Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- networks:
- t2_proxy:
- name: t2_proxy
- driver: bridge
- enable_ipv6: false
- ipam:
- driver: default
- config:
- - subnet: 172.28.0.0/24
- socket_proxy:
- name: socket_proxy
- driver: bridge
- ipam:
- config:
- - subnet: 172.28.1.0/24
- services:
- traefik:
- image: traefik:v2.2
- container_name: traefik
- hostname: traefik
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - CF_API_EMAIL=$CLOUDFLARE_EMAIL
- - CF_API_KEY=$CLOUDFLARE_API_KEY
- volumes:
- - $DOCKERDIR/traefik/rules:/rules
- - /var/run/docker.sock:/var/run/docker.sock
- - $DOCKERDIR/traefik/acme.json:/acme.json
- - $DOCKERDIR/traefik/traefik.log:/traefik.log
- - $DOCKERDIR/shared:/shared
- depends_on:
- - authelia
- command: # CLI arguments
- - --global.checkNewVersion=true
- - --global.sendAnonymousUsage=true
- - --entryPoints.http.address=:80
- - --entryPoints.https.address=:443
- # Allow these IPs to set the X-Forwarded-* headers - Cloudflare IPs: https://www.cloudflare.com/ips/
- - --entrypoints.https.forwardedHeaders.trustedIPs=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/12,172.64.0.0/13,131.0.72.0/22
- - --entryPoints.traefik.address=:8080
- - --api=true
- # - --api.insecure=true
- # - --serversTransport.insecureSkipVerify=true
- - --log=true
- - --log.level=DEBUG # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC
- - --accessLog=true
- - --accessLog.filePath=/traefik.log
- - --accessLog.bufferingSize=100 # Configuring a buffer of 100 lines
- - --accessLog.filters.statusCodes=400-499
- - --providers.docker=true
- - --providers.docker.endpoint=unix:///var/run/docker.sock
- - --providers.docker.defaultrule=Host(`{{ index .Labels "com.docker.compose.service" }}.$DOMAIN`)
- - --providers.docker.exposedByDefault=false
- - --providers.docker.network=t2_proxy
- - --providers.docker.swarmMode=false
- - --providers.file.directory=/rules # Load dynamic configuration from one or more .toml or .yml files in a directory.
- # - --providers.file.filename=${USERDIR}/docker/traefik/traefik_dynamic.toml # Load dynamic configuration from a file.
- - --providers.file.watch=true # Only works on top level files in the rules folder
- - --certificatesResolvers.dns-cloudflare.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server - uncomment when testing
- - --certificatesResolvers.dns-cloudflare.acme.email=$CLOUDFLARE_EMAIL
- - --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
- - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
- ports:
- - target: 80
- published: 80
- protocol: tcp
- mode: host
- - target: 443
- published: 443
- protocol: tcp
- mode: host
- # - target: 8080
- # published: 8080
- # protocol: tcp
- # mode: host
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.docker.network=t2_proxy"
- - "traefik.http.routers.http-catchall.entrypoints=http"
- - "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
- - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
- - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- - "traefik.http.routers.traefik-rtr.entrypoints=https"
- - "traefik.http.routers.traefik-rtr.rule=Host(`traefik.$DOMAIN`)"
- - "traefik.http.routers.traefik-rtr.tls=true"
- - "traefik.http.routers.traefik-rtr.tls.certresolver=dns-cloudflare" # Comment out this line after first run of traefik to force the use of wildcard certs
- - "traefik.http.routers.traefik-rtr.tls.domains[0].main=$DOMAIN"
- - "traefik.http.routers.traefik-rtr.tls.domains[0].sans=*.$DOMAIN"
- - "traefik.http.routers.traefik-rtr.middlewares=chain-authelia@docker"
- - "traefik.http.routers.traefik-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-basic-auth@file"
- # - "traefik.http.routers.traefik-rtr.middlewares=traefik-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
- - "traefik.http.middlewares.traefik-headers.headers.accesscontrolallowmethods=GET, OPTIONS, PUT"
- - "traefik.http.middlewares.traefik-headers.headers.accesscontrolalloworiginlist=https://$DOMAIN"
- - "traefik.http.middlewares.traefik-headers.headers.accesscontrolmaxage=100"
- - "traefik.http.middlewares.traefik-headers.headers.addvaryheader=true"
- - "traefik.http.middlewares.traefik-headers.headers.allowedhosts=traefik.$DOMAIN"
- - "traefik.http.middlewares.traefik-headers.headers.hostsproxyheaders=X-Forwarded-Host"
- - "traefik.http.middlewares.traefik-headers.headers.sslredirect=true"
- - "traefik.http.middlewares.traefik-headers.headers.sslhost=traefik.$DOMAIN"
- - "traefik.http.middlewares.traefik-headers.headers.sslforcehost=true"
- - "traefik.http.middlewares.traefik-headers.headers.sslproxyheaders.X-Forwarded-Proto=https"
- - "traefik.http.middlewares.traefik-headers.headers.stsseconds=63072000"
- - "traefik.http.middlewares.traefik-headers.headers.stsincludesubdomains=true"
- - "traefik.http.middlewares.traefik-headers.headers.stspreload=true"
- - "traefik.http.middlewares.traefik-headers.headers.forcestsheader=true"
- - "traefik.http.middlewares.traefik-headers.headers.framedeny=true"
- # - "traefik.http.middlewares.traefik-headers.headers.customframeoptionsvalue=SAMEORIGIN" # This option overrides FrameDeny
- - "traefik.http.middlewares.traefik-headers.headers.contenttypenosniff=true"
- - "traefik.http.middlewares.traefik-headers.headers.browserxssfilter=true"
- # - "traefik.http.middlewares.traefik-headers.headers.contentsecuritypolicy=frame-ancestors 'none'; object-src 'none'; base-uri 'none';"
- - "traefik.http.middlewares.traefik-headers.headers.referrerpolicy=same-origin"
- - "traefik.http.middlewares.traefik-headers.headers.featurepolicy=camera 'none'; geolocation 'none'; microphone 'none'; payment 'none'; usb 'none'; vr 'none';"
- - "traefik.http.middlewares.traefik-headers.headers.customresponseheaders.X-Robots-Tag=none,noarchive,nosnippet,notranslate,noimageindex,"
- network:
- - t2_proxy
- - socket_proxy
- security_opt:
- - no-new-privileges:true
- restart: always
- socket_proxy:
- image: tecnativa/docker-socket-proxy
- container_name: socket_proxy
- hostname: socket_proxy
- privileged: true
- ports:
- # - "127.0.0.1:2375:2375" # Port 2375 should only ever get exposed to the internal network. When possible use this line.
- # I use the next line instead, as I want portainer to manage multiple docker endpoints within my home network.
- - 2375:2375
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - LOG_LEVEL=info # debug,info,notice,warning,err,crit,alert,emerg
- ## Variables match the URL prefix (i.e. AUTH blocks access to /auth/* parts of the API, etc.).
- # 0 to revoke access.
- # 1 to grant access.
- ## Granted by Default
- - EVENTS=1
- - PING=1
- - VERSION=1
- ## Revoked by Default
- # Security critical
- - AUTH=0
- - SECRETS=0
- - POST=1 # Ouroboros
- # Not always needed
- - BUILD=0
- - COMMIT=0
- - CONFIGS=0
- - CONTAINERS=1 # Traefik, portainer, etc.
- - DISTRIBUTION=0
- - EXEC=0
- - IMAGES=1 # Portainer
- - INFO=1 # Portainer
- - NETWORKS=1 # Portainer
- - NODES=0
- - PLUGINS=0
- - SERVICES=1 # Portainer
- - SESSION=0
- - SWARM=0
- - SYSTEM=0
- - TASKS=1 # Portainer
- - VOLUMES=1 # Portainer
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- networks:
- - socket_proxy:
- - ipv4_address: 172.28.1.0 # You can specify a static IP
- restart: always
- authelia:
- image: authelia/authelia:latest
- container_name: authelia
- hostname: authelia
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/authelia:/config
- - $DOCKERDIR/authelia/data:/data
- - $DOCKERDIR/authelia/configuration.yml:/etc/authelia/configuration.yml:ro
- - $DOCKERDIR/authelia/users_database.yml:/etc/authelia/users_database.yml
- networks:
- - t2_proxy
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - 'traefik.enable=true'
- - 'traefik.http.routers.authelia.rule=Host(`login.wallace-home.org`)'
- - 'traefik.http.routers.authelia.entrypoints=websecure'
- - "traefik.http.routers.authelia.tls.certresolver=letsencryptresolver"
- - 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9081/api/verify?rd=https://login.wallace-home.org/'
- - 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true'
- - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups'
- expose:
- - 9081
- restart: unless-stopped
- db4:
- image: ghcr.io/linuxserver/mariadb
- container_name: mariadb4
- hostname: mariadb4
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
- - MYSQL_DATABASE="authelia"
- - MYSQL_USER=$MYSQL_USER
- - MYSQL_PASSWORD=$MYSQL_PASS
- - REMOTE_SQL="http://authelia.wallace-home.org/authelia.sql,https://authelia.wallace-home.org/authelia.sql"
- volumes:
- - $DOCKERDIR/mariadb/authelia:/config
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=false"
- ports:
- - 3309:3306
- networks:
- - t2_proxy
- restart: always
- dozzle:
- container_name: dozzle
- image: amir20/dozzle:latest
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock
- # ports:
- # - 9999:8080
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.dozzle-rtr.entrypoints=https"
- - "traefik.http.routers.dozzle-rtr.rule=Host(`dozzle.$DOMAIN`)"
- - "traefik.http.routers.dozzle-rtr.tls=true"
- - "traefik.http.routers.dozzle-rtr.service=dozzle-svc"
- - "traefik.http.services.dozzle-svc.loadbalancer.server.port=9999"
- - "traefik.http.routers.dozzle-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- uptime-kuma:
- image: louislam/uptime-kuma:1
- container_name: uptime-kuma
- hostname: uptime-kuma
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/uptime-kuma:/app/data
- #. ports:
- #. - 3001:3001
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.uptime-kuma-rtr.entrypoints=https"
- - "traefik.http.routers.uptime-kuma-rtr.rule=Host(`uptime-kuma.$DOMAIN`)"
- - "traefik.http.routers.uptime-kuma-rtr.tls=true"
- - "traefik.http.routers.uptime-kuma-rtr.service=uptime-kuma-svc"
- - "traefik.http.services.uptime-kuma-svc.loadbalancer.server.port=3001"
- - "traefik.http.routers.uptime-kuma-rtr.middlewares=chain-authelia@docker"
- networks:
- - t2_proxy
- restart: always
- transmission:
- image: haugene/transmission-openvpn
- cap_add:
- - NET_ADMIN
- devices:
- - /dev/net/tun
- #ports:
- # - 9091:9091
- # - 8888:8888
- dns:
- - 209.222.18.222
- - 209.222.18.218
- volumes:
- - /etc/localtime:/etc/localtime:ro
- - $DOCKERDIR/transmission:/data
- - $DOCKERDIR/transmission/canada.ovpn:/etc/openvpn/custom/default.ovpn:ro
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - UMASK=002
- - CREATE_TUN_DEVICE=TRUE
- - OPENVPN_PROVIDER=PIA
- - OPENVPN_CONFIG=switzerland,ca_toronto,ca_montreal,ca_vancouver,czech_republic,de_berlin,de_frankfurt,france,israel,romania,spain,sweden
- - OPENVPN_USERNAME=username
- - OPENVPN_PASSWORD=password
- - PIA_OPENVPN_CONFIG_BUNDLE=openvpn
- - OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60
- - LOCAL_NETWORK=192.168.7.76/24
- - TRANSMISSION_MAX_PEERS_GLOBAL=9999
- - TRANSMISSION_PEER_LIMIT_GLOBAL=9999
- - TRANSMISSION_PEER_LIMIT_PER_TORRENT=9999
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.transmission-rtr.entrypoints=https"
- - "traefik.http.routers.transmission-rtr.rule=Host(`transmission.$DOMAIN`)"
- - "traefik.http.routers.transmission-rtr.tls=true"
- - "traefik.http.routers.transmission-rtr.service=transmission-svc"
- - "traefik.http.services.transmission-svc.loadbalancer.server.port=9091"
- - "traefik.http.routers.transmission-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- organizr:
- image: organizr/organizr
- container_name: organizr
- hostname: organizr
- security_opt:
- - no-new-privileges:true
- # ports:
- # - "$ORGANIZR_PORT:80"
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/organizr:/config
- links:
- - db2
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.organizr-rtr.entrypoints=https"
- - "traefik.http.routers.organizr-rtr.rule=Host(`$DOMAIN`,`www.$DOMAIN`)"
- - "traefik.http.routers.organizr-rtr.tls=true"
- - "traefik.http.routers.organizr-rtr.middlewares=chain-oauth@file"
- - "traefik.http.routers.organizr-rtr.service=organizr-svc"
- - "traefik.http.services.organizr-svc.loadbalancer.server.port=80"
- networks:
- - t2_proxy
- depends_on:
- - db2
- restart: unless-stopped
- db2:
- image: ghcr.io/linuxserver/mariadb
- container_name: mariadb2
- hostname: mariadb2
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
- - MYSQL_DATABASE="organizr"
- - MYSQL_USER=$MYSQL_USER
- - MYSQL_PASSWORD=$MYSQL_PASS
- - REMOTE_SQL="http://organizr.wallace-home.org/organizr.sql,https://organizr.wallace-home.org/organizr.sql"
- volumes:
- - $DOCKERDIR/mariadb/organizr:/config
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=false"
- ports:
- - 3307:3306
- networks:
- - t2_proxy
- restart: always
- portainer:
- image: portainer/portainer
- container_name: portainer
- hostname: portainer
- command: -H unix:///var/run/docker.sock
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock
- - $DOCKERDIR/portainer:/config
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.portainer-rtr.entrypoints=https"
- - "traefik.http.routers.portsiner-rtr.rule=Host(`portainer.$DOMAIN`)"
- - "traefik.http.routers.portainer-rtr.tls=true"
- - "traefik.http.routers.portainer-rtr.service=portainer-svc"
- - "traefik.http.services.portainer-svc.loadbalancer.server.port=9000"
- - "traefik.http.routers.portainer-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- - socket_proxy
- restart: always
- sonarr:
- image: ghcr.io/linuxserver/sonarr
- container_name: sonarr
- hostname: sonarr
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/sonarr:/config
- - $TV:/data/TVShows
- - $Downloads:/data/Downloads
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.sonarr-rtr.entrypoints=https"
- - "traefik.http.routers.sonarr-rtr.rule=Host(`sonarr.$DOMAIN`)"
- - "traefik.http.routers.sonarr-rtr.tls=true"
- - "traefik.http.routers.sonarr-rtr.service=sonarr-svc"
- - "traefik.http.services.sonarr-svc.loadbalancer.server.port=8989"
- - "traefik.http.routers.sonarr-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- radarr:
- image: ghcr.io/linuxserver/radarr
- container_name: radarr
- hostname: radarr
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/radarr:/config
- - $Ani1:/data/Animated1
- - $Ani2:/data/Animated2
- - $Ani3:/data/Animated3
- - $Hor1:/data/Horror1
- - $Hor2:/data/Horror2
- - $Hor3:/data/Horror3
- - $Mov1:/data/Movies1
- - $Mov2:/data/Movies2
- - $Mov3:/data/Movies3
- - $TV:/data/TVShows
- - $Downloads:/data/Downloads
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.radarr-rtr.entrypoints=https"
- - "traefik.http.routers.radarr-rtr.rule=Host(`radarr.$DOMAIN`)"
- - "traefik.http.routers.radarr-rtr.tls=true"
- - "traefik.http.routers.radarr-rtr.service=radarr-svc"
- - "traefik.http.services.radarr-svc.loadbalancer.server.port=7878"
- - "traefik.http.routers.radarr-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- lidarr:
- image: ghcr.io/linuxserver/lidarr
- container_name: lidarr
- hostname: lidarr
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/lidarr:/config
- - $Music:/data/Music
- - $Downloads:/data/Downloads
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.lidarr-rtr.entrypoints=https"
- - "traefik.http.routers.lidarr-rtr.rule=Host(`lidarr.$DOMAIN`)"
- - "traefik.http.routers.lidarr-rtr.tls=true"
- - "traefik.http.routers.lidarr-rtr.service=lidarr-svc"
- - "traefik.http.services.lidarr-svc.loadbalancer.server.port=8686"
- - "traefik.http.routers.lidarr-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- deemix:
- image: registry.gitlab.com/bockiii/deemix-docker
- container_name: Deemix
- hostname: Deemix
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - ARL=1234567
- - UMASK_SET=022
- - DEEZUI=false
- volumes:
- - $Downloads:/data/Downloads
- - $DOCKERDIR/deemix:/config
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.deemix-rtr.entrypoints=https"
- - "traefik.http.routers.deemix-rtr.rule=Host(`deemix.$DOMAIN`)"
- - "traefik.http.routers.deemix-rtr.tls=true"
- - "traefik.http.routers.deemix-rtr.service=deemix-svc"
- - "traefik.http.services.deemix-svc.loadbalancer.server.port=6595"
- - "traefik.http.routers.deemix-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- bazarr:
- image: ghcr.io/linuxserver/bazarr
- container_name: bazarr
- hostname: bazarr
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/bazarr:/config
- - $Ani1:/data/Animated1
- - $Ani2:/data/Animated2
- - $Ani3:/data/Animated3
- - $Hor1:/data/Horror1
- - $Hor2:/data/Horror2
- - $Hor3:/data/Horror3
- - $Mov1:/data/Movies1
- - $Mov2:/data/Movies2
- - $Mov3:/data/Movies3
- - $TV:/data/TVShows
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.bazarr-rtr.entrypoints=https"
- - "traefik.http.routers.bazarr-rtr.rule=Host(`bazarr.$DOMAIN`)"
- - "traefik.http.routers.bazarr-rtr.tls=true"
- - "traefik.http.routers.bazarr-rtr.service=bazarr-svc"
- - "traefik.http.services.bazarr-svc.loadbalancer.server.port=6767"
- - "traefik.http.routers.bazarr-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- prowlarr:
- container_name: prowlarr
- image: linuxserver/prowlarr
- hostname: prowlarr
- env_file:
- - ./.env
- environment:
- - PUID=$PUID
- - PGID=$PGID
- - UMASK=002
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/prowlarr:/config
- # ports:
- # - 9696:9696
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.prowlarr-rtr.entrypoints=https"
- - "traefik.http.routers.prowlarr-rtr.rule=Host(`prowlarr.$DOMAIN`)"
- - "traefik.http.routers.prowlarr-rtr.tls=true"
- - "traefik.http.routers.prowlarr-rtr.middlewares=chain-oauth@file"
- - "traefik.http.routers.prowlarr-rtr.service=prowlarr-svc"
- - "traefik.http.services.prowlarr-svc.loadbalancer.server.port=9696"
- networks:
- - t2_proxy
- restart: unless-stopped
- jackett:
- image: ghcr.io/linuxserver/jackett
- container_name: jackett
- hostname: jackett
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - AUTO_UPDATE=true `#optional`
- volumes:
- - $DOCKERDIR/jackett:/config
- - $Downloads:/data/Downloads
- labels: - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.jackett-rtr.entrypoints=https"
- - "traefik.http.routers.jackett-rtr.rule=Host(`jackett.$DOMAIN`)"
- - "traefik.http.routers.jackett-rtr.tls=true"
- - "traefik.http.routers.jackett-rtr.service=jackett-svc"
- - "traefik.http.services.jackett-svc.loadbalancer.server.port=9117"
- - "traefik.http.routers.jackett-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- nzbhydra2:
- image: ghcr.io/linuxserver/nzbhydra2
- container_name: nzbhydra2
- hostname: nzbhydra2
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/nzbhydra2:/config
- - $Downloads:/data/Downloads
- labels: - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.nzbhydra2-rtr.entrypoints=https"
- - "traefik.http.routers.nzbhydra2-rtr.rule=Host(`nzbhydra2.$DOMAIN`)"
- - "traefik.http.routers.nzbhydra2-rtr.tls=true"
- - "traefik.http.routers.nzbhydra2-rtr.service=nzbhydra2-svc"
- - "traefik.http.services.nzbhydra2-svc.loadbalancer.server.port=5076"
- - "traefik.http.routers.nzbhydra2-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- overseerr:
- image: sctx/overseerr
- container_name: overseerr
- hostname: overseerr
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - LOG_LEVEL=info
- volumes:
- - $DOCKERDIR/overseerr:/config
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.overseerr-rtr.entrypoints=https"
- - "traefik.http.routers.overseerr-rtr.rule=Host(`overseerr.$DOMAIN`)"
- - "traefik.http.routers.overseerr-rtr.tls=true"
- - "traefik.http.routers.overseerr-rtr.service=overseerr-svc"
- - "traefik.http.services.overseerr-svc.loadbalancer.server.port=5055"
- - "traefik.http.routers.overseerr-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- tautulli:
- image: ghcr.io/linuxserver/tautulli
- container_name: tautulli
- hostname: tautulli
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/tautulli:/config
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.tautulli-rtr.entrypoints=https"
- - "traefik.http.routers.tautulli-rtr.rule=Host(`tautulli.$DOMAIN`)"
- - "traefik.http.routers.tautulli-rtr.tls=true"
- - "traefik.http.routers.tautulli-rtr.service=radarr-svc"
- - "traefik.http.services.tautulli-svc.loadbalancer.server.port=8181"
- - "traefik.http.routers.tautulli-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- gaps:
- image: housewrecker/gaps:latest
- container_name: gaps
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- ports:
- - 8484:8484
- volumes:
- - $DOCKERDIR/gaps:/config
- - $Ani1:/data/Animated1
- - $Ani2:/data/Animated2
- - $Ani3:/data/Animated3
- - $Hor1:/data/Horror1
- - $Hor2:/data/Horror2
- - $Hor3:/data/Horror3
- - $Mov1:/data/Movies1
- - $Mov2:/data/Movies2
- - $Mov3:/data/Movies3
- networks:
- - t2_proxy
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=false"
- restart: always
- plex:
- image: ghcr.io/linuxserver/plex
- container_name: plex
- hostname: plex
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - VERSION=docker
- ports:
- - 32400:32400
- - 3005:3005/tcp
- - 8324:8324/tcp
- - 32469:32469/tcp
- - 1900:1900/udp
- - 32410:32410/udp
- - 32412:32412/udp
- - 32413:32413/udp
- - 32414:32414/udp
- volumes:
- - $DOCKERDIR/plex:/config
- - $Transcode:/transcode
- - $Ani1:/data/Animated1
- - $Ani2:/data/Animated2
- - $Ani3:/data/Animated3
- - $Hor1:/data/Horror2
- - $Hor2:/data/Horror2
- - $Hor3:/data/Horror3
- - $Mov1:/data/Movies1
- - $Mov2:/data/Movies2
- - $Mov3:/data/Movies3
- - $TV:/data/TVShows
- - $Music:/data/Music
- - $Audio:/data/Audiobooks
- - $Photos:/data/Photos
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.plex-rtr.entrypoints=https"
- - "traefik.http.routers.plex-rtr.rule=Host(`plex.$DOMAIN`)"
- - "traefik.http.routers.plex-rtr.tls=true"
- - "traefik.http.routers.plex-rtr.service=plex-svc"
- - "traefik.http.services.plex-svc.loadbalancer.server.port=32400"
- - "traefik.http.routers.plex-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- jellyfin:
- image: ghcr.io/linuxserver/jellyfin
- container_name: jellyfin
- hostname: jellyfin
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - JELLYFIN_PublishedServerUrl=192.168.7.76 `#optional`
- volumes:
- - $DOCKERDIR/jellyfin:/config
- - $Ani1:/data/Animated1
- - $Ani2:/data/Animated2
- - $Ani3:/data/Animated3
- - $Hor1:/data/Horror1
- - $Hor2:/data/Horror2
- - $Hor3:/data/Horror3
- - $Mov1:/data/Movies1
- - $Mov2:/data/Movies2
- - $Mov3:/data/Movies3
- - $TV:/data/TVShows
- - $Music:/data/Music
- - $Audio:/data/Audiobooks
- - $Photos:/data/Photos
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.jellyfin-rtr.entrypoints=https"
- - "traefik.http.routers.jellyfin-rtr.rule=Host(`jellyfin.$DOMAIN`)"
- - "traefik.http.routers.jellyfin-rtr.tls=true"
- - "traefik.http.routers.jellyfin-rtr.service=jellyfin-svc"
- - "traefik.http.services.jellyfin-svc.loadbalancer.server.port=8096"
- - "traefik.http.routers.jellyfin-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- unmanic:
- image: josh5/unmanic:latest
- container_name: unmanic
- hostname: unmanic
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/unmanic:/config
- - $TV:/Library
- - $Transcode:/tmp/unmanic
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.unmanic-rtr.entrypoints=https"
- - "traefik.http.routers.unmanic-rtr.rule=Host(`unmanic.$DOMAIN`)"
- - "traefik.http.routers.unmanic-rtr.tls=true"
- - "traefik.http.routers.unmanic-rtr.service=unmanic-svc"
- - "traefik.http.services.unmanic-svc.loadbalancer.server.port=8888"
- - "traefik.http.routers.unmanic-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- tdarr:
- image: haveagitgat/tdarr:latest
- container_name: tdarr
- hostname: tdarr
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - UMASK_SET=002
- - serverIP=0.0.0.0
- - serverPort=8266
- - webUIPort=8265
- volumes:
- - $DOCKERDIR/tdarr/server:/app/server
- - $DOCKERDIR/tdarr/configs:/app/configs
- - $DOCKERDIR/tdarr/logs:/app/logs
- - $Transcode:/home/Tdarr/cache
- - $Ani1:/home/Tdarr/media/Animated1
- - $Ani2:/home/Tdarr/media/Animated2
- - $Ani3:/home/Tdarr/media/Animated3
- - $Hor1:/home/Tdarr/media/Horror1
- - $Hor2:/home/Tdarr/media/Horror2
- - $Hor3:/home/Tdarr/media/Horror3
- - $Mov1:/home/Tdarr/media/Movies1
- - $Mov2:/home/Tdarr/media/Movies2
- - $Mov3:/home/Tdarr/media/Movies3
- - $TV:/home/Tdarr/media/TVShows
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.tdarr-rtr.entrypoints=https"
- - "traefik.http.routers.tdarr-rtr.rule=Host(`tdarr.$DOMAIN`)"
- - "traefik.http.routers.tdarr-rtr.tls=true"
- - "traefik.http.routers.tdarr-rtr.service=tdarr-svc"
- - "traefik.http.services.tdarr-svc.loadbalancer.server.port=8266"
- - "traefik.http.routers.tdarr-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- ports:
- - 8265:8265 # webUI port
- - 8266:8266 # server port
- - 8267:8267 # node port. It should be mapped on this container because
- # the node container use the network from the main container
- restart: always
- tdarr-node:
- image: haveagitgat/tdarr_node:latest
- container_name: tdarr-node
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - UMASK_SET=002
- - nodeID=MainNode
- - nodeIP=0.0.0.0
- - nodePort=8267
- - serverIP=0.0.0.0
- - serverPort=8266
- volumes:
- - $DOCKERDIR/tdarr/configs:/app/configs
- - $DOCKERDIR/tdarr/logs:/app/logs
- - $Transcode:/home/Tdarr/cache
- - $Ani1:/home/Tdarr/media/Animated1
- - $Ani2:/home/Tdarr/media/Animated2
- - $Ani3:/home/Tdarr/media/Animated3
- - $Hor1:/home/Tdarr/media/Horror1
- - $Hor2:/home/Tdarr/media/Horror2
- - $Hor3:/home/Tdarr/media/Horror3
- - $Mov1:/home/Tdarr/media/Movies1
- - $Mov2:/home/Tdarr/media/Movies2
- - $Mov3:/home/Tdarr/media/Movies3
- - $TV:/home/Tdarr/media/TVShows
- ports:
- - 8267:8267
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=false"
- network_mode: "service:tdarr"
- restart: always
- mediamonkey:
- image: zalaare/zizzy.mediamonkey-server
- container_name: mediamonkey
- hostname: mediamonkey
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/mediamonkey/config:/config
- - $Music:/data/Music
- - $Downloads:/data/Downloads
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.mediamonkey-rtr.entrypoints=https"
- - "traefik.http.routers.mediamonkey-rtr.rule=Host(`mediamonkey.$DOMAIN`)"
- - "traefik.http.routers.mediamonkey-rtr.tls=true"
- - "traefik.http.routers.mediamonkey-rtr.service=mediamonkey-svc"
- - "traefik.http.services.mediamonkey-svc.loadbalancer.server.port=8383"
- - "traefik.http.routers.mediamonkey-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- filebot:
- image: jlesage/filebot
- container_name: filebot
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/FileBot:/config
- - $Downloads:/storage
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=false"
- networks:
- - t2_proxy
- restart: always
- tinymediamanager:
- image: romancin/tinymediamanager
- container_name: tmm
- hostname: tmm
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/tinymediamanager/config:/config
- - $Ani1:/data/Animated1
- - $Ani2:/data/Animated2
- - $Ani3:/data/Animated3
- - $Hor1:/data/Horror1
- - $Hor2:/data/Horror2
- - $Hor3:/data/Horror3
- - $Mov1:/data/Movies1
- - $Mov2:/data/Movies2
- - $Mov3:/data/Movies3
- - $TV:/data/TVShows
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.tmm-rtr.entrypoints=https"
- - "traefik.http.routers.tmm-rtr.rule=Host(`tmm.$DOMAIN`)"
- - "traefik.http.routers.tmm-rtr.tls=true"
- - "traefik.http.routers.tmm-rtr.service=tmm-svc"
- - "traefik.http.services.tmm-svc.loadbalancer.server.port=5801"
- - "traefik.http.routers.tmm-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- picard:
- image: mikenye/picard:latest
- container_name: picard
- hostname: picard
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - UMASK=022
- - DISPLAY_WIDTH=1600
- - DISPLAY_HEIGHT=1024
- volumes:
- - $DOCKERDIR/picard:/config:rw
- - $Music:/storage:rw
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.picard-rtr.entrypoints=https"
- - "traefik.http.routers.picard-rtr.rule=Host(`picard.$DOMAIN`)"
- - "traefik.http.routers.picard-rtr.tls=true"
- - "traefik.http.routers.picard-rtr.service=picard-svc"
- - "traefik.http.services.picard-svc.loadbalancer.server.port=5810"
- - "traefik.http.routers.picard-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- restart: always
- mkvtoolnix:
- image: jlesage/mkvtoolnix
- container_name: mkvtoolnix
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- ports:
- - 5850:5850
- volumes:
- - $DOCKERDIR/mkvtoolnix:/config:rw
- - $Files:/storage:rw
- networks:
- - t2_proxy
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=false"
- restart: always
- watchtower:
- image: containrrr/watchtower
- container_name: watchtower
- command: --label-enable --cleanup --interval 300
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=false"
- network_mode: none
- restart: always
- autoheal:
- image: willfarrell/autoheal
- container_name: autoheal
- hostname: autoheal
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - AUTOHEAL_CONTAINER_LABEL=all
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock
- labels:
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=false"
- restart: always
- nextcloud:
- image: ghcr.io/linuxserver/nextcloud
- container_name: nextcloud
- hostname: nextcloud
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/nextcloud/config:/config
- - $Photos:/data/Photos
- links:
- - db
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=true"
- - "traefik.network=t2_proxy"
- - "traefik.http.routers.nextcloud-rtr.entrypoints=https"
- - "traefik.http.routers.nextcloud-rtr.rule=Host(`nextcloud.$DOMAIN`)"
- - "traefik.http.routers.nextcloud-rtr.tls=true"
- - "traefik.tcp.routers.nextcloud-tcp.tls.passthrough=true"
- - "traefik.http.routers.nextcloud-rtr.service=nextcloud-svc"
- - "traefik.http.services.nextcloud-svc.loadbalancer.server.port=443"
- - "traefik.http.routers.nextcloud-rtr.middlewares=chain-oauth@file"
- networks:
- - t2_proxy
- depends_on:
- - db
- restart: always
- db:
- image: ghcr.io/linuxserver/mariadb
- container_name: mariadb
- hostname: mariadb
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
- - MYSQL_DATABASE="nextcloud"
- - MYSQL_USER=$MYSQL_USER
- - MYSQL_PASSWORD=$MYSQL_PASS
- - REMOTE_SQL="http://nextcloud.wallace-home.org/nextcloud.sql,https://nextcloud.wallace-home.org/nextcloud.sql"
- volumes:
- - $DOCKERDIR/mariadb/nextcloud:/config
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=false"
- ports:
- - 3306:3306
- networks:
- - t2_proxy
- restart: always
- av:
- image: mkodockx/docker-clamav:alpine
- container_name: av
- hostname: av
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- volumes:
- - $DOCKERDIR/clam:/var/lib/clamav
- networks:
- - t2_proxy
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=false"
- restart: always
- vaultwarden:
- image: vaultwarden/server:latest
- container_name: vaultwarden
- hostname: vaultwarden
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - WEBSOCKET_ENABLED=true # Enable WebSocket notifications.
- volumes:
- - $DOCKERDIR/vw-data:/data/vw-data
- links:
- - db3
- depends_on:
- - db3
- networks:
- - t2_proxy
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=false"
- restart: always
- db3:
- image: ghcr.io/linuxserver/mariadb
- container_name: mariadb3
- hostname: mariadb3
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
- - MYSQL_DATABASE="vaultwarden"
- - MYSQL_USER=$MYSQL_USER
- - MYSQL_PASSWORD=$MYSQL_PASS
- - REMOTE_SQL="http://192.168.7.76:3308/vaultwarden.sql,https://192.168.7.76:3308/vaultwarden.sql"
- volumes:
- - $DOCKERDIR/mariadb/vaultwarden:/config
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=false"
- ports:
- - 3308:3306
- networks:
- - t2_proxy
- restart: always
- cf-companion:
- image: tiredofit/traefik-cloudflare-companion:latest
- container_name: cf-companion
- hostname: cf-companion
- security_opt:
- - no-new-privileges:true
- #depends_on:
- # - socket-proxy
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- - TRAEFIK_VERSION=2
- #- CF_EMAIL=$CLOUDFLARE_EMAIL
- - CF_TOKEN=$CLOUDFLARE_API_TOKEN
- - TARGET_DOMAIN=$DOMAIN
- - DOMAIN1=$DOMAIN
- - DOMAIN1_ZONE_ID=$CLOUDFLARE_ZONEID # Copy from Cloudflare Overview page
- - DOMAIN1_PROXIED=TRUE
- - DOCKER_HOST=tcp://socket-proxy:2375
- labels:
- - "autoheal=true"
- # Add hosts specified in rules here to force cf-companion to create the CNAMEs
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=false"
- networks:
- - socket_proxy
- - t2_proxy
- restart: always
- certdumper:
- container_name: traefik_certdumper
- image: humenius/traefik-certs-dumper:latest
- network_mode: none
- env_file:
- - ./.env
- environment:
- - PGID=$PGID
- - PUID=$PUID
- - TZ=$TZ
- security_opt:
- - no-new-privileges:true
- # command: --restart-containers container1,container2,container3
- volumes:
- - $DOCKERDIR/traefik2/acme:/traefik:ro
- - $DOCKERDIR/shared/certs:/output:rw
- # - /var/run/docker.sock:/var/run/docker.sock:ro # Only needed if restarting containers (use Docker Socket Proxy instead)
- labels:
- - "autoheal=true"
- - "com.centurylinklabs.watchtower.enable=true"
- - "traefik.enable=false"
- restart: always
- volumes:
- - $DOCKERDIR/mariadb/organizr
- - $DOCKERDIR/mariadb/nextcloud
- - $DOCKERDIR/mariadb/vaultwarden
Add Comment
Please, Sign In to add comment