Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- version: "3.6"
- services:
- # frontend containers
- php-apache:
- container_name: php-apache
- restart: always
- image: php:7.2-apache
- volumes:
- - ${USERDIR}/home-files:/var/www/html/:ro
- ports:
- - "5555:80"
- environment:
- - PUID=${PUID}
- - PGID=${PGID}
- - TZ=${TZ}
- networks:
- - traefik_proxy
- labels:
- - "traefik.enable=true"
- - "traefik.backend=php-apache"
- - "traefik.frontend.rule=Host:home.${DOMAINNAME}"
- - "traefik.port=80"
- - "traefik.frontend.redirect.entryPoint=https"
- - "traefik.docker.network=traefik_proxy"
- nextcloud:
- container_name: nextcloud
- restart: always
- image: linuxserver/nextcloud
- volumes:
- - ${USERDIR}/docker/nextcloud:/config
- - type: bind
- source: ${USERDIR}/shared_data
- target: /data
- - type: bind
- source: ${USERDIR}/docker/shared
- target: /shared
- ports:
- - "4430:443"
- environment:
- - PUID=${PUID}
- - PGID=${PGID}
- networks:
- - traefik_proxy
- labels:
- - "traefik.enable=true"
- - "traefik.backend=nextcloud"
- - "traefik.frontend.rule=Host:cloud.${DOMAINNAME}"
- - "traefik.port=443"
- - "traefik.protocol=https"
- - "traefik.docker.network=traefik_proxy"
- - "traefik.frontend.headers.SSLRedirect=true"
- - "traefik.frontend.headers.STSSeconds=315360000"
- - "traefik.frontend.headers.browserXSSFilter=true"
- - "traefik.frontend.headers.contentTypeNosniff=true"
- - "traefik.frontend.headers.forceSTSHeader=true"
- - "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- - "traefik.frontend.headers.STSIncludeSubdomains=true"
- - "traefik.frontend.headers.STSPreload=true"
- - "traefik.frontend.headers.frameDeny=false"
- airsonic:
- hostname: airsonic
- container_name: airsonic
- image: airsonic/airsonic
- restart: always
- volumes:
- - ${USERDIR}/docker/airsonic/data:/airsonic/data
- - type: bind
- source: ${USERDIR}/music
- target: /airsonic/music
- - ${USERDIR}/docker/airsonic/playlists:/airsonic/playlists
- - ${USERDIR}/docker/airsonic/podcasts:/airsonic/podcasts
- ports:
- - 4040:4040
- environment:
- - PUID=${PUID}
- - PGID=${PGID}
- - TZ=${TZ}
- - "JAVA_OPTS=-Xmx512m -Dserver.use-forward-headers=true -Dserver.context-path=/"
- networks:
- - traefik_proxy
- labels:
- - "traefik.enable=true"
- - "traefik.backend=airsonic"
- - "traefik.frontend.rule=Host:music.${DOMAINNAME}"
- - "traefik.port=4040"
- - "traefik.docker.network=traefik_proxy"
- - "traefik.frontend.headers.SSLRedirect=true"
- - "traefik.frontend.headers.STSSeconds=315360000"
- - "traefik.frontend.headers.browserXSSFilter=true"
- - "traefik.frontend.headers.contentTypeNosniff=true"
- - "traefik.frontend.headers.forceSTSHeader=true"
- - "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- - "traefik.frontend.headers.STSIncludeSubdomains=true"
- - "traefik.frontend.headers.STSPreload=true"
- - "traefik.frontend.headers.frameDeny=false"
- paperless-webserver:
- hostname: paperless-webserver
- container_name: paperless-webserver
- image: danielquinn/paperless
- command: ["runserver", "--insecure", "--noreload", "0.0.0.0:8000"]
- restart: always
- volumes:
- - type: bind
- source: ${USERDIR}/docker/paperless/data
- target: /usr/src/paperless/data
- - type: bind
- source: ${USERDIR}/docker/paperless/media
- target: /usr/src/paperless/media
- - /etc/localtime:/etc/localtime:ro
- - ${USERDIR}/docker/paperless/paperless.conf:/etc/paperless.conf:ro
- ports:
- - 8050:8000
- environment:
- - USERMAP_UID=${PUID}
- - USERMAP_GID=${PGID}
- networks:
- - traefik_proxy
- labels:
- - "traefik.enable=true"
- - "traefik.backend=paperless-consumer"
- - "traefik.frontend.rule=Host:paperless.${DOMAINNAME}"
- - "traefik.port=8000"
- - "traefik.docker.network=traefik_proxy"
- - "traefik.frontend.headers.SSLRedirect=true"
- - "traefik.frontend.headers.STSSeconds=315360000"
- - "traefik.frontend.headers.browserXSSFilter=true"
- - "traefik.frontend.headers.contentTypeNosniff=true"
- - "traefik.frontend.headers.forceSTSHeader=true"
- - "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- - "traefik.frontend.headers.STSIncludeSubdomains=true"
- - "traefik.frontend.headers.STSPreload=true"
- - "traefik.frontend.headers.frameDeny=false"
- paperless-consumer:
- hostname: paperless-consumer
- container_name: paperless-consumer
- image: danielquinn/paperless
- command: ["document_consumer"]
- depends_on:
- - paperless-webserver
- restart: always
- volumes:
- - type: bind
- source: ${USERDIR}/docker/paperless/data
- target: /usr/src/paperless/data
- - type: bind
- source: ${USERDIR}/docker/paperless/media
- target: /usr/src/paperless/media
- - /etc/localtime:/etc/localtime:ro
- - ${USERDIR}/docker/paperless/storage:/consume
- - ${USERDIR}/docker/paperless/paperless.conf:/etc/paperless.conf:ro
- environment:
- - USERMAP_UID=${PUID}
- - USERMAP_GID=${PGID}
- gitea:
- hostname: gitea
- container_name: gitea
- image: gitea/gitea:1.7.1
- volumes:
- - type: bind
- source: ${USERDIR}/docker/gitea/data
- target: /data
- ports:
- - "3000:3000" #http port
- - "8345:22" # ssh port
- depends_on:
- - mariadb
- restart: always
- networks:
- - traefik_proxy
- labels:
- - "traefik.enable=true"
- - "traefik.backend=gitea"
- - "traefik.frontend.rule=Host:git.${DOMAINNAME}"
- - "traefik.port=3000"
- - "traefik.docker.network=traefik_proxy"
- - "traefik.frontend.headers.SSLRedirect=true"
- - "traefik.frontend.headers.STSSeconds=315360000"
- - "traefik.frontend.headers.browserXSSFilter=true"
- - "traefik.frontend.headers.contentTypeNosniff=true"
- - "traefik.frontend.headers.forceSTSHeader=true"
- - "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- - "traefik.frontend.headers.STSIncludeSubdomains=true"
- - "traefik.frontend.headers.STSPreload=true"
- - "traefik.frontend.headers.frameDeny=false"
- wallabag:
- hostname: wallabag
- container_name: wallabag
- image: wallabag/wallabag
- ports:
- - "3459:80"
- environment:
- - SYMFONY__ENV__DATABASE_HOST = mariadb
- - SYMFONY__ENV__DATABASE_PORT=3306
- - SYMFONY__ENV__DATABASE_NAME=root
- - SYMFONY__ENV__DATABASE_USER=wallabag
- - SYMFONY__ENV__DATABASE_PASSWORD=${MYSQL_ROOT_PASSWORD}
- - SYMFONY__ENV__DATABASE_CHARSET=utf8mb4
- - SYMFONY__ENV__DOMAIN_NAME=https://read.${DOMAINNAME}
- - SYMFONY__ENV__FOSUSER_CONFIRMATION=false
- volumes:
- - type: bind
- source: ${USERDIR}/docker/wallabag/images
- target: /var/www/wallabag/web/assets/images
- depends_on:
- - mariadb
- restart: always
- networks:
- - traefik_proxy
- labels:
- - "traefik.enable=true"
- - "traefik.backend=wallabag"
- - "traefik.frontend.rule=Host:read.${DOMAINNAME}"
- - "traefik.port=80"
- - "traefik.docker.network=traefik_proxy"
- - "traefik.frontend.headers.SSLRedirect=true"
- - "traefik.frontend.headers.STSSeconds=315360000"
- - "traefik.frontend.headers.browserXSSFilter=true"
- - "traefik.frontend.headers.contentTypeNosniff=true"
- - "traefik.frontend.headers.forceSTSHeader=true"
- - "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- - "traefik.frontend.headers.STSIncludeSubdomains=true"
- - "traefik.frontend.headers.STSPreload=true"
- - "traefik.frontend.headers.frameDeny=false"
- calibre-web:
- container_name: calibre-web
- restart: always
- image: linuxserver/calibre-web
- volumes:
- - ${USERDIR}/docker/calibre-web/data:/config
- - type: bind
- source: ${USERDIR}/media/books
- target: /books
- ports:
- - "8083:8083"
- environment:
- - PUID=${PUID}
- - PGID=${PGID}
- - TZ=${TZ}
- networks:
- - traefik_proxy
- labels:
- - "traefik.enable=true"
- - "traefik.backend=calibre-web"
- - "traefik.frontend.rule=Host:books.${DOMAINNAME}"
- - "traefik.port=8083"
- - "traefik.docker.network=traefik_proxy"
- - "traefik.frontend.headers.SSLRedirect=true"
- - "traefik.frontend.headers.STSSeconds=315360000"
- - "traefik.frontend.headers.browserXSSFilter=true"
- - "traefik.frontend.headers.contentTypeNosniff=true"
- - "traefik.frontend.headers.forceSTSHeader=true"
- - "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- - "traefik.frontend.headers.STSIncludeSubdomains=true"
- - "traefik.frontend.headers.STSPreload=true"
- - "traefik.frontend.headers.frameDeny=false"
- firefly_iii:
- container_name: firefly_iii
- restart: always
- environment:
- - FF_DB_HOST=mariadb
- - FF_DB_NAME=firefly
- - FF_DB_USER=root
- - FF_DB_PASSWORD=${MYSQL_ROOT_PASSWORD}
- - FF_APP_KEY=0(FJt9^6^CullM_FPjBK)TgmDsYXHnX_
- - FF_APP_ENV=local
- - TZ=${TZ}
- - APP_LOG_LEVEL=debug
- - APP_URL=https://balance.${DOMAINNAME}
- - TRUSTED_PROXIES=**
- image: jc5x/firefly-iii
- links:
- - mariadb
- ports:
- - "75:80"
- volumes:
- - ${USERDIR}/docker/firefly-iii/storage/export:/storage/export
- - ${USERDIR}/docker/firefly-iii/storage/upload:/storage/upload
- networks:
- - traefik_proxy
- - default
- labels:
- - "traefik.enable=true"
- - "traefik.backend=firefly_iii"
- - "traefik.frontend.rule=Host:balance.${DOMAINNAME}"
- - "traefik.port=80"
- - "traefik.docker.network=traefik_proxy"
- - "traefik.frontend.headers.SSLRedirect=true"
- - "traefik.frontend.headers.STSSeconds=315360000"
- - "traefik.frontend.headers.browserXSSFilter=true"
- - "traefik.frontend.headers.contentTypeNosniff=true"
- - "traefik.frontend.headers.forceSTSHeader=true"
- - "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- - "traefik.frontend.headers.STSIncludeSubdomains=true"
- - "traefik.frontend.headers.STSPreload=true"
- - "traefik.frontend.headers.frameDeny=false"
- # backend containers
- portainer:
- image: portainer/portainer
- container_name: portainer
- restart: always
- command: -H unix:///var/run/docker.sock
- ports:
- - "9000:9000"
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock
- - ${USERDIR}/docker/portainer/data:/data
- - type: bind
- source: ${USERDIR}/docker/shared
- target: /shared
- environment:
- - TZ=${TZ}
- watchtower:
- container_name: watchtower
- restart: always
- image: v2tec/watchtower
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock
- command: --schedule "0 0 4 * * SUN" --cleanup
- mariadb:
- image: "linuxserver/mariadb"
- container_name: "mariadb"
- hostname: mariadb
- volumes:
- - ${USERDIR}/docker/mariadb:/config
- ports:
- - target: 3306
- published: 3306
- protocol: tcp
- mode: host
- restart: always
- networks:
- - default
- environment:
- - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- - PUID=${PUID}
- - PGID=${PGID}
- - TZ=${TZ}
- phpmyadmin:
- hostname: phpmyadmin
- container_name: phpmyadmin
- image: phpmyadmin/phpmyadmin
- restart: always
- links:
- - mariadb:db
- ports:
- - 70:80
- environment:
- - PMA_HOST=mariadb
- - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- # download management
- transmission-vpn:
- container_name: transmission-vpn
- image: haugene/transmission-openvpn
- cap_add:
- - NET_ADMIN
- devices:
- - /dev/net/tun
- restart: always
- ports:
- - "9091:9091"
- dns:
- - 1.1.1.1
- - 1.0.0.1
- volumes:
- - /etc/localtime:/etc/localtime:ro
- - ${USERDIR}/docker/transmission-vpn:/data
- - type: bind
- source: ${USERDIR}/docker/shared
- target: /shared
- - type: bind
- source: ${USERDIR}/downloads
- target: /data/watch
- - type: bind
- source: ${USERDIR}/downloads/completed
- target: /data/completed
- - type: bind
- source: ${USERDIR}/downloads/incomplete
- target: /data/incomplete
- environment:
- - OPENVPN_PROVIDER=TORGUARD
- - OPENVPN_USERNAME=me@domain.com
- - OPENVPN_PASSWORD=${MASTER_PASS}
- - OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60
- - LOCAL_NETWORK=192.168.0.0/24
- - PUID=${PUID}
- - PGID=${PGID}
- - TZ=${TZ}
- - TRANSMISSION_RPC_AUTHENTICATION_REQUIRED=true
- - TRANSMISSION_RPC_HOST_WHITELIST="127.0.0.1,192.168.*.*"
- - TRANSMISSION_RPC_PASSWORD=${MASTER_PASS}
- - TRANSMISSION_RPC_USERNAME=username
- - TRANSMISSION_UMASK=002
- - TRANSMISSION_RATIO_LIMIT=1.00
- - TRANSMISSION_RATIO_LIMIT_ENABLED=true
- # Reverse Proxy
- traefik:
- hostname: traefik
- image: traefik:latest
- command: --configFile=${USERDIR}/docker/traefik/traefik.toml
- container_name: traefik
- restart: always
- domainname: ${DOMAINNAME}
- networks:
- - default
- - traefik_proxy
- ports:
- - "80:80"
- - "443:443"
- - "7000:8080"
- environment:
- - CLOUDFLARE_EMAIL=${CLOUDFLARE_EMAIL}
- - CLOUDFLARE_API_KEY=${CLOUDFLARE_API_KEY}
- labels:
- - "traefik.enable=true"
- - "traefik.backend=traefik"
- - "traefik.frontend.rule=Host:traefik.${DOMAINNAME}"
- - "traefik.port=8080"
- - "traefik.docker.network=traefik_proxy"
- - "traefik.frontend.headers.SSLRedirect=true"
- - "traefik.frontend.headers.STSSeconds=315360000"
- - "traefik.frontend.headers.browserXSSFilter=true"
- - "traefik.frontend.headers.contentTypeNosniff=true"
- - "traefik.frontend.headers.forceSTSHeader=true"
- - "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- - "traefik.frontend.headers.STSIncludeSubdomains=true"
- - "traefik.frontend.headers.STSPreload=true"
- - "traefik.frontend.headers.frameDeny=false"
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock:ro
- - ${USERDIR}/docker/traefik:/etc/traefik
- - ${USERDIR}/docker/shared:/shared
- networks:
- traefik_proxy:
- external:
- name: traefik_proxy
- default:
- driver: bridge
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement