From 1e64f8e3219e4a6c202556bd0d29b2eb97fea51d Mon Sep 17 00:00:00 2001 From: Thierry Pouplier Date: Sun, 22 Feb 2026 18:35:22 -0500 Subject: [PATCH] Big progress dump --- ai/compose.yml | 183 +++++++++++++++++++++++++++++++++++ authentification/compose.yml | 35 +++++++ cloudstorage/compose.yml | 78 +++++++++++++++ finance/compose.yml | 45 +++++++++ homeautomation/compose.yml | 91 +++++++++++++++++ homepage/compose.yml | 41 ++++++++ network/compose.yml | 2 +- passwordmanager/compose.yml | 30 +++--- versioncontrol/compose.yml | 17 ++-- 9 files changed, 494 insertions(+), 28 deletions(-) create mode 100644 ai/compose.yml create mode 100644 authentification/compose.yml create mode 100644 cloudstorage/compose.yml create mode 100644 finance/compose.yml create mode 100644 homeautomation/compose.yml create mode 100644 homepage/compose.yml diff --git a/ai/compose.yml b/ai/compose.yml new file mode 100644 index 0000000..6378012 --- /dev/null +++ b/ai/compose.yml @@ -0,0 +1,183 @@ +services: + + webui: + image: ghcr.io/open-webui/open-webui:main + volumes: + - /mnt/HoardingCow_docker_data/Ollama/open-webui:/app/backend/data + environment: + - OLLAMA_API_BASE_URL=http://ollama:11434/api + networks: + - traefik-net + labels: + - "traefik.enable=true" + + # Router for HTTP + redirection to HTTPS + - "traefik.http.routers.webui-http.rule=Host(`ai.lazyworkhorse.net`)" + - "traefik.http.routers.webui-http.entrypoints=web" + - "traefik.http.routers.webui-http.middlewares=redirect-to-https" + + # Router for HTTPS with TLS + - "traefik.http.routers.webui-https.rule=Host(`ai.lazyworkhorse.net`)" + - "traefik.http.routers.webui-https.entrypoints=websecure" + - "traefik.http.routers.webui-https.tls=true" + - "traefik.http.routers.webui-https.tls.certresolver=njalla" + + # llama_cpp_devstral: + # image: ghcr.io/ggml-org/llama.cpp:server-rocm + # container_name: llama_cpp_devstral + # restart: unless-stopped + # ports: + # - "8300:8080" + # ipc: host + # devices: + # - "/dev/kfd:/dev/kfd" + # - "/dev/dri:/dev/dri" + # group_add: + # - "303" # video + # - "26" # render + # environment: + # HSA_OVERRIDE_GFX_VERSION: 9.0.6 + # HIP_VISIBLE_DEVICES: 0,1 + # LLAMA_CACHE: /models + # volumes: + # - /mnt/HoardingCow_docker_data/Llama_cpp/models:/models + # - /mnt/HoardingCow_docker_data/Llama_cpp/devstral-agent.jinja:/template.jinja + # command: > + # -hf unsloth/Devstral-Small-2-24B-Instruct-2512-GGUF:Devstral-Small-2-24B-Instruct-2512-Q8_0.gguf + # -a devstral-2-small-llama_cpp + # --chat-template-file /template.jinja + # --host 0.0.0.0 + # --port 8080 + # --n-gpu-layers 99 + # --ctx-size 163840 + # --batch-size 4096 + # --ubatch-size 4096 + # --cache-type-k f16 + # --cache-type-v f16 + # --cache-reuse 256 + # --flash-attn on + # --context-shift + # --split-mode layer + # --no-mmap + # --n-predict -1 + # --parallel 2 + + # vllm: + # image: nalanzeyu/vllm-gfx906:v0.9.0-rocm6.3 + # container_name: vllm + # # Required for multi-GPU communication (NCCL) + # ipc: host + # init: true + # shm_size: '2g' + # networks: + # - traefik-net + # ports: + # - "8300:8000" + # devices: + # - "/dev/kfd:/dev/kfd" + # - "/dev/dri:/dev/dri" + # group_add: + # - "303" + # - "26" + # environment: + # HSA_OVERRIDE_GFX_VERSION: 9.0.6 + # HSA_ENABLE_SDMA: 0 + # HIP_VISIBLE_DEVICES: 0,1 + # NCCL_P2P_DISABLE: 1 + # VLLM_WORKER_MULTIPROC_METHOD: spawn + # VLLM_USE_TRITON_FLASH_ATTN: 0 + # VLLM_USE_ROCM_CUSTOM_PAGED_ATTN: 0 + # VLLM_ATTENTION_BACKEND: ROPE_NAIVE + # VLLM_SKIP_WARMUP: 1 + # VLLM_USE_V1: 0 + # HF_TOKEN: ${HF_TOKEN} + # command: > + # vllm serve "mistralai/Devstral-Small-2-24B-Instruct-2512" + # --tensor-parallel-size 2 + # --max-model-len 8192 + # --gpu-memory-utilization 0.90 + # --tokenizer_mode mistral + # --config_format auto + # --load-format auto + # --enforce-eager + # --disable-custom-all-reduce + # --trust-remote-code + # --task generate + # --block-size 16 + # volumes: + # - /mnt/HoardingCow_docker_data/vllm/models:/root/.cache/huggingface + # restart: unless-stopped + + ollama: + image: ollama/ollama:latest + container_name: ollama + privileged: true + tty: true + restart: unless-stopped + ports: + - "127.0.0.1:11434:11434" + networks: + - traefik-net + volumes: + - /mnt/HoardingCow_docker_data/Ollama/ollama:/root/.ollama + environment: + - OLLAMA_VULKAN=0 + - HSA_OVERRIDE_GFX_VERSION=9.0.6 + - HCC_AMDGPU_TARGET=gfx906 + - HIP_VISIBLE_DEVICES=0,1 + - ROCR_VISIBLE_DEVICES=0,1 + - HSA_ENABLE_SDMA=0 + - OLLAMA_HOST=0.0.0.0 + - OLLAMA_DEBUG=1 + - OLLAMA_FLASH_ATTENTION=0 + - OLLAMA_NUM_PARALLEL=2 + devices: + # Map the render nodes and KFD for ROCm to work inside the container + - /dev/kfd:/dev/kfd + - /dev/dri:/dev/dri + group_add: + - "303" + - "26" + + n8n: + image: n8nio/n8n:latest + container_name: n8n + restart: unless-stopped + networks: + - traefik-net + environment: + - N8N_HOST=n8n.lazyworkhorse.net + - N8N_PORT=5678 + - N8N_PROTOCOL=https + - NODE_ENV=production + - N8N_ENCRYPTION_KEY=${N8N_ENCRYPTION_KEY} + - WEBHOOK_URL=https://n8n.lazyworkhorse.net/ + - GENERIC_TIMEZONE=America/New_York # Adjust to your timezone + - N8N_BLOCK_EXTERNAL_STORAGE_ACCESS=false + - N8N_NODES_PYTHON_CAN_IMPORT_MODULES=true + - N8N_NATIVE_PYTHON_RUNNER=true + - N8N_PYTHON_ALLOW_STDLIB=uuid,re,os,json + - N8N_PYTHON_ALLOW_EXTERNAL=requests,pandas + - NODE_FUNCTION_ALLOW_EXTERNAL=uuid,requests + volumes: + - /mnt/HoardingCow_docker_data/n8n:/home/node/.n8n + labels: + - "traefik.enable=true" + + # Router for HTTP + redirection to HTTPS + - "traefik.http.routers.n8n-http.rule=Host(`n8n.lazyworkhorse.net`)" + - "traefik.http.routers.n8n-http.entrypoints=web" + - "traefik.http.routers.n8n-http.middlewares=redirect-to-https" + + # Router for HTTPS with TLS + - "traefik.http.routers.n8n-https.rule=Host(`n8n.lazyworkhorse.net`)" + - "traefik.http.routers.n8n-https.entrypoints=websecure" + - "traefik.http.routers.n8n-https.tls=true" + - "traefik.http.routers.n8n-https.tls.certresolver=njalla" + + # Service Loadbalancer (n8n default port) + - "traefik.http.services.n8n.loadbalancer.server.port=5678" + +networks: + traefik-net: + external: true diff --git a/authentification/compose.yml b/authentification/compose.yml new file mode 100644 index 0000000..f8a60be --- /dev/null +++ b/authentification/compose.yml @@ -0,0 +1,35 @@ +version: "3.8" + +services: + authelia: + image: authelia/authelia:latest + container_name: authelia + volumes: + - /mnt/HoardingCow_docker_data/Authelia:/config + networks: + - traefik-net + restart: unless-stopped + labels: + - "traefik.enable=true" + + # HTTP router + - "traefik.http.routers.authelia-http.rule=Host(`auth.lazyworkhorse.net`)" + - "traefik.http.routers.authelia-http.entrypoints=web" + - "traefik.http.routers.authelia-http.middlewares=redirect-to-https" + + # HTTPS router + - "traefik.http.routers.authelia-https.rule=Host(`auth.lazyworkhorse.net`)" + - "traefik.http.routers.authelia-https.entrypoints=websecure" + - "traefik.http.routers.authelia-https.tls=true" + - "traefik.http.routers.authelia-https.tls.certresolver=njalla" + + - "traefik.http.services.authelia.loadbalancer.server.port=9091" + + # forward auth middleware definition + - "traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.lazyworkhorse.net" + - "traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true" + - "traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email" + +networks: + traefik-net: + external: true diff --git a/cloudstorage/compose.yml b/cloudstorage/compose.yml new file mode 100644 index 0000000..2e1ab88 --- /dev/null +++ b/cloudstorage/compose.yml @@ -0,0 +1,78 @@ +version: "3.9" +services: + nextcloud: + image: nextcloud:latest + container_name: nextcloud + restart: always + networks: + - traefik-net + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/Toronto + # Database connection + - MYSQL_HOST=nextcloud_mariadb + - MYSQL_DATABASE=nextcloud + - MYSQL_USER=nextcloud + - MYSQL_PASSWORD=${NEXTCLOUD_MYSQL_PASSWORD} + # Reverse Proxy Overrides (Crucial for HTTPS behind Traefik) + - OVERWRITEPROTOCOL=https + - OVERWRITECLIURL=https://cloud.lazyworkhorse.net + - NEXTCLOUD_TRUSTED_DOMAINS=cloud.lazyworkhorse.net + volumes: + - /mnt/HoardingCow_docker_data/NextCloud/data:/var/www/html:rw + depends_on: + - nextcloud_mariadb + labels: + - "traefik.enable=true" + + # Router for HTTP -> HTTPS Redirection (Matching your Gitea style) + - "traefik.http.routers.nextcloud-http.rule=Host(`cloud.lazyworkhorse.net`)" + - "traefik.http.routers.nextcloud-http.entrypoints=web" + - "traefik.http.routers.nextcloud-http.middlewares=redirect-to-https" + + # Router for HTTPS + - "traefik.http.routers.nextcloud-https.rule=Host(`cloud.lazyworkhorse.net`)" + - "traefik.http.routers.nextcloud-https.entrypoints=websecure" + - "traefik.http.routers.nextcloud-https.tls=true" + - "traefik.http.routers.nextcloud-https.tls.certresolver=njalla" + + # Middlewares: Redirection + Nextcloud DAV fixes + - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" + - "traefik.http.middlewares.nextcloud-dav.redirectregex.permanent=true" + - "traefik.http.middlewares.nextcloud-dav.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav" + - "traefik.http.middlewares.nextcloud-dav.redirectregex.replacement=https://$$1/remote.php/dav/" + + # Apply both redirection and DAV fixes + - "traefik.http.routers.nextcloud-https.middlewares=nextcloud-dav" + + nextcloud_cron: + image: nextcloud:latest + container_name: nextcloud_cron + restart: always + networks: + - traefik-net + entrypoint: /cron.sh + volumes: + - /mnt/HoardingCow_docker_data/NextCloud/data:/var/www/html:rw + depends_on: + - nextcloud + + nextcloud_mariadb: + image: mariadb:latest + container_name: nextcloud_mariadb + restart: always + networks: + - traefik-net + environment: + - MYSQL_RANDOM_ROOT_PASSWORD=yes + - MYSQL_USER=nextcloud + - MYSQL_PASSWORD=${NEXTCLOUD_MYSQL_PASSWORD} + - MYSQL_DATABASE=nextcloud + volumes: + - /mnt/HoardingCow_docker_data/NextCloud/database:/var/lib/mysql:rw + # command: ["--innodb-force-recovery=6"] + +networks: + traefik-net: + external: true diff --git a/finance/compose.yml b/finance/compose.yml new file mode 100644 index 0000000..fb2a753 --- /dev/null +++ b/finance/compose.yml @@ -0,0 +1,45 @@ +version: "3.9" + +services: + fava: + image: yegle/fava + container_name: fava + + environment: + - BEANCOUNT_FILE=/data/beancount_finance_vault/ledger/main/tpouplier.beancount + + volumes: + - /mnt/HoardingCow_docker_data/Fava:/data + + networks: + - traefik-net + + restart: unless-stopped + + labels: + - "traefik.enable=true" + + # HTTP → HTTPS redirect + - "traefik.http.routers.fava-http.rule=Host(`money.lazyworkhorse.net`)" + - "traefik.http.routers.fava-http.entrypoints=web" + - "traefik.http.routers.fava-http.middlewares=redirect-to-https" + - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" + + # HTTPS router protected by Authelia + - "traefik.http.routers.fava-https.rule=Host(`money.lazyworkhorse.net`)" + - "traefik.http.routers.fava-https.entrypoints=websecure" + - "traefik.http.routers.fava-https.tls=true" + - "traefik.http.routers.fava-https.tls.certresolver=njalla" + - "traefik.http.routers.fava-https.middlewares=fava-auth" + + # Authelia forwardAuth + - "traefik.http.middlewares.fava-auth.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.lazyworkhorse.net/" + - "traefik.http.middlewares.fava-auth.forwardauth.trustforwardheader=true" + - "traefik.http.middlewares.fava-auth.forwardauth.authresponseheaders=X-Forwarded-User,X-Forwarded-Groups" + + # Internal port + - "traefik.http.services.fava.loadbalancer.server.port=5000" + +networks: + traefik-net: + external: true diff --git a/homeautomation/compose.yml b/homeautomation/compose.yml new file mode 100644 index 0000000..f4fb123 --- /dev/null +++ b/homeautomation/compose.yml @@ -0,0 +1,91 @@ +services: + + homeassistant: + image: ghcr.io/home-assistant/home-assistant:stable + container_name: homeassistant + restart: unless-stopped + privileged: true + # Was needed for someting.. but dont remember. Deactivated for now. + # network_mode: host # Discovery (mDNS/Bluetooth) requires this + environment: + - TZ=America/Toronto + volumes: + - /mnt/HoardingCow_docker_data/Home_Assistant:/config:rw + networks: + - traefik-net + labels: + - "traefik.enable=true" + + - "traefik.http.routers.hass-http.rule=Host(`home.lazyworkhorse.net`)" + - "traefik.http.routers.hass-http.entrypoints=web" + - "traefik.http.routers.hass-http.middlewares=redirect-to-https" + + - "traefik.http.routers.hass-https.rule=Host(`home.lazyworkhorse.net`)" + - "traefik.http.routers.hass-https.entrypoints=websecure" + - "traefik.http.routers.hass-https.tls.certresolver=njalla" + + - "traefik.http.services.hass.loadbalancer.server.port=8123" + - "traefik.http.services.hass.loadbalancer.server.scheme=http" + # Trusted proxy defined in configuration.yml + + mosquitto: + image: eclipse-mosquitto + volumes: + - /mnt/HoardingCow_docker_data/Mosquitto:/mosquitto + networks: + - traefik-net + # ports: + # - 1883:1883 + # - 9001:9001 + + hydroqc2mqtt: + image: registry.gitlab.com/hydroqc/hydroqc2mqtt:1.3.0 + restart: always + networks: + - traefik-net + environment: + MQTT_USERNAME: hass + MQTT_PASSWORD: ${MQTT_PASSWORD} + MQTT_HOST: 192.168.1.3 + MQTT_PORT: 1883 + HQ2M_CONTRACTS_0_NAME: maison + HQ2M_CONTRACTS_0_USERNAME: thierrypouplier@gmail.com + HQ2M_CONTRACTS_0_PASSWORD: ${HQ2M_CONTRACTS_0_PASSWORD} + HQ2M_CONTRACTS_0_CUSTOMER: ${HQ2M_CONTRACTS_0_CUSTOMER} + HQ2M_CONTRACTS_0_ACCOUNT: ${HQ2M_CONTRACTS_0_ACCOUNT} + HQ2M_CONTRACTS_0_CONTRACT: ${HQ2M_CONTRACTS_0_CONTRACT} + HQ2M_CONTRACTS_0_RATE: 'D' + HQ2M_CONTRACTS_0_RATE_OPTION: 'NONE' + HQ2M_CONTRACTS_0_SYNC_HOURLY_CONSUMPTION_ENABLED: "true" + HQ2M_CONTRACTS_0_HOME_ASSISTANT_WEBSOCKET_URL: http://homeassistant:8123/api/websocket + HQ2M_CONTRACTS_0_HOME_ASSISTANT_TOKEN: ${HQ2M_CONTRACTS_0_HOME_ASSISTANT_TOKEN} + + # grocy: + # entrypoint: + # - /init + # environment: + # - PUID=1000 + # - PGID=1000 + # - TZ=America/Toronto + # image: lscr.io/linuxserver/grocy + # ports: + # - 9283:80/tcp + # restart: unless-stopped + # volumes: + # - /mnt/HoardingCow_docker_data/Grocy/config:/config:rw + + # node-red: + # image: nodered/node-red:latest + # environment: + # - NODE_RED_UID=1000 + # - NODE_RED_GID=1000 + # - TZ=UTC + # ports: + # - "1880:1880" + # volumes: + # - /mnt/HoardingCow_docker_data/Node-Red/data:/data + # restart: unless-stopped + +networks: + traefik-net: + external: true diff --git a/homepage/compose.yml b/homepage/compose.yml new file mode 100644 index 0000000..31ae497 --- /dev/null +++ b/homepage/compose.yml @@ -0,0 +1,41 @@ +services: + homer: + image: b4bz/homer + container_name: homer + environment: + - UID=1000 + - GID=1000 + - TZ=America/Toronto + - PORT=8080 + volumes: + - /mnt/HoardingCow_docker_data/Homer/assets:/www/assets:rw + restart: unless-stopped + networks: + - traefik-net + labels: + - "traefik.enable=true" + + # HTTP → HTTPS redirect + - "traefik.http.routers.homer-http.rule=Host(`lazyworkhorse.net`)" + - "traefik.http.routers.homer-http.entrypoints=web" + - "traefik.http.routers.homer-http.middlewares=redirect-to-https" + - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" + + # HTTPS router protected by Authelia + - "traefik.http.routers.homer-https.rule=Host(`lazyworkhorse.net`)" + - "traefik.http.routers.homer-https.entrypoints=websecure" + - "traefik.http.routers.homer-https.tls=true" + - "traefik.http.routers.homer-https.tls.certresolver=njalla" + - "traefik.http.routers.homer-https.middlewares=homer-auth" + + # Authelia forwardAuth + - "traefik.http.middlewares.homer-auth.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.lazyworkhorse.net/" + - "traefik.http.middlewares.homer-auth.forwardauth.trustforwardheader=true" + - "traefik.http.middlewares.homer-auth.forwardauth.authresponseheaders=X-Forwarded-User,X-Forwarded-Groups" + + # Internal port + - "traefik.http.services.homer.loadbalancer.server.port=8080" + +networks: + traefik-net: + external: true diff --git a/network/compose.yml b/network/compose.yml index 454c483..7757d98 100644 --- a/network/compose.yml +++ b/network/compose.yml @@ -73,7 +73,7 @@ networks: # - PGID=1000 # - TZ=America/Toronto # - SUBDOMAINS=aziworkhorse - # - TOKEN=$[DUCKDNS_TOKEN] + # - TOKEN=${DUCKDNS_TOKEN} # image: lscr.io/linuxserver/duckdns # labels: # - "traefik.enable=false" diff --git a/passwordmanager/compose.yml b/passwordmanager/compose.yml index 12602a7..f458cb1 100644 --- a/passwordmanager/compose.yml +++ b/passwordmanager/compose.yml @@ -18,27 +18,19 @@ services: labels: - "traefik.enable=true" - # Router for HTTP + redirection to HTTPS - - "traefik.http.routers.bitwarden-http.rule=Host(`pass.lazyworkhorse.net`)" - - "traefik.http.routers.bitwarden-http.entrypoints=web" - - "traefik.http.routers.bitwarden-http.middlewares=redirect-to-https" + # HTTP → HTTPS + - "traefik.http.routers.pass-http.rule=Host(`pass.lazyworkhorse.net`)" + - "traefik.http.routers.pass-http.entrypoints=web" + - "traefik.http.routers.pass-http.middlewares=redirect-to-https" - # Router for HTTPS with TLS - - "traefik.http.routers.bitwarden-https.rule=Host(`pass.lazyworkhorse.net`)" - - "traefik.http.routers.bitwarden-https.entrypoints=websecure" - - "traefik.http.routers.bitwarden-https.tls=true" - - "traefik.http.routers.bitwarden-https.tls.certresolver=njalla" - - # Wildcard - # - "traefik.http.routers.bitwarden-https.tls.domains[0].main=lazyworkhorse.net" - # - "traefik.http.routers.bitwarden-https.tls.domains[0].sans=*.lazyworkhorse.net" - - # Middleware for redirect HTTP -> HTTPS - - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - - # Websocket support (port 80 du container) - - "traefik.http.services.bitwarden.loadbalancer.server.port=80" + # HTTPS + - "traefik.http.routers.pass-https.rule=Host(`pass.lazyworkhorse.net`)" + - "traefik.http.routers.pass-https.entrypoints=websecure" + - "traefik.http.routers.pass-https.tls=true" + - "traefik.http.routers.pass-https.tls.certresolver=njalla" + # Internal service + - "traefik.http.services.pass.loadbalancer.server.port=80" networks: traefik-net: external: true diff --git a/versioncontrol/compose.yml b/versioncontrol/compose.yml index 089a6b6..1c6fc96 100644 --- a/versioncontrol/compose.yml +++ b/versioncontrol/compose.yml @@ -19,24 +19,25 @@ services: labels: - "traefik.enable=true" - # Router for HTTP + redirection to HTTPS + # HTTP -> HTTPS Redirect - "traefik.http.routers.gitea-http.rule=Host(`code.lazyworkhorse.net`)" - "traefik.http.routers.gitea-http.entrypoints=web" - "traefik.http.routers.gitea-http.middlewares=redirect-to-https" + - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - # Router for HTTPS with TLS + # HTTPS Router - "traefik.http.routers.gitea-https.rule=Host(`code.lazyworkhorse.net`)" - "traefik.http.routers.gitea-https.entrypoints=websecure" - "traefik.http.routers.gitea-https.tls=true" - "traefik.http.routers.gitea-https.tls.certresolver=njalla" + - "traefik.http.routers.gitea-https.middlewares=gitea-home-redirect" - # Wildcard - # - "traefik.http.routers.gitea-https.tls.domains[0].main=lazyworkhorse.net" - # - "traefik.http.routers.gitea-https.tls.domains[0].sans=*.lazyworkhorse.net" - - # Middleware for redirect HTTP -> HTTPS - - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" + # The Redirect Logic - Using single quotes to allow backslashes + - 'traefik.http.middlewares.gitea-home-redirect.redirectregex.regex=^https://code\.lazyworkhorse\.net/?$$' + - 'traefik.http.middlewares.gitea-home-redirect.redirectregex.replacement=https://code.lazyworkhorse.net/gortium' + - "traefik.http.middlewares.gitea-home-redirect.redirectregex.permanent=true" + # Internal Routing - "traefik.http.services.gitea.loadbalancer.server.port=3000" networks: