# ManaCore Mac Mini Configuration # Domain: mana.how (via Cloudflare Tunnel) services: # ============================================ # Infrastructure Services # ============================================ postgres: image: postgres:16-alpine container_name: manacore-postgres restart: always environment: POSTGRES_DB: manacore POSTGRES_USER: postgres POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-manacore123} volumes: - postgres_data:/var/lib/postgresql/data ports: - "5432:5432" healthcheck: test: ["CMD-SHELL", "pg_isready -U postgres"] interval: 10s timeout: 5s retries: 5 redis: image: redis:7-alpine container_name: manacore-redis restart: always command: redis-server --requirepass ${REDIS_PASSWORD:-redis123} volumes: - redis_data:/data ports: - "6379:6379" healthcheck: test: ["CMD", "redis-cli", "--raw", "incr", "ping"] interval: 10s timeout: 5s retries: 5 minio: image: minio/minio:latest container_name: manacore-minio restart: always command: server /data --console-address ":9001" environment: MINIO_ROOT_USER: ${MINIO_ACCESS_KEY:-minioadmin} MINIO_ROOT_PASSWORD: ${MINIO_SECRET_KEY:-minioadmin} volumes: - minio_data:/data ports: - "9000:9000" - "9001:9001" healthcheck: test: ["CMD", "mc", "ready", "local"] interval: 30s timeout: 20s retries: 3 # ============================================ # Auth Service # ============================================ mana-core-auth: image: ghcr.io/memo-2023/mana-core-auth:latest container_name: mana-core-auth restart: always depends_on: postgres: condition: service_healthy redis: condition: service_healthy environment: NODE_ENV: production PORT: 3001 DATABASE_URL: postgresql://postgres:${POSTGRES_PASSWORD:-manacore123}@postgres:5432/manacore_auth REDIS_HOST: redis REDIS_PORT: 6379 REDIS_PASSWORD: ${REDIS_PASSWORD:-redis123} JWT_SECRET: ${JWT_SECRET:-your-jwt-secret-change-me} BETTER_AUTH_SECRET: ${BETTER_AUTH_SECRET:-${JWT_SECRET:-your-jwt-secret-change-me}} JWT_PUBLIC_KEY: ${JWT_PUBLIC_KEY:-} JWT_PRIVATE_KEY: ${JWT_PRIVATE_KEY:-} CORS_ORIGINS: https://mana.how,https://chat.mana.how,https://todo.mana.how,https://calendar.mana.how,https://clock.mana.how,https://contacts.mana.how,https://storage.mana.how,https://presi.mana.how ports: - "3001:3001" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:3001/api/v1/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s # ============================================ # ManaCore Dashboard # ============================================ manacore-web: image: ghcr.io/memo-2023/manacore-web:latest container_name: manacore-web restart: always depends_on: mana-core-auth: condition: service_healthy environment: NODE_ENV: production PORT: 5173 PUBLIC_MANA_CORE_AUTH_URL: http://mana-core-auth:3001 PUBLIC_MANA_CORE_AUTH_URL_CLIENT: https://auth.mana.how PUBLIC_TODO_API_URL: http://todo-backend:3018 PUBLIC_TODO_API_URL_CLIENT: https://todo-api.mana.how PUBLIC_CALENDAR_API_URL: http://calendar-backend:3016 PUBLIC_CALENDAR_API_URL_CLIENT: https://calendar-api.mana.how PUBLIC_CLOCK_API_URL: http://clock-backend:3017 PUBLIC_CLOCK_API_URL_CLIENT: https://clock-api.mana.how PUBLIC_CONTACTS_API_URL: http://contacts-backend:3015 PUBLIC_CONTACTS_API_URL_CLIENT: https://contacts-api.mana.how ports: - "5173:5173" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:5173/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s # ============================================ # Chat App # ============================================ chat-backend: image: ghcr.io/memo-2023/chat-backend:latest container_name: chat-backend restart: always depends_on: mana-core-auth: condition: service_healthy postgres: condition: service_healthy environment: NODE_ENV: production PORT: 3002 DATABASE_URL: postgresql://postgres:${POSTGRES_PASSWORD:-manacore123}@postgres:5432/chat MANA_CORE_AUTH_URL: http://mana-core-auth:3001 SUPABASE_URL: ${SUPABASE_URL:-} SUPABASE_SERVICE_KEY: ${SUPABASE_SERVICE_ROLE_KEY:-} AZURE_OPENAI_ENDPOINT: ${AZURE_OPENAI_ENDPOINT:-} AZURE_OPENAI_API_KEY: ${AZURE_OPENAI_API_KEY:-} AZURE_OPENAI_API_VERSION: 2024-12-01-preview CORS_ORIGINS: https://chat.mana.how,https://mana.how ports: - "3002:3002" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:3002/api/v1/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s chat-web: image: ghcr.io/memo-2023/chat-web:latest container_name: chat-web restart: always depends_on: chat-backend: condition: service_healthy environment: NODE_ENV: production PORT: 3000 PUBLIC_BACKEND_URL: http://chat-backend:3002 PUBLIC_MANA_CORE_AUTH_URL: http://mana-core-auth:3001 PUBLIC_BACKEND_URL_CLIENT: https://chat-api.mana.how PUBLIC_MANA_CORE_AUTH_URL_CLIENT: https://auth.mana.how ports: - "3000:3000" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:3000/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s # ============================================ # Todo App # ============================================ todo-backend: image: ghcr.io/memo-2023/todo-backend:latest container_name: todo-backend restart: always depends_on: mana-core-auth: condition: service_healthy postgres: condition: service_healthy environment: NODE_ENV: production PORT: 3018 DATABASE_URL: postgresql://postgres:${POSTGRES_PASSWORD:-manacore123}@postgres:5432/todo MANA_CORE_AUTH_URL: http://mana-core-auth:3001 CORS_ORIGINS: https://todo.mana.how,https://mana.how ports: - "3018:3018" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:3018/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s todo-web: image: ghcr.io/memo-2023/todo-web:latest container_name: todo-web restart: always depends_on: todo-backend: condition: service_healthy environment: NODE_ENV: production PORT: 5188 PUBLIC_BACKEND_URL: http://todo-backend:3018 PUBLIC_MANA_CORE_AUTH_URL: http://mana-core-auth:3001 PUBLIC_BACKEND_URL_CLIENT: https://todo-api.mana.how PUBLIC_MANA_CORE_AUTH_URL_CLIENT: https://auth.mana.how ports: - "5188:5188" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:5188/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s # ============================================ # Calendar App # ============================================ calendar-backend: image: ghcr.io/memo-2023/calendar-backend:latest container_name: calendar-backend restart: always depends_on: mana-core-auth: condition: service_healthy postgres: condition: service_healthy environment: NODE_ENV: production PORT: 3016 DATABASE_URL: postgresql://postgres:${POSTGRES_PASSWORD:-manacore123}@postgres:5432/calendar DB_HOST: postgres DB_PORT: 5432 DB_USER: postgres MANA_CORE_AUTH_URL: http://mana-core-auth:3001 CORS_ORIGINS: https://calendar.mana.how,https://mana.how ports: - "3016:3016" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:3016/api/v1/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s calendar-web: image: ghcr.io/memo-2023/calendar-web:latest container_name: calendar-web restart: always depends_on: calendar-backend: condition: service_healthy environment: NODE_ENV: production PORT: 5186 PUBLIC_BACKEND_URL: http://calendar-backend:3016 PUBLIC_MANA_CORE_AUTH_URL: http://mana-core-auth:3001 PUBLIC_BACKEND_URL_CLIENT: https://calendar-api.mana.how PUBLIC_MANA_CORE_AUTH_URL_CLIENT: https://auth.mana.how # Cross-app integrations PUBLIC_TODO_BACKEND_URL: https://todo-api.mana.how PUBLIC_CONTACTS_API_URL: https://contacts-api.mana.how ports: - "5186:5186" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:5186/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s # ============================================ # Clock App # ============================================ clock-backend: image: ghcr.io/memo-2023/clock-backend:latest container_name: clock-backend restart: always depends_on: mana-core-auth: condition: service_healthy postgres: condition: service_healthy environment: NODE_ENV: production PORT: 3017 DATABASE_URL: postgresql://postgres:${POSTGRES_PASSWORD:-manacore123}@postgres:5432/clock DB_HOST: postgres DB_PORT: 5432 DB_USER: postgres MANA_CORE_AUTH_URL: http://mana-core-auth:3001 CORS_ORIGINS: https://clock.mana.how,https://mana.how ports: - "3017:3017" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:3017/api/v1/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s clock-web: image: ghcr.io/memo-2023/clock-web:latest container_name: clock-web restart: always depends_on: clock-backend: condition: service_healthy environment: NODE_ENV: production PORT: 5187 PUBLIC_BACKEND_URL: http://clock-backend:3017 PUBLIC_MANA_CORE_AUTH_URL: http://mana-core-auth:3001 PUBLIC_BACKEND_URL_CLIENT: https://clock-api.mana.how PUBLIC_MANA_CORE_AUTH_URL_CLIENT: https://auth.mana.how ports: - "5187:5187" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:5187/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s # ============================================ # Contacts App # ============================================ contacts-backend: image: ghcr.io/memo-2023/contacts-backend:latest container_name: contacts-backend restart: always depends_on: mana-core-auth: condition: service_healthy postgres: condition: service_healthy minio: condition: service_healthy environment: NODE_ENV: production PORT: 3015 DATABASE_URL: postgresql://postgres:${POSTGRES_PASSWORD:-manacore123}@postgres:5432/contacts DB_HOST: postgres DB_PORT: 5432 DB_USER: postgres MANA_CORE_AUTH_URL: http://mana-core-auth:3001 CORS_ORIGINS: https://contacts.mana.how,https://mana.how,https://calendar.mana.how # S3/MinIO Storage for contact photos S3_ENDPOINT: http://minio:9000 S3_REGION: us-east-1 S3_ACCESS_KEY: ${MINIO_ACCESS_KEY:-minioadmin} S3_SECRET_KEY: ${MINIO_SECRET_KEY:-minioadmin} S3_BUCKET: contacts-photos ports: - "3015:3015" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:3015/api/v1/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s contacts-web: image: ghcr.io/memo-2023/contacts-web:latest container_name: contacts-web restart: always depends_on: contacts-backend: condition: service_healthy environment: NODE_ENV: production PORT: 5184 PUBLIC_BACKEND_URL: http://contacts-backend:3015 PUBLIC_MANA_CORE_AUTH_URL: http://mana-core-auth:3001 PUBLIC_BACKEND_URL_CLIENT: https://contacts-api.mana.how PUBLIC_MANA_CORE_AUTH_URL_CLIENT: https://auth.mana.how ports: - "5184:5184" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:5184/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s # ============================================ # Presi App (Presentations) # ============================================ presi-backend: image: ghcr.io/memo-2023/presi-backend:latest container_name: presi-backend restart: always depends_on: mana-core-auth: condition: service_healthy postgres: condition: service_healthy environment: NODE_ENV: production PORT: 3008 DATABASE_URL: postgresql://postgres:${POSTGRES_PASSWORD:-manacore123}@postgres:5432/presi MANA_CORE_AUTH_URL: http://mana-core-auth:3001 CORS_ORIGINS: https://presi.mana.how,https://mana.how ports: - "3008:3008" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:3008/api/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s presi-web: image: ghcr.io/memo-2023/presi-web:latest container_name: presi-web restart: always depends_on: presi-backend: condition: service_healthy environment: NODE_ENV: production PORT: 5178 PUBLIC_BACKEND_URL: http://presi-backend:3008 PUBLIC_MANA_CORE_AUTH_URL: http://mana-core-auth:3001 PUBLIC_BACKEND_URL_CLIENT: https://presi-api.mana.how PUBLIC_MANA_CORE_AUTH_URL_CLIENT: https://auth.mana.how ports: - "5178:5178" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:5178/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s # ============================================ # Storage App (Cloud Drive) # ============================================ storage-backend: image: ghcr.io/memo-2023/storage-backend:latest container_name: storage-backend restart: always depends_on: mana-core-auth: condition: service_healthy postgres: condition: service_healthy minio: condition: service_healthy environment: NODE_ENV: production PORT: 3019 DATABASE_URL: postgresql://postgres:${POSTGRES_PASSWORD:-manacore123}@postgres:5432/storage MANA_CORE_AUTH_URL: http://mana-core-auth:3001 CORS_ORIGINS: https://storage.mana.how,https://mana.how # S3/MinIO Storage S3_ENDPOINT: http://minio:9000 S3_REGION: us-east-1 S3_ACCESS_KEY: ${MINIO_ACCESS_KEY:-minioadmin} S3_SECRET_KEY: ${MINIO_SECRET_KEY:-minioadmin} S3_BUCKET: storage-storage STORAGE_S3_PUBLIC_URL: https://storage-files.mana.how MAX_FILE_SIZE: 104857600 MAX_FILES_PER_UPLOAD: 10 ports: - "3019:3019" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:3019/api/v1/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s storage-web: image: ghcr.io/memo-2023/storage-web:latest container_name: storage-web restart: always depends_on: storage-backend: condition: service_healthy environment: NODE_ENV: production PORT: 5185 PUBLIC_BACKEND_URL: http://storage-backend:3019 PUBLIC_MANA_CORE_AUTH_URL: http://mana-core-auth:3001 PUBLIC_BACKEND_URL_CLIENT: https://storage-api.mana.how PUBLIC_MANA_CORE_AUTH_URL_CLIENT: https://auth.mana.how ports: - "5185:5185" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:5185/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s # ============================================ # Monitoring Stack # ============================================ prometheus: image: prom/prometheus:v2.51.0 container_name: manacore-prometheus restart: always command: - '--config.file=/etc/prometheus/prometheus.yml' - '--storage.tsdb.path=/prometheus' - '--storage.tsdb.retention.time=30d' - '--web.enable-lifecycle' volumes: - ./docker/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml:ro - ./docker/prometheus/alerts.yml:/etc/prometheus/alerts.yml:ro - prometheus_data:/prometheus ports: - "9090:9090" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:9090/-/healthy"] interval: 30s timeout: 10s retries: 3 grafana: image: grafana/grafana:10.4.1 container_name: manacore-grafana restart: always depends_on: prometheus: condition: service_healthy environment: GF_SECURITY_ADMIN_USER: admin GF_SECURITY_ADMIN_PASSWORD: ${GRAFANA_PASSWORD:-admin} GF_USERS_ALLOW_SIGN_UP: false GF_SERVER_ROOT_URL: https://grafana.mana.how volumes: - ./docker/grafana/provisioning:/etc/grafana/provisioning:ro - ./docker/grafana/dashboards:/var/lib/grafana/dashboards:ro - grafana_data:/var/lib/grafana ports: - "3100:3000" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:3000/api/health"] interval: 30s timeout: 10s retries: 3 node-exporter: image: prom/node-exporter:v1.7.0 container_name: manacore-node-exporter restart: always command: - '--path.procfs=/host/proc' - '--path.sysfs=/host/sys' - '--path.rootfs=/rootfs' - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)' volumes: - /proc:/host/proc:ro - /sys:/host/sys:ro - /:/rootfs:ro ports: - "9100:9100" cadvisor: image: gcr.io/cadvisor/cadvisor:v0.49.1 container_name: manacore-cadvisor restart: always privileged: true volumes: - /:/rootfs:ro - /var/run:/var/run:ro - /sys:/sys:ro - /var/lib/docker/:/var/lib/docker:ro - /dev/disk/:/dev/disk:ro ports: - "8080:8080" postgres-exporter: image: prometheuscommunity/postgres-exporter:v0.15.0 container_name: manacore-postgres-exporter restart: always depends_on: postgres: condition: service_healthy environment: DATA_SOURCE_NAME: postgresql://postgres:${POSTGRES_PASSWORD:-manacore123}@postgres:5432/postgres?sslmode=disable ports: - "9187:9187" redis-exporter: image: oliver006/redis_exporter:v1.58.0 container_name: manacore-redis-exporter restart: always depends_on: redis: condition: service_healthy environment: REDIS_ADDR: redis://redis:6379 REDIS_PASSWORD: ${REDIS_PASSWORD:-redis123} ports: - "9121:9121" # ============================================ # Web Analytics (Umami) # ============================================ umami: image: ghcr.io/umami-software/umami:postgresql-latest container_name: manacore-umami restart: always depends_on: postgres: condition: service_healthy environment: DATABASE_URL: postgresql://postgres:${POSTGRES_PASSWORD:-manacore123}@postgres:5432/umami DATABASE_TYPE: postgresql APP_SECRET: ${UMAMI_APP_SECRET:-change-me-umami-secret} DISABLE_TELEMETRY: 1 ports: - "3200:3000" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:3000/api/heartbeat"] interval: 30s timeout: 10s retries: 3 start_period: 40s # ============================================ # n8n Workflow Automation # ============================================ n8n: image: n8nio/n8n:latest container_name: manacore-n8n restart: always depends_on: postgres: condition: service_healthy environment: # Database DB_TYPE: postgresdb DB_POSTGRESDB_HOST: postgres DB_POSTGRESDB_PORT: 5432 DB_POSTGRESDB_DATABASE: n8n DB_POSTGRESDB_USER: postgres DB_POSTGRESDB_PASSWORD: ${POSTGRES_PASSWORD:-manacore123} # Security N8N_ENCRYPTION_KEY: ${N8N_ENCRYPTION_KEY:-change-me-n8n-encryption-key} N8N_USER_MANAGEMENT_JWT_SECRET: ${N8N_JWT_SECRET:-change-me-n8n-jwt-secret} # URLs N8N_HOST: n8n.mana.how N8N_PROTOCOL: https WEBHOOK_URL: https://n8n.mana.how/ # Settings N8N_BASIC_AUTH_ACTIVE: "false" N8N_PORT: 5678 GENERIC_TIMEZONE: Europe/Berlin TZ: Europe/Berlin # Disable telemetry N8N_DIAGNOSTICS_ENABLED: "false" N8N_VERSION_NOTIFICATIONS_ENABLED: "false" volumes: - n8n_data:/home/node/.n8n ports: - "5678:5678" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:5678/healthz"] interval: 30s timeout: 10s retries: 3 start_period: 40s # ============================================ # Telegram Stats Bot # ============================================ telegram-stats-bot: image: ghcr.io/memo-2023/telegram-stats-bot:latest container_name: manacore-telegram-stats-bot restart: always depends_on: postgres: condition: service_healthy umami: condition: service_healthy environment: NODE_ENV: production PORT: 3300 TZ: Europe/Berlin TELEGRAM_BOT_TOKEN: ${TELEGRAM_BOT_TOKEN} TELEGRAM_CHAT_ID: ${TELEGRAM_CHAT_ID} UMAMI_API_URL: http://umami:3000 UMAMI_USERNAME: ${UMAMI_USERNAME:-admin} UMAMI_PASSWORD: ${UMAMI_PASSWORD} DATABASE_URL: postgresql://postgres:${POSTGRES_PASSWORD:-manacore123}@postgres:5432/manacore_auth ports: - "3300:3300" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:3300/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s # ============================================ # Auto-Update (Watchtower) # ============================================ watchtower: image: containrrr/watchtower container_name: manacore-watchtower restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock environment: - TZ=Europe/Berlin - DOCKER_API_VERSION=1.45 - WATCHTOWER_POLL_INTERVAL=300 - WATCHTOWER_CLEANUP=true - WATCHTOWER_INCLUDE_STOPPED=false - WATCHTOWER_NOTIFICATIONS=shoutrrr - WATCHTOWER_NOTIFICATION_URL=telegram://${TELEGRAM_BOT_TOKEN}@telegram?chats=${TELEGRAM_CHAT_ID} # ============================================ # Volumes # ============================================ volumes: postgres_data: name: manacore-postgres redis_data: name: manacore-redis minio_data: name: manacore-minio prometheus_data: name: manacore-prometheus grafana_data: name: manacore-grafana n8n_data: name: manacore-n8n