API tools faq
paste
gw17252009

Complete.yaml

gw17252009
Oct 1st, 2021
175
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
YAML 36.95 KB | None | 0 0
raw download clone embed print report
  1. services:
  2. secrets:
  3.   cloudflare_api_key:
  4.     file: $SECRETSDIR/cloudflare_api_key.txt
  5.   cloudflare_email:
  6.     file: $SECRETSDIR/cloudflare_email.txt
  7.   transmission_rpc_pass:
  8.     file: $SECRETSDIR/transmission_rpc_pass.txt
  9.   transmission_rpc_user:
  10.     file: $SECRETSDIR/transmission_rpc_user.txt
  11.   mysql_root_password:
  12.     file: $SECRETSDIR/mysql_root_password.txt
  13.   mysql_password:
  14.     file: $SECRETSDIR/mysql_password.txt
  15.   mysql_username:
  16.     file: $SECRETSDIR/mysql_username.txt
  17.   openvpn_username:
  18.     file: $SECRETSDIR/openvpn_username.txt
  19.   openvpn_password:
  20.     file: $SECRETSDIR/openvpn_password.txt
  21.   traefik:
  22.     image: traefik:v2.5
  23.     container_name: traefik
  24.     hostname: traefik
  25.     environment:
  26.      - PGID=$PGID
  27.       - PUID=$PUID
  28.       - TZ=$TZ
  29.       - CF_API_EMAIL_FILE=/run/secrets/cloudflare_email.txt
  30.       - CF_API_KEY_FILE=/run/secrets/cloudflare_api_key.txt
  31.       - DOCKER_HOST=tcp://docker-socket-proxy:2375
  32.     secrets:
  33.      - cloudflare_api_key
  34.       - cloudflare_email
  35.     volumes:
  36.      - $DOCKERDIR/traefik2/rules:/rules
  37.       - $DOCKERDIR/traefik2/acme.json:/acme.json
  38.       - $DOCKERDIR/traefik2/traefik.log:/traefik.log
  39.       - $DOCKERDIR/shared:/shared
  40.     depends_on:
  41.      - authelia
  42.       - socketproxy
  43.     command: # CLI arguments
  44.       - --global.insecureSNI
  45.       - --global.checkNewVersion=true
  46.       - --global.sendAnonymousUsage=true
  47.       - --entryPoints.http.address=:80
  48.       - --entryPoints.https.address=:443
  49.       - --entrypoints.dnsovertls.address=:853
  50.       - --entrypoints.dns.address=:53
  51.       - --entrypoints.udpdns.address=:53/udp        # Allow these IPs to set the X-Forwarded-* headers - Cloudflare IPs: https://www.cloudflare.com/ips/
  52.       - --entrypoints.https.forwardedHeaders.trustedIPs=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/12,172.64.0.0/13,131.0.72.0/22
  53.       - --entryPoints.traefik.address=:8080
  54.       - --api=true
  55. #      - --api.insecure=true
  56. #      - --serversTransport.insecureSkipVerify=true
  57.       - --log=true
  58.       - --log.level=DEBUG # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC
  59.       - --accessLog=true
  60.       - --accessLog.filePath=/traefik.log
  61.       - --accessLog.bufferingSize=100 # Configuring a buffer of 100 lines
  62.       - --accessLog.filters.statusCodes=400-499
  63.       - --providers.docker=true
  64.       - --providers.docker.endpoint="tcp://docker-socket-proxy:2375"
  65.       - --providers.docker.defaultrule=Host(`{{ index .Labels "com.docker.compose.service" }}.$DOMAIN`)
  66.       - --providers.docker.exposedByDefault=false
  67.       - --providers.docker.network=socketproxy
  68.       - --providers.docker.defaultRule=Host({{ trimPrefix / .Name }}.$DOMAIN)
  69.       - --providers.docker.swarmMode=false
  70.       - --providers.file.directory=/rules # Load dynamic configuration from one or more .toml or .yml files in a directory.
  71. #      - --providers.file.filename=${USERDIR}/docker/traefik/traefik_dynamic.toml # Load dynamic configuration from a file.
  72.       - --providers.file.watch=true # Only works on top level files in the rules folder
  73.       - --certificatesResolvers.dns-cloudflare.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server - uncomment when testing
  74.       - --certificatesResolvers.dns-cloudflare.acme.email=$CLOUDFLARE_EMAIL
  75.       - --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
  76.       - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
  77.     ports:
  78.      - 80:80
  79.       - 443:443
  80.       - 53:53
  81.       - 53:53/udp
  82.       - 853:853
  83. #      - 8080:8080
  84.     labels:
  85.       - autoheal=true
  86.       - com.centurylinklabs.watchtower.enable=true
  87.       - traefik.docker.network=t2_proxy
  88.       - traefik.http.routers.http-catchall.entrypoints=http
  89.       - traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)
  90.       - traefik.http.routers.http-catchall.middlewares=redirect-to-https
  91.       - traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
  92.       - traefik.http.routers.traefik-rtr.entrypoints=https
  93.       - traefik.http.routers.traefik-rtr.rule=Host(`traefik.$DOMAIN`)
  94.       - traefik.http.routers.traefik-rtr.tls=true
  95.       - traefik.http.routers.traefik-rtr.tls.certresolver=dns-cloudflare # Comment out this line after first run of traefik to force the use of wildcard certs
  96.       - traefik.http.routers.traefik-rtr.tls.domains[0].main=$DOMAIN
  97.       - traefik.http.routers.traefik-rtr.tls.domains[0].sans=*.$DOMAIN
  98.       - traefik.http.routers.traefik-rtr.middlewares=middlewares-basic-auth@file
  99.       - traefik.http.routers.traefik-rtr.middlewares=chain-authelia@file
  100.       - traefik.http.routers.traefik-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-basic-auth@file
  101. #      - traefik.http.routers.traefik-rtr.middlewares=traefik-headers,middlewares-rate-limit@file,middlewares-basic-auth@file
  102.       - traefik.http.middlewares.traefik-headers.headers.accesscontrolallowmethods=GET, OPTIONS, PUT
  103.       - traefik.http.middlewares.traefik-headers.headers.accesscontrolalloworiginlist=https://$DOMAIN
  104.       - traefik.http.middlewares.traefik-headers.headers.accesscontrolmaxage=100
  105.       - traefik.http.middlewares.traefik-headers.headers.addvaryheader=true
  106.       - traefik.http.middlewares.traefik-headers.headers.allowedhosts=traefik.$DOMAIN
  107.       - traefik.http.middlewares.traefik-headers.headers.hostsproxyheaders=X-Forwarded-Host
  108.       - traefik.http.middlewares.traefik-headers.headers.sslredirect=true
  109.       - traefik.http.middlewares.traefik-headers.headers.sslhost=traefik.$DOMAIN
  110.       - traefik.http.middlewares.traefik-headers.headers.sslforcehost=true
  111.       - traefik.http.middlewares.traefik-headers.headers.sslproxyheaders.X-Forwarded-Proto=https
  112.       - traefik.http.middlewares.traefik-headers.headers.stsseconds=63072000
  113.       - traefik.http.middlewares.traefik-headers.headers.stsincludesubdomains=true
  114.       - traefik.http.middlewares.traefik-headers.headers.stspreload=true
  115.       - traefik.http.middlewares.traefik-headers.headers.forcestsheader=true
  116.       - traefik.http.middlewares.traefik-headers.headers.framedeny=true
  117. #      - traefik.http.middlewares.traefik-headers.headers.customframeoptionsvalue=SAMEORIGIN # This option overrides FrameDeny
  118.       - traefik.http.middlewares.traefik-headers.headers.contenttypenosniff=true
  119.       - traefik.http.middlewares.traefik-headers.headers.browserxssfilter=true
  120. #      - traefik.http.middlewares.traefik-headers.headers.contentsecuritypolicy=frame-ancestors 'none'; object-src 'none'; base-uri 'none';
  121.       - traefik.http.middlewares.traefik-headers.headers.referrerpolicy=same-origin
  122.       - traefik.http.middlewares.traefik-headers.headers.featurepolicy=camera 'none'; geolocation 'none'; microphone 'none'; payment 'none'; usb 'none'; vr 'none';
  123.       - traefik.http.middlewares.traefik-headers.headers.customresponseheaders.X-Robots-Tag=none,noarchive,nosnippet,notranslate,noimageindex,
  124.     networks:
  125.       - t2_proxy:
  126.         - ipv4_address: 172.28.0.2
  127.       - socketproxy
  128.     security_opt:
  129.      - no-new-privileges:true
  130.     restart: always
  131.   socketproxy:
  132.     image: tecnativa/docker-socket-proxy
  133.     container_name: socketproxy
  134.     hostname: socketproxy
  135.     privileged: true
  136.     environment:
  137.       - CONTAINERS: 1
  138.       - SECRETS: 1
  139.       - INFO: 1
  140.       - IMAGES: 1
  141.       - VOLUMES: 1
  142.       - NETWORKS: 1
  143.     networks:
  144.      - socketproxy
  145.     ports:
  146.      - 2375
  147.     volumes:
  148.      - /var/run/docker.sock:/var/run/docker.sock
  149.     labels:
  150.      - autoheal=true
  151.       - com.centurylinklabs.watchtower.enable=true
  152.       - traefik.enable=false
  153.     restart: always
  154.   pihole:
  155.     image: pihole/pihole:latest
  156.     container_name: pihole
  157.     hostname: pihole
  158.     environment:
  159.      - PGID=$PGID
  160.       - PUID=$PUID
  161.       - TZ=$TZ
  162.       - WEBPASSWORD=password
  163.     depends_on:
  164.      - traefik
  165.     volumes:
  166.      - $DOCKERDIR/etc-pihole/:/etc/pihole/
  167.       - $DOCKERDIR/etc-dnsmasq.d/:/etc/dnsmasq.d/
  168.     dns:
  169.      - 1.1.1.1
  170.       - 1.0.0.1
  171.     restart: unless-stopped
  172.     labels:
  173.      - autoheal=true
  174.       - com.centurylinklabs.watchtower.enable=true
  175.       - traefik.enable=true
  176. # web interface
  177.       - traefik.http.routers.pihole.rule=Host(`pihole.wallace-home.org`)
  178.       - traefik.http.routers.pihole.entrypoints=websecure
  179.       - traefik.http.routers.pihole.tls.certresolver=dns-cloudflare
  180.       - traefik.http.services.pihole.loadbalancer.server.port=80
  181. # DNS-over-TLS
  182.       - traefik.tcp.routers.dnsovertls.rule=HostSNI(`pihole.wallace-home.org`)
  183.       - traefik.tcp.routers.dnsovertls.entrypoints=dnsovertls
  184.       - traefik.tcp.routers.dnsovertls.tls.certresolver=dns-cloudflare
  185.       - traefik.tcp.routers.dnsovertls.service=pihole
  186. # Normal DNS coming in on 53 TCP, no TLS
  187.       - traefik.tcp.routers.dns.rule=HostSNI(`pihole.wallace-home.org`)
  188.       - traefik.tcp.routers.dns.entrypoints=dns
  189.       - traefik.tcp.routers.dns.service=pihole
  190. # recieves traffic from both the TLS and non-TLS traefik routers
  191.       - traefik.tcp.services.pihole.loadbalancer.server.port=53
  192. # Normal DNS coming in on 53 UDP
  193.       - traefik.udp.routers.udpdns.entrypoints=udpdns
  194.       - traefik.udp.routers.udpdns.service=pihole
  195.       - traefik.udp.services.pihole.loadbalancer.server.port=53
  196.     networks:
  197.       t2_proxy:
  198.           ipv4_address: 172.28.0.30
  199.   authelia:
  200.     image: authelia/authelia:latest
  201.     container_name: authelia
  202.     hostname: authelia
  203.     environment:
  204.       - PGID=$PGID
  205.       - PUID=$PUID
  206.       - TZ=$TZ
  207.     volumes:
  208.      - $DOCKERDIR/authelia:/config
  209.       - $DOCKERDIR/authelia/data:/data
  210.       - $DOCKERDIR/authelia/configuration.yml:/etc/authelia/configuration.yml:ro
  211.       - $DOCKERDIR/authelia/users_database.yml:/etc/authelia/users_database.yml
  212.     labels:
  213.      - autoheal=true
  214.       - com.centurylinklabs.watchtower.enable=true
  215.       - traefik.enable=true
  216.       - traefik.http.routers.authelia.middlewares=authelia-headers
  217.       - traefik.http.middlewares.authelia-headers.headers.browserXssFilter=true
  218.       - traefik.http.middlewares.authelia-headers.headers.customFrameOptionsValue=SAMEORIGIN
  219.       - traefik.http.middlewares.authelia-headers.headers.customResponseHeaders.Cache-Control=no-store
  220.       - traefik.http.middlewares.authelia-headers.headers.customResponseHeaders.Pragma=no-cache
  221.       - traefik.http.routers.authelia.rule=Host(`login.wallace-home.org`)
  222.       - traefik.http.routers.authelia.entrypoints=websecure
  223.       - traefik.http.routers.authelia.tls.certresolver=letsencryptresolver
  224.       - traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9081/api/verify?rd=https://login.wallace-home.org/
  225.       - traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true
  226.       - traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups
  227.     expose:
  228.      - 9081
  229.     depends_on:
  230.      - traefik
  231.     networks:
  232.       t2_proxy:
  233.         ipv4_address: 172.28.0.24
  234.     restart: unless-stopped
  235.   autheliadb:
  236.     image: ghcr.io/linuxserver/mariadb
  237.     container_name: autheliadb
  238.     hostname: autheliadb
  239.     environment:
  240.      - PGID=$PGID
  241.       - PUID=$PUID
  242.       - TZ=$TZ
  243.       - MYSQL_DATABASE="authelia"
  244.       - REMOTE_SQL="http://autheliadb.wallace-home.org/authelia.sql,https://autheliadb.wallace-home.org/authelia.sql"
  245.       - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql_root_password.txt
  246.       - MYSQL_PASSWORD_FILE=/run/secrets/mysql_password.txt
  247.       - MYSQL_USER_FILE=/run/secrets/mysql_user.txt
  248.     secrets:
  249.      - mysql_root_password
  250.       - mysql_user
  251.       - mysql_password
  252.     volumes:
  253.      - $DOCKERDIR/autheliadb:/config
  254.     labels:
  255.       - autoheal=true
  256.       - com.centurylinklabs.watchtower.enable=true
  257.       - traefik.enable=false
  258.     ports:
  259.      - 3307:3306
  260.     networks:
  261.       t2_proxy:
  262.         ipv4_address: 172.28.0.25
  263.     restart: always
  264.   redis:
  265.     image: redis:alpine
  266.     container_name: redis
  267.     hostname: redis
  268.     volumes:
  269.      - $DOCKERDIR/redis:/data
  270.     labels:
  271.      - autoheal=true
  272.       - com.centurylinklabs.watchtower.enable=true
  273.       - traefik.enable=false
  274.     networks:
  275.       t2_proxy:
  276.         ipv4_address: 172.28.0.13
  277.     expose:
  278.      - 6379
  279.     restart: unless-stopped
  280.     environment:
  281.      - TZ=$TZ
  282.   rediscommander:
  283.     container_name: rediscommander
  284.     image: rediscommander/redis-commander:latest
  285.     hostname: rediscommander
  286.     security_opt:
  287.      - no-new-privileges:true
  288.     environment:
  289.      - REDIS_HOST=172.28.0.13:6379
  290.       - REDIS_PASSWORD=$REDIS_PASSWORD
  291.     labels:
  292.      - autoheal=true
  293.       - com.centurylinklabs.watchtower.enable=true
  294.       - traefik.enable=false
  295. ## HTTP Routers
  296. #      - traefik.http.routers.rediscommander-rtr.entrypoints=https
  297. #      - traefik.http.routers.rediscommander-rtr.rule=Host(`rediscom.$DOMAIN`)
  298. ## Middlewares
  299. #      - traefik.http.routers.rediscommander-rtr.middlewares=chain-oauth@file
  300. ## HTTP Services
  301. #      - traefik.http.routers.rediscommander-rtr.service=rediscommander-svc
  302. #      - traefik.http.services.rediscommander-svc.loadbalancer.server.port=8081
  303.     ports:
  304.      - 8081:8081
  305.     networks:
  306.       t2_proxy:
  307.         ipv4_address: 172.28.0.26
  308.     restart: unless-stopped
  309.   portainer:
  310.     image: portainer/portainer-ce
  311.     container_name: portainer
  312.     hostname: portainer
  313. #    command: -H unix:///var/run/docker.sock
  314.     priveleged: true
  315.     environment:
  316.      - PGID=$PGID
  317.       - PUID=$PUID
  318.       - TZ=$TZ
  319.       - DOCKER_HOST=tcp://docker-socket-proxy:2375
  320.     depends_on:
  321.      - socketproxy
  322.     volumes:
  323.      - /var/run/docker.sock:/var/run/docker.sock
  324.       - $DOCKERDIR/portainer:/config
  325.     labels:
  326.      - autoheal=true
  327.       - com.centurylinklabs.watchtower.enable=true
  328.       - traefik.enable=false
  329. #      - traefik.network=t2_proxy
  330. #      - traefik.http.routers.portainer-rtr.entrypoints=https
  331. #      - traefik.http.routers.portsiner-rtr.rule=Host(`portainer.$DOMAIN`)
  332. #      - traefik.http.routers.portainer-rtr.tls=true
  333. #      - traefik.http.routers.portainer-rtr.service=portainer-svc
  334. #      - traefik.http.services.portainer-svc.loadbalancer.server.port=9000
  335. #      - traefik.http.routers.portainer-rtr.middlewares=chain-authelia@file
  336.     ports:
  337.      - 9000:9000
  338.     networks:
  339.       - t2_proxy:
  340.         - ipv4_address: 172.28.0.3
  341.       - socketproxy
  342.     restart: always
  343.   watchtower:
  344.     image: containrrr/watchtower
  345.     container_name: watchtower
  346.     hostname: watchtower
  347.     environment:
  348.      - PGID=$PGID
  349.       - PUID=$PUID
  350.       - TZ=$TZ
  351.       - WATCHTOWER_CLEANUP=true
  352.       - WATCHTOWER_REMOVE_VOLUMES=false
  353.       - WATCHTOWER_INCLUDE_STOPPED=true
  354.     volumes:
  355.      - /var/run/docker.sock:/var/run/docker.sock
  356.     labels:
  357.       - autoheal=true
  358.       - com.centurylinklabs.watchtower.enable=true
  359.       - traefik.enable=false
  360.     network_mode: none
  361.     restart: always
  362.   autoheal:
  363.     image: willfarrell/autoheal
  364.     container_name: autoheal
  365.     hostname: autoheal
  366.     environment:
  367.      - PGID=$PGID
  368.       - PUID=$PUID
  369.       - TZ=$TZ
  370.       - AUTOHEAL_CONTAINER_LABEL=all
  371.       - DOCKER_HOST=tcp://docker-socket-proxy:2375
  372.     depends_on:
  373.      - socketproxy
  374.     volumes:
  375.      - /var/run/docker.sock:/var/run/docker.sock
  376.     labels:
  377.      - com.centurylinklabs.watchtower.enable=true
  378.       - traefik.enable=false
  379.     networks:
  380.       - t2_proxy:
  381.         - ipv4_address: 172.28.0.5
  382.       - socketproxy
  383.     mem_limit: 40m
  384.     mem_reservation: 15m
  385.     restart: always
  386.   phpmyadmin:
  387.     image: ghcr.io/linuxserver/phpmyadmin
  388.     container_name: phpmyadmin
  389.     hostname: phpmyadmin
  390.     environment:
  391.       - PGID=$PGID
  392.       - PUID=$PUID
  393.       - TZ=$TZ      
  394.       - PMA_ARBITRARY=1 #optional
  395.       - PMA_ABSOLUTE_URI=https://phpmyadmin.wallace-home.org #optional
  396.     volumes:
  397.      - $DOCKERDIR/phpmyadmin:/config
  398.     ports:
  399.      - 81:81
  400.     labels:
  401.       - autoheal=true
  402.       - com.centurylinklabs.watchtower.enable=true
  403.       - traefik.enable=false
  404. #      - traefik.network=t2_proxy
  405. #      - traefik.http.routers.phpmyadmin-rtr.entrypoints=https
  406. #      - traefik.http.routers.phpmyadmin-rtr.rule=Host(`phpmyadmin.$DOMAIN`)
  407. #      - traefik.http.routers.phpmyadmin-rtr.tls=true
  408. #      - traefik.http.routers.phpmyadmin-rtr.service=phpmyadmin-svc
  409. #      - traefik.http.services.phpmyadmin-svc.loadbalancer.server.port=81
  410. #      - traefik.http.routers.phpmyadmin-rtr.middlewares=chain-authelia@file
  411.     networks:
  412.       - t2_proxy:
  413.         - ipv4_address: 172.28.0.6
  414.     restart: unless-stopped
  415.   homer:
  416.     image: b4bz/homer
  417.     environment:
  418.      - PGID=$PGID
  419.       - PUID=$PUID
  420.       - TZ=$TZ      
  421.     volumes:
  422.      - $DOCKERDIR/homer/data:/www/assets
  423.     labels:
  424.      - autoheal=true
  425.       - com.centurylinklabs.watchtower.enable=true
  426.       - traefik.enable=true
  427.       - traefik.network=t2_proxy
  428.       - traefik.http.services.dashboard-service.loadbalancer.server.port=8080
  429.       - traefik.http.routers.dashboard.rule=HostHeader(`$DOMAIN``www.$DOMAIN`)
  430.       - traefik.http.routers.dashboard.entrypoints=http
  431.         # For https:
  432.       - traefik.http.routers.dashboard-secure.rule=Host(`$DOMAIN``www.$DOMAIN`)
  433.       - traefik.http.routers.dashboard-secure.entrypoints=https
  434.       - traefik.http.routers.dashboard-secure.tls=true
  435.       - traefik.http.routers.dashboard-secure.tls.certresolver=le
  436.       - traefik.http.middlewares.dashboard-redirect-dashboard-secure.redirectscheme.scheme=https
  437.       - traefik.http.routers.dashboard.middlewares=dashboard-redirect-dashboard-secure
  438. #    ports:
  439. #      - 8080:8080
  440.     depends_on:
  441.      - traefik
  442.     networks:
  443.       - t2_proxy:
  444.         - ipv4_address: 172.28.0.7
  445.   sonarr:
  446.     image: ghcr.io/linuxserver/sonarr
  447.     container_name: sonarr
  448.     hostname: sonarr
  449.     environment:
  450.      - PGID=$PGID
  451.       - PUID=$PUID
  452.       - TZ=$TZ
  453.     volumes:
  454.      - $DOCKERDIR/sonarr:/config
  455.       - $MEDIADIR/TVShows/TVShows:/data/TVShows
  456.       - $MEDIADIR/TVShows/TV.Doc:/data/TVDoc
  457.       - $MEDIADIR/Movies1/TV.Doc:/data/TVDoc1
  458.       - $DOWNLOADS:/data/completed
  459.     labels:
  460.       - autoheal=true
  461.       - com.centurylinklabs.watchtower.enable=true
  462.       - traefik.enable=true
  463.       - traefik.network=t2_proxy
  464. ## HTTP Routers Auth Bypass
  465.       - traefik.http.routers.sonarr-rtr-bypass.entrypoints=https
  466.       - traefik.http.routers.sonarr-rtr-bypass.rule=Host(`sonarr.$DOMAIN`) && (Headers(`X-Api-Key`, `$SONARR_API_KEY`) || Query(`apikey`, `$SONARR_API_KEY`))
  467.       - traefik.http.routers.sonarr-rtr-bypass.priority=100
  468. ##Routers
  469.       - traefik.http.routers.sonarr-rtr.entrypoints=https
  470.       - traefik.http.routers.sonarr-rtr.rule=Host(`sonarr.$DOMAIN`)
  471.       - traefik.http.routers.sonarr-rtr.tls=true
  472.       - traefik.http.routers.sonarr-rtr.service=sonarr-svc
  473.       - traefik.http.routers.sonarr-rtr.priority=99
  474.       - traefik.http.routers.sonarr-rtr.middlewares=chain-authelia@file
  475. ##Services
  476.       - traefik.http.services.sonarr-svc.loadbalancer.server.port=8989
  477. #    ports:
  478. #      - 8989:8989
  479.     depends_on:
  480.      - traefik
  481.     networks:
  482.       - t2_proxy:
  483.         - ipv4_address: 172.28.0.8
  484.     restart: always
  485.   radarr:
  486.     image: ghcr.io/linuxserver/radarr
  487.     container_name: radarr
  488.     hostname: radarr
  489.     environment:
  490.      - PGID=$PGID
  491.       - PUID=$PUID
  492.       - TZ=$TZ
  493.     volumes:
  494.      - $DOCKERDIR/radarr:/config
  495.       - $MEDIADIR/Movies/Animated:/data/Animated1
  496.       - $MEDIADIR/Movies1/Animated:/data/Animated2
  497.       - $MEDIADIR/Movies3/Animated:/data/Animated3
  498.       - $MEDIADIR/Movies/Horror:/data/Horror1
  499.       - $MEDIADIR/Movies1/Horror:/data/Horror2
  500.       - $MEDIADIR/Movies3/Horror:/data/Horror3
  501.       - $MEDIADIR/Movies/Movies:/data/Movies1
  502.       - $MEDIADIR/Movies1/Movies:/data/Movies2
  503.       - $MEDIADIR/Movies3/Movies:/data/Movies3
  504.       - $MEDIADIR/Movies3/Mov.Doc:/data/documentaries
  505.       - $DOWNLOADS:/data/completed
  506.     labels:
  507.      - autoheal=true
  508.       - com.centurylinklabs.watchtower.enable=true
  509.       - traefik.enable=true
  510.       - traefik.network=t2_proxy
  511. ## HTTP Routers Auth Bypass
  512.       - traefik.http.routers.radarr-rtr-bypass.entrypoints=https
  513.       - traefik.http.routers.radarr-rtr-bypass.rule=Host(`radarr.$DOMAIN`) && (Headers(`X-Api-Key`, `$RADARR_API_KEY`) || Query(`apikey`, `$RADARR_API_KEY`))
  514.       - traefik.http.routers.radarr-rtr-bypass.priority=100
  515. ##Routers
  516.       - traefik.http.routers.radarr-rtr.entrypoints=https
  517.       - traefik.http.routers.radarr-rtr.rule=Host(`radarr.$DOMAIN`)
  518.       - traefik.http.routers.radarr-rtr.tls=true
  519.       - traefik.http.routers.radarr-rtr.middlewares=chain-authelia@file
  520.       - traefik.http.routers.radarr-rtr.priority=99
  521.       - traefik.http.routers.radarr-rtr.service=radarr-svc
  522. ##Services
  523.       - traefik.http.services.radarr-svc.loadbalancer.server.port=7878
  524. #    ports:
  525. #      - 7878:7878
  526.     depends_on:
  527.      - traefik
  528.     networks:
  529.       - t2_proxy:
  530.         - ipv4_address: 172.28.0.9
  531.     restart: always
  532.   lidarr:
  533.     image: ghcr.io/linuxserver/lidarr
  534.     container_name: lidarr
  535.     hostname: lidarr
  536.     environment:
  537.      - PGID=$PGID
  538.       - PUID=$PUID
  539.       - TZ=$TZ
  540.     volumes:
  541.      - $DOCKERDIR/lidarr:/config
  542.       - $MEDIADIR/Movies1/Music:/data/Music
  543.       - $DOWNLOADS:/data/completed
  544.     labels:
  545.       - autoheal=true
  546.       - com.centurylinklabs.watchtower.enable=true
  547.       - traefik.enable=true
  548.       - traefik.network=t2_proxy
  549.       - traefik.http.routers.lidarr-rtr.entrypoints=https
  550.       - traefik.http.routers.lidarr-rtr.rule=Host(`lidarr.$DOMAIN`)
  551.       - traefik.http.routers.lidarr-rtr.tls=true
  552.       - traefik.http.routers.lidarr-rtr.service=lidarr-svc
  553.       - traefik.http.services.lidarr-svc.loadbalancer.server.port=8686
  554.       - traefik.http.routers.lidarr-rtr.middlewares=chain-authelia@file
  555. #    ports:
  556. #      - 8686:8686
  557.     depends_on:
  558.      - traefik
  559.     networks:
  560.       - t2_proxy:
  561.         - ipv4_address: 172.28.0.10
  562.     restart: always
  563.   bazarr:
  564.     image: ghcr.io/linuxserver/bazarr
  565.     container_name: bazarr
  566.     hostname: bazarr
  567.     environment:
  568.      - PGID=$PGID
  569.       - PUID=$PUID
  570.       - TZ=$TZ
  571.     volumes:
  572.      - $DOCKERDIR/bazarr:/config
  573.       - $MEDIADIR/Movies/Animated:/data/Animated1
  574.       - $MEDIADIR/Movies1/Animated:/data/Animated2
  575.       - $MEDIADIR/Movies3/Animated:/data/Animated3
  576.       - $MEDIADIR/Movies/Horror:/data/Horror1
  577.       - $MEDIADIR/Movies1/Horror:/data/Horror2
  578.       - $MEDIADIR/Movies3/Horror:/data/Horror3
  579.       - $MEDIADIR/Movies/Movies:/data/Movies1
  580.       - $MEDIADIR/Movies1/Movies:/data/Movies2
  581.       - $MEDIADIR/Movies3/Movies:/data/Movies3
  582.       - $MEDIADIR/TVShows/TVShows:/data/TVShows      
  583.       - $MEDIADIR/TVShows/TV.Doc:/data/TVDoc
  584.       - $MEDIADIR/Movies1/TV.Doc:/data/TVDoc1
  585.       - $MEDIADIR/Movies3/Mov.Doc:/data/documentaries
  586.     labels:
  587.      - autoheal=true
  588.       - com.centurylinklabs.watchtower.enable=true
  589.       - traefik.enable=true
  590.       - traefik.network=t2_proxy
  591.       - traefik.http.routers.bazarr-rtr.entrypoints=https
  592.       - traefik.http.routers.bazarr-rtr.rule=Host(`bazarr.$DOMAIN`)
  593.       - traefik.http.routers.bazarr-rtr.tls=true
  594.       - traefik.http.routers.bazarr-rtr.service=bazarr-svc
  595.       - traefik.http.services.bazarr-svc.loadbalancer.server.port=6767
  596.       - traefik.http.routers.bazarr-rtr.middlewares=chain-authelia@file
  597. #    ports:
  598. #      - 6767:6767
  599.     depends_on:
  600.      - traefik
  601.     networks:
  602.       - t2_proxy:
  603.         - ipv4_address: 172.28.0.11
  604.     restart: always
  605.   prowlarr:
  606.     container_name: prowlarr
  607.     image: linuxserver/prowlarr
  608.     hostname: prowlarr
  609.     environment:
  610.      - PUID=$PUID
  611.       - PGID=$PGID
  612.       - UMASK=002
  613.       - TZ=$TZ
  614.     volumes:
  615.      - $DOCKERDIR/prowlarr:/config
  616. #    ports:
  617. #      - 9696:9696
  618.     labels:
  619.      - autoheal=true
  620.       - com.centurylinklabs.watchtower.enable=true
  621.       - traefik.enable=true
  622.       - traefik.network=t2_proxy
  623.       - traefik.http.routers.prowlarr-rtr.entrypoints=https
  624.       - traefik.http.routers.prowlarr-rtr.rule=Host(`prowlarr.$DOMAIN`)
  625.       - traefik.http.routers.prowlarr-rtr.tls=true
  626.       - traefik.http.routers.prowlarr-rtr.middlewares=chain-authelia@file
  627.       - traefik.http.routers.prowlarr-rtr.service=prowlarr-svc
  628.       - traefik.http.services.prowlarr-svc.loadbalancer.server.port=9696
  629.     depends_on:
  630.      - traefik
  631.     networks:
  632.       - t2_proxy:
  633.         - ipv4_address: 172.28.0.12
  634.     restart: unless-stopped
  635.   overseerr:
  636.     image: sctx/overseerr
  637.     container_name: overseerr
  638.     hostname: overseerr
  639.     environment:
  640.       - PGID=$PGID
  641.       - PUID=$PUID
  642.       - TZ=$TZ
  643.       - LOG_LEVEL=info
  644.     volumes:
  645.      - $DOCKERDIR/overseerr:/config
  646.     labels:
  647.       - autoheal=true
  648.       - com.centurylinklabs.watchtower.enable=true
  649.       - traefik.enable=true
  650.       - traefik.network=t2_proxy
  651.       - traefik.http.routers.overseerr-rtr.entrypoints=https
  652.       - traefik.http.routers.overseerr-rtr.rule=Host(`overseerr.$DOMAIN`)
  653.       - traefik.http.routers.overseerr-rtr.tls=true
  654.       - traefik.http.routers.overseerr-rtr.service=overseerr-svc
  655.       - traefik.http.services.overseerr-svc.loadbalancer.server.port=5055
  656.       - traefik.http.routers.overseerr-rtr.middlewares=chain-authelia@file
  657. #    ports:
  658. #      - 5055:5055
  659.     depends_on:
  660.      - traefik
  661.     networks:
  662.       - t2_proxy:
  663.         - ipv4_address: 172.28.0.14
  664.   transmission:
  665.     image: haugene/transmission-openvpn
  666.     container_name: transmission
  667.     hostname: transmission
  668.     cap_add:
  669.      - NET_ADMIN
  670.     devices:
  671.      - /dev/net/tun
  672. #    ports:
  673. #      - 9091:9091
  674. #      - 8888:8888
  675.     dns:
  676.      - 209.222.18.222
  677.       - 209.222.18.218
  678.     volumes:
  679.      - /etc/localtime:/etc/localtime:ro
  680.       - $DOCKERDIR/transmission:/data
  681.       - $DOCKERDIR/transmission/openvpn:/etc/openvpn/custom/default.ovpn:ro
  682.       - $DOWNLOADS:/data/Downloads
  683.     environment:
  684.       - PGID=$PGID
  685.       - PUID=$PUID
  686.       - TZ=$TZ
  687.       - UMASK=002
  688.       - OPENVPN_PROVIDER=PIA
  689.       - OPENVPN_CONFIG=switzerland,ca_toronto,ca_montreal,ca_vancouver
  690.       - PIA_OPENVPN_CONFIG_BUNDLE=openvpn
  691.       - OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60
  692.       - LOCAL_NETWORK=192.168.7.0/24
  693.       - TRANSMISSION_RPC_AUTHENTICATION_REQUIRED=true
  694.       - TRANSMISSION_RPC_HOST_WHITELIST="172.28.0.1,192.168.*.*"
  695.       - TRANSMISSION_MAX_PEERS_GLOBAL=9999
  696.       - TRANSMISSION_PEER_LIMIT_GLOBAL=9999
  697.       - TRANSMISSION_PEER_LIMIT_PER_TORRENT=9999
  698.       - TRANSMISSION_RPC_PASSWORD_FILE=/run/secrets/transmission_rpc_pass.txt
  699.       - TRANSMISSION_RPC_USERNAME_FILE=/run/secrets/transmission_rpc_user.txt
  700.       - TRANSMISSION_DOWNLOAD_DIR=/data/completed
  701.       - OPENVPN_USERNAME_FILE=/run/secrets/openvpn_username.txt
  702.       - OPENVPN_PASSWORD_FILE=/run/secrets/openvpn_password.txt
  703.     secrets:
  704.      - transmission_rpc_pass
  705.       - transmission_rpc_user
  706.       - openvpn_username
  707.       - openvpn_password
  708.     labels:
  709.       - autoheal=true
  710.       - com.centurylinklabs.watchtower.enable=true
  711.       - traefik.enable=true
  712.       - traefik.network=t2_proxy
  713.       - traefik.http.routers.transmission-rtr.entrypoints=https
  714.       - traefik.http.routers.transmission-rtr.rule=Host(`transmission.$DOMAIN`)
  715.       - traefik.http.routers.transmission-rtr.tls=true
  716.       - traefik.http.routers.transmission-rtr.service=transmission-svc
  717.       - traefik.http.services.transmission-svc.loadbalancer.server.port=9091
  718.       - traefik.http.routers.transmission-rtr.middlewares=chain-authelia@file
  719. #    ports:
  720. #      - 9091:9091
  721.     depends_on:
  722.      - traefik
  723.     networks:
  724.       - t2_proxy:
  725.         - ipv4_address: 172.28.0.15
  726.     restart: always
  727.   tautulli:
  728.     image: ghcr.io/linuxserver/tautulli
  729.     container_name: tautulli
  730.     hostname: tautulli
  731.     environment:
  732.      - PGID=$PGID
  733.       - PUID=$PUID
  734.       - TZ=$TZ
  735.     volumes:
  736.      - $DOCKERDIR/tautulli:/config
  737.     labels:
  738.       - autoheal=true
  739.       - com.centurylinklabs.watchtower.enable=true
  740.       - traefik.enable=true
  741.       - traefik.network=t2_proxy
  742.       - traefik.http.routers.tautulli-rtr.entrypoints=https
  743.       - traefik.http.routers.tautulli-rtr.rule=Host(`tautulli.$DOMAIN`)
  744.       - traefik.http.routers.tautulli-rtr.tls=true
  745.       - traefik.http.routers.tautulli-rtr.service=radarr-svc
  746.       - traefik.http.services.tautulli-svc.loadbalancer.server.port=8181
  747.       - traefik.http.routers.tautulli-rtr.middlewares=chain-authelia@file
  748. #    ports:
  749. #      - 8181:8181
  750.     depends_on:
  751.      - traefik
  752.     networks:
  753.       - t2_proxy:
  754.         - ipv4_address: 172.28.0.16
  755.     restart: always
  756.   plex:
  757.     image: ghcr.io/linuxserver/plex
  758.     container_name: plex
  759.     hostname: plex
  760.     environment:
  761.       - PGID=$PGID
  762.       - PUID=$PUID
  763.       - TZ=$TZ
  764.       - VERSION=docker
  765. #    ports:
  766. #      - 32400:32400
  767. #      - 3005:3005/tcp
  768. #      - 8324:8324/tcp
  769. #      - 32469:32469/tcp
  770. #      - 1900:1900/udp
  771. #      - 32410:32410/udp
  772. #      - 32412:32412/udp
  773. #      - 32413:32413/udp
  774. #      - 32414:32414/udp
  775.     volumes:
  776.       - $DOCKERDIR/plex:/config
  777.       - $MEDIADIR/Extra2/Transcode:/transcode
  778.       - $MEDIADIR/Movies/Animated:/data/Animated1
  779.       - $MEDIADIR/Movies1/Animated:/data/Animated2
  780.       - $MEDIADIR/Movies3/Animated:/data/Animated3
  781.       - $MEDIADIR/Movies/Horror:/data/Horror2
  782.       - $MEDIADIR/Movies1/Horror:/data/Horror2
  783.       - $MEDIADIR/Movies3/Horror:/data/Horror3
  784.       - $MEDIADIR/Movies/Movies:/data/Movies1
  785.       - $MEDIADIR/Movies1/Movies:/data/Movies2
  786.       - $MEDIADIR/Movies3/Movies:/data/Movies3
  787.       - $MEDIADIR/TVShows/TVShows:/data/TVShows
  788.       - $MEDIADIR/TVShows/TV.Doc:/data/TVDoc
  789.       - $MEDIADIR/Movies3/Mov.Doc:/data/documentaries
  790.       - $MEDIADIR/Movies1/TV.Doc:/data/TVDoc1
  791.       - $MEDIADIR/Movies1/Music:/data/Music
  792.       - $MEDIADIR/Movies3/Audiobooks:/data/Audiobooks
  793.       - $MEDIADIR/Movies1/Photos:/data/Photos
  794.     labels:
  795.      - autoheal=true
  796.       - com.centurylinklabs.watchtower.enable=true
  797.       - traefik.enable=false
  798. #      - traefik.network=t2_proxy
  799. #      - traefik.http.routers.plex-rtr.entrypoints=https
  800. #      - traefik.http.routers.plex-rtr.rule=Host(`plex.$DOMAIN`)
  801. #      - traefik.http.routers.plex-rtr.tls=true
  802. #      - traefik.http.routers.plex-rtr.service=plex-svc
  803. #      - traefik.http.services.plex-svc.loadbalancer.server.port=32400
  804. #      - traefik.http.routers.plex-rtr.middlewares=chain-authelia@file
  805.     network_mode: host
  806. #      networks:
  807. #      t2_proxy:
  808. #        ipv4_address: 172.28.0.17
  809.     restart: always
  810.   jellyfin:
  811.     image: ghcr.io/linuxserver/jellyfin
  812.     container_name: jellyfin
  813.     hostname: jellyfin
  814.     environment:
  815.       - PGID=$PGID
  816.       - PUID=$PUID
  817.       - TZ=$TZ
  818.       - JELLYFIN_PublishedServerUrl=192.168.7.76 `#optional`
  819.     volumes:
  820.       - $DOCKERDIR/jellyfin:/config
  821.       - $MEDIADIR/Movies/Animated:/data/Animated1
  822.       - $MEDIADIR/Movies1/Animated:/data/Animated2
  823.       - $MEDIADIR/Movies3/Animated:/data/Animated3
  824.       - $MEDIADIR/Movies/Horror:/data/Horror1
  825.       - $MEDIADIR/Movies1/Horror:/data/Horror2
  826.       - $MEDIADIR/Movies3/Horror:/data/Horror3
  827.       - $MEDIADIR/Movies/Movies:/data/Movies1
  828.       - $MEDIADIR/Movies1/Movies:/data/Movies2
  829.       - $MEDIADIR/Movies3/Movies:/data/Movies3
  830.       - $MEDIADIR/TVShows/TVShows:/data/TVShows
  831.       - $MEDIADIR/TVShows/TV.Doc:/data/TVDoc
  832.       - $MEDIADIR/Movies3/Mov.Doc:/data/documentaries
  833.       - $MEDIADIR/Movies1/TV.Doc:/data/TVDoc1
  834.       - $MEDIADIR/Movies1/Music:/data/Music
  835.       - $MEDIADIR/Movies3/Audiobooks:/data/Audiobooks
  836.       - $MEDIADIR/Movies1/Photos:/data/Photos
  837.     labels:
  838.      - autoheal=true
  839.       - com.centurylinklabs.watchtower.enable=true
  840.       - traefik.enable=false
  841. #      - traefik.network=t2_proxy
  842. #      - traefik.http.routers.jellyfin-rtr.entrypoints=https
  843. #      - traefik.http.routers.jellyfin-rtr.rule=Host(`jellyfin.$DOMAIN`)
  844. #      - traefik.http.routers.jellyfin-rtr.tls=true
  845. #      - traefik.http.routers.jellyfin-rtr.service=jellyfin-svc
  846. #      - traefik.http.services.jellyfin-svc.loadbalancer.server.port=8096
  847. #      - traefik.http.routers.jellyfin-rtr.middlewares=chain-authelia@file
  848.     network_mode: host
  849. #      t2_proxy:
  850. #        ipv4_address: 172.28.0.18
  851.     restart: always
  852.   unmanic:
  853.     image: josh5/unmanic:latest
  854.     container_name: unmanic
  855.     hostname: unmanic
  856.     environment:
  857.      - PGID=$PGID
  858.       - PUID=$PUID
  859.       - TZ=$TZ
  860.     volumes:
  861.      - $DOCKERDIR/unmanic:/config
  862.       - $MEDIADIR/Movies/Animated:/data/Animated1
  863.       - $MEDIADIR/Movies1/Animated:/data/Animated2
  864.       - $MEDIADIR/Movies3/Animated:/data/Animated3
  865.       - $MEDIADIR/Movies/Horror:/data/Horror1
  866.       - $MEDIADIR/Movies1/Horror:/data/Horror2
  867.       - $MEDIADIR/Movies3/Horror:/data/Horror3
  868.       - $MEDIADIR/Movies/Movies:/data/Movies1
  869.       - $MEDIADIR/Movies1/Movies:/data/Movies2
  870.       - $MEDIADIR/Movies3/Movies:/data/Movies3
  871.       - $MEDIADIR/TVShows/TVShows:/data/TVShows
  872.       - $MEDIADIR/TVShows/TV.Doc:/data/TVDoc
  873.       - $MEDIADIR/Movies3/Mov.Doc:/data/documentaries
  874.       - $MEDIADIR/Movies1/TV.Doc:/data/TVDoc1
  875.       - $TRANSCODES:/tmp/unmanic
  876.     labels:
  877.       - autoheal=true
  878.       - com.centurylinklabs.watchtower.enable=true
  879.       - traefik.enable=true
  880.       - traefik.network=t2_proxy
  881.       - traefik.http.routers.unmanic-rtr.entrypoints=https
  882.       - traefik.http.routers.unmanic-rtr.rule=Host(`unmanic.$DOMAIN`)
  883.       - traefik.http.routers.unmanic-rtr.tls=true
  884.       - traefik.http.routers.unmanic-rtr.service=unmanic-svc
  885.       - traefik.http.services.unmanic-svc.loadbalancer.server.port=8888
  886.       - traefik.http.routers.unmanic-rtr.middlewares=chain-authelia@file
  887. #    ports:
  888. #      - 8888:8888
  889.     depends_on:
  890.      - traefik
  891.     networks:
  892.       - t2_proxy:
  893.         - ipv4_address: 172.28.0.19
  894.     restart: always
  895.   whoami:
  896.    # A container that exposes an API to show its IP address
  897.     image: traefik/whoami
  898.     labels:
  899.      - traefik.http.routers.whoami.rule=Host(`whoami.docker.localhost`)
  900.     depends_on:
  901.      - traefik
  902.     networks:
  903.      - t2_proxy
  904.   nextcloud:
  905.     image: ghcr.io/linuxserver/nextcloud
  906.     container_name: nextcloud
  907.     hostname: nextcloud
  908.     environment:
  909.      - PGID=$PGID
  910.       - PUID=$PUID
  911.       - TZ=$TZ
  912.     volumes:
  913.      - $DOCKERDIR/nextcloud/config:/config
  914.       - $MEDIADIR/Movies1/Photos:/data/Photos
  915.     labels:
  916.      - autoheal=true
  917.       - com.centurylinklabs.watchtower.enable=true
  918.       - traefik.enable=true
  919.       - traefik.network=t2_proxy
  920.       - traefik.http.routers.nextcloud-rtr.entrypoints=https
  921.       - traefik.http.routers.nextcloud-rtr.rule=Host(`nextcloud.$DOMAIN`)
  922.       - traefik.http.routers.nextcloud-rtr.tls=true
  923.       - traefik.tcp.routers.nextcloud-tcp.tls.passthrough=true
  924.       - traefik.http.routers.nextcloud-rtr.service=nextcloud-svc
  925.       - traefik.http.services.nextcloud-svc.loadbalancer.server.port=443
  926.       - traefik.http.routers.nextcloud-rtr.middlewares=chain-authelia@docker
  927. #    ports:
  928. #      - 443:443
  929.     depends_on:
  930.      - nextclouddb
  931.       - clamav
  932.       - nextcloud_redis
  933.       - traefik
  934.     networks:
  935.       - t2_proxy:
  936.         - ipv4_address: 172.28.0.20
  937.     restart: always
  938.   nextclouddb:
  939.     image: ghcr.io/linuxserver/mariadb
  940.     container_name: nextclouddb
  941.     hostname: nextclouddb
  942.     environment:
  943.      - PGID=$PGID
  944.       - PUID=$PUID
  945.       - TZ=$TZ
  946.       - MYSQL_DATABASE="nextcloud"
  947.       - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql_root_password.txt
  948.       - MYSQL_PASSWORD_FILE=/run/secrets/mysql_password.txt
  949.       - MYSQL_USER_FILE=/run/secrets/mysql_user.txt
  950.       - REMOTE_SQL="http://nextcloud.wallace-home.org/nextcloud.sql,https://nextcloud.wallace-home.org/nextcloud.sql"
  951.     secrets:
  952.      - mysql_root_password
  953.       - mysql_user
  954.       - mysql_password
  955.     volumes:
  956.      - $DOCKERDIR/mariadb/nextcloud:/config
  957.     depends_on:
  958.      - nextcloud
  959.     labels:
  960.       - autoheal=true
  961.       - com.centurylinklabs.watchtower.enable=true
  962.       - traefik.enable=false
  963.     ports:
  964.      - 3306:3306
  965.     networks:
  966.       - t2_proxy:
  967.         - ipv4_address: 172.28.0.23
  968.     restart: always
  969.   clamav:
  970.     image: mkodockx/docker-clamav:alpine
  971.     container_name: clamav
  972.     hostname: clamav
  973.     environment:
  974.      - PGID=$PGID
  975.       - PUID=$PUID
  976.       - TZ=$TZ
  977.     volumes:
  978.      - $MEDIADIR/Movies1/Photos:/data/Photos
  979.       - $DOCKERDIR/clamav:/var/lib/clamav
  980.     depends_on:
  981.      - nextcloud
  982.     ports:
  983.      - 3310:3310
  984.     networks:
  985.       - t2_proxy:
  986.         - ipv4_address: 172.28.0.22
  987.     labels:
  988.      - autoheal=true
  989.       - com.centurylinklabs.watchtower.enable=true
  990.       - traefik.enable=false
  991.     restart: always
  992.   nextcloud_redis:
  993.     image: redis:5
  994.     container_name: nextcloud_redis
  995.     hostname: nextcloud_redis
  996.     volumes:
  997.      - $DOCKERDIR/nextcloud_redis/redis:/data
  998.     labels:
  999.      - autoheal=true
  1000.       - com.centurylinklabs.watchtower.enable=true
  1001.       - traefik.enable=false
  1002.     networks:
  1003.       - t2_proxy:
  1004.         - ipv4_address: 172.28.0.21
  1005.     expose:
  1006.      - 6380
  1007.     restart: always
  1008. networks:
  1009.   t2_proxy:
  1010.     external:
  1011.       name: t2_proxy
  1012.   default:
  1013.     driver: bridge
  1014.   socketproxy:
  1015.     external:
  1016.       name: socketproxy
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!