vikunja

Caddyfile.bak

@@ -0,0 +1,202 @@
+
+auth.domr.ovh,
+auth.home.domroese.eu {
+  tls soenke@domroese.eu
+  reverse_proxy 192.168.1.65:8444
+}
+bookstack.domr.ovh, 
+bookstack.home.domroese.eu {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:6875
+}
+bracket.domr.ovh:443, 
+bracket.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:3000
+}
+
+backend.bracket.domr.ovh:443, 
+backend.bracket.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8400
+}
+caddy.domr.ovh, 
+caddy.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8881
+}
+
+api.caddy.domr.ovh, 
+api.caddy.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:2019
+}
+changedetect.domr.ovh:80, 
+changedetect.home.domroese.eu:80,
+changedetect.domr.ovh:443, 
+changedetect.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:5238
+}
+chartbrew.domr.ovh, 
+chartbrew.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:4018
+}
+chartbrew.domr.ovh:4019, 
+chartbrew.home.domroese.eu:4019 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:4019
+}
+onboarding.domr.ovh,
+onboarding.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8517
+}convertx.domr.ovh,
+convertx.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:3410
+}
+todos.domr.ovh,  #donetick
+todos.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:2021
+}
+erugo.domr.ovh, 
+erugo.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:9997
+}
+excalidraw.domr.ovh, 
+excalidraw.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8267
+}
+firefly.domr.ovh, 
+firefly.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8950
+}
+rss.domr.ovh, 
+rss.home.domroese.eu {
+    tls soenke@domroese.eu
+    reverse_proxy 192.168.1.65:8884
+}
+git.domr.ovh, 
+git.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.194:8418
+}
+guac.domr.ovh, 
+guac.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.65:6080
+}
+homarr.domr.ovh, 
+homarr.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:7575
+}
+homepage.domr.ovh:80, 
+homepage.domr.ovh:443, 
+homepage.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:3891
+}
+ittools.domr.ovh:443, 
+ittools.home.domroese.eu:443,
+ittools.domr.ovh:80, 
+ittools.home.domroese.eu:80 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:9080
+}
+jenkins.domr.ovh, 
+jenkins.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.65:8040
+}
+kopia.domr.ovh, 
+kopia.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.65:51515
+}
+mealie.domr.ovh, 
+mealie.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:9925
+}
+memos.domr.ovh, 
+memos.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:5230
+}
+ntfy.domr.ovh  {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8234
+}
+chat.domr.ovh, 
+chat.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:1180
+}omnitools.domr.ovh, 
+omnitools.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8579
+}
+paperless.domr.ovh:443, 
+paperless.home.domroese.eu:443,
+paperless.domr.ovh:80, 
+paperless.home.domroese.eu:80 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:1000
+}
+pihole.domr.ovh, 
+pihole.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.65:2000
+}
+
+
+plantit.domr.ovh, 
+plantit.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:3632
+}
+
+api.plantit.domr.ovh, 
+api.plantit.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8632
+}
+shiori.domr.ovh, 
+shiori.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:2661
+}
+speedtesttracker.domr.ovh, 
+speedtesttracker.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:1378
+}
+pdf.domr.ovh, 
+pdf.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:3614
+}
+uptimekuma.domr.ovh, 
+uptimekuma.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.65:8030
+}
+vault.domr.ovh:443, 
+vault.home.domroese.eu:443,
+vault.domr.ovh:80, 
+vault.home.domroese.eu:80 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:4080
+}
+wallos.domr.ovh, 
+wallos.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8282
+}

caddy/Caddyfile

@@ -21,6 +21,7 @@ backend.bracket.home.domroese.eu:443 {
     tls soenke@domroese.eu        
     reverse_proxy 192.168.1.65:8400
 }
+
 caddy.domr.ovh, 
 caddy.home.domroese.eu:443 {
     tls soenke@domroese.eu        
@@ -152,6 +153,20 @@ memos.home.domroese.eu:443 {
     reverse_proxy 192.168.1.65:5230
 }
 
+nas.domr.ovh, 
+nas.home.domroese.eu {
+    tls soenke@domroese.eu {
+        client_auth {
+            mode request
+        }
+    }
+    reverse_proxy https://192.168.1.194:5001 {
+        transport http {
+                tls_insecure_skip_verify # Disable TLS Verification, as we don't have a real certificate on the nas
+        }
+    }
+}
+
 ntfy.domr.ovh  {
     tls soenke@domroese.eu        
     reverse_proxy 192.168.1.65:8234
@@ -227,6 +242,12 @@ vault.home.domroese.eu:80 {
     reverse_proxy 192.168.1.65:4080
 }
 
+vikunja.domr.ovh:80,
+vikunja.domr.ovh:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:3456
+}
+
 wallos.domr.ovh, 
 wallos.home.domroese.eu:443 {
     tls soenke@domroese.eu        

caddy/Caddyfile.bak

@@ -1,15 +1,7 @@
-nas.domr.ovh, 
+auth.domr.ovh,
-nas.home.domroese.eu {
+auth.home.domroese.eu {
-    tls soenke@domroese.eu {
+  tls soenke@domroese.eu
-	client_auth {
+  reverse_proxy 192.168.1.65:8444
-		mode request
-	}
-    }
-    reverse_proxy https://192.168.1.194:5001 {
-	transport http {
-	        tls_insecure_skip_verify # Disable TLS Verification, as we don't have a real certificate on the nas
-	}
-    }
 }
 
 bookstack.domr.ovh, 
@@ -18,88 +10,65 @@ bookstack.home.domroese.eu {
     reverse_proxy 192.168.1.65:6875
 }
 
-
+bracket.domr.ovh:443, 
-git.domr.ovh, 
+bracket.home.domroese.eu:443 {
-git.home.domroese.eu {
-    tls soenke@domroese.eu 
-    reverse_proxy 192.168.1.194:8418
-}
-
-guac.domr.ovh, 
-guac.home.domroese.eu {
-    tls soenke@domroese.eu 
-    reverse_proxy 192.168.1.65:6080
-}
-
-rss.domr.ovh, 
-rss.home.domroese.eu {
-    tls soenke@domroese.eu
-    reverse_proxy 192.168.1.65:8884
-}
-
-morphos.domr.ovh, 
-morphos.home.domroese.eu {
-    tls soenke@domroese.eu 
-    reverse_proxy 192.168.1.65:8020
-}
-
-uptimekuma.domr.ovh, 
-uptimekuma.home.domroese.eu {
-    tls soenke@domroese.eu 
-    reverse_proxy 192.168.1.65:8030
-}
-
-kopia.domr.ovh, 
-kopia.home.domroese.eu {
-    tls soenke@domroese.eu 
-    reverse_proxy 192.168.1.65:51515
-}
-
-jenkins.domr.ovh, 
-jenkins.home.domroese.eu {
-    tls soenke@domroese.eu 
-    reverse_proxy 192.168.1.65:8040
-}
-
-pihole.domr.ovh, 
-pihole.home.domroese.eu {
-    tls soenke@domroese.eu 
-    reverse_proxy 192.168.1.65:2000
-}
-
-paperless.domr.ovh:443, 
-paperless.home.domroese.eu:443,
-paperless.domr.ovh:80, 
-paperless.home.domroese.eu:80 {
     tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:1000
+    reverse_proxy 192.168.1.65:3000
 }
 
-ittools.domr.ovh:443, 
+backend.bracket.domr.ovh:443, 
-ittools.home.domroese.eu:443,
+backend.bracket.home.domroese.eu:443 {
-ittools.domr.ovh:80, 
-ittools.home.domroese.eu:80 {
     tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:9080
+    reverse_proxy 192.168.1.65:8400
+}
+caddy.domr.ovh, 
+caddy.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8881
 }
 
-vault.domr.ovh:443, 
+api.caddy.domr.ovh, 
-vault.home.domroese.eu:443,
+api.caddy.home.domroese.eu:443 {
-vault.domr.ovh:80, 
-vault.home.domroese.eu:80 {
     tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:4080
+    reverse_proxy 192.168.1.65:2019
 }
 
-chat.domr.ovh, 
+changedetect.domr.ovh:80, 
-chat.home.domroese.eu:443 {
+changedetect.home.domroese.eu:80,
+changedetect.domr.ovh:443, 
+changedetect.home.domroese.eu:443 {
     tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:1180
+    reverse_proxy 192.168.1.65:5238
 }
-budibase.domr.ovh, 
+
-budibase.home.domroese.eu:443 {
+chartbrew.domr.ovh, 
+chartbrew.home.domroese.eu:443 {
     tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:10000
+    reverse_proxy 192.168.1.65:4018
+}
+
+chartbrew.domr.ovh:4019, 
+chartbrew.home.domroese.eu:4019 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:4019
+}
+
+onboarding.domr.ovh,
+onboarding.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8517
+}
+
+convertx.domr.ovh,
+convertx.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:3410
+}
+
+todos.domr.ovh,  #donetick
+todos.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:2021
 }
 
 erugo.domr.ovh, 
@@ -113,6 +82,31 @@ excalidraw.home.domroese.eu:443 {
     tls soenke@domroese.eu        
     reverse_proxy 192.168.1.65:8267
 }
+
+firefly.domr.ovh, 
+firefly.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8950
+}
+
+rss.domr.ovh, 
+rss.home.domroese.eu {
+    tls soenke@domroese.eu
+    reverse_proxy 192.168.1.65:8884
+}
+
+git.domr.ovh, 
+git.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.194:8418
+}
+
+guac.domr.ovh, 
+guac.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.65:6080
+}
+
 homarr.domr.ovh, 
 homarr.home.domroese.eu:443 {
     tls soenke@domroese.eu        
@@ -126,34 +120,67 @@ homepage.home.domroese.eu:443 {
     reverse_proxy 192.168.1.65:3891
 }
 
+ittools.domr.ovh:443, 
+ittools.home.domroese.eu:443,
+ittools.domr.ovh:80, 
+ittools.home.domroese.eu:80 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:9080
+}
+
+jenkins.domr.ovh, 
+jenkins.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.65:8040
+}
+
+kopia.domr.ovh, 
+kopia.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.65:51515
+}
+
 mealie.domr.ovh, 
 mealie.home.domroese.eu:443 {
     tls soenke@domroese.eu        
     reverse_proxy 192.168.1.65:9925
 }
 
+memos.domr.ovh, 
+memos.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:5230
+}
+
+ntfy.domr.ovh  {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8234
+}
+
+chat.domr.ovh, 
+chat.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:1180
+}
+
 omnitools.domr.ovh, 
 omnitools.home.domroese.eu:443 {
     tls soenke@domroese.eu        
     reverse_proxy 192.168.1.65:8579
 }
 
-shiori.domr.ovh, 
+paperless.domr.ovh:443, 
-shiori.home.domroese.eu:443 {
+paperless.home.domroese.eu:443,
+paperless.domr.ovh:80, 
+paperless.home.domroese.eu:80 {
     tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:2661
+    reverse_proxy 192.168.1.65:1000
 }
 
-wallos.domr.ovh, 
+pihole.domr.ovh, 
-wallos.home.domroese.eu:443 {
+pihole.home.domroese.eu {
-    tls soenke@domroese.eu        
+    tls soenke@domroese.eu 
-    reverse_proxy 192.168.1.65:8282
+    reverse_proxy 192.168.1.65:2000
-}
-
-firefly.domr.ovh, 
-firefly.home.domroese.eu:443 {
-    tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:8950
 }
 
 plantit.domr.ovh, 
@@ -168,59 +195,10 @@ api.plantit.home.domroese.eu:443 {
     reverse_proxy 192.168.1.65:8632
 }
 
-bracket.domr.ovh:443, 
+shiori.domr.ovh, 
-bracket.home.domroese.eu:443 {
+shiori.home.domroese.eu:443 {
     tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:3000
+    reverse_proxy 192.168.1.65:2661
-}
-
-backend.bracket.domr.ovh:443, 
-backend.bracket.home.domroese.eu:443 {
-    tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:8400
-}
-
-changedetect.domr.ovh:80, 
-changedetect.home.domroese.eu:80,
-changedetect.domr.ovh:443, 
-changedetect.home.domroese.eu:443 {
-    tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:5238
-}
-
-auth.domr.ovh, 
-auth.home.domroese.eu {
-    tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:8444
-}
-
-chartbrew.domr.ovh, 
-chartbrew.home.domroese.eu:443 {
-    tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:4018
-}
-chartbrew.domr.ovh:4019, 
-chartbrew.home.domroese.eu:4019 {
-    tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:4019
-}
-
-caddy.domr.ovh, 
-caddy.home.domroese.eu:443 {
-    tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:8881
-}
-
-api.caddy.domr.ovh, 
-api.caddy.home.domroese.eu:443 {
-    tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:2019
-}
-
-onboarding.domr.ovh, 
-onboarding.home.domroese.eu:443 {
-    tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:8517
 }
 
 speedtesttracker.domr.ovh, 
@@ -229,33 +207,28 @@ speedtesttracker.home.domroese.eu:443 {
     reverse_proxy 192.168.1.65:1378
 }
 
-todos.domr.ovh,  #donetick
-todos.home.domroese.eu:443 {
-    tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:2021
-}
-
 pdf.domr.ovh, 
 pdf.home.domroese.eu:443 {
     tls soenke@domroese.eu        
     reverse_proxy 192.168.1.65:3614
 }
 
-convertx.domr.ovh,
+uptimekuma.domr.ovh, 
-convertx.home.domroese.eu:443 {
+uptimekuma.home.domroese.eu {
-    tls soenke@domroese.eu        
+    tls soenke@domroese.eu 
-    reverse_proxy 192.168.1.65:3410
+    reverse_proxy 192.168.1.65:8030
 }
 
-memos.domr.ovh, 
+vault.domr.ovh:443, 
-memos.home.domroese.eu:443 {
+vault.home.domroese.eu:443,
+vault.domr.ovh:80, 
+vault.home.domroese.eu:80 {
     tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:5230
+    reverse_proxy 192.168.1.65:4080
 }
 
-
+wallos.domr.ovh, 
-ntfy.domr.ovh  {
+wallos.home.domroese.eu:443 {
     tls soenke@domroese.eu        
-    reverse_proxy 192.168.1.65:8234
+    reverse_proxy 192.168.1.65:8282
 }
-

caddy/Caddyfile.bak.möp

@@ -0,0 +1,234 @@
+auth.domr.ovh,
+auth.home.domroese.eu {
+  tls soenke@domroese.eu
+  reverse_proxy 192.168.1.65:8444
+}
+
+bookstack.domr.ovh, 
+bookstack.home.domroese.eu {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:6875
+}
+
+bracket.domr.ovh:443, 
+bracket.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:3000
+}
+
+backend.bracket.domr.ovh:443, 
+backend.bracket.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8400
+}
+caddy.domr.ovh, 
+caddy.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8881
+}
+
+api.caddy.domr.ovh, 
+api.caddy.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:2019
+}
+
+changedetect.domr.ovh:80, 
+changedetect.home.domroese.eu:80,
+changedetect.domr.ovh:443, 
+changedetect.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:5238
+}
+
+chartbrew.domr.ovh, 
+chartbrew.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:4018
+}
+
+chartbrew.domr.ovh:4019, 
+chartbrew.home.domroese.eu:4019 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:4019
+}
+
+onboarding.domr.ovh,
+onboarding.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8517
+}
+
+convertx.domr.ovh,
+convertx.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:3410
+}
+
+todos.domr.ovh,  #donetick
+todos.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:2021
+}
+
+erugo.domr.ovh, 
+erugo.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:9997
+}
+
+excalidraw.domr.ovh, 
+excalidraw.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8267
+}
+
+firefly.domr.ovh, 
+firefly.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8950
+}
+
+rss.domr.ovh, 
+rss.home.domroese.eu {
+    tls soenke@domroese.eu
+    reverse_proxy 192.168.1.65:8884
+}
+
+git.domr.ovh, 
+git.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.194:8418
+}
+
+guac.domr.ovh, 
+guac.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.65:6080
+}
+
+homarr.domr.ovh, 
+homarr.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:7575
+}
+
+homepage.domr.ovh:80, 
+homepage.domr.ovh:443, 
+homepage.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:3891
+}
+
+ittools.domr.ovh:443, 
+ittools.home.domroese.eu:443,
+ittools.domr.ovh:80, 
+ittools.home.domroese.eu:80 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:9080
+}
+
+jenkins.domr.ovh, 
+jenkins.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.65:8040
+}
+
+kopia.domr.ovh, 
+kopia.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.65:51515
+}
+
+mealie.domr.ovh, 
+mealie.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:9925
+}
+
+memos.domr.ovh, 
+memos.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:5230
+}
+
+ntfy.domr.ovh  {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8234
+}
+
+chat.domr.ovh, 
+chat.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:1180
+}
+
+omnitools.domr.ovh, 
+omnitools.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8579
+}
+
+paperless.domr.ovh:443, 
+paperless.home.domroese.eu:443,
+paperless.domr.ovh:80, 
+paperless.home.domroese.eu:80 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:1000
+}
+
+pihole.domr.ovh, 
+pihole.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.65:2000
+}
+
+plantit.domr.ovh, 
+plantit.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:3632
+}
+
+api.plantit.domr.ovh, 
+api.plantit.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8632
+}
+
+shiori.domr.ovh, 
+shiori.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:2661
+}
+
+speedtesttracker.domr.ovh, 
+speedtesttracker.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:1378
+}
+
+pdf.domr.ovh, 
+pdf.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:3614
+}
+
+uptimekuma.domr.ovh, 
+uptimekuma.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.65:8030
+}
+
+vault.domr.ovh:443, 
+vault.home.domroese.eu:443,
+vault.domr.ovh:80, 
+vault.home.domroese.eu:80 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:4080
+}
+
+wallos.domr.ovh, 
+wallos.home.domroese.eu:443 {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:8282
+}

mysql/mysql.sock

@@ -0,0 +1 @@
+/var/run/mysqld/mysqld.sock

pihole/Caddyfilepart

@@ -0,0 +1,7 @@
+pihole.domr.ovh, 
+pihole.home.domroese.eu {
+    tls soenke@domroese.eu 
+    reverse_proxy 192.168.1.65:2000
+}
+
+

pihole/docker-compose.yml

@@ -0,0 +1,25 @@
+version: "3"
+
+# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
+services:
+  pihole:
+    container_name: pihole
+    image: pihole/pihole:latest
+    # For DHCP it is recommended to remove these ports and instead add: network_mode: "host"
+    ports:
+      - "53:53/tcp"
+      - "53:53/udp"
+      - "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
+      - "2000:80/tcp"
+    environment:
+      TZ: 'Europe/Berlin'
+      WEBPASSWORD: 'Diavid9600'
+    # Volumes store your data between container upgrades
+    volumes:
+      - '/home/soenke/docker-data/pihole/etc-pihole:/etc/pihole'
+      - '/home/soenke/docker-data/pihole/etc-dnsmasq.d:/etc/dnsmasq.d'
+    #   https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
+    cap_add:
+      - NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed
+    restart: unless-stopped
+

pihole/etc-pihole/adlists.list

@@ -0,0 +1 @@
+https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts

pihole/etc-pihole/dns-servers.conf

@@ -0,0 +1,9 @@
+Google (ECS, DNSSEC);8.8.8.8;8.8.4.4;2001:4860:4860:0:0:0:0:8888;2001:4860:4860:0:0:0:0:8844
+OpenDNS (ECS, DNSSEC);208.67.222.222;208.67.220.220;2620:119:35::35;2620:119:53::53
+Level3;4.2.2.1;4.2.2.2;;
+Comodo;8.26.56.26;8.20.247.20;;
+DNS.WATCH (DNSSEC);84.200.69.80;84.200.70.40;2001:1608:10:25:0:0:1c04:b12f;2001:1608:10:25:0:0:9249:d69b
+Quad9 (filtered, DNSSEC);9.9.9.9;149.112.112.112;2620:fe::fe;2620:fe::9
+Quad9 (unfiltered, no DNSSEC);9.9.9.10;149.112.112.10;2620:fe::10;2620:fe::fe:10
+Quad9 (filtered, ECS, DNSSEC);9.9.9.11;149.112.112.11;2620:fe::11;2620:fe::fe:11
+Cloudflare (DNSSEC);1.1.1.1;1.0.0.1;2606:4700:4700::1111;2606:4700:4700::1001

pihole/etc-pihole/dnsmasq.conf

@@ -0,0 +1,106 @@
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2025 Pi-hole, LLC (https://pi-hole.net)
+# Network-wide ad blocking via your own hardware.
+#
+# Dnsmasq config for Pi-hole's FTLDNS
+#
+##################################################################################
+#                                                                                #
+#                     FILE AUTOMATICALLY POPULATED BY PI-HOLE                    #
+#    ANY CHANGES MADE TO THIS FILE WILL BE LOST WHEN THE CONFIGURATION CHANGES   #
+#                                                                                #
+#            IF YOU WISH TO CHANGE ANY OF THESE VALUES, CHANGE THEM IN           #
+#                             /etc/pihole/pihole.toml                            #
+#                             and restart pihole-FTL                             #
+#                                                                                #
+#           ANY OTHER CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE           #
+#                       WITHIN /etc/dnsmasq.d/yourname.conf                      #
+#    (make sure misc.etc_dnsmasq_d is set to true in /etc/pihole/pihole.toml)    #
+#                                                                                #
+#                      Last updated: 2025-03-07 13:21:22 CET                     #
+#                              by FTL version v6.0.2                             #
+#                                                                                #
+##################################################################################
+hostsdir=/etc/pihole/hosts
+
+# Don't read /etc/resolv.conf. Get upstream servers only from the configuration
+no-resolv
+
+# DNS port to be used
+port=53
+
+# List of upstream DNS server
+server=8.8.8.8
+server=8.8.4.4
+
+# Set the size of dnsmasq's cache. The default is 150 names. Setting the cache
+# size to zero disables caching. Note: huge cache size impacts performance
+cache-size=10000
+
+# Return answers to DNS queries from /etc/hosts and interface-name and
+# dynamic-host which depend on the interface over which the query was
+# received. If a name has more than one address associated with it, and
+# at least one of those addresses is on the same subnet as the interface
+# to which the query was sent, then return only the address(es) on that
+# subnet and return all the available addresses otherwise.
+localise-queries
+
+# Enable query logging
+log-queries
+log-async
+
+# Specify the log file to use
+# We set this even if logging is disabled to store warnings
+# and errors in this file. This is useful for debugging.
+log-facility=/var/log/pihole/pihole.log
+
+# Use stale cache entries for a given number of seconds to optimize cache utilization
+# Setting the time to zero will serve stale cache data regardless how long it has expired.
+use-stale-cache=3600
+
+# Listen on one interface
+interface=eth0
+
+# DNS domain for both the DNS and DHCP server
+# This DNS domain in purely local. FTL may answer queries from
+# /etc/hosts or DHCP but should never forward queries on that
+# domain to any upstream servers
+domain=lan
+local=/lan/
+
+# RFC 6761: Caching DNS servers SHOULD recognize
+#     test, localhost, invalid
+# names as special and SHOULD NOT attempt to look up NS records for them, or
+# otherwise query authoritative DNS servers in an attempt to resolve these
+# names.
+server=/test/
+server=/localhost/
+server=/invalid/
+
+# The same RFC requests something similar for
+#     10.in-addr.arpa.      21.172.in-addr.arpa.  27.172.in-addr.arpa.
+#     16.172.in-addr.arpa.  22.172.in-addr.arpa.  28.172.in-addr.arpa.
+#     17.172.in-addr.arpa.  23.172.in-addr.arpa.  29.172.in-addr.arpa.
+#     18.172.in-addr.arpa.  24.172.in-addr.arpa.  30.172.in-addr.arpa.
+#     19.172.in-addr.arpa.  25.172.in-addr.arpa.  31.172.in-addr.arpa.
+#     20.172.in-addr.arpa.  26.172.in-addr.arpa.  168.192.in-addr.arpa.
+# Pi-hole implements this via the dnsmasq option "bogus-priv" above
+# (if enabled!) as this option also covers IPv6.
+
+# OpenWRT furthermore blocks bind, local, onion domains
+# see https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob_plain;f=package/network/services/dnsmasq/files/rfc6761.conf;hb=HEAD
+# and https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
+# We do not include the ".local" rule ourselves, see https://github.com/pi-hole/pi-hole/pull/4282#discussion_r689112972
+server=/bind/
+server=/onion/
+
+# Cache all DNS records
+cache-rr=ANY
+
+# RFC 8482: Providing Minimal-Sized Responses to DNS Queries That Have QTYPE=ANY
+# Filters replies to queries for type ANY. Everything other than A, AAAA, MX and CNAME
+# records are removed. Since ANY queries with forged source addresses can be used in DNS amplification attacks
+# replies to ANY queries can be large) this defangs such attacks, whilst still supporting the
+# one remaining possible use of ANY queries. See RFC 8482 para 4.3 for details.
+filter-rr=ANY
+

pihole/etc-pihole/hosts/custom.list

@@ -0,0 +1,32 @@
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2025 Pi-hole, LLC (https://pi-hole.net)
+# Network-wide ad blocking via your own hardware.
+#
+# Custom DNS entries (HOSTS file)
+#
+##################################################################################
+#                                                                                #
+#                     FILE AUTOMATICALLY POPULATED BY PI-HOLE                    #
+#    ANY CHANGES MADE TO THIS FILE WILL BE LOST WHEN THE CONFIGURATION CHANGES   #
+#                                                                                #
+#            IF YOU WISH TO CHANGE ANY OF THESE VALUES, CHANGE THEM IN           #
+#                             /etc/pihole/pihole.toml                            #
+#                             and restart pihole-FTL                             #
+#                                                                                #
+#           ANY OTHER CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE           #
+#                       WITHIN /etc/dnsmasq.d/yourname.conf                      #
+#    (make sure misc.etc_dnsmasq_d is set to true in /etc/pihole/pihole.toml)    #
+#                                                                                #
+#                      Last updated: 2025-02-25 07:59:17 CET                     #
+#                              by FTL version v6.0.2                             #
+#                                                                                #
+##################################################################################
+
+213.209.115.117 proxy.voipslb.wtnet.de
+192.168.1.194 asgard.dom.local
+192.168.1.194 dom.local
+192.168.1.194 home.local
+192.168.1.65 home
+
+
+# There are 5 entries in this file

pihole/etc-pihole/listsCache/list.1.raw.githubusercontent.com.domains.etag

@@ -0,0 +1 @@
+W/"8caa9f75b909391b2db18bf240ac07e621dd2e393821d9a4ea052571edb33df9"

pihole/etc-pihole/listsCache/list.1.raw.githubusercontent.com.domains.sha1

@@ -0,0 +1 @@
+2b74510cd4f1dffab5b7dd4f59dcbc00d19ad0d2  /etc/pihole/listsCache/list.1.raw.githubusercontent.com.domains

pihole/etc-pihole/local.list

@@ -0,0 +1 @@
+### Do not modify this file, it will be overwritten by pihole -g

pihole/etc-pihole/logrotate

@@ -0,0 +1,32 @@
+/var/log/pihole/pihole.log {
+    # su #
+    daily
+    copytruncate
+    rotate 5
+    compress
+    delaycompress
+    notifempty
+    nomail
+}
+
+/var/log/pihole/FTL.log {
+    # su #
+    weekly
+    copytruncate
+    rotate 3
+    compress
+    delaycompress
+    notifempty
+    nomail
+}
+
+/var/log/pihole/webserver.log {
+    # su #
+    weekly
+    copytruncate
+    rotate 3
+    compress
+    delaycompress
+    notifempty
+    nomail
+}

pihole/etc-pihole/migration_backup/adlists.list

@@ -0,0 +1 @@
+https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts

pihole/etc-pihole/migration_backup_v6/01-pihole.conf

@@ -0,0 +1,37 @@
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
+# Network-wide ad blocking via your own hardware.
+#
+# Dnsmasq config for Pi-hole's FTLDNS
+#
+# This file is copyright under the latest version of the EUPL.
+# Please see LICENSE file for your rights under this license.
+
+###############################################################################
+#      FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE.      #
+# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
+#                                                                             #
+#        IF YOU WISH TO CHANGE THE UPSTREAM SERVERS, CHANGE THEM IN:          #
+#                      /etc/pihole/setupVars.conf                             #
+#                                                                             #
+#        ANY OTHER CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE           #
+#                    WITHIN /etc/dnsmasq.d/yourname.conf                      #
+###############################################################################
+
+addn-hosts=/etc/pihole/local.list
+addn-hosts=/etc/pihole/custom.list
+
+
+localise-queries
+
+
+no-resolv
+
+log-queries
+log-facility=/var/log/pihole/pihole.log
+
+log-async
+cache-size=10000
+server=8.8.8.8
+server=8.8.4.4
+interface=eth0

pihole/etc-pihole/migration_backup_v6/06-rfc6761.conf

@@ -0,0 +1,42 @@
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2021 Pi-hole, LLC (https://pi-hole.net)
+# Network-wide ad blocking via your own hardware.
+#
+# RFC 6761 config file for Pi-hole
+#
+# This file is copyright under the latest version of the EUPL.
+# Please see LICENSE file for your rights under this license.
+
+###############################################################################
+#      FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE.      #
+# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
+#                                                                             #
+#             CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE                #
+#                    WITHIN /etc/dnsmasq.d/yourname.conf                      #
+###############################################################################
+
+# RFC 6761: Caching DNS servers SHOULD recognize
+#     test, localhost, invalid
+# names as special and SHOULD NOT attempt to look up NS records for them, or
+# otherwise query authoritative DNS servers in an attempt to resolve these
+# names.
+server=/test/
+server=/localhost/
+server=/invalid/
+
+# The same RFC requests something similar for
+#     10.in-addr.arpa.      21.172.in-addr.arpa.  27.172.in-addr.arpa.
+#     16.172.in-addr.arpa.  22.172.in-addr.arpa.  28.172.in-addr.arpa.
+#     17.172.in-addr.arpa.  23.172.in-addr.arpa.  29.172.in-addr.arpa.
+#     18.172.in-addr.arpa.  24.172.in-addr.arpa.  30.172.in-addr.arpa.
+#     19.172.in-addr.arpa.  25.172.in-addr.arpa.  31.172.in-addr.arpa.
+#     20.172.in-addr.arpa.  26.172.in-addr.arpa.  168.192.in-addr.arpa.
+# Pi-hole implements this via the dnsmasq option "bogus-priv" (see
+# 01-pihole.conf) because this also covers IPv6.
+
+# OpenWRT furthermore blocks    bind, local, onion    domains
+# see https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob_plain;f=package/network/services/dnsmasq/files/rfc6761.conf;hb=HEAD
+# and https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
+# We do not include the ".local" rule ourselves, see https://github.com/pi-hole/pi-hole/pull/4282#discussion_r689112972
+server=/bind/
+server=/onion/

pihole/etc-pihole/migration_backup_v6/custom.list

@@ -0,0 +1,5 @@
+213.209.115.117 proxy.voipslb.wtnet.de
+192.168.1.194 asgard.dom.local
+192.168.1.194 dom.local
+192.168.1.194 home.local
+192.168.1.65 home

pihole/etc-pihole/migration_backup_v6/pihole-FTL.conf

@@ -0,0 +1,4 @@
+#; Pi-hole FTL config file
+#; Comments should start with #; to avoid issues with PHP and bash reading this file
+MACVENDORDB=/macvendor.db
+LOCAL_IPV4=0.0.0.0

pihole/etc-pihole/migration_backup_v6/setupVars.conf

@@ -0,0 +1,7 @@
+INSTALL_WEB_INTERFACE=true
+WEBPASSWORD=b9ae8f6ef80e3800730670e95bcc192645b800d4fd10a5f723ac9a9aa55eef02
+PIHOLE_DNS_1=8.8.8.8
+PIHOLE_DNS_2=8.8.4.4
+PIHOLE_INTERFACE=eth0
+QUERY_LOGGING=true
+BLOCKING_ENABLED=true

pihole/etc-pihole/setupVars.conf.update.bak

@@ -0,0 +1,7 @@
+INSTALL_WEB_INTERFACE=true
+WEBPASSWORD=b9ae8f6ef80e3800730670e95bcc192645b800d4fd10a5f723ac9a9aa55eef02
+PIHOLE_DNS_1=8.8.8.8
+PIHOLE_DNS_2=8.8.4.4
+PIHOLE_INTERFACE=eth0
+QUERY_LOGGING=true
+BLOCKING_ENABLED=true

pihole/etc-pihole/tls.crt

@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB3zCCAWagAwIBAgIPODgwNTYxMjM3NjYxOTg5MAoGCCqGSM49BAMCMDExEDAO
+BgNVBAMMB3BpLmhvbGUxEDAOBgNVBAoMB1BpLWhvbGUxCzAJBgNVBAYTAkRFMCAX
+DTI1MDIyNTA2NTkxOVoYDzIwNTUwMjI1MDY1OTE5WjASMRAwDgYDVQQDDAdwaS5o
+b2xlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE/f/Z8U9EJXIP7x35VkdOhloOflvu
+z+alAXj1YBegDAeDx5Kyn8nV6BWlUp5P323wQEnn08MfDNsRNQs9M7464sGfXMB+
+pb9aoGtWk8zRimVDdbAa7uAug6VKw6VizSIXo2EwXzAdBgNVHQ4EFgQUDYOSa+kg
+ddGjjx+H+CEDQ9gg2z4wHwYDVR0jBBgwFoAUtFaHpiFbr49DT83v/RvqHGvXNv0w
+CQYDVR0TBAIwADASBgNVHREECzAJggdwaS5ob2xlMAoGCCqGSM49BAMCA2cAMGQC
+MBVUaxx0HbOJbgrkpxH1deFeTliYxxxLT/Al8ZRztqPdlhCkcN7rXRgT1LVsKLj0
+JAIweGllt1mtLIxJYJIkPpIdNJuIXUOVCo0Ksrd9cMTJKHVwHUi68+yrnmLM3AoS
+fCAm
+-----END CERTIFICATE-----

pihole/etc-pihole/tls.pem

@@ -0,0 +1,19 @@
+-----BEGIN EC PRIVATE KEY-----
+MIGkAgEBBDCYymusF68i55FXn9YAByWFdkrllGbRrnEjKhnluJE/p9/M49HxniFV
+waDaZMP67YygBwYFK4EEACKhZANiAAT9/9nxT0Qlcg/vHflWR06GWg5+W+7P5qUB
+ePVgF6AMB4PHkrKfydXoFaVSnk/fbfBASefTwx8M2xE1Cz0zvjriwZ9cwH6lv1qg
+a1aTzNGKZUN1sBru4C6DpUrDpWLNIhc=
+-----END EC PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIB3zCCAWagAwIBAgIPODgwNTYxMjM3NjYxOTg5MAoGCCqGSM49BAMCMDExEDAO
+BgNVBAMMB3BpLmhvbGUxEDAOBgNVBAoMB1BpLWhvbGUxCzAJBgNVBAYTAkRFMCAX
+DTI1MDIyNTA2NTkxOVoYDzIwNTUwMjI1MDY1OTE5WjASMRAwDgYDVQQDDAdwaS5o
+b2xlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE/f/Z8U9EJXIP7x35VkdOhloOflvu
+z+alAXj1YBegDAeDx5Kyn8nV6BWlUp5P323wQEnn08MfDNsRNQs9M7464sGfXMB+
+pb9aoGtWk8zRimVDdbAa7uAug6VKw6VizSIXo2EwXzAdBgNVHQ4EFgQUDYOSa+kg
+ddGjjx+H+CEDQ9gg2z4wHwYDVR0jBBgwFoAUtFaHpiFbr49DT83v/RvqHGvXNv0w
+CQYDVR0TBAIwADASBgNVHREECzAJggdwaS5ob2xlMAoGCCqGSM49BAMCA2cAMGQC
+MBVUaxx0HbOJbgrkpxH1deFeTliYxxxLT/Al8ZRztqPdlhCkcN7rXRgT1LVsKLj0
+JAIweGllt1mtLIxJYJIkPpIdNJuIXUOVCo0Ksrd9cMTJKHVwHUi68+yrnmLM3AoS
+fCAm
+-----END CERTIFICATE-----

pihole/etc-pihole/tls_ca.crt

@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB8TCCAXegAwIBAgIPNDYzMTI0ODQwNzA0NzQ1MAoGCCqGSM49BAMCMDExEDAO
+BgNVBAMMB3BpLmhvbGUxEDAOBgNVBAoMB1BpLWhvbGUxCzAJBgNVBAYTAkRFMCAX
+DTI1MDIyNTA2NTkxOVoYDzIwNTUwMjI1MDY1OTE5WjAxMRAwDgYDVQQDDAdwaS5o
+b2xlMRAwDgYDVQQKDAdQaS1ob2xlMQswCQYDVQQGEwJERTB2MBAGByqGSM49AgEG
+BSuBBAAiA2IABC16Zw0oMu1ZmCUGaFzbgahFCdWDpdlWMb60SDAVoTNgeJ4HEAL5
+OF8eHh2hLlk+ahL4M1J4eUeZOoPKk0jkytTS7Jpi3j5vITpvAFIrm5FyXI4Etrru
+kWtwdGnHTMUaH6NTMFEwHQYDVR0OBBYEFLRWh6YhW6+PQ0/N7/0b6hxr1zb9MB8G
+A1UdIwQYMBaAFLRWh6YhW6+PQ0/N7/0b6hxr1zb9MA8GA1UdEwEB/wQFMAMBAf8w
+CgYIKoZIzj0EAwIDaAAwZQIxAOWeCByOstKQsF9RFkt9gw/4I6WDPRuafKGr2shz
+q2d2hv0WO/dgw8jU8za5KGRbfgIwdCxYfD4CFJiybzu0379jujLtgym6wurxpMjB
+HRLnjnHvipRXMZ0pGSVwyg7HE0oQ
+-----END CERTIFICATE-----

pihole/etc-pihole/versions

@@ -0,0 +1,17 @@
+CORE_VERSION=v6.0.4
+CORE_BRANCH=master
+CORE_HASH=567bb724
+GITHUB_CORE_VERSION=v6.0.6
+GITHUB_CORE_HASH=0f7803b7
+WEB_VERSION=v6.0.1
+WEB_BRANCH=master
+WEB_HASH=42e7279a
+GITHUB_WEB_VERSION=v6.1
+GITHUB_WEB_HASH=1eaddca8
+FTL_VERSION=v6.0.2
+FTL_BRANCH=master
+FTL_HASH=ac500d5f
+GITHUB_FTL_VERSION=v6.1
+GITHUB_FTL_HASH=a3313229
+DOCKER_VERSION=2025.02.6
+GITHUB_DOCKER_VERSION=2025.03.1

plantit/server.env

@@ -6,7 +6,7 @@ MYSQL_PORT=3306
 MYSQL_USERNAME=root
 MYSQL_PSW=root
 MYSQL_DATABASE=bootdb
-MYSQL_ROOT_PASSWORD=root
+MYSQL_ROOT_PASSWORD=SuSePaWo
 
 #
 # Server config

restartcaddy.sh

@@ -1,11 +1,18 @@
-(cd "/home/soenke/docker/" && echo "" > ./caddy/newCaddyfile)
+(echo "" > /home/soenke/docker/caddy/newCaddyfile)
-
+(cd "/home/soenke/docker/" )
+echo "Collecting Caddyfileparts"
 for dir in *; do
   if [ -d "$dir" ]; then
-    ( cd "$dir" && cat Caddyfilepart >> ../caddy/newCaddyfile)
+    ( cd "$dir" && cat Caddyfilepart >> /home/soenke/docker/caddy/newCaddyfile)
   fi
 done
-( cd "/home/soenke/docker/caddy" )
+
-( mv Caddyfile Caddyfile.bak)
+( cd "/home/soenke/docker/caddy/" )
-( mv newCaddyfile Caddyfile)
+
-( cd "/home/soenke/docker/caddy" && docker compose down && docker compose pull && docker compose up -d)
+echo "Replace Caddyfile"
+
+( mv /home/soenke/docker/caddy/Caddyfile /home/soenke/docker/caddy/Caddyfile.bak)
+( mv /home/soenke/docker/caddy/newCaddyfile /home/soenke/docker/caddy/Caddyfile)
+
+echo "Restart Caddy"
+( cd "/home/soenke/docker/caddy/" && docker compose down && docker compose pull && docker compose up -d)

services.log

@@ -0,0 +1,60 @@
+total 232
+drwxr-xr-x 49 soenke soenke 4096 Jun 24 22:22 .
+drwx------ 19 soenke soenke 4096 Jun 23 21:17 ..
+-rw-r--r--  1 soenke soenke   45 Jun  6 16:40 api.md
+drwxr-xr-x  2 soenke soenke 4096 Jun 23 07:41 authentik
+drwxr-xr-x  2 soenke soenke 4096 Jun 18 14:27 autokuma
+drwxr-xr-x  2 soenke soenke 4096 Jun 18 14:27 automatic-ripping-machine
+drwxr-xr-x  2 soenke soenke 4096 Jun 18 14:27 beeper
+drwxr-xr-x  4 soenke soenke 4096 Jun 19 11:41 bookstack
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 bracket
+drwxr-xr-x  3 soenke soenke 4096 Jun 19 11:41 caddy
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 changedetect
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 chartbrew
+drwxr-xr-x  2 soenke soenke 4096 Jun 18 14:27 chiefonboarding
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 convertx
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 donetick
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 erugo
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 excalidraw
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 firefly
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 freshrss
+-rwxr-xr-x  1 soenke soenke   93 Jun 18 14:33 generateCaddySnippets.sh
+drwxr-xr-x  9 soenke soenke 4096 Jun 20 12:52 .git
+drwxr-xr-x  2 soenke soenke 4096 Jun 18 14:27 git
+drwxr-xr-x  3 soenke soenke 4096 Jun 19 11:41 guacamole-docker-compose
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 12:33 homarr
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 12:33 homepage
+drwxr-xr-x  2 soenke soenke 4096 Jun  8 21:12 .idea
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 12:33 ittools
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 jenkins
+drwxr-xr-x  3 soenke soenke 4096 Jun 19 11:41 kopia
+-rw-r--r--  1 soenke soenke  659 Apr  9 14:06 LICENSE
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 mealie
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 memos
+drwxr-xr-x  6 soenke soenke 4096 Jun 18 14:28 morphos
+-rw-r--r--  1 soenke soenke    0 Jun 20 12:52 move_ssd.md
+drwxr-xr-x  8 soenke soenke 4096 Jun 19 22:14 mysql
+drwxr-xr-x  2 soenke soenke 4096 Jun 18 14:27 n8n
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 12:33 nas
+-rw-r--r--  1 soenke soenke 4849 Jun 19 07:13 newCaddyfile
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 ntfy
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 12:23 ollama
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 omniTools
+drwxr-xr-x  2 soenke soenke 4096 Jun 23 07:40 paperless
+drwxr-xr-x  3 soenke soenke 4096 Jun 18 14:28 paperless_import
+drwxr-xr-x  4 soenke soenke 4096 Jun 19 07:13 pihole
+drwxr-xr-x  2 soenke soenke 4096 Jun 23 07:31 plantit
+-rw-r--r--  1 soenke soenke  420 Jun  8 22:34 README.md
+-rwxr-xr-x  1 soenke soenke  257 Jun 19 11:29 restartall.sh
+-rwxr-xr-x  1 soenke soenke  269 Jun 18 14:34 restartcaddy.sh
+-rw-r--r--  1 soenke soenke    0 Jun 24 22:22 services.log
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 shiori
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 speedtest-tracker
+-rwxr-xr-x  1 soenke soenke  117 Jun 18 07:23 startall.sh
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 stirlingpdf
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 unify
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 uptimekuma
+drwxr-xr-x  2 soenke soenke 4096 Jun 23 21:17 vaultwarden
+drwxr-xr-x  2 soenke soenke 4096 Jun 18 14:27 vikunja
+drwxr-xr-x  2 soenke soenke 4096 Jun 18 14:27 vscode
+drwxr-xr-x  2 soenke soenke 4096 Jun 19 11:41 wallos

vaultwarden/docker-compose.yaml

@@ -0,0 +1,32 @@
+services:
+  vaultwarden:
+    container_name: vaultwarden
+    image: vaultwarden/server:latest
+    restart: unless-stopped
+    volumes:
+      - /home/soenke/docker-data/vaultwarden/data/:/data/
+    ports:
+      - 4080:80
+    environment:
+      - DOMAIN=https://vault.domr.ovh
+      - LOGIN_RATELIMIT_MAX_BURST=10
+      - LOGIN_RATELIMIT_SECONDS=60
+      - ADMIN_RATELIMIT_MAX_BURST=10
+      - ADMIN_RATELIMIT_SECONDS=60
+      - ADMIN_TOKEN=$$argon2id$$v=19$$m=65540,t=3,p=4$$YWNhZitNS0l5eU5zNWY2enNtbjlRQTlEci9HcEdRNVROVkZkaWpRZnJnRT0$$8Ma3+XxVENBXG2Tx6tZceqGb8RscwisZK1OqT/YNl60
+      - SENDS_ALLOWED=true
+      - EMERGENCY_ACCESS_ALLOWED=true
+      - WEB_VAULT_ENABLED=true
+      - SIGNUPS_ALLOWED=false
+      - SIGNUPS_VERIFY=true
+      - SIGNUPS_VERIFY_RESEND_TIME=3600
+      - SIGNUPS_VERIFY_RESEND_LIMIT=5
+      - SIGNUPS_DOMAINS_WHITELIST=domr.ovh,home.domroese.eu,domroese.eu,192.168.1.65
+      - SMTP_HOST=${SYSTEM_EMAIL_SMTP_HOST}
+      - SMTP_FROM=${SYSTEM_EMAIL_USER}
+      - SMTP_FROM_NAME="domr.ovh Vaultwarden"
+      - SMTP_SECURITY=force_tls
+      - SMTP_PORT=${SYSTEM_EMAIL_SMTP_PORT}
+      - SMTP_USERNAME=${SYSTEM_EMAIL_USER}
+      - SMTP_PASSWORD=${SYSTEM_EMAIL_PASSSWORD}
+      - SMTP_AUTH_MECHANISM="Login"

vikunja/Caddyfilepart

@@ -0,0 +1,4 @@
+vikunja.domr.ovh {
+    tls soenke@domroese.eu        
+    reverse_proxy 192.168.1.65:3456
+}

vikunja/docker-compose.yaml

@@ -0,0 +1,53 @@
+services:
+    vikunja:
+        image: vikunja/vikunja
+        environment:
+            VIKUNJA_SERVICE_PUBLICURL: https://vikunja.domr.ovh
+            VIKUNJA_SERVICE_CUSTOMLOGOURL: https://domroese.eu/Nerdlicht/images/nerdlicht_color.png
+            VIKUNJA_DATABASE_HOST: db
+            VIKUNJA_DATABASE_PASSWORD: Huarghlbarfding!dong14780
+            VIKUNJA_DATABASE_TYPE: postgres
+            VIKUNJA_DATABASE_USER: vikunja
+            VIKUNJA_DATABASE_DATABASE: vikunja
+            VIKUNJA_SERVICE_JWTSECRET: 39d48b07b858229682ecbb5edc54716285a52bed7d1f935511ff2d1b361fce24
+            VIKUNJA_MAILER_ENABLED: true
+            VIKUNJA_MAILER_HOST: ${SYSTEM_EMAIL_SMTP_HOST}
+            VIKUNJA_MAILER_PORT: ${SYSTEM_EMAIL_SMTP_PORT}
+            VIKUNJA_MAILER_AUTHTYPE: login
+            VIKUNJA_MAILER_USERNAME: ${SYSTEM_EMAIL_USER}
+            VIKUNJA_MAILER_PASSWORD: ${SYSTEM_EMAIL_PASSWORD}
+            VIKUNJA_MAILER_SKIPTLSVERIFY: false
+            VIKUNJA_MAILER_FROMEMAIL: ${SYSTEM_EMAIL_USER}
+            VIKUNJA_MAILER_QUEUELENGTH: 10
+            VIKUNJA_MAILER_QUEUETIMEOUT: 30
+            VIKUNJA_MAILER_FORCESSL: false
+            VIKUNJA_BACKGROUNDS_ENABLED: true
+            VIKUNJA_BACKGROUNDS_PROVIDERS_UPLOAD_ENABLED: true
+            VIKUNJA_BACKGROUNDS_PROVIDERS_UNSPLASH_ENABLED: true
+            VIKUNJA_BACKGROUNDS_PROVIDERS_UNSPLASH_ACCESSTOKEN: vnE2DQsU2jKE0o_5kYVjDsUaxAaFOts_1GOpyZxfbAI
+            VIKUNJA_BACKGROUNDS_PROVIDERS_UNSPLASH_SECRET: 1XNsUdNT8qRlKITVr8fuNI7RcQO2q7EMNG3BRpay7aY
+            VIKUNJA_BACKGROUNDS_PROVIDERS_UNSPLASH_APPLICATIONID: 769765
+
+
+        ports:
+            - 3456:3456
+        volumes:
+            - /home/soenke/docker-data/vikunja/files:/app/vikunja/files
+            - /home/soenke/docker-data/vikunja/config.yml:/etc/vikunja/config.yml
+        depends_on:
+            db:
+                condition: service_healthy
+        restart: unless-stopped
+
+    db:
+        image: postgres:17
+        environment:
+            POSTGRES_PASSWORD: Huarghlbarfding!dong14780
+            POSTGRES_USER: vikunja
+        volumes:
+            - /home/soenke/docker-data/vikunja/db:/var/lib/postgresql/data
+        restart: unless-stopped
+        healthcheck:
+            test: ["CMD-SHELL", "pg_isready -h localhost -U $$POSTGRES_USER"]
+            interval: 2s
+            start_period: 30s