Convert rest of docker-compose files to TOML
This commit is contained in:
parent
37529aa38a
commit
d5d3f8a975
77
docker/authentik/docker-compose.toml
Normal file
77
docker/authentik/docker-compose.toml
Normal file
|
@ -0,0 +1,77 @@
|
|||
[services]
|
||||
|
||||
[services.redis]
|
||||
container_name = "authentik-redis"
|
||||
image = "redis:alpine"
|
||||
restart = "unless-stopped"
|
||||
networks = ["authentik"]
|
||||
|
||||
[services.authentik]
|
||||
container_name = "authentik"
|
||||
image = "${AUTHENTIK_IMAGE:-goauthentik.io/server}:${AUTHENTIK_TAG:-2021.10.4}"
|
||||
restart = "unless-stopped"
|
||||
command = "server"
|
||||
volumes = [
|
||||
"/docker/authentik/media:/media",
|
||||
"/docker/authentik/custom-templates:/templates",
|
||||
"/docker/authentik/geoip:/geoip",
|
||||
]
|
||||
env_file = [".env"]
|
||||
networks = ["authentik", "postgres", "proxy"]
|
||||
ports = ["9000:9000"]
|
||||
labels = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.authentik-redirect.entrypoints=http",
|
||||
"traefik.http.routers.authentik-redirect.rule=Host(`sso.korhonen.cc`)",
|
||||
"traefik.http.routers.authentik-redirect.middlewares=http2https@file",
|
||||
"traefik.http.routers.authentik.entrypoints=https",
|
||||
"traefik.http.routers.authentik.rule=Host(`sso.korhonen.cc`)",
|
||||
"traefik.http.routers.authentik.service=authentik",
|
||||
"traefik.docker.network=proxy",
|
||||
"traefik.http.services.authentik.loadbalancer.server.port=9000",
|
||||
]
|
||||
|
||||
[services.authentik-worker]
|
||||
container_name = "authentik-worker"
|
||||
image = "${AUTHENTIK_IMAGE:-goauthentik.io/server}:${AUTHENTIK_TAG:-2021.10.4}"
|
||||
restart = "unless-stopped"
|
||||
command = "worker"
|
||||
networks = ["authentik", "postgres"]
|
||||
user = "root"
|
||||
volumes = [
|
||||
"/docker/authentik/backups:/backups",
|
||||
"/docker/authentik/media:/media",
|
||||
"/var/run/docker.sock:/var/run/docker.sock",
|
||||
"/docker/authentik/custom-templates:/templates",
|
||||
"/docker/authentik/geoip:/geoip",
|
||||
]
|
||||
environment = [
|
||||
"AUTHENTIK_POSTGRESQL__HOST",
|
||||
"AUTHENTIK_POSTGRESQL__USER",
|
||||
"AUTHENTIK_POSTGRESQL__NAME",
|
||||
"AUTHENTIK_POSTGRESQL__PASSWORD",
|
||||
"AUTHENTIK_SECRET_KEY",
|
||||
]
|
||||
env_file = [".env"]
|
||||
|
||||
[services.geoipupdate]
|
||||
container_name = "authentik-geoip"
|
||||
image = "maxmindinc/geoipupdate:latest"
|
||||
volumes = ["/docker/authentik/geoip:/usr/share/GeoIP"]
|
||||
env_file = [".env"]
|
||||
networks = ["authentik"]
|
||||
|
||||
[services.geoipupdate.environment]
|
||||
GEOIPUPDATE_EDITION_IDS = "GeoLite2-City"
|
||||
GEOIPUPDATE_FREQUENCY = "8"
|
||||
|
||||
[networks]
|
||||
|
||||
[networks.authentik]
|
||||
external = true
|
||||
|
||||
[networks.postgres]
|
||||
external = true
|
||||
|
||||
[networks.proxy]
|
||||
external = true
|
|
@ -1,83 +0,0 @@
|
|||
services:
|
||||
|
||||
redis:
|
||||
container_name: authentik-redis
|
||||
image: redis:alpine
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- authentik
|
||||
|
||||
authentik:
|
||||
container_name: authentik
|
||||
image: ${AUTHENTIK_IMAGE:-goauthentik.io/server}:${AUTHENTIK_TAG:-2021.10.4}
|
||||
restart: unless-stopped
|
||||
command: server
|
||||
volumes:
|
||||
- /docker/authentik/media:/media
|
||||
- /docker/authentik/custom-templates:/templates
|
||||
- /docker/authentik/geoip:/geoip
|
||||
env_file:
|
||||
- .env
|
||||
networks:
|
||||
- authentik
|
||||
- postgres
|
||||
- proxy
|
||||
ports:
|
||||
- 9000:9000
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
|
||||
- "traefik.http.routers.authentik-redirect.entrypoints=http"
|
||||
- "traefik.http.routers.authentik-redirect.rule=Host(`sso.korhonen.cc`)"
|
||||
- "traefik.http.routers.authentik-redirect.middlewares=http2https@file"
|
||||
|
||||
- "traefik.http.routers.authentik.entrypoints=https"
|
||||
- "traefik.http.routers.authentik.rule=Host(`sso.korhonen.cc`)"
|
||||
- "traefik.http.routers.authentik.service=authentik"
|
||||
- "traefik.docker.network=proxy"
|
||||
- "traefik.http.services.authentik.loadbalancer.server.port=9000"
|
||||
|
||||
authentik-worker:
|
||||
container_name: authentik-worker
|
||||
image: ${AUTHENTIK_IMAGE:-goauthentik.io/server}:${AUTHENTIK_TAG:-2021.10.4}
|
||||
restart: unless-stopped
|
||||
command: worker
|
||||
networks:
|
||||
- authentik
|
||||
- postgres
|
||||
user: root
|
||||
volumes:
|
||||
- /docker/authentik/backups:/backups
|
||||
- /docker/authentik/media:/media
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- /docker/authentik/custom-templates:/templates
|
||||
- /docker/authentik/geoip:/geoip
|
||||
environment:
|
||||
- AUTHENTIK_POSTGRESQL__HOST
|
||||
- AUTHENTIK_POSTGRESQL__USER
|
||||
- AUTHENTIK_POSTGRESQL__NAME
|
||||
- AUTHENTIK_POSTGRESQL__PASSWORD
|
||||
- AUTHENTIK_SECRET_KEY
|
||||
env_file:
|
||||
- .env
|
||||
|
||||
geoipupdate:
|
||||
container_name: authentik-geoip
|
||||
image: "maxmindinc/geoipupdate:latest"
|
||||
volumes:
|
||||
- /docker/authentik/geoip:/usr/share/GeoIP
|
||||
environment:
|
||||
GEOIPUPDATE_EDITION_IDS: "GeoLite2-City"
|
||||
GEOIPUPDATE_FREQUENCY: "8"
|
||||
env_file:
|
||||
- .env
|
||||
networks:
|
||||
- authentik
|
||||
|
||||
networks:
|
||||
authentik:
|
||||
external: true
|
||||
postgres:
|
||||
external: true
|
||||
proxy:
|
||||
external: true
|
56
docker/freshrss/docker-compose.toml
Normal file
56
docker/freshrss/docker-compose.toml
Normal file
|
@ -0,0 +1,56 @@
|
|||
[services]
|
||||
|
||||
[services.freshrss]
|
||||
image = "linuxserver/freshrss"
|
||||
container_name = "freshrss"
|
||||
restart = "unless-stopped"
|
||||
networks = ["freshrss", "postgres", "proxy"]
|
||||
environment = ["PUID=1000", "PGID=985", "TZ=Europe/Helsinki"]
|
||||
depends_on = ["bibliogram"]
|
||||
volumes = [
|
||||
"/docker/freshrss/freshrss:/config",
|
||||
"/etc/localtime:/etc/localtime:ro",
|
||||
]
|
||||
labels = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.freshrss-redirect.entrypoints=http",
|
||||
"traefik.http.routers.freshrss-redirect.rule=Host(`rss.korhonen.cc`)",
|
||||
"traefik.http.routers.freshrss-redirect.middlewares=http2https@file",
|
||||
"traefik.http.routers.freshrss.entrypoints=https",
|
||||
"traefik.http.routers.freshrss.rule=Host(`rss.korhonen.cc`)",
|
||||
"traefik.http.routers.freshrss.service=freshrss",
|
||||
"traefik.docker.network=proxy",
|
||||
"traefik.http.services.freshrss.loadbalancer.server.port=80",
|
||||
]
|
||||
|
||||
[services.bibliogram]
|
||||
image = "cloudrac3r/bibliogram"
|
||||
container_name = "bibliogram"
|
||||
restart = "unless-stopped"
|
||||
volumes = [
|
||||
"/docker/freshrss/bibliogram/db:/app/db",
|
||||
"/docker/freshrss/bibliogram/config.js:/app/config.js",
|
||||
]
|
||||
networks = ["freshrss", "proxy"]
|
||||
labels = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.bibliogram-redirect.entrypoints=http",
|
||||
"traefik.http.routers.bibliogram-redirect.rule=Host(`bibliogram.korhonen.cc`)",
|
||||
"traefik.http.routers.bibliogram-redirect.middlewares=http2https@file",
|
||||
"traefik.http.routers.bibliogram.entrypoints=https",
|
||||
"traefik.http.routers.bibliogram.rule=Host(`bibliogram.korhonen.cc`)",
|
||||
"traefik.http.routers.bibliogram.service=bibliogram",
|
||||
"traefik.docker.network=proxy",
|
||||
"traefik.http.services.bibliogram.loadbalancer.server.port=10407",
|
||||
]
|
||||
|
||||
[networks]
|
||||
|
||||
[networks.freshrss]
|
||||
external = false
|
||||
|
||||
[networks.postgres]
|
||||
external = true
|
||||
|
||||
[networks.proxy]
|
||||
external = true
|
|
@ -1,61 +0,0 @@
|
|||
services:
|
||||
freshrss:
|
||||
image: linuxserver/freshrss
|
||||
container_name: freshrss
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- freshrss
|
||||
- postgres
|
||||
- proxy
|
||||
environment:
|
||||
- PUID=1000
|
||||
- PGID=985
|
||||
- TZ=Europe/Helsinki
|
||||
depends_on:
|
||||
- bibliogram
|
||||
volumes:
|
||||
- /docker/freshrss/freshrss:/config
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
|
||||
- "traefik.http.routers.freshrss-redirect.entrypoints=http"
|
||||
- "traefik.http.routers.freshrss-redirect.rule=Host(`rss.korhonen.cc`)"
|
||||
- "traefik.http.routers.freshrss-redirect.middlewares=http2https@file"
|
||||
|
||||
- "traefik.http.routers.freshrss.entrypoints=https"
|
||||
- "traefik.http.routers.freshrss.rule=Host(`rss.korhonen.cc`)"
|
||||
- "traefik.http.routers.freshrss.service=freshrss"
|
||||
- "traefik.docker.network=proxy"
|
||||
- "traefik.http.services.freshrss.loadbalancer.server.port=80"
|
||||
|
||||
bibliogram:
|
||||
image: cloudrac3r/bibliogram
|
||||
container_name: bibliogram
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- /docker/freshrss/bibliogram/db:/app/db
|
||||
- /docker/freshrss/bibliogram/config.js:/app/config.js
|
||||
networks:
|
||||
- freshrss
|
||||
- proxy
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
|
||||
- "traefik.http.routers.bibliogram-redirect.entrypoints=http"
|
||||
- "traefik.http.routers.bibliogram-redirect.rule=Host(`bibliogram.korhonen.cc`)"
|
||||
- "traefik.http.routers.bibliogram-redirect.middlewares=http2https@file"
|
||||
|
||||
- "traefik.http.routers.bibliogram.entrypoints=https"
|
||||
- "traefik.http.routers.bibliogram.rule=Host(`bibliogram.korhonen.cc`)"
|
||||
- "traefik.http.routers.bibliogram.service=bibliogram"
|
||||
- "traefik.docker.network=proxy"
|
||||
- "traefik.http.services.bibliogram.loadbalancer.server.port=10407"
|
||||
|
||||
networks:
|
||||
freshrss:
|
||||
external: false
|
||||
postgres:
|
||||
external: true
|
||||
proxy:
|
||||
external: true
|
29
docker/gitea/docker-compose.toml
Normal file
29
docker/gitea/docker-compose.toml
Normal file
|
@ -0,0 +1,29 @@
|
|||
[services]
|
||||
|
||||
[services.gitea]
|
||||
container_name = "gitea"
|
||||
image = "gitea/gitea:1"
|
||||
environment = ["TZ=Europe/Helsinki", "USER_UID=1000", "USER_GID=1000"]
|
||||
restart = "unless-stopped"
|
||||
networks = ["postgres", "proxy"]
|
||||
ports = ["3000:3000", "22:22"]
|
||||
volumes = ["/docker/gitea:/data", "/etc/localtime:/etc/localtime:ro"]
|
||||
labels = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.gitea-redirect.entrypoints=http",
|
||||
"traefik.http.routers.gitea-redirect.rule=Host(`git.korhonen.cc`)",
|
||||
"traefik.http.routers.gitea-redirect.middlewares=http2https@file",
|
||||
"traefik.http.routers.gitea.entrypoints=https",
|
||||
"traefik.http.routers.gitea.rule=Host(`git.korhonen.cc`)",
|
||||
"traefik.http.routers.gitea.service=gitea",
|
||||
"traefik.docker.network=proxy",
|
||||
"traefik.http.services.gitea.loadbalancer.server.port=3000",
|
||||
]
|
||||
|
||||
[networks]
|
||||
|
||||
[networks.postgres]
|
||||
external = true
|
||||
|
||||
[networks.proxy]
|
||||
external = true
|
|
@ -1,36 +0,0 @@
|
|||
services:
|
||||
gitea:
|
||||
container_name: gitea
|
||||
image: gitea/gitea:1
|
||||
environment:
|
||||
- TZ=Europe/Helsinki
|
||||
- USER_UID=1000
|
||||
- USER_GID=1000
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- postgres
|
||||
- proxy
|
||||
ports:
|
||||
- "3000:3000"
|
||||
- "22:22"
|
||||
volumes:
|
||||
- /docker/gitea:/data
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
|
||||
- "traefik.http.routers.gitea-redirect.entrypoints=http"
|
||||
- "traefik.http.routers.gitea-redirect.rule=Host(`git.korhonen.cc`)"
|
||||
- "traefik.http.routers.gitea-redirect.middlewares=http2https@file"
|
||||
|
||||
- "traefik.http.routers.gitea.entrypoints=https"
|
||||
- "traefik.http.routers.gitea.rule=Host(`git.korhonen.cc`)"
|
||||
- "traefik.http.routers.gitea.service=gitea"
|
||||
- "traefik.docker.network=proxy"
|
||||
- "traefik.http.services.gitea.loadbalancer.server.port=3000"
|
||||
|
||||
networks:
|
||||
postgres:
|
||||
external: true
|
||||
proxy:
|
||||
external: true
|
25
docker/index.korhonen.cc/docker-compose.toml
Normal file
25
docker/index.korhonen.cc/docker-compose.toml
Normal file
|
@ -0,0 +1,25 @@
|
|||
[services]
|
||||
|
||||
[services.nginx]
|
||||
image = "fraoustin/fancyindex"
|
||||
container_name = "index.korhonen.cc"
|
||||
environment = ["DISABLE_AUTH=true", "CONTAINER_TIMEZONE=\"Europe/Helsinki\""]
|
||||
volumes = ["/docker/index.korhonen.cc:/share"]
|
||||
networks = ["proxy"]
|
||||
restart = "unless-stopped"
|
||||
labels = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.index-redirect.entrypoints=http",
|
||||
"traefik.http.routers.index-redirect.rule=Host(`index.korhonen.cc`)",
|
||||
"traefik.http.routers.index-redirect.middlewares=http2https@file",
|
||||
"traefik.http.routers.index.entrypoints=https",
|
||||
"traefik.http.routers.index.rule=Host(`index.korhonen.cc`)",
|
||||
"traefik.http.routers.index.service=index",
|
||||
"traefik.docker.network=proxy",
|
||||
"traefik.http.services.index.loadbalancer.server.port=80",
|
||||
]
|
||||
|
||||
[networks]
|
||||
|
||||
[networks.proxy]
|
||||
external = true
|
|
@ -1,28 +0,0 @@
|
|||
services:
|
||||
nginx:
|
||||
image: fraoustin/fancyindex
|
||||
container_name: index.korhonen.cc
|
||||
environment:
|
||||
- DISABLE_AUTH=true
|
||||
- CONTAINER_TIMEZONE="Europe/Helsinki"
|
||||
volumes:
|
||||
- /docker/index.korhonen.cc:/share
|
||||
networks:
|
||||
- proxy
|
||||
restart: unless-stopped
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
|
||||
- "traefik.http.routers.index-redirect.entrypoints=http"
|
||||
- "traefik.http.routers.index-redirect.rule=Host(`index.korhonen.cc`)"
|
||||
- "traefik.http.routers.index-redirect.middlewares=http2https@file"
|
||||
|
||||
- "traefik.http.routers.index.entrypoints=https"
|
||||
- "traefik.http.routers.index.rule=Host(`index.korhonen.cc`)"
|
||||
- "traefik.http.routers.index.service=index"
|
||||
- "traefik.docker.network=proxy"
|
||||
- "traefik.http.services.index.loadbalancer.server.port=80"
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
external: true
|
38
docker/jellyfin/docker-compose.toml
Normal file
38
docker/jellyfin/docker-compose.toml
Normal file
|
@ -0,0 +1,38 @@
|
|||
[services]
|
||||
|
||||
[services.jellyfin]
|
||||
image = "jellyfin/jellyfin:10.8.0-alpha5"
|
||||
container_name = "jellyfin"
|
||||
environment = ["TZ=Europe/Helsinki"]
|
||||
ports = ["8096:8096"]
|
||||
networks = ["proxy", "authentik"]
|
||||
restart = "unless-stopped"
|
||||
volumes = [
|
||||
"/docker/jellyfin/config:/config",
|
||||
"/docker/jellyfin/cache:/cache",
|
||||
"/mnt/Storage/Media:/media",
|
||||
"/etc/localtime:/etc/localtime:ro",
|
||||
]
|
||||
devices = [
|
||||
"/dev/dri/renderD128:/dev/dri/renderD128",
|
||||
"/dev/dri/card0:/dev/dri/card0",
|
||||
]
|
||||
labels = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.jellyfin-redirect.entrypoints=http",
|
||||
"traefik.http.routers.jellyfin-redirect.rule=Host(`jellyfin.korhonen.cc`)",
|
||||
"traefik.http.routers.jellyfin-redirect.middlewares=http2https@file",
|
||||
"traefik.http.routers.jellyfin.entrypoints=https",
|
||||
"traefik.http.routers.jellyfin.rule=Host(`jellyfin.korhonen.cc`)",
|
||||
"traefik.http.routers.jellyfin.service=jellyfin",
|
||||
"traefik.docker.network=proxy",
|
||||
"traefik.http.services.jellyfin.loadbalancer.server.port=8096",
|
||||
]
|
||||
|
||||
[networks]
|
||||
|
||||
[networks.proxy]
|
||||
external = true
|
||||
|
||||
[networks.authentik]
|
||||
external = true
|
|
@ -1,38 +0,0 @@
|
|||
services:
|
||||
jellyfin:
|
||||
image: jellyfin/jellyfin:10.8.0-alpha5
|
||||
container_name: jellyfin
|
||||
environment:
|
||||
- TZ=Europe/Helsinki
|
||||
ports:
|
||||
- "8096:8096"
|
||||
networks:
|
||||
- proxy
|
||||
- authentik
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- /docker/jellyfin/config:/config
|
||||
- /docker/jellyfin/cache:/cache
|
||||
- /mnt/Storage/Media:/media
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
devices:
|
||||
- /dev/dri/renderD128:/dev/dri/renderD128
|
||||
- /dev/dri/card0:/dev/dri/card0
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
|
||||
- "traefik.http.routers.jellyfin-redirect.entrypoints=http"
|
||||
- "traefik.http.routers.jellyfin-redirect.rule=Host(`jellyfin.korhonen.cc`)"
|
||||
- "traefik.http.routers.jellyfin-redirect.middlewares=http2https@file"
|
||||
|
||||
- "traefik.http.routers.jellyfin.entrypoints=https"
|
||||
- "traefik.http.routers.jellyfin.rule=Host(`jellyfin.korhonen.cc`)"
|
||||
- "traefik.http.routers.jellyfin.service=jellyfin"
|
||||
- "traefik.docker.network=proxy"
|
||||
- "traefik.http.services.jellyfin.loadbalancer.server.port=8096"
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
external: true
|
||||
authentik:
|
||||
external: true
|
10
docker/mumble/docker-compose.toml
Normal file
10
docker/mumble/docker-compose.toml
Normal file
|
@ -0,0 +1,10 @@
|
|||
[services]
|
||||
|
||||
[services.mumble]
|
||||
container_name = "mumble"
|
||||
image = "phlak/mumble"
|
||||
user = "1000:985"
|
||||
environment = ["TZ=Europe/Helsinki"]
|
||||
network_mode = "host"
|
||||
volumes = ["/docker/mumble:/etc/mumble", "/etc/localtime:/etc/localtime:ro"]
|
||||
restart = "unless-stopped"
|
|
@ -1,12 +0,0 @@
|
|||
services:
|
||||
mumble:
|
||||
container_name: mumble
|
||||
image: phlak/mumble
|
||||
user: "1000:985"
|
||||
environment:
|
||||
- TZ=Europe/Helsinki
|
||||
network_mode: host
|
||||
volumes:
|
||||
- /docker/mumble:/etc/mumble
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
restart: unless-stopped
|
76
docker/nextcloud/docker-compose.toml
Normal file
76
docker/nextcloud/docker-compose.toml
Normal file
|
@ -0,0 +1,76 @@
|
|||
[services]
|
||||
|
||||
[services.nextcloud]
|
||||
image = "nextcloud:apache"
|
||||
container_name = "nextcloud"
|
||||
restart = "always"
|
||||
ports = ["1869:80"]
|
||||
networks = ["nextcloud", "postgres", "proxy"]
|
||||
volumes = [
|
||||
"/docker/nextcloud:/var/www/html",
|
||||
"/mnt/Storage/Nextcloud:/var/www/html/data",
|
||||
"/mnt/Storage/Syncthing:/Syncthing",
|
||||
"/mnt/Storage/Media/Music:/Music",
|
||||
"/etc/localtime:/etc/localtime:ro",
|
||||
]
|
||||
environment = [
|
||||
"TZ=Europe/Helsinki",
|
||||
"REDIS_HOST=redis",
|
||||
"REDIS_HOST_PASSWORD=123",
|
||||
]
|
||||
depends_on = ["redis"]
|
||||
labels = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.nextcloud-redirect.entrypoints=http",
|
||||
"traefik.http.routers.nextcloud-redirect.rule=Host(`cloud.korhonen.cc`)",
|
||||
"traefik.http.routers.nextcloud-redirect.middlewares=http2https@file",
|
||||
"traefik.http.routers.nextcloud.entrypoints=https",
|
||||
"traefik.http.routers.nextcloud.rule=Host(`cloud.korhonen.cc`)",
|
||||
"traefik.http.routers.nextcloud.service=nextcloud",
|
||||
"traefik.http.routers.nextcloud.middlewares=secHeaders@file,nextcloud-dav@file",
|
||||
"traefik.docker.network=proxy",
|
||||
"traefik.http.services.nextcloud.loadbalancer.server.port=80",
|
||||
]
|
||||
|
||||
[services.redis]
|
||||
image = "redis:alpine"
|
||||
container_name = "redis"
|
||||
networks = ["nextcloud"]
|
||||
restart = "always"
|
||||
command = "redis-server --requirepass 123"
|
||||
|
||||
[services.cron]
|
||||
image = "nextcloud:apache"
|
||||
container_name = "nextcloud-cron"
|
||||
restart = "always"
|
||||
volumes = ["/docker/nextcloud:/var/www/html"]
|
||||
entrypoint = "/cron.sh"
|
||||
depends_on = ["redis"]
|
||||
|
||||
[services.coturn]
|
||||
image = "instrumentisto/coturn"
|
||||
container_name = "coturn"
|
||||
restart = "unless-stopped"
|
||||
env_file = ".env"
|
||||
ports = ["3478:3478/tcp", "3478:3478/udp"]
|
||||
networks = ["nextcloud"]
|
||||
command = [
|
||||
"-n",
|
||||
"--log-file=stdout",
|
||||
"--min-port=49160",
|
||||
"--max-port=49200",
|
||||
"--realm=cloud.korhonen.cc",
|
||||
"--use-auth-secret",
|
||||
"--static-auth-secret=${STATIC_AUTH_SECRET}",
|
||||
]
|
||||
|
||||
[networks]
|
||||
|
||||
[networks.nextcloud]
|
||||
external = false
|
||||
|
||||
[networks.postgres]
|
||||
external = true
|
||||
|
||||
[networks.proxy]
|
||||
external = true
|
|
@ -1,81 +0,0 @@
|
|||
services:
|
||||
nextcloud:
|
||||
image: nextcloud:apache
|
||||
container_name: nextcloud
|
||||
restart: always
|
||||
ports:
|
||||
- "1869:80"
|
||||
networks:
|
||||
- nextcloud
|
||||
- postgres
|
||||
- proxy
|
||||
volumes:
|
||||
- /docker/nextcloud:/var/www/html
|
||||
- /mnt/Storage/Nextcloud:/var/www/html/data
|
||||
- /mnt/Storage/Syncthing:/Syncthing
|
||||
- /mnt/Storage/Media/Music:/Music
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
environment:
|
||||
- TZ=Europe/Helsinki
|
||||
- REDIS_HOST=redis
|
||||
- REDIS_HOST_PASSWORD=123
|
||||
depends_on:
|
||||
- redis
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
|
||||
- "traefik.http.routers.nextcloud-redirect.entrypoints=http"
|
||||
- "traefik.http.routers.nextcloud-redirect.rule=Host(`cloud.korhonen.cc`)"
|
||||
- "traefik.http.routers.nextcloud-redirect.middlewares=http2https@file"
|
||||
|
||||
- "traefik.http.routers.nextcloud.entrypoints=https"
|
||||
- "traefik.http.routers.nextcloud.rule=Host(`cloud.korhonen.cc`)"
|
||||
- "traefik.http.routers.nextcloud.service=nextcloud"
|
||||
- "traefik.http.routers.nextcloud.middlewares=secHeaders@file,nextcloud-dav@file"
|
||||
- "traefik.docker.network=proxy"
|
||||
- "traefik.http.services.nextcloud.loadbalancer.server.port=80"
|
||||
|
||||
redis:
|
||||
image: redis:alpine
|
||||
container_name: redis
|
||||
networks:
|
||||
- nextcloud
|
||||
restart: always
|
||||
command: redis-server --requirepass 123
|
||||
|
||||
cron:
|
||||
image: nextcloud:apache
|
||||
container_name: nextcloud-cron
|
||||
restart: always
|
||||
volumes:
|
||||
- /docker/nextcloud:/var/www/html
|
||||
entrypoint: /cron.sh
|
||||
depends_on:
|
||||
- redis
|
||||
|
||||
coturn:
|
||||
image: instrumentisto/coturn
|
||||
container_name: coturn
|
||||
restart: unless-stopped
|
||||
env_file: .env
|
||||
ports:
|
||||
- "3478:3478/tcp"
|
||||
- "3478:3478/udp"
|
||||
networks:
|
||||
- nextcloud
|
||||
command:
|
||||
- -n
|
||||
- --log-file=stdout
|
||||
- --min-port=49160
|
||||
- --max-port=49200
|
||||
- --realm=cloud.korhonen.cc
|
||||
- --use-auth-secret
|
||||
- --static-auth-secret=${STATIC_AUTH_SECRET}
|
||||
|
||||
networks:
|
||||
nextcloud:
|
||||
external: false
|
||||
postgres:
|
||||
external: true
|
||||
proxy:
|
||||
external: true
|
34
docker/pihole/docker-compose.toml
Normal file
34
docker/pihole/docker-compose.toml
Normal file
|
@ -0,0 +1,34 @@
|
|||
[services]
|
||||
|
||||
[services.pihole]
|
||||
container_name = "pihole"
|
||||
image = "pihole/pihole:latest"
|
||||
ports = ["53:53/tcp", "53:53/udp", "67:67/udp", "8069:80/tcp"]
|
||||
networks = ["proxy"]
|
||||
volumes = [
|
||||
"/docker/pihole/pihole:/etc/pihole/",
|
||||
"/docker/pihole/dnsmasq:/etc/dnsmasq.d/",
|
||||
]
|
||||
dns = ["127.0.0.1", "1.1.1.1"]
|
||||
cap_add = ["NET_ADMIN"]
|
||||
restart = "unless-stopped"
|
||||
labels = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.pihole-redirect.entrypoints=http",
|
||||
"traefik.http.routers.pihole-redirect.rule=Host(`pihole.korhonen.cc`)",
|
||||
"traefik.http.routers.pihole-redirect.middlewares=http2https@file",
|
||||
"traefik.http.routers.pihole.entrypoints=https",
|
||||
"traefik.http.routers.pihole.rule=Host(`pihole.korhonen.cc`)",
|
||||
"traefik.http.routers.pihole.service=pihole",
|
||||
"traefik.docker.network=proxy",
|
||||
"traefik.http.services.pihole.loadbalancer.server.port=80",
|
||||
]
|
||||
|
||||
[services.pihole.environment]
|
||||
TZ = "Europe/Helsinki"
|
||||
WEBPASSWORD = "${WEBPASSWORD}"
|
||||
|
||||
[networks]
|
||||
|
||||
[networks.proxy]
|
||||
external = true
|
|
@ -1,41 +0,0 @@
|
|||
services:
|
||||
pihole:
|
||||
container_name: pihole
|
||||
image: pihole/pihole:latest
|
||||
ports:
|
||||
- "53:53/tcp"
|
||||
- "53:53/udp"
|
||||
- "67:67/udp"
|
||||
- "8069:80/tcp"
|
||||
networks:
|
||||
- proxy
|
||||
environment:
|
||||
TZ: "Europe/Helsinki"
|
||||
WEBPASSWORD: "${WEBPASSWORD}"
|
||||
volumes:
|
||||
- "/docker/pihole/pihole:/etc/pihole/"
|
||||
- "/docker/pihole/dnsmasq:/etc/dnsmasq.d/"
|
||||
dns:
|
||||
- 127.0.0.1
|
||||
- 1.1.1.1
|
||||
# Recommended but not required (DHCP needs NET_ADMIN)
|
||||
# https://github.com/pihole/docker-pihole#note-on-capabilities
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
restart: unless-stopped
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
|
||||
- "traefik.http.routers.pihole-redirect.entrypoints=http"
|
||||
- "traefik.http.routers.pihole-redirect.rule=Host(`pihole.korhonen.cc`)"
|
||||
- "traefik.http.routers.pihole-redirect.middlewares=http2https@file"
|
||||
|
||||
- "traefik.http.routers.pihole.entrypoints=https"
|
||||
- "traefik.http.routers.pihole.rule=Host(`pihole.korhonen.cc`)"
|
||||
- "traefik.http.routers.pihole.service=pihole"
|
||||
- "traefik.docker.network=proxy"
|
||||
- "traefik.http.services.pihole.loadbalancer.server.port=80"
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
external: true
|
18
docker/postgres/docker-compose.toml
Normal file
18
docker/postgres/docker-compose.toml
Normal file
|
@ -0,0 +1,18 @@
|
|||
[services]
|
||||
|
||||
[services.postgres]
|
||||
container_name = "postgres"
|
||||
image = "postgres:13"
|
||||
environment = ["TZ=Europe/Helsinki", "POSTGRES_PASSWORD=12345"]
|
||||
ports = ["5432:5432"]
|
||||
networks = ["postgres"]
|
||||
volumes = [
|
||||
"/docker/postgres:/var/lib/postgresql/data",
|
||||
"/etc/localtime:/etc/localtime:ro",
|
||||
]
|
||||
restart = "unless-stopped"
|
||||
|
||||
[networks]
|
||||
|
||||
[networks.postgres]
|
||||
external = true
|
|
@ -1,19 +0,0 @@
|
|||
services:
|
||||
postgres:
|
||||
container_name: postgres
|
||||
image: postgres:13
|
||||
environment:
|
||||
- TZ=Europe/Helsinki
|
||||
- POSTGRES_PASSWORD=12345
|
||||
ports:
|
||||
- 5432:5432
|
||||
networks:
|
||||
- postgres
|
||||
volumes:
|
||||
- /docker/postgres:/var/lib/postgresql/data
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
restart: unless-stopped
|
||||
|
||||
networks:
|
||||
postgres:
|
||||
external: true
|
23
docker/remotely/docker-compose.toml
Normal file
23
docker/remotely/docker-compose.toml
Normal file
|
@ -0,0 +1,23 @@
|
|||
[services]
|
||||
|
||||
[services.remotely]
|
||||
image = "translucency/remotely"
|
||||
container_name = "remotely"
|
||||
networks = ["proxy"]
|
||||
volumes = ["/docker/remotely:/remotely-data"]
|
||||
labels = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.remotely-redirect.entrypoints=http",
|
||||
"traefik.http.routers.remotely-redirect.rule=Host(`remotely.korhonen.cc`)",
|
||||
"traefik.http.routers.remotely-redirect.middlewares=http2https@file",
|
||||
"traefik.http.routers.remotely.entrypoints=https",
|
||||
"traefik.http.routers.remotely.rule=Host(`remotely.korhonen.cc`)",
|
||||
"traefik.http.routers.remotely.service=remotely",
|
||||
"traefik.docker.network=proxy",
|
||||
"traefik.http.services.remotely.loadbalancer.server.port=5000",
|
||||
]
|
||||
|
||||
[networks]
|
||||
|
||||
[networks.proxy]
|
||||
external = true
|
|
@ -1,24 +0,0 @@
|
|||
services:
|
||||
remotely:
|
||||
image: translucency/remotely
|
||||
container_name: remotely
|
||||
networks:
|
||||
- proxy
|
||||
volumes:
|
||||
- /docker/remotely:/remotely-data
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
|
||||
- "traefik.http.routers.remotely-redirect.entrypoints=http"
|
||||
- "traefik.http.routers.remotely-redirect.rule=Host(`remotely.korhonen.cc`)"
|
||||
- "traefik.http.routers.remotely-redirect.middlewares=http2https@file"
|
||||
|
||||
- "traefik.http.routers.remotely.entrypoints=https"
|
||||
- "traefik.http.routers.remotely.rule=Host(`remotely.korhonen.cc`)"
|
||||
- "traefik.http.routers.remotely.service=remotely"
|
||||
- "traefik.docker.network=proxy"
|
||||
- "traefik.http.services.remotely.loadbalancer.server.port=5000"
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
external: true
|
9
docker/tftp/docker-compose.toml
Normal file
9
docker/tftp/docker-compose.toml
Normal file
|
@ -0,0 +1,9 @@
|
|||
[services]
|
||||
|
||||
[services.tftp]
|
||||
container_name = "tftp"
|
||||
image = "pghalliday/tftp"
|
||||
environment = ["TZ=Europe/Helsinki"]
|
||||
restart = "unless-stopped"
|
||||
ports = ["69:69/udp"]
|
||||
volumes = ["/etc/localtime:/etc/localtime:ro", "/docker/tftp:/var/tftpboot"]
|
|
@ -1,12 +0,0 @@
|
|||
services:
|
||||
tftp:
|
||||
container_name: tftp
|
||||
image: pghalliday/tftp
|
||||
environment:
|
||||
- TZ=Europe/Helsinki
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- 69:69/udp
|
||||
volumes:
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- /docker/tftp:/var/tftpboot
|
52
docker/traefik/docker-compose.toml
Normal file
52
docker/traefik/docker-compose.toml
Normal file
|
@ -0,0 +1,52 @@
|
|||
[services]
|
||||
|
||||
[services.traefik]
|
||||
image = "traefik:latest"
|
||||
container_name = "traefik"
|
||||
restart = "unless-stopped"
|
||||
ports = ["80:80", "443:443/tcp", "443:443/udp"]
|
||||
environment = ["TZ=Europe/Helsinki"]
|
||||
security_opt = ["no-new-privileges:true"]
|
||||
networks = ["proxy"]
|
||||
volumes = [
|
||||
"/etc/localtime:/etc/localtime:ro",
|
||||
"/var/run/docker.sock:/var/run/docker.sock:ro",
|
||||
"/docker/traefik/traefik/traefik.toml:/traefik.toml:ro",
|
||||
"/docker/traefik/traefik/dynamic.toml:/dynamic.toml:ro",
|
||||
"/docker/traefik/traefik/dashboard-users:/dashboard-users:ro",
|
||||
"/docker/traefik/traefik/acme.json:/acme.json",
|
||||
"/docker/traefik/traefik/log:/var/log",
|
||||
]
|
||||
labels = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.redirect.entrypoints=http",
|
||||
"traefik.http.routers.redirect.rule=Host(`traefik.korhonen.cc`)",
|
||||
"traefik.http.routers.redirect.middlewares=http2https@file",
|
||||
"traefik.http.routers.dashboard.entrypoints=https",
|
||||
"traefik.http.routers.dashboard.rule=Host(`traefik.korhonen.cc`)",
|
||||
"traefik.http.middlewares.dashboard-auth.basicauth.usersfile=/dashboard-users",
|
||||
"traefik.http.routers.dashboard.middlewares=dashboard-auth",
|
||||
"traefik.http.routers.dashboard.service=api@internal",
|
||||
"traefik.docker.network=proxy",
|
||||
]
|
||||
|
||||
[services.fail2ban]
|
||||
image = "crazymax/fail2ban:latest"
|
||||
container_name = "fail2ban"
|
||||
restart = "unless-stopped"
|
||||
network_mode = "host"
|
||||
cap_add = ["NET_ADMIN", "NET_RAW"]
|
||||
environment = ["TZ=Europe/Helsinki"]
|
||||
volumes = [
|
||||
"/etc/localtime:/etc/localtime:ro",
|
||||
"/docker/traefik/traefik/log:/var/log/traefik:ro",
|
||||
"/docker/traefik/fail2ban:/data",
|
||||
"/docker/gitea/gitea/log/gitea.log:/var/log/gitea:ro",
|
||||
"/docker/homeautomation/home-assistant/home-assistant.log:/var/log/hass",
|
||||
"/mnt/Storage/Nextcloud/nextcloud.log:/var/log/nextcloud:ro",
|
||||
]
|
||||
|
||||
[networks]
|
||||
|
||||
[networks.proxy]
|
||||
external = true
|
|
@ -1,57 +0,0 @@
|
|||
services:
|
||||
traefik:
|
||||
image: traefik:latest
|
||||
container_name: traefik
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- '80:80'
|
||||
- '443:443/tcp'
|
||||
- '443:443/udp'
|
||||
environment:
|
||||
- TZ=Europe/Helsinki
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- proxy
|
||||
volumes:
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
- /docker/traefik/traefik/traefik.toml:/traefik.toml:ro
|
||||
- /docker/traefik/traefik/dynamic.toml:/dynamic.toml:ro
|
||||
- /docker/traefik/traefik/dashboard-users:/dashboard-users:ro
|
||||
- /docker/traefik/traefik/acme.json:/acme.json
|
||||
- /docker/traefik/traefik/log:/var/log
|
||||
labels:
|
||||
# Serve dashboard
|
||||
- 'traefik.enable=true'
|
||||
- 'traefik.http.routers.redirect.entrypoints=http'
|
||||
- 'traefik.http.routers.redirect.rule=Host(`traefik.korhonen.cc`)'
|
||||
- 'traefik.http.routers.redirect.middlewares=http2https@file'
|
||||
|
||||
- 'traefik.http.routers.dashboard.entrypoints=https'
|
||||
- 'traefik.http.routers.dashboard.rule=Host(`traefik.korhonen.cc`)'
|
||||
- 'traefik.http.middlewares.dashboard-auth.basicauth.usersfile=/dashboard-users'
|
||||
- 'traefik.http.routers.dashboard.middlewares=dashboard-auth'
|
||||
- 'traefik.http.routers.dashboard.service=api@internal'
|
||||
- 'traefik.docker.network=proxy'
|
||||
|
||||
fail2ban:
|
||||
image: crazymax/fail2ban:latest
|
||||
container_name: fail2ban
|
||||
restart: unless-stopped
|
||||
network_mode: "host"
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
- NET_RAW
|
||||
environment:
|
||||
- TZ=Europe/Helsinki
|
||||
volumes:
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- /docker/traefik/traefik/log:/var/log/traefik:ro
|
||||
- /docker/traefik/fail2ban:/data
|
||||
- /docker/gitea/gitea/log/gitea.log:/var/log/gitea:ro
|
||||
- /docker/homeautomation/home-assistant/home-assistant.log:/var/log/hass
|
||||
- /mnt/Storage/Nextcloud/nextcloud.log:/var/log/nextcloud:ro
|
||||
networks:
|
||||
proxy:
|
||||
external: true
|
32
docker/tvheadend/docker-compose.toml
Normal file
32
docker/tvheadend/docker-compose.toml
Normal file
|
@ -0,0 +1,32 @@
|
|||
[services]
|
||||
|
||||
[services.tvheadend]
|
||||
image = "linuxserver/tvheadend"
|
||||
container_name = "tvheadend"
|
||||
environment = ["TZ=Europe/Helsinki", "PUID=1000", "PGID=985"]
|
||||
volumes = [
|
||||
"/docker/tvheadend:/config",
|
||||
"/mnt/Storage/Media/PVR:/recordings",
|
||||
"/mnt/Storage/picons:/picons",
|
||||
"/etc/localtime:/etc/localtime:ro",
|
||||
]
|
||||
ports = ["9981:9981", "9982:9982"]
|
||||
devices = ["/dev/dvb:/dev/dvb"]
|
||||
restart = "unless-stopped"
|
||||
networks = ["proxy"]
|
||||
labels = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.tvheadend-redirect.entrypoints=http",
|
||||
"traefik.http.routers.tvheadend-redirect.rule=Host(`tvheadend.korhonen.cc`)",
|
||||
"traefik.http.routers.tvheadend-redirect.middlewares=http2https@file",
|
||||
"traefik.http.routers.tvheadend.entrypoints=https",
|
||||
"traefik.http.routers.tvheadend.rule=Host(`tvheadend.korhonen.cc`)",
|
||||
"traefik.http.routers.tvheadend.service=tvheadend",
|
||||
"traefik.docker.network=proxy",
|
||||
"traefik.http.services.tvheadend.loadbalancer.server.port=9981",
|
||||
]
|
||||
|
||||
[networks]
|
||||
|
||||
[networks.proxy]
|
||||
external = true
|
|
@ -1,37 +0,0 @@
|
|||
services:
|
||||
tvheadend:
|
||||
image: linuxserver/tvheadend
|
||||
container_name: tvheadend
|
||||
environment:
|
||||
- TZ=Europe/Helsinki
|
||||
- PUID=1000
|
||||
- PGID=985
|
||||
volumes:
|
||||
- /docker/tvheadend:/config
|
||||
- /mnt/Storage/Media/PVR:/recordings
|
||||
- /mnt/Storage/picons:/picons
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
ports:
|
||||
- 9981:9981
|
||||
- 9982:9982
|
||||
devices:
|
||||
- /dev/dvb:/dev/dvb #tuner card
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- proxy
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
|
||||
- "traefik.http.routers.tvheadend-redirect.entrypoints=http"
|
||||
- "traefik.http.routers.tvheadend-redirect.rule=Host(`tvheadend.korhonen.cc`)"
|
||||
- "traefik.http.routers.tvheadend-redirect.middlewares=http2https@file"
|
||||
|
||||
- "traefik.http.routers.tvheadend.entrypoints=https"
|
||||
- "traefik.http.routers.tvheadend.rule=Host(`tvheadend.korhonen.cc`)"
|
||||
- "traefik.http.routers.tvheadend.service=tvheadend"
|
||||
- "traefik.docker.network=proxy"
|
||||
- "traefik.http.services.tvheadend.loadbalancer.server.port=9981"
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
external: true
|
Loading…
Reference in a new issue