added ftp service, added last.commit.url label so I can see if a project is still active, removed deprecated version, upgraded emby to a newer beta and finally locked mythdb to an 8.4 mysql so that its compatible with android apk
This commit is contained in:
@@ -1,7 +1,6 @@
|
||||
# To note, if I am using an env_file to /srv/docker/config/secrets/*,
|
||||
# then I have taken the ENV variable with a password for that container and
|
||||
# then I have taken the ENV variable with a password for that container and
|
||||
# put it into a separate file (1 place for common pwds like for ldap, but also so this file can be shared safely)
|
||||
version: '3.9'
|
||||
services:
|
||||
traefik:
|
||||
container_name: traefik
|
||||
@@ -35,6 +34,7 @@ services:
|
||||
# too many other ports (80, 443) so we have to be explicit & with network_mode: host traefik routes to localhost:8080
|
||||
- "traefik.http.services.dashboard.loadbalancer.server.port=8080"
|
||||
- "traefik.http.routers.dashboard.service=api@internal"
|
||||
- "last.commit.url=https://api.github.com/repos/traefik/traefik/commits"
|
||||
depends_on:
|
||||
- pihole
|
||||
volumes:
|
||||
@@ -59,6 +59,7 @@ services:
|
||||
- "traefik.http.routers.sonarr.tls=true"
|
||||
- "traefik.http.routers.sonarr.entrypoints=secureweb"
|
||||
- "traefik.http.routers.sonarr.tls.certresolver=myresolver"
|
||||
- "last.commit.url=https://api.github.com/repos/linuxserver/docker-sonarr/commits"
|
||||
depends_on:
|
||||
- pihole
|
||||
volumes:
|
||||
@@ -82,6 +83,7 @@ services:
|
||||
- "traefik.http.routers.radarr.tls=true"
|
||||
- "traefik.http.routers.radarr.entrypoints=secureweb"
|
||||
- "traefik.http.routers.radarr.tls.certresolver=myresolver"
|
||||
- "last.commit.url=https://api.github.com/repos/linuxserver/docker-radarr/commits"
|
||||
depends_on:
|
||||
- pihole
|
||||
volumes:
|
||||
@@ -103,6 +105,7 @@ services:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.readarr.rule=Host(`readarr.ddp.net`)"
|
||||
- "traefik.http.routers.readarr.entrypoints=web"
|
||||
- "last.commit.url=https://api.github.com/repos/Readarr/Readarr/commits"
|
||||
depends_on:
|
||||
- pihole
|
||||
volumes:
|
||||
@@ -133,6 +136,7 @@ services:
|
||||
- "traefik.http.routers.calibreweb.rule=Host(`calibreweb.ddp.net`)"
|
||||
- "traefik.http.services.calibreweb.loadbalancer.server.port=8081"
|
||||
- "traefik.http.routers.calibreweb.entrypoints=web"
|
||||
- "last.commit.url=https://api.github.com/repos/linuxserver/docker-calibre/commits"
|
||||
depends_on:
|
||||
- pihole
|
||||
volumes:
|
||||
@@ -143,9 +147,8 @@ services:
|
||||
# direct play on tv works (from memory)
|
||||
emby:
|
||||
container_name: emby
|
||||
# image: emby/embyserver
|
||||
# image: emby/embyserver:beta
|
||||
image: emby/embyserver:4.9.0.22
|
||||
# image: emby/embyserver:latest
|
||||
image: emby/embyserver:4.9.0.29
|
||||
restart: always
|
||||
network_mode: host
|
||||
environment:
|
||||
@@ -173,6 +176,7 @@ services:
|
||||
- "traefik.http.routers.emby.tls=true"
|
||||
- "traefik.http.routers.emby.entrypoints=secureweb"
|
||||
- "traefik.http.routers.emby.tls.certresolver=myresolver"
|
||||
- "last.commit.url=https://api.github.com/repos/MediaBrowser/Emby.Releases/commits"
|
||||
|
||||
# fail2ban might need a better whitelist? (I had internal docker ips in my quick fudge as well?)
|
||||
mail:
|
||||
@@ -192,6 +196,7 @@ services:
|
||||
- "traefik.http.routers.mail.rule=Host(`rspamd.ddp.net`)"
|
||||
- "traefik.http.services.mail.loadbalancer.server.port=11334"
|
||||
- "traefik.http.routers.mail.entrypoints=web"
|
||||
- "last.commit.url=https://api.github.com/repos/docker-mailserver/docker-mailserver/commits"
|
||||
depends_on:
|
||||
- pihole
|
||||
- openldap
|
||||
@@ -266,6 +271,7 @@ services:
|
||||
restart: always
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# - "last.commit.url=https://api.github.com/bitnami/containers/tree/main/bitnami/openldap/commits
|
||||
environment:
|
||||
BITNAMI_DEBUG: "true"
|
||||
LDAP_ROOT: "dc=depaoli,dc=id,dc=au"
|
||||
@@ -300,6 +306,7 @@ services:
|
||||
- "traefik.http.routers.webmail.entrypoints=secureweb"
|
||||
- "traefik.http.routers.webmail.tls=true"
|
||||
- "traefik.http.routers.webmail.tls.certresolver=myresolver"
|
||||
- "last.commit.url=https://api.github.com/repos/roundcube/roundcubemail/commits"
|
||||
volumes:
|
||||
- /srv/docker/container/roundcubemail/www:/var/www/html
|
||||
- /srv/docker/container/roundcubemail/db/sqlite:/var/roundcube/db
|
||||
@@ -335,6 +342,7 @@ services:
|
||||
- "traefik.http.routers.portainer.rule=Host(`portainer.ddp.net`)"
|
||||
# need to be explicit, as it also runs API ports, SSL ports, etc
|
||||
- "traefik.http.services.portainer.loadbalancer.server.port=9000"
|
||||
- "last.commit.url=https://api.github.com/repos/portainer/portainer/commits"
|
||||
|
||||
# this is running network_mode: host so it is on the same subnet as the IoT
|
||||
# devices and can see/discover them
|
||||
@@ -367,6 +375,7 @@ services:
|
||||
- "traefik.http.routers.hass.tls=true"
|
||||
- "traefik.http.routers.hass.entrypoints=secureweb"
|
||||
- "traefik.http.routers.hass.tls.certresolver=myresolver"
|
||||
- "last.commit.url=https://api.github.com/repos/home-assistant/core/commits"
|
||||
|
||||
# this runs in network_most host so that it can find the players automatically
|
||||
# mass:
|
||||
@@ -404,12 +413,13 @@ services:
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
- "last.commit.url=https://api.github.com/repos/eclipse/mosquitto/commits"
|
||||
ports:
|
||||
- "1883:1883"
|
||||
|
||||
esphome:
|
||||
container_name: esphome
|
||||
image: esphome/esphome:latest
|
||||
image: esphome/esphome
|
||||
environment:
|
||||
- ESPHOME_DASHBOARD_USE_PING=true
|
||||
volumes:
|
||||
@@ -421,6 +431,7 @@ services:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.esphome.rule=Host(`esphome.ddp.net`)"
|
||||
- "traefik.http.routers.esphome.entrypoints=web"
|
||||
- "last.commit.url=https://api.github.com/repos/esphome/esphome/commits"
|
||||
restart: always
|
||||
privileged: true
|
||||
|
||||
@@ -445,6 +456,7 @@ services:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.sabnzbd.rule=Host(`sab.ddp.net`)"
|
||||
- "traefik.http.routers.sabnzbd.entrypoints=web"
|
||||
- "last.commit.url=https://api.github.com/repos/linuxserver/docker-sabnzbd/commits"
|
||||
|
||||
influxdb:
|
||||
image: influxdb:latest
|
||||
@@ -469,6 +481,7 @@ services:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.influxdb.rule=Host(`influx.ddp.net`)"
|
||||
- "traefik.http.routers.influxdb.entrypoints=web"
|
||||
- "last.commit.url=https://api.github.com/repos/influxdata/influxdb/commits"
|
||||
restart: always
|
||||
|
||||
telegraf:
|
||||
@@ -502,6 +515,7 @@ services:
|
||||
- HOST_SYS=/host/sys
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
- "last.commit.url=https://api.github.com/repos/influxdata/telegraf/commits"
|
||||
depends_on:
|
||||
- influxdb
|
||||
restart: always
|
||||
@@ -531,6 +545,7 @@ services:
|
||||
- "traefik.http.routers.grafana_ssl.tls.certresolver=myresolver"
|
||||
- "traefik.http.routers.grafana.rule=PathPrefix(`/grafana/`)"
|
||||
- "traefik.http.routers.grafana.entrypoints=web"
|
||||
- "last.commit.url=https://api.github.com/repos/grafana/grafana/commits"
|
||||
|
||||
pihole:
|
||||
container_name: pihole
|
||||
@@ -560,10 +575,11 @@ services:
|
||||
- "traefik.http.routers.pihole.middlewares=pihole-strip,pihole-add"
|
||||
# we set this to port 80, pihole has many open ports (e.g. 53), so have to tell traefik which port to send http traffic too
|
||||
- "traefik.http.services.pihole.loadbalancer.server.port=80"
|
||||
- "last.commit.url=https://api.github.com/repos/pi-hole/pi-hole/commits"
|
||||
|
||||
bookdb_dev:
|
||||
container_name: bookdb_dev
|
||||
image: postgres:latest
|
||||
image: postgres
|
||||
restart: always
|
||||
environment:
|
||||
POSTGRES_USER: ddp
|
||||
@@ -574,6 +590,7 @@ services:
|
||||
- pihole
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
- "last.commit.url=https://api.github.com/repos/postgres/postgres/commits"
|
||||
ports:
|
||||
- '55432:5432'
|
||||
volumes:
|
||||
@@ -594,6 +611,7 @@ services:
|
||||
- pihole
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
- "last.commit.url=https://api.github.com/repos/postgres/postgres/commits"
|
||||
volumes:
|
||||
- /srv/docker/container/bookdb/data:/var/lib/postgresql/data
|
||||
- /srv/docker/container/bookdb/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
|
||||
@@ -651,6 +669,7 @@ services:
|
||||
entrypoint: /root/mara-init/entrypoint-wrapper.sh
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
- "last.commit.url=https://api.github.com/repos/postgres/postgres/commits"
|
||||
environment:
|
||||
POSTGRES_USER: pa
|
||||
POSTGRES_DB: pa
|
||||
@@ -675,6 +694,7 @@ services:
|
||||
entrypoint: /root/mara-init/entrypoint-wrapper.sh
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
- "last.commit.url=https://api.github.com/repos/postgres/postgres/commits"
|
||||
environment:
|
||||
POSTGRES_USER: pa
|
||||
POSTGRES_DB: pa
|
||||
@@ -795,6 +815,7 @@ services:
|
||||
- "traefik.http.routers.vaultwarden.tls.options=tls12@file"
|
||||
- "traefik.http.routers.vaultwarden.entrypoints=secureweb"
|
||||
- "traefik.http.routers.vaultwarden.tls.certresolver=myresolver"
|
||||
- "last.commit.url=https://api.github.com/repos/dani-garcia/vaultwarden/commits"
|
||||
|
||||
# auto-update docker images
|
||||
watchtower:
|
||||
@@ -806,6 +827,7 @@ services:
|
||||
- pihole
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
- "last.commit.url=https://api.github.com/repos/containrrr/watchtower/commits"
|
||||
volumes:
|
||||
- "/var/run/docker.sock:/var/run/docker.sock"
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
@@ -826,6 +848,7 @@ services:
|
||||
- "3000:3000"
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
- "last.commit.url=https://api.github.com/repos/bropat/eufy-security-ws/commits"
|
||||
depends_on:
|
||||
- pihole
|
||||
volumes:
|
||||
@@ -845,6 +868,7 @@ services:
|
||||
- "8554:8554"
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
- "last.commit.url=https://api.github.com/repos/bluenviron/mediamtx/commits"
|
||||
depends_on:
|
||||
- pihole
|
||||
volumes:
|
||||
@@ -900,6 +924,7 @@ services:
|
||||
- "traefik.http.routers.kuma.tls=true"
|
||||
- "traefik.http.routers.kuma.entrypoints=secureweb"
|
||||
- "traefik.http.routers.kuma.tls.certresolver=myresolver"
|
||||
- "last.commit.url=https://api.github.com/repos/louislam/uptime-kuma/commits"
|
||||
restart: always
|
||||
|
||||
sshwifty:
|
||||
@@ -914,6 +939,7 @@ services:
|
||||
- "traefik.http.routers.sshwifty.tls=true"
|
||||
- "traefik.http.routers.sshwifty.entrypoints=secureweb"
|
||||
- "traefik.http.routers.sshwifty.tls.certresolver=myresolver"
|
||||
- "last.commit.url=https://api.github.com/repos/niruix/sshwifty/commits"
|
||||
stdin_open: true
|
||||
tty: true
|
||||
volumes:
|
||||
@@ -922,10 +948,11 @@ services:
|
||||
|
||||
mythdb:
|
||||
container_name: mythdb
|
||||
image: mysql:latest
|
||||
image: mysql:8.4
|
||||
restart: always
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
- "last.commit.url=https://api.github.com/repos/mysql/mysql-server/commits"
|
||||
environment:
|
||||
MYSQL_DATABASE: 'mythconverg'
|
||||
MYSQL_USER: 'mythtv'
|
||||
@@ -1014,6 +1041,7 @@ services:
|
||||
- "traefik.http.routers.wiki.tls=true"
|
||||
- "traefik.http.routers.wiki.entrypoints=secureweb"
|
||||
- "traefik.http.routers.wiki.tls.certresolver=myresolver"
|
||||
- "last.commit.url=https://api.github.com/repos/linuxserver/docker-bookstack/commits"
|
||||
|
||||
wikidb:
|
||||
image: lscr.io/linuxserver/mariadb:latest
|
||||
@@ -1031,6 +1059,7 @@ services:
|
||||
restart: unless-stopped
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
- "last.commit.url=https://api.github.com/repos/linuxserver/docker-mariadb/commits"
|
||||
|
||||
web:
|
||||
image: php:apache
|
||||
@@ -1046,6 +1075,7 @@ services:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.web.rule=Host(`mara.ddp.net`) && ( Path(`/`) || PathPrefix(`/images` ) || PathPrefix(`/mythweb`) )"
|
||||
- "traefik.http.routers.web.entrypoints=web"
|
||||
- "last.commit.url=https://api.github.com/repos/docker-library/php/commits"
|
||||
|
||||
# this container exists solely to have traefik manage the depaoli.id.au SSL
|
||||
# cert - the web server has no web content to serve
|
||||
@@ -1063,6 +1093,7 @@ services:
|
||||
- "traefik.http.routers.depweb.tls=true"
|
||||
- "traefik.http.routers.depweb.entrypoints=secureweb"
|
||||
- "traefik.http.routers.depweb.tls.certresolver=myresolver"
|
||||
- "last.commit.url=https://api.github.com/repos/docker-library/php/commits"
|
||||
|
||||
samba:
|
||||
image: ubuntu:latest
|
||||
@@ -1085,3 +1116,28 @@ services:
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
- "traefik.enable=false"
|
||||
|
||||
ftp:
|
||||
image: ubuntu:latest
|
||||
container_name: ftp
|
||||
entrypoint: /root/mara-init/entrypoint.sh
|
||||
restart: always
|
||||
ports:
|
||||
# active ports
|
||||
- "20:20"
|
||||
- "21:21"
|
||||
# passive ports
|
||||
- "10090:10090"
|
||||
- "10091:10091"
|
||||
- "10092:10092"
|
||||
volumes:
|
||||
- /home:/home
|
||||
- /srv/docker/container/ftp/monitoring-results:/monitoring-results
|
||||
- /srv/docker/container/ftp/mara-init:/root/mara-init
|
||||
- /srv/docker/container/ftp/mara-bin:/root/mara-bin
|
||||
depends_on:
|
||||
- pihole
|
||||
- openldap
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
- "traefik.enable=false"
|
||||
|
||||
Reference in New Issue
Block a user