Reduce data gathering frequency to improve CPU usage

.gitignore

@@ -1,4 +1,4 @@
-*.nas-compose.env
+nas-compose.env
 # Prevent the content of volumes from being commited, but allow the folders
 /*/volumes/*/**
 # Prevent secrets from being commited

authentication/compose.yaml

@@ -39,8 +39,9 @@ services:
       service: base-service
     container_name: authelia-redis
     image: redis
-    #user: ${NASCOMPOSE_UID?}:${NASCOMPOSE_GID?}
+    user: ${NASCOMPOSE_UID?}:${NASCOMPOSE_GID?}
-
+    volumes:
+      - ./volumes/redis_data/:/data/
   lldap:
     extends:
       file: ../compose.base.yaml

book-collector/compose.yaml

@@ -1,41 +1,35 @@
 # yaml-language-server: $schema=https://raw.githubusercontent.com/compose-spec/compose-spec/master/schema/compose-spec.json
 
-name: book-collector
+x-readarr: &a1
+  extends:
+    file: ../compose.base.yaml
+    service: exposed-service
+  image: lscr.io/linuxserver/readarr:develop # TODO: Move to a stable version
+  environment:
+    PUID: ${NASCOMPOSE_UID?}
+    PGID: ${NASCOMPOSE_GID?}
+  networks:
+    - torrents
+    - usenet
+
 services:
   readarr-audiobook:
-    extends:
+    <<: *a1
-      file: ../compose.base.yaml
-      service: exposed-service
     container_name: readarr-audiobook
-    image: lscr.io/linuxserver/readarr:develop # TODO: Move to a stable version
-    environment:
-      PUID: ${NASCOMPOSE_UID?}
-      PGID: ${NASCOMPOSE_GID?}
-    networks:
-      - torrents
-      - usenet
     volumes:
       - ./volumes/readarr-audiobook_config/:/config/
       - ${NASCOMPOSE_DATA?}/:/data/
     labels:
       traefik.http.routers.readarr-audiobook.middlewares: authelia@file
   readarr-ebook:
-    extends:
+    <<: *a1
-      file: ../compose.base.yaml
-      service: exposed-service
     container_name: readarr-ebook
-    image: lscr.io/linuxserver/readarr:develop # TODO: Move to a stable version
-    environment:
-      PUID: ${NASCOMPOSE_UID?}
-      PGID: ${NASCOMPOSE_GID?}
-    networks:
-      - torrents
-      - usenet
     volumes:
       - ./volumes/readarr-ebook_config/:/config/
       - ${NASCOMPOSE_DATA?}/:/data/
     labels:
       traefik.http.routers.readarr-ebook.middlewares: authelia@file
+
 networks:
   reverse-proxy:
     external: true

bootstrap/compose.macvlan.yaml

@@ -19,5 +19,3 @@ networks:
           ip_range: ${NASCOMPOSE_MACVLAN_RANGE?}
           aux_addresses:
             nas: ${NASCOMPOSE_MACVLAN_HOST_IP?}
-    labels:
-      nas-compose.boostrap: true

comic-collector/compose.yaml

@@ -23,3 +23,5 @@ networks:
     external: true
   usenet:
     external: true
+  reverse-proxy:
+    external: true

compose.base.yaml

@@ -1,6 +1,9 @@
 services:
+  # All services should at least use this
   base-service:
+    # Always restart unless explicitly stopped
     restart: unless-stopped
+    # Send the logs to a Loki instance with ability to fail
     logging:
       driver: loki
       options:
@@ -8,8 +11,11 @@ services:
         loki-retries: 2
         loki-max-backoff: 800ms
         loki-timeout: 1s
-        keep-file: 'true'
+        keep-file: true
+        max-size: 20m
+        max-file: 5
 
+  # Service exposed via the reverse proxy
   exposed-service:
     extends: base-service
     networks:

docker-monitoring/compose.yaml

@@ -4,7 +4,7 @@ services:
   watchtower:
     extends:
       file: ../compose.base.yaml
-      service:  ase-service
+      service: base-service
     container_name: watchtower
     image: containrrr/watchtower
     environment:

document-collector/compose.yaml

@@ -7,33 +7,32 @@ services:
       service: exposed-service
     container_name: paperless
     image: ghcr.io/paperless-ngx/paperless-ngx
+    env_file: ./config/paperless.env
     environment:
-      PAPERLESS_REDIS: redis://paperless-broker:6379
+      PAPERLESS_REDIS: redis://paperless-redis:6379
       USERMAP_UID: ${NASCOMPOSE_UID?}
       USERMAP_GID: ${NASCOMPOSE_GID?}
       PAPERLESS_URL: https://paperless.${NASCOMPOSE_DOMAIN?}
-      PAPERLESS_ENABLE_HTTP_REMOTE_USER: true
       PAPERLESS_TRASH_DIR: /usr/src/paperless/media/recycle-bin/paperless/
       PAPERLESS_OCR_USER_ARGS: '{"invalidate_digital_signatures": true}'
     networks:
       - default
     depends_on:
-      - paperless-broker
+      - paperless-redis
     volumes:
       - ./volumes/paperless_data/:/usr/src/paperless/data/
       - ${NASCOMPOSE_DATA?}/media/:/usr/src/paperless/media/
       - ${NASCOMPOSE_DATA?}/consume:/usr/src/paperless/consume
       - ${NASCOMPOSE_DATA?}/export:/usr/src/paperless/export
-    labels:
+  paperless-redis:
-      traefik.http.routers.paperless.middlewares: authelia@file
-  paperless-broker:
     extends:
       file: ../compose.base.yaml
       service: base-service
-    container_name: paperless-broker
+    container_name: paperless-redis
     image: redis
+    user: ${NASCOMPOSE_UID?}:${NASCOMPOSE_GID?}
     volumes:
-      - ./volumes/broker_data/:/data/
+      - ./volumes/redis_data/:/data/
 networks:
   reverse-proxy:
     external: true

ebook-reader/compose.yaml

@@ -14,8 +14,8 @@ services:
       - calibre
     volumes:
       - ./volumes/calibre_config/:/config/
-      - ${NASCOMPOSE_DATA?}/media/ebooks/:/data/media/ebooks/
       - ./volumes/calibre_database/metadata.db:/data/media/ebooks/metadata.db
+      - ${NASCOMPOSE_DATA?}/media/ebooks/:/data/media/ebooks/
     labels:
       traefik.http.services.calibre.loadbalancer.server.port: 8080
       traefik.http.routers.calibre.middlewares: authelia@file

media-player/compose.yaml

@@ -65,9 +65,8 @@ services:
     volumes:
       - ./volumes/audiobookshelf_config/:/config/
       - ./volumes/audiobookshelf_metadata/:/metadata/
-      - ${NASCOMPOSE_DATA?}/media/audiobooks/:/audiobooks/
+      - ${NASCOMPOSE_DATA?}/media/audiobooks/:/data/audiobooks/:ro
     labels:
-      traefik.http.routers.audiobookshelf.middlewares: authelia@file
       traefik.http.services.audiobookshelf.loadbalancer.server.port: 13378
 networks:
   media-player:

monitoring/compose.yaml

@@ -30,9 +30,12 @@ services:
     container_name: grafana
     image: grafana/grafana-oss
     user: ${NASCOMPOSE_UID?}:${NASCOMPOSE_GID?}
+    environment:
+      MASCOMPOSE_DOMAIN: ${NASCOMPOSE_DOMAIN?}
     volumes:
       - ./volumes/grafana_data/:/var/lib/grafana
       - ./config/grafana.ini:/etc/grafana/grafana.ini:ro
+      - ./secrets/grafana_oauth:/run/secrets/oauth_secret:ro
     networks:
       - default
   cadvisor:
@@ -46,6 +49,7 @@ services:
       - --enable_metrics=app,cpu,memory,network,oom_event,percpu
       - --store_container_labels=false
       - --docker_only=true
+      - --housekeeping_interval=10s
       - --whitelisted_container_labels=com.docker.compose.project,com.docker.compose.service
     volumes:
       - /:/rootfs:ro

nas-compose.env

@@ -1,23 +0,0 @@
-COMPOSE_PROFILES=ebooks,plaxt,usenet,torrents-xseed
-
-NASCOMPOSE_UID=1000
-NASCOMPOSE_GID=1000
-
-NASCOMPOSE_SERVICES=
-NASCOMPOSE_DATA=
-NASCOMPOSE_DOMAIN=
-NASCOMPOSE_LDAP_DN=
-
-NASCOMPOSE_MACVLAN_IFACE=
-NASCOMPOSE_MACVLAN_SUBNET=
-NASCOMPOSE_MACVLAN_GATEWAY=
-NASCOMPOSE_MACVLAN_RANGE=
-NASCOMPOSE_MACVLAN_HOST_IP=
-NASCOMPOSE_MACVLAN_TRAEFIK_IP=
-NASCOMPOSE_MACVLAN_PLEX_IP=
-NASCOMPOSE_MACVLAN_PORTAINER_IP=
-
-NASCOMPOSE_AUTHELIA_SMTP_ADDRESS=
-NASCOMPOSE_AUTHELIA_SMTP_USERNAME=
-
-NASCOMPOSE_DUCKDNS_DOMAIN=

nas-compose.env.template

@@ -0,0 +1,24 @@
+# Profiles to enable across the instance
+# Supported profiles:
+#   - plaxt: Plex -> Trakt Integration
+#   - ebooks: Support for ebooks and audiobooks
+#   - usenet: Support for usenet client
+#   - torrents-seeding: Support for a dedicated "seeding only" torrent client
+COMPOSE_PROFILES=ebooks,plaxt,usenet,torrents-seeding
+
+# UID and GID used in the docker containers
+NASCOMPOSE_UID=1000
+NASCOMPOSE_GID=1000
+
+# Path to the docker services folders (SSD preferable)
+NASCOMPOSE_SERVICES=
+# Path to the data folders (HDD and storage)
+NASCOMPOSE_DATA=
+# FQDN of the group of services
+NASCOMPOSE_DOMAIN=
+
+# MacVLAN dedicated IP addresses
+NASCOMPOSE_MACVLAN_HOST_IP=
+NASCOMPOSE_MACVLAN_TRAEFIK_IP=
+NASCOMPOSE_MACVLAN_PLEX_IP=
+NASCOMPOSE_MACVLAN_LOKI_IP=

photo-collector/compose.yaml

@@ -12,37 +12,42 @@ services:
       - smtp-server
       - default
     depends_on:
-      - immich_redis
+      - immich-redis
-      - immich_postgres
+      - immich-postgres
     environment:
+      REDIS_HOSTNAME: immich-redis
+      DB_HOSTNAME: immich-postgres
       DB_USERNAME: postgres
       DB_PASSWORD: postgres
       DB_DATABASE_NAME: immich
     volumes:
       - ${NASCOMPOSE_DATA?}/media/photos/:/usr/src/app/upload/
-    labels:
+  immich-ml:
-      traefik.http.routers.immich.middlewares: authelia@file
-  immich-machine-learning:
     extends:
       file: ../compose.base.yaml
       service: base-service
-    hostname: immich-machine-learning
+    container_name: immich-ml
     image: ghcr.io/immich-app/immich-machine-learning:release
+    user: ${NASCOMPOSE_UID?}:${NASCOMPOSE_GID?}
     volumes:
       - ./volumes/immich_ml_cache/:/cache/
-  immich_redis:
+      - ./volumes/immich_ml_config/:/.config/
+  immich-redis:
     extends:
       file: ../compose.base.yaml
       service: base-service
-    hostname: redis
+    container_name: immich-redis
     image: redis:6.2-alpine
     healthcheck:
       test: redis-cli ping || exit 1
-  immich_postgres:
+    user: ${NASCOMPOSE_UID?}:${NASCOMPOSE_GID?}
+    volumes:
+      - ./volumes/redis_data/:/data/
+  immich-postgres:
     extends:
       file: ../compose.base.yaml
       service: base-service
-    hostname: database
+    container_name: immich-postgres
     image: tensorchord/pgvecto-rs:pg14-v0.2.0
     user: ${NASCOMPOSE_UID?}:${NASCOMPOSE_GID?}
     environment:

reverse-proxy/compose.macvlan.yaml

@@ -4,7 +4,6 @@ services:
   traefik:
     environment:
       NASCOMPOSE_MACVLAN_SYNOLOGY_IP: ${NASCOMPOSE_MACVLAN_HOST_IP?}
-      NASCOMPOSE_MACVLAN_PORTAINER_IP: ${NASCOMPOSE_MACVLAN_PORTAINER_IP?}
     networks:
       macvlan:
         ipv4_address: ${NASCOMPOSE_MACVLAN_TRAEFIK_IP?}

reverse-proxy/compose.yaml

@@ -11,6 +11,7 @@ services:
     #user: ${NASCOMPOSE_UID?}:${NASCOMPOSE_GID?}
     environment:
       NASCOMPOSE_DOMAIN: ${NASCOMPOSE_DOMAIN?}
+      NASCOMPOSE_ROUTER_URL: ${NASCOMPOSE_ROUTER_URL?}
       TRAEFIK_CERTIFICATESRESOLVERS_DEFAULTRESOLVER_ACME_EMAIL: admin@${NASCOMPOSE_DOMAIN?}
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock

reverse-proxy/configs/dynamic/router.yml

@@ -0,0 +1,15 @@
+# yaml-language-server: $schema=https://json.schemastore.org/traefik-v2-file-provider.json
+
+http:
+  services:
+    router:
+      loadBalancer:
+        servers:
+          - url: {{ env `NASCOMPOSE_ROUTER_URL` }}
+        passHostHeader: false
+  routers:
+    router:
+      rule: 'Host(`router.{{ env `NASCOMPOSE_DOMAIN` }}`)'
+      service: router@file
+      middlewares:
+        - authelia@file