Documentation Restructure

2026-01-27 05:25:22 -07:00
parent 3ea11e04ff
commit e73bb0376f
205 changed files with 469 additions and 146 deletions
--- a/services/security-and-utility/changedetection.md
+++ b/services/security-and-utility/changedetection.md
@@ -0,0 +1,59 @@
+**Purpose**: Detect website content changes and perform meaningful actions - trigger notifications via Discord, Email, Slack, Telegram, API calls and many more.
+
+## Docker Configuration
+```yaml title="docker-compose.yml"
+version: "3.8"
+services:
+  app:
+    image: dgtlmoon/changedetection.io
+    container_name: changedetection.io 
+    environment:
+      - TZ=America/Denver
+    volumes:
+      - /srv/containers/changedetection/datastore:/datastore
+    ports:
+      - 5000:5000
+    restart: always
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.changedetection.rule=Host(`changedetection.bunny-lab.io`)"
+      - "traefik.http.routers.changedetection.entrypoints=websecure"
+      - "traefik.http.routers.changedetection.tls.certresolver=letsencrypt"
+      - "traefik.http.services.changedetection.loadbalancer.server.port=5000"
+    networks:
+        docker_network:
+          ipv4_address: 192.168.5.49
+
+networks:
+  default:
+    external:
+      name: docker_network
+  docker_network:
+    external: true
+```
+
+```jsx title=".env"
+N/A
+```
+
+## Traefik Reverse Proxy Configuration
+If the container does not run on the same host as Traefik, you will need to manually add configuration to Traefik's dynamic config file, outlined below.
+``` yaml
+http:
+  routers:
+    changedetection:
+      entryPoints:
+        - websecure
+      tls:
+        certResolver: letsencrypt
+      http2:
+      service: changedetection
+      rule: Host(`changedetection.bunny-lab.io`)
+
+  services:
+    changedetection:
+      loadBalancer:
+        servers:
+          - url: http://192.168.5.49:5000
+        passHostHeader: true
+```
--- a/services/security-and-utility/cyberchef.md
+++ b/services/security-and-utility/cyberchef.md
@@ -0,0 +1,28 @@
+**Purpose**: The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis.
+
+```yaml title="docker-compose.yml"
+version: "3.8"
+services:
+  app:
+    image: mpepping/cyberchef:latest
+    container_name: cyberchef
+    environment:
+      - TZ=America/Denver
+    ports:
+      - 8000:8000
+    restart: always
+    networks:
+        docker_network:
+          ipv4_address: 192.168.5.55
+
+networks:
+  default:
+    external:
+      name: docker_network
+  docker_network:
+    external: true
+```
+
+```jsx title=".env"
+N/A
+```
--- a/services/security-and-utility/it-tools.md
+++ b/services/security-and-utility/it-tools.md
@@ -0,0 +1,26 @@
+**Purpose**: Collection of handy online tools for developers, with great UX.
+
+```yaml title="docker-compose.yml"
+version: "3"
+
+services:
+  server:
+    image: corentinth/it-tools:latest
+    container_name: it-tools
+    environment:
+      - TZ=America/Denver
+    restart: always
+    ports:
+      - "80:80"
+    networks:
+        docker_network:
+          ipv4_address: 192.168.5.16
+
+networks:
+  docker_network:
+    external: true
+```
+
+```yaml title=".env"
+Not Applicable
+```
--- a/services/security-and-utility/password-pusher.md
+++ b/services/security-and-utility/password-pusher.md
@@ -0,0 +1,82 @@
+**Purpose**: An application to securely communicate passwords over the web. Passwords automatically expire after a certain number of views and/or time has passed. Track who, what and when. 
+
+## Docker Configuration
+```yaml title="docker-compose.yml"
+version: '3'
+
+services:
+  passwordpusher:
+    image: docker.io/pglombardo/pwpush:release
+    expose:
+      - 5100
+    restart: always
+    environment:
+      # Read Documention on how to generate a master key, then put it below
+      - PWPUSH_MASTER_KEY=${PWPUSH_MASTER_KEY}
+    networks:
+        docker_network:
+          ipv4_address: 192.168.5.170
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.passwordpusher.rule=Host(`temp.bunny-lab.io`)"
+      - "traefik.http.routers.passwordpusher.entrypoints=websecure"
+      - "traefik.http.routers.passwordpusher.tls.certresolver=letsencrypt"
+      - "traefik.http.services.passwordpusher.loadbalancer.server.port=5100"
+networks:
+  docker_network:
+    external: true
+```
+
+```yaml title=".env"
+PWPUSH_MASTER_KEY=<PASSWORD>
+PWP__BRAND__TITLE="Bunny Lab"
+PWP__BRAND__SHOW_FOOTER_MENU=false
+PWP__BRAND__LIGHT_LOGO="https://cloud.bunny-lab.io/apps/theming/image/logo?v=22"
+PWP__BRAND__DARK_LOGO="https://cloud.bunny-lab.io/apps/theming/image/logo?v=22"
+PWP__BRAND__TAGLINE="Secure Temporary Information Exchange"
+PWP__MAIL__RAISE_DELIVERY_ERRORS=true
+PWP__MAIL__SMTP_ADDRESS=mail.bunny-lab.io
+PWP__MAIL__SMTP_PORT=587
+PWP__MAIL__SMTP_USER_NAME=noreply@bunny-lab.io
+PWP__MAIL__SMTP_PASSWORD=<SMTP_CREDENTIALS>
+PWP__MAIL__SMTP_AUTHENTICATION=plain
+PWP__MAIL__SMTP_STARTTLS=true
+PWP__MAIL__SMTP_OPEN_TIMEOUT=10
+PWP__MAIL__SMTP_READ_TIMEOUT=10
+PWP__HOST_DOMAIN=bunny-lab.io
+PWP__HOST_PROTOCOL=https
+PWP__MAIL__MAILER_SENDER='"noreply" <noreply@bunny-lab.io>'
+PWP__SHOW_VERSION=false
+PWP__ENABLE_FILE_PUSHES=true
+PWP__FILES__EXPIRE_AFTER_DAYS_DEFAULT=2
+PWP__FILES__EXPIRE_AFTER_DAYS_MAX=7
+PWP__FILES__EXPIRE_AFTER_VIEWS_DEFAULT=5
+PWP__FILES__EXPIRE_AFTER_VIEWS_MAX=10
+PWP__FILES__RETRIEVAL_STEP_DEFAULT=true
+PWP__ENABLE_URL_PUSHES=true
+PWP__LOG_LEVEL=info
+```
+
+!!! note "PWPUSH_MASTER_KEY"
+    Generate a master key by visiting the [official online key generator](https://pwpush.com/en/pages/generate_key).
+
+## Traefik Reverse Proxy Configuration
+If the container does not run on the same host as Traefik, you will need to manually add configuration to Traefik's dynamic config file, outlined below.
+```yaml
+http:
+  routers:
+    password-pusher:
+      entryPoints:
+        - websecure
+      tls:
+        certResolver: letsencrypt
+      service: password-pusher
+      rule: Host(`temp.bunny-lab.io`)
+
+  services:
+    password-pusher:
+      loadBalancer:
+        servers:
+          - url: http://192.168.5.170:5100
+        passHostHeader: true
+```
--- a/services/security-and-utility/searx.md
+++ b/services/security-and-utility/searx.md
@@ -0,0 +1,51 @@
+**Purpose**: Deploys a SearX Meta Search Engine Server
+
+## Docker Configuration
+```yaml title="docker-compose.yml"
+version: '3'
+services:
+  searx:
+    image: searx/searx:latest
+    ports:
+      - 8080:8080
+    volumes:
+      - /srv/containers/searx/:/etc/searx
+    restart: always
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.searx.rule=Host(`searx.bunny-lab.io`)"
+      - "traefik.http.routers.searx.entrypoints=websecure"
+      - "traefik.http.routers.searx.tls.certresolver=letsencrypt"
+      - "traefik.http.services.searx.loadbalancer.server.port=8080"
+    networks:
+        docker_network:
+          ipv4_address: 192.168.5.124
+networks:
+  docker_network:
+    external: true
+```
+
+```yaml title=".env"
+Not Applicable
+```
+
+## Traefik Reverse Proxy Configuration
+If the container does not run on the same host as Traefik, you will need to manually add configuration to Traefik's dynamic config file, outlined below.
+```yaml
+http:
+  routers:
+    searx:
+      entryPoints:
+        - websecure
+      tls:
+        certResolver: letsencrypt
+      service: searx
+      rule: Host(`searx.bunny-lab.io`)
+
+  services:
+    searx:
+      loadBalancer:
+        servers:
+          - url: http://192.168.5.124:8080
+        passHostHeader: true
+```
--- a/services/security-and-utility/vaultwarden.md
+++ b/services/security-and-utility/vaultwarden.md
@@ -0,0 +1,62 @@
+**Purpose**: Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs.
+
+```yaml title="docker-compose.yml"
+---
+version: "2.1"
+services:
+  vaultwarden:
+    image: vaultwarden/server:latest
+    container_name: vaultwarden
+    environment:
+      - TZ=America/Denver
+      - INVITATIONS_ALLOWED=false
+      - SIGNUPS_ALLOWED=false
+      - WEBSOCKET_ENABLED=false
+      - ADMIN_TOKEN=REDACTED #PUT A REALLY REALLY REALLY SECURE PASSWORD HERE
+    volumes:
+      - /srv/containers/vaultwarden:/data
+    ports:
+      - 80:80
+    restart: always
+    networks:
+        docker_network:
+          ipv4_address: 192.168.5.15
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.bunny-vaultwarden.rule=Host(`vault.bunny-lab.io`)"
+      - "traefik.http.routers.bunny-vaultwarden.entrypoints=websecure"
+      - "traefik.http.routers.bunny-vaultwarden.tls.certresolver=letsencrypt"
+      - "traefik.http.services.bunny-vaultwarden.loadbalancer.server.port=80"
+networks:
+  default:
+    external:
+      name: docker_network
+  docker_network:
+    external: true
+```
+!!! warning "ADMIN_TOKEN"
+    It is **CRITICAL** that you never share the `ADMIN_TOKEN` with anyone.  It allows you to log into the instance at https://vault.example.com/admin to add users, delete users, make changes system wide, etc.
+
+```yaml title=".env"
+Not Applicable
+```
+## Traefik Reverse Proxy Configuration
+If the container does not run on the same host as Traefik, you will need to manually add configuration to Traefik's dynamic config file, outlined below.
+```yaml
+http:
+  routers:
+    bunny-vaultwarden:
+      entryPoints:
+        - websecure
+      tls:
+        certResolver: letsencrypt
+      service: vaultwarden
+      rule: Host(`vault.bunny-lab.io`)
+
+  services:
+    vaultwarden:
+      loadBalancer:
+        servers:
+          - url: http://192.168.5.15:80
+        passHostHeader: true
+```