Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- version: "3.7"
- ########################### NETWORKS
- networks:
- traefik_proxy:
- external:
- name: traefik_proxy
- default:
- driver: bridge
- ########################### SERVICES
- services:
- ############################# FRONTENDS
- # Traefik - Reverse Proxy
- # Create traefik.toml and rules dir and acme dir before running container.
- traefik:
- image: traefik:v1.7.16
- container_name: traefik
- hostname: traefik
- restart: unless-stopped
- networks:
- - default
- - traefik_proxy
- ports:
- - "80:80"
- - "443:443"
- # - "${TRAEFIK_DASHBOARD_PORT}:8080"
- domainname: ${DOMAINNAME}
- dns:
- # - ${PIHOLE_IP}
- - 1.1.1.1
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock:ro
- - ${USERDIR}/docker/traefik:/etc/traefik
- - ${USERDIR}/docker/shared:/shared
- environment:
- CF_API_EMAIL: ${CLOUDFLARE_EMAIL}
- CF_API_KEY: ${CLOUDFLARE_API_KEY}
- # DUCKDNS_TOKEN: ${DUCKDNS_TOKEN}
- labels:
- traefik.enable: "true"
- traefik.backend: traefik
- traefik.protocol: http
- traefik.port: 8080
- traefik.frontend.rule: Host:traefik.${DOMAINNAME}
- # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefixStrip: /traefik
- traefik.frontend.headers.SSLHost: traefik.${DOMAINNAME}
- traefik.docker.network: traefik_proxy
- traefik.frontend.passHostHeader: "true"
- traefik.frontend.headers.SSLForceHost: "true"
- traefik.frontend.headers.SSLRedirect: "true"
- traefik.frontend.headers.browserXSSFilter: "true"
- traefik.frontend.headers.contentTypeNosniff: "true"
- traefik.frontend.headers.forceSTSHeader: "true"
- traefik.frontend.headers.STSSeconds: 315360000
- traefik.frontend.headers.STSIncludeSubdomains: "true"
- traefik.frontend.headers.STSPreload: "true"
- traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
- traefik.frontend.headers.frameDeny: "true"
- traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
- # traefik.frontend.auth.basic.users: '${HTTP_USERNAME}:${HTTP_PASSWORD}'
- traefik.frontend.auth.forward.address: "http://oauth:4181"
- traefik.frontend.auth.forward.authResponseHeaders: X-Forwarded-User
- traefik.frontend.auth.forward.trustForwardHeader: "true"
- # OAuth - Forward Authentication
- oauth:
- image: thomseddon/traefik-forward-auth
- container_name: oauth
- hostname: oauth
- restart: always
- networks:
- - default
- - traefik_proxy
- environment:
- PROVIDERS_GOOGLE_CLIENT_ID: ${GOOGLE_CLIENT_ID}
- PROVIDERS_GOOGLE_CLIENT_SECRET: ${GOOGLE_CLIENT_SECRET}
- SECRET: ${OAUTH_SECRET}
- COOKIE_DOMAIN: ${DOMAINNAME}
- INSECURE_COOKIE: "false"
- AUTH_HOST: oauth.${DOMAINNAME}
- URL_PATH: /_oauth
- WHITELIST: ${MY_EMAIL}
- LOG_LEVEL: info
- LIFETIME: 2592000 # 30 days
- labels:
- traefik.enable: "true"
- traefik.backend: oauth
- traefik.port: 4181
- traefik.frontend.rule: Host:oauth.${DOMAINNAME}
- traefik.frontend.headers.SSLHost: oauth.${DOMAINNAME}
- traefik.docker.network: traefik_proxy
- traefik.frontend.passHostHeader: "true"
- traefik.frontend.headers.SSLForceHost: "true"
- traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
- traefik.frontend.headers.SSLRedirect: "true"
- traefik.frontend.headers.browserXSSFilter: "true"
- traefik.frontend.headers.contentTypeNosniff: "true"
- traefik.frontend.headers.forceSTSHeader: "true"
- traefik.frontend.headers.STSSeconds: 315360000
- traefik.frontend.headers.STSIncludeSubdomains: "true"
- traefik.frontend.headers.STSPreload: "true"
- traefik.frontend.headers.frameDeny: "true"
- traefik.frontend.auth.forward.address: "http://oauth:4181"
- traefik.frontend.auth.forward.authResponseHeaders: X-Forwarded-User
- traefik.frontend.auth.forward.trustForwardHeader: "true"
- # Portainer - Container Management
- # Needs trailing / in the URL if using PathPrefixStrip
- portainer:
- image: portainer/portainer
- container_name: portainer
- hostname: portainer
- restart: unless-stopped
- networks:
- - traefik_proxy
- # ports:
- # - "${PORTAINER_PORT}:9000"
- command: -H unix:///var/run/docker.sock
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock
- - ${USERDIR}/docker/portainer/data:/data
- environment:
- TZ: ${TZ}
- labels:
- traefik.enable: "true"
- traefik.backend: portainer
- traefik.protocol: http
- traefik.port: 9000
- traefik.frontend.rule: Host:portainer.${DOMAINNAME}
- # traefik.frontend.rule: Host${DOMAINNAME}; PathPrefixStrip: /portainer
- traefik.frontend.headers.SSLHost: portainer.${DOMAINNAME}
- traefik.docker.network: traefik_proxy
- traefik.frontend.passHostHeader: "true"
- traefik.frontend.headers.SSLForceHost: "true"
- traefik.frontend.headers.SSLRedirect: "true"
- traefik.frontend.headers.browserXSSFilter: "true"
- traefik.frontend.headers.contentTypeNosniff: "true"
- traefik.frontend.headers.forceSTSHeader: "true"
- traefik.frontend.headers.STSSeconds: 315360000
- traefik.frontend.headers.STSIncludeSubdomains: "true"
- traefik.frontend.headers.STSPreload: "true"
- traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
- traefik.frontend.headers.frameDeny: "true"
- traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
- traefik.frontend.auth.forward.address: "http://oauth:4181"
- traefik.frontend.auth.forward.authResponseHeaders: X-Forwarded-User
- traefik.frontend.auth.forward.trustForwardHeader: "true"
- ############################# DOWNLOADERS
- # SABnzbd - Binary newsgrabber (NZB downloader)
- # Disable SABNnzbd's built-in HTTPS support for traefik proxy to work
- # Needs trailing / if using PathPrefix
- sabnzbd:
- image: linuxserver/sabnzbd
- container_name: sabnzbd
- hostname: sabnzbd
- restart: unless-stopped
- networks:
- - traefik_proxy
- # ports:
- # - "${SABNZBD_PORT}:8080"
- volumes:
- - ${USERDIR}/docker/sabnzbd:/config
- - ${USERDIR}/media:/downloads
- - ${USERDIR}/Downloads/incomplete:/incomplete-downloads
- environment:
- PUID: ${PUID}
- PGID: ${PGID}
- TZ: ${TZ}
- UMASK_SET: 002
- labels:
- traefik.enable: "true"
- traefik.backend: sabnzbd
- traefik.protocol: http
- traefik.port: 8080
- traefik.frontend.rule: Host:sb.${DOMAINNAME}
- # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /sabnzbd
- traefik.frontend.headers.SSLHost: sb.${DOMAINNAME}
- traefik.docker.network: traefik_proxy
- traefik.frontend.passHostHeader: "true"
- traefik.frontend.headers.SSLForceHost: "true"
- traefik.frontend.headers.SSLRedirect: "true"
- traefik.frontend.headers.browserXSSFilter: "true"
- traefik.frontend.headers.contentTypeNosniff: "true"
- traefik.frontend.headers.forceSTSHeader: "true"
- traefik.frontend.headers.STSSeconds: 315360000
- traefik.frontend.headers.STSIncludeSubdomains: "true"
- traefik.frontend.headers.STSPreload: "true"
- traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
- traefik.frontend.headers.frameDeny: "true"
- traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
- traefik.frontend.auth.forward.address: "http://oauth:4181"
- traefik.frontend.auth.forward.authResponseHeaders: X-Forwarded-User
- traefik.frontend.auth.forward.trustForwardHeader: "true"
- ############################# INDEXERS
- #NZBhydra was here
- ############################# PVRS
- # Radarr - Movie management
- # Set url_base in radarr settings if using PathPrefix
- radarr:
- # image: aront/radarr #for mp4_automator support
- image: linuxserver/radarr:preview
- container_name: radarr2
- hostname: radarr2
- restart: unless-stopped
- networks:
- - traefik_proxy
- # ports:
- # - "${RADARR_PORT}:7878"
- volumes:
- - ${USERDIR}/docker/radarr:/config
- - ${USERDIR}/media:/downloads
- - ${USERDIR}/media/sane/movies:/movies
- # - ${USERDIR}/docker/shared/mp4_automator:/config_mp4_automator
- # - /media/media/movies:/movies
- - "/etc/localtime:/etc/localtime:ro"
- environment:
- PUID: ${PUID}
- PGID: ${PGID}
- TZ: ${TZ}
- labels:
- traefik.enable: "true"
- traefik.backend: radarr2
- traefik.protocol: http
- traefik.port: 7878
- traefik.frontend.rule: Host:m2.${DOMAINNAME}
- # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /radarr
- traefik.frontend.headers.SSLHost: m2.${DOMAINNAME}
- traefik.docker.network: traefik_proxy
- traefik.frontend.passHostHeader: "true"
- traefik.frontend.headers.SSLForceHost: "true"
- traefik.frontend.headers.SSLRedirect: "true"
- traefik.frontend.headers.browserXSSFilter: "true"
- traefik.frontend.headers.contentTypeNosniff: "true"
- traefik.frontend.headers.forceSTSHeader: "true"
- traefik.frontend.headers.STSSeconds: 315360000
- traefik.frontend.headers.STSIncludeSubdomains: "true"
- traefik.frontend.headers.STSPreload: "true"
- traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
- traefik.frontend.headers.frameDeny: "true"
- traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
- traefik.frontend.auth.forward.address: "http://oauth:4181"
- traefik.frontend.auth.forward.authResponseHeaders: X-Forwarded-User
- traefik.frontend.auth.forward.trustForwardHeader: "true"
- # Sonarr - TV Shows management
- # Set url_base in sonarr settings if using PathPrefix
- sonarr:
- # image: aront/sonarr #for mp4_automator support
- image: linuxserver/sonarr:preview
- container_name: sonarr
- hostname: sonarr
- restart: unless-stopped
- networks:
- - traefik_proxy
- # ports:
- # - "${SONARR_PORT}:8989"
- volumes:
- - ${USERDIR}/docker/sonarr:/config
- - ${USERDIR}/media:/downloads
- - ${USERDIR}/media/sane/tvshows:/tv
- # - /media:/nas
- - "/etc/localtime:/etc/localtime:ro"
- # - "${USERDIR}/docker/shared/mp4_automator:/config_mp4_automator:rw"
- environment:
- PUID: ${PUID}
- PGID: ${PGID}
- TZ: ${TZ}
- labels:
- traefik.enable: "true"
- traefik.backend: sonarr
- traefik.protocol: http
- traefik.port: 8989
- traefik.frontend.rule: Host:tv.${DOMAINNAME}
- # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /sonarr
- traefik.frontend.headers.SSLHost: tv.${DOMAINNAME}
- traefik.docker.network: traefik_proxy
- traefik.frontend.passHostHeader: "true"
- traefik.frontend.headers.SSLForceHost: "true"
- traefik.frontend.headers.SSLRedirect: "true"
- traefik.frontend.headers.browserXSSFilter: "true"
- traefik.frontend.headers.contentTypeNosniff: "true"
- traefik.frontend.headers.forceSTSHeader: "true"
- traefik.frontend.headers.STSSeconds: 315360000
- traefik.frontend.headers.STSIncludeSubdomains: "true"
- traefik.frontend.headers.STSPreload: "true"
- traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
- traefik.frontend.headers.frameDeny: "true"
- traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
- traefik.frontend.auth.forward.address: "http://oauth:4181"
- traefik.frontend.auth.forward.authResponseHeaders: X-Forwarded-User
- traefik.frontend.auth.forward.trustForwardHeader: "true"
- nzbget:
- image: linuxserver/nzbget
- container_name: nzbget
- environment:
- PUID: ${PUID}
- PGID: ${PGID}
- TZ: ${TZ}
- networks:
- - traefik_proxy
- volumes:
- - ${USERDIR}/docker/nzbget:/config
- - ${USERDIR}/media/sane/adult:/downloads
- # ports:
- # - 6789:6789
- restart: unless-stopped
- labels:
- traefik.enable: "true"
- traefik.backend: nzbget
- traefik.protocol: http
- traefik.port: 6789
- traefik.frontend.rule: Host:nzbget.${DOMAINNAME}
- # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /sonarr
- traefik.frontend.headers.SSLHost: nzbget.${DOMAINNAME}
- traefik.docker.network: traefik_proxy
- traefik.frontend.passHostHeader: "true"
- traefik.frontend.headers.SSLForceHost: "true"
- traefik.frontend.headers.SSLRedirect: "true"
- traefik.frontend.headers.browserXSSFilter: "true"
- traefik.frontend.headers.contentTypeNosniff: "true"
- traefik.frontend.headers.forceSTSHeader: "true"
- traefik.frontend.headers.STSSeconds: 315360000
- traefik.frontend.headers.STSIncludeSubdomains: "true"
- traefik.frontend.headers.STSPreload: "true"
- traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
- traefik.frontend.headers.frameDeny: "true"
- traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
- traefik.frontend.auth.forward.address: "http://oauth:4181"
- traefik.frontend.auth.forward.authResponseHeaders: X-Forwarded-User
- traefik.frontend.auth.forward.trustForwardHeader: "true"
- ############################# MEDIA
- jellyfin:
- image: linuxserver/jellyfin
- container_name: jellyfin
- environment:
- - PLEX_UID=${PUID}
- - PLEX_GID=${PGID}
- - TZ=${TZ}
- - UMASK_SET=022
- volumes:
- - ${USERDIR}/docker/jellyfin:/config
- - ${USERDIR}/media/sane/tvshows:/data/tvshows
- - ${USERDIR}/media/sane/movies:/data/movies
- - ${USERDIR}/Downloads/plex_transcode
- - ${USERDIR}/media/sane/adult:/adult
- # ports:
- # - 8096:8096
- restart: unless-stopped
- networks:
- - traefik_proxy
- labels:
- traefik.enable: "true"
- traefik.backend: jellyfin
- traefik.protocol: http
- traefik.port: 8096
- traefik.frontend.rule: Host:play.${DOMAINNAME}
- traefik.frontend.headers.SSLHost: play.${DOMAINNAME}
- traefik.docker.network: traefik_proxy
- traefik.frontend.passHostHeader: "true"
- traefik.frontend.headers.SSLForceHost: "true"
- traefik.frontend.headers.SSLRedirect: "true"
- traefik.frontend.headers.browserXSSFilter: "true"
- traefik.frontend.headers.contentTypeNosniff: "true"
- traefik.frontend.headers.forceSTSHeader: "true"
- traefik.frontend.headers.STSSeconds: 315360000
- traefik.frontend.headers.STSIncludeSubdomains: "true"
- traefik.frontend.headers.STSPreload: "true"
- traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
- traefik.frontend.headers.frameDeny: "true"
- traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
- # traefik.frontend.auth.forward.address: "http://oauth:4181"
- # traefik.frontend.auth.forward.authResponseHeaders: X-Forwarded-User
- # traefik.frontend.auth.forward.trustForwardHeader: "true"
- ############################# MEDIA FILE MANAGEMENT
- # Bazarr - Subtitle Management
- bazarr:
- image: linuxserver/bazarr
- container_name: bazarr
- hostname: bazarr
- restart: unless-stopped
- networks:
- - traefik_proxy
- # ports:
- # - "6767:6767"
- volumes:
- - ${USERDIR}/docker/bazarr:/config
- - ${USERDIR}media/sane/movies:/movies
- - ${USERDIR}/media/sane/tvshows:/tvshows
- environment:
- PUID: ${PUID}
- PGID: ${PGID}
- TZ: ${TZ}
- labels:
- traefik.enable: "true"
- traefik.backend: bazarr
- traefik.protocol: http
- traefik.port: 6767
- traefik.frontend.rule: Host:subs.${DOMAINNAME}
- # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /bazarr
- traefik.frontend.headers.SSLHost: subs.${DOMAINNAME}
- traefik.docker.network: traefik_proxy
- traefik.frontend.passHostHeader: "true"
- traefik.frontend.headers.SSLForceHost: "true"
- traefik.frontend.headers.SSLRedirect: "true"
- traefik.frontend.headers.browserXSSFilter: "true"
- traefik.frontend.headers.contentTypeNosniff: "true"
- traefik.frontend.headers.forceSTSHeader: "true"
- traefik.frontend.headers.STSSeconds: 315360000
- traefik.frontend.headers.STSIncludeSubdomains: "true"
- traefik.frontend.headers.STSPreload: "true"
- traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
- traefik.frontend.headers.frameDeny: "true"
- traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
- traefik.frontend.auth.forward.address: "http://oauth:4181"
- traefik.frontend.auth.forward.authResponseHeaders: X-Forwarded-User
- traefik.frontend.auth.forward.trustForwardHeader: "true"
- ############################# UTILITIES
- # Ouroboros - Automatic Docker Container Updates
- ouroboros:
- image: pyouroboros/ouroboros
- container_name: ouroboros
- hostname: plexguru
- restart: unless-stopped
- networks:
- - default
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock
- environment:
- TZ: ${TZ}
- INTERVAL: 86400
- LOG_LEVEL: debug
- SELF_UPDATE: "true"
- CLEANUP: "true"
- IGNORE: traefik
- NOTIFIERS: 'tgram://${TGRAM_BOT_TOKEN}/${TGRAM_CHAT_ID}/{-381000992}/'
- #Let's fill some gaps with torrents
- jackett:
- image: linuxserver/jackett
- container_name: jackett
- environment:
- PUID: ${PUID}
- PGID: ${PGID}
- TZ: ${TZ}
- volumes:
- - ${USERDIR}/docker/jackett:/config
- - ${USERDIR}/Downloads/blackhole:/downloads
- networks:
- - traefik_proxy
- # ports:
- # - 9117:9117
- restart: unless-stopped
- labels:
- traefik.enable: "true"
- traefik.backend: jackett
- traefik.protocol: http
- traefik.port: 9117
- traefik.frontend.rule: Host:j.${DOMAINNAME}
- # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /bazarr
- traefik.frontend.headers.SSLHost: j.${DOMAINNAME}
- traefik.docker.network: traefik_proxy
- traefik.frontend.passHostHeader: "true"
- traefik.frontend.headers.SSLForceHost: "true"
- traefik.frontend.headers.SSLRedirect: "true"
- traefik.frontend.headers.browserXSSFilter: "true"
- traefik.frontend.headers.contentTypeNosniff: "true"
- traefik.frontend.headers.forceSTSHeader: "true"
- traefik.frontend.headers.STSSeconds: 315360000
- traefik.frontend.headers.STSIncludeSubdomains: "true"
- traefik.frontend.headers.STSPreload: "true"
- traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
- traefik.frontend.headers.frameDeny: "true"
- traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
- traefik.frontend.auth.forward.address: "http://oauth:4181"
- traefik.frontend.auth.forward.authResponseHeaders: X-Forwarded-User
- traefik.frontend.auth.forward.trustForwardHeader: "true"
- #Add QBT
- qbittorrent:
- image: linuxserver/qbittorrent
- container_name: qbittorrent
- environment:
- - PUID=1001
- - PGID=1001
- - TZ=Africa/Harare
- - UMASK_SET=000
- # - WEBUI_PORT=8080
- volumes:
- - ${USERDIR}/docker/qbittorrent:/config
- - ${USERDIR}/media:/downloads
- ports:
- - 6881:6881
- - 6881:6881/udp
- # - 8080:8080
- networks:
- - traefik_proxy
- restart: unless-stopped
- labels:
- traefik.enable: "true"
- traefik.backend: qbittorrent
- traefik.protocol: http
- traefik.port: 8080
- traefik.frontend.rule: Host:q.${DOMAINNAME}
- # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /bazarr
- traefik.frontend.headers.SSLHost: q.${DOMAINNAME}
- traefik.docker.network: traefik_proxy
- traefik.frontend.passHostHeader: "true"
- traefik.frontend.headers.SSLForceHost: "true"
- traefik.frontend.headers.SSLRedirect: "true"
- traefik.frontend.headers.browserXSSFilter: "true"
- traefik.frontend.headers.contentTypeNosniff: "true"
- traefik.frontend.headers.forceSTSHeader: "true"
- traefik.frontend.headers.STSSeconds: 315360000
- traefik.frontend.headers.STSIncludeSubdomains: "true"
- traefik.frontend.headers.STSPreload: "true"
- traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
- traefik.frontend.headers.frameDeny: "true"
- traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
- traefik.frontend.auth.forward.address: "http://oauth:4181"
- traefik.frontend.auth.forward.authResponseHeaders: X-Forwarded-User
- traefik.frontend.auth.forward.trustForwardHeader: "true"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement