## Description ## Type of Change - [ ] New service addition - [ ] Service configuration update - [ ] Bug fix - [ ] Documentation update - [ ] Security fix - [ ] Infrastructure change ## Changes Made - - - ## Checklist ### General - [ ] All compose files use `compose.yaml` (not `.yml`) - [ ] Code follows Docker Compose best practices - [ ] Changes tested locally - [ ] Documentation updated (README.md) ### Services (if applicable) - [ ] Service added to correct category (core/media/services) - [ ] Proper network configuration (homelab + internal if needed) - [ ] Volumes properly configured - [ ] Environment variables use `.env` file or are documented ### Traefik & SSL (if applicable) - [ ] Traefik labels configured correctly - [ ] Uses `websecure` entrypoint - [ ] Let's Encrypt cert resolver configured - [ ] Both domains configured (`fig.systems` and `edfig.dev`) - [ ] SSO middleware applied (if appropriate) ### Security - [ ] No secrets committed in `.env` files - [ ] Placeholder passwords use `changeme_*` format - [ ] No sensitive data in compose files - [ ] Container runs as non-root user (where possible) ### Documentation - [ ] Service added to README.md service table - [ ] Deployment instructions added/updated - [ ] Configuration requirements documented - [ ] Comments added to compose file explaining purpose ## Testing ```bash # Commands used to test: # Expected behavior: # Actual behavior: ``` ## Screenshots (if applicable) ## Related Issues ## Additional Notes --- ## For Reviewers - [ ] All CI checks pass - [ ] Docker Compose validation passes - [ ] YAML linting passes - [ ] Security scans pass - [ ] No security vulnerabilities introduced