85 lines
2.9 KiB
YAML
85 lines
2.9 KiB
YAML
# Customer: Demo / Test Server (N100 Mini PC)
|
|
# Hardware: Intel N100, 16GB RAM, 128GB NVMe + 1TB HDD
|
|
# Network: Local + Cloudflare Tunnel for demo access
|
|
|
|
customer_id: demo-felhom
|
|
domain: demo-felhom.eu
|
|
hdd_path: /mnt/hdd_1
|
|
gitea_repo: customers/demo-felhom-stacks
|
|
hardware: n100
|
|
notes: "Internal demo/test server for validating deployments"
|
|
|
|
# Apps to deploy on this node
|
|
apps:
|
|
- actualbudget
|
|
- docmost
|
|
- filebrowser
|
|
- homebox
|
|
- immich
|
|
- mealie
|
|
- paperless-ngx
|
|
- romm
|
|
- stirling-pdf
|
|
- vaultwarden
|
|
|
|
# Per-customer overrides (optional)
|
|
# Uncomment to pin versions or disable auto-updates
|
|
overrides: {}
|
|
# immich_version: "v2.5.5" # Pin Immich to specific version
|
|
# auto_update: false # Skip ALL version updates from catalog
|
|
|
|
# Portainer env vars to set (reference only — actual secrets go in Portainer!)
|
|
# These are documented here so you remember what each stack needs.
|
|
env_vars_reference:
|
|
docmost:
|
|
APP_SECRET: "generate with: openssl rand -hex 32"
|
|
DB_PASSWORD: "generate secure password"
|
|
immich:
|
|
DB_PASSWORD: "generate secure password"
|
|
paperless-ngx:
|
|
PAPERLESS_SECRET_KEY: "generate with: openssl rand -hex 32"
|
|
DB_PASSWORD: "generate secure password"
|
|
PAPERLESS_ADMIN_USER: "admin"
|
|
PAPERLESS_ADMIN_PASSWORD: "set initial password"
|
|
romm:
|
|
DB_PASSWORD: "generate secure password"
|
|
MYSQL_ROOT_PASSWORD: "generate secure password"
|
|
ROMM_AUTH_SECRET_KEY: "generate with: openssl rand -hex 32"
|
|
vaultwarden:
|
|
ADMIN_TOKEN: "generate with: openssl rand -hex 32"
|
|
SIGNUPS_ALLOWED: "true (set to false after account creation)"
|
|
|
|
# Storage layout reference
|
|
# This shows where user data lives after render (HDD host paths):
|
|
#
|
|
# /mnt/hdd_1/ ← HDD root (filebrowser serves this)
|
|
# /mnt/hdd_1/storage/immich/ ← photos & videos
|
|
# /mnt/hdd_1/storage/paperless/consume/ ← drop documents here for OCR
|
|
# /mnt/hdd_1/storage/paperless/media/ ← processed documents
|
|
# /mnt/hdd_1/storage/paperless/export/ ← document exports / backup
|
|
# /mnt/hdd_1/storage/romm/library/ ← ROM files
|
|
# /mnt/hdd_1/storage/romm/resources/ ← cover art, metadata
|
|
#
|
|
# Named volumes (on NVMe, managed by Docker):
|
|
# actualbudget_data, docmost_*, homebox_data, mealie_data,
|
|
# immich_postgres_data, paperless_data, vaultwarden_data, etc.
|
|
|
|
# Backup considerations
|
|
backup_notes:
|
|
databases:
|
|
- "docmost: PostgreSQL (docmost-postgres)"
|
|
- "immich: PostgreSQL (immich-postgres)"
|
|
- "paperless-ngx: PostgreSQL (paperless-postgres)"
|
|
- "romm: MariaDB (romm-db)"
|
|
hdd_paths:
|
|
- "/mnt/hdd_1/storage/immich (photos — large, Backrest read-only mount)"
|
|
- "/mnt/hdd_1/storage/paperless/media (documents — Backrest read-only mount)"
|
|
- "/mnt/hdd_1/storage/romm/library (ROMs — Backrest read-only mount)"
|
|
named_volumes:
|
|
- "actualbudget_data"
|
|
- "docmost_storage"
|
|
- "homebox_data"
|
|
- "mealie_data"
|
|
- "stirling_data"
|
|
- "vaultwarden_data"
|