# 🧠 AI-Impress Infrastructure Snapshot (Wed Oct 29 01:55:46 PM UTC 2025) ## 🏷️ System Info Static hostname: ai-impress-prod Icon name: computer-vm Chassis: vm 🖴 Machine ID: 2c3c6d97e54246e9bcfdeb513b8947f3 Boot ID: e0fb6e0813b54674ac1ca99a87864c74 Virtualization: kvm Operating System: Ubuntu 24.04.3 LTS Kernel: Linux 6.8.0-86-generic Architecture: x86-64 Hardware Vendor: OpenStack Foundation Hardware Model: OpenStack Nova Firmware Version: 1.16.3-debian-1.16.3-2~bpo12+1 Firmware Date: Tue 2014-04-01 Firmware Age: 11y 6month 4w 1d ### Uptime / Load / Memory 13:55:46 up 4 days, 21:21, 2 users, load average: 1.93, 1.92, 1.65 total used free shared buff/cache available Mem: 57Gi 9.8Gi 23Gi 643Mi 25Gi 47Gi Swap: 4.0Gi 0B 4.0Gi Filesystem Type Size Used Avail Use% Mounted on /dev/sda1 ext4 387G 44G 344G 12% / /dev/sda16 ext4 881M 117M 703M 15% /boot /dev/sda15 vfat 105M 6.2M 99M 6% /boot/efi /dev/sdc ext4 393G 3.6G 370G 1% /mnt/backups /dev/sdb ext4 295G 256M 279G 1% /mnt/psql-data overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/7f59154177fb5bb63a400d45c958667abc07aa70575548c8341781fbe635f273/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/5ce9f0d5d508698cdf824678bd8bf4fb450c967d50a852eca3a0015dd6c67eef/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/faf77df9e7ed388244d8501f4c93cf5b431ac99ebd4322ec15488db3a8433902/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/e39fa1745dd4f24d91eb8d415c2bad25b3a04b55dd375d832540cf1e769a077a/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/74d94c2981f9f8c261be164bef317206b1d1d1efaf7e0d3bb3641ad75d5502cd/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/e579a97b6d93ce6debfd20505e2ce60e0afe1f17cf9decee7f618d50a8a226ab/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/404ee27d57b85df92d5121595a343a80a07b7aa7b4c2008dbe50e66463b2ab45/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/c02ab1a8f9603c231b5eade35c15bd06040f02bbde039b26724e24d99d5df3e4/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/76c7a9a55b5adc3b64c3db6e8a12d99537da3caac40adcf7074f353772e52bb5/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/4293ecfcdd50e877d159485ca6b9c815f12cd24410306dae8f66fedd9705ed31/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/dae4a6c8c1704d938f45dca2c7ace555af54c11a781c94a5cdc0d18d5ee440f8/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/c9ce433937f38d32c24f932d1602339004562bc55b254689b33f4d9cefdb48d8/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/047d73c56f026c437ae7c1992a21e453cbc8bbe8468c1437949f2d0152f66b6b/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/9fe823ccdbfce5531823a7749b4063e0d780061328ab5be40d5c21cc58dd9b6e/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/6b48895fea3e29c215247f49e49f072d24daf2344ce48dfb997dc157547b6deb/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/a96fbdf8adc0dc3d0149a4bd96c41b23c4b41b5c011d33f0e50123a3820d647a/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/6a717f5c0ce32485fa8081101d405f0da8bf7cc881f64f4137d489456f0f8923/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/5b384609747bd2bb68bf2328eeffa3084ee9a4c8480b761caddff34e0026b6d0/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/d25a2d46205806e6feca229eac1db85715a56f2c52f69e66b82ef8fb5c6f12dd/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/e8d2e52ff9ce5cc1d860ed41f4647c8abef51cd5e5ba00c18bdc780541ac5ae1/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/0ea37098095afb0d82131840e74a1700d687522c0034c1a54c598026dd94720d/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/fadf8d44e37741b83eb74d602ed6496d9ab5936fb622fcaf085dfbb491e2a194/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/9fe58afc91005edae0fc9e98a51a9ed293a78d6187eae1da77d779d18c1292ac/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/7a07774cc12157092d106b0b0892249c2be3476837b1f98342b3288193ef3f11/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/0bd47bb2f4a55a9f24f50afdee88e713b864ee045b269e6e149e40c0ff1649e8/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/2d726d764f4ce74065c943c35a4d2c34c79507981bc00f51d4c04a071eacbe47/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/2e454b20d86b2aff6bf092ab82ca3d3bd7cf6a0e67f57561bde03376acadef44/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/22ba8cd3e543348cab52530c30a0ea818a2ef1b5d63425bf0b820ea92ad98eb2/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/e414b118e150d14b5f5f7ce0d19121fd648d240afc01e090f56900a07e0e0162/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/0b849a90ff0cfdd2d835abb77e44c3977f528213697e45f4f0dc740d1dfba514/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/bc3a5f0d8c32b795c08c1eb8ec7c4a47aeea12b2a859a0faa529c85edae57d3c/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/950d80ba3424932769487ac5c08fd65a29e9fe5f7a314619d255eea81af6c3af/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/54317f2fbe824463a9d553efc10b14ac49db8778618ba0055af8a463d64eaa14/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/fe6af5c711e6d16253171a9743c90d055df27ea754dba0c7240e6831fd388498/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/8883cbb932f4ffae6eaf2505e36237d163dbc10191bef062ab5defeae8226873/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/5c5ce6af68625d77fb8cc7d4b4a4b23dba6ff8c7ae731e192763b2eb53f3f473/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/3d33c99b219062cc157f5f44545bb2f71f558c8a4b54e97a9d773e3650441669/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/08e04dec679967f493467a0e7241b8c3410fb0b673dbd449f9435407cb851500/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/ad4f5604fd1edd8442058db0e16d4075bc935c7808899a26b910ce66bc4424ee/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/1796e36dd6d606bbadbd8ebcf0828bfa2c047765f004acfa584737f4541c5d7f/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/d6bf9788e3823e2339dcc2e7d0b2db212b544b34bc77dadd4b0bbb000bc2410d/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/68e20bd8e07f4dfb850d8c5af52a2bb719a09f6033b4d2925485dae441d8e8c5/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/5644d79cfc6301a27867898ce61720a13314ac4cda9286fc3f5c052040cf2378/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/6d6d98fbeca9f236fc379b9e39534ccbec582dfe0a19a2127b511aff8a46087d/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/c6b8b9955b7e524c57bc83942bd13a2267e0ddacd3f89692fb2525ad8fe3ec8b/merged overlay overlay 387G 44G 344G 12% /var/lib/docker/overlay2/b97c62d09c7bfb5c7d05e9d2fbc5b6c06c3af54df443f8cd179bc99411614cd4/merged ## 🌐 Network Configuration 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: ens3: mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether fa:16:3e:81:b6:86 brd ff:ff:ff:ff:ff:ff altname enp0s3 inet 51.89.231.46/32 metric 100 scope global dynamic ens3 valid_lft 52704sec preferred_lft 52704sec 3: br-9e103eeb0591: mtu 1500 qdisc noqueue state DOWN group default link/ether be:a0:9b:47:43:10 brd ff:ff:ff:ff:ff:ff inet 172.16.4.1/24 brd 172.16.4.255 scope global br-9e103eeb0591 valid_lft forever preferred_lft forever 4: br-c797531af13d: mtu 1500 qdisc noqueue state UP group default link/ether 9a:bd:0b:27:89:89 brd ff:ff:ff:ff:ff:ff inet 172.16.1.1/24 brd 172.16.1.255 scope global br-c797531af13d valid_lft forever preferred_lft forever 5: br-cdaceadfcefb: mtu 1500 qdisc noqueue state UP group default link/ether f6:6d:ef:8e:77:cf brd ff:ff:ff:ff:ff:ff inet 172.19.0.1/16 brd 172.19.255.255 scope global br-cdaceadfcefb valid_lft forever preferred_lft forever 7: br-4bc92c6c74a8: mtu 1500 qdisc noqueue state UP group default link/ether e2:1c:73:85:12:c1 brd ff:ff:ff:ff:ff:ff inet 172.21.0.1/16 brd 172.21.255.255 scope global br-4bc92c6c74a8 valid_lft forever preferred_lft forever 2057: veth625e980@if2: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether 32:32:21:1c:74:71 brd ff:ff:ff:ff:ff:ff link-netnsid 12 9: br-a0dd7c187961: mtu 1500 qdisc noqueue state DOWN group default link/ether 12:80:99:03:db:45 brd ff:ff:ff:ff:ff:ff inet 172.16.6.1/24 brd 172.16.6.255 scope global br-a0dd7c187961 valid_lft forever preferred_lft forever 2058: veth0c573c7@if3: mtu 1500 qdisc noqueue master br-cdaceadfcefb state UP group default link/ether 02:9e:7a:57:c7:23 brd ff:ff:ff:ff:ff:ff link-netnsid 12 10: br-b28f70541993: mtu 1500 qdisc noqueue state UP group default link/ether ca:b0:f9:f1:54:90 brd ff:ff:ff:ff:ff:ff inet 172.18.0.1/16 brd 172.18.255.255 scope global br-b28f70541993 valid_lft forever preferred_lft forever 12: br-01cd476e5307: mtu 1500 qdisc noqueue state UP group default link/ether a2:6e:38:f6:4d:f9 brd ff:ff:ff:ff:ff:ff inet 172.22.0.1/16 brd 172.22.255.255 scope global br-01cd476e5307 valid_lft forever preferred_lft forever 13: br-7c3083a44e08: mtu 1500 qdisc noqueue state DOWN group default link/ether 0e:62:0a:52:4c:1c brd ff:ff:ff:ff:ff:ff inet 172.23.0.1/16 brd 172.23.255.255 scope global br-7c3083a44e08 valid_lft forever preferred_lft forever 14: docker0: mtu 1500 qdisc noqueue state UP group default link/ether 72:42:ff:0d:d2:fb brd ff:ff:ff:ff:ff:ff inet 172.16.0.1/24 brd 172.16.0.255 scope global docker0 valid_lft forever preferred_lft forever 17: vethbfd4268@if2: mtu 1500 qdisc noqueue master br-c797531af13d state UP group default link/ether c6:9a:ad:5f:e0:87 brd ff:ff:ff:ff:ff:ff link-netnsid 2 20: veth1322dc1@if2: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether ca:e1:5f:9c:2c:c3 brd ff:ff:ff:ff:ff:ff link-netnsid 5 2071: vethc215d37@if2: mtu 1500 qdisc noqueue master br-908d5a0befd4 state UP group default link/ether f6:f6:7c:0d:5f:dd brd ff:ff:ff:ff:ff:ff link-netnsid 40 2072: vethc44d636@if2: mtu 1500 qdisc noqueue master br-908d5a0befd4 state UP group default link/ether e6:c5:39:77:2f:3b brd ff:ff:ff:ff:ff:ff link-netnsid 41 2073: vethbd9522e@if3: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether 7a:ad:7b:f7:d6:5f brd ff:ff:ff:ff:ff:ff link-netnsid 40 1065: veth0f5f4e4@if2: mtu 1500 qdisc noqueue master br-cdaceadfcefb state UP group default link/ether 16:d4:ff:19:f0:46 brd ff:ff:ff:ff:ff:ff link-netnsid 0 49: veth723fa43@if2: mtu 1500 qdisc noqueue master br-cdaceadfcefb state UP group default link/ether fa:ac:bd:4b:69:b0 brd ff:ff:ff:ff:ff:ff link-netnsid 32 1330: br-908d5a0befd4: mtu 1500 qdisc noqueue state UP group default link/ether 72:da:85:3a:d3:73 brd ff:ff:ff:ff:ff:ff inet 172.16.8.1/24 brd 172.16.8.255 scope global br-908d5a0befd4 valid_lft forever preferred_lft forever 1331: veth37835ea@if2: mtu 1500 qdisc noqueue master br-908d5a0befd4 state UP group default link/ether d6:55:a8:6d:c6:ba brd ff:ff:ff:ff:ff:ff link-netnsid 43 1332: veth099d887@if2: mtu 1500 qdisc noqueue master br-908d5a0befd4 state UP group default link/ether 3a:97:d8:10:6a:49 brd ff:ff:ff:ff:ff:ff link-netnsid 45 2106: veth2f8a50a@if2: mtu 1500 qdisc noqueue master br-908d5a0befd4 state UP group default link/ether 22:e8:40:51:4a:59 brd ff:ff:ff:ff:ff:ff link-netnsid 81 2107: veth148b996@if3: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether 9a:54:ee:1e:6e:18 brd ff:ff:ff:ff:ff:ff link-netnsid 81 2115: veth8f5f68c@if2: mtu 1500 qdisc noqueue master br-cdaceadfcefb state UP group default link/ether 7e:bd:3d:26:48:3e brd ff:ff:ff:ff:ff:ff link-netnsid 33 2116: veth63854f0@if3: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether 86:af:04:34:dc:23 brd ff:ff:ff:ff:ff:ff link-netnsid 33 1360: br-36cf0e468fc7: mtu 1500 qdisc noqueue state UP group default link/ether aa:b9:17:52:0d:54 brd ff:ff:ff:ff:ff:ff inet 172.16.2.1/24 brd 172.16.2.255 scope global br-36cf0e468fc7 valid_lft forever preferred_lft forever 1361: veth0310792@if2: mtu 1500 qdisc noqueue master br-36cf0e468fc7 state UP group default link/ether c6:5d:86:90:41:ab brd ff:ff:ff:ff:ff:ff link-netnsid 4 1362: vethfa62852@if2: mtu 1500 qdisc noqueue master br-36cf0e468fc7 state UP group default link/ether 26:d8:5f:f3:73:3f brd ff:ff:ff:ff:ff:ff link-netnsid 6 1363: vethbfe9bc3@if2: mtu 1500 qdisc noqueue master br-36cf0e468fc7 state UP group default link/ether da:96:a8:5a:c9:eb brd ff:ff:ff:ff:ff:ff link-netnsid 8 1364: vethc33f825@if2: mtu 1500 qdisc noqueue master br-36cf0e468fc7 state UP group default link/ether ee:c3:e5:52:5d:84 brd ff:ff:ff:ff:ff:ff link-netnsid 17 1365: veth91ccc1d@if2: mtu 1500 qdisc noqueue master br-36cf0e468fc7 state UP group default link/ether 16:21:eb:ca:fa:48 brd ff:ff:ff:ff:ff:ff link-netnsid 21 1366: veth3c7d998@if2: mtu 1500 qdisc noqueue master br-36cf0e468fc7 state UP group default link/ether 12:91:aa:da:0b:6f brd ff:ff:ff:ff:ff:ff link-netnsid 22 1367: vethff19a20@if2: mtu 1500 qdisc noqueue master br-36cf0e468fc7 state UP group default link/ether be:c3:91:83:25:c0 brd ff:ff:ff:ff:ff:ff link-netnsid 27 1368: vethe901bb9@if2: mtu 1500 qdisc noqueue master br-36cf0e468fc7 state UP group default link/ether 02:79:d7:28:3e:8f brd ff:ff:ff:ff:ff:ff link-netnsid 29 1369: vethbcb0045@if2: mtu 1500 qdisc noqueue master br-36cf0e468fc7 state UP group default link/ether 72:8d:d2:ad:d4:74 brd ff:ff:ff:ff:ff:ff link-netnsid 31 1370: veth8e03257@if2: mtu 1500 qdisc noqueue master br-36cf0e468fc7 state UP group default link/ether fa:2f:00:ff:a4:5e brd ff:ff:ff:ff:ff:ff link-netnsid 38 1371: veth33aebae@if2: mtu 1500 qdisc noqueue master br-36cf0e468fc7 state UP group default link/ether 7a:6f:01:13:aa:08 brd ff:ff:ff:ff:ff:ff link-netnsid 39 1373: veth291563e@if3: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether 5e:a4:26:81:6b:c9 brd ff:ff:ff:ff:ff:ff link-netnsid 39 1374: vethbb142dc@if2: mtu 1500 qdisc noqueue master br-36cf0e468fc7 state UP group default link/ether be:f3:f8:b3:a4:de brd ff:ff:ff:ff:ff:ff link-netnsid 61 1640: br-f2be33f79fe4: mtu 1500 qdisc noqueue state UP group default link/ether ba:69:19:94:1c:7a brd ff:ff:ff:ff:ff:ff inet 172.16.3.1/24 brd 172.16.3.255 scope global br-f2be33f79fe4 valid_lft forever preferred_lft forever 1128: veth054e629@if2: mtu 1500 qdisc noqueue master br-cdaceadfcefb state UP group default link/ether 52:b6:00:61:9a:d4 brd ff:ff:ff:ff:ff:ff link-netnsid 28 1641: veth08ed7bf@if2: mtu 1500 qdisc noqueue master br-f2be33f79fe4 state UP group default link/ether 0e:f8:46:1c:99:dd brd ff:ff:ff:ff:ff:ff link-netnsid 3 1129: vethdb9dce3@if3: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether e6:4d:45:e7:be:1c brd ff:ff:ff:ff:ff:ff link-netnsid 28 620: vethd32c88a@if2: mtu 1500 qdisc noqueue master br-4bc92c6c74a8 state UP group default link/ether 86:c2:46:cb:f5:29 brd ff:ff:ff:ff:ff:ff link-netnsid 1 621: veth86a12dc@if3: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether e6:ae:18:e9:05:16 brd ff:ff:ff:ff:ff:ff link-netnsid 1 2161: vethda56ef3@if2: mtu 1500 qdisc noqueue master docker0 state UP group default link/ether 92:f5:05:b4:56:b9 brd ff:ff:ff:ff:ff:ff link-netnsid 10 1656: vethe510a0c@if2: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether 26:e7:ea:04:47:a0 brd ff:ff:ff:ff:ff:ff link-netnsid 9 1657: veth872c6ab@if3: mtu 1500 qdisc noqueue master br-39a0028fdb88 state UP group default link/ether ee:c5:a8:a0:bf:7e brd ff:ff:ff:ff:ff:ff link-netnsid 9 1664: veth5f772e8@if2: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether d2:72:86:9d:b1:7c brd ff:ff:ff:ff:ff:ff link-netnsid 7 1665: vetha6aee51@if3: mtu 1500 qdisc noqueue master br-f2be33f79fe4 state UP group default link/ether 82:7f:8a:e4:b5:c9 brd ff:ff:ff:ff:ff:ff link-netnsid 7 2191: vethcd2024d@if2: mtu 1500 qdisc noqueue master docker0 state UP group default link/ether 16:18:ef:2a:31:63 brd ff:ff:ff:ff:ff:ff link-netnsid 19 912: br-39a0028fdb88: mtu 1500 qdisc noqueue state UP group default link/ether f2:66:a7:91:d0:c8 brd ff:ff:ff:ff:ff:ff inet 172.16.7.1/24 brd 172.16.7.255 scope global br-39a0028fdb88 valid_lft forever preferred_lft forever 2196: br-e581070d94e4: mtu 1500 qdisc noqueue state UP group default link/ether 26:cc:f7:d4:db:83 brd ff:ff:ff:ff:ff:ff inet 172.16.5.1/24 brd 172.16.5.255 scope global br-e581070d94e4 valid_lft forever preferred_lft forever 2197: vetheb0949b@if2: mtu 1500 qdisc noqueue master br-e581070d94e4 state UP group default link/ether b2:0b:43:52:16:b5 brd ff:ff:ff:ff:ff:ff link-netnsid 11 2198: veth613fdc6@if2: mtu 1500 qdisc noqueue master br-e581070d94e4 state UP group default link/ether d2:35:09:6c:c1:e2 brd ff:ff:ff:ff:ff:ff link-netnsid 13 1942: veth3180ce0@if2: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether 0a:3a:ea:b0:7d:e4 brd ff:ff:ff:ff:ff:ff link-netnsid 15 1430: vethbaa64f0@if2: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether ca:97:9f:a9:a0:c0 brd ff:ff:ff:ff:ff:ff link-netnsid 23 2199: veth144bdba@if2: mtu 1500 qdisc noqueue master br-e581070d94e4 state UP group default link/ether c6:ce:bf:b5:36:4f brd ff:ff:ff:ff:ff:ff link-netnsid 14 1943: vethe62a99b@if2: mtu 1500 qdisc noqueue master br-01cd476e5307 state UP group default link/ether 82:e8:c8:d7:2c:9e brd ff:ff:ff:ff:ff:ff link-netnsid 16 2200: veth375780f@if3: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether 9a:80:e0:8b:01:20 brd ff:ff:ff:ff:ff:ff link-netnsid 14 1944: veth08d5a2e@if2: mtu 1500 qdisc noqueue master br-cdaceadfcefb state UP group default link/ether 6e:eb:57:40:66:88 brd ff:ff:ff:ff:ff:ff link-netnsid 18 1945: veth4277179@if2: mtu 1500 qdisc noqueue master br-cdaceadfcefb state UP group default link/ether 16:22:a7:04:8c:f9 brd ff:ff:ff:ff:ff:ff link-netnsid 25 1946: vethe7ae71a@if2: mtu 1500 qdisc noqueue master br-cdaceadfcefb state UP group default link/ether da:c3:d6:7e:9e:7d brd ff:ff:ff:ff:ff:ff link-netnsid 26 1947: vethabcc11e@if3: mtu 1500 qdisc noqueue master br-cdaceadfcefb state UP group default link/ether d6:98:0f:1c:32:95 brd ff:ff:ff:ff:ff:ff link-netnsid 15 1948: veth37ad504@if3: mtu 1500 qdisc noqueue master br-01cd476e5307 state UP group default link/ether 3e:db:a6:ef:a9:65 brd ff:ff:ff:ff:ff:ff link-netnsid 25 1949: vethe54897f@if3: mtu 1500 qdisc noqueue master br-01cd476e5307 state UP group default link/ether 66:26:ae:37:1b:8d brd ff:ff:ff:ff:ff:ff link-netnsid 18 1950: veth68989f0@if3: mtu 1500 qdisc noqueue master br-cdaceadfcefb state UP group default link/ether 56:1f:ca:19:da:4a brd ff:ff:ff:ff:ff:ff link-netnsid 16 1951: veth0d9f124@if3: mtu 1500 qdisc noqueue master br-01cd476e5307 state UP group default link/ether fa:57:fb:d1:09:a0 brd ff:ff:ff:ff:ff:ff link-netnsid 26 1952: vethd29efa5@if4: mtu 1500 qdisc noqueue master br-01cd476e5307 state UP group default link/ether 6e:d6:96:a1:f8:3e brd ff:ff:ff:ff:ff:ff link-netnsid 15 1955: veth66db31c@if2: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether 66:0e:0a:02:e9:fe brd ff:ff:ff:ff:ff:ff link-netnsid 34 1958: vethc66dc6d@if2: mtu 1500 qdisc noqueue master br-cdaceadfcefb state UP group default link/ether c6:63:59:51:58:54 brd ff:ff:ff:ff:ff:ff link-netnsid 37 1959: veth2d1f310@if3: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether 4a:79:da:e4:7e:43 brd ff:ff:ff:ff:ff:ff link-netnsid 37 1963: veth43fde68@if2: mtu 1500 qdisc noqueue master br-36cf0e468fc7 state UP group default link/ether 6a:04:ce:ec:55:fc brd ff:ff:ff:ff:ff:ff link-netnsid 47 1707: vethc083d06@if3: mtu 1500 qdisc noqueue master br-f2be33f79fe4 state UP group default link/ether 92:f7:d3:30:86:d4 brd ff:ff:ff:ff:ff:ff link-netnsid 51 1200: veth20c1975@if2: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether 42:f8:2f:c6:6c:81 brd ff:ff:ff:ff:ff:ff link-netnsid 20 1211: veth8597fc6@if2: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether 06:27:a2:bb:11:c0 brd ff:ff:ff:ff:ff:ff link-netnsid 30 1212: veth836ea35@if3: mtu 1500 qdisc noqueue master br-cdaceadfcefb state UP group default link/ether 6e:db:60:1e:a1:4e brd ff:ff:ff:ff:ff:ff link-netnsid 30 1215: veth7726e04@if2: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether a2:5e:7f:c5:94:a1 brd ff:ff:ff:ff:ff:ff link-netnsid 24 1216: veth1996ac2@if3: mtu 1500 qdisc noqueue master br-cdaceadfcefb state UP group default link/ether 76:26:80:a7:3a:f8 brd ff:ff:ff:ff:ff:ff link-netnsid 24 1248: veth7a5b50e@if2: mtu 1500 qdisc noqueue master br-b28f70541993 state UP group default link/ether 86:cc:21:ba:df:da brd ff:ff:ff:ff:ff:ff link-netnsid 51 Status: active Logging: on (low) Default: deny (incoming), allow (outgoing), deny (routed) New profiles: skip To Action From -- ------ ---- 22/tcp ALLOW IN Anywhere # SSH 80/tcp ALLOW IN Anywhere # HTTP 443/tcp ALLOW IN Anywhere # HTTPS 2222/tcp ALLOW IN Anywhere # SFTP 22/tcp (v6) ALLOW IN Anywhere (v6) # SSH 80/tcp (v6) ALLOW IN Anywhere (v6) # HTTP 443/tcp (v6) ALLOW IN Anywhere (v6) # HTTPS 2222/tcp (v6) ALLOW IN Anywhere (v6) # SFTP ### Active Ports tcp LISTEN 0 32768 0.0.0.0:9443 0.0.0.0:* users:(("docker-proxy",pid=3256920,fd=7)) tcp LISTEN 0 32768 0.0.0.0:9000 0.0.0.0:* users:(("docker-proxy",pid=3256905,fd=7)) tcp LISTEN 0 32768 0.0.0.0:80 0.0.0.0:* users:(("docker-proxy",pid=3858614,fd=7)) tcp LISTEN 0 32768 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=6668,fd=3),("systemd",pid=1,fd=94)) tcp LISTEN 0 32768 0.0.0.0:443 0.0.0.0:* users:(("docker-proxy",pid=3858628,fd=7)) tcp LISTEN 0 32768 0.0.0.0:2222 0.0.0.0:* users:(("docker-proxy",pid=3685,fd=7)) tcp LISTEN 0 32768 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=947,fd=15)) tcp LISTEN 0 32768 127.0.0.1:54322 0.0.0.0:* users:(("docker-proxy",pid=3756486,fd=7)) tcp LISTEN 0 32768 127.0.0.1:8200 0.0.0.0:* users:(("docker-proxy",pid=1083069,fd=7)) tcp LISTEN 0 32768 127.0.0.1:8443 0.0.0.0:* users:(("docker-proxy",pid=3756682,fd=7)) tcp LISTEN 0 32768 127.0.0.1:4000 0.0.0.0:* users:(("docker-proxy",pid=3755064,fd=7)) tcp LISTEN 0 32768 127.0.0.1:8000 0.0.0.0:* users:(("docker-proxy",pid=3756668,fd=7)) tcp LISTEN 0 32768 127.0.0.1:8080 0.0.0.0:* users:(("docker-proxy",pid=3858646,fd=7)) tcp LISTEN 0 32768 127.0.0.1:6543 0.0.0.0:* users:(("docker-proxy",pid=3756503,fd=7)) tcp LISTEN 0 32768 127.0.0.1:6379 0.0.0.0:* users:(("docker-proxy",pid=5038,fd=7)) tcp LISTEN 0 32768 127.0.0.1:5432 0.0.0.0:* users:(("docker-proxy",pid=2483145,fd=7)) tcp LISTEN 0 32768 127.0.0.54:53 0.0.0.0:* users:(("systemd-resolve",pid=947,fd=17)) tcp LISTEN 0 32768 127.0.0.1:5672 0.0.0.0:* users:(("docker-proxy",pid=2896427,fd=7)) tcp LISTEN 0 32768 [::]:9443 [::]:* users:(("docker-proxy",pid=3256929,fd=7)) tcp LISTEN 0 32768 [::]:9000 [::]:* users:(("docker-proxy",pid=3256911,fd=7)) tcp LISTEN 0 32768 [::]:80 [::]:* users:(("docker-proxy",pid=3858621,fd=7)) tcp LISTEN 0 32768 [::]:22 [::]:* users:(("sshd",pid=6668,fd=4),("systemd",pid=1,fd=95)) tcp LISTEN 0 32768 [::]:443 [::]:* users:(("docker-proxy",pid=3858635,fd=7)) tcp LISTEN 0 32768 [::]:2222 [::]:* users:(("docker-proxy",pid=3692,fd=7)) ## 🐳 Docker Containers CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 660b7aec0c82 ghcr.io/gitroomhq/postiz-app:latest "docker-entrypoint.s…" 47 minutes ago Up 47 minutes postiz c3fbf6d60fb0 postgres:16-alpine "docker-entrypoint.s…" 47 minutes ago Up 47 minutes (healthy) 5432/tcp postiz-postgres 7ef5f0cf597e redis:7-alpine "docker-entrypoint.s…" 47 minutes ago Up 47 minutes (healthy) 6379/tcp postiz-redis 23861bccd73f ghcr.io/czlonkowski/n8n-mcp:latest "/usr/local/bin/dock…" About an hour ago Up About an hour (unhealthy) 3000/tcp modest_archimedes 064969d30439 ghcr.io/czlonkowski/n8n-mcp:latest "/usr/local/bin/dock…" 2 hours ago Up 2 hours (unhealthy) 3000/tcp inspiring_williams 3cca31225b26 ghcr.io/goauthentik/proxy:2025.10 "/proxy" 40 hours ago Up 40 hours (healthy) 9000/tcp, 9300/tcp, 9443/tcp authentik-proxy a6fe26eb9934 ghcr.io/goauthentik/server:2025.10 "dumb-init -- ak wor…" 40 hours ago Up 40 hours (healthy) authentik-worker 1f6e354b467a ghcr.io/goauthentik/server:2025.10 "dumb-init -- ak ser…" 40 hours ago Up 40 hours (healthy) 0.0.0.0:9000->9000/tcp, [::]:9000->9000/tcp, 0.0.0.0:9443->9443/tcp, [::]:9443->9443/tcp authentik-server 25a68f412881 odoo:17 "/entrypoint.sh odoo" 44 hours ago Up 43 hours 8069/tcp, 8071-8072/tcp odoo 5d07f5eb6fe5 supabase/gotrue:v2.180.0 "auth" 2 days ago Up 2 days (healthy) supabase-auth 303ae814fd50 vaultwarden/server:1.30.5-alpine "/start.sh" 2 days ago Up 2 days (healthy) 80/tcp, 3012/tcp vaultwarden 592d137be91a louislam/uptime-kuma:latest "/usr/bin/dumb-init …" 2 days ago Up 2 days (healthy) 3001/tcp uptime-kuma 1258fd421a69 outlinewiki/outline:latest "docker-entrypoint.s…" 2 days ago Up 14 hours (healthy) 3000/tcp outline a787c1eb15f9 n8nio/n8n:latest "tini -- /docker-ent…" 2 days ago Up 2 days 5678/tcp n8n-worker-4 9481bac8ba68 n8nio/n8n:latest "tini -- /docker-ent…" 2 days ago Up 2 days 5678/tcp n8n-worker-3 258abb057729 n8nio/n8n:latest "tini -- /docker-ent…" 2 days ago Up 2 days 5678/tcp n8n-shared fd00f72c38f6 n8nio/n8n:latest "tini -- /docker-ent…" 2 days ago Up 2 days 5678/tcp n8n-worker-1 3a490c321d85 n8nio/n8n:latest "tini -- /docker-ent…" 2 days ago Up 2 days 5678/tcp n8n-worker-2 d635c0d5c136 mautic/mautic:latest "/entrypoint.sh apac…" 2 days ago Up 2 days 80/tcp mautic e3b888061535 python:3.11-slim "bash -c 'pip instal…" 2 days ago Up 2 days (healthy) mautic-odoo-sync-v2 ec47923639ad mariadb:11 "docker-entrypoint.s…" 2 days ago Up 2 days 3306/tcp mautic-db d449ae3903ea supabase/storage-api:v1.28.0 "docker-entrypoint.s…" 2 days ago Up 2 days (healthy) 5000/tcp supabase-storage b8fa78be545c supabase/realtime:v2.51.11 "/usr/bin/tini -s -g…" 2 days ago Up 2 days (healthy) realtime-dev.supabase-realtime 80d4d268ac60 supabase/supavisor:2.7.0 "/usr/bin/tini -s -g…" 2 days ago Up 2 days (healthy) 127.0.0.1:6543->6543/tcp, 127.0.0.1:54322->5432/tcp supabase-pooler 9ed86a2fed50 supabase/edge-runtime:v1.69.6 "edge-runtime start …" 2 days ago Up 2 days supabase-edge-functions 6373b1dc8ab6 supabase/postgres-meta:v0.91.6 "docker-entrypoint.s…" 2 days ago Up 2 days (healthy) 8080/tcp supabase-meta 38e52ece0e72 kong:2.8.1 "bash -c 'eval \"echo…" 2 days ago Up 2 days (healthy) 127.0.0.1:8000->8000/tcp, 8001/tcp, 127.0.0.1:8443->8443/tcp, 8444/tcp supabase-kong 71fd989b2c96 supabase/studio:2025.10.01-sha-8460121 "docker-entrypoint.s…" 2 days ago Up 2 days (healthy) 3000/tcp supabase-studio 1a7691066a60 postgrest/postgrest:v13.0.7 "postgrest" 2 days ago Up 2 days 3000/tcp supabase-rest 9c4e09d2653c supabase/logflare:1.22.6 "sh run.sh" 2 days ago Up 2 days (healthy) 127.0.0.1:4000->4000/tcp supabase-analytics 318f30451a43 supabase/postgres:15.8.1.085 "docker-entrypoint.s…" 2 days ago Up 2 days (healthy) 5432/tcp supabase-db 7811dff6b5f8 darthsim/imgproxy:v3.8.0 "imgproxy" 2 days ago Up 2 days (healthy) 8080/tcp supabase-imgproxy 58fa01ba1584 timberio/vector:0.28.1-alpine "/usr/local/bin/vect…" 2 days ago Up 2 days (healthy) supabase-vector a1c2f13391ee postgres:16-alpine "docker-entrypoint.s…" 2 days ago Up 2 days (healthy) 5432/tcp authentik-postgres b52c9347eefb redis:alpine "docker-entrypoint.s…" 2 days ago Up 2 days (healthy) 6379/tcp authentik-redis c1f6563f4b5d python:3.11-slim "bash -c 'pip instal…" 2 days ago Up 2 days mautic-sync-webhook 04a59f8cf255 portainer/portainer-ce:latest "/portainer" 2 days ago Up 2 days 8000/tcp, 9000/tcp, 9443/tcp portainer cb211205bdff atendai/evolution-api:latest "/bin/bash -c '. ./D…" 2 days ago Up 2 days 8080/tcp evolution-api a5a5a21d4fa4 rabbitmq:3.13-management-alpine "docker-entrypoint.s…" 2 days ago Up 2 days (healthy) 4369/tcp, 5671/tcp, 15671-15672/tcp, 15691-15692/tcp, 25672/tcp, 127.0.0.1:5672->5672/tcp rabbitmq 5a0fd47a2184 dpage/pgadmin4:9.9 "/entrypoint.sh" 2 days ago Up 2 days 80/tcp, 443/tcp pgadmin c97df7338002 postgres:16-alpine "docker-entrypoint.s…" 2 days ago Up 2 days (healthy) 127.0.0.1:5432->5432/tcp postgres-main b0dca1abeb06 traefik:v3.0 "/entrypoint.sh --co…" 2 days ago Up 2 days 0.0.0.0:80->80/tcp, [::]:80->80/tcp, 0.0.0.0:443->443/tcp, [::]:443->443/tcp, 127.0.0.1:8080->8080/tcp traefik c8ff70484ca0 hashicorp/vault:1.15 "docker-entrypoint.s…" 4 days ago Up 4 days (healthy) 127.0.0.1:8200->8200/tcp vault ff2a8e2e4e35 nginx:alpine "/docker-entrypoint.…" 11 days ago Up 4 days 80/tcp landing-page 94527547ced8 atmoz/sftp:latest "/entrypoint aimpres…" 12 days ago Up 4 days 0.0.0.0:2222->22/tcp, [::]:2222->22/tcp sftp-server be0461fefae9 redis:7-alpine "docker-entrypoint.s…" 12 days ago Up 4 days (healthy) 127.0.0.1:6379->6379/tcp redis-main NETWORK ID NAME DRIVER SCOPE 908d5a0befd4 authentik_authentik-internal bridge local f02abd181cda bridge bridge local cdaceadfcefb database-internal bridge local 4b9a877223ee host host local a0dd7c187961 mautic-internal bridge local f2be33f79fe4 mautic_mautic-internal bridge local 7c3083a44e08 monitoring bridge local 01cd476e5307 n8n-shared bridge local d21678395b05 none null local 39a0028fdb88 odoo-internal bridge local e581070d94e4 postiz-config_postiz-internal bridge local 9e103eeb0591 postiz_postiz-internal bridge local c797531af13d sftp_default bridge local 36cf0e468fc7 supabase_default bridge local b28f70541993 traefik-public bridge local 4bc92c6c74a8 vault-internal bridge local DRIVER VOLUME NAME local 0ac0cc2630b15d807c8c6145c911173e0c1caebba1a2ce72de11d705e5abae1f local 1dd066ed69708fb2a31d99d6dca0861f64d3fb52c3bc088af51705dc8d541165 local 2db9e9d91a0da33ea09ed13c511c26fc36d627332dc963cc025bd4033b5e03e1 local 2de676687184413b0af227422249bf40ae1c4bca2847e58fbd91a2254b214153 local 3a09c0f3d684cc55dedfa4bef44e1295be9123d540fb9448bdecb3d7c8f6f3db local 3ee11ec7964d26d817d5957b87637b31a1f851e2936067a201fa4c2dfef59cd7 local 07d3f4b5361d23053c1494f59e6b86a7764ade86b19b2bb9a4624575d75840b9 local 8e4e315b81aee308daef197e3c4e38e829bcc1286b7ff84ea95f0bcb0f84c5ee local 08e253e80c4256d0e01c32ecae8685e95638fa7d39ae1f027fc82d6aaabd30f2 local 9c5b61030fbf4bd8d2f1578f38c3da49107f6c16e60c512a98931f1f722f8868 local 9f4440d4a872f68ba860ab94aa4fd00463f26e10e50dfb1894a611950c1e1482 local 10aa85098d110b557b669eff56f9f82d06c1278fabec9a996caf9078ec47e98e local 26e0210c0b333dadf3d70bcf0fa159043983ec941a29ee21585b5e5d5d680726 local 27c0a0d02120b0d5b4b989766c2a17ad129ba754aabfe2079ec120ade3f1e2f4 local 030d0b92eb454cd8b9ebf6a62747744e03461a5399828e3426cec0cb8da83b58 local 39db85e8bb12e086c58d120404af933d23068d1b81e6181b0ab959f976c45e59 local 74ab80435a8c349210f5d61410bc2dc09c464553a36363ed31ad0f2cf9f84c28 local 86a912e031eeb261e1aa0dd066c5f584893479c7858823c63f68617e9e5a8a0f local 90a291d400f6bf6c4bc60c241380c098ed78ecd74da949f57b21d64169fde327 local 109b0a2914765a14051c5eb5cea0fe7cefe68190cfb99256e0e30e9d1867e194 local 134e1cceb87bf846f832690a6063f1ae92af79b14e56cc9cf3a52c4cf4df3d43 local 300b57dec2f42f6a1ad8843469f5351c1ab8d6aaeae8599970727d5c297e468c local 377f49a9a48a005467a38d0c7e2c939efa379a804d7a2e43f15372e1fb5ed2ab local 472ddb3cbc5ab19c28d5a0983a97e8b1efd82d0710d0c2c929d55e1c89ea65f2 local 616e3e53a74db30eecdf33ba1d624cde4cf305a3dca7d43363e086818d6fdc41 local 43529ad5de6fa339e2f7664085ad85d0d0547797b017eee69dff3e2b953c1119 local 53983ac9c6a21c80dc5a9facddc70dac9d2de9d70fdbe1d14de9910c6f967e91 local 66084dee334754ba37a01b3056a875d51c6131540d903ae36c143220b25aed78 local 46747393c732566ec667dd790893692f1cca4258f0a0f80a3922020ca60e02b3 local 31807040665eacb2b72e4fc33710821214d0960a84897065adc2d4c86f6d44ae local a4e459166fd1159b14d48c7a2ff8760f2e06dcb15811f1b21f8da72ccd537ce4 local a324c9c561a09b1de363269dd089966534bdd327675a50e41d30b08f133764da local a473ea1d369a662708f5ed7624bef9d9bbc1f8f8c669502d9662d775076de79a local a83733bc35f6cfd44ca0102797d5fef0c017f1095cb596bca713915af885c86f local aba015b6e780d5166fc3ed7407403f95fcff45d2ad49e0b6bf2a04f76233b36b local af76834f949c4b2568fcd48fc2b874bb4e04f6c817609121a680357a89055e8f local affb3c0cd71e92af9445f358a116e62f6798c483dab51f18eae77a332aa3ff40 local authentik_authentik-postgres-data local authentik_authentik-redis-data local ba1bbc413c8c10f2e20b4e91dec4ae6cf70e54b07bbd1e33e88afe009b01b985 local bdd64a6acbc05157071275c3171ea999e9a44806a4c10febf66eef9a0ac391b5 local ca1ae0e2593e6a49f89ba28e79d784f6381881025e610edaefe62c4cab946667 local cdf82ab0162c73ebe7f85c410dabce03c704ecd0b8a5df395904b99160282eba local ce2100c8ea7fb76ab1c8517e98b7295b711a92d754e59b00f55ec2fdd51d31be local cea4500c3db82f3c9c593a9fea48fc35271d94e75c821d06b34a8ef7b398133e local d496f15e11f29072e4327818ddca41c0b4c9e77ff59b7ecc38886668e8ffc2f9 local d35512c8aacfab7d5b1810489c9c2167980ee7912d4e2d990858f2dc9d71f6d2 local deb63fd68453694ad2f5fb243edaecc85164450f41eaefb14719847ae4beef5c local e5a81166c29d95a587ae88b5e1a7fd207dfe813a28609735a0590fd743d909ef local ead2af7e8f51f6a556b541d217778471b7e2e9b1777bdc676942e4d4eda8a19e local ede5cd42e730c228f46ef5c9003d3158f95ac5c46d14a1c86f87ef559f32750e local evolution-api_evolution-data local evolution-data local f1c5cb4b6aee06e57bc55b9424c92ae6674dfd646cd5cf035bd963210ec0b359 local f666b89a542669a7c89dafad138881f8c8d8212ebdb54c3f9d6af13e9cb09e08 local f4075c4e866cfe0634a54bead561729b8f5c8af467ffa6edf15736ea37cc59d9 local mautic_mautic-data local mautic_mautic-db-data local n8n-data local n8n-shared_n8n-data local odoo-addons local odoo-data local odoo_odoo-addons local odoo_odoo-data local openwebui_openwebui-data local outline-data local outline_outline-data local pgadmin-data local portainer-data local portainer_portainer-data local postgres_pgadmin-data local postiz-config local postiz-postgres-data local postiz-redis-data local postiz-uploads local postiz_postiz-config local postiz_postiz-postgres local postiz_postiz-postgres-data local postiz_postiz-redis local postiz_postiz-redis-data local postiz_postiz-uploads local rabbitmq-data local rabbitmq_rabbitmq-data local redis-data local redis_redis-data local supabase_db-config local uptime-kuma local uptime-kuma-data local uptime-kuma_uptime-kuma-data local vaultwarden-data local vaultwarden_vaultwarden-data ## ⚙️ Docker Compose Files ### ${f} ```yaml version: '3.8' services: postiz: image: ghcr.io/gitroomhq/postiz-app:latest container_name: postiz restart: unless-stopped env_file: .env depends_on: postiz-postgres: condition: service_healthy postiz-redis: condition: service_healthy networks: - traefik-public - postiz-internal volumes: - postiz-uploads:/uploads labels: - "traefik.enable=true" - "traefik.docker.network=traefik-public" # Main frontend: social.ai-impress.com (with Authelia) - "traefik.http.routers.postiz.rule=Host(`social.ai-impress.com`)" - "traefik.http.routers.postiz.entrypoints=websecure" - "traefik.http.routers.postiz.tls.certresolver=cloudflare" - "traefik.http.routers.postiz.middlewares=authentik@file" # Uploads subdomain: uploads.ai-impress.com (without Authelia, for social media bots) - "traefik.http.routers.postiz-uploads.rule=Host(`uploads.ai-impress.com`)" - "traefik.http.routers.postiz-uploads.entrypoints=websecure" - "traefik.http.routers.postiz-uploads.tls.certresolver=cloudflare" # Service port - "traefik.http.services.postiz.loadbalancer.server.port=5000" postiz-postgres: image: postgres:16-alpine container_name: postiz-postgres restart: unless-stopped environment: POSTGRES_DB: postiz POSTGRES_USER: postiz POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} networks: - postiz-internal volumes: - postiz-postgres-data:/var/lib/postgresql/data healthcheck: test: ["CMD-SHELL", "pg_isready -U postiz -d postiz"] interval: 10s timeout: 5s retries: 5 postiz-redis: image: redis:7-alpine container_name: postiz-redis restart: unless-stopped networks: - postiz-internal volumes: - postiz-redis-data:/data healthcheck: test: ["CMD", "redis-cli", "ping"] interval: 10s timeout: 5s retries: 5 volumes: postiz-uploads: external: true name: postiz_postiz-uploads postiz-postgres-data: external: true name: postiz_postiz-postgres-data postiz-redis-data: external: true name: postiz_postiz-redis-data networks: traefik-public: external: true postiz-internal: driver: bridge ``` ### ${f} ```yaml version: '3.8' services: redis: image: redis:7-alpine container_name: redis-main restart: unless-stopped env_file: - .env command: > redis-server --requirepass ${REDIS_PASSWORD} --maxmemory 4gb --maxmemory-policy allkeys-lru --appendonly yes --appendfsync everysec --save 900 1 --save 300 10 --save 60 10000 networks: - database-internal volumes: - redis-data:/data ports: - "127.0.0.1:6379:6379" healthcheck: test: ["CMD", "redis-cli", "--raw", "incr", "ping"] interval: 10s timeout: 3s retries: 5 volumes: redis-data: networks: database-internal: external: true ``` ### ${f} ```yaml services: traefik: image: traefik:v3.0 container_name: traefik restart: unless-stopped security_opt: - no-new-privileges:true networks: - traefik-public ports: - "80:80" - "443:443" - "127.0.0.1:8080:8080" env_file: - .env command: - --configFile=/traefik.yml - --serverstransport.maxResponseHeaderBytes=524288 environment: - GOGC=40 volumes: - /etc/localtime:/etc/localtime:ro - /var/run/docker.sock:/var/run/docker.sock:ro - ./config/traefik.yml:/traefik.yml:ro - ./config/dynamic.yml:/dynamic.yml:ro - ./acme:/acme - ./logs:/logs labels: - "traefik.enable=true" - "traefik.http.routers.traefik-dashboard.rule=Host(`traefik.ai-impress.com`)" - "traefik.http.routers.traefik-dashboard.entrypoints=websecure" - "traefik.http.routers.traefik-dashboard.tls.certresolver=cloudflare" - "traefik.http.routers.traefik-dashboard.service=api@internal" - "traefik.http.routers.traefik-dashboard.middlewares=authentik@file" - "traefik.http.services.traefik-dashboard.loadbalancer.server.port=8080" networks: traefik-public: external: true ``` ### ${f} ```yaml version: '3.8' services: rabbitmq: image: rabbitmq:3.13-management-alpine container_name: rabbitmq restart: unless-stopped hostname: rabbitmq-aimpress networks: - database-internal - traefik-public env_file: - .env environment: RABBITMQ_DEFAULT_USER: ${RABBITMQ_USER} RABBITMQ_DEFAULT_PASS: ${RABBITMQ_PASSWORD} RABBITMQ_DEFAULT_VHOST: / volumes: - rabbitmq-data:/var/lib/rabbitmq - ./rabbitmq.conf:/etc/rabbitmq/rabbitmq.conf:ro ports: - 127.0.0.1:5672:5672 labels: - traefik.enable=true - traefik.http.routers.rabbitmq.rule=Host(`rabbitmq.ai-impress.com`) - traefik.http.routers.rabbitmq.entrypoints=websecure - traefik.http.routers.rabbitmq.tls.certresolver=cloudflare - traefik.http.services.rabbitmq.loadbalancer.server.port=15672 - traefik.http.routers.rabbitmq.middlewares=authentik@file healthcheck: test: rabbitmq-diagnostics -q ping interval: 30s timeout: 10s retries: 5 volumes: rabbitmq-data: null networks: database-internal: external: true traefik-public: external: true ``` ### ${f} ```yaml version: '3.8' services: postgres: image: postgres:16-alpine container_name: postgres-main restart: unless-stopped networks: - database-internal env_file: - .env environment: POSTGRES_USER: ${POSTGRES_ADMIN_USER} POSTGRES_PASSWORD: ${POSTGRES_ADMIN_PASSWORD} POSTGRES_DB: postgres PGDATA: /var/lib/postgresql/data/pgdata volumes: - /mnt/psql-data:/var/lib/postgresql/data - ./init-scripts:/docker-entrypoint-initdb.d:ro - ./backups:/backups ports: - 127.0.0.1:5432:5432 command: - postgres - -c - max_connections=200 - -c - shared_buffers=2GB - -c - effective_cache_size=6GB healthcheck: test: - CMD-SHELL - pg_isready -U ${POSTGRES_ADMIN_USER} -d postgres interval: 10s timeout: 5s retries: 5 pgadmin: image: dpage/pgadmin4:9.9 container_name: pgadmin restart: unless-stopped networks: - database-internal - traefik-public env_file: - .env environment: PGADMIN_DEFAULT_EMAIL: ${PGADMIN_EMAIL} PGADMIN_DEFAULT_PASSWORD: ${PGADMIN_PASSWORD} PGADMIN_CONFIG_SERVER_MODE: 'True' PGADMIN_CONFIG_MASTER_PASSWORD_REQUIRED: 'False' PGADMIN_SERVER_JSON_FILE: /pgadmin4/servers.json PGADMIN_CONFIG_AUTHENTICATION_SOURCES: '[''webserver'']' PGADMIN_CONFIG_WEBSERVER_REMOTE_USER: '''X-authentik-username''' PGADMIN_CONFIG_WEBSERVER_AUTO_CREATE_USER: 'True' volumes: - pgadmin-data:/var/lib/pgadmin - ./pgadmin-config/servers.json:/pgadmin4/servers.json:ro labels: - traefik.enable=true - traefik.http.routers.pgadmin.rule=Host(`pgadmin.ai-impress.com`) - traefik.http.routers.pgadmin.entrypoints=websecure - traefik.http.routers.pgadmin.tls.certresolver=cloudflare - traefik.http.services.pgadmin.loadbalancer.server.port=80 - traefik.http.routers.pgadmin.middlewares=authentik@file depends_on: postgres: condition: service_healthy volumes: pgadmin-data: null networks: database-internal: external: true traefik-public: external: true ``` ### ${f} ```yaml version: '3.8' services: vault: image: hashicorp/vault:1.15 container_name: vault restart: unless-stopped cap_add: - IPC_LOCK networks: - vault-internal - traefik-public ports: - "127.0.0.1:8200:8200" environment: VAULT_ADDR: 'http://127.0.0.1:8200' VAULT_API_ADDR: 'https://vault-admin.ai-impress.com' VAULT_UI: 'true' volumes: - ./config:/vault/config:ro - ./data:/vault/data - ./logs:/vault/logs command: server labels: - "traefik.enable=true" - "traefik.http.routers.vault.rule=Host(`vault-admin.ai-impress.com`)" - "traefik.http.routers.vault.entrypoints=websecure" - "traefik.http.routers.vault.tls.certresolver=cloudflare" - "traefik.http.services.vault.loadbalancer.server.port=8200" healthcheck: test: ["CMD", "vault", "status"] interval: 30s timeout: 5s retries: 3 start_period: 30s volumes: vault-data: networks: vault-internal: external: true traefik-public: external: true ``` ### ${f} ```yaml version: '3.8' services: mautic-db: image: mariadb:11 container_name: mautic-db restart: unless-stopped networks: - mautic-internal environment: - MYSQL_ROOT_PASSWORD=mautic_root_pass_2025 - MYSQL_DATABASE=mautic - MYSQL_USER=mautic_user - MYSQL_PASSWORD=mautic_pass_secure_2025 volumes: - mautic-db-data:/var/lib/mysql command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci mautic: image: mautic/mautic:latest container_name: mautic restart: unless-stopped networks: - traefik-public - mautic-internal depends_on: - mautic-db environment: - MAUTIC_DB_HOST=mautic-db - MAUTIC_DB_PORT=3306 - MAUTIC_DB_USER=mautic_user - MAUTIC_DB_PASSWORD=mautic_pass_secure_2025 - MAUTIC_DB_DATABASE=mautic - MAUTIC_RUN_CRON_JOBS=true - MAUTIC_URL=https://marketing.ai-impress.com - DEBUG=false - MAUTIC_MAILER_HOST=aiimpress-com0e.mail.protection.outlook.com - MAUTIC_MAILER_PORT=25 - MAUTIC_MAILER_FROM_EMAIL=noreply@ai-impress.com - MAUTIC_MAILER_TRANSPORT=smtp - MAUTIC_SAML_ENABLED=true - MAUTIC_SAML_ENTITY_ID=marketing.ai-impress.com - MAUTIC_SAML_LOGIN_PATH=/s/saml/login - MAUTIC_SAML_LOGIN_CHECK_PATH=/s/saml/login_check volumes: - mautic-data:/var/www/html labels: - traefik.enable=true - traefik.docker.network=traefik-public # Main router with auth (for UI) - traefik.http.routers.mautic.rule=Host(`marketing.ai-impress.com`) - traefik.http.routers.mautic.entrypoints=websecure - traefik.http.routers.mautic.tls.certresolver=cloudflare - traefik.http.routers.mautic.priority=1 - traefik.http.routers.mautic.middlewares=mautic-auth # API router without auth (for OAuth2 and API endpoints) - traefik.http.routers.mautic-api.rule=Host(`marketing.ai-impress.com`) && (PathPrefix(`/oauth`) || PathPrefix(`/api`)) - traefik.http.routers.mautic-api.entrypoints=websecure - traefik.http.routers.mautic-api.tls.certresolver=cloudflare - traefik.http.routers.mautic-api.priority=10 # Middleware for auth - traefik.http.middlewares.mautic-auth.forwardauth.address=http://authentik-proxy:9000/outpost.goauthentik.io/auth/traefik - traefik.http.middlewares.mautic-auth.forwardauth.trustForwardHeader=true - traefik.http.middlewares.mautic-auth.forwardauth.authResponseHeaders=X-authentik-username,X-authentik-groups,X-authentik-email,X-authentik-name,X-authentik-uid # Service - traefik.http.services.mautic.loadbalancer.server.port=80 volumes: mautic-db-data: null mautic-data: null networks: traefik-public: external: true mautic-internal: driver: bridge ``` ### ${f} ```yaml version: "3.8" services: outline: image: outlinewiki/outline:latest container_name: outline restart: unless-stopped networks: - traefik-public - database-internal env_file: - .env environment: DATABASE_URL: postgres://outline_user:${DB_PASSWORD}@postgres-main:5432/outline?sslmode=disable REDIS_URL: redis://:${REDIS_PASSWORD}@redis-main:6379 URL: https://wiki.ai-impress.com PORT: 3000 SECRET_KEY: ${SECRET_KEY} UTILS_SECRET: ${UTILS_SECRET} NODE_OPTIONS: "--max-http-header-size=32768" volumes: - outline-data:/var/lib/outline/data labels: - "traefik.enable=true" - "traefik.docker.network=traefik-public" - "traefik.http.routers.outline.rule=Host(`wiki.ai-impress.com`)" - "traefik.http.routers.outline.entrypoints=websecure" - "traefik.http.routers.outline.tls.certresolver=cloudflare" - "traefik.http.services.outline.loadbalancer.server.port=3000" volumes: outline-data: networks: traefik-public: external: true database-internal: external: true ``` ### ${f} ```yaml version: '3.8' services: odoo: image: odoo:17 container_name: odoo restart: unless-stopped networks: - traefik-public - database-internal environment: - HOST=postgres-main - PORT=5432 - USER=odoo_user - PASSWORD=aeK3HvEL8E7pkic898XII4vCCyioM8yu volumes: - odoo-data:/var/lib/odoo - odoo-addons:/mnt/extra-addons - /opt/03-business/odoo/odoo.conf:/etc/odoo/odoo.conf:ro labels: - traefik.enable=true - traefik.docker.network=traefik-public - traefik.http.routers.odoo-api.rule=Host(`odoo.ai-impress.com`) && (PathPrefix(`/xmlrpc`) || PathPrefix(`/jsonrpc`) || PathPrefix(`/web/session`) || PathPrefix(`/web/database`) || PathPrefix(`/web/webclient`)|| Path(`/web/login`) || PathPrefix(`/auth_oauth`)) - traefik.http.routers.odoo-api.entrypoints=websecure - traefik.http.routers.odoo-api.tls.certresolver=cloudflare - traefik.http.routers.odoo-api.priority=100 - traefik.http.routers.odoo.rule=Host(`odoo.ai-impress.com`) - traefik.http.routers.odoo.entrypoints=websecure - traefik.http.routers.odoo.tls.certresolver=cloudflare - traefik.http.routers.odoo.priority=1 - traefik.http.services.odoo.loadbalancer.server.port=8069 volumes: odoo-data: null odoo-addons: null networks: traefik-public: external: true database-internal: external: true ``` ### ${f} ```yaml version: '3.8' services: n8n: image: n8nio/n8n:latest container_name: n8n-shared restart: unless-stopped networks: - traefik-public - database-internal - n8n-shared env_file: - .env environment: # General N8N_HOST: n8n.ai-impress.com N8N_PORT: 5678 N8N_PROTOCOL: https WEBHOOK_URL: https://n8n.ai-impress.com/ # Database DB_TYPE: postgresdb DB_POSTGRESDB_HOST: postgres-main DB_POSTGRESDB_PORT: 5432 DB_POSTGRESDB_DATABASE: n8n_shared DB_POSTGRESDB_USER: n8n_user DB_POSTGRESDB_PASSWORD: ${DB_PASSWORD} DB_POSTGRESDB_POOL_SIZE: 10 # Queue Mode (Redis) QUEUE_BULL_REDIS_HOST: redis-main QUEUE_BULL_REDIS_PORT: 6379 QUEUE_BULL_REDIS_PASSWORD: ${REDIS_PASSWORD} QUEUE_BULL_REDIS_DB: 2 EXECUTIONS_MODE: queue # Workers configuration QUEUE_HEALTH_CHECK_ACTIVE: 'true' # Security N8N_BASIC_AUTH_ACTIVE: 'false' N8N_ENCRYPTION_KEY: ${N8N_ENCRYPTION_KEY} N8N_PAYLOAD_SIZE_MAX: 64 # Performance EXECUTIONS_DATA_PRUNE: 'true' EXECUTIONS_DATA_MAX_AGE: 168 N8N_CONCURRENCY_PRODUCTION_LIMIT: 5 # Timezone GENERIC_TIMEZONE: Europe/London TZ: Europe/London volumes: - n8n-data:/home/node/.n8n - ./custom-nodes:/home/node/.n8n/custom deploy: resources: limits: cpus: '4' memory: 2G reservations: cpus: '1' memory: 512M labels: - "traefik.enable=true" # Webhook роутер БЕЗ Authelia - "traefik.http.routers.n8n-webhook.rule=Host(`n8n.ai-impress.com`) && (PathPrefix(`/webhook/`) || PathPrefix(`/webhook-test/`))" - "traefik.http.routers.n8n-webhook.entrypoints=websecure" - "traefik.http.routers.n8n-webhook.tls.certresolver=cloudflare" - "traefik.http.routers.n8n-webhook.service=n8n-shared-service" - "traefik.http.routers.n8n-webhook.priority=200" # OAuth роутер БЕЗ Authelia - "traefik.http.routers.n8n-oauth.rule=Host(`n8n.ai-impress.com`) && PathPrefix(`/rest/oauth`)" - "traefik.http.routers.n8n-oauth.entrypoints=websecure" - "traefik.http.routers.n8n-oauth.tls.certresolver=cloudflare" - "traefik.http.routers.n8n-oauth.service=n8n-shared-service" - "traefik.http.routers.n8n-oauth.priority=150" # Основной роутер БЕЗ Authelia - "traefik.http.routers.n8n-shared.rule=Host(`n8n.ai-impress.com`)" - "traefik.http.routers.n8n-shared.entrypoints=websecure" - "traefik.http.routers.n8n-shared.tls.certresolver=cloudflare" - "traefik.http.routers.n8n-shared.service=n8n-shared-service" - "traefik.http.routers.n8n-shared.priority=50" # Сервис - "traefik.http.services.n8n-shared-service.loadbalancer.server.port=5678" # Worker 1 - High concurrency для быстрых задач n8n-worker-1: image: n8nio/n8n:latest container_name: n8n-worker-1 restart: unless-stopped command: worker networks: - database-internal - n8n-shared env_file: - .env environment: # Database DB_TYPE: postgresdb DB_POSTGRESDB_HOST: postgres-main DB_POSTGRESDB_PORT: 5432 DB_POSTGRESDB_DATABASE: n8n_shared DB_POSTGRESDB_USER: n8n_user DB_POSTGRESDB_PASSWORD: ${DB_PASSWORD} DB_POSTGRESDB_POOL_SIZE: 5 # Queue Mode (Redis) QUEUE_BULL_REDIS_HOST: redis-main QUEUE_BULL_REDIS_PORT: 6379 QUEUE_BULL_REDIS_PASSWORD: ${REDIS_PASSWORD} QUEUE_BULL_REDIS_DB: 2 EXECUTIONS_MODE: queue # Worker settings N8N_CONCURRENCY_PRODUCTION_LIMIT: 20 # Security N8N_ENCRYPTION_KEY: ${N8N_ENCRYPTION_KEY} # Timezone GENERIC_TIMEZONE: Europe/London TZ: Europe/London volumes: - n8n-data:/home/node/.n8n - ./custom-nodes:/home/node/.n8n/custom deploy: resources: limits: cpus: '4' memory: 4G reservations: cpus: '2' memory: 1G # Worker 2 - High concurrency n8n-worker-2: image: n8nio/n8n:latest container_name: n8n-worker-2 restart: unless-stopped command: worker networks: - database-internal - n8n-shared env_file: - .env environment: # Database DB_TYPE: postgresdb DB_POSTGRESDB_HOST: postgres-main DB_POSTGRESDB_PORT: 5432 DB_POSTGRESDB_DATABASE: n8n_shared DB_POSTGRESDB_USER: n8n_user DB_POSTGRESDB_PASSWORD: ${DB_PASSWORD} DB_POSTGRESDB_POOL_SIZE: 5 # Queue Mode (Redis) QUEUE_BULL_REDIS_HOST: redis-main QUEUE_BULL_REDIS_PORT: 6379 QUEUE_BULL_REDIS_PASSWORD: ${REDIS_PASSWORD} QUEUE_BULL_REDIS_DB: 2 EXECUTIONS_MODE: queue # Worker settings N8N_CONCURRENCY_PRODUCTION_LIMIT: 20 # Security N8N_ENCRYPTION_KEY: ${N8N_ENCRYPTION_KEY} # Timezone GENERIC_TIMEZONE: Europe/London TZ: Europe/London volumes: - n8n-data:/home/node/.n8n - ./custom-nodes:/home/node/.n8n/custom deploy: resources: limits: cpus: '4' memory: 4G reservations: cpus: '2' memory: 1G # Worker 3 - Medium concurrency для сложных задач n8n-worker-3: image: n8nio/n8n:latest container_name: n8n-worker-3 restart: unless-stopped command: worker networks: - database-internal - n8n-shared env_file: - .env environment: # Database DB_TYPE: postgresdb DB_POSTGRESDB_HOST: postgres-main DB_POSTGRESDB_PORT: 5432 DB_POSTGRESDB_DATABASE: n8n_shared DB_POSTGRESDB_USER: n8n_user DB_POSTGRESDB_PASSWORD: ${DB_PASSWORD} DB_POSTGRESDB_POOL_SIZE: 5 # Queue Mode (Redis) QUEUE_BULL_REDIS_HOST: redis-main QUEUE_BULL_REDIS_PORT: 6379 QUEUE_BULL_REDIS_PASSWORD: ${REDIS_PASSWORD} QUEUE_BULL_REDIS_DB: 2 EXECUTIONS_MODE: queue # Worker settings N8N_CONCURRENCY_PRODUCTION_LIMIT: 15 # Security N8N_ENCRYPTION_KEY: ${N8N_ENCRYPTION_KEY} # Timezone GENERIC_TIMEZONE: Europe/London TZ: Europe/London volumes: - n8n-data:/home/node/.n8n - ./custom-nodes:/home/node/.n8n/custom deploy: resources: limits: cpus: '3' memory: 3G reservations: cpus: '1' memory: 1G # Worker 4 - Medium concurrency n8n-worker-4: image: n8nio/n8n:latest container_name: n8n-worker-4 restart: unless-stopped command: worker networks: - database-internal - n8n-shared env_file: - .env environment: # Database DB_TYPE: postgresdb DB_POSTGRESDB_HOST: postgres-main DB_POSTGRESDB_PORT: 5432 DB_POSTGRESDB_DATABASE: n8n_shared DB_POSTGRESDB_USER: n8n_user DB_POSTGRESDB_PASSWORD: ${DB_PASSWORD} DB_POSTGRESDB_POOL_SIZE: 5 # Queue Mode (Redis) QUEUE_BULL_REDIS_HOST: redis-main QUEUE_BULL_REDIS_PORT: 6379 QUEUE_BULL_REDIS_PASSWORD: ${REDIS_PASSWORD} QUEUE_BULL_REDIS_DB: 2 EXECUTIONS_MODE: queue # Worker settings N8N_CONCURRENCY_PRODUCTION_LIMIT: 15 # Security N8N_ENCRYPTION_KEY: ${N8N_ENCRYPTION_KEY} # Timezone GENERIC_TIMEZONE: Europe/London TZ: Europe/London volumes: - n8n-data:/home/node/.n8n - ./custom-nodes:/home/node/.n8n/custom deploy: resources: limits: cpus: '3' memory: 3G reservations: cpus: '1' memory: 1G volumes: n8n-data: networks: traefik-public: external: true database-internal: external: true n8n-shared: external: true ``` ### ${f} ```yaml version: '3.8' services: evolution-api: image: atendai/evolution-api:latest container_name: evolution-api restart: unless-stopped networks: - traefik-public - database-internal env_file: - .env environment: DATABASE_PROVIDER: postgresql DATABASE_CONNECTION_URI: postgresql://evolution_user:${DB_PASSWORD}@postgres-main:5432/evolution AUTHENTICATION_API_KEY: ${API_KEY} SERVER_URL: https://wpp.ai-impress.com volumes: - evolution-data:/evolution/instances labels: - "traefik.enable=true" - "traefik.docker.network=traefik-public" # API router without Authelia (higher priority) - "traefik.http.routers.evolution-api.rule=Host(`wpp.ai-impress.com`) && (PathPrefix(`/instance`) || PathPrefix(`/message`) || PathPrefix(`/chat`) || PathPrefix(`/webhook`) || PathPrefix(`/settings`))" - "traefik.http.routers.evolution-api.entrypoints=websecure" - "traefik.http.routers.evolution-api.tls.certresolver=cloudflare" - "traefik.http.routers.evolution-api.priority=100" # Web UI router with Authelia (lower priority) - "traefik.http.routers.evolution.rule=Host(`wpp.ai-impress.com`)" - "traefik.http.routers.evolution.entrypoints=websecure" - "traefik.http.routers.evolution.tls.certresolver=cloudflare" - "traefik.http.routers.evolution.middlewares=authentik@file" - "traefik.http.routers.evolution.priority=50" # Service - "traefik.http.services.evolution.loadbalancer.server.port=8080" volumes: evolution-data: networks: traefik-public: external: true database-internal: external: true ``` ### ${f} ```yaml version: '3.8' services: uptime-kuma: image: louislam/uptime-kuma:latest container_name: uptime-kuma restart: unless-stopped networks: - traefik-public volumes: - uptime-kuma-data:/app/data environment: # SMTP Configuration - Office365 SMTPHOST: aiimpress-com0e.mail.protection.outlook.com SMTPPORT: 25 SMTPSECURE: "true" SMTPFROM: noreply@ai-impress.com TIMEZONE: Europe/London labels: - "traefik.enable=true" - "traefik.docker.network=traefik-public" - "traefik.http.routers.uptime-kuma.rule=Host(`status.ai-impress.com`)" - "traefik.http.routers.uptime-kuma.entrypoints=websecure" - "traefik.http.routers.uptime-kuma.tls.certresolver=cloudflare" - "traefik.http.services.uptime-kuma.loadbalancer.server.port=3001" - "traefik.http.routers.uptime-kuma.middlewares=authentik@file" networks: traefik-public: external: true volumes: uptime-kuma-data: external: true name: uptime-kuma_uptime-kuma-data ``` ### ${f} ```yaml services: portainer: image: portainer/portainer-ce:latest container_name: portainer restart: unless-stopped security_opt: - no-new-privileges:true networks: - traefik-public volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - portainer-data:/data labels: - "traefik.enable=true" - "traefik.docker.network=traefik-public" - "traefik.http.routers.portainer.entrypoints=websecure" - "traefik.http.routers.portainer.rule=Host(`portainer.ai-impress.com`)" - "traefik.http.routers.portainer.tls=true" - "traefik.http.routers.portainer.tls.certresolver=cloudflare" - "traefik.http.routers.portainer.middlewares=authentik@file" - "traefik.http.services.portainer.loadbalancer.server.port=9000" networks: traefik-public: external: true volumes: portainer-data: external: true name: portainer_portainer-data ``` ### ${f} ```yaml version: "3.8" services: postgresql: image: postgres:16-alpine container_name: authentik-postgres restart: unless-stopped healthcheck: test: ["CMD-SHELL", "pg_isready -d ${POSTGRES_DB} -U ${POSTGRES_USER}"] start_period: 20s interval: 30s retries: 5 timeout: 5s volumes: - authentik-postgres-data:/var/lib/postgresql/data environment: POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} POSTGRES_USER: ${POSTGRES_USER} POSTGRES_DB: ${POSTGRES_DB} networks: - authentik-internal redis: image: redis:alpine container_name: authentik-redis command: --save 60 1 --loglevel warning --requirepass ${REDIS_PASSWORD} restart: unless-stopped healthcheck: test: ["CMD-SHELL", "redis-cli --pass ${REDIS_PASSWORD} ping | grep PONG"] start_period: 20s interval: 30s retries: 5 timeout: 3s volumes: - authentik-redis-data:/data networks: - authentik-internal server: image: ghcr.io/goauthentik/server:2025.10 container_name: authentik-server restart: unless-stopped command: server environment: AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY} AUTHENTIK_ERROR_REPORTING__ENABLED: ${AUTHENTIK_ERROR_REPORTING__ENABLED} AUTHENTIK_LOG_LEVEL: ${AUTHENTIK_LOG_LEVEL} AUTHENTIK_REDIS__HOST: redis AUTHENTIK_REDIS__PASSWORD: ${REDIS_PASSWORD} AUTHENTIK_POSTGRESQL__HOST: postgresql AUTHENTIK_POSTGRESQL__USER: ${POSTGRES_USER} AUTHENTIK_POSTGRESQL__NAME: ${POSTGRES_DB} AUTHENTIK_POSTGRESQL__PASSWORD: ${POSTGRES_PASSWORD} volumes: - ./media:/media - ./custom-templates:/templates - ./blueprints:/blueprints/custom ports: - "9000:9000" - "9443:9443" depends_on: - postgresql - redis networks: - authentik-internal - traefik-public labels: - "traefik.enable=true" - "traefik.docker.network=traefik-public" - "traefik.http.routers.authentik.rule=Host(`auth.ai-impress.com`)" - "traefik.http.routers.authentik.entrypoints=websecure" - "traefik.http.routers.authentik.tls.certresolver=cloudflare" - "traefik.http.services.authentik.loadbalancer.server.port=9000" worker: image: ghcr.io/goauthentik/server:2025.10 container_name: authentik-worker restart: unless-stopped command: worker environment: AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY} AUTHENTIK_ERROR_REPORTING__ENABLED: ${AUTHENTIK_ERROR_REPORTING__ENABLED} AUTHENTIK_LOG_LEVEL: ${AUTHENTIK_LOG_LEVEL} AUTHENTIK_REDIS__HOST: redis AUTHENTIK_REDIS__PASSWORD: ${REDIS_PASSWORD} AUTHENTIK_POSTGRESQL__HOST: postgresql AUTHENTIK_POSTGRESQL__USER: ${POSTGRES_USER} AUTHENTIK_POSTGRESQL__NAME: ${POSTGRES_DB} AUTHENTIK_POSTGRESQL__PASSWORD: ${POSTGRES_PASSWORD} user: root volumes: - ./media:/media - ./custom-templates:/templates - ./blueprints:/blueprints/custom - /var/run/docker.sock:/var/run/docker.sock - ./certs:/certs depends_on: - postgresql - redis networks: - authentik-internal proxy: image: ghcr.io/goauthentik/proxy:2025.10 container_name: authentik-proxy restart: unless-stopped environment: AUTHENTIK_HOST: http://authentik-server:9000 AUTHENTIK_HOST_BROWSER: https://auth.ai-impress.com AUTHENTIK_INSECURE: "false" AUTHENTIK_TOKEN: 07EyrIosrXyWjPO8Mk3QbSMm1JZI3gUIwaFKsbNXbJSv7WAOeI1MCBxnOW5Y networks: - traefik-public - authentik-internal depends_on: - server volumes: authentik-postgres-data: driver: local authentik-redis-data: driver: local networks: authentik-internal: driver: bridge traefik-public: external: true ``` ### ${f} ```yaml version: '3.8' services: vaultwarden: image: vaultwarden/server:1.30.5-alpine container_name: vaultwarden restart: unless-stopped networks: - traefik-public - database-internal env_file: - .env environment: DOMAIN: https://vault.ai-impress.com SIGNUPS_ALLOWED: 'true' INVITATIONS_ALLOWED: 'true' SHOW_PASSWORD_HINT: 'false' ADMIN_TOKEN: ${ADMIN_TOKEN} DATABASE_URL: postgresql://${DB_USER}:${DB_PASSWORD}@postgres-main:5432/vaultwarden SMTP_HOST: ${SMTP_HOST} SMTP_FROM: ${SMTP_FROM} SMTP_PORT: 587 SMTP_SECURITY: starttls SMTP_USERNAME: ${SMTP_USERNAME} SMTP_PASSWORD: ${SMTP_PASSWORD} SMTP_TIMEOUT: 15 WEB_VAULT_ENABLED: 'true' volumes: - vaultwarden-data:/data labels: - "traefik.enable=true" - "traefik.http.routers.vaultwarden.rule=Host(`vault.ai-impress.com`)" - "traefik.http.routers.vaultwarden.entrypoints=websecure" - "traefik.http.routers.vaultwarden.tls.certresolver=cloudflare" - "traefik.http.services.vaultwarden.loadbalancer.server.port=80" - "traefik.http.routers.vaultwarden.middlewares=security-headers@file" # Admin panel - "traefik.http.routers.vaultwarden-admin.rule=Host(`vault.ai-impress.com`) && PathPrefix(`/admin`)" - "traefik.http.routers.vaultwarden-admin.entrypoints=websecure" - "traefik.http.routers.vaultwarden-admin.tls.certresolver=cloudflare" volumes: vaultwarden-data: networks: traefik-public: external: true database-internal: external: true ``` ## 🔐 Authentik & Traefik 3cca31225b26 ghcr.io/goauthentik/proxy:2025.10 "/proxy" 40 hours ago Up 40 hours (healthy) 9000/tcp, 9300/tcp, 9443/tcp authentik-proxy a6fe26eb9934 ghcr.io/goauthentik/server:2025.10 "dumb-init -- ak wor…" 40 hours ago Up 40 hours (healthy) authentik-worker 1f6e354b467a ghcr.io/goauthentik/server:2025.10 "dumb-init -- ak ser…" 40 hours ago Up 40 hours (healthy) 0.0.0.0:9000->9000/tcp, [::]:9000->9000/tcp, 0.0.0.0:9443->9443/tcp, [::]:9443->9443/tcp authentik-server a1c2f13391ee postgres:16-alpine "docker-entrypoint.s…" 2 days ago Up 2 days (healthy) 5432/tcp authentik-postgres b52c9347eefb redis:alpine "docker-entrypoint.s…" 2 days ago Up 2 days (healthy) 6379/tcp authentik-redis b0dca1abeb06 traefik:v3.0 "/entrypoint.sh --co…" 2 days ago Up 2 days 0.0.0.0:80->80/tcp, [::]:80->80/tcp, 0.0.0.0:443->443/tcp, [::]:443->443/tcp, 127.0.0.1:8080->8080/tcp traefik { "com.docker.compose.config-hash": "067b09622c22cdaedda2d2f9f63094c7ac14332a2029d3384d548f5a85b8dc24", "com.docker.compose.container-number": "1", "com.docker.compose.depends_on": "", "com.docker.compose.image": "sha256:7a4ed730cae1fd3aea7db703c77c5f27cc5550748e492cd963a386f409562568", "com.docker.compose.oneoff": "False", "com.docker.compose.project": "traefik", "com.docker.compose.project.config_files": "/opt/00-infrastructure/traefik/docker-compose.yml", "com.docker.compose.project.working_dir": "/opt/00-infrastructure/traefik", "com.docker.compose.replace": "traefik", "com.docker.compose.service": "traefik", "com.docker.compose.version": "2.40.2", "org.opencontainers.image.description": "A modern reverse-proxy", "org.opencontainers.image.documentation": "https://docs.traefik.io", "org.opencontainers.image.source": "https://github.com/traefik/traefik", "org.opencontainers.image.title": "Traefik", "org.opencontainers.image.url": "https://traefik.io", "org.opencontainers.image.vendor": "Traefik Labs", "org.opencontainers.image.version": "v3.0.4", "traefik.enable": "true", "traefik.http.routers.traefik-dashboard.entrypoints": "websecure", "traefik.http.routers.traefik-dashboard.middlewares": "authentik@file", "traefik.http.routers.traefik-dashboard.rule": "Host(`traefik.ai-impress.com`)", "traefik.http.routers.traefik-dashboard.service": "api@internal", "traefik.http.routers.traefik-dashboard.tls.certresolver": "cloudflare", "traefik.http.services.traefik-dashboard.loadbalancer.server.port": "8080" } ## 🗄️ Databases ### PostgreSQL databases: ### Redis: ## 🧩 Backup & Monitoring total 180K drwxrwxr-x 2 ubuntu ubuntu 4.0K Oct 26 14:58 authelia drwxrwxr-x 2 ubuntu ubuntu 4.0K Oct 26 15:34 authentik drwxrwxr-x 19 ubuntu ubuntu 4.0K Oct 20 13:04 configs drwxrwxr-x 4 ubuntu ubuntu 4.0K Oct 20 13:04 databases drwxr-xr-x 3 ubuntu ubuntu 4.0K Oct 15 09:30 docker drwxr-xr-x 11 ubuntu ubuntu 4.0K Oct 18 03:00 espocrm drwxrwxr-x 2 ubuntu ubuntu 4.0K Oct 27 03:00 evolution-api drwxrwxr-x 2 ubuntu ubuntu 4.0K Oct 27 03:00 evolution-data drwxr-xr-x 2 ubuntu ubuntu 4.0K Oct 22 03:00 librechat drwxr-xr-x 2 ubuntu ubuntu 16K Oct 13 09:39 lost+found drwxrwxr-x 2 ubuntu ubuntu 4.0K Oct 27 03:00 mautic-data drwxrwxr-x 2 ubuntu ubuntu 4.0K Oct 27 03:00 mautic-db drwxr-xr-x 5 ubuntu ubuntu 12K Oct 23 03:00 mongodb drwxrwxr-x 2 ubuntu ubuntu 4.0K Oct 27 03:00 n8n drwx------ 2 ubuntu ubuntu 4.0K Oct 24 21:17 n8n-postgres drwxr-xr-x 6 ubuntu ubuntu 4.0K Oct 23 03:00 odoo drwxrwxr-x 2 ubuntu ubuntu 4.0K Oct 27 03:00 odoo-addons drwxrwxr-x 2 ubuntu ubuntu 4.0K Oct 27 03:00 odoo-data drwxrwxr-x 2 ubuntu ubuntu 4.0K Oct 27 03:00 openwebui -rwxr-xr-x 1 ubuntu ubuntu 7.6K Oct 26 17:34 authentik-services-manager.sh -rwxr-xr-x 1 root root 2.3K Oct 29 13:51 auto-update.sh -rwxr-xr-x 1 ubuntu ubuntu 8.6K Oct 20 10:27 backup-app.sh -rwxr-xr-x 1 ubuntu ubuntu 12K Oct 26 17:09 backup-authentik-improved.sh -rwxrwxr-x 1 ubuntu ubuntu 923 Oct 26 15:07 backup-authentik.sh -rwxrwxr-x 1 ubuntu ubuntu 14K Oct 26 14:59 backup-full.sh -rwxr-xr-x 1 root root 4.8K Oct 24 22:11 backup-full.sh.backup-20251024-231153 -rwxrwxr-x 1 ubuntu ubuntu 14K Oct 26 14:57 backup-full.sh.backup-20251026-145737 -rwxrwxr-x 1 ubuntu ubuntu 14K Oct 24 22:12 backup-full.sh.bak -rwxr-xr-x 1 ubuntu ubuntu 6.0K Oct 20 11:56 check-updates.sh -rwxr-xr-x 1 ubuntu ubuntu 4.2K Oct 20 11:12 check-updates.sh.backup -rwxr-xr-x 1 ubuntu ubuntu 4.9K Oct 20 11:54 check-updates.sh.backup-20251020-115409 -rwxrwxr-x 1 ubuntu ubuntu 1.6K Oct 17 22:22 create-client-database.sh -rwxrwxr-x 1 ubuntu ubuntu 5.8K Oct 17 22:26 create-n8n-vip-instance.sh -rwxrwxr-x 1 ubuntu ubuntu 5.4K Oct 23 22:04 generate-env-from-vault.sh -rwxrwxr-x 1 ubuntu ubuntu 5.2K Oct 23 21:55 generate-env-from-vault.sh.backup-20251023-225538 -rwxrwxr-x 1 ubuntu ubuntu 1.6K Oct 17 22:23 get-client-credentials.sh -rwxr-xr-x 1 ubuntu ubuntu 14K Oct 26 17:10 health-check-improved.sh -rwxr-xr-x 1 root root 5.7K Oct 29 13:51 health-check.sh -rwxrwxr-x 1 ubuntu ubuntu 2.5K Oct 20 15:01 health-check.sh.backup-20251020-160110 -rwxrwxr-x 1 ubuntu ubuntu 5.2K Oct 24 22:39 health-check.sh.backup-20251024-223943 -rwxrwxr-x 1 ubuntu ubuntu 5.5K Oct 25 22:36 health-check.sh.backup-20251025-223638 -rwxrwxr-x 1 ubuntu ubuntu 5.4K Oct 25 23:34 health-check.sh.backup-20251025-233447 -rwxrwxr-x 1 ubuntu ubuntu 5.5K Oct 26 04:00 health-check.sh.backup-20251026-040001 -rwxrwxr-x 1 ubuntu ubuntu 5.6K Oct 26 18:10 health-check.sh.backup-20251026-181026 -rwxrwxr-x 1 ubuntu ubuntu 5.8K Oct 27 12:24 health-check.sh.backup-20251027-122447 -rwxr-xr-x 1 root root 6.5K Oct 29 13:51 health-check.sh.backup-20251029-135119 -rwxr-xr-x 1 ubuntu ubuntu 17K Oct 24 22:38 infrastructure-scanner.sh -rwxr-xr-x 1 ubuntu ubuntu 15K Oct 26 17:08 migrate-authelia-to-authentik.sh -rwxrwxr-x 1 ubuntu ubuntu 5.9K Oct 24 22:44 scripts-help.sh -rwxr-xr-x 1 ubuntu ubuntu 11K Oct 20 11:54 update-app.sh -rwxr-xr-x 1 ubuntu ubuntu 11K Oct 20 11:54 update-app.sh.backup-20251020-115409 -rwxr-xr-x 1 ubuntu ubuntu 13K Oct 20 11:54 update-manager.sh -rwxr-xr-x 1 ubuntu ubuntu 13K Oct 20 11:54 update-manager.sh.backup-20251020-115409 -rwxrwxr-x 1 ubuntu ubuntu 15K Oct 20 12:11 upload-full-docs.sh -rwxrwxr-x 1 ubuntu ubuntu 1.3K Oct 16 16:52 vault-helper.sh ## 🧭 Mount Points sdb ext4 300G /mnt/psql-data sdc ext4 400G /mnt/backups _Generated automatically by AI-Impress Infrastructure Auditor_