API tools faq
paste
gw17252009

Docker-compose.yml

gw17252009
Sep 17th, 2021
177
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 43.17 KB | None | 0 0
raw download clone embed print report
  1. networks:
  2. t2_proxy:
  3. name: t2_proxy
  4. driver: bridge
  5. enable_ipv6: false
  6. ipam:
  7. driver: default
  8. config:
  9. - subnet: 172.28.0.0/24
  10. socket_proxy:
  11. name: socket_proxy
  12. driver: bridge
  13. ipam:
  14. config:
  15. - subnet: 172.28.1.0/24
  16.  
  17. services:
  18. traefik:
  19. image: traefik:v2.2
  20. container_name: traefik
  21. hostname: traefik
  22. env_file:
  23. - ./.env
  24. environment:
  25. - PGID=$PGID
  26. - PUID=$PUID
  27. - TZ=$TZ
  28. - CF_API_EMAIL=$CLOUDFLARE_EMAIL
  29. - CF_API_KEY=$CLOUDFLARE_API_KEY
  30. volumes:
  31. - $DOCKERDIR/traefik/rules:/rules
  32. - /var/run/docker.sock:/var/run/docker.sock
  33. - $DOCKERDIR/traefik/acme.json:/acme.json
  34. - $DOCKERDIR/traefik/traefik.log:/traefik.log
  35. - $DOCKERDIR/shared:/shared
  36. depends_on:
  37. - authelia
  38. command: # CLI arguments
  39. - --global.checkNewVersion=true
  40. - --global.sendAnonymousUsage=true
  41. - --entryPoints.http.address=:80
  42. - --entryPoints.https.address=:443
  43. # Allow these IPs to set the X-Forwarded-* headers - Cloudflare IPs: https://www.cloudflare.com/ips/
  44. - --entrypoints.https.forwardedHeaders.trustedIPs=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/12,172.64.0.0/13,131.0.72.0/22
  45. - --entryPoints.traefik.address=:8080
  46. - --api=true
  47. # - --api.insecure=true
  48. # - --serversTransport.insecureSkipVerify=true
  49. - --log=true
  50. - --log.level=DEBUG # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC
  51. - --accessLog=true
  52. - --accessLog.filePath=/traefik.log
  53. - --accessLog.bufferingSize=100 # Configuring a buffer of 100 lines
  54. - --accessLog.filters.statusCodes=400-499
  55. - --providers.docker=true
  56. - --providers.docker.endpoint=unix:///var/run/docker.sock
  57. - --providers.docker.defaultrule=Host(`{{ index .Labels "com.docker.compose.service" }}.$DOMAIN`)
  58. - --providers.docker.exposedByDefault=false
  59. - --providers.docker.network=t2_proxy
  60. - --providers.docker.swarmMode=false
  61. - --providers.file.directory=/rules # Load dynamic configuration from one or more .toml or .yml files in a directory.
  62. # - --providers.file.filename=${USERDIR}/docker/traefik/traefik_dynamic.toml # Load dynamic configuration from a file.
  63. - --providers.file.watch=true # Only works on top level files in the rules folder
  64. - --certificatesResolvers.dns-cloudflare.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server - uncomment when testing
  65. - --certificatesResolvers.dns-cloudflare.acme.email=$CLOUDFLARE_EMAIL
  66. - --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
  67. - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
  68. ports:
  69. - target: 80
  70. published: 80
  71. protocol: tcp
  72. mode: host
  73. - target: 443
  74. published: 443
  75. protocol: tcp
  76. mode: host
  77. # - target: 8080
  78. # published: 8080
  79. # protocol: tcp
  80. # mode: host
  81. labels:
  82. - "autoheal=true"
  83. - "com.centurylinklabs.watchtower.enable=true"
  84. - "traefik.docker.network=t2_proxy"
  85. - "traefik.http.routers.http-catchall.entrypoints=http"
  86. - "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
  87. - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
  88. - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
  89. - "traefik.http.routers.traefik-rtr.entrypoints=https"
  90. - "traefik.http.routers.traefik-rtr.rule=Host(`traefik.$DOMAIN`)"
  91. - "traefik.http.routers.traefik-rtr.tls=true"
  92. - "traefik.http.routers.traefik-rtr.tls.certresolver=dns-cloudflare" # Comment out this line after first run of traefik to force the use of wildcard certs
  93. - "traefik.http.routers.traefik-rtr.tls.domains[0].main=$DOMAIN"
  94. - "traefik.http.routers.traefik-rtr.tls.domains[0].sans=*.$DOMAIN"
  95. - "traefik.http.routers.traefik-rtr.middlewares=chain-authelia@docker"
  96. - "traefik.http.routers.traefik-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-basic-auth@file"
  97. # - "traefik.http.routers.traefik-rtr.middlewares=traefik-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
  98. - "traefik.http.middlewares.traefik-headers.headers.accesscontrolallowmethods=GET, OPTIONS, PUT"
  99. - "traefik.http.middlewares.traefik-headers.headers.accesscontrolalloworiginlist=https://$DOMAIN"
  100. - "traefik.http.middlewares.traefik-headers.headers.accesscontrolmaxage=100"
  101. - "traefik.http.middlewares.traefik-headers.headers.addvaryheader=true"
  102. - "traefik.http.middlewares.traefik-headers.headers.allowedhosts=traefik.$DOMAIN"
  103. - "traefik.http.middlewares.traefik-headers.headers.hostsproxyheaders=X-Forwarded-Host"
  104. - "traefik.http.middlewares.traefik-headers.headers.sslredirect=true"
  105. - "traefik.http.middlewares.traefik-headers.headers.sslhost=traefik.$DOMAIN"
  106. - "traefik.http.middlewares.traefik-headers.headers.sslforcehost=true"
  107. - "traefik.http.middlewares.traefik-headers.headers.sslproxyheaders.X-Forwarded-Proto=https"
  108. - "traefik.http.middlewares.traefik-headers.headers.stsseconds=63072000"
  109. - "traefik.http.middlewares.traefik-headers.headers.stsincludesubdomains=true"
  110. - "traefik.http.middlewares.traefik-headers.headers.stspreload=true"
  111. - "traefik.http.middlewares.traefik-headers.headers.forcestsheader=true"
  112. - "traefik.http.middlewares.traefik-headers.headers.framedeny=true"
  113. # - "traefik.http.middlewares.traefik-headers.headers.customframeoptionsvalue=SAMEORIGIN" # This option overrides FrameDeny
  114. - "traefik.http.middlewares.traefik-headers.headers.contenttypenosniff=true"
  115. - "traefik.http.middlewares.traefik-headers.headers.browserxssfilter=true"
  116. # - "traefik.http.middlewares.traefik-headers.headers.contentsecuritypolicy=frame-ancestors 'none'; object-src 'none'; base-uri 'none';"
  117. - "traefik.http.middlewares.traefik-headers.headers.referrerpolicy=same-origin"
  118. - "traefik.http.middlewares.traefik-headers.headers.featurepolicy=camera 'none'; geolocation 'none'; microphone 'none'; payment 'none'; usb 'none'; vr 'none';"
  119. - "traefik.http.middlewares.traefik-headers.headers.customresponseheaders.X-Robots-Tag=none,noarchive,nosnippet,notranslate,noimageindex,"
  120. network:
  121. - t2_proxy
  122. - socket_proxy
  123. security_opt:
  124. - no-new-privileges:true
  125. restart: always
  126.  
  127. socket_proxy:
  128. image: tecnativa/docker-socket-proxy
  129. container_name: socket_proxy
  130. hostname: socket_proxy
  131. privileged: true
  132. ports:
  133. # - "127.0.0.1:2375:2375" # Port 2375 should only ever get exposed to the internal network. When possible use this line.
  134. # I use the next line instead, as I want portainer to manage multiple docker endpoints within my home network.
  135. - 2375:2375
  136. env_file:
  137. - ./.env
  138. environment:
  139. - PGID=$PGID
  140. - PUID=$PUID
  141. - TZ=$TZ
  142. - LOG_LEVEL=info # debug,info,notice,warning,err,crit,alert,emerg
  143. ## Variables match the URL prefix (i.e. AUTH blocks access to /auth/* parts of the API, etc.).
  144. # 0 to revoke access.
  145. # 1 to grant access.
  146. ## Granted by Default
  147. - EVENTS=1
  148. - PING=1
  149. - VERSION=1
  150. ## Revoked by Default
  151. # Security critical
  152. - AUTH=0
  153. - SECRETS=0
  154. - POST=1 # Ouroboros
  155. # Not always needed
  156. - BUILD=0
  157. - COMMIT=0
  158. - CONFIGS=0
  159. - CONTAINERS=1 # Traefik, portainer, etc.
  160. - DISTRIBUTION=0
  161. - EXEC=0
  162. - IMAGES=1 # Portainer
  163. - INFO=1 # Portainer
  164. - NETWORKS=1 # Portainer
  165. - NODES=0
  166. - PLUGINS=0
  167. - SERVICES=1 # Portainer
  168. - SESSION=0
  169. - SWARM=0
  170. - SYSTEM=0
  171. - TASKS=1 # Portainer
  172. - VOLUMES=1 # Portainer
  173. volumes:
  174. - /var/run/docker.sock:/var/run/docker.sock
  175. labels:
  176. - "autoheal=true"
  177. - "com.centurylinklabs.watchtower.enable=true"
  178. networks:
  179. - socket_proxy:
  180. - ipv4_address: 172.28.1.0 # You can specify a static IP
  181. restart: always
  182.  
  183. authelia:
  184. image: authelia/authelia:latest
  185. container_name: authelia
  186. hostname: authelia
  187. env_file:
  188. - ./.env
  189. environment:
  190. - PGID=$PGID
  191. - PUID=$PUID
  192. - TZ=$TZ
  193. volumes:
  194. - $DOCKERDIR/authelia:/config
  195. - $DOCKERDIR/authelia/data:/data
  196. - $DOCKERDIR/authelia/configuration.yml:/etc/authelia/configuration.yml:ro
  197. - $DOCKERDIR/authelia/users_database.yml:/etc/authelia/users_database.yml
  198. networks:
  199. - t2_proxy
  200. labels:
  201. - "autoheal=true"
  202. - "com.centurylinklabs.watchtower.enable=true"
  203. - 'traefik.enable=true'
  204. - 'traefik.http.routers.authelia.rule=Host(`login.wallace-home.org`)'
  205. - 'traefik.http.routers.authelia.entrypoints=websecure'
  206. - "traefik.http.routers.authelia.tls.certresolver=letsencryptresolver"
  207. - 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9081/api/verify?rd=https://login.wallace-home.org/'
  208. - 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true'
  209. - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups'
  210. expose:
  211. - 9081
  212. restart: unless-stopped
  213.  
  214. db4:
  215. image: ghcr.io/linuxserver/mariadb
  216. container_name: mariadb4
  217. hostname: mariadb4
  218. env_file:
  219. - ./.env
  220. environment:
  221. - PGID=$PGID
  222. - PUID=$PUID
  223. - TZ=$TZ
  224. - MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
  225. - MYSQL_DATABASE="authelia"
  226. - MYSQL_USER=$MYSQL_USER
  227. - MYSQL_PASSWORD=$MYSQL_PASS
  228. - REMOTE_SQL="http://authelia.wallace-home.org/authelia.sql,https://authelia.wallace-home.org/authelia.sql"
  229. volumes:
  230. - $DOCKERDIR/mariadb/authelia:/config
  231. labels:
  232. - "autoheal=true"
  233. - "com.centurylinklabs.watchtower.enable=true"
  234. - "traefik.enable=false"
  235. ports:
  236. - 3309:3306
  237. networks:
  238. - t2_proxy
  239. restart: always
  240.  
  241. dozzle:
  242. container_name: dozzle
  243. image: amir20/dozzle:latest
  244. volumes:
  245. - /var/run/docker.sock:/var/run/docker.sock
  246. # ports:
  247. # - 9999:8080
  248. labels:
  249. - "autoheal=true"
  250. - "com.centurylinklabs.watchtower.enable=true"
  251. - "traefik.enable=true"
  252. - "traefik.network=t2_proxy"
  253. - "traefik.http.routers.dozzle-rtr.entrypoints=https"
  254. - "traefik.http.routers.dozzle-rtr.rule=Host(`dozzle.$DOMAIN`)"
  255. - "traefik.http.routers.dozzle-rtr.tls=true"
  256. - "traefik.http.routers.dozzle-rtr.service=dozzle-svc"
  257. - "traefik.http.services.dozzle-svc.loadbalancer.server.port=9999"
  258. - "traefik.http.routers.dozzle-rtr.middlewares=chain-oauth@file"
  259. networks:
  260. - t2_proxy
  261. restart: always
  262.  
  263. uptime-kuma:
  264. image: louislam/uptime-kuma:1
  265. container_name: uptime-kuma
  266. hostname: uptime-kuma
  267. env_file:
  268. - ./.env
  269. environment:
  270. - PGID=$PGID
  271. - PUID=$PUID
  272. - TZ=$TZ
  273. volumes:
  274. - $DOCKERDIR/uptime-kuma:/app/data
  275. #. ports:
  276. #. - 3001:3001
  277. labels:
  278. - "autoheal=true"
  279. - "com.centurylinklabs.watchtower.enable=true"
  280. - "traefik.enable=true"
  281. - "traefik.network=t2_proxy"
  282. - "traefik.http.routers.uptime-kuma-rtr.entrypoints=https"
  283. - "traefik.http.routers.uptime-kuma-rtr.rule=Host(`uptime-kuma.$DOMAIN`)"
  284. - "traefik.http.routers.uptime-kuma-rtr.tls=true"
  285. - "traefik.http.routers.uptime-kuma-rtr.service=uptime-kuma-svc"
  286. - "traefik.http.services.uptime-kuma-svc.loadbalancer.server.port=3001"
  287. - "traefik.http.routers.uptime-kuma-rtr.middlewares=chain-authelia@docker"
  288. networks:
  289. - t2_proxy
  290. restart: always
  291.  
  292. transmission:
  293. image: haugene/transmission-openvpn
  294. cap_add:
  295. - NET_ADMIN
  296. devices:
  297. - /dev/net/tun
  298. #ports:
  299. # - 9091:9091
  300. # - 8888:8888
  301. dns:
  302. - 209.222.18.222
  303. - 209.222.18.218
  304. volumes:
  305. - /etc/localtime:/etc/localtime:ro
  306. - $DOCKERDIR/transmission:/data
  307. - $DOCKERDIR/transmission/canada.ovpn:/etc/openvpn/custom/default.ovpn:ro
  308. env_file:
  309. - ./.env
  310. environment:
  311. - PGID=$PGID
  312. - PUID=$PUID
  313. - TZ=$TZ
  314. - UMASK=002
  315. - CREATE_TUN_DEVICE=TRUE
  316. - OPENVPN_PROVIDER=PIA
  317. - OPENVPN_CONFIG=switzerland,ca_toronto,ca_montreal,ca_vancouver,czech_republic,de_berlin,de_frankfurt,france,israel,romania,spain,sweden
  318. - OPENVPN_USERNAME=username
  319. - OPENVPN_PASSWORD=password
  320. - PIA_OPENVPN_CONFIG_BUNDLE=openvpn
  321. - OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60
  322. - LOCAL_NETWORK=192.168.7.76/24
  323. - TRANSMISSION_MAX_PEERS_GLOBAL=9999
  324. - TRANSMISSION_PEER_LIMIT_GLOBAL=9999
  325. - TRANSMISSION_PEER_LIMIT_PER_TORRENT=9999
  326. labels:
  327. - "autoheal=true"
  328. - "com.centurylinklabs.watchtower.enable=true"
  329. - "traefik.enable=true"
  330. - "traefik.network=t2_proxy"
  331. - "traefik.http.routers.transmission-rtr.entrypoints=https"
  332. - "traefik.http.routers.transmission-rtr.rule=Host(`transmission.$DOMAIN`)"
  333. - "traefik.http.routers.transmission-rtr.tls=true"
  334. - "traefik.http.routers.transmission-rtr.service=transmission-svc"
  335. - "traefik.http.services.transmission-svc.loadbalancer.server.port=9091"
  336. - "traefik.http.routers.transmission-rtr.middlewares=chain-oauth@file"
  337. networks:
  338. - t2_proxy
  339. restart: always
  340.  
  341. organizr:
  342. image: organizr/organizr
  343. container_name: organizr
  344. hostname: organizr
  345. security_opt:
  346. - no-new-privileges:true
  347. # ports:
  348. # - "$ORGANIZR_PORT:80"
  349. env_file:
  350. - ./.env
  351. environment:
  352. - PGID=$PGID
  353. - PUID=$PUID
  354. - TZ=$TZ
  355. volumes:
  356. - $DOCKERDIR/organizr:/config
  357. links:
  358. - db2
  359. labels:
  360. - "autoheal=true"
  361. - "com.centurylinklabs.watchtower.enable=true"
  362. - "traefik.enable=true"
  363. - "traefik.network=t2_proxy"
  364. - "traefik.http.routers.organizr-rtr.entrypoints=https"
  365. - "traefik.http.routers.organizr-rtr.rule=Host(`$DOMAIN`,`www.$DOMAIN`)"
  366. - "traefik.http.routers.organizr-rtr.tls=true"
  367. - "traefik.http.routers.organizr-rtr.middlewares=chain-oauth@file"
  368. - "traefik.http.routers.organizr-rtr.service=organizr-svc"
  369. - "traefik.http.services.organizr-svc.loadbalancer.server.port=80"
  370. networks:
  371. - t2_proxy
  372. depends_on:
  373. - db2
  374. restart: unless-stopped
  375.  
  376. db2:
  377. image: ghcr.io/linuxserver/mariadb
  378. container_name: mariadb2
  379. hostname: mariadb2
  380. env_file:
  381. - ./.env
  382. environment:
  383. - PGID=$PGID
  384. - PUID=$PUID
  385. - TZ=$TZ
  386. - MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
  387. - MYSQL_DATABASE="organizr"
  388. - MYSQL_USER=$MYSQL_USER
  389. - MYSQL_PASSWORD=$MYSQL_PASS
  390. - REMOTE_SQL="http://organizr.wallace-home.org/organizr.sql,https://organizr.wallace-home.org/organizr.sql"
  391. volumes:
  392. - $DOCKERDIR/mariadb/organizr:/config
  393. labels:
  394. - "autoheal=true"
  395. - "com.centurylinklabs.watchtower.enable=true"
  396. - "traefik.enable=false"
  397. ports:
  398. - 3307:3306
  399. networks:
  400. - t2_proxy
  401. restart: always
  402.  
  403. portainer:
  404. image: portainer/portainer
  405. container_name: portainer
  406. hostname: portainer
  407. command: -H unix:///var/run/docker.sock
  408. env_file:
  409. - ./.env
  410. environment:
  411. - PGID=$PGID
  412. - PUID=$PUID
  413. - TZ=$TZ
  414. volumes:
  415. - /var/run/docker.sock:/var/run/docker.sock
  416. - $DOCKERDIR/portainer:/config
  417. labels:
  418. - "autoheal=true"
  419. - "com.centurylinklabs.watchtower.enable=true"
  420. - "traefik.enable=true"
  421. - "traefik.network=t2_proxy"
  422. - "traefik.http.routers.portainer-rtr.entrypoints=https"
  423. - "traefik.http.routers.portsiner-rtr.rule=Host(`portainer.$DOMAIN`)"
  424. - "traefik.http.routers.portainer-rtr.tls=true"
  425. - "traefik.http.routers.portainer-rtr.service=portainer-svc"
  426. - "traefik.http.services.portainer-svc.loadbalancer.server.port=9000"
  427. - "traefik.http.routers.portainer-rtr.middlewares=chain-oauth@file"
  428. networks:
  429. - t2_proxy
  430. - socket_proxy
  431. restart: always
  432.  
  433. sonarr:
  434. image: ghcr.io/linuxserver/sonarr
  435. container_name: sonarr
  436. hostname: sonarr
  437. env_file:
  438. - ./.env
  439. environment:
  440. - PGID=$PGID
  441. - PUID=$PUID
  442. - TZ=$TZ
  443. volumes:
  444. - $DOCKERDIR/sonarr:/config
  445. - $TV:/data/TVShows
  446. - $Downloads:/data/Downloads
  447. labels:
  448. - "autoheal=true"
  449. - "com.centurylinklabs.watchtower.enable=true"
  450. - "traefik.enable=true"
  451. - "traefik.network=t2_proxy"
  452. - "traefik.http.routers.sonarr-rtr.entrypoints=https"
  453. - "traefik.http.routers.sonarr-rtr.rule=Host(`sonarr.$DOMAIN`)"
  454. - "traefik.http.routers.sonarr-rtr.tls=true"
  455. - "traefik.http.routers.sonarr-rtr.service=sonarr-svc"
  456. - "traefik.http.services.sonarr-svc.loadbalancer.server.port=8989"
  457. - "traefik.http.routers.sonarr-rtr.middlewares=chain-oauth@file"
  458. networks:
  459. - t2_proxy
  460. restart: always
  461.  
  462. radarr:
  463. image: ghcr.io/linuxserver/radarr
  464. container_name: radarr
  465. hostname: radarr
  466. env_file:
  467. - ./.env
  468. environment:
  469. - PGID=$PGID
  470. - PUID=$PUID
  471. - TZ=$TZ
  472. volumes:
  473. - $DOCKERDIR/radarr:/config
  474. - $Ani1:/data/Animated1
  475. - $Ani2:/data/Animated2
  476. - $Ani3:/data/Animated3
  477. - $Hor1:/data/Horror1
  478. - $Hor2:/data/Horror2
  479. - $Hor3:/data/Horror3
  480. - $Mov1:/data/Movies1
  481. - $Mov2:/data/Movies2
  482. - $Mov3:/data/Movies3
  483. - $TV:/data/TVShows
  484. - $Downloads:/data/Downloads
  485. labels:
  486. - "autoheal=true"
  487. - "com.centurylinklabs.watchtower.enable=true"
  488. - "traefik.enable=true"
  489. - "traefik.network=t2_proxy"
  490. - "traefik.http.routers.radarr-rtr.entrypoints=https"
  491. - "traefik.http.routers.radarr-rtr.rule=Host(`radarr.$DOMAIN`)"
  492. - "traefik.http.routers.radarr-rtr.tls=true"
  493. - "traefik.http.routers.radarr-rtr.service=radarr-svc"
  494. - "traefik.http.services.radarr-svc.loadbalancer.server.port=7878"
  495. - "traefik.http.routers.radarr-rtr.middlewares=chain-oauth@file"
  496. networks:
  497. - t2_proxy
  498. restart: always
  499.  
  500. lidarr:
  501. image: ghcr.io/linuxserver/lidarr
  502. container_name: lidarr
  503. hostname: lidarr
  504. env_file:
  505. - ./.env
  506. environment:
  507. - PGID=$PGID
  508. - PUID=$PUID
  509. - TZ=$TZ
  510. volumes:
  511. - $DOCKERDIR/lidarr:/config
  512. - $Music:/data/Music
  513. - $Downloads:/data/Downloads
  514. labels:
  515. - "autoheal=true"
  516. - "com.centurylinklabs.watchtower.enable=true"
  517. - "traefik.enable=true"
  518. - "traefik.network=t2_proxy"
  519. - "traefik.http.routers.lidarr-rtr.entrypoints=https"
  520. - "traefik.http.routers.lidarr-rtr.rule=Host(`lidarr.$DOMAIN`)"
  521. - "traefik.http.routers.lidarr-rtr.tls=true"
  522. - "traefik.http.routers.lidarr-rtr.service=lidarr-svc"
  523. - "traefik.http.services.lidarr-svc.loadbalancer.server.port=8686"
  524. - "traefik.http.routers.lidarr-rtr.middlewares=chain-oauth@file"
  525. networks:
  526. - t2_proxy
  527. restart: always
  528.  
  529. deemix:
  530. image: registry.gitlab.com/bockiii/deemix-docker
  531. container_name: Deemix
  532. hostname: Deemix
  533. env_file:
  534. - ./.env
  535. environment:
  536. - PGID=$PGID
  537. - PUID=$PUID
  538. - TZ=$TZ
  539. - ARL=1234567
  540. - UMASK_SET=022
  541. - DEEZUI=false
  542. volumes:
  543. - $Downloads:/data/Downloads
  544. - $DOCKERDIR/deemix:/config
  545. labels:
  546. - "autoheal=true"
  547. - "com.centurylinklabs.watchtower.enable=true"
  548. - "traefik.enable=true"
  549. - "traefik.network=t2_proxy"
  550. - "traefik.http.routers.deemix-rtr.entrypoints=https"
  551. - "traefik.http.routers.deemix-rtr.rule=Host(`deemix.$DOMAIN`)"
  552. - "traefik.http.routers.deemix-rtr.tls=true"
  553. - "traefik.http.routers.deemix-rtr.service=deemix-svc"
  554. - "traefik.http.services.deemix-svc.loadbalancer.server.port=6595"
  555. - "traefik.http.routers.deemix-rtr.middlewares=chain-oauth@file"
  556. networks:
  557. - t2_proxy
  558. restart: always
  559.  
  560. bazarr:
  561. image: ghcr.io/linuxserver/bazarr
  562. container_name: bazarr
  563. hostname: bazarr
  564. env_file:
  565. - ./.env
  566. environment:
  567. - PGID=$PGID
  568. - PUID=$PUID
  569. - TZ=$TZ
  570. volumes:
  571. - $DOCKERDIR/bazarr:/config
  572. - $Ani1:/data/Animated1
  573. - $Ani2:/data/Animated2
  574. - $Ani3:/data/Animated3
  575. - $Hor1:/data/Horror1
  576. - $Hor2:/data/Horror2
  577. - $Hor3:/data/Horror3
  578. - $Mov1:/data/Movies1
  579. - $Mov2:/data/Movies2
  580. - $Mov3:/data/Movies3
  581. - $TV:/data/TVShows
  582. labels:
  583. - "autoheal=true"
  584. - "com.centurylinklabs.watchtower.enable=true"
  585. - "traefik.enable=true"
  586. - "traefik.network=t2_proxy"
  587. - "traefik.http.routers.bazarr-rtr.entrypoints=https"
  588. - "traefik.http.routers.bazarr-rtr.rule=Host(`bazarr.$DOMAIN`)"
  589. - "traefik.http.routers.bazarr-rtr.tls=true"
  590. - "traefik.http.routers.bazarr-rtr.service=bazarr-svc"
  591. - "traefik.http.services.bazarr-svc.loadbalancer.server.port=6767"
  592. - "traefik.http.routers.bazarr-rtr.middlewares=chain-oauth@file"
  593. networks:
  594. - t2_proxy
  595. restart: always
  596.  
  597. prowlarr:
  598. container_name: prowlarr
  599. image: linuxserver/prowlarr
  600. hostname: prowlarr
  601. env_file:
  602. - ./.env
  603. environment:
  604. - PUID=$PUID
  605. - PGID=$PGID
  606. - UMASK=002
  607. - TZ=$TZ
  608. volumes:
  609. - $DOCKERDIR/prowlarr:/config
  610. # ports:
  611. # - 9696:9696
  612. labels:
  613. - "autoheal=true"
  614. - "com.centurylinklabs.watchtower.enable=true"
  615. - "traefik.enable=true"
  616. - "traefik.network=t2_proxy"
  617. - "traefik.http.routers.prowlarr-rtr.entrypoints=https"
  618. - "traefik.http.routers.prowlarr-rtr.rule=Host(`prowlarr.$DOMAIN`)"
  619. - "traefik.http.routers.prowlarr-rtr.tls=true"
  620. - "traefik.http.routers.prowlarr-rtr.middlewares=chain-oauth@file"
  621. - "traefik.http.routers.prowlarr-rtr.service=prowlarr-svc"
  622. - "traefik.http.services.prowlarr-svc.loadbalancer.server.port=9696"
  623. networks:
  624. - t2_proxy
  625. restart: unless-stopped
  626.  
  627. jackett:
  628. image: ghcr.io/linuxserver/jackett
  629. container_name: jackett
  630. hostname: jackett
  631. env_file:
  632. - ./.env
  633. environment:
  634. - PGID=$PGID
  635. - PUID=$PUID
  636. - TZ=$TZ
  637. - AUTO_UPDATE=true `#optional`
  638. volumes:
  639. - $DOCKERDIR/jackett:/config
  640. - $Downloads:/data/Downloads
  641. labels: - "autoheal=true"
  642. - "com.centurylinklabs.watchtower.enable=true"
  643. - "traefik.enable=true"
  644. - "traefik.network=t2_proxy"
  645. - "traefik.http.routers.jackett-rtr.entrypoints=https"
  646. - "traefik.http.routers.jackett-rtr.rule=Host(`jackett.$DOMAIN`)"
  647. - "traefik.http.routers.jackett-rtr.tls=true"
  648. - "traefik.http.routers.jackett-rtr.service=jackett-svc"
  649. - "traefik.http.services.jackett-svc.loadbalancer.server.port=9117"
  650. - "traefik.http.routers.jackett-rtr.middlewares=chain-oauth@file"
  651. networks:
  652. - t2_proxy
  653. restart: always
  654.  
  655. nzbhydra2:
  656. image: ghcr.io/linuxserver/nzbhydra2
  657. container_name: nzbhydra2
  658. hostname: nzbhydra2
  659. env_file:
  660. - ./.env
  661. environment:
  662. - PGID=$PGID
  663. - PUID=$PUID
  664. - TZ=$TZ
  665. volumes:
  666. - $DOCKERDIR/nzbhydra2:/config
  667. - $Downloads:/data/Downloads
  668. labels: - "autoheal=true"
  669. - "com.centurylinklabs.watchtower.enable=true"
  670. - "traefik.enable=true"
  671. - "traefik.network=t2_proxy"
  672. - "traefik.http.routers.nzbhydra2-rtr.entrypoints=https"
  673. - "traefik.http.routers.nzbhydra2-rtr.rule=Host(`nzbhydra2.$DOMAIN`)"
  674. - "traefik.http.routers.nzbhydra2-rtr.tls=true"
  675. - "traefik.http.routers.nzbhydra2-rtr.service=nzbhydra2-svc"
  676. - "traefik.http.services.nzbhydra2-svc.loadbalancer.server.port=5076"
  677. - "traefik.http.routers.nzbhydra2-rtr.middlewares=chain-oauth@file"
  678. networks:
  679. - t2_proxy
  680. restart: always
  681.  
  682. overseerr:
  683. image: sctx/overseerr
  684. container_name: overseerr
  685. hostname: overseerr
  686. env_file:
  687. - ./.env
  688. environment:
  689. - PGID=$PGID
  690. - PUID=$PUID
  691. - TZ=$TZ
  692. - LOG_LEVEL=info
  693. volumes:
  694. - $DOCKERDIR/overseerr:/config
  695. labels:
  696. - "autoheal=true"
  697. - "com.centurylinklabs.watchtower.enable=true"
  698. - "traefik.enable=true"
  699. - "traefik.network=t2_proxy"
  700. - "traefik.http.routers.overseerr-rtr.entrypoints=https"
  701. - "traefik.http.routers.overseerr-rtr.rule=Host(`overseerr.$DOMAIN`)"
  702. - "traefik.http.routers.overseerr-rtr.tls=true"
  703. - "traefik.http.routers.overseerr-rtr.service=overseerr-svc"
  704. - "traefik.http.services.overseerr-svc.loadbalancer.server.port=5055"
  705. - "traefik.http.routers.overseerr-rtr.middlewares=chain-oauth@file"
  706. networks:
  707. - t2_proxy
  708. restart: always
  709.  
  710. tautulli:
  711. image: ghcr.io/linuxserver/tautulli
  712. container_name: tautulli
  713. hostname: tautulli
  714. env_file:
  715. - ./.env
  716. environment:
  717. - PGID=$PGID
  718. - PUID=$PUID
  719. - TZ=$TZ
  720. volumes:
  721. - $DOCKERDIR/tautulli:/config
  722. labels:
  723. - "autoheal=true"
  724. - "com.centurylinklabs.watchtower.enable=true"
  725. - "traefik.enable=true"
  726. - "traefik.network=t2_proxy"
  727. - "traefik.http.routers.tautulli-rtr.entrypoints=https"
  728. - "traefik.http.routers.tautulli-rtr.rule=Host(`tautulli.$DOMAIN`)"
  729. - "traefik.http.routers.tautulli-rtr.tls=true"
  730. - "traefik.http.routers.tautulli-rtr.service=radarr-svc"
  731. - "traefik.http.services.tautulli-svc.loadbalancer.server.port=8181"
  732. - "traefik.http.routers.tautulli-rtr.middlewares=chain-oauth@file"
  733. networks:
  734. - t2_proxy
  735. restart: always
  736.  
  737. gaps:
  738. image: housewrecker/gaps:latest
  739. container_name: gaps
  740. env_file:
  741. - ./.env
  742. environment:
  743. - PGID=$PGID
  744. - PUID=$PUID
  745. - TZ=$TZ
  746. ports:
  747. - 8484:8484
  748. volumes:
  749. - $DOCKERDIR/gaps:/config
  750. - $Ani1:/data/Animated1
  751. - $Ani2:/data/Animated2
  752. - $Ani3:/data/Animated3
  753. - $Hor1:/data/Horror1
  754. - $Hor2:/data/Horror2
  755. - $Hor3:/data/Horror3
  756. - $Mov1:/data/Movies1
  757. - $Mov2:/data/Movies2
  758. - $Mov3:/data/Movies3
  759. networks:
  760. - t2_proxy
  761. labels:
  762. - "autoheal=true"
  763. - "com.centurylinklabs.watchtower.enable=true"
  764. - "traefik.enable=false"
  765. restart: always
  766.  
  767. plex:
  768. image: ghcr.io/linuxserver/plex
  769. container_name: plex
  770. hostname: plex
  771. env_file:
  772. - ./.env
  773. environment:
  774. - PGID=$PGID
  775. - PUID=$PUID
  776. - TZ=$TZ
  777. - VERSION=docker
  778. ports:
  779. - 32400:32400
  780. - 3005:3005/tcp
  781. - 8324:8324/tcp
  782. - 32469:32469/tcp
  783. - 1900:1900/udp
  784. - 32410:32410/udp
  785. - 32412:32412/udp
  786. - 32413:32413/udp
  787. - 32414:32414/udp
  788. volumes:
  789. - $DOCKERDIR/plex:/config
  790. - $Transcode:/transcode
  791. - $Ani1:/data/Animated1
  792. - $Ani2:/data/Animated2
  793. - $Ani3:/data/Animated3
  794. - $Hor1:/data/Horror2
  795. - $Hor2:/data/Horror2
  796. - $Hor3:/data/Horror3
  797. - $Mov1:/data/Movies1
  798. - $Mov2:/data/Movies2
  799. - $Mov3:/data/Movies3
  800. - $TV:/data/TVShows
  801. - $Music:/data/Music
  802. - $Audio:/data/Audiobooks
  803. - $Photos:/data/Photos
  804. labels:
  805. - "autoheal=true"
  806. - "com.centurylinklabs.watchtower.enable=true"
  807. - "traefik.enable=true"
  808. - "traefik.network=t2_proxy"
  809. - "traefik.http.routers.plex-rtr.entrypoints=https"
  810. - "traefik.http.routers.plex-rtr.rule=Host(`plex.$DOMAIN`)"
  811. - "traefik.http.routers.plex-rtr.tls=true"
  812. - "traefik.http.routers.plex-rtr.service=plex-svc"
  813. - "traefik.http.services.plex-svc.loadbalancer.server.port=32400"
  814. - "traefik.http.routers.plex-rtr.middlewares=chain-oauth@file"
  815. networks:
  816. - t2_proxy
  817. restart: always
  818.  
  819. jellyfin:
  820. image: ghcr.io/linuxserver/jellyfin
  821. container_name: jellyfin
  822. hostname: jellyfin
  823. env_file:
  824. - ./.env
  825. environment:
  826. - PGID=$PGID
  827. - PUID=$PUID
  828. - TZ=$TZ
  829. - JELLYFIN_PublishedServerUrl=192.168.7.76 `#optional`
  830. volumes:
  831. - $DOCKERDIR/jellyfin:/config
  832. - $Ani1:/data/Animated1
  833. - $Ani2:/data/Animated2
  834. - $Ani3:/data/Animated3
  835. - $Hor1:/data/Horror1
  836. - $Hor2:/data/Horror2
  837. - $Hor3:/data/Horror3
  838. - $Mov1:/data/Movies1
  839. - $Mov2:/data/Movies2
  840. - $Mov3:/data/Movies3
  841. - $TV:/data/TVShows
  842. - $Music:/data/Music
  843. - $Audio:/data/Audiobooks
  844. - $Photos:/data/Photos
  845. labels:
  846. - "autoheal=true"
  847. - "com.centurylinklabs.watchtower.enable=true"
  848. - "traefik.enable=true"
  849. - "traefik.network=t2_proxy"
  850. - "traefik.http.routers.jellyfin-rtr.entrypoints=https"
  851. - "traefik.http.routers.jellyfin-rtr.rule=Host(`jellyfin.$DOMAIN`)"
  852. - "traefik.http.routers.jellyfin-rtr.tls=true"
  853. - "traefik.http.routers.jellyfin-rtr.service=jellyfin-svc"
  854. - "traefik.http.services.jellyfin-svc.loadbalancer.server.port=8096"
  855. - "traefik.http.routers.jellyfin-rtr.middlewares=chain-oauth@file"
  856. networks:
  857. - t2_proxy
  858. restart: always
  859.  
  860. unmanic:
  861. image: josh5/unmanic:latest
  862. container_name: unmanic
  863. hostname: unmanic
  864. env_file:
  865. - ./.env
  866. environment:
  867. - PGID=$PGID
  868. - PUID=$PUID
  869. - TZ=$TZ
  870. volumes:
  871. - $DOCKERDIR/unmanic:/config
  872. - $TV:/Library
  873. - $Transcode:/tmp/unmanic
  874. labels:
  875. - "autoheal=true"
  876. - "com.centurylinklabs.watchtower.enable=true"
  877. - "traefik.enable=true"
  878. - "traefik.network=t2_proxy"
  879. - "traefik.http.routers.unmanic-rtr.entrypoints=https"
  880. - "traefik.http.routers.unmanic-rtr.rule=Host(`unmanic.$DOMAIN`)"
  881. - "traefik.http.routers.unmanic-rtr.tls=true"
  882. - "traefik.http.routers.unmanic-rtr.service=unmanic-svc"
  883. - "traefik.http.services.unmanic-svc.loadbalancer.server.port=8888"
  884. - "traefik.http.routers.unmanic-rtr.middlewares=chain-oauth@file"
  885. networks:
  886. - t2_proxy
  887. restart: always
  888.  
  889. tdarr:
  890. image: haveagitgat/tdarr:latest
  891. container_name: tdarr
  892. hostname: tdarr
  893. env_file:
  894. - ./.env
  895. environment:
  896. - PGID=$PGID
  897. - PUID=$PUID
  898. - TZ=$TZ
  899. - UMASK_SET=002
  900. - serverIP=0.0.0.0
  901. - serverPort=8266
  902. - webUIPort=8265
  903. volumes:
  904. - $DOCKERDIR/tdarr/server:/app/server
  905. - $DOCKERDIR/tdarr/configs:/app/configs
  906. - $DOCKERDIR/tdarr/logs:/app/logs
  907. - $Transcode:/home/Tdarr/cache
  908. - $Ani1:/home/Tdarr/media/Animated1
  909. - $Ani2:/home/Tdarr/media/Animated2
  910. - $Ani3:/home/Tdarr/media/Animated3
  911. - $Hor1:/home/Tdarr/media/Horror1
  912. - $Hor2:/home/Tdarr/media/Horror2
  913. - $Hor3:/home/Tdarr/media/Horror3
  914. - $Mov1:/home/Tdarr/media/Movies1
  915. - $Mov2:/home/Tdarr/media/Movies2
  916. - $Mov3:/home/Tdarr/media/Movies3
  917. - $TV:/home/Tdarr/media/TVShows
  918. labels:
  919. - "autoheal=true"
  920. - "com.centurylinklabs.watchtower.enable=true"
  921. - "traefik.enable=true"
  922. - "traefik.network=t2_proxy"
  923. - "traefik.http.routers.tdarr-rtr.entrypoints=https"
  924. - "traefik.http.routers.tdarr-rtr.rule=Host(`tdarr.$DOMAIN`)"
  925. - "traefik.http.routers.tdarr-rtr.tls=true"
  926. - "traefik.http.routers.tdarr-rtr.service=tdarr-svc"
  927. - "traefik.http.services.tdarr-svc.loadbalancer.server.port=8266"
  928. - "traefik.http.routers.tdarr-rtr.middlewares=chain-oauth@file"
  929. networks:
  930. - t2_proxy
  931. ports:
  932. - 8265:8265 # webUI port
  933. - 8266:8266 # server port
  934. - 8267:8267 # node port. It should be mapped on this container because
  935. # the node container use the network from the main container
  936. restart: always
  937.  
  938. tdarr-node:
  939. image: haveagitgat/tdarr_node:latest
  940. container_name: tdarr-node
  941. env_file:
  942. - ./.env
  943. environment:
  944. - PGID=$PGID
  945. - PUID=$PUID
  946. - TZ=$TZ
  947. - UMASK_SET=002
  948. - nodeID=MainNode
  949. - nodeIP=0.0.0.0
  950. - nodePort=8267
  951. - serverIP=0.0.0.0
  952. - serverPort=8266
  953. volumes:
  954. - $DOCKERDIR/tdarr/configs:/app/configs
  955. - $DOCKERDIR/tdarr/logs:/app/logs
  956. - $Transcode:/home/Tdarr/cache
  957. - $Ani1:/home/Tdarr/media/Animated1
  958. - $Ani2:/home/Tdarr/media/Animated2
  959. - $Ani3:/home/Tdarr/media/Animated3
  960. - $Hor1:/home/Tdarr/media/Horror1
  961. - $Hor2:/home/Tdarr/media/Horror2
  962. - $Hor3:/home/Tdarr/media/Horror3
  963. - $Mov1:/home/Tdarr/media/Movies1
  964. - $Mov2:/home/Tdarr/media/Movies2
  965. - $Mov3:/home/Tdarr/media/Movies3
  966. - $TV:/home/Tdarr/media/TVShows
  967. ports:
  968. - 8267:8267
  969. labels:
  970. - "autoheal=true"
  971. - "com.centurylinklabs.watchtower.enable=true"
  972. - "traefik.enable=false"
  973. network_mode: "service:tdarr"
  974. restart: always
  975.  
  976. mediamonkey:
  977. image: zalaare/zizzy.mediamonkey-server
  978. container_name: mediamonkey
  979. hostname: mediamonkey
  980. env_file:
  981. - ./.env
  982. environment:
  983. - PGID=$PGID
  984. - PUID=$PUID
  985. - TZ=$TZ
  986. volumes:
  987. - $DOCKERDIR/mediamonkey/config:/config
  988. - $Music:/data/Music
  989. - $Downloads:/data/Downloads
  990. labels:
  991. - "autoheal=true"
  992. - "com.centurylinklabs.watchtower.enable=true"
  993. - "traefik.enable=true"
  994. - "traefik.network=t2_proxy"
  995. - "traefik.http.routers.mediamonkey-rtr.entrypoints=https"
  996. - "traefik.http.routers.mediamonkey-rtr.rule=Host(`mediamonkey.$DOMAIN`)"
  997. - "traefik.http.routers.mediamonkey-rtr.tls=true"
  998. - "traefik.http.routers.mediamonkey-rtr.service=mediamonkey-svc"
  999. - "traefik.http.services.mediamonkey-svc.loadbalancer.server.port=8383"
  1000. - "traefik.http.routers.mediamonkey-rtr.middlewares=chain-oauth@file"
  1001. networks:
  1002. - t2_proxy
  1003. restart: always
  1004.  
  1005. filebot:
  1006. image: jlesage/filebot
  1007. container_name: filebot
  1008. env_file:
  1009. - ./.env
  1010. environment:
  1011. - PGID=$PGID
  1012. - PUID=$PUID
  1013. - TZ=$TZ
  1014. volumes:
  1015. - $DOCKERDIR/FileBot:/config
  1016. - $Downloads:/storage
  1017. labels:
  1018. - "autoheal=true"
  1019. - "com.centurylinklabs.watchtower.enable=true"
  1020. - "traefik.enable=false"
  1021. networks:
  1022. - t2_proxy
  1023. restart: always
  1024.  
  1025. tinymediamanager:
  1026. image: romancin/tinymediamanager
  1027. container_name: tmm
  1028. hostname: tmm
  1029. env_file:
  1030. - ./.env
  1031. environment:
  1032. - PGID=$PGID
  1033. - PUID=$PUID
  1034. - TZ=$TZ
  1035. volumes:
  1036. - $DOCKERDIR/tinymediamanager/config:/config
  1037. - $Ani1:/data/Animated1
  1038. - $Ani2:/data/Animated2
  1039. - $Ani3:/data/Animated3
  1040. - $Hor1:/data/Horror1
  1041. - $Hor2:/data/Horror2
  1042. - $Hor3:/data/Horror3
  1043. - $Mov1:/data/Movies1
  1044. - $Mov2:/data/Movies2
  1045. - $Mov3:/data/Movies3
  1046. - $TV:/data/TVShows
  1047. labels:
  1048. - "autoheal=true"
  1049. - "com.centurylinklabs.watchtower.enable=true"
  1050. - "traefik.enable=true"
  1051. - "traefik.network=t2_proxy"
  1052. - "traefik.http.routers.tmm-rtr.entrypoints=https"
  1053. - "traefik.http.routers.tmm-rtr.rule=Host(`tmm.$DOMAIN`)"
  1054. - "traefik.http.routers.tmm-rtr.tls=true"
  1055. - "traefik.http.routers.tmm-rtr.service=tmm-svc"
  1056. - "traefik.http.services.tmm-svc.loadbalancer.server.port=5801"
  1057. - "traefik.http.routers.tmm-rtr.middlewares=chain-oauth@file"
  1058. networks:
  1059. - t2_proxy
  1060. restart: always
  1061.  
  1062. picard:
  1063. image: mikenye/picard:latest
  1064. container_name: picard
  1065. hostname: picard
  1066. env_file:
  1067. - ./.env
  1068. environment:
  1069. - PGID=$PGID
  1070. - PUID=$PUID
  1071. - TZ=$TZ
  1072. - UMASK=022
  1073. - DISPLAY_WIDTH=1600
  1074. - DISPLAY_HEIGHT=1024
  1075. volumes:
  1076. - $DOCKERDIR/picard:/config:rw
  1077. - $Music:/storage:rw
  1078. labels:
  1079. - "autoheal=true"
  1080. - "com.centurylinklabs.watchtower.enable=true"
  1081. - "traefik.enable=true"
  1082. - "traefik.network=t2_proxy"
  1083. - "traefik.http.routers.picard-rtr.entrypoints=https"
  1084. - "traefik.http.routers.picard-rtr.rule=Host(`picard.$DOMAIN`)"
  1085. - "traefik.http.routers.picard-rtr.tls=true"
  1086. - "traefik.http.routers.picard-rtr.service=picard-svc"
  1087. - "traefik.http.services.picard-svc.loadbalancer.server.port=5810"
  1088. - "traefik.http.routers.picard-rtr.middlewares=chain-oauth@file"
  1089. networks:
  1090. - t2_proxy
  1091. restart: always
  1092.  
  1093. mkvtoolnix:
  1094. image: jlesage/mkvtoolnix
  1095. container_name: mkvtoolnix
  1096. env_file:
  1097. - ./.env
  1098. environment:
  1099. - PGID=$PGID
  1100. - PUID=$PUID
  1101. - TZ=$TZ
  1102. ports:
  1103. - 5850:5850
  1104. volumes:
  1105. - $DOCKERDIR/mkvtoolnix:/config:rw
  1106. - $Files:/storage:rw
  1107. networks:
  1108. - t2_proxy
  1109. labels:
  1110. - "autoheal=true"
  1111. - "com.centurylinklabs.watchtower.enable=true"
  1112. - "traefik.enable=false"
  1113. restart: always
  1114.  
  1115. watchtower:
  1116. image: containrrr/watchtower
  1117. container_name: watchtower
  1118. command: --label-enable --cleanup --interval 300
  1119. env_file:
  1120. - ./.env
  1121. environment:
  1122. - PGID=$PGID
  1123. - PUID=$PUID
  1124. - TZ=$TZ
  1125. volumes:
  1126. - /var/run/docker.sock:/var/run/docker.sock
  1127. labels:
  1128. - "autoheal=true"
  1129. - "com.centurylinklabs.watchtower.enable=true"
  1130. - "traefik.enable=false"
  1131. network_mode: none
  1132. restart: always
  1133.  
  1134. autoheal:
  1135. image: willfarrell/autoheal
  1136. container_name: autoheal
  1137. hostname: autoheal
  1138. env_file:
  1139. - ./.env
  1140. environment:
  1141. - PGID=$PGID
  1142. - PUID=$PUID
  1143. - TZ=$TZ
  1144. - AUTOHEAL_CONTAINER_LABEL=all
  1145. volumes:
  1146. - /var/run/docker.sock:/var/run/docker.sock
  1147. labels:
  1148. - "com.centurylinklabs.watchtower.enable=true"
  1149. - "traefik.enable=false"
  1150. restart: always
  1151.  
  1152. nextcloud:
  1153. image: ghcr.io/linuxserver/nextcloud
  1154. container_name: nextcloud
  1155. hostname: nextcloud
  1156. env_file:
  1157. - ./.env
  1158. environment:
  1159. - PGID=$PGID
  1160. - PUID=$PUID
  1161. - TZ=$TZ
  1162. volumes:
  1163. - $DOCKERDIR/nextcloud/config:/config
  1164. - $Photos:/data/Photos
  1165. links:
  1166. - db
  1167. labels:
  1168. - "autoheal=true"
  1169. - "com.centurylinklabs.watchtower.enable=true"
  1170. - "traefik.enable=true"
  1171. - "traefik.network=t2_proxy"
  1172. - "traefik.http.routers.nextcloud-rtr.entrypoints=https"
  1173. - "traefik.http.routers.nextcloud-rtr.rule=Host(`nextcloud.$DOMAIN`)"
  1174. - "traefik.http.routers.nextcloud-rtr.tls=true"
  1175. - "traefik.tcp.routers.nextcloud-tcp.tls.passthrough=true"
  1176. - "traefik.http.routers.nextcloud-rtr.service=nextcloud-svc"
  1177. - "traefik.http.services.nextcloud-svc.loadbalancer.server.port=443"
  1178. - "traefik.http.routers.nextcloud-rtr.middlewares=chain-oauth@file"
  1179. networks:
  1180. - t2_proxy
  1181. depends_on:
  1182. - db
  1183. restart: always
  1184.  
  1185. db:
  1186. image: ghcr.io/linuxserver/mariadb
  1187. container_name: mariadb
  1188. hostname: mariadb
  1189. env_file:
  1190. - ./.env
  1191. environment:
  1192. - PGID=$PGID
  1193. - PUID=$PUID
  1194. - TZ=$TZ
  1195. - MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
  1196. - MYSQL_DATABASE="nextcloud"
  1197. - MYSQL_USER=$MYSQL_USER
  1198. - MYSQL_PASSWORD=$MYSQL_PASS
  1199. - REMOTE_SQL="http://nextcloud.wallace-home.org/nextcloud.sql,https://nextcloud.wallace-home.org/nextcloud.sql"
  1200. volumes:
  1201. - $DOCKERDIR/mariadb/nextcloud:/config
  1202. labels:
  1203. - "autoheal=true"
  1204. - "com.centurylinklabs.watchtower.enable=true"
  1205. - "traefik.enable=false"
  1206. ports:
  1207. - 3306:3306
  1208. networks:
  1209. - t2_proxy
  1210. restart: always
  1211.  
  1212. av:
  1213. image: mkodockx/docker-clamav:alpine
  1214. container_name: av
  1215. hostname: av
  1216. env_file:
  1217. - ./.env
  1218. environment:
  1219. - PGID=$PGID
  1220. - PUID=$PUID
  1221. - TZ=$TZ
  1222. volumes:
  1223. - $DOCKERDIR/clam:/var/lib/clamav
  1224. networks:
  1225. - t2_proxy
  1226. labels:
  1227. - "autoheal=true"
  1228. - "com.centurylinklabs.watchtower.enable=true"
  1229. - "traefik.enable=false"
  1230. restart: always
  1231.  
  1232. vaultwarden:
  1233. image: vaultwarden/server:latest
  1234. container_name: vaultwarden
  1235. hostname: vaultwarden
  1236. env_file:
  1237. - ./.env
  1238. environment:
  1239. - PGID=$PGID
  1240. - PUID=$PUID
  1241. - TZ=$TZ
  1242. - WEBSOCKET_ENABLED=true # Enable WebSocket notifications.
  1243. volumes:
  1244. - $DOCKERDIR/vw-data:/data/vw-data
  1245. links:
  1246. - db3
  1247. depends_on:
  1248. - db3
  1249. networks:
  1250. - t2_proxy
  1251. labels:
  1252. - "autoheal=true"
  1253. - "com.centurylinklabs.watchtower.enable=true"
  1254. - "traefik.enable=false"
  1255. restart: always
  1256.  
  1257. db3:
  1258. image: ghcr.io/linuxserver/mariadb
  1259. container_name: mariadb3
  1260. hostname: mariadb3
  1261. env_file:
  1262. - ./.env
  1263. environment:
  1264. - PGID=$PGID
  1265. - PUID=$PUID
  1266. - TZ=$TZ
  1267. - MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
  1268. - MYSQL_DATABASE="vaultwarden"
  1269. - MYSQL_USER=$MYSQL_USER
  1270. - MYSQL_PASSWORD=$MYSQL_PASS
  1271. - REMOTE_SQL="http://192.168.7.76:3308/vaultwarden.sql,https://192.168.7.76:3308/vaultwarden.sql"
  1272. volumes:
  1273. - $DOCKERDIR/mariadb/vaultwarden:/config
  1274. labels:
  1275. - "autoheal=true"
  1276. - "com.centurylinklabs.watchtower.enable=true"
  1277. - "traefik.enable=false"
  1278. ports:
  1279. - 3308:3306
  1280. networks:
  1281. - t2_proxy
  1282. restart: always
  1283.  
  1284. cf-companion:
  1285. image: tiredofit/traefik-cloudflare-companion:latest
  1286. container_name: cf-companion
  1287. hostname: cf-companion
  1288. security_opt:
  1289. - no-new-privileges:true
  1290. #depends_on:
  1291. # - socket-proxy
  1292. env_file:
  1293. - ./.env
  1294. environment:
  1295. - PGID=$PGID
  1296. - PUID=$PUID
  1297. - TZ=$TZ
  1298. - TRAEFIK_VERSION=2
  1299. #- CF_EMAIL=$CLOUDFLARE_EMAIL
  1300. - CF_TOKEN=$CLOUDFLARE_API_TOKEN
  1301. - TARGET_DOMAIN=$DOMAIN
  1302. - DOMAIN1=$DOMAIN
  1303. - DOMAIN1_ZONE_ID=$CLOUDFLARE_ZONEID # Copy from Cloudflare Overview page
  1304. - DOMAIN1_PROXIED=TRUE
  1305. - DOCKER_HOST=tcp://socket-proxy:2375
  1306. labels:
  1307. - "autoheal=true"
  1308. # Add hosts specified in rules here to force cf-companion to create the CNAMEs
  1309. - "com.centurylinklabs.watchtower.enable=true"
  1310. - "traefik.enable=false"
  1311. networks:
  1312. - socket_proxy
  1313. - t2_proxy
  1314. restart: always
  1315.  
  1316. certdumper:
  1317. container_name: traefik_certdumper
  1318. image: humenius/traefik-certs-dumper:latest
  1319. network_mode: none
  1320. env_file:
  1321. - ./.env
  1322. environment:
  1323. - PGID=$PGID
  1324. - PUID=$PUID
  1325. - TZ=$TZ
  1326. security_opt:
  1327. - no-new-privileges:true
  1328. # command: --restart-containers container1,container2,container3
  1329. volumes:
  1330. - $DOCKERDIR/traefik2/acme:/traefik:ro
  1331. - $DOCKERDIR/shared/certs:/output:rw
  1332. # - /var/run/docker.sock:/var/run/docker.sock:ro # Only needed if restarting containers (use Docker Socket Proxy instead)
  1333. labels:
  1334. - "autoheal=true"
  1335. - "com.centurylinklabs.watchtower.enable=true"
  1336. - "traefik.enable=false"
  1337. restart: always
  1338.  
  1339. volumes:
  1340. - $DOCKERDIR/mariadb/organizr
  1341. - $DOCKERDIR/mariadb/nextcloud
  1342. - $DOCKERDIR/mariadb/vaultwarden
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!