API tools faq
paste
gw17252009

Complete1.yaml

gw17252009
Oct 5th, 2021
75
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 39.29 KB | None | 0 0
raw download clone embed print report
  1. services:
  2. traefik:
  3. image: traefik:v2.5
  4. container_name: traefik
  5. hostname: traefik
  6. environment:
  7. - PGID=$PGID
  8. - PUID=$PUID
  9. - TZ=$TZ
  10. - CF_API_EMAIL=$CF_API_EMAIL
  11. - CF_API_KEY=$CF_API_KEY
  12. - DOCKER_HOST=tcp://socketproxy:2375
  13. volumes:
  14. - $DOCKERDIR/traefik2/rules:/rules
  15. - $DOCKERDIR/traefik2/acme.json:/acme.json
  16. - $DOCKERDIR/traefik2/traefik.log:/traefik.log
  17. - $DOCKERDIR/traefik 2/letsencrypt:/letsencrypt
  18. - $DOCKERDIR/shared:/shared
  19. depends_on:
  20. - socketproxy
  21. command: # CLI arguments
  22. - --global.insecureSNI
  23. - --global.checkNewVersion=true
  24. - --global.sendAnonymousUsage=true
  25. - --entrypoints.http.address=:80
  26. - --entrypoints.https.address=:443
  27. - --entrypoints.dnsovertls.address=:853
  28. - --entrypoints.dns.address=:53
  29. - --entrypoints.udpdns.address=:53/udp # Allow these IPs to set the X-Forwarded-* headers - Cloudflare IPs: https://www.cloudflare.com/ips/
  30. - --entrypoints.https.forwardedHeaders.trustedIPs=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/12,172.64.0.0/13,131.0.72.0/22
  31. - --entrypoints.traefik.address=:8080
  32. - --entrypoints.https.http.tls.certresolver=dns-cloudflare
  33. - --entrypoints.https.http.tls.domains[0].main=$DOMAIN
  34. - --entrypoints.https.http.tls.domains[0].sans=*.$DOMAIN
  35. - --api=true
  36. # - --api.insecure=true
  37. # - --serversTransport.insecureSkipVerify=true
  38. - --log=true
  39. - --log.level=DEBUG # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC
  40. - --accessLog=true
  41. - --accessLog.filePath=/traefik.log
  42. - --accessLog.bufferingSize=100 # Configuring a buffer of 100 lines
  43. - --accessLog.filters.statusCodes=400-499
  44. - --providers.docker=true
  45. - --providers.docker.endpoint="tcp://socketproxy:2375"
  46. - --providers.docker.defaultrule=Host(`{{ index .Labels "com.docker.compose.service" }}.$DOMAIN`)
  47. - --providers.docker.exposedByDefault=false
  48. - --providers.docker.network=socketproxy
  49. - --providers.docker.defaultRule=Host({{ trimPrefix / .Name }}.$DOMAIN)
  50. - --providers.docker.swarmMode=false
  51. - --providers.file.directory=/rules # Load dynamic configuration from one or more .toml or .yml files in a directory.
  52. # - --providers.file.filename=${USERDIR}/docker/traefik/traefik_dynamic.toml # Load dynamic configuration from a file.
  53. - --providers.file.watch=true # Only works on top level files in the rules folder
  54. - --certificatesResolvers.dns-cloudflare.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server - uncomment when testing
  55. - --certificatesResolvers.dns-cloudflare.acme.email=$CF_API_EMAIL
  56. - --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
  57. - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53
  58. - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
  59. ports:
  60. - "80:80"
  61. - "443:443"
  62. - "53:53"
  63. - "53:53/udp"
  64. - "853:853"
  65. # - "8080:8080"
  66. labels:
  67. - "autoheal=true"
  68. - "com.centurylinklabs.watchtower.enable=true"
  69. - "traefik.docker.network=t2_proxy"
  70. - "traefik.http.routers.myrouter.tls.options=myoptions@file"
  71. - "traefik.http.routers.http-catchall.entrypoints=http"
  72. - "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
  73. - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
  74. - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
  75. - "traefik.http.routers.traefik-rtr.entrypoints=https"
  76. - "traefik.http.routers.traefik-rtr.rule=Host(`traefik.$DOMAIN`)"
  77. - "traefik.http.routers.traefik-rtr.tls=true"
  78. - "traefik.http.routers.traefik-rtr.tls.certresolver=dns-cloudflare" # Comment out this line after first run of traefik to force the use of wildcard certs
  79. - "traefik.http.routers.traefik-rtr.tls.domains[0].main=$DOMAIN"
  80. - "traefik.http.routers.traefik-rtr.tls.domains[0].sans=*.$DOMAIN"
  81. # - "traefik.http.routers.traefik-rtr.middlewares=middlewares-basic-auth@file"
  82. - "traefik.http.routers.traefik-rtr.middlewares=chain-authelia@file"
  83. - "traefik.http.routers.traefik-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-authelia@file"
  84. # - "traefik.http.routers.traefik-rtr.middlewares=traefik-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
  85. networks:
  86. - t2_proxy:
  87. - ipv4_address: 172.28.0.2
  88. - socketproxy:
  89. - ipv4_address: 172.29.0.3
  90. - nextcloud:
  91. - ipv4_address: 172.30.0.12
  92. security_opt:
  93. - no-new-privileges:true
  94. restart: always
  95. socketproxy:
  96. image: tecnativa/docker-socket-proxy
  97. container_name: socketproxy
  98. hostname: socketproxy
  99. privileged: true
  100. environment:
  101. - CONTAINERS: 1
  102. - SECRETS: 1
  103. - INFO: 1
  104. - IMAGES: 1
  105. - VOLUMES: 1
  106. - NETWORKS: 1
  107. networks:
  108. - socketproxy:
  109. - ipv4_address: 172.29.0.2
  110. ports:
  111. - "2375"
  112. volumes:
  113. - /var/run/docker.sock:/var/run/docker.sock
  114. labels:
  115. - "autoheal=true"
  116. - "com.centurylinklabs.watchtower.enable=true"
  117. - "traefik.enable=false"
  118. restart: always
  119. pihole:
  120. image: pihole/pihole:latest
  121. container_name: pihole
  122. hostname: pihole
  123. environment:
  124. - PGID=$PGID
  125. - PUID=$PUID
  126. - TZ=$TZ
  127. - WEBPASSWORD=$WEBPASSWORD
  128. - ServerIP=192.168.7.76
  129. depends_on:
  130. - traefik
  131. volumes:
  132. - $DOCKERDIR/etc-pihole/:/etc/pihole/
  133. - $DOCKERDIR/etc-dnsmasq.d/:/etc/dnsmasq.d/
  134. dns:
  135. - 1.1.1.1
  136. - 1.0.0.1
  137. restart: unless-stopped
  138. labels:
  139. - "autoheal=true"
  140. - "com.centurylinklabs.watchtower.enable=true"
  141. - "traefik.enable=true"
  142. # web interface
  143. - "traefik.http.routers.pihole.rule=Host(`pihole.wallace-home.org`)"
  144. - "traefik.http.routers.pihole.entrypoints=https"
  145. - "traefik.http.routers.pihole.tls.certresolver=dns-cloudflare"
  146. - "traefik.http.services.pihole.loadbalancer.server.port=80"
  147. # DNS-over-TLS
  148. - "traefik.tcp.routers.dnsovertls.rule=HostSNI(`pihole.wallace-home.org`)"
  149. - "traefik.tcp.routers.dnsovertls.entrypoints=dnsovertls"
  150. - "traefik.tcp.routers.dnsovertls.tls.certresolver=dns-cloudflare"
  151. - "traefik.tcp.routers.dnsovertls.service=pihole"
  152. # Normal DNS coming in on 53 TCP, no TLS
  153. - "traefik.tcp.routers.dns.rule=HostSNI(`pihole.wallace-home.org`)"
  154. - "traefik.tcp.routers.dns.entrypoints=dns"
  155. - "traefik.tcp.routers.dns.service=pihole"
  156. # recieves traffic from both the TLS and non-TLS traefik routers
  157. - "traefik.tcp.services.pihole.loadbalancer.server.port=53"
  158. # Normal DNS coming in on 53 UDP
  159. - "traefik.udp.routers.udpdns.entrypoints=udpdns"
  160. - "traefik.udp.routers.udpdns.service=pihole"
  161. - "traefik.udp.services.pihole.loadbalancer.server.port=53"
  162. ## Middlewares
  163. - "traefik.http.middlewares.pihole-add-admin.addPrefix.prefix=/admin"
  164. - "traefik.http.routers.pihole-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-authelia@file"
  165. cap_add:
  166. - NET_ADMIN
  167. networks:
  168. - pihole:
  169. - ipv4_address: 192.168.7.30
  170. - t2_proxy:
  171. - ipv4_address: 172.28.0.3
  172. authelia:
  173. image: authelia/authelia:latest
  174. container_name: authelia
  175. hostname: authelia
  176. environment:
  177. - PGID=$PGID
  178. - PUID=$PUID
  179. - TZ=$TZ
  180. - AUTHELIA_JWT_SECRET=$AUTHELIA_JWT_SECRET
  181. - AUTHELIA_SESSION_SECRET=$AUTHELIA_SESSION_SECRET
  182. - AUTHELIA_DUO_API_SECRET_KEY=$AUTHELIA_DUO_API_SECRET_KEY
  183. volumes:
  184. - $DOCKERDIR/authelia:/config
  185. - $DOCKERDIR/authelia/data:/data
  186. - $DOCKERDIR/authelia/configuration.yml:/etc/authelia/configuration.yml:ro
  187. - $DOCKERDIR/authelia/users_database.yml:/etc/authelia/users_database.yml
  188. labels:
  189. - "autoheal=true"
  190. - "com.centurylinklabs.watchtower.enable=true"
  191. - "traefik.enable=true"
  192. - "traefik.http.routers.authelia.middlewares=authelia-headers"
  193. - "traefik.http.middlewares.authelia-headers.headers.browserXssFilter=true"
  194. - "traefik.http.middlewares.authelia-headers.headers.customFrameOptionsValue=SAMEORIGIN"
  195. - "traefik.http.middlewares.authelia-headers.headers.customResponseHeaders.Cache-Control=no-store"
  196. - "traefik.http.middlewares.authelia-headers.headers.customResponseHeaders.Pragma=no-cache"
  197. - "traefik.http.routers.authelia.rule=Host(`login.wallace-home.org`)"
  198. - "traefik.http.routers.authelia.entrypoints=https"
  199. - "traefik.http.routers.authelia.tls.certresolver=letsencryptresolver"
  200. - "traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9081/api/verify?rd=https://login.wallace-home.org/"
  201. - "traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true"
  202. - "traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups"
  203. - "traefik.http.services.authelia-svc.loadbalancer.server.port=9081"
  204. ## Middlewares
  205. - "traefik.http.routers.authelia-rtr.middlewares=authelia-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
  206. - "traefik.http.routers.authelia-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-authelia@file"
  207. expose:
  208. - "9081"
  209. depends_on:
  210. - traefik
  211. networks:
  212. - t2_proxy:
  213. - ipv4_address: 172.28.0.4
  214. - nextcloud:
  215. - ipv4_address: 172.30.0.10
  216. restart: unless-stopped
  217. portainer:
  218. image: portainer/portainer-ce
  219. container_name: portainer
  220. hostname: portainer
  221. command: -H tcp://socketproxy:2375
  222. priveleged: true
  223. environment:
  224. - PGID=$PGID
  225. - PUID=$PUID
  226. - TZ=$TZ
  227. # - DOCKER_HOST=tcp://socketproxy:2375
  228. depends_on:
  229. - socketproxy
  230. volumes:
  231. # - /var/run/docker.sock:/var/run/docker.sock
  232. - $DOCKERDIR/portainer:/config
  233. labels:
  234. - "autoheal=true"
  235. - "com.centurylinklabs.watchtower.enable=true"
  236. - "traefik.enable=false"
  237. # - "traefik.network=t2_proxy"
  238. # - "traefik.http.routers.portainer-rtr.entrypoints=https"
  239. # - "traefik.http.routers.portsiner-rtr.rule=Host(`portainer.$DOMAIN`)"
  240. # - "traefik.http.routers.portainer-rtr.tls=true"
  241. # - "traefik.http.routers.portainer-rtr.service=portainer-svc"
  242. # - "traefik.http.services.portainer-svc.loadbalancer.server.port=9000"
  243. # - "traefik.http.routers.portainer-rtr.middlewares=chain-authelia@file"
  244. ports:
  245. - "9000:9000"
  246. networks:
  247. - t2_proxy:
  248. - ipv4_address: 172.28.0.5
  249. - nextcloud:
  250. - ipv4_address: 172.30.0.9
  251. - socketproxy:
  252. - ipv4_address: 172.29.0.4
  253. restart: always
  254. watchtower:
  255. image: containrrr/watchtower
  256. container_name: watchtower
  257. hostname: watchtower
  258. environment:
  259. - PGID=$PGID
  260. - PUID=$PUID
  261. - TZ=$TZ
  262. - WATCHTOWER_CLEANUP=true
  263. - WATCHTOWER_REMOVE_VOLUMES=false
  264. - WATCHTOWER_INCLUDE_STOPPED=true
  265. - DOCKER_HOST: tcp://socketproxy:2375
  266. volumes:
  267. # - /var/run/docker.sock:/var/run/docker.sock
  268. depends_on:
  269. - socketproxy
  270. labels:
  271. - "autoheal=true"
  272. - "com.centurylinklabs.watchtower.enable=true"
  273. - "traefik.enable=false"
  274. networks:
  275. - socketproxy
  276. - t2_proxy
  277. restart: always
  278. autoheal:
  279. image: willfarrell/autoheal
  280. container_name: autoheal
  281. hostname: autoheal
  282. environment:
  283. - PGID=$PGID
  284. - PUID=$PUID
  285. - TZ=$TZ
  286. - AUTOHEAL_CONTAINER_LABEL=all
  287. - DOCKER_HOST=tcp://socketproxy:2375
  288. depends_on:
  289. - socketproxy
  290. volumes:
  291. # - /var/run/docker.sock:/var/run/docker.sock
  292. labels:
  293. - "autoheal=true"
  294. - "com.centurylinklabs.watchtower.enable=true"
  295. - "traefik.enable=false"
  296. networks:
  297. - t2_proxy
  298. - socketproxy
  299. mem_limit: 40m
  300. mem_reservation: 15m
  301. restart: always
  302. phpmyadmin:
  303. image: ghcr.io/linuxserver/phpmyadmin
  304. container_name: phpmyadmin
  305. hostname: phpmyadmin
  306. environment:
  307. - PGID=$PGID
  308. - PUID=$PUID
  309. - TZ=$TZ
  310. - PMA_ARBITRARY=1 #optional
  311. - PMA_ABSOLUTE_URI=https://phpmyadmin.wallace-home.org #optional
  312. volumes:
  313. - $DOCKERDIR/phpmyadmin:/config
  314. ports:
  315. - "81:81"
  316. labels:
  317. - "autoheal=true"
  318. - "com.centurylinklabs.watchtower.enable=true"
  319. # - "traefik.enable=false"
  320. # - "traefik.network=t2_proxy"
  321. # - "traefik.http.routers.phpmyadmin-rtr.entrypoints=https"
  322. # - "traefik.http.routers.phpmyadmin-rtr.rule=Host(`phpmyadmin.$DOMAIN`)"
  323. # - "traefik.http.routers.phpmyadmin-rtr.tls=true"
  324. # - "traefik.http.routers.phpmyadmin-rtr.service=phpmyadmin-svc"
  325. # - "traefik.http.services.phpmyadmin-svc.loadbalancer.server.port=81"
  326. # - "traefik.http.routers.phpmyadmin-rtr.middlewares=chain-authelia@file"
  327. networks:
  328. - nextcloud:
  329. - ipv4_address: 172.30.0.7
  330. restart: unless-stopped
  331. homer:
  332. image: b4bz/homer
  333. environment:
  334. - PGID=$PGID
  335. - PUID=$PUID
  336. - TZ=$TZ
  337. volumes:
  338. - $DOCKERDIR/homer/data:/www/assets
  339. labels:
  340. - "autoheal=true"
  341. - "com.centurylinklabs.watchtower.enable=true"
  342. - "traefik.enable=true"
  343. - "traefik.network=t2_proxy"
  344. - "traefik.http.services.dashboard-service.loadbalancer.server.port=8080"
  345. - "traefik.http.routers.dashboard.rule=HostHeader(`$DOMAIN``www.$DOMAIN`)"
  346. - "traefik.http.routers.dashboard.entrypoints=http"
  347. - "traefik.http.routers.dashboard-secure.rule=Host(`$DOMAIN``www.$DOMAIN`)"
  348. - "traefik.http.routers.dashboard-secure.entrypoints=https"
  349. - "traefik.http.routers.dashboard-secure.tls=true"
  350. - "traefik.http.routers.dashboard-secure.tls.certresolver=letsencryptresolver"
  351. - "traefik.http.middlewares.dashboard-redirect-dashboard-secure.redirectscheme.scheme=https"
  352. - "traefik.http.routers.dashboard.middlewares=dashboard-redirect-dashboard-secure"
  353. - "traefik.http.routers.dashboard-rtr.middlewares=chain-authelia@file"
  354. ## Middlewares
  355. - "traefik.http.routers.dashboard-rtr.middlewares=dashboard-headers,middlewares-rate-limit@file,middlewares-authelia@file"
  356. - "traefik.http.routers.dashboard-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-authelia@file"
  357. # ports:
  358. # - "8080:8080"
  359. depends_on:
  360. - traefik
  361. networks:
  362. - t2_proxy:
  363. - ipv4_address: 172.28.0.7
  364. - nextcloud:
  365. - ipv4_address: 172.30.0.6
  366. sonarr:
  367. image: ghcr.io/linuxserver/sonarr
  368. container_name: sonarr
  369. hostname: sonarr
  370. environment:
  371. - PGID=$PGID
  372. - PUID=$PUID
  373. - TZ=$TZ
  374. - SONARR_API_KEY=$SONARR_API_KEY
  375. volumes:
  376. - $DOCKERDIR/sonarr:/config
  377. - $MEDIADIR/TVShows/TVShows:/data/TVShows
  378. - $MEDIADIR/TVShows/TV.Doc:/data/TVDoc
  379. - $MEDIADIR/Movies1/TV.Doc:/data/TVDoc1
  380. - $DOWNLOADS:/data/completed
  381. labels:
  382. - "autoheal=true"
  383. - "com.centurylinklabs.watchtower.enable=true"
  384. - "traefik.enable=true"
  385. - "traefik.network=t2_proxy"
  386. ## HTTP Routers Auth Bypass
  387. - "traefik.http.routers.sonarr-rtr-bypass.entrypoints=https"
  388. - "traefik.http.routers.sonarr-rtr-bypass.rule=Host(`sonarr.$DOMAIN`) && (Headers(`X-Api-Key`, `$SONARR_API_KEY`) || Query(`apikey`, `$SONARR_API_KEY`))"
  389. - "traefik.http.routers.sonarr-rtr-bypass.priority=100"
  390. ##Routers
  391. - "traefik.http.routers.sonarr-rtr.entrypoints=https"
  392. - "traefik.http.routers.sonarr-rtr.rule=Host(`sonarr.$DOMAIN`)"
  393. - "traefik.http.routers.sonarr-rtr.tls=true"
  394. - "traefik.http.routers.sonarr-rtr.service=sonarr-svc"
  395. - "traefik.http.routers.sonarr-rtr-bypass.middlewares=chain-no-auth@file"
  396. - "traefik.http.routers.sonarr-rtr.priority=99"
  397. - "traefik.http.routers.sonarr-rtr.middlewares=chain-authelia@file"
  398. ##Services
  399. - "traefik.http.services.sonarr-svc.loadbalancer.server.port=8989"
  400. ## Middlewares
  401. - "traefik.http.routers.sonarr-rtr.middlewares=sonarr-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
  402. - "traefik.http.routers.sonarr-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-authelia@file"
  403. # ports:
  404. # - "8989:8989"
  405. depends_on:
  406. - traefik
  407. networks:
  408. - t2_proxy:
  409. - ipv4_address: 172.28.0.8
  410. restart: always
  411. radarr:
  412. image: ghcr.io/linuxserver/radarr
  413. container_name: radarr
  414. hostname: radarr
  415. environment:
  416. - PGID=$PGID
  417. - PUID=$PUID
  418. - TZ=$TZ
  419. - RADARR_API_KEY=$RADARR_API_KEY
  420. volumes:
  421. - $DOCKERDIR/radarr:/config
  422. - $MEDIADIR/Movies/Animated:/data/Animated1
  423. - $MEDIADIR/Movies1/Animated:/data/Animated2
  424. - $MEDIADIR/Movies3/Animated:/data/Animated3
  425. - $MEDIADIR/Movies/Horror:/data/Horror1
  426. - $MEDIADIR/Movies1/Horror:/data/Horror2
  427. - $MEDIADIR/Movies3/Horror:/data/Horror3
  428. - $MEDIADIR/Movies/Movies:/data/Movies1
  429. - $MEDIADIR/Movies1/Movies:/data/Movies2
  430. - $MEDIADIR/Movies3/Movies:/data/Movies3
  431. - $MEDIADIR/Movies3/Mov.Doc:/data/documentaries
  432. - $DOWNLOADS:/data/completed
  433. labels:
  434. - "autoheal=true"
  435. - "com.centurylinklabs.watchtower.enable=true"
  436. - "traefik.enable=true"
  437. - "traefik.network=t2_proxy"
  438. ## HTTP Routers Auth Bypass
  439. - "traefik.http.routers.radarr-rtr-bypass.entrypoints=https"
  440. - "traefik.http.routers.radarr-rtr-bypass.rule=Host(`radarr.$DOMAIN`) && (Headers(`X-Api-Key`, `$RADARR_API_KEY`) || Query(`apikey`, `$RADARR_API_KEY`))"
  441. - "traefik.http.routers.radarr-rtr-bypass.priority=100"
  442. ##Routers
  443. - "traefik.http.routers.radarr-rtr.entrypoints=https"
  444. - "traefik.http.routers.radarr-rtr.rule=Host(`radarr.$DOMAIN`)"
  445. - "traefik.http.routers.radarr-rtr.tls=true"
  446. - "traefik.http.routers.radarr-rtr.middlewares=chain-authelia@file"
  447. - "traefik.http.routers.radarr-rtr-bypass.middlewares=chain-no-auth@file"
  448. - "traefik.http.routers.radarr-rtr.priority=99"
  449. - "traefik.http.routers.radarr-rtr.service=radarr-svc"
  450. ##Services
  451. - "traefik.http.services.radarr-svc.loadbalancer.server.port=7878"
  452. ## Middlewares
  453. - "traefik.http.routers.radarr-rtr.middlewares=radarr-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
  454. - "traefik.http.routers.radarr-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-authelia@file"
  455. # ports:
  456. # - "7878:7878"
  457. depends_on:
  458. - traefik
  459. networks:
  460. - t2_proxy:
  461. - ipv4_address: 172.28.0.9
  462. restart: always
  463. lidarr:
  464. image: ghcr.io/linuxserver/lidarr
  465. container_name: lidarr
  466. hostname: lidarr
  467. environment:
  468. - PGID=$PGID
  469. - PUID=$PUID
  470. - TZ=$TZ
  471. - LIDARR_API_KEY=$LIDARR_API_KEY
  472. volumes:
  473. - $DOCKERDIR/lidarr:/config
  474. - $MEDIADIR/Movies1/Music:/data/Music
  475. - $DOWNLOADS:/data/completed
  476. labels:
  477. - "autoheal=true"
  478. - "com.centurylinklabs.watchtower.enable=true"
  479. - "traefik.enable=true"
  480. - "traefik.network=t2_proxy"
  481. ## HTTP Routers Auth Bypass
  482. - "traefik.http.routers.lidarr-rtr-bypass.entrypoints=https"
  483. - "traefik.http.routers.lidarr-rtr-bypass.rule=Host(`lidarr.$DOMAIN`) && (Headers(`X-Api-Key`, `$LIDARR_API_KEY`) || Query(`apikey`, `$LIDARR_API_KEY`))"
  484. - "traefik.http.routers.lidarr-rtr-bypass.priority=100"
  485. - "traefik.http.routers.lidarr-rtr.entrypoints=https"
  486. - "traefik.http.routers.lidarr-rtr.rule=Host(`lidarr.$DOMAIN`)"
  487. - "traefik.http.routers.lidarr-rtr.tls=true"
  488. - "traefik.http.routers.lidarr-rtr.service=lidarr-svc"
  489. - "traefik.http.routers.lidarr-rtr-bypass.middlewares=chain-no-auth@file"
  490. - "traefik.http.services.lidarr-svc.loadbalancer.server.port=8686"
  491. - "traefik.http.routers.lidarr-rtr.middlewares=chain-authelia@file"
  492. ## Middlewares
  493. - "traefik.http.routers.lidarr-rtr.middlewares=lidarr-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
  494. - "traefik.http.routers.lidarr-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-basic-authelia@file"
  495. # ports:
  496. # - "8686:8686"
  497. depends_on:
  498. - traefik
  499. networks:
  500. - t2_proxy:
  501. - ipv4_address: 172.28.0.10
  502. restart: always
  503. bazarr:
  504. image: ghcr.io/linuxserver/bazarr
  505. container_name: bazarr
  506. hostname: bazarr
  507. environment:
  508. - PGID=$PGID
  509. - PUID=$PUID
  510. - TZ=$TZ
  511. - BAZARR_API_KEY=$BAZARR_API_KEY
  512. volumes:
  513. - $DOCKERDIR/bazarr:/config
  514. - $MEDIADIR/Movies/Animated:/data/Animated1
  515. - $MEDIADIR/Movies1/Animated:/data/Animated2
  516. - $MEDIADIR/Movies3/Animated:/data/Animated3
  517. - $MEDIADIR/Movies/Horror:/data/Horror1
  518. - $MEDIADIR/Movies1/Horror:/data/Horror2
  519. - $MEDIADIR/Movies3/Horror:/data/Horror3
  520. - $MEDIADIR/Movies/Movies:/data/Movies1
  521. - $MEDIADIR/Movies1/Movies:/data/Movies2
  522. - $MEDIADIR/Movies3/Movies:/data/Movies3
  523. - $MEDIADIR/TVShows/TVShows:/data/TVShows
  524. - $MEDIADIR/TVShows/TV.Doc:/data/TVDoc
  525. - $MEDIADIR/Movies1/TV.Doc:/data/TVDoc1
  526. - $MEDIADIR/Movies3/Mov.Doc:/data/documentaries
  527. labels:
  528. - "autoheal=true"
  529. - "com.centurylinklabs.watchtower.enable=true"
  530. - "traefik.enable=true"
  531. - "traefik.network=t2_proxy"
  532. ## HTTP Routers Auth Bypass
  533. - "traefik.http.routers.bazarr-rtr-bypass.entrypoints=https"
  534. - "traefik.http.routers.bazarr-rtr-bypass.rule=Host(`bazarr.$DOMAIN`) && (Headers(`X-Api-Key`, `$BAZARR_API_KEY`) || Query(`apikey`, `$BAZARR_API_KEY`))"
  535. - "traefik.http.routers.bazarr-rtr-bypass.priority=100"
  536. - "traefik.http.routers.bazarr-rtr.entrypoints=https"
  537. - "traefik.http.routers.bazarr-rtr.rule=Host(`bazarr.$DOMAIN`)"
  538. - "traefik.http.routers.bazarr-rtr.tls=true"
  539. - "traefik.http.routers.bazarr-rtr.service=bazarr-svc"
  540. - "traefik.http.services.bazarr-svc.loadbalancer.server.port=6767"
  541. - "traefik.http.routers.bazarr-rtr.middlewares=chain-authelia@file"
  542. ## Middlewares
  543. - "traefik.http.routers.bazarr-rtr.middlewares=bazarr-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
  544. - "traefik.http.routers.bazarr-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-authelia@file"
  545. # ports:
  546. # - "6767:6767"
  547. depends_on:
  548. - traefik
  549. networks:
  550. - t2_proxy:
  551. - ipv4_address: 172.28.0.11
  552. restart: always
  553. prowlarr:
  554. container_name: prowlarr
  555. image: linuxserver/prowlarr
  556. hostname: prowlarr
  557. environment:
  558. - PUID=$PUID
  559. - PGID=$PGID
  560. - UMASK=002
  561. - TZ=$TZ
  562. volumes:
  563. - $DOCKERDIR/prowlarr:/config
  564. # ports:
  565. # - "9696:9696"
  566. labels:
  567. - "autoheal=true"
  568. - "com.centurylinklabs.watchtower.enable=true"
  569. - "traefik.enable=false"
  570. # - "traefik.network=t2_proxy"
  571. # - "traefik.http.routers.prowlarr-rtr.entrypoints=https"
  572. # - "traefik.http.routers.prowlarr-rtr.rule=Host(`prowlarr.$DOMAIN`)"
  573. # - "traefik.http.routers.prowlarr-rtr.tls=true"
  574. # - "traefik.http.routers.prowlarr-rtr.middlewares=chain-authelia@file"
  575. # - "traefik.http.routers.prowlarr-rtr.service=prowlarr-svc"
  576. # - "traefik.http.services.prowlarr-svc.loadbalancer.server.port=9696"
  577. ## Middlewares
  578. # - "traefik.http.routers.prowlarr-rtr.middlewares=prowlarr-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
  579. # - "traefik.http.routers.prowlarr-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-authelia@file"
  580. # depends_on:
  581. # - traefik
  582. networks:
  583. - t2_proxy:
  584. - ipv4_address: 172.28.0.12
  585. restart: unless-stopped
  586. overseerr:
  587. image: sctx/overseerr
  588. container_name: overseerr
  589. hostname: overseerr
  590. environment:
  591. - PGID=$PGID
  592. - PUID=$PUID
  593. - TZ=$TZ
  594. - LOG_LEVEL=info
  595. volumes:
  596. - $DOCKERDIR/overseerr:/config
  597. labels:
  598. - "autoheal=true"
  599. - "com.centurylinklabs.watchtower.enable=true"
  600. - "traefik.enable=true"
  601. - "traefik.network=t2_proxy"
  602. - "traefik.http.routers.overseerr-rtr.entrypoints=https"
  603. - "traefik.http.routers.overseerr-rtr.rule=Host(`overseerr.$DOMAIN`)"
  604. - "traefik.http.routers.overseerr-rtr.tls=true"
  605. - "traefik.http.routers.overseerr-rtr.service=overseerr-svc"
  606. - "traefik.http.services.overseerr-svc.loadbalancer.server.port=5055"
  607. - "traefik.http.routers.overseerr-rtr.middlewares=chain-authelia@file"
  608. ## Middlewares
  609. - "traefik.http.routers.overseerr-rtr.middlewares=overseerr-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
  610. - "traefik.http.routers.overseerr-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-authelia@file"
  611. # ports:
  612. # - "5055:5055"
  613. depends_on:
  614. - traefik
  615. networks:
  616. - t2_proxy:
  617. - ipv4_address: 172.28.0.14
  618. transmission:
  619. image: haugene/transmission-openvpn
  620. container_name: transmission
  621. hostname: transmission
  622. cap_add:
  623. - NET_ADMIN
  624. devices:
  625. - /dev/net/tun
  626. dns:
  627. - 209.222.18.222
  628. - 209.222.18.218
  629. volumes:
  630. - /etc/localtime:/etc/localtime:ro
  631. - $DOCKERDIR/transmission:/data
  632. - $DOCKERDIR/transmission/openvpn:/etc/openvpn/custom/default.ovpn:ro
  633. - $DOWNLOADS:/data/Completed
  634. - $INC.DOWNLOADS=/data/incomplete
  635. environment:
  636. - PGID=$PGID
  637. - PUID=$PUID
  638. - TZ=$TZ
  639. - UMASK=002
  640. - OPENVPN_PROVIDER=PIA
  641. - OPENVPN_CONFIG=switzerland,ca_toronto,ca_montreal,ca_vancouver
  642. - PIA_OPENVPN_CONFIG_BUNDLE=openvpn
  643. - OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60
  644. - LOCAL_NETWORK=192.168.7.0/24
  645. - TRANSMISSION_MAX_PEERS_GLOBAL=9999
  646. - TRANSMISSION_PEER_LIMIT_GLOBAL=9999
  647. - TRANSMISSION_PEER_LIMIT_PER_TORRENT=9999
  648. - TRANSMISSION_DOWNLOAD_DIR=$DOWNLOADS
  649. - TRANSMISSION_INCOMPLETE_DIR_ENABLED=true
  650. - TRANSMISSION_INCOMPLETE_DIR=$INC.DOWNLOADS
  651. - TRANSMISSION_DOWNLOAD-QUEUE-SIZE=15
  652. - TRANSMISSION_RATIO_LIMIT_ENABLED=true
  653. - TRANSMISSION_RATIO_LIMIT=0
  654. - TRANSMISSION_WEB_UI=flood-for-transmission
  655. - OPENVPN_USERNAME=$OPENVPN_USERNAME
  656. - OPENVPN_PASSWORD=$OPENVPN_PASSWORD
  657. labels:
  658. - "autoheal=true"
  659. - "com.centurylinklabs.watchtower.enable=true"
  660. - "traefik.enable=true"
  661. - "traefik.network=t2_proxy"
  662. - "traefik.http.routers.transmission-rtr.entrypoints=https"
  663. - "traefik.http.routers.transmission-rtr.rule=Host(`transmission.$DOMAIN`)"
  664. - "traefik.http.routers.transmission-rtr.tls=true"
  665. - "traefik.http.routers.transmission-rtr.service=transmission-svc"
  666. - "traefik.http.services.transmission-svc.loadbalancer.server.port=9091"
  667. - "traefik.http.routers.transmission-rtr.middlewares=chain-authelia@file"
  668. ## Middlewares
  669. - "traefik.http.routers.transmission-rtr.middlewares=transmission-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
  670. - "traefik.http.routers.transmission-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-authelia@file"
  671. # ports:
  672. # - "9091:9091"
  673. depends_on:
  674. - traefik
  675. networks:
  676. - t2_proxy:
  677. - ipv4_address: 172.28.0.15
  678. restart: always
  679. tautulli:
  680. image: ghcr.io/linuxserver/tautulli
  681. container_name: tautulli
  682. hostname: tautulli
  683. environment:
  684. - PGID=$PGID
  685. - PUID=$PUID
  686. - TZ=$TZ
  687. volumes:
  688. - $DOCKERDIR/tautulli:/config
  689. labels:
  690. - "autoheal=true"
  691. - "com.centurylinklabs.watchtower.enable=true"
  692. - "traefik.enable=true"
  693. - "traefik.network=t2_proxy"
  694. - "traefik.http.routers.tautulli-rtr.entrypoints=https"
  695. - "traefik.http.routers.tautulli-rtr.rule=Host(`tautulli.$DOMAIN`)"
  696. - "traefik.http.routers.tautulli-rtr.tls=true"
  697. - "traefik.http.routers.tautulli-rtr.service=radarr-svc"
  698. - "traefik.http.services.tautulli-svc.loadbalancer.server.port=8181"
  699. - "traefik.http.routers.tautulli-rtr.middlewares=chain-authelia@file"
  700. ## Middlewares
  701. - "traefik.http.routers.tautulli-rtr.middlewares=tautulli-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
  702. - "traefik.http.routers.tautulli-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-basic-auth@file"
  703. # ports:
  704. # - "8181:8181"
  705. depends_on:
  706. - traefik
  707. networks:
  708. - t2_proxy:
  709. - ipv4_address: 172.28.0.16
  710. restart: always
  711. plex:
  712. image: ghcr.io/linuxserver/plex
  713. container_name: plex
  714. hostname: plex
  715. environment:
  716. - PGID=$PGID
  717. - PUID=$PUID
  718. - TZ=$TZ
  719. - VERSION=docker
  720. # ports:
  721. # - "32400:32400"
  722. # - "3005:3005/tcp"
  723. # - "8324:8324/tcp"
  724. # - "32469:32469/tcp"
  725. # - "1900:1900/udp"
  726. # - "32410:32410/udp"
  727. # - "32412:32412/udp"
  728. # - "32413:32413/udp"
  729. # - "32414:32414/udp"
  730. volumes:
  731. - $DOCKERDIR/plex:/config
  732. - $MEDIADIR/Extra2/Transcode:/transcode
  733. - $MEDIADIR/Movies/Animated:/data/Animated1
  734. - $MEDIADIR/Movies1/Animated:/data/Animated2
  735. - $MEDIADIR/Movies3/Animated:/data/Animated3
  736. - $MEDIADIR/Movies/Horror:/data/Horror2
  737. - $MEDIADIR/Movies1/Horror:/data/Horror2
  738. - $MEDIADIR/Movies3/Horror:/data/Horror3
  739. - $MEDIADIR/Movies/Movies:/data/Movies1
  740. - $MEDIADIR/Movies1/Movies:/data/Movies2
  741. - $MEDIADIR/Movies3/Movies:/data/Movies3
  742. - $MEDIADIR/TVShows/TVShows:/data/TVShows
  743. - $MEDIADIR/TVShows/TV.Doc:/data/TVDoc
  744. - $MEDIADIR/Movies3/Mov.Doc:/data/documentaries
  745. - $MEDIADIR/Movies1/TV.Doc:/data/TVDoc1
  746. - $MEDIADIR/Movies1/Music:/data/Music
  747. - $MEDIADIR/Movies3/Audiobooks:/data/Audiobooks
  748. - $MEDIADIR/Movies1/Photos:/data/Photos
  749. labels:
  750. - "autoheal=true"
  751. - "com.centurylinklabs.watchtower.enable=true"
  752. - "traefik.enable=true"
  753. - "traefik.network=t2_proxy"
  754. - "traefik.http.routers.plex-rtr.entrypoints=https"
  755. - "traefik.http.routers.plex-rtr.rule=Host(`plex.$DOMAIN`)"
  756. - "traefik.http.routers.plex-rtr.tls=true"
  757. - "traefik.http.routers.plex-rtr.service=plex-svc"
  758. - "traefik.http.services.plex-svc.loadbalancer.server.port=32400"
  759. - "traefik.http.routers.plex-rtr.middlewares=chain-no-auth"
  760. ## Middlewares
  761. - "traefik.http.routers.plex-rtr.middlewares=plex-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
  762. - "traefik.http.routers.plex-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-authelia@file"
  763. # network_mode: host
  764. networks:
  765. - t2_proxy:
  766. - ipv4_address: 172.28.0.17
  767. restart: always
  768. jellyfin:
  769. image: ghcr.io/linuxserver/jellyfin
  770. container_name: jellyfin
  771. hostname: jellyfin
  772. environment:
  773. - PGID=$PGID
  774. - PUID=$PUID
  775. - TZ=$TZ
  776. - JELLYFIN_PublishedServerUrl=192.168.7.76 `#optional`
  777. volumes:
  778. - $DOCKERDIR/jellyfin:/config
  779. - $MEDIADIR/Movies/Animated:/data/Animated1
  780. - $MEDIADIR/Movies1/Animated:/data/Animated2
  781. - $MEDIADIR/Movies3/Animated:/data/Animated3
  782. - $MEDIADIR/Movies/Horror:/data/Horror1
  783. - $MEDIADIR/Movies1/Horror:/data/Horror2
  784. - $MEDIADIR/Movies3/Horror:/data/Horror3
  785. - $MEDIADIR/Movies/Movies:/data/Movies1
  786. - $MEDIADIR/Movies1/Movies:/data/Movies2
  787. - $MEDIADIR/Movies3/Movies:/data/Movies3
  788. - $MEDIADIR/TVShows/TVShows:/data/TVShows
  789. - $MEDIADIR/TVShows/TV.Doc:/data/TVDoc
  790. - $MEDIADIR/Movies3/Mov.Doc:/data/documentaries
  791. - $MEDIADIR/Movies1/TV.Doc:/data/TVDoc1
  792. - $MEDIADIR/Movies1/Music:/data/Music
  793. - $MEDIADIR/Movies3/Audiobooks:/data/Audiobooks
  794. - $MEDIADIR/Movies1/Photos:/data/Photos
  795. labels:
  796. - "autoheal=true"
  797. - "com.centurylinklabs.watchtower.enable=true"
  798. - "traefik.enable=true"
  799. - "traefik.network=t2_proxy"
  800. - "traefik.http.routers.jellyfin-rtr.entrypoints=https"
  801. - "traefik.http.routers.jellyfin-rtr.rule=Host(`jellyfin.$DOMAIN`)"
  802. - "traefik.http.routers.jellyfin-rtr.tls=true"
  803. - "traefik.http.routers.jellyfin-rtr.service=jellyfin-svc"
  804. - "traefik.http.services.jellyfin-svc.loadbalancer.server.port=8096"
  805. - "traefik.http.routers.jellyfin-rtr.middlewares=chain-no-auth"
  806. ## Middlewares
  807. - "traefik.http.routers.jellyfin-rtr.middlewares=jellyfin-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
  808. - "traefik.http.routers.traefik-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-basic-auth@file"
  809. networks:
  810. - t2_proxy:
  811. - ipv4_address: 172.28.0.18
  812. restart: always
  813. unmanic:
  814. image: josh5/unmanic:latest
  815. container_name: unmanic
  816. hostname: unmanic
  817. environment:
  818. - PGID=$PGID
  819. - PUID=$PUID
  820. - TZ=$TZ
  821. volumes:
  822. - $DOCKERDIR/unmanic:/config
  823. - $MEDIADIR/Movies/Animated:/data/Animated1
  824. - $MEDIADIR/Movies1/Animated:/data/Animated2
  825. - $MEDIADIR/Movies3/Animated:/data/Animated3
  826. - $MEDIADIR/Movies/Horror:/data/Horror1
  827. - $MEDIADIR/Movies1/Horror:/data/Horror2
  828. - $MEDIADIR/Movies3/Horror:/data/Horror3
  829. - $MEDIADIR/Movies/Movies:/data/Movies1
  830. - $MEDIADIR/Movies1/Movies:/data/Movies2
  831. - $MEDIADIR/Movies3/Movies:/data/Movies3
  832. - $MEDIADIR/TVShows/TVShows:/data/TVShows
  833. - $MEDIADIR/TVShows/TV.Doc:/data/TVDoc
  834. - $MEDIADIR/Movies3/Mov.Doc:/data/documentaries
  835. - $MEDIADIR/Movies1/TV.Doc:/data/TVDoc1
  836. - $TRANSCODES:/tmp/unmanic
  837. labels:
  838. - "autoheal=true"
  839. - "com.centurylinklabs.watchtower.enable=true"
  840. - "traefik.enable=true"
  841. - "traefik.network=t2_proxy"
  842. - "traefik.http.routers.unmanic-rtr.entrypoints=https"
  843. - "traefik.http.routers.unmanic-rtr.rule=Host(`unmanic.$DOMAIN`)"
  844. - "traefik.http.routers.unmanic-rtr.tls=true"
  845. - "traefik.http.routers.unmanic-rtr.service=unmanic-svc"
  846. - "traefik.http.services.unmanic-svc.loadbalancer.server.port=8888"
  847. - "traefik.http.routers.unmanic-rtr.middlewares=chain-authelia@file"
  848. ## Middlewares
  849. - "traefik.http.routers.unmanic-rtr.middlewares=unmanic-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
  850. - "traefik.http.routers.unmanic-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-authelia@file"
  851. # ports:
  852. # - "8888:8888"
  853. depends_on:
  854. - traefik
  855. networks:
  856. - t2_proxy:
  857. - ipv4_address: 172.28.0.19
  858. restart: always
  859. whoami:
  860. # A container that exposes an API to show its IP address
  861. image: traefik/whoami
  862. labels:
  863. - "traefik.http.routers.whoami.rule=Host(`whoami.docker.localhost`)"
  864. depends_on:
  865. - traefik
  866. networks:
  867. - t2_proxy:
  868. - ipv4_address: 172.28.0.21
  869. nextcloud:
  870. image: ghcr.io/linuxserver/nextcloud
  871. container_name: nextcloud
  872. hostname: nextcloud
  873. environment:
  874. - PGID=$PGID
  875. - PUID=$PUID
  876. - TZ=$TZ
  877. volumes:
  878. - $DOCKERDIR/nextcloud/config:/config
  879. - $MEDIADIR/Movies1/Photos:/data/Photos
  880. labels:
  881. - "autoheal=true"
  882. - "com.centurylinklabs.watchtower.enable=true"
  883. - "traefik.enable=true"
  884. - "traefik.network=t2_proxy"
  885. - "traefik.http.routers.nextcloud-rtr.entrypoints=https"
  886. - "traefik.http.routers.nextcloud-rtr.rule=Host(`nextcloud.$DOMAIN`)"
  887. - "traefik.http.routers.nextcloud-rtr.tls=true"
  888. - "traefik.tcp.routers.nextcloud-tcp.tls.passthrough=true"
  889. - "traefik.http.routers.nextcloud-rtr.service=nextcloud-svc"
  890. - "traefik.http.services.nextcloud-svc.loadbalancer.server.port=443"
  891. - "traefik.http.routers.nextcloud-rtr.middlewares=chain-authelia@docker"
  892. ## Middlewares
  893. - "traefik.http.routers.nextcloud-rtr.middlewares=nextcloud-headers,middlewares-rate-limit@file,middlewares-basic-auth@file"
  894. - "traefik.http.routers.nextcloud-rtr.middlewares=middlewares-secure-headers@file,middlewares-rate-limit@file,middlewares-authelia@file"
  895. # ports:
  896. # - "443:443"
  897. depends_on:
  898. - nextclouddb
  899. - clamav
  900. - nextcloud_redis
  901. - traefik
  902. networks:
  903. - t2_proxy:
  904. - ipv4_address: 172.28.0.20
  905. - nextcloud:
  906. - ipv4_address: 172.30.0.2
  907. restart: always
  908. nextclouddb:
  909. image: ghcr.io/linuxserver/mariadb
  910. container_name: nextclouddb
  911. hostname: nextclouddb
  912. environment:
  913. - PGID=$PGID
  914. - PUID=$PUID
  915. - TZ=$TZ
  916. - MYSQL_DATABASE="nextcloud"
  917. - MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
  918. - MYSQL_PASSWORD=$MYSQL_PASSWORD
  919. - MYSQL_USER=$MYSQL_USER
  920. - REMOTE_SQL="http://nextcloud.wallace-home.org/nextcloud.sql,https://nextcloud.wallace-home.org/nextcloud.sql"
  921. volumes:
  922. - $DOCKERDIR/mariadb/nextcloud:/config
  923. depends_on:
  924. - nextcloud
  925. labels:
  926. - "autoheal=true"
  927. - "com.centurylinklabs.watchtower.enable=true"
  928. ports:
  929. - "3306:3306"
  930. networks:
  931. - nextcloud:
  932. - ipv4_address: 172.30.0.3
  933. restart: always
  934. clamav:
  935. image: mkodockx/docker-clamav:alpine
  936. container_name: clamav
  937. hostname: clamav
  938. environment:
  939. - PGID=$PGID
  940. - PUID=$PUID
  941. - TZ=$TZ
  942. volumes:
  943. - $MEDIADIR/Movies1/Photos:/data/Photos
  944. - $DOCKERDIR/clamav:/var/lib/clamav
  945. depends_on:
  946. - nextcloud
  947. ports:
  948. - "3310:3310"
  949. networks:
  950. - nextcloud:
  951. - ipv4_address: 172.30.0.4
  952. labels:
  953. - "autoheal=true"
  954. - "com.centurylinklabs.watchtower.enable=true"
  955. restart: always
  956. nextcloud_redis:
  957. image: redis:5
  958. container_name: nextcloud_redis
  959. hostname: nextcloud_redis
  960. volumes:
  961. - $DOCKERDIR/nextcloud_redis/redis:/data
  962. labels:
  963. - "autoheal=true"
  964. - "com.centurylinklabs.watchtower.enable=true"
  965. networks:
  966. - nextcloud:
  967. - ipv4_address: 172.30.0.5
  968. expose:
  969. - "6380"
  970. restart: always
  971. networks:
  972. t2_proxy:
  973. driver: bridge
  974. ipam:
  975. driver: default
  976. config:
  977. - subnet: 172.28.0.0/24
  978. gateway: 172.28.0.1
  979. driver_opts:
  980. com.docker.network.bridge.name: t2_proxy
  981. nextcloud:
  982. driver: bridge
  983. ipam:
  984. driver: default
  985. config:
  986. - subnet: 172.30.0.0/24
  987. gateway: 172.30.0.1
  988. driver_opts:
  989. com.docker.network.bridge.name: t2_proxy
  990. socketproxy:
  991. driver: bridge
  992. internal: true
  993. ipam:
  994. driver: default
  995. config:
  996. - subnet: 172.29.0.0/24
  997. gateway: 172.29.0.1
  998. driver_opts:
  999. com.docker.network.bridge.name: socketproxy
  1000. pihole:
  1001. driver: macvlan
  1002. ipam:
  1003. config:
  1004. - subnet: "192.168.7.0/24"
  1005. gateway: "192.168.7.1"
  1006. driver_opts:
  1007. parent: ens11 # change this
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!