infrastructure/home-server/docker-compose.yml

services:
  jellyfin:
    image: jellyfin/jellyfin
    container_name: jellyfin
    user: 1000:1000
    network_mode: "host"
    volumes:
      - /data/jellyfin/config:/config
      - /data/jellyfin/cache:/cache
      - /data/media/music/tagged:/music
      - /data/media/movies:/movies
      - /data/media/tvshows:/tvshows
    restart: "unless-stopped"
    group_add:
      - "303" # getent group render | cut -d: -f3
    devices:
      - /dev/dri/renderD128:/dev/dri/renderD128
    environment:
      - JELLYFIN_PublishedServerUrl=https://jellyfin.alexmickelson.guru

  nextcloud:
    build:
      context: nextcloud
    container_name: nextcloud
    environment:
      - TZ=America/Denver
      - OVERWRITEPROTOCOL=https
      - MYSQL_PASSWORD=slkdnflksnelkfnsdweoinv
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - MYSQL_HOST=nextcloud-db
    volumes:
      - /data/nextcloud/html:/var/www/html
      - /data/media/music:/music
      - /data/media/movies:/movies
      - /data/media/tvshows:/tvshows
      - /data/media/shared:/shared
      - /data/media/audiobooks:/audiobooks
    restart: unless-stopped
    ports:
      - 9001:80
    networks:
      - proxy
    
  nextcloud-cron:
    build:
      context: nextcloud
    container_name: nextcloud-cron
    environment:
      - TZ=America/Denver
      - OVERWRITEPROTOCOL=https
      - MYSQL_PASSWORD=slkdnflksnelkfnsdweoinv
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - MYSQL_HOST=nextcloud-db
    volumes:
      - /data/nextcloud/html:/var/www/html
      - /data/media/music:/music
      - /data/media/movies:/movies
      - /data/media/tvshows:/tvshows
      - /data/media/shared:/shared
      - /data/media/audiobooks:/audiobooks
      - /data/media/audiobooks-libation:/audiobooks-libation
    restart: unless-stopped
    entrypoint: /cron.sh
    depends_on:
      - nextcloud
    networks:
      - proxy

  nextcloud-db:
    image: mariadb:10.6
    container_name: nextcloud_db
    # mysql -u$MYSQL_USER -p$MYSQL_PASSWORD $MYSQL_DATABASE
    restart: always
    command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
    volumes:
      - /data/nextcloud-db/:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=klsdnofinsodkflksen34tesrg
      - MYSQL_PASSWORD=slkdnflksnelkfnsdweoinv
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
    networks:
      - proxy

  homeassistant:
    container_name: homeassistant
    image: homeassistant/home-assistant:stable
    volumes:
      - /data/homeAssistant/config:/config
      - /etc/localtime:/etc/localtime:ro
      # - /dev/serial/by-id:/dev/serial/by-id
    devices:
      # - /dev/ttyUSB0:/dev/ttyUSB0
      # - /dev/ttyUSB1:/dev/ttyUSB1
      - /dev/serial/by-id/usb-Itead_Sonoff_Zigbee_3.0_USB_Dongle_Plus_V2_0cad0783fc73ef11b46be21e313510fd-if00-port0:/dev/serial/by-id/usb-Itead_Sonoff_Zigbee_3.0_USB_Dongle_Plus_V2_0cad0783fc73ef11b46be21e313510fd-if00-port0
    environment:
      - TZ=America/Denver
    restart: always
    network_mode: host


  zwave-js-ui:
    container_name: zwave-js-ui
    image: zwavejs/zwave-js-ui:latest
    restart: always
    tty: true
    stop_signal: SIGINT
    environment:
      - SESSION_SECRET=iqpwoeinf9384bw3p48gbwer
      - TZ=America/Denver
    devices:
      # Do not use /dev/ttyUSBX serial devices, as those mappings can change over time.
      # Instead, use the /dev/serial/by-id/X serial device for your Z-Wave stick.
      # - '/dev/serial/by-id/insert_stick_reference_here:/dev/zwave'
      - /dev/serial/by-id/usb-Silicon_Labs_HubZ_Smart_Home_Controller_31500417-if00-port0:/dev/serial/by-id/usb-Silicon_Labs_HubZ_Smart_Home_Controller_31500417-if00-port0
      - /dev/serial/by-id/usb-Silicon_Labs_HubZ_Smart_Home_Controller_31500417-if01-port0:/dev/serial/by-id/usb-Silicon_Labs_HubZ_Smart_Home_Controller_31500417-if01-port0
    volumes:
        - /data/zwave:/usr/src/app/store
    ports:
      - '3050:8091'
      - '3051:3051'

  music-assistant-server:
    image: ghcr.io/music-assistant/server:2
    container_name: music-assistant-server
    restart: unless-stopped
    network_mode: host
    volumes:
      - /data/music-assistant-server/data:/data/
    # cap_add:
    #   - SYS_ADMIN
    #   - DAC_READ_SEARCH
    # security_opt:
    #   - apparmor:unconfined
    environment:
      - LOG_LEVEL=info

  prometheus:
    image: public.ecr.aws/bitnami/prometheus:2
    container_name: prometheus
    restart: unless-stopped
    environment:
      - HOMEASSISTANT_TOKEN=${HOMEASSISTANT_TOKEN}
    volumes:
      - ./prometheus.yml:/opt/bitnami/prometheus/conf/prometheus.yml
      - /data/prometheus:/opt/bitnami/prometheus/data
    ports:
      - 9091:9090
    networks:
      - proxy

  grafana:
    image: grafana/grafana:main
    container_name: grafana
    restart: always
    environment:
      - GF_SECURITY_ADMIN_USER=admin
      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
    volumes:
      - /data/grafana:/var/lib/grafana
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:3000/robots.txt"]
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 3s
    networks:
      - proxy
    ports:
      - 3000:3000

  # acpupsd_exporter:
  #   image: sfudeus/apcupsd_exporter:master_1.19
  #   container_name: apcupsd_exporter
  #   restart: always
  #   extra_hosts:
  #     - host.docker.internal:host-gateway
  #   command: -apcupsd.addr host.docker.internal:3551
  #   ports:
  #     - 0.0.0.0:9162:9162
  # docker run -it --rm  -p 9162:9162 --net=host sfudeus/apcupsd_exporter:master_1.19

  reverse-proxy:
    image: ghcr.io/linuxserver/swag
    container_name: reverse-proxy
    restart: unless-stopped
    cap_add:
      - NET_ADMIN
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/Denver
      - URL=alexmickelson.guru
      - SUBDOMAINS=wildcard
      - VALIDATION=dns
      - DNSPLUGIN=cloudflare
    volumes:
      - ./nginx.conf:/config/nginx/site-confs/default.conf
      - /data/swag:/config
      - /data/cloudflare/cloudflare.ini:/config/dns-conf/cloudflare.ini
    ports:
      - 0.0.0.0:80:80
      - 0.0.0.0:443:443
      # - 0.0.0.0:7080:80
      # - 0.0.0.0:7443:443
    extra_hosts:
      - host.docker.internal:host-gateway
    networks:
      - proxy


  audiobookshelf:
    image: ghcr.io/advplyr/audiobookshelf:latest
    restart: unless-stopped
    ports:
      - 13378:80
    volumes:
      - /data/media/audiobooks:/audiobooks
      - /data/media/audiobooks-libation:/audiobooks-libation
      # - </path/to/podcasts>:/podcasts
      - /data/audiobookshelf/config:/config
      - /data/audiobookshelf/metadata:/metadata
    networks:
      - proxy

  copilot-api:
    image: node:latest
    working_dir: /app
    command: sh -c "npm cache clean --force && npx copilot-api@latest start --github-token $COPILOT_TOKEN --port 4444"
    environment:
      - COPILOT_TOKEN=${COPILOT_TOKEN}
    ports:
      - "4444:4444"
    restart: unless-stopped
    networks:
      - proxy

  esphome:
    container_name: esphome
    image: ghcr.io/esphome/esphome
    volumes:
      - /data/esphome:/config
      - /etc/localtime:/etc/localtime:ro
    restart: always
    network_mode: host
    environment:
      - USERNAME=alex
      - PASSWORD=alex

  
  searxng:
    image: docker.io/searxng/searxng:latest
    container_name: searxng
    ports:
      - "4444:8080"
    volumes:
      - /data/searxng:/etc/searxng
      - /data/searxng-data:/var/cache/searxng
    environment:
      - SEARXNG_BASE_URL=http://server.alexmickelson.guru:4444/
    restart: unless-stopped
networks:
  proxy: 
    name: proxy
    external: true