diff --git a/stacks/apps/adminer/stack.yml b/stacks/apps/adminer/stack.yml index 25134e0..c6d4a4e 100644 --- a/stacks/apps/adminer/stack.yml +++ b/stacks/apps/adminer/stack.yml @@ -8,8 +8,19 @@ services: environment: - ADMINER_DEFAULT_SERVER=10.0.4.10 - ADMINER_DESIGN=nette + healthcheck: + test: ["CMD", "php", "-r", "if (file_get_contents('http://localhost:8080')) exit(0); exit(1);"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 20s deploy: replicas: 1 + resources: + limits: + memory: 512M + reservations: + memory: 128M networks: homelab: external: true diff --git a/stacks/apps/authentik/stack.yml b/stacks/apps/authentik/stack.yml index ec587ea..7ec3078 100644 --- a/stacks/apps/authentik/stack.yml +++ b/stacks/apps/authentik/stack.yml @@ -8,8 +8,19 @@ services: - 6379:6379 networks: - homelab + healthcheck: + test: ["CMD", "redis-cli", "ping"] + interval: 30s + timeout: 5s + retries: 3 + start_period: 10s deploy: replicas: 1 + resources: + limits: + memory: 512M + reservations: + memory: 128M authentik_server: image: ghcr.io/goauthentik/server:2025.10.0 @@ -33,8 +44,20 @@ services: - /var/run/docker.sock:/var/run/docker.sock networks: - homelab + healthcheck: + test: ["CMD-SHELL", "ak healthcheck"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 90s deploy: replicas: 1 + resources: + limits: + memory: 1G + cpus: '1.0' + reservations: + memory: 512M labels: - "traefik.enable=true" - "traefik.http.routers.authentik.rule=Host(`auth.frostlabs.me`)" @@ -69,6 +92,12 @@ services: - homelab deploy: replicas: 1 + resources: + limits: + memory: 1G + cpus: '1.0' + reservations: + memory: 512M depends_on: - redis diff --git a/stacks/apps/n8n/stack.yml b/stacks/apps/n8n/stack.yml index 3bd549d..6f0fa3c 100644 --- a/stacks/apps/n8n/stack.yml +++ b/stacks/apps/n8n/stack.yml @@ -15,6 +15,12 @@ services: volumes: - /home/doc/swarm-data/appdata/n8n:/home/node/.n8n - /var/run/docker.sock:/var/run/docker.sock:ro + healthcheck: + test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:5678/healthz"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 60s deploy: replicas: 1 restart_policy: diff --git a/stacks/apps/paperless/stack.yml b/stacks/apps/paperless/stack.yml index acc8bc3..957b4c0 100644 --- a/stacks/apps/paperless/stack.yml +++ b/stacks/apps/paperless/stack.yml @@ -3,8 +3,19 @@ services: image: redis:alpine networks: - homelab + healthcheck: + test: ["CMD", "redis-cli", "ping"] + interval: 30s + timeout: 5s + retries: 3 + start_period: 10s deploy: replicas: 1 + resources: + limits: + memory: 512M + reservations: + memory: 128M paperless_webserver: image: ghcr.io/paperless-ngx/paperless-ngx:latest @@ -43,8 +54,20 @@ services: - PAPERLESS_ADMIN_MAIL=john.allisonwin@outlook.com networks: - homelab + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:8000"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 90s deploy: replicas: 1 + resources: + limits: + memory: 2G + cpus: '2.0' + reservations: + memory: 1G depends_on: # Fixed: removed postgres dependency - paperless_redis diff --git a/stacks/apps/uptime/stack.yml b/stacks/apps/uptime/stack.yml index ccda841..6c1491f 100644 --- a/stacks/apps/uptime/stack.yml +++ b/stacks/apps/uptime/stack.yml @@ -29,7 +29,7 @@ services: order: start-first labels: - "traefik.enable=true" - - "traefik.http.routers.uptime-kuma.rule=Host(`status.bitfrost.me`)" + - "traefik.http.routers.uptime-kuma.rule=Host(`status.frostlabs.me`)" - "traefik.http.routers.uptime-kuma.entrypoints=websecure" - "traefik.http.routers.uptime-kuma.tls.certresolver=cloudflare" - "traefik.http.services.uptime-kuma.loadbalancer.server.port=3001" diff --git a/stacks/core/traefik/stack.yml b/stacks/core/traefik/stack.yml index 6b961fa..8285dc6 100644 --- a/stacks/core/traefik/stack.yml +++ b/stacks/core/traefik/stack.yml @@ -4,6 +4,7 @@ services: command: - --api.dashboard=true - --api.insecure=true + - --ping=true - --entrypoints.web.address=:80 - --entrypoints.websecure.address=:443 - --entrypoints.web.http.redirections.entrypoint.to=websecure @@ -34,12 +35,24 @@ services: - cloudflare_api_token networks: - homelab + healthcheck: + test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:8080/ping"] + interval: 30s + timeout: 5s + retries: 3 + start_period: 30s deploy: mode: replicated replicas: 1 placement: constraints: - node.hostname == p0 + resources: + limits: + memory: 512M + cpus: '0.5' + reservations: + memory: 256M labels: - "traefik.enable=true" - "traefik.http.routers.traefik.rule=Host(`proxy.frostlabs.me`)" diff --git a/stacks/web/tracker/stack.yml b/stacks/web/tracker/stack.yml index a92a926..9d3d96c 100644 --- a/stacks/web/tracker/stack.yml +++ b/stacks/web/tracker/stack.yml @@ -9,8 +9,19 @@ services: - /home/doc/swarm-data/appdata/webservers/production/nginx/nginx.conf:/etc/nginx/nginx.conf:ro - /home/doc/swarm-data/appdata/webservers/production/nginx/.conf/default.conf:/etc/nginx/conf.d/default.conf:ro - /home/doc/swarm-data/appdata/webfiles/production/taylors-development:/usr/share/nginx/html:ro + healthcheck: + test: ["CMD-SHELL", "curl -f http://localhost:80 || exit 1"] + interval: 30s + timeout: 5s + retries: 3 + start_period: 10s deploy: replicas: 1 + resources: + limits: + memory: 256M + reservations: + memory: 64M networks: homelab: external: true \ No newline at end of file