- Change tags from YAML array to comma-separated format
- Add required editor and dateCreated fields
- Update all examples with correct frontmatter format
- Add note about tag format requirement
- Create .claude/skills/wiki-docs.md skill for managing Wiki.js documentation
- Skill enables writing markdown files to /mnt/media/wikijs-content/
- Files automatically sync to Wiki.js via Git storage backend
- Update AGENTS.md with Claude Code Skills section
- Document wiki-docs skill usage and benefits
- Add /mnt/media/wikijs-content/ to repository structure
The wiki-docs skill allows AI agents to create version-controlled
documentation that syncs to https://wiki.fig.systems automatically.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Updated service configurations, added new services, removed deprecated
ones, and improved gitignore patterns for better repository hygiene.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Remove Tinyauth SSO middleware from all media automation services
(Lidarr, Profilarr, Prowlarr, qBittorrent, Radarr, SABnzbd, Sonarr)
and Jellyseerr. These services will migrate to Authelia for SSO.
Remove Tinyauth SSO provider and migrate to Authelia for authentication.
Update LLDAP to use PostgreSQL backend and remove Tinyauth middleware
from core services.
Changes:
- Remove Tinyauth service entirely (compose/core/tinyauth/)
- Update LLDAP configuration with PostgreSQL database
- Remove Tinyauth middleware from Traefik dashboard
- Update LLDAP credentials and timezone to America/Los_Angeles
Add comprehensive guides for debugging and resolving FreshRSS API
authentication issues with mobile apps.
Includes:
- API password setup instructions
- iOS app configuration (Reeder, NetNewsWire, etc.)
- Google Reader API vs Fever API comparison
- nginx Authorization header troubleshooting
- Debug logging locations and commands
- Common error patterns and solutions
Covers both successful resolution and known limitations.
Add development environment mode for troubleshooting authentication
and API issues. Enables detailed PHP error logging and stack traces.
Can be reverted to production mode by removing FRESHRSS_ENV variable
after debugging is complete.
Remove Tinyauth SSO middleware and configure Traefik for FreshRSS API
compatibility with mobile apps.
Changes:
- Removed tinyauth middleware (conflicts with API authentication)
- Added passhostheader directive for proper request routing
- FreshRSS now uses built-in authentication only
This enables iOS RSS apps (Reeder, NetNewsWire, etc.) to connect via
FreshRSS's Google Reader and Fever APIs.
Add Dozzle for simple, real-time Docker container log viewing.
Features:
- Real-time log streaming from all containers
- Search and filter capabilities
- Multi-container side-by-side view
- Container resource statistics (CPU, memory)
- No database required (reads directly from Docker)
- Minimal footprint (~4MB image)
Configuration:
- Restricted to local network only (local-only middleware)
- Auto-discovery of all running containers
- Dark/light theme support
Includes quickstart guide and comprehensive documentation.
Add Komodo for centralized Docker container and server management.
Features:
- Docker container deployment and management
- Server monitoring and resource tracking
- Build system for Docker images from Git repositories
- Multi-server support with periphery agents
- Webhooks for automatic deployments
Stack includes:
- Komodo Core (web UI and API)
- Komodo Periphery (local Docker agent)
- MongoDB (configuration storage)
Includes comprehensive configuration with:
- Pre-configured .env with all available options
- Optional TOML config files for advanced settings
- Setup script with pre-deployment validation
- Full documentation and security checklist
Apply local-only middleware to:
- Backrest (backup management)
- Code Server (IDE)
- Ollama (LLM API)
These services now require both SSO authentication and local network
access (10.0.0.0/16), preventing external access while maintaining
convenience on LAN.
Add IP allowlist middleware to restrict services to local network
(10.0.0.0/16). Allows services to be protected from external access
while remaining accessible on LAN.
Add Lidarr for music collection management and Prowlarr for
unified indexer management across all *arr applications.
- Lidarr accessible at lidarr.fig.systems
- Prowlarr accessible at prowlarr.fig.systems
- Both integrated with existing media automation stack
Add Open WebUI for ChatGPT-like interface to local Ollama models
with RAG capabilities for documentation Q&A. Add code-server for
web-based VS Code access with AI coding assistants.
- Open WebUI accessible at ai.fig.systems
- code-server accessible at code.fig.systems
- Both integrated with local Ollama instance
- Add complete Traefik configuration for Homarr dashboard
- Enable Docker socket access for service discovery
- Configure Homarr to listen on dashboard.fig.systems
- Update FreshRSS hostname from rss to feeds for clarity
- Add Homarr discovery labels to Jellyfin and Jellyseerr
- Add config volume mount to Profilarr for persistence
- Improve service organization and discoverability
- Upgrade Loki from v2.9.3 to v3.3.2
- Upgrade Promtail from v2.9.3 to v3.3.2
- Update Loki configuration for v3 compatibility
- Replace deprecated table_manager with compactor settings
- Disable structured metadata for compatibility
Update all media services to use the correct mount point at /mnt/media
for consistency across Sonarr, Radarr, SABnzbd, qBittorrent, Jellyfin,
and Immich. This ensures proper file access and atomic moves between
download and library directories.
- Upgrade Traefik from v3.3 to v3.6.2
- Add Docker API version specification for compatibility
- Update LLDAP to latest image tag
- Migrate LLDAP to named volume for better data management
- Updated documentation for users who disable root SSH
- Added setup instructions for non-root user with sudo access
- Configured write permissions for /var/lib/vz/snippets
- Added Option A (root) and Option B (non-root) SSH setup guides
- Enhanced troubleshooting for permission denied errors
- Updated terraform.tfvars.example with non-root user example
- Added GPU passthrough configuration for NVIDIA GTX 1070
- Dynamic hostpci block with OVMF BIOS and q35 machine type
- EFI disk support when GPU is enabled
- Configurable via enable_gpu_passthrough and gpu_pci_id variables
- Added NFS mount support for Proxmox host media directories
- Mounts 11 media directories from Proxmox host to VM
- Configurable source path and mount point
- Persistent mounts via /etc/fstab
- NFS client installation via cloud-init
- Added multi-OS support (Ubuntu, AlmaLinux, Debian)
- Separate cloud-init templates for Ubuntu and AlmaLinux
- OS-specific package installation (apt vs dnf)
- OS type validation via variable
- Updated terraform.tfvars.example with new configuration options
- Updated README.md with comprehensive documentation:
- AlmaLinux cloud template creation steps
- GPU passthrough setup for AMD Ryzen + NVIDIA
- NFS server configuration on Proxmox host
- Troubleshooting for GPU and NFS issues
- Replace Linkwarden with Karakeep for AI-powered bookmarking
- Supports links, notes, images, PDFs
- AI auto-tagging with Ollama integration
- Browser extensions and mobile apps
- Full-text search with Meilisearch
- Add Ollama for local LLM inference
- Run Llama, Mistral, CodeLlama locally
- GPU acceleration support (GTX 1070)
- OpenAI-compatible API
- Integrates with Karakeep for AI features
- Add example configuration files for services
- Sonarr: config.xml.example
- Radarr: config.xml.example
- SABnzbd: sabnzbd.ini.example
- qBittorrent: qBittorrent.conf.example
- Vikunja: config.yml.example
- FreshRSS: config.php.example
- Fix incomplete FreshRSS compose.yaml
- Update README with new services and deployment instructions
