nase
/
gateway
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Stable.

This commit is contained in:
root 2026-01-30 16:35:32 -06:00
commit b43880fafa
21 changed files with 702 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
.gitignore vendored Normal file
View File

@ -0,0 +1,25 @@
*
!.gitignore
!ddns.sh
!nginx-proxy/
!nginx-proxy/docker-compose.yml
!nginx-proxy/conf.d
!nginx-proxy/conf.d/*
!mqtt-broker/
!mqtt-broker/mosquitto/
!mqtt-broker/mosquitto/config
!mqtt-broker/mosquitto/config/mosquitto.conf
!mqtt-broker/mosquitto/config/password.txt
!mqtt-broker/docker-compose.yml
!homeassistant/
!homeassistant/docker-compose.yml
!zwavejs/
!zwavejs/docker-compose.yml
!beszel/
!beszel/docker-compose.yml

25
beszel/docker-compose.yml Normal file
View File

@ -0,0 +1,25 @@
services:
beszel:
image: henrygd/beszel
container_name: beszel
restart: unless-stopped
ports:
- 8090:8090
volumes:
- ./beszel_data:/beszel_data
beszel-agent:
image: henrygd/beszel-agent
container_name: beszel-agent
restart: unless-stopped
network_mode: host
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./beszel_agent_data:/var/lib/beszel-agent
# monitor other disks / partitions by mounting a folder in /extra-filesystems
# - /mnt/disk/.beszel:/extra-filesystems/sda1:ro
environment:
LISTEN: 45876
KEY: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE+dzh2ruWrqxVsXXWKYM7FcajNV7+3cz/6V+Hkfzwvr'
TOKEN: 3ca1b-5cc7a7a4e-39f3e-f1dbbd32a
HUB_URL: http://192.168.1.98:8090

98
ddns.sh Executable file
View File

@ -0,0 +1,98 @@
#!/bin/bash
# ============================================================================
# DYNAMIC DNS UPDATER FOR NAMECHEAP (MULTI-DOMAIN)
# ============================================================================
# Configuration - Edit these values
# ============================================================================
# Define your domains/hosts as an array of space-separated strings
# Format: "HOSTNAME:DOMAIN:PASSWORD"
# Use '@' for root domain, 'sub' for subdomain (e.g., 'home', 'video')
DOMAINS=(
"home:seanowiecki.com:d7b38fc4de474e81a79a309824aa8e2a"
"video:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"frigate:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"survey:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"memos:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"openwebui:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"immich:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"matrix:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"minecraft:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"chat:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"bentopdf:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"home:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"nextcloud:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"obico:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"obsidian:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"qr:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"cachet:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"grafana:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"valheim:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"satisfactory:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"vpn:atomic6.net:2a687057401f4401b4248d1d31b2ba81"
"salt:nase.dev:1fa7b1a67d404b339e38107db98c87f0"
"gitea:nase.dev:1fa7b1a67d404b339e38107db98c87f0"
)
# IP checking service (choose one that works reliably for you)
IP_SERVICE="https://api.ipify.org" # Alternatives: "https://ifconfig.io/ip", "https://icanhazip.com"
# ============================================================================
# Script Core - Do not edit below unless you know what you're doing
# ============================================================================
# Get current public IP
echo "[$(date)] Checking public IP..."
CURRENT_IP=$(curl -s "$IP_SERVICE")
if [ -z "$CURRENT_IP" ]; then
echo "[$(date)] ERROR: Could not fetch public IP. Check network or IP service."
exit 1
fi
echo "[$(date)] Current public IP: $CURRENT_IP"
# Process each domain entry
for ENTRY in "${DOMAINS[@]}"; do
# Split the entry into components
IFS=":" read -r HOSTNAME DOMAIN PASSWORD <<< "$ENTRY"
# Create a unique identifier for this host/domain combination
RECORD_ID="${HOSTNAME}.${DOMAIN}"
# File to store last IP for this specific record
IP_FILE="/tmp/last_ip_${RECORD_ID//[^a-zA-Z0-9]/_}.txt"
# Read last recorded IP if file exists
if [ -f "$IP_FILE" ]; then
LAST_IP=$(cat "$IP_FILE")
else
LAST_IP=""
fi
# Update only if IP has changed
if [ "$CURRENT_IP" != "$LAST_IP" ]; then
echo "[$(date)] IP changed for $RECORD_ID ($LAST_IP$CURRENT_IP). Updating..."
# Call Namecheap's API
RESPONSE=$(curl -s "https://dynamicdns.park-your-domain.com/update?host=$HOSTNAME&domain=$DOMAIN&password=$PASSWORD&ip=$CURRENT_IP")
# Check response for success
if echo "$RESPONSE" | grep -q "<ErrCount>0</ErrCount>"; then
echo "[$(date)] ✓ Successfully updated $RECORD_ID"
echo "$CURRENT_IP" > "$IP_FILE"
else
# Extract error message from response
ERROR=$(echo "$RESPONSE" | grep -o "<Err1>.*</Err1>" | sed 's/<Err1>\(.*\)<\/Err1>/\1/')
echo "[$(date)] ✗ Failed to update $RECORD_ID: $ERROR"
fi
# Optional: Log full response for debugging
# echo "API Response: $RESPONSE"
else
echo "[$(date)] IP unchanged for $RECORD_ID ($CURRENT_IP). Skipping."
fi
done
echo "[$(date)] DDNS update cycle completed."

21
mqtt-broker/docker-compose.yml Normal file
View File

@ -0,0 +1,21 @@
services:
mosquitto:
image: eclipse-mosquitto:latest
container_name: mosquitto
labels:
- "beszel.monitor=true"
- "beszel.service=mosquitto"
restart: unless-stopped
ports:
- "1883:1883" # Main MQTT port for all devices
- "9001:9001" # WebSocket port (optional)
volumes:
- ./mosquitto/config:/mosquitto/config
- ./mosquitto/data:/mosquitto/data
- ./mosquitto/log:/mosquitto/log
networks:
- mqtt-network
networks:
mqtt-network:
driver: bridge

8
mqtt-broker/mosquitto/config/mosquitto.conf Normal file
View File

@ -0,0 +1,8 @@
persistence true
persistence_location /mosquitto/data/
log_dest file /mosquitto/log/mosquitto.log
listener 1883 0.0.0.0 # Listen on all network interfaces
# Authentication - Start with this to test, then add passwords
allow_anonymous true
password_file /mosquitto/config/password.txt

1
mqtt-broker/mosquitto/config/password.txt Normal file
View File

@ -0,0 +1 @@
nase:$7$101$6qku4pTCy9Z/iAYo$NNZNmy3ZSRj9FVZG6rkfMJu8Lk4eD3HUaR8oYtdNwm8NCF99VE6PR9PXoviw9DDsfh1DtHpUt34QdxjW7ZvPTQ==

15
nginx-proxy/conf.d/00-acme-challenge.conf Normal file
View File

@ -0,0 +1,15 @@
server {
listen 80;
listen [::]:80;
server_name _; # Catch-all
location /.well-known/acme-challenge/ {
root /var/www/html;
try_files $uri =404;
}
# Redirect ALL HTTP traffic to HTTPS (using the original host)
location / {
return 301 https://$host$request_uri;
}
}

27
nginx-proxy/conf.d/bentopdf.atomic6.net.conf Normal file
View File

@ -0,0 +1,27 @@
server {
listen 80;
server_name bentopdf.atomic6.net;
# Let's Encrypt challenge path
location /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
try_files $uri =404;
}
# Redirect all other traffic to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl;
server_name bentopdf.atomic6.net;
ssl_certificate /etc/letsencrypt/live/bentopdf.atomic6.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/bentopdf.atomic6.net/privkey.pem;
location / {
proxy_pass http://192.168.1.208:3000;
proxy_set_header Host $host;
}
}

27
nginx-proxy/conf.d/frigate.atomic6.net.conf Normal file
View File

@ -0,0 +1,27 @@
server {
listen 80;
server_name frigate.atomic6.net;
# Let's Encrypt challenge path
location /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
try_files $uri =404;
}
# Redirect ALL other HTTP traffic to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
}
# HTTPS server block (can remain as is)
server {
listen 443 ssl;
server_name frigate.atomic6.net;
ssl_certificate /etc/letsencrypt/live/frigate.atomic6.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/frigate.atomic6.net/privkey.pem;
location / {
proxy_pass http://192.168.1.131:8971;
proxy_set_header Host $host;
}
}

27
nginx-proxy/conf.d/gitea.nase.dev.conf Normal file
View File

@ -0,0 +1,27 @@
server {
listen 80;
server_name gitea.nase.dev;
location /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
try_files $uri =404;
}
# Redirect all other traffic to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl;
server_name gitea.nase.dev;
ssl_certificate /etc/letsencrypt/live/gitea.nase.dev/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/gitea.nase.dev/privkey.pem;
location / {
proxy_pass http://192.168.1.208:3005;
proxy_set_header Host $host;
}
}

84
nginx-proxy/conf.d/home-assistant.conf Normal file
View File

@ -0,0 +1,84 @@
# HTTP Server Block - REQUIRED for Let's Encrypt and redirects
server {
listen 80;
# listen [::]:80;
server_name home.seanowiecki.com;
# Location for Let's Encrypt HTTP-01 challenge renewal
# This path must match the webroot path used by the certbot command
location /.well-known/acme-challenge/ {
root /var/www/html;
# Ensure this directory exists in your nginx container
try_files $uri =404;
}
# Redirect ALL other HTTP traffic to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
}
# HTTPS Server Block - Your existing config, corrected
server {
listen 443 ssl;
http2 on;
server_name home.seanowiecki.com;
# SSL Configuration
ssl_certificate /etc/letsencrypt/live/home.seanowiecki.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/home.seanowiecki.com/privkey.pem;
# SSL Settings (your existing settings are good)
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1d;
# Proxy configuration for Home Assistant
location / {
proxy_pass http://192.168.1.98:8123; # Use your Docker service name or IP
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Essential WebSocket support headers[citation:2]
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# DISABLE buffering for the initial response
proxy_buffering off;
# CRITICAL: Increase timeouts for the initial data load[citation:3]
proxy_read_timeout 86400s; # Keep connections alive for a long time
proxy_send_timeout 86400s;
proxy_connect_timeout 30s;
# Optimize buffers for data transfer
# proxy_buffering off;
# proxy_buffer_size 128k;
# proxy_buffers 4 256k;
# proxy_busy_buffers_size 256k;
# Ensure nginx doesn't buffer WebSocket frames
proxy_http_version 1.1;
}
location /api/websocket {
proxy_pass http://192.168.1.98:8123;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 86400s; # Keep WS connection alive
}
# Security headers
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
}

28
nginx-proxy/conf.d/immich.atomic6.net.conf Normal file
View File

@ -0,0 +1,28 @@
server {
listen 80;
server_name immich.atomic6.net;
# Let's Encrypt challenge path
location /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
try_files $uri =404;
}
# Redirect all other traffic to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl;
server_name immich.atomic6.net;
ssl_certificate /etc/letsencrypt/live/immich.atomic6.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/immich.atomic6.net/privkey.pem;
client_max_body_size 0;
location / {
proxy_pass http://192.168.1.208:2283;
proxy_set_header Host $host;
}
}

74
nginx-proxy/conf.d/jellyfin.conf Normal file
View File

@ -0,0 +1,74 @@
server {
listen 80;
server_name video.atomic6.net;
# Let's Encrypt challenge path
location /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
try_files $uri =404;
}
# Redirect all other traffic to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl;
http2 on;
server_name video.atomic6.net;
# SSL Configuration
ssl_certificate /etc/letsencrypt/live/home.seanowiecki.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/home.seanowiecki.com/privkey.pem;
# SSL Settings
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
# Media server proxy configuration
location / {
proxy_pass http://192.168.1.131:8096;
# Essential headers
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port 443;
# Disable SSL verification for backend
proxy_ssl_verify off;
proxy_ssl_server_name on;
# WebSocket support
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Timeouts for media streaming
proxy_connect_timeout 30s;
proxy_send_timeout 30s;
proxy_read_timeout 30s;
proxy_buffering off;
# Allow large file uploads/downloads
client_max_body_size 0;
}
# Explicit WebSocket endpoint
location /ws {
proxy_pass http://192.168.1.131:8096/ws;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_read_timeout 86400s;
}
# Security headers
add_header X-Frame-Options SAMEORIGIN;
add_header Referrer-Policy same-origin;
}

26
nginx-proxy/conf.d/memos.atomic6.net.conf Normal file
View File

@ -0,0 +1,26 @@
server {
listen 80;
server_name memos.atomic6.net;
# Let's Encrypt challenge path
location /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
try_files $uri =404;
}
# Redirect all other traffic to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl;
server_name memos.atomic6.net;
ssl_certificate /etc/letsencrypt/live/memos.atomic6.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/memos.atomic6.net/privkey.pem;
location / {
proxy_pass http://192.168.1.208:5230;
proxy_set_header Host $host;
}
}

26
nginx-proxy/conf.d/nextcloud.atomic6.net.conf Normal file
View File

@ -0,0 +1,26 @@
server {
listen 80;
server_name nextcloud.atomic6.net;
# Let's Encrypt challenge path
location /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
try_files $uri =404;
}
# Redirect all other traffic to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl;
server_name nextcloud.atomic6.net;
ssl_certificate /etc/letsencrypt/live/nextcloud.atomic6.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/nextcloud.atomic6.net/privkey.pem;
location / {
proxy_pass http://192.168.1.131:8081;
proxy_set_header Host $host;
}
}

29
nginx-proxy/conf.d/openwebui.atomic6.net.conf Normal file
View File

@ -0,0 +1,29 @@
server {
listen 80;
server_name openwebui.atomic6.net;
# Let's Encrypt challenge path
location /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
try_files $uri =404;
}
# Redirect all other traffic to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl;
server_name openwebui.atomic6.net;
ssl_certificate /etc/letsencrypt/live/openwebui.atomic6.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/openwebui.atomic6.net/privkey.pem;
location / {
proxy_pass http://192.168.1.131:3000;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}

29
nginx-proxy/conf.d/qr.atomic6.net.conf Normal file
View File

@ -0,0 +1,29 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name qr.atomic6.net;
ssl_certificate /etc/letsencrypt/live/qr.atomic6.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/qr.atomic6.net/privkey.pem;
location / {
proxy_pass http://192.168.1.208:3002;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Standard headers for potential API/upgrade support
proxy_http_version 1.1;
proxy_set_header Connection "";
}
}
# HTTP redirect (optional but recommended)
server {
listen 80;
listen [::]:80;
server_name qr.atomic6.net;
return 301 https://$server_name$request_uri;
}

28
nginx-proxy/conf.d/salt.nase.dev.conf Normal file
View File

@ -0,0 +1,28 @@
server {
listen 80;
server_name salt.nase.dev;
# Let's Encrypt challenge path
location /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
try_files $uri =404;
}
# Redirect all other traffic to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl;
server_name salt.nase.dev;
ssl_certificate /etc/letsencrypt/live/salt.nase.dev/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/salt.nase.dev/privkey.pem;
location / {
proxy_pass http://192.168.1.6:3005;
proxy_set_header Host $host;
}
}

59
nginx-proxy/conf.d/survey.atomic6.net.conf Normal file
View File

@ -0,0 +1,59 @@
server {
listen 80;
server_name survey.atomic6.net;
# Let's Encrypt challenge path
location /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
try_files $uri =404;
}
# Redirect all other traffic to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl;
http2 on;
server_name survey.atomic6.net;
add_header X-Debug-Server "survey-config";
ssl_certificate /etc/letsencrypt/live/survey.atomic6.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/survey.atomic6.net/privkey.pem;
# LimeSurvey proxy
location / {
proxy_pass http://192.168.1.208:8080;
# CRITICAL HEADERS for LimeSurvey
proxy_set_header Host $host;
proxy_set_header Accept-Encoding "";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port 443;
# LimeSurvey specific headers
proxy_set_header X-Url-Scheme $scheme;
proxy_set_header X-Forwarded-Ssl on;
# Timeouts
proxy_connect_timeout 300s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
}
# Cache static files
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
proxy_pass http://192.168.1.208:8080;
proxy_set_header Host $host;
proxy_set_header Accept-Encoding "";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
expires 1y;
add_header Cache-Control "public, immutable";
}
}

21
nginx-proxy/docker-compose.yml Normal file
View File

@ -0,0 +1,21 @@
services:
nginx-proxy:
image: nginx:alpine
container_name: nginx-proxy
labels:
- "beszel.monitor=true"
- "beszel.service=nginx"
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- /var/www/html/.well-known/acme-challenge:/var/www/html/.well-known/acme-challenge:ro
- /home/nase/nginx-proxy/conf.d:/etc/nginx/conf.d:ro
- /etc/letsencrypt:/etc/letsencrypt:ro # Mount Let's Encrypt certificates
networks:
- proxy-network
networks:
proxy-network:
driver: bridge

24
zwavejs/docker-compose.yml Normal file
View File

@ -0,0 +1,24 @@
services:
zwave-js-ui:
container_name: zwave-js-ui
image: zwavejs/zwave-js-ui:latest
restart: unless-stopped
tty: true
stop_signal: SIGINT
environment:
- SESSION_SECRET=pacifier-cash-achiness5-reprise
- TZ=America/Chicago
# devices:
# 🔧 CRITICAL: Replace with your Z-Wave stick's path
# - '/dev/serial/by-id/usb-<YOUR_SPECIFIC_STICK_REFERENCE>:/dev/zwave'
volumes:
# 💾 Persists Z-Wave network data and configuration
- ./zwavejs-store:/usr/src/app/store
ports:
- "8091:8091" # Web interface
- "3000:3000" # Z-Wave JS WebSocket server (for HA)
networks:
- homeautomation_net
networks:
homeautomation_net:
external: true