ddp/docker-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a65c41b0c9c17664056260ec69fc4f465aa162df
docker-compose/docker-compose.yml

990 lines
32 KiB
YAML
Raw Blame History

version: '3.7'
services:
traefik:
container_name: traefik
image: "traefik"
restart: always
network_mode: host
command:
# - "--log.level=DEBUG"
- "--api.dashboard=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--providers.docker.useBindPortIP=true"
- "--providers.file=true"
- "--providers.file.directory=/configuration/"
- "--providers.file.watch=true"
- "--entrypoints.web.address=:80"
- "--entrypoints.secureweb.address=:443"
- "--metrics"
- "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0"
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.dashboard.rule=PathPrefix(`/traefik`) || PathPrefix(`/api`) || PathPrefix(`/dashboard`)"
- "traefik.http.middlewares.dashboard.replacepathregex.regex=^/traefik/(.*)"
- "traefik.http.middlewares.dashboard.replacepathregex.replacement=/dashboard/$$1"
- "traefik.http.routers.dashboard.middlewares=dashboard"
- "traefik.http.routers.dashboard.entrypoints=web"
- "traefik.http.services.dashboard.loadbalancer.server.port=8080"
- "traefik.http.routers.dashboard.service=api@internal"
depends_on:
- pihole
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /srv/docker/container/traefik/:/configuration
- /srv/docker/container/letsencrypt/etc:/letsencrypt
- /etc/localtime:/etc/localtime:ro
sonarr:
container_name: sonarr
image: linuxserver/sonarr
restart: always
environment:
- TZ=Australia/Melbourne
- PUID=500
- PGID=500
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.sonarr.rule=Host(`son.depaoli.id.au`)"
- "traefik.http.routers.sonarr.tls=true"
- "traefik.http.routers.sonarr.entrypoints=secureweb"
depends_on:
- pihole
volumes:
- /srv/docker/container/sonarr/config:/config
- /export/docker/storage/downloads:/downloads
- /export/docker/storage/series:/tv
- /etc/localtime:/etc/localtime:ro
lidarr:
container_name: lidarr
image: linuxserver/lidarr
restart: always
environment:
- TZ=Australia/Melbourne
- PUID=500
- PGID=500
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.lidarr.rule=PathPrefix(`/lidarr/`)"
- "traefik.http.routers.lidarr.entrypoints=web"
ports:
- "8686:8686"
depends_on:
- pihole
volumes:
- /srv/docker/container/lidarr/config:/config
- /export/docker/storage/downloads:/downloads
- /export/docker/storage/music:/music
- /etc/localtime:/etc/localtime:ro
radarr:
container_name: radarr
image: linuxserver/radarr
restart: always
environment:
- TZ=Australia/Melbourne
- PUID=500
- PGID=500
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.radarr.rule=Host(`rad.depaoli.id.au`)"
- "traefik.http.routers.radarr.tls=true"
- "traefik.http.routers.radarr.entrypoints=secureweb"
depends_on:
- pihole
volumes:
- /srv/docker/container/radarr/config:/config
- /export/docker/storage/downloads:/downloads
- /export/docker/storage/movies:/movies
- /etc/localtime:/etc/localtime:ro
readarr:
container_name: readarr
image: linuxserver/readarr:nightly
restart: always
environment:
- TZ=Australia/Melbourne
- PUID=500
- PGID=500
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.readarr.rule=PathPrefix(`/readarr/`)"
- "traefik.http.routers.readarr.entrypoints=web"
depends_on:
- pihole
volumes:
- /srv/docker/container/readarr/config:/config
- /export/docker/storage/downloads:/downloads
- /export/docker/storage/books:/books
- /etc/localtime:/etc/localtime:ro
calibre:
container_name: calibre
image: linuxserver/calibre
restart: always
environment:
- TZ=Australia/Melbourne
- PUID=500
- PGID=500
ports:
- 18080:8080
- 18081:8081
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
# - "traefik.http.routers.calibre.rule=PathPrefix(`/calibre/`)"
# - "traefik.http.services.calibre.loadbalancer.server.port=8080"
# - "traefik.http.middlewares.stripprefix-calibre.stripprefix.prefixes=/calibre"
# - "traefik.http.routers.calibre.entrypoints=web"
# - "traefik.http.routers.calibreweb.rule=PathPrefix(`/calibreweb/`)"
# - "traefik.http.services.calibreweb.loadbalancer.server.port=8081"
# - "traefik.http.middlewares.stripprefix-calibreweb.stripprefix.prefixes=/calibreweb"
# - "traefik.http.routers.calibreweb.entrypoints=web"
depends_on:
- pihole
volumes:
- /srv/docker/container/calibre/config:/config
- /etc/localtime:/etc/localtime:ro
emby:
container_name: emby
image: emby/embyserver
restart: always
network_mode: host
environment:
- UID=500
- GID=500
# 44 is video for nvidia driver support / transcoding
- GIDLIST=44
- TZ=Australia/Melbourne
volumes:
- /srv/docker/container/emby/config:/config
- /export/docker/storage/transcode:/transcode
- /export/docker/storage:/data
- /export/myth/tv:/myth-recordings
- /etc/localtime:/etc/localtime:ro
depends_on:
- pihole
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.emby.rule=Host(`emby.depaoli.id.au`)"
- "traefik.http.services.emby.loadbalancer.server.port=8096"
- "traefik.http.routers.emby.tls=true"
- "traefik.http.routers.emby.entrypoints=secureweb"
#
# fail2ban is a bit jumpy from memory, so I've added a whitelist
# but its not going to survive a pull... and it seems if I mount
# the docker container before its initialised it ends up empty
# (timing?) so I have done this by hand
# for now, until I work out a solution:
## sudo docker exec -it mail bash
## root@mail:/etc/fail2ban/jail.d# cat > whitelist.conf
## [DEFAULT]
## ignoreip = 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
# sudo docker-compose restart mail
#
mail:
image: docker.io/mailserver/docker-mailserver:latest
hostname: mail
domainname: depaoli.id.au
container_name: mail
restart: always
ports:
- "25:25"
- "465:465"
- "587:587"
- "993:993"
labels:
- "com.centurylinklabs.watchtower.enable=true"
depends_on:
- pihole
- openldap
volumes:
- /srv/docker/container/mail/data:/var/mail
- /srv/docker/container/mail/state:/var/mail-state
- /srv/docker/container/mail/log:/var/log/mail
- /srv/docker/container/mail/config/:/tmp/docker-mailserver/
- /srv/docker/container/letsencrypt/etc:/etc/letsencrypt
- /etc/localtime:/etc/localtime:ro
environment:
- ENABLE_SPAMASSASSIN=1
- ENABLE_SPAMASSASSIN_KAM=1
- SPAMASSASIN_SPAM_TO_INBOX=1
- MOVE_SPAM_TO_JUNK=1
- SA_SPAM_SUBJECT=1
- ENABLE_CLAMAV=1
- ENABLE_FAIL2BAN=1
- ENABLE_POSTGREY=0
- SPOOF_PROTECTION=1
- ONE_DIR=1
- DMS_DEBUG=0
- LOG_LEVEL=warn
- AMAVIS_LOGLEVEL=-1
# in theory these next 2 being empty disables them, but that does not seem to work
- ENABLE_POP3
- ENABLE_MANAGESIEVE
- ENABLE_LDAP=1
- LDAP_SERVER_HOST=openldap # your ldap container/IP/ServerName
- LDAP_SEARCH_BASE=dc=depaoli,dc=id,dc=au
- LDAP_BIND_DN=cn=admin,dc=depaoli,dc=id,dc=au
- LDAP_BIND_PW=a_real_admin_pass_word_for_2o20
- LDAP_QUERY_FILTER_USER=(&(mail=%s)(mailEnabled=TRUE))
- LDAP_QUERY_FILTER_GROUP=(&(mailGroupMember=%s)(mailEnabled=TRUE))
- LDAP_QUERY_FILTER_ALIAS=(mailAlias=%s)
- LDAP_QUERY_FILTER_DOMAIN=(|(&(mail=*@%s)(objectClass=PostfixBookMailAccount)(mailEnabled=TRUE))(&(mailGroupMember=*@%s)(objectClass=PostfixBookMailAccount)(mailEnabled=TRUE))(&(mailalias=*@%s)(objectClass=PostfixBookMailForward)))
- DOVECOT_PASS_FILTER=(&(objectClass=PostfixBookMailAccount)(uid=%n))
- DOVECOT_USER_FILTER=(&(objectClass=PostfixBookMailAccount)(uid=%n))
- ENABLE_SASLAUTHD=1
- SASLAUTHD_MECHANISMS=ldap
- SASLAUTHD_LDAP_SERVER=openldap
- SASLAUTHD_LDAP_BIND_DN=cn=admin,dc=depaoli,dc=id,dc=au
- SASLAUTHD_LDAP_PASSWORD=a_real_admin_pass_word_for_2o20
- SASLAUTHD_LDAP_SEARCH_BASE=ou=users,dc=depaoli,dc=id,dc=au
- SASLAUTHD_LDAP_FILTER=(&(uid=%U)(objectClass=person))
- POSTMASTER_ADDRESS=postmaster@depaoli.id.au
- POSTFIX_MESSAGE_SIZE_LIMIT=100000000
- SSL_TYPE=letsencrypt
cap_add:
- NET_ADMIN
- SYS_PTRACE
openldap:
image: osixia/openldap:latest
container_name: openldap
# command: "--loglevel debug"
restart: always
labels:
- "com.centurylinklabs.watchtower.enable=true"
environment:
LDAP_LOG_LEVEL: "32768"
LDAP_ORGANISATION: "Depaoli home ldap"
LDAP_DOMAIN: "depaoli.id.au"
LDAP_BASE_DN: ""
LDAP_ADMIN_PASSWORD: "a_real_admin_pass_word_for_2o20"
LDAP_CONFIG_PASSWORD: "in_2021_yet_another_real_pwd_for_adm"
LDAP_READONLY_USER: "false"
LDAP_RFC2307BIS_SCHEMA: "false"
LDAP_BACKEND: "mdb"
LDAP_TLS: "true"
LDAP_TLS_CRT_FILENAME: "cert.pem"
LDAP_TLS_KEY_FILENAME: "privkey.pem"
LDAP_TLS_DH_PARAM_FILENAME: "dhparam.pem"
LDAP_TLS_CA_CRT_FILENAME: "fullchain.pem"
LDAP_TLS_ENFORCE: "false"
LDAP_TLS_CIPHER_SUITE: "SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC"
LDAP_TLS_PROTOCOL_MIN: "3.1"
LDAP_TLS_VERIFY_CLIENT: "try"
LDAP_REPLICATION: "false"
KEEP_EXISTING_CONFIG: "false"
LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
LDAP_SSL_HELPER_PREFIX: "ldap"
tty: true
stdin_open: true
depends_on:
- pihole
volumes:
- /srv/docker/container/ldap/var/lib/ldap:/var/lib/ldap
- /srv/docker/container/ldap/etc/ldap/slapd.d:/etc/ldap/slapd.d
- /srv/docker/container/ldap/certs/:/container/service/slapd/assets/certs
- /srv/docker/container/ldap/ldifs/:/ldifs/
- /etc/localtime:/etc/localtime:ro
ports:
- "389:389"
- "636:636"
phpldapadmin:
image: osixia/phpldapadmin:latest
container_name: phpldapadmin
restart: always
environment:
PHPLDAPADMIN_LDAP_HOSTS: "openldap"
PHPLDAPADMIN_HTTPS: "false"
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.phpldapadmin.rule=PathPrefix(`/phpldapadmin/`)"
- "traefik.http.middlewares.stripprefix-phpldapadmin.stripprefix.prefixes=/phpldapadmin"
- "traefik.http.routers.phpldapadmin.middlewares=stripprefix-phpldapadmin@docker"
- "traefik.http.routers.phpldapadmin.entrypoints=web"
depends_on:
- pihole
- openldap
volumes:
- /srv/docker/container/phpldapadmin/var/www/phpldapadmin:/var/www/phpldapadmin
- /etc/localtime:/etc/localtime:ro
# webmail
roundcubemail:
image: roundcube/roundcubemail:latest
container_name: roundcubemail
restart: always
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.roundcube.rule=Host(`webmail.depaoli.id.au`)"
- "traefik.http.routers.roundcube.entrypoints=secureweb"
- "traefik.http.routers.roundcube.tls=true"
volumes:
- /srv/docker/container/roundcubemail/www:/var/www/html
- /srv/docker/container/roundcubemail/db/sqlite:/var/roundcube/db
- /srv/docker/container/roundcubemail/tmp/roundcube-temp:/tmp/roundcube-temp
- /srv/docker/container/roundcubemail/var/roundcube/config:/var/roundcube/config
- /etc/localtime:/etc/localtime:ro
depends_on:
- pihole
- mail
- openldap
environment:
- ROUNDCUBEMAIL_DB_TYPE=sqlite
- ROUNDCUBEMAIL_SKIN=elastic
- ROUNDCUBEMAIL_DEFAULT_HOST=ssl://mail.depaoli.id.au
- ROUNDCUBEMAIL_DEFAULT_PORT=993
- ROUNDCUBEMAIL_SMTP_SERVER=ssl://mail.depaoli.id.au
- ROUNDCUBEMAIL_SMTP_PORT=465
portainer:
container_name: portainer
image: portainer/portainer-ce:latest
restart: always
depends_on:
- pihole
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /srv/docker/container/portainer/data:/data
- /etc/localtime:/etc/localtime:ro
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.portainer.rule=PathPrefix(`/portainer/`)"
- "traefik.http.middlewares.stripprefix-portainer.stripprefix.prefixes=/portainer"
- "traefik.http.routers.portainer.middlewares=stripprefix-portainer@docker"
- "traefik.http.routers.portainer.entrypoints=web"
- "traefik.http.services.portainer.loadbalancer.server.port=9000"
plex:
container_name: plex
image: plexinc/pms-docker
restart: always
environment:
- TZ=Australia/Melbourne
- PLEX_CLAIM=claim-Mgs3KDD_zM-rheXvz6FJ
- PLEX_UID=500
- PLEX_GID=500
hostname: plex_dp
labels:
- "com.centurylinklabs.watchtower.enable=true"
depends_on:
- pihole
volumes:
- /myth/opt/plex/config:/config
- /myth/opt/plex/transcode:/transcode
- /myth/opt/storage:/data
- /etc/localtime:/etc/localtime:ro
ports:
- "32400:32400"
hass:
image: homeassistant/home-assistant
container_name: hass
privileged: true
network_mode: host
restart: always
security_opt:
- seccomp:unconfined
depends_on:
- pihole
- openldap
volumes:
- /srv/docker/container/hass:/config
- /export/docker/storage/music/:/music
- /var/run/docker.sock:/var/run/docker.sock
- /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket
- /etc/localtime:/etc/localtime:ro
- /run/dbus:/run/dbus:ro
labels:
- "com.centurylinklabs.watchtower.enable=false"
# - "traefik.enable=true"
# - "traefik.http.routers.hass.rule=Host(`hass.depaoli.id.au`)"
# - "traefik.http.routers.hass.tls=true"
# - "traefik.http.routers.hass.tls.options=tls12@file"
# - "traefik.http.services.hass.loadbalancer.server.port=8123"
# - "traefik.http.routers.hass.entrypoints=secureweb"
# ports:
# - "8095:8095"
# - "8123:8123"
# - "3610:3610/udp"
mosquitto:
container_name: mosquitto
image: eclipse-mosquitto
restart: always
volumes:
- /srv/docker/container/mosquitto:/mosquitto
- /srv/docker/container/mosquitto/data:/mosquitto/data
- /srv/docker/container/mosquitto/log:/mosquitto/log
ports:
- "1883:1883"
esphome:
container_name: esphome
image: esphome/esphome
volumes:
- /srv/docker/container/esphome/config:/config
- /dev:/dev
- /etc/localtime:/etc/localtime:ro
restart: always
privileged: true
network_mode: host
sabnzbd:
image: linuxserver/sabnzbd
container_name: sabnzbd
restart: always
environment:
- PUID=500
- PGID=500
- TZ=Australia/Melbourne
depends_on:
- pihole
volumes:
- /srv/docker/container/sabnzbd/:/config
- /export/docker/storage/downloads:/downloads
- /export/docker/storage/incomplete-downloads:/incomplete-downloads
- /etc/localtime:/etc/localtime:ro
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.sabnzbd.rule=PathPrefix(`/sabnzbd/`)"
- "traefik.http.routers.sabnzbd.entrypoints=web"
# Monitoring
speedtest-exporter:
image: jraviles/prometheus_speedtest:latest
container_name: speedtest-exporter
labels:
- "com.centurylinklabs.watchtower.enable=true"
depends_on:
- pihole
volumes:
- /etc/localtime:/etc/localtime:ro
restart: always
prometheus:
image: prom/prometheus:latest
container_name: prometheus
depends_on:
- pihole
volumes:
- /srv/docker/container/prometheus/:/etc/prometheus/
- /srv/docker/container/prometheus/data:/prometheus
- /etc/localtime:/etc/localtime:ro
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus'
- '--web.console.libraries=/usr/share/prometheus/console_libraries'
- '--web.console.templates=/usr/share/prometheus/consoles'
- '--web.enable-lifecycle'
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.prometheus.rule=PathPrefix(`/prometheus/`)"
- "traefik.http.routers.prometheus.entrypoints=web"
links:
- cadvisor:cadvisor
# - alertmanager:alertmanager
- node-exporter:node-exporter
- blackbox_exporter:blackbox_exporter
ports:
- 9090:9090
restart: always
node-exporter:
image: prom/node-exporter:latest
container_name: node-exporter
volumes:
- /proc:/host/proc:ro
- /sys:/host/sys:ro
- /:/rootfs:ro
- /srv/docker/container/node-exporter/textfile_collector:/var/lib/node_exporter/textfile_collector
- /etc/localtime:/etc/localtime:ro
labels:
- "com.centurylinklabs.watchtower.enable=true"
command:
- '--path.procfs=/host/proc'
- '--path.sysfs=/host/sys'
- --collector.filesystem.ignored-mount-points
- "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)"
- --collector.textfile.directory
- "/var/lib/node_exporter/textfile_collector"
restart: always
# alertmanager:
# image: prom/alertmanager:latest
# container_name: alertmanager
# ports:
# - 9093:9093
# labels:
# - "com.centurylinklabs.watchtower.enable=true"
# volumes:
# - /srv/docker/container/alertmanager/:/alertmanager
# restart: always
# command:
# - '--config.file=/alertmanager/config.yml'
# - '--storage.path=/alertmanager'
cadvisor:
# image: secureimages/cadvisor:0.44.0-alpine-3.16.0
image: gcr.io/cadvisor/cadvisor:latest
# image: google/cadvisor:latest
container_name: cadvisor
privileged: true
command:
- '--disable_metrics=udp'
- '-v=2'
- '--housekeeping_interval=30s'
labels:
- "com.centurylinklabs.watchtower.enable=true"
volumes:
- /:/rootfs:ro
- /var/run:/var/run:rw
- /sys:/sys:ro
- /var/lib/docker/:/var/lib/docker:ro
- /etc/localtime:/etc/localtime:ro
restart: always
blackbox_exporter:
image: prom/blackbox-exporter
container_name: blackbox-exporter
# ports:
# - 9115:9115
command:
- '--config.file=/etc/blackboxexporter/config.yml'
labels:
- "com.centurylinklabs.watchtower.enable=true"
volumes:
- /srv/docker/container/blackboxexporter/:/etc/blackboxexporter/
restart: always
grafana:
image: grafana/grafana:latest
container_name: grafana
restart: always
depends_on:
- prometheus
volumes:
- /srv/docker/container/grafana/grafana.ini:/etc/grafana/grafana.ini
- /srv/docker/container/grafana/data:/var/lib/grafana
- /srv/docker/container/grafana/dashboards:/var/lib/grafana/dashboards
- /srv/docker/container/grafana/grafana/provisioning:/etc/grafana/provisioning
- /etc/localtime:/etc/localtime:ro
env_file:
- /srv/docker/container/grafana/config.monitoring
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.grafana_ssl.rule=Host(`graf.depaoli.id.au`)"
- "traefik.http.routers.grafana_ssl.tls=true"
- "traefik.http.routers.grafana_ssl.entrypoints=secureweb"
- "traefik.http.routers.grafana.rule=PathPrefix(`/grafana/`)"
- "traefik.http.routers.grafana.entrypoints=web"
pihole:
container_name: pihole
image: pihole/pihole:v5.7
ports:
- "192.168.0.2:53:53/tcp"
- "192.168.0.2:53:53/udp"
- "9999:80"
environment:
TZ: 'Australia/Melbourne'
WEBPASSWORD: 'O701JH&%fDqIw836eTiw1LxzlGw!sn%c'
DNS1: '127.0.0.1'
DNS2: '208.67.222.222'
volumes:
- /srv/docker/container/pihole/etc/:/etc/pihole/
- /srv/docker/container/pihole/dnsmasq.d/:/etc/dnsmasq.d/
- /etc/localtime:/etc/localtime:ro
restart: always
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.pihole.rule=PathPrefix(`/pihole/`)"
- "traefik.http.routers.pihole.entrypoints=web"
- "traefik.http.middlewares.stripprefix-pihole.stripprefix.prefixes=/pihole"
- "traefik.http.services.pihole.loadbalancer.server.port=80"
- "traefik.http.routers.pihole.middlewares=stripprefix-pihole@docker"
bookdb_dev:
container_name: bookdb_dev
image: postgres:latest
restart: always
environment:
POSTGRES_PASSWORD: blahdeblah
POSTGRES_USER: ddp
POSTGRES_DB: library
PGPASSWORD: NWNlfa01
depends_on:
- pihole
ports:
- '55432:5432'
volumes:
- /srv/docker/container/bookdb_dev/data:/var/lib/postgresql/data
- /srv/docker/container/bookdb_dev/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
- /etc/localtime:/etc/localtime:ro
bookdb:
container_name: bookdb
image: postgres:latest
restart: always
environment:
POSTGRES_PASSWORD: blahdeblah
POSTGRES_USER: ddp
POSTGRES_DB: library
PGPASSWORD: NWNlfa01
depends_on:
- pihole
volumes:
- /srv/docker/container/bookdb/data:/var/lib/postgresql/data
- /srv/docker/container/bookdb/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
- /etc/localtime:/etc/localtime:ro
bookdb_web:
container_name: bookdb_web
restart: always
build:
context: '/home/ddp/src/pybook'
depends_on:
- bookdb
- pihole
volumes:
- /srv/docker/container/letsencrypt/etc:/etc/letsencrypt
- /etc/localtime:/etc/localtime:ro
labels:
- "com.centurylinklabs.watchtower.enable=false"
- "traefik.enable=true"
- "traefik.tcp.routers.bookdb_web-tcp.rule=HostSNI(`book.depaoli.id.au`)"
- "traefik.tcp.routers.bookdb_web-tcp.tls.passthrough=true"
- "traefik.tcp.routers.bookdb_web-tcp.entrypoints=secureweb"
padb_dev:
container_name: padb_dev
build:
context: '/home/ddp/src/photoassistant/db-container'
restart: always
environment:
POSTGRES_PASSWORD: for_now_pa
POSTGRES_USER: pa
POSTGRES_DB: pa
PGPASSWORD: for_now_overall_pg_pass
ports:
- '65432:5432'
depends_on:
- pihole
volumes:
- /srv/docker/container/padb_dev/data:/var/lib/postgresql/data
- /srv/docker/container/padb_dev/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
- /etc/localtime:/etc/localtime:ro
padb:
container_name: padb
build:
context: '/home/ddp/src/photoassistant/db-container'
restart: always
environment:
POSTGRES_PASSWORD: for_now_pa
POSTGRES_USER: pa
POSTGRES_DB: pa
PGPASSWORD: for_now_overall_pg_pass
depends_on:
- pihole
volumes:
- /srv/docker/container/padb/data:/var/lib/postgresql/data
- /srv/docker/container/padb/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
- /etc/localtime:/etc/localtime:ro
paweb:
container_name: paweb
restart: always
build:
context: '/home/ddp/src/photoassistant'
args:
PJM_UID: 500
PJM_GID: 500
depends_on:
- padb
volumes:
- /srv/docker/container/letsencrypt/etc:/etc/letsencrypt
- /export/docker/storage:/export/docker/storage
- /etc/localtime:/etc/localtime:ro
labels:
- "com.centurylinklabs.watchtower.enable=false"
- "traefik.enable=true"
- "traefik.tcp.routers.paweb-tcp.rule=HostSNI(`pa.depaoli.id.au`)"
- "traefik.tcp.routers.paweb-tcp.tls.passthrough=true"
- "traefik.tcp.routers.paweb-tcp.entrypoints=secureweb"
bitwarden_rs:
container_name: bitwarden
restart: always
image: bitwardenrs/server:latest
depends_on:
- pihole
- openldap
volumes:
- /srv/docker/container/bitwarden_rs/data:/data
- /etc/localtime:/etc/localtime:ro
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.bitwarden_rs.rule=Host(`bw.depaoli.id.au`) || Host(`ddphome.asuscomm.com`)"
- "traefik.http.routers.bitwarden_rs.tls=true"
- "traefik.http.routers.bitwarden_rs.tls.options=tls12@file"
- "traefik.http.routers.bitwarden_rs.entrypoints=secureweb"
# auto-update docker images
watchtower:
container_name: watchtower
image: containrrr/watchtower
command: --schedule "0 0 3 * * *" --debug --stop-timeout 60s --label-enable --cleanup
restart: always
depends_on:
- pihole
labels:
- "com.centurylinklabs.watchtower.enable=true"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "/etc/localtime:/etc/localtime:ro"
wikidb:
image: postgres:11-alpine
container_name: wikidb
environment:
POSTGRES_DB: wiki
POSTGRES_PASSWORD: testthisthing
POSTGRES_USER: wikijs
logging:
driver: "none"
restart: always
depends_on:
- openldap
- pihole
volumes:
- "/srv/docker/container/wikidb/:/var/lib/postgresql/data"
- "/etc/localtime:/etc/localtime:ro"
wiki:
image: requarks/wiki:2
container_name: wiki
depends_on:
- openldap
- wikidb
environment:
DB_TYPE: postgres
DB_HOST: wikidb
DB_PORT: 5432
DB_USER: wikijs
DB_PASS: testthisthing
DB_NAME: wiki
restart: always
volumes:
- "/srv/docker/container/wiki/data/content:/wiki/data/content"
- "/etc/localtime:/etc/localtime:ro"
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.wiki.rule=Host(`wiki.depaoli.id.au`)"
- "traefik.http.routers.wiki.tls=true"
- "traefik.http.routers.wiki.entrypoints=secureweb"
wetty:
image: wettyoss/wetty
container_name: wetty
restart: always
command:
- --base=/
- --ssh-host=192.168.0.2
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.wetty.rule=Host(`ssh.depaoli.id.au`)"
- "traefik.http.routers.wetty.tls=true"
- "traefik.http.routers.wetty.entrypoints=secureweb"
depends_on:
- pihole
- openldap
volumes:
- "/etc/localtime:/etc/localtime:ro"
# used for hass (eufy) to get notifications from camera
eufy_security_ws:
image: bropat/eufy-security-ws:latest
container_name: eufy_security_ws
restart: always
environment:
- "USERNAME=eufy_hass@depaoli.id.au"
- "PASSWORD=JUkoCuA!wH*f9Jeg^w*d"
- "COUNTRY=AU"
- "DEBUG=-v"
- "TRUSTED_DEVICE_NAME=Samsung S10"
ports:
- "3000:3000"
labels:
- "com.centurylinklabs.watchtower.enable=true"
depends_on:
- pihole
volumes:
- "/srv/docker/container/eufy_security_ws/data:/data"
- "/etc/localtime:/etc/localtime:ro"
- "/etc/timezone:/etc/timezone:ro"
# used for hass (eufy) to stream from camera
rtsp_simple_server:
image: aler9/rtsp-simple-server
container_name: rtsp_simple_server
restart: always
environment:
- "RTSP_PROTOCOLS=tcp"
ports:
- "1935:1935"
- "8554:8554"
labels:
- "com.centurylinklabs.watchtower.enable=true"
depends_on:
- pihole
volumes:
- "/etc/localtime:/etc/localtime:ro"
# autodiscover:
# image: monogramm/autodiscover-email-settings:latest
# container_name: autodiscover
# environment:
# - COMPANY_NAME=depaoli
# - SUPPORT_URL=https://autodiscover.depaoli.id.au
# - DOMAIN=depaoli.id.au
# # IMAP configuration (host mandatory to enable)
# - IMAP_HOST=mail.depaoli.id.au
# - IMAP_PORT=993
# - IMAP_SOCKET=SSL
# # POP configuration (host mandatory to enable)
# #- POP_HOST=pop3.example.com
# #- POP_PORT=995
# #- POP_SOCKET=SSL
# # SMTP configuration (host mandatory to enable)
# - SMTP_HOST=mail.depaoli.id.au
# - SMTP_PORT=587
# - SMTP_SOCKET=STARTTLS
# # MobileSync/ActiveSync configuration (url mandatory to enable)
# #- MOBILESYNC_URL=https://sync.example.com
# #- MOBILESYNC_NAME=sync.example.com
# # LDAP configuration (host mandatory to enable)
# #- LDAP_HOST=ldap.example.com
# #- LDAP_PORT=636
# #- LDAP_SOCKET=SSL
# #- LDAP_BASE=dc=ldap,dc=example,dc=com
# #- LDAP_USER_FIELD=uid
# #- LDAP_USER_BASE=ou=People,dc=ldap,dc=example,dc=com
# #- LDAP_SEARCH=(|(objectClass=PostfixBookMailAccount))
# # Apple mobile config identifiers (identifier mandatory to enable)
# - PROFILE_IDENTIFIER=au.id.depaoli.autodiscover
# - PROFILE_UUID=92943D26-CAB3-4086-897D-DC6C0D8B1E86
# - MAIL_UUID=7A981A9E-D5D0-4EF8-87FE-39FD6A506FAC
# - LDAP_UUID=6ECB6BA9-2208-4ABF-9E60-4E9F4CD7309E
# labels:
# - "com.centurylinklabs.watchtower.enable=true"
# - "traefik.enable=true"
# - "traefik.http.routers.radarr.rule=Host(`autodiscover.depaoli.id.au`)"
# - "traefik.http.routers.radarr.tls=true"
# - "traefik.http.routers.radarr.entrypoints=secureweb"
ark-server:
restart: always
container_name: ark-server
image: hermsi/ark-server:latest
volumes:
- /srv/docker/container/ark-server:/app
- /srv/docker/container/ark-server-backups:/home/steam/ARK-Backups
environment:
- "SESSION_NAME=Aberration Server - ARK"
- "SERVER_MAP=Aberration_P"
- "SERVER_PASSWORD=ThisGameSucks"
- "ADMIN_PASSWORD=arkadminpassword"
- "MAX_PLAYERS=3"
- "UPDATE_ON_START=false"
- "BACKUP_ON_STOP=true"
- "PRE_UPDATE_BACKUP=true"
- "WARN_ON_STOP=true"
- "GAME_MOD_IDS=731604991,2182894352,821530042,1404697612,895711211"
ports:
# Port for connections from ARK game client
- "7777:7777/udp"
# Raw UDP socket port (always Game client port +1)
- "7778:7778/udp"
# RCON management port
- "27020:27020/tcp"
# Steam's server-list port
- "27015:27015/udp"
# php wordpress (use traefik for https ssl offload)
mimosa-clinic:
restart: always
container_name: mimosa-clinic
image: wordpress:latest
links:
- mimosa-db:mysql
environment:
- WORDPRESS_DB_PASSWORD=badf)gaklsdjf77@(6234a
- WORDPRESS_DB_USER=root
ports:
- "8787:80"
volumes:
- /srv/docker/container/mimosa-clinic/www-data:/var/www/html
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.mimosa.entrypoints=secureweb"
- "traefik.http.routers.mimosa.rule=Host(`mimosa.depaoli.id.au`)"
- "traefik.http.routers.mimosa.tls=true"
- "traefik.http.routers.mimosa-http.entrypoints=web"
- "traefik.http.routers.mimosa-http.rule=Host(`mimosa.depaoli.id.au`)"
- "traefik.http.middlewares.mimosa-http-redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.mimosa-http-redirect.redirectscheme.permanent=true"
- "traefik.http.routers.mimosa-http.middlewares=mimosa-http-redirect@docker"
mimosa-db:
restart: always
container_name: mimosa-db
image: mariadb:latest
environment:
- MYSQL_ROOT_PASSWORD=badf)gaklsdjf77@(6234a
- MYSQL_DATABASE=wordpress
labels:
- "com.centurylinklabs.watchtower.enable=true"
volumes:
- /srv/docker/container/mimosa-clinic/database:/var/lib/mysql
kuma:
image: louislam/uptime-kuma:latest
container_name: kuma
volumes:
- /srv/docker/container/kuma:/app/data
- /var/run/docker.sock:/var/run/docker.sock:ro
ports:
- 3001:3001 # <Host Port>:<Container Port>
labels:
- "com.centurylinklabs.watchtower.enable=true"
- "traefik.enable=true"
- "traefik.http.routers.kuma.rule=Host(`mon.depaoli.id.au`)"
- "traefik.http.routers.kuma.tls=true"
- "traefik.http.routers.kuma.entrypoints=secureweb"
restart: always
Reference in New Issue View Git Blame Copy Permalink