FunctionalHacker/dotfiles
FunctionalHacker/dotfiles
2
0
Fork 0
Code Issues Pull requests Releases Activity

Convert rest of docker-compose files to TOML

Browse source
This commit is contained in:
Marko Korhonen 2022-02-26 13:25:54 +02:00
parent 37529aa38a
commit d5d3f8a975
26 changed files with 479 additions and 529 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

77
docker/authentik/docker-compose.toml Normal file
View file

@ -0,0 +1,77 @@
[services]
[services.redis]
container_name = "authentik-redis"
image = "redis:alpine"
restart = "unless-stopped"
networks = ["authentik"]
[services.authentik]
container_name = "authentik"
image = "${AUTHENTIK_IMAGE:-goauthentik.io/server}:${AUTHENTIK_TAG:-2021.10.4}"
restart = "unless-stopped"
command = "server"
volumes = [
"/docker/authentik/media:/media",
"/docker/authentik/custom-templates:/templates",
"/docker/authentik/geoip:/geoip",
]
env_file = [".env"]
networks = ["authentik", "postgres", "proxy"]
ports = ["9000:9000"]
labels = [
"traefik.enable=true",
"traefik.http.routers.authentik-redirect.entrypoints=http",
"traefik.http.routers.authentik-redirect.rule=Host(`sso.korhonen.cc`)",
"traefik.http.routers.authentik-redirect.middlewares=http2https@file",
"traefik.http.routers.authentik.entrypoints=https",
"traefik.http.routers.authentik.rule=Host(`sso.korhonen.cc`)",
"traefik.http.routers.authentik.service=authentik",
"traefik.docker.network=proxy",
"traefik.http.services.authentik.loadbalancer.server.port=9000",
]
[services.authentik-worker]
container_name = "authentik-worker"
image = "${AUTHENTIK_IMAGE:-goauthentik.io/server}:${AUTHENTIK_TAG:-2021.10.4}"
restart = "unless-stopped"
command = "worker"
networks = ["authentik", "postgres"]
user = "root"
volumes = [
"/docker/authentik/backups:/backups",
"/docker/authentik/media:/media",
"/var/run/docker.sock:/var/run/docker.sock",
"/docker/authentik/custom-templates:/templates",
"/docker/authentik/geoip:/geoip",
]
environment = [
"AUTHENTIK_POSTGRESQL__HOST",
"AUTHENTIK_POSTGRESQL__USER",
"AUTHENTIK_POSTGRESQL__NAME",
"AUTHENTIK_POSTGRESQL__PASSWORD",
"AUTHENTIK_SECRET_KEY",
]
env_file = [".env"]
[services.geoipupdate]
container_name = "authentik-geoip"
image = "maxmindinc/geoipupdate:latest"
volumes = ["/docker/authentik/geoip:/usr/share/GeoIP"]
env_file = [".env"]
networks = ["authentik"]
[services.geoipupdate.environment]
GEOIPUPDATE_EDITION_IDS = "GeoLite2-City"
GEOIPUPDATE_FREQUENCY = "8"
[networks]
[networks.authentik]
external = true
[networks.postgres]
external = true
[networks.proxy]
external = true

83
docker/authentik/docker-compose.yaml
View file

@ -1,83 +0,0 @@
services:
redis:
container_name: authentik-redis
image: redis:alpine
restart: unless-stopped
networks:
- authentik
authentik:
container_name: authentik
image: ${AUTHENTIK_IMAGE:-goauthentik.io/server}:${AUTHENTIK_TAG:-2021.10.4}
restart: unless-stopped
command: server
volumes:
- /docker/authentik/media:/media
- /docker/authentik/custom-templates:/templates
- /docker/authentik/geoip:/geoip
env_file:
- .env
networks:
- authentik
- postgres
- proxy
ports:
- 9000:9000
labels:
- "traefik.enable=true"
- "traefik.http.routers.authentik-redirect.entrypoints=http"
- "traefik.http.routers.authentik-redirect.rule=Host(`sso.korhonen.cc`)"
- "traefik.http.routers.authentik-redirect.middlewares=http2https@file"
- "traefik.http.routers.authentik.entrypoints=https"
- "traefik.http.routers.authentik.rule=Host(`sso.korhonen.cc`)"
- "traefik.http.routers.authentik.service=authentik"
- "traefik.docker.network=proxy"
- "traefik.http.services.authentik.loadbalancer.server.port=9000"
authentik-worker:
container_name: authentik-worker
image: ${AUTHENTIK_IMAGE:-goauthentik.io/server}:${AUTHENTIK_TAG:-2021.10.4}
restart: unless-stopped
command: worker
networks:
- authentik
- postgres
user: root
volumes:
- /docker/authentik/backups:/backups
- /docker/authentik/media:/media
- /var/run/docker.sock:/var/run/docker.sock
- /docker/authentik/custom-templates:/templates
- /docker/authentik/geoip:/geoip
environment:
- AUTHENTIK_POSTGRESQL__HOST
- AUTHENTIK_POSTGRESQL__USER
- AUTHENTIK_POSTGRESQL__NAME
- AUTHENTIK_POSTGRESQL__PASSWORD
- AUTHENTIK_SECRET_KEY
env_file:
- .env
geoipupdate:
container_name: authentik-geoip
image: "maxmindinc/geoipupdate:latest"
volumes:
- /docker/authentik/geoip:/usr/share/GeoIP
environment:
GEOIPUPDATE_EDITION_IDS: "GeoLite2-City"
GEOIPUPDATE_FREQUENCY: "8"
env_file:
- .env
networks:
- authentik
networks:
authentik:
external: true
postgres:
external: true
proxy:
external: true

56
docker/freshrss/docker-compose.toml Normal file
View file

@ -0,0 +1,56 @@
[services]
[services.freshrss]
image = "linuxserver/freshrss"
container_name = "freshrss"
restart = "unless-stopped"
networks = ["freshrss", "postgres", "proxy"]
environment = ["PUID=1000", "PGID=985", "TZ=Europe/Helsinki"]
depends_on = ["bibliogram"]
volumes = [
"/docker/freshrss/freshrss:/config",
"/etc/localtime:/etc/localtime:ro",
]
labels = [
"traefik.enable=true",
"traefik.http.routers.freshrss-redirect.entrypoints=http",
"traefik.http.routers.freshrss-redirect.rule=Host(`rss.korhonen.cc`)",
"traefik.http.routers.freshrss-redirect.middlewares=http2https@file",
"traefik.http.routers.freshrss.entrypoints=https",
"traefik.http.routers.freshrss.rule=Host(`rss.korhonen.cc`)",
"traefik.http.routers.freshrss.service=freshrss",
"traefik.docker.network=proxy",
"traefik.http.services.freshrss.loadbalancer.server.port=80",
]
[services.bibliogram]
image = "cloudrac3r/bibliogram"
container_name = "bibliogram"
restart = "unless-stopped"
volumes = [
"/docker/freshrss/bibliogram/db:/app/db",
"/docker/freshrss/bibliogram/config.js:/app/config.js",
]
networks = ["freshrss", "proxy"]
labels = [
"traefik.enable=true",
"traefik.http.routers.bibliogram-redirect.entrypoints=http",
"traefik.http.routers.bibliogram-redirect.rule=Host(`bibliogram.korhonen.cc`)",
"traefik.http.routers.bibliogram-redirect.middlewares=http2https@file",
"traefik.http.routers.bibliogram.entrypoints=https",
"traefik.http.routers.bibliogram.rule=Host(`bibliogram.korhonen.cc`)",
"traefik.http.routers.bibliogram.service=bibliogram",
"traefik.docker.network=proxy",
"traefik.http.services.bibliogram.loadbalancer.server.port=10407",
]
[networks]
[networks.freshrss]
external = false
[networks.postgres]
external = true
[networks.proxy]
external = true

61
docker/freshrss/docker-compose.yaml
View file

@ -1,61 +0,0 @@
services:
freshrss:
image: linuxserver/freshrss
container_name: freshrss
restart: unless-stopped
networks:
- freshrss
- postgres
- proxy
environment:
- PUID=1000
- PGID=985
- TZ=Europe/Helsinki
depends_on:
- bibliogram
volumes:
- /docker/freshrss/freshrss:/config
- /etc/localtime:/etc/localtime:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.freshrss-redirect.entrypoints=http"
- "traefik.http.routers.freshrss-redirect.rule=Host(`rss.korhonen.cc`)"
- "traefik.http.routers.freshrss-redirect.middlewares=http2https@file"
- "traefik.http.routers.freshrss.entrypoints=https"
- "traefik.http.routers.freshrss.rule=Host(`rss.korhonen.cc`)"
- "traefik.http.routers.freshrss.service=freshrss"
- "traefik.docker.network=proxy"
- "traefik.http.services.freshrss.loadbalancer.server.port=80"
bibliogram:
image: cloudrac3r/bibliogram
container_name: bibliogram
restart: unless-stopped
volumes:
- /docker/freshrss/bibliogram/db:/app/db
- /docker/freshrss/bibliogram/config.js:/app/config.js
networks:
- freshrss
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.routers.bibliogram-redirect.entrypoints=http"
- "traefik.http.routers.bibliogram-redirect.rule=Host(`bibliogram.korhonen.cc`)"
- "traefik.http.routers.bibliogram-redirect.middlewares=http2https@file"
- "traefik.http.routers.bibliogram.entrypoints=https"
- "traefik.http.routers.bibliogram.rule=Host(`bibliogram.korhonen.cc`)"
- "traefik.http.routers.bibliogram.service=bibliogram"
- "traefik.docker.network=proxy"
- "traefik.http.services.bibliogram.loadbalancer.server.port=10407"
networks:
freshrss:
external: false
postgres:
external: true
proxy:
external: true

29
docker/gitea/docker-compose.toml Normal file
View file

@ -0,0 +1,29 @@
[services]
[services.gitea]
container_name = "gitea"
image = "gitea/gitea:1"
environment = ["TZ=Europe/Helsinki", "USER_UID=1000", "USER_GID=1000"]
restart = "unless-stopped"
networks = ["postgres", "proxy"]
ports = ["3000:3000", "22:22"]
volumes = ["/docker/gitea:/data", "/etc/localtime:/etc/localtime:ro"]
labels = [
"traefik.enable=true",
"traefik.http.routers.gitea-redirect.entrypoints=http",
"traefik.http.routers.gitea-redirect.rule=Host(`git.korhonen.cc`)",
"traefik.http.routers.gitea-redirect.middlewares=http2https@file",
"traefik.http.routers.gitea.entrypoints=https",
"traefik.http.routers.gitea.rule=Host(`git.korhonen.cc`)",
"traefik.http.routers.gitea.service=gitea",
"traefik.docker.network=proxy",
"traefik.http.services.gitea.loadbalancer.server.port=3000",
]
[networks]
[networks.postgres]
external = true
[networks.proxy]
external = true

36
docker/gitea/docker-compose.yaml
View file

@ -1,36 +0,0 @@
services:
gitea:
container_name: gitea
image: gitea/gitea:1
environment:
- TZ=Europe/Helsinki
- USER_UID=1000
- USER_GID=1000
restart: unless-stopped
networks:
- postgres
- proxy
ports:
- "3000:3000"
- "22:22"
volumes:
- /docker/gitea:/data
- /etc/localtime:/etc/localtime:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.gitea-redirect.entrypoints=http"
- "traefik.http.routers.gitea-redirect.rule=Host(`git.korhonen.cc`)"
- "traefik.http.routers.gitea-redirect.middlewares=http2https@file"
- "traefik.http.routers.gitea.entrypoints=https"
- "traefik.http.routers.gitea.rule=Host(`git.korhonen.cc`)"
- "traefik.http.routers.gitea.service=gitea"
- "traefik.docker.network=proxy"
- "traefik.http.services.gitea.loadbalancer.server.port=3000"
networks:
postgres:
external: true
proxy:
external: true

25
docker/index.korhonen.cc/docker-compose.toml Normal file
View file

@ -0,0 +1,25 @@
[services]
[services.nginx]
image = "fraoustin/fancyindex"
container_name = "index.korhonen.cc"
environment = ["DISABLE_AUTH=true", "CONTAINER_TIMEZONE=\"Europe/Helsinki\""]
volumes = ["/docker/index.korhonen.cc:/share"]
networks = ["proxy"]
restart = "unless-stopped"
labels = [
"traefik.enable=true",
"traefik.http.routers.index-redirect.entrypoints=http",
"traefik.http.routers.index-redirect.rule=Host(`index.korhonen.cc`)",
"traefik.http.routers.index-redirect.middlewares=http2https@file",
"traefik.http.routers.index.entrypoints=https",
"traefik.http.routers.index.rule=Host(`index.korhonen.cc`)",
"traefik.http.routers.index.service=index",
"traefik.docker.network=proxy",
"traefik.http.services.index.loadbalancer.server.port=80",
]
[networks]
[networks.proxy]
external = true

28
docker/index.korhonen.cc/docker-compose.yaml
View file

@ -1,28 +0,0 @@
services:
nginx:
image: fraoustin/fancyindex
container_name: index.korhonen.cc
environment:
- DISABLE_AUTH=true
- CONTAINER_TIMEZONE="Europe/Helsinki"
volumes:
- /docker/index.korhonen.cc:/share
networks:
- proxy
restart: unless-stopped
labels:
- "traefik.enable=true"
- "traefik.http.routers.index-redirect.entrypoints=http"
- "traefik.http.routers.index-redirect.rule=Host(`index.korhonen.cc`)"
- "traefik.http.routers.index-redirect.middlewares=http2https@file"
- "traefik.http.routers.index.entrypoints=https"
- "traefik.http.routers.index.rule=Host(`index.korhonen.cc`)"
- "traefik.http.routers.index.service=index"
- "traefik.docker.network=proxy"
- "traefik.http.services.index.loadbalancer.server.port=80"
networks:
proxy:
external: true

38
docker/jellyfin/docker-compose.toml Normal file
View file

@ -0,0 +1,38 @@
[services]
[services.jellyfin]
image = "jellyfin/jellyfin:10.8.0-alpha5"
container_name = "jellyfin"
environment = ["TZ=Europe/Helsinki"]
ports = ["8096:8096"]
networks = ["proxy", "authentik"]
restart = "unless-stopped"
volumes = [
"/docker/jellyfin/config:/config",
"/docker/jellyfin/cache:/cache",
"/mnt/Storage/Media:/media",
"/etc/localtime:/etc/localtime:ro",
]
devices = [
"/dev/dri/renderD128:/dev/dri/renderD128",
"/dev/dri/card0:/dev/dri/card0",
]
labels = [
"traefik.enable=true",
"traefik.http.routers.jellyfin-redirect.entrypoints=http",
"traefik.http.routers.jellyfin-redirect.rule=Host(`jellyfin.korhonen.cc`)",
"traefik.http.routers.jellyfin-redirect.middlewares=http2https@file",
"traefik.http.routers.jellyfin.entrypoints=https",
"traefik.http.routers.jellyfin.rule=Host(`jellyfin.korhonen.cc`)",
"traefik.http.routers.jellyfin.service=jellyfin",
"traefik.docker.network=proxy",
"traefik.http.services.jellyfin.loadbalancer.server.port=8096",
]
[networks]
[networks.proxy]
external = true
[networks.authentik]
external = true

38
docker/jellyfin/docker-compose.yaml
View file

@ -1,38 +0,0 @@
services:
jellyfin:
image: jellyfin/jellyfin:10.8.0-alpha5
container_name: jellyfin
environment:
- TZ=Europe/Helsinki
ports:
- "8096:8096"
networks:
- proxy
- authentik
restart: unless-stopped
volumes:
- /docker/jellyfin/config:/config
- /docker/jellyfin/cache:/cache
- /mnt/Storage/Media:/media
- /etc/localtime:/etc/localtime:ro
devices:
- /dev/dri/renderD128:/dev/dri/renderD128
- /dev/dri/card0:/dev/dri/card0
labels:
- "traefik.enable=true"
- "traefik.http.routers.jellyfin-redirect.entrypoints=http"
- "traefik.http.routers.jellyfin-redirect.rule=Host(`jellyfin.korhonen.cc`)"
- "traefik.http.routers.jellyfin-redirect.middlewares=http2https@file"
- "traefik.http.routers.jellyfin.entrypoints=https"
- "traefik.http.routers.jellyfin.rule=Host(`jellyfin.korhonen.cc`)"
- "traefik.http.routers.jellyfin.service=jellyfin"
- "traefik.docker.network=proxy"
- "traefik.http.services.jellyfin.loadbalancer.server.port=8096"
networks:
proxy:
external: true
authentik:
external: true

10
docker/mumble/docker-compose.toml Normal file
View file

@ -0,0 +1,10 @@
[services]
[services.mumble]
container_name = "mumble"
image = "phlak/mumble"
user = "1000:985"
environment = ["TZ=Europe/Helsinki"]
network_mode = "host"
volumes = ["/docker/mumble:/etc/mumble", "/etc/localtime:/etc/localtime:ro"]
restart = "unless-stopped"

12
docker/mumble/docker-compose.yaml
View file

@ -1,12 +0,0 @@
services:
mumble:
container_name: mumble
image: phlak/mumble
user: "1000:985"
environment:
- TZ=Europe/Helsinki
network_mode: host
volumes:
- /docker/mumble:/etc/mumble
- /etc/localtime:/etc/localtime:ro
restart: unless-stopped

76
docker/nextcloud/docker-compose.toml Normal file
View file

@ -0,0 +1,76 @@
[services]
[services.nextcloud]
image = "nextcloud:apache"
container_name = "nextcloud"
restart = "always"
ports = ["1869:80"]
networks = ["nextcloud", "postgres", "proxy"]
volumes = [
"/docker/nextcloud:/var/www/html",
"/mnt/Storage/Nextcloud:/var/www/html/data",
"/mnt/Storage/Syncthing:/Syncthing",
"/mnt/Storage/Media/Music:/Music",
"/etc/localtime:/etc/localtime:ro",
]
environment = [
"TZ=Europe/Helsinki",
"REDIS_HOST=redis",
"REDIS_HOST_PASSWORD=123",
]
depends_on = ["redis"]
labels = [
"traefik.enable=true",
"traefik.http.routers.nextcloud-redirect.entrypoints=http",
"traefik.http.routers.nextcloud-redirect.rule=Host(`cloud.korhonen.cc`)",
"traefik.http.routers.nextcloud-redirect.middlewares=http2https@file",
"traefik.http.routers.nextcloud.entrypoints=https",
"traefik.http.routers.nextcloud.rule=Host(`cloud.korhonen.cc`)",
"traefik.http.routers.nextcloud.service=nextcloud",
"traefik.http.routers.nextcloud.middlewares=secHeaders@file,nextcloud-dav@file",
"traefik.docker.network=proxy",
"traefik.http.services.nextcloud.loadbalancer.server.port=80",
]
[services.redis]
image = "redis:alpine"
container_name = "redis"
networks = ["nextcloud"]
restart = "always"
command = "redis-server --requirepass 123"
[services.cron]
image = "nextcloud:apache"
container_name = "nextcloud-cron"
restart = "always"
volumes = ["/docker/nextcloud:/var/www/html"]
entrypoint = "/cron.sh"
depends_on = ["redis"]
[services.coturn]
image = "instrumentisto/coturn"
container_name = "coturn"
restart = "unless-stopped"
env_file = ".env"
ports = ["3478:3478/tcp", "3478:3478/udp"]
networks = ["nextcloud"]
command = [
"-n",
"--log-file=stdout",
"--min-port=49160",
"--max-port=49200",
"--realm=cloud.korhonen.cc",
"--use-auth-secret",
"--static-auth-secret=${STATIC_AUTH_SECRET}",
]
[networks]
[networks.nextcloud]
external = false
[networks.postgres]
external = true
[networks.proxy]
external = true

81
docker/nextcloud/docker-compose.yaml
View file

@ -1,81 +0,0 @@
services:
nextcloud:
image: nextcloud:apache
container_name: nextcloud
restart: always
ports:
- "1869:80"
networks:
- nextcloud
- postgres
- proxy
volumes:
- /docker/nextcloud:/var/www/html
- /mnt/Storage/Nextcloud:/var/www/html/data
- /mnt/Storage/Syncthing:/Syncthing
- /mnt/Storage/Media/Music:/Music
- /etc/localtime:/etc/localtime:ro
environment:
- TZ=Europe/Helsinki
- REDIS_HOST=redis
- REDIS_HOST_PASSWORD=123
depends_on:
- redis
labels:
- "traefik.enable=true"
- "traefik.http.routers.nextcloud-redirect.entrypoints=http"
- "traefik.http.routers.nextcloud-redirect.rule=Host(`cloud.korhonen.cc`)"
- "traefik.http.routers.nextcloud-redirect.middlewares=http2https@file"
- "traefik.http.routers.nextcloud.entrypoints=https"
- "traefik.http.routers.nextcloud.rule=Host(`cloud.korhonen.cc`)"
- "traefik.http.routers.nextcloud.service=nextcloud"
- "traefik.http.routers.nextcloud.middlewares=secHeaders@file,nextcloud-dav@file"
- "traefik.docker.network=proxy"
- "traefik.http.services.nextcloud.loadbalancer.server.port=80"
redis:
image: redis:alpine
container_name: redis
networks:
- nextcloud
restart: always
command: redis-server --requirepass 123
cron:
image: nextcloud:apache
container_name: nextcloud-cron
restart: always
volumes:
- /docker/nextcloud:/var/www/html
entrypoint: /cron.sh
depends_on:
- redis
coturn:
image: instrumentisto/coturn
container_name: coturn
restart: unless-stopped
env_file: .env
ports:
- "3478:3478/tcp"
- "3478:3478/udp"
networks:
- nextcloud
command:
- -n
- --log-file=stdout
- --min-port=49160
- --max-port=49200
- --realm=cloud.korhonen.cc
- --use-auth-secret
- --static-auth-secret=${STATIC_AUTH_SECRET}
networks:
nextcloud:
external: false
postgres:
external: true
proxy:
external: true

34
docker/pihole/docker-compose.toml Normal file
View file

@ -0,0 +1,34 @@
[services]
[services.pihole]
container_name = "pihole"
image = "pihole/pihole:latest"
ports = ["53:53/tcp", "53:53/udp", "67:67/udp", "8069:80/tcp"]
networks = ["proxy"]
volumes = [
"/docker/pihole/pihole:/etc/pihole/",
"/docker/pihole/dnsmasq:/etc/dnsmasq.d/",
]
dns = ["127.0.0.1", "1.1.1.1"]
cap_add = ["NET_ADMIN"]
restart = "unless-stopped"
labels = [
"traefik.enable=true",
"traefik.http.routers.pihole-redirect.entrypoints=http",
"traefik.http.routers.pihole-redirect.rule=Host(`pihole.korhonen.cc`)",
"traefik.http.routers.pihole-redirect.middlewares=http2https@file",
"traefik.http.routers.pihole.entrypoints=https",
"traefik.http.routers.pihole.rule=Host(`pihole.korhonen.cc`)",
"traefik.http.routers.pihole.service=pihole",
"traefik.docker.network=proxy",
"traefik.http.services.pihole.loadbalancer.server.port=80",
]
[services.pihole.environment]
TZ = "Europe/Helsinki"
WEBPASSWORD = "${WEBPASSWORD}"
[networks]
[networks.proxy]
external = true

41
docker/pihole/docker-compose.yaml
View file

@ -1,41 +0,0 @@
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
ports:
- "53:53/tcp"
- "53:53/udp"
- "67:67/udp"
- "8069:80/tcp"
networks:
- proxy
environment:
TZ: "Europe/Helsinki"
WEBPASSWORD: "${WEBPASSWORD}"
volumes:
- "/docker/pihole/pihole:/etc/pihole/"
- "/docker/pihole/dnsmasq:/etc/dnsmasq.d/"
dns:
- 127.0.0.1
- 1.1.1.1
# Recommended but not required (DHCP needs NET_ADMIN)
# https://github.com/pihole/docker-pihole#note-on-capabilities
cap_add:
- NET_ADMIN
restart: unless-stopped
labels:
- "traefik.enable=true"
- "traefik.http.routers.pihole-redirect.entrypoints=http"
- "traefik.http.routers.pihole-redirect.rule=Host(`pihole.korhonen.cc`)"
- "traefik.http.routers.pihole-redirect.middlewares=http2https@file"
- "traefik.http.routers.pihole.entrypoints=https"
- "traefik.http.routers.pihole.rule=Host(`pihole.korhonen.cc`)"
- "traefik.http.routers.pihole.service=pihole"
- "traefik.docker.network=proxy"
- "traefik.http.services.pihole.loadbalancer.server.port=80"
networks:
proxy:
external: true

18
docker/postgres/docker-compose.toml Normal file
View file

@ -0,0 +1,18 @@
[services]
[services.postgres]
container_name = "postgres"
image = "postgres:13"
environment = ["TZ=Europe/Helsinki", "POSTGRES_PASSWORD=12345"]
ports = ["5432:5432"]
networks = ["postgres"]
volumes = [
"/docker/postgres:/var/lib/postgresql/data",
"/etc/localtime:/etc/localtime:ro",
]
restart = "unless-stopped"
[networks]
[networks.postgres]
external = true

19
docker/postgres/docker-compose.yaml
View file

@ -1,19 +0,0 @@
services:
postgres:
container_name: postgres
image: postgres:13
environment:
- TZ=Europe/Helsinki
- POSTGRES_PASSWORD=12345
ports:
- 5432:5432
networks:
- postgres
volumes:
- /docker/postgres:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
restart: unless-stopped
networks:
postgres:
external: true

23
docker/remotely/docker-compose.toml Normal file
View file

@ -0,0 +1,23 @@
[services]
[services.remotely]
image = "translucency/remotely"
container_name = "remotely"
networks = ["proxy"]
volumes = ["/docker/remotely:/remotely-data"]
labels = [
"traefik.enable=true",
"traefik.http.routers.remotely-redirect.entrypoints=http",
"traefik.http.routers.remotely-redirect.rule=Host(`remotely.korhonen.cc`)",
"traefik.http.routers.remotely-redirect.middlewares=http2https@file",
"traefik.http.routers.remotely.entrypoints=https",
"traefik.http.routers.remotely.rule=Host(`remotely.korhonen.cc`)",
"traefik.http.routers.remotely.service=remotely",
"traefik.docker.network=proxy",
"traefik.http.services.remotely.loadbalancer.server.port=5000",
]
[networks]
[networks.proxy]
external = true

24
docker/remotely/docker-compose.yaml
View file

@ -1,24 +0,0 @@
services:
remotely:
image: translucency/remotely
container_name: remotely
networks:
- proxy
volumes:
- /docker/remotely:/remotely-data
labels:
- "traefik.enable=true"
- "traefik.http.routers.remotely-redirect.entrypoints=http"
- "traefik.http.routers.remotely-redirect.rule=Host(`remotely.korhonen.cc`)"
- "traefik.http.routers.remotely-redirect.middlewares=http2https@file"
- "traefik.http.routers.remotely.entrypoints=https"
- "traefik.http.routers.remotely.rule=Host(`remotely.korhonen.cc`)"
- "traefik.http.routers.remotely.service=remotely"
- "traefik.docker.network=proxy"
- "traefik.http.services.remotely.loadbalancer.server.port=5000"
networks:
proxy:
external: true

9
docker/tftp/docker-compose.toml Normal file
View file

@ -0,0 +1,9 @@
[services]
[services.tftp]
container_name = "tftp"
image = "pghalliday/tftp"
environment = ["TZ=Europe/Helsinki"]
restart = "unless-stopped"
ports = ["69:69/udp"]
volumes = ["/etc/localtime:/etc/localtime:ro", "/docker/tftp:/var/tftpboot"]

12
docker/tftp/docker-compose.yaml
View file

@ -1,12 +0,0 @@
services:
tftp:
container_name: tftp
image: pghalliday/tftp
environment:
- TZ=Europe/Helsinki
restart: unless-stopped
ports:
- 69:69/udp
volumes:
- /etc/localtime:/etc/localtime:ro
- /docker/tftp:/var/tftpboot

52
docker/traefik/docker-compose.toml Normal file
View file

@ -0,0 +1,52 @@
[services]
[services.traefik]
image = "traefik:latest"
container_name = "traefik"
restart = "unless-stopped"
ports = ["80:80", "443:443/tcp", "443:443/udp"]
environment = ["TZ=Europe/Helsinki"]
security_opt = ["no-new-privileges:true"]
networks = ["proxy"]
volumes = [
"/etc/localtime:/etc/localtime:ro",
"/var/run/docker.sock:/var/run/docker.sock:ro",
"/docker/traefik/traefik/traefik.toml:/traefik.toml:ro",
"/docker/traefik/traefik/dynamic.toml:/dynamic.toml:ro",
"/docker/traefik/traefik/dashboard-users:/dashboard-users:ro",
"/docker/traefik/traefik/acme.json:/acme.json",
"/docker/traefik/traefik/log:/var/log",
]
labels = [
"traefik.enable=true",
"traefik.http.routers.redirect.entrypoints=http",
"traefik.http.routers.redirect.rule=Host(`traefik.korhonen.cc`)",
"traefik.http.routers.redirect.middlewares=http2https@file",
"traefik.http.routers.dashboard.entrypoints=https",
"traefik.http.routers.dashboard.rule=Host(`traefik.korhonen.cc`)",
"traefik.http.middlewares.dashboard-auth.basicauth.usersfile=/dashboard-users",
"traefik.http.routers.dashboard.middlewares=dashboard-auth",
"traefik.http.routers.dashboard.service=api@internal",
"traefik.docker.network=proxy",
]
[services.fail2ban]
image = "crazymax/fail2ban:latest"
container_name = "fail2ban"
restart = "unless-stopped"
network_mode = "host"
cap_add = ["NET_ADMIN", "NET_RAW"]
environment = ["TZ=Europe/Helsinki"]
volumes = [
"/etc/localtime:/etc/localtime:ro",
"/docker/traefik/traefik/log:/var/log/traefik:ro",
"/docker/traefik/fail2ban:/data",
"/docker/gitea/gitea/log/gitea.log:/var/log/gitea:ro",
"/docker/homeautomation/home-assistant/home-assistant.log:/var/log/hass",
"/mnt/Storage/Nextcloud/nextcloud.log:/var/log/nextcloud:ro",
]
[networks]
[networks.proxy]
external = true

57
docker/traefik/docker-compose.yaml
View file

@ -1,57 +0,0 @@
services:
traefik:
image: traefik:latest
container_name: traefik
restart: unless-stopped
ports:
- '80:80'
- '443:443/tcp'
- '443:443/udp'
environment:
- TZ=Europe/Helsinki
security_opt:
- no-new-privileges:true
networks:
- proxy
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- /docker/traefik/traefik/traefik.toml:/traefik.toml:ro
- /docker/traefik/traefik/dynamic.toml:/dynamic.toml:ro
- /docker/traefik/traefik/dashboard-users:/dashboard-users:ro
- /docker/traefik/traefik/acme.json:/acme.json
- /docker/traefik/traefik/log:/var/log
labels:
# Serve dashboard
- 'traefik.enable=true'
- 'traefik.http.routers.redirect.entrypoints=http'
- 'traefik.http.routers.redirect.rule=Host(`traefik.korhonen.cc`)'
- 'traefik.http.routers.redirect.middlewares=http2https@file'
- 'traefik.http.routers.dashboard.entrypoints=https'
- 'traefik.http.routers.dashboard.rule=Host(`traefik.korhonen.cc`)'
- 'traefik.http.middlewares.dashboard-auth.basicauth.usersfile=/dashboard-users'
- 'traefik.http.routers.dashboard.middlewares=dashboard-auth'
- 'traefik.http.routers.dashboard.service=api@internal'
- 'traefik.docker.network=proxy'
fail2ban:
image: crazymax/fail2ban:latest
container_name: fail2ban
restart: unless-stopped
network_mode: "host"
cap_add:
- NET_ADMIN
- NET_RAW
environment:
- TZ=Europe/Helsinki
volumes:
- /etc/localtime:/etc/localtime:ro
- /docker/traefik/traefik/log:/var/log/traefik:ro
- /docker/traefik/fail2ban:/data
- /docker/gitea/gitea/log/gitea.log:/var/log/gitea:ro
- /docker/homeautomation/home-assistant/home-assistant.log:/var/log/hass
- /mnt/Storage/Nextcloud/nextcloud.log:/var/log/nextcloud:ro
networks:
proxy:
external: true

32
docker/tvheadend/docker-compose.toml Normal file
View file

@ -0,0 +1,32 @@
[services]
[services.tvheadend]
image = "linuxserver/tvheadend"
container_name = "tvheadend"
environment = ["TZ=Europe/Helsinki", "PUID=1000", "PGID=985"]
volumes = [
"/docker/tvheadend:/config",
"/mnt/Storage/Media/PVR:/recordings",
"/mnt/Storage/picons:/picons",
"/etc/localtime:/etc/localtime:ro",
]
ports = ["9981:9981", "9982:9982"]
devices = ["/dev/dvb:/dev/dvb"]
restart = "unless-stopped"
networks = ["proxy"]
labels = [
"traefik.enable=true",
"traefik.http.routers.tvheadend-redirect.entrypoints=http",
"traefik.http.routers.tvheadend-redirect.rule=Host(`tvheadend.korhonen.cc`)",
"traefik.http.routers.tvheadend-redirect.middlewares=http2https@file",
"traefik.http.routers.tvheadend.entrypoints=https",
"traefik.http.routers.tvheadend.rule=Host(`tvheadend.korhonen.cc`)",
"traefik.http.routers.tvheadend.service=tvheadend",
"traefik.docker.network=proxy",
"traefik.http.services.tvheadend.loadbalancer.server.port=9981",
]
[networks]
[networks.proxy]
external = true

37
docker/tvheadend/docker-compose.yaml
View file

@ -1,37 +0,0 @@
services:
tvheadend:
image: linuxserver/tvheadend
container_name: tvheadend
environment:
- TZ=Europe/Helsinki
- PUID=1000
- PGID=985
volumes:
- /docker/tvheadend:/config
- /mnt/Storage/Media/PVR:/recordings
- /mnt/Storage/picons:/picons
- /etc/localtime:/etc/localtime:ro
ports:
- 9981:9981
- 9982:9982
devices:
- /dev/dvb:/dev/dvb #tuner card
restart: unless-stopped
networks:
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.routers.tvheadend-redirect.entrypoints=http"
- "traefik.http.routers.tvheadend-redirect.rule=Host(`tvheadend.korhonen.cc`)"
- "traefik.http.routers.tvheadend-redirect.middlewares=http2https@file"
- "traefik.http.routers.tvheadend.entrypoints=https"
- "traefik.http.routers.tvheadend.rule=Host(`tvheadend.korhonen.cc`)"
- "traefik.http.routers.tvheadend.service=tvheadend"
- "traefik.docker.network=proxy"
- "traefik.http.services.tvheadend.loadbalancer.server.port=9981"
networks:
proxy:
external: true