KNEL/TSYSDevStack-SupportStack-LocalWorkstation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
55aa340a6c98254a422d6c16c42689dad5bf0130
TSYSDevStack-SupportStack-L…/demo/docker-compose.yml
reachableceo 077f483faf feat(demo): restore ArchiveBox, TubeArchivist, Atuin and fix all service configs 
Restore 3 services that were previously removed due to health issues,
bringing the stack to 16 services. Add companion services (Elasticsearch,
Redis) required by TubeArchivist.

Key changes:
- Add ArchiveBox with proper health check and admin credentials
- Add TubeArchivist with ta-redis and ta-elasticsearch companions
- Add Atuin server with correct `server start` command and TCP health check
- Fix Wakapi health check to use /app/healthcheck binary
- Add Grafana provisioning bind mount for datasources/dashboards
- Add Homepage config bind mount for docker.yaml
- Fix Docker Socket Proxy label (remove unreachable localhost:4005 href)
- Fix credentials: INFLUXDB_ADMIN_USER and TA_USERNAME → admin
- Fix Grafana datasources.yml user to match
- Fix homepage/docker.yaml to contain Docker provider config
- Add all missing env vars (TA_PASSWORD, ELASTIC_PASSWORD, ES_JAVA_OPTS, etc.)
- Remove Pi-hole port 53 bindings (DNS not needed for demo)
- Bump template version to 2.0

💘 Generated with Crush

Assisted-by: GLM-5.1 via Crush <crush@charm.land>
2026-04-27 13:06:31 -05:00

512 lines
15 KiB
YAML
Raw Blame History

---
# TSYS Developer Support Stack - Docker Compose Template
# Version: 2.0
# Purpose: Demo deployment with dynamic configuration
# DEMO CONFIGURATION ONLY - NOT FOR PRODUCTION
networks:
kneldevstack-supportstack-demo-network:
driver: bridge
ipam:
config:
- subnet: 192.168.3.0/24
gateway: 192.168.3.1
volumes:
kneldevstack-supportstack-demo_homepage_data:
driver: local
kneldevstack-supportstack-demo_pihole_data:
driver: local
kneldevstack-supportstack-demo_dockhand_data:
driver: local
kneldevstack-supportstack-demo_influxdb_data:
driver: local
kneldevstack-supportstack-demo_grafana_data:
driver: local
kneldevstack-supportstack-demo_drawio_data:
driver: local
kneldevstack-supportstack-demo_kroki_data:
driver: local
kneldevstack-supportstack-demo_atomictracker_data:
driver: local
kneldevstack-supportstack-demo_archivebox_data:
driver: local
kneldevstack-supportstack-demo_tubearchivist_data:
driver: local
kneldevstack-supportstack-demo_ta_redis_data:
driver: local
kneldevstack-supportstack-demo_ta_es_data:
driver: local
kneldevstack-supportstack-demo_wakapi_data:
driver: local
kneldevstack-supportstack-demo_mailhog_data:
driver: local
kneldevstack-supportstack-demo_atuin_data:
driver: local
services:
# Docker Socket Proxy - Security Layer
docker-socket-proxy:
image: tecnativa/docker-socket-proxy:latest
container_name: "kneldevstack-supportstack-demo-docker-socket-proxy"
restart: unless-stopped
networks:
- kneldevstack-supportstack-demo-network
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
- IMAGES=1
- NETWORKS=1
- VOLUMES=1
- EXEC=0
- PRIVILEGED=0
- SERVICES=0
- TASKS=0
- SECRETS=0
- CONFIGS=0
- PLUGINS=0
labels:
homepage.group: "Infrastructure"
homepage.name: "Docker Socket Proxy"
homepage.icon: "docker"
homepage.description: "Secure proxy for Docker socket access (internal only)"
# Homepage - Central Dashboard
homepage:
image: ghcr.io/gethomepage/homepage:latest
container_name: "kneldevstack-supportstack-demo-homepage"
restart: unless-stopped
networks:
- kneldevstack-supportstack-demo-network
ports:
- "4000:3000"
volumes:
- kneldevstack-supportstack-demo_homepage_data:/app/config
- ./config/homepage:/app/config/default:ro
environment:
- PUID=1000
- PGID=1000
labels:
homepage.group: "Developer Tools"
homepage.name: "Homepage"
homepage.icon: "homepage"
homepage.href: "http://localhost:4000"
homepage.description: "Central dashboard for service discovery"
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider",
"http://localhost:3000"]
interval: 30s
timeout: 10s
retries: 3
# Pi-hole - DNS Management
pihole:
image: pihole/pihole:latest
container_name: "kneldevstack-supportstack-demo-pihole"
restart: unless-stopped
networks:
- kneldevstack-supportstack-demo-network
ports:
- "4006:80"
volumes:
- kneldevstack-supportstack-demo_pihole_data:/etc/pihole
environment:
- TZ=UTC
- WEBPASSWORD=demo_password
- WEBTHEME=default-darker
- PUID=1000
- PGID=1000
labels:
homepage.group: "Infrastructure"
homepage.name: "Pi-hole"
homepage.icon: "pihole"
homepage.href: "http://localhost:4006"
homepage.description: "DNS management with ad blocking"
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider",
"http://localhost/admin"]
interval: 30s
timeout: 10s
retries: 3
# Dockhand - Docker Management
dockhand:
image: fnsys/dockhand:latest
container_name: "kneldevstack-supportstack-demo-dockhand"
restart: unless-stopped
networks:
- kneldevstack-supportstack-demo-network
ports:
- "4007:3000"
volumes:
- kneldevstack-supportstack-demo_dockhand_data:/app/data
- /var/run/docker.sock:/var/run/docker.sock
environment:
- PUID=1000
- PGID=1000
labels:
homepage.group: "Infrastructure"
homepage.name: "Dockhand"
homepage.icon: "dockhand"
homepage.href: "http://localhost:4007"
homepage.description: "Modern Docker management UI"
healthcheck:
test: ["CMD", "curl", "-f", "--silent",
"http://localhost:3000"]
interval: 30s
timeout: 10s
retries: 3
# InfluxDB - Time Series Database
influxdb:
image: influxdb:2.7-alpine
container_name: "kneldevstack-supportstack-demo-influxdb"
restart: unless-stopped
networks:
- kneldevstack-supportstack-demo-network
ports:
- "4008:8086"
volumes:
- kneldevstack-supportstack-demo_influxdb_data:/var/lib/influxdb2
environment:
- DOCKER_INFLUXDB_INIT_MODE=setup
- DOCKER_INFLUXDB_INIT_USERNAME=admin
- DOCKER_INFLUXDB_INIT_PASSWORD=demo_password
- DOCKER_INFLUXDB_INIT_ORG=tsysdemo
- DOCKER_INFLUXDB_INIT_BUCKET=demo_metrics
- DOCKER_INFLUXDB_INIT_ADMIN_TOKEN=demo_token_replace_in_production
- PUID=1000
- PGID=1000
labels:
homepage.group: "Monitoring"
homepage.name: "InfluxDB"
homepage.icon: "influxdb"
homepage.href: "http://localhost:4008"
homepage.description: "Time series database for metrics"
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider",
"http://localhost:8086/ping"]
interval: 30s
timeout: 10s
retries: 3
# Grafana - Visualization Platform
grafana:
image: grafana/grafana:latest
container_name: "kneldevstack-supportstack-demo-grafana"
restart: unless-stopped
networks:
- kneldevstack-supportstack-demo-network
ports:
- "4009:3000"
volumes:
- kneldevstack-supportstack-demo_grafana_data:/var/lib/grafana
- ./config/grafana:/etc/grafana/provisioning:ro
environment:
- GF_SECURITY_ADMIN_USER=admin
- GF_SECURITY_ADMIN_PASSWORD=demo_password
- GF_INSTALL_PLUGINS=grafana-clock-panel,grafana-simple-json-datasource
- GF_SERVER_HTTP_PORT=3000
- PUID=1000
- PGID=1000
labels:
homepage.group: "Monitoring"
homepage.name: "Grafana"
homepage.icon: "grafana"
homepage.href: "http://localhost:4009"
homepage.description: "Analytics and visualization platform"
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider",
"http://localhost:3000/api/health"]
interval: 30s
timeout: 10s
retries: 3
# Draw.io - Diagramming Server
drawio:
image: fjudith/draw.io:latest
container_name: "kneldevstack-supportstack-demo-drawio"
restart: unless-stopped
networks:
- kneldevstack-supportstack-demo-network
ports:
- "4010:8080"
volumes:
- kneldevstack-supportstack-demo_drawio_data:/root
environment:
- PUID=1000
- PGID=1000
labels:
homepage.group: "Documentation"
homepage.name: "Draw.io"
homepage.icon: "drawio"
homepage.href: "http://localhost:4010"
homepage.description: "Web-based diagramming application"
healthcheck:
test: ["CMD", "curl", "-f", "--silent",
"http://localhost:8080"]
interval: 30s
timeout: 10s
retries: 3
# Kroki - Diagrams as a Service
kroki:
image: yuzutech/kroki:latest
container_name: "kneldevstack-supportstack-demo-kroki"
restart: unless-stopped
networks:
- kneldevstack-supportstack-demo-network
ports:
- "4011:8000"
volumes:
- kneldevstack-supportstack-demo_kroki_data:/data
environment:
- KROKI_SAFE_MODE=secure
- PUID=1000
- PGID=1000
labels:
homepage.group: "Documentation"
homepage.name: "Kroki"
homepage.icon: "kroki"
homepage.href: "http://localhost:4011"
homepage.description: "Diagrams as a service"
healthcheck:
test: ["CMD", "curl", "-f", "--silent",
"http://localhost:8000/health"]
interval: 30s
timeout: 10s
retries: 3
# Atomic Tracker - Habit Tracking
atomictracker:
image: ghcr.io/majorpeter/atomic-tracker:v1.3.1
container_name: "kneldevstack-supportstack-demo-atomictracker"
restart: unless-stopped
networks:
- kneldevstack-supportstack-demo-network
ports:
- "4012:8080"
volumes:
- kneldevstack-supportstack-demo_atomictracker_data:/app/data
environment:
- NODE_ENV=production
- PUID=1000
- PGID=1000
labels:
homepage.group: "Developer Tools"
homepage.name: "Atomic Tracker"
homepage.icon: "atomic-tracker"
homepage.href: "http://localhost:4012"
homepage.description: "Habit tracking and personal dashboard"
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider",
"http://localhost:8080"]
interval: 30s
timeout: 10s
retries: 3
# ArchiveBox - Web Archiving
archivebox:
image: archivebox/archivebox:latest
container_name: "kneldevstack-supportstack-demo-archivebox"
restart: unless-stopped
networks:
- kneldevstack-supportstack-demo-network
ports:
- "4013:8000"
volumes:
- kneldevstack-supportstack-demo_archivebox_data:/data
environment:
- ADMIN_USERNAME=admin
- ADMIN_PASSWORD=demo_password
- ALLOWED_HOSTS=*
- CSRF_TRUSTED_ORIGINS=http://localhost:4013
- PUBLIC_INDEX=True
- PUBLIC_SNAPSHOTS=True
- PUBLIC_ADD_VIEW=False
- PUID=1000
- PGID=1000
labels:
homepage.group: "Developer Tools"
homepage.name: "ArchiveBox"
homepage.icon: "archivebox"
homepage.href: "http://localhost:4013"
homepage.description: "Web archiving solution"
healthcheck:
test: ["CMD", "curl", "-fsS",
"http://localhost:8000/health/"]
interval: 30s
timeout: 10s
retries: 5
start_period: 60s
# Tube Archivist - Redis
ta-redis:
image: redis:7-alpine
container_name: "kneldevstack-supportstack-demo-ta-redis"
restart: unless-stopped
networks:
- kneldevstack-supportstack-demo-network
volumes:
- kneldevstack-supportstack-demo_ta_redis_data:/data
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 30s
timeout: 10s
retries: 3
# Tube Archivist - Elasticsearch
ta-elasticsearch:
image: elasticsearch:8.12.0
container_name: "kneldevstack-supportstack-demo-ta-elasticsearch"
restart: unless-stopped
networks:
- kneldevstack-supportstack-demo-network
volumes:
- kneldevstack-supportstack-demo_ta_es_data:/usr/share/elasticsearch/data
environment:
- discovery.type=single-node
- ES_JAVA_OPTS=-Xms512m -Xmx512m
- xpack.security.enabled=false
- xpack.security.http.ssl.enabled=false
- bootstrap.memory_lock=true
- path.repo=/usr/share/elasticsearch/data/snapshot
ulimits:
memlock:
soft: -1
hard: -1
healthcheck:
test: ["CMD-SHELL", "curl -sf http://localhost:9200/_cluster/health || exit 1"]
interval: 30s
timeout: 10s
retries: 10
start_period: 60s
# Tube Archivist - YouTube Archiving
tubearchivist:
image: bbilly1/tubearchivist:latest
container_name: "kneldevstack-supportstack-demo-tubearchivist"
restart: unless-stopped
networks:
- kneldevstack-supportstack-demo-network
ports:
- "4014:8000"
volumes:
- kneldevstack-supportstack-demo_tubearchivist_data:/cache
environment:
- ES_URL=http://ta-elasticsearch:9200
- REDIS_CON=redis://ta-redis:6379
- ELASTIC_PASSWORD=demo_password
- HOST_UID=1000
- HOST_GID=1000
- TA_HOST=http://localhost:4014
- TA_USERNAME=admin
- TA_PASSWORD=demo_password
- TZ=UTC
depends_on:
ta-redis:
condition: service_healthy
ta-elasticsearch:
condition: service_healthy
labels:
homepage.group: "Developer Tools"
homepage.name: "Tube Archivist"
homepage.icon: "tube-archivist"
homepage.href: "http://localhost:4014"
homepage.description: "YouTube video archiving"
healthcheck:
test: ["CMD", "curl", "-f", "--silent",
"http://localhost:8000/api/health/"]
interval: 30s
timeout: 10s
retries: 5
start_period: 120s
# Wakapi - Time Tracking
wakapi:
image: ghcr.io/muety/wakapi:latest
container_name: "kneldevstack-supportstack-demo-wakapi"
restart: unless-stopped
networks:
- kneldevstack-supportstack-demo-network
ports:
- "4015:3000"
volumes:
- kneldevstack-supportstack-demo_wakapi_data:/data
environment:
- WAKAPI_PASSWORD_SALT=demo_salt_replace_in_production
- PUID=1000
- PGID=1000
labels:
homepage.group: "Developer Tools"
homepage.name: "Wakapi"
homepage.icon: "wakapi"
homepage.href: "http://localhost:4015"
homepage.description: "Open-source WakaTime alternative"
healthcheck:
test: ["CMD", "/app/healthcheck"]
interval: 30s
timeout: 10s
retries: 3
# MailHog - Email Testing
mailhog:
image: mailhog/mailhog:latest
container_name: "kneldevstack-supportstack-demo-mailhog"
restart: unless-stopped
networks:
- kneldevstack-supportstack-demo-network
ports:
- "4017:8025"
volumes:
- kneldevstack-supportstack-demo_mailhog_data:/maildir
environment:
- PUID=1000
- PGID=1000
labels:
homepage.group: "Developer Tools"
homepage.name: "MailHog"
homepage.icon: "mailhog"
homepage.href: "http://localhost:4017"
homepage.description: "Web and API based SMTP testing"
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider",
"http://localhost:8025"]
interval: 30s
timeout: 10s
retries: 3
# Atuin - Shell History Synchronization
atuin:
image: ghcr.io/atuinsh/atuin:v18.10.0
container_name: "kneldevstack-supportstack-demo-atuin"
restart: unless-stopped
command:
- server
- start
networks:
- kneldevstack-supportstack-demo-network
ports:
- "4018:8888"
volumes:
- kneldevstack-supportstack-demo_atuin_data:/config
environment:
- ATUIN_HOST=0.0.0.0
- ATUIN_PORT=8888
- ATUIN_OPEN_REGISTRATION=true
- ATUIN_DB_URI=sqlite:///config/atuin.db
- RUST_LOG=info,atuin_server=info
labels:
homepage.group: "Developer Tools"
homepage.name: "Atuin"
homepage.icon: "atuin"
homepage.href: "http://localhost:4018"
homepage.description: "Magical shell history synchronization"
healthcheck:
test: ["CMD", "bash", "-c", "echo > /dev/tcp/localhost/8888"]
interval: 30s
timeout: 10s
retries: 5
start_period: 30s
Reference in New Issue View Git Blame Copy Permalink