added all the dotfiles

podman/essential/.env

@@ -0,0 +1,4 @@
+PUID=1000
+PGID=33
+TZ=Europe/Berlin
+

podman/essential/docker-compose.yml

@@ -0,0 +1,86 @@
+version: "3.8"
+
+services:
+# Homarr (Dashboard)
+  homarr:
+    image: ghcr.io/ajnart/homarr:latest
+    container_name: homarr
+    environment:
+      - PUID=${PUID}
+      - PGID=${PGID}
+      - TZ=${TZ}
+      - DISABLE_UPGRADE_MODAL=true
+    volumes:
+      - /mnt/flash1/podman/essential/config/homarr:/app/data/configs
+    ports:
+      - "7575:7575"
+    restart: unless-stopped
+    
+# Portainer (Container Management - Fixed Socket Path)
+  portainer:
+    image: docker.io/portainer/portainer-ce:latest
+    container_name: portainer
+    restart: unless-stopped
+    ports:
+#     - "9443:9443"
+      - "9000:9000"
+    volumes:
+      - /mnt/flash1/podman/essential/config/portainer-data:/data
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    security_opt:
+      - no-new-privileges:true
+    environment:
+      - PUID=${PUID}
+      - PGID=${PGID}
+      - TZ=${TZ}
+
+  watchtower:
+    image: docker.io/containrrr/watchtower:latest 
+    container_name: watchtower
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      - PUID=${PUID}
+      - PGID=${PGID}
+      - TZ=${TZ}
+
+  fail2ban:
+    image: lscr.io/linuxserver/fail2ban:latest
+    container_name: fail2ban
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    network_mode: host
+    environment:
+      - PUID=${PUID}
+      - PGID=${PGID}
+      - TZ=${TZ}
+      - VERBOSITY=-vv #optional
+    volumes:
+      - /mnt/flash1/podman/essential/config/fail2ban:/config
+      - /var/log:/var/log:ro
+      - /mnt/tank/podman/homeassistant/home_assistant/config/home-assistant.log:/remotelogs/homeassistant:ro #optional
+#     - /path/to/nextcloud/log:/remotelogs/nextcloud:ro #optional
+#     - /path/to/nginx/log:/remotelogs/nginx:ro #optional
+#     - /path/to/overseerr/log:/remotelogs/overseerr:ro #optional
+#     - /path/to/prowlarr/log:/remotelogs/prowlarr:ro #optional
+#     - /path/to/radarr/log:/remotelogs/radarr:ro #optional
+#     - /path/to/sonarr/log:/remotelogs/sonarr:ro #optional
+#     - /path/to/vaultwarden/log:/remotelogs/vaultwarden:ro #optional
+    restart: unless-stopped
+ 
+  vaultwarden:
+    image: docker.io/vaultwarden/server:latest
+    container_name: vaultwarden
+    restart: unless-stopped
+    ports:
+      - "9445:80"  # Expose port 80 internally (no need to publish)
+    volumes:
+      - /mnt/flash1/podman/essential/config/vw_data:/data
+    environment:
+      - WEBSOCKET_ENABLED=true  # Enable WebSocket for real-time sync
+      - ADMIN_TOKEN=a4dJaEqGjx1q76PoAG0FOw9AURubpMht5cZSVyAvGrX2hnyhlUBc/WbImuZedhTQ
+#
+#networks:
+# npm_network:
+#   external: true  # Use NPM's existing network