Documentation Restructure

services/asset-management/homebox.md

@@ -0,0 +1,76 @@
+**Purpose**: Homebox is the inventory and organization system built for the Home User! With a focus on simplicity and ease of use, Homebox is the perfect solution for your home inventory, organization, and management needs.
+
+[Reference Documentation](https://hay-kot.github.io/homebox/quick-start/)
+
+!!! warning "Protect with Keycloak"
+    The GitHub project for this software appears to have been archived in a read-only state in June 2024.  There is no default admin credential, so setting the environment variable `HBOX_OPTIONS_ALLOW_REGISTRATION` to `false` will literally make you unable to log into the system.  You also cannot change it after-the-fact, so you cannot just register an account then disable it and restart the container, it doesn't work that way.  
+
+    Due to this behavior, it is imperative that you deploy this either only internally, or if its external, put it behind something like [Authentik](../authentication/authentik.md) or [Keycloak](../authentication/keycloak/deployment.md).
+
+## Docker Configuration
+```yaml title="docker-compose.yml"
+version: "3.4"
+
+services:
+  homebox:
+    image: ghcr.io/hay-kot/homebox:latest
+    container_name: homebox
+    restart: always
+    environment:
+    - HBOX_LOG_LEVEL=info
+    - HBOX_LOG_FORMAT=text
+    - HBOX_WEB_MAX_UPLOAD_SIZE=10
+    - HBOX_MODE=production
+    - HBOX_OPTIONS_ALLOW_REGISTRATION=true
+    - HBOX_WEB_MAX_UPLOAD_SIZE=50
+    - HBOX_WEB_READ_TIMEOUT=20
+    - HBOX_WEB_WRITE_TIMEOUT=20
+    - HBOX_WEB_IDLE_TIMEOUT=60
+    - HBOX_MAILER_HOST=${HBOX_MAILER_HOST}
+    - HBOX_MAILER_PORT=${HBOX_MAILER_PORT}
+    - HBOX_MAILER_USERNAME=${HBOX_MAILER_USERNAME}
+    - HBOX_MAILER_PASSWORD=${HBOX_MAILER_PASSWORD}
+    - HBOX_MAILER_FROM=${HBOX_MAILER_FROM}
+    volumes:
+      - /srv/containers/homebox:/data/
+    ports:
+      - 7745:7745
+    networks:
+        docker_network:
+          ipv4_address: 192.168.5.25
+networks:
+  docker_network:
+    external: true
+```
+
+```yaml title=".env"
+HBOX_MAILER_HOST=mail.bunny-lab.io
+HBOX_MAILER_PORT=587
+HBOX_MAILER_USERNAME=noreply@bunny-lab.io
+HBOX_MAILER_PASSWORD=REDACTED
+HBOX_MAILER_FROM=noreply@bunny-lab.io
+```
+
+## Traefik Reverse Proxy Configuration
+If the container does not run on the same host as Traefik, you will need to manually add configuration to Traefik's dynamic config file, outlined below.
+```yaml
+http:
+  routers:
+    homebox:
+      entryPoints:
+        - websecure
+      tls:
+        certResolver: letsencrypt
+      http2:
+      service: homebox
+      rule: Host(`box.bunny-lab.io`)
+      middlewares:
+        - "auth-bunny-lab-io"  # Referencing the Keycloak Server
+  services:
+    homebox:
+      loadBalancer:
+        servers:
+          - url: http://192.168.5.25:7745
+        passHostHeader: true
+```
+

services/asset-management/snipe-it.md

@@ -0,0 +1,136 @@
+**Purpose**: A free open source IT asset/license management system.
+
+!!! warning
+    The Snipe-IT container will attempt to launch after the MariaDB container starts, but MariaDB takes a while set itself up before it can accept connections; as a result, Snipe-IT will fail to initialize the database.  Just wait about 30 seconds after deploying the stack, then restart the Snipe-IT container to initialize the database.  You will know it worked if you see notes about data being `Migrated`.
+
+## Docker Configuration
+```yaml title="docker-compose.yml"
+version: '3.7'
+
+services:
+  snipeit:
+    image: snipe/snipe-it
+    ports:
+      - "8000:80"
+    depends_on:
+      - db
+    env_file:
+      - stack.env
+    volumes:
+      - /srv/containers/snipe-it:/var/lib/snipeit
+    networks:
+      docker_network:
+        ipv4_address: 192.168.5.50
+
+  redis:
+    image: redis:6.2.5-buster
+    ports:
+     - "6379:6379"
+    env_file:
+      - stack.env
+    networks:
+      docker_network:
+        ipv4_address: 192.168.5.51
+
+  db:
+    image: mariadb:10.5
+    ports:
+      - "3306:3306"
+    env_file:
+      - stack.env
+    volumes:
+      - /srv/containers/snipe-it/db:/var/lib/mysql
+    networks:
+      docker_network:
+        ipv4_address: 192.168.5.52
+
+  mailhog:
+    image: mailhog/mailhog:v1.0.1
+    ports:
+    # - 1025:1025
+     - "8025:8025"
+    env_file:
+      - stack.env
+    networks:
+        docker_network:
+          ipv4_address: 192.168.5.53
+
+networks:
+  docker_network:
+    external: true
+```
+
+```yaml title=".env"
+APP_ENV=production
+APP_DEBUG=false
+APP_KEY=base64:SomethingSecure
+APP_URL=https://assets.bunny-lab.io
+APP_TIMEZONE='America/Denver'
+APP_LOCALE=en
+MAX_RESULTS=500
+PRIVATE_FILESYSTEM_DISK=local
+PUBLIC_FILESYSTEM_DISK=local_public
+DB_CONNECTION=mysql
+DB_HOST=db
+DB_DATABASE=snipedb
+DB_USERNAME=snipeuser
+DB_PASSWORD=SomethingSecure
+DB_PREFIX=null
+DB_DUMP_PATH='/usr/bin'
+DB_CHARSET=utf8mb4
+DB_COLLATION=utf8mb4_unicode_ci
+IMAGE_LIB=gd
+MYSQL_DATABASE=snipedb
+MYSQL_USER=snipeuser
+MYSQL_PASSWORD=SomethingSecure
+MYSQL_ROOT_PASSWORD=SomethingSecure
+REDIS_HOST=redis
+REDIS_PASSWORD=SomethingSecure
+REDIS_PORT=6379
+MAIL_DRIVER=smtp
+MAIL_HOST=mail.bunny-lab.io
+MAIL_PORT=587
+MAIL_USERNAME=assets@bunny-lab.io
+MAIL_PASSWORD=SomethingSecure
+MAIL_ENCRYPTION=starttls
+MAIL_FROM_ADDR=assets@bunny-lab.io
+MAIL_FROM_NAME='Bunny Lab Asset Management'
+MAIL_REPLYTO_ADDR=assets@bunny-lab.io
+MAIL_REPLYTO_NAME='Bunny Lab Asset Management'
+MAIL_AUTO_EMBED_METHOD='attachment'
+DATA_LOCATION=/srv/containers/snipe-it
+APP_TRUSTED_PROXIES=192.168.5.29
+```
+
+## Traefik Reverse Proxy Configuration
+If the container does not run on the same host as Traefik, you will need to manually add configuration to Traefik's dynamic config file, outlined below.
+```yaml
+http:
+  routers:
+    assets-bunny-lab-io:
+      entryPoints:
+        - websecure
+      rule: "Host(`assets.bunny-lab.io`)"
+      service: "assets-bunny-lab-io"
+      tls:
+        certResolver: letsencrypt
+      middlewares:
+        - "assets-bunny-lab-io"
+        - "auth-bunny-lab-io"  # Referencing the Keycloak Server
+  
+  middlewares:
+    assets-bunny-lab-io:
+      headers:
+        customRequestHeaders:
+          X-Forwarded-Proto: "https"
+          X-Forwarded-Host: "assets.bunny-lab.io"
+        customResponseHeaders:
+          X-Custom-Header: "CustomValue" # Example of a static header
+
+  services:
+    assets-bunny-lab-io:
+      loadBalancer:
+        servers:
+          - url: "http://192.168.5.50:8080"
+        passHostHeader: true
+```