Updated documentation to reflect current infrastructure:
**Added:**
- Mattermost team collaboration platform
- Team chat, file sharing, integrations
- Email notifications via IONOS SMTP
- Incoming webhooks for infrastructure alerts
- PostgreSQL backend
- Netdata real-time monitoring
- System and service monitoring
- PostgreSQL and Docker monitoring
- Restic backup repository monitoring
- Email and Mattermost alerts
- HTTP Basic Auth protection
**Removed:**
- Gotify notification server (replaced by Mattermost)
**Updated:**
- Database initialization: Added mattermost database
- Backup configuration: Added Mattermost volumes
- Environment variables: Added MATTERMOST_WEBHOOK_URL and WATCHTOWER_NOTIFICATION_URL
- Volume management: Added Mattermost, Joplin, and Jellyfin volumes
- Service list in compose include pattern
All documentation now reflects the current state of the infrastructure
with Mattermost as the central notification and collaboration hub.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Removed authentication middleware from Vert and Paint services:
- Removed basicauth middleware labels from vert service
- Removed basicauth middleware labels from paint service
- Updated middleware chains to exclude auth
- Updated CLAUDE.md to reflect public access
All Kit stack services (landing, vert, paint) are now publicly
accessible without authentication as they are client-side tools
that don't require protection.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added kit-ui landing page as the main entry point for the toolkit:
- Image: ghcr.io/valknarness/kit-ui:latest
- URL: https://kit.pivoine.art
- Provides links to Vert (file converter) and Paint (image editor)
Changes:
- Added landing service to kit/compose.yaml
- Updated arty.yml with KIT_TRAEFIK_HOST and KIT_LANDING_IMAGE
- Updated CLAUDE.md with landing page documentation
- Updated README.md with landing page reference
Toolkit structure:
- Landing: kit.pivoine.art (main hub)
- Vert: vert.kit.pivoine.art (file converter)
- Paint: paint.kit.pivoine.art (image editor)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Created new kit.pivoine.art stack with path-based routing:
- /vert: VERT file format converter (250+ formats)
- /paint: miniPaint image editor
Changes:
- Created kit/compose.yaml with both services
- Removed Sablier scale-to-zero from Vert (no longer needed)
- Deleted old vert/ and paint/ stack directories
- Updated compose.yaml includes (removed vert, paint; added kit)
- Updated arty.yml with KIT_* environment variables
- Updated CLAUDE.md documentation with new Kit section
- Updated README.md with consolidated toolkit entry
Benefits:
- Single domain for related utilities
- Simplified service management
- Maintained HTTP Basic Auth protection
- No Sablier dependency for Vert
Access:
- File converter: https://kit.pivoine.art/vert
- Image editor: https://kit.pivoine.art/paint🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Documented the PairDrop service with WebRTC STUN configuration:
- Service description and features
- RTC_CONFIG configuration with Google STUN servers
- Usage instructions for cross-network file sharing
- Technical details about WebRTC and NAT traversal
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added PairDrop stack for peer-to-peer file sharing:
- WebRTC-based direct file transfers between devices
- No file size limits or server storage
- End-to-end encrypted transfers
- Local network auto-discovery
- Cross-platform support (desktop, mobile, tablets)
- Progressive Web App installable on mobile
- Rate limiting enabled for security
PairDrop provides secure, private file sharing without uploading
files to any server - all transfers happen directly between devices.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added jellyfin-backup plan to Backrest configuration:
- Backs up /volumes/jelly_config daily at 9 AM
- Retention: 7 daily, 4 weekly, 6 monthly, 2 yearly
- Added jelly_config volume mount to restic/compose.yaml
- Updated documentation in CLAUDE.md
This ensures Jellyfin configuration, library metadata, and user
settings are backed up to HiDrive.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added Jellyfin stack for streaming photos and videos from HiDrive:
- Maps /mnt/hidrive/users/valknar/Pictures to /media/pictures (read-only)
- Maps /mnt/hidrive/users/valknar/Videos to /media/videos (read-only)
- Hardware transcoding support for optimal video playback
- Multi-device streaming (web, mobile, TV apps)
- Automatic media organization with metadata fetching
Jellyfin provides superior video playback compared to Filestash's
transcoding plugin, which has compatibility issues with named pipes
in containerized environments.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added new paint service stack to the docker-compose infrastructure:
- **Paint stack** (paint.pivoine.art):
- miniPaint: Web-based image editor built from GitHub
- Multi-stage Docker build clones from https://github.com/viliusle/miniPaint
- Features: layers, filters, drawing tools, text, shapes support
- Client-side processing with no server uploads
- Stateless architecture (no backups needed)
Infrastructure updates:
- Created paint/compose.yaml with Traefik routing and SSL
- Created paint/Dockerfile with Node.js build stage and nginx serve
- Added PAINT environment variables to arty.yml
- Updated compose.yaml include list
- Updated CLAUDE.md documentation
All services integrated with Traefik for SSL termination and include
Watchtower auto-update labels.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added VERT universal file format converter deployed at vert.pivoine.art:
**Vert stack** (vert.pivoine.art):
- vert: WebAssembly-based file converter
- Supports 250+ file formats (images, audio, documents, video)
- Client-side processing for privacy
- No file size limits
- No persistent data storage (stateless)
Infrastructure updates:
- Created vert/compose.yaml with Vert configuration
- Added VERT_* environment variables to arty.yml
- Updated compose.yaml to include vert stack
- Updated README.md and CLAUDE.md documentation
- No backup needed (stateless service)
All services integrated with Traefik for SSL termination and include
Watchtower auto-update labels.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added Joplin Server deployment at joplin.pivoine.art:
**Joplin stack** (joplin.pivoine.art):
- joplin: Note-taking server with multi-device sync
- PostgreSQL backend for data persistence
- End-to-end encryption support
- Compatible with official Joplin clients (desktop, mobile, CLI)
- Markdown-based notes with attachments
Infrastructure updates:
- Added joplin database to PostgreSQL init script
- Updated compose.yaml to include joplin stack
- Added JOPLIN_* environment variables to arty.yml
- Added joplin-backup plan to restic (13th backup plan)
- Updated restic/compose.yaml with joplin_data volume mount
- Updated README.md and CLAUDE.md documentation
All services integrated with Traefik for SSL termination and include
Watchtower auto-update labels. Daily backups scheduled for 2 AM with
7 daily, 4 weekly, 6 monthly, and 2 yearly retention.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added self-hosted password manager to The Falcon infrastructure:
**Vault Stack** (vault.pivoine.art):
- Vaultwarden (Bitwarden-compatible server)
- SQLite database for password storage
- WebSocket support for real-time sync
- TOTP and WebAuthn/U2F 2FA support
- Browser extensions and mobile apps compatible
**Configuration:**
- Domain: https://vault.pivoine.art
- Signups: Disabled (invite-only for security)
- Invitations: Enabled
- Password hints: Disabled (security best practice)
- First user becomes admin
**Backup Integration:**
- Added vaultwarden-backup plan to Restic
- Schedule: 8 AM daily (same as letsencrypt)
- Retention: 7 daily, 4 weekly, 12 monthly, 3 yearly
- Backup volume: vault_data mounted read-only
**Infrastructure Updates:**
- Created vault/compose.yaml following stack pattern
- Added VAULT_* environment variables to arty.yml
- Updated compose.yaml to include vault stack
- Added backup_vaultwarden_data volume to restic
- Updated restic/config.json with 12th backup plan
**Documentation:**
- Added Vault to CORE SYSTEMS in README
- Added to ship architecture diagram
- Documented in CLAUDE.md with configuration details
- Updated volume management sections
- Backup count increased from 11 to 12 plans
Critical data backed up with long retention (3 years yearly).
Compatible with official Bitwarden clients on all platforms.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Updated documentation to reflect complete backup setup:
**CLAUDE.md Updates:**
- Added detailed repository configuration (hidrive-backup)
- Documented all 11 backup plans with schedules and retention
- Explained volume mounting strategy with prefixed names
- Added configuration management instructions
- Included maintenance schedule (weekly prune/check)
**README.md Updates:**
- Added "Backup Operations" section with CLI commands
- Documented automated backup schedule (2-8 AM daily)
- Added backup protocol to security section
- Updated mission status with backup system indicator
- Included next backup time and repository status
**compose.yaml Updates:**
- Restored backrest_config volume (needed for proper operation)
- Removed direct config.json mount (causes write conflicts)
- Config copied into volume after container start
All 11 backup plans now documented:
- postgres, redis, directus (uploads/bundle)
- awesome, gotify, scrapy, n8n
- filestash, linkwarden, letsencrypt
Retention policies range from 3-12 months with yearly backups
for critical data (postgres, directus, letsencrypt).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added new Links stack to Falcon infrastructure:
**Links Stack (links.pivoine.art):**
- Linkwarden bookmark manager with PostgreSQL backend
- Meilisearch v1.12.8 for full-text search
- Browser extension support
- Screenshot and PDF archiving
- Collaborative bookmark sharing
**Infrastructure Updates:**
- Created links/compose.yaml with linkwarden and meilisearch services
- Added linkwarden database to PostgreSQL init script
- Added LINKS_* environment variables to arty.yml
- Updated compose.yaml to include links stack
- Cleaned up .env to contain only secrets
- Added all EMAIL_* variables to .env
**Documentation:**
- Updated CLAUDE.md with Links service details
- Updated README.md with Links in CORE SYSTEMS table
- Added linkwarden_data and meili_data volumes to docs
**Required Secrets (in .env):**
- LINKS_NEXTAUTH_SECRET: NextAuth.js session encryption
- LINKS_MEILI_MASTER_KEY: Meilisearch API authentication
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added three new service stacks to the docker-compose infrastructure:
- **Scrapy stack** (scrapy.pivoine.art):
- scrapyd: Web scraping daemon with web interface (port 6800)
- scrapy: Development container for spider commands
- scrapyrt: Real-time API for running spiders (port 9080)
- **n8n stack** (n8n.pivoine.art):
- Workflow automation platform with PostgreSQL backend
- 200+ integrations for automated tasks
- Runners enabled for task execution
- Webhook support for external triggers
- **Filestash stack** (stash.pivoine.art):
- Web-based file manager with multi-backend support
- Supports SFTP, S3, Dropbox, Google Drive, FTP, WebDAV
- In-browser file viewing and media playback
Infrastructure updates:
- Updated PostgreSQL init script to create n8n database
- Added environment variables to arty.yml for all three stacks
- Updated compose.yaml include list
- Updated CLAUDE.md and README.md documentation
- Normalized service names in existing stacks (gotify, proxy, umami, vpn)
All services integrated with Traefik for SSL termination and include
Watchtower auto-update labels.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
