Update docker.io/library/postgres Docker tag to v18.2

.archived/adguardhome/.env

@@ -0,0 +1,6 @@
+# Paths
+APPDATA_PATH=/home/username/appdata
+
+# Ports
+DNS_PORT=53
+ADMIN_PORT=

.archived/bytestash/.env

@@ -0,0 +1,14 @@
+# Environment Variables
+JWT_SECRET=
+TOKEN_EXPIRY=
+ALLOW_NEW_ACCOUNTS=
+DEBUG=
+DISABLE_ACCOUNTS=
+DISABLE_INTERNAL_ACCOUNTS=
+OIDC_ENABLED=
+
+# Paths
+APPDATA_PATH=/home/username/appdata
+
+# Ports
+PORT=

.archived/caddy-cloudflare-ddns/docker-compose.yml

@@ -0,0 +1,25 @@
+services:
+  caddy:
+    image: docker.io/ryuupendragon/caddy-cloudflare-ddns:2.10.0
+    container_name: caddy
+    cap_add:
+      - NET_ADMIN
+    environment:
+      - CLOUDFLARE_API_TOKEN=${CLOUDFLARE_API_TOKEN}
+    volumes:
+      - ${APPDATA_PATH}/caddy/caddy-file:/etc/caddy
+      - ${APPDATA_PATH}/caddy/caddy-config:/config
+      - ${APPDATA_PATH}/caddy/caddy-data:/data
+      - ${APPDATA_PATH}/caddy/caddy-logs:/logs
+      - ${APPDATA_PATH}/caddy/caddy-srv:/srv
+    ports:
+      - ${HTTP_PORT}:80
+      - ${HTTPS_PORT}:443
+      - ${HTTPS_PORT}:443/udp
+    networks:
+      - frontend
+    restart: unless-stopped
+
+networks:
+  frontend:
+    external: true

.archived/forgejo/docker-compose.yml

@@ -0,0 +1,44 @@
+services:
+  forgejo_db:
+    image: docker.io/library/mariadb:11.7.2
+    container_name: forgejo_db
+    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb-file-per-table=1 --skip-innodb-read-only-compressed
+    environment:
+      - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
+      - MYSQL_USER=${MYSQL_USER}
+      - MYSQL_PASSWORD=${MYSQL_PASSWORD}
+      - MYSQL_DATABASE=${MYSQL_DATABASE}
+    volumes:
+      - ${APPDATA_PATH}/forgejo/db:/var/lib/mysql
+    ports:
+      - ${DB_PORT}:3306
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"]
+      start_period: 10s
+      interval: 10s
+      timeout: 5s
+      retries: 3
+
+  forgejo_server:
+    image: codeberg.org/forgejo/forgejo:11.0.1-rootless
+    container_name: forgejo_server
+    depends_on:
+      forgejo_db:
+        condition: service_healthy
+    user: ${PUID}:${PGID}
+    environment:
+      - FORGEJO__database__DB_TYPE=mysql
+      - FORGEJO__database__HOST=forgejo_db
+      - FORGEJO__database__NAME=${MYSQL_DATABASE}
+      - FORGEJO__database__USER=${MYSQL_USER}
+      - FORGEJO__database__PASSWD=${MYSQL_PASSWORD}
+    volumes:
+      - ${APPDATA_PATH}/forgejo/config:/etc/gitea
+      - ${APPDATA_PATH}/forgejo/data:/var/lib/gitea
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - ${SERVER_PORT}:3000
+      - ${SSH_PORT}:22
+    restart: unless-stopped

.archived/jellystat/compose.yaml

@@ -1,56 +0,0 @@
-services:
-  jellystat_db:
-    container_name: jellystat_db
-    image: docker.io/library/postgres:18.2@sha256:9b5bd946f3a507db72c55959700e517463e8d5dbb6f7eb30d920d5bcf6951431
-    restart: unless-stopped
-    shm_size: '1gb'
-    environment:
-      - POSTGRES_USER=${POSTGRES_USER}
-      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
-      - POSTGRES_DB=${POSTGRES_DB}
-      - PGDATA=/var/lib/postgresql/18/docker
-    volumes:
-      - ${APPDATA_PATH}/jellystat/db:/var/lib/postgresql
-    networks:
-      - backend
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -d ${POSTGRES_DB} -U ${POSTGRES_USER}"]
-      interval: 10s
-      timeout: 5s
-      retries: 3
-      start_period: 10s
-
-  jellystat:
-    container_name: jellystat
-    image: ghcr.io/cyfershepard/jellystat:1.1.8@sha256:c8c451704ba7985340142cd047e2364cabaf41b613669b6c5340688ed217f82a
-    restart: unless-stopped
-    depends_on:
-      jellystat-db:
-        condition: service_healthy
-    environment:
-      - POSTGRES_USER=${POSTGRES_USER}
-      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
-      - POSTGRES_DB=${POSTGRES_DB}
-      - POSTGRES_IP=jellystat_db
-      - POSTGRES_PORT=5432
-      - JWT_SECRET=${JWT_SECRET}
-      - TZ=${TZ}
-    volumes:
-      - ${APPDATA_PATH}/jellystat/backup-data:/app/backend/backup-data
-    ports:
-      - ${PORT}:3000
-    networks:
-      - frontend
-      - backend
-    healthcheck:
-      test: wget --no-verbose --tries=1 --spider http://localhost:3000/auth/isConfigured || exit 1
-      interval: 60s
-      timeout: 30s
-      retries: 5
-      start_period: 30s
-
-networks:
-  frontend:
-    external: true
-  backend:
-    external: true

.archived/open-webui/compose.yaml

@@ -1,19 +0,0 @@
-services:
-  open-webui:
-    container_name: open-webui
-    image: ghcr.io/open-webui/open-webui:v0.8.8-ollama@sha256:781938633d6d445daa489fcdc0c1988c4c875e6358175f484fdd8a89aa152503
-    restart: unless-stopped
-    environment:
-      - OLLAMA_BASE_URL=${OLLAMA_BASE_URL}
-      - WEBUI_SECRET_KEY=${WEBUI_SECRET_KEY}
-      - WEBUI_AUTH=true
-    volumes:
-      - ${APPDATA_PATH}/open-webui/data:/app/backend/data
-    ports:
-      - ${PORT}:8080
-    networks:
-      - frontend
-
-networks:
-  frontend:
-    external: true

.archived/tinyauth/compose.yaml

@@ -1,26 +0,0 @@
-services:
-  tinyauth:
-    container_name: tinyauth
-    image: ghcr.io/steveiliop56/tinyauth:v5.0.1
-    restart: unless-stopped
-    environment:
-      - TINYAUTH_APPURL=${TINYAUTH_APPURL}
-      - TINYAUTH_ANALYTICS_ENABLED=${TINYAUTH_ANALYTICS_ENABLED}
-      - TINYAUTH_OAUTH_PROVIDERS_POCKETID_NAME=${TINYAUTH_OAUTH_PROVIDERS_POCKETID_NAME}
-      - TINYAUTH_OAUTH_PROVIDERS_POCKETID_CLIENTID=${TINYAUTH_OAUTH_PROVIDERS_POCKETID_CLIENTID}
-      - TINYAUTH_OAUTH_PROVIDERS_POCKETID_CLIENTSECRET=${TINYAUTH_OAUTH_PROVIDERS_POCKETID_CLIENTSECRET}
-      - TINYAUTH_OAUTH_PROVIDERS_POCKETID_AUTHURL=${TINYAUTH_OAUTH_PROVIDERS_POCKETID_AUTHURL}
-      - TINYAUTH_OAUTH_PROVIDERS_POCKETID_TOKENURL=${TINYAUTH_OAUTH_PROVIDERS_POCKETID_TOKENURL}
-      - TINYAUTH_OAUTH_PROVIDERS_POCKETID_USERINFOURL=${TINYAUTH_OAUTH_PROVIDERS_POCKETID_USERINFOURL}
-      - TINYAUTH_OAUTH_PROVIDERS_POCKETID_SCOPES=${TINYAUTH_OAUTH_PROVIDERS_POCKETID_SCOPES}
-      - TINYAUTH_OAUTH_PROVIDERS_POCKETID_REDIRECTURL=${TINYAUTH_OAUTH_PROVIDERS_POCKETID_REDIRECTURL}
-    volumes:
-      - ${APPDATA_PATH}/tinyauth/data:/data
-    ports:
-      - ${PORT}:3000
-    networks:
-      - frontend
-
-networks:
-  frontend:
-    external: true

.archived/tinyauth/docker-compose.yml

@@ -0,0 +1,21 @@
+services:
+  tinyauth:
+    container_name: tinyauth
+    image: ghcr.io/steveiliop56/tinyauth:v3.6.2
+    restart: unless-stopped
+    environment:
+      - SECRET=${SECRET}
+      - APP_URL=${APP_URL}
+      - GENERIC_NAME=${GENERIC_NAME}
+      - GENERIC_CLIENT_ID=${GENERIC_CLIENT_ID}
+      - GENERIC_CLIENT_SECRET=${GENERIC_CLIENT_SECRET}
+      - GENERIC_AUTH_URL=${GENERIC_AUTH_URL}
+      - GENERIC_TOKEN_URL=${GENERIC_TOKEN_URL}
+      - GENERIC_USER_URL=${GENERIC_USER_URL}
+      - GENERIC_SCOPES=${GENERIC_SCOPES}
+    networks:
+      - frontend
+
+networks:
+  frontend:
+    external: true

.templates/valkey-without-pswd.yml

@@ -9,7 +9,7 @@ services:
     ports:
       - ${VALKEY_PORT}:6379
     healthcheck:
-      test: ["CMD-SHELL", "valkey-cli ping | grep PONG"]
+      test: ["CMD-SHELL", valkey-cli ping | grep PONG"]
       interval: 10s
       timeout: 5s
       retries: 3

adminer/compose.yaml

@@ -1,7 +1,7 @@
 services:
   adminer:
     container_name: adminer
-    image: docker.io/library/adminer:5.4.2@sha256:16a72c6140f64d00a3a9edf8d3d3b18a7b0a29ca31b0453378d9eb71f01f9e34
+    image: docker.io/library/adminer:5.4.2@sha256:2fb88b98da9f0ae0157d8fcb73f447a0747b09ee8d2ff8a8e0695b30afed2116
     restart: unless-stopped
     ports:
       - ${PORT}:8080

backrest/compose.yaml

@@ -1,7 +1,7 @@
 services:
   backrest:
     container_name: backrest
-    image: docker.io/garethgeorge/backrest:v1.12.1@sha256:f4d34bd6fa985d13bdb6c01c5d8727e07708899afa9567d800808357d77b9fb0
+    image: docker.io/garethgeorge/backrest:v1.11.2@sha256:6ecf25925dafcb6b37ab871d23c1d424a6f5008191a631c0b520641ec22a3f84
     restart: unless-stopped
     hostname: ${HOSTNAME}
     environment:

caddy-cloudflare-ddns-crowdsec/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
   crowdsec:
     container_name: crowdsec
-    image: ghcr.io/crowdsecurity/crowdsec:v1.7.7@sha256:6ca53ad26196ca59ddd4fa692a586b73d8fcde085046163b9ca2f04887dca563
+    image: ghcr.io/crowdsecurity/crowdsec:v1.7.6@sha256:63b595fef92de1778573b375897a45dd226637ee9a3d3db9f57ac7355c369493
     restart: unless-stopped
     environment:
       - BOUNCER_KEY_CADDY=${CROWDSEC_API_KEY}
@@ -23,7 +23,7 @@ services:
 
   caddy:
     container_name: caddy
-    image: ghcr.io/ryuupendragon/caddy-cloudflare-ddns-crowdsec:2.11.2@sha256:ba26a5f05c825d61f5ca6f43de368a3e01013c10b592bfe5fcd187d9328b6289
+    image: ghcr.io/ryuupendragon/caddy-cloudflare-ddns-crowdsec:2.10.2@sha256:6b7f8897b6e43a601dba80147757056f724854cb4abd683417895f338b499675
     restart: unless-stopped
     depends_on:
       crowdsec:

caddy-cloudflare/docker-compose.yml

@@ -1,6 +1,6 @@
 services:
   caddy:
-    image: ghcr.io/ryuupendragon/caddy-cloudflare:2.11.2@sha256:ec153a5ca3522335d21bf144be0aad748b1542bf32198d65444a3ffa67180551
+    image: ghcr.io/ryuupendragon/caddy-cloudflare:2.10.2@sha256:1b1577294c84fa0047d564be75f8566286ebc9cfbaae570328b4b02d451bf7f9
     container_name: caddy
     restart: unless-stopped
     cap_add:

dockhand/docker-compose-agent.yml

@@ -1,13 +1,13 @@
 services:
   hawser:
-    container_name: hawser
-    image: ghcr.io/finsys/hawser:0.2.39@sha256:03c9f31205f7b5ee7aef55bf3058d050fe4ac8a745029c19107eaa0c34ef3422
+    container_name: hawserd
+    image: ghcr.io/finsys/hawser:0.2.27@sha256:63d0a5fb81fe64cc0f7e0cbede54889b114fd3d634d2ee18e0fee89d7854873a
     restart: unless-stopped
     environment:
+      - AGENT_NAME=${AGENT_NAME}
       - TOKEN=${TOKEN}
       - LOG_LEVEL=${LOG_LEVEL}
     volumes:
-      - ./stacks:/data/stacks
       - /var/run/docker.sock:/var/run/docker.sock
     ports:
       - 2376:2376

dockhand/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
   dockhand_db:
     container_name: dockhand_db
-    image: docker.io/library/postgres:18.3@sha256:a9abf4275f9e99bff8e6aed712b3b7dfec9cac1341bba01c1ffdfce9ff9fc34a
+    image: docker.io/library/postgres:18.2@sha256:b6b4d0b75c699a2c94dfc5a94fe09f38630f3b67ab0e1653ede1b7ac8e13c197
     restart: unless-stopped
     environment:
       - POSTGRES_USER=${POSTGRES_USER}
@@ -21,7 +21,7 @@ services:
 
   dockhand:
     container_name: dockhand
-    image: fnsys/dockhand:v1.0.22@sha256:3f38c995dfdb1f51f07ffb796162b445744456c2b8a1929c33a8b0593250892e
+    image: fnsys/dockhand:v1.0.18@sha256:81ee6728840ea99978d811d9dfa61e5445467e01502320fa7733bcf7e567d105
     restart: unless-stopped
     depends_on:
       dockhand_db:

forgejo/compose.yaml

@@ -1,7 +1,7 @@
 services:
   forgejo:
     container_name: forgejo
-    image: codeberg.org/forgejo/forgejo:14.0.3-rootless@sha256:3bde16a366e57f37c09599b77ceb83ed05b1934f8224072f8140bc66cf243608
+    image: codeberg.org/forgejo/forgejo:14.0.2-rootless@sha256:5552c9e25f353760420b8ac7a7f0f0a788ff571bbfd8e2c1e93503d3e2e1b87a
     restart: unless-stopped
     user: ${PUID}:${PGID}
     volumes:

gitea-runner/config.yml

@@ -32,40 +32,31 @@ runner:
   fetch_timeout: 5s
   # The interval for fetching the job from the Gitea instance.
   fetch_interval: 2s
-  # The github_mirror of a runner is used to specify the mirror address of the github that pulls the action repository.
-  # It works when something like `uses: actions/checkout@v4` is used and DEFAULT_ACTIONS_URL is set to github,
-  # and github_mirror is not empty. In this case,
-  # it replaces https://github.com with the value here, which is useful for some special network environments.
-  github_mirror: ''
   # The labels of a runner are used to determine which jobs the runner can run, and how to run them.
   # Like: "macos-arm64:host" or "ubuntu-latest:docker://docker.gitea.com/runner-images:ubuntu-latest"
   # Find more images provided by Gitea at https://gitea.com/docker.gitea.com/runner-images .
   # If it's empty when registering, it will ask for inputting labels.
   # If it's empty when execute `daemon`, will use labels in `.runner` file.
   labels:
-    - "ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-24.04"
-    - "ubuntu-latest-full:docker://ghcr.io/catthehacker/ubuntu:full-24.04"
-    - "ubuntu-arm64:docker://ghcr.io/catthehacker/ubuntu:act-24.04"
-    - "ubuntu-arm64-full:docker://ghcr.io/catthehacker/ubuntu:full-24.04"
-    - "ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-22.04"
-    - "ubuntu-22.04-full:docker://ghcr.io/catthehacker/ubuntu:full-22.04"
-    - "trixie:docker://node:25-trixie"
-    - "trixie-slim:docker://node:25-trixie-slim"
-    - "bookworm:docker://node:25-bookworm"
-    - "bookworm-slim:docker://node:25-bookworm-slim"
-    - "bullseye:docker://node:25-bullseye"
-    - "bullseye-slim:docker://node:25-bullseye-slim"
+    - "ubuntu-latest:docker://docker.gitea.com/runner-images:ubuntu-latest"
+    - "ubuntu-arm64:docker://docker.gitea.com/runner-images:ubuntu-latest"
+    - "ubuntu-22.04:docker://docker.gitea.com/runner-images:ubuntu-22.04"
+    - "ubuntu-cat:docker://ghcr.io/catthehacker/ubuntu:act-latest"
+    - "bookworm:docker://node:20-bookworm"
+    - "bookworm-slim:docker://node:24-bookworm-slim"
+    - "bullseye:docker://node:20-bullseye"
+    - "bullseye-slim:docker://node:20-bullseye-slim"
 
 cache:
   # Enable cache server to use actions/cache.
-  enabled: true
+  enabled: false
   # The directory to store the cache data.
   # If it's empty, the cache data will be stored in $HOME/.cache/actcache.
   dir: ""
   # The host of the cache server.
   # It's not for the address to listen, but the address to connect from job containers.
   # So 0.0.0.0 is a bad choice, leave it empty to detect automatically.
-  host: "IP"
+  host: ""
   # The port of the cache server.
   # 0 means to use a random available port.
   port: 0
@@ -108,10 +99,6 @@ container:
   force_pull: true
   # Rebuild docker image(s) even if already present
   force_rebuild: false
-  # Always require a reachable docker daemon, even if not required by act_runner
-  require_docker: false
-  # Timeout to wait for the docker daemon to be reachable, if docker is required by require_docker or act_runner
-  docker_timeout: 0s
 
 host:
   # The parent directory of a job's working directory.

gitea-runner/docker-compose-multi.yml

@@ -0,0 +1,42 @@
+services:
+  gitea_runner1:
+    container_name: gitea_runner1
+    image: docker.io/gitea/act_runner:0.3.0@sha256:8368754bb612a1deb07ed604e3b955338aefc01576d4d0d92e8dd82f29250fcd
+    restart: unless-stopped
+    environment:
+      CONFIG_FILE: /config.yml
+      GITEA_INSTANCE_URL: "${INSTANCE_URL}"
+      GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}"
+      GITEA_RUNNER_NAME: "${RUNNER_NAME1}"
+    volumes:
+      - ./config.yml:/config.yml
+      - ./data1:/data
+      - /var/run/docker.sock:/var/run/docker.sock
+
+  gitea_runner2:
+    container_name: gitea_runner2
+    image: docker.io/gitea/act_runner:0.3.0@sha256:8368754bb612a1deb07ed604e3b955338aefc01576d4d0d92e8dd82f29250fcd
+    restart: unless-stopped
+    environment:
+      CONFIG_FILE: /config.yml
+      GITEA_INSTANCE_URL: "${INSTANCE_URL}"
+      GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}"
+      GITEA_RUNNER_NAME: "${RUNNER_NAME2}"
+    volumes:
+      - ./config.yml:/config.yml
+      - ./data2:/data
+      - /var/run/docker.sock:/var/run/docker.sock
+
+  gitea_runner3:
+    container_name: gitea_runner3
+    image: docker.io/gitea/act_runner:0.3.0@sha256:8368754bb612a1deb07ed604e3b955338aefc01576d4d0d92e8dd82f29250fcd
+    restart: unless-stopped
+    environment:
+      CONFIG_FILE: /config.yml
+      GITEA_INSTANCE_URL: "${INSTANCE_URL}"
+      GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}"
+      GITEA_RUNNER_NAME: "${RUNNER_NAME3}"
+    volumes:
+      - ./config.yml:/config.yml
+      - ./data3:/data
+      - /var/run/docker.sock:/var/run/docker.sock

gitea-runner/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
   gitea_runner:
     container_name: gitea_runner
-    image: docker.io/gitea/act_runner:0.3.1@sha256:c2a169c5e99864c25e32527cef3d82203225e09558773022bf3dc164a2e6d762
+    image: docker.io/gitea/act_runner:0.3.0@sha256:8368754bb612a1deb07ed604e3b955338aefc01576d4d0d92e8dd82f29250fcd
     restart: unless-stopped
     environment:
       CONFIG_FILE: /config.yml
@@ -12,5 +12,3 @@ services:
       - ./config.yml:/config.yml
       - ./data:/data
       - /var/run/docker.sock:/var/run/docker.sock
-    ports:
-      - ${PORT}:${PORT}

gotify/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
   gotify:
     container_name: gotify
-    image: ghcr.io/gotify/server:2.9.1@sha256:a3af47067ce6aad76aadf5ba32d6ddfecd1ae576a961359f039fd1831e8b7652
+    image: ghcr.io/gotify/server:2.9.0@sha256:4df8c1bb23646b8d8b308e881866474bfae4a9a5b3980e5047f87eb84017e8a0
     restart: unless-stopped
     environment:
       - TZ=${TZ}

handbrake/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
   handbrake:
     container_name: handbrake
-    image: ghcr.io/jlesage/handbrake:v26.02.2
+    image: ghcr.io/jlesage/handbrake:v26.01.1
     restart: unless-stopped
     deploy:
       resources:

healthchecks/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
   healthchecks:
     container_name: healthchecks
-    image: ghcr.io/linuxserver/healthchecks:4.1.20260323@sha256:9284fb75cc62aafebb01eceef41f1630cc5c97c25ea2e310083e9799f36836f3
+    image: ghcr.io/linuxserver/healthchecks:4.0.20260216@sha256:9748ad5de1a8aaede64e54d742424f2e8a92ed661814c232b333e567de40d829
     restart: unless-stopped
     environment:
       - PUID=${PUID}

home-assistant/compose.yaml

@@ -1,7 +1,7 @@
 services:
   home-assistant:
     container_name: home-assistant
-    image: ghcr.io/home-assistant/home-assistant:2026.4.0@sha256:7fbf6a5e006e889d7799476ad7646bd18e9dc73e8a4ccd9326b41798de6bb3bf
+    image: ghcr.io/home-assistant/home-assistant:2026.2.3@sha256:96fa92d83fa8dae987fbbbcf58b1fea1140985ff6a8517b37f7b65c76ef20133
     restart: unless-stopped
     volumes:
       - ${APPDATA_PATH}/home-assistant/config:/config

homepage/docker-compose-docker.yml

@@ -15,7 +15,7 @@ services:
 
   homepage:
     container_name: homepage
-    image: ghcr.io/gethomepage/homepage:v1.12.3@sha256:cc84f2f5eb3c7734353701ccbaa24ed02dacb0d119114e50e4251e2005f3990a
+    image: ghcr.io/gethomepage/homepage:v1.10.1@sha256:0b596092c0b55fe4c65379a428a3fe90bd192f10d1b07d189a34fe5fabe7eedb
     restart: unless-stopped
     depends_on:
       homepage_socket_proxy:

homepage/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
   homepage:
     container_name: homepage
-    image: ghcr.io/gethomepage/homepage:v1.12.3@sha256:cc84f2f5eb3c7734353701ccbaa24ed02dacb0d119114e50e4251e2005f3990a
+    image: ghcr.io/gethomepage/homepage:v1.10.1@sha256:0b596092c0b55fe4c65379a428a3fe90bd192f10d1b07d189a34fe5fabe7eedb
     restart: unless-stopped
     environment:
       - PUID=${PUID}

kiwix/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
   kiwix:
     container_name: kiwix
-    image: ghcr.io/kiwix/kiwix-serve:3.8.2@sha256:acdab28186a66b51bfd4202210c6732931ea95cf41c711148a0c9770b9fcc9e1
+    image: ghcr.io/kiwix/kiwix-serve:3.8.1@sha256:9bffd4f940645d4d518f137e87b7865d3d0ef30f6c13fbe4a3b9e747be3cd1ad
     restart: unless-stopped
     command:
       - '*.zim'

lldap/compose.yaml

@@ -1,7 +1,7 @@
 services:
   lldap_db:
     container_name: lldap_db
-    image: docker.io/library/postgres:18.3@sha256:a9abf4275f9e99bff8e6aed712b3b7dfec9cac1341bba01c1ffdfce9ff9fc34a
+    image: docker.io/library/postgres:18.2@sha256:b6b4d0b75c699a2c94dfc5a94fe09f38630f3b67ab0e1653ede1b7ac8e13c197
     restart: unless-stopped
     environment:
       - POSTGRES_USER=${POSTGRES_USER}

pi-hole/compose.yaml

@@ -1,66 +0,0 @@
-services:
-  unbound_valkey:
-    container_name: unbound_valkey
-    image: ghcr.io/valkey-io/valkey:9.0.3@sha256:3b55fbaa0cd93cf0d9d961f405e4dfcc70efe325e2d84da207a0a8e6d8fde4f9
-    restart: unless-stopped
-    hostname: unbound_valkey
-    volumes:
-      - ./valkey-data:/data
-    networks:
-      - backend
-    healthcheck:
-      test: ["CMD-SHELL", "valkey-cli ping | grep PONG"]
-      interval: 10s
-      timeout: 5s
-      retries: 3
-      start_period: 10s
-
-  unbound:
-    container_name: unbound
-    image: klutchell/unbound:1.24.2@sha256:cb9a0f06c803c764395e2ff50bd8a244470601290c78fb2cdcf1bd200a027cd6
-    restart: unless-stopped
-    depends_on:
-      unbound_valkey:
-        condition: service_healthy
-    volumes:
-      - ./unbound.conf:/etc/unbound/unbound.conf
-      - ./unbound-custom-conf:/etc/unbound/custom.conf.d
-    ports:
-      - 5354:53
-      - 5354:53/udp
-    networks:
-      - backend
-    healthcheck:
-      test: ['CMD', 'drill-hc', '@127.0.0.1', 'dnssec.works']
-      interval: 10s
-      timeout: 5s
-      retries: 3
-      start_period: 10s
-
-  pihole:
-    container_name: pihole
-    image: ghcr.io/pi-hole/pihole:2026.04.1@sha256:1c32c36b862a12762656b6471c854cebc01fe945639ba3a893611337c2c95e99
-    restart: unless-stopped
-    cap_add:
-      - SYS_NICE
-    environment:
-      - TZ=${TZ}
-      - FTLCONF_dns_upstreams=unbound
-      - FTLCONF_dns_listeningMode=all
-      - FTLCONF_webserver_api_password=${FTLCONF_webserver_api_password}
-    volumes:
-      - ./pihole:/etc/pihole
-    ports:
-      - 5355:53/tcp
-      - 5355:53/udp
-      - 8055:80/tcp
-      - 4435:443/tcp
-    networks:
-      - frontend
-      - backend
-
-networks:
-  frontend:
-    external: true
-  backend:
-    external: true

pocket-id/compose.yaml

@@ -1,7 +1,7 @@
 services:
   pocket-id-db:
     container_name: pocket-id-db
-    image: docker.io/library/postgres:18.3@sha256:a9abf4275f9e99bff8e6aed712b3b7dfec9cac1341bba01c1ffdfce9ff9fc34a
+    image: docker.io/library/postgres:18.2@sha256:b6b4d0b75c699a2c94dfc5a94fe09f38630f3b67ab0e1653ede1b7ac8e13c197
     restart: unless-stopped
     environment:
       - POSTGRES_USER=${POSTGRES_USER}
@@ -21,7 +21,7 @@ services:
 
   pocket-id:
     container_name: pocket-id
-    image: ghcr.io/pocket-id/pocket-id:v2.5.0-distroless@sha256:deadc3c4dd6655a7d7f959200db1c74e394942dc061e6f3732b709983a08aab7
+    image: ghcr.io/pocket-id/pocket-id:v2.2.0-distroless@sha256:ad2d21a7b31d6b4f1d999caec794a5b5edeb97fc40801947158d62befd4203e3
     restart: unless-stopped
     depends_on:
       pocket-id-db:

portainer-agent/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
   portainer-agent:
     container_name: portainer-agent
-    image: docker.io/portainer/agent:alpine@sha256:d8c70d6c1174248796827182abb1ea8f9ea4869b32967af694cf472c3ec2c2a1
+    image: docker.io/portainer/agent:alpine@sha256:6cabee7b641c927474bc06a77b49cbdc2754acf05e8f5cc8248e4ca84fccb7b8
     restart: unless-stopped
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock

portainer/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
   portainer:
     container_name: portainer
-    image: docker.io/portainer/portainer-ee:alpine@sha256:892d1e5458f17f87735390b8049e1dc535c3fdba120f2a66e4411e099cff1550
+    image: docker.io/portainer/portainer-ee:alpine@sha256:eb3ad2004dfc15b6aa7b71b27017e756d8b7c016b7e7f2989a13eec96e734ac1
     restart: unless-stopped
     volumes:
       - ./data:/data

selfhst-icons/compose.yaml

@@ -1,25 +0,0 @@
-services:
-  selfhst-icons:
-    container_name: selfhst-icons
-    image: ghcr.io/selfhst/icons:4.0.2@sha256:ea70ba79e0e5126bb3ac191c595cdb74e5ae3d90dc95caf3cbda99e8d4b6c8ba
-    restart: unless-stopped
-    environment:
-      - ICON_SOURCE=remote
-      - REMOTE_URL=${REMOTE_URL}
-      - PRIMARY_COLOR=${PRIMARY_COLOR}
-      - CACHE_TTL=${CACHE_TTL}
-      - CACHE_SIZE=${CACHE_SIZE}
-    ports:
-      - ${PORT}:4050
-    networks:
-      - frontend
-    healthcheck:
-      test: ["CMD", "/server", "-healthcheck"]
-      interval: 30s
-      timeout: 5s
-      retries: 3
-      start_period: 5s
-
-networks:
-  frontend:
-    external: true

uptime-kuma/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
   uptime-kuma:
     container_name: uptime-kuma
-    image: ghcr.io/louislam/uptime-kuma:2.2.1@sha256:7337368a77873f159435de9ef09567f68c31285ed5f951dec36256c4b267ee44
+    image: ghcr.io/louislam/uptime-kuma:2.1.3@sha256:32c352a235fd10f98b3f64a6a4345d3c0c7f4e8be7810d2e1e867f7fe2e48ba2
     restart: unless-stopped
     volumes:
       - ${APPDATA_PATH}/uptime-kuma/config:/app/data