revert 7101cc4b75

revert Merge pull request 'updated openwebui logo' (#78) from dev into main

Reviewed-on: #78

README.md

@@ -1,51 +1,201 @@
 # default-applications-tree
 
-You can add more application sections into applications-tree.json.
+This repository defines the available applications and their configuration templates. Each application lives in its own subdirectory and is registered in `applications-tree.json`.
-You have to specify the application name and version. For example:
 
+---
+
+## applications-tree.json
+
+The root `applications-tree.json` file lists all available applications. Each entry in the `apps` array registers one application:
+
+```json
+{
+    "apps": [
         {
-            "name": "nextcloud",
+            "name": "Nextcloud",
-            "version": "latest"
+            "subtitle": "File Synchronization",
+            "version": "31.0.8-fpm-alpine",
+            "icon": "data:image/svg+xml;base64,..."
         }
-
-The name must be the same as the directory name of the application.
-
-The directory of an application have to contain a template.json file and can contain more json files (service, domain, secret, etc. files).
-
-The mandatory template.json file's structure is the following. 
- - "name" - the name of the application, must be the same as the directory name
- - "fields" - array of used variables by service
-
-        {
-                "name": "vaultwarden",
-                "fields": [
-                        ...
     ]
-        }
+}
+```
 
-An element of fields can contain the following keys.
+### App entry fields
- - description - label of the field, this text will appear before element 
- - key - name of variable
- - value - default value of variable in the form
- - required - if set "true" then fill in of the field is required in the form
- - type - if not set then default is text, available field types: text, password, textarea, select 
-        - if type is "select" then options are separated by ",". Option's value and text is separated by ":", but text is not mandatory. For example:
 
-        "value": "yes,no"
+| Field      | Required | Description |
-        "value": "1:gmail,2:microsoft outlook/hotmail,3:other",
+|------------|----------|-------------|
+| `name`     | yes      | Display name of the application. Must match the directory name (case-insensitive). |
+| `version`  | yes      | Default version tag used when deploying. Use `"latest"` for the most recent image. |
+| `subtitle` | no       | Short tagline shown in the app listing UI. |
+| `icon`     | no       | Base64-encoded SVG or PNG image used as the app icon in the UI (`data:image/svg+xml;base64,...` or `data:image/png;base64,...`). |
 
- - generated - the value of the variable is auto generated, so the field will not appear in the form. Generated examples:
+---
 
-        "time|md5|8" - generated from time, encoded by md5 and character length is 8
+## Application directory structure
-        "random|md5|20" - random generated number, encoded by sha256, length is 20
 
-Field element example:
+Each application has its own directory (e.g. `nextcloud/`). The directory name must match the `name` in `applications-tree.json`. It must contain a `template.json` file and can contain additional JSON files for services, domains, secrets, firewall rules, etc.
 
-        {
+```
-                "description": "Please add Nextcloud password:",
+nextcloud/
-                "key": "NEXTCLOUD_PASSWORD",
+    template.json           ← mandatory configuration template
+    service-nextcloud.json  ← service definition
+    domain-nextcloud.json   ← domain/ingress configuration
+    nextcloud-secret.json   ← secrets / environment variables
+    firewall-nextcloud.json ← firewall rules
+    ...
+```
+
+---
+
+## template.json
+
+The `template.json` file defines the application's metadata and the list of configuration fields that are presented in the deployment form.
+
+### Top-level structure
+
+```json
+{
+    "name": "Nextcloud",
+    "title": "Nextcloud",
+    "subtitle": "File Synchronization",
+    "description": "Nextcloud is a suite of client-server software...",
+    "icon": "data:image/svg+xml;base64,...",
+    "fields": [ ... ]
+}
+```
+
+### Top-level fields
+
+| Field         | Required | Description |
+|---------------|----------|-------------|
+| `name`        | yes      | Must match the directory name. Used as the application identifier. |
+| `title`       | no       | Human-readable display title shown in the form header (falls back to `name` if omitted). |
+| `subtitle`    | no       | Short tagline displayed below the title. |
+| `description` | no       | Longer description of the application shown in the form or app listing. |
+| `icon`        | no       | Base64-encoded SVG or PNG icon (`data:image/svg+xml;base64,...`). |
+| `fields`      | yes      | Array of configuration field definitions (see below). |
+
+---
+
+## Field definitions
+
+Each element of the `fields` array defines one configuration variable. Fields are rendered as form inputs during deployment. Fields with `generated` set are auto-populated and not shown in the form.
+
+### Field properties
+
+| Property      | Required | Description |
+|---------------|----------|-------------|
+| `description` | yes      | Label text displayed before the input. |
+| `key`         | yes      | The environment variable name that will hold the value. |
+| `value`       | no       | Default value pre-filled in the form. For `select` fields this defines the available options (see below). |
+| `required`    | no       | Set to `"true"` to make the field mandatory. The form will not submit until it is filled. |
+| `type`        | no       | Input type. Defaults to `"text"`. See [Field types](#field-types). |
+| `info`        | no       | Additional hint or explanatory text shown alongside or below the field. |
+| `generated`   | no       | Auto-generation pattern. When set the field is not shown in the form; its value is generated automatically. See [Generated values](#generated-values). |
+| `advanced`    | no       | Set to `"true"` to hide the field from the UI by default. It can be revealed by pressing the `>` button. |
+
+### Field types
+
+The `type` property controls how the field is rendered:
+
+| Type        | Description |
+|-------------|-------------|
+| `text`      | *(default)* Single-line plain text input. |
+| `password`  | The value is hidden from human-readable display wherever it is shown in the UI. |
+| `textarea`  | Multi-line text input. |
+| `select`    | Dropdown. Options are defined in `value` as a comma-separated list. Each option can be `optionValue` or `displayText:optionValue`. |
+
+#### Select field examples
+
+Simple yes/no toggle:
+```json
+{
+    "description": "Enable feature",
+    "key": "FEATURE_ENABLED",
+    "value": "false,true",
+    "type": "select"
+}
+```
+
+Options with display labels:
+```json
+{
+    "description": "Email provider",
+    "key": "MAIL_PROVIDER",
+    "value": "1:Gmail,2:Microsoft Outlook/Hotmail,3:Other",
+    "type": "select"
+}
+```
+
+TOTP authentication toggle (advanced):
+```json
+{
+    "description": "TOTP authentication (true/false)",
+    "key": "GUACAMOLE_TOTP",
+    "value": "false,true",
+    "required": "true",
+    "type": "select",
+    "advanced": "true"
+}
+```
+
+### Generated values
+
+When `generated` is set the field value is computed automatically. The format is:
+
+```
+"<source>|<encoding>|<length>"
+```
+
+| Part       | Options          | Description |
+|------------|------------------|-------------|
+| `source`   | `time`, `random` | `time` seeds the hash from the current timestamp; `random` uses a random number. |
+| `encoding` | `md5`, `sha256`  | Hash algorithm applied to the source value. |
+| `length`   | integer          | Number of characters to take from the hash output. |
+
+#### Examples
+
+| Pattern             | Result |
+|---------------------|--------|
+| `"time\|md5\|8"`    | 8-character MD5 hash seeded from the current time. |
+| `"random\|md5\|12"` | 12-character MD5 hash seeded from a random number. |
+| `"random\|sha256\|20"` | 20-character SHA-256 hash seeded from a random number. |
+| `""`                | Auto-generated with default settings (pattern not specified). |
+
+---
+
+## Complete field example
+
+```json
+{
+    "description": "Nextcloud admin password",
+    "key": "NEXTCLOUD_ADMIN_PASSWORD",
     "value": "",
     "required": "true",
-                "type": "password"
+    "type": "password",
-        },
+    "info": "Must be at least 8 characters long."
+}
+```
 
+Auto-generated database password (not shown in the form):
+```json
+{
+    "description": "Postgres password for user",
+    "key": "POSTGRES_PASSWORD",
+    "value": "",
+    "required": "true",
+    "generated": "random|md5|12"
+}
+```
+
+Advanced optional SMTP field:
+```json
+{
+    "description": "Email sending protocol",
+    "key": "MAIL_PROTOCOL",
+    "value": "",
+    "info": "Options are: empty (for no encryption), ssl, tls",
+    "advanced": "true"
+}
+```

immich/service-immich.json

@@ -29,13 +29,13 @@
             "IMAGE": "tensorchord/pgvecto-rs:pg14-v0.2.0",
             "UPDATE": "true",
             "NAME": "immichpostgres-db",
-            "MEMORY": "512M",
+            "MEMORY": "768M",
             "NETWORK": "immich-net",
             "SELECTOR": "immichpostgres",
             "VOLUMES": [
                 {
                     "SOURCE": "/etc/user/data/immich/db",
-                    "DEST": "/var/lib/postgres",
+                    "DEST": "/var/lib/postgresql/data",
                     "TYPE": "rw"
                 }
             ],

jellyfin/jellyfin-secret.json

@@ -1,6 +1,6 @@
 {
     "jellyfin": {
-        "USER": "#JELLYFIN_USER",
+        "USER": "#USER",
-        "PASS": "#JELLYFIN_PASS"
+        "PASS": "#PASS"
     }
 }

jellyfin/service-jellyfin.json

@@ -34,11 +34,6 @@
             "NAME": "jellyfin",
             "NETWORK": "host",
             "VOLUMES": [
-                {
-                    "SOURCE": "/etc/user/data/jellyfin/media",
-                    "DEST": "/media",
-                    "TYPE": "rw"
-                },
                 {
                     "SOURCE": "/etc/user/data/transmission/downloads/complete",
                     "DEST": "/media/torrent",

leantime/leantime-secret.json

@@ -1,15 +1,15 @@
 {
     "leantimemysql": {
-        "MARIADB_DATABASE": "#DB_MYSQL",
+        "MARIADB_DATABASE": "#MARIADB_DATABASE",
-        "MARIADB_USER": "#DB_USER",
+        "MARIADB_USER": "#MARIADB_USER",
-        "MARIADB_PASSWORD": "#DB_PASSWORD",
+        "MARIADB_PASSWORD": "#MARIADB_PASSWORD",
-        "MARIADB_ROOT_PASSWORD": "#DB_ROOT_PASSWORD"
+        "MARIADB_ROOT_PASSWORD": "#MARIADB_ROOT_PASSWORD"
     },
     "leantimeapp": {
-        "LEAN_DB_USER": "#DB_USER",
+        "LEAN_DB_USER": "#MARIADB_USER",
-        "LEAN_DB_PASSWORD": "#DB_PASSWORD",
+        "LEAN_DB_PASSWORD": "#MARIADB_PASSWORD",
         "LEAN_DB_HOST": "leantimemysql-db",
-        "LEAN_DB_DATABASE": "#DB_MYSQL",
+        "LEAN_DB_DATABASE": "#MARIADB_DATABASE",
         "LEAN_OIDC_CLIENT_SECRET": "#OIDC_CLIENT_SECRET",
         "LEAN_S3_SECRET": "#S3_SECRET",
         "LEAN_SESSION_PASSWORD": "#SESSION_PASSWORD"

leantime/template.json

@@ -35,28 +35,28 @@
         },
         {
             "description": "MYSQL database name",
-            "key": "DB_MYSQL",
+            "key": "MARIADB_DATABASE",
             "value": "",
             "required": "true",
             "generated": "time|md5|10"
         },
         {
             "description": "MYSQL username",
-            "key": "DB_USER",
+            "key": "MARIADB_USER",
             "value": "",
             "required": "true",
             "generated": "time|md5|8"
         },
         {
             "description": "MYSQL password for user",
-            "key": "DB_PASSWORD",
+            "key": "MARIADB_PASSWORD",
             "value": "",
             "required": "true",
             "generated": "random|md5|12"
         },
         {
             "description": "MYSQL root user password",
-            "key": "DB_ROOT_PASSWORD",
+            "key": "MARIADB_ROOT_PASSWORD",
             "value": "",
             "required": "true",
             "generated": "random|sha256|20"

nextcloud/service-nextcloud.json

@@ -48,7 +48,7 @@
             "VOLUMES": [
                 {
                     "SOURCE": "/etc/user/data/nextcloud/db",
-                    "DEST": "/var/lib/postgres",
+                    "DEST": "/var/lib/postgresql/data",
                     "TYPE": "rw"
                 }
             ],

nextcloud/template.json

@@ -8,7 +8,6 @@
         {
             "title": "",
             "details": "",
-            "info": "Nextcloud domain info",
             "description": "Domain",
             "key": "DOMAIN",
             "value": "",
@@ -16,7 +15,6 @@
         },
         {
             "details": "",
-            "info": "Nextcloud user name info",
             "description": "Username",
             "key": "NEXTCLOUD_ADMIN_USER",
             "value": "",

openwebui/domain-openwebui.json

@@ -0,0 +1,60 @@
+{
+    "main": {
+        "SERVICE_NAME": "openwebui",
+        "DOMAIN": "#DOMAIN"
+    },
+    "containers": [
+        {
+            "IMAGE": "safebox/domain-check",
+            "UPDATE": "true",
+            "MEMORY": "64M",
+            "NAME": "domain_checker",
+            "ROLES": "domain_checker",
+            "NETWORK": "host",
+            "SELECTOR": "",
+            "SCALE": "0",
+            "EXTRA": "--rm --privileged",
+            "PRE_START": [],
+            "DEPEND": [],
+            "POST_START": [],
+            "CMD": "",
+            "ENVS": [
+                {
+                    "PROXY": "smarthostloadbalancer"
+                },
+                {
+                    "TARGET": "openwebui-app"
+                },
+                {
+                    "PORT": "8080"
+                },
+                {
+                    "DOMAIN": "#DOMAIN"
+                },
+                {
+                    "SMARTHOST_PROXY_PATH": "/smarthost-domains"
+                },
+                {
+                    "OPERATION": "CREATE"
+                }
+            ],
+            "VOLUMES": [
+                {
+                    "SOURCE": "/etc/user/config/smarthost-domains",
+                    "DEST": "/smarthost-domains",
+                    "TYPE": "rw"
+                },
+                {
+                    "SOURCE": "/etc/system/data/dns/hosts.local",
+                    "DEST": "/etc/dns/hosts.local",
+                    "TYPE": "ro"
+                },
+                {
+                    "SOURCE": "/var/run/docker.sock",
+                    "DEST": "/var/run/docker.sock",
+                    "TYPE": "rw"
+                }
+            ]
+        }
+    ]
+}

openwebui/firewall-openwebui-dns.json

@@ -0,0 +1,75 @@
+{
+    "main": {
+        "SERVICE_NAME": "firewalls",
+        "DOMAIN": "null"
+    },
+    "containers": [
+        {
+            "IMAGE": "safebox/firewall",
+            "NAME": "firewall",
+            "MEMORY": "64M",
+            "NETWORK": "host",
+            "SCALE": "0",
+            "VOLUMES": [
+                {
+                    "SOURCE": "/run/",
+                    "DEST": "/run/",
+                    "TYPE": "rw"
+                },
+                {
+                    "SOURCE": "/etc/user/config/services",
+                    "DEST": "/services",
+                    "TYPE": "ro"
+                },
+                {
+                    "SOURCE": "/etc/system/data/dns/hosts.local",
+                    "DEST": "/etc/dns/hosts.local",
+                    "TYPE": "ro"
+                },
+                {
+                    "SOURCE": "/var/run/docker.sock",
+                    "DEST": "/var/run/docker.sock",
+                    "TYPE": "rw"
+                }
+            ],
+            "PORTS": [],
+            "READYNESS": [
+                {
+                    "tcp": ""
+                },
+                {
+                    "HTTP": ""
+                },
+                {
+                    "EXEC": "/ready.sh"
+                }
+            ],
+            "ENVS": [
+                {
+                    "CHAIN": "DOCKER-USER"
+                },
+                {
+                    "SOURCE": "coredns"
+                },
+                {
+                    "TARGET": "openwebui-app"
+                },
+                {
+                    "TYPE": "udp"
+                },
+                {
+                    "TARGET_PORT": "53"
+                },
+                {
+                    "COMMENT": "dns for openwebui"
+                }
+            ],
+            "EXTRA": "--privileged --rm",
+            "DEPEND": "null",
+            "START_ON_BOOT": "false",
+            "CMD": "null",
+            "PRE_START": "null",
+            "POST_START": "null"
+        }
+    ]
+}

openwebui/firewall-openwebui.json

@@ -0,0 +1,75 @@
+{
+    "main": {
+        "SERVICE_NAME": "firewalls",
+        "DOMAIN": "null"
+    },
+    "containers": [
+        {
+            "IMAGE": "safebox/firewall",
+            "NAME": "firewall",
+            "MEMORY": "64M",
+            "NETWORK": "host",
+            "SCALE": "0",
+            "VOLUMES": [
+                {
+                    "SOURCE": "/run/",
+                    "DEST": "/run/",
+                    "TYPE": "rw"
+                },
+                {
+                    "SOURCE": "/etc/user/config/services",
+                    "DEST": "/services",
+                    "TYPE": "ro"
+                },
+                {
+                    "SOURCE": "/etc/system/data/dns/hosts.local",
+                    "DEST": "/etc/dns/hosts.local",
+                    "TYPE": "ro"
+                },
+                {
+                    "SOURCE": "/var/run/docker.sock",
+                    "DEST": "/var/run/docker.sock",
+                    "TYPE": "rw"
+                }
+            ],
+            "PORTS": [],
+            "READYNESS": [
+                {
+                    "tcp": ""
+                },
+                {
+                    "HTTP": ""
+                },
+                {
+                    "EXEC": "/ready.sh"
+                }
+            ],
+            "ENVS": [
+                {
+                    "CHAIN": "DOCKER-USER"
+                },
+                {
+                    "SOURCE": "smarthostbackend"
+                },
+                {
+                    "TARGET": "openwebui-app"
+                },
+                {
+                    "TYPE": "tcp"
+                },
+                {
+                    "TARGET_PORT": "8080"
+                },
+                {
+                    "COMMENT": "proxy for openwebui"
+                }
+            ],
+            "EXTRA": "--privileged --rm",
+            "DEPEND": "null",
+            "START_ON_BOOT": "false",
+            "CMD": "null",
+            "PRE_START": "null",
+            "POST_START": "null"
+        }
+    ]
+}

openwebui/openwebui-secret.json

@@ -0,0 +1,16 @@
+{
+    "openwebuipostgres": {
+        "POSTGRES_DB": "#POSTGRES_DB",
+        "POSTGRES_USER": "#POSTGRES_USER",
+        "POSTGRES_PASSWORD": "#POSTGRES_PASSWORD",
+        "POSTGRES_ROOT_PASSWORD": "#POSTGRES_ROOT_PASSWORD"
+    },
+    "openwebuiapp": {
+        "WEBUI_ADMIN_NAME": "#WEBUI_ADMIN_NAME",
+        "WEBUI_ADMIN_PASSWORD": "#WEBUI_ADMIN_PASSWORD",
+        "WEBUI_ADMIN_EMAIL": "#WEBUI_ADMIN_EMAIL",
+        "WEBUI_SECRET_KEY": "#WEBUI_SECRET_KEY",
+        "OPENAI_API_KEY": "#OPENAI_API_KEY",
+        "DATABASE_URL": "postgres://#POSTGRES_USER:#POSTGRES_PASSWORD@openwebuipostgres-db:5432/#POSTGRES_DB"
+    }
+}

openwebui/service-openwebui.json

@@ -0,0 +1,208 @@
+{
+    "main": {
+        "SERVICE_NAME": "openwebui",
+        "DOMAIN": "#DOMAIN"
+    },
+    "containers": [
+        {
+            "IMAGE": "alpine:latest",
+            "UPDATE": "true",
+            "NAME": "openwebui-init",
+            "NETWORK": "host",
+            "MEMORY": "64M",
+            "VOLUMES": [
+                {
+                    "SOURCE": "USER_DATA",
+                    "DEST": "/etc/user/data",
+                    "TYPE": "rw"
+                }
+            ],
+            "EXTRA": "--rm",
+            "DEPEND": "null",
+            "START_ON_BOOT": "false",
+            "ENTRYPOINT": "sh -c",
+            "CMD": "mkdir -p /etc/user/data/openwebui/data && mkdir -p /etc/user/data/openwebui/db && mkdir -p /etc/user/data/openwebui/pipelines && mkdir -p /etc/user/data/openwebui/qdrant",
+            "PRE_START": "null",
+            "POST_START": "null"
+        },
+        {
+            "IMAGE": "postgres:16-alpine",
+            "UPDATE": "true",
+            "NAME": "openwebuipostgres-db",
+            "MEMORY": "256M",
+            "NETWORK": "openwebui-net",
+            "SELECTOR": "openwebuipostgres-db",
+            "VOLUMES": [
+                {
+                    "SOURCE": "/etc/user/data/openwebui/db",
+                    "DEST": "/var/lib/postgresql/data",
+                    "TYPE": "rw"
+                }
+            ],
+            "PORTS": [
+                {
+                    "SOURCE": "null",
+                    "DEST": "5432",
+                    "TYPE": "tcp"
+                }
+            ],
+            "ENV_FILES": [
+                "/etc/user/secret/openwebui/openwebui.json"
+            ],
+            "EXTRA": "--restart always",
+            "DEPEND": "null",
+            "START_ON_BOOT": "false",
+            "CMD": "null",
+            "PRE_START": "null",
+            "POST_START": "null"
+        },
+        {
+            "IMAGE": "qdrant/qdrant:latest",
+            "UPDATE": "true",
+            "NAME": "openwebui-qdrant",
+            "MEMORY": "256M",
+            "NETWORK": "openwebui-net",
+            "SELECTOR": "openwebui-qdrant",
+            "VOLUMES": [
+                {
+                    "SOURCE": "/etc/user/data/openwebui/qdrant",
+                    "DEST": "/qdrant/storage",
+                    "TYPE": "rw"
+                }
+            ],
+            "PORTS": [
+                {
+                    "SOURCE": "null",
+                    "DEST": "6333",
+                    "TYPE": "tcp"
+                },
+                {
+                    "SOURCE": "null",
+                    "DEST": "6334",
+                    "TYPE": "tcp"
+                }
+            ],
+            "EXTRA": "--restart always",
+            "DEPEND": "null",
+            "START_ON_BOOT": "false",
+            "CMD": "null",
+            "PRE_START": "null",
+            "POST_START": "null"
+        },
+        {
+            "IMAGE": "ghcr.io/open-webui/pipelines:main",
+            "UPDATE": "true",
+            "NAME": "openwebui-pipelines",
+            "MEMORY": "256M",
+            "NETWORK": "openwebui-net",
+            "SELECTOR": "openwebui-pipelines",
+            "VOLUMES": [
+                {
+                    "SOURCE": "/etc/user/data/openwebui/pipelines",
+                    "DEST": "/app/pipelines",
+                    "TYPE": "rw"
+                }
+            ],
+            "PORTS": [
+                {
+                    "SOURCE": "null",
+                    "DEST": "9099",
+                    "TYPE": "tcp"
+                }
+            ],
+            "ENVS": [
+                {
+                    "OPENAI_API_BASE_URL": "#OPENAI_API_BASE_URL"
+                },
+                {
+                    "VECTOR_DB": "qdrant"
+                },
+                {
+                    "QDRANT_HOST": "openwebui-qdrant"
+                },
+                {
+                    "QDRANT_PORT": "6333"
+                },
+                {
+                    "QDRANT_URI": "http://openwebui-qdrant:6333"
+                }
+            ],
+            "EXTRA": "--restart always",
+            "DEPEND": [],
+            "START_ON_BOOT": "false",
+            "CMD": "null",
+            "PRE_START": "null",
+            "POST_START": "null"
+        },
+        {
+            "IMAGE": "ghcr.io/open-webui/open-webui:main",
+            "UPDATE": "true",
+            "NAME": "openwebui",
+            "MEMORY": "512M",
+            "NETWORK": "openwebui-net",
+            "SELECTOR": "openwebui-app",
+            "VOLUMES": [
+                {
+                    "SOURCE": "/etc/user/data/openwebui/data",
+                    "DEST": "/app/data",
+                    "TYPE": "rw"
+                }
+            ],
+            "PORTS": [
+                {
+                    "SOURCE": "null",
+                    "DEST": "8080",
+                    "TYPE": "tcp"
+                }
+            ],
+            "ENVS": [
+                {
+                    "WEBUI_ADMIN_NAME": "#WEBUI_ADMIN_NAME"
+                },
+                {
+                    "WEBUI_ADMIN_PASSWORD": "#WEBUI_ADMIN_PASSWORD"
+                },
+                {
+                    "WEBUI_ADMIN_EMAIL": "#WEBUI_ADMIN_EMAIL"
+                },
+                {
+                    "OPENAI_API_BASE_URL": "http://192.168.2.2:8080/v1"
+                },
+                {
+                    "OPENAI_API_KEY": "#OPENAI_API_KEY"
+                },
+                {
+                    "VECTOR_DB": "qdrant"
+                },
+                {
+                    "QDRANT_HOST": "openwebui-qdrant"
+                },
+                {
+                    "QDRANT_PORT": "6333"
+                },
+                {
+                    "QDRANT_URI": "http://openwebui-qdrant:6333"
+                },
+                {
+                    "ENABLE_RAG_PIPELINE": "True"
+                },
+                {
+                    "RAG_PIPELINE_URL": "http://openwebui-pipelines:9099/v1"
+                }
+            ],
+            "ENV_FILES": [
+                "/etc/user/secret/openwebui/openwebui.json"
+            ],
+            "EXTRA": "--restart always",
+            "DEPEND": [],
+            "START_ON_BOOT": "false",
+            "CMD": "null",
+            "PRE_START": "null",
+            "POST_START": [
+                "firewall-openwebui",
+                "domain-openwebui",
+                "firewall-openwebui-dns"
+            ]
+        }
+    ]
+}

outline/outline-secret.json

@@ -1,13 +1,14 @@
 {
     "outlinepostgres": {
-        "POSTGRES_DB": "#DB_NAME",
+        "POSTGRES_DB": "#POSTGRES_DB",
-        "POSTGRES_USER": "#DB_USER",
+        "POSTGRES_USER": "#POSTGRES_USER",
-        "POSTGRES_PASSWORD": "#DB_PASSWORD"
+        "POSTGRES_PASSWORD": "#POSTGRES_PASSWORD",
+        "POSTGRES_ROOT_PASSWORD": "#POSTGRES_ROOT_PASSWORD"
     },
     "outlineapp": {
         "SECRET_KEY": "#SECRET_KEY",
         "UTILS_SECRET": "#UTILS_SECRET",
-        "DATABASE_URL": "postgres://#DB_USER:#DB_PASSWORD@outlinepostgres-db:5432/#DB_NAME",
+        "DATABASE_URL": "postgres://#POSTGRES_USER:#POSTGRES_PASSWORD@outlinepostgres-db:5432/#POSTGRES_DB",
         "SLACK_CLIENT_ID": "#SLACK_CLIENT_ID",
         "SLACK_CLIENT_SECRET": "#SLACK_CLIENT_SECRET",
         "GOOGLE_CLIENT_ID": "#GOOGLE_CLIENT_ID",

outline/template.json

@@ -21,28 +21,28 @@
         },
         {
             "description": "Postgres database name",
-            "key": "DB_NAME",
+            "key": "POSTGRES_DB",
             "value": "",
             "required": "true",
             "generated": "time|md5|8"
         },
         {
             "description": "Postgres username",
-            "key": "DB_USER",
+            "key": "POSTGRES_USER",
             "value": "",
             "required": "true",
             "generated": "time|md5|8"
         },
         {
             "description": "Postgres password for user",
-            "key": "DB_PASSWORD",
+            "key": "POSTGRES_PASSWORD",
             "value": "",
             "required": "true",
             "generated": "random|md5|12"
         },
         {
             "description": "Postgres root user password",
-            "key": "DB_ROOT_PASSWORD",
+            "key": "POSTGRES_ROOT_PASSWORD",
             "value": "",
             "required": "true",
             "generated": "random|sha256|20"

pocketid/template.json

@@ -1,6 +1,6 @@
 {
     "name": "Pocketid",
-    "title": "pocketid",
+    "title": "PocketID",
     "subtitle": "Identity management",
     "icon": "data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iNTAiIGhlaWdodD0iNTAiIHZpZXdCb3g9IjAgMCA1MCA1MCIgZmlsbD0ibm9uZSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KPHBhdGggZD0iTTQzIDBIN0MzLjEzNDAxIDAgMCAzLjEzNDAxIDAgN1Y0M0MwIDQ2Ljg2NiAzLjEzNDAxIDUwIDcgNTBINDNDNDYuODY2IDUwIDUwIDQ2Ljg2NiA1MCA0M1Y3QzUwIDMuMTM0MDEgNDYuODY2IDAgNDMgMFoiIGZpbGw9IndoaXRlIi8+CjxwYXRoIGQ9Ik0yNC40ODc4IDdDMzEuOTM4NCA3IDM4IDEzLjEzNjMgMzggMjAuNjc4N0MzOCAyMy42NDI2IDM3LjA3OSAyNi40NjMyIDM1LjMzNjIgMjguODM0MkMzMy42Mjc4IDMxLjE1OTUgMzEuMjkwMSAzMi44NDg2IDI4LjU3NTEgMzMuNzE5OEwyNy44MjQ3IDMzLjk2MUwyNi4wMzY0IDI1LjAzMTVMMjYuNTMxMSAyNC43ODkyQzI4LjE0NTkgMjMuOTk5IDI5LjE4OTYgMjIuMzE1NiAyOS4xODk2IDIwLjUwMTJDMjkuMTg5NiAxNy44NzY0IDI3LjA4MDUgMTUuNzQwOSAyNC40ODgxIDE1Ljc0MDlDMjEuODk1OCAxNS43NDA5IDE5Ljc4NiAxNy44NzY0IDE5Ljc4NiAyMC41MDEyQzE5Ljc4NiAyMi4zMTU2IDIwLjgzIDIzLjk5OSAyMi40NDQ4IDI0Ljc4OTJMMjIuOTMwMiAyNS4wMjcyTDIwLjA0OTUgNDNIMTJWN0gyNC40ODgxSDI0LjQ4NzhaIiBmaWxsPSJibGFjayIvPgo8L3N2Zz4K",
     "description": "PocketID is an open-source identity and access management solution that provides secure and efficient user authentication and authorization for web applications and services.",

quackback/domain-quackback.json

@@ -0,0 +1,60 @@
+{
+    "main": {
+        "SERVICE_NAME": "quackback",
+        "DOMAIN": "#DOMAIN"
+    },
+    "containers": [
+        {
+            "IMAGE": "safebox/domain-check",
+            "UPDATE": "true",
+            "MEMORY": "64M",
+            "NAME": "domain_checker",
+            "ROLES": "domain_checker",
+            "NETWORK": "host",
+            "SELECTOR": "",
+            "SCALE": "0",
+            "EXTRA": "--rm --privileged",
+            "PRE_START": [],
+            "DEPEND": [],
+            "POST_START": [],
+            "CMD": "",
+            "ENVS": [
+                {
+                    "PROXY": "smarthostloadbalancer"
+                },
+                {
+                    "TARGET": "quackback-app"
+                },
+                {
+                    "PORT": "3000"
+                },
+                {
+                    "DOMAIN": "#DOMAIN"
+                },
+                {
+                    "SMARTHOST_PROXY_PATH": "/smarthost-domains"
+                },
+                {
+                    "OPERATION": "CREATE"
+                }
+            ],
+            "VOLUMES": [
+                {
+                    "SOURCE": "/etc/user/config/smarthost-domains",
+                    "DEST": "/smarthost-domains",
+                    "TYPE": "rw"
+                },
+                {
+                    "SOURCE": "/etc/system/data/dns/hosts.local",
+                    "DEST": "/etc/dns/hosts.local",
+                    "TYPE": "ro"
+                },
+                {
+                    "SOURCE": "/var/run/docker.sock",
+                    "DEST": "/var/run/docker.sock",
+                    "TYPE": "rw"
+                }
+            ]
+        }
+    ]
+}

quackback/firewall-quackback-dns.json

@@ -0,0 +1,75 @@
+{
+    "main": {
+        "SERVICE_NAME": "firewalls",
+        "DOMAIN": "null"
+    },
+    "containers": [
+        {
+            "IMAGE": "safebox/firewall",
+            "NAME": "firewall",
+            "MEMORY": "64M",
+            "NETWORK": "host",
+            "SCALE": "0",
+            "VOLUMES": [
+                {
+                    "SOURCE": "/run/",
+                    "DEST": "/run/",
+                    "TYPE": "rw"
+                },
+                {
+                    "SOURCE": "/etc/user/config/services",
+                    "DEST": "/services",
+                    "TYPE": "ro"
+                },
+                {
+                    "SOURCE": "/etc/system/data/dns/hosts.local",
+                    "DEST": "/etc/dns/hosts.local",
+                    "TYPE": "ro"
+                },
+                {
+                    "SOURCE": "/var/run/docker.sock",
+                    "DEST": "/var/run/docker.sock",
+                    "TYPE": "rw"
+                }
+            ],
+            "PORTS": [],
+            "READYNESS": [
+                {
+                    "tcp": ""
+                },
+                {
+                    "HTTP": ""
+                },
+                {
+                    "EXEC": "/ready.sh"
+                }
+            ],
+            "ENVS": [
+                {
+                    "CHAIN": "DOCKER-USER"
+                },
+                {
+                    "SOURCE": "coredns"
+                },
+                {
+                    "TARGET": "quackback-app"
+                },
+                {
+                    "TYPE": "udp"
+                },
+                {
+                    "TARGET_PORT": "53"
+                },
+                {
+                    "COMMENT": "dns for quackback"
+                }
+            ],
+            "EXTRA": "--privileged --rm",
+            "DEPEND": "null",
+            "START_ON_BOOT": "false",
+            "CMD": "null",
+            "PRE_START": "null",
+            "POST_START": "null"
+        }
+    ]
+}

quackback/firewall-quackback-smtp.json

@@ -0,0 +1,75 @@
+{
+    "main": {
+        "SERVICE_NAME": "firewalls",
+        "DOMAIN": "null"
+    },
+    "containers": [
+        {
+            "IMAGE": "safebox/firewall",
+            "NAME": "firewall",
+            "MEMORY": "64M",
+            "NETWORK": "host",
+            "SCALE": "0",
+            "VOLUMES": [
+                {
+                    "SOURCE": "/run/",
+                    "DEST": "/run/",
+                    "TYPE": "rw"
+                },
+                {
+                    "SOURCE": "/etc/user/config/services",
+                    "DEST": "/services",
+                    "TYPE": "ro"
+                },
+                {
+                    "SOURCE": "/etc/system/data/dns/hosts.local",
+                    "DEST": "/etc/dns/hosts.local",
+                    "TYPE": "ro"
+                },
+                {
+                    "SOURCE": "/var/run/docker.sock",
+                    "DEST": "/var/run/docker.sock",
+                    "TYPE": "rw"
+                }
+            ],
+            "PORTS": [],
+            "READYNESS": [
+                {
+                    "tcp": ""
+                },
+                {
+                    "HTTP": ""
+                },
+                {
+                    "EXEC": "/ready.sh"
+                }
+            ],
+            "ENVS": [
+                {
+                    "CHAIN": "DOCKER-USER"
+                },
+                {
+                    "SOURCE": "quackback-app"
+                },
+                {
+                    "TARGET": "smtp"
+                },
+                {
+                    "TYPE": "tcp"
+                },
+                {
+                    "TARGET_PORT": "25"
+                },
+                {
+                    "COMMENT": "smtp for openproject"
+                }
+            ],
+            "EXTRA": "--privileged --rm",
+            "DEPEND": "null",
+            "START_ON_BOOT": "false",
+            "CMD": "null",
+            "PRE_START": "null",
+            "POST_START": "null"
+        }
+    ]
+}

quackback/firewall-quackback.json

@@ -0,0 +1,75 @@
+{
+    "main": {
+        "SERVICE_NAME": "firewalls",
+        "DOMAIN": "null"
+    },
+    "containers": [
+        {
+            "IMAGE": "safebox/firewall",
+            "NAME": "firewall",
+            "MEMORY": "64M",
+            "NETWORK": "host",
+            "SCALE": "0",
+            "VOLUMES": [
+                {
+                    "SOURCE": "/run/",
+                    "DEST": "/run/",
+                    "TYPE": "rw"
+                },
+                {
+                    "SOURCE": "/etc/user/config/services",
+                    "DEST": "/services",
+                    "TYPE": "ro"
+                },
+                {
+                    "SOURCE": "/etc/system/data/dns/hosts.local",
+                    "DEST": "/etc/dns/hosts.local",
+                    "TYPE": "ro"
+                },
+                {
+                    "SOURCE": "/var/run/docker.sock",
+                    "DEST": "/var/run/docker.sock",
+                    "TYPE": "rw"
+                }
+            ],
+            "PORTS": [],
+            "READYNESS": [
+                {
+                    "tcp": ""
+                },
+                {
+                    "HTTP": ""
+                },
+                {
+                    "EXEC": "/ready.sh"
+                }
+            ],
+            "ENVS": [
+                {
+                    "CHAIN": "DOCKER-USER"
+                },
+                {
+                    "SOURCE": "smarthostbackend"
+                },
+                {
+                    "TARGET": "quackback-app"
+                },
+                {
+                    "TYPE": "tcp"
+                },
+                {
+                    "TARGET_PORT": "3000"
+                },
+                {
+                    "COMMENT": "proxy for quackback"
+                }
+            ],
+            "EXTRA": "--privileged --rm",
+            "DEPEND": "null",
+            "START_ON_BOOT": "false",
+            "CMD": "null",
+            "PRE_START": "null",
+            "POST_START": "null"
+        }
+    ]
+}

quackback/quackback-secret.json

@@ -0,0 +1,25 @@
+{
+    "quackbackpostgres": {
+        "POSTGRES_DB": "#POSTGRES_DB",
+        "POSTGRES_USER": "#POSTGRES_USER",
+        "POSTGRES_PASSWORD": "#POSTGRES_PASSWORD",
+        "POSTGRES_ROOT_PASSWORD": "#POSTGRES_ROOT_PASSWORD"
+    },
+    "quackbackminio": {
+        "MINIO_ROOT_USER": "#MINIO_ROOT_USER",
+        "MINIO_ROOT_PASSWORD": "#MINIO_ROOT_PASSWORD"
+    },
+    "quackbackapp": {
+        "SECRET_KEY": "#SECRET_KEY",
+        "UTILS_SECRET": "#UTILS_SECRET",
+        "DATABASE_URL": "postgres://#POSTGRES_USER:#POSTGRES_PASSWORD@quackbackpostgres-db:5432/#POSTGRES_DB",
+        "SLACK_CLIENT_ID": "#SLACK_CLIENT_ID",
+        "SLACK_CLIENT_SECRET": "#SLACK_CLIENT_SECRET",
+        "GOOGLE_CLIENT_ID": "#GOOGLE_CLIENT_ID",
+        "GOOGLE_CLIENT_SECRET": "#GOOGLE_CLIENT_SECRET",
+        "GITHUB_CLIENT_ID": "#GITHUB_CLIENT_ID",
+        "GITHUB_CLIENT_SECRET": "#GITHUB_CLIENT_SECRET",
+        "EMAIL_SMTP_USER": "#SMTP_USERNAME",
+        "EMAIL_SMTP_PASS": "#SMTP_PASSWORD"
+    }
+}

quackback/service-quackback.json

@@ -0,0 +1,205 @@
+{
+    "main": {
+        "SERVICE_NAME": "quackback",
+        "DOMAIN": "#DOMAIN"
+    },
+    "containers": [
+        {
+            "IMAGE": "alpine:latest",
+            "UPDATE": "true",
+            "NAME": "quackback-init",
+            "NETWORK": "host",
+            "MEMORY": "64M",
+            "VOLUMES": [
+                {
+                    "SOURCE": "USER_DATA",
+                    "DEST": "/etc/user/data",
+                    "TYPE": "rw"
+                }
+            ],
+            "EXTRA": "--rm",
+            "DEPEND": "null",
+            "START_ON_BOOT": "false",
+            "ENTRYPOINT": "sh -c",
+            "CMD": "mkdir -p /etc/user/data/quackback/data && mkdir -p /etc/user/data/quackback/db && mkdir -p /etc/user/data/quackback/minio && mkdir -p /etc/user/data/quackback/dragonfly",
+            "PRE_START": "null",
+            "POST_START": "null"
+        },
+        {
+            "IMAGE": "safebox/postgres-quackback:18",
+            "UPDATE": "true",
+            "NAME": "quackbackpostgres-db",
+            "MEMORY": "256M",
+            "NETWORK": "quackback-net",
+            "SELECTOR": "quackbackpostgres-db",
+            "VOLUMES": [
+                {
+                    "SOURCE": "/etc/user/data/quackback/db",
+                    "DEST": "/var/lib/postgresql",
+                    "TYPE": "rw"
+                }
+            ],
+            "PORTS": [
+                {
+                    "SOURCE": "null",
+                    "DEST": "5432",
+                    "TYPE": "tcp"
+                }
+            ],
+            "ENV_FILES": [
+                "/etc/user/secret/quackback/quackback.json"
+            ],
+            "EXTRA": "--restart always",
+            "DEPEND": "null",
+            "START_ON_BOOT": "false",
+            "CMD": "postgres -c shared_preload_libraries=pg_cron -c cron.database_name=quackback -c max_connections=200",
+            "PRE_START": "null",
+            "POST_START": "null"
+        },
+        {
+            "IMAGE": "minio/minio:latest",
+            "UPDATE": "true",
+            "NAME": "quackbackminio-app",
+            "MEMORY": "2048M",
+            "NETWORK": "quackback-net",
+            "SELECTOR": "quackbackminio-app",
+            "VOLUMES": [
+                {
+                    "SOURCE": "/etc/user/data/quackback/minio",
+                    "DEST": "/data",
+                    "TYPE": "rw"
+                }
+            ],
+            "PORTS": [
+                {
+                    "SOURCE": "null",
+                    "DEST": "9000",
+                    "TYPE": "tcp"
+                },
+                {
+                    "SOURCE": "null",
+                    "DEST": "9001",
+                    "TYPE": "tcp"
+                }
+            ],
+            "ENV_FILES": [
+                "/etc/user/secret/quackback/quackback.json"
+            ],
+            "EXTRA": "--restart always",
+            "DEPEND": "null",
+            "START_ON_BOOT": "false",
+            "CMD": "server /data --console-address \":9001\"",
+            "PRE_START": "null",
+            "POST_START": "null"
+        },
+        {
+            "IMAGE": "docker.dragonflydb.io/dragonflydb/dragonfly:v1.27.1",
+            "UPDATE": "true",
+            "NAME": "quackbackredis-server",
+            "MEMORY": "4096M",
+            "NETWORK": "quackback-net",
+            "SELECTOR": "quackbackredis",
+            "PORTS": [
+                {
+                    "SOURCE": "null",
+                    "DEST": "6379",
+                    "TYPE": "tcp"
+                }
+            ],
+            "VOLUMES": [
+                {
+                    "SOURCE": "/etc/user/data/quackback/dragonfly",
+                    "DEST": "/data",
+                    "TYPE": "rw"
+                }
+            ],
+            "EXTRA": "--restart always --ulimit memlock=-1:-1",
+            "DEPEND": "null",
+            "START_ON_BOOT": "false",
+            "CMD": "dragonfly --cluster_mode=emulated --lock_on_hashtags",
+            "PRE_START": "null",
+            "POST_START": "null"
+        },
+        {
+            "IMAGE": "minio/mc:latest",
+            "UPDATE": "true",
+            "NAME": "quackbackminio-init",
+            "NETWORK": "quackback-net",
+            "MEMORY": "256M",
+            "ENV_FILES": [
+                "/etc/user/secret/quackback/quackback.json"
+            ],
+            "EXTRA": "--rm",
+            "DEPEND": "null",
+            "START_ON_BOOT": "false",
+            "ENTRYPOINT": "sh -c",
+            "CMD": "mc alias set local http://quackbackminio-app:9000 \"$MINIO_ROOT_USER\" \"$MINIO_ROOT_PASSWORD\"; mc mb local/quackback --ignore-existing; mc anonymous set download local/quackback; exit 0;",
+            "PRE_START": "null",
+            "POST_START": "null"
+        },
+        {
+            "IMAGE": "safebox/quackback:#VERSION",
+            "UPDATE": "true",
+            "MEMORY": "4096M",
+            "NAME": "quackbackapp",
+            "NETWORK": "quackback-net",
+            "SELECTOR": "quackback-app",
+            "PORTS": [
+                {
+                    "SOURCE": "null",
+                    "DEST": "3000",
+                    "TYPE": "tcp"
+                }
+            ],
+            "ENVS": [
+                {
+                    "REDIS_URL": "redis://quackbackredis-server:6379"
+                },
+                {
+                    "BASE_URL": "https://#DOMAIN"
+                },
+                {
+                    "DISABLE_TELEMETRY": "true"
+                },
+                {
+                    "EMAIL_SMTP_HOST": "#SMTP_HOST"
+                },
+                {
+                    "EMAIL_SMTP_PORT": "#SMTP_PORT"
+                },
+                {
+                    "EMAIL_FROM": "#SMTP_FROM_EMAIL"
+                },
+                {
+                    "OPENAI_OPENAI_BASE_URL": "#OPENAI_BASE_URL"
+                },
+                {
+                    "S3_ENDPOINT": "http://quackbackminio-app:9000"
+                },
+                {
+                    "S3_BUCKET": "#S3_BUCKET"
+                },
+                {
+                    "S3_REGION": "#S3_REGION"
+                },
+                {
+                    "S3_FORCE_PATH_STYLE": "true"
+                }
+            ],
+            "ENV_FILES": [
+                "/etc/user/secret/quackback/quackback.json"
+            ],
+            "EXTRA": "--restart always",
+            "DEPEND": [],
+            "START_ON_BOOT": "true",
+            "CMD": "null",
+            "PRE_START": "null",
+            "POST_START": [
+                "firewall-quackback",
+                "domain-quackback",
+                "firewall-quackback-dns",
+                "firewall-quackback-smtp"
+            ]
+        }
+    ]
+}

transmission/transmission-secret.json

@@ -1,7 +1,7 @@
 {
     "transmission": {
-        "USER": "#TRANSMISSION_USER",
+        "TRANSMISSION_USER": "#TRANSMISSION_USER",
-        "PASS": "#TRANSMISSION_PASS",
+        "TRANSMISSION_PASS": "#TRANSMISSION_PASS",
         "WHITELIST": "#TRANSMISSION_WHITELIST",
         "PEERPORT": "#TRANSMISSION_PEERPORT",
         "HOST_WHITELIST": "#TRANSMISSION_HOST_WHITELIST"

vaultwarden/service-vaultwarden.json

@@ -35,7 +35,7 @@
             "VOLUMES": [
                 {
                     "SOURCE": "/etc/user/data/vaultwarden/db",
-                    "DEST": "/var/lib/postgres",
+                    "DEST": "/var/lib/postgresql/data",
                     "TYPE": "rw"
                 }
             ],