--- # TSYS Developer Support Stack - Docker Compose Template # Version: 1.0 # Purpose: Demo deployment with dynamic configuration # ⚠️ DEMO CONFIGURATION ONLY - NOT FOR PRODUCTION networks: ${COMPOSE_NETWORK_NAME}: driver: bridge ipam: config: - subnet: ${NETWORK_SUBNET} gateway: ${NETWORK_GATEWAY} volumes: ${COMPOSE_PROJECT_NAME}_homepage_data: driver: local ${COMPOSE_PROJECT_NAME}_pihole_data: driver: local ${COMPOSE_PROJECT_NAME}_dockhand_data: driver: local ${COMPOSE_PROJECT_NAME}_influxdb_data: driver: local ${COMPOSE_PROJECT_NAME}_grafana_data: driver: local ${COMPOSE_PROJECT_NAME}_drawio_data: driver: local ${COMPOSE_PROJECT_NAME}_kroki_data: driver: local ${COMPOSE_PROJECT_NAME}_atomictracker_data: driver: local ${COMPOSE_PROJECT_NAME}_archivebox_data: driver: local ${COMPOSE_PROJECT_NAME}_tubearchivist_data: driver: local ${COMPOSE_PROJECT_NAME}_wakapi_data: driver: local ${COMPOSE_PROJECT_NAME}_mailhog_data: driver: local ${COMPOSE_PROJECT_NAME}_atuin_data: driver: local services: # Docker Socket Proxy - Security Layer docker-socket-proxy: image: tecnativa/docker-socket-proxy:latest container_name: "${COMPOSE_PROJECT_NAME}-docker-socket-proxy" restart: unless-stopped networks: - ${COMPOSE_NETWORK_NAME} volumes: - /var/run/docker.sock:/var/run/docker.sock:ro environment: - CONTAINERS=${DOCKER_SOCKET_PROXY_CONTAINERS} - IMAGES=${DOCKER_SOCKET_PROXY_IMAGES} - NETWORKS=${DOCKER_SOCKET_PROXY_NETWORKS} - VOLUMES=${DOCKER_SOCKET_PROXY_VOLUMES} - EXEC=${DOCKER_SOCKET_PROXY_EXEC} - PRIVILEGED=${DOCKER_SOCKET_PROXY_PRIVILEGED} - SERVICES=${DOCKER_SOCKET_PROXY_SERVICES} - TASKS=${DOCKER_SOCKET_PROXY_TASKS} - SECRETS=${DOCKER_SOCKET_PROXY_SECRETS} - CONFIGS=${DOCKER_SOCKET_PROXY_CONFIGS} - PLUGINS=${DOCKER_SOCKET_PROXY_PLUGINS} labels: homepage.group: "Infrastructure" homepage.name: "Docker Socket Proxy" homepage.icon: "docker" homepage.href: "http://localhost:${DOCKER_SOCKET_PROXY_PORT}" homepage.description: "Secure proxy for Docker socket access" # Homepage - Central Dashboard homepage: image: ghcr.io/gethomepage/homepage:latest container_name: "${COMPOSE_PROJECT_NAME}-homepage" restart: unless-stopped networks: - ${COMPOSE_NETWORK_NAME} ports: - "${HOMEPAGE_PORT}:3000" volumes: - ${COMPOSE_PROJECT_NAME}_homepage_data:/app/config environment: - PUID=${DEMO_UID} - PGID=${DEMO_GID} labels: homepage.group: "Developer Tools" homepage.name: "Homepage" homepage.icon: "homepage" homepage.href: "http://localhost:${HOMEPAGE_PORT}" homepage.description: "Central dashboard for service discovery" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3000"] interval: ${HEALTH_CHECK_INTERVAL} timeout: ${HEALTH_CHECK_TIMEOUT} retries: ${HEALTH_CHECK_RETRIES} # Pi-hole - DNS Management pihole: image: pihole/pihole:latest container_name: "${COMPOSE_PROJECT_NAME}-pihole" restart: unless-stopped networks: - ${COMPOSE_NETWORK_NAME} ports: - "${PIHOLE_PORT}:80" - "53:53/tcp" - "53:53/udp" volumes: - ${COMPOSE_PROJECT_NAME}_pihole_data:/etc/pihole environment: - TZ=UTC - WEBPASSWORD=${PIHOLE_WEBPASSWORD} - WEBTHEME=${WEBTHEME} - PUID=${DEMO_UID} - PGID=${DEMO_GID} labels: homepage.group: "Infrastructure" homepage.name: "Pi-hole" homepage.icon: "pihole" homepage.href: "http://localhost:${PIHOLE_PORT}" homepage.description: "DNS management with ad blocking" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost/admin"] interval: ${HEALTH_CHECK_INTERVAL} timeout: ${HEALTH_CHECK_TIMEOUT} retries: ${HEALTH_CHECK_RETRIES} # Dockhand - Docker Management dockhand: image: fnsys/dockhand:latest container_name: "${COMPOSE_PROJECT_NAME}-dockhand" restart: unless-stopped networks: - ${COMPOSE_NETWORK_NAME} ports: - "${DOCKHAND_PORT}:3000" volumes: - ${COMPOSE_PROJECT_NAME}_dockhand_data:/app/data - /var/run/docker.sock:/var/run/docker.sock environment: - PUID=${DEMO_UID} - PGID=${DEMO_GID} labels: homepage.group: "Infrastructure" homepage.name: "Dockhand" homepage.icon: "dockhand" homepage.href: "http://localhost:${DOCKHAND_PORT}" homepage.description: "Modern Docker management UI" healthcheck: test: ["CMD", "curl", "-f", "--silent", "http://localhost:3000"] interval: ${HEALTH_CHECK_INTERVAL} timeout: ${HEALTH_CHECK_TIMEOUT} retries: ${HEALTH_CHECK_RETRIES} # InfluxDB - Time Series Database influxdb: image: influxdb:2.7-alpine container_name: "${COMPOSE_PROJECT_NAME}-influxdb" restart: unless-stopped networks: - ${COMPOSE_NETWORK_NAME} ports: - "${INFLUXDB_PORT}:8086" volumes: - ${COMPOSE_PROJECT_NAME}_influxdb_data:/var/lib/influxdb2 environment: - DOCKER_INFLUXDB_INIT_MODE=setup - DOCKER_INFLUXDB_INIT_USERNAME=${INFLUXDB_ADMIN_USER} - DOCKER_INFLUXDB_INIT_PASSWORD=${INFLUXDB_ADMIN_PASSWORD} - DOCKER_INFLUXDB_INIT_ORG=${INFLUXDB_ORG} - DOCKER_INFLUXDB_INIT_BUCKET=${INFLUXDB_BUCKET} - DOCKER_INFLUXDB_INIT_ADMIN_TOKEN=${INFLUXDB_AUTH_TOKEN} - PUID=${DEMO_UID} - PGID=${DEMO_GID} labels: homepage.group: "Monitoring" homepage.name: "InfluxDB" homepage.icon: "influxdb" homepage.href: "http://localhost:${INFLUXDB_PORT}" homepage.description: "Time series database for metrics" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8086/ping"] interval: ${HEALTH_CHECK_INTERVAL} timeout: ${HEALTH_CHECK_TIMEOUT} retries: ${HEALTH_CHECK_RETRIES} # Grafana - Visualization Platform grafana: image: grafana/grafana:latest container_name: "${COMPOSE_PROJECT_NAME}-grafana" restart: unless-stopped networks: - ${COMPOSE_NETWORK_NAME} ports: - "${GRAFANA_PORT}:3000" volumes: - ${COMPOSE_PROJECT_NAME}_grafana_data:/var/lib/grafana environment: - GF_SECURITY_ADMIN_USER=${GF_SECURITY_ADMIN_USER} - GF_SECURITY_ADMIN_PASSWORD=${GF_SECURITY_ADMIN_PASSWORD} - GF_INSTALL_PLUGINS=${GF_INSTALL_PLUGINS} - PUID=${DEMO_UID} - PGID=${DEMO_GID} labels: homepage.group: "Monitoring" homepage.name: "Grafana" homepage.icon: "grafana" homepage.href: "http://localhost:${GRAFANA_PORT}" homepage.description: "Analytics and visualization platform" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3000/api/health"] interval: ${HEALTH_CHECK_INTERVAL} timeout: ${HEALTH_CHECK_TIMEOUT} retries: ${HEALTH_CHECK_RETRIES} # Draw.io - Diagramming Server drawio: image: fjudith/draw.io:latest container_name: "${COMPOSE_PROJECT_NAME}-drawio" restart: unless-stopped networks: - ${COMPOSE_NETWORK_NAME} ports: - "${DRAWIO_PORT}:8080" volumes: - ${COMPOSE_PROJECT_NAME}_drawio_data:/root environment: - PUID=${DEMO_UID} - PGID=${DEMO_GID} labels: homepage.group: "Documentation" homepage.name: "Draw.io" homepage.icon: "drawio" homepage.href: "http://localhost:${DRAWIO_PORT}" homepage.description: "Web-based diagramming application" healthcheck: test: ["CMD", "curl", "-f", "--silent", "http://localhost:8080"] interval: ${HEALTH_CHECK_INTERVAL} timeout: ${HEALTH_CHECK_TIMEOUT} retries: ${HEALTH_CHECK_RETRIES} # Kroki - Diagrams as a Service kroki: image: yuzutech/kroki:latest container_name: "${COMPOSE_PROJECT_NAME}-kroki" restart: unless-stopped networks: - ${COMPOSE_NETWORK_NAME} ports: - "${KROKI_PORT}:8000" volumes: - ${COMPOSE_PROJECT_NAME}_kroki_data:/data environment: - KROKI_SAFE_MODE=secure - PUID=${DEMO_UID} - PGID=${DEMO_GID} labels: homepage.group: "Documentation" homepage.name: "Kroki" homepage.icon: "kroki" homepage.href: "http://localhost:${KROKI_PORT}" homepage.description: "Diagrams as a service" healthcheck: test: ["CMD", "curl", "-f", "--silent", "http://localhost:8000/health"] interval: ${HEALTH_CHECK_INTERVAL} timeout: ${HEALTH_CHECK_TIMEOUT} retries: ${HEALTH_CHECK_RETRIES} # Atomic Tracker - Habit Tracking atomictracker: image: ghcr.io/majorpeter/atomic-tracker:v1.3.1 container_name: "${COMPOSE_PROJECT_NAME}-atomictracker" restart: unless-stopped networks: - ${COMPOSE_NETWORK_NAME} ports: - "${ATOMIC_TRACKER_PORT}:8080" volumes: - ${COMPOSE_PROJECT_NAME}_atomictracker_data:/app/data environment: - NODE_ENV=production - PUID=${DEMO_UID} - PGID=${DEMO_GID} labels: homepage.group: "Developer Tools" homepage.name: "Atomic Tracker" homepage.icon: "atomic-tracker" homepage.href: "http://localhost:${ATOMIC_TRACKER_PORT}" homepage.description: "Habit tracking and personal dashboard" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080"] interval: ${HEALTH_CHECK_INTERVAL} timeout: ${HEALTH_CHECK_TIMEOUT} retries: ${HEALTH_CHECK_RETRIES} # ArchiveBox - Web Archiving archivebox: image: archivebox/archivebox:latest container_name: "${COMPOSE_PROJECT_NAME}-archivebox" restart: unless-stopped networks: - ${COMPOSE_NETWORK_NAME} ports: - "${ARCHIVEBOX_PORT}:8000" volumes: - ${COMPOSE_PROJECT_NAME}_archivebox_data:/data environment: - SECRET_KEY=${ARCHIVEBOX_SECRET_KEY} - PUID=${DEMO_UID} - PGID=${DEMO_GID} labels: homepage.group: "Developer Tools" homepage.name: "ArchiveBox" homepage.icon: "archivebox" homepage.href: "http://localhost:${ARCHIVEBOX_PORT}" homepage.description: "Web archiving solution" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8000"] interval: ${HEALTH_CHECK_INTERVAL} timeout: ${HEALTH_CHECK_TIMEOUT} retries: ${HEALTH_CHECK_RETRIES} # Tube Archivist - YouTube Archiving tubearchivist: image: bbilly1/tubearchivist:latest container_name: "${COMPOSE_PROJECT_NAME}-tubearchivist" restart: unless-stopped networks: - ${COMPOSE_NETWORK_NAME} ports: - "${TUBE_ARCHIVIST_PORT}:8000" volumes: - ${COMPOSE_PROJECT_NAME}_tubearchivist_data:/cache environment: - TA_HOST=${TA_HOST} - TA_PORT=${TA_PORT} - TA_DEBUG=${TA_DEBUG} - TA_USERNAME=demo - PUID=${DEMO_UID} - PGID=${DEMO_GID} labels: homepage.group: "Developer Tools" homepage.name: "Tube Archivist" homepage.icon: "tube-archivist" homepage.href: "http://localhost:${TUBE_ARCHIVIST_PORT}" homepage.description: "YouTube video archiving" # Wakapi - Time Tracking wakapi: image: ghcr.io/muety/wakapi:latest container_name: "${COMPOSE_PROJECT_NAME}-wakapi" restart: unless-stopped networks: - ${COMPOSE_NETWORK_NAME} ports: - "${WAKAPI_PORT}:3000" volumes: - ${COMPOSE_PROJECT_NAME}_wakapi_data:/data environment: - WAKAPI_PASSWORD_SALT=${WAKAPI_PASSWORD_SALT} - PUID=${DEMO_UID} - PGID=${DEMO_GID} labels: homepage.group: "Developer Tools" homepage.name: "Wakapi" homepage.icon: "wakapi" homepage.href: "http://localhost:${WAKAPI_PORT}" homepage.description: "Open-source WakaTime alternative" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3000"] interval: ${HEALTH_CHECK_INTERVAL} timeout: ${HEALTH_CHECK_TIMEOUT} retries: ${HEALTH_CHECK_RETRIES} # MailHog - Email Testing mailhog: image: mailhog/mailhog:latest container_name: "${COMPOSE_PROJECT_NAME}-mailhog" restart: unless-stopped networks: - ${COMPOSE_NETWORK_NAME} ports: - "${MAILHOG_PORT}:8025" volumes: - ${COMPOSE_PROJECT_NAME}_mailhog_data:/maildir environment: - PUID=${DEMO_UID} - PGID=${DEMO_GID} labels: homepage.group: "Developer Tools" homepage.name: "MailHog" homepage.icon: "mailhog" homepage.href: "http://localhost:${MAILHOG_PORT}" homepage.description: "Web and API based SMTP testing" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8025"] interval: ${HEALTH_CHECK_INTERVAL} timeout: ${HEALTH_CHECK_TIMEOUT} retries: ${HEALTH_CHECK_RETRIES} # Atuin - Shell History atuin: image: ghcr.io/atuinsh/atuin:v18.10.0 container_name: "${COMPOSE_PROJECT_NAME}-atuin" restart: unless-stopped command: server start networks: - ${COMPOSE_NETWORK_NAME} ports: - "${ATUIN_PORT}:8888" volumes: - ${COMPOSE_PROJECT_NAME}_atuin_data:/config environment: - ATUIN_DB_URI=sqlite:///config/atuin.db - PUID=${DEMO_UID} - PGID=${DEMO_GID} labels: homepage.group: "Developer Tools" homepage.name: "Atuin" homepage.icon: "atuin" homepage.href: "http://localhost:${ATUIN_PORT}" homepage.description: "Magical shell history synchronization"