD_MAX_TIME: 3600 # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-max-execution-time-for-nextcloud
+    networks:
-      # NEXTCLOUD_MEMORY_LIMIT: 512M # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-php-memory-limit-for-nextcloud
+      - nextcloud
-      # NEXTCLOUD_TRUSTED_CACERTS_DIR: /path/to/my/cacerts # CA certificates in this directory will be trusted by the OS of the nextcloud container (Useful e.g. for LDAPS) See https://github.com/nextcloud/all-in-one#how-to-trust-user-defined-certification-authorities-ca
+  cron:
-      # NEXTCLOUD_STARTUP_APPS: deck twofactor_totp tasks calendar contacts notes # Allows to modify the Nextcloud apps that are installed on starting AIO the first time. See https://github.com/nextcloud/all-in-one#how-to-change-the-nextcloud-apps-that-are-installed-on-the-first-startup
+    image: nextcloud:31.0.2
-      # NEXTCLOUD_ADDITIONAL_APKS: imagemagick # This allows to add additional packages to the Nextcloud container permanently. Default is imagemagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-os-packages-permanently-to-the-nextcloud-container
+    container_name: nextcloud-cron
-      # NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS: imagick # This allows to add additional php extensions to the Nextcloud container permanently. Default is imagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-php-extensions-permanently-to-the-nextcloud-container
+    volumes:
-      # NEXTCLOUD_ENABLE_DRI_DEVICE: true # This allows to enable the /dev/dri device for containers that profit from it. ⚠️⚠️⚠️ Warning: this only works if the '/dev/dri' device is present on the host! If it should not exist on your host, don't set this to true as otherwise the Nextcloud container will fail to start! See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud
+      - ${NEXTCLOUD_DATA_DIR}:/var/www/html
-      # NEXTCLOUD_ENABLE_NVIDIA_GPU: true # This allows to enable the NVIDIA runtime and GPU access for containers that profit from it. ⚠️⚠️⚠️ Warning: this only works if an NVIDIA gpu is installed on the server. See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud.
+    entrypoint: /cron.sh
-      # NEXTCLOUD_KEEP_DISABLED_APPS: false # Setting this to true will keep Nextcloud apps that are disabled in the AIO interface and not uninstall them if they should be installed. See https://github.com/nextcloud/all-in-one#how-to-keep-disabled-apps
+    restart: unless-stopped
-      # SKIP_DOMAIN_VALIDATION: false # This should only be set to true if things are correctly configured. See https://github.com/nextcloud/all-in-one#how-to-skip-the-domain-validation
+    networks:
-      # TALK_PORT: 3478 # This allows to adjust the port that the talk container is using which is exposed on the host. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-talk-port
+      - nextcloud
+  nextcloud-redis:
+    image: redis:7
+    restart: always
+    networks:
+      - nextcloud
 
-
+networks:
-volumes: # If you want to store the data on a different drive, see https://github.com/nextcloud/all-in-one#how-to-store-the-filesinstallation-on-a-separate-drive
+  nextcloud:
-  nextcloud_aio_mastercontainer:
-    name: nextcloud_aio_mastercontainer # This line is not allowed to be changed as otherwise the built-in backup solution will not work

paperless/.env.example

@@ -9,9 +9,9 @@ PAPERLESS_SECRET_KEY=
 
 PAPERLESS_URL=
 
-PAPERLESS_POSTGRES_DB=
+POSTGRES_DB=
-PAPERLESS_POSTGRES_USER=
+POSTGRES_USER=
-PAPERLESS_POSTGRES_PASSWORD=
+POSTGRES_PASSWORD=
 
 #optional
 PAPERLESS_TIME_ZONE=

paperless/docker-compose.yml

@@ -1,25 +1,23 @@
 services:
   broker:
     image: docker.io/library/redis:7
-    restart: always
+    restart: unless-stopped
     volumes:
       - ${PAPERLESS_REDIS_DATA_DIR}:/data
 
   db:
     image: docker.io/library/postgres:17
-    restart: always
+    restart: unless-stopped
     volumes:
       - ${PAPERLESS_POSTGRES_DATA_DIR}:/var/lib/postgresql/data
     environment:
-      POSTGRES_DB: ${PAPERLESS_POSTGRES_DB}
+      POSTGRES_DB: ${POSTGRES_DB}
-      POSTGRES_USER: ${PAPERLESS_POSTGRES_USER}
+      POSTGRES_USER: ${POSTGRES_USER}
-      POSTGRES_PASSWORD: ${PAPERLESS_POSTGRES_PASSWORD}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
-    ports:
-      - 5434:5432
 
   paperless:
-    image: ghcr.io/paperless-ngx/paperless-ngx:2.20.13
+    image: ghcr.io/paperless-ngx/paperless-ngx:2.16.1
-    restart: always
+    restart: unless-stopped
     depends_on:
       - db
       - broker
@@ -36,9 +34,9 @@ services:
     environment:
       PAPERLESS_REDIS: redis://broker:6379
       PAPERLESS_DBHOST: db
-      PAPERLESS_DBNAME: ${PAPERLESS_POSTGRES_DB}
+      PAPERLESS_DBNAME: ${POSTGRES_DB}
-      PAPERLESS_DBUSER: ${PAPERLESS_POSTGRES_USER}
+      PAPERLESS_DBUSER: ${POSTGRES_USER}
-      PAPERLESS_DBPASS: ${PAPERLESS_POSTGRES_PASSWORD}
+      PAPERLESS_DBPASS: ${POSTGRES_PASSWORD}
       PAPERLESS_TIKA_ENABLED: 1
       PAPERLESS_TIKA_GOTENBERG_ENDPOINT: http://gotenberg:3000
       PAPERLESS_TIKA_ENDPOINT: http://tika:9998
@@ -49,8 +47,8 @@ services:
       PAPERLESS_REDIRECT_LOGIN_TO_SSO: true
 
   gotenberg:
-    image: docker.io/gotenberg/gotenberg:8.29.1
+    image: docker.io/gotenberg/gotenberg:8.20.1
-    restart: always
+    restart: unless-stopped
 
     # The gotenberg chromium route is used to convert .eml files. We do not
     # want to allow external content like tracking pixels or even javascript.
@@ -60,5 +58,5 @@ services:
       - "--chromium-allow-list=file:///tmp/.*"
 
   tika:
-    image: docker.io/apache/tika:3.3.0.0
+    image: docker.io/apache/tika:3.1.0.0
-    restart: always
+    restart: unless-stopped

pihole/docker-compose.yml

@@ -2,7 +2,7 @@
 services:
   pihole:
     container_name: pihole
-    image: pihole/pihole:2026.04.0
+    image: pihole/pihole:latest
     ports:
       # DNS Ports
       - "53:53/tcp"
@@ -34,4 +34,4 @@ services:
 #      - SYS_TIME
       # Optional, if Pi-hole should get some more processing time
       - SYS_NICE
-    restart: always
+    restart: unless-stopped

pingvin/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
   pingvin:
-    image: stonith404/pingvin-share:v1.13.0
+    image: stonith404/pingvin-share:v1.12.0
-    restart: always
+    restart: unless-stopped
     ports:
       - 3042:3000
     environment:

pocketid/.env.example

@@ -1,7 +1,5 @@
-APP_URL=
+PUBLIC_APP_URL=
 TRUST_PROXY=
 MAXMIND_LICENSE_KEY=
 PUID=
 PGID=
-ENCRYPTION_KEY=
-POCKETID_DATA_DIR=

pocketid/docker-compose.yml

@@ -1,15 +1,16 @@
 services:
   pocket-id:
-    image: ghcr.io/pocket-id/pocket-id:v2.5.0
+    image: ghcr.io/pocket-id/pocket-id:v0.52.0
-    restart: always
+    restart: unless-stopped
     env_file: .env
     ports:
-      - "3043:1411"
+      - 3043:80
     volumes:
-      - ${POCKETID_DATA_DIR}:/app/data
+      #TODO change this to a more appropriate location
+      - "./data:/app/backend/data"
     # Optional healthcheck
     healthcheck:
-      test: "curl -f http://localhost:1411/healthz"
+      test: "curl -f http://localhost/health"
       interval: 1m30s
       timeout: 5s
       retries: 2

renovate.json

@@ -21,11 +21,8 @@
       "groupName": "Matrix",
       "matchPackageNames": [
         "matrixdotorg/synapse",
-        "ghcr.io/element-hq/matrix-authentication-service",
         "dock.mau.dev/mautrix/whatsapp",
-        "dock.mau.dev/mautrix/signal",
+        "dock.mau.dev/mautrix/signal"
-        "ghcr.io/element-hq/lk-jwt-service",
-        "livekit/livekit-server"
       ]
     }
   ]

shlink/docker-compose.yml

@@ -1,8 +1,8 @@
 services:
   shlink:
-    image: shlinkio/shlink:5.0
+    image: shlinkio/shlink:4.4
     container_name: shlink
-    restart: always
+    restart: unless-stopped
     ports:
       - "8085:8080"
     environment:
@@ -20,12 +20,10 @@ services:
   shlink_db:
     image: postgres:17
     container_name: shlink_db
-    restart: always
+    restart: unless-stopped
     volumes:
       - ${SHLINK_POSTGRES_DIR}:/var/lib/postgresql/data
     environment:
       POSTGRES_DB: ${SHLINK_POSTGRES_DB}
       POSTGRES_USER: ${SHLINK_POSTGRES_USER}
       POSTGRES_PASSWORD: ${SHLINK_POSTGRES_PASSWORD}
-    ports:
-      - 5436:5432

spliit/docker-compose.yml

@@ -1,8 +1,6 @@
 services:
   spliit:
-    #image: ghcr.io/spliit-app/spliit:1.19.1
     image: petersmit27/spliit:latest
-    restart: always
     ports:
       - 3001:3000
     depends_on:
@@ -17,11 +15,8 @@ services:
       POSTGRES_PASSWORD: ${SPLIIT_POSTGRES_PASSWORD}
   spliit_db:
     image: postgres:17
-    restart: always
     volumes:
       - ${SPLIIT_POSTGRES_DIR}:/var/lib/postgresql/data
-    ports:
-      - 5437:5432
     environment:
       TZ: ${TZ}
       POSTGRES_DB: ${SPLIIT_POSTGRES_DB}

synapse/.env.example

@@ -1,9 +1,9 @@
 SYNAPSE_POSTGRES_DATA_DIR=
 SYNAPSE_CONFIG_DIR=
 
-SYNAPSE_POSTGRES_DB=
+POSTGRES_DB=
-SYNAPSE_POSTGRES_USER=
+POSTGRES_USER=
-SYNAPSE_POSTGRES_PASSWORD=
+POSTGRES_PASSWORD=
 
 MAS_CONFIG_DIR=
 

synapse/docker-compose.yml

@@ -1,68 +1,64 @@
 services:
   element-call-auth-service:
-    image: ghcr.io/element-hq/lk-jwt-service:0.4.2
+    image: ghcr.io/element-hq/lk-jwt-service:0.2.3
     container_name: element-call-jwt
     hostname: auth-server
     environment:
       - LK_JWT_PORT=8080
-      - LIVEKIT_URL=https://${LIVEKIT_DOMAIN}/livekit/sfu
+      - LIVEKIT_URL=https://${LIVEKIT_DOMAIN}/livekit/sfu #Change
       - LIVEKIT_KEY=devkey
       - LIVEKIT_SECRET=${LIVEKIT_SECRET_KEY}
-      - LIVEKIT_FULL_ACCESS_HOMESERVERS=${MATRIX_DOMAIN} 
+      - LIVEKIT_LOCAL_HOMESERVERS=${MATRIX_DOMAIN} #Not supported yet :pensive:
-    restart: always
+    restart: unless-stopped
     ports:
       - 8071:8080
   element-call-livekit:
-    image: livekit/livekit-server:v1.10.1
+    image: livekit/livekit-server:v1.8.4
     command: --config /etc/livekit.yaml
     ports:
       - "7880:7880/tcp"
       - "7881:7881/tcp"
       - "7882:7882/tcp"
       - "50100-50200:50100-50200/udp"
-    restart: always
+    restart: unless-stopped
     volumes:
       - ${LIVEKIT_CONFIG_DIR}/config.yaml:/etc/livekit.yaml:ro
   mautrix-signal:
     container_name: mautrix-signal
-    image: dock.mau.dev/mautrix/signal:v26.02.2
+    image: dock.mau.dev/mautrix/signal:v0.8.3
-    restart: always
+    restart: unless-stopped
     volumes:
       - ${MAUTRIX_SIGNAL_DATA_DIR}:/data
   mautrix-signal_db:
     image: docker.io/library/postgres:17
-    restart: always
+    restart: unless-stopped
     volumes:
       - ${MAUTRIX_SIGNAL_POSTGRES_DATA_DIR}:/var/lib/postgresql/data
     environment:
       POSTGRES_DB: ${MAUTRIX_SIGNAL_POSTGRES_DB}
       POSTGRES_USER: ${MAUTRIX_SIGNAL_POSTGRES_USER}
       POSTGRES_PASSWORD: ${MAUTRIX_SIGNAL_POSTGRES_PASSWORD}
-    ports:
-      - 5439:5432
   mautrix-whatsapp:
     container_name: mautrix-whatsapp
-    image: dock.mau.dev/mautrix/whatsapp:v0.2603.0
+    image: dock.mau.dev/mautrix/whatsapp:v0.12.1
     #image: petersmit27/mautrix-whatsapp:latest
-    restart: always
+    restart: unless-stopped
     volumes:
       - ${MAUTRIX_WHATSAPP_DATA_DIR}:/data
     depends_on:
       - mautrix-whatsapp_db
   mautrix-whatsapp_db:
     image: docker.io/library/postgres:17
-    restart: always
+    restart: unless-stopped
     volumes:
       - ${MAUTRIX_WHATSAPP_POSTGRES_DATA_DIR}:/var/lib/postgresql/data
     environment:
       POSTGRES_DB: ${MAUTRIX_WHATSAPP_POSTGRES_DB}
       POSTGRES_USER: ${MAUTRIX_WHATSAPP_POSTGRES_USER}
       POSTGRES_PASSWORD: ${MAUTRIX_WHATSAPP_POSTGRES_PASSWORD}
-    ports:
-      - 5440:5432
   mas:
-    image: ghcr.io/element-hq/matrix-authentication-service:1.14.0
+    image: ghcr.io/element-hq/matrix-authentication-service:0.16.0
-    restart: always
+    restart: unless-stopped
     working_dir: /config
     volumes:
       - ${MAS_CONFIG_DIR}:/config
@@ -74,31 +70,27 @@ services:
       - mas_db
   mas_db:
     image: docker.io/library/postgres:17
-    restart: always
+    restart: unless-stopped
     volumes:
       - ${MAS_POSTGRES_DATA_DIR}:/var/lib/postgresql/data
     environment:
       POSTGRES_DB: ${MAS_POSTGRES_DB}
       POSTGRES_USER: ${MAS_POSTGRES_USER}
       POSTGRES_PASSWORD: ${MAS_POSTGRES_PASSWORD}
-    ports:
-      - 5441:5432
   synapse_db:
     image: docker.io/library/postgres:17
-    restart: always
+    restart: unless-stopped
     volumes:
       - ${SYNAPSE_POSTGRES_DATA_DIR}:/var/lib/postgresql/data
     environment:
-      POSTGRES_DB: ${SYNAPSE_POSTGRES_DB}
+      POSTGRES_DB: ${POSTGRES_DB}
-      POSTGRES_USER: ${SYNAPSE_POSTGRES_USER}
+      POSTGRES_USER: ${POSTGRES_USER}
-      POSTGRES_PASSWORD: ${SYNAPSE_POSTGRES_PASSWORD}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
       POSTGRES_INITDB_ARGS: '--encoding=UTF-8  --locale=C'
-    ports:
-      - 5442:5432
   synapse:
     container_name: synapse
-    image: matrixdotorg/synapse:v1.150.0
+    image: matrixdotorg/synapse:v1.130.0
-    restart: always
+    restart: unless-stopped
     volumes:
       - ${SYNAPSE_CONFIG_DIR}:/data
     ports:
@@ -107,10 +99,3 @@ services:
       - synapse_db
       - mas
       - mautrix-whatsapp
-  element-admin:
-    image: oci.element.io/element-admin:0.1.11
-    restart: unless-stopped
-    ports:
-      - "8079:8080"
-    environment:
-      - SERVER_NAME=${MATRIX_DOMAIN}

updater/Dockerfile

@@ -1,5 +1,5 @@
 # Use the official PHP image with Apache
-FROM php:8.5-apache
+FROM php:8.4-apache
 
 # Add Docker's official GPG key:
 RUN apt-get update &&\
@@ -16,7 +16,7 @@ RUN echo \
 
 # Install git and docker-compose
 RUN apt-get update && \
-    apt-get install -y git docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin docker-model-plugin && \
+    apt-get install -y git docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin && \
     rm -rf /var/lib/apt/lists/*
 
 # Create .docker directory and set permissions

vaultwarden/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
   vaultwarden:
     container_name: vaultwarden
-    image: vaultwarden/server:1.35.4
+    image: vaultwarden/server:1.33.2
     restart: always
     volumes:
       - ${VAULTWARDEN_DATA_LOCATION}:/data/