Initial commit - All Portainer stacks from Mac

13ftladder/13ftladder.yaml

@@ -0,0 +1,20 @@
+version: "3.8"
+
+services:
+  13ft-ladder:
+    container_name: 13ft-ladder
+    image: wasimaster/13ft:latest
+    restart: unless-stopped
+    hostname: 13ft-ladder
+    ports:
+      - "192.168.1.155:5000:5000/tcp"   # Keeps your specific host IP binding
+    environment:
+      PORT: "5000"
+      TZ: America/New_York              # Add for consistent timestamps
+    working_dir: "/app"
+    entrypoint:
+      - "python"
+    command:
+      - "portable.py"
+    logging:
+      driver: json-file

blinko/docker-compose.yaml

@@ -0,0 +1,54 @@
+version: '3.8'
+
+networks:
+  blinko-network:
+    driver: bridge
+
+services:
+  postgres:
+    image: postgres:16-alpine
+    container_name: blinko-postgres
+    restart: unless-stopped
+    environment:
+      POSTGRES_DB: postgres
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: zZ8o3NahfCmXMzBLN   # ← This is your current password
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD", "pg_isready", "-U", "postgres", "-d", "postgres"]
+      interval: 5s
+      timeout: 10s
+      retries: 5
+    networks:
+      - blinko-network
+
+  blinko:
+    image: blinkospace/blinko:latest
+    container_name: blinko
+    restart: unless-stopped
+    environment:
+      NODE_ENV: production
+      NEXTAUTH_URL: http://192.168.1.155:1111
+      NEXT_PUBLIC_BASE_URL: http://192.168.1.155:1111
+      NEXTAUTH_SECRET: 0543c607f3616eed8296e9dd62e3fc1eb5a077cd3ddd9618620a0c343b3601c7
+      DATABASE_URL: postgresql://postgres:zZ8o3NahfCmXMzBLN@postgres:5432/postgres   
+    ports:
+      - "1111:1111"
+    volumes:
+      - blinko_data:/app/.blinko
+    depends_on:
+      postgres:
+        condition: service_healthy
+    networks:
+      - blinko-network
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:1111/"]
+      interval: 30s
+      timeout: 10s
+      retries: 5
+      start_period: 30s
+
+volumes:
+  postgres_data:
+  blinko_data:

freshrss/docker-compose.yaml

@@ -0,0 +1,18 @@
+version: '3.8'
+
+services:
+  freshrss:
+    image: lscr.io/linuxserver/freshrss:latest   # or linuxserver/freshrss:latest
+    container_name: freshrss
+    restart: unless-stopped
+    ports:
+      - "8082:80"                                # Change the left number if you want a different host port
+    environment:
+      - PUID=1000                                # ← CHANGE to your Pi user's UID (run `id` to check)
+      - PGID=1000                                # ← CHANGE to your Pi user's GID
+      - TZ=America/New_York                      # ← CHANGE to your actual timezone
+    volumes:
+      - freshrss_config:/config
+
+volumes:
+  freshrss_config:

gitea/docker-compose.yaml

@@ -0,0 +1,21 @@
+version: '3.8'
+
+volumes:
+  gitea_data:
+
+services:
+  server:
+    image: docker.gitea.com/gitea:latest
+    container_name: gitea
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+      - TZ=America/New_York     
+    restart: unless-stopped
+    volumes:
+      - gitea_data:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - "3131:3000"   # Web UI - change host port if 3000 is in use
+      - "2222:22"     # SSH - mapped to avoid host SSH conflict

homeassistant/docker-compose.yaml

@@ -0,0 +1,31 @@
+version: "3.8"
+
+services:
+  homeassistant:
+    container_name: homeassistant
+    image: ghcr.io/home-assistant/home-assistant:stable
+    restart: unless-stopped
+    privileged: true
+    network_mode: host
+    security_opt:
+      - label=disable
+    hostname: homeassistant
+    environment:
+      TZ: America/New_York
+      LANG: C.UTF-8
+      S6_BEHAVIOUR_IF_STAGE2_FAILS: "2"
+      S6_CMD_WAIT_FOR_SERVICES: "1"
+      S6_CMD_WAIT_FOR_SERVICES_MAXTIME: "0"
+      S6_SERVICES_READYTIME: "50"
+      S6_SERVICES_GRACETIME: "240000"
+      UV_EXTRA_INDEX_URL: https://wheels.home-assistant.io/musllinux-index/
+      UV_SYSTEM_PYTHON: "true"
+      UV_NO_CACHE: "true"
+    volumes:
+      - "/etc/localtime:/etc/localtime:ro"
+      - "/home/pi/homeassistant:/config"
+      - "/run/dbus:/run/dbus:ro"
+      # Add USB/Zigbee if needed, e.g.:
+      # - "/dev/ttyUSB0:/dev/ttyUSB0:rw"
+    working_dir: "/config"
+    entrypoint: ["/init"]

homebridge/docker-compose.yaml

@@ -0,0 +1,28 @@
+version: "3.8"
+
+services:
+  homebridge:
+    container_name: homebridge
+    image: homebridge/homebridge:ubuntu
+    restart: always
+    network_mode: host
+    hostname: homebridge
+    environment:
+      HOMEBRIDGE_CONFIG_UI_PORT: "8581"
+      TZ: America/New_York  # Add if not already set in your env
+      ENABLE_AVAHI: "1"
+      HOMEBRIDGE_APT_PACKAGE: "1"
+      UIX_CUSTOM_PLUGIN_PATH: "/var/lib/homebridge/node_modules"
+      # Keep any other custom env you had
+    expose:
+      - "8581/tcp"
+    volumes:
+      - "homebridge_homebridge:/homebridge"
+    working_dir: "/homebridge"
+    entrypoint: ["/init"]
+    logging:
+      driver: json-file
+
+volumes:
+  homebridge_homebridge:
+    external: true

homepage/docker-compose.yaml

@@ -0,0 +1,21 @@
+version: "3.8"
+
+services:
+  homepage:
+    image: ghcr.io/gethomepage/homepage:latest
+    container_name: homepage
+    environment:
+      HOMEPAGE_ALLOWED_HOSTS: 192.168.1.155,192.168.1.155:49325,localhost,127.0.0.1,0.0.0.0,douglasdigitalhome.net,www.douglasdigitalhome.net,homepage.douglasdigitalhome.net
+      PUID: 1000
+      PGID: 1000
+      # LOG_LEVEL: debug   # remove or comment out once everything works
+    ports:
+      - "49325:3000"
+    volumes:
+      - /docker/homepage/config:/app/config
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    restart: unless-stopped
+    labels:
+      - homepage.group=Infrastructure
+      - homepage.name=Homepage
+      - homepage.icon=mdi:view-dashboard

homepage/services.yaml

@@ -0,0 +1,92 @@
+# https://gethomepage.dev/configs/services/
+---
+- Networking:
+  - Pi-hole:
+      icon: pi-hole
+      href: https://pihole.douglasdigitalhome.net
+      description: DNS ad-blocking & stats
+      widget:
+        type: pihole
+        url: http://192.168.1.155:8080
+        key: yL4lBDboHC5FVPAZTBSW8IZvoxEQA0ObAAVyzrcll04=
+        version: 6
+
+- Home Automation:
+  - Home Assistant:
+      icon: home-assistant
+      href: https://homeassistant.douglasdigitalhome.net
+      description: Smart home hub
+      widget:
+        type: homeassistant
+        url: http://192.168.1.155:8123
+        key: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJjZWY5N2IxMDMwNDA0YzNlOGYwM2Q0OWYyMDc0NzBmZCIsImlhdCI6MTc3Njc4ODAzOCwiZXhwIjoyMDkyMTQ4MDM4fQ.aH7VzskO8tWAU1A14ieg8S98a8EQdyu_1PgE63Nm0_Y
+
+- Office/Tools:
+  - FreshRSS:
+      icon: freshrss
+      href: https://freshrss.douglasdigitalhome.net
+      description: RSS reader
+      widget:
+        type: freshrss
+        url: http://192.168.1.155:8082
+        username: kdouglas011
+        password: gyv!aky@gvz@fmu1AEV 
+
+  - Stirling PDF:
+      icon: mdi-file-pdf-box       
+      href: https://stirlingpdf.douglasdigitalhome.net
+      description: PDF toolkit
+
+  - LibreOffice:
+      icon: libreoffice
+      href: https://libreoffice.douglasdigitalhome.net
+      description: Online office suite
+
+- Monitoring:
+  - Uptime Kuma:
+      icon: uptimekuma
+      href: https://uptimekuma.douglasdigitalhome.net
+      description: Service & System Monitoring
+      widget:
+        type: uptimekuma
+        url: http://192.168.1.145:3001
+        slug: myservers
+
+- Automation:
+  - n8n:
+      icon: n8n
+      href: https://n8n.douglasdigitalhome.net
+      description: Workflow automation
+
+  - Blinko:
+      icon: mdi-notebook
+      href: https://blinko.douglasdigitalhome.net
+      description: Notes / knowledge base
+
+- Media:
+  - Plex:
+      icon: plex
+      href: https://app.plex.tv
+      description: Home Media Server
+
+- AI / LLM:
+  - OpenWebUI:
+      icon: mdi-robot-excited     # Nice modern robot icon
+      href: https://openwebui.douglasdigitalhome.net
+      description: Local LLM Chat Interface 
+
+- Other:
+  - 13ft Ladder:
+      icon: mdi-ladder
+      href: https://13ftladder.douglasdigitalhome.net
+      description: URL Paywall Scrubber
+
+  - Nginx Proxy:
+      icon: nginx
+      href: https://nginx.douglasdigitalhome.net
+      description: Reverse proxy
+
+  - OpenSpeedTest:
+      icon: mdi-speedometer
+      href: https://openspeedtest.douglasdigitalhome.net
+      description: Local Network Speed Test

libreoffice/docker-compose.yaml

@@ -0,0 +1,30 @@
+version: "3.8"
+
+services:
+  libreoffice:
+    container_name: libreoffice
+    image: lscr.io/linuxserver/libreoffice:latest
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+    hostname: libreoffice
+    environment:
+      TZ: America/New_York
+      PUID: "1000"
+      PGID: "1000"
+      START_DOCKER: "true"
+      TITLE: "LibreOffice"
+      LSIO_FIRST_PARTY: "true"
+      NO_GAMEPAD: "true"
+      DISABLE_ZINK: "false"
+      DISABLE_DRI3: "false"
+    ports:
+      - "3000:3000/tcp"
+      - "3001:3001/tcp"
+    volumes:
+      - "/home/kdouglas011/libreoffice/config:/config:rw"       # ← REPLACE with real Source for /config
+      - "/home/kdouglas011/Documents:/documents:rw"             # ← REPLACE or REMOVE if no /documents mount
+    working_dir: "/"
+    entrypoint: ["/init"]
+    logging:
+      driver: json-file

n8n/docker-compose.yaml

@@ -0,0 +1,36 @@
+version: "3.8"  # Modern standard
+
+services:
+  n8n:
+    container_name: n8n
+    image: docker.n8n.io/n8nio/n8n
+    restart: unless-stopped
+    user: node
+    ports:
+      - "5678:5678/tcp"  # Main n8n UI
+    environment:
+      TZ: America/New_York
+      N8N_BASIC_AUTH_ACTIVE: "true"
+      N8N_BASIC_AUTH_USER: "kdouglas011"
+      N8N_BASIC_AUTH_PASSWORD: "athlete-fares-object-easily"
+      N8N_SECURE_COOKIE: "false"  # Only if you don't use HTTPS; otherwise set true
+      NODE_ENV: production
+      N8N_RELEASE_TYPE: stable
+    volumes:
+      - "n8n_n8n_data:/home/node/.n8n"
+    networks:
+      - n8n_default
+    working_dir: "/home/node"
+    entrypoint:
+      - tini
+      - "--"
+      - "/docker-entrypoint.sh"
+
+networks:
+  n8n_default:
+    external: true
+    name: n8n_default
+
+volumes:
+  n8n_n8n_data:
+    external: true

nginx/docker-compose.yaml

@@ -0,0 +1,24 @@
+version: "3.8"
+
+services:
+  nginx-proxy-manager:
+    container_name: nginx-proxy-manager
+    image: jc21/nginx-proxy-manager:latest
+    restart: unless-stopped
+    ports:
+      - "80:80/tcp"     # HTTP traffic
+      - "443:443/tcp"   # HTTPS traffic + certs
+      - "81:81/tcp"     # Admin UI (change if you want to hide it)
+    environment:
+      TZ: America/New_York
+      SUPPRESS_NO_CONFIG_WARNING: "1"
+      NODE_ENV: production
+      NODE_OPTIONS: --openssl-legacy-provider
+      # Add any custom env if you use CrowdSec or other integrations
+    volumes:
+      - "/data/compose/12/data:/data"
+      - "/data/compose/12/letsencrypt:/etc/letsencrypt"
+    working_dir: "/app"
+    entrypoint: ["/init"]
+    logging:
+      driver: json-file

ollama-open-web-ui/docker-compose.yaml

@@ -0,0 +1,30 @@
+version: '3.8'
+
+services:
+  ollama:
+    image: ollama/ollama:latest
+    container_name: ollama
+    ports:
+      - "11434:11434"
+    volumes:
+      - ollama:/root/.ollama
+    restart: unless-stopped
+
+  open-webui:
+    image: ghcr.io/open-webui/open-webui:main
+    container_name: open-webui
+    ports:
+      - "3000:8080"
+    volumes:
+      - open-webui:/app/backend/data
+    environment:
+      - OLLAMA_BASE_URL=http://ollama:11434
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+    depends_on:
+      - ollama
+    restart: unless-stopped
+
+volumes:
+  ollama:
+  open-webui: 

openspeedtest/docker-compose.yaml

@@ -0,0 +1,32 @@
+version: "3.8"
+
+services:
+  openspeedtest:
+    container_name: openspeedtest
+    image: openspeedtest/latest
+    restart: unless-stopped
+    hostname: openspeedtest
+    user: "101"
+    ports:
+      - "3030:3000/tcp"
+      - "3031:3001/tcp"
+    environment:
+      TZ: America/New_York
+      ENABLE_LETSENCRYPT: "false"
+      DOMAIN_NAME: "false"
+      USER_EMAIL: "false"
+      CONFIG: "/etc/nginx/conf.d/OpenSpeedTest-Server.conf"
+      INDEX_HTML: "/usr/share/nginx/html/index.html"
+      CHANGE_CONTAINER_PORTS: "false"
+      HTTP_PORT: "3000"
+      HTTPS_PORT: "3001"
+      SET_USER: "101"
+    # No volumes needed (stateless except unused LE path)
+    # No custom network — let Docker use default bridge
+    logging:
+      driver: json-file
+    working_dir: "/"
+    entrypoint:
+      - "/docker-entrypoint.sh"
+    command:
+      - "/entrypoint.sh"

pihole/docker-compose.yaml

@@ -0,0 +1,30 @@
+version: "3.8"  # Modern version (original was 3.6, safe to bump)
+
+services:
+  pihole:
+    container_name: pihole
+    image: pihole/pihole:latest
+    restart: unless-stopped
+    hostname: pihole  # Cleaner than the random container ID
+    environment:
+      TZ: America/New_York                  # Proper IANA format (was "New York")
+      FTLCONF_webserver_api_password: "~Guards1345"
+      FTLCONF_dns_listeningMode: ALL
+      FTL_CMD: no-daemon
+      DNSMASQ_USER: pihole
+    ports:
+      - "53:53/tcp"
+      - "53:53/udp"
+      - "8080:80/tcp"     # HTTP admin
+      - "8443:443/tcp"    # HTTPS admin
+    volumes:
+      - "/data/compose/5/etc-pihole:/etc/pihole:rw"   # Keep this — confirmed by inspect
+      # Add this second volume if you have custom dnsmasq configs (very common for Pi-hole)
+      # - "/data/compose/5/etc-dnsmasq.d:/etc/dnsmasq.d:rw"
+    networks:
+      - pihole_default
+
+networks:
+  pihole_default:
+    name: pihole_default
+    external: true

reactiveresume/docker-compose.yaml

@@ -0,0 +1,11 @@
+version: '3'
+services:
+  app:
+    image: amruthpillai/reactive-resume:latest
+    ports:
+      - "3100:3100"  # Access via localhost:3100
+    environment:
+      - PUBLIC_SERVER_URL=http://localhost:3100
+      - STORAGE_URL=http://localhost:3100/storage
+    volumes:
+      - ./data:/data  # Mount for persistent resumes

searxng/docker-compose.yaml

@@ -0,0 +1,38 @@
+version: '3.8'
+
+services:
+  core:
+    image: searxng/searxng:latest
+    container_name: searxng
+    restart: no                    # change to unless-stopped once stable
+    ports:
+      - "8080:8080"
+    volumes:
+      - searxng-config:/etc/searxng
+      - searxng-cache:/var/cache/searxng
+    environment:
+      - SEARXNG_BASE_URL=http://192.168.1.112:8080/
+      - SEARXNG_BIND_ADDRESS=0.0.0.0
+      - SEARXNG_PORT=8080
+      - FORCE_OWNERSHIP=true
+      # Add a secret key (generate one or use this placeholder for now)
+      - SEARXNG_SECRET_KEY=your-super-secret-key-change-this-in-production
+    cap_drop:
+      - ALL
+    cap_add:
+      - CHOWN
+      - SETGID
+      - SETUID
+
+  valkey:
+    image: valkey/valkey:7-alpine
+    container_name: searxng-valkey
+    restart: unless-stopped
+    command: --save 30 1 --loglevel warning
+    volumes:
+      - valkey-data:/data
+
+volumes:
+  searxng-config:
+  searxng-cache:
+  valkey-data:

stirlingpdf/docker-compose.yaml

@@ -0,0 +1,38 @@
+version: "3.8"
+
+services:
+  stirling-pdf:
+    image: stirlingtools/stirling-pdf:latest        # or :latest-fat if you want more languages/features
+    container_name: stirling-pdf
+    restart: unless-stopped
+    
+    ports:
+      - "8081:8080"                                 # ← change left side if 8080 is used (e.g. 8081:8080)
+    
+    volumes:
+      - stirling-configs:/configs                   # main settings, users, custom files
+      - stirling-trainingdata:/usr/share/tessdata   # for OCR – add extra lang data here later if needed
+      # - ./logs:/logs                               # optional – uncomment if you want persistent logs
+      # - ./extraConfigs:/extraConfigs               # optional advanced customizations
+    
+    environment:
+      # Security / login (recommended to turn on eventually)
+      - DOCKER_ENABLE_SECURITY=true                 # set to true → enables login screen
+      # - SYSTEM_ROOTURIPATH=/pdf                   # if running behind reverse proxy / subpath (optional)
+      
+      # Performance / feature flags (good defaults for Pi)
+      - INSTALL_BOOK_AND_ADVANCED_HTML_OPS=false    # saves RAM / startup time
+      - LANGS=en_US                                 # change to en_GB, de_DE etc if preferred
+      
+      # Optional: reduce memory pressure a bit more
+      - JAVA_TOOL_OPTIONS=-Xmx1024m                 # cap at 1 GB (adjust down to 768m if Pi is RAM-tight)
+
+    # healthcheck:  # optional but nice in Portainer
+    #   test: ["CMD", "curl", "-f", "http://localhost:8080/api/v1/server/health"]
+    #   interval: 30s
+    #   timeout: 10s
+    #   retries: 3
+
+volumes:
+  stirling-configs:
+  stirling-trainingdata:

whoogle/docker-compose.yaml

@@ -0,0 +1,17 @@
+version: '3.8'
+
+services:
+  whoogle:
+    image: benbusby/whoogle-search:latest
+    container_name: whoogle
+    restart: unless-stopped
+    ports:
+      - "5000:5000"   # change if 5000 is taken
+    environment:
+      - WHOOGLE_CONFIG_DISABLE=0   # optional: keep config page enabled for tweaks
+      # Optional extras you can add later:
+      # - WHOOGLE_PROXY=1
+      # - WHOOGLE_TOR=0
+    # No cap_drop/cap_add needed — it runs clean
+
+volumes: {}   # no volumes required for basic use