feat: add 15 new containers, fix Better Bahn category, and add LICENSE file#91
Open
ajnart wants to merge 18 commits into
Open
feat: add 15 new containers, fix Better Bahn category, and add LICENSE file#91ajnart wants to merge 18 commits into
ajnart wants to merge 18 commits into
Conversation
📝 WalkthroughWalkthroughThis PR adds licensing clarification via a GNU AGPL v3 license file, introduces 16 new container metadata manifest files with standard name/version/description fields, and extends the Docker tools catalog with 17 new tool definitions (plus one existing tool update) distributed across automation, management, monitoring, and miscellaneous categories, each with metadata and corresponding Docker Compose service templates. Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~22 minutes Possibly related PRs
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 5
🧹 Nitpick comments (13)
containers/portracker.yaml (1)
1-1: Consider normalizing display name casing for consistency.Line 1 uses
portrackerwhile other manifests typically use project-style casing (e.g.,Panelio,Arcane). If thisnameis user-facing, usePortrackerfor catalog consistency.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@containers/portracker.yaml` at line 1, The manifest's name field uses lowercase "portracker"; change the display name to title-case "Portracker" so it matches project-style casing used elsewhere—update the YAML value for the name key (currently "portracker") to "Portracker" and verify any related manifest references that consume this name string still behave as expected.containers/alloy.yaml (2)
3-3: Update description to reflect telemetry/metrics functionality.The description "A container for Alloy application services" is generic and doesn't convey the tool's purpose. According to the PR objectives, Grafana Alloy is a metrics scraper.
📝 Suggested improvement
-description: A container for Alloy application services +description: OpenTelemetry collector for metrics, logs, and traces🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@containers/alloy.yaml` at line 3, Update the YAML description value (the "description" key in containers/alloy.yaml) to clearly state that this container runs Grafana Alloy as a metrics/telemetry scraper for collecting and forwarding application metrics, e.g., replace the generic "A container for Alloy application services" with a concise description mentioning Grafana Alloy and its role as a metrics/telemetry scraper.
1-1: Consider using the full "Grafana Alloy" name for clarity.The name "Alloy" is ambiguous. According to the PR objectives, this is "Grafana Alloy (metrics scraper)". Using the full name improves discoverability and prevents confusion with other projects named Alloy.
📝 Suggested improvement
-name: Alloy +name: Grafana Alloy🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@containers/alloy.yaml` at line 1, Update the value for the YAML name key that currently reads "name: Alloy" to the full, unambiguous project name "Grafana Alloy (metrics scraper)"; locate the "name: Alloy" entry in the containers/alloy.yaml snippet and replace the short "Alloy" value with the suggested full name so the manifest uses "Grafana Alloy (metrics scraper)" for clarity and discoverability.containers/authentik.yaml (1)
3-3: Improve description to reflect actual functionality.The description "A container for Authentik services" is generic. According to the PR objectives, Authentik is an authentication/identity provider. Consider a more descriptive summary.
📝 Suggested improvement
-description: A container for Authentik services +description: Authentication and identity provider with SSO support🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@containers/authentik.yaml` at line 3, Update the generic "description" value to clearly state the container's purpose as an authentication/identity provider; modify the description key (the "description" field currently set to "A container for Authentik services") to a more specific summary like "Authentik authentication and identity provider container for managing user SSO, OAuth2/OIDC, and access policies" so it accurately reflects Authentik's functionality.containers/autoxpose.yaml (1)
3-3: Update description to reflect DNS/reverse-proxy automation.The description "A container for autoxpose services" is generic. According to the PR objectives, autoxpose provides "automatic DNS/reverse-proxy configuration."
📝 Suggested improvement
-description: A container for autoxpose services +description: Automatic DNS and reverse-proxy configuration tool🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@containers/autoxpose.yaml` at line 3, Update the top-level description value in containers/autoxpose.yaml (the "description" field) to clearly state that autoxpose provides automatic DNS and reverse-proxy configuration (e.g., mention "automatic DNS/reverse-proxy configuration" or similar) so the file documents the PR objective rather than the generic "A container for autoxpose services."containers/authentik-worker.yaml (1)
1-3: Clarify the worker's role in the description.The description "A container for Authentik worker services" is vague. Worker components typically handle background tasks like email sending, database migrations, or scheduled jobs.
📝 Suggested improvement
-description: A container for Authentik worker services +description: Background worker for Authentik authentication tasks🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@containers/authentik-worker.yaml` around lines 1 - 3, Update the YAML description field to clearly state the worker responsibilities instead of the vague "A container for Authentik worker services": change the description value used alongside name: Authentik-Worker (and keep version: 2.5.0) to something like "Background worker for Authentik: handles email delivery, task queue processing, database migrations, and scheduled jobs" so reviewers and operators immediately understand the worker's role.containers/authentik-proxy.yaml (1)
3-3: Improve description to clarify proxy functionality.The description "A container for Authentik proxy services" is generic. Authentik Proxy typically handles forward authentication for protecting applications.
📝 Suggested improvement
-description: A container for Authentik proxy services +description: Forward authentication proxy for protecting applications with Authentik🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@containers/authentik-proxy.yaml` at line 3, Update the YAML "description" field to replace the generic text with a clearer statement that this container provides Authentik forward authentication to protect upstream applications (e.g., mention forward authentication, protecting apps, and any relevant auth protocols like OAuth2/OpenID Connect); locate and edit the description key in the authentik-proxy container manifest (the existing "description" entry) to a concise, explicit sentence conveying that responsibility.containers/healarr.yaml (1)
3-3: Update description to reflect media indexer functionality.The description "A container for healarr services" is generic. According to the PR objectives, Healarr is a "media indexer."
📝 Suggested improvement
-description: A container for healarr services +description: Media library indexer and health checker🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@containers/healarr.yaml` at line 3, Update the YAML description field to explicitly state Healarr's role as a media indexer: replace the generic "A container for healarr services" description with something like "A container for Healarr media indexer" (or "Healarr media indexer service") in the description key so the manifest accurately reflects functionality.tools/management.ts (3)
266-282: Elevated privileges required — consider adding a note in description.The Portracker container requires
pid: "host",SYS_PTRACE,SYS_ADMINcapabilities, and disables AppArmor. These are necessary for its port discovery functionality, but users should be aware of the security implications.Consider mentioning this in the description to set expectations.
💡 Proposed description enhancement
description: - "Open-source, self-hosted dashboard for homelabs and Docker environments that automatically discovers services and their ports. Provides a real-time network map and prevents port conflicts.", + "Open-source, self-hosted dashboard for homelabs and Docker environments that automatically discovers services and their ports. Provides a real-time network map and prevents port conflicts. Note: Requires elevated privileges (host PID namespace, SYS_PTRACE capability).",🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@tools/management.ts` around lines 266 - 282, The Portracker service definition in composeContent (service name "portracker", fields pid, cap_add, and security_opt) requests elevated privileges (pid: "host", cap_add: SYS_PTRACE and SYS_ADMIN, security_opt: apparmor:unconfined); update the surrounding description or documentation string to explicitly call out these security implications and why they are required, e.g., mention that portracker needs host PID and ptrace/admin capabilities for port discovery and that AppArmor is disabled, and include guidance or warnings for operators about trust, host exposure, and alternative deployment recommendations.
196-206: Hardcoded example credentials in compose template.The
PRIMARYandREPLICASenvironment variables contain example URLs with plaintextpasswordplaceholders. Users who deploy without modifying these will have non-functional or insecure configurations.Consider using template variables like other tools:
💡 Proposed fix using template variables
composeContent: `services: nebula-sync: image: ghcr.io/lovelaze/nebula-sync:latest container_name: \${CONTAINER_PREFIX}nebula-sync environment: - - PRIMARY=http://ph1.example.com|password - - REPLICAS=http://ph2.example.com|password,http://ph3.example.com|password + - PRIMARY=\${NEBULA_PRIMARY} + - REPLICAS=\${NEBULA_REPLICAS} - FULL_SYNC=true - RUN_GRAVITY=true - CRON=0 * * * * restart: \${RESTART_POLICY}`,🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@tools/management.ts` around lines 196 - 206, The docker-compose snippet in composeContent contains hardcoded example credentials ("password") in the PRIMARY and REPLICAS env values; update the template to remove plaintext example passwords and use template variables instead (e.g., PRIMARY_URL, PRIMARY_AUTH, REPLICAS_URLS, REPLICAS_AUTHS or similar) so callers must supply credentials at runtime; modify the composeContent string in tools/management.ts (the composeContent constant) to replace the literal "http://ph1.example.com|password" and similar entries with variable placeholders and document the expected format in the surrounding template text.
303-306: Add read-only flag to docker.sock mount for Zoraxy.Zoraxy only uses read-only Docker API calls (ContainerList, NetworkList) for its container listing and monitoring features. Align with other management tools (panelio, autoxpose, portracker) by adding the
:roflag:Suggested change
- /var/run/docker.sock:/var/run/docker.sock:roThis follows the principle of least privilege—containers should only have the minimum permissions needed.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@tools/management.ts` around lines 303 - 306, Update the docker.sock volume mount so the container only gets read-only access: locate the volumes list where "/var/run/docker.sock:/var/run/docker.sock" is declared (in the management template that defines volumes) and change that mapping to include the :ro flag (i.e., "/var/run/docker.sock:/var/run/docker.sock:ro") to enforce least privilege like other tools (panelio, autoxpose, portracker).tools/other.ts (1)
874-907: Description should mention Redis and PostgreSQL prerequisites.The Authentik server requires external Redis and PostgreSQL instances (as shown by
AUTHENTIK_REDIS__HOSTandAUTHENTIK_POSTGRESQL__*environment variables), but this isn't mentioned in the description. Users deploying only this container will encounter connection failures.💡 Proposed description update
description: - "Open-source Identity Provider focused on flexibility and versatility. Supports SAML, OAuth2, LDAP, and more. Provides SSO, multi-factor authentication, and user provisioning. Navigate to /if/flow/initial-setup/ for first-time setup.", + "Open-source Identity Provider focused on flexibility and versatility. Supports SAML, OAuth2, LDAP, and more. Provides SSO, multi-factor authentication, and user provisioning. Requires external Redis and PostgreSQL instances. Navigate to /if/flow/initial-setup/ for first-time setup.",🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@tools/other.ts` around lines 874 - 907, The description for the authentik entry (id "authentik") fails to note required external services; update the description string to explicitly state that Authentik requires external Redis and PostgreSQL instances (referencing AUTHENTIK_REDIS__HOST and AUTHENTIK_POSTGRESQL__* environment variables found in composeContent) and that users must provide connection details or run those services separately to avoid connection failures; keep the existing setup hint (/if/flow/initial-setup/) and briefly mention the relevant env vars (AUTHENTIK_REDIS__HOST, AUTHENTIK_POSTGRESQL__HOST, AUTHENTIK_POSTGRESQL__USER, AUTHENTIK_POSTGRESQL__NAME, AUTHENTIK_POSTGRESQL__PASSWORD) so deployers know the prerequisites.tools/automation.ts (1)
371-390: Missingiconfield for Healarr.While
iconis optional per theDockerToolinterface, all other tools in this file include an icon URL. Consider adding one for consistency in the UI.💡 Proposed fix
{ id: "healarr", name: "Healarr", description: "Monitoring and auto-healing tool for the *arr suite (Sonarr, Radarr, etc.). Detects stalled downloads, missing media, and other issues, then automatically triggers corrective actions.", category: "Media", tags: ["TV", "PVR", "Monitoring", "Automation", "Sonarr", "Radarr"], githubUrl: "https://github.com/mescon/healarr", + icon: "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/healarr.svg", composeContent: `services:🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@tools/automation.ts` around lines 371 - 390, The Healarr tool object (id "healarr") is missing the optional icon property used across other DockerTool entries; add an icon: string field to that object (the same object containing name "Healarr" and composeContent) pointing to a publicly hosted SVG/PNG (for example the project’s repo or a simpleicons/github-hosted asset) so the UI displays a consistent icon for Healarr.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@containers/alloy.yaml`:
- Line 2: The Docker image tag in the generated Docker Compose template is
pinned to "grafana/alloy:latest" in tools/monitoring.ts; change that literal to
"grafana/alloy:2.0.5" (or otherwise read the manifest version and inject it) so
the generated compose matches the manifest version 2.0.5; locate the image
string in the function that builds the Grafana/Alloy compose (search for
"grafana/alloy:latest" or the compose/template generator) and replace it with
"grafana/alloy:2.0.5".
In `@containers/lnkdocker.yaml`:
- Around line 1-3: The lnkdocker manifest was added despite PR notes stating
issue `#67` was skipped; either remove the newly added lnkdocker manifest (the
file that defines name: lnkdocker, version: 2.7.0, description: A container for
lnkdocker services) from the commit or update the PR description/commit message
to reflect that this file is intentionally included and not skipped—ensure
consistency between the PR scope/status and the presence of the lnkdocker
manifest so reviewers see the correct intended change.
In `@containers/mediacms.yaml`:
- Around line 1-3: The Mediacms manifest (the "Mediacms" entry with version
3.1.0 and description) was added despite the PR note that issue `#22` was skipped;
either remove this Mediacms manifest entirely or update the PR description and
issue tracker to state that Mediacms is now intentionally included — if keeping
it, ensure the PR body and issue `#22` status/comment explicitly reflect the
inclusion and rationale so the change is not out-of-sync with project scope.
In `@containers/shadowbroker.yaml`:
- Line 3: Update the YAML "description" field in shadowbroker.yaml to accurately
reflect the project's purpose: replace the current "A powerful shadowbroker
container for secure communications" with a concise OSINT-focused description
(e.g., mention "OSINT" or "Open Source Intelligence" and that it
gathers/analyzes publicly available information) so the description matches the
PR objectives and purpose of Shadowbroker.
In `@tools/monitoring.ts`:
- Around line 338-347: The docker-compose fragment defines a command with
--storage.path=/var/lib/alloy/data but does not mount a host volume for that
path and also lacks a TZ environment variable; update the service definition
referenced by the command and volumes blocks to add a persistent volume mapping
for /var/lib/alloy/data (e.g., map a host dir or named volume to
/var/lib/alloy/data in the volumes section) and add an environment entry (e.g.,
TZ) in the service env block so timezones are explicit and consistent with other
monitoring services.
---
Nitpick comments:
In `@containers/alloy.yaml`:
- Line 3: Update the YAML description value (the "description" key in
containers/alloy.yaml) to clearly state that this container runs Grafana Alloy
as a metrics/telemetry scraper for collecting and forwarding application
metrics, e.g., replace the generic "A container for Alloy application services"
with a concise description mentioning Grafana Alloy and its role as a
metrics/telemetry scraper.
- Line 1: Update the value for the YAML name key that currently reads "name:
Alloy" to the full, unambiguous project name "Grafana Alloy (metrics scraper)";
locate the "name: Alloy" entry in the containers/alloy.yaml snippet and replace
the short "Alloy" value with the suggested full name so the manifest uses
"Grafana Alloy (metrics scraper)" for clarity and discoverability.
In `@containers/authentik-proxy.yaml`:
- Line 3: Update the YAML "description" field to replace the generic text with a
clearer statement that this container provides Authentik forward authentication
to protect upstream applications (e.g., mention forward authentication,
protecting apps, and any relevant auth protocols like OAuth2/OpenID Connect);
locate and edit the description key in the authentik-proxy container manifest
(the existing "description" entry) to a concise, explicit sentence conveying
that responsibility.
In `@containers/authentik-worker.yaml`:
- Around line 1-3: Update the YAML description field to clearly state the worker
responsibilities instead of the vague "A container for Authentik worker
services": change the description value used alongside name: Authentik-Worker
(and keep version: 2.5.0) to something like "Background worker for Authentik:
handles email delivery, task queue processing, database migrations, and
scheduled jobs" so reviewers and operators immediately understand the worker's
role.
In `@containers/authentik.yaml`:
- Line 3: Update the generic "description" value to clearly state the
container's purpose as an authentication/identity provider; modify the
description key (the "description" field currently set to "A container for
Authentik services") to a more specific summary like "Authentik authentication
and identity provider container for managing user SSO, OAuth2/OIDC, and access
policies" so it accurately reflects Authentik's functionality.
In `@containers/autoxpose.yaml`:
- Line 3: Update the top-level description value in containers/autoxpose.yaml
(the "description" field) to clearly state that autoxpose provides automatic DNS
and reverse-proxy configuration (e.g., mention "automatic DNS/reverse-proxy
configuration" or similar) so the file documents the PR objective rather than
the generic "A container for autoxpose services."
In `@containers/healarr.yaml`:
- Line 3: Update the YAML description field to explicitly state Healarr's role
as a media indexer: replace the generic "A container for healarr services"
description with something like "A container for Healarr media indexer" (or
"Healarr media indexer service") in the description key so the manifest
accurately reflects functionality.
In `@containers/portracker.yaml`:
- Line 1: The manifest's name field uses lowercase "portracker"; change the
display name to title-case "Portracker" so it matches project-style casing used
elsewhere—update the YAML value for the name key (currently "portracker") to
"Portracker" and verify any related manifest references that consume this name
string still behave as expected.
In `@tools/automation.ts`:
- Around line 371-390: The Healarr tool object (id "healarr") is missing the
optional icon property used across other DockerTool entries; add an icon: string
field to that object (the same object containing name "Healarr" and
composeContent) pointing to a publicly hosted SVG/PNG (for example the project’s
repo or a simpleicons/github-hosted asset) so the UI displays a consistent icon
for Healarr.
In `@tools/management.ts`:
- Around line 266-282: The Portracker service definition in composeContent
(service name "portracker", fields pid, cap_add, and security_opt) requests
elevated privileges (pid: "host", cap_add: SYS_PTRACE and SYS_ADMIN,
security_opt: apparmor:unconfined); update the surrounding description or
documentation string to explicitly call out these security implications and why
they are required, e.g., mention that portracker needs host PID and ptrace/admin
capabilities for port discovery and that AppArmor is disabled, and include
guidance or warnings for operators about trust, host exposure, and alternative
deployment recommendations.
- Around line 196-206: The docker-compose snippet in composeContent contains
hardcoded example credentials ("password") in the PRIMARY and REPLICAS env
values; update the template to remove plaintext example passwords and use
template variables instead (e.g., PRIMARY_URL, PRIMARY_AUTH, REPLICAS_URLS,
REPLICAS_AUTHS or similar) so callers must supply credentials at runtime; modify
the composeContent string in tools/management.ts (the composeContent constant)
to replace the literal "http://ph1.example.com|password" and similar entries
with variable placeholders and document the expected format in the surrounding
template text.
- Around line 303-306: Update the docker.sock volume mount so the container only
gets read-only access: locate the volumes list where
"/var/run/docker.sock:/var/run/docker.sock" is declared (in the management
template that defines volumes) and change that mapping to include the :ro flag
(i.e., "/var/run/docker.sock:/var/run/docker.sock:ro") to enforce least
privilege like other tools (panelio, autoxpose, portracker).
In `@tools/other.ts`:
- Around line 874-907: The description for the authentik entry (id "authentik")
fails to note required external services; update the description string to
explicitly state that Authentik requires external Redis and PostgreSQL instances
(referencing AUTHENTIK_REDIS__HOST and AUTHENTIK_POSTGRESQL__* environment
variables found in composeContent) and that users must provide connection
details or run those services separately to avoid connection failures; keep the
existing setup hint (/if/flow/initial-setup/) and briefly mention the relevant
env vars (AUTHENTIK_REDIS__HOST, AUTHENTIK_POSTGRESQL__HOST,
AUTHENTIK_POSTGRESQL__USER, AUTHENTIK_POSTGRESQL__NAME,
AUTHENTIK_POSTGRESQL__PASSWORD) so deployers know the prerequisites.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 10eca6ea-74cd-46d8-9104-135f708a7ce3
📒 Files selected for processing (21)
LICENSEcontainers/alloy.yamlcontainers/arcane.yamlcontainers/authentik-proxy.yamlcontainers/authentik-worker.yamlcontainers/authentik.yamlcontainers/autoxpose.yamlcontainers/healarr.yamlcontainers/lnkdocker.yamlcontainers/mediacms.yamlcontainers/nebula_sync.yamlcontainers/nowasp_pentest_target.yamlcontainers/octoeverywhere_elegoo_connect.yamlcontainers/panelio.yamlcontainers/portracker.yamlcontainers/shadowbroker.yamlcontainers/zoraxy.yamltools/automation.tstools/management.tstools/monitoring.tstools/other.ts
| @@ -0,0 +1,3 @@ | |||
| name: Alloy | |||
| version: 2.0.5 | |||
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Description: Verify Grafana Alloy image tag in compose content
echo "=== Checking Alloy/Grafana Alloy image tag ==="
rg -A 3 "image:.*alloy" tools/Repository: ajnart/dcm
Length of output: 291
🏁 Script executed:
#!/bin/bash
# Check if containers/alloy.yaml exists and examine its content
find . -name "alloy.yaml" -o -name "alloy.yml" | head -20Repository: ajnart/dcm
Length of output: 77
🏁 Script executed:
#!/bin/bash
# Show the full content of the tools/monitoring.ts file to understand the context
cat -n tools/monitoring.ts | head -50Repository: ajnart/dcm
Length of output: 2313
🏁 Script executed:
#!/bin/bash
# Search for any references to version 2.0.5 in the codebase
rg "2\.0\.5" --type yaml --type ts --type jsonRepository: ajnart/dcm
Length of output: 90
🏁 Script executed:
#!/bin/bash
# Read the full content of containers/alloy.yaml
cat -n containers/alloy.yamlRepository: ajnart/dcm
Length of output: 157
🏁 Script executed:
#!/bin/bash
# Check the exact section in tools/monitoring.ts where the alloy image is referenced
rg -B 5 -A 10 "alloy" tools/monitoring.tsRepository: ajnart/dcm
Length of output: 1165
Pin Docker image tag to match manifest version.
The manifest specifies version 2.0.5 in containers/alloy.yaml, but tools/monitoring.ts generates a Docker Compose template using grafana/alloy:latest. Update the image tag to grafana/alloy:2.0.5 to maintain consistency and prevent unpredictable behavior from using the latest tag.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@containers/alloy.yaml` at line 2, The Docker image tag in the generated
Docker Compose template is pinned to "grafana/alloy:latest" in
tools/monitoring.ts; change that literal to "grafana/alloy:2.0.5" (or otherwise
read the manifest version and inject it) so the generated compose matches the
manifest version 2.0.5; locate the image string in the function that builds the
Grafana/Alloy compose (search for "grafana/alloy:latest" or the compose/template
generator) and replace it with "grafana/alloy:2.0.5".
Comment on lines
+1
to
+3
| name: lnkdocker | ||
| version: 2.7.0 | ||
| description: A container for lnkdocker services |
There was a problem hiding this comment.
Scope mismatch: lnkdocker was documented as skipped but is added here.
Line 1–3 adds a new lnkdocker container manifest even though the PR objective says issue #67 was skipped due to invalid submission format. Please reconcile this by removing the file or correcting the PR scope/status notes.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@containers/lnkdocker.yaml` around lines 1 - 3, The lnkdocker manifest was
added despite PR notes stating issue `#67` was skipped; either remove the newly
added lnkdocker manifest (the file that defines name: lnkdocker, version: 2.7.0,
description: A container for lnkdocker services) from the commit or update the
PR description/commit message to reflect that this file is intentionally
included and not skipped—ensure consistency between the PR scope/status and the
presence of the lnkdocker manifest so reviewers see the correct intended change.
Comment on lines
+1
to
+3
| name: Mediacms | ||
| version: 3.1.0 | ||
| description: A container for Mediacms services |
There was a problem hiding this comment.
Scope mismatch: Mediacms was documented as skipped but is added here.
Line 1–3 introduces a Mediacms manifest, which conflicts with the PR objective note that issue #22 was intentionally skipped. Please either remove this file or update the PR objective/issue status to reflect that Mediacms is now intentionally included.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@containers/mediacms.yaml` around lines 1 - 3, The Mediacms manifest (the
"Mediacms" entry with version 3.1.0 and description) was added despite the PR
note that issue `#22` was skipped; either remove this Mediacms manifest entirely
or update the PR description and issue tracker to state that Mediacms is now
intentionally included — if keeping it, ensure the PR body and issue `#22`
status/comment explicitly reflect the inclusion and rationale so the change is
not out-of-sync with project scope.
| @@ -0,0 +1,3 @@ | |||
| name: shadowbroker | |||
| version: 1.0.0 | |||
| description: A powerful shadowbroker container for secure communications | |||
There was a problem hiding this comment.
Correct the misleading description.
The description states "secure communications," but according to the PR objectives, Shadowbroker is an "OSINT" (Open Source Intelligence) tool. OSINT focuses on gathering and analyzing publicly available information, not secure communications.
📝 Proposed fix
-description: A powerful shadowbroker container for secure communications
+description: Open Source Intelligence (OSINT) gathering and analysis tool📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| description: A powerful shadowbroker container for secure communications | |
| description: Open Source Intelligence (OSINT) gathering and analysis tool |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@containers/shadowbroker.yaml` at line 3, Update the YAML "description" field
in shadowbroker.yaml to accurately reflect the project's purpose: replace the
current "A powerful shadowbroker container for secure communications" with a
concise OSINT-focused description (e.g., mention "OSINT" or "Open Source
Intelligence" and that it gathers/analyzes publicly available information) so
the description matches the PR objectives and purpose of Shadowbroker.
Comment on lines
+338
to
+347
| volumes: | ||
| - \${CONFIG_PATH}/alloy/config.alloy:/etc/alloy/config.alloy:ro | ||
| - /var/run/docker.sock:/var/run/docker.sock | ||
| - /var/log:/var/log:ro | ||
| command: | ||
| - run | ||
| - --server.http.listen-addr=0.0.0.0:12345 | ||
| - --storage.path=/var/lib/alloy/data | ||
| - /etc/alloy/config.alloy | ||
| restart: \${RESTART_POLICY}`, |
There was a problem hiding this comment.
Storage path not persisted and missing TZ variable.
Two issues with this compose template:
-
The command specifies
--storage.path=/var/lib/alloy/databut no volume is mounted to persist this data. Alloy's collected metrics/state will be lost on container restart. -
Missing
TZenvironment variable, which other monitoring tools include.
🔧 Proposed fix
composeContent: `services:
alloy:
image: grafana/alloy:latest
container_name: \${CONTAINER_PREFIX}alloy
ports:
- "12345:12345"
volumes:
- \${CONFIG_PATH}/alloy/config.alloy:/etc/alloy/config.alloy:ro
- /var/run/docker.sock:/var/run/docker.sock
- /var/log:/var/log:ro
+ - \${DATA_PATH}/alloy:/var/lib/alloy/data
+ environment:
+ - TZ=\${TZ}
command:
- run
- --server.http.listen-addr=0.0.0.0:12345
- --storage.path=/var/lib/alloy/data
- /etc/alloy/config.alloy
restart: \${RESTART_POLICY}`,📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| volumes: | |
| - \${CONFIG_PATH}/alloy/config.alloy:/etc/alloy/config.alloy:ro | |
| - /var/run/docker.sock:/var/run/docker.sock | |
| - /var/log:/var/log:ro | |
| command: | |
| - run | |
| - --server.http.listen-addr=0.0.0.0:12345 | |
| - --storage.path=/var/lib/alloy/data | |
| - /etc/alloy/config.alloy | |
| restart: \${RESTART_POLICY}`, | |
| volumes: | |
| - \${CONFIG_PATH}/alloy/config.alloy:/etc/alloy/config.alloy:ro | |
| - /var/run/docker.sock:/var/run/docker.sock | |
| - /var/log:/var/log:ro | |
| - \${DATA_PATH}/alloy:/var/lib/alloy/data | |
| environment: | |
| - TZ=\${TZ} | |
| command: | |
| - run | |
| - --server.http.listen-addr=0.0.0.0:12345 | |
| - --storage.path=/var/lib/alloy/data | |
| - /etc/alloy/config.alloy | |
| restart: \${RESTART_POLICY}`, |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@tools/monitoring.ts` around lines 338 - 347, The docker-compose fragment
defines a command with --storage.path=/var/lib/alloy/data but does not mount a
host volume for that path and also lacks a TZ environment variable; update the
service definition referenced by the command and volumes blocks to add a
persistent volume mapping for /var/lib/alloy/data (e.g., map a host dir or named
volume to /var/lib/alloy/data in the volumes section) and add an environment
entry (e.g., TZ) in the service env block so timezones are explicit and
consistent with other monitoring services.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR resolves 17 open issues by adding 15 new container definitions, fixing an incorrect category, and adding the missing LICENSE file. Each container was normalized to use the project's template variable style (
${CONTAINER_PREFIX},${CONFIG_PATH},${DATA_PATH},${RESTART_POLICY},${TZ}, etc.).New Containers Added
tools/monitoring.tstools/management.tstools/other.tstools/other.tstools/management.tstools/automation.tstools/management.tstools/management.tstools/automation.tstools/other.tstools/other.tstools/other.tstools/management.tstools/other.tstools/management.tsFixes
MediatoOtherand fixed description — it is a German public transit app, not a TV show tracker.licensefield already declared inpackage.json.Skipped Issues
Dockerfile(FROM node:18-alpine), not a validdocker-compose.yml. Cannot be added without a proper compose definition.Closes
Closes #31
Closes #32
Closes #36
Closes #37
Closes #38
Closes #39
Closes #65
Closes #66
Closes #68
Closes #69
Closes #70
Closes #80
Closes #83
Closes #84
Closes #85
Closes #86
Closes #87
Summary by CodeRabbit
Release Notes
New Features
Chores