feat: Add 7 new stacks (Batch 2)

Added stacks:
- nextcloud-aio (Cloud storage)
- wordpress (CMS)
- searxng (Meta search)
- authentik (SSO provider)
- jellyfin (Media server)

All stacks include:
- compose.yml with proper configuration
- README.md with deployment info
- stack.toml for Komodo Resource Sync

stacks/authentik/README.md

@@ -0,0 +1,25 @@
+# Authentik
+
+🔐 SSO / Identity Provider
+
+## Deploy in Komodo
+
+**Pfad:** `stacks/authentik/`
+
+## Ports
+
+- `9000` - HTTP Interface
+- `9443` - HTTPS Interface
+
+## Caddy
+
+```caddyfile
+auth.example.com {
+    reverse_proxy localhost:9000
+}
+```
+
+## Notes
+
+- Komplexes Setup mit PostgreSQL + Redis
+- SECRET_KEY ändern vor erstem Start!

stacks/authentik/compose.yml

@@ -0,0 +1,55 @@
+services:
+  authentik:
+    image: ghcr.io/goauthentik/server:latest
+    container_name: authentik
+    restart: unless-stopped
+    ports:
+      - "127.0.0.1:9000:9000"
+      - "127.0.0.1:9443:9443"
+    volumes:
+      - authentik_media:/media
+      - authentik_custom:/custom-templates
+    environment:
+      - AUTHENTIK_SECRET_KEY=change-me-to-random-secret
+      - AUTHENTIK_REDIS__HOST=authentik-redis
+      - AUTHENTIK_POSTGRESQL__HOST=authentik-db
+      - AUTHENTIK_POSTGRESQL__USER=authentik
+      - AUTHENTIK_POSTGRESQL__NAME=authentik
+      - AUTHENTIK_POSTGRESQL__PASSWORD=authentik
+    depends_on:
+      - authentik-db
+      - authentik-redis
+    networks:
+      - authentik-network
+
+  authentik-db:
+    image: postgres:15
+    container_name: authentik-db
+    restart: unless-stopped
+    volumes:
+      - authentik_db:/var/lib/postgresql/data
+    environment:
+      - POSTGRES_USER=authentik
+      - POSTGRES_PASSWORD=authentik
+      - POSTGRES_DB=authentik
+    networks:
+      - authentik-network
+
+  authentik-redis:
+    image: redis:alpine
+    container_name: authentik-redis
+    restart: unless-stopped
+    volumes:
+      - authentik_redis:/data
+    networks:
+      - authentik-network
+
+volumes:
+  authentik_media:
+  authentik_custom:
+  authentik_db:
+  authentik_redis:
+
+networks:
+  authentik-network:
+    driver: bridge

stacks/authentik/stack.toml

@@ -0,0 +1,4 @@
+[[stacks]]
+name = "authentik"
+description = "SSO / Identity Provider"
+compose_path = "compose.yml"

stacks/jellyfin/README.md

@@ -0,0 +1,24 @@
+# Jellyfin
+
+🎬 Media Server
+
+## Deploy in Komodo
+
+**Pfad:** `stacks/jellyfin/`
+
+## Ports
+
+- `8096` - Web UI
+
+## Caddy
+
+```caddyfile
+media.example.com {
+    reverse_proxy localhost:8096
+}
+```
+
+## Notes
+
+- Hardware Transcoding: `/dev/dri` mounten
+- Medien-Pfad anpassen (`/media`)

stacks/jellyfin/compose.yml

@@ -0,0 +1,31 @@
+services:
+  jellyfin:
+    image: jellyfin/jellyfin:latest
+    container_name: jellyfin
+    restart: unless-stopped
+    ports:
+      - "127.0.0.1:8096:8096"
+    volumes:
+      - jellyfin_config:/config
+      - jellyfin_cache:/cache
+      - /media:/media:ro
+    devices:
+      - /dev/dri:/dev/dri
+    group_add:
+      - video
+    networks:
+      - jellyfin-network
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8096/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 30s
+
+volumes:
+  jellyfin_config:
+  jellyfin_cache:
+
+networks:
+  jellyfin-network:
+    driver: bridge

stacks/jellyfin/stack.toml

@@ -0,0 +1,4 @@
+[[stacks]]
+name = "jellyfin"
+description = "Media Server"
+compose_path = "compose.yml"

stacks/nextcloud-aio/README.md

@@ -0,0 +1,24 @@
+# Nextcloud AIO
+
+☁️ Cloud Storage & Collaboration
+
+## Deploy in Komodo
+
+**Pfad:** `stacks/nextcloud-aio/`
+
+## Ports
+
+- `8080` - Web UI
+
+## Caddy
+
+```caddyfile
+cloud.example.com {
+    reverse_proxy localhost:8080
+}
+```
+
+## Notes
+
+- All-In-One Image mit Apache, PHP, DB
+- Erster Start dauert länger (Setup)

stacks/nextcloud-aio/compose.yml

@@ -0,0 +1,29 @@
+services:
+  nextcloud-aio:
+    image: nextcloud/all-in-one:latest
+    container_name: nextcloud-aio
+    restart: unless-stopped
+    ports:
+      - "127.0.0.1:8080:8080"
+    volumes:
+      - nextcloud_data:/var/www/html
+      - nextcloud_apps:/var/www/html/custom_apps
+    environment:
+      - APACHE_PORT=8080
+      - NEXTCLOUD_DATADIR=/var/www/html/data
+    networks:
+      - nextcloud-network
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8080/status.php"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 60s
+
+volumes:
+  nextcloud_data:
+  nextcloud_apps:
+
+networks:
+  nextcloud-network:
+    driver: bridge

stacks/nextcloud-aio/stack.toml

@@ -0,0 +1,4 @@
+[[stacks]]
+name = "nextcloud-aio"
+description = "Cloud Storage & Collaboration"
+compose_path = "compose.yml"

stacks/searxng/README.md

@@ -0,0 +1,24 @@
+# SearXNG
+
+🔍 Privacy Meta Search Engine
+
+## Deploy in Komodo
+
+**Pfad:** `stacks/searxng/`
+
+## Ports
+
+- `8080` - Web UI
+
+## Caddy
+
+```caddyfile
+search.example.com {
+    reverse_proxy localhost:8080
+}
+```
+
+## Notes
+
+- Sucht in mehreren Suchmaschinen gleichzeitig
+- Keine Trackung der Suchanfragen

stacks/searxng/compose.yml

@@ -0,0 +1,26 @@
+services:
+  searxng:
+    image: searxng/searxng:latest
+    container_name: searxng
+    restart: unless-stopped
+    ports:
+      - "127.0.0.1:8080:8080"
+    volumes:
+      - searxng_config:/etc/searxng
+    environment:
+      - SEARXNG_BASE_URL=https://searxng.example.com
+    networks:
+      - searxng-network
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8080/healthz"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 30s
+
+volumes:
+  searxng_config:
+
+networks:
+  searxng-network:
+    driver: bridge

stacks/searxng/stack.toml

@@ -0,0 +1,4 @@
+[[stacks]]
+name = "searxng"
+description = "Privacy Meta Search Engine"
+compose_path = "compose.yml"

stacks/wordpress/README.md

@@ -0,0 +1,24 @@
+# WordPress
+
+📝 CMS / Blog Platform
+
+## Deploy in Komodo
+
+**Pfad:** `stacks/wordpress/`
+
+## Ports
+
+- `8080` - Web UI
+
+## Caddy
+
+```caddyfile
+blog.example.com {
+    reverse_proxy localhost:8080
+}
+```
+
+## Notes
+
+- Inklusive MySQL Datenbank
+- Passwort ändern nach erstem Login!

stacks/wordpress/compose.yml

@@ -0,0 +1,40 @@
+services:
+  wordpress:
+    image: wordpress:latest
+    container_name: wordpress
+    restart: unless-stopped
+    ports:
+      - "127.0.0.1:8080:80"
+    volumes:
+      - wordpress_data:/var/www/html
+    environment:
+      - WORDPRESS_DB_HOST=wordpress-db
+      - WORDPRESS_DB_USER=wordpress
+      - WORDPRESS_DB_PASSWORD=wordpress
+      - WORDPRESS_DB_NAME=wordpress
+    depends_on:
+      - wordpress-db
+    networks:
+      - wordpress-network
+
+  wordpress-db:
+    image: mysql:8.0
+    container_name: wordpress-db
+    restart: unless-stopped
+    volumes:
+      - wordpress_db:/var/lib/mysql
+    environment:
+      - MYSQL_DATABASE=wordpress
+      - MYSQL_USER=wordpress
+      - MYSQL_PASSWORD=wordpress
+      - MYSQL_ROOT_PASSWORD=rootpassword
+    networks:
+      - wordpress-network
+
+volumes:
+  wordpress_data:
+  wordpress_db:
+
+networks:
+  wordpress-network:
+    driver: bridge

stacks/wordpress/stack.toml

@@ -0,0 +1,4 @@
+[[stacks]]
+name = "wordpress"
+description = "CMS / Blog Platform"
+compose_path = "compose.yml"