Update to master_sync.toml

using additional_env_files instead of env_file_path for both compose-grimmory and compose-scanopy. This allows for better tracking of environment variable changes and keeps the configuration consistent across both services.

master_sync.toml

@@ -1,10 +1,6 @@
-[[server]]
+# ==============================================================
-name = "Unraid"
+# SERVERS
-[server.config]
+# ==============================================================
-external_address = "http://172.24.3.12"
-enabled = true
-
-##
 
 [[server]]
 name = "synology"
@@ -13,12 +9,25 @@ enabled = true
 
 ##
 
+[[server]]
+name = "Unraid"
+[server.config]
+external_address = "http://172.24.3.12"
+enabled = true
+
+##
+
+# ==============================================================
+# STACKS
+# ==============================================================
+
 [[stack]]
 name = "audiobookshelf"
 tags = ["Active"]
 [stack.config]
 server = "Unraid"
 linked_repo = "compose-audiobookshelf"
+webhook_secret = "Spotting-Drainpipe-Freely-Outwit-Opponent7"
 
 ##
 
@@ -29,7 +38,7 @@ tags = ["Active"]
 server = "Unraid"
 auto_update = true
 linked_repo = "compose-changedetection_io"
-webhook_secret = "Limb-Crease-Unelected-Squeeze1"
+webhook_secret = "Spotting-Drainpipe-Freely-Outwit-Opponent7"
 additional_env_files = [
   { path = ".env", track = true }
 ]
@@ -50,101 +59,6 @@ additional_env_files = [
 
 ##
 
-[[stack]]
-name = "gitlab"
-tags = ["Active"]
-[stack.config]
-server = "Unraid"
-additional_env_files = [
-  { path = ".env", track = true }
-]
-file_contents = """
-
-
-networks:
-  Internal:
-    name: Internal_Network
-    external: true
-  External: 
-      name: traefik_gateway_external
-      external: true
-
-services:
-  gitlab:
-    image: gitlab/gitlab-ce:latest
-    container_name: gitlab
-    restart: always
-    hostname: 'gitlab.andrewamason.tech'
-    deploy:
-      resources:
-        limits:
-          memory: 16G # 
-    environment:
-      GITLAB_OMNIBUS_CONFIG: |
-        nginx['custom_gitlab_server_config'] = "listen 80;"
-        external_url 'https://gitlab.andrewamason.tech'
-        gitlab_rails['gitlab_shell_ssh_port'] = 2424
-        registry_external_url 'http://registry.andrewamason.tech'
-        registry_nginx['listen_port'] = 5050
-        registry_nginx['listen_https'] = true
-        registry_nginx['ssl_certificate'] = "/etc/gitlab/ssl/fullchain.pem"
-        registry_nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/privkey.pem"    
-        gitlab_rails['smtp_enable'] = true
-        gitlab_rails['smtp_address'] = "smtp-relay.brevo.com"
-        gitlab_rails['smtp_port'] = 587
-        gitlab_rails['smtp_user_name'] = "929a53001@smtp-brevo.com"
-        gitlab_rails['smtp_password'] = "xsmtpsib-9f7e1bc9517b887307058196de6aeff3ba10aa6792a99f3c7fd4a8282ce46622-O0rWTnaqPQfZHb2R"
-        gitlab_rails['smtp_domain'] = "andrewamason.tech"
-        gitlab_rails['smtp_authentication'] = "login"
-        gitlab_rails['smtp_enable_starttls_auto'] = true
-        gitlab_rails['smtp_openssl_verify_mode'] = 'peer'
-        gitlab_rails['gitlab_email_from'] = 'gitlab@andrewamason.tech'
-        gitlab_rails['gitlab_email_reply_to'] = 'noreply@andrewamason.tech'
-    networks:
-      - Internal
-      - External
-    expose:
-      - 8929
-      - 80
-      - 443
-      - 22
-    volumes:
-      - /mnt/user/docker/swag/etc/letsencrypt/live/andrewamason.tech/fullchain.pem:/etc/gitlab/ssl/fullchain.pem:ro
-      - /mnt/user/docker/swag/etc/letsencrypt/live/andrewamason.tech/privkey.pem:/etc/gitlab/ssl/privkey.pem:ro
-      - /mnt/user/docker/gitlab/config:/etc/gitlab
-      - /mnt/user/docker/gitlab/logs:/var/log/gitlab
-      - /mnt/user/docker/gitlab/data:/var/opt/gitlab
-    shm_size: '512m'
-    labels:
-      - traefik.enable=true
-      - traefik.http.routers.gitlab.rule=Host(`gitlab.andrewamason.tech`)
-      - traefik.http.routers.gitlab.entrypoints=https,http
-      - traefik.http.routers.gitlab.tls=true
-      - traefik.http.routers.gitlab.tls.certresolver=letsencrypt
-      - traefik.http.routers.gitlab.middlewares=https_redirect
-      - traefik.http.services.gitlab.loadbalancer.healthcheck.followredirects=true
-      - traefik.http.services.gitlab.loadbalancer.healthcheck.path=/
-      - traefik.http.services.gitlab.loadbalancer.healthcheck.port=443
-      - traefik.http.services.gitlab.loadbalancer.passhostheader=true
-      - traefik.http.services.gitlab.loadbalancer.server.scheme=https
-      - traefik.http.services.gitlab.loadbalancer.server.port=443
-      - traefik.docker.network=traefik_gateway_external  
-  gitlab-runner:
-    image: gitlab/gitlab-runner:latest
-    container_name: gitlab-runner
-    network_mode: host
-    volumes:
-      - /mnt/user/docker/swag/etc/letsencrypt/ca:/usr/share/ca-certificates
-      - /mnt/user/docker/gitlab/runner/config/:/etc/gitlab-runner
-      - /var/run/docker.sock:/var/run/docker.sock
-    environment:
-      GIT_SSL_NO_VERIFY: "true"
-    labels:
-      - traefik.enable=false
-"""
-
-##
-
 [[stack]]
 name = "glance"
 tags = ["Active"]
@@ -166,29 +80,10 @@ tags = ["Testing"]
 server = "Unraid"
 auto_update = true
 linked_repo = "compose-grimmory"
-env_file_path = "grimmory.env"
+webhook_secret = "Spotting-Drainpipe-Freely-Outwit-Opponent7"
 additional_env_files = [
   { path = ".env", track = true }
 ]
-environment = """
-# Application
-APP_USER_ID=1000
-APP_GROUP_ID=1000
-TZ=Etc/UTC
-# Database
-DATABASE_URL=jdbc:mariadb://grimmory-mariadb:3306/grimmory
-DB_USER=grimmory
-DB_PASSWORD=ChangeMe_Grimmory_2025!
-# Optional: enable API docs + export OpenAPI JSON (defaults to false)
-API_DOCS_ENABLED=false
-# Storage: LOCAL (default) or NETWORK (disables file operations; see Network Storage section)
-DISK_TYPE=LOCAL
-# MariaDB
-DB_USER_ID=1000
-DB_GROUP_ID=1000
-MYSQL_ROOT_PASSWORD=ChangeMe_MariaDBRoot_2025!
-MYSQL_DATABASE=grimmory
-"""
 
 ##
 
@@ -200,6 +95,7 @@ server = "Unraid"
 poll_for_updates = true
 auto_update = true
 linked_repo = "compose-homeassistant_io"
+webhook_secret = "Spotting-Drainpipe-Freely-Outwit-Opponent7"
 env_file_path = "HA.env"
 additional_env_files = [
   { path = ".env", track = true }
@@ -236,6 +132,7 @@ tags = ["Active"]
 [stack.config]
 server = "Unraid"
 linked_repo = "compose-homepage"
+webhook_secret = "Spotting-Drainpipe-Freely-Outwit-Opponent7"
 additional_env_files = [
   { path = ".env", track = true }
 ]
@@ -284,9 +181,6 @@ webhook_secret = "Spotting-Drainpipe-Freely-Outwit-Opponent7"
 additional_env_files = [
   { path = ".env", track = true }
 ]
-environment = """
-  # VARIABLE = value
-"""
 
 ##
 
@@ -312,6 +206,7 @@ tags = ["Active"]
 server = "Unraid"
 auto_update = true
 linked_repo = "compose-kavita"
+webhook_secret = "Spotting-Drainpipe-Freely-Outwit-Opponent7"
 additional_env_files = [
   { path = ".env", track = true }
 ]
@@ -350,6 +245,7 @@ tags = ["Testing"]
 server = "Unraid"
 auto_update = true
 linked_repo = "compose-mealie"
+webhook_secret = "Spotting-Drainpipe-Freely-Outwit-Opponent7"
 
 ##
 
@@ -374,6 +270,7 @@ tags = ["As_Needed"]
 server = "Unraid"
 auto_update = true
 linked_repo = "compose-open-vscode"
+webhook_secret = "Spotting-Drainpipe-Freely-Outwit-Opponent7"
 additional_env_files = [
   { path = ".env", track = true }
 ]
@@ -449,16 +346,10 @@ name = "scanopy"
 [stack.config]
 server = "Unraid"
 linked_repo = "compose-scanopy"
-env_file_path = "scanopy.env"
+webhook_secret = "Spotting-Drainpipe-Freely-Outwit-Opponent7"
-environment = """
+additional_env_files = [
-  # VARIABLE = value
+  { path = ".env", track = true }
-POSTGRES_PASSWORD=AnywhereChamomileMakeshiftShredding6
+]
-SCANOPY_DISABLE_REGISTRATION=false
-SCANOPY_USE_SECURE_SESSION_COOKIES=true
-
-
-SCANOPY_DAEMON_API_KEY=scp_d_cL5DKUpuaI0Gwkz2HuFhgF0ZHxk6yAaF
-"""
 
 ##
 
@@ -484,6 +375,7 @@ tags = ["Testing"]
 server = "Unraid"
 auto_update = true
 linked_repo = "compose-sonarqube"
+webhook_secret = "Spotting-Drainpipe-Freely-Outwit-Opponent7"
 
 ##
 
@@ -492,6 +384,7 @@ name = "stirling-pdf"
 [stack.config]
 server = "Unraid"
 linked_repo = "compose-stirling-pdf"
+webhook_secret = "Spotting-Drainpipe-Freely-Outwit-Opponent7"
 additional_env_files = [
   { path = ".env", track = true }
 ]
@@ -533,9 +426,14 @@ tags = ["Active"]
 server = "Unraid"
 auto_update = true
 linked_repo = "compose-wallos"
+webhook_secret = "Spotting-Drainpipe-Freely-Outwit-Opponent7"
 
 ##
 
+# ==============================================================
+# DEPLOYMENTS
+# ==============================================================
+
 [[deployment]]
 name = "Technitium_2"
 [deployment.config]
@@ -546,16 +444,18 @@ poll_for_updates = true
 auto_update = true
 restart = "always"
 volumes = """
-  # volume:/container/path
 /volume1/docker/technitium_2/config:/etc/dns
 """
 environment = """
-  # VARIABLE = value
 TZ=America/New_York
 """
 
 ##
 
+# ==============================================================
+# BUILDS
+# ==============================================================
+
 [[build]]
 name = "audiobookshelf"
 [build.config]
@@ -613,26 +513,9 @@ image_registry = [
 
 ##
 
-[[repo]]
+# ==============================================================
-name = "Master_Resource_Sync"
+# REPOS
-[repo.config]
+# ==============================================================
-server = "Unraid"
-git_provider = "gitea:3000"
-git_https = false
-git_account = "andrewamason"
-repo = "andrewamason/resources"
-
-##
-
-[[repo]]
-name = "compose-OSSINT-Webcheck"
-[repo.config]
-server = "Unraid"
-git_provider = "gitea:3000"
-git_account = "andrewamason"
-repo = "HomeLab/OSSINT-Webcheck"
-
-##
 
 [[repo]]
 name = "compose-audiobookshelf"
@@ -844,6 +727,16 @@ repo = "HomeLab/Open-VSCode"
 
 ##
 
+[[repo]]
+name = "compose-OSSINT-Webcheck"
+[repo.config]
+server = "Unraid"
+git_provider = "gitea:3000"
+git_account = "andrewamason"
+repo = "HomeLab/OSSINT-Webcheck"
+
+##
+
 [[repo]]
 name = "compose-paperless-ngx"
 [repo.config]
@@ -990,6 +883,17 @@ repo = "andrewamason/resources"
 
 ##
 
+[[repo]]
+name = "Master_Resource_Sync"
+[repo.config]
+server = "Unraid"
+git_provider = "gitea:3000"
+git_https = false
+git_account = "andrewamason"
+repo = "andrewamason/resources"
+
+##
+
 [[repo]]
 name = "source-audiobookshelf"
 [repo.config]
@@ -1023,6 +927,10 @@ branch = "master"
 
 ##
 
+# ==============================================================
+# PROCEDURES
+# ==============================================================
+
 [[procedure]]
 name = "Backup Core Database"
 description = "Triggers the Core database backup at the scheduled time."
@@ -1068,6 +976,10 @@ executions = [
 
 ##
 
+# ==============================================================
+# BUILDERS
+# ==============================================================
+
 [[builder]]
 name = "local"
 [builder.config]
@@ -1084,6 +996,10 @@ params = {}
 
 ##
 
+# ==============================================================
+# RESOURCE SYNC
+# ==============================================================
+
 [[resource_sync]]
 name = "master-sync"
 [resource_sync.config]
@@ -1095,6 +1011,10 @@ include_user_groups = true
 
 ##
 
+# ==============================================================
+# VARIABLES
+# ==============================================================
+
 [[variable]]
 name = "SONARQUBE_HOST"
 value = "sqa_35f53592be1dfce277bc27d51ee0a4e32a858604"
@@ -1105,4 +1025,4 @@ is_secret = true
 [[variable]]
 name = "SONARQUBE_TOKEN"
 value = "http://172.24.3.12:9001"
-is_secret = true
+is_secret = true