Update all 25 compose templates with toggle fields

- Added toggle fields to 66 sections across 25 templates
- Added title and description to sections for better UX
- Added needs dependencies for traefik_tls sections
- Fixed nginx and renovate templates by splitting traefik/traefik_tls sections
- All templates validate successfully
- All tests pass (50/50)

Co-authored-by: ChristianLempa <28359525+ChristianLempa@users.noreply.github.com>

library/compose/adguardhome/template.yaml

@@ -1,28 +1,35 @@
----
 kind: compose
 metadata:
   name: AdGuard Home
-  description: 'Network-wide software for blocking ads and tracking. AdGuard Home operates as a DNS server that
+  description: 'Network-wide software for blocking ads and tracking. AdGuard Home
+    operates as a DNS server that
 
-    re-routes tracking domains to a "black hole", thus preventing your devices from connecting to those servers.
+    re-routes tracking domains to a "black hole", thus preventing your devices from
+    connecting to those servers.
 
-    It features advanced DNS filtering, parental controls, safe browsing, and HTTPS/DNS-over-TLS/DNS-over-QUIC support.
+    It features advanced DNS filtering, parental controls, safe browsing, and HTTPS/DNS-over-TLS/DNS-over-QUIC
+    support.
 
     ## Prerequisites
 
-    - :info: During the initial setup, AdGuard Home runs an HTTP server on port 3000 to guide you through configuration.
+    - :info: During the initial setup, AdGuard Home runs an HTTP server on port 3000
+    to guide you through configuration.
 
     **With Traefik enabled:** Access initial setup via container IP at `http://<container-ip>:3000`.
 
     After setup completes, access the admin interface via the configured domain.
 
-    - :warning: **Security Notice:** The initial setup on port 3000 uses an unencrypted HTTP connection.
+    - :warning: **Security Notice:** The initial setup on port 3000 uses an unencrypted
+    HTTP connection.
 
-    Only use this for initial configuration and disable it (`initial_setup=false`) after setup is complete.
+    Only use this for initial configuration and disable it (`initial_setup=false`)
+    after setup is complete.
 
-    - :warning: If you require DHCP functionality or want AdGuard Home to bind directly to port 53,
+    - :warning: If you require DHCP functionality or want AdGuard Home to bind directly
+    to port 53,
 
-    you must set `network_mode` to `host` or `macvlan`. Note this exposes all container ports directly on the host.
+    you must set `network_mode` to `host` or `macvlan`. Note this exposes all container
+    ports directly on the host.
 
     You can''t use `traefik_enabled` in this case!
 
@@ -40,9 +47,9 @@ metadata:
   author: Christian Lempa
   date: '2025-12-11'
   tags:
-    - traefik
-    - network
-    - volume
+  - traefik
+  - network
+  - volume
   next_steps: null
 schema: '1.2'
 spec:
@@ -53,23 +60,25 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
       initial_setup:
         description: Enable initial setup wizard on port 3000 (only used without Traefik)
         type: bool
         default: true
-        extra: 'Port 3000 is only used during the initial setup wizard when Traefik is disabled. With Traefik enabled, access
-          setup via container IP instead. After completing setup, AdGuard Home switches to port 80 and port 3000 becomes inactive.
-          '
+        extra: 'Port 3000 is only used during the initial setup wizard when Traefik
+          is disabled. With Traefik enabled, access setup via container IP instead.
+          After completing setup, AdGuard Home switches to port 80 and port 3000 becomes
+          inactive. '
   network:
     vars:
       network_mode:
-        extra: 'Use ''host'' mode if you need DHCP functionality or want AdGuard Home to bind directly to port 53.
+        extra: 'Use ''host'' mode if you need DHCP functionality or want AdGuard Home
+          to bind directly to port 53.
 
           '
       network_name:
@@ -78,25 +87,25 @@ spec:
         type: str
         default: 192.168.1.253
         needs:
-          - network_mode=macvlan
+        - network_mode=macvlan
         required: true
       network_macvlan_parent_interface:
         type: str
         default: eth0
         needs:
-          - network_mode=macvlan
+        - network_mode=macvlan
         required: true
       network_macvlan_subnet:
         type: str
         default: 192.168.1.0/24
         needs:
-          - network_mode=macvlan
+        - network_mode=macvlan
         required: true
       network_macvlan_gateway:
         type: str
         default: 192.168.1.1
         needs:
-          - network_mode=macvlan
+        - network_mode=macvlan
         required: true
       network_external:
         type: bool
@@ -117,10 +126,10 @@ spec:
         type: int
         default: 3000
         needs:
-          - traefik_enabled=false
-          - initial_setup=true
-        extra: 'Only used during first-time setup without Traefik. After configuration, port becomes inactive. With Traefik,
-          access setup via container IP instead.
+        - traefik_enabled=false
+        - initial_setup=true
+        extra: 'Only used during first-time setup without Traefik. After configuration,
+          port becomes inactive. With Traefik, access setup via container IP instead.
 
           '
       ports_tls:
@@ -149,6 +158,9 @@ spec:
         type: bool
         default: false
         description: Enable Traefik integration
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   traefik_tls:
     vars:
       traefik_tls_certresolver:
@@ -159,37 +171,41 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik
   volume:
     vars:
       volume_mode:
         type: enum
         options:
-          - local
-          - mount
-          - nfs
+        - local
+        - mount
+        - nfs
         default: local
         required: true
       volume_mount_path:
         type: str
         default: /mnt/storage
         needs:
-          - volume_mode=mount
+        - volume_mode=mount
         required: true
       volume_nfs_server:
         type: str
         default: 192.168.1.1
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
       volume_nfs_path:
         type: str
         default: /export
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
       volume_nfs_options:
         type: str
         default: rw,nolock,soft
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true

library/compose/authentik/template.yaml

@@ -1,12 +1,14 @@
----
 kind: compose
 metadata:
   name: Authentik
-  description: 'Integrate Authentik Single Sign-On (SSO) for secure and streamlined user authentication.
+  description: 'Integrate Authentik Single Sign-On (SSO) for secure and streamlined
+    user authentication.
 
-    Authentik is an open-source identity provider that supports various authentication protocols.
+    Authentik is an open-source identity provider that supports various authentication
+    protocols.
 
-    This configuration enables OAuth-based SSO, allowing users to log in using their Authentik
+    This configuration enables OAuth-based SSO, allowing users to log in using their
+    Authentik
 
     credentials, enhancing security and user experience.
 
@@ -45,8 +47,8 @@ metadata:
   author: Christian Lempa
   date: '2026-02-12'
   tags:
-    - traefik
-    - volume
+  - traefik
+  - volume
 schema: '1.2'
 spec:
   general:
@@ -56,10 +58,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
   database:
@@ -103,6 +105,9 @@ spec:
         type: bool
         default: false
         description: Enable Traefik integration
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   authentik:
     description: Configure Authentik application settings
     required: true
@@ -131,39 +136,43 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik
   volume:
     vars:
       volume_mode:
         type: enum
         options:
-          - local
-          - mount
-          - nfs
+        - local
+        - mount
+        - nfs
         default: local
         required: true
       volume_mount_path:
         type: str
         default: /mnt/storage
         needs:
-          - volume_mode=mount
+        - volume_mode=mount
         required: true
       volume_nfs_server:
         type: str
         default: 192.168.1.1
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
       volume_nfs_path:
         type: str
         default: /export
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
       volume_nfs_options:
         type: str
         default: rw,nolock,soft
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
   email:
     vars:
@@ -197,3 +206,6 @@ spec:
         type: str
         default: tls
         description: The email encryption type
+    toggle: email_enabled
+    title: Email
+    description: Configure email/SMTP integration

library/compose/bind9/template.yaml

@@ -1,10 +1,10 @@
----
 kind: compose
 metadata:
   name: BIND9
   description: 'BIND9 is the most widely used DNS server on the Internet.
 
-    This template provides an authoritative and recursive DNS server with example zones,
+    This template provides an authoritative and recursive DNS server with example
+    zones,
 
     TSIG authentication for secure zone transfers, and DNSSEC support.
 
@@ -17,8 +17,8 @@ metadata:
   author: Christian Lempa
   date: '2025-10-02'
   tags:
-    - network
-    - volume
+  - network
+  - volume
   icon:
     provider: selfh
     id: bind-9
@@ -31,6 +31,8 @@ spec:
       dnssec_enabled:
         description: Enable DNSSEC
         type: bool
+    toggle: dnssec_enabled
+    description: Configure DNSSEC signing
   dns_zone:
     title: dns_zone
     vars:
@@ -47,41 +49,43 @@ spec:
         sensitive: true
         autogenerated: true
         needs:
-          - tsig_enabled=true
-  network:
+        - tsig_enabled=true
+    toggle: tsig_enabled
+    description: Configure TSIG authentication for zone transfers
+  network: null
   volume:
     vars:
       volume_mode:
         type: enum
         options:
-          - local
-          - mount
-          - nfs
+        - local
+        - mount
+        - nfs
         default: local
         required: true
       volume_mount_path:
         type: str
         default: /mnt/storage
         needs:
-          - volume_mode=mount
+        - volume_mode=mount
         required: true
       volume_nfs_server:
         type: str
         default: 192.168.1.1
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
       volume_nfs_path:
         type: str
         default: /export
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
       volume_nfs_options:
         type: str
         default: rw,nolock,soft
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
   general:
     vars:
@@ -94,9 +98,9 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true

library/compose/checkmk/template.yaml

@@ -1,15 +1,16 @@
----
 kind: compose
 metadata:
   icon:
     provider: selfh
     id: checkmk
   name: Checkmk
-  description: 'Checkmk is a comprehensive IT monitoring solution that provides real-time insights
+  description: 'Checkmk is a comprehensive IT monitoring solution that provides real-time
+    insights
 
     into the health and performance of your infrastructure, applications, and services.
 
-    It offers a wide range of monitoring capabilities, including server, network, cloud,
+    It offers a wide range of monitoring capabilities, including server, network,
+    cloud,
 
     and application monitoring, with an emphasis on ease of use and scalability.
 
@@ -33,7 +34,7 @@ metadata:
   author: Christian Lempa
   date: '2025-12-10'
   tags:
-    - traefik
+  - traefik
 schema: '1.2'
 spec:
   general:
@@ -51,10 +52,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
       cmk_password:
@@ -84,6 +85,9 @@ spec:
         type: bool
         default: false
         description: Enable Traefik integration
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   ports:
     vars:
       ports_http:
@@ -108,3 +112,7 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik

library/compose/dockge/template.yaml

@@ -1,13 +1,14 @@
----
 kind: compose
 metadata:
   icon:
     provider: selfh
     id: dockge
   name: Dockge
-  description: 'Dockge is a powerful Docker management platform that simplifies container orchestration and monitoring.
+  description: 'Dockge is a powerful Docker management platform that simplifies container
+    orchestration and monitoring.
 
-    It provides an intuitive web interface to manage Docker containers, images, networks, and volumes with ease.
+    It provides an intuitive web interface to manage Docker containers, images, networks,
+    and volumes with ease.
 
     ## Prerequisites
 
@@ -20,7 +21,7 @@ metadata:
   author: Christian Lempa
   date: '2025-09-28'
   tags:
-    - traefik
+  - traefik
 schema: '1.2'
 spec:
   general:
@@ -32,10 +33,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
       stacks_path:
@@ -59,6 +60,9 @@ spec:
         type: bool
         default: false
         description: Enable Traefik integration
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   traefik_tls:
     vars:
       traefik_tls_certresolver:
@@ -69,6 +73,10 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik
   ports:
     vars:
       ports_http:

library/compose/gitea/template.yaml

@@ -1,8 +1,8 @@
----
 kind: compose
 metadata:
   name: Gitea
-  description: 'Self-hosted Git service with web interface. Gitea is a painless, self-hosted Git service
+  description: 'Self-hosted Git service with web interface. Gitea is a painless, self-hosted
+    Git service
 
     written in Go. It''s similar to GitHub, Bitbucket, and GitLab, providing Git repository
 
@@ -10,9 +10,11 @@ metadata:
 
     ## Prerequisites
 
-    - :info: Gitea supports multiple database backends. You can choose between SQLite (default),
+    - :info: Gitea supports multiple database backends. You can choose between SQLite
+    (default),
 
-    PostgreSQL, or MySQL. SQLite is suitable for small deployments, while PostgreSQL and MySQL
+    PostgreSQL, or MySQL. SQLite is suitable for small deployments, while PostgreSQL
+    and MySQL
 
     are recommended for larger installations.
 
@@ -30,7 +32,7 @@ metadata:
   author: Christian Lempa
   date: '2026-01-22'
   tags:
-    - traefik
+  - traefik
 schema: '1.2'
 spec:
   general:
@@ -48,19 +50,19 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
       gitea_url:
         description: Public URL
         type: str
         needs:
-          - traefik_enabled=false
+        - traefik_enabled=false
         default: https://git.example.com
-  database:
+  database: null
   ports:
     vars:
       ports_http:
@@ -83,6 +85,9 @@ spec:
         type: bool
         default: false
         description: Enable Traefik integration
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   traefik_tls:
     vars:
       traefik_tls_certresolver:
@@ -93,3 +98,7 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik

library/compose/gitlab/template.yaml

@@ -1,25 +1,42 @@
----
 kind: compose
 metadata:
   name: GitLab
-  description: |-
-    A **complete DevOps platform** that provides Git repository management, CI/CD pipelines,
+  description: 'A **complete DevOps platform** that provides Git repository management,
+    CI/CD pipelines,
+
     issue tracking, and container registry in a single application.
+
     ## Prerequisites
+
     - ...
+
     **Performance Presets**:
-    - `homelab`: Optimized for low-resource environments (limited workers, reduced PostgreSQL buffers)
+
+    - `homelab`: Optimized for low-resource environments (limited workers, reduced
+    PostgreSQL buffers)
+
     - `default`: Standard server configuration for production use
+
     **External URL**:
-    - Set to your public domain (e.g., `https://gitlab.example.com`) for proper clone URLs
+
+    - Set to your public domain (e.g., `https://gitlab.example.com`) for proper clone
+    URLs
+
     - Affects SSH clone URLs and web links in emails/notifications
+
     **Container Registry**:
+
     - Enable if you need private Docker image hosting
+
     - Requires separate external URL (e.g., `https://registry.example.com`)
+
     ## Resources
+
     - **Project**: https://about.gitlab.com/
+
     - **Documentation**: https://docs.gitlab.com/
-    - **Community**: https://forum.gitlab.com/
+
+    - **Community**: https://forum.gitlab.com/'
   icon:
     provider: selfh
     id: gitlab
@@ -27,46 +44,23 @@ metadata:
   author: Christian Lempa
   date: '2026-02-10'
   tags:
-    - traefik
-  next_steps: |-
-    ## Post-Installation Steps
-    1. **Start GitLab**:
-      ```bash
-      docker compose up -d
-      ```
-    2. **Wait for\
-      \ initialization** (2-5 minutes):
-        ```bash
-        docker compose logs -f gitlab
-        ```
-        Wait for message: `gitlab\
-      \ Reconfigured!`
-      3. **Access the web interface**:
-        {% if traefik_enabled -%}
-        - Via Traefik: https://{{ traefik_host\
-      \ }}
-        {% if not traefik_enabled and network_mode == 'bridge' %}- Direct access: http://localhost:{{ ports_http }}{%\
-      \ endif %}
-        {%- else -%}
-        - Open {{ external_url }} in your browser
-        {% if network_mode == 'bridge' %}- Or: http://localhost:{{\
-      \ ports_http }}{% endif %}
-        {%- endif %}
-      4. **Initial login credentials**:
-        - **Username**: `root`
-        - **Password**:\
-      \ `{{ root_password }}`
-        > **Important**: This password only works on FIRST initialization.
-        > Change it immediately\
-      \ after first login via GitLab's web interface!
-      5. **Configure SSH** (optional):
-        - SSH clone URLs will use port `{{\
-      \ ports_ssh }}`
-        - Update your Git remote if needed
-      ## Additional Resources
-      - Documentation: https://docs.gitlab.com/
-      \
-      - GitLab Runner: https://docs.gitlab.com/runner/
+  - traefik
+  next_steps: "## Post-Installation Steps\n1. **Start GitLab**:\n  ```bash\n  docker\
+    \ compose up -d\n  ```\n2. **Wait for\\\n  \\ initialization** (2-5 minutes):\n\
+    \    ```bash\n    docker compose logs -f gitlab\n    ```\n    Wait for message:\
+    \ `gitlab\\\n  \\ Reconfigured!`\n  3. **Access the web interface**:\n    {% if\
+    \ traefik_enabled -%}\n    - Via Traefik: https://{{ traefik_host\\\n  \\ }}\n\
+    \    {% if not traefik_enabled and network_mode == 'bridge' %}- Direct access:\
+    \ http://localhost:{{ ports_http }}{%\\\n  \\ endif %}\n    {%- else -%}\n   \
+    \ - Open {{ external_url }} in your browser\n    {% if network_mode == 'bridge'\
+    \ %}- Or: http://localhost:{{\\\n  \\ ports_http }}{% endif %}\n    {%- endif\
+    \ %}\n  4. **Initial login credentials**:\n    - **Username**: `root`\n    - **Password**:\\\
+    \n  \\ `{{ root_password }}`\n    > **Important**: This password only works on\
+    \ FIRST initialization.\n    > Change it immediately\\\n  \\ after first login\
+    \ via GitLab's web interface!\n  5. **Configure SSH** (optional):\n    - SSH clone\
+    \ URLs will use port `{{\\\n  \\ ports_ssh }}`\n    - Update your Git remote if\
+    \ needed\n  ## Additional Resources\n  - Documentation: https://docs.gitlab.com/\n\
+    \  \\\n  - GitLab Runner: https://docs.gitlab.com/runner/"
 schema: '1.2'
 spec:
   general:
@@ -88,7 +82,8 @@ spec:
         description: Initial root user password (only used on first initialization)
         sensitive: true
         autogenerated: true
-        extra: 'Leave empty to auto-generate. WARNING: Only sets password on FIRST startup!'
+        extra: 'Leave empty to auto-generate. WARNING: Only sets password on FIRST
+          startup!'
       default_theme:
         type: int
         description: Default GitLab UI theme (2 = dark mode)
@@ -106,10 +101,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
   advanced:
@@ -120,15 +115,17 @@ spec:
         type: enum
         description: Performance optimization profile
         options:
-          - homelab
-          - default
+        - homelab
+        - default
         default: homelab
-        extra: homelab is optimized for low-resource environments, default is for standard servers
+        extra: homelab is optimized for low-resource environments, default is for
+          standard servers
       prometheus_enabled:
         type: bool
         description: Enable Prometheus monitoring
         default: false
         extra: Disabling saves ~200-400MB RAM. GitLab UI metrics will be unavailable.
+    toggle: prometheus_enabled
   ports:
     vars:
       ports_http:
@@ -157,7 +154,7 @@ spec:
         default: gitlab.home.arpa
       traefik_registry_host:
         needs:
-          - registry_enabled=true
+        - registry_enabled=true
         default: registry.home.arpa
         type: str
         description: Hostname for Container Registry in Traefik (if enabled)
@@ -173,6 +170,9 @@ spec:
         type: bool
         default: false
         description: Enable Traefik integration
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   traefik_tls:
     vars:
       traefik_tls_certresolver:
@@ -183,6 +183,10 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik
   email:
     toggle: email_enabled
     vars:

library/compose/grafana/template.yaml

@@ -1,11 +1,12 @@
----
 kind: compose
 metadata:
   name: Grafana
-  description: 'Grafana is an open-source platform for monitoring and observability that allows you to visualize and analyze
-    metrics, logs, and traces from various data
+  description: 'Grafana is an open-source platform for monitoring and observability
+    that allows you to visualize and analyze metrics, logs, and traces from various
+    data
 
-    sources. It provides a powerful and flexible dashboarding solution for IT infrastructure and application monitoring.
+    sources. It provides a powerful and flexible dashboarding solution for IT infrastructure
+    and application monitoring.
 
     ## Prerequisites
 
@@ -30,8 +31,8 @@ metadata:
   author: Christian Lempa
   date: '2026-02-12'
   tags:
-    - traefik
-    - authentik
+  - traefik
+  - authentik
 schema: '1.2'
 spec:
   general:
@@ -41,10 +42,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
   ports:
@@ -94,6 +95,9 @@ spec:
         type: bool
         default: false
         description: Enable Traefik integration
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   traefik_tls:
     vars:
       traefik_tls_certresolver:
@@ -104,13 +108,17 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik
   database:
     vars:
       database_type:
         type: enum
         options:
-          - sqlite
-          - postgres
+        - sqlite
+        - postgres
       database_external:
         type: bool
         default: false
@@ -132,7 +140,9 @@ spec:
       database_host:
         type: str
         required: true
-        needs: ["database_type=postgres", "database_external=true"]
+        needs:
+        - database_type=postgres
+        - database_external=true
   swarm:
     toggle: swarm_enabled
     vars:
@@ -145,16 +155,16 @@ spec:
         default: replicated
         description: The placement mode
         needs:
-          - swarm_enabled=true
+        - swarm_enabled=true
       swarm_replicas:
         type: int
         default: 1
         description: The number of replicas
         needs:
-          - swarm_placement_mode=replicated
+        - swarm_placement_mode=replicated
       swarm_placement_host:
         type: str
         default: ''
         description: The placement host
         needs:
-          - swarm_placement_mode=replicated
+        - swarm_placement_mode=replicated

library/compose/homepage/template.yaml

@@ -1,8 +1,8 @@
----
 kind: compose
 metadata:
   name: Homepage
-  description: 'Homepage is a modern, fully static, fast, secure fully customizable application dashboard with integrations
+  description: 'Homepage is a modern, fully static, fast, secure fully customizable
+    application dashboard with integrations
 
     for over 100 services and translations into multiple languages.
 
@@ -16,9 +16,9 @@ metadata:
   author: Christian Lempa
   date: '2026-02-10'
   tags:
-    - traefik
-    - swarm
-    - volume_modes
+  - traefik
+  - swarm
+  - volume_modes
   icon:
     provider: simpleicons
     id: homepage
@@ -44,18 +44,18 @@ spec:
         description: The container log level
         type: enum
         options:
-          - debug
-          - info
-          - warn
-          - error
+        - debug
+        - info
+        - warn
+        - error
       restart_policy:
         description: The container restart policy
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         required: true
         default: unless-stopped
   ports:
@@ -64,7 +64,7 @@ spec:
         description: The HTTP port
         type: int
         needs:
-          - traefik_enabled=false
+        - traefik_enabled=false
         required: true
         default: 3000
   traefik:
@@ -88,6 +88,9 @@ spec:
         default: home.arpa
         type: str
         required: true
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   traefik_tls:
     vars:
       traefik_tls_enabled:
@@ -103,21 +106,25 @@ spec:
         type: str
         required: true
         default: cloudflare
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik
   volume:
     vars:
       volume_mode:
         type: enum
         options:
-          - local
-          - mount
-          - nfs
+        - local
+        - mount
+        - nfs
         default: local
         required: true
       volume_mount_path:
         type: str
         default: /mnt/storage
         needs:
-          - volume_mode=mount
+        - volume_mode=mount
         required: true
       volume_nfs_options:
         type: str
@@ -131,4 +138,4 @@ spec:
         type: str
         default: ''
         description: The NFS server
-  swarm:
+  swarm: null

library/compose/homer/template.yaml

@@ -1,12 +1,11 @@
----
 kind: compose
 metadata:
   icon:
     provider: selfh
     id: homer
   name: Homer
-  description: 'A very simple static homepage for your server to keep your services on hand, from a simple yaml configuration
-    file.
+  description: 'A very simple static homepage for your server to keep your services
+    on hand, from a simple yaml configuration file.
 
 
     Project: https://github.com/bastienwirtz/homer
@@ -18,19 +17,23 @@ metadata:
   author: Christian Lempa
   date: '2025-12-11'
   tags:
-    - traefik
-    - swarm
-    - authentik
+  - traefik
+  - swarm
+  - authentik
   draft: true
-  next_steps: "1. Start the Homer dashboard:\n   docker compose up -d\n\n2. Customize your dashboard:\n   - Edit assets/config.yml\
-    \ to add your services\n   - Organize services into groups (Applications, Monitoring, etc.)\n   - Add links to the navbar\
-    \ for quick access\n\n3. Optional: Add a logo:\n   - Place your logo.png file in the assets/ directory\n   - Or update\
-    \ the logo path in assets/config.yml\n   - Supported formats: PNG, SVG, JPG\n\n4. Optional: Customize the theme:\n   -\
-    \ Uncomment and modify the colors section in config.yml\n   - Available themes: default, sui\n   - See documentation for\
-    \ advanced theming options\n\n5. Access your dashboard:\n   {% if traefik_enabled -%}\n   - Via Traefik: https://{{ traefik_host\
-    \ }}\n   {% if not traefik_enabled and network_mode == 'bridge' %}- Direct access: http://localhost:{{ ports_http }}{%\
-    \ endif %}\n   {%- else -%}\n   - Open http://localhost:{{ ports_http }} in your browser\n   {%- endif %}\n\nFor more\
-    \ information, visit: https://github.com/bastienwirtz/homer/blob/main/docs/configuration.md\n"
+  next_steps: "1. Start the Homer dashboard:\n   docker compose up -d\n\n2. Customize\
+    \ your dashboard:\n   - Edit assets/config.yml to add your services\n   - Organize\
+    \ services into groups (Applications, Monitoring, etc.)\n   - Add links to the\
+    \ navbar for quick access\n\n3. Optional: Add a logo:\n   - Place your logo.png\
+    \ file in the assets/ directory\n   - Or update the logo path in assets/config.yml\n\
+    \   - Supported formats: PNG, SVG, JPG\n\n4. Optional: Customize the theme:\n\
+    \   - Uncomment and modify the colors section in config.yml\n   - Available themes:\
+    \ default, sui\n   - See documentation for advanced theming options\n\n5. Access\
+    \ your dashboard:\n   {% if traefik_enabled -%}\n   - Via Traefik: https://{{\
+    \ traefik_host }}\n   {% if not traefik_enabled and network_mode == 'bridge' %}-\
+    \ Direct access: http://localhost:{{ ports_http }}{% endif %}\n   {%- else -%}\n\
+    \   - Open http://localhost:{{ ports_http }} in your browser\n   {%- endif %}\n\
+    \nFor more information, visit: https://github.com/bastienwirtz/homer/blob/main/docs/configuration.md\n"
 schema: '1.2'
 spec:
   general:
@@ -44,10 +47,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
       homer_title:
@@ -111,33 +114,36 @@ spec:
       swarm_placement_mode:
         type: enum
         options:
-          - replicated
-          - global
+        - replicated
+        - global
         default: replicated
         required: true
       swarm_replicas:
         type: int
         default: 1
         needs:
-          - swarm_placement_mode=replicated
+        - swarm_placement_mode=replicated
         required: true
       swarm_placement_host:
         type: str
         default: ''
         needs:
-          - swarm_placement_mode=replicated
+        - swarm_placement_mode=replicated
         extra: Constrains service to run on specific node by hostname
       swarm_enabled:
         type: bool
         default: false
         description: Enable Docker Swarm mode
+    toggle: swarm_enabled
+    title: Docker Swarm
+    description: Configure Docker Swarm mode deployment
   authentik:
     vars:
       authentik_traefik_middleware:
         type: str
         default: authentik-middleware@file
         needs:
-          - traefik_enabled=true
+        - traefik_enabled=true
         required: true
       authentik_client_id:
         type: str
@@ -159,3 +165,6 @@ spec:
         type: str
         default: ''
         description: The Authentik URL
+    toggle: authentik_enabled
+    title: Authentik SSO
+    description: Configure Authentik authentication integration

library/compose/influxdb/template.yaml

@@ -1,12 +1,11 @@
----
 kind: compose
 metadata:
   icon:
     provider: selfh
     id: influxdb
   name: Influxdb
-  description: 'InfluxDB is a powerful, open-source time series database designed for high-performance handling of time-stamped
-    data.
+  description: 'InfluxDB is a powerful, open-source time series database designed
+    for high-performance handling of time-stamped data.
 
     It is commonly used for monitoring, analytics, and IoT applications.
 
@@ -30,7 +29,7 @@ metadata:
   author: Christian Lempa
   date: '2025-12-11'
   tags:
-    - traefik
+  - traefik
   draft: true
 schema: '1.2'
 spec:
@@ -71,6 +70,9 @@ spec:
         type: bool
         default: false
         description: Enable Traefik integration
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   traefik_tls:
     vars:
       traefik_tls_certresolver:
@@ -81,6 +83,10 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik
   general:
     vars:
       service_name:
@@ -90,10 +96,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
       influxdb_version:

library/compose/komodo/template.yaml

@@ -1,21 +1,25 @@
----
 kind: compose
 metadata:
   icon:
     provider: selfh
     id: komodo
   name: Komodo
-  description: 'Build and deployment automation tool for managing software across multiple servers. Komodo provides
+  description: 'Build and deployment automation tool for managing software across
+    multiple servers. Komodo provides
 
-    unlimited server connections, flexible API access, and comprehensive management of Docker deployments,
+    unlimited server connections, flexible API access, and comprehensive management
+    of Docker deployments,
 
-    stacks, and builds. Features include real-time container monitoring, batch operations, and integration
+    stacks, and builds. Features include real-time container monitoring, batch operations,
+    and integration
 
-    with Docker, Docker Compose, and build systems. Supports both MongoDB and FerretDB as database backends.
+    with Docker, Docker Compose, and build systems. Supports both MongoDB and FerretDB
+    as database backends.
 
     ## Important Notes
 
-    * Requires MongoDB or FerretDB for data storage (database not included in this template)
+    * Requires MongoDB or FerretDB for data storage (database not included in this
+    template)
 
     * Requires Periphery agent on managed servers for remote operations
 
@@ -35,10 +39,10 @@ metadata:
   author: Christian Lempa
   date: '2025-11-13'
   tags:
-    - traefik
-    - swarm
-    - deployment
-    - automation
+  - traefik
+  - swarm
+  - deployment
+  - automation
   next_steps: '### 1. Prerequisites
 
     * Deploy MongoDB or FerretDB database
@@ -91,7 +95,8 @@ metadata:
 
     ```bash
 
-    curl -sSL https://raw.githubusercontent.com/moghtech/komodo/main/scripts/setup-periphery.py | python3
+    curl -sSL https://raw.githubusercontent.com/moghtech/komodo/main/scripts/setup-periphery.py
+    | python3
 
     ```
 
@@ -117,10 +122,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
   traefik:
@@ -144,6 +149,9 @@ spec:
         default: home.arpa
         type: str
         required: true
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   traefik_tls:
     vars:
       traefik_tls_enabled:
@@ -159,7 +167,11 @@ spec:
         type: str
         required: true
         default: cloudflare
-  network:
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik
+  network: null
   ports:
     vars:
       ports_http:
@@ -167,9 +179,9 @@ spec:
         type: int
         default: 9120
         needs:
-          - traefik_enabled=false
-          - network_mode=bridge
-  volume:
+        - traefik_enabled=false
+        - network_mode=bridge
+  volume: null
   resources:
     vars:
       resources_enabled:
@@ -183,7 +195,7 @@ spec:
         type: str
         default: 0.25
         needs:
-          - swarm_enabled=true
+        - swarm_enabled=true
         required: true
       resources_memory_limit:
         type: str
@@ -193,8 +205,11 @@ spec:
         type: str
         default: 512M
         needs:
-          - swarm_enabled=true
+        - swarm_enabled=true
         required: true
+    toggle: resources_enabled
+    title: Resource Limits
+    description: Configure container resource limits
   environment:
     title: Environment Variables
     toggle: environment_enabled
@@ -236,10 +251,10 @@ spec:
         type: enum
         default: info
         options:
-          - debug
-          - info
-          - warn
-          - error
+        - debug
+        - info
+        - warn
+        - error
         description: Log level
         needs: environment_enabled=true
   swarm:
@@ -260,3 +275,6 @@ spec:
         type: int
         default: 1
         description: The number of replicas
+    toggle: swarm_enabled
+    title: Docker Swarm
+    description: Configure Docker Swarm mode deployment

library/compose/loki/template.yaml

@@ -1,11 +1,11 @@
----
 kind: compose
 metadata:
   icon:
     provider: selfh
     id: loki
   name: Loki
-  description: 'Loki is a horizontally scalable, highly available, multi-tenant log aggregation system inspired by Prometheus.
+  description: 'Loki is a horizontally scalable, highly available, multi-tenant log
+    aggregation system inspired by Prometheus.
 
     This template sets up Loki in a Docker container using Docker Compose.
 
@@ -20,8 +20,8 @@ metadata:
   author: Christian Lempa
   date: '2026-02-06'
   tags:
-    - traefik
-    - authentik
+  - traefik
+  - authentik
 schema: '1.2'
 spec:
   general:
@@ -31,10 +31,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
       data_retention_days:
@@ -61,6 +61,9 @@ spec:
         type: bool
         default: false
         description: Enable Traefik integration
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   traefik_tls:
     vars:
       traefik_tls_certresolver:
@@ -71,3 +74,7 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik

library/compose/n8n/template.yaml

@@ -1,11 +1,11 @@
----
 kind: compose
 metadata:
   icon:
     provider: selfh
     id: n8n
   name: N8N
-  description: 'N8n is a free and source-available workflow automation tool. It enables you to connect
+  description: 'N8n is a free and source-available workflow automation tool. It enables
+    you to connect
 
     various apps and services to automate repetitive tasks without coding.
 
@@ -15,15 +15,18 @@ metadata:
 
     ## Prerequisites
 
-    - :info: By default, n8n uses SQLite as its database, which is suitable for small-scale or
+    - :info: By default, n8n uses SQLite as its database, which is suitable for small-scale
+    or
 
     personal use. For production environments, it is recommended to use an external
 
-    database like PostgreSQL or MySQL for better performance and reliability. This is also
+    database like PostgreSQL or MySQL for better performance and reliability. This
+    is also
 
     required when using Queue Mode.
 
-    - :info: Queue mode allows n8n to handle a large number of workflows and tasks efficiently, by using
+    - :info: Queue mode allows n8n to handle a large number of workflows and tasks
+    efficiently, by using
 
     multiple Workers, and Redis as the queue backend. This is essential for high-availability
 
@@ -44,8 +47,8 @@ metadata:
   author: Christian Lempa
   date: '2025-12-17'
   tags:
-    - traefik
-    - database
+  - traefik
+  - database
   draft: true
 schema: '1.2'
 spec:
@@ -62,17 +65,17 @@ spec:
       container_loglevel:
         type: enum
         options:
-          - debug
-          - info
-          - warn
-          - error
+        - debug
+        - info
+        - warn
+        - error
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
   queue:
@@ -106,7 +109,8 @@ spec:
         description: Include embedded worker in this deployment
         default: false
         needs: queue_enabled
-        extra: Add a worker service to this compose file. For production, use separate n8n-worker template.
+        extra: Add a worker service to this compose file. For production, use separate
+          n8n-worker template.
   database:
     title: Database
     toggle: database_enabled
@@ -120,8 +124,8 @@ spec:
         type: enum
         description: Database type
         options:
-          - postgres
-          - mysql
+        - postgres
+        - mysql
         default: postgres
         needs: database_enabled
       database_host:
@@ -197,21 +201,22 @@ spec:
         type: enum
         description: Save execution data on error
         options:
-          - all
-          - none
+        - all
+        - none
         default: all
       execution_save_on_success:
         type: enum
         description: Save execution data on success
         options:
-          - all
-          - none
+        - all
+        - none
         default: none
         extra: Set to 'none' to reduce database size
   network:
     vars:
       network_mode:
-        extra: For queue mode with workers, use 'bridge' with shared networks. Swarm only supports 'bridge'.
+        extra: For queue mode with workers, use 'bridge' with shared networks. Swarm
+          only supports 'bridge'.
       network_name:
         default: n8n_network
       network_external:
@@ -252,8 +257,8 @@ spec:
         type: int
         default: 5678
         needs:
-          - traefik_enabled=false
-          - network_mode=bridge
+        - traefik_enabled=false
+        - network_mode=bridge
   swarm:
     toggle: swarm_enabled
     vars:
@@ -284,3 +289,7 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik

library/compose/nextcloud/template.yaml

@@ -1,9 +1,9 @@
----
 kind: compose
 metadata:
   name: Nextcloud
-  description: 'Self-hosted file sync and share platform. Nextcloud is a suite of client-server software for creating and
-    using file hosting services. It provides functionality similar to Dropbox, with the added benefit of being self-hosted
+  description: 'Self-hosted file sync and share platform. Nextcloud is a suite of
+    client-server software for creating and using file hosting services. It provides
+    functionality similar to Dropbox, with the added benefit of being self-hosted
     and open-source.
 
 
@@ -21,7 +21,7 @@ metadata:
   author: Christian Lempa
   date: '2026-02-13'
   tags:
-    - traefik
+  - traefik
   draft: true
 schema: '1.2'
 spec:
@@ -32,8 +32,8 @@ spec:
         description: Database type (Nextcloud supports PostgreSQL or MySQL/MariaDB)
         type: enum
         options:
-          - postgres
-          - mysql
+        - postgres
+        - mysql
         default: postgres
       database_name:
         type: str
@@ -56,10 +56,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
   network:
@@ -104,6 +104,9 @@ spec:
         type: bool
         default: false
         description: Enable Traefik integration
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   traefik_tls:
     vars:
       traefik_tls_certresolver:
@@ -114,4 +117,8 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
-  swarm:
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik
+  swarm: null

library/compose/nginx/template.yaml

@@ -54,7 +54,9 @@ spec:
         type: int
         default: 8443
   traefik:
+    title: Traefik
     toggle: traefik_enabled
+    description: Configure Traefik reverse proxy integration
     vars:
       traefik_enabled:
         type: bool
@@ -67,12 +69,9 @@ spec:
         default: home.arpa
       traefik_entrypoint:
         default: web
-      traefik_tls_entrypoint:
         default: websecure
-      traefik_tls_enabled:
         type: bool
         default: true
-      traefik_tls_certresolver:
         default: cloudflare
   network:
     vars:

library/compose/openwebui/template.yaml

@@ -1,14 +1,15 @@
----
 kind: compose
 metadata:
   icon:
     provider: selfh
     id: open-webui
   name: Openwebui
-  description: 'OpenWebUI is an open-source web-based user interface for managing and interacting with AI models. It provides
-    a user-friendly platform to deploy, monitor, and utilize various AI models for tasks such as image generation, text generation,
-    and more. OpenWebUI supports integration with popular AI frameworks and offers features like model management, user authentication,
-    and real-time interaction.
+  description: 'OpenWebUI is an open-source web-based user interface for managing
+    and interacting with AI models. It provides a user-friendly platform to deploy,
+    monitor, and utilize various AI models for tasks such as image generation, text
+    generation, and more. OpenWebUI supports integration with popular AI frameworks
+    and offers features like model management, user authentication, and real-time
+    interaction.
 
 
     Project: https://openwebui.io/
@@ -22,8 +23,8 @@ metadata:
   author: Christian Lempa
   date: '2026-01-10'
   tags:
-    - traefik
-    - authentik
+  - traefik
+  - authentik
   draft: true
 schema: '1.2'
 spec:
@@ -40,10 +41,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
       ollama_base_url:
@@ -66,6 +67,9 @@ spec:
         type: bool
         default: false
         description: Enable Traefik integration
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   traefik_tls:
     vars:
       traefik_tls_certresolver:
@@ -76,6 +80,10 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik
   ports:
     vars:
       ports_http:

library/compose/pihole/template.yaml

@@ -1,21 +1,25 @@
----
 kind: compose
 metadata:
   icon:
     provider: selfh
     id: pi-hole
   name: Pihole
-  description: 'Network-wide advertisement and internet tracker blocking application that functions as a DNS blackhole.
+  description: 'Network-wide advertisement and internet tracker blocking application
+    that functions as a DNS blackhole.
 
-    Provides DNS-level content filtering for all network devices, improving browsing performance, privacy, and security.
+    Provides DNS-level content filtering for all network devices, improving browsing
+    performance, privacy, and security.
 
-    Supports custom blocklists, whitelists, and seamless integration with existing network infrastructure.
+    Supports custom blocklists, whitelists, and seamless integration with existing
+    network infrastructure.
 
     ## Prerequisites
 
-    - :warning: Pi-hole uses local storage and configuration files and does NOT support running multiple replicas.
+    - :warning: Pi-hole uses local storage and configuration files and does NOT support
+    running multiple replicas.
 
-    This template enforces a single replica with node placement constraints to ensure stable DNS resolution.
+    This template enforces a single replica with node placement constraints to ensure
+    stable DNS resolution.
 
     ## References
 
@@ -30,10 +34,10 @@ metadata:
   author: Christian Lempa
   date: '2025-12-11'
   tags:
-    - traefik
-    - swarm
-    - network
-    - volume
+  - traefik
+  - swarm
+  - network
+  - volume
   next_steps: 'Log in with your initial admin user:
 
     ```bash
@@ -64,10 +68,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
   admin_settings:
@@ -115,6 +119,9 @@ spec:
         type: bool
         default: false
         description: Enable Traefik integration
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   traefik_tls:
     vars:
       traefik_tls_certresolver:
@@ -125,10 +132,15 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik
   network:
     vars:
       network_mode:
-        extra: 'If you need DHCP functionality, use ''host'' or ''macvlan'' mode. NOTE: Swarm only supports ''bridge'' mode!"
+        extra: 'If you need DHCP functionality, use ''host'' or ''macvlan'' mode.
+          NOTE: Swarm only supports ''bridge'' mode!"
 
           '
       network_name:
@@ -137,25 +149,25 @@ spec:
         type: str
         default: 192.168.1.253
         needs:
-          - network_mode=macvlan
+        - network_mode=macvlan
         required: true
       network_macvlan_parent_interface:
         type: str
         default: eth0
         needs:
-          - network_mode=macvlan
+        - network_mode=macvlan
         required: true
       network_macvlan_subnet:
         type: str
         default: 192.168.1.0/24
         needs:
-          - network_mode=macvlan
+        - network_mode=macvlan
         required: true
       network_macvlan_gateway:
         type: str
         default: 192.168.1.1
         needs:
-          - network_mode=macvlan
+        - network_mode=macvlan
         required: true
       network_external:
         type: bool
@@ -179,37 +191,40 @@ spec:
         type: str
         default: replicated
         description: The placement mode
+    toggle: swarm_enabled
+    title: Docker Swarm
+    description: Configure Docker Swarm mode deployment
   volume:
     vars:
       volume_mode:
         type: enum
         options:
-          - local
-          - mount
-          - nfs
+        - local
+        - mount
+        - nfs
         default: local
         required: true
       volume_mount_path:
         type: str
         default: /mnt/storage
         needs:
-          - volume_mode=mount
+        - volume_mode=mount
         required: true
       volume_nfs_server:
         type: str
         default: 192.168.1.1
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
       volume_nfs_path:
         type: str
         default: /export
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
       volume_nfs_options:
         type: str
         default: rw,nolock,soft
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true

library/compose/portainer/template.yaml

@@ -1,13 +1,14 @@
----
 kind: compose
 metadata:
   icon:
     provider: selfh
     id: portainer
   name: Portainer
-  description: 'Portainer is a powerful and user-friendly management tool for Docker and Kubernetes environments.
+  description: 'Portainer is a powerful and user-friendly management tool for Docker
+    and Kubernetes environments.
 
-    It provides a simple web-based interface to manage containers, images, networks, and volumes,
+    It provides a simple web-based interface to manage containers, images, networks,
+    and volumes,
 
     making it easier to deploy and monitor applications.
 
@@ -22,9 +23,9 @@ metadata:
   author: Christian Lempa
   date: '2026-02-12'
   tags:
-    - traefik
-    - swarm
-    - volumes
+  - traefik
+  - swarm
+  - volumes
 schema: '1.2'
 spec:
   general:
@@ -36,10 +37,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
   ports:
@@ -69,6 +70,9 @@ spec:
         type: bool
         default: false
         description: Enable Traefik integration
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   traefik_tls:
     vars:
       traefik_tls_certresolver:
@@ -79,39 +83,43 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik
   volume:
     vars:
       volume_mode:
         type: enum
         options:
-          - local
-          - mount
-          - nfs
+        - local
+        - mount
+        - nfs
         default: local
         required: true
       volume_mount_path:
         type: str
         default: /mnt/storage
         needs:
-          - volume_mode=mount
+        - volume_mode=mount
         required: true
       volume_nfs_server:
         type: str
         default: 192.168.1.1
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
       volume_nfs_path:
         type: str
         default: /export
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
       volume_nfs_options:
         type: str
         default: rw,nolock,soft
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
   swarm:
     vars:
@@ -132,3 +140,6 @@ spec:
         type: int
         default: 1
         description: The number of replicas
+    toggle: swarm_enabled
+    title: Docker Swarm
+    description: Configure Docker Swarm mode deployment

library/compose/postgres/template.yaml

@@ -1,12 +1,12 @@
----
 kind: compose
 metadata:
   icon:
     provider: selfh
     id: postgresql
   name: PostgreSQL
-  description: 'PostgreSQL is a powerful, open source object-relational database system with over 30 years of active development
-    that has earned it a strong reputation for reliability, feature robustness, and performance.
+  description: 'PostgreSQL is a powerful, open source object-relational database system
+    with over 30 years of active development that has earned it a strong reputation
+    for reliability, feature robustness, and performance.
 
 
     Project: https://www.postgresql.org/
@@ -20,7 +20,7 @@ metadata:
   author: Christian Lempa
   date: '2026-02-13'
   tags:
-    - swarm
+  - swarm
   draft: true
 schema: '1.2'
 spec:
@@ -37,10 +37,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
   ports:
@@ -56,7 +56,8 @@ spec:
   network:
     vars:
       network_mode:
-        extra: 'Use ''host'' mode if you need to bind directly to port 5432. NOTE: Swarm only supports ''bridge'' mode!
+        extra: 'Use ''host'' mode if you need to bind directly to port 5432. NOTE:
+          Swarm only supports ''bridge'' mode!
 
           '
       network_name:
@@ -83,6 +84,9 @@ spec:
         type: str
         default: replicated
         description: The placement mode
+    toggle: swarm_enabled
+    title: Docker Swarm
+    description: Configure Docker Swarm mode deployment
   volume:
     vars:
       volume_mode:
@@ -90,9 +94,9 @@ spec:
         type: str
         default: local
         options:
-          - local
-          - mount
-          - nfs
+        - local
+        - mount
+        - nfs
       volume_mount_path:
         description: Path for bind mounts when volume_mode is 'mount'
         type: str

library/compose/prometheus/template.yaml

@@ -1,23 +1,24 @@
----
 kind: compose
 metadata:
   icon:
     provider: selfh
     id: prometheus
   name: Prometheus
-  description: 'Prometheus is an open-source systems monitoring and alerting toolkit originally built at SoundCloud.
+  description: 'Prometheus is an open-source systems monitoring and alerting toolkit
+    originally built at SoundCloud.
 
-    It is designed for reliability and scalability, making it suitable for monitoring dynamic cloud environments.
+    It is designed for reliability and scalability, making it suitable for monitoring
+    dynamic cloud environments.
 
-    Prometheus collects and stores metrics as time series data, providing powerful querying capabilities and integration with
-    various visualization tools.
+    Prometheus collects and stores metrics as time series data, providing powerful
+    querying capabilities and integration with various visualization tools.
 
     ##  Swarm Deployment Warning
 
     Prometheus uses local TSDB storage and does NOT support running multiple replicas.
 
-    This template enforces a single replica with node placement constraints. For true HA, consider remote storage solutions
-    (Thanos, Cortex, VictoriaMetrics).
+    This template enforces a single replica with node placement constraints. For true
+    HA, consider remote storage solutions (Thanos, Cortex, VictoriaMetrics).
 
 
     Project: https://prometheus.io/
@@ -33,15 +34,18 @@ metadata:
   author: Christian Lempa
   date: '2026-01-07'
   tags:
-    - traefik
-    - swarm
-    - authentik
-  next_steps: "{% if swarm_enabled -%}\n1. Deploy to Docker Swarm:\n   docker stack deploy -c compose.yaml {{ service_name\
-    \ }}\n2. Access Prometheus:\n   {%- if traefik_enabled %} https://{{ traefik_host }}\n   {%- else %} http://<swarm-node-ip>:{{\
-    \ ports_http }}{%- endif %}\n{% else -%}\n1. Start Prometheus with Docker Compose:\n   docker compose up -d\n2. Access\
-    \ Prometheus:\n   {%- if traefik_enabled %} https://{{ traefik_host }}\n   {%- else %} http://localhost:{{ ports_http\
-    \ }}{%- endif %}\n{% endif -%}\n3. Edit config/prometheus.yaml to add scrape targets\n4. Reload configuration: docker\
-    \ exec {{ container_name if not swarm_enabled else service_name }} kill -HUP 1\n"
+  - traefik
+  - swarm
+  - authentik
+  next_steps: "{% if swarm_enabled -%}\n1. Deploy to Docker Swarm:\n   docker stack\
+    \ deploy -c compose.yaml {{ service_name }}\n2. Access Prometheus:\n   {%- if\
+    \ traefik_enabled %} https://{{ traefik_host }}\n   {%- else %} http://<swarm-node-ip>:{{\
+    \ ports_http }}{%- endif %}\n{% else -%}\n1. Start Prometheus with Docker Compose:\n\
+    \   docker compose up -d\n2. Access Prometheus:\n   {%- if traefik_enabled %}\
+    \ https://{{ traefik_host }}\n   {%- else %} http://localhost:{{ ports_http }}{%-\
+    \ endif %}\n{% endif -%}\n3. Edit config/prometheus.yaml to add scrape targets\n\
+    4. Reload configuration: docker exec {{ container_name if not swarm_enabled else\
+    \ service_name }} kill -HUP 1\n"
 schema: '1.2'
 spec:
   general:
@@ -51,10 +55,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
   metrics:
@@ -75,7 +79,8 @@ spec:
         type: bool
         description: Enable remote write receiver (allows pushing metrics via /api/v1/write)
         default: false
-        extra: 'Caution: Intended for low-volume use cases only. Not efficient for general ingestion.'
+        extra: 'Caution: Intended for low-volume use cases only. Not efficient for
+          general ingestion.'
   ports:
     vars:
       ports_http:
@@ -96,6 +101,9 @@ spec:
         type: bool
         default: false
         description: Enable Traefik integration
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   traefik_tls:
     vars:
       traefik_tls_certresolver:
@@ -106,3 +114,7 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik

library/compose/renovate/template.yaml

@@ -96,7 +96,9 @@ spec:
         description: "External HTTP port for web interface"
         default: 8080
   traefik:
+    title: Traefik
     toggle: traefik_enabled
+    description: Configure Traefik reverse proxy integration
     vars:
       traefik_enabled:
         type: bool
@@ -109,12 +111,9 @@ spec:
         default: "home.arpa"
       traefik_entrypoint:
         default: "web"
-      traefik_tls_entrypoint:
         default: "websecure"
-      traefik_tls_enabled:
         type: bool
         default: true
-      traefik_tls_certresolver:
         default: "cloudflare"
   network:
     vars:

library/compose/semaphoreui/template.yaml

@@ -1,11 +1,11 @@
----
 kind: compose
 metadata:
   icon:
     provider: selfh
     id: semaphore-ui
   name: Semaphore UI
-  description: 'Modern UI for Ansible automation with task scheduling and web-based management.
+  description: 'Modern UI for Ansible automation with task scheduling and web-based
+    management.
 
     Semaphore provides a beautiful web interface to run Ansible playbooks, manage
 
@@ -15,9 +15,11 @@ metadata:
 
     ## Prerequisites
 
-    - :info: SemaphoreUI supports multiple database backends. You can choose between SQLite (default),
+    - :info: SemaphoreUI supports multiple database backends. You can choose between
+    SQLite (default),
 
-    PostgreSQL, or MySQL. SQLite is suitable for small deployments, while PostgreSQL and MySQL
+    PostgreSQL, or MySQL. SQLite is suitable for small deployments, while PostgreSQL
+    and MySQL
 
     are recommended for larger installations.
 
@@ -32,8 +34,8 @@ metadata:
   author: Christian Lempa
   date: '2026-02-15'
   tags:
-    - traefik
-    - database
+  - traefik
+  - database
   next_steps: 'Log in with your initial admin user:
 
     ```bash
@@ -54,10 +56,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
       secret_key:
@@ -110,6 +112,9 @@ spec:
         type: bool
         default: false
         description: Enable Traefik integration
+    toggle: traefik_enabled
+    title: Traefik
+    description: Configure Traefik reverse proxy integration
   traefik_tls:
     vars:
       traefik_tls_certresolver:
@@ -120,12 +125,16 @@ spec:
         type: bool
         default: false
         description: Enable Traefik TLS
+    toggle: traefik_tls_enabled
+    title: Traefik TLS
+    description: Configure Traefik TLS/SSL certificates
+    needs: traefik
   database:
     vars:
       database_type:
         options:
-          - postgres
-          - mysql
+        - postgres
+        - mysql
         default: mysql
       database_name:
         default: semaphore

library/compose/traefik/template.yaml

@@ -1,10 +1,11 @@
----
 kind: compose
 metadata:
   name: Traefik
-  description: 'Traefik is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy.
+  description: 'Traefik is a modern HTTP reverse proxy and load balancer that makes
+    deploying microservices easy.
 
-    This template sets up Traefik with automatic HTTPS using Let''s Encrypt and can be integrated with Authentik for SSO.
+    This template sets up Traefik with automatic HTTPS using Let''s Encrypt and can
+    be integrated with Authentik for SSO.
 
     ## References
 
@@ -17,16 +18,17 @@ metadata:
   author: Christian Lempa
   date: '2026-02-11'
   tags:
-    - swarm
-    - volume
+  - swarm
+  - volume
   icon:
     provider: simpleicons
     id: traefikproxy
   draft: false
-  next_steps: "Start the `{{ service_name }}` project\n{% if swarm_enabled %}\n1. Deploy Traefik to Docker Swarm:\n  `docker\
-    \ stack deploy -c compose.yaml {{ service_name }}`\n{% else %}\n1. Copy the project directory for `{{ service_name\
-    \ }}` to the host.\n2. Start Traefik with Docker Compose from the project directory:\n  `docker compose up -d`\n{% endif\
-    \ %}"
+  next_steps: "Start the `{{ service_name }}` project\n{% if swarm_enabled %}\n1.\
+    \ Deploy Traefik to Docker Swarm:\n  `docker stack deploy -c compose.yaml {{ service_name\
+    \ }}`\n{% else %}\n1. Copy the project directory for `{{ service_name }}` to the\
+    \ host.\n2. Start Traefik with Docker Compose from the project directory:\n  `docker\
+    \ compose up -d`\n{% endif %}"
 schema: '1.2'
 spec:
   general:
@@ -42,17 +44,17 @@ spec:
       container_loglevel:
         type: enum
         options:
-          - debug
-          - info
-          - warn
-          - error
+        - debug
+        - info
+        - warn
+        - error
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
   ports:
@@ -63,7 +65,7 @@ spec:
         default: 8080
         required: true
         needs:
-          - dashboard_enabled=true
+        - dashboard_enabled=true
         extra: Only used when dashboard is enabled
       ports_http:
         default: 80
@@ -98,6 +100,8 @@ spec:
         description: Use existing Docker network (external)
         type: bool
         default: false
+    toggle: dashboard_enabled
+    description: Configure Traefik features and settings
   traefik_tls:
     title: TLS Settings
     toggle: traefik_tls_enabled
@@ -110,131 +114,133 @@ spec:
         description: ACME DNS challenge provider
         type: str
         options:
-          - cloudflare
-          - porkbun
-          - godaddy
-          - digitalocean
-          - route53
-          - azure
-          - namecheap
+        - cloudflare
+        - porkbun
+        - godaddy
+        - digitalocean
+        - route53
+        - azure
+        - namecheap
         default: cloudflare
         required: true
         needs:
-          - traefik_tls_enabled=true
+        - traefik_tls_enabled=true
         extra: DNS provider for domain validation
       traefik_tls_acme_email:
         description: Email address for ACME
         type: str
         required: true
         needs:
-          - traefik_tls_enabled=true
+        - traefik_tls_enabled=true
       traefik_tls_acme_region:
         description: AWS Region
         type: str
         default: us-east-1
         required: true
         needs:
-          - traefik_tls_enabled=true
-          - traefik_tls_certresolver=route53
+        - traefik_tls_enabled=true
+        - traefik_tls_certresolver=route53
       traefik_tls_acme_resource_group:
         description: Azure Resource Group
         type: str
         required: true
         needs:
-          - traefik_tls_enabled=true
-          - traefik_tls_certresolver=azure
+        - traefik_tls_enabled=true
+        - traefik_tls_certresolver=azure
       traefik_tls_acme_secret_key:
         description: DNS provider secret key
         type: str
         sensitive: true
         required: true
         needs:
-          - traefik_tls_enabled=true
-          - traefik_tls_certresolver=azure,godaddy,porkbun,route53
-        extra: AZURE_CLIENT_SECRET, GODADDY_API_SECRET, PORKBUN_SECRET_API_KEY, or AWS_SECRET_ACCESS_KEY
+        - traefik_tls_enabled=true
+        - traefik_tls_certresolver=azure,godaddy,porkbun,route53
+        extra: AZURE_CLIENT_SECRET, GODADDY_API_SECRET, PORKBUN_SECRET_API_KEY, or
+          AWS_SECRET_ACCESS_KEY
       traefik_tls_acme_subscription_id:
         description: Azure Subscription ID
         type: str
         required: true
         needs:
-          - traefik_tls_enabled=true
-          - traefik_tls_certresolver=azure
+        - traefik_tls_enabled=true
+        - traefik_tls_certresolver=azure
       traefik_tls_acme_tenant_id:
         description: Azure Tenant ID
         type: str
         required: true
         needs:
-          - traefik_tls_enabled=true
-          - traefik_tls_certresolver=azure
+        - traefik_tls_enabled=true
+        - traefik_tls_certresolver=azure
       traefik_tls_acme_token:
         description: DNS provider API token
         type: str
         sensitive: true
         required: true
         needs:
-          - traefik_tls_enabled=true
-          - traefik_tls_certresolver=cloudflare,digitalocean,godaddy,namecheap,porkbun
-        extra: CF_DNS_API_TOKEN, DO_AUTH_TOKEN, GODADDY_API_KEY, NAMECHEAP_API_KEY, or PORKBUN_API_KEY
+        - traefik_tls_enabled=true
+        - traefik_tls_certresolver=cloudflare,digitalocean,godaddy,namecheap,porkbun
+        extra: CF_DNS_API_TOKEN, DO_AUTH_TOKEN, GODADDY_API_KEY, NAMECHEAP_API_KEY,
+          or PORKBUN_API_KEY
       traefik_tls_acme_username:
         description: Namecheap API username
         type: str
         required: true
         needs:
-          - traefik_tls_enabled=true
-          - traefik_tls_certresolver=namecheap
+        - traefik_tls_enabled=true
+        - traefik_tls_certresolver=namecheap
       traefik_tls_redirect:
         description: Redirect all HTTP traffic to HTTPS
         type: bool
         default: true
         needs:
-          - traefik_tls_enabled=true
+        - traefik_tls_enabled=true
       traefik_tls_secure_ciphers:
         description: Enable strict cipher suites (recommended)
         type: bool
         default: false
         needs:
-          - traefik_tls_enabled=true
+        - traefik_tls_enabled=true
         extra: Enforces modern, secure cipher suites
       traefik_tls_skipverify:
         description: Skip TLS verification for backend servers
         type: bool
         default: false
         needs:
-          - traefik_tls_enabled=true
+        - traefik_tls_enabled=true
         extra: 'WARNING: Only enable for self-signed certificates in trusted environments'
   volume:
     vars:
       volume_mode:
         type: enum
         options:
-          - local
-          - mount
-          - nfs
+        - local
+        - mount
+        - nfs
         default: local
         required: true
       volume_mount_path:
         type: str
         default: /mnt/storage
         needs:
-          - volume_mode=mount
+        - volume_mode=mount
         required: true
       volume_nfs_server:
         type: str
         default: 192.168.1.1
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
       volume_nfs_path:
         type: str
         default: /export
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
       volume_nfs_options:
         type: str
         default: rw,nolock,soft
         needs:
-          - volume_mode=nfs
+        - volume_mode=nfs
         required: true
   swarm:
     title: Docker Swarm
@@ -243,22 +249,22 @@ spec:
       swarm_placement_mode:
         type: enum
         options:
-          - replicated
-          - global
+        - replicated
+        - global
         default: replicated
         required: true
       swarm_replicas:
         type: int
         default: 1
         needs:
-          - swarm_placement_mode=replicated
+        - swarm_placement_mode=replicated
         required: true
       swarm_placement_host:
         type: str
         description: Target hostname for placement constraint
         default: ''
         needs:
-          - swarm_placement_mode=replicated
+        - swarm_placement_mode=replicated
         extra: Constrains service to run on specific node by hostname
       swarm_enabled:
         type: bool

library/compose/twingate-connector/template.yaml

@@ -1,14 +1,15 @@
----
 kind: compose
 metadata:
   icon:
     provider: selfh
     id: twingate
   name: Twingate_Connector
-  description: 'The Twingate Connector is a lightweight software component that establishes secure connections between your
-    private network and the Twingate service. It acts as a bridge, allowing authorized users to access internal resources
-    without exposing them directly to the internet. The Connector uses strong encryption and authentication mechanisms to
-    ensure that all data transmitted between users and resources remains confidential and secure.
+  description: 'The Twingate Connector is a lightweight software component that establishes
+    secure connections between your private network and the Twingate service. It acts
+    as a bridge, allowing authorized users to access internal resources without exposing
+    them directly to the internet. The Connector uses strong encryption and authentication
+    mechanisms to ensure that all data transmitted between users and resources remains
+    confidential and secure.
 
 
     Project: https://www.twingate.com/
@@ -22,7 +23,7 @@ metadata:
   author: Christian Lempa
   date: '2025-11-11'
   tags:
-    - swarm
+  - swarm
   draft: true
 schema: '1.2'
 spec:
@@ -39,10 +40,10 @@ spec:
       restart_policy:
         type: enum
         options:
-          - unless-stopped
-          - always
-          - on-failure
-          - 'no'
+        - unless-stopped
+        - always
+        - on-failure
+        - 'no'
         default: unless-stopped
         required: true
       twingate_version:
@@ -78,7 +79,7 @@ spec:
         type: str
         default: 0.25
         needs:
-          - swarm_enabled=true
+        - swarm_enabled=true
         required: true
       resources_memory_limit:
         type: str
@@ -88,6 +89,9 @@ spec:
         type: str
         default: 512M
         needs:
-          - swarm_enabled=true
+        - swarm_enabled=true
         required: true
-  swarm:
+    toggle: resources_enabled
+    title: Resource Limits
+    description: Configure container resource limits
+  swarm: null