Add full NAS service catalog for disaster recovery.

Compose files and configs for postgres, adguard, duckdns, homarr, neo4j, portainer, remotely, and monitoring; RESTORE.md and sync-from-nas script. Sanitize pgAdmin secrets; document homelab-command as separate repo. Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-17 13:15:24 +02:00
parent b315f593ec
commit 21dbee4b53
32 changed files with 6567 additions and 32 deletions
@@ -0,0 +1,31 @@
+# Security Mesh stack — NATS + Go-normalizer (Zeek/Suricata JSON → Postgres).
+# Start vanuit homelab-command: docker compose -f docker-compose.mesh.yml --env-file .env.mesh up -d
+# Stop bestaande NATS op poort 4222 of wijzig poorten hieronder.
+
+services:
+  nats:
+    image: nats:2.10-alpine
+    command: ["-js", "-m", "8222"]
+    ports:
+      - "${NATS_CLIENT_PORT:-4222}:4222"
+      - "${NATS_HTTP_PORT:-8222}:8222"
+    restart: unless-stopped
+
+  mesh-normalizer:
+    image: mesh-normalizer:local
+    build:
+      context: ./mesh-ingest
+      dockerfile: Dockerfile
+    environment:
+      NATS_URL: nats://nats:4222
+      MESH_DEFAULT_TENANT_ID: ${MESH_DEFAULT_TENANT_ID:-00000000-0000-4000-8000-000000000001}
+      PG_HOST: ${PG_HOST:-172.17.0.1}
+      PG_PORT: ${PG_PORT:-5433}
+      PG_USER: ${PG_USER:-mo}
+      PG_PASSWORD: ${PG_PASSWORD:-}
+      PG_DATABASE: ${PG_DATABASE:-homelab}
+    depends_on:
+      - nats
+    restart: unless-stopped
+    extra_hosts:
+      - "host.docker.internal:host-gateway"