diff --git a/docs/index.html b/docs/index.html
index bba42e7..a8e087b 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
-<!-- 2021-01-03 dim. 22:51 -->
+<!-- 2021-01-03 dim. 22:54 -->
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
 <title>Dotfiles - Manjaro Linux</title>
 <meta name="generator" content="Org mode" />
@@ -38,13 +38,13 @@ There are Specific configuration files for:
 <li><b>Editors</b>: <a href="vim.html">Neovim</a> and <a href="./doom.html">Emacs (Doom)</a> (<a href="emacs-library-babel.html">library of babel</a>, <a href="emacs-snippets.html">snippets</a>)</li>
 <li><b>Shell</b>: <a href="bash.html">Bash</a></li>
 <li><b>Terminal Emulator</b>: <a href="termite.html">Termite</a></li>
-<li><b>Terminal Multiplexer</b> <a href="tmux.html">TMUX</a></li>
-<li><b>Image Setup</b>: <a href="image.html">SXIV</a></li>
-<li><b>Music Setup</b>: <a href="music.html">NCMPCPP, Mopidy and Beets</a></li>
-<li><b>Video Setup</b>: <a href="video.html">MPV</a></li>
+<li><b>Terminal Multiplexer</b> <a href="tmux.html">Tmux</a></li>
+<li><b>Image Setup</b>: <a href="image.html">Sxiv</a></li>
+<li><b>Music Setup</b>: <a href="music.html">Ncmpcpp, Mopidy and Beets</a></li>
+<li><b>Video Setup</b>: <a href="video.html">Mpv</a></li>
 <li><b>Web Browser</b>: <a href="qutebrowser.html">Qutebrowser</a></li>
 <li><b>PDF Reader</b>: <a href="zathura.html">Zathura</a></li>
-<li><b>GUI File Manager</b>: <a href="pcmanfm.html">Pcmanfm</a></li>
+<li><b>GUI File Manager</b>: <a href="pcmanfm.html">PCManFM</a></li>
 <li><b>Terminal File Manager</b>: <a href="ranger.html">Ranger</a></li>
 <li><b>Calendar</b>: <a href="calendar.html">Vdirsyncer and Khal</a></li>
 <li><b>Mails</b>: <a href="mail.html">Mbsync, Msmtp, Mu and Neomutt</a></li>
@@ -57,6 +57,10 @@ There are Specific configuration files for:
 <li><b>GUI Toolkit</b>: <a href="gtk.html">GTK</a></li>
 <li><a href="config.html">Other Config</a></li>
 </ul>
+
+<p>
+I also have a nice Home-Server which configuration files can be found <a href="nas.html">here</a>.
+</p>
 </div>
 </body>
 </html>
diff --git a/docs/nas.html b/docs/nas.html
new file mode 100644
index 0000000..c5d0e9e
--- /dev/null
+++ b/docs/nas.html
@@ -0,0 +1,1965 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
+<head>
+<!-- 2021-01-03 dim. 22:51 -->
+<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
+<title>Home Server</title>
+<meta name="generator" content="Org mode" />
+<meta name="author" content="Dehaeze Thomas" />
+<link rel="stylesheet" type="text/css" href="./dist/style.css"/>
+<script type="text/javascript" src="./dist/script.js"></script>
+</head>
+<body>
+<div id="org-div-home-and-up">
+ <a accesskey="h" href="./index.html"> UP </a>
+ |
+ <a accesskey="H" href="./index.html"> HOME </a>
+</div><div id="content">
+<h1 class="title">Home Server</h1>
+<div id="table-of-contents">
+<h2>Table of Contents</h2>
+<div id="text-table-of-contents">
+<ul>
+<li><a href="#org1f7afb5">Installation</a>
+<ul>
+<li><a href="#orgb93bb73">Hardware</a></li>
+<li><a href="#orgcd06b2a">Ubuntu</a></li>
+<li><a href="#orgbc4de87">Install Important software</a></li>
+<li><a href="#org5a59bf0">Terminal Problem</a></li>
+<li><a href="#org9b7e434">Minor Modifications of <code>~/.inputrc</code></a></li>
+<li><a href="#orgf50ccc2">Partition and Format Disk Drives</a></li>
+<li><a href="#orgf64f7a4">MergerFS and FStab</a></li>
+<li><a href="#orgb67aa33">Automating with SnapRAID Runner</a></li>
+<li><a href="#org1d4a03b">Install Docker</a></li>
+<li><a href="#org1f7f7d7">Executing the Docker Command Without Sudo</a></li>
+<li><a href="#org88013e8">Install Docker-Compose</a></li>
+<li><a href="#orgd2ef096">Setup Docker Networks</a></li>
+<li><a href="#orgefaaeb5">Change Timezone</a></li>
+<li><a href="#org28378b4">Secure the Web Server</a></li>
+<li><a href="#orgd02e736">Automatic Security Updates</a></li>
+<li><a href="#orga975f26">Setup cronjobs</a></li>
+<li><a href="#orgcb0d234">Run <code>docker-compose</code></a></li>
+</ul>
+</li>
+<li><a href="#orge39332b">Maintenance - How To</a>
+<ul>
+<li><a href="#orgab9cc12">Update System/Packages</a></li>
+<li><a href="#orgbd671d1">Docker Commands</a></li>
+<li><a href="#orgc233df6">Add User and Password for Basic Authentication</a></li>
+<li><a href="#org441209b">Snapraid</a></li>
+<li><a href="#orged978b5">Restore Online backup with <code>restic</code></a></li>
+</ul>
+</li>
+<li><a href="#orga8d1885">Docker-Compose</a>
+<ul>
+<li><a href="#orgff78ad6">Networks</a></li>
+<li><a href="#org0df1fca">Traefik</a></li>
+<li><a href="#org71bbad9">Portainer</a></li>
+<li><a href="#org658129f">Jellyfin</a></li>
+<li><a href="#orgfce2f91">Gitea</a></li>
+<li><a href="#org8ac0294">Transfer.sh</a></li>
+<li><a href="#org3d970ae">Caddy</a></li>
+<li><a href="#org52d5b6f">Syncthing</a></li>
+<li><a href="#org2ecd982">Aria2</a></li>
+<li><a href="#org18acd57">Miniflux</a></li>
+<li><a href="#org2690f5c">Wireguard</a></li>
+<li><a href="#org25623c1">Snapraid</a></li>
+<li><a href="#orgc641172">Home Assistant</a></li>
+<li><a href="#orgdbb1195">Jackett</a></li>
+<li><a href="#orga588475">Radarr</a></li>
+<li><a href="#org0cd215e">Sonarr</a></li>
+<li><a href="#orgb53322c">Ombi</a></li>
+<li><a href="#orgff0412d">Transmission</a></li>
+<li><a href="#org8694f7f">Bazarr</a></li>
+<li><a href="#orga6fbf52">Hugo</a></li>
+<li><a href="#orgd938378">Bitwarden</a></li>
+<li><a href="#org2687fbb">Homer</a></li>
+<li><a href="#org7a4f700">Restic</a></li>
+<li><a href="#org7266158">CloudCMD</a></li>
+<li><a href="#org2b3f1d1">Gotify</a></li>
+<li><a href="#org625d5ca">Scrutiny</a></li>
+<li><a href="#org27d8ca3">Guacamole</a></li>
+<li><a href="#org45442d6">Mail-CLI</a></li>
+<li><a href="#orgffad5f9">Deemix</a></li>
+</ul>
+</li>
+<li><a href="#orgbb869cd"><code>.env</code> - Variable used for Docker Compose</a></li>
+<li><a href="#orgf0182df">Cron Jobs</a>
+<ul>
+<li><a href="#org34f5942">Caddy Update</a></li>
+</ul>
+</li>
+<li><a href="#orgd5b772a">Config</a>
+<ul>
+<li><a href="#org8d116c0">Caddy</a></li>
+<li><a href="#orgbf7fb7b">Homer</a></li>
+<li><a href="#orgcd8f174">Restic</a></li>
+<li><a href="#org3b51886">Snapraid</a>
+<ul>
+<li><a href="#org243fb45"><code>snapraid.conf</code></a></li>
+<li><a href="#orgf79de7e"><code>snapraid-runner.conf</code></a></li>
+</ul>
+</li>
+</ul>
+</li>
+</ul>
+</div>
+</div>
+
+<div id="outline-container-org1f7afb5" class="outline-2">
+<h2 id="org1f7afb5">Installation</h2>
+<div class="outline-text-2" id="text-org1f7afb5">
+</div>
+<div id="outline-container-orgb93bb73" class="outline-3">
+<h3 id="orgb93bb73">Hardware</h3>
+<div class="outline-text-3" id="text-orgb93bb73">
+<table id="orgdb39c31" border="2" cellspacing="0" cellpadding="6" rules="groups" frame="hsides">
+<caption class="t-above"><span class="table-number">Table 1:</span> Home Server Hardware</caption>
+
+<colgroup>
+<col  class="org-left" />
+
+<col  class="org-left" />
+</colgroup>
+<thead>
+<tr>
+<th scope="col" class="org-left"><b>Part</b></th>
+<th scope="col" class="org-left"><b>Model</b></th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="org-left">Case</td>
+<td class="org-left">Fractal Design Node 804</td>
+</tr>
+
+<tr>
+<td class="org-left">Motherboard</td>
+<td class="org-left">ASUS PRIME B450M-A</td>
+</tr>
+
+<tr>
+<td class="org-left">CPU</td>
+<td class="org-left">AMD Ryzen 3 3200G</td>
+</tr>
+
+<tr>
+<td class="org-left">RAM</td>
+<td class="org-left">Corsair Vengeance LPX 16Go (2x8Go) DDR4 3200MHz</td>
+</tr>
+
+<tr>
+<td class="org-left">Cooler</td>
+<td class="org-left">ARCTIC Freezer 34 eSports DUO</td>
+</tr>
+
+<tr>
+<td class="org-left">PSU</td>
+<td class="org-left">Corsair SF450</td>
+</tr>
+
+<tr>
+<td class="org-left">SSD M.2</td>
+<td class="org-left">Samsung 970 EVO Plus 250Gb</td>
+</tr>
+
+<tr>
+<td class="org-left">Disk Drives</td>
+<td class="org-left">Various drives ranging from 3Tb to 8Tb</td>
+</tr>
+</tbody>
+</table>
+</div>
+</div>
+
+<div id="outline-container-orgcd06b2a" class="outline-3">
+<h3 id="orgcd06b2a">Ubuntu</h3>
+<div class="outline-text-3" id="text-orgcd06b2a">
+<ul class="org-ul">
+<li>Download <b>Ubuntu Server 20.04 LTS</b> (<a href="https://ubuntu.com/download/server">link</a>).</li>
+<li>Activate OpenSSH and add SSH Keys</li>
+<li>Account: <code>thomas</code>, hostname: <code>homelab</code></li>
+</ul>
+</div>
+</div>
+
+<div id="outline-container-orgbc4de87" class="outline-3">
+<h3 id="orgbc4de87">Install Important software</h3>
+<div class="outline-text-3" id="text-orgbc4de87">
+<div class="org-src-container">
+<pre class="src src-bash">  <span class="org-type">sudo</span> apt install neovim tmux fd-find ripgrep apache2-utils unrar ranger fzf stow
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org5a59bf0" class="outline-3">
+<h3 id="org5a59bf0">Terminal Problem</h3>
+<div class="outline-text-3" id="text-org5a59bf0">
+<p>
+On the local host, using Termite:
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  infocmp &gt; termite.terminfo  <span class="org-comment-delimiter"># </span><span class="org-comment">export Termite's Terminfo</span>
+  scp termite.terminfo user@remote-host:~/  <span class="org-comment-delimiter"># </span><span class="org-comment">or any other method to copy to the remote host</span>
+</pre>
+</div>
+
+<p>
+On the remote host, in the directory where you copied <code>termite.terminfo</code>:
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  tic -x termite.terminfo  <span class="org-comment-delimiter"># </span><span class="org-comment">import Terminfo for current user</span>
+  <span class="org-type">rm</span> termite.terminfo  <span class="org-comment-delimiter"># </span><span class="org-comment">optional: remove Terminfo file</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org9b7e434" class="outline-3">
+<h3 id="org9b7e434">Minor Modifications of <code>~/.inputrc</code></h3>
+<div class="outline-text-3" id="text-org9b7e434">
+<p>
+Modify <code>~/.inputrc</code>, like so:
+</p>
+<div class="org-src-container">
+<pre class="src src-conf">  <span class="org-string">"\e[A"</span>: history-search-backward            <span class="org-comment-delimiter"># </span><span class="org-comment">arrow up</span>
+  <span class="org-string">"\e[B"</span>: history-search-forward             <span class="org-comment-delimiter"># </span><span class="org-comment">arrow down</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgf50ccc2" class="outline-3">
+<h3 id="orgf50ccc2">Partition and Format Disk Drives</h3>
+<div class="outline-text-3" id="text-orgf50ccc2">
+<p>
+A nice tutorial is available <a href="https://www.digitalocean.com/community/tutorials/how-to-partition-and-format-storage-devices-in-linux">here</a>.
+</p>
+
+<div class="org-src-container">
+<pre class="src src-bash">  lsblk
+</pre>
+</div>
+
+<div class="org-src-container">
+<pre class="src src-bash">  <span class="org-type">sudo</span> parted /dev/sda mklabel gpt
+</pre>
+</div>
+
+<div class="org-src-container">
+<pre class="src src-bash">  <span class="org-type">sudo</span> parted -a opt /dev/sda mkpart <span class="org-string">"partitionname"</span> ext4 0% 100%
+</pre>
+</div>
+
+<div class="org-src-container">
+<pre class="src src-bash">  <span class="org-type">sudo</span> mkfs.ext4 -L partitionname /dev/sda1
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgf64f7a4" class="outline-3">
+<h3 id="orgf64f7a4">MergerFS and FStab</h3>
+<div class="outline-text-3" id="text-orgf64f7a4">
+<p>
+<b>MergerFS</b> is a transparent layer that sits on top of the data drives providing a single mount point for reads / writes (<a href="https://selfhostedhome.com/combining-different-sized-drives-with-mergerfs-and-snapraid/">link</a>).
+</p>
+
+
+<div class="org-src-container">
+<pre class="src src-bash">  <span class="org-type">sudo</span> apt install mergerfs
+</pre>
+</div>
+
+<p>
+Create mount points
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  <span class="org-type">sudo</span> <span class="org-type">mkdir</span> /mnt/disk0
+  <span class="org-type">sudo</span> <span class="org-type">mkdir</span> /mnt/disk1
+  <span class="org-type">sudo</span> <span class="org-type">mkdir</span> /mnt/parity
+</pre>
+</div>
+
+<p>
+Create folder where disks will be merged.
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  <span class="org-type">sudo</span> <span class="org-type">mkdir</span> /srv/storage
+</pre>
+</div>
+
+<p>
+Edit <code>/etc/fstab</code>.
+</p>
+<div class="org-src-container">
+<pre class="src src-conf">  /dev/disk/by-uuid/7fb7873c-83bd-4805-98ab-506e6c7b56fa /mnt/disk0  ext4 defaults <span class="org-highlight-numbers-number">0</span> <span class="org-highlight-numbers-number">0</span>
+  /dev/disk/by-uuid/6574b7ae-321c-4078-9793-bc41a4fa5588 /mnt/disk1  ext4 defaults <span class="org-highlight-numbers-number">0</span> <span class="org-highlight-numbers-number">0</span>
+  /dev/disk/by-uuid/6fcd38b9-0886-46bd-900d-cb1f170dbcee /mnt/parity ext4 defaults <span class="org-highlight-numbers-number">0</span> <span class="org-highlight-numbers-number">0</span>
+
+  <span class="org-variable-name">/mnt/disk* /srv/storage fuse.mergerfs direct_io,defaults,allow_other,minfreespace</span>=50G,fsname=mergerfs <span class="org-highlight-numbers-number">0</span> <span class="org-highlight-numbers-number">0</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgb67aa33" class="outline-3">
+<h3 id="orgb67aa33">Automating with SnapRAID Runner</h3>
+<div class="outline-text-3" id="text-orgb67aa33">
+<p>
+<b>SnapRAID</b> is a snapshot parity calculation tool which acts at the block level independent of filesystem (<a href="https://selfhostedhome.com/combining-different-sized-drives-with-mergerfs-and-snapraid/">link</a>).
+</p>
+
+<p>
+SnapRAID is here used inside a Docker container (<a href="https://hub.docker.com/r/xagaba/snapraid">link</a>).
+</p>
+</div>
+</div>
+
+<div id="outline-container-org1d4a03b" class="outline-3">
+<h3 id="org1d4a03b">Install Docker</h3>
+<div class="outline-text-3" id="text-org1d4a03b">
+<p>
+The procedure is well explained <a href="https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-20-04">here</a>.
+</p>
+
+<p>
+If docker is already installed, remove it:
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  <span class="org-type">sudo</span> apt remove docker
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org1f7f7d7" class="outline-3">
+<h3 id="org1f7f7d7">Executing the Docker Command Without Sudo</h3>
+<div class="outline-text-3" id="text-org1f7f7d7">
+<div class="org-src-container">
+<pre class="src src-bash">  <span class="org-type">sudo</span> usermod -aG docker $<span class="org-rainbow-delimiters-depth-1">{</span><span class="org-variable-name">USER</span><span class="org-rainbow-delimiters-depth-1">}</span>
+</pre>
+</div>
+
+<p>
+To apply the new group membership, log out of the server and back in, or type the following:
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  su - $<span class="org-rainbow-delimiters-depth-1">{</span><span class="org-variable-name">USER</span><span class="org-rainbow-delimiters-depth-1">}</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org88013e8" class="outline-3">
+<h3 id="org88013e8">Install Docker-Compose</h3>
+<div class="outline-text-3" id="text-org88013e8">
+<div class="org-src-container">
+<pre class="src src-bash">  <span class="org-type">sudo</span> apt install docker-compose
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgd2ef096" class="outline-3">
+<h3 id="orgd2ef096">Setup Docker Networks</h3>
+<div class="outline-text-3" id="text-orgd2ef096">
+<div class="org-src-container">
+<pre class="src src-bash">  docker network create --gateway 192.168.90.1 --subnet 192.168.90.0/24 t2_proxy
+  docker network create docker_default
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgefaaeb5" class="outline-3">
+<h3 id="orgefaaeb5">Change Timezone</h3>
+<div class="outline-text-3" id="text-orgefaaeb5">
+<div class="org-src-container">
+<pre class="src src-bash">  <span class="org-type">sudo</span> timedatectl set-timezone Europe/Paris
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org28378b4" class="outline-3">
+<h3 id="org28378b4">Secure the Web Server</h3>
+<div class="outline-text-3" id="text-org28378b4">
+<p>
+Most of it comes from <a href="https://github.com/imthenachoman/How-To-Secure-A-Linux-Server">here</a>.
+</p>
+
+<ul class="org-ul">
+<li>Set <code>PasswordAuthentication</code> no in <code>/etc/ssh/sshd_config</code></li>
+</ul>
+</div>
+</div>
+
+<div id="outline-container-orgd02e736" class="outline-3">
+<h3 id="orgd02e736">Automatic Security Updates</h3>
+<div class="outline-text-3" id="text-orgd02e736">
+<p>
+The procedure is well explained <a href="https://www.linuxbabe.com/ubuntu/automatic-security-update-unattended-upgrades-ubuntu">here</a>.
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  <span class="org-type">sudo</span> apt install unattended-upgrades update-notifier-common
+</pre>
+</div>
+
+<p>
+Edit <code>/etc/apt/apt.conf.d/50unattended-upgrades</code>, and change the following lines:
+</p>
+<div class="org-src-container">
+<pre class="src src-conf">Unattended-Upgrade::Remove-Unused-Dependencies <span class="org-string">"true"</span>;
+Unattended-Upgrade::Automatic-Reboot <span class="org-string">"true"</span>;
+Unattended-Upgrade::Automatic-Reboot-Time <span class="org-string">"04:00"</span>;
+</pre>
+</div>
+
+<p>
+Edit <code>/etc/apt/apt.conf.d/20auto-upgrades</code>:
+</p>
+<div class="org-src-container">
+<pre class="src src-conf">APT::Periodic::Update-Package-Lists <span class="org-string">"1"</span>;
+APT::Periodic::Unattended-Upgrade <span class="org-string">"1"</span>;
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orga975f26" class="outline-3">
+<h3 id="orga975f26">Setup cronjobs</h3>
+<div class="outline-text-3" id="text-orga975f26">
+<p>
+Create a folder <code>~/cron</code> with all the scripts and logs related to cron.
+</p>
+
+<p>
+To edit the cron jobs, type <code>crontab -e</code> and add a line like:
+</p>
+<div class="org-src-container">
+<pre class="src src-conf">  */5 * * * * /home/thomas/cron/caddy_update.sh &gt;&gt; /home/thomas/cron/caddy_update.log 2&gt;&amp;1
+</pre>
+</div>
+
+<p>
+That will run every 5 minutes.
+To check how the first part of the crontab works, check <a href="https://crontab.guru/">this website</a>.
+</p>
+</div>
+</div>
+
+<div id="outline-container-orgcb0d234" class="outline-3">
+<h3 id="orgcb0d234">Run <code>docker-compose</code></h3>
+<div class="outline-text-3" id="text-orgcb0d234">
+<div class="org-src-container">
+<pre class="src src-bash">  <span class="org-type">cd</span> ~/docker &amp;&amp; docker-compose up -d
+</pre>
+</div>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orge39332b" class="outline-2">
+<h2 id="orge39332b">Maintenance - How To</h2>
+<div class="outline-text-2" id="text-orge39332b">
+</div>
+<div id="outline-container-orgab9cc12" class="outline-3">
+<h3 id="orgab9cc12">Update System/Packages</h3>
+<div class="outline-text-3" id="text-orgab9cc12">
+<div class="org-src-container">
+<pre class="src src-bash">  <span class="org-type">sudo</span> -- sh -c <span class="org-string">'apt-get update; apt-get upgrade -y; apt-get dist-upgrade -y; apt-get autoremove -y; apt-get autoclean -y'</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgbd671d1" class="outline-3">
+<h3 id="orgbd671d1">Docker Commands</h3>
+<div class="outline-text-3" id="text-orgbd671d1">
+<ul class="org-ul">
+<li>Starting a container: <code>$ docker start homeassistant</code></li>
+<li>Stopping a container: <code>$ docker stop homeassistant</code></li>
+<li>Restarting a container: <code>$ docker restart homeassistant</code></li>
+<li>Listing the running containers: <code>$ docker ps or $ cd ~/docker/ &amp;&amp; docker-compose ps</code></li>
+<li>View the logs of a container: <code>$ docker logs -f homeassistant</code></li>
+<li>Drop a shell into a container: <code>$ docker exec -it homeassistant /bin/bash</code></li>
+<li>Update specific container: <code>docker-compose pull --ignore-pull-failures homeassistant</code></li>
+</ul>
+
+<p>
+Update All Containers
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  <span class="org-type">cd</span> ~/docker/ &amp;&amp; docker-compose pull --ignore-pull-failures &amp;&amp; docker-compose up -d
+</pre>
+</div>
+
+<p>
+Clean up Docker environment
+This will delete all unused images, volumes and networks.
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  docker system prune -f &amp;&amp; docker image prune -f &amp;&amp; docker volume prune -f
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgc233df6" class="outline-3">
+<h3 id="orgc233df6">Add User and Password for Basic Authentication</h3>
+<div class="outline-text-3" id="text-orgc233df6">
+<ul class="org-ul">
+<li>Go to <a href="https://www.web2generators.com/apache-tools/htpasswd-generator">https://www.web2generators.com/apache-tools/htpasswd-generator</a> and type the username and password</li>
+<li>Alternatively, type <code>htpasswd -nb username mystrongpassword</code> in the shell</li>
+<li>Paste the output in <code>~/docker/shared/.htpasswd</code></li>
+</ul>
+</div>
+</div>
+
+<div id="outline-container-org441209b" class="outline-3">
+<h3 id="org441209b">Snapraid</h3>
+<div class="outline-text-3" id="text-org441209b">
+<p>
+To see all files &ldquo;backed up&rdquo; by snapraid, use:
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  docker exec -ti snapraid snapraid list | fzf
+</pre>
+</div>
+
+<p>
+In reality, snapraid in ran from the docker container:
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  docker exec -ti snapraid snapraid fix -f &lt;path_to_file&gt;
+</pre>
+</div>
+
+<p>
+The path to file should be relative: <code>/srv/storage/Cloud/org/file.org</code> -&gt; <code>/Cloud/org/file.org</code>
+</p>
+</div>
+</div>
+
+<div id="outline-container-orged978b5" class="outline-3">
+<h3 id="orged978b5">Restore Online backup with <code>restic</code></h3>
+<div class="outline-text-3" id="text-orged978b5">
+<p>
+To list backups:
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  docker exec restic restic snapshots
+</pre>
+</div>
+
+<pre class="example">
+ID        Time                 Host          Tags        Paths
+--------------------------------------------------------------------------------
+a7b98408  2020-09-03 21:18:00  4803c2af7d4e              /data/documents/manuals
+088e31a4  2020-09-03 21:50:26  4803c2af7d4e              /data/documents/manuals
+9cf0b480  2020-09-03 22:05:47  4803c2af7d4e              /data/documents/manuals
+--------------------------------------------------------------------------------
+3 snapshots
+</pre>
+
+
+<p>
+Force backup of folder:
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  docker exec restic restic backup /data/documents/manuals
+</pre>
+</div>
+
+<pre class="example">
+
+Files:           0 new,     2 changed,  8475 unmodified
+Dirs:            0 new,     2 changed,     0 unmodified
+Added to the repo: 1.010 KiB
+
+processed 8477 files, 589.800 MiB in 0:02
+snapshot 9cf0b480 saved
+</pre>
+
+
+<p>
+Find the path to the file within the snapshot:
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  docker exec restic restic <span class="org-type">find</span> file_name
+</pre>
+</div>
+
+<p>
+Find files only for a specific snapshot:
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  docker exec restic restic <span class="org-type">find</span> -s latest file_name
+</pre>
+</div>
+
+<p>
+Backup files/folders:
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">  docker exec restic restic restore --include /data/documents/manuals --target / 088e31a4
+</pre>
+</div>
+
+<p>
+You can use <code>latest</code> instead of the ID.
+</p>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orga8d1885" class="outline-2">
+<h2 id="orga8d1885">Docker-Compose</h2>
+<div class="outline-text-2" id="text-orga8d1885">
+<div class="org-src-container">
+<pre class="src src-yaml"><span class="org-variable-name">version</span>: <span class="org-string">"3.2"</span>
+</pre>
+</div>
+</div>
+
+<div id="outline-container-orgff78ad6" class="outline-3">
+<h3 id="orgff78ad6">Networks</h3>
+<div class="outline-text-3" id="text-orgff78ad6">
+<div class="org-src-container">
+<pre class="src src-yaml"><span class="org-variable-name">networks</span>:
+  <span class="org-variable-name">t2_proxy</span>:
+    <span class="org-variable-name">external</span>:
+      <span class="org-variable-name">name</span>: t2_proxy
+  <span class="org-variable-name">backend</span>:
+    <span class="org-variable-name">external</span>: <span class="org-constant">false</span>
+  <span class="org-variable-name">default</span>:
+    <span class="org-variable-name">driver</span>: bridge
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org0df1fca" class="outline-3">
+<h3 id="org0df1fca">Traefik</h3>
+<div class="outline-text-3" id="text-org0df1fca">
+<div class="org-src-container">
+<pre class="src src-yaml"><span class="org-variable-name">services</span>:
+</pre>
+</div>
+
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">traefik</span>:
+    <span class="org-variable-name">container_name</span>: traefik
+    <span class="org-variable-name">image</span>: traefik:2.2.1
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">command</span>:
+      - --global.checkNewVersion=true
+      - --global.sendAnonymousUsage=false
+      - --entryPoints.http.address=:80
+      - --entryPoints.https.address=:443
+      - --entrypoints.https.forwardedHeaders.trustedIPs=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/12,172.64.0.0/13,131.0.72.0/22
+      - --entryPoints.traefik.address=:8080
+      - --api=true
+      - --api.dashboard=true
+      - --log=true
+      - --log.level=ERROR <span class="org-comment-delimiter"># </span><span class="org-comment">(Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC</span>
+      - --accessLog=true
+      - --accessLog.filePath=/var/log/access.log
+      - --accessLog.filters.statusCodes=400-499
+      - --providers.docker=true
+      - --providers.docker.endpoint=unix:///var/run/docker.sock
+      - --providers.docker.defaultrule=Host(`{{ index .Labels <span class="org-string">"com.docker.compose.service"</span> }}.$DOMAINNAME`)
+      - --providers.docker.exposedByDefault=false
+      - --providers.docker.network=t2_proxy
+      - --providers.docker.swarmMode=false
+      - --providers.file.directory=/rules
+      - --providers.file.watch=true
+      <span class="org-comment-delimiter"># </span><span class="org-comment">- --certificatesResolvers.dns-cloudflare.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server - uncomment when testing</span>
+      - --certificatesResolvers.dns-cloudflare.acme.email=$CLOUDFLARE_EMAIL
+      - --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
+      - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
+      - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53
+    <span class="org-variable-name">networks</span>:
+      <span class="org-variable-name">t2_proxy</span>:
+        <span class="org-variable-name">ipv4_address</span>: 192.168.90.254 <span class="org-comment-delimiter"># </span><span class="org-comment">You can specify a static IP</span>
+    <span class="org-variable-name">security_opt</span>:
+      - no-new-privileges:true
+    <span class="org-variable-name">ports</span>:
+      - 80:80
+      - 443:443
+      - 8080:8080
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/traefik2/rules:/rules
+      - $CONFIGDIR/traefik2/acme/acme.json:/acme.json
+      - $CONFIGDIR/traefik2/shared:/shared
+      - /var/log/traefik:/var/log
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    <span class="org-variable-name">environment</span>:
+      - CF_API_EMAIL=$CLOUDFLARE_EMAIL
+      - CF_API_KEY=$CLOUDFLARE_API_KEY
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      <span class="org-comment-delimiter"># </span><span class="org-comment">HTTP-to-HTTPS Redirect</span>
+      - <span class="org-string">"traefik.http.routers.http-catchall.entrypoints=http"</span>
+      - <span class="org-string">"traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"</span>
+      - <span class="org-string">"traefik.http.routers.http-catchall.middlewares=redirect-to-https"</span>
+      - <span class="org-string">"traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"</span>
+      <span class="org-comment-delimiter"># </span><span class="org-comment">HTTP Routers</span>
+      - <span class="org-string">"traefik.http.routers.traefik-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.traefik-rtr.rule=Host(`traefik.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.traefik-rtr.tls=true"</span>
+      <span class="org-comment-delimiter"># </span><span class="org-comment">- "traefik.http.routers.traefik-rtr.tls.certresolver=dns-cloudflare" # Comment out this line after first run of traefik to force the use of wildcard certs</span>
+      - <span class="org-string">"traefik.http.routers.traefik-rtr.tls.domains[0].main=$DOMAINNAME"</span>
+      - <span class="org-string">"traefik.http.routers.traefik-rtr.tls.domains[0].sans=*.$DOMAINNAME"</span>
+      <span class="org-comment-delimiter"># </span><span class="org-comment">Services - API</span>
+      - <span class="org-string">"traefik.http.routers.traefik-rtr.service=api@internal"</span>
+      <span class="org-comment-delimiter"># </span><span class="org-comment">Middlewares</span>
+      - <span class="org-string">"traefik.http.routers.traefik-rtr.middlewares=middlewares-basic-auth@file"</span>
+      - <span class="org-string">"traefik.http.routers.traefik-rtr.middlewares=middlewares-rate-limit@file,middlewares-basic-auth@file"</span>
+      - <span class="org-string">"traefik.http.middlewares.traefik-auth.basicauth.users=tdehaeze:$$apr1$$d.JmbY5J$$K8btOi1fwwVYOkCnicCVi."</span>
+      <span class="org-comment-delimiter"># </span><span class="org-comment">Authelia</span>
+      <span class="org-comment-delimiter"># </span><span class="org-comment">- 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://login.$DOMAINNAME/'</span>
+      <span class="org-comment-delimiter"># </span><span class="org-comment">- 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true'</span>
+      <span class="org-comment-delimiter"># </span><span class="org-comment">- 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups'</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org71bbad9" class="outline-3">
+<h3 id="org71bbad9">Portainer</h3>
+<div class="outline-text-3" id="text-org71bbad9">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">portainer</span>:
+    <span class="org-variable-name">container_name</span>: portainer
+    <span class="org-variable-name">image</span>: portainer/portainer
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">command</span>: -H unix:///var/run/docker.sock
+    <span class="org-variable-name">command</span>: --no-auth
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+    <span class="org-variable-name">security_opt</span>:
+      - no-new-privileges:true
+    <span class="org-variable-name">volumes</span>:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - $CONFIGDIR/portainer:/data
+    <span class="org-variable-name">environment</span>:
+      - TZ=$TZ
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.portainer-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.portainer-rtr.rule=Host(`portainer.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.portainer-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.portainer-rtr.service=portainer-svc"</span>
+      - <span class="org-string">"traefik.http.routers.portainer-rtr.middlewares=traefik-auth"</span>
+      - <span class="org-string">"traefik.http.services.portainer-svc.loadbalancer.server.port=9000"</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org658129f" class="outline-3">
+<h3 id="org658129f">Jellyfin</h3>
+<div class="outline-text-3" id="text-org658129f">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">jellyfin</span>:
+    <span class="org-variable-name">container_name</span>: jellyfin
+    <span class="org-variable-name">image</span>: linuxserver/jellyfin
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/jellyfin:/config
+      - /srv/storage/TVShows:/data/tvshows
+      - /srv/storage/LiveMusic:/data/livemusic
+      - /srv/storage/Animes:/data/animes
+      - /srv/storage/Movies:/data/movies
+      - /srv/storage/Music:/data/music
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.jellyfin-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.jellyfin-rtr.rule=Host(`jellyfin.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.jellyfin-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.jellyfin-rtr.service=jellyfin-svc"</span>
+      - <span class="org-string">"traefik.http.services.jellyfin-svc.loadbalancer.server.port=8096"</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgfce2f91" class="outline-3">
+<h3 id="orgfce2f91">Gitea</h3>
+<div class="outline-text-3" id="text-orgfce2f91">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">gitea</span>:
+    <span class="org-variable-name">container_name</span>: git
+    <span class="org-variable-name">image</span>: gitea/gitea:1.12.4
+    <span class="org-variable-name">depends_on</span>:
+      - gitea_db
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+      - backend
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/gitea:/data
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - SSH_PORT=$GITEA_SSH_PORT
+    <span class="org-variable-name">ports</span>:
+      - <span class="org-string">"2222:22"</span>
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.git-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.git-rtr.rule=Host(`git.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.git-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.git-rtr.service=git-svc"</span>
+      - <span class="org-string">"traefik.http.services.git-svc.loadbalancer.server.port=3000"</span>
+</pre>
+</div>
+
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">gitea_db</span>:
+    <span class="org-variable-name">container_name</span>: gitea_db
+    <span class="org-variable-name">image</span>: mariadb:10
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - backend
+    <span class="org-variable-name">ports</span>:
+      - 3306:3306
+    <span class="org-variable-name">environment</span>:
+      - MYSQL_ROOT_PASSWORD=$GITEA_DB_MYSQL_ROOT_PASSWORD
+      - MYSQL_DATABASE=gitea
+      - MYSQL_USER=gitea
+      - MYSQL_PASSWORD=$GITEA_DB_MYSQL_PASSWORD
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/mariadb:/var/lib/mysql
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org8ac0294" class="outline-3">
+<h3 id="org8ac0294">Transfer.sh</h3>
+<div class="outline-text-3" id="text-org8ac0294">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">transfer</span>:
+    <span class="org-variable-name">container_name</span>: transfer
+    <span class="org-variable-name">image</span>: dutchcoders/transfer.sh
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - UMASK_SET=022
+      - BASEDIR=/tmp/
+      - PROVIDER=local
+    <span class="org-variable-name">volumes</span>:
+      - /srv/storage/Uploads:/tmp/
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.transfer-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.transfer-rtr.rule=Host(`file.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.transfer-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.transfer-rtr.service=transfer-svc"</span>
+      - <span class="org-string">"traefik.http.services.transfer-svc.loadbalancer.server.port=8080"</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org3d970ae" class="outline-3">
+<h3 id="org3d970ae">Caddy</h3>
+<div class="outline-text-3" id="text-org3d970ae">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">caddy</span>:
+    <span class="org-variable-name">container_name</span>: caddy
+    <span class="org-variable-name">image</span>: abiosoft/caddy:1.0.3-no-stats
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - PLUGINS=git
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/caddy/Caddyfile:/etc/Caddyfile
+      - $CONFIGDIR/web:/srv
+        <span class="org-comment-delimiter"># </span><span class="org-comment">- ~/.ssh:/root/.ssh</span>
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.caddy-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.caddy-rtr.rule=Host(`research.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.caddy-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.caddy-rtr.service=caddy-svc"</span>
+      - <span class="org-string">"traefik.http.services.caddy-svc.loadbalancer.server.port=2015"</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org52d5b6f" class="outline-3">
+<h3 id="org52d5b6f">Syncthing</h3>
+<div class="outline-text-3" id="text-org52d5b6f">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">syncthing</span>:
+    <span class="org-variable-name">container_name</span>: syncthing
+    <span class="org-variable-name">image</span>: linuxserver/syncthing
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - UMASK_SET=022
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/syncthing:/config
+      - /srv/storage/Cloud:/Cloud
+      - /srv/storage/Cloud/pictures/phone:/Pictures
+      - /srv/storage/Cloud/pdfs:/Onyx/Download
+      - /srv/storage/Cloud/pdfs-notes:/Onyx/note
+      - /srv/storage/Cloud/.stfolder:/Onyx/.stfolder
+      - /srv/storage/.password-store:/.password-store
+    <span class="org-variable-name">ports</span>:
+      - 22000:22000
+      - 21027:21027/udp
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.syncthing-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.syncthing-rtr.rule=Host(`syncthing.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.syncthing-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.syncthing-rtr.service=syncthing-svc"</span>
+      - <span class="org-string">"traefik.http.routers.syncthing-rtr.middlewares=traefik-auth"</span>
+      - <span class="org-string">"traefik.http.services.syncthing-svc.loadbalancer.server.port=8384"</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org2ecd982" class="outline-3">
+<h3 id="org2ecd982">Aria2</h3>
+<div class="outline-text-3" id="text-org2ecd982">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">aria2</span>:
+    <span class="org-variable-name">container_name</span>: aria2
+    <span class="org-variable-name">image</span>: p3terx/aria2-pro
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/aria2:/config
+      - /srv/storage/Downloads:/downloads
+    <span class="org-variable-name">ports</span>:
+      - 6800:6800
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org18acd57" class="outline-3">
+<h3 id="org18acd57">Miniflux</h3>
+<div class="outline-text-3" id="text-org18acd57">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">miniflux</span>:
+    <span class="org-variable-name">container_name</span>: miniflux
+    <span class="org-variable-name">image</span>: miniflux/miniflux:latest
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+      - backend
+    <span class="org-variable-name">depends_on</span>:
+      - miniflux_db
+    <span class="org-variable-name">environment</span>:
+      - DATABASE_URL=postgres://miniflux:SCJWWXqHwehP7f8g@miniflux_db/miniflux?sslmode=disable
+      - RUN_MIGRATIONS=1
+      - CREATE_ADMIN=1
+      - ADMIN_USERNAME=$MINIFLUX_ADMIN_NAME
+      - ADMIN_PASSWORD=$MINIFLUX_ADMIN_PASS
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.miniflux-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.miniflux-rtr.rule=Host(`rss.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.miniflux-rtr.tls=true"</span>
+      <span class="org-comment-delimiter"># </span><span class="org-comment">- 'traefik.http.routers.miniflux-rtr.middlewares=traefik-auth'</span>
+      <span class="org-comment-delimiter"># </span><span class="org-comment">- 'traefik.http.routers.miniflux-rtr.middlewares=authelia@docker'</span>
+      - <span class="org-string">"traefik.http.routers.miniflux-rtr.service=miniflux-svc"</span>
+      - <span class="org-string">"traefik.http.services.miniflux-svc.loadbalancer.server.port=8080"</span>
+
+  <span class="org-variable-name">miniflux_db</span>:
+    <span class="org-variable-name">container_name</span>: miniflux_db
+    <span class="org-variable-name">image</span>: postgres:12
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - backend
+    <span class="org-variable-name">environment</span>:
+      - POSTGRES_USER=miniflux
+      - POSTGRES_PASSWORD=$MINIFLUX_POSTGRES_PASSWORD
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/miniflux_db:/var/lib/postgresql/data
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org2690f5c" class="outline-3">
+<h3 id="org2690f5c">Wireguard</h3>
+<div class="outline-text-3" id="text-org2690f5c">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">wireguard</span>:
+    <span class="org-variable-name">container_name</span>: wireguard
+    <span class="org-variable-name">image</span>: linuxserver/wireguard
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+    <span class="org-variable-name">cap_add</span>:
+      - NET_ADMIN
+      - SYS_MODULE
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - SERVERURL=wireguard.tdehaeze.xyz
+      - SERVERPORT=51820
+      - PEERS=3
+      - PEERDNS=auto
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/wireguard:/config
+      - /lib/modules:/lib/modules
+    <span class="org-variable-name">ports</span>:
+      - 51820:51820/udp
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org25623c1" class="outline-3">
+<h3 id="org25623c1">Snapraid</h3>
+<div class="outline-text-3" id="text-org25623c1">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">snapraid</span>:
+    <span class="org-variable-name">container_name</span>: snapraid
+    <span class="org-variable-name">image</span>: xagaba/snapraid
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">privileged</span>: <span class="org-constant">true</span>
+    <span class="org-variable-name">volumes</span>:
+      - /mnt:/mnt
+      - $CONFIGDIR/snapraid:/config
+      - <span class="org-variable-name">type</span>: <span class="org-string">"bind"</span>
+        <span class="org-variable-name">source</span>: /dev/disk
+        <span class="org-variable-name">target</span>: /dev/disk
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgc641172" class="outline-3">
+<h3 id="orgc641172">Home Assistant</h3>
+<div class="outline-text-3" id="text-orgc641172">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">homeassistant</span>:
+    <span class="org-variable-name">container_name</span>: homeassistant
+    <span class="org-variable-name">image</span>: homeassistant/home-assistant
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-comment-delimiter">#</span><span class="org-comment">networks:</span>
+    <span class="org-comment-delimiter">#  </span><span class="org-comment">- t2_proxy</span>
+    <span class="org-comment-delimiter">#</span><span class="org-comment">ports:</span>
+    <span class="org-comment-delimiter">#  </span><span class="org-comment">- target: 8123</span>
+    <span class="org-comment-delimiter">#    </span><span class="org-comment">published: 8123</span>
+    <span class="org-comment-delimiter">#    </span><span class="org-comment">protocol: tcp</span>
+    <span class="org-comment-delimiter">#    </span><span class="org-comment">mode: host</span>
+    <span class="org-variable-name">privileged</span>: <span class="org-constant">true</span>
+    <span class="org-variable-name">network_mode</span>: host
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/homeassistant:/config
+      - /etc/localtime:/etc/localtime:ro
+      - /dev/bus/usb:/dev/bus/usb
+        <span class="org-comment-delimiter"># </span><span class="org-comment">- ${USERDIR}/docker/shared:/shared</span>
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+    <span class="org-variable-name">logging</span>:
+      <span class="org-variable-name">options</span>:
+        <span class="org-variable-name">max-size</span>: 10m
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.homeassistant-rtr.entrypoints=https,http"</span>
+      - <span class="org-string">"traefik.http.routers.homeassistant-rtr.rule=Host(`home.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.homeassistant-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.homeassistant-rtr.service=homeassistant-svc"</span>
+      - <span class="org-string">"traefik.http.services.homeassistant-svc.loadbalancer.servers.url=http://172.17.0.1:8123"</span>
+      <span class="org-comment-delimiter">#</span><span class="org-comment">- "traefik.http.services.homeassistant-svc.loadbalancer.server.port=8123"</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgdbb1195" class="outline-3">
+<h3 id="orgdbb1195">Jackett</h3>
+<div class="outline-text-3" id="text-orgdbb1195">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">jackett</span>:
+    <span class="org-variable-name">container_name</span>: jackett
+    <span class="org-variable-name">image</span>: linuxserver/jackett
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - backend
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - AUTO_UPDATE=true
+    <span class="org-comment-delimiter"># </span><span class="org-comment">- RUN_OPTS=</span>
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/jackett:/config
+      - /srv/storage/Downloads:/downloads
+    <span class="org-variable-name">ports</span>:
+      - 9117:9117
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orga588475" class="outline-3">
+<h3 id="orga588475">Radarr</h3>
+<div class="outline-text-3" id="text-orga588475">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">radarr</span>:
+    <span class="org-variable-name">container_name</span>: radarr
+    <span class="org-variable-name">image</span>: linuxserver/radarr
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - backend
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - UMASK_SET=022
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/radarr:/config
+      - /srv/storage/Movies:/movies
+      - /srv/storage/Downloads:/downloads
+    <span class="org-variable-name">ports</span>:
+      - 7878:7878
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org0cd215e" class="outline-3">
+<h3 id="org0cd215e">Sonarr</h3>
+<div class="outline-text-3" id="text-org0cd215e">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">sonarr</span>:
+    <span class="org-variable-name">container_name</span>: sonarr
+    <span class="org-variable-name">image</span>: linuxserver/sonarr
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - backend
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - UMASK_SET=022
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/sonarr:/config
+      - /srv/storage/TVShows:/tv
+      - /srv/storage/Downloads:/downloads
+    <span class="org-variable-name">ports</span>:
+      - 8989:8989
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgb53322c" class="outline-3">
+<h3 id="orgb53322c">Ombi</h3>
+<div class="outline-text-3" id="text-orgb53322c">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">ombi</span>:
+    <span class="org-variable-name">container_name</span>: ombi
+    <span class="org-variable-name">image</span>: linuxserver/ombi
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      <span class="org-comment-delimiter"># </span><span class="org-comment">- BASE_URL=/ombi #optional</span>
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/ombi:/config
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.ombi-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.ombi-rtr.rule=Host(`ombi.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.ombi-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.ombi-rtr.service=ombi-svc"</span>
+      - <span class="org-string">"traefik.http.services.ombi-svc.loadbalancer.server.port=3579"</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgff0412d" class="outline-3">
+<h3 id="orgff0412d">Transmission</h3>
+<div class="outline-text-3" id="text-orgff0412d">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">transmission-openvpn</span>:
+    <span class="org-variable-name">container_name</span>: transmission
+    <span class="org-variable-name">image</span>: haugene/transmission-openvpn:2.13
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+      - backend
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - CREATE_TUN_DEVICE=true
+      - ENABLE_UFW=true
+      - WEBPROXY_ENABLED=false
+      - TRANSMISSION_WEB_UI=combustion
+      - OPENVPN_PROVIDER=NORDVPN
+      - OPENVPN_USERNAME=$NORDVPN_NAME
+      - OPENVPN_PASSWORD=$NORDVPN_PASS
+      - NORDVPN_COUNTRY=FR
+      - NORDVPN_CATEGORY=P2P
+      - NORDVPN_PROTOCOL=tcp
+      - LOCAL_NETWORK=192.168.0.0/16
+    <span class="org-variable-name">volumes</span>:
+      - /srv/storage/Downloads:/data
+      - /etc/localtime:/etc/localtime:ro
+    <span class="org-variable-name">cap_add</span>:
+      - NET_ADMIN
+    <span class="org-variable-name">ports</span>:
+      - 9091:9091
+      - 51413:51413
+      - 51413:51413/udp
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.transmission-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.transmission-rtr.rule=Host(`torrent.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.transmission-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.transmission-rtr.service=transmission-svc"</span>
+      - <span class="org-string">"traefik.http.routers.transmission-rtr.middlewares=traefik-auth"</span>
+      - <span class="org-string">"traefik.http.services.transmission-svc.loadbalancer.server.port=9091"</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org8694f7f" class="outline-3">
+<h3 id="org8694f7f">Bazarr</h3>
+<div class="outline-text-3" id="text-org8694f7f">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">bazarr</span>:
+    <span class="org-variable-name">container_name</span>: bazarr
+    <span class="org-variable-name">image</span>: linuxserver/bazarr
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - backend
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - UMASK_SET=022 <span class="org-comment-delimiter">#</span><span class="org-comment">optional</span>
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/bazarr:/config
+      - /srv/storage/TVShows:/tv
+      - /srv/storage/Movies:/movies
+    <span class="org-variable-name">ports</span>:
+      - 6767:6767
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orga6fbf52" class="outline-3">
+<h3 id="orga6fbf52">Hugo</h3>
+<div class="outline-text-3" id="text-orga6fbf52">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">hugo</span>:
+    <span class="org-variable-name">container_name</span>: hugo
+    <span class="org-variable-name">image</span>: muninn/hugo-caddy
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+    <span class="org-variable-name">environment</span>:
+        - REPO=git.tdehaeze.xyz/tdehaeze/digital-brain
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.hugo-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.hugo-rtr.rule=Host(`brain.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.hugo-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.hugo-rtr.service=hugo-svc"</span>
+      - <span class="org-string">"traefik.http.services.hugo-svc.loadbalancer.server.port=2015"</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgd938378" class="outline-3">
+<h3 id="orgd938378">Bitwarden</h3>
+<div class="outline-text-3" id="text-orgd938378">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">bitwarden</span>:
+    <span class="org-variable-name">container_name</span>: bitwarden
+    <span class="org-variable-name">image</span>: bitwardenrs/server
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/bitwarden:/data
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.bitwarden-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.bitwarden-rtr.rule=Host(`bw.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.bitwarden-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.bitwarden-rtr.service=bitwarden-svc"</span>
+      - <span class="org-string">"traefik.http.services.bitwarden-svc.loadbalancer.server.port=80"</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org2687fbb" class="outline-3">
+<h3 id="org2687fbb">Homer</h3>
+<div class="outline-text-3" id="text-org2687fbb">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">homer</span>:
+    <span class="org-variable-name">container_name</span>: homer
+    <span class="org-variable-name">image</span>: b4bz/homer
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+    <span class="org-variable-name">environment</span>:
+      - UID=$PUID
+      - GID=$PGID
+      - TZ=$TZ
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/homer/assets/:/www/assets
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.homer-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.homer-rtr.rule=Host(`homer.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.homer-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.homer-rtr.service=homer-svc"</span>
+      - <span class="org-string">"traefik.http.services.homer-svc.loadbalancer.server.port=8080"</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org7a4f700" class="outline-3">
+<h3 id="org7a4f700">Restic</h3>
+<div class="outline-text-3" id="text-org7a4f700">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">restic</span>:
+    <span class="org-variable-name">container_name</span>: restic
+    <span class="org-variable-name">image</span>: mazzolino/restic
+    <span class="org-variable-name">restart</span>: <span class="org-string">"no"</span>
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+    <span class="org-variable-name">environment</span>:
+      - RUN_ON_STARTUP=true
+      - BACKUP_CRON=0 30 0 * * *
+      - RESTIC_REPOSITORY=rclone:mega:mega
+      - RESTIC_PASSWORD=<span class="org-string">"$RESTIC_PASSWORD"</span>
+      - RESTIC_BACKUP_SOURCES=/data
+      - RESTIC_FORGET_ARGS=--keep-daily 7 --keep-weekly 4 --keep-monthly 12
+      - UID=$PUID
+      - GID=$PGID
+      - TZ=$TZ
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/restic:/root/.config/rclone
+      - /srv/storage/Cloud/thesis:/data/thesis
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org7266158" class="outline-3">
+<h3 id="org7266158">CloudCMD</h3>
+<div class="outline-text-3" id="text-org7266158">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">cloudcmd</span>:
+    <span class="org-variable-name">container_name</span>: cloudcmd
+    <span class="org-variable-name">image</span>: coderaiser/cloudcmd
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - CLOUDCMD_ROOT=/mnt/fs
+      - CLOUDCMD_VIM=true
+      - CLOUDCMD_ONE_FILE_PANEL=true
+    <span class="org-variable-name">volumes</span>:
+      - /srv/storage/Downloads:/mnt/fs/Downloads
+      - /srv/storage/Cloud:/mnt/fs/Cloud
+      - /srv/storage/TVShows:/mnt/fs/TVShows
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.cloudcmd-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.cloudcmd-rtr.rule=Host(`cloud.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.cloudcmd-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.cloudcmd-rtr.service=cloudcmd-svc"</span>
+      - <span class="org-string">"traefik.http.routers.cloudcmd-rtr.middlewares=traefik-auth"</span>
+      - <span class="org-string">"traefik.http.services.cloudcmd-svc.loadbalancer.server.port=8000"</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org2b3f1d1" class="outline-3">
+<h3 id="org2b3f1d1">Gotify</h3>
+<div class="outline-text-3" id="text-org2b3f1d1">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">gotify</span>:
+    <span class="org-variable-name">container_name</span>: gotify
+    <span class="org-variable-name">image</span>: gotify/server
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - GOTIFY_DEFAULTUSER_NAME=$GOTIFY_DEFAULTUSER_NAME
+      - GOTIFY_DEFAULTUSER_PASS=$GOTIFY_DEFAULTUSER_PASS
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/gotify:/app/data
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.gotify-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.gotify-rtr.rule=Host(`notify.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.gotify-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.gotify-rtr.service=gotify-svc"</span>
+      - <span class="org-string">"traefik.http.services.gotify-svc.loadbalancer.server.port=80"</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org625d5ca" class="outline-3">
+<h3 id="org625d5ca">Scrutiny</h3>
+<div class="outline-text-3" id="text-org625d5ca">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">scrutiny</span>:
+    <span class="org-variable-name">container_name</span>: scrutiny
+    <span class="org-variable-name">image</span>: linuxserver/scrutiny
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - backend
+    <span class="org-variable-name">cap_add</span>:
+      - SYS_RAWIO
+      - SYS_ADMIN
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - SCRUTINY_API_ENDPOINT=http://localhost:8080
+      - TZ=$TZ
+      - SCRUTINY_WEB=true
+      - SCRUTINY_COLLECTOR=true
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/scrutiny:/config
+      - /run/udev:/run/udev:ro
+    <span class="org-variable-name">devices</span>:
+      - /dev/sda:/dev/sda
+      - /dev/sdb:/dev/sdb
+      - /dev/sdc:/dev/sdc
+      - /dev/sdd:/dev/sdd
+      - /dev/nvme0n1:/dev/nvme0n1
+    <span class="org-variable-name">ports</span>:
+      - 8089:8080
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org27d8ca3" class="outline-3">
+<h3 id="org27d8ca3">Guacamole</h3>
+<div class="outline-text-3" id="text-org27d8ca3">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">guacamole</span>:
+    <span class="org-variable-name">image</span>: oznu/guacamole
+    <span class="org-variable-name">container_name</span>: guacamole
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+      - backend
+    <span class="org-variable-name">environment</span>:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/guacamole:/config
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.guacamole-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.guacamole-rtr.rule=Host(`guacamole.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.guacamole-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.guacamole-rtr.service=guacamole-svc"</span>
+      - <span class="org-string">"traefik.http.services.guacamole-svc.loadbalancer.server.port=8080"</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org45442d6" class="outline-3">
+<h3 id="org45442d6">Mail-CLI</h3>
+<div class="outline-text-3" id="text-org45442d6">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">mail-cli</span>:
+    <span class="org-variable-name">image</span>: tdehaeze/docker-mail-cli
+    <span class="org-variable-name">container_name</span>: mail-cli
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">volumes</span>:
+      - $CONFIGDIR/mail-cli:/config
+      - /srv/storage/mail:/mail
+      - /srv/storage/Downloads:/data
+    <span class="org-variable-name">environment</span>:
+      - TZ=$TZ
+      - PUID=$PUID
+      - PGID=$PGID
+    <span class="org-variable-name">tty</span>: <span class="org-constant">true</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgffad5f9" class="outline-3">
+<h3 id="orgffad5f9">Deemix</h3>
+<div class="outline-text-3" id="text-orgffad5f9">
+<div class="org-src-container">
+<pre class="src src-yaml">  <span class="org-variable-name">deemix</span>:
+    <span class="org-variable-name">image</span>: registry.gitlab.com/bockiii/deemix-docker
+    <span class="org-variable-name">container_name</span>: deemix
+    <span class="org-variable-name">restart</span>: unless-stopped
+    <span class="org-variable-name">networks</span>:
+      - t2_proxy
+    <span class="org-variable-name">volumes</span>:
+      - /srv/storage/Downloads:/downloads
+      - $CONFIGDIR/deemix:/config
+    <span class="org-variable-name">environment</span>:
+      - TZ=$TZ
+      - PUID=$PUID
+      - PGID=$PGID
+      - ARL=$DEEMIX_ARL
+    <span class="org-variable-name">labels</span>:
+      - <span class="org-string">"traefik.enable=true"</span>
+      - <span class="org-string">"traefik.http.routers.deemix-rtr.entrypoints=https"</span>
+      - <span class="org-string">"traefik.http.routers.deemix-rtr.rule=Host(`deemix.$DOMAINNAME`)"</span>
+      - <span class="org-string">"traefik.http.routers.deemix-rtr.tls=true"</span>
+      - <span class="org-string">"traefik.http.routers.deemix-rtr.service=deemix-svc"</span>
+      - <span class="org-string">"traefik.http.routers.deemix-rtr.middlewares=traefik-auth"</span>
+      - <span class="org-string">"traefik.http.services.deemix-svc.loadbalancer.server.port=6595"</span>
+</pre>
+</div>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgbb869cd" class="outline-2">
+<h2 id="orgbb869cd"><code>.env</code> - Variable used for Docker Compose</h2>
+<div class="outline-text-2" id="text-orgbb869cd">
+<div class="org-src-container">
+<pre class="src src-conf"><span class="org-variable-name">PUID</span>=<span class="org-highlight-numbers-number">1000</span>
+<span class="org-variable-name">PGID</span>=<span class="org-highlight-numbers-number">1000</span>
+<span class="org-variable-name">TZ</span>=Europe/Paris
+<span class="org-variable-name">CONFIGDIR</span>=/home/thomas/docker/config
+<span class="org-variable-name">DOMAINNAME</span>=tdehaeze.xyz
+</pre>
+</div>
+
+<div class="org-src-container">
+<pre class="src src-conf"><span class="org-variable-name">CLOUDFLARE_EMAIL</span>=dehaeze.thomas@gmail.com
+<span class="org-variable-name">CLOUDFLARE_API_KEY</span>=&lt;&lt;get-password(passname=<span class="org-string">"nas/cloudflare_api_key"</span>)&gt;&gt;
+</pre>
+</div>
+
+<div class="org-src-container">
+<pre class="src src-conf"><span class="org-variable-name">MINIFLUX_ADMIN_NAME</span>=tdehaeze
+<span class="org-variable-name">MINIFLUX_ADMIN_PASS</span>=&lt;&lt;get-password(passname=<span class="org-string">"nas/miniflux_admin_pass"</span>)&gt;&gt;
+<span class="org-variable-name">MINIFLUX_POSTGRES_PASSWORD</span>=&lt;&lt;get-password(passname=<span class="org-string">"nas/miniflux_postgres_pass"</span>)&gt;&gt;
+</pre>
+</div>
+
+<div class="org-src-container">
+<pre class="src src-conf"><span class="org-variable-name">RESTIC_PASSWORD</span>=&lt;&lt;get-password(passname=<span class="org-string">"nas/restic_pass"</span>)&gt;&gt;
+</pre>
+</div>
+
+<div class="org-src-container">
+<pre class="src src-conf"><span class="org-variable-name">GITEA_DB_MYSQL_ROOT_PASSWORD</span>=&lt;&lt;get-password(passname=<span class="org-string">"nas/gitea_mysql_root_pass"</span>)&gt;&gt;
+<span class="org-variable-name">GITEA_DB_MYSQL_PASSWORD</span>=&lt;&lt;get-password(passname=<span class="org-string">"nas/gitea_mysql_pass"</span>)&gt;&gt;
+<span class="org-variable-name">GITEA_SSH_PORT</span>=<span class="org-highlight-numbers-number">2222</span>
+</pre>
+</div>
+
+<div class="org-src-container">
+<pre class="src src-conf"><span class="org-variable-name">NORDVPN_NAME</span>=dehaeze.thomas@gmail.com
+<span class="org-variable-name">NORDVPN_PASS</span>=&lt;&lt;get-password(passname=<span class="org-string">"nordvpn.com/dehaeze.thomas@gmail.com"</span>)&gt;&gt;
+</pre>
+</div>
+
+<div class="org-src-container">
+<pre class="src src-conf"><span class="org-variable-name">GOTIFY_DEFAULTUSER_NAME</span>=tdehaeze
+<span class="org-variable-name">GOTIFY_DEFAULTUSER_PASS</span>=&lt;&lt;get-password(passname=<span class="org-string">"nas/gotify_pass"</span>)&gt;&gt;
+</pre>
+</div>
+
+<div class="org-src-container">
+<pre class="src src-conf"><span class="org-variable-name">GUACAMOLE_POSTGRES_PASSWORD</span>=&lt;&lt;get-password(passname=<span class="org-string">"nas/guacamole_postgres_pass"</span>)&gt;&gt;
+</pre>
+</div>
+
+<div class="org-src-container">
+<pre class="src src-conf"><span class="org-variable-name">DEEMIX_ARL</span>=&lt;&lt;get-password(passname=<span class="org-string">"nas/deemix_arl"</span>)&gt;&gt;
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgf0182df" class="outline-2">
+<h2 id="orgf0182df">Cron Jobs</h2>
+<div class="outline-text-2" id="text-orgf0182df">
+</div>
+<div id="outline-container-org34f5942" class="outline-3">
+<h3 id="org34f5942">Caddy Update</h3>
+<div class="outline-text-3" id="text-org34f5942">
+<p>
+Create a script <code>~/cron/caddy_update.sh</code> with:
+</p>
+<div class="org-src-container">
+<pre class="src src-bash">docker exec caddy /bin/sh -c <span class="org-string">"</span><span class="org-type"><span class="org-string">cd</span></span><span class="org-string"> /srv/www &amp;&amp; </span><span class="org-type"><span class="org-string">echo</span></span><span class="org-string"> -e \"Update repo </span><span class="org-string"><span class="org-sh-quoted-exec">$(</span></span><span class="org-sh-quoted-exec">date</span><span class="org-string"><span class="org-sh-quoted-exec">)</span></span><span class="org-string">\" &amp;&amp; </span><span class="org-type"><span class="org-string">git</span></span><span class="org-string"> submodule update --recursive --remote --merge"</span>
+</pre>
+</div>
+
+<p>
+Type <code>crontab -e</code> and add this line:
+</p>
+<div class="org-src-container">
+<pre class="src src-conf">  */5 * * * * /home/thomas/cron/caddy_update.sh &gt;&gt; /home/thomas/cron/caddy_update.log 2&gt;&amp;1
+</pre>
+</div>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgd5b772a" class="outline-2">
+<h2 id="orgd5b772a">Config</h2>
+<div class="outline-text-2" id="text-orgd5b772a">
+</div>
+<div id="outline-container-org8d116c0" class="outline-3">
+<h3 id="org8d116c0">Caddy</h3>
+<div class="outline-text-3" id="text-org8d116c0">
+<div class="org-src-container">
+<pre class="src src-conf">0.0.0.0:<span class="org-highlight-numbers-number">2015</span> {
+    root /srv/www/
+
+    <span class="org-type">git</span> {
+        repo     https://git.tdehaeze.xyz/tdehaeze/research-home-page
+        path     /srv/www/
+        interval -1
+        hook     /research-home-page/webhook QHZgAKjD8q2v54Ru
+        then     git submodule update --init --recursive --merge
+    }
+}
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgbf7fb7b" class="outline-3">
+<h3 id="orgbf7fb7b">Homer</h3>
+<div class="outline-text-3" id="text-orgbf7fb7b">
+<div class="org-src-container">
+<pre class="src src-yaml"><span class="org-comment">---</span>
+<span class="org-variable-name">title</span>: <span class="org-string">"Homepage"</span>
+<span class="org-variable-name">subtitle</span>: <span class="org-string">"Homer"</span>
+<span class="org-variable-name">logo</span>: <span class="org-string">"assets/homer.png"</span>
+<span class="org-variable-name">header</span>: <span class="org-constant">false</span>
+<span class="org-variable-name">footer</span>: <span class="org-constant">false</span>
+
+<span class="org-variable-name">columns</span>: <span class="org-string">"auto"</span>
+<span class="org-variable-name">connectivityCheck</span>: <span class="org-constant">false</span>
+
+<span class="org-variable-name">theme</span>: default
+
+<span class="org-variable-name">links</span>: []
+
+<span class="org-variable-name">services</span>:
+  - <span class="org-variable-name">name</span>: <span class="org-string">"Websites"</span>
+    <span class="org-variable-name">icon</span>: <span class="org-string">"fas fa-desktop"</span>
+    <span class="org-variable-name">items</span>:
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Wiki"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/brain.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Digital Brain"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"https://brain.tdehaeze.xyz"</span>
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Research"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/orgmode.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Research Pages"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"https://research.tdehaeze.xyz"</span>
+  - <span class="org-variable-name">name</span>: <span class="org-string">"Utilities"</span>
+    <span class="org-variable-name">icon</span>: <span class="org-string">"fas fa-rss"</span>
+    <span class="org-variable-name">items</span>:
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Miniflux"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/miniflux.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"RSS Feeds"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"https://rss.tdehaeze.xyz"</span>
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Bitwarden"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/bitwarden.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Password Manager"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"https://bw.tdehaeze.xyz"</span>
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Home Assistant"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/homeassistant.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Home Assistant"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"http://home.tdehaeze.xyz:8123"</span>
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Guacamole"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/guacamole.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"SSH Access"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"https://guacamole.tdehaeze.xyz/"</span>
+  - <span class="org-variable-name">name</span>: <span class="org-string">"Cloud"</span>
+    <span class="org-variable-name">icon</span>: <span class="org-string">"fas fa-cloud"</span>
+    <span class="org-variable-name">items</span>:
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Cloud"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/cloud.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Simple Personnal Could"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"https://cloud.tdehaeze.xyz"</span>
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Syncthing"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/syncthing.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"P2P Sync"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"https://syncthing.tdehaeze.xyz"</span>
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Gitea"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/gitea.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Git Server"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"https://git.tdehaeze.xyz"</span>
+  - <span class="org-variable-name">name</span>: <span class="org-string">"Download"</span>
+    <span class="org-variable-name">icon</span>: <span class="org-string">"fas fa-download"</span>
+    <span class="org-variable-name">items</span>:
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Transmission"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/transmission.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Torrents"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"https://torrent.tdehaeze.xyz/transmission/web/"</span>
+    - <span class="org-variable-name">name</span>: <span class="org-string">"transfer"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/transfer.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Transfer.sh"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"https://file.tdehaeze.xyz"</span>
+    - <span class="org-variable-name">name</span>: <span class="org-string">"deemix"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Download Music"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/deezer.png"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"https://deemix.tdehaeze.xyz"</span>
+      <span class="org-comment-delimiter">#    </span><span class="org-comment">- name: "Aria2"</span>
+      <span class="org-comment-delimiter">#      </span><span class="org-comment">logo: "/assets/tools/aria2.png"</span>
+      <span class="org-comment-delimiter">#      </span><span class="org-comment">subtitle: "Direct Downloads"</span>
+      <span class="org-comment-delimiter">#      </span><span class="org-comment">url: "https://dl.tdehaeze.xyz"</span>
+  - <span class="org-variable-name">name</span>: <span class="org-string">"Media"</span>
+    <span class="org-variable-name">icon</span>: <span class="org-string">"fas fa-film"</span>
+    <span class="org-variable-name">items</span>:
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Jellyfin"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/jellyfin.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Media Library"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"https://jellyfin.tdehaeze.xyz"</span>
+  - <span class="org-variable-name">name</span>: <span class="org-string">"Config"</span>
+    <span class="org-variable-name">icon</span>: <span class="org-string">"fas fa-cog"</span>
+    <span class="org-variable-name">items</span>:
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Portainer"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/portainer.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Manger Docker"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"https://portainer.tdehaeze.xyz"</span>
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Traefik"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/traefik.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Reverse Proxy"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"https://traefik.tdehaeze.xyz"</span>
+  - <span class="org-variable-name">name</span>: <span class="org-string">"Local"</span>
+    <span class="org-variable-name">icon</span>: <span class="org-string">"fas fa-home"</span>
+    <span class="org-variable-name">items</span>:
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Jackett"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/jackett.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Download API"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"http://192.168.1.150:9117/"</span>
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Radarr"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/radarr.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Movie Manager"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"http://192.168.1.150:7878/"</span>
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Sonarr"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/sonarr.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"TV Shows Manager"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"http://192.168.1.150:8989/"</span>
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Ombi"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/ombi.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Request Content"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"https://ombi.tdehaeze.xyz/"</span>
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Bazarr"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/bazarr.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"Subtitles Manager"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"http://192.168.1.150:6767/"</span>
+    - <span class="org-variable-name">name</span>: <span class="org-string">"Scrutiny"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/scrutiny.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"S.M.A.R.T"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"http://192.168.1.150:8089/web/dashboard"</span>
+    - <span class="org-variable-name">name</span>: <span class="org-string">"OctoPrint"</span>
+      <span class="org-variable-name">logo</span>: <span class="org-string">"/assets/tools/octoprint.png"</span>
+      <span class="org-variable-name">subtitle</span>: <span class="org-string">"3D-Printing"</span>
+      <span class="org-variable-name">url</span>: <span class="org-string">"http://192.168.1.56/"</span>
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgcd8f174" class="outline-3">
+<h3 id="orgcd8f174">Restic</h3>
+<div class="outline-text-3" id="text-orgcd8f174">
+<div class="org-src-container">
+<pre class="src src-conf">[<span class="org-type">mega</span>]
+<span class="org-variable-name">type</span> = mega
+<span class="org-variable-name">user</span> = dehaeze.thomas@gmail.com
+<span class="org-variable-name">pass</span> = &lt;&lt;get-password(passname=<span class="org-string">"nas/rclone_mega_pass"</span>)&gt;&gt;
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-org3b51886" class="outline-3">
+<h3 id="org3b51886">Snapraid</h3>
+<div class="outline-text-3" id="text-org3b51886">
+</div>
+<div id="outline-container-org243fb45" class="outline-4">
+<h4 id="org243fb45"><code>snapraid.conf</code></h4>
+<div class="outline-text-4" id="text-org243fb45">
+<div class="org-src-container">
+<pre class="src src-conf"><span class="org-comment-delimiter"># </span><span class="org-comment">Defines the file to use as parity storage</span>
+<span class="org-comment-delimiter"># </span><span class="org-comment">It must NOT be in a data disk</span>
+<span class="org-comment-delimiter"># </span><span class="org-comment">Format: "parity FILE_PATH"</span>
+parity /mnt/parity/snapraid.parity
+
+<span class="org-comment-delimiter"># </span><span class="org-comment">Defines the files to use as content list</span>
+<span class="org-comment-delimiter"># </span><span class="org-comment">You can use multiple specification to store more copies</span>
+<span class="org-comment-delimiter"># </span><span class="org-comment">You must have least one copy for each parity file plus one. Some more don't</span>
+<span class="org-comment-delimiter"># </span><span class="org-comment">hurt</span>
+<span class="org-comment-delimiter"># </span><span class="org-comment">They can be in the disks used for data, parity or boot,</span>
+<span class="org-comment-delimiter"># </span><span class="org-comment">but each file must be in a different disk</span>
+<span class="org-comment-delimiter"># </span><span class="org-comment">Format: "content FILE_PATH"</span>
+content /var/snapraid.content
+content /mnt/disk0/.snapraid.content
+content /mnt/disk1/.snapraid.content
+
+<span class="org-comment-delimiter"># </span><span class="org-comment">Defines the data disks to use</span>
+<span class="org-comment-delimiter"># </span><span class="org-comment">The order is relevant for parity, do not change it</span>
+<span class="org-comment-delimiter"># </span><span class="org-comment">Format: "disk DISK_NAME DISK_MOUNT_POINT"</span>
+disk d0 /mnt/disk0
+disk d1 /mnt/disk1
+
+<span class="org-comment-delimiter"># </span><span class="org-comment">Excludes hidden files and directories (uncomment to enable).</span>
+<span class="org-comment-delimiter">#</span><span class="org-comment">nohidden</span>
+
+<span class="org-comment-delimiter"># </span><span class="org-comment">Defines files and directories to exclude</span>
+<span class="org-comment-delimiter"># </span><span class="org-comment">Remember that all the paths are relative at the mount points</span>
+<span class="org-comment-delimiter"># </span><span class="org-comment">Format: "exclude FILE"</span>
+<span class="org-comment-delimiter"># </span><span class="org-comment">Format: "exclude DIR/"</span>
+<span class="org-comment-delimiter"># </span><span class="org-comment">Format: "exclude /PATH/FILE"</span>
+<span class="org-comment-delimiter"># </span><span class="org-comment">Format: "exclude /PATH/DIR/"</span>
+exclude *.unrecoverable
+exclude /tmp/
+exclude /lost+found/
+exclude *.!sync
+exclude .AppleDouble
+exclude ._AppleDouble
+exclude .DS_Store
+exclude ._.DS_Store
+exclude .Thumbs.db
+exclude .fseventsd
+exclude .Spotlight-V100
+exclude .TemporaryItems
+exclude .Trashes
+exclude .AppleDB
+</pre>
+</div>
+</div>
+</div>
+
+<div id="outline-container-orgf79de7e" class="outline-4">
+<h4 id="orgf79de7e"><code>snapraid-runner.conf</code></h4>
+<div class="outline-text-4" id="text-orgf79de7e">
+<div class="org-src-container">
+<pre class="src src-conf">[<span class="org-type">snapraid</span>]
+; path to the snapraid executable (e.g. /bin/snapraid)
+<span class="org-variable-name">executable</span> = /usr/bin/snapraid
+; path to the snapraid config to be used
+<span class="org-variable-name">config</span> = /config/snapraid.conf
+; abort operation if there are more deletes than this, set to -1 to disable
+<span class="org-variable-name">deletethreshold</span> = -1
+; if you want touch to be ran each time
+<span class="org-variable-name">touch</span> = false
+
+[<span class="org-type">logging</span>]
+; logfile to write to, leave empty to disable
+<span class="org-variable-name">file</span> = /config/snapraid.log
+; maximum logfile size in KiB, leave empty for infinite
+<span class="org-variable-name">maxsize</span> = <span class="org-highlight-numbers-number">5000</span>
+
+; [email]
+; ; when to send an email, comma-separated list of [success, error]
+<span class="org-variable-name">; sendon</span> = success,error
+; ; set to false to get full programm output via email
+<span class="org-variable-name">; short</span> = true
+<span class="org-variable-name">; subject</span> = [SnapRAID] Status Report:
+<span class="org-variable-name">; from</span> =
+<span class="org-variable-name">; to</span> =
+; ; maximum email size in KiB
+<span class="org-variable-name">; maxsize</span> = <span class="org-highlight-numbers-number">500</span>
+;
+; [smtp]
+<span class="org-variable-name">; host</span> =
+; ; leave empty for default port
+<span class="org-variable-name">; port</span> =
+; ; set to <span class="org-string">"true"</span> to activate
+<span class="org-variable-name">; ssl</span> = false
+<span class="org-variable-name">; tls</span> = false
+<span class="org-variable-name">; user</span> =
+<span class="org-variable-name">; password</span> =
+
+[<span class="org-type">scrub</span>]
+; set to true to run scrub after sync
+<span class="org-variable-name">enabled</span> = false
+<span class="org-variable-name">percentage</span> = <span class="org-highlight-numbers-number">12</span>
+<span class="org-variable-name">older-than</span> = <span class="org-highlight-numbers-number">10</span>
+</pre>
+</div>
+</div>
+</div>
+</div>
+</div>
+</div>
+<div id="postamble" class="status">
+<p class="author">Author: Dehaeze Thomas</p>
+<p class="date">Created: 2021-01-03 dim. 22:51</p>
+</div>
+</body>
+</html>
diff --git a/index.org b/index.org
index 1fa6f5a..21d60c4 100644
--- a/index.org
+++ b/index.org
@@ -18,13 +18,13 @@ There are Specific configuration files for:
 - *Editors*: [[file:vim.org][Neovim]] and [[./doom.org][Emacs (Doom)]] ([[file:emacs-library-babel.org][library of babel]], [[file:emacs-snippets.org][snippets]])
 - *Shell*: [[file:bash.org][Bash]]
 - *Terminal Emulator*: [[file:termite.org][Termite]]
-- *Terminal Multiplexer* [[file:tmux.org][TMUX]]
-- *Image Setup*: [[file:image.org][SXIV]]
-- *Music Setup*: [[file:music.org][NCMPCPP, Mopidy and Beets]]
-- *Video Setup*: [[file:video.org][MPV]]
+- *Terminal Multiplexer* [[file:tmux.org][Tmux]]
+- *Image Setup*: [[file:image.org][Sxiv]]
+- *Music Setup*: [[file:music.org][Ncmpcpp, Mopidy and Beets]]
+- *Video Setup*: [[file:video.org][Mpv]]
 - *Web Browser*: [[file:qutebrowser.org][Qutebrowser]]
 - *PDF Reader*: [[file:zathura.org][Zathura]]
-- *GUI File Manager*: [[file:pcmanfm.org][Pcmanfm]]
+- *GUI File Manager*: [[file:pcmanfm.org][PCManFM]]
 - *Terminal File Manager*: [[file:ranger.org][Ranger]]
 - *Calendar*: [[file:calendar.org][Vdirsyncer and Khal]]
 - *Mails*: [[file:mail.org][Mbsync, Msmtp, Mu and Neomutt]]
@@ -37,3 +37,4 @@ There are Specific configuration files for:
 - *GUI Toolkit*: [[file:gtk.org][GTK]]
 - [[file:config.org][Other Config]]
 
+I also have a nice Home-Server which configuration files can be found [[file:nas.org][here]].
diff --git a/nas.org b/nas.org
new file mode 100644
index 0000000..91bad01
--- /dev/null
+++ b/nas.org
@@ -0,0 +1,1890 @@
+#+TITLE: Home Server
+#+SETUPFILE: ./setup/org-setup-file.org
+
+#+NAME: startblock
+#+BEGIN_SRC emacs-lisp :results none :exports none
+  (setq org-src-preserve-indentation t)
+#+END_SRC
+
+* Installation
+** Hardware
+
+#+name: tab:home_server_hardware
+#+caption: Home Server Hardware
+| *Part*      | *Model*                                         |
+|-------------+-------------------------------------------------|
+| Case        | Fractal Design Node 804                         |
+| Motherboard | ASUS PRIME B450M-A                              |
+| CPU         | AMD Ryzen 3 3200G                               |
+| RAM         | Corsair Vengeance LPX 16Go (2x8Go) DDR4 3200MHz |
+| Cooler      | ARCTIC Freezer 34 eSports DUO                   |
+| PSU         | Corsair SF450                                   |
+| SSD M.2     | Samsung 970 EVO Plus 250Gb                      |
+| Disk Drives | Various drives ranging from 3Tb to 8Tb          |
+
+** Ubuntu
+- Download *Ubuntu Server 20.04 LTS* ([[https://ubuntu.com/download/server][link]]).
+- Activate OpenSSH and add SSH Keys
+- Account: =thomas=, hostname: =homelab=
+
+** Install Important software
+#+begin_src bash :eval no
+  sudo apt install neovim tmux fd-find ripgrep apache2-utils unrar ranger fzf stow
+#+end_src
+
+** Terminal Problem
+On the local host, using Termite:
+#+begin_src bash :eval no
+  infocmp > termite.terminfo  # export Termite's Terminfo
+  scp termite.terminfo user@remote-host:~/  # or any other method to copy to the remote host
+#+end_src
+
+On the remote host, in the directory where you copied =termite.terminfo=:
+#+begin_src bash :eval no
+  tic -x termite.terminfo  # import Terminfo for current user
+  rm termite.terminfo  # optional: remove Terminfo file
+#+end_src
+
+** Minor Modifications of =~/.inputrc=
+Modify =~/.inputrc=, like so:
+#+begin_src conf
+  "\e[A": history-search-backward            # arrow up
+  "\e[B": history-search-forward             # arrow down
+#+end_src
+
+** Partition and Format Disk Drives
+A nice tutorial is available [[https://www.digitalocean.com/community/tutorials/how-to-partition-and-format-storage-devices-in-linux][here]].
+
+#+begin_src bash :eval no
+  lsblk
+#+end_src
+
+#+begin_src bash :eval no
+  sudo parted /dev/sda mklabel gpt
+#+end_src
+
+#+begin_src bash :eval no
+  sudo parted -a opt /dev/sda mkpart "partitionname" ext4 0% 100%
+#+end_src
+
+#+begin_src bash :eval no
+  sudo mkfs.ext4 -L partitionname /dev/sda1
+#+end_src
+
+** MergerFS and FStab
+*MergerFS* is a transparent layer that sits on top of the data drives providing a single mount point for reads / writes ([[https://selfhostedhome.com/combining-different-sized-drives-with-mergerfs-and-snapraid/][link]]).
+
+
+#+begin_src bash :eval no
+  sudo apt install mergerfs
+#+end_src
+
+Create mount points
+#+begin_src bash :eval no
+  sudo mkdir /mnt/disk0
+  sudo mkdir /mnt/disk1
+  sudo mkdir /mnt/parity
+#+end_src
+
+Create folder where disks will be merged.
+#+begin_src bash :eval no
+  sudo mkdir /srv/storage
+#+end_src
+
+Edit =/etc/fstab=.
+#+begin_src conf :eval no
+  /dev/disk/by-uuid/7fb7873c-83bd-4805-98ab-506e6c7b56fa /mnt/disk0  ext4 defaults 0 0
+  /dev/disk/by-uuid/6574b7ae-321c-4078-9793-bc41a4fa5588 /mnt/disk1  ext4 defaults 0 0
+  /dev/disk/by-uuid/6fcd38b9-0886-46bd-900d-cb1f170dbcee /mnt/parity ext4 defaults 0 0
+
+  /mnt/disk* /srv/storage fuse.mergerfs direct_io,defaults,allow_other,minfreespace=50G,fsname=mergerfs 0 0
+#+end_src
+
+** Automating with SnapRAID Runner
+*SnapRAID* is a snapshot parity calculation tool which acts at the block level independent of filesystem ([[https://selfhostedhome.com/combining-different-sized-drives-with-mergerfs-and-snapraid/][link]]).
+
+SnapRAID is here used inside a Docker container ([[https://hub.docker.com/r/xagaba/snapraid][link]]).
+
+** Install Docker
+The procedure is well explained [[https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-20-04][here]].
+
+If docker is already installed, remove it:
+#+begin_src bash
+  sudo apt remove docker
+#+end_src
+
+** Executing the Docker Command Without Sudo
+#+begin_src bash
+  sudo usermod -aG docker ${USER}
+#+end_src
+
+To apply the new group membership, log out of the server and back in, or type the following:
+#+begin_src bash
+  su - ${USER}
+#+end_src
+
+** Install Docker-Compose
+#+begin_src bash
+  sudo apt install docker-compose
+#+end_src
+
+** Setup Docker Networks
+#+begin_src bash
+  docker network create --gateway 192.168.90.1 --subnet 192.168.90.0/24 t2_proxy
+  docker network create docker_default
+#+end_src
+
+** Change Timezone
+#+begin_src bash :exec no
+  sudo timedatectl set-timezone Europe/Paris
+#+end_src
+
+** Secure the Web Server
+Most of it comes from [[https://github.com/imthenachoman/How-To-Secure-A-Linux-Server][here]].
+
+- Set =PasswordAuthentication= no in =/etc/ssh/sshd_config=
+
+** Automatic Security Updates
+The procedure is well explained [[https://www.linuxbabe.com/ubuntu/automatic-security-update-unattended-upgrades-ubuntu][here]].
+#+begin_src bash
+  sudo apt install unattended-upgrades update-notifier-common
+#+end_src
+
+Edit =/etc/apt/apt.conf.d/50unattended-upgrades=, and change the following lines:
+#+begin_src conf
+Unattended-Upgrade::Remove-Unused-Dependencies "true";
+Unattended-Upgrade::Automatic-Reboot "true";
+Unattended-Upgrade::Automatic-Reboot-Time "04:00";
+#+end_src
+
+Edit =/etc/apt/apt.conf.d/20auto-upgrades=:
+#+begin_src conf
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Unattended-Upgrade "1";
+#+end_src
+
+** Setup cronjobs
+Create a folder =~/cron= with all the scripts and logs related to cron.
+
+To edit the cron jobs, type =crontab -e= and add a line like:
+#+begin_src conf
+  */5 * * * * /home/thomas/cron/caddy_update.sh >> /home/thomas/cron/caddy_update.log 2>&1
+#+end_src
+
+That will run every 5 minutes.
+To check how the first part of the crontab works, check [[https://crontab.guru/][this website]].
+
+** Run =docker-compose=
+#+begin_src bash
+  cd ~/docker && docker-compose up -d
+#+end_src
+
+* Maintenance - How To
+** Update System/Packages
+#+begin_src bash
+  sudo -- sh -c 'apt-get update; apt-get upgrade -y; apt-get dist-upgrade -y; apt-get autoremove -y; apt-get autoclean -y'
+#+end_src
+
+** Docker Commands
+- Starting a container: =$ docker start homeassistant=
+- Stopping a container: =$ docker stop homeassistant=
+- Restarting a container: =$ docker restart homeassistant=
+- Listing the running containers: =$ docker ps or $ cd ~/docker/ && docker-compose ps=
+- View the logs of a container: =$ docker logs -f homeassistant=
+- Drop a shell into a container: =$ docker exec -it homeassistant /bin/bash=
+- Update specific container: =docker-compose pull --ignore-pull-failures homeassistant=
+
+Update All Containers
+#+begin_src bash :eval no
+  cd ~/docker/ && docker-compose pull --ignore-pull-failures && docker-compose up -d
+#+end_src
+
+Clean up Docker environment
+This will delete all unused images, volumes and networks.
+#+begin_src bash :eval no
+  docker system prune -f && docker image prune -f && docker volume prune -f
+#+end_src
+
+** Add User and Password for Basic Authentication
+- Go to https://www.web2generators.com/apache-tools/htpasswd-generator and type the username and password
+- Alternatively, type =htpasswd -nb username mystrongpassword= in the shell
+- Paste the output in =~/docker/shared/.htpasswd=
+
+** Snapraid
+To see all files "backed up" by snapraid, use:
+#+begin_src bash
+  docker exec -ti snapraid snapraid list | fzf
+#+end_src
+
+In reality, snapraid in ran from the docker container:
+#+begin_src bash
+  docker exec -ti snapraid snapraid fix -f <path_to_file>
+#+end_src
+
+The path to file should be relative: =/srv/storage/Cloud/org/file.org= -> =/Cloud/org/file.org=
+
+** Restore Online backup with =restic=
+
+To list backups:
+#+begin_src bash :dir /ssh:thomas@grenoble:/ :results output replace
+  docker exec restic restic snapshots
+#+end_src
+
+#+RESULTS:
+: ID        Time                 Host          Tags        Paths
+: --------------------------------------------------------------------------------
+: a7b98408  2020-09-03 21:18:00  4803c2af7d4e              /data/documents/manuals
+: 088e31a4  2020-09-03 21:50:26  4803c2af7d4e              /data/documents/manuals
+: 9cf0b480  2020-09-03 22:05:47  4803c2af7d4e              /data/documents/manuals
+: --------------------------------------------------------------------------------
+: 3 snapshots
+
+Force backup of folder:
+#+begin_src bash :dir /ssh:thomas@grenoble:/ :results output replace
+  docker exec restic restic backup /data/documents/manuals
+#+end_src
+
+#+RESULTS:
+:
+: Files:           0 new,     2 changed,  8475 unmodified
+: Dirs:            0 new,     2 changed,     0 unmodified
+: Added to the repo: 1.010 KiB
+:
+: processed 8477 files, 589.800 MiB in 0:02
+: snapshot 9cf0b480 saved
+
+Find the path to the file within the snapshot:
+#+begin_src bash :dir /ssh:thomas@grenoble:/ :results output replace
+  docker exec restic restic find file_name
+#+end_src
+
+Find files only for a specific snapshot:
+#+begin_src bash :dir /ssh:thomas@grenoble:/ :results output replace
+  docker exec restic restic find -s latest file_name
+#+end_src
+
+Backup files/folders:
+#+begin_src bash :dir /ssh:thomas@grenoble:/ :results output replace
+  docker exec restic restic restore --include /data/documents/manuals --target / 088e31a4
+#+end_src
+
+You can use =latest= instead of the ID.
+
+* Docker-Compose
+:PROPERTIES:
+:header-args: :tangle /ssh:thomas@grenoble:~/docker/test.yaml
+:header-args+: :comments none :mkdirp yes
+:END:
+
+#+begin_src yaml
+version: "3.2"
+#+end_src
+
+** Networks
+#+begin_src yaml
+networks:
+  t2_proxy:
+    external:
+      name: t2_proxy
+  backend:
+    external: false
+  default:
+    driver: bridge
+#+end_src
+
+** Traefik
+#+begin_src yaml
+services:
+#+end_src
+
+#+begin_src yaml
+  traefik:
+    container_name: traefik
+    image: traefik:2.2.1
+    restart: unless-stopped
+    command:
+      - --global.checkNewVersion=true
+      - --global.sendAnonymousUsage=false
+      - --entryPoints.http.address=:80
+      - --entryPoints.https.address=:443
+      - --entrypoints.https.forwardedHeaders.trustedIPs=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/12,172.64.0.0/13,131.0.72.0/22
+      - --entryPoints.traefik.address=:8080
+      - --api=true
+      - --api.dashboard=true
+      - --log=true
+      - --log.level=ERROR # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC
+      - --accessLog=true
+      - --accessLog.filePath=/var/log/access.log
+      - --accessLog.filters.statusCodes=400-499
+      - --providers.docker=true
+      - --providers.docker.endpoint=unix:///var/run/docker.sock
+      - --providers.docker.defaultrule=Host(`{{ index .Labels "com.docker.compose.service" }}.$DOMAINNAME`)
+      - --providers.docker.exposedByDefault=false
+      - --providers.docker.network=t2_proxy
+      - --providers.docker.swarmMode=false
+      - --providers.file.directory=/rules
+      - --providers.file.watch=true
+      # - --certificatesResolvers.dns-cloudflare.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server - uncomment when testing
+      - --certificatesResolvers.dns-cloudflare.acme.email=$CLOUDFLARE_EMAIL
+      - --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
+      - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
+      - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53
+    networks:
+      t2_proxy:
+        ipv4_address: 192.168.90.254 # You can specify a static IP
+    security_opt:
+      - no-new-privileges:true
+    ports:
+      - 80:80
+      - 443:443
+      - 8080:8080
+    volumes:
+      - $CONFIGDIR/traefik2/rules:/rules
+      - $CONFIGDIR/traefik2/acme/acme.json:/acme.json
+      - $CONFIGDIR/traefik2/shared:/shared
+      - /var/log/traefik:/var/log
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    environment:
+      - CF_API_EMAIL=$CLOUDFLARE_EMAIL
+      - CF_API_KEY=$CLOUDFLARE_API_KEY
+    labels:
+      - "traefik.enable=true"
+      # HTTP-to-HTTPS Redirect
+      - "traefik.http.routers.http-catchall.entrypoints=http"
+      - "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
+      - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
+      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
+      # HTTP Routers
+      - "traefik.http.routers.traefik-rtr.entrypoints=https"
+      - "traefik.http.routers.traefik-rtr.rule=Host(`traefik.$DOMAINNAME`)"
+      - "traefik.http.routers.traefik-rtr.tls=true"
+      # - "traefik.http.routers.traefik-rtr.tls.certresolver=dns-cloudflare" # Comment out this line after first run of traefik to force the use of wildcard certs
+      - "traefik.http.routers.traefik-rtr.tls.domains[0].main=$DOMAINNAME"
+      - "traefik.http.routers.traefik-rtr.tls.domains[0].sans=*.$DOMAINNAME"
+      # Services - API
+      - "traefik.http.routers.traefik-rtr.service=api@internal"
+      # Middlewares
+      - "traefik.http.routers.traefik-rtr.middlewares=middlewares-basic-auth@file"
+      - "traefik.http.routers.traefik-rtr.middlewares=middlewares-rate-limit@file,middlewares-basic-auth@file"
+      - "traefik.http.middlewares.traefik-auth.basicauth.users=tdehaeze:$$apr1$$d.JmbY5J$$K8btOi1fwwVYOkCnicCVi."
+      # Authelia
+      # - 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://login.$DOMAINNAME/'
+      # - 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true'
+      # - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups'
+#+end_src
+
+** Portainer
+#+begin_src yaml
+  portainer:
+    container_name: portainer
+    image: portainer/portainer
+    restart: unless-stopped
+    command: -H unix:///var/run/docker.sock
+    command: --no-auth
+    networks:
+      - t2_proxy
+    security_opt:
+      - no-new-privileges:true
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - $CONFIGDIR/portainer:/data
+    environment:
+      - TZ=$TZ
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.portainer-rtr.entrypoints=https"
+      - "traefik.http.routers.portainer-rtr.rule=Host(`portainer.$DOMAINNAME`)"
+      - "traefik.http.routers.portainer-rtr.tls=true"
+      - "traefik.http.routers.portainer-rtr.service=portainer-svc"
+      - "traefik.http.routers.portainer-rtr.middlewares=traefik-auth"
+      - "traefik.http.services.portainer-svc.loadbalancer.server.port=9000"
+#+end_src
+
+** Jellyfin
+#+begin_src yaml
+  jellyfin:
+    container_name: jellyfin
+    image: linuxserver/jellyfin
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    volumes:
+      - $CONFIGDIR/jellyfin:/config
+      - /srv/storage/TVShows:/data/tvshows
+      - /srv/storage/LiveMusic:/data/livemusic
+      - /srv/storage/Animes:/data/animes
+      - /srv/storage/Movies:/data/movies
+      - /srv/storage/Music:/data/music
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.jellyfin-rtr.entrypoints=https"
+      - "traefik.http.routers.jellyfin-rtr.rule=Host(`jellyfin.$DOMAINNAME`)"
+      - "traefik.http.routers.jellyfin-rtr.tls=true"
+      - "traefik.http.routers.jellyfin-rtr.service=jellyfin-svc"
+      - "traefik.http.services.jellyfin-svc.loadbalancer.server.port=8096"
+#+end_src
+
+** Gitea
+#+begin_src yaml
+  gitea:
+    container_name: git
+    image: gitea/gitea:1.12.4
+    depends_on:
+      - gitea_db
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+      - backend
+    volumes:
+      - $CONFIGDIR/gitea:/data
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - SSH_PORT=$GITEA_SSH_PORT
+    ports:
+      - "2222:22"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.git-rtr.entrypoints=https"
+      - "traefik.http.routers.git-rtr.rule=Host(`git.$DOMAINNAME`)"
+      - "traefik.http.routers.git-rtr.tls=true"
+      - "traefik.http.routers.git-rtr.service=git-svc"
+      - "traefik.http.services.git-svc.loadbalancer.server.port=3000"
+#+end_src
+
+#+begin_src yaml
+  gitea_db:
+    container_name: gitea_db
+    image: mariadb:10
+    restart: unless-stopped
+    networks:
+      - backend
+    ports:
+      - 3306:3306
+    environment:
+      - MYSQL_ROOT_PASSWORD=$GITEA_DB_MYSQL_ROOT_PASSWORD
+      - MYSQL_DATABASE=gitea
+      - MYSQL_USER=gitea
+      - MYSQL_PASSWORD=$GITEA_DB_MYSQL_PASSWORD
+    volumes:
+      - $CONFIGDIR/mariadb:/var/lib/mysql
+#+end_src
+
+** Transfer.sh
+#+begin_src yaml
+  transfer:
+    container_name: transfer
+    image: dutchcoders/transfer.sh
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - UMASK_SET=022
+      - BASEDIR=/tmp/
+      - PROVIDER=local
+    volumes:
+      - /srv/storage/Uploads:/tmp/
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.transfer-rtr.entrypoints=https"
+      - "traefik.http.routers.transfer-rtr.rule=Host(`file.$DOMAINNAME`)"
+      - "traefik.http.routers.transfer-rtr.tls=true"
+      - "traefik.http.routers.transfer-rtr.service=transfer-svc"
+      - "traefik.http.services.transfer-svc.loadbalancer.server.port=8080"
+#+end_src
+
+** Caddy
+#+begin_src yaml
+  caddy:
+    container_name: caddy
+    image: abiosoft/caddy:1.0.3-no-stats
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - PLUGINS=git
+    volumes:
+      - $CONFIGDIR/caddy/Caddyfile:/etc/Caddyfile
+      - $CONFIGDIR/web:/srv
+        # - ~/.ssh:/root/.ssh
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.caddy-rtr.entrypoints=https"
+      - "traefik.http.routers.caddy-rtr.rule=Host(`research.$DOMAINNAME`)"
+      - "traefik.http.routers.caddy-rtr.tls=true"
+      - "traefik.http.routers.caddy-rtr.service=caddy-svc"
+      - "traefik.http.services.caddy-svc.loadbalancer.server.port=2015"
+#+end_src
+
+** Syncthing
+#+begin_src yaml
+  syncthing:
+    container_name: syncthing
+    image: linuxserver/syncthing
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - UMASK_SET=022
+    volumes:
+      - $CONFIGDIR/syncthing:/config
+      - /srv/storage/Cloud:/Cloud
+      - /srv/storage/Cloud/pictures/phone:/Pictures
+      - /srv/storage/Cloud/pdfs:/Onyx/Download
+      - /srv/storage/Cloud/pdfs-notes:/Onyx/note
+      - /srv/storage/Cloud/.stfolder:/Onyx/.stfolder
+      - /srv/storage/.password-store:/.password-store
+    ports:
+      - 22000:22000
+      - 21027:21027/udp
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.syncthing-rtr.entrypoints=https"
+      - "traefik.http.routers.syncthing-rtr.rule=Host(`syncthing.$DOMAINNAME`)"
+      - "traefik.http.routers.syncthing-rtr.tls=true"
+      - "traefik.http.routers.syncthing-rtr.service=syncthing-svc"
+      - "traefik.http.routers.syncthing-rtr.middlewares=traefik-auth"
+      - "traefik.http.services.syncthing-svc.loadbalancer.server.port=8384"
+#+end_src
+
+** Aria2
+#+begin_src yaml
+  aria2:
+    container_name: aria2
+    image: p3terx/aria2-pro
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+    volumes:
+      - $CONFIGDIR/aria2:/config
+      - /srv/storage/Downloads:/downloads
+    ports:
+      - 6800:6800
+#+end_src
+
+** Miniflux
+#+begin_src yaml
+  miniflux:
+    container_name: miniflux
+    image: miniflux/miniflux:latest
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+      - backend
+    depends_on:
+      - miniflux_db
+    environment:
+      - DATABASE_URL=postgres://miniflux:SCJWWXqHwehP7f8g@miniflux_db/miniflux?sslmode=disable
+      - RUN_MIGRATIONS=1
+      - CREATE_ADMIN=1
+      - ADMIN_USERNAME=$MINIFLUX_ADMIN_NAME
+      - ADMIN_PASSWORD=$MINIFLUX_ADMIN_PASS
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.miniflux-rtr.entrypoints=https"
+      - "traefik.http.routers.miniflux-rtr.rule=Host(`rss.$DOMAINNAME`)"
+      - "traefik.http.routers.miniflux-rtr.tls=true"
+      # - 'traefik.http.routers.miniflux-rtr.middlewares=traefik-auth'
+      # - 'traefik.http.routers.miniflux-rtr.middlewares=authelia@docker'
+      - "traefik.http.routers.miniflux-rtr.service=miniflux-svc"
+      - "traefik.http.services.miniflux-svc.loadbalancer.server.port=8080"
+
+  miniflux_db:
+    container_name: miniflux_db
+    image: postgres:12
+    restart: unless-stopped
+    networks:
+      - backend
+    environment:
+      - POSTGRES_USER=miniflux
+      - POSTGRES_PASSWORD=$MINIFLUX_POSTGRES_PASSWORD
+    volumes:
+      - $CONFIGDIR/miniflux_db:/var/lib/postgresql/data
+#+end_src
+
+** Wireguard
+#+begin_src yaml
+  wireguard:
+    container_name: wireguard
+    image: linuxserver/wireguard
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - SERVERURL=wireguard.tdehaeze.xyz
+      - SERVERPORT=51820
+      - PEERS=3
+      - PEERDNS=auto
+    volumes:
+      - $CONFIGDIR/wireguard:/config
+      - /lib/modules:/lib/modules
+    ports:
+      - 51820:51820/udp
+#+end_src
+
+** Snapraid
+#+begin_src yaml
+  snapraid:
+    container_name: snapraid
+    image: xagaba/snapraid
+    restart: unless-stopped
+    privileged: true
+    volumes:
+      - /mnt:/mnt
+      - $CONFIGDIR/snapraid:/config
+      - type: "bind"
+        source: /dev/disk
+        target: /dev/disk
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+#+end_src
+
+** Home Assistant
+#+begin_src yaml
+  homeassistant:
+    container_name: homeassistant
+    image: homeassistant/home-assistant
+    restart: unless-stopped
+    #networks:
+    #  - t2_proxy
+    #ports:
+    #  - target: 8123
+    #    published: 8123
+    #    protocol: tcp
+    #    mode: host
+    privileged: true
+    network_mode: host
+    volumes:
+      - $CONFIGDIR/homeassistant:/config
+      - /etc/localtime:/etc/localtime:ro
+      - /dev/bus/usb:/dev/bus/usb
+        # - ${USERDIR}/docker/shared:/shared
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+    logging:
+      options:
+        max-size: 10m
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.homeassistant-rtr.entrypoints=https,http"
+      - "traefik.http.routers.homeassistant-rtr.rule=Host(`home.$DOMAINNAME`)"
+      - "traefik.http.routers.homeassistant-rtr.tls=true"
+      - "traefik.http.routers.homeassistant-rtr.service=homeassistant-svc"
+      - "traefik.http.services.homeassistant-svc.loadbalancer.servers.url=http://172.17.0.1:8123"
+      #- "traefik.http.services.homeassistant-svc.loadbalancer.server.port=8123"
+#+end_src
+
+** Jackett
+#+begin_src yaml
+  jackett:
+    container_name: jackett
+    image: linuxserver/jackett
+    restart: unless-stopped
+    networks:
+      - backend
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - AUTO_UPDATE=true
+    # - RUN_OPTS=
+    volumes:
+      - $CONFIGDIR/jackett:/config
+      - /srv/storage/Downloads:/downloads
+    ports:
+      - 9117:9117
+#+end_src
+
+** Radarr
+#+begin_src yaml
+  radarr:
+    container_name: radarr
+    image: linuxserver/radarr
+    restart: unless-stopped
+    networks:
+      - backend
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - UMASK_SET=022
+    volumes:
+      - $CONFIGDIR/radarr:/config
+      - /srv/storage/Movies:/movies
+      - /srv/storage/Downloads:/downloads
+    ports:
+      - 7878:7878
+#+end_src
+
+** Sonarr
+#+begin_src yaml
+  sonarr:
+    container_name: sonarr
+    image: linuxserver/sonarr
+    restart: unless-stopped
+    networks:
+      - backend
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - UMASK_SET=022
+    volumes:
+      - $CONFIGDIR/sonarr:/config
+      - /srv/storage/TVShows:/tv
+      - /srv/storage/Downloads:/downloads
+    ports:
+      - 8989:8989
+#+end_src
+
+** Ombi
+#+begin_src yaml
+  ombi:
+    container_name: ombi
+    image: linuxserver/ombi
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      # - BASE_URL=/ombi #optional
+    volumes:
+      - $CONFIGDIR/ombi:/config
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.ombi-rtr.entrypoints=https"
+      - "traefik.http.routers.ombi-rtr.rule=Host(`ombi.$DOMAINNAME`)"
+      - "traefik.http.routers.ombi-rtr.tls=true"
+      - "traefik.http.routers.ombi-rtr.service=ombi-svc"
+      - "traefik.http.services.ombi-svc.loadbalancer.server.port=3579"
+#+end_src
+
+** Transmission
+#+begin_src yaml
+  transmission-openvpn:
+    container_name: transmission
+    image: haugene/transmission-openvpn:2.13
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+      - backend
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - CREATE_TUN_DEVICE=true
+      - ENABLE_UFW=true
+      - WEBPROXY_ENABLED=false
+      - TRANSMISSION_WEB_UI=combustion
+      - OPENVPN_PROVIDER=NORDVPN
+      - OPENVPN_USERNAME=$NORDVPN_NAME
+      - OPENVPN_PASSWORD=$NORDVPN_PASS
+      - NORDVPN_COUNTRY=FR
+      - NORDVPN_CATEGORY=P2P
+      - NORDVPN_PROTOCOL=tcp
+      - LOCAL_NETWORK=192.168.0.0/16
+    volumes:
+      - /srv/storage/Downloads:/data
+      - /etc/localtime:/etc/localtime:ro
+    cap_add:
+      - NET_ADMIN
+    ports:
+      - 9091:9091
+      - 51413:51413
+      - 51413:51413/udp
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.transmission-rtr.entrypoints=https"
+      - "traefik.http.routers.transmission-rtr.rule=Host(`torrent.$DOMAINNAME`)"
+      - "traefik.http.routers.transmission-rtr.tls=true"
+      - "traefik.http.routers.transmission-rtr.service=transmission-svc"
+      - "traefik.http.routers.transmission-rtr.middlewares=traefik-auth"
+      - "traefik.http.services.transmission-svc.loadbalancer.server.port=9091"
+#+end_src
+
+** Bazarr
+#+begin_src yaml
+  bazarr:
+    container_name: bazarr
+    image: linuxserver/bazarr
+    restart: unless-stopped
+    networks:
+      - backend
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - UMASK_SET=022 #optional
+    volumes:
+      - $CONFIGDIR/bazarr:/config
+      - /srv/storage/TVShows:/tv
+      - /srv/storage/Movies:/movies
+    ports:
+      - 6767:6767
+#+end_src
+
+** Hugo
+#+begin_src yaml
+  hugo:
+    container_name: hugo
+    image: muninn/hugo-caddy
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+        - REPO=git.tdehaeze.xyz/tdehaeze/digital-brain
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.hugo-rtr.entrypoints=https"
+      - "traefik.http.routers.hugo-rtr.rule=Host(`brain.$DOMAINNAME`)"
+      - "traefik.http.routers.hugo-rtr.tls=true"
+      - "traefik.http.routers.hugo-rtr.service=hugo-svc"
+      - "traefik.http.services.hugo-svc.loadbalancer.server.port=2015"
+#+end_src
+
+** Bitwarden
+#+begin_src yaml
+  bitwarden:
+    container_name: bitwarden
+    image: bitwardenrs/server
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+    volumes:
+      - $CONFIGDIR/bitwarden:/data
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.bitwarden-rtr.entrypoints=https"
+      - "traefik.http.routers.bitwarden-rtr.rule=Host(`bw.$DOMAINNAME`)"
+      - "traefik.http.routers.bitwarden-rtr.tls=true"
+      - "traefik.http.routers.bitwarden-rtr.service=bitwarden-svc"
+      - "traefik.http.services.bitwarden-svc.loadbalancer.server.port=80"
+#+end_src
+
+** Homer
+#+begin_src yaml
+  homer:
+    container_name: homer
+    image: b4bz/homer
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      - UID=$PUID
+      - GID=$PGID
+      - TZ=$TZ
+    volumes:
+      - $CONFIGDIR/homer/assets/:/www/assets
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.homer-rtr.entrypoints=https"
+      - "traefik.http.routers.homer-rtr.rule=Host(`homer.$DOMAINNAME`)"
+      - "traefik.http.routers.homer-rtr.tls=true"
+      - "traefik.http.routers.homer-rtr.service=homer-svc"
+      - "traefik.http.services.homer-svc.loadbalancer.server.port=8080"
+#+end_src
+
+** Restic
+#+begin_src yaml
+  restic:
+    container_name: restic
+    image: mazzolino/restic
+    restart: "no"
+    networks:
+      - t2_proxy
+    environment:
+      - RUN_ON_STARTUP=true
+      - BACKUP_CRON=0 30 0 * * *
+      - RESTIC_REPOSITORY=rclone:mega:mega
+      - RESTIC_PASSWORD="$RESTIC_PASSWORD"
+      - RESTIC_BACKUP_SOURCES=/data
+      - RESTIC_FORGET_ARGS=--keep-daily 7 --keep-weekly 4 --keep-monthly 12
+      - UID=$PUID
+      - GID=$PGID
+      - TZ=$TZ
+    volumes:
+      - $CONFIGDIR/restic:/root/.config/rclone
+      - /srv/storage/Cloud/thesis:/data/thesis
+#+end_src
+
+** CloudCMD
+#+begin_src yaml
+  cloudcmd:
+    container_name: cloudcmd
+    image: coderaiser/cloudcmd
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - CLOUDCMD_ROOT=/mnt/fs
+      - CLOUDCMD_VIM=true
+      - CLOUDCMD_ONE_FILE_PANEL=true
+    volumes:
+      - /srv/storage/Downloads:/mnt/fs/Downloads
+      - /srv/storage/Cloud:/mnt/fs/Cloud
+      - /srv/storage/TVShows:/mnt/fs/TVShows
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.cloudcmd-rtr.entrypoints=https"
+      - "traefik.http.routers.cloudcmd-rtr.rule=Host(`cloud.$DOMAINNAME`)"
+      - "traefik.http.routers.cloudcmd-rtr.tls=true"
+      - "traefik.http.routers.cloudcmd-rtr.service=cloudcmd-svc"
+      - "traefik.http.routers.cloudcmd-rtr.middlewares=traefik-auth"
+      - "traefik.http.services.cloudcmd-svc.loadbalancer.server.port=8000"
+#+end_src
+
+** Gotify
+#+begin_src yaml
+  gotify:
+    container_name: gotify
+    image: gotify/server
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - GOTIFY_DEFAULTUSER_NAME=$GOTIFY_DEFAULTUSER_NAME
+      - GOTIFY_DEFAULTUSER_PASS=$GOTIFY_DEFAULTUSER_PASS
+    volumes:
+      - $CONFIGDIR/gotify:/app/data
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.gotify-rtr.entrypoints=https"
+      - "traefik.http.routers.gotify-rtr.rule=Host(`notify.$DOMAINNAME`)"
+      - "traefik.http.routers.gotify-rtr.tls=true"
+      - "traefik.http.routers.gotify-rtr.service=gotify-svc"
+      - "traefik.http.services.gotify-svc.loadbalancer.server.port=80"
+#+end_src
+
+** Scrutiny
+#+begin_src yaml
+  scrutiny:
+    container_name: scrutiny
+    image: linuxserver/scrutiny
+    restart: unless-stopped
+    networks:
+      - backend
+    cap_add:
+      - SYS_RAWIO
+      - SYS_ADMIN
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - SCRUTINY_API_ENDPOINT=http://localhost:8080
+      - TZ=$TZ
+      - SCRUTINY_WEB=true
+      - SCRUTINY_COLLECTOR=true
+    volumes:
+      - $CONFIGDIR/scrutiny:/config
+      - /run/udev:/run/udev:ro
+    devices:
+      - /dev/sda:/dev/sda
+      - /dev/sdb:/dev/sdb
+      - /dev/sdc:/dev/sdc
+      - /dev/sdd:/dev/sdd
+      - /dev/nvme0n1:/dev/nvme0n1
+    ports:
+      - 8089:8080
+#+end_src
+
+** Guacamole
+#+begin_src yaml
+  guacamole:
+    image: oznu/guacamole
+    container_name: guacamole
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+      - backend
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+    volumes:
+      - $CONFIGDIR/guacamole:/config
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.guacamole-rtr.entrypoints=https"
+      - "traefik.http.routers.guacamole-rtr.rule=Host(`guacamole.$DOMAINNAME`)"
+      - "traefik.http.routers.guacamole-rtr.tls=true"
+      - "traefik.http.routers.guacamole-rtr.service=guacamole-svc"
+      - "traefik.http.services.guacamole-svc.loadbalancer.server.port=8080"
+#+end_src
+
+** Mail-CLI
+#+begin_src yaml
+  mail-cli:
+    image: tdehaeze/docker-mail-cli
+    container_name: mail-cli
+    restart: unless-stopped
+    volumes:
+      - $CONFIGDIR/mail-cli:/config
+      - /srv/storage/mail:/mail
+      - /srv/storage/Downloads:/data
+    environment:
+      - TZ=$TZ
+      - PUID=$PUID
+      - PGID=$PGID
+    tty: true
+#+end_src
+
+** Deemix
+#+begin_src yaml
+  deemix:
+    image: registry.gitlab.com/bockiii/deemix-docker
+    container_name: deemix
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    volumes:
+      - /srv/storage/Downloads:/downloads
+      - $CONFIGDIR/deemix:/config
+    environment:
+      - TZ=$TZ
+      - PUID=$PUID
+      - PGID=$PGID
+      - ARL=$DEEMIX_ARL
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.deemix-rtr.entrypoints=https"
+      - "traefik.http.routers.deemix-rtr.rule=Host(`deemix.$DOMAINNAME`)"
+      - "traefik.http.routers.deemix-rtr.tls=true"
+      - "traefik.http.routers.deemix-rtr.service=deemix-svc"
+      - "traefik.http.routers.deemix-rtr.middlewares=traefik-auth"
+      - "traefik.http.services.deemix-svc.loadbalancer.server.port=6595"
+#+end_src
+
+* Docker-Compose OLD                                                :noexport:
+** Wallabag
+#+begin_src yaml
+  wallabag:
+    container_name: wallabag
+    image: wallabag/wallabag
+    restart: unless-stopped
+    depends_on:
+      - wallabag_db
+    networks:
+      - t2_proxy
+      - backend
+    environment:
+      - MYSQL_ROOT_PASSWORD=$WALLABAG_MYSQL_ROOT_PASSWORD
+      - SYMFONY__ENV__DATABASE_DRIVER=pdo_mysql
+      - SYMFONY__ENV__DATABASE_HOST=wallabag_db
+      - SYMFONY__ENV__DATABASE_PORT=3308
+      - SYMFONY__ENV__DATABASE_NAME=symfony
+      - SYMFONY__ENV__DATABASE_USER=root
+      - SYMFONY__ENV__DATABASE_PASSWORD=$WALLABAG_MYSQL_PASSWORD
+      - SYMFONY__ENV__DATABASE_CHARSET=utf8mb4
+      - SYMFONY__ENV__DOMAIN_NAME=https://wallabag.tdehaeze.xyz
+    volumes:
+      - $CONFIGDIR/wallabag/images:/var/www/wallabag/web/assets/images
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.wallabag-rtr.entrypoints=https"
+      - "traefik.http.routers.wallabag-rtr.rule=Host(`wallabag.$DOMAINNAME`)"
+      - "traefik.http.routers.wallabag-rtr.tls=true"
+      - "traefik.http.routers.wallabag-rtr.service=wallabag-svc"
+      - "traefik.http.services.wallabag-svc.loadbalancer.server.port=80"
+
+  wallabag_db:
+    container_name: wallabag_db
+    image: mariadb
+    restart: unless-stopped
+    networks:
+      - backend
+    ports:
+      - 3308:3306
+    environment:
+      - MYSQL_ROOT_PASSWORD=$WALLABAG_MYSQL_ROOT_PASSWORD
+      - MYSQL_DATABASE=wallabag
+      - MYSQL_USER=wallabag
+      - MYSQL_PASSWORD=$WALLABAG_MYSQL_PASSWORD
+    volumes:
+      - $CONFIGDIR/wallabag/data:/var/lib/mysql
+#+end_src
+
+** Transmission
+#+begin_src yaml
+  transmission:
+    container_name: transmission
+    image: linuxserver/transmission
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+    volumes:
+      - $CONFIGDIR/transmission:/config
+      - /srv/storage/Downloads:/downloads
+      - /srv/storage/Downloads/watch:/watch
+    ports:
+      - 9091:9091
+      - 51413:51413
+      - 51413:51413/udp
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.transmission-rtr.entrypoints=https"
+      - "traefik.http.routers.transmission-rtr.rule=Host(`torrent.$DOMAINNAME`)"
+      - "traefik.http.routers.transmission-rtr.tls=true"
+      - "traefik.http.routers.transmission-rtr.service=transmission-svc"
+      - "traefik.http.routers.transmission-rtr.middlewares=traefik-auth"
+      - "traefik.http.services.transmission-svc.loadbalancer.server.port=9091"
+#+end_src
+
+** Navodrome
+#+begin_src yaml
+  navidrome:
+    container_name: navidrome
+    image: deluan/navidrome
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      ND_MUSICFOLDER: /music
+      ND_DATAFOLDER: /data
+      ND_SCANINTERVAL: 10m
+      ND_LOGLEVEL: info
+      ND_PORT: 4533
+      ND_TRANSCODINGCACHESIZE: 100MB
+      ND_SESSIONTIMEOUT: 24h
+      ND_BASEURL: ""
+    volumes:
+      - $CONFIGDIR/navidrome:/data
+      - /srv/storage/Music:/music:ro
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.navidrome-rtr.entrypoints=https"
+      - "traefik.http.routers.navidrome-rtr.rule=Host(`music.$DOMAINNAME`)"
+      - "traefik.http.routers.navidrome-rtr.tls=true"
+      - "traefik.http.routers.navidrome-rtr.service=navidrome-svc"
+      - "traefik.http.services.navidrome-svc.loadbalancer.server.port=4533"
+#+end_src
+
+** Buku
+#+begin_src yaml
+  buku:
+    container_name: buku
+    image: bukuserver/bukuserver
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      - UID=$PUID
+      - GID=$PGID
+      - TZ=$TZ
+      - BUKUSERVER_PER_PAGE=100
+      - BUKUSERVER_OPEN_IN_NEW_TAB=true
+      # - BUKUSERVER_SECRET_KEY=123456789012345678901234
+      # - BUKUSERVER_URL_RENDER_MODE=full
+      # - BUKUSERVER_DISABLE_FAVICON=false
+    volumes:
+      - $CONFIGDIR/buku:/root/.local/share/buku
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.buku-rtr.entrypoints=https"
+      - "traefik.http.routers.buku-rtr.rule=Host(`bookmarks.$DOMAINNAME`)"
+      - "traefik.http.routers.buku-rtr.tls=true"
+      - "traefik.http.routers.buku-rtr.service=buku-svc"
+      - "traefik.http.routers.buku-rtr.middlewares=traefik-auth"
+      - "traefik.http.services.buku-svc.loadbalancer.server.port=5001"
+#+end_src
+
+** Watchtower
+#+begin_src yaml
+  watchtower:
+    container_name: watchtower
+    image: containrrr/watchtower
+    restart: unless-stopped
+    networks:
+      - backend
+    environment:
+      - TZ=$TZ
+      - WATCHTOWER_SCHEDULE=0 0 4 * * MON
+      - WATCHTOWER_CLEANUP=true
+      - WATCHTOWER_TIMEOUT=30s
+      - WATCHTOWER_DEBUG=false
+      - WATCHTOWER_INCLUDE_STOPPED=false
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+#+end_src
+
+** Filebrowser
+#+begin_src yaml
+  filebrowser:
+    container_name: filebrowser
+    image: filebrowser/filebrowser
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    volumes:
+      - $CONFIGDIR/filebrowser/database.db:/filebrowser.db
+      - $CONFIGDIR/filebrowser/.filebrowser.json:/.filebrowser.json
+      - /srv/storage/Cloud:/srv
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.filebrowser-rtr.entrypoints=https"
+      - "traefik.http.routers.filebrowser-rtr.rule=Host(`cloud.$DOMAINNAME`)"
+      - "traefik.http.routers.filebrowser-rtr.tls=true"
+      - "traefik.http.routers.filebrowser-rtr.service=filebrowser-svc"
+      - "traefik.http.services.filebrowser-svc.loadbalancer.server.port=80"
+#+end_src
+
+** Gossa
+#+begin_src yaml
+  gossa:
+    container_name: gossa
+    image: pldubouilh/gossa
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+    volumes:
+      - /srv/storage/Downloads:/shared
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.gossa-rtr.entrypoints=https"
+      - "traefik.http.routers.gossa-rtr.rule=Host(`cloud.$DOMAINNAME`)"
+      - "traefik.http.routers.gossa-rtr.tls=true"
+      - "traefik.http.routers.gossa-rtr.service=gossa-svc"
+      - "traefik.http.routers.gossa-rtr.middlewares=traefik-auth"
+      - "traefik.http.services.gossa-svc.loadbalancer.server.port=8001"
+#+end_src
+
+** Duplicati
+#+begin_src yaml
+  duplicati:
+    container_name: duplicati
+    image: linuxserver/duplicati
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      - UID=$PUID
+      - GID=$PGID
+      - TZ=$TZ
+        # - CLI_ARGS= #optional
+    volumes:
+      - $CONFIGDIR/duplicati:/config
+      - /srv/storage/Backups:/backups
+      - /srv/storage/Cloud/thesis:/source
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.duplicati-rtr.entrypoints=https"
+      - "traefik.http.routers.duplicati-rtr.rule=Host(`backup.$DOMAINNAME`)"
+      - "traefik.http.routers.duplicati-rtr.tls=true"
+      - "traefik.http.routers.duplicati-rtr.service=duplicati-svc"
+      - "traefik.http.routers.duplicati-rtr.middlewares=traefik-auth"
+      - "traefik.http.services.duplicati-svc.loadbalancer.server.port=8200"
+#+end_src
+
+** Pyload
+#+begin_src yaml
+  pyload:
+    image: linuxserver/pyload
+    container_name: pyload
+    restart: unless-stopped
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+    volumes:
+      - $CONFIGDIR/pyload:/config
+      - /srv/storage/Downloads:/downloads
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.pyload-rtr.entrypoints=https"
+      - "traefik.http.routers.pyload-rtr.rule=Host(`dl.$DOMAINNAME`)"
+      - "traefik.http.routers.pyload-rtr.tls=true"
+      - "traefik.http.routers.pyload-rtr.service=pyload-svc"
+      - "traefik.http.routers.pyload-rtr.middlewares=traefik-auth"
+      # - 'traefik.http.routers.pyload-rtr.middlewares=authelia@docker'
+      - "traefik.http.services.pyload-svc.loadbalancer.server.port=8000"
+#+end_src
+
+** Aria2
+#+begin_src yaml
+  aria2:
+    container_name: aria2
+    image: lukasmrtvy/lsiobase-aria2-webui
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - WEBUI=ariang
+      - SKIP_SSL=true
+      - CUSTOM_RPC_TOKEN=P@ssword123
+    volumes:
+      - $CONFIGDIR/aria2:/data/config
+      - /srv/storage/Downloads:/data/downloads
+    ports:
+      - 6800:6800
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.aria2-rtr.entrypoints=https"
+      - "traefik.http.routers.aria2-rtr.rule=Host(`dl.$DOMAINNAME`)"
+      - "traefik.http.routers.aria2-rtr.tls=true"
+      - "traefik.http.routers.aria2-rtr.service=aria2-svc"
+      - "traefik.http.routers.aria2-rtr.middlewares=traefik-auth"
+      - "traefik.http.services.aria2-svc.loadbalancer.server.port=4040"
+#+end_src
+
+** Droppy
+#+begin_src yaml
+  droppy:
+    container_name: droppy
+    image: silverwind/droppy
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+    volumes:
+      - $CONFIGDIR/droppy:/config
+      - /home/thomas/docker/test:/files
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.droppy-rtr.entrypoints=https"
+      - "traefik.http.routers.droppy-rtr.rule=Host(`test.$DOMAINNAME`)"
+      - "traefik.http.routers.droppy-rtr.tls=true"
+      - "traefik.http.routers.droppy-rtr.service=droppy-svc"
+      - "traefik.http.services.droppy-svc.loadbalancer.server.port=8989"
+#+end_src
+
+** Synapse
+#+begin_src yaml
+  synapse:
+    container_name: synapse
+    image: matrixdotorg/synapse
+    restart: unless-stopped
+    depends_on:
+      - synapse_db
+    networks:
+      - t2_proxy
+      - backend
+    environment:
+      - PUID=$PUID
+      - PGID=$PGID
+      - TZ=$TZ
+      - SYNAPSE_SERVER_NAME=matrix.tdehaeze.xyz
+      - SYNAPSE_REPORT_STATS=no
+    ports:
+      - 8448:8448
+    #  - 3478:3478
+    volumes:
+      - $CONFIGDIR/synapse:/data
+      - $CONFIGDIR/mautrix-facebook:/data/mautrix-facebook
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.synapse-rtr.entrypoints=https"
+      - "traefik.http.routers.synapse-rtr.rule=Host(`matrix.$DOMAINNAME`)"
+      - "traefik.http.routers.synapse-rtr.tls=true"
+      - "traefik.http.routers.synapse-rtr.service=synapse-svc"
+      - "traefik.http.services.synapse-svc.loadbalancer.server.port=8008"
+
+  synapse_db:
+    container_name: synapse_db
+    image: postgres
+    restart: unless-stopped
+    networks:
+      - backend
+    ports:
+      - 5432:5432
+    environment:
+      - POSTGRES_DB=synapse
+      - POSTGRES_INITDB_ARGS=--encoding='UTF8' --lc-collate='C' --lc-ctype='C'
+      - POSTGRES_USER=synapse_user
+      - POSTGRES_PASSWORD=$SYNAPSE_POSTGRES_PASSWORD
+    volumes:
+      - $CONFIGDIR/synapse_db:/var/lib/postgresql/data
+#+end_src
+
+** Mautrix-Facebook
+#+begin_src yaml
+  mautrix-facebook:
+    container_name: mautrix-facebook
+    image: dock.mau.dev/tulir/mautrix-facebook
+    restart: unless-stopped
+    depends_on:
+      - synapse
+    networks:
+      - t2_proxy
+      - backend
+    ports:
+      - 29319:29319
+    volumes:
+      - $CONFIGDIR/mautrix-facebook:/data
+#+end_src
+
+** Matrix-Slack
+#+begin_src yaml
+  matrix-slack:
+    container_name: matrix-slack
+    image: matrixdotorg/matrix-appservice-slack
+    restart: unless-stopped
+    depends_on:
+      - synapse
+      - matrix_slack_db
+    networks:
+      - t2_proxy
+      - backend
+    ports:
+      - 9898:9898
+    volumes:
+      - $CONFIGDIR/matrix-slack:/config
+
+  matrix_slack_db:
+    container_name: matrix_slack_db
+    image: postgres:latest
+    restart: unless-stopped
+    networks:
+      - backend
+    environment:
+      - POSTGRES_DB=slack_bridge
+      - POSTGRES_USER=slackbridge_user
+      - POSTGRES_PASSWORD=test
+    volumes:
+      - $CONFIGDIR/matrix_slack_db:/var/lib/postgresql/data
+#+end_src
+
+** Netdata
+#+begin_src yaml
+  netdata:
+    image: netdata/netdata
+    container_name: netdata
+    restart: unless-stopped
+    hostname: netdata.tdehaeze.xyz
+    networks:
+      - t2_proxy
+      - backend
+    environment:
+      - PUID=$PUID
+      - PGID=998
+      - TZ=$TZ
+    cap_add:
+      - SYS_PTRACE
+    security_opt:
+      - apparmor:unconfined
+    volumes:
+      - /proc:/host/proc:ro
+      - /sys:/host/sys:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - $CONFIGDIR/netdata:/etc/netdata
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.netdata-rtr.entrypoints=https"
+      - "traefik.http.routers.netdata-rtr.rule=Host(`netdata.$DOMAINNAME`)"
+      - "traefik.http.routers.netdata-rtr.tls=true"
+      - "traefik.http.routers.netdata-rtr.service=netdata-svc"
+      - "traefik.http.services.netdata-svc.loadbalancer.server.port=19999"
+#+end_src
+
+** Fail2ban
+#+begin_src yaml
+  fail2ban:
+    image: crazymax/fail2ban:latest
+    container_name: fail2ban
+    restart: unless-stopped
+    network_mode: "host"
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    volumes:
+      - $CONFIGDIR/fail2ban:/data
+      - /var/log:/var/log:ro
+    environment:
+      - TZ=$TZ
+      - PUID=$PUID
+      - PGID=$PGID
+#+end_src
+
+** Authelia
+#+begin_src yaml
+  authelia:
+    image: authelia/authelia
+    container_name: authelia
+    restart: unless-stopped
+    networks:
+      - t2_proxy
+    volumes:
+      - $CONFIGDIR/authelia:/config
+    expose:
+      - 9091
+    environment:
+      - UID=$PUID
+      - GID=$PGID
+      - TZ=$TZ
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.authelia-rtr.entrypoints=https"
+      - "traefik.http.routers.authelia-rtr.rule=Host(`login.$DOMAINNAME`)"
+      - "traefik.http.routers.authelia-rtr.tls=true"
+      - "traefik.http.routers.authelia-rtr.service=authelia-svc"
+#+end_src
+
+* =.env= - Variable used for Docker Compose
+:PROPERTIES:
+:header-args: :tangle /ssh:thomas@grenoble:~/docker/.env.test
+:header-args+: :comments none :mkdirp yes :noweb yes
+:END:
+
+#+begin_src conf
+PUID=1000
+PGID=1000
+TZ=Europe/Paris
+CONFIGDIR=/home/thomas/docker/config
+DOMAINNAME=tdehaeze.xyz
+#+end_src
+
+#+begin_src conf
+CLOUDFLARE_EMAIL=dehaeze.thomas@gmail.com
+CLOUDFLARE_API_KEY=<<get-password(passname="nas/cloudflare_api_key")>>
+#+end_src
+
+#+begin_src conf
+MINIFLUX_ADMIN_NAME=tdehaeze
+MINIFLUX_ADMIN_PASS=<<get-password(passname="nas/miniflux_admin_pass")>>
+MINIFLUX_POSTGRES_PASSWORD=<<get-password(passname="nas/miniflux_postgres_pass")>>
+#+end_src
+
+#+begin_src conf
+RESTIC_PASSWORD=<<get-password(passname="nas/restic_pass")>>
+#+end_src
+
+#+begin_src conf
+GITEA_DB_MYSQL_ROOT_PASSWORD=<<get-password(passname="nas/gitea_mysql_root_pass")>>
+GITEA_DB_MYSQL_PASSWORD=<<get-password(passname="nas/gitea_mysql_pass")>>
+GITEA_SSH_PORT=2222
+#+end_src
+
+#+begin_src conf
+NORDVPN_NAME=dehaeze.thomas@gmail.com
+NORDVPN_PASS=<<get-password(passname="nordvpn.com/dehaeze.thomas@gmail.com")>>
+#+end_src
+
+#+begin_src conf
+GOTIFY_DEFAULTUSER_NAME=tdehaeze
+GOTIFY_DEFAULTUSER_PASS=<<get-password(passname="nas/gotify_pass")>>
+#+end_src
+
+#+begin_src conf
+GUACAMOLE_POSTGRES_PASSWORD=<<get-password(passname="nas/guacamole_postgres_pass")>>
+#+end_src
+
+#+begin_src conf
+DEEMIX_ARL=<<get-password(passname="nas/deemix_arl")>>
+#+end_src
+
+* Cron Jobs
+** Caddy Update
+Create a script =~/cron/caddy_update.sh= with:
+#+begin_src bash :tangle /ssh:thomas@grenoble:~/cron/caddy_update.sh :shebang "#!/usr/bin/env bash"
+docker exec caddy /bin/sh -c "cd /srv/www && echo -e \"Update repo $(date)\" && git submodule update --recursive --remote --merge"
+#+end_src
+
+Type =crontab -e= and add this line:
+#+begin_src conf
+  */5 * * * * /home/thomas/cron/caddy_update.sh >> /home/thomas/cron/caddy_update.log 2>&1
+#+end_src
+
+* Config
+** Caddy
+#+begin_src conf :tangle /ssh:thomas@grenoble:~/docker/config/caddy/Caddyfile
+0.0.0.0:2015 {
+    root /srv/www/
+
+    git {
+        repo     https://git.tdehaeze.xyz/tdehaeze/research-home-page
+        path     /srv/www/
+        interval -1
+        hook     /research-home-page/webhook QHZgAKjD8q2v54Ru
+        then     git submodule update --init --recursive --merge
+    }
+}
+#+end_src
+
+** Homer
+#+begin_src yaml :tangle /ssh:thomas@grenoble:~/docker/config/homer/assets
+---
+title: "Homepage"
+subtitle: "Homer"
+logo: "assets/homer.png"
+header: false
+footer: false
+
+columns: "auto"
+connectivityCheck: false
+
+theme: default
+
+links: []
+
+services:
+  - name: "Websites"
+    icon: "fas fa-desktop"
+    items:
+    - name: "Wiki"
+      logo: "/assets/tools/brain.png"
+      subtitle: "Digital Brain"
+      url: "https://brain.tdehaeze.xyz"
+    - name: "Research"
+      logo: "/assets/tools/orgmode.png"
+      subtitle: "Research Pages"
+      url: "https://research.tdehaeze.xyz"
+  - name: "Utilities"
+    icon: "fas fa-rss"
+    items:
+    - name: "Miniflux"
+      logo: "/assets/tools/miniflux.png"
+      subtitle: "RSS Feeds"
+      url: "https://rss.tdehaeze.xyz"
+    - name: "Bitwarden"
+      logo: "/assets/tools/bitwarden.png"
+      subtitle: "Password Manager"
+      url: "https://bw.tdehaeze.xyz"
+    - name: "Home Assistant"
+      logo: "/assets/tools/homeassistant.png"
+      subtitle: "Home Assistant"
+      url: "http://home.tdehaeze.xyz:8123"
+    - name: "Guacamole"
+      logo: "/assets/tools/guacamole.png"
+      subtitle: "SSH Access"
+      url: "https://guacamole.tdehaeze.xyz/"
+  - name: "Cloud"
+    icon: "fas fa-cloud"
+    items:
+    - name: "Cloud"
+      logo: "/assets/tools/cloud.png"
+      subtitle: "Simple Personnal Could"
+      url: "https://cloud.tdehaeze.xyz"
+    - name: "Syncthing"
+      logo: "/assets/tools/syncthing.png"
+      subtitle: "P2P Sync"
+      url: "https://syncthing.tdehaeze.xyz"
+    - name: "Gitea"
+      logo: "/assets/tools/gitea.png"
+      subtitle: "Git Server"
+      url: "https://git.tdehaeze.xyz"
+  - name: "Download"
+    icon: "fas fa-download"
+    items:
+    - name: "Transmission"
+      logo: "/assets/tools/transmission.png"
+      subtitle: "Torrents"
+      url: "https://torrent.tdehaeze.xyz/transmission/web/"
+    - name: "transfer"
+      logo: "/assets/tools/transfer.png"
+      subtitle: "Transfer.sh"
+      url: "https://file.tdehaeze.xyz"
+    - name: "deemix"
+      subtitle: "Download Music"
+      logo: "/assets/tools/deezer.png"
+      url: "https://deemix.tdehaeze.xyz"
+      #    - name: "Aria2"
+      #      logo: "/assets/tools/aria2.png"
+      #      subtitle: "Direct Downloads"
+      #      url: "https://dl.tdehaeze.xyz"
+  - name: "Media"
+    icon: "fas fa-film"
+    items:
+    - name: "Jellyfin"
+      logo: "/assets/tools/jellyfin.png"
+      subtitle: "Media Library"
+      url: "https://jellyfin.tdehaeze.xyz"
+  - name: "Config"
+    icon: "fas fa-cog"
+    items:
+    - name: "Portainer"
+      logo: "/assets/tools/portainer.png"
+      subtitle: "Manger Docker"
+      url: "https://portainer.tdehaeze.xyz"
+    - name: "Traefik"
+      logo: "/assets/tools/traefik.png"
+      subtitle: "Reverse Proxy"
+      url: "https://traefik.tdehaeze.xyz"
+  - name: "Local"
+    icon: "fas fa-home"
+    items:
+    - name: "Jackett"
+      logo: "/assets/tools/jackett.png"
+      subtitle: "Download API"
+      url: "http://192.168.1.150:9117/"
+    - name: "Radarr"
+      logo: "/assets/tools/radarr.png"
+      subtitle: "Movie Manager"
+      url: "http://192.168.1.150:7878/"
+    - name: "Sonarr"
+      logo: "/assets/tools/sonarr.png"
+      subtitle: "TV Shows Manager"
+      url: "http://192.168.1.150:8989/"
+    - name: "Ombi"
+      logo: "/assets/tools/ombi.png"
+      subtitle: "Request Content"
+      url: "https://ombi.tdehaeze.xyz/"
+    - name: "Bazarr"
+      logo: "/assets/tools/bazarr.png"
+      subtitle: "Subtitles Manager"
+      url: "http://192.168.1.150:6767/"
+    - name: "Scrutiny"
+      logo: "/assets/tools/scrutiny.png"
+      subtitle: "S.M.A.R.T"
+      url: "http://192.168.1.150:8089/web/dashboard"
+    - name: "OctoPrint"
+      logo: "/assets/tools/octoprint.png"
+      subtitle: "3D-Printing"
+      url: "http://192.168.1.56/"
+#+end_src
+
+** Restic
+#+begin_src conf :tangle /ssh:thomas@grenoble:~/docker/config/restic/rclone.conf
+[mega]
+type = mega
+user = dehaeze.thomas@gmail.com
+pass = <<get-password(passname="nas/rclone_mega_pass")>>
+#+end_src
+
+** Snapraid
+*** =snapraid.conf=
+#+begin_src conf :tangle /ssh:thomas@grenoble:~/docker/config/snapraid/snapraid.conf
+# Defines the file to use as parity storage
+# It must NOT be in a data disk
+# Format: "parity FILE_PATH"
+parity /mnt/parity/snapraid.parity
+
+# Defines the files to use as content list
+# You can use multiple specification to store more copies
+# You must have least one copy for each parity file plus one. Some more don't
+# hurt
+# They can be in the disks used for data, parity or boot,
+# but each file must be in a different disk
+# Format: "content FILE_PATH"
+content /var/snapraid.content
+content /mnt/disk0/.snapraid.content
+content /mnt/disk1/.snapraid.content
+
+# Defines the data disks to use
+# The order is relevant for parity, do not change it
+# Format: "disk DISK_NAME DISK_MOUNT_POINT"
+disk d0 /mnt/disk0
+disk d1 /mnt/disk1
+
+# Excludes hidden files and directories (uncomment to enable).
+#nohidden
+
+# Defines files and directories to exclude
+# Remember that all the paths are relative at the mount points
+# Format: "exclude FILE"
+# Format: "exclude DIR/"
+# Format: "exclude /PATH/FILE"
+# Format: "exclude /PATH/DIR/"
+exclude *.unrecoverable
+exclude /tmp/
+exclude /lost+found/
+exclude *.!sync
+exclude .AppleDouble
+exclude ._AppleDouble
+exclude .DS_Store
+exclude ._.DS_Store
+exclude .Thumbs.db
+exclude .fseventsd
+exclude .Spotlight-V100
+exclude .TemporaryItems
+exclude .Trashes
+exclude .AppleDB
+#+end_src
+
+*** =snapraid-runner.conf=
+#+begin_src conf :tangle /ssh:thomas@grenoble:~/docker/config/snapraid/snapraid-runner.conf
+[snapraid]
+; path to the snapraid executable (e.g. /bin/snapraid)
+executable = /usr/bin/snapraid
+; path to the snapraid config to be used
+config = /config/snapraid.conf
+; abort operation if there are more deletes than this, set to -1 to disable
+deletethreshold = -1
+; if you want touch to be ran each time
+touch = false
+
+[logging]
+; logfile to write to, leave empty to disable
+file = /config/snapraid.log
+; maximum logfile size in KiB, leave empty for infinite
+maxsize = 5000
+
+; [email]
+; ; when to send an email, comma-separated list of [success, error]
+; sendon = success,error
+; ; set to false to get full programm output via email
+; short = true
+; subject = [SnapRAID] Status Report:
+; from =
+; to =
+; ; maximum email size in KiB
+; maxsize = 500
+;
+; [smtp]
+; host =
+; ; leave empty for default port
+; port =
+; ; set to "true" to activate
+; ssl = false
+; tls = false
+; user =
+; password =
+
+[scrub]
+; set to true to run scrub after sync
+enabled = false
+percentage = 12
+older-than = 10
+#+end_src